Responses in a recent Cisco-sponsored Cloud Security Alliance survey (hyperlink) illustrate that many data privacy challenges previously cast in the “too hard” basket can be more readily navigated though focusing on universal principles across Cloud, IoT and Big Data. Survey responses showed a surprisingly strong level of interest in a global consumer bill of rights and responses were overwhelming in favor of the OECD data privacy principles facilitating the trends of Cloud, IoT and Big Data.
Following are the most significant findings:
Data Residency and Sovereignty
Data residency and sovereignty challenges continue to emerge. However, there was a common theme of respondents identifying “personal data” and Personally Identifiable Information (PII) as the data that is required to remain resident in most countries.
73 percent of respondents indicated that there should be a call for a global consumer bill of rights and saw the United Nations as fostering that. This is of great significance with the harmonization efforts taking place in Europe with a single EU data Privacy Directive to represent 28 European member states. As well as with the renewed calls for a U.S. Consumer Bill of Privacy Rights in the United States and cross-border privacy arrangements in Australia and Asia.
Finally we explored whether OECD privacy principles that have been very influential in the development of many data privacy regulations also facilitate popular trends in cloud, IoT and big data initiatives or cause room for tension. The responses were very much in favor of facilitating the various trends.
The survey report includes an executive summary from Dr. Ann Cavoukian, Former Information and Privacy Commissioner of Ontario, Canada and commentary from other industry experts on the positive role that privacy can play in developing new and innovative cloud, IoT and Big Data Solutions. Read the Data Protection Heat Index survey report:
Big Data is not just about gathering tons of data, the digital exhaust from the internet, social media, and customer records. The real value is in being able to analyze the data to gain a desired business outcome.
Those of us who follow the Big Data market closely never lack for something new to talk about. There is always a story about how a business is using Big Data in a different way or about some new breakthrough that has been achieved in the expansive big data ecosystem. The good news for all of us is, we have clearly only scratched the surface of the Big Data opportunity!
With the increasing momentum of the Internet of Everything (IoE) market transition, there will be 50 billion devices connected to the Internet by 2020—just five years from now. As billions of new people, processes, and things become connected, each connection will become a source of potentially powerful data to businesses and the public sector. Organizations who can unlock the intelligence in this data can create new sources of competitive advantage, not just from more data but from better access to better data.
What we haven’t heard about – yet—are examples of enterprises that are applying the power of this data pervasively in their organizations: giving them a competitive edge in marketing, supply chain, manufacturing, human resources, customer support, and many more departments. The enterprise that can apply the power of Big Data throughout their organization can create multiple and simultaneous sources of ongoing innovation—each one a constantly renewable or perpetual competitive edge. Looking forward, the companies that can accomplish this will be the ones setting the pace for the competition to follow.
Cisco has been working on making this vision of pervasive use of Big Data within enterprises a reality. We’d like to share this vision with you in an upcoming blog series and executive Webcast entitled, ‘Unlock Your Competitive Edge with Cisco Big Data Solutions’, that will air on October 21st at 9:00 AM PT.
I have the honor of kicking off the multi-part blog series today. Each blog will focus on a specific Cisco solution our customers can utilize to unlock the power of their big data – enterprise-wide– to deliver a competitive edge to our customers. I’m going to start the discussion by highlighting the infrastructure implications for Big Data in the internet of Everything (IoE) era and focus on Cisco Unified Computing System initially.
Enterprises who want to make strategic use of data throughout their organizations will need to take advantage of the power of all types of data. As IoE increasingly takes root, organizations will be able to access data from virtually anywhere in their value chain. No longer restricted to small sets of structured, historical data, they’ll have more comprehensive and even real-time data including video surveillance information, social media output, and sensor data that allow them to monitor behavior, performance, and preferences. These are just a few examples, but they underscore the fact that not all data is created equally. Real-time data coming in from a sensor may only be valuable for minutes, or even seconds – so it is critical to be able to act on that intelligence as quickly as possible. From an infrastructure standpoint, that means enterprises must be able to connect the computing resource as closely as possible to the many sources and users of data. At the same time, historical data will also continue to be critical to Big Data analytics.
Cisco encourages our customers to take a long-term view—and select a Big Data infrastructure that is distributed, and designed for high scalability, management automation, outstanding performance, low TCO, and the comprehensive, security approach needed for the IoE era. And that infrastructure must be open—because there is tremendous innovation going on in this industry, and enterprises will want to be able to take full advantage of it.
One of the foundational elements of our Big Data infrastructure is the Cisco Unified Computing System (UCS). UCS integrated infrastructure uniquely combines server, network and storage access and has recently claimed the #1, x86 blade server market share position in the Americas. It’s this same innovation that propelled us to the leading blade market share position that we are directly applying to Big Data workloads. With its highly efficient infrastructure, UCS lets enterprises manage up to 10,000 UCS servers as if they were a single pool of resources, so they can support the largest data clusters.
Because enterprises will ultimately need to be able to capture intelligence from both data at rest in the data center and data at the edge of the network, Cisco’s broad portfolio of UCS systems gives our customers the flexibility to process data where it makes the most sense. For instance, our UCS 240 rack system has been extremely popular for Hadoop-based Big Data deployments at the data center core. And Cisco’s recently introduced UCS Mini is designed to process data at the edge of the network.
Because the entire UCS portfolio utilizes the same unified architecture, enterprises can choose the right compute configuration for the workload, with the advantage of being able to use the same powerful management and orchestration tools to speed deployment, maximize availability, and significantly lower your operating expenses. Being able to leverage UCS Manager and Service Profiles, Unified Fabric and SingleConnect Technology, our Virtual interface card technology, and industry leading performance really set Cisco apart from our competition.
So, please consider this just an introduction to the first component of Cisco’s “bigger”, big data story. To hear more, please make plans to attend our upcoming webcast entitled, ‘Unlock Your Competitive Edge With Cisco Big Data Solutions’ on October 21st.
Every Tuesday and Thursday from now until October 21st, we’ll post another blog in the series to provide you with additional details of Cisco’s full line of products, solutions and services.
In my previous blog, I highlighted the need in ISV’s business transformation due to various changes in the market. Although ISVs are bound to face challenges as they shift their approach to application development, they must also be weary of the challenges that can come with other technological avenues, including cloud, analytics, mobile and social networks. The following are the top 10 challenges that I have seen ISVs struggling with in today’s market:
Domain 1 – Infrastructure & Environment
In today’s cost-sensitive market with tight budgets, ISVs have to decide if there is a business case to build a Cloud to run their production software or host SaaS solution in a public Cloud or hosted Cloud. There are many qualitative and quantitative factors to consider. Qualitative analysis can include new or existing software solution, security, compliance, availability, global reach requirements, IP protection, existing IT resources in-house or lack there-of, etc. Quantitative analysis can include cost per user considering cost of compute, network, storage, support, training, software license, third party integration, human resource cost for development and support, etc.
It is easier to do the above analysis for Test environments, where you would need a large number of resources for a short period of testing time. Hence, public IaaS providers can be cost effective if there are no major concerns on Security, Compliance or IP-Protection. In such situations, ISVs can develop software using in-house environments and use public Cloud (or hybrid Cloud) for test environments.
ISVs should consider Cattle and Pet strategy (just like a cow in a cattle where if one cow dies, it gets replaced without any big impact to cattle, a server or a VM instance in cloud should be treated the same where if one server goes down, there should not be any impact on the functionalities of the cloud solution. This is unlike a pet – or a traditional server in legacy environment – where a pet requires care and create impact if something happens to it) in architecting the software for Cloud to reach higher availability. One should not have a Pet instance that cannot go down. Instead software solution should have failover capabilities and also load balancing capabilities so any server should be replaceable just like a cow in a Cattle. Following are some generic statistics of reliability in Cloud compare to Legacy environments:
Legacy has 99.9% reliability for Applications and 99.999% reliability for Infrastructure
Cloud has 99.0% reliability for Infrastructure and 99.999% reliability for Application
Domain 2 – Virtualization & Abstraction
Evaluating if your software can live on a virtualized server or if it requires bare-metal server, can be the starting point in the Cloud journey. Not every software solution is designed to be on a virtualized server. In this case, it is a critical decision if one should redesign the software or develop it from the scratch or use container technology.
Questions, such as: “can (and should) your software do multi-tenancy?”are also very important. This decision can lead to overall impact on how you architect your software solution and evaluate price. Ability to do multi-tenancy can lead to reduced infrastructure to run your solution and hence, possibly reduced price to end customer. One should also evaluate impact of multi-tenancy on security that is required for ISV’s vertical industry. When a SaaS application handles sensitive data, ISVs must know and document how enterprise’s sensitive data is isolated from other tenants’ data. This analysis includes data at rest and data in-transit within the ISV’s SaaS environment, as well as in-transit across other untrusted networks.
Domain 3 – Automation and Orchestration
Selecting the right tools for automation of policy-based orchestration, deployment and provisioning can lead to less manual steps, reduced time to setup new customers and enhanced speed to market.
Utilizing automation for release management can lead to less errors and smaller numbers of business interruption.
As high availability and less time between interruptions for disaster recovery are critical to keep customers in Cloud space, ISVs should have automation tools to do regular testing with simulated disaster situations to verify high availability.
Domain 4 – Customer Interface
Since late 1990s, with introduction of Web, ISVs are forced to decide if software should have thick client or thin client or both. Now, with ubiquitous smart phones, popularity of mobile applications and with speedier releases of upgrades on popular mobile platforms such as Google Android, Apple IOS, etc., maintaining and upgrading mobile client can be substantial additional investment.
ISVs also need to make decisions on what should be the scope of the mobile client –
Should it be an independent software with full feature functionality of software solution, or
Should it be a hybrid solution where some feature functionalities are available on Mobile client while the rest is accessed remotely via web and executed in Cloud, or
Should Mobile client just be an additional device with remote web client?
In addition, with market trends towards integrating third party APIs to expand the feature functionalities of the software, role based identity management is critically important. Additional challenge is that ISVs have to develop flexible solution so they can adjust to different interpretation of different roles by different API providers.
Domain 5 – Service Catalog
With SaaS, ISVs have to plan on how to price their software solution per user but also think about how to package the software solution and make it available using web based catalog. This catalog needs to have clear use cases that are easy to understand, aligned to vertical industry needs and price competitive to match customer’s willingness to pay. Moreover, though, any inclusion of third party software solution needs to be transparent to the user; it needs to be clearly defined in the legal language to reduce liability.
Development of such price & package is not a simple task. It is an art as one should create unique value perception for all use cases, be competitive, as well as make it easy for the user to decide and differentiate from competition to avoid price discussion instead of value. Moreover, this catalog may need to change regularly based on competitive forces and customer needs.
In addition to developing their own catalog, ISVs must also consider how their software solution can be integrated in Partner’s catalog so they can reach broader audience. This requires considerations, such as how to price it to the value given by partner solution. This may require rethinking on the price as partner based use of ISV’s software solution may not include full feature functionalities.
Domain 6 – Financial
Pricing software solution using Pay-per-use model is a challenge that is different from pricing for perpetual license. Pricing needs to be based on the market’s willingness to pay, as competition is just a click away. It also requires considerations and clear understanding that ISVs may not have many months to recover R&D cost due to competitive threats. Hence, it requires clear planning on how fast ISV can get enough customers to reach a breakeven point to cover R&D, customer acquisition & operation cost.
Compared to one-time billing for perpetual license, monthly or quarterly ongoing billing for pay-per use is a challenge and it has larger number of collection issues.
With the popularity of social media, even clarity and simplicity of regular bill-to-customer is important. Otherwise, ISV runs the risk of having a critical blogger targeting ISV billing practices and impacting reputation and moving customer’s opinion away from ISV. Such customer opinion also provides additional ammunition to competition. Hence, a bill should have enough details that are easy to understand, yet forces customers to see the value and possibly avoid easy comparison with competition.
In pay-per-use licensing, ISVs have to develop new strategy for revenue recognition and that can lead to impact on how sales compensations are designed.
If software solution includes third party vendors, ISVs need to do appropriate ongoing reporting to the vendor and also understand appropriate impact for tax purposes.
How long should ISVs let customer try software solution for free or have a promotional package is based on software solution maturity, market trends and direct competition. This decision alone can lead to high cost of customer acquisition and promotion.
Maximizing social networks such as Facebook and Twitter to understand market trends and develop appropriate reports for business impact is critical for today’s success and require additional skills and resources.
ISVs needs to develop intelligent reporting for customers, partners and its own management using analytics tools based on software solution. Moreover, making sense out of structured and non-structured data with variety, volume and velocity of data requires different reporting solutions such as use of Big Data Analytics. Each customer click that can span across ISV’s multiple systems and possibly multiple Cloud provider partners that are part of the solution can execute multiple transactions and produce multiple logs. Some of the key analysis that companies could consider based on business maturity to develop correlations and to make future business decisions are: log analysis (web, applications, transactions, database, IT Infrastructure, System Tracking, Errors, Intrusion detection logs), process analysis, user interaction analysis, real time alert & action analysis and historical event analysis. These solutions are not free and require appropriate in house resources such as Data scientists & Business analysts, infrastructure & software planning and investment.
Domain 7 – Platform
With growth of Cloud, Linux has become a very popular OS to develop solutions on. One can find many IaaS and PaaS providers offering Linux offers on cost effective bases. That said, though Linux is popular, Windows is not too far away with support from Microsoft’s Azure and few other Cloud Providers. But other Unix flavors are becoming less and less popular day by day. Hence, ISVs have to consider if their software should be migrated to Linux or Windows if they are not developed on them.
Based on OS, one also needs to consider existing resource’s familiarity with popular application development platforms, frameworks and libraries. For example, ISVs may be able to find many resources that are familiar with Eclipse compared to other alternatives.
Similar to OS, database plays an important role in the stability, performance and cost of the software solution. Per CPU core pricing of Oracle may require additional look when open source database like MySQL has become very stable and popular for many use cases. Many ISVs have found it to be an acceptable alternative. By the way, such consideration may lead to redesign of the software and may not be appropriate for all conditions.
Domain 8 – Application
ISVs have to develop a clear strategy that customers get hooked on by providing customers free or cost-effective training, or easy API based integration points for logging, reporting, identity integration, such that customers would not easily consider competition that is just a click away.
Decide if ISV should consider languages such as C#, C++, VB, Java or consider light weight scripting language such as Perl, Java Script, PHP, Ruby or Python or both is based on familiarity of existing development team, current code, modularity of the solution and available resources.
Large amount of source code is available via open source, and ISVs have to evaluate if it is appropriate for their development team to use it for faster time to market and also consider copy-right issues related to using such open source code.
ISVs have to revisit their software solution to understand that it has modular design to take advantage of heterogeneous components offered by the Cloud and also leads to appropriate planning for high availability.
Domain 9 – Security and Compliance
As mentioned by Cloud Security Alliance for Application Security, there are four key metrics that apply for Cloud applications – Compliance and Governance, Identity and Access, Vulnerabilities and Patching, and Data Security. ISVs must ensure that needed metrics are available for Enterprise customers for their SaaS platform.
A good hacker can take advantage of the weakness in the development language for the software. Therefore, ISV needs to establish good coding practices such as input validation, authentication, authorization, configuration management, session management, cryptography, parameter manipulation, exceptional management, appropriate protection of in-memory data, and audit & logging.
ISV should also document following key things for their Enterprise customers:
What Web application security standards (input validation, encoding output, preventing request forgery and information disclosure) are being followed by the ISV?
What application and infrastructure controls are in place to isolate the enterprise’s data from that of other tenants?
How many denial of service attacks were attempted and how were they handled?
How do they manage identity?
How do they encrypt data (logs, between multiple application modules, between application and database and between application and third party API based use, etc)?
Domain 10 – Organization, Governance and Process
Historically, software vendors are responsible for application development, feature and functionalities while customers are responsible for managing them in their own environment. With SaaS, operating and supporting is also part of ISV’s responsibilities. ISVs capability for continuous software development and with upfront considerations for operations and delivery of that software can allow capture of market opportunity faster and reduce time to get customer feedback. This DevOps software development methodology and considerations for operations is an important evolution compared to historically popular Waterfall or Agile methodologies. It is stated that DevOps methodology of software development reduces approximately 50% time as well as cost for long term operations support.
Impact of social network is tremendous and questions such as how are ISVs reaching out to potential target customers with social networking, how to support software online, how to maintain reputation online in the face of a crisis.
Many established ISVs have a sales force with tendency to hunt for the customers, transact the deal and leave. SaaS solution with pay-per-use licensing requires farming of the customers. In many ISV’s environment, this ongoing relationship building takes much more effort than sales is trained for, and would want to spend time per customer based on their quota size. Hence, ISVs have to plan appropriate sales strategy to keep sales force motivated.
For many ISVs, changing Sales compensations and training sales teams to sell pay-per-use license with minimal upfront revenue have been the most difficult part of this transformation. Established ISVs have to juggle to make sure that bottom line is not impacted too much and they can achieve good growth in subscription revenue for top line growth.
In this fast moving market with no permanent friends or foes, relationships for cooperation or competition, ISV has to continuously think who to partner with and how to structure partnership that is based on Customer value and aligned with ISV’s short & long term business strategy.
The need to move fast to improve software and remain a step ahead of the competition has lead established ISVs to develop hybrid solutions while others SaaS based ISVs have become core business services in Cloud(i.e. Workday, Salesforce.com, google app engine etc.), and they are replacing traditional on-premises software vendors. Some ISVs have expanded their reach and capabilities using third party SaaS vendors echo systems, such as Salesforce.com.
Existing System Integration
Once ISV develops SaaS based solution, system integration with other ISV’s solutions, reporting needs requires modularized thinking and possibly different developer resources as not all integrations are based on simple solution such as REST API. Some still require custom API integrations that may be based on Java or C++. Moreover, such integration should also consider higher availability and scale needs for SaaS solutions. Hence, ISV builds versus what ISV integrates into using third party API has become an important question of business decisions.
Success of ISVs does not only rely on the direct customers but also equality important are echo system partners. So ISVs also need to consider organic approach of today’s fast moving market environment and develop APIs for their key feature functionalities for partner’s to take advantage of. This is one of the very important considerations for DevOps methodology to address needs of development, operations and integration. This ability to allow someone to integrate to your software using your API (possibly REST based) as part of echo system can offer immense opportunities for ISVs, as it automatically enables you to reach a wider customer base.
In short, it the pressure to continuously adding value when competition is one click away leads to a challenge of existence for ISV and a –poses the question: should ISV continue to be an ISV, or not? Small, agile and nimble ISVs can turn fast with the market trend but that can lead to not having sufficient time to develop efficient processes and procedures. Large and established ISVs have advantage of existing customers and well-oiled operations but changing faster with the time is always a challenge. This Ying and Yang of agility to meet market demand and efficiency to run the business is core to many ISV challenges.
After saying all of the above, not everything is bad for ISV business, as more and more ISVs are coming to market with their unique flavor of SaaS solution. There are many ways to make money in today’s market, such as faster customer reach due to internet, analytics, mobile and social networks as well as , enthusiastic responses from venture capitalists to invest in “good” SaaS based solutions. ISVs that understand the challenges explained and are weary of them will surely experience a positive change in their results.
Visit Cisco Servicesto learn more about how converging technology trends are shaping the way IT operates and delivers services. Be sure to join the conversation, #CiscoServices.
The appetite for the latest new products and services is growing exponentially driven by the 24 hour, on demand, social media driven, next day delivery expecting, ‘selfie’ posing with the new shiny object, hyper informed consumer. Satisfying the demand for this fast-paced consumer cycle requires manufacturers to move rapidly to stay ahead of competitors and consumer tastes. They must bring interesting and exciting new products to market in a timely fashion, whether they are first to market or responding to a competitor’s new product offerings.
Two specific trends are emerging and transforming how the industry develops, manufactures and meets the demands of the new on demand consumer driving market – crowd sourcing and 3D printing.
Manufacturing Game Changers: Crowdsourcing and 3D Printing
Crowdsourcing is not a new development model. In fact, the open-source model gave us the Linux operating system and the Apache Web server over 20 years ago. But there is one very distinct difference when applying crowdsourcing methodology to a manufacturing process, as opposed to software development, and that is raw material. This is where 3D printing technology is rapidly maturing driving orders of magnitude efficiencies and cost savings into the value chain.
A Printed Car
In fact, a start-up called Local Motors is on the cutting edge of combining crowdsourcing and 3D printing to revolutionize the automobile industry. In a process that Local Motors calls “co-creation,” — also known as “crowdsourcing” — the software allows enthusiasts to post a design for a part that other users in a worldwide community can call up on a browser, see in 3D, take measurements from, and comment on, thus providing a new model and methodology for innovation. Local Motors then leverage 3D printing technology to deploy “microfactories”
Can crowdsourcing and 3D printing produce an electric car?
Today, I am pleased to announce Cisco’s intent to acquire privately held Memoir Systems, a company that develops semiconductor memory intellectual property (IP) and tools that enable ASIC vendors to build programmable network switches with increasing speeds. This acquisition will enable the proliferation of affordable, fast memory for existing Cisco switch ASICs and will help advance Cisco’s ASIC innovations necessary to meet next-generation IT requirements.
Currently in the data center switching market, denser infrastructure and data-intensive workloads are driving demand for higher port density (feeds) and greater bitrates (speeds). At the same time, the accelerating growth of scale-out (non-virtualized) Big Data applications like Hadoop are driving increasing East-West data traffic – furthering the need for greater data center network density. Unfortunately, the physical memory in typical ASIC switch chips cannot cope with the design requirements for these more intense needs and as a result, can become the bottleneck that limits the density and performance of future data center switches.
To help solve the ASIC memory issue, Memoir currently licenses soft-logic IP, which speeds up memory access by up to 10 times. It also reduces the overall footprint this memory takes up in typical switch ASICs. As a result, this technology allows the development of switch and router ASICs with speeds, feeds, and costs typically not possible with traditional physical memory design techniques. This differentiation is critically important as port densities and port speeds move from 10G to 40/100G.
The acquisition of Memoir Systems is expected to close in the first quarter of Cisco’s fiscal year 2015. The Memoir team will report into Cisco’s Insieme Business Unit, under Senior Vice President, Mario Mazzola.
I look forward to seeing Memoir’s technology used across Cisco’s future ASIC projects. Memoir’s technology and strong team will allow Cisco to continue to innovate at the chip level and advance our ASIC and overall networking strategies.