1

Created and Presented by:

Rand Morimoto, Ph.D., MCITP, CISSPAuthor, “Unleashed”-series / Sams PublishingPresident, Convergent Computinghttp://www.cco.com randm@cco.com

IT Strategies - 2014 I.T. is Struggling with 3 Major Things

• Lowering IT Costs

• Improving IT Efficiencies and Relevance

“Cloud Strategy”

“BYOD” / “MDM” / “VDI”

“Social Media Strategy”

• Addressing Security, Compliance, Privacy

• Protecting Intellectual Property

• Focusing on User Access to Information

• Improving User Experience

Cloud is ALL About Saving $$$(“a Money thing”)

• Use Box.net / Dropbox – Monthly cost, Access info anywhere

• Salesforce / Workday – Specialty applications, Cheaper / Easier

than setting up servers

• Amazon / Azure – Monthly cost, Pay as you need it

• Office 365 – Monthly cost, Cheaper / Easier than setting up

servers inhouse

Datacenters of the Past

Storage Network Compute

Today’s datacenter

Datacenter of the (New) Present“Datacenter without boundaries”

Service Provider(ie: Rackspace,

Latisys, etc)

Storage Network Compute

On-premises infrastructure

• CCO is working with some of the largest datacenters in the world

• “Server Pods” – 1160 16-core Host Servers in a shipping container

at 57% less cost than the deepest corporate discount for HP, Dell,

Fujitsu, IBM servers

• “Cheap Storage” – Instead of $2500/TB (times 2 for site

redundancy), storage costs in bulk (JBOD) now $300/TB (times 3 for

high availability and site redundancy), so $5,000/TB or $900/TB???

• “Virtual Networking” – Instead of appliances and devices, just

embed switching and internetworking within the Hosts, Pods,

Servers, and Apps (decrease of $10,000-$25,000 per site or per

connection)

• “Service Automation” – Spin up 2,350 VMs in 1-hour. Failover 1,000

VMs within a site in 30-seconds. Failover 1,000 VMs across sites in

3-minutes

• THIS hosted datacenter efficiency (now at $.46/$1, heading to

$.37/$1 within 6 months) will drive costs down, and put pressure on

internal IT departments to improve internal IT efficiencies…

Optimized Datacenter

2

Service ProviderOn-premises infrastructure

Where to Start…

Service Provider[Rackspace]

Storage Network Compute

On-premises infrastructure

Onsite (Existing) Datacenter

• Run Active Directory for identity

• Focus on Business Applications

(Accounting, HR, etc)

• Manage Compliance (on-premise and

cloud)

• Support Endpoint Devices

Extend to Azure Services as Needed

• Running simple servers (like

www.cco.com, file system storage, time

and billing entry server, etc)

• Extending the corporate network (so the

cloud is seen and managed just like a

virtual guest on the corporate network)

• Servers are geo-replicated (so 99.9%

guaranteed uptime)

• Leverage Azure AD for “shared directory”

between multiple orgs (SharePoint

scenarios, a better “file sharing” solution)

• Copy systems (HyperV

VHDs) to the cloud

• Remote (RDP) to the

guest session and

manage just as you

would a local virtual

guest, so 100% control

• Monthly cost $57/month

for a full running VM

http://www.networkworld.com/community/blog/virtual-networks-windows-2012-and-azure-vms

MANAGEMENT & AUATOMATION

NEW! Improve traditional storage with Storage Spaces with

Automated Tiering (SSD/SATA) and Disk Deduplication

Hyper-V Replica permits replication for

business continuity & failure recovery

NEW! Non-Windows support for Remote

Desktop Services (ie: Apple Mac, iOS, Android)

NEW! Hyper-V Replication (local), Site to Site Replication

(to cloud), Azure-based HyperVRecovery Mgr

NEW! Hyper-V – Grow & Expand Virtual Machines

while they are running

NEW! Multi-Tenant Site-to-Site VPN Gateway to

enable cross-premises connectivity

UPDATED! Non-Windows endpoint (Mobile Device

Management) support in ConfigMgr / Intune

NEW! WorkPlace Join (iOS, Win8.1), WorkFolders (folder sync

(tablets/phones)), Web Application Proxy (app

authentication)

UPDATED! Hyper-V Network Virtualization to

isolate network traffic on shared infrastructure

UPDATED! Monitor (SCOM) and Provision (VMM) VMs

seamlessly on-premise or in the cloud

Enterprise Systems Management• Single console to view on-

premise & cloud; servers & clients; Microsoft & non-Microsoft apps; router & switches; firewalls & storage

• Automate management and recovery

• Build capacity on-premise or in the cloud on demand and cost

• Consolidate capacity on-premise or in the cloud based on demand and cost

• Inventory, Patch, Update, Replace, Replicate, Restore –Servers, Desktops, Laptops, Tablets, Phones anywhere at any time

BYOD is Employees saying, “thanks, I can take care of my own system and apps…”

(“it’s an H.R. thing”)• Users have gotten tech savvy• Those entering in the workforce (in their 20s and 30s) grew up

with computers; they don’t know a world without Google or laptops• Older employees have been using PCs for 20-30 years now• Employees just want to get their work done• Workforce wants to be anywhere, use any system, and just

access their “stuff”• BUT, I.T. needs to address security, protecting privacy,

compliance…

Information Technology: 7-15 years ago“Datacenters” were centralizedApplications and data commonly distributed by sites / geographies at bestAll endpoints for the most part were Windows-based clientsEmergence of first Web-based Apps and “mobile” were Blackberries

From

Home

VPN

Server

3

Over the Past 4 years…Heavy focus on regulatory compliance and standardizationTighter management control over Windows PCs (locked down and highly managed Windows XP guest sessions)Tight controls on “firewalls” and central ITPut 100% of our focus on the “managed / locked down Windows XP PC”Let users sync their email with any mobile device they wanted to bring iniPhones, iPads, Android became more than just PDAs but common endpoint devicesApple’s domination in mobile phones and tablets along with lack of innovation in PC laptops / tablets let the MacBook and iPad proliferateLackluster economy has had businesses and IT focused on other things

SOX HIPAA 21CFR FISMA

Information Technology – Today

Endpoint is no longer just a Windows client (now Mac, iPad, Linux, Tablet)

Applications and data no longer in just 1 place (cloud-based applications (Salesforce.com; Box.com; Dropbox; etc), distributed apps)

Mobile users need access to more than just email (access to full apps from any place and from any device)

Options for IT Executives Today…

Option 1: Block the evolution of technologies (ie: no Macs, no Cloud, no Tablets, company owned mobile, locked down environment). Which is doing things the way we’ve been doing the past couple decades…

Option 2: Try to force a managed environment using new technologies to do things the old way (ie: VDI “Windows looking guests” on all devices, join Macs and Linux systems to AD just like we have done with Windows, Mobile Device Mgmt (MDM) to lock down devices) – Which are all small “point solutions” to a bigger problem…

Option 3: Outsource IT – Hoping that someone else can do Option 1 and Option 2 better and cheaper

Option 4: Rethink IT

Option 4: Rethink IT(the balancing act)

User wants and needs… The business needs…

Access to business applications

Access to data

Ability to communicate

Access any time / anywhere

Control who has access to info

Audit and report on access

Ability to deprovision users quickly

Protect data and users

Solving the Endpoint Management Challenge

1. Identity / Single Sign-on is Imperative - User must logon to a common directory (like Active Directory) before getting access to ANY other app (on-prem or cloud)

2. Encrypt All Data - Protect the data, and then you don’t have to worry if it “leaks” and ends up on Box, Google Apps, Skydrive, iPads, Mac Laptops that may not be secure

Step 1 – Focus on “Identity”Going from Multiple Passwords…

Enterprise Firewall

Active Directory

Internal Apps

eBusiness

Portal

4

…to a common Single Sign-on Solution

Access to public

cloud applications

Shared info access

with business

partners

Corp apps in

the Cloud

Client-facing

applications

Consumer-facing

applications

Active DirectoryInternal Apps

Step 2 - Encrypt All Data

Encrypting a device is good, but ineffective the minute the data leaves the device

Encrypting emails or encrypting communications is great, but only for emails or SL connectivity

Encrypt ALL DATA so you don’t have to worry about the device (laptop, thumbdrive), endpoint storage medium (ie: Box, DropBox), locality (China, N.Korea, Middle East), or transport (SSL, VPN)

Tie data encryption to Active Directory, so when you disable the AD account, all of the files associated with the AD user become inaccessible

Leverage automated encrypted technologies

Set Security Criteria on Content

Author of the document can define who can do the following:• View document• Edit document• Print document• Copy/Paste• Forward an email• and set doc expiration

Office 2011 Mac Natively Supports Microsoft Rights Management Services Encryption and Protection

Native support for Microsoft Rights Management Services (RMS) for document encryption / protection

Leveraging 3rd Party Plug-ins for RMS

5

Captures and Applies Encryption to Files in Transit in Exchange 2007/2010/2013 & SharePoint 2007/2010/2013

Providing a Common App for ALL Endpoints Types(ex: Microsoft Exchange 2013, SharePoint 2013, etc)

Exchange / SharePoint (2013) have native support for mobile phones and tablets

Exchange leverages Outlook Web App (OWA) and the “offline capabilities” in HTML5 built in to IE 10+, Safari 5.1+, Google Chrome 18+

Mobile Phone

“1 wide” formatTablet “2 wide” format

Normal Desktop/Laptop “3 wide” format

Remote Desktop Connection Clients (by Microsoft)for Apple Mac, iOS, Android (released Oct 17, 2013)

MacOS https://itunes.apple.com/us/app/microsoft-remote-desktop/id715768417?mt=12&ls=1

iOS https://itunes.apple.com/us/app/microsoft-remote-desktop/id714464092?mt=8

Android https://play.google.com/store/apps/details?id=com.microsoft.rdc.android

Remote Desktop Client – Apple Mac

Remote Desktop Client – iPad

Focusing on User Access to Information

Improving User Experience

Enterprise social and your businessTransform your business from the inside out

EXTERNAL SOCIAL INTERNAL SOCIAL

6

Microsoft Office Servers & Microsoft Office 365Providing organizations Microsoft’s trusted business technologies (Exchange, SharePoint, Lync, Office)

on-premise, in the cloud, or both. Flagship “2013” versions with full support for non-Microsoft

endpoints (Macs, Android, iOS) with the exact same version in the cloud with Office 365

Work together Introducing Yammer:Integrating SharePoint, Yammer, SkyDrive, Lync…

83% of users feel

better connected

with their team

25% boost in

productivity in social

organizations

20% rise in

supplier & partner

satisfaction

67% of new

employees get up to

speed faster

78% of users

communicate more

effectively

41% of users are

more prone to share

feedback via

Yammer

50% of users can

locate relevant

information and

people faster

80% of users are

more informed with

what is happening

40% greater ROI

when using Yammer

and SharePoint

together

Sources: IBM Global CIO Study, 2011 - Yammer User Survey, 2010 - McKinsey, The Social Economy, July 2012 - Gallup Consulting “Employee Engagement, What’s Your Engagement Ratio?” 2008 - Yammer User Surveys,

2010 and 2013

Improve team alignment

- Collaborate across geos and functions

- Manage projects and events

- Drive competitive intelligence

Increase employee engagement

- Identify expertise

- Accelerate learning, development & onboarding

- Share best practices

Continue to evolve

- Innovate faster

- Adapt and respond to change

- Build a unified culture

• Getting employees engaged in business activities

• Getting management to communicate with staff (better transparency)

• Getting clients to share input and insight directly to the business

• Improving business processes and communications to a more collaborative solution

Yammer – Enhancing Communicationsand Collaboration

7

Yammer & SharePoint

Better Together

https://about.yammer.com/customers/nationwide/

Accessing Information from Any DeviceWindows, Apple Mac, iPhone, iPad, Android, Linux, Windows Mobile, etc

Like and Reply to others’ messages

Notify people immediately with a message

Post to a group on the go

Browse your network

Guidance

Developer Tools

SystemsManagement

IdentityManagement

Cloud

Information Protection

Client and Server OS

Server Applications

Edge

Unified (optimized) Datacenter whether On-premise or the Cloud Management and datacenter server tools that support Microsoft and non-Microsoft environments (ie:

cross-platform manage - Vmware, Linux, NetApp, EMC, Cisco, etc) Support for Microsoft and non-Microsoft endpoint client systems (ie: Macs, iPads, iPhones, Android) In the box (Office Servers 2013) client support for non-Microsoft endpoints with Apps on-premise

and in the cloud (Office 365) Social networking collaboration and communications, Improving existing communication processes

Created and Presented by:

Rand Morimoto, Ph.D., MCITP, CISSPAuthor, “Unleashed”-series / Sams PublishingPresident, Convergent Computinghttp://www.cco.com randm@cco.com

IT Strategies - 2014