Category Archives: Enterprise IT news

Enterprise IT news

Deloitte CIO survey: Traditional CIO role doesn’t cut it in digital era

CIOs who aren’t at the forefront of their companies’ digital strategies risk becoming obsolete — and they risk taking their IT departments with them.

The message isn’t new to IT executives, who have been counseled in recent years to take a leadership role in driving digital transformation. But new data suggests CIOs are struggling to make the shift. According to a recently published global CIO survey by Deloitte Consulting, 55% of business and technology leaders polled said CIOs are focused on delivering operational efficiency, reliability and cost-savings to their companies.

Kristi Lamar, managing director and U.S. CIO program leader at Deloitte and a co-author of the report, said IT executives who are serving in a traditional CIO capacity should take the finding as a clarion call to break out of that “trusted operator” role — and soon.

“If they don’t take a lead on digital, they’re ultimately going to be stuck in a trusted operator role, and IT is going to become a back office function versus really having a technology-enabled business,” she said. “The pace of change is fast and they need to get on board now.”

Taking on digital

Manifesting legacy: Looking beyond the digital era” is the final installment of a three-part, multiyear CIO survey series on CIO legacy. The idea was to chronicle how CIOs and business leaders perceived the role and to explore how CIOs delivered value to their companies against the backdrop of digital transformation.

Kristi Lamar, managing director and U.S.CIO program leader at DeloitteKristi Lamar

In the first installment, the authors developed three CIO pattern types. They are as follows:

  • Business co-creators: CIOs drive business strategy and enable change within the company to execute on the strategy.
  • Change instigators: CIOs lead digital transformation efforts for the enterprise.
  • Trusted operators: CIOs operate in a traditional CIO role and focus on operational efficiency and resiliency, as well as cost-savings efforts.

Based on their findings, the authors decided that CIOs should expect to move between the three roles, depending on what their companies needed at a given point in time. But this year’s CIO survey of 1,437 technology and business leaders suggested that isn’t happening for the most part. “We have not seen a huge shift in the last four years of CIOs getting out of that trusted operator role,” Lamar said.

The pace of change is fast and they need to get on board now.
Kristi Lamarmanaging director, Deloitte

Indeed, 44% of the CIOs surveyed reported they don’t lead digital strategy development or lead the execution of that strategy.

The inability of CIOs to break out of the trusted operator role is a two-way street. Lamar said that companies still see CIOs as — and need CIOs to be — trusted operators. But while CIOs must continue to be responsible for ensuring a high level of operational excellence, they also need to help their companies move away from what’s quickly becoming an outdated business-led, technology-enabled mindset.

The more modern view is that every company is a technology company, which means CIOs need to delegate responsibility for trustworthy IT operations and — as the company’s top technology expert — take a lead role in driving business strategy.

“The reality is the CIO should be pushing that trusted operator role down to their deputies and below so that they can focus their time and energy on being far more strategic and be a partner with the business,” she said.

Take your seat at the table

To become a digital leader, a trusted operator needs to “take his or her seat at the table” and change the corporate perception of IT, according to Lamar. She suggested they build credibility and relationships with the executive team and position themselves as the technology evangelist for the company.

“CIOs need to be the smartest person in the room,” she said. “They need to be proactive to educate, inform and enable the business leaders in the organization to be technology savvy and tech fluent.”

Trusted operators can get started by seeing any conversation they have with business leaders about digital technology as an opportunity to begin reshaping their relationship.

If they’re asked by the executive team or the board about technology investments, trusted operators should find ways to plant seeds on the importance of using new technologies or explain ways in which technology can drive business results. This way, CIOs continue to support the business while bringing to the discussion “the art of the possible and not just being an order taker,” Lamar said.

Next, become a ‘digital vanguard’

Ultimately, CIOs want to help their organizations join what Deloitte calls the “digital vanguard,” or companies with a clear digital strategy and that view their IT function as a market leader in digital and emerging technologies.

Lamar said organizations she and her co-authors identified as “digital vanguards” — less than 10% of those surveyed — share a handful of traits. They have a visible digital strategy that cuts across the enterprise. In many cases, IT — be it a CIO or a deputy CIO — is leading the execution of the digital strategy.

CIOs who work for digital vanguard companies have found ways to shift a percentage of their IT budgets away from operational expenses to innovation. According to the survey, baseline organizations spend on average about 56% of their budgets on business operations and 18% on business innovation versus 47% and 26% respectively at digital vanguard organizations.

Digital vanguard CIOs also place an emphasis on talent by thinking about retention and how to retool employees who have valuable institutional knowledge for the company. And they seek out well-rounded hires, employees who can bring soft skills, such as emotional intelligence, to the table, Lamar said.

Talent is top of mind for most CIOs, but digital vanguards have figured out how to build environments for continuous learning and engagement to both attract and retain talent. Lamar called this one of the hardest gaps to close between organizations that are digital vanguards and those that aren’t. “The culture of these organizations tends to embrace and provide opportunities for their people to do new things, play with new tools or embrace new technologies,” she said.

Microsoft and Amazon sync AI voice assistants Alexa, Cortana

Microsoft and Amazon have launched the first phase of a long-awaited integration between Alexa and Cortana. Although currently targeted at consumers, the partnership could boost adoption eventually of AI voice assistants in the workplace.

The link between the two platforms lets users access some basic Cortana features through Alexa-enabled devices, and vice versa. The public preview works on Amazon Echo speakers, Windows 10 computers, and Harman Kardon Invoke speakers.

Both vendors appear poised to benefit from the partnership, which brings together Amazon Alexa’s large footprint in the consumer market with Microsoft Cortana’s link to office productivity tools, said Werner Goertz, analyst at Gartner.

“Alexa and Cortana can address my needs as a private individual and as a professional knowledge worker,” Goertz said. “That is a very important and winning combination.”

If Microsoft and Amazon decide to pursue a long-term partnership, the deal could pose a challenge to Google and Apple, the two other big players in the market for AI voice assistants.

But Microsoft and Amazon will likely approach the relationship cautiously given that they compete against each other on many fronts, said Jon Arnold, principal analyst of Toronto-based research and analysis firm J Arnold & Associates.

“They will know in time if it’s a good idea or not,” Arnold said. “And if they get the synergies, then they will do more of it. And if not, then they will put the walls back up.”

One possible stumbling block is Alexa for Business, which is excluded from the integration with Cortana launched this week. Released by Amazon in late 2017, the platform connects Echo speakers to enterprise messaging and meetings software.

The absence of a link between Cortana and Alexa for Business — at least for now — suggests their creators are targeting the partnership primarily at consumers, said Juan Gonzalez, analyst at Frost & Sullivan.

“While it may seem that both companies can gain and benefit from this agreement, it’s still not clear who will grab the lion’s share of it,” Gonzalez said. “Will this initiative be the beginning of a long-standing partnership where both companies can combine forces against Apple and Google? Only time will tell.”

Cortana-Alexa integration starts off small  

For now, users need to command their smart devices to open the alternative AI voice assistant software: “Hey Cortana, open Alexa,” or “Alexa, open Cortana.” The two vendors said they were planning for a more seamless link between the two platforms in the future.

Until then, office workers could use an Echo speaker to have Cortana check their morning emails and meetings. At work, they could access Alexa through a Windows 10 work computer to monitor package shipments or control smart home devices.

But many advanced functions, such as music streaming, are not yet available across platforms, as Microsoft and Amazon seek customer feedback during the public trial. The two tech giants first announced plans to sync their AI voice assistants in August 2017, initially promising a paring by the end of last year.

“It’s still very clunky. … In the end game, that should look a little bit different,” Goertz said. “There should be some intelligent mechanism that determines which of the two personal assistants would be the ideal one in any given circumstance to respond to the user’s command.”

Mavenlink M-Bridge tether professional services automation silos

Embedded API integration is a significant trend across the software management universe that’s used by marquee-brand independent software vendors, like Salesforce and Red Hat, to break through data access and delivery barriers. Now, API integration has arrived in professional services automation platforms.

Designed for service organizations, such as law firms and nonprofits, professional services automation (PSA) software provides resource management, project management and project billing capabilities for enterprise applications. Organizations typically implement PSA platforms in silos and invest in integration PaaS (iPaaS) or integration middleware to connect with enterprise applications via prebuilt integration APIs.

Mavenlink, a cloud PSA platform provider in Irvine, Calif., hopes to bridge this connectivity gap with M-Bridge, an OpenAPI integration platform to help businesses standardize the data flow between operational platforms. Partner or customer integrations built into Mavenlink using M-Bridge are approved and added to other packaged integrations for other customers to use.

Systems of record, such as sales and financial systems, are typical uses for M-Bridge prebuilt integrations. Examples include integration with an accounting system to help manage and monitor expenses, project billings and a project burn rate; or link with a customer relationship management system to provide alerts about critical needs, such as new staffing requirements for delivering a project.

Streamlining application integration should help companies include more integrations in the initial phase of the implementation.
John Ragsdalevice president of service technology research, TSIA

Most PSA vendors publish integration APIs and packaged integrations to enterprise applications, such as Salesforce and Microsoft Dynamics. M-Bridge fills PSA users’ need for standardized API-based integration, which can allow reuse of integration models from one project to another, said John Ragsdale, vice president of service technology research for TSIA, an IT research firm in San Diego.

Connecting API integration to software management tools hits business users’ sweet spot for functionality and pricing, which sits between a simple set of published integration APIs on the low end and enterprise-level iPaaS and integration middleware on the other. PSA is the latest sector of software management tools enhanced with enterprise-level API integration. Earlier this year, Salesforce added standardized API integration capabilities to its software line with its MuleSoft acquisition, and Red Hat fused integration capabilities into its 3Scale API management product.

M-Bridge is the first domain-specific integration platform in the PSA market, Ragsdale said. Other PSA vendors include FinancialForce, Kimble, Upland, Workday and others.

API integration increased reusability, speed

Ragsdale said he frequently hears PSA software adopters complain about unmet ROI expectations, the causes of which are blamed on siloed data, too many applications and lack of adoption by employees averse to navigate them.

“Streamlining application integration should help companies include more integrations in the initial phase of the implementation, boosting time to value for the project, as well as employee adoption,” he said.

M-Bridge’s prebuilt integrations will help reduce the time to link the Mavenlink platform with other software platforms, said Kim Bernall, product manager at Talisys, a financial sector independent software vendor in Golden, Colo., which uses Mavenlink for resource management during project delivery lifecycles. Each Talisys development project involves the same repetitive tasks; Mavenlink PSA already allows the company to standardize process across projects and monitor and track project activities.

“M-Bridge is going to help us organize the API calls that we’re using now in a more integrated fashion,” Bernall said. Talisys started using OpenAPI over a year ago and with Mavenlink’s support created documentation for use cases. “I am so much more self-sufficient in looking at the documentation and creating calls on my own,” she said.

Intel disclosed Spectre-like L1TF vulnerabilities

A new set of Spectre-like flaws that can, theoretically, be exploited to steal sensitive information was discovered in Intel products.

Two separate teams of researchers discovered the new vulnerabilities within a few weeks of each other in January and reported it to Intel. Intel was then able to identify two closely related variants and disclosed them publically this week, calling them L1 Terminal Fault (L1TF) vulnerabilities.

The three varieties of the L1TF vulnerabilities include CVE-2018-3615, which affects Intel’s Software Guard Extensions (SGX); CVE-2018-3620, which affects operating systems and System Management Mode memory; and CVE-2018-3646, which affects hypervisors and virtual machines.

The flaw affecting Intel SGX — the Foreshadow vulnerability — has caused more of an uproar than the others. Since the discovery of the Meltdown and Spectre vulnerabilities in January, Intel SGX had mostly remained untouched. While Meltdown and Spectre targeted program instructions, Foreshadow targets program data.

As a speculative execution side-channel vulnerability, Foreshadow can enable an attacker to “steal sensitive information stored inside personal computers and third-party clouds,” according to the researchers who discovered the flaws.

In a blog post about the L1TF vulnerabilities, Google explained that in order to exploit Foreshadow, an attacker would need “control of hardware resources that are accessible only with operating system level control of the underlying physical or virtual processors.” The vendor noted that unpatched operating systems could also allow for exploitation.

“Defending against this method of attack is particularly challenging for virtualized environments, as a virtual machine exposes the state necessary to construct an attack,” Google explained. “Specifically, an attacker could intentionally configure their own page tables to direct these faults and probe the cache of the core on which they are currently executing.”

Foreshadow vulnerabilityForeshadow vulnerability

Intel has already released mitigations for the L1TF vulnerabilities and said the new patches work best in conjunction with the microcode updates the company released earlier this year in response to the Meltdown and Spectre vulnerabilities.

“When coupled with corresponding updates to operating system and hypervisor software released starting today by our industry partners and the open source community, these updates help ensure that consumers, IT professionals and cloud service providers have access to the protections they need,” Intel’s executive vice president and general manager of product assurance and security, Leslie Culbertson, said. “Once systems are updated, we expect the risk to consumer and enterprise users running non-virtualized operating systems will be low.”

In other news:

  • President Donald Trump has reversed an Obama-era memorandum on how and when the U.S. government can use cyberattacks against adversaries, according to The Wall Street Journal. Trump signed an order to undo Presidential Policy Directive 20, which outlined a complex interagency process that had to be followed before the government could target a cyberattack at foreign adversaries. Presidential Policy Directive 20 was signed by then-President Barack Obama in 2012. Trump has yet to issue a replacement for the memorandum, though The Wall Street Journal reported “a number of current U.S. officials confirmed the directive had been replaced, but declined to comment further,” because it’s classified.
  • August’s Patch Tuesday brought five Flash patches from Adobe and 17 updates to fix at least 60 vulnerabilities — including two actively exploited zero-day vulnerabilities — from Microsoft. The first zero-day flaw Microsoft patched was a critical vulnerability in Internet Explorer that would target users with malware. The other zero-day was a vulnerability in the Windows 10 shell that would enable an attacker to run code remotely. Microsoft also patched the Foreshadow vulnerability. Another 23 patches were for critical flaws in Internet Explorer, Edge and Chakra Scripting. Adobe patched Flash vulnerabilities with a new version of it for macOS, Chrome and Linux.
  • The NIST Small Business Cybersecurity Act — formerly called the MAIN STREET Cybersecurity Act — became a law this week. The law requires the National Institute of Standards and Technology to provide informational resources to small businesses to help them with cybersecurity. The law is the result of a bipartisan effort from U.S. Sens. Brian Schatz (D-Hawaii) and James Risch (R-Idaho), and co-sponsored by Sens. John Thune (R-S.D.), Maria Cantwell (D-Wash.), Bill Nelson (D-Fla.), Cory Gardner (R-Colo.), Catherine Cortez Masto (D-Nev.), Maggie Hassan (D-N.H.), Claire McCaskill (D-Mo.), and Kirsten Gillibrand (D-N.Y.). The resources NIST provides to small businesses must be applicable to a wide variety of small businesses, vary based on the size of the company and the sensitivity of the data it deals with, include basic ways to promote a cybersecurity-aware environment, include case studies, are technology- and vendor-neutral and be based on international standards as much as possible.

ICS security fails the Black Hat test

The news at Black Hat 2018 wasn’t great when it came to industrial control systems. But while numerous sessions added up to sweeping condemnation of ICS security, there was at least the occasional saving grace that some vendors will correct some problems — at least some of the time. Still, the apparent lack of a security-conscious culture within these organizations means they’ll only fix the minimum, leaving similar products with the same underlying hardware, firmware and fatal bugs untouched and unsecured.

Speaking in a session, called “Breaking the IIoT: Hacking Industrial Control Gateways,” Thomas Roth, security researcher and founder of Leveldown Security, an embedded and ICS security consulting and research company based in Esslingen, Germany, walked through the security faults of a series of five gateway devices he’d found at prices he could afford on eBay. He wanted to look at commonly deployed, relatively current devices — things you find in the real world.

“If you go out on the network and start scanning, you’ll find thousands of these devices. In fact, you’ll find entire network ranges that are used almost exclusively for these devices,” he said.

“Often, they use static IP addresses with no VPN protection.” One device he looked at had a proprietary protocol for its wireless communications. But if you could break it — and he did — you had access to every one of those devices in the field, because the network addressing architecture was flat and unsegmented.

The first device he looked at was typical of his various experiments, tackling a Moxa W2150A which connects ICS devices to wireless networks via an Ethernet port on the device side and a wireless interface on the other side. In between the two interfaces is an easily opened case that reveals a circuit board with pads for connecting to a debugging port. Roth discovered, in a common theme across many of the devices discussed at the conference, the port was a serial terminal connection that booted directly to a root shell in Linux.

“This is a design decision, not a bug,” Roth said. But he noted that if you have the device and you can access a root shell, then as you are writing exploits, you can debug them directly on the device, “which is a pretty nice situation to be in.”

Roth noted the firmware for the device was available on the internet from the Moxa website, but it was encrypted. At first, this seemed like a dead end. But in looking at earlier firmware versions, he noticed one of the upgrades included adding the feature of encrypting the firmware.

This led him to an unencrypted update version, which included a package called “upgrade_firmware.” This, in turn, led to a function called “firmware_decrypt” — a function name that gave the audience a chuckle — which gave him plaintext access to the current version of the software. The decryption key was, needless to say, included in the upgrade code.

Roth raised an issue that hasn’t been much discussed in ICS security: supply chain security issues caused by the wide prevalence of openly accessible terminal access ports on devices. You can change the firmware, he said, write the changed version back to the device, return it to your distributor without mentioning the change, “and they will happily resell it to someone else.” In fact, he knows this because he conducted an experiment and was sold a device with firmware he had previously rewritten.

Roth discussed four more devices in some detail, with two of them still in the process of disclosure, “and there are a lot of fun issues.”

Beyond Roth’s pathway strewn with pwned gateways, there were other such sessions, including ones that found significant vulnerabilities in medical devices, cellular gateways, smart city infrastructure and satellite communications.

Jonathan Butts, CEO of security consultancy QED Secure Solutions, located in Coppell, Texas, noted in a press conference at the event that dealing with vendors around ICS security disclosure had been particularly frustrating. In the case of a pacemaker made by Medtronic, a protracted process leading to the company deciding that changes in the product weren’t necessary led Butts and co-speaker Billy Rios, founder of WhiteScope LLC, a cybersecurity company based in Half Moon Bay, Calif., to demonstrate their attack live and let the audience judge for themselves.

“To be honest,” Butts said, “after about the one-and-a-half-year mark, and you see stuff like [Medtronic’s response], you get fed up.”

ICS security: Protection? Not

While it’s theoretically possible to protect at least the devices that aren’t implanted in human bodies by placing the ICS equivalents of a firewall at strategic network junction points, a session by Airbus security evaluators Julien Lenoir and Benoit Camredon showed a widely deployed ICS firewall made by Belden could be remotely exploited.

The Tofino Xenon device is typically situated between the IP-based control network and local ICS assets that use Modbus, EtherNet/IP or OPC protocols. Interestingly, the device itself doesn’t have an IP address; it is essentially invisible to ordinary interrogation on the network.

A custom protocol allows a Windows machine running a configurator to discover and then send configuration data to a Xenon device. The configurator knows the addresses of protected ICS devices and knows the Xenon is somewhere between the configurator and the devices. The Xenon knows to watch for packets that carry a specific payload and recognizes them as packets from a configurator.

The two researchers were able to reverse-engineer the protocol enough to understand the arrangement that was used for encryption keys. The configurator discovers devices using a common key and then generates two additional keys that are unique to the particular pairing of that configurator and that specific firewall. All of these keys could be extracted from the discovery session, and then the keys unique to the device were used to establish a connection with the device.

“We were able to get a root shell,” Lenoir told the audience, heralding the familiar theme that almost all ICS devices are actually outdated Linux kernels. “Once everything was running as root, now the appliance was no longer a black box, but was instead a Linux kernel.”

From here, they settled on an attack model that used the devices’ ability to be updated from files on a USB stick. Camredon explained the updates comprised two files, both encrypted. “One is an update script, and one is a data file that is an image, including an image of the kernel.”

It turned out that all configurators and all Tofino Xenon devices used the same key for decrypting the update files. Because they had access to root on the Xenon, they were able to extract this key, at which point they further discovered there were no checks in the update script to ensure the data file hadn’t been tampered with since it was created.

Thus, a breached Xenon could be modified in whatever way the attackers wanted, an image of that system made, and the image could be encrypted and included in an update package without the separate installation script detecting the change.

The Xenon has been updated to correct these problems since the researchers disclosed their findings. So, in theory, the firewall is back in business. One problem Roth noted, though, is these systems often come in dozens of variants, with different names and model numbers.

“If you report a bug to some of these vendors,” Roth said, “the vulnerability gets fixed, but then there are 10 different devices which run the same firmware, and they are left completely unpatched.”

Roth suggested this was a clear indication of the lack of security culture at many ICS vendors.

“It’s like exploiting in the ’90s,” he concluded. “We have no integrity protections on any of these devices.”

At another moment, he made a sweeping generalization: “Everything runs as root; everything runs on outdated Linux kernels; everything runs on outdated web servers. If any of these components fails, you have root permission.”

Lucidworks Fusion platform to scale via channel partnerships

Lucidworks, a vendor of search and discovery applications, has revealed a channel program designed to make partners central to its business growth.

The program, launched this week, offers channel staples such as deal registration, a partner portal, and training and certification. The program also features engagement models to support various channel partner types, including technology vendors, systems integrators, value-added resellers, managed services providers (MSPs) and SaaS providers, Lucidworks said.

“The design philosophy around this was to formalize the way that partners engage with us,” said Simon Taylor, vice president of worldwide channels and alliances at Lucidworks, based in San Francisco. The vendor, which developed the Lucidworks Fusion platform, currently has about 60 to 80 core partners, he noted.

The company launched the program on the heels of a $50 million funding round and an alliance struck with storage vendor Commvault in June. Looking to expand, Lucidworks identified the channel as the means for transforming “our scale and growth as a company,” Taylor said.

“What we decided to do … is to really change the way the organization operates and make it as much as possible 100% channel-centric,” he added.

The tracks for different channel partner types within the Lucidworks program are intended to develop the vendor’s relationships “so that we could focus on partners that were meaningful to our business,” he said.

What we decided to do … is to really change the way the organization operates and make it as much as possible 100% channel-centric.
Simon Taylorvice president of worldwide channels and alliances, Lucidworks

The reseller program is structured with three partner tiers — Authorized, Gold and Platinum — with incremental requirements and benefits. Benefits include market development funds, qualified sales leads and technical assistance.

Other partner tracks within the program include the following:

  • an OEM and SaaS partner program, providing tools for embedding Lucidworks Fusion technology into solutions or using the Fusion software development kit and App Studio platforms to build apps and connectors.
  • a Certified Partner Consultant program for partners qualified to design and deploy offerings using the Lucidworks Fusion platform and applications, according to the vendor.

Taylor noted the company has invested significantly — and will continue to invest — in hiring channel management staff.

“It is a core part of our overall business plan: to embrace partners and grow this way,” he said.

Informatica ramps up partner training

Informatica, an enterprise cloud data management vendor, plans to train thousands of partner employees over the next year, as it seeks digital transformation resources.

Richard Ganley, senior vice president of digital transformation solutions and global partners at Informatica, based in Redwood City, Calif., said the company aims to cultivate partners that can help its customers navigate digital transformation projects.

“As good as we think our technology is … we really need partners to help us,” he added, noting the complexity of transformative IT initiatives.

Informatica’s training push includes a series of Elevate enablement events, which will conclude next week in Denver. The Denver event, scheduled for Aug. 20 to 23, follows training events held earlier this year in Copenhagen, Denmark, and Bangkok. The events include presales, sales and implementation tracks.

Over the course of the three events, Informatica will have trained some 750 people, Ganley estimated.

In another training effort, Informatica plans to send a training team to visit the campuses of eight of the largest systems integrators in India. Ganley said the company aims to train several thousand people over the course of the next year. Not all of the integrator personnel will be trained to the deepest level, but some will, he added.

Informatica’s goal is to provide a “much bigger pool of trained resources in the market,” he said.

“We are trying to train our partners on our technology on an industrial scale,” Ganley said.

Accenture focuses on digital twin tech

Accenture’s Industry X.0 practice, which focuses on the smart connected products market, is concentrating on digital twin technology.

Craig McNeil, managing director at Accenture and North American lead for Industry X.0, said digital twin is “one of the bigger areas of focus in our current fiscal year and definitely will be in the next fiscal year.” Accenture’s fiscal year begins Sept. 1.

A digital twin is a virtual representation of a product that can be used in design and simulation.

In other news, Accenture has entered an alliance with Malong Technologies, an AI startup based in Shenzhen, China. Accenture also made a minority investment in the company. Malong and Accenture’s Applied Intelligence practice will provide “computer vision and product recognition capabilities” to customers.

Other news

  • Cloudreach, a cloud services provider based in London, has inked a letter of intent to purchase Relus Cloud, an Amazon Web Services partner in Peachtree Corners, Ga. Relus Cloud, founded in 2013, is a Premier Consulting Partner in the AWS Partner Network, focusing on the North American market.
  • Qualys, a cloud-based security and compliance vendor, revealed it will release a version of its cloud platform for consultants, consulting firms and MSPs. Qualys Consulting Edition provides vulnerability assessments capabilities, as well as features such as customizable reporting and trending reports and dashboards, Qualys said. The vendor said Qualys Consulting Edition will be available by the end of this month.
  • Beachhead Solutions reported 72% year-over-year revenue growth for the first half of 2018 on the strength of managed service provider partnerships. The company said about 250 MSPs now work with the company, which provides cloud-managed PC and mobile device encryption, security and data access control offerings.
  • OPAQ, a network security cloud vendor, is teaming with Palo Alto Networks’ MSSP Partner Program in an alliance that lets MSPs and managed security services providers deliver Palo Alto’s security-as-a-service offering to midsize companies.
  • Cask LLC has joined Unified Compliance’s partner network as a value-added reseller.
  • ERGOS, an MSP based in Houston, has tapped Liongard’s Roar platform, which automates system discovery and documentation.

Market Share is a news roundup published every Friday.

Tech giants support FHIR standard. Will that make a difference?

During a White House meeting about the new Blue Button 2.0 API for Medicare, six major technology players signed a joint statement pledging to work toward healthcare interoperability with a particular focus on the cloud and artificial intelligence.

The companies — Amazon, Microsoft, Google, IBM, Oracle and Salesforce — promised to support the goal of  “frictionless” interoperability using established industry standards, including the HL7 FHIR standard API. They offered a vision of a robust ongoing dialogue that would include every healthcare entity from payers to patients and application developers, according to a statement released by the Information Technology Industry Council.

Pushing the FHIR standard forward

The statement comes at a time when patient demand for easy access to healthcare data has never been greater. Large hospitals have responded with nascent efforts to improve data exchange based on the FHIR standard API, but there is widespread acknowledgement that healthcare lags far behind other industries when it comes to tech innovation and particularly interoperability. The idea of what could effectively be a consortium of mainstream technology companies working on this tricky problem and promoting the FHIR standard was received warmly by some this week and with a healthy dose of skepticism by others.

The fact that the statement called out cloud usage specifically, is telling, because, for reasons ranging from security to cost, a significant portion of healthcare organizations continue to avoid the cloud. A 2017 report from KLAS Research found 31% of hospitals either won’t expand their cloud efforts or won’t move to the cloud. “The cloud really is a double-edged sword,” said Kathy Downing, vice president of information governance,  informatics, standards, privacy and security at the American Health Information Management Association (AHIMA), in an interview. While the cloud might offer a more secure environment than some smaller health organizations could achieve, Downing isn’t convinced the cloud itself is pivotal to interoperability. “I don’t know that the cloud really has a dog in this interoperability hunt,” she said. “You want to think through the safeguards and do all the assessments. That’s more important than whether you’re using a server or the cloud.”

I’m not sure how any of these entities will solve the issue of semantic interoperability.
John Moorefounder and managing partner of Chilmark Research

It’s a positive sign for the healthcare industry that it’s attracted the attention of these major players, said Coray Tate, vice president of clinical research at KLAS, in an email. But the market has to be there for this to work. “We’re at the base of the mountain and early steps are the easiest,” he said. “It remains to be seen if the market will provide a business case that will sustain the long climb.”

And the business case may not be there because this group of tech companies isn’t in most hospitals in any significant way today, said John Moore, founder and managing partner of Chilmark Research, in an email. “As big and influential as these companies are their collective presence in healthcare is quite disparate and at the end of the day it is what a clinician is using in their workflow that matters,” he explained. “These companies are simply not there. I’m not sure how any of these entities will solve the issue of semantic interoperability.” To further complicate matters, most hospitals don’t want to share patient data with competitors, he said. “They have instead opted to let patients themselves take direct responsibility.”

Tech support potentially a good thing

Attention from tech giants, however, should be seen as a good thing as long as everyone is thoughtful about how to proceed, said Stan Huff, M.D., chief medical informatics officer at Intermountain Healthcare and co-chair of the Health Level 7(HL7) Clinical Information Modeling Initiative, which developed the FHIR standard API. “This is significant because it creates faith in HL7 FHIR and will encourage investment in FHIR development,” he said. “The thing I would want to encourage is that this group work with existing organizations like HL7, ONC, HSPC and CIIC to ensure they all implement the FHIR standard the same way so we get to true semantic interoperability at some point.”

The joint statement offered few details on future plans but stressed the need to get everyone involved, including the open source community. “I think we will need to wait a few weeks to hear specific projects to know what additional impact they will have,” Huff said.

Chief data officer skills tested by AI ad blitz

If they’re watching a sporting event such as the PGA Championship, the summer afternoon isn’t totally restful for chief data officers. As the players chase the golf ball around the course, the IT pros at home must keep one eye on the leaderboard and one on the advertisements, and anticipate honing their chief data officer skills.

The ad spots often tout new technology. They use quick-cut imagery of futuristic cities and data centers and feature notables ranging from rapper Common to troubadour Bob Dylan. The technology for sale could be cognitive computing, blockchain technology, IoT or other trendy tech. The result is the exec in the C-suite who has a Monday morning question to test chief data officer (CDO) skills to the max.

These days that question is often, “What’s our plan for AI?”

Because AI can encompass almost anything magical, it can be a tough question for the chief data officer (CDO) to field. A look at a reporter’s notebook from last month’s MIT Chief Data Officer and Information Quality Symposium (MIT CDOIQ) in Cambridge, Mass., may provide a clue or two.

Kaizen and AI

At an MIT CDOIQ symposium panel sponsored by data platform vendor AtScale, the topic of BI on the data lake turned to a discussion of the imp called AI. Chris Crotts, group manager for enterprise data at Toyota North America, said business users tend to bring up questions on AI — questions that can test data strategy and chief data officer skills.

“Someone will call and say, ‘I need to do AI tomorrow.’ We look into it and find that what they are doing is reporting,” he said. In these cases, he said he asks the line-of-business user to describe the actual problem they are trying to solve. His teams then show them ways of analyzing the data to find answers.

“Part of going digital is to have data competency,” Crotts said. That means users have to be prepared to successfully employ something like AI. If people aren’t ready to analyze the data, Crotts said, it is not worthwhile to spin up a host of new tools.

So, his enterprise data group endeavors to prepare users to understand “how data consumption works.”

For their part, Crotts said, users become increasingly helpful in digging in and discovering issues in the data, such as the complex data that has begun to populate Toyota’s data lakes.

He said Toyota’s lineage in continuous improvement — the company is regarded as the birthplace of Kaizen, a work culture philosophy that focuses on understanding problems firsthand — infuses his and colleagues’ approaches to realizing the kind of change that AI can bring.

Stonebraker’s take

Michael Stonebraker, professor, MITMichael Stonebraker

In a separate presentation at the MIT conference, database veteran and MIT professor Michael Stonebraker also touched on the interest AI is garnering these days.

The guiding technical founder behind such database companies as Ingres, Illustra and Vertica, Stonebraker spoke under the auspices of one of his more recent foundlings, Tamr, a maker of advanced data preparation software.

Stonebraker, like others of late, highlighted the issues influencing chief data officer skills that stand between big data and AI-style analytics. These include the difficulty involved in getting varied data ready to ply for AI insights.

Getting training data is always a problem. Deep learning needs way too much training data.
Michael Stonebrakeradjunct professor at MIT and Tamr co-founder

“The hot button now is to talk about AI, machine learning and the data scientist,” Stonebraker said. “But if you are saying data scientists are going to save your butt, you are going to have this problem: They get 10 minutes a week for doing the job they were hired for.” Preparing data for the new engines, in short, is the first step toward AI.

On deep learning for the enterprise — the hallmark of what is new in AI today — Stonebraker was not optimistic. There, a lack of data volume, rather than a surplus of data, can become a determining issue.

“Getting training data is always a problem,” he lamented. For traditional business enterprises, as opposed to web juggernauts like Google and Facebook, “deep learning needs way too much training data,” he said.

Deep learning “works fine if you are doing image data, natural language [processing] or machine translation,” Stonebraker said.

It is not an entirely bleak outlook, however. He indicated that Tamr customers are seeing success with “conventional machine learning using random forest techniques at scale.”

The AI landscape

The admonitions of Stonebraker and Crotts suggest CDOs need to know their way around enterprise data. That is true whether the technology is AI or BI.

Sure, a good understanding of one’s data is a useful club to have in the golf bag of chief data officer skills. But things do change; an organization’s data must be seen in new contexts, as technology progresses and big data, AI or whatever comes next makes inroads.

A symposium takeaway: CDOs must focus on the people side of data and analytics, and be doubly sure to understand the nature of their data and how malleable it is for newer AI techniques.

Digital marketing partnerships key to vendors’ channel strategies

For some vendors, the key to a thriving channel ecosystem means engaging and supporting a variety of partner types, including digital marketing partnerships.

Digital marketing organizations were among the earliest firms to recognize the IT budgets for marketing shifting from the purview of customers’ IT departments to marketing executives. Vendors took note of the agencies’ influence and unique reach within customer organizations. While on the surface, digital marketing agencies didn’t appear to be direct competition for traditional channel partners, some industry watchers asserted the agencies did in fact pose a potential threat. For example, agencies working on digital initiatives with a client’s marketing department could hypothetically annex the client’s infrastructure decisions, cutting channel partners out from those deals.

Vendors, however, view their digital marketing partnerships as an important subgroup of their overall partner ecosystems that, if anything, is complementary to a traditional channel base.

Progress cites potential partner synergies

Progress Software, an application development and deployment software vendor, said it sees an opportunity for digital marketing agencies to partner up with traditional channel firms.

Progress began to pursue digital marketing partnerships following its acquisition of app development vendor Telerik in 2014, said Matthew Gharegozlou, vice president of sales at Progress. The Telerik buyout brought with it Sitefinity, a content management system, as well as digital marketing agencies that had been working with the product.

Matthew Gharegozlou, vice president of sales, Progress SoftwareMatthew Gharegozlou

“The acquisition of Telerik and Sitefinity gave us the ability to go after these relationships,” Gharegozlou said.

He noted that about 65% of Progress’ content management business is now derived from channel partners. About 80% of those partners are digital marketing agencies.

Progress’ traditional partners typically share a few traits: They work in the app development space, deal with customers’ IT departments and lack skill sets related to digital experience and digital marketing. “So far, we haven’t had any conflict” between traditional and agency partners, he said, because “the bulk of the experience needed on the digital side, our traditional partners don’t have it.”

Traditional Progress partners also usually have expertise in vertical industries, he said, adding that most are based in markets such as financial services, government, healthcare and education. “Our traditional partners are extremely knowledgeable” and have strong relationships in their vertical spaces, he said.

Because of traditional partners’ strengths, Gharegozlou said Progress looks to pair them up with digital marketing agencies for certain leads. Combining the expertise in back-end work and vertical markets with agencies’ expertise in web development and related technologies can produce compelling offerings. 

But while optimistic about these synergies, he recognized that a “full-service” digital marketing agency, which can do both the front-end and back-end work for a customer, diminishes the value that traditional partners may offer. In this sense, full-service agencies may be preferable to customers “because they can do the entire project,” he said.

Salesforce supports acquisition trend

For Salesforce, digital marketing partnerships play a critical role in advancing its marketing platform.

Stephane Viallet, vice president of global alliances, agencies, at SalesforceStephane Viallet

Salesforce has signed numerous digital marketing agencies over the last six years, spurred by several acquisitions to build out its business-to-commercial and marketing portfolio, said Stephane Viallet, vice president of global alliances, agencies, at Salesforce. Salesforce’s acquisitions have included digital marketing software company ExactTarget in 2013, as well as e-commerce provider Demandware and data management platform Krux in 2016. Viallet also cited Salesforce’s alliance with Google as a driver behind the company’s growing digital marketing agency partnerships.

“Partners, including digital marketing agencies, are the lifeblood of Salesforce, extending our platform in new and exciting ways and fueling our growth,” Viallet said in an email. He said Salesforce and its partners are pursuing opportunities created by “our ability to merge media, adtech and martech to execute on a whole new way for brands to connect with customers.”

Digital marketing organizations use Salesforce’s products such as Salesforce Commerce Cloud, Marketing Cloud and Service Cloud to offer “transformative digital experience that enable clients to meet consumer expectations,” he noted.

I think often agencies can help us get into areas of the business or with clients that we may not thoroughly be in today.
Adrianna Bustamantedirector of digital sales and alliances, Rackspace

In addition to having digital marketing and advertising skills, Viallet said Salesforce seeks partners that understand “the importance of merging data, technology and creativity” to deliver customer experience strategies.

Viallet also pointed to a trend among digital marketing organizations acquiring Salesforce practices, such as Publicis.Sapient’s 2016 buyout of Vertiba, a Gold-level Salesforce Consulting partner.

Other notable acquisitions have included the following:

  • Wunderman bought a majority stake in Salesforce consultancy Pierry Inc. in September 2017.
  • Dentsu Aegis purchased Swiss digital marketing company Blue-Infinity in January 2017.
  • MRM//McCann acquired e-commerce service provider Optaros in December 2014.

“Digital marketing agencies haven’t just built Salesforce practices around the globe organically — they’ve been acquiring them as well,” he said. “Salesforce supports these collaborations as we work to provide our partners with an edge that enables them to exceed customers’ expectations.”

Rackspace: Little overlap between the channels

Managed cloud provider Rackspace, meanwhile, looks at digital marketing partnerships differently: Traditional channel firms and digital marketing agencies can do business with the same customers without necessarily encroaching on each other’s turf.

Rackspace’s alliances with digital marketing agencies stem from its digital services practice. Launched in 2014, Rackspace Digital provides application and infrastructure hosting for web content management systems, e-commerce products, and mobile and critical application services. Adrianna Bustamante, Rackspace’s director of digital sales and alliances, noted that the company has formally developed strategic digital marketing partnerships since about 2010.

Adrianna Bustamante, director of digital sales and alliances, RackspaceAdrianna Bustamante

“I think often agencies can help us get into areas of the business or with clients that we may not thoroughly be in today,” Bustamante said.That’s partly because digital marketing organizations tend to target a customer’s marketing department — versus the IT department.

“Nowadays … your traditional agencies have to be more digitally focused. … But still their main focus is very much around the consulting, the service and the creative — potentially integration and development,” Bustamante said.

She noted that the line between digital marketing organizations and systems integrators are blurring. Digital marketing organizations now look a lot more like systems integrators, while systems integrators “look a lot more like agencies,” she said.

Rackspace works with its agency partners in reseller and referral models. The company offers enablement resources for creating “sticky engagements for their customers and successful projects,” she said, while Rackspace focuses on the back end to ensure their projects meet scale, security and compliance requirements.

“We are heavily focused on trying to … accelerate now in certain verticals and certain segments, now in midmarket and enterprise. We can form a strong partnership when the agency realizes and understands that we are that trusted partner for them,” she said.

Rackspace generally doesn’t see any tension between its traditional and digital marketing partnerships, according to Bustamante.

“There might be several partners that we might have within … a certain customer that we are working with, but they might be working on five different projects, 20 different workloads, across three different business units,” she said.

Cisco revenues up, customers warming to new products

Cisco has reported a 6% revenue increase in the quarter ended July 28, as the strong economy contributed to a boost in product sales and customer adoption of new software-driven technology.

Cisco reported on Wednesday its “highest quarterly revenue” of $12.8 billion and predicted a 5% to 7% increase in Cisco revenues year over year in the current quarter, which sent its stock up more than 6% in after-hours trading.

Cisco predicted adjusted net income for the quarter ending in October would range from 70 to 72 cents a share, beating analysts’ projection of 69 cents. Earnings of 70 cents per share for the July quarter beat analysts’ expectations by a penny a share.

The company reported “solid demand” for its products as it continued its transformation into a provider of network software and services from a company dependent on selling high-priced switching and routing hardware. Application sales rose 10% and recurring revenue, a reflection of sales in software subscriptions and services, accounted for 32% of total revenue, up a point from the same period last year.

During a conference call with analysts, Cisco CEO Chuck Robbins attributed the company’s strong quarter to a combination of customers buying more during a strong economy and execution by the Cisco’s sales and product development teams.

“I’m pragmatic to know it’s a combination of both,” Robbins said. “Clearly, the economy has been pretty consistent, and the markets have been positive, so that has certainly helped.”

Cisco revenues show new product sales

Nevertheless, Robbins was pleased with customer reaction to Cisco’s new products, notably the Catalyst 9000 campus switch and the Viptela software-defined WAN, which Cisco acquired last year for $610 million.

Clearly, the economy has been pretty consistent, and the markets have been positive, so that has certainly helped.
Chuck RobbinsCEO, Cisco

Introduced in June 2017, the Catalyst 9000 is the first switch Cisco has sold that requires the customer to buy a subscription to the software running on the hardware.

“I’m very pleased with how the adoption has been from our customers,” Robbins said. As of the end of the July quarter, Cisco had sold the Catalyst 9000 to more than 9,650 organizations.

“You’ll see us over the next coming quarters when we bring new products to market — particularly in the enterprise networking space, but across the portfolio — we will apply that same [software subscription] strategy,” Robbins said.

Viptela is vital in maintaining Cisco’s leading position as a campus networking supplier. The SD-WAN product routes traffic via software to and from campus networks and remote offices. Cisco has integrated the subscription-based Viptela with its Integrated Services Router (ISR) and plans to combine the software with other hardware.

“We’ve begun to see customers actually move forward with deployments,” Robbins said. “It’s early, but we like where we are, and we like what we see.”

Cisco revenues helped by service providers

Cisco also managed to increase sales by 6% to services providers, a customer segment that was down 4% in the previous quarter. Robbins attributed the growth to increased spending by some large customers rather than to purchases of new technology, such as products related to 5G, the next generation of wireless technology.

Robbins said carriers started discussing the infrastructure needs for 5G “in earnest” at Mobile World Congress in Barcelona in February. Nevertheless, he did not expect 5G-related sales to begin for at least a year, picking up in 2020.