IT in Europe - Final

compliance and risk
plus:
Framework: a ciSoS PerSPective overhaul comPliance anD itS imPlicationS For Data
IT in Europe
august 2012, volume 4
Gain a complete overview of European IT in todays marketplace.
n Data Protection
are shared n private broadband connections the future of Wi-fi on the go?
n inFraStructure
data n virtualisation on rise as etl alternative for data integration
n Data
additional n european resources
Storage
editors letter
compLiance and risk
home editors Letter data protection framework: a cisos perspective infrastructure overhauL data compLiance impLications for data storage are shared private broadband connections the future of wi-fi on the go? data virtuaLisation on rise as etL aLternative for data integration additionaL european resources
on the face of it, most information security experts will welcome the European Unions move to harmonise data protection regulation across the EU. The mix of differing rules and legislation can be a nightmare for any international company operating across Europe. But look deeper into the proposals and it becomes clear the EU wants more than just reducing bureaucracyits trying to force a change in mind-set for how organisations manage our personal data. The most contentious new rule is data breach notificationeffectively making it illegal for firms to hide a data loss. In recent years, we have seen the damaging effect on the reputation of companies that have been hacked and had customer data exposedSony, LinkedIn, RSA, Lockheed Martin, even the UKs HM Revenue and Customs if you go back a few years. So its understandable that firms would want to keep quiet about breaches, given all the bad publicity. But the EU is effectively say-
ing that the time for such secrecy has passed. Thats a big change in thinkingfrom putting in place plans to prevent anyone finding out about a leak, to having plans to mitigate the risks of such a leak knowing that every affected customer will be told about it. The small print of the legislation is going to be negotiated in detailand youll see plenty of lobbying from big business to water it downbut the EU should stand firm. In the digital era, data protection must be about protecting the data owneryou and menot the company that we pass that information over to. In this issue of IT in Europe, we examine the views of the experts on the new EU framework, and assess what it means for European IT managers. But read between the lines toothis is a sign of things to come for EU legislation and compliance in IT security. n
BrYAN GliCK
Computer Weekly Editor in Chief

IT In EuropE augusT 2012 2
dAtA ProteCtioN FrAmeworK: A Cisos PersPeCtive
data protection framework: a cisos perspective

Compliance and risk managers in Europe are facing one of the biggest challenges for decades as the region moves towards a new data protection framework. By Warwick Ashford
draft legislation was published in January, EU member states have been debating and negotiating changes to the way the principles will be implemented, which they believe could be fraught with difficulties. But while negotiations continue in Brussels, compliance and risk managers have no time to waste in preparing for the new rules that could come into force as soon as 2013. Despite the pressure on businesses and organisations in Europe to get their houses in order, the new rules may not be as big a challenge as most people think, accordince the
ing to Matthew Lord, chief information security officer at IT-enabled business services firm Steria UK. In fact, he believes, much of what is contained in the new regulations will be business as usual, and while other elements will require change, that change may not be as big as people think and could help support internal security risk management processes. Challenges will remain, however, especially if those lobbying Brussels are unable to get any real concessions on controversial requirements such as data breach notification within 24 hours. This could be challenging for many organisations, especially those that have traditionally
The Smarter Approach to Malware and Compliance

READ THE fULL SToRy In ITALIAn
IT In EuropE augusT 2012
accepted higher levels of risk by choosing to delay breach notifications or not to notify at all. They would rather risk being found out than risk damage to the companys reputation through disclosure. once enforced, the new rules will make breach disclosure mandatory in a short period of time, possibly forcing unnecessary disclosures or over disclosures as organisations will have little time to assess the real extent of the breach and establish exactly what data has been leaked. Security controls will at some point in time will change the way the business does business from the perspective that it wont be as dynamic as it once was. When you put in place risk processes they make people consider the impact of what they are about to do, and in some cases will stop certain behaviour which therefore limits parts of the business, said Lord. The right to be forgotten is another principle that will be tricky to enforce. It dictates that individuals can require erasure of their personal data and abstention from further distribution by the data controller. Where data was made public, the controller shall take all reasonable steps to inform third parties to erase links to, or copies of the data, and where the control-
ler authorised the publication, it remains responsible. The IT impact of that could be horrendous. I think [in the negotiations in Brussels] there is a piece about balancing up what is truly sensitive and what is not, said Lord. A good way for CISos to tackle the coming changes, he believes, is to look at what is going to be required of an organisation and to use that a guide for best practice where it differs from what the organisation is doing already. The debate will be about the 24-hour period, but European businesses will almost certainly join their peers in most US states in having to comply with mandatory breach disclosure, said Lord, so it would be a good idea to start preparing for that if they have not done so already. But for forward-thinking organisations, this should not be something new. At worst, it should be a question of re-prioritisation. Incident management is something that I think all companies work on to get right. All incidents follow a different path, but the cornerstone of how you handle incidents is pretty much the same: you get the right decision-makers in the room; you act on the information available, choosing to manage
Eurozone Crisis Hits IT Outsourcing

READ THE fULL SToRy
expectations internally and externally or not; then you begin the remediation path, said Lord. The effect of the proposed data protection framework should not be to introduce something new, but to highlight the importance of incident management and the need to improve existing processes. one of the first things I did when I came to Steria was to get ready people with the right expertise, internally and externally, should we ever need them, said Lord. Accountability is another key principle of the proposed data protection framework, and it requires data controllers to maintain documentation of all processing operations, conduct a data protection impact assessment for risky processing, and implement data protection by design and by default. Again, this is business as usual for me because as a CISo I am always going to say we should implement things securely, said Lord. But the new regulations, like the payment card industry data security standard (PCI DSS) and ISo 27001 data security standard, he said, will give CISos added authority when they tell developers and other teams in the business that it is important to build IT systems that are secure by design because
it is no longer good enough to react after an event or to trade off security against functionality. Is this changing the way I do things? not at the moment. But it does realign a couple of projects that I was going to do anyway. It formalises things, puts them on the starting blocks and gives me momentum to do it, in the same way that PCI DSS and ISo 27001 have done, said Lord. In fact, he says that standards like these are in a way the bigger challenge being faced by organisations in Europe than the proposed new data protection or any other regulation. What I am seeing increasing, particularly from our clients, is need to sign up to and conform to multiple forms of regulation or standards. I am seeing more traction from the PCI/ISo27001 type standards than I am from any specific piece of regulation outside banking, finance and government, which tend to have their own niche standards. According to Lord, one of the big dilemmas he faces as a CISo is the all the conflicting regulation and standards he has to face, but he has a solution: I think you have to track back and stick to the basics. If you look at frameworks like ISo27001, they give you a very good set of controls to operate
UK Fails to Impress in Technology Innovation League

READ THE fULL SToRy
to. If you set about putting those in place and make sure that you are disciplined about implementing those, then you stand a good chance of passing a lot of the regulation out there. Another big headache for CISos is that data protection rules in some parts of Europe are extremely rigid and prescriptive in contrast with the UK and other jurisdictions where the approach is more objective-based rather than prescriptive. Lord believes the new data protection framework will make life a lot easier by harmonising these requirements across Europe, reducing the amount of consultation he will have to do with in-country legal teams to ensure local compliance. This, however, will not necessarily solve the risk and compliance challenges posed by the UKs Computer Misuse Act and its equivalent in Europe, where each country has specific requirements. In Germany,
A Quick Guide to IT Security Information security and data protection is crucial for every business, as it is likely that your companys most prized asset is its data. Failure to secure your companys sensitive information could be damaging to its brand in addition to leading to possible legal ramifications.
for example, any results of security or penetration testing have to stay inside Germany. Sterias solution is to implement a set of general security controls that fit most organisations requirements, both government and commercial, which works for over 80% of clients and provides an easy measure for compliance. Where clients have additional requirements Steria implements those to ensure a 100% fit. Sometime we will adopt a countrys specific control because that is the right thing to do and we will change our global practice to align with that versus another control where we might say that that is quite prescriptive by nature versus the risk, said Lord. Where we find that another countrys piece of legislation conflicts [with Sterias default standard] and they want to set the bar higher, we normally consult with the in-country legal team to decide whether we have to do that or not, he said. from CISos perspective then, the coming EU data protection regulations should not mean radical change, but will help formalise, prioritise, support and ease the implementation best practice in data management and compliance by providing a single framework across all EU member states. n
Warwick Ashford is the security editor at Computer Weekly, a TechTarget publication, and a contributor to IT in Europe.
seCuriNG NosQl APPliCAtioNs: Best PrACtiCes For BiG dAtA seCuritY
infrastructure overhauL
A law firm upgraded its legacy systems and deployed a new data back up and disaster recovery strategy. Heres how it lowered costs and improved IT efficiency. By Archana Venkatraman
udget-strapped it
shops often delay infrastructure and systems upgrades, but investments in more efficient data centre hardware and software can result in significant cost savings and increased productivity. Barlow Robbins LLP Solicitors, based in Surrey, England, faced data backup challenges amid tighter budgets, growing data volumes and new EU regulatory and compliance laws that require legal firms to retain all client data for seven years. The IT team needed a robust archiving and backup tool to remain compliant and to reduce backup costs. Under its legacy IT infrastructure, backups took 36 hours and spanned across five tapes. Due to budget limitations, the firms IT systems hadnt been
refreshed for six years and administrators had to manage many disparate systemseach of which carried direct individual costs. only a third of its servers were virtualised.
investments in more efficient data centre hardware and software can resuLt in significant cost savings and increased productivity.
The IT team made its ageing systems more resourceful by putting plaster fixes across the infrastructure, but soon realised that such a stopgap strategy would not support growing volumes of data or
seCuriNG NosQl APPliCAtioNs: Best PrACtises For BiG dAtA seCuritY
expanding business. The firm had to upgrade its IT infrastructure to support growth and improve efficiency, and extend Barlow Robbins disaster recovery capabilities to include all of its systems.
one of the key benefits of the new infrastructure is that it can back up aLL of the firms data in 1.5 hours.
The main objective was to extend our data centre over two sites so that it was no longer running in an active/passive state, said Jon Williams, network manager at Barlow Robbins.
To address the semi-virtualised infrastructure issues, it installed a Quantum i40 tape library and virtualised the remaining servers. It then deployed Veeam Software backup and reporting toolVeeam (12 socket) B&R Enterprise; Brocade DS300 switches; and two Hewlett-Packard DL380 G7 servers to de-duplicate all data. All the tools are covered by MTIs three-year 24x7 support, Williams said. The financial terms of the MTI contract were not disclosed. These upgrades offered efficiencies and more. Were also seeing improved productivity as a result of the legacy systems upgrade and virtualisation, Williams said.
Backup and disaster recovery strategy yields more returns
overcoming performance and disaster recovery challenges
With a clear strategy and help of the cloud infrastructure consultancy MTI Technology, also based in Surrey, the IT team installed an EMC VnX 5300 SAn with local and remote protection.
Prior to the new disaster recovery project, Barlow Robbins used a host-based replication system for disaster recovery and business continuity. If that system lost contact with its primary data centre, the failover to the backup would take around four hours, Williams said. one of the key benefits of the new infrastructure is that IT can back up all of the firms data in 1.5
Case Study: LeMagIT

READ fREnCH CASE STUDIES
seCuriNG NosQl APPliCAtioNs: Best PrACtises For BiG dAtA seCuritY
hours, which shrank its backup window by almost 400%, he said. The failover time in the new system is about half an hourone eighth of the previous system. Another notable benefit is lower cost. The newly implemented data backup and disaster recovery strategy has already cut the companys operating expenses by 15% for financial year 2012-2013. We also have access to certain services all of the time from each site, Williams said. Previously, our DR kit had just sat idle collecting dust. IT is also able to store unstructured and structured client information on a single tape, as against five tapes it used previously. This helps IT admins save time on management tasks.
previousLy, our dr kit had just sat idLe coLLecting dust.
jon wiLLiams, network manager, barlow robbins
from a purely legal perspective, the benefit has been the resource application of our legal systems, Williams said. This time last year, I was probably spending up to 40% of my time gently massaging systems. This has now been reduced to as little as 5%. It basically means that I can now sleep easier, Williams added. n
Archana Venkatraman is the site editor of searchVirtualDataCentre.co.uK and a contributor to IT in Europe.
compLiance and risk channeL coverage

n
Budget Cuts increasing security risks Firms are making cuts to their budgets risking exposing themselves to more security risks and some of the money that is being spent is potentially being wasted on trying to confirm with unnecessary compliance regulations. regulatory Pressures reveal Poor risk management Controls A recent survey shows that in times of increasing regulatory pressures only a third of businesses think they have robust processes in place to manage governance risk and compliance. is Compliance Hype a Problem the Channel Can solve? one of the most challenging things about making sure a network or a business is secure is not just focusing on products. resellers would be wise to include the people element in their conversations too. n
dAtA ComPliANCe imPliCAtioNs For dAtA storAGe
data compLiance impLications for data storage

Read the European data compliance regulations you need to comply with and what businesses need to do with data. By Mathieu Gorge
explosion of data within organisations and the upcoming changes to the EU data protection regime, businesses need to become more proactive about their data storage strategies from a compliance point of view. To do that, businesses need to understand the European data compliance regulations they must comply with and the implications for what they must do with data.
ith the
What data storage compliance regulations do European IT departments face? Data storage regulations in Europe are currently driven by provisions of the EU Data Protection Directive and their respective applications in member states, by provisions relating to national directives around retention periods for financial
information and by other requirements stemming out of freedom of information frameworks as well as electronic commerce, cookie and e-discovery requirements. The current EU data protection regime requires organisations to take appropriate security measures to protect personal data. It is based around eight principles that drive the data protection regime which dictate how personal data must be acquired, maintained, updated, stored, protected and disposed of. Changes to the EU data protection landscape are driven by the upcoming EU Data Protection law which is due out late this year or next year and will be implemented at national level by member states in the subsequent 24 to 36 months. It is already clear that the EU data protection reform includes far-reaching proposals that will affect organisations that hold data
on individuals, including the burgeoning cloud storage sector. The first thing to note is that the regulatory framework is moving to a single regulation for the EU and is trying to keep up with a shift in which more data is kept in the cloud and therefore managed by a third party other than the original business that collected it, typically the data controller. In data protection jargon, this means that the cloud provider becomes a data processor and it must protect the information it handles and stores on behalf of the data controller. The responsibilities of data controllers are going to be increased. Theyll have to have policies and procedures in place and will have to demonstrate they have carried out staff training and checked that data processors are also taking appropriate security measures to protect personal data pertaining to customers, employees and contractors. from a cloud perspective, there will be a right to be forgotten and to data portability, which means that you are supposed, as a cloud provider, to be able to delete information about a person if they ask you to do so but also allow them to move their data from one cloud provider to another.
There are other regulations and parameters to keep in mind:

n
Using a cloud provider based outside the EU: Right now the EU provides very strong protection for personal data. If data belonging to EU businesses or citizens is stored outside the EU, the transfer of that data needs to be secure and data protection requirements at the other end need to be at least as strong as those in the EU. Some specific sectors and/or regions require data to be kept for a long time. for instance, in some regions financial services organisations may need to keep call recordings or tax information containing personal information Industry standards such as PCI DSS also provide additional requirements on what type of cardholder data may or may not be stored and how it is to be protected.
What are the key steps in ensuring your organisation is compliant with regard to the retention of data? Start with a clear data classification scheme. Data classification is how you take data that is being
British Airways and the Google Search Appliance

READ THE fULL SToRy In GERMAn
11
used within your organisation and organise it so the right people have access to the right data at the right time. organisations might want to classify data from a user-based perspective, from a security-based perspective or from an operations perspective, and the way you do this is by ensuring the right data is accessible by the right people at the right time. This eventually allows organisations to only store the right data in the right place with appropriate securityand for the right duration. What are the main technologies and processes that an IT department can employ for data storage compliance? The best thing to do is to start from a high level and to draw up ecosystem diagrams that map out the different silos and business units within your organisation and the wider enterprise. once youve done that, you can map the data flow within each of the silos and each of the actors in your ecosystem. Ensure this mapping includes devices owned by employees but which may be storing business data. from that arises a data classification scheme which takes every type of data pertaining to customers, users, suppliers, etcand allows you to apply the right levels of protection, storage and access. This is then complemented by a three-level structured data storage approach:
1. Policies and procedures. These must adhere to the provision of all legal and industry regulations and frameworks which apply to your organisation and the data it stores, transmits or processes. 2. technical solutions. These can include content filtering solutions preventing unauthorised data from leaving/entering your ecosystem, data encryption tools, data mining solutions, access solutions to ensure only the right people have access to sensitive data, data masking and data disposal solutions. 3. user training. This includes data protection training for processors and controllers, technical training for IT staff, C-level training on the impact of non-compliance with regards to data storage, business continuity training and testing to ensure your organisation is ready to address an e-discovery request or implement the right to be forgotten and portability provisions of the upcoming EU regulation The above structure needs to be maintained and updated on an ongoing basis as regulations around data storage keep evolving and regional differences apply within the EU. foreign laws may also apply to how your organisation must protect data it stores. n
Mathieu Gorge is the CEo of Vigitrust, a contributor to searchstorage.co.uK and IT in Europe.
12
uNiFied storAGe Goes mAiNstreAm
more european content from the techtarget network

wi-Fi
are shared private broadband connections the future of wi-fi on the go?
We analyse the growing trend of software opening up home routers for public Wi-Fi consumption. By Jennifer Scott
beginning to find its way into every corner of the UK. It is no longer the domain of the American-style coffee shop, with pubs, retailers and even theme parks offering their own connections. However, this is not enough for the data-hungry devices in most peoples pockets, and both consumers and business users are looking for connections on the move, not just over an espresso. Technology has now been developed to take advantage of existing residential Wi-fi connections, enabling customers signed up for
puBlic wi-fi is
home broadband deals with their internet service provider (ISP) to use other customers routers to connect to the internet on the move. In the UK, BT has its fon offering, in france there are similar deals available from three providers, and now a Swedish firm called Anyfi networks is testing its own software to enable the process without having to sign in through a Web portal each time you want to connect to a different network. The idea makes sense. As Anyfi says on its website, why invest billions of dollars in beefing up cellular networks for mobile data when there are Wi-fi networks with plenty of spare capacity everywhere? However, not everyone is so keen.
what aBout security?
firstly, there is the security aspect. We often hear horror stories of what can happen to personal data if you dont protect your Wi-fi connection, but by signing up to a
uNiFied storAGe Goes mAiNstreAm
service like this, it may feel like you are throwing open your doors to prospective cybercriminals. However, all the firms offering these services claim security is their number one priority and they go to great measures to keep users safe. Anyfi said its software creates a virtual access port to keep visitors away from the home connection entirely. The solution also routes the customer back to make its device think it is on its home Wi-fi network. As a result, it puts the same security measures in place as the customer uses at home, ensuring mobiles and tablets are protected from insecure Wi-fi. Likewise, when a BT user shares their connection, it is over a separate channel and does not mix the external user with the home customer, according to the telco.
what wiLL win peopLe round from aLL of these issues is the ease of use.
questions on how reliable the portable connections will be as well. But for someone passing homes in business hours and checking their office email when most are out at work, there should not be too many barriers to performance.
you shall have wi-fi wherever you go
what aBout performance?
If security is not an issue, what about performance? Surely passing on a portion of your bandwidth to the public is going to damage your experience on the Web? Again, however, those behind the technology say no. Both BT and Anyfi said they prioritise any data requests coming from the home environment, with the former claiming it is such a small amount of bandwidth that no effect would be felt by the user paying for the service anyway. of course, if so little bandwidth is being siphoned off, there are
What will win people round from all of these issues is the ease of use. The prospect of having Wi-fi wherever you go within Anyfis casea seamless transition between networks, will appeal to the social network-frenzied consumer as much as the workemail-obsessed professional on the go. Bjrn Smedman, CEo of Anyfi networks, said that Europe was much more positive about the trade-off, so the roll-out and adoption could be much faster on our shores. Its a little to do with culture, he said. The security of the product is perfect, but the psychology of the solution could be improved. Some people act instinctively, to say they do not want to use this type of solution, but we are more open to it in the EU perhaps.
rurAl BroAdBANdsHould resideNts PAY?
keep paying BroadBand customers happy
dAtA mANAGemeNt
The key is in implementation. BT faced a backlash from customers when Computer Weekly discovered it was automatically opting users into fon, with only very tiny smallprint detailing the service and a long line of URLs and website searches required to find out how to turn it off.
data virtuaLisation on the rise as etL aLternative for data integration

The Phone House and Novartis have turned to data virtualisation from Denodo and Composite to gain a single logical view of disparate data sources. By Gareth Morgan
data virtualisation is emerging as a possible technique for businesses to use in tying together disparate databases to become more agile in both their business operations and their data integration processes. Traditionally, companies have relied on data integration technologies, such as extract, transform and load (ETL) tools, to pull data from transactional systems and populate data warehouses for business intelligence (BI) and analytics uses. But for applications that require real- or near-real-time decision making, getting critical business insight out of an ETL-fed data warehouse can seem as effective as sending Lewis Hamilton out to qualify for a Grand Prix in an Alfa Romeo Series 1 Spider. The iconic 1960s roadster is a lovely machine, but one thats likely to fall far short of formula ones uncompromising need for speed. Another challenge for ETL processes is the increasingly large number of data sources that organisations are looking to tap. Such pressures are encapsulated by the pharmaceutical industry. Every
isps and mobiLe operators shouLd be open with their customers. the conversation may begin with the positives that opening up your wi-fi can bring.
other ISPs and mobile operators should learn from this lesson and be open with their customers. The conversation may begin with the positives that opening up your Wi-fi can bring, but they must fill in all the blanks so customers are happy and aware of what they are signing up for. If this rule is followed and the technologies continue to get easier to use, this could well be the path of all future public Wi-fi where it is better to share. n
Jennifer Scott is the networking editor for Computer Weekly and a contributor to IT in Europe.
15
year, billions of pounds are poured into research and development efforts, with companies hungering to create new and improved drugs that can provide booster shots to their businesses. Data is the lifeblood of pharmaceutical makers and there is no dearth of it for them to analyse.
pressure for real-time insight and increased business agility intensifies, and companies increasingly look to utilise external data sources, many IT chiefs are seeking alternative ways to deliver data to business users.
data is the LifebLood of pharmaceuticaL makersand there is no dearth of it for them to anaLyse.
As fatma oezdemir-Zaech, a knowledge engineering consultant at Switzerland-based novartis Pharma, explained, her IT team serves a research department that needs to pull data from a huge variety of sources. That may include troves of trial research from medical publishers or commercial data sources, along with an abundance of data from internal systems. our team has extensive experience and skills in using ETL, and there are procedures that can be done in a semi-autonomous way, said oezdemir-Zaech. But the more data sources we used, the more time it was taking to get the data in the format we want. Traditional data warehouses havent become redundant, said Gary Baverstock, UK regional director at data virtualisation vendor Denodo Technologies. But as the
data virtualisation keeps data in its place
one option is data virtualisation, which provides a layer of abstraction that can sit atop enterprise applications, data warehouses, transaction databases, Web portals and other data sources, enabling companies to pull together data from different systems without having to create and store new copies of the information. That eliminates the need to replicate data or move it from source systems, reducing IT workloads as well as the risk of introducing data errors. The technology also supports the writing of transaction data updates back to the source systems. This, proponents say, is one of the clear benefits that set data virtualisation apart from data federation and enterprise information integration (EII), two earlier techniques with similar aims of making it easier to analyse data from a disparate array of sources. While the three share some capabilities and are sometimes viewed as the same thing under different names, EII technology offered a read-only approach to data querying and reporting, said
Brian Hopkins, a US-based analyst with forrester Research. Data federation emerged more than a decade ago and was meant to do away with ETL tools, data staging areas and the need to create new data marts. But critics say its initial promise masked key weaknesses: Data federation software was ill-suited to very large data sets or environments requiring complex data transformations. Worse still, it was, in the minds of many, intimately linked to the world of service-oriented architecture (SoA). There were a lot of good things associated with SoA, such as the efforts to drive complexity from organisations IT infrastructure, break down the information silos and untangle the spaghetti diagram of IT architecture, said Baverstock. But as the economic winds shifted, these tremendously complex IT projects fell out of favour, as businesses focused on those efforts that would bring quick wins.
David Garcia Hernando, business exchange manager for The Phone House Spain. The retailer acts as an intermediary between its customers and the mobile operators. But, Hernando said, Phone Houses sales staff had
whenever you have manuaL data entry, youre going to create errors.
david garcia hernando, business exchange manager, the phone house spain
retailer looks to drive out data errors
The Phone Housethe trading name for the European operations of UK-based mobile phone retail chain Carphone Warehouse implemented Denodos data virtualisation technology between its Spanish subsidiarys transactional systems and the Web-based systems of mobile operators because of the dual read-and-write capability supported by the tools, said
to enter customer data into the companys internal systems and then rekey it into the mobile operators systems because the different applications could not talk to each other. Whenever you have manual data entry, youre going to create errors, said Hernando. Wed have customer records that didnt match those held by the operators, and that was costing us money. And with approximately 1.5 million transactions processed each year in Spain, cutting the data entry time in half was a huge productivity boon for the retailers sales teams. While there were simpler ways to achieve the integration, Hernando knew that the data virtualisation tools could provide other benefits too. our invoicing system and CRM systems are pretty good, but theyre 20 years old, so it can
be tough when you want to introduce new things quickly, he said. But thanks to the Denodo technology, we can create new reports wanted by the business really quickly. Phone Houses data virtualisation experience is typical of many of the implementations forrester sees. Most organisations get into data virtualisation for tactical reasons, but once thats done they find that the benefits of not having to physically move the data around for integration has much wider use cases, said Hopkins.
data virtualisation: no limits?
Its a similar tale at novartis, which implemented a data virtualisation tool from Composite Software to enable its researchers to quickly combine data from both internal and external sources into a searchable virtual data store. our particular challenge was taking vast column-based biological data sets from external sources and integrating that with our own oracle database, said oezdemir-Zaech. But Composite built us a proof of concept within three days. once we were able to get easy access to all those data sources, the idea really took hold. She added that with data virtualisation, there are no limitationsit doesnt matter whether the data sets were huge or tiny. for us, thats really important. Hitherto, organisations may have been tempted to make their
data easier to manage by undergoing a database consolidation programme. That has some obvious advantages, Hopkins said. But it is a massive undertaking, he said. Its hard enough for structured data, never mind the morass of unstructured data swirling around the enterprise. Data virtualisation promises to deliver some of the same benefitsmost obviously, the ease of analysing datawithout the burden of massive data and application integration. Such benefits, combined with the belief that tactical data virtualisation projects will give rise to more strategic programmes designed to treat data as a utility-like service, lead forrester to predict that the demand for data virtualisation is set to boom. It anticipates that organisations will spend $8 billion globally on data virtualisation licences, maintenance and services by 2014. Still, even data virtualisation vendors acknowledge that the technology isnt the answer to all data integration questions. Data virtualisation is not the apogee of information management that means you can do away with all the other tools youve relied on over the years, said Ash Parikh, director of product management at Informatica. Its like a Swiss Army knifethis is just one of the tools to get the job done.n
Gareth Morgan is a freelance technology journalist and a contributor to searchDataManagement.co.uk and IT in Europe.
18
AdditioNAl resourCes
additionaL resources
n
next Generation firewalls: Learning Guide IT in Healthcare Essential Guide: EU Data Protection Regulation How to Comply With the EU Cookie Law CW500: The future of Software Development London 2012 olympic Games Coverage Supplier Profile: IBM CW500: Managing Social Media A Beginners Guide to Virtualisation CW500: Data Centre Transformation
IT In Europe E-zine is a TechTarget e-publication. Contributors include: SearchSecurity.co.UK, SearchVirtualDataCentre.co.UK, SearchStorage.co.UK, SearchDataManagement.co.UK, Searchnetworking.co.UK, ComputerWeekly.com and Microscope.co.uk. Cathleen Gagne Editorial Director
home editors Letter data protection framework: a cisos perspective

n
Kayleigh Bateman Special Projects Editor Christine Casatelli Managing Editor linda Koury Director of online Design techtarget 3-4a Little Portland Street, 1st floor London W1W 7JB www.techtarget.com techtarget 275 Grove Street, newton, MA 02466 www.techtarget.com
2012 TechTarget Inc. no part of this publication may be transmitted or reproduced in any form or by any means without written permission from the publisher. TechTarget reprints are available through The yGS Group. About TechTarget: TechTarget publishes media for information technology professionals. More than 100 focused websites enable quick access to a deep store of news, advice and analysis about the technologies, products and processes crucial to your job. Our live and virtual events give you direct access to independent expert commentary and advice. At IT Knowledge Exchange, our social community, you can get advice and share solutions with peers and experts.
infrastructure overhauL data compLiance impLications for data storage are shared private broadband connections the future of wi-fi on the go? data virtuaLisation on rise as etL aLternative for data integration additionaL european resources
19

IT in Europe - Final

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

IT in Europe - Final

Încărcat de

Drepturi de autor:

Formate disponibile

compliance and risk

Gain a complete overview of European IT in todays marketplace.

data n virtualisation on rise as etl alternative for data integration

additional n european resources

compLiance and risk

Computer Weekly Editor in Chief

dAtA ProteCtioN FrAmeworK: A Cisos PersPeCtive

data protection framework: a cisos perspective

The Smarter Approach to Malware and Compliance

IT In EuropE augusT 2012

dAtA ProteCtioN FrAmeworK: A Cisos PersPeCtive

Eurozone Crisis Hits IT Outsourcing

IT In EuropE augusT 2012

dAtA ProteCtioN FrAmeworK: A Cisos PersPeCtive

UK Fails to Impress in Technology Innovation League

IT In EuropE augusT 2012

dAtA ProteCtioN FrAmeworK: A Cisos PersPeCtive

IT In EuropE augusT 2012

seCuriNG NosQl APPliCAtioNs: Best PrACtiCes For BiG dAtA seCuritY

seCuriNG NosQl APPliCAtioNs: Best PrACtises For BiG dAtA seCuritY

Backup and disaster recovery strategy yields more returns

overcoming performance and disaster recovery challenges

Case Study: LeMagIT

IT In EuropE augusT 2012

seCuriNG NosQl APPliCAtioNs: Best PrACtises For BiG dAtA seCuritY

previousLy, our dr kit had just sat idLe coLLecting dust.

jon wiLLiams, network manager, barlow robbins

compLiance and risk channeL coverage

IT In EuropE augusT 2012

dAtA ComPliANCe imPliCAtioNs For dAtA storAGe

data compLiance impLications for data storage

dAtA ComPliANCe imPliCAtioNs For dAtA storAGe

There are other regulations and parameters to keep in mind:

British Airways and the Google Search Appliance

IT In EuropE augusT 2012

dAtA ComPliANCe imPliCAtioNs For dAtA storAGe

IT In EuropE augusT 2012

uNiFied storAGe Goes mAiNstreAm

more european content from the techtarget network

what aBout security?

uNiFied storAGe Goes mAiNstreAm

you shall have wi-fi wherever you go

what aBout performance?

rurAl BroAdBANdsHould resideNts PAY?

keep paying BroadBand customers happy

data virtuaLisation on the rise as etL aLternative for data integration

IT In EuropE augusT 2012

rurAl BroAdBANdsHould resideNts PAY?

data virtualisation keeps data in its place

rurAl BroAdBANdsHould resideNts PAY?

retailer looks to drive out data errors

rurAl BroAdBANdsHould resideNts PAY?

data virtualisation: no limits?

IT In EuropE augusT 2012

home editors Letter data protection framework: a cisos perspective

IT In EuropE augusT 2012

S-ar putea să vă placă și