Steve Staso - Computing Solutions Strategist

Rarely in the history of software has a pile of code been as reviled as “Clippy,” the animated, googly-eyed paperclip Microsoft introduced in 1997, ostensibly to help users of Office. Time magazine dubbed it one of the world’s 50 worst inventions. The man who designed it boasted that his creation, at its peak, “was annoying hundreds of millions of people a day.” Even Microsoft itself ended up creating a self-mocking ad campaign around people’s frustration with this paperclip.

So what was the problem with Clippy? To put it simply: he was bloated.

Bloatware, also often known as feature creep, is when successive versions of a program siphon ever-more memory and processing power, slowing everything down without any noticeable improvements.

Bloatware is as big a problem as ever, as “helpful” software has migrated from the desktop to the phone and into the cloud and even software-as-a-service products. Bloated SaaS is particularly vexing, because these enterprise software packages were initially sold as a slimmed-down response to bloat. According to Gartner, “By 2023, organizations will overspend $750 million dollars on unused features of IT software.”

The time has come for the tech world to learn the lessons of Clippy, and cut out the bloatware.

Also see: 7 Digital Transformation Trends Shaping 2022

Bloatware has grown only more endemic, moving from targeting consumers to increasingly saddling businesses. For instance:

• Engineers cook up clever new tricks and features, which becomes the rationale for adding another twist to a product – rather than innovations users need.
• The salespeople need new features to show the world that a product is growing and improving, and then they upsell the latest release.
• Larger customers demand specialized features that are now part of the product everyone uses, resulting in customers paying higher prices for features they don’t need, want or use.

This bloated software has left IT departments wasting time configuring, unconfiguring and extending pieces of “functionality” that should have been configured correctly to begin with. These complicated, hard-to-manage packages and platforms interfere with an organization’s agility, leaving IT teams distracted from focusing  on what they need to do.

There are also security risks. Bloatware can expand a company’s attack surface, and an overly complex system is even harder to defend. It’s no surprise that data breaches are already on pace for a record year.

Also see: Digital Transformation: Definition, Types & Strategies

In the consumer world, utilities like Should I Remove It have gained popularity as consumers look for ways to delete unwanted apps. In the business world, a newer crop of streamlined SaaS products has emerged in the past decade to help small and medium-size businesses that don’t have the IT budgets to deal with bloatware caused by feature creep.

To keep bloatware at bay, IT practitioners should do the following:

• Make app rationalization a frequent and regular activity to review all SaaS applications.
• Regularly evaluate whether to keep, rip and replace, or retire an app. In fact, managing SaaS applications should become a key measure for IT, with a goal to have less.

Another key measure to establish should be at the adoption of an application, to see whether it is being used, and if so, determining whether all features are being used as well. If the app is not being used, it should be decommissioned. If all features are not being used, it’s a candidate for rip and replace.

It’s time to kill the creep and learn our lesson from Clippy and other offenders of bloatware past. To stop the bloat, we must create software that cuts straight to the core of what users need – SaaS that is easy to customize, efficient to manage and flexible to integrate. Now that Clippy is gone, we’re headed in the right direction.

Also see: Tech Predictions for 2022: Cloud, Data, Cybersecurity, AI and More 

About the Author:

Prasad Ramakrishnan, CIO, Freshworks

The post Stop the Software Bloat: Slim Down Your SaaS appeared first on eWEEK.

Enterprise IT teams are increasingly partnering with managed service providers (MSPs) to help their organizations thrive in today’s competitive market. Service providers combine industry-specific knowledge with technology expertise to ensure the continuous availability of enterprise services. This combination helps drive faster revenue growth and greater operational efficiencies for their customers.

Since MSPs need to handle both legacy and modern workloads across their customer base, they must have the right tools, applications, processes, and teams for delivering best-in-class managed services at the right value to customers.

Here are seven best practices for modern service providers to ensure rapid customer acquisition and lasting client relationships:

As service providers scale, they need to make sure there is no compromise on the quality of services delivered. Inconsistent service delivery can hurt customer renewals and net promoter scores (NPS).

MSPs should ensure service excellence by betting on artificial intelligence (AI), hyperautomation, and advanced data analytics to deliver managed services at scale, reduce repetitive work, and enable data-driven decision making. Service excellence will also help MSPs lower client churn, increase retention rates, and expand the share of wallet across their customers.

Also see: Top Cloud Service Providers & Companies 

With the adoption of agile development and DevOps practices, enterprises are increasingly able to quickly build and upgrade their applications. MSPs should take an aggressive approach to help their employees upskill and become more productive to keep up with customer expectations.

Service providers should use micro-learning training that combines topical information with short-term activities for faster acquisition and retention of knowledge. They should also fund professional boot camps and certifications in areas such as cloud, containers, DevOps, and security, so employees can master new technologies and be seen as trusted customer advisors.

A recent survey by research firm EMA found that 64% of enterprises use between four to 10 distinct monitoring tools.

Given this tool sprawl, it is the service provider’s responsibility to deliver a centralized platform that can integrate with tools and offer unified visibility and control across hybrid environments. In this way, MSPs can transform swivel-chair IT operations to be more proactive with operations, enabling the ability to monitor and optimize distributed workloads with a platform-centric approach.

Also see: Best Practices for Multicloud (That Cloud Providers Prefer You Not Know) 

Service providers used to work on break-fix contracts, which required charging for ad-hoc managed services. Enterprises are increasingly shifting from reactive support to proactive managed services.

Outcome-based managed services result in the long-term alignment of interests between clients and providers, ensuring resilient infrastructure and peace of mind for customers. MSPs that embrace recurring revenue models can shift from project-based services to long-term engagements that deliver greater financial predictability, faster revenue growth, and higher customer satisfaction.

Investing in marketing can help customers understand a provider’s solution offerings and the specific expertise they can leverage.

MSPs should strive to continuously boost the level of awareness around their service offerings. They should educate customers around their differentiated capabilities, which will ensure long-term relationships that deliver sustained growth and overall profitability.

Also see: Tangoe Report: Pandemic Caused Major Shifts in IT Spending 

Customers are looking to work with service providers that can accelerate cloud migration initiatives using pre-configured assessments, packaged tools, and standardized best practices. This can help organizations drive faster innovation, reduce technical debt, and embrace disruptive business models with cloud migration and application modernization initiatives.

Organizations are tired of dealing with multiple service providers, software vendors, and equipment manufacturers that create complexity in managing, licensing, pricing, and contractual obligations. Service providers that can work with their customers to create transparent contracts across different vendors that are tailored to their needs will experience greater traction.

Managed service providers need to be more agile, flexible, and service-oriented than the IT organizations they work with. Service providers that adopt these seven best practices can help their clients innovate and meet business objectives at breakneck speeds. As a result, highly effective service providers will witness significant growth, competitive differentiation, and stickier engagements in a hyper-competitive market.

Also see: How Distributed Cloud Computing Drives IT Automation 

About the Author:

Prasad Dronamraju, Solution Architect and Technical Product Marketing Manager, OpsRamp.

The post 7 Best Practices for Successful Managed Service Providers appeared first on eWEEK.

AMG (Amazon, Microsoft, Google) announced their quarterly financial results over the past couple of weeks. The companies’ cloud financials were, in a word, spectacular.

Looking at AWS, which is a bellwether for the sector, it turned in $17.8 billion in revenue for the quarter, and its growth rate inched up to 40%, which is 1% higher than last quarter, and a full 12% higher than the year ago quarter.

Taken overall (see table below), AMG delivered $34.3 billion in Q4 revenue, with an average growth rate of 43%.

Also see: Top Cloud Service Providers & Companies 

We have become so inured to the scale and growth rate of AMG that it’s easy to overlook just how astonishing these results are. 

The fact is, these are very, very large businesses. AWS pulled in more revenue than IBM, which is number 42 on the Fortune 500 list. Even Google’s cloud business, number three of the big three, is a huge business.

Even more astonishing is their growth rate. An average growth rate of 43% means these huge businesses are going to be, well, even huger in short order. AWS should see around $70 billion in revenue for 2022; if it continues to grow at a similar rate as 2021, it would see 2023 revenues of just over $100 billion, good for 27th place on the Fortune 500. Microsoft and Google’s cloud revenues would place them well up the list as well.

Also see: Why Cloud Means Cloud Native 

One might attribute 2021’s very high growth rates as an exogenous boost due to the COVID pandemic. After all, AMG growth rates were lower in 2019 and early 2020 before the pandemic quickly grew the use of online services, most of which were deployed in one of the big three providers. So with the (fingers crossed) move back to more typical living patterns, perhaps the demand fueling these high growth rates will abate and they will drop back to pre-COVID levels. 

Another reason growth rates might drop is the sheer difficulty of continuing such high growth rates. The larger an organization is, the harder it is to grow. While AMG might not need to grow headcount over 40% to support 43% growth, it’s clear that each of them is adding thousands of staff per year. Recruiting, training, and integrating that many new people might impose a limit to AMG growth.

Beyond that, the sheer difficulty of organizing and coordinating so many people, so much technology, and so many business initiatives might prove so difficult as to reduce organization efficiency. This would constrain AMG capability of serving customer demand, even if it still supported 40+% growth opportunities.

Summed up, will the ‘law of large numbers’ catch up with AMG and drop their growth rates to a more pedestrian pace? That would change the nature of these companies – they would still be large and very impressive businesses, but they would come to resemble other commercial behemoths like Toyota or McKesson: impressive but unremarkable as business entities.

What is the perspective on potential growth rates from the providers themselves? After all, they should have a good understanding of demand curves.

With the experience of supporting millions of customers onboarding onto their platforms, they have insight about usage patterns and growth rates. They also are able to forecast new customer growth based on sales interactions. And they all have very sophisticated strategy and economics groups that model a range of exogenous factors that might affect customer adoption and growth.

Given all that, what do AMG believe about their future prospects?

In the words of the old classic, they believe their future’s so bright, they gotta wear shades.

How do we know this? We look to see what the investment in their future looks like by examining their capital investment. The past few years have seen significant growth in all three providers’ capital spend, with all three topping $20 billion for 2021, with Amazon putting nearly $60 billion of capital to work last year. That may be a record for a single company’s one year capital investment.

Of course, the year’s investment is not exclusively dedicated to any of the three’s cloud computing services. Each operates significant online properties not related to providing computing services. Amazon also invests in a lot of real estate in the form of fulfillment centers, nearly doubling its total number of centers over the past two years.

Nevertheless, a significant portion of each company’s total capital investment last year was spent on its cloud services. Even if only a third of $20 billion was invested in each company’s cloud services, that still is a huge number, demonstrating confidence that sufficient demand will exist to justify the investment. 

In a phrase, AMG believe “if you build it, they will come.”

Also see: Best Practices for Multicloud (That Cloud Providers Prefer You Not Know) 

The huge revenue numbers, accelerating growth rates, and confidence in future growth implied by enormous capital investment mean one thing: enterprises are increasingly shifting their application deployment strategies to a cloud-first – or, indeed, a cloud-only – future.

My sense is that many enterprises have reevaluated their previous strategies and shifted from an assumed 80% on-prem and 20% cloud deployment assumption to a 20% on-prem and 80% cloud assumption.

Obviously, this aligns with the large capital investment dollars being spent by AMG.

But from the perspective of enterprises, this shift carries knock-on, or second-order effects.

First, enterprises will need to develop plans on how to manage such significant migrations. For every application currently deployed on-prem, they will need to decide where it will live in the future. Given that most enterprises pay scant attention to existing applications in favor of focusing on new or more-frequently updated apps, this will require significant employee and leadership mindshare over the next couple of years.

Second, the pace of AMG growth means that corporate data centers are going to be emptied in favor of using provider infrastructure. Enterprises will need to balance depreciation schedules, new contract signing with one of the big three, and real estate disposal opportunities to decide how quickly to make the redeployment decision. And as with any rapidly-changing market, those who leave it late will get the worst terms, with asset write-offs in the offing.

Third, enterprises will need to develop application architecture plans for what to do with existing apps. Most of them were designed for a world of constrained, static infrastructure, and are ill-suited for transient resources in a world of effectively infinite capacity. Which ones should be dropped with little change into cloud environments, despite suboptimal results, and which ones deserve greater investment to retool them to better integrate with cloud infrastructure?

Finally, enterprise IT organizations must create a cloud-ready workforce. Many staff members have skills attuned to the traditional practices of old-style applications and infrastructure. In the future 80% of employees will need cloud skills.

I’ve seen how this skill transformation can be implemented, and it requires just as much investment as the applications with which these employees work. Many IT organizations fail to develop the comprehensive plans needed to support a 20% on-prem / 80% cloud future, but failing to do so consigns the organization to years of poor migration execution. 

Also see: Tech Predictions for 2022: Cloud, Data, Cybersecurity, AI and More 

The post Cloud Providers Deliver Spectacular Earnings: What’s It Mean for Customers? appeared first on eWEEK.

It’s time for all cloud service providers to look beyond the mirage of cost savings as the raison d’etre of cloud and embrace cloud-intelligence as a core strategy in a cloud-native world.

Survival in a rapidly changing, digital world depends on service providers’ software delivery capabilities. Delivery capabilities drive customer delight (or frustration), enable business agility, and ultimately hold the key to the service providers’ ability to compete.

Cloud-native software and delivery models (agile, DevOps, cloud-intelligent approaches) have set the bar higher for customer experience and expectations. These are imperatives service providers cannot ignore, hiding behind the price tag as justification.

Also see: Digital Transformation: Definition, Types & Strategies

According to a McKinsey study (2021), 75% of cloud’s predicted value is derived from cloud-afforded innovation.

As McKinsey puts it, “The emergence of this immense value pool comes at a time of increasing competitive pressure on companies. Fast-moving digital players are creating a fluid business landscape and accelerating the pace of change. For CEOs, cloud adoption is not just an engine for revenue growth and efficiency. Its speed, scale, innovation, and productivity benefits are essential to the pursuit of broader digital business opportunities, now and well into the future. Yet an overly narrow view of cloud-value economics and where value exists, often keeps companies from achieving the desired outcomes.”

What McKinsey found is that evaluating cloud adoption for the cost not only misses the point; it stifles the possibility of creating value.

Cloud intelligent companies operate on a different wavelength from legacy organizations. Below are just some of their distinguishing patterns of behavior:

• Decentralizing decision making. Those that crave agility cannot retain constricting hierarchical structures. To keep up with the rapid rate of cloud computing change, organizations must learn to rescind centralized control (which is not always easy in legacy enterprises) and delegate decision-making to lower levels of the organization and team.
• Adopting a culture that encourages experimentation and innovation. Adopting cloud and tools like canary testing reduces the cost, risk and time to innovate.
• Establishing tailored cloud strategies that address specific business goals. For example, building a strategy to ensure future rapid delivery of innovative and differentiated products and services.
• Focusing on the people and process aspects of cloud transformation. Don’t focus on just the technology. In cloud adoption projects that failed to achieve their goals, a substantial portion of blame is invariably laid at the door of the people and organization that did not change.
• Freeing up developers’ time. Organization must allow developers to focus on what they should be doing i.e. building new experiences and features instead of spending time on non-functional activities. This can be achieved several ways, such as:
  • Automating duplicate, time-consuming, manual complex and monotonous tasks.
  • Building optimized pipelines.
  • Reducing the time needed to prototype new business ideas.
  • Investing in a standardized, automated cloud platform that improves productivity and delivery.

Clearly cloud costs must not be ignored, but viewing a strategical transformation purely through the lens of cost ROI is a rookie mistake. Organizations that do not adopt cloud will not fare better in the long term; they will soon find themselves facing rising costs from bloated IT organizations forced to devote resources to repetitive manual tasks.

CSPs must look at the broad definition of Return on Investment and not be blinkered by the dollars. And they must make this change soon – or risk demise at the hands of disruptive, agile competition.

Also see: Best Practices for Multicloud (That Cloud Providers Prefer You Not Know) 

About the Author: 

Oren Betzaleli, GM, Amdocs Cloud

The post Cloud Migrations: Look Past the Mirage of Cost Savings appeared first on eWEEK.

Compared to the previous generation, today’s generation of startups are increasingly cloud-centric. The previous generation of dotcoms had to suffer the economics and complexities of deploying, managing, and scaling their own servers, networks, and data centers.

In contrast, today’s generation grew up in the just-in-time, pay-for-what-you-need, and scale-up-on-demand world that is cloud native.  

Also see: Why the Future of Computing is at the Edge

But over the last two years, businesses have largely opted for edge-enabled, serverless infrastructures. This means there are no servers to manage; no locations to spin up; and most importantly, no cloud computing contracts to analyze.

With edge-enabled, serverless infrastructures, businesses can benefit from faster and more stable API performance and a decreased need in infrastructure support and annual spend.

As a software practitioner for more than two decades, I have been through more “paradigm shifts” in computing than I can count. But I can confidently say this: The future of computing for an entire generation of companies will be “edge-native,” and the traditional cloud is the platform that will lose. 

Also see: Top Edge Computing Companies 

One of the main problems with paradigm shifts is that there are so many new technologies that emerge in the early stages. The same has been true for edge computing, with numerous companies offering “edge-compute” solutions that run on new infrastructures, telecommunications providers, and even cloud-computing companies.

When we talk about edge computing companies, we’re describing the ability to run code at the network edge—specifically the content delivery network (CDN) providers.

CDNs have been around since the beginning of the Internet. The major players (Akamai, Limelight, Cloudflare, Verizon Edgecast, and Fastly) have been helping customers ensure content is delivered quickly to customers by ensuring a large distributed global cache of servers.

In the old model, these providers simply stored data for companies, ensuring that as customers visited websites or downloaded software, the response times were fast because the server itself had the content as close to the customer as possible.

Also see: Will Edge Computing Devour the Cloud? 

One change is that these server resources and the content delivery network itself are now programmable. This allows companies to move core API services off of centralized cloud servers and onto the existing globally distributed networks that the CDNs operate.

With edge solutions, companies that could only run servers in limited locations now have the ability to run APIs at a much larger scale, increasing user response speeds and the company’s global footprint.

The second major change is how the code itself is deployed. With cloud computing, you’re renting a server and running your code on it. With edge computing, you simply deploy your code to the platform, and the code is automatically run on the nearest server across the regions.

This idea, called serverless compute, is also offered by the cloud providers (AWS Lambda, Google Cloud functions, and Azure Functions). But with the edge platforms, these functions now run across a global fleet of servers with zero management overhead.

Changes in the technology landscape are dictated by the economics they offer, not just the innovation behind the product. 

When cloud computing came to market, the economic advantage was instantly obvious. Cloud computing gives users the ability to swap high upfront investments in their own server and network infrastructures for zero upfront. They use on-demand leases of compute power that can be paid with a credit card. The adoption was driven by economics, not the technology.

With edge computing, we are seeing similar economic staying power. Cloud-computing companies buy server and data center infrastructure in bulk to support resales as capacity. Edge platforms, like CDNs, are using edge computing to drive additional value on existing infrastructure, which in turn lowers the cost required to provide compute services to customers.

CDNs are fundamentally simple servers: They hold copies of data (storage/memory), they look up requests for said data (CPU), and then return the data to the user (network). There are also a number of free CPU cycles available throughout the day, as most retrieve and transmit actions require less CPU power than running a full database engine.

With serverless models, CDN providers are able to further monetize their existing capacity, allowing for meaningful economic impacts downstream.

As companies expand globally, cloud-based bandwidth costs will only increase, whereas such costs are not even a factor in edge-native pricing. In addition, edge-native solutions dramatically lower management costs (no servers to monitor), scale rapidly at a global level (code runs near users automatically), and simplify billing.

For startups looking to offer low-cost solutions on a global scale, the simplicity and economics of the edge-native model is compelling. As the next generation of startups comes of age, we expect to see many adopt a cloud-free model.

We’ve seen the future of the cloud—and it lives on the edge. For businesses, this is a faster, more scalable, and dramatically cheaper solution to modern computing needs.

Also see: Why Cloud Means Cloud Native 

About the Author: 

Jake Loveless, CEO, Edgemesh 

The post Why Edge Computing Will Overtake the Cloud appeared first on eWEEK.

Looker and Tableau are two premier business intelligence and data analytics applications. Both deliver a remarkable array of powerful features and capabilities, including strong data ingestion, sophisticated dashboards, rich data visualizations and leading-edge features that tap machine learning (ML).

In addition, both Looker and Tableau are highly rated by user communities, including in key areas such as security and access controls, the quality of technical support and the strength of the peer user community.

Yet there are key differences between the two platforms. As with any software, it’s important to understand how your organization consumes and processes data, what objectives you have and what each of these packages offers. With this in mind, here’s a look at the strengths, weaknesses and potential use cases for Looker and Tableau.

Also see: Best Data Analytics Tools 

What makes Tableau so appealing for so many businesses is the ability to view a rich and varied array of data visualizations.

The platform offers unsurpassed flexibility along with advanced tools for handling almost any type of data and level of complexity, across industries. Visualizations are presented via a desktop app in the form of graphics, charts, infographics, heat maps, clusters and numerous other representations.

The images are easy to modify, adjust and adapt as trends change. While the platform is ideal for data scientists and more technical users, it’s easy enough for business users to use. Tableau has an edge over Looker in areas such as interactive visual exploration and analytics dashboards.

The Looker BI platform, now part of Google Cloud, delivers sophisticated yet user friendly drag-and-drop data modeling, though the application tends to focus more heavily on the needs of IT teams and BI analysts.

Cloud-only Looker pulls data from a centralized and dedicated database, and thus offers real-time visibility and a single source of truth. The solution provides a visually appealing and flexible dashboard (Looks) that connects to numerous data sources and cloud frameworks. It delivers a rich array of highly adaptable and attractive visualizations for technical and line-of-business users, and it offers an extensive modeling language. Looker prevails over Tableau in two key categories: content creation and consumption.

Also see: Top Data Visualization Tools 

The Tableau solution delivers native collectors for a wide array of sources and applications, including Microsoft Excel, SQL Server, Google BigQuery, Snowflake, SAP HANA, Salesforce, Splunk and Amazon Redshift. Yet, it also can pull data from Dropbox, Box, Google Drive, OneDrive and many other file and data storage repositories.

As part of Salesforce, Tableau delivers integrated BI with the popular CRM platform. It also integrates with Slack. There are data science integrations, dashboard application integrations and embedded analytics capabilities that can be tied to web portals and customer-facing products.

In addition, the platform offers Snowflake and dimensional data models that connect to data warehouses and other repositories. This allows it to accommodate large volumes of data. Tableau is a clear winner for use on desktops as well as iOS and Android mobile devices. It offers highly rated apps, including one for CRM.

An obvious advantage of Looker is that it ties into Google products, including BigQuery. However, with a rich and open set of APIs and native connectors, Looker pulls data from any SQL database as well as popular platforms and applications like Magento, GSuite, LinkedIn, Shopify, ADP, Snowflake and Zendesk. It also allows connections through third party applications such as Green Plum and Amazon Athena.

Data modeling is based on LookML, a machine learning framework that delivers powerful features and a flexible framework for analytics. LookML includes more than 100 pre-built modeling patterns called Looker Blocks.

The Looker platform can intelligently scan and discover data and then infer relationships between tables in a scheme to automate model building. Looker offers a mobile app for iOS and Android. One downside: the product can present some challenges for those accustomed to working with OLAP cubes. Users must rely on a mobile browser. However, Looker wins out for self-service data preparation and the ability to embed analytics content.

Also see: Top Data Modeling Tools 

Part of the appeal of Tableau is that it uses system resources efficiently. It doesn’t push the limits of system memory and it processes large volumes of data relatively fast.

Users are attracted to Tableau for several other reasons: it delivers excellent functionality, the software supports large and diverse volumes of data, it operates well with a large number of concurrent users, and it integrates with virtually any infrastructure, including both Windows and Macs. Tableau rates slightly higher than Looker in categories such as report creation and data sharing.

The Looker platform receives fairly high marks among users for overall functionality and performance. It runs on Windows, Macs and Linux systems. It integrates well with other enterprise software, including various analytics tools.

Looker generally uses system resources efficiently, though some users complain about data load times and processing speed for ultra-large data sets. There are also some complaints about bugs within the dashboard and other parts of the application. One area in which Looker beats out Tableau handily is the cloud BI space. Since the application is cloud native and specifically designed for cloud processing it delivers a more flexible environment for cloud-centric organizations. 

Also see: What is Data Mining? 

The Tableau BI platform receives relatively high marks for its security and usage administration framework. Tableau provides an extensive collection of tools and features designed to simplify security and account administration. These include control over authentication methods, various filters, and restrictions on the availability of row-level security.

In addition, the platform offers sandboxed extensions, network-enabled extensions and an array of other protections, including encryption at rest. On the governance front, Tableau includes tools for defining and managing data and content. It can adopt schemas based on Snowflake and Star, along with more complex multi-fact models.

Looker user communities give the platform top ratings for its security and governance framework. Looker incorporates security development lifecycle principles (SDLC), which include static and dynamic scans and extensive code reviews.

Looker offers a wide choice of authentication methods, including 2FA, LDAP, Google OAuth, or SAML. It includes numerous tools for managing database and user security, including IP whitelisting, AES 256-bit data encryption along with TLS 1.2 between the database and the browser, filters for model-set security and user attributes and various content security features. The latter includes the ability to make content completely open, open with content restrictions, and closed. The platform also delivers strong governance features. It is HIPAA compliant, and it provides strong support for GDPR and other data regulations.

Also see: Guide to Data Pipelines 

User communities report that Tableau delivers top-notch service and support. The company receives high grades for timeliness of responses and quality of technical support. In addition, more than 90% of users at Gartner Peer Review says that an additional support package they purchased was worth the price.

Customer support operates during standard business hours (8 a.m. to 5 p.m.), though customers have the option of purchasing extended support and premium support. The latter promises a 30-minute reply and 24×7 mission critical phone support. Tableau offers an extensive online support site, with easy-to-find links for support, drivers and known issues. Users also find the quality of the peer user community valuable.

Because Looker is now part of Google, organizations using Google products, including BigQuery, will have a much easier time managing service and support in a consolidated way.

However, Looker has a somewhat idiosyncratic support framework. Its Department of Customer Love (DCL) doesn’t operate a standard ticketing system; it revolves heavily around in-app chat and messaging to address problems. On the upside, the online help center offers extensive articles and documentation for development, APIs, administration, troubleshooting and more. Users find the peer community valuable. 

Also see: Guide to Data Pipelines 

A free trial version of Tableau is available. Pricing varies depending on the specific product and how it is deployed. For example, Tableau Creator (which includes Tableau Desktop, Tableau Prep Builder and a single license for Tableau Server or Tableau Online) is $70 per month per user when billed annually.

Likewise, a free trial version of Looker is available. Looker offers subscription pricing that depends on several factors, including the size of the organization. Typically, licensing costs $300 per month per user for up to 10 users, and $50 per month per user after 10 users.

Also see: What is Data Analytics? 

Both packages deliver top tier BI capabilities and deliver broad and deep insights, rich visualizations and powerful reporting. Both BI solutions offer strong security, support and large user communities. If your organization benefits from an extremely powerful and easy-to-use solution slanted toward non-technical users, consider Tableau.

If your business is focused more heavily on a data-science framework or cloud-based framework that incorporates Google (but extends outward to other services and applications) it’s likely you will find Looker more appealing.

The post Looker vs. Tableau: 2022 Software Comparison appeared first on eWEEK.

Programs for tech vendors’ partners don’t receive as much attention as they should. That’s mainly because as business-focused organizations, partners such as solution providers, Value Added Resellers (VARs), cloud service providers (CSPs) and OEM-focused players live and work beneath the radars of most traditional media outlets.

In addition, much of the work partners perform is done behind the scenes where they smooth rough edges, ensure that products and services perform correctly and help their customers shine.

But the vital importance of partners cannot be overstated, especially for vendors like Dell Technologies, whose years of partner development and investment have resulted in a global ecosystem that delivers over half of Dell’s orders revenue. This week, Dell’s Global Channel Chief, Rola Dagher, revealed enhancements designed to streamline partners’ experiences and help them grow and transform their businesses in 2022. Let’s consider what she and Dell announced.

Also see: Tangoe Report: Pandemic Caused Major Shifts in IT Spending

In a blog outlining the program changes, Dagher noted two elements designed to streamline the way partners interact with Dell.

1. There will be a single incentive structure with region-specific rates that are consistent across all partner tracks.

2. There will be a single set of revenue and training requirements for partners.

In other words, partners such as VARs, CSPs, OEM partners, and those who combine disciplines and services, should have a better understanding of where they stand in terms of payments and incentives, as well how they are required to perform before they pursue or begin new projects.

According to Dagher, that will enable partners to “focus on positioning the best solution for their customer, while earning consistent, lucrative incentives, regardless of route to market.”

Dagher also described enhancements to other program areas:

• Doubling down on growing partner-led storage engagements with a 5X tier accelerator for mid-range (PowerStore and Unity XT) solution sales and a new 2% incremental rebate kicker for completing acquisition and tech refresh deals.
• Simplifying the competitive swap and tech refresh processes and extending tech refresh with server sales leads.
• Investing heavily on updates to Dell’s Online Service Calculator (OSC) and added dedicated team members to speed and ease storage price quotes.
• Expanding the “Access for VMware” program, which provides license resell and rebate to all eligible metal tiered partners.
• Expanding the new business incentive for client solutions to include Dell displays and client peripherals to support engagements across Dell’s entire portfolio and encourage cross-sell motions.

Additionally, Dagher noted that partners can take advantage of Dell’s environmental, social and governance (ESG) strategy by applying earned funds to efforts like sustainability and recycling initiatives, eWaste programs and funding medical breakthroughs.

Dagher’s blog also included testimonials from key Dell partners, including CDI, Softcat, Computacenter, Synnex and Sumo Tech.

Also see: 7 Digital Transformation Trends Shaping 2022

So, what are we to make of this streamlining of Dell’s global partner program? First and foremost, the new and updated changes Dagher discussed underscore the important role of consistency in partners’ organizations, whether they are VARs, CSPs or OEM-focused companies.

Because of the entrepreneurial nature of their businesses, channel partners tend to look for consistency and predictability as much as tidy incentive programs or hefty rebates. That doesn’t mean that partners turn a blind eye to profitability. But Dell’s streamlined program demonstrates how a vendor can ensure that partners clearly know where they stand as they prepare and pursue potentially lucrative deals.

These changes are also likely to provide benefits to customers. By simplifying and making its program more flexible to the needs of the channel, Dell is helping to minimize or eliminate any confusion that might distract partners from doing what’s best for their clients.

Overall, Dell’s streamlined program seems likely to benefit and be welcomed by channel partners of every kind.

Also see: Tech Predictions for 2022: Cloud, Data, Cybersecurity, AI and More 

The post Dell Technologies Streamlines and Simplifies Global Partner Program appeared first on eWEEK.

For years, the typical IT department had a vital yet simply defined role — network installation, maintenance, and support — outside the scope of other business units. But with digital transformation driving every industry, the role of IT — and the leadership strategy of the CIO — has evolved from an in-house  utility to an integrated business function explicitly tied to the organization’s goals.

According to Deloitte, the CIO has steadily become a business-savvy technologist focusing team resources on driving innovation that melds business priorities and the latest technologies. To better understand this shift, let’s first consider how IT organizations have changed, and then look at the impact these changes will have on businesses in the future.

Also see: 7 Digital Transformation Trends Shaping 2022

IT organizations have increasingly become change influencers focused on top-line business revenue rather than solely on business process automation and cost reduction. So as CIOs continue to watch costs, today they also pinpoint ways to generate business value. Over the last several years, CIOs have told me they will no longer execute cost-cutting measures without a tangible business outcome.

To ensure success, collaboration is needed between IT management and the rest of the business. No longer should IT be relegated to a silo isolated from the rest of the business. Today’s CIOs need a strategic seat at the table for business decisions intended to boost employee morale and enable the workforce of the future. They need input on the technology and tools empowering employee engagement.

This means they should commit fewer resources to the “factory” of IT. Because basic infrastructure and functions have been commoditized — and should increasingly be outsourced — IT efforts should instead focus on partnership and innovation of the business.

A great example is cloud adoption. As CTO Stephen diFilipo notes, “Traditional ROI does not apply to cloud solutions. The cloud ecosystem requires a nuanced approach to finances, revenue, and cost. A new model is required.” Today, IT organizations need to allow cloud vendors and other partners to do the heavy lifting unless it’s a task unique to the company.

Meanwhile, CIOs need to support and encourage distributed ownership for business-tool implementation. As companies focus more on revenue-generating and customer-facing tools such as CRM, ownership and implementation of these systems need to transfer to specialists in the business. CIO Paige Francis summarized this evolution: “The challenges faced by anyone failing to embrace this new paradigm would only confirm the urgency of a business partnership with IT.”

Also see: Top Digital Transformation Companies 

Some organizations stubbornly retain their historical view of IT, but there’s optimism that the pace of digital disruption will dispel territorial attitudes.

Many of the same CIOs who found it difficult for their teams to integrate with the rest of the business were offered opportunities to prove their mettle during COVID-19 — but the seat-of-the-pants strategizing of the past two years is neither reasonable nor sustainable for the future. The increased recognition of the CIO’s role during unprecedented circumstances has been welcome, but organizations need to plan for a more integrated IT role for transformation once processes return to a normal pace.

At the same time, the business needs to fully recognize IT as a transformational partner that not only solves problems, but foresees and mitigates challenges before they arise. As former CIO Tim McBreen says regarding the COVID-19 crisis, “The external business has been ramping up their expectations of IT as it grows into a more competent delivery and service organization that can speak their language and move with them. For this reason, the business expects more today.”

With this in mind, what should today’s CIO look like? Running an IT group requires diplomacy, an understanding of the overall business, and technological fluency — not just the ability to make sure the network trains run on time.

CIOs demonstrating business, finance, and leadership skills — as well as the companies hiring them — have thrived. The pace of digital disruption is just too fast to settle for a CIO whose skills lie in just the technology basket.

“Tech wizardry isn’t enough for today’s CIO,” says CIO Carrie Shumaker. “CIOs need to engage in strategy and focus beyond operations.”

Also see: Digital Transformation: Definition, Types & Strategies

Likewise, the IT team requires a skill set beyond understanding technology and completing projects — CIOs should hire people who can ideate and execute. DevOps is today’s mantra.

Additionally, the IT team requires soft skills. Of course, technical knowledge and coding experience will always to be important, but leadership, empathy, and critical thinking are critical, too. To embrace diverse hiring practices, IT needs to hire for potential and foster on-the-job training to fill any gaps. Hiring people without traditional IT backgrounds is possible today because there is less infrastructure to run and more low-code, business analysis to execute.

Put together, success today for organizations undergoing digital transformation requires more of the following:

• Contract and vendor management
• Product management
• Data analysis
• Digital marketing

This means the IT organization needs to become more proactive and less reactive, with skills focused on critical analysis more than simply the gathering of requirements.

CIOs believe IT organizations will be even more business-oriented than they are today. This transition will see smaller staffs but with a larger technology spend. Businesses supported by an IT focused on business analysis, integration, and analytics will be more agile, and IT will be fully distributed and demand little centralized IT oversight.

This smaller IT organization will:

• Be tightly coordinated with the business.
• Outsource most services and technology.
• Concentrate on working with the business to create unique mobile, analytics, and solutions capabilities.

CIOs like Francis have already formed future-oriented IT teams. “The team I built from scratch is small, valued and valuable, expert, and targeted — but able to work across all blurred lines,” she says. “Most important, they’re happy. We’re determined to make this new team a modern pillar of excellence.”

IT organizations of the past were truly responsible for the productivity gains that have occurred over the last 50 years. However, this is no longer an acceptable place for IT organizations. A successful CIO needs to be a business strategist first and – with their team – be able to ideate and drive forward the delivery of new business models.

Also see: Tech Predictions for 2022: Cloud, Data, Cybersecurity, AI and More 

The post CIOs and the Future of IT: Innovation, Not Operation appeared first on eWEEK.

Today’s high focus on customer experience is prompting many businesses to modernize their contact centers. As companies shift their communications to the cloud, it creates several challenges that did not exist when the contact center platform was on-premises. Smaller businesses are likely to purchase the telecom services directly from a contact center as a service (CCaaS) provider, but that’s not typically an option for large businesses.

Enterprise class companies have different requirements, are concerned with regulatory issues, and often have separate relationships with telecom providers. The cloud is the fastest path to contact center modernization, yet it does entail some risks. There are integration issues, security concerns and much more.

Also see: Top Cloud Service Providers & Companies 

Recently, Bandwidth and Genesys have partnered and announced a global bring-your-own-carrier (BYOC) solution, called Duet for Genesys, to help accelerate the enterprise contact center move to the cloud.

Bandwidth is a communications platform as a service (CPaaS) and network provider in 65 countries and an underlying carrier for some of the largest cloud platforms like Google, Webex, RingCentral and Microsoft Teams.

The company also provides services for voice, messaging, and 911 access. Every component of Bandwidth’s network is software-based with application programming interface (API) access, which means companies can utilize all the telecom features via API calls. Now Bandwidth is using its cloud platform relationships as a springboard to bring CPaaS services to the enterprise.

In my latest ZKast video, I interviewed Paul Dryden, vice president of business and development at Bandwidth, to discuss the partnership with Genesys and why enterprise contact centers are shifting to the cloud. Highlights of the ZKast interview, done in conjunction with eWEEK eSPEAKS, are below.

Also see: Tangoe Report: Pandemic Caused Major Shifts in IT Spending 

• The enterprise contact center has been static for years, as most of the technology stack was managed on-premises. Businesses weren’t interested in Bandwidth replacing their existing carriers. That fundamentally changed with the move from on-prem to the cloud and the adoption of contact center as a service (CCaaS).
• Enterprises initially adopting CCaaS were small and medium-sized businesses. Once COVID-19 hit, larger enterprises flocked to CCaaS at extraordinary speeds. Today, every enterprise has either made the move to CCaaS or is in the process of moving.
• However, there are some challenges. The on-prem environment of a complex contact center involves dozens of different vendors. When making the move from on-prem to the cloud, service must be provided to customers without interruption. That’s a massive expectation from contact centers.
• Bandwidth has partnered with cloud customer experience orchestration provider Genesys to extend its Duet solutions—which allow businesses to unbundle complex telephony from their communications—to the Genesys Cloud CX platform.
• The early adopters of CCaaS and UCaaS wanted the option of purchasing everything from a single vendor. But rather than buying bundled telecom from a cloud provider, some wanted to bring their own carrier into the mix. Contact centers using Genesys Cloud CX can buy and manage telecom themselves.
• Bandwidth has partnered with a select group of cloud platforms to provide the BYOC service for Genesys. Bandwidth already offers BYOC across three other multi-vendor platform stacks: ZoomPhone, Duet for Microsoft Teams, and Duet for RingCentral.
• Bandwidth has been working with Genesys for more than seven years and is a key part of what Genesys provides in the background for its own telecom offering. The shared capabilities ensure that Bandwidth can pass call information to third party systems, which are integrated into Genesys Cloud CX.
• Going forward, Bandwidth plans to invest in enabling third-party tools that large enterprises are running on-prem. Not only can Bandwidth offer one-off integrations, but they can also equip enterprises with a universal telecom platform and CPaaS expertise as they move to the cloud.

Also see: 7 Digital Transformation Trends Shaping 2022

The post Bring Your Own Carrier Solves Cloud Contact Center Migration Pain appeared first on eWEEK.

Tech companies have enabled organizations across industry sectors to digitally transform, so businesses can continue to operate and serve customers throughout the COVID-19 pandemic. Additionally, tech companies are themselves transforming their businesses using emerging technologies.

When polled by KPMG, tech industry leaders indicated an interest in leveraging new technologies to improve efficiencies and reduce cost. According to the most recent KPMG survey, tech industry insiders now see the utilization of emerging technologies such as artificial intelligence (AI), IoT (Internet of Things), robotic process automation, and others as transformative for increasing market share, enhancing customer loyalty, and growing their top line.

For tech companies looking to take advantage of the digital transformation benefits afforded by emerging technologies, below are three key considerations.

In a KPMG survey, tech leaders indicated their top choices among today’s emerging technologies. 

Also see: Top Digital Transformation Companies 

The shortage of skilled workers in the tech sector was a challenge before the pandemic, and it remains one now.

KPMG found that the number one limiter of digital transformation at tech companies, listed by 27% of respondents, is a lack of internal expertise and talent when it comes to understanding new technologies. The pandemic has made this clearer, with a demonstrated need for upskilling in cybersecurity, DevOps, and modern IT architecture.

New technologies must be implemented and set into process by your people, so workforce investment is critical. How are new pipelines for hiring and retention in highly skilled areas realized, while also providing employees with digital upskilling?

Think deeply about the balance between human interaction and automation and how you can utilize permanent, gig economy, and other contingent roles to fill existing gaps.

Also see: 7 Digital Transformation Trends Shaping 2022

Becoming a data-first organization through a holistic, enterprise-wide data strategy creates a competitive advantage. 

The data imperative is the next stage of the digital transformation journey—deriving real-time insights from massive amounts of data collected during the pandemic to grow as an organization and enhance the customer experience. 

Think of emerging technologies as they apply to your data strategy. Specifically:

• How can new technologies accelerate access, management, and analysis of data?
• How will you leverage data to enhance your top line and market growth?
• Are these the same goals you have for emerging technologies’ impact on your core business?

In sum, lean into the synergy of a technology strategy that complements your data strategy.

Also see: Best Data Analytics Tools 

New technologies aren’t just for the visible wins. Integrate emerging technologies into your core business operations, so you’re driving efficiencies on an everyday scale as much as you’re working toward growing your top line. This is about a connected enterprise, where your tech strategy is also part of your operational foundation.

To that end, align your tech investments with the wider goal of customer centricity. Your everyday business and services revolve around your customers; they’re the heart of your strategy. And when you integrate emerging tech across the board, you’ll align with industry leaders who see emerging tech as a way to create more long-term competitive advantages, like new insights, data security, and even energy efficiency in line with environmental, social, and governance (ESG) principles.

Strategic alignment around these areas will also help maximize the impact of your organization’s investments in emerging technologies.

Also see: Top AI Software 

About the authors:

Mark Gibson, KPMG U.S. Technology, Media and Telecommunications Leader

Alex Holt, KPMG Global Head of Technology, Media and Telecommunications

The post How Tech Firms Can Boost Their Digital Transformation: 3 Best Practices appeared first on eWEEK.

On Tuesday, February 15, at 11 AM PT, @eWEEKNews will host its monthly #eWEEKChat. The topic will be “Navigating Multicloud Computing,” and it will be moderated by James Maguire, eWEEK’s Editor-in-Chief.

We’ll discuss – using Twitter – the challenges, potential and best practices for multicloud computing. Does it help companies avoid vendor lock-in? Is it possible to manage the complex monster known as multicloud computing?

How to Participate: On Twitter, use the hashtag #eWEEKChat to follow/participate in the discussion. But it’s easier and more efficient to use the real-time chat room link at CrowdChat.

Instructions are on the Navigating Multicloud Computing Crowdchat page: Log in at the top right, use your Twitter handle to register. The chat begins promptly at 11 AM PT. The page will come alive at that time with the real-time discussion. You can join in or simply watch the discussion as it is created.

The list of experts for this month’s Tweetchat currently includes the following – please check back for additional expert guests:

• Carolyn Duby, Field CTO and Cybersecurity Lead, Cloudera
• Daniel Graves, CTO, Delphix
• Krishnprasath Hari, VP, Digital and Cloud Modernization, Hitachi Vantara
• Margaret Lee, SVP and GM, Digital Services and Ops Managment, BMC 
• Dan Griffith, Cloud Native and Edge Enabler, HPE
• Marc Linster, CTO of Postgres open source leader EDB
• Llanor Alleyne, Managing Editor, IT Business Edge 
• Chris Ehrlich, Managing Editor, Datamation
• James Maguire, Editor-in-Chief, eWeek [moderator]

Chat room real-time link: Go to the Crowdchat page. Sign in with your Twitter handle and use #eweekchat for the identifier.

The questions we’ll tweet about will include – check back for more/ revised questions:

1. Why do companies choose multicloud? What’s the advantage?
2. Where is mulitcloud in its growth curve? How far are we from peak multicloud?
3. What’s companies’ comfort level with their multicloud deployment? Mostly okay, or confused and challenged?
4. What’s the biggest pain point that companies have with multicloud?
5. What advice would you give them to optimize their multicloud?
6. What’s a big myth associated with multicloud?
7. What vendors are the biggest winners in multicloud?
8. The future of multicloud? Where will we be in 3-5 years?
9. What else is important about multicloud computing – what else should companies be aware of?

Go here for CrowdChat information.

Jan. 18: Trends in Digital Transformation
Feb. 15: Navigating Multicloud Computing
March 15: Low Code / No Code Trends
April 12: Edge Computing: Monitoring, Observability and More
May 17: Data Analytics: Optimizing Your Practice
June 14: Expanding Your AI Deployment

*all topics subjects to change

The post eWEEK TweetChat, Feb 15: Navigating Multicloud Computing appeared first on eWEEK.

Today, threat actors are using a variety of methods to target organizations. While ransomware, phishing, botnets and other malware steal the headlines, Active Directory (AD) remains a major vector of abuse.

More specifically, hackers use Attack Paths in AD, which are chains of abusable privileges and user behaviors linking users and computers that attackers use to steal sensitive data or launch malware attacks. They’re present in virtually all business networks and have frustrated defenders for decades (whether they’ve known it or not).

I’ve studied Attack Paths in detail over the last several years. As attacks evolve, defending against Attack Paths requires a new approach. In this article, I’ll explore Attack Paths in more detail and talk about how security pros can work to eliminate these threats.

Also see: 5 Cloud Security Trends in 2022

In 2009 Microsoft Research described Attack Paths as “Identity snowball attacks [that] leverage the users logged in to a first compromised host to launch additional attacks with those users’ privileges on other hosts.”

Identity-based Attack Paths (which is what I’ll focus on here) are especially problematic in Microsft AD and Azure AD, since these platforms provide high rewards to attackers with relatively low risk. But here, I’ll focus on Microsoft AD, these concepts also apply to other identity and access management systems like those in Google Suite and AWS.

Existing defensive literature on Attack Paths is often too academic to be practical, and the practical tools that do exist focus on Attack Paths from the attacker perspective. While approaches like Tiered Administration and Least Privilege can reduce these risks in theory, they’re almost never implemented correctly (if at all) for a variety of reasons.

Defending against Attack Path abuse requires continuous discovery, mapping, and risk assessment of AD Attack Path choke points (both on-prem and in AD). This approach can eliminate, mitigate, and manage Attack Paths, and significantly reduces the attack surface presented to the adversary by AD.

This protective approach should not require fundamental architectural changes, or force defenders to work through endless lists of misconfigurations, vulnerabilities, and dangerous user behaviors. In my experience, successfully defending AD from Attack Paths requires three primary steps:

The first step to stopping Attack Paths is knowing how many of them exist – at all times.

Enterprise networks are not static. Privileged users log on to different systems every day, leaving behind tokens and credentials that can be abused by an adversary. New applications require newly granted permissions, and security group memberships change to accommodate business requirements.

One-time measurements of Attack Paths or measurements at intervals are not good enough. Mapping needs to include all possible systems and users, from Domain Controllers to individual endpoints. As new research finds new techniques for abusing user privileges, these techniques need to be added to the Attack Path Map so it remains comprehensive.

Also see: Secure Access Service Edge: Big Benefits, Big Challenges

Shutting down all the Attack Paths in an environment isn’t possible – there are simply too many of them (and not all of them can be shut down).

A better solution is to focus on “choke points” that lead to high value (or Tier Zero) assets like Domain Controllers. For example, if an organization has ten connections to their Tier Zero assets, then any Attack Path to those assets must go through one of those connections, no matter where it starts. Finding these choke points reduces the scope of what defenders need to focus on, turning it into a more manageable process.

There are plenty of solutions that give AD misconfigurations a subjective “risk assessment” value. This may or may not be useful, depending on how the solution provider assesses risk. A better approach is to measure risk objectively, based on the number of computers and users that have access to each choke point.

For example, if one choke point enables 100% of users to access Tier Zero, while another choke point only enables 2% of users to access Tier Zero, then it’s very clear what defenders should fix first.

Also see: 5 Ways Social Media Impacts Cybersecurity

Attack Paths present a large risk to every organization, but every organization must choose for themselves how much time, money, and political capital to spend on managing them. Removing user permissions or trying to change user behaviors can easily have unintended consequences (such as breaking backwards compatibility by turning off NTLM authentication) that interfere with legitimate business processes.

AD admins are reluctant to rock the boat without a clear benefit. If guidance is unclear or involves too much work, then defenders will likely play it safe and not change anything. Because of this, remediation guidance must meet several criteria to ensure they are practical, precise, and safe. These criteria include:

• Not requiring drastic changes to the environment’s directory services architecture.
• Not requiring the organization to migrate to a new directory services platform.
• Not requiring expert-level knowledge.
• Providing expected outcomes, with both the remediation and the expected outcomes being verifiable.
• Including instructions for how to determine if privileges are required.

Being able to identify specific Attack Path choke points, assess the risk of each one objectively, resolve issues quickly, and measure how an organization’s overall risk changes over time can dramatically improve and simplify AD security for organizations.

As this space develops and new solutions come to market to help streamline this process, organizations will be able to streamline the management of Attack Paths to help mitigate serious threats and misconfigurations.

Also see: Tech Predictions for 2022: Cloud, Data, Cybersecurity, AI and More 

About the Author: 

Andy Robbins, Technical Architect and Co-Founder, SpecterOps

The post How to Prevent Breaches of Active Directory: 3 Key Steps appeared first on eWEEK.

Throughout 2021, the pandemic influenced corporate buying behavior as hybrid work models became more permanent, replacing ad-hoc strategies initially used to support remote workers. Organizations changed their buying behavior in favor of more flexible, efficient, and cost-effective IT strategies, according to Tangoe’s newly released 2021 Market Trends Report.

Tangoe gathered the data from the massive amount of information it has on IT purchasing trends. The company provides technology expense management and managed mobility services to over a thousand enterprise companies, including half of the Fortune 500. It manages $40 billion in technology expenses paid across 120 countries.

The inaugural Market Trends Report features data, insights, and trends in the IT industry collected from technology spend that Tangoe manages on behalf of these clients. The report includes market trends driving both buying behavior and the corresponding pricing strategies.

Also see: Digital Transformation: Definition, Types & Strategies

Over the last year, changes in IT buying behavior were most prevalent in three areas:

• Corporate cost consolidation
• Flexible connectivity
• Distributed operations

Organizations modified their networks to meet the needs of clients and employees in a post-pandemic environment. Thanks to a more distributed workforce, organizations were able to reduce bandwidth and lower telecom costs, which decreased 8 to 12 percent year-over-year (YoY).

At the same time, spending for unified communications as a service (UCaaS), hosting, security, and professional services increased more than 25 percent YoY, as organizations adjusted to the changing environment.

Flexible work models demand greater security to prevent unauthorized access to corporate networks. Today’s organizations are trying to a find a balance between flexibility and security, turning to ethernet, fixed wireless, and broadband as more permanent solutions for hybrid workers.

I know many of the “work from home” stocks – such as Zscaler, Zoom and Avaya – have had a big cut in stock price as investors fear the shift in spending was temporary. I don’t believe this is a case, as most of the vendors in this category are critical to hybrid work.

The reality is that people are not going back to the office any time soon. My research has found that 51% of employees will work from home two to three days per week and another 14% will do so one day per week.

Tangoe has also observed a shift in network spending to software-defined wide area networking (SD-WAN) and 5G, as both technologies have recently gained traction. This has caused a decline in multiprotocol label switching (MPLS) rates in all regions globally.

In the U.S., MPLS ports below 1 gigabyte (GB) were flat YOY, while MPLS ports at or above 1GB were down 30 percent YOY. Internet rates are also declining in double digits. Internet ports costs below 1GB were flat YoY and those greater than 1GB fell 25 percent YoY.

Also see: 7 Digital Transformation Trends Shaping 2022

This pivot from MPLS to SD-WAN was already underway prior to the pandemic but saw significant acceleration as organizations looked to increase network agility.

I fully expect SD-WAN spend to continue to eat away at the historically overpriced MPLS circuits. The large global carriers will offer hybrid services and will continue to bring pricing down, which is good news for buyers.

On the telecom front, interstate session initiation protocol (SIP) rates declined 25 percent YOY, the report found. Meanwhile, mobile carriers are beginning to move away from a pure subsidized model and instead offering device purchase plans that are separate from monthly plans. Carriers are incentivizing companies with competitive contracts to make the switch to 5G, although the adoption rate of 5G for fixed wireless access remains low.

Looking at security, the report found that ransomware attacks jumped a whopping 150%. The Tangoe report didn’t delve deep into security spending, but this is another area that has seen a significant shift in the way customers are buying. Hybrid work has shifted spending from the traditional on-premises-based hardware to cloud-based security in the form of secure access service edge (SASE).

Tangoe recommends prioritizing agile infrastructure, cybersecurity, and unified communications, as these align better to hybrid IT where IT pros are working remotely. Much has been made about the impact to workers, but little has been discussed around how the job of IT has changed. Businesses are becoming increasingly dynamic and distributed and IT spend will continue to shift to models that support this generational shift.

Also see: Secure Access Service Edge: Big Benefits, Big Challenges

The post Tangoe Report: Pandemic Caused Major Shifts in IT Spending appeared first on eWEEK.

With digital transformation initiatives well underway, companies are investing in strategies to ingest large volumes of data that enable them to make the right decisions in the moments that matter. Handling the sheer volume and complexity of this data store is exceptionally challenging.

As enterprises meet these data-intensive digital demands, here are four real-time data management trends we anticipate over the next year.

Also see: 7 Digital Transformation Trends Shaping 2022

Data will change faster and more frequently than ever before. It will no longer be acceptable to analyze massive amounts of static data once per month, once per week, or even once per day.

Organizations will need to glean insights from streaming data in real time to find new patterns and discover and act on them. Navigating data is like running whitewater, where you need to adapt instantly to a changing environment. Those that learn to run the rapids will succeed.

Also see: Top Data Visualization Tools 

Supply chain issues throughout the global economy, driven by Covid, have been well documented. And the cloud is no exception.

As companies continue to migrate to cloud providers in 2022, they’ll be surprised to find hardware and personnel shortages that may force them to alter their plans. Some organizations may have trouble getting the number of cloud instances they need. They’ll also struggle to find staff to manage their cloud operations with so much turnover happening in the workforce. These restrictions will lead to more organizations seeking out fully managed service cloud offerings.

Also see: Best Data Analytics Tools 

This year, many organizations will start to look for new ways to drive revenue growth again after spending the past year getting back on track from the pandemic. One avenue they’ll begin to explore is taking advantage of business opportunities that are happening in the moment and are somewhat transient.

Like many of today’s digital businesses that operate in this new economy, established companies need to move fast and shrink their ideation-to-production cycles. Exercising the elastic scalability of the cloud – particularly multicloud – can help companies tailor the consumption of compute, network, and storage resources. The cloud provides the agility needed to identify a need or demand and quickly pivot to seize new opportunities.

For years, companies have easily fetched customer identity and other information from cookies. With the end of cookies in 2022, and with more than 70 percent of the world’s population protected by privacy regulations, businesses will have to adapt to new targeting strategies to quickly recommend a product or decide if a transaction is fraudulent.

As identity becomes less of a fixed or known data point, enterprises need to immediately analyze a massive swath of data, look for patterns, and extrapolate a likely persona for targeting. They will need to find patterns in real time that target individuals based on attributes or behaviors other than a cookied identity.

As data volumes constantly grow and demand for real-time transactions increases, these trends will traverse all industries where scaling is instrumental to survival. For example, ad tech is experiencing a renaissance, garnering significant investment, innovation, and attention as platforms rapidly seek to serve ads to targeted audiences at petabyte scale.

Likewise, with massive amounts of data streaming from mobile, 5G, and IoT sensor applications, telecom companies need to quickly ingest data and then process it at petabyte scale with virtually no latency.

As we move forward, enterprises need to embrace the opportunities and challenges ahead of them and manage real-time data in new ways to drive successful business outcomes.

Also see: Tech Predictions for 2022: Cloud, Data, Cybersecurity, AI and More 

About the Author: 

Lenley Hensarling, Chief Strategy Officer, Aerospike

The post Real-Time Data Management Trends for 2022 appeared first on eWEEK.

Datadog and New Relic are both excellent application performance monitoring (APM) platforms. They are both graded as Leaders in the latest Gartner APM Magic Quadrant. Indeed, in many ways they offer similar features and functionalities.

Both provide application monitoring tools with a well-regarded ability to gauge performance and troubleshoot performance issues. They can monitor and analyze the various layers where applications run, such as in cloud servers, databases, and middleware. Both monitor integration points with third party applications. And both succeed at the goal of maintaining high availability and performance for websites and web-based applications.

Yet despite so many similarities, there are significant differences. Here’s a comparison of Datadog and New Relic, from key features to pricing, as well as their ideal use cases.

Also see: 5 Tips for Observability Success

Datadog is focused on cloud monitoring and security. It offers the ability to see inside any stack or application at any scale and anywhere. Infrastructure monitoring, APM, log management, device monitoring, cloud workload monitoring, server monitoring, and database monitoring fall within its feature set.

Datadog is particularly astute at dealing with the performance and visibility of multiple clouds operating on the network and in managing cloud services. Datadog helps IT to drill down into performance data. It generates alerts about potential problems and helps IT to discover any underlying issues. It can assemble data from logs and other metrics to provide context that is helpful in minimizing incident response time.

The user interface centralizes performance monitoring, alert management, and data analysis in one place. Recent additions to its platforms include network monitoring, security analysis, AIOps, business analytics, a mobile app, and an incident management interface.

New Relic addresses APM, infrastructure, user monitoring, and performance analytics for desktop, web, and mobile applications. It includes data security features and can monitor mobile, web, and cloud applications in real-time. While its focus has been data processing and analysis, the company has been adding functions such as anomaly detection in logs, greater support for Azure, data exploration, correlation, browser monitoring, instrumentation, developer collaboration, AIOps, and IT Service Management (ITSM) and Amazon Web Services (AWS) integration.

APM, then, is no longer a central characteristic of New Relic. It is just one of many functions within a broader platform.

Overall, both perform general APM functions and both are Software-as-a-Service (SaaS)-based applications. Datadog is perhaps stronger on infrastructure monitoring while New Relic’s strength is in monitoring applications.

Yet New Relic offers something that Datadog does not – real-time monitoring. If real-time monitoring is essential to operations, New Relic is the platform to choose.

Also see: AIOps Trends

Datadog installation is straightforward, but some command line scripting is required. It is relatively easy to customize dashboards and interfaces to the way you want them. The main interface covers a lot of ground. It’s great for experienced users, but it might be tough for new users who may be overwhelmed by the number of options.

New Relic installation is simple without the need for scripting. The company provides an interface that gives a single view for analysis and resolution. At times, though, some report that troubleshooting can be challenging. Both platforms are regarded highly when it comes to presentation of data, and ease of diagnosis of performance problems.

Overall, there is very little difference between the two with regard to implementation and ease of use.

Datadog can work with a sufficient set of data sources and formats, but it is not a platform that is set up deal with a large number of information sources. Data formats like.xml, .csv, and .json are not supported, for example. That said, it can integrate well with other security and IT management tools. Datadog supports community APIs and extensions to integrate it into existing IT infrastructure.

New Relic historically has relied upon proprietary collection agents, but it has been transitioning toward a standardized, open-source approach. It is strong when it comes to community resources for learning the application, training of users, and troubleshooting issues via self-serve. Blogs, meetups, and social media channels are available for support.

The Datadog platform is available for the Windows, Mac, and Linux. New Relic supports Windows, Android, Linux, Mac, iPhone, and Windows Mobile. Both offer similar lists of available third-party integrations.

Overall, Datadog wins on its integration options and community support whereas New Relic is ahead on device support.

Also see: Guide to Data Pipelines

A few years ago, you could provide application performance management tools and software without having to worry too much about cybersecurity. How times have changed.

Most vendors now have to take care of security as a vital aspect of application development or face serious repercussions. Similarly, in APM, vendors now have to ensure they are providing a safe environment for users.

Accordingly, Datadog and New Relic have been steadily adding security features in recent years. Both have also been incorporating functionality for monitoring application security. Overall, New Relic appears to be in the lead in this category.

New Relic is more expensive than Datadog, but it offers premium features such as real-time monitoring of application performance. Real-time monitoring sounds great, but not everyone needs it. Decide whether the additional price tag is worth it for your company.

Datadog skips real-time and is thus quite a bit cheaper. Datadog prices out at around $15 per user, roughly ($23 for the Enterprise version). Datadog has an open pricing policy with published prices, and generally low prices. Its pricing per-month options include per-host, per million events, and per GB of analyzed log files. But Gartner noted that some large deals entail large upfront spending. According to the analyst firm, this can lead to over- and under-provisioning.

New Relic, meanwhile, has lowered its data ingestion costs recently. But other pricing changes have resulted in spending increases recently as well as some confusion about costs. The complexity continues via service packages with different pricing structures. For one user, it is great: The New Relic Full-Stack Observability package for infrastructure monitoring, APM, and more, is free. But it surges to as much as $99 per additional user per month for its Standard package. There are also Pro and Enterprise tiers, as well as charges for telemetry data and machine-learning services.

Clearly, Datadog wins on price in most use cases.

Also see: Best Data Analytics Tools

There is no doubt that Datadog and New Relic are both excellent tools designed to solve a great many challenges related to application performance monitoring. You can’t go too far wrong with either one. Both are strong in APM. Both also offer a lot of advanced features for your money that go far beyond APM. And both are trailblazers when it comes to innovation and future roadmaps.

Datadog takes an infrastructure monitoring approach geared toward analytics. It is focused on performance measurement for cloud services and is particularly adept at measuring the performance of databases and servers as well as measuring performance in a multi-cloud world. Since Datadog is aimed at monitoring infrastructure at scale, it’s used primarily by mid-sized companies and large enterprises. It is also favored by DevOps and IT to address cloud and infrastructure performance.

New Relic platform is likely to be the preference for those wanting to monitor applications and especially those requiring real-time monitoring of those applications. It offers IT the ability to view all organizational telemetry data across applications and infrastructure on one screen, so its observability of entire system health and changes are worth the cost for many users. Anyone needing to stay on top of applications in real time should opt for New Relic.

The post Datadog vs. New Relic: 2022 Software Comparison appeared first on eWEEK.

Microsoft Power BI and Tableau are two of the top business intelligence (BI) and data analytics platforms in the market. Both were graded above all other similar applications by Gartner in its latest “Magic Quadrant (MQ) for Analytics and Business Intelligence Platforms.” Microsoft came out ahead, but Tableau wasn’t far behind.

These applications are in heavy demand these days, as organizations seek to harness the vast troves of data at their disposal. Whether from relational databases, enterprise applications, unstructured data, social media, or other sources, there is more investment in data mining than ever before.

Instead of a small team of data scientists slicing and dicing data, what we are seeing today is teams from management, marketing, line of business heads, sales, and IT are utilizing analytics in their day-to-day activities.

As two highly regarded analytics platforms, users often are forced to choose between Power BI and Tableau. There are arguments for and against each tool. It is hard to say that you could go wrong with either application. But which is best?

Also see: Best Data Mining Tools & Software 

Microsoft encompasses a massive number of associated platforms and applications. Power BI, therefore, offers a diverse set of features that range far beyond BI and analytics. Integration with the likes of Microsoft Office, Office 365, Teams, Azure, and SharePoint provide functions beyond the scope of Tableau. Specific to analytics, Power BI encompasses data preparation, data discovery, dashboards, and data visualization.

Tableau is very much focused on delivering analytics with artificial intelligence, data management, and collaboration. At the heart of Tableau is a proprietary technology called VizQL that makes interactive data visualization an integral part of understanding data.

Tableau differs sharply from traditional tools that require the user to analyze data in rows and columns, choose a subset of the data to present, organize that data into a table, and then create a chart from that table. VizQL skips those steps and creates a visual representation right away, providing visual feedback as you analyze.

Microsoft releases weekly updates to its cloud-based Power BI service. Recent feature additions include AI-infused experiences, smart narratives (NLG), and anomaly detection capabilities. A Power BI Premium version enables multi-geography capabilities and the ability to deploy capacity to one of 42 data centers around the world.

Tableau, of late, has been adding features like Ask Data in Slack (ask questions using natural language and automatically get data visualizations), Einstein Discovery in Slack (predictions in the flow of work), and Model Builder (collaboratively build and consume predictive models using Einstein).

Which has the best features? Microsoft wins in terms of breadth of service due to its ecosystem of integrated platforms. But Tableau perhaps comes out ahead when it comes to depth of analysis and the kind of robust, intuitive features that data scientists and analysts need for competitive advantage.

Also see: Best Data Modeling Tools & Software 

Newer users appear to find Power BI easier to use than Tableau, which has a steeper learning curve. But Tableau has been working to change that. Its AI-powered analytics features lower the barrier to data science techniques.

The conclusion: Power BI wins on broad usage by a non-technical audience whereas Tableau has the edge with technical users.

That said, both platforms cater to beginning and advanced users. Tableau users believe the platform makes it easy to create data visualizations. Power BI users, on the other hand, speak about ease of use in creating reports. Both platforms offer visualization and reporting. But Tableau favors the former and Microsoft the latter.

Also see: Top Data Visualization Tools 

Tableau tries to differentiate itself with what it describes as an intuitive data analytics experience with richer capabilities, based on its patented VizQL engine. Tableau can connect to data live (performing queries in-database and returning results in real-time) or in-memory (ingesting data from source systems into Tableau). This allows users to control performance, cost, and data freshness.

Power BI, though, is particularly good at crunching and analyzing real-time data. Tableau does this, too, but Power BI may have the edge. Tableau, however, scores very well on live query capabilities and extracts, helping analysts to query faster.

Also see: What is Data Analytics? 

Both products have pros and cons with regard to how their platforms relate to cloud computing.

Power BI has a fully functional SaaS version running in the Azure cloud as well as an on-premises version resident in Power BI Report Server.

Power BI Desktop is also offered for free as a stand-alone personal analysis tool. When power users are engaged in complex analysis of multiple on-premises data sources, though, they need to download Power BI Desktop. The on-premises Power BI offering isn’t as rich as the cloud version with regard to dashboards, streaming analytics, natural language, and alerting.

Tableau does offer cloud-hosted solutions such as Tableau Online and Tableau CRM, but its strength lies in on-premises deployments and this is where much of its massive installed base resides. Thus, it can be challenging to scale out Tableau workloads in the cloud. Therefore, Microsoft gets the nod for cloud analytics, and Tableau for on-prem.

Also see: Top Cloud Service Providers & Companies

CRM and BI often go together. With Tableau now being owned by Salesforce, you would think it would have a distinct edge in this category over Microsoft. But this might not be the case.

Tableau has very good marketing and enterprise product capabilities. But it is currently held back by the challenges in integrating it with Salesforce Einstein Analytics (known as Tableau CRM). Yet progress is being made. An Einstein Discovery dashboard extension, for example, brings predictive modeling capabilities from Einstein to Tableau.

Power BI integrates relatively well with Microsoft Dynamics CRM. Thus, Microsoft may actually have a slight edge on Tableau on CRM. But not for long. Expect Tableau to catch up fast and unleash the full capabilities of Salesforce within Tableau.

As noted above, Tableau has its hands full in integrating with Salesforce. This creates a somewhat fragmented experience between Einstein Analytics and Tableau.

Microsoft, too, has some integration challenges. Gartner noted that Power BI’s handling of content promotion and publication can generate administrative overhead. This isn’t an easy fix, which will add manual labor between Power BI apps and its collaborative development environment known as Workspaces.

Microsoft is very good at keeping prices low as a tactic to grow market share. It offers a lot of features at a relatively low price. Power BI Pro, for example, costs approx. $10 per month per user. The premium version is $20 per month. The bottom line for any rival is that it is hard to compete with Microsoft Power BI on price when it comes to automated ML capabilities and AI-powered services.

Tableau has a reputation for being expensive. By some estimates, it works out about $75 per month per user for decent analytics functionality. But those who only want to interact with some basic dashboards can get it much cheaper. That said, the addition of Tableau CRM for a list price of up to $150 per user per month means newer functionality, and Salesforce integration doesn’t come cheap.

Microsoft is committed to investing heavily in Power BI and enhancing its integration across other Microsoft platforms. Any organization that is a heavy user of Office 365, Teams, Dynamics, and/or Azure will find it hard to resist the advantages of deploying Power BI.

Those advantages are only going to increase. On the AI front, for example, the company boasts around 100,000 customers using Power BI’s AI services. The company is also putting effort into integrating with other applications and in making it easy to autotune query performance. Those with an eye on budget that yet want a rich BI platform will probably favor Power BI.

Consider, too, the existing sales teams and distribution channels for Microsoft products. With such a huge user base and so many tentacles across the world, Power BI may only be a click away for many organizations. Tableau will struggle to compete head-to-head against the global sales and marketing might of Microsoft. Those channels have grown sharply over the last two years with the rise of Microsoft Teams. Power BI is being integrated more and more closely with Teams, which has tens of millions of daily active users. For the Microsoft user base, it might be hard to convince them why they shouldn’t just tack Power BI onto their existing Microsoft services.

Yet Tableau has a kind of Beatlemania aura about it. It boasts a huge fanbase and a very loyal user community. Its user conferences attract large crowds. Its popularity is growing, too, partially through the distribution of a free platform known as Tableau Public. This is where people can share and explore data visualizations online. It contains over 3 million interactive visualizations. For those not committed to a Microsoft-centric architecture and for those with an existing culture rich in data scientists and analytics-savvy power users, Tableau may have the edge. Additionally, those committed to the Salesforce platform may find it best to opt for Tableau.

The post Power BI vs. Tableau: 2022 Software Comparison appeared first on eWEEK.

Also see: Deloitte’s David Linthicum on Optimizing Your Multicloud 

First, a quick refresher: cloud native means we leverage services and systems found only on a specific cloud provider.

When developers and architects refer to “cloud native,” they are typically referring to specific cloud services that won’t be found on other clouds or traditional platforms. These cloud services include things like security, management, databases, serverless systems, and financial operations (FinOps).

We employ cloud native services from within applications or other solutions, for reasons that include:

• More advanced. Cloud native services are typically more advanced than non-native services. They provide direct access to other native resources such as storage, compute, and databases. Thus, cloud native means more modern functionality that you don’t have to build, test, and deploy.
• Better performance. Cloud native services typically perform better. Performance is generally better because the services are built and owned by the cloud provider and are purposed built for their multitenant platform.
• Interoperability. Cloud native services typically work and play well with other cloud native services. Again, since they are purpose-built for a specific cloud provider, they typically support plug-and-play integration with other native services. For example, a cloud native messaging system talks to its cloud native databases without the need to do custom integration.
• Lower costs. Cloud native services typically cost less than non-native services. Since they are built for a specific cloud provider, and do not support any other provider, they are typically tuned to leverage fewer resources. This means the cloud bill should be lower than if you leveraged non-native services.

If the above list is true, why would we ever leverage non-native services?

The answer: Because like everything else in the world of computing, there are no free lunches. When you leverage cloud native services there will be benefits and liabilities, winners and losers.

Also see: Why Cloud Means Cloud Native 

Some will find that cloud native is not a particularly good solution for their problem domain, and then there are those who want to avoid vendor lock-in. If you leverage cloud native features of a specific cloud provider, this makes your application and data storage systems less portable across clouds or traditional systems.

If we take advantage of the benefits of cloud native services as listed above, that’s a good thing. However, a cloud native solution cannot move to another cloud or non-cloud platform without a great deal of modification.

Modification will require removal of any couplings to cloud native services on the existing cloud. The couplings then need to connect to the cloud native services of the new target cloud platform, or leverage more open services that can be found on most platforms, or non-native services that include storage, compute, and databases.

Enterprises that don’t plan ahead to move an application off a specific cloud but are forced to do so at some future point will also become losers. There is a lot of cost and risk involved in modifying applications to remove specific cloud native services and replace them with other cloud native services or open services.

Clearly, this is the dreaded “vendor lock in.” Most applications that move to cloud platforms won’t ever move off that platform during the life of the application, mostly due to the costs and risks involved.

Another drawback is that you’ll need cloud specific skills to take full advantage of cloud native features. This talent may not be available in-house or in the general labor pool, and/or it could drive staffing costs over the budget.

The pandemic drove a massive rush to public cloud providers, which meant the demand for cloud migration skills exploded as well, driving up salaries and consulting fees. Moreover, the scarcity of qualified skills increases the risk that you won’t find the skills needed for cloud native systems builds, and/or the required level of talent will be unavailable to create optimized and efficient systems.

This leads some enterprises down a scary path of budget overruns. More likely than not, cloud native systems with runaway budgets will not meet the expectations of the business.  Thus, it often becomes more difficult and costly to gain cloud native advantages than anyone anticipated. The lack of cloud native talent clearly drives up the risk, which in turn could make cloud native architecture and development not worth the effort.

Also see: Top Cloud Service Providers & Companies 

Although the value of cloud native may increase or decrease over time, any enterprise that can leverage cloud native services with at least two of the value drivers listed above (e.g., performance and cost) will end up a cloud native winner.

Typical cloud native winners can absorb and justify the risk and cost of going cloud native.  For example, let’s say we want to migrate an inventory management system from a traditional LAMP (Linux Apache MySQL and Python) stack within a data center to the same LAMP platform that runs on a public cloud.

Rather than do a simple lift and shift, the migration team decided to leverage some cloud native services such as security, clustering, serverless, and management and monitoring.  Therefore, the application must be modified, retested, and redeployed to leverage these specific cloud native services.

The team expects all the benefits listed above to exist within the migrated application, to some extent. The additional work to go cloud native will add about 300 percent more cost versus just lifting and shifting the application with minimal modification. Will the final cloud native solution be worth the costs and risks?

It’s time to place some bets. First, you’re betting that the additional expense of adding cloud native features will come back in longer term value, such as performance and cost advantages. Second, to be true winner, you’re also betting that this value will come back to the business during the life span of the application.

Speaking in generalities, the average cost to go cloud native is about 300 percent of non-modification approaches. So, if a lift-and-shift with minimum modifications would cost $50K all in, then a cloud native application would cost about $150K for the same application. In this example, the migration team bet $100K that the enterprise will get back at least $100K in value by going the cloud native route.

Many factors determine if the cloud native bet will pay off, and you’ll have to take this one application at a time to determine if you’ll win or not. Also, remember the wild card.  If the cloud native system must someday move to another cloud, or back to the original systems, all bets are off and you’re back to being a cloud native loser.

Also see: Best Practices for Multicloud (That Cloud Providers Prefer You Not Know) 

If going cloud native was an easy, straightforward choice, everyone would do it. On the surface, cloud native offers more efficient applications with greater functionality and less use of cloud resources. But it’s another tradeoff in the world of computing. The migration team must consider all parts of anything that moves to the cloud and make the cloud native bet based upon the attributes of each potential migration solution.

My advice is to compile a comprehensive comparison list for each cloud migration project to illustrate the benefits, costs, and risks associated with lift and shift versus cloud native. As we gain experience and get better at cloud computing, it follows that we’ll get better at picking the right applications to become cloud native. In turn, we will generate more winners than losers.

Also see: Tech Predictions for 2022: Cloud, Data, Cybersecurity, AI and More 

The post Cloud Native Winners and Losers appeared first on eWEEK.

Salesforce has experienced massive growth over the last few years and now ranks 137 on the Fortune 500. Simply put, it’s hard to ignore the impact Salesforce has had on the enterprise application market. Yet few seem to realize that there is a great deal of third-party development and customized code on the Salesforce platform, and with that code comes potential cybersecurity concerns.

While the company takes great pride in what it calls its “secure, scalable cloud platform,” there may be a disconnect when it comes to the term “secure” when paired with the ability to create custom code. Further complicating the “secure” argument is the fact that numerous tools exist to create custom applications that run on the Salesforce platform, and many of those tools offer low code/no code capabilities.

Seattle-based DigitSec offers a solution to that custom development cybersecurity conundrum in the form of DigitSec S4, an application security testing platform designed for Salesforce.

Also see: 5 Cloud Security Trends in 2022

The S4 (short for SaaS Security Scanner) platform brings many application security testing tools to the world of creating secure code for custom Salesforce development.

The platform brings together SAST (Static Source Code Analysis), IAST (Interactive Runtime Testing), and SCA (Software Composition Analysis). This creates a unified offering that automates much of the heavy lifting associated with verifying the security of code and installed applications.

What’s more, the platform incorporates features such as cloud security configuration review, integration into CI/CD pipelines via numerous DevOps tools, and platforms that ease the chore of fixing security bugs.

A view of the S4 security dashboard. 

S4 was designed to delve deep into the security posture of a Salesforce implementation. While that may be an oversimplification of S4, it does encapsulate the overall definition of the product. It runs in the cloud, and does not require any dedicated on-premise infrastructure or complex provisioning (although private cloud and enterprise install options are available). That means users can get up and running quite quickly.

Further easing adoption of the S4 platform is its ability to integrate into CI/CD platforms, which proves to be a catalyst to make DevSecOps a reality for most any shop leveraging DevOps. Integration into CI/CD pipelines also brings support into agile processes, and in some cases, waterfall-based development projects.

Also see: Secure Access Service Edge: Big Benefits, Big Challenges

S4 incorporates a static application security testing (SAST) engine, which automatically scans Salesforce source code (i.e. Apex, Visualforce, Lightning Web Components, Aura) to identify any security vulnerabilities.

When first run on newly ingested code, S4 creates a foundation of findings, which identifies critical vulnerabilities. The code scanning engine uses multiple techniques to identify actual vulnerabilities while avoiding typical false positives common with general-purpose code scanners.

Each finding is further validated and the S4 platform creates a discovery report, which offers examples of why the vulnerability is a true positive. Additionally, the platform incorporates methods to detect injection flaws and other vulnerabilities that are not always obvious to even the most seasoned DevSecOps staffer.

The S4 platform uses software composition analysis (SCA) to discover exploitable software libraries, and analyze the impact of those libraries within Salesforce. It then generates intelligence on resulting vulnerabilities created by the detected common vulnerabilities and exposures (CVEs).

Recommendations are offered on what libraries to update or patch, as well as the severity and compliance impact of the CVE on the Salesforce organization. S4’s SCA can also be integrated into CI/CD platforms to further automate workflows around development and deployment.

However, developers must remember that SCA should not be a “run once and forget about it” process. New CVEs are reported globally on a daily basis and a library that may be secure yesterday may not be secure tomorrow.  S4 regularly checks 30 different sources for new CVEs to keep its internal database up to date.

The S4 continuously monitors for potential security concerns.

The S4 platform includes runtime testing or interactive application security testing (IAST). This uses data gathered during source code analysis to create an environment to actually test the code while running to discover additional injection flaws that can often be missed by source code testing alone.

Additionally, S4 generates additional intelligence and builds proof of concept examples that illustrate actual exploits. S4 leverages IAST to automatically reduce false positives, while also providing an accurate level of risk that an exploit represents.

Most development teams leave Salesforce configuration settings to those deploying or managing the applications and the Salesforce environment.

However, that may create a situation where a tested and secure application becomes vulnerable to an attack because critical Salesforce setting was misconfigured. S4 automates the cloud configuration review process and compares established settings against a known list of Salesforce configuration problems.

Common misconfigurations include access controls, content security policy definitions, password settings, and account settings. Arguably, most assume that the default settings may prove good enough to provide cybersecurity. However, one has to consider the impact of security compliance regulations on those settings.

Also see: 5 Ways Social Media Impacts Cybersecurity

The S4 platform can illuminate how your security bugs are affecting compliance requirements on Salesforce instances.

S4 includes the capability to report how each security vulnerability finding may impact or violate a specific requirement in your chosen framework. This allows prioritization by not only technical security risk (i.e. critical, high, medium, low) but also by highlighting which framework requirements may be violated by the bug.

DigitSec S4 helps to redefine how DevSecOps can work efficiently in CI/CD pipelines by automating what were once difficult and manual tasks.

The S4 platform also reduces burdens on developers of Salesforce applications and helps to give them peace of mind that they are delivering secure applications that follow the best practices of cybersecurity. Those managing Salesforce deployments also can benefit from S4, which includes configuration validation and compliance checking.

Ultimately, DigitSec S4 may very well change how DevSecOps is conducted in DevOps environments.

Also see: Tech Predictions for 2022: Cloud, Data, Cybersecurity, AI and More 

The post How DigitSec Brings Much Needed Security to Salesforce appeared first on eWEEK.

The tech industry is currently in the process of a major adjustment period. Increasingly, companies are realizing (either willingly, or painfully via lawsuit) that they need to start designing their applications and websites accessibility-first.

When we think about accessibility, we might first think about people with visually-obvious physical disabilities. And while those people are absolutely an important part of our user base, they’re not the only ones who benefit from accessible software.

There are 5 major categories of disability: visual, hearing, motor, speech, and cognitive. Most people are likely to experience at least one of these at some point in their life, even if it’s not a permanent situation. This is one of my all-time favorite graphics, from Microsoft; it does a fantastic job of illustrating this concept:

Also see: The Urgent Need to Align Business Strategy with ESG

A lot of folks make the mistake of thinking about accessibility features as some kind of edge case, or a nice-to-have that’s not really a requirement. In reality, accessibility features will benefit all of your users. For instance, anything you build for your hard-of-hearing users will also benefit users on public transit without headphones.

Anything you develop for your visually impaired users will also benefit your users who woke up that morning with a migraine and can’t bear to look at a screen. We all need accessibility features, even if we don’t realize it.

Yet making the mental adjustment to accessibility-first design can be difficult. Much like mobile-first, working accessibility-first means shifting the way you approach building your applications at a high level.

Making the adjustments listed below will help you re-orient the way you think about building software.

Also see: How AI is Altering Software Development with AI Augmentation

Many software companies use the approach of the MVP, or Minimum Viable Product: what’s the smallest useful thing they can ship, to get a feature out into the world and start testing?

It’s a great way of chopping down big ideas into buildable chunks, helping you identify the primary values of a new feature. It naturally supports a feedback and iteration loop that’s great for design and development alike. However, when you’re defining that minimum, accessibility needs to be included.

One of the first, most common misconceptions of accessible design is that you can just loop back over a finished product and make a few tweaks to add in accessibility in retrospect. Yet that’s not the case.

Lots of companies do lip-service to the importance of accessibility in their products, perhaps even featuring it prominently as a selling-point on their website…but when it comes to allocating time in busy sprints or narrowing down that MVP, accessibility will be the first thing on the chopping block.

With accessibility-first, we reject the idea that accessibility isn’t a necessity. Accessibility isn’t something that can be added later – or worse, cut entirely if the deadline gets tight. We need to start from the mindset that if it doesn’t work accessibly, it doesn’t work.

Once you make the shift to seeing accessibility as a base requirement, the rest will naturally follow.

Also see: Digital Transformation: Definition, Types & Strategies

User testing is an area where I’ve found there are often good intentions but low follow-through. And that’s understandable – it can be difficult and time-consuming to organize, and you often need at least one person on your team who really knows what they’re doing to pull it all together.

However, getting that feedback from real users is immeasurably valuable, and always worth the time and effort. Sitting down with your users offers you a level of insight that you’ll simply never get on your own, no matter how hard you may try.

Because it can be so hard to do, though, the reality of user testing often looks a little more thrown together – think quick hallway testing with employees from other departments, or one-off interviews with long-time customers who are willing to give up an hour of their Monday afternoon.

Suffice to say, this kind of user testing rarely involves the diverse and inclusive set of users that you would really need in order to test your application thoroughly. Even if you have a wonderful user testing program, you might be accidentally creating bias in your results by only testing your work with able-bodied individuals.

This is a problem that takes a little forethought and planning to solve. It means you need to begin by establishing a standardized user testing program, if you’re one of those companies who fell into the “a little hallway testing here and there” category.

If you’re in the strong position of having already established a program for user testing, then it’s a question of widening your net when seeking out people to test with. This could mean offering an incentive of some kind (gift cards, free product trials, etc). Or it could mean connecting with a local disability support group or specialist in your area, or sharing your recruitment information with disability-focused groups online to broaden the pool of available users.

Accessibility-first reminds us that accessibility is a crucial part of our application, and if that’s not getting addressed during user testing at all…well, then you’re not really testing.

Also see: Top Digital Transformation Trends Shaping 2022

There are a few products out there that will try to convince you that you don’t actually need to learn anything, change your development processes, or your update your existing application. You just need to install their thing and it will magically make everything accessible for you (usually through a complicated series of overlays).

This is false. Accessibility can’t be retrospectively layered on top of an existing, inaccessible application; anyone who says differently is selling something.

Accessibility-first means that we don’t outsource the accessibility work in our application (either to an external team or a product), nor do we leave it all on the shoulders of one subject matter expert.

Instead, we make accessibility part of everyone’s knowledge base, so it can be baked into the product from the very beginning.

There are some legitimate accessibility consultants out there, and you might find benefit in hiring one of them – someone who can come in and actually sit down with your staff to discuss the ins and outs of your application. However, it should be noted that hiring an accessibility professional is a first step, not a one-time fix.

If you’re reliant on external expertise, you’ll find yourself in an endless loop of hiring a professional, fixing your app, and then slowly watching it become less accessible as you ship new inaccessible features…until you feel like it’s gotten bad enough for your to hire another accessibility professional to come in and fix it. This is tedious, expensive, and disruptive to your regular build cycle. And yet, it’s a pattern I’ve seen more than one company fall into.

Similarly, you don’t want the entirety of your accessibility work to be the responsibility of one designer or engineer who happens to already have the knowledge. Making one person the specialist isn’t a long-term solution – what happens when they’re out sick, or when they find a new job? Not to mention, they can’t possibly be in every meeting. And being the “bad guy” who always has to call out other teammates’ work as being inaccessible isn’t a fun job.

If your designers and engineers don’t feel confident in their ability to design and build accessible software, it’s important for management to provide them with the education, training, and resources they need to build that skillset.

This solves the problem at the root level, and empowers your current staff to train new hires as you grow the team. It also creates a culture of shared responsibility within your team, so that everyone can participate equally and from an accessibility-first perspective during discussions, planning, and feedback.

Once we acknowledge the reality that accessibility is a required part of the full functionality of the product, that truth can inform every decision we make around planning, design, development, and testing. Enable your management and teams to prioritize accessibility using an accessibility-first approach, and I have no doubt they’ll rise to the challenge.

Also see: Tech Predictions for 2022: Cloud, Data, Cybersecurity, AI and More 

About the Author: 

Kathryn Grayson Nanz, Developer Advocate, Progress

The post Rethinking Tech Design with an Accessibility-First Approach appeared first on eWEEK.

A successful customer experience (CX) strategy depends on a brand’s ability to deliver a seamless customer journey across all their touchpoints. But the average company uses a dozen different customer-interaction management systems, according to Aberdeen Strategy Research, which can lead to a disjointed experience for their customers.

So, how can brands begin to build the foundations of their customer experience strategy?

Any data-driven strategy requires three core things:

• Data organized into a usable format.
• An analysis of the data; the insights you derive from this step will lead you into your strategy and implementation plan.
• Effective execution against that strategy.

Typically, there are three team members involved in these core stages:

• An engineer who gathers all the data and normalizes it.
• A data scientist who asks the right questions of the data and analyzes it in a way that supports strategy development.
• A business analyst or strategist who uses that analysis to create use cases for implementation. 

With a customer data platform (CDP), these processes and the interactions among team members are streamlined. A CDP allows you to coalesce all your siloed data sources, such as your marketing, customer identity, and e-commerce platforms, which are currently disconnected in many enterprises.

Then, the CDP allows you to do that second step of analysis, including creation of different segmentation models and queries. Following that, the CDP allows you to create customer activation journeys and use cases more efficiently, so you can act quickly on your data insights. 

Also see: What is Data Mining? 

One of the biggest challenges to implementing a CDP is knowing where to direct its capabilities first, once the siloed data is unified. The first step should be to create and study the unified view of the customer. That customer view will be the foundation for your CX strategy.

Next, it’s a good idea to start with low-hanging fruit, maybe one KPI that you’re responsible for, such as growth, acquisition cost reduction, or conversion rate increase. The CDP can help you identify steps to take for improvement in these areas. 

A common example of how the CDP can help address problems in the customer journey is in the area of personalized display ads. Many of us have had the experience of being shown a retailer’s ad for a product we’ve already purchased – this can be frustrating and undermines the sense that the retailer knows us well. A CDP can show you why that’s happening. 

For example, a customer might add an item to their online cart, abandon the cart, and then buy the item in-store. Without unified data, the advertising platform won’t know they’ve already made the purchase at a retail location. With a CDP, you can close the gaps across the various touchpoints in the customer journey. This allows you to personalize ad content correctly while optimizing your marketing spend and improving customer satisfaction, retention, and lifetime value.

Once the easiest wins are addressed, you can move on and use CDP analytics to focus on other KPIs, such as customer churn and loyalty. You can also address operational KPIs that relate to CX, such as identifying ways to reduce the number of calls into your call center or to improve inventory efficiency.

The value of a CDP extends beyond customer experience. For example, you can use your CDP to find and close gaps in GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and other data-privacy regulations or to find ways to reduce your audit costs. What’s more, as a CDP unifies siloed data, it can also empower different teams to work more efficiently, collaborate more easily, and reduce costs. 

For example, your sales team may want to know if your ads are attracting the right customers, while your marketing team may want to target ads more effectively. Typically, these teams request the datasets they need from IT, which adds to IT costs and reduces their resources for work on technical and security issues.

With a CDP as the single source of data, teams can find the information and analytics they need without filing IT requests, so sales and marketing can get to work solving their problems, and IT can focus on its core functions. Meanwhile, your finance team can tap into the CDP to analyze the return on ad spend and find ways to optimize it. 

Also see: Top Data Visualization Tools 

Any customer data platform up for consideration should handle the three core functions of data unification, analytics, and actionable insights.

From an infrastructure perspective, look for a CDP that offers a low-code/no-code environment. A good CDP will also plug into your existing technology stack with built-in connectors. This saves time because you can start unifying your siloed data quickly. It also saves money because you’re not required to upgrade your existing technology before you can start deriving value from your CDP. 

Also, consider the CDP’s ease of use for your engineers, data analysts, and marketing strategists. Many legacy marketing platforms can be convoluted and create a frustrating or confusing user experience. Enterprises that want to get the most value from their talent as well as from their customer data will choose a CDP that delivers an intuitive user experience rather than something that requires weeks or months of training.

An intuitive CDP creates a better employee experience, reduces training and enablement costs, and drives ROI. 

As customer expectations for positive experiences continue to increase, companies can no longer compete solely on price or on the quality of their products and services. A CDP makes it possible to deliver the kinds of experiences that customers now demand. They do this by recognizing them appropriately, offering properly personalized messages and offers, and making them feel good about engaging with your brand.

Your CDP can be the source of all the data and insights needed to become a data-driven CX organization and accomplish these goals.

Also see: Top Digital Transformation Trends Shaping 2022

About the Author: 

Scott Ramsey, CX Digital Transformation Leader, Capgemini Americas

The post Guide to Customer Data Platforms: Boosting User Experience appeared first on eWEEK.