Featured

The Latest

01 March 2021: ServiceNow released the latest quarterly edition of its platform. 

Why it’s Important

ServiceNow provided the latest quarterly release in March 2021. In this version, called ‘Quebec’, ServiceNow has revised its support model and incorporated major changes to enable the effective upgrades from either New York, Orlando or Paris versions.

A streamlined support structure will help CIO and ITSM team on a ‘learn, prepare and upgrade’ model. 

  1. Learn: Identify your upgrade path and consider the release highlights.
  2. Prepare: Choose the tools to perform a risk and value assessment of the upgrade. Use the upgrade value calculator, the playbook to maintain platform health and a risk assessment of platform customisations.
  3. Upgrade: Maximise the upgrade value by reviewing over 78 release highlights across core functionality, ITSM workflows, AI, asset management, security, risk and cost, customer and field service workflows, employee workflows ,safe workspace, and workspace service delivery

One of the big winners is the telecommunication sector, with enhancements to the product cataloguing, order management and open API’s to assist with alarm management. A new processing engine has been created to automate alerts and incidents.

Who’s impacted

  • CIO
  • ITSM functional Leads 
  • DevOps leads
  • Security Leads

What’s Next?

ServiceNow clients should set time to review the release notes for Quebec and consider the ‘learn, prepare and upgrade’ literature to determine whether they are ready for the upgrade. If so, plan and execute once the risks and value are clear.

Related IBRS Advisory

  1. New generation IT service management tools Part 1 
  2. New generation IT service management tools Part 2: Multi-Cloud management. 
  3. New generation IT service management tools Part 3: Multi-Cloud backup and recovery. 

The Latest

15 February 2021: IBM has unveiled the new Power Private Cloud (PPC) Rack solution which offers converged infrastructure with a focus on migrating legacy on-premises apps running on its POWER9/AIX systems to a Cloud-like infrastructure.

What’s Included

The PPC is effectively pre-built, pre-configured Cloud-like infrastructure for running containers. 

The PPC Rack consists of three POWER System S922 servers with 20 CPU cores, 256GB of RAM, and 3.2TB of local storage, the FlashSystem 5200, with a minimum of 9.6TB,  and twin SAN24B-6 switches with 24 Fibre Channel ports. The solution is pre-installed with Red Hat Enterprise Linux 8, IBM PowerVM Enterprise Edition, IBM Cloud PowerVC Manager, Red Hat OpenShift Container Platform, and Red Hat OpenShift OpenShift Container Storage (OCS).

Why it’s Important

IBM’s new offer is effectively a container-centric, Cloud-like hyperconverged infrastructure (HCI) similar to that offered by HPE, Dell, Lenovo, VMware, and Nutanix. More importantly, IBM is offering this at an easy target - its existing customers with legacy POWER9/AIX/i solutions looking to migrate to a Cloud-like environment with OpenStack.

For IBM clients, it presents a low-risk opportunity for extending the life of legacy applications, while modernising the environment. 

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Organisations moving legacy solutions into hyperscale Cloud infrastructure (IaaS) to meet the objectives of ‘Cloud first’ strategies have found that the proposed cost savings are not always present, and operational risks due to skills shortages can emerge. The rise of next-generation hyperconverged offering Cloud-like management is a response to this challenge. 

IBM’s new offering shows how this grandfather of the industry, with a massive backlog of legacy solutions, will seek to re-secure its client’s investment in solutions, while smoothing the transition to Cloud-like architectures. 

Related IBRS Advisory

  1. VENDORiQ: Woolworths Selects Dell Technologies Cloud to deploy hybrid Cloud strategy
  2. Running IT-as-a-Service Part 49: The case for hybrid Cloud migration
  3. Running IT-as-a-Service Part 50: Hybrid Cloud migration – Where is the money saving?

Conclusion:

Thinking that the pandemic will soon be past and some form of new normal will emerge, be it working from home or office work, or a hybrid mix - is a misconception. Even with a vaccine, the pandemic will continue in isolated, difficult to predict pockets, and cause sporadic rapid changes to work practices for the foreseeable future. Organisations will need to be able to quickly flip-flop work environments rapidly, and work processes - and thus technologies - must evolve to meet the challenges of the 'age of uncertainty'. A fourth wave of ICT architecture is emerging, with a focus on information over architecture, low-code everything and powered by algorithms.

Find attached at the bottom of the article a free downloadable PDF copy of the trends for 2021-2026 executive presentation deck.

Conclusion:

As is common in security, a buzzword becomes a product segment which is then flooded with new entrants or even old players with new offerings. A classic case is the detection and response segment. Initially, it was one approach – endpoint detection and response. But as vendors entered the segment they were driven to find differentiation points to stand out from the crowd.

What was a simple segment became one with many new acronyms, new problem definitions and of course a plethora of products. To help understand the basic differentiation of products in this segment this advisory provides a direct and simple definition for each main sector along with points to note about how to select any specific product in the segment.

Conclusion:

The recent SolarWinds security compromise provides a timely reminder that a cyber security compromise from third parties is a clear and present threat. Virtually all organisations utilise third party vendors to provide services, software solutions and to store data. For these reasons, it is essential that all organisations have a third party risk assessment and compliance program as part of a broader cyber security strategy. Given that organisations utilise a multitude of vendors it is impractical to adopt a one-size-fits-all approach to third party risk management. This article provides a pragmatic approach to mitigating this risk.

With the rush to deploy Teams to enable remote work in 2020, the majority of organisations have not yet fully considered the highly disruptive nature of deep collaboration. Governance has been largely overlooked in the effort to ‘just get people working’. IBRS outlines the seven critical areas of governance that must be immediately addressed for Teams to be sustainable and to mitigate the new risks (and benefits!) of deep collaboration. Find attached a PDF of the webinar to download for free. Or to view the webinar, click on the video below.

 

Conclusion: Most organisations have vast pools of data (a. k.a. information assets) lying underutilised, as many IT and business professionals are unsure where it is stored and are unaware of its value. To turn the situation around organisations must strive for data mastery1, which is the ability to embed the data into products and services to increase efficiency, revenue growth and customer engagement.

Conclusion: Cyber attacks are a clear and present threat. Some organisations now have varying degrees of detection, monitoring and response capability in place, while other organisations still rely on their major incident response process to identify and manage cyber security incidents. In these organisations, cyber security operational responsibility is still embedded in traditional ICT operations. Such a siloed approach is suboptimal and presents risks in the effective management of cyber security risk. CIOs and other cyber security professionals should ensure that they have implemented a SOC capability that is appropriate to their organisation.

Conclusion: Regardless of its digital strategy, many organisations have not been positioned to properly leverage the digital and data assets that are available to them. A Chief Data Officer (CDO) role can improve this situation by advancing an organisation’s data portfolio, curating and making appropriate data visible and actionable.

The CDO position is appropriate for all larger organisations, and small-to-large organisations focused on data-driven decision-making and innovation. These organisations benefit from a point person overseeing data management, data quality, and data strategy. CDOs are also responsible for developing a culture that supports data analytics and business intelligence, and the process of drawing valuable insights from data. In summary, they are responsible for improving data literacy within the organisation.

Conclusion: Credential theft is still one of the prime means of attacking systems. Dictionaries of passwords are readily available (many with millions of passwords). These allow attackers to perform credential stuffing attacks – often successfully.

Eliminating passwords has been difficult in the past. However, the consensus amongst vendors of both software and hardware is to bring to market methods of achieving authentication without passwords. The ubiquity of mobile devices with touch or facial authentication is one prime element.

This is a necessary evolution of authentication.

Observations: In theory, Virtual Desktop Infrastructure (VDI) technology enables organisations to be nimble, providing flexible, remote working and (for some use cases) more cost-effective deployment of digital workspaces. Recent events and technology advances have tested this theory and spawned several major changes. The rush to cater for remote working has increased adoption to Cloud-based VDI for ‘burst workloads’, at least in the short term. The need to quickly address scalability issues for organisations that had previously invested in VDI has favoured increased sales of hyperconverged solutions.

Longer term, organisations are looking to leverage VDI to enable compute and data-intensive tasks while keeping information ‘inside the data centre’. Some organisations – especially in financial services – are looking to expand previous VDI experiments to transform workplaces and service delivery models.