Featured

Conclusion:

The complexity and scale of Cloud operations is beyond the capability of traditional financial management processes. Today, organisations use Cloud service providers to increase agility, flexibility, and efficiency. Efficiency in this context means the speed of delivery coupled with a reduction in both capital and operational costs. However, that is not the only benefit to be derived. Operating cost reduction is a challenge to organisations that are new to the Cloud and even with those who achieved a certain maturity level. Dealing with operational cost needs in-depth Cloud financial management (CFM).

With this in mind, there are three things to consider with Cloud cost optimisation. First, assess your organisation needs and its level of maturity in using the Cloud. Second, if you lack the skills, then collaborate with a Cloud-Certified Partner (CCP). Lastly, set a collective governance system (guidelines and guardrails) to ensure the services are continuously cost-optimised.

Conclusion:

This month, discussions regarding an increased demand for disaster recovery, business continuity and work management solutions has been prominent. While the pandemic has triggered fundamental IT changes in an effort to resolve gaps and vulnerabilities, the accelerated rate of digital transformation and migration efforts has resulted in shortfalls when planning and establishing new work environments. Vendors have found difficulties maintaining business processes when unforeseen or extreme events occur. Combined with management solutions that cannot cater to all scenarios and a lack of clarity regarding customer responsibilities when responses to operational failures are required, difficulties have arisen for service providers. This requires vendors to provide more detailed and clearer disaster recovery and business continuity plans for customers, as well as specialised management tools and associated resources to implement solutions and responses. It is also critical for vendors to communicate with customers to facilitate the recovery of processes and ensure all business systems can be utilised in new and dispersed working environments.

The Latest

26 May 2021: Google has introduced Datasteam, which the vendor defines as a “change data capture and replication service”. In short, the service allows changes in one data source to be replicated to other data sources in near real time. The service currently connects with Oracle and MySQL databases and a slew of Google Cloud services, including BigQuery, Cloud SQL, Cloud Storage, Spanner, and so forth.

Uses for such a service include: updating a data lake or similar repository with data being added to a production database, keeping disparate databases of different types in sync, consolidating global organisation information back to a central repository.

Datastream is based on Cloud functions - or serverless - architecture. This is significant, as it allows for scale-independent integration.

Why it’s Important

Ingesting data scale into Cloud-based data lakes is a challenge and can be costly. Even simple ingestion where data requires little in the way of transformation can be costly when run through a full ETL service. By leveraging serverless functions, Datastream has the potential to significantly lower the cost and improve performance of bringing large volumes of rapidly changing data into a data lake (or an SQL database which is being used as a pseudo data lake). 

Using serverless to improve the performance and economics of large scale data ingestion is not a new approach. IBRS interviewed the architecture of a major global streaming service in 2017 regarding how they moved from an integration platform to leveraging AWS Kinesis data pipelines and hand-coded serverless functions, and to achieve more or less the same thing that Google Datastream is providing. 

As organisations migrate to Cloud analytics, the ability to rapidly replicate large data sets will grow. Serverless architecture will emerge as an important pattern.

Who’s impacted

  • Analytics architecture leads
  • Integration teams
  • Enterprise architecture teams

What’s Next?

Become familiar with the potential to use serverless / cloud function as a ‘glue’ within your organisation’s Cloud architecture. 

Look for opportunities to leverage serverless when designing your organisations next analytics platform. 

Related IBRS Advisory

  1. Serverless Programming: Should your software development teams be exploring it?
  2. VENDORiQ: Google introduces Database Migration Service

The Latest

26 May 2021: Talend, a big data, analytics and integration vendor, has received ISO 27001:2013 and 27701:2019 certifications. According to the Talend, they are the only big data/integration vendor with this level of certification.  

Why it’s Important

IBRS has observed that even the most security focused organisations often overlook their big data integration and ETL (extract, transform, load) when it comes to assessing business risk. For example, when Microsoft launched its protected Azure services in Canberra, many of the Azure analytics capabilities, such as its machine learning services, were excluded from the platform.

The data being ingested into data lakes, be they on-premises or in the Cloud, will include private information on clients, staff or citizens, and possibly sensitive financial data. But more significantly, taken as an aggregate, this information contains patterns and insights that cyber criminals and state actors may leverage for further attacks.  The value of analysing data at scale to an organisation is just as valuable to criminals.

Who’s impacted

  • Business analytics architecture specialists
  • CISO 
  • Security teams

What’s Next?

Start by reviewing the sensitivity of information moving to the data analytics platform. Such information would be reviewed against the organisation's existing data governance and data classification framework.

Next, review the process of how sensitive information is ingested, manipulated, stored and accessed within the organisation’s analytics platform. Be sure to pay attention to ETL processes: both the technologies and processes involved. 

Finally, review the third-party (vendor) supply chain for all platforms and services involved in data analytics.

Related IBRS Advisory

  1. How does your organisation manage cyber supply chain risk?
  2. IBRSiQ: Risk assessment services and the dark web
  3. VENDORiQ: SolarWinds Incident

Contract management can be more than just record keeping. When done well, it can enable organisations to explore the best ways to optimise their investments when conditions change.

This capability proved essential for the Australian government when COVID-19 hit, with investments in all manner of services and infrastructure being needed almost overnight.

IBRS interviews ZEN Enterprise, an Australian niche contract management solution vendor, and the contract manager from a large Australian agency to tease out the benefits and challenges of advanced contract management in an age of rapid change.

Conclusion: Two key supporting artefacts in the creation of pragmatic incident response plans are the incident response action flow chart and the severity assessment table. Take time to develop, verify and test these artefacts and they will be greatly appreciated in aiding an orderly and efficient invoking of the DRP/BCP and restoration activities.

Conclusion: The potential, and corresponding increased expectations of, modern CRM is causing many organisations to re-evaluate their existing CRM solution (or multiple solutions) with a CRM migration.

The decision to migrate to a new CRM solution should not be taken lightly. Given that the management of contacts (e. g. customers, stakeholders, citizens, etc.) is central to every organisation, changing how an organisation communicates with and serves these contacts must be viewed as a strategic initiative.

Therefore, it is vital that each organisation create a strategy, and subsequent plan, for its modern CRM journey. In this paper, IBRS outlines the typical journey for an organisation creating a strategy, planning for, and finally selecting a next-generation CRM solution.