Gartner Catalyst Conference 2014. Trip Report. Overview



Similar documents
Architecting the Digital Business: How to Use and Secure Cloud, Mobile and Data

Architecting the Digital Business: How to Use and Secure Cloud, Mobile and Data

Gartner IT Financial, Procurement & Asset Management Summit Trip Report. Overview

Accelerate Your Enterprise Private Cloud Initiative

While you are waiting for our webinar to begin, you might be interested in the downloads on the Attachment tab:

Exploit New Architectures: Create Your Digital Future

The Virtualization Practice

I D C T E C H N O L O G Y S P O T L I G H T

The Cloud Management Scenario

Build & Manage Clouds with Red Hat Cloud Infrastructure Products. TONI WILLBERG Solution Architect Red Hat toni@redhat.com

Rethinking IT and IT Security Strategies in an Era of Advanced Attacks, Cloud and Consumerization

Cloud Computing: Current Market Trends and Future Opportunities

Big Data Integration: A Buyer's Guide

Intel IT Cloud Extending OpenStack* IaaS with Cloud Foundry* PaaS

THE #1 MANAGED CLOUD COMPANY RACKSPACE WITH EMC STORAGE

NOT ALL END USER EXPERIENCE MONITORING SOLUTIONS ARE CREATED EQUAL COMPARING ATERNITY WORKFORCE APM TO FOUR OTHER MONITORING APPROACHES

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Software Defined Hybrid IT. Execute your 2020 plan

Cloud, where are we? Mark Potts, HP Fellow, CTO Cloud November 2014

Federal CIO: Cloud Selection Toolkit. Georgetown University: Chris Radich Dana Christiansen Doyle Zhang India Donald

TRANSFORMING I.T. WITH AN OPEN HYBRID CLOUD

The Role of the Operating System in Cloud Environments

O p t i m i z i n g t h e N e t w o r k t o M e e t T o m o r r o w ' s I C T D e m a n d s

Solution brief. HP CloudSystem. An integrated and open platform to build and manage cloud services

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

EMPOWERING THE DYNAMIC WORKPLACE

Cloud Courses Description

HP Helion, Cloud and the customer reality in the UK

Security of Cloud Computing for the Power Grid

A new era of PaaS. ericsson White paper Uen February 2015

IBM Software Cloud service delivery and management

The Need for Service Catalog Design in Cloud Services Development

Digital Business Requires Application Performance Management

Strategies for assessing cloud security

Architecting the Cloud

Gartner Business Intelligence & Analytics Summit Trip Report. Overview. The Future of Your Business: Transparent, Decisive, Personalized

Virtualization and IaaS management

Safeguarding the cloud with IBM Dynamic Cloud Security

Planning the Migration of Enterprise Applications to the Cloud

THE OPEN CLOUD COMPANY RACKSPACE WITH EMC STORAGE

Five Cloud Strategy Must -Dos for the CIO

Secure Bridge to the Cloud

Understanding Virtualization and Cloud in the Enterprise

HP Converged Cloud Cloud Platform Overview. Shane Pearson Vice President, Portfolio & Product Management

CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service

1 Introduction. 2 What is Cloud Computing?

Enabling Digitization with Next Generation Cloud

VMware Hybrid Cloud. Accelerate Your Time to Value

Convergence of Age, Talent & Technology for Employers' Future Planning

Statement of Direction

Virtual Desktop Infrastructure Optimization with SysTrack Monitoring Tools and Login VSI Testing Tools

Agile, Secure, Reliable: World-Class Customer Service in the Cloud

10 Practical Tips for Cloud Optimization

Data Center Network Evolution: Increase the Value of IT in Your Organization

RightScale mycloud with Eucalyptus

TRANSITIONING TO BIG DATA:

Mitel Professional Services Catalog for Contact Center JULY 2015 SWEDEN, DENMARK, FINLAND AND BALTICS RELEASE 1.0

Adding value as a Cloud Broker. Nick Hyner Director Cloud Services EMEA Twitter Dell.com/Cloud

More Data in Less Time

The Cloud App Visibility Blindspot

Intel IT s Cloud Journey. Speaker: [speaker name], Intel IT

CLOUD COMPUTING FOR THE ENTERPRISE AND GLOBAL COMPANIES Steve Midgley Head of AWS EMEA

Mobile Cloud Computing T Open Source IaaS

Building an AWS-Compatible Hybrid Cloud with OpenStack

Journey to the Cloud and Application Release Automation Shane Pearson VP, Portfolio & Product Management

The Future of Data Management

The Benefits of an Integrated Approach to Security in the Cloud

What You Need to Know About Cloud Backup: Your Guide to Cost, Security, and Flexibility

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled

CTERA Cloud Storage Platform Architecture

EMA Radar for Private Cloud Platforms: Q1 2013

WHITE PAPER OCTOBER Unified Monitoring. A Business Perspective

BACKUP IS DEAD: Introducing the Data Protection Lifecycle, a new paradigm for data protection and recovery WHITE PAPER

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

SESSION 703 Wednesday, November 4, 9:00am - 10:00am Track: Advancing ITSM

Business Continuity in an Outsourced Environment: Enabling business outcomes and expanding sourcing options

ECM: Key Market Trends and the Impact of Business Intelligence

Ensuring High Service Levels for Public Cloud Deployments Keys to Effective Service Management

What Is Cisco Mobile Workspace Solution?

Don't outsource IT! Bring your own Cloud with SDN

GETTING THE MOST FROM THE CLOUD. A White Paper presented by

Cloud computing insights from 110 implementation projects

THOUGHT LEADERSHIP. Journey to Cloud 9. Navigating a path to secure cloud computing. Alastair Broom Solutions Director, Integralis

The Cloud-Enabled Enterprise Developing a Blueprint and Addressing Key Challenges

Networks that know data center virtualization

Transcription:

Gartner Catalyst Conference 2014 Architecting the Digital Business How to Use and Secure Cloud, Mobile and Data Trip Report The Gartner Catalyst Conference was held on 17 18 June 2014 at the Lancaster London hotel, London, UK. This report summarizes and provides highlights from the event. Overview For its first full-fledged edition in Europe, the Gartner Catalyst Conference didn t disappoint, with over 200 attendees from all over Europe gathering for 2 days of intense learning with 16 Gartner analysts and guests speakers from Volvo, BBVA, ICA and NS Dutch Railways. As the theme announced it was all about architecting and securing mobile, cloud, and data for the teams of architecture, infrastructure, security or applications professionals represented at the event. Presentations and roundtables were packed, and so was the schedule of private meetings with the Gartner analysts. The European audience was able to experience brand new Gartner for Technical Professionals, helping them understand, and flesh out an action plan, for the digital transformation under way. Save the date The Gartner Catalyst Conference 2015 will take place on 16 17 September in London, UK. We hope to see you there! The future is present here, in London, with Gartner Catalyst. Mobility, cloud services, identity and big data are the success! Jose Luis Montero, Backoffice Manager, UPCnet Table of contents Lancaster London hotel Drue Reeves delivers the Gartner Opening Keynote 2 Keynote sessions 3 Top 5 best-rated sessions 3 Top 5 most-attended sessions 3 Attendee Snapshot 4 Recommendations from selected sessions 9 Sponsors 9 Post-event resources 2014 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner and ITxpo are registered trademarks of Gartner, Inc. or its affiliates. For more information, email info@gartner.com or visit gartner.com. 1

Gartner Catalyst Conference 2014 Keynotes Opening Gartner Keynote: Architecting the Digital Business: A Blueprint for Competitive Advantage Drue Reeves, VP, Distinguished Analyst, Gartner In his opening keynote, Drue Reeves described how mobility, cloud and big data are connecting people, machines and devices in unprecedented numbers, transforming technology from a business tool to the very medium in which business is conducted. To create competitive advantage, technical professionals must find new ways to capture, analyze, communicate and protect information all within a framework that supports new markets, new models and new customer behaviors. He explained: The architecture necessary to support the scale of a digital enterprise How to leverage Cloud, Mobility, and Data to create a competitive advantage The risks associated with tons of devices connected to the Internet How do we store and gain intelligence from the deluge of data He was joined by Jonas Rönnkvist from Volvo, who provided a real world example of the convergence of technologies to create new products and services, the disruptive power of the internet of things on even the most established enterprises business models. Drue Reeves VP, Distinguished Analyst Guest Keynote: The Future Surviving and Thriving in a Constantly Changing Reality Rohit Talwar, Futurist In this far ranging, inspiring and humorous talk, global futurist and award winning speaker Rohit Talwar took us on a tour of key forces, factors and advances in technology shaping our world over the next decade. He discussed the implications for individuals, organizations and governments and the way in which we design, plan and manage technologies. Clearly he saw the next 5-10 years bring about a greater level of change than the last fifty. From 3D printed buildings, robot employee of the months, to the implication on marriage of 120 year lifespan and brain implanted chips he highlighted how science and technology will play a critical role in this transformation from information to biological age, mapping and uploading of the human brain, emergence of new materials, the quest for radical life extension and the pursuit of immortality. He challenged the audience to respond to these forces and developments and using IT to help create the muscle, magic and mindset required to survive in a transformational era. In this thought rovoking keynote, Rohit provided a inspiring and at times scary! vision of the next 5 to 25 years. He explored how sustabinability, growth and From 3D printed buildings to robot employees of the month, Rohit Talwar Futurist Closing Keynote: Architecting the Digital Business: What to Do on Monday? Drue Reeves, Eric Maiwald, Kyle Hilgendorf, Michael Disabato, Carlie Idoine, Gartner To wrap up the conference, four Gartner analysts presented the most important strategies and takeaways that attendees should take back to their organizations to improve current projects and practices, and influence future plans. They highlight the convergence of mobile, cloud, and data technologies, how they influence each other, and how to protect the data and infrastructure in the digital organization. 2

Top 5 best-rated sessions: What did you miss? 1. Why Private Clouds Keep Failing (And What To Do About It) Alan Waite, Research Director 2. Devising Your Cloud Application Decision Making Framework Drue Reeves, VP, Distinguished Analyst 3. Security and SDN: Implementation Considerations Eric Maiwald, Research VP 4. Case Study: Adopting Consumerization and Mobility for Cost, Agility, and Customer Service Rob Zouteriks and Roy Cornelissen, NS Railways 5. Keep Privacy in Mind When Developing Mobile Protection Programs Trent Henry, Research VP Top 5 most-attended sessions: What s on everyone s mind? Very interesting conference highlighting important current and future topics. The exchange with the analysts and colleagues from around Europe inspired me. Markus Moltenbrey, IT Solutions Architect, ResMed 1. Cloud Services: The Foundation for the Digital Business Kyle Hilgendorf, Research Director 2. To the Point: Cloud Application Integration Strategy: Spanning Cloud and On-Premises Services Gonzalo Ruiz, Research Director 3. The Underpinnings of a Successful Mobile Strategy Michael Disabato, Research VP 4. Devising a Cloud Exit Strategy: Proper Planning Prevents Poor Performance Kyle Hilgendorf, Research Director 5. To The Point: Insights on Mobile Security: What Works for Mobile Strategy Eric Maiwald, Research VP Snapshot of attendees Who participated in the 2014 conference? Top 5 job roles 1. Architecture 2. Innovation/Tech Strategy 3. Service Management 4. Applications 5. Infrastructure and Operations Top 5 industry sectors 1. Financial Services 2. IT Services 3. Government and Public Sector 4. Manufacturing 5. Higher Education 3

Gartner Catalyst Conference 2014 Recommendations from selections sessions A1. The Underpinnings of a Successful Mobile Strategy Mobile is more than smartphones, tablets and BYOD. It requires a thorough understanding of business needs, user experience requirements, and the impact on the IT organization. This field research presentation will guide you in the formation of a holistic mobile strategy for your organization. Get corporate commitment. Encourage employee involvement. Don t go to the business units with a blank piece of paper. Develop business cases. Know your audience. Communication with the business units and senior management is the key. Create standards and flexibly enforce them. Look ahead. Define metrics for success. Establish and use a mobile center of excellence. Transition to role-based risk management. Allow the corporate culture to adapt. A2. To The Point: Insights on Mobile Security: What Works for Mobile Strategy During a field research project at the end of 2013, Gartner identified important insights from organizations with successful mobile strategies. End user organizations discussed the technology used and how policy was implemented, how business units used apps and how culture impacted mobile security. During the early stages of examining business mobility initiatives maintain a view of enterprise risk 4 Start with and emphasize the business use case Communicate to business leaders and users throughout the mobility project and seek out feedback from employees Keep abreast of technology changes so that you can anticipate business and employee requirements and expectations Base solutions on use cases instead of starting with security precepts and rules A5. Keep Privacy in Mind When Developing Mobile Protection Programs Mobile devices need controls to protect enterprise information. But both regulations and risk assessment demand that privacy also be addressed. This session explores the controls that enable enterprises to balance information protection needs with employee expectations of privacy on mobile devices. Monday Morning: Assess current state of your policies and EMM program. Is it unified across regions? Build privacy expertise into the EMM team, but leave your ego at the door and bring everyone to the table who you think is needed. Next 90 Days: Perform a privacy impact assessment (PIA). Determine technical controls that balance privacy and protection. Inventory data that is expected to be collected via mobile devices. Next 12 Months: Deploy a clear, structured process for enrollment. Launch a comprehensive program including training, controls and notice to employees that defines program participation, obligations and expectations. A6. How to Increase Employee Productivity in a Mobile World IT architects and planners suspect mobile devices can improve productivity, but they don t know how. This session introduces a mobile productivity framework that assesses the formality and repeatability of business processes to determine where enterprises can maximize the value of mobile device use. Mobile infrastructure planning is just the beginning: Value will result only when users are more productive than they were before mobile

IT needs to take an active role in translating mobile opportunity into mobile productivity The Mobile Productivity Framework: Determine outcomes and key business processes. Use productivity matrix as intuition pump: Business analyst interviews and observes business units Focus on nonroutine work Identify key processes and work patterns Curate recommended second tier tool list Change processes and work habits: Align mobile tools and practices with key processes and patterns Consider training, workflows, process design, coding, metrics, iteration A7. Mobilizing Business Applications You need to provide mobile access to business applications. Unfortunately, those applications aren t currently designed to support mobile access. This guidance framework breaks the effort into four steps: select an approach, choose client models, integrate the back-end, select an infrastructure. Expect to use multiple methods: Products, tools and services market expanding Web APIs with API management may be the right way, but it s not always justified: Most versatile, future-tolerant But full migration to new Web architecture takes time Devise a mobile application road map Don t presume that you must build a custom app: Consider virtualization, adaptation and COTS I am really impressed by the depth and quality of the sessions. It provides me with a lot of useful material for devising my organization s strategy. Harmen Dijkstra, RABOBANK INTL, NETHERLANDS A8. The Five Biggest Security Issues in Mobile Collaboration Tablets are gradually turning into fullfeatured collaboration endpoints. As a result, mobile devices require syncing and sharing of sensitive information and access to critical applications. This talk assesses the biggest security risks for mobile collaboration and options for mitigation. Don t be led by technical FUD. Understand and be a broker for business risks for the use of mobile devices in collaboration. Start focusing on the users and the data: Those will be the only constants going forward; not the devices, the applications, the networks and the service providers. In the selection of security controls, lean toward stronger authentication and access control, and data security. Require rights management vendors to standardize. In the meantime, offer enterprise solutions with great user experience to your users as an alternative to the freely available, uncontrolled, solutions. B1. Cloud Services: The Foundation for the Digital Business Cloud computing is the infrastructure and application foundation for giving scale and agility to every digital business. So how can organizations improve their cloud adoption? In this session, discover a new maturity plan to adopt cloud services and become a digital business. Appoint an architect NOW! Allow existing cloud projects to operate as is. Develop a cloud maturity plan: Revamp organizational structure as necessary. Build a cloud project governance process. Evaluate and select tactical cloudenabling solutions. Construct provider evaluation criteria. Remember operational management! Brainstorm the future hyperconnected opportunities B4. Managing Users in the Cloud More and more applications are moving to the cloud. For organizations considering cloud computing, managing user accounts and privileges is both top of mind and hard to achieve. Learn the options for provisioning user accounts and access controls to SaaS hosted cloud applications. Understand which user management methods are supported by your cloud applications Implement appropriate identity and access governance practices: Just because it is in the cloud, doesn t mean that this goes away Leverage existing infrastructure and processes where possible Don t become a victim to expediency: Many of the simpler methods may get you going But the more mature methods will take you further Encourage the adoption of SCIM 5

Gartner Catalyst Conference 2014 B5. Enabling High Risk Services in the Public Cloud with IAAS Encryption IaaS encryption considerably lifts the bar and delivers a sensible contribution to safeguard intellectual property in computing clouds. It is surely confidential enough for the majority of use cases, but for high risk applications it may be more trouble than its worth. Get real about government capabilities: Outrage and emotion are not part of any risk model. Assess what level of confidentiality and resilience your data requires. Choose an appropriate encryption and key management strategy. Favor client-side encryption versus gateway/proxy based encryption. Get clear about what threats you mitigate: Outsiders, insiders, digital shredding, data integrity, human negligence and errors. Mind that IaaS encryption won t mitigate application level vulnerabilities: For example: SQL injection. Favor client-side encryption versus gateway/proxy based encryption. Get clear about what threats you mitigate: Outsiders, insiders, digital shredding, data integrity, human negligence and errors. Mind that IaaS encryption won t mitigate application level vulnerabilities: For example: SQL injection. Say good bye to the perimeter: Protect data independent of context and perimeter! Encryption is an enabler for enterprise use of IaaS. Protect your data and not your boxes. Be aware of what you are up to: Loss of encryption keys effectively shreds your data. Avoid architectures with high latency that may render application response time unacceptable. Utilize best practice encryption key management. B6. Devising Your Cloud Application Decision Making Framework The heart of a cloud adoption strategy is knowing which applications are cloud ready and which are not. Managing those applications -- and their associated risks -- can make or break an organization s cloud success. Learn how to create a framework to decide which applications are cloud ready, and which aren t. Devise a cloud application readiness framework: Buy first; build second Order the framework to minimalize effort: Showstoppers first; cloud layer second; tech. third Don t forget to include additional services, redundancy, and application growth: These make up the bill estimation Re-evaluate cloud readiness based on QoS expectations: Exit strategy B9. OpenStack for Private Clouds: Technology, Market Landscape, Use Cases This session will clarify how OpenStack compares to cloud management platforms from an architectural and functional standpoint, what is the difference between the major OpenStack commercial distributions, and what are the benefits and limitations of OpenStack for enterprise end user organizations. Implement OpenStack if you are: Early adopters with substantial engineering resources Risk tolerant environments Building low-cost cloud infrastructure for developer enablement Choose a CMP based on functional requirements today: OpenStack will not replace your enterprise virtualization solution for existing workloads, nor displace fullfeatured enterprise CMPs Evaluate the risk and rewards of adopting OpenStack in its current maturity state: OK to use OpenStack as part of a commercial CMP offering, or from a service provider The fact that it is OpenStack-based makes life easier for the vendor, not for your organization Use one of these distributions/cmps if you fit the use cases in an enterprise: Red Hat (best open-source credentials) HP or IBM (best if you have existing products/relationships) 6

B10. Private Cloud Security, The Deja Vus, The Surprises and The Pitfalls In private clouds, new security requirements stem from the cloud paradigm that makes forklifting security from the physical world into the virtual world insufficient. The deployed security measures need to match the new paradigm that involves for example elasticity, portability, self-service and API Keys. If rapid code deployment and frequent dynamic configuration changes is none of your concern then forget about ops. automation for now. Take the prematurity of ops. automation tools into account. Python and Ruby maybe better for your job. Make security the cross cutting glue through all levels of automation, not the last step. Hunt for failed deployments with FIM. Let the (server) use case and your cloudiness guide the choice of the most feasible safeguards. Carve out a competitive advantage by using controls that are unique to private clouds. Do not forget your traditional controls! Go and commingle VMs IF it brings you competitive or significant financial advantage. B11. Why Private Clouds Keep Failing (And What To Do About It) This session will describe the top challenges organizations encounter in building private clouds, the shortcoming of the cloud management market offering, and the recommended steps to mitigate those challenges. Define which workloads are targeted for your private cloud: Focus on the most provisioned workloads where agility is required Consider virtual automation for test/ dev. easy win Fix the provisioning process before you start: Change management and process governance will be critical Enforce SLAs for approval requests Appoint a single cloud owner : Invest in dedicated staff and skill set Standardize the hypervisor, servers, network and storage Use out-of-the-box automation capabilities provided by commercial CMPs: Drive value through just enough customization Build your private cloud strategy around a few key vendor/provider partners C2. Next Generation Databases and Future Directions Database technology is evolving rapidly. New types of databases, such as NoSQL technologies, cloud databases, and improved database appliances, offer new capabilities to perform high performance analytics and combined transactional/ analytics workloads Embrace the fact that traditional relational databases are no longer the be-all and end-all. Learn the basics of the next-generation technologies so that you can identify where to use them. Experiment with new database technologies in pilot projects and proofof-concept projects. Given the disruptive nature of these technologies, use them only where the business justification is clear. 7

Gartner Catalyst Conference 2014 C3. Measuring the Success of Business Analytics The traditional ROI valuation model of BA must be adjusted to consider the value of innovation and the addition of new capabilities. In addition, the models must be re-assessed over time, in order to document, share and communicate the value of business analytics, and ultimately increase support for it within an organization. Intently focus on understanding, determining and communicating the value of BA initiatives Use business capabilities to categorize BA projects Leverage traditional approaches and Gartner s Business Value Model to determine value Communicate the value to business and IT Incorporate value measurement into the BA processes D7. With Big Data Comes Great Responsibility Securing Hadoop Although Hadoop was initially not created with any notion of (data) security in mind, security features were recently grafted in to re-assure firms and open it up for a bigger market. This session provides clients with a good compass to be prepared for the challenges waiting for them. Keep lock-in minimal: Very special security controls increase lock-in. Do not overthink Hadoop security: Treat core elements of Hadoop as secure enough. Trust hardening of Hadoop and configuration management of Hadoop distributions. Do not try to encompass levels of security that RDBMs do not achieve either! Think about externalizing security: Data redaction at the time of ingestion (Hive, Impala). Tokenization of high risk files before ingestion. Data services. Complement RBAC with FIM: Policy files (e.g., Apache Sentry) are frequently clear text files. Remember that you have an operating system and hardware as well. Expect that security will have a performance impact, especially data encryption! D8. Authorization Architecture for a Hybrid Cloud World Authorization is the science of determining if a person is allowed to perform an action in an application on a piece of data. Where authorization decisions are made is often just as important as how the decisions are made. In this session we explore the pros and cons of multiple authorization architectures. Let go of dogma regarding the best form of authorization. Progress slowly from coarse-grained to finer-grained decision making: Be clear on which attributes are being used and make sure that they are well managed. Authorization techniques can be layered. Use the criteria to determine where best to employ these techniques. Use these techniques to gain the most leverage over the growing number of cloud-based apps. The speakers have all been effective and knowledgeable about their topic areas. I especially appreciated the realworld examples shared, which really put a practical perspective on the topic. Paul Saunders, Nestle 8

With thanks to our sponsors Platinum Sponsor Connect with Gartner Connect with Gartner Catalyst Conference on Twitter and LinkedIn. #GartnerCAT Silver Sponsors Gartner Media Partners Post-event resources Customizable post-event worksheet Take a moment to complete your own post-event trip report, a valuable resource for future reference and a great way to share with colleagues what you learned. Click here to access the trip report worksheet. Gartner has you covered View the full Gartner Events Calendar! Learn more with relevant research Want to learn more about the topics that interest you most? Turn to the end of each session presentation for a list of related Gartner research notes. Select Gartner research is available on demand at gartner.com. At the conclusion of the conference, our Web-based Gartner Events On Demand is available to full-conference attendees online FREE for one year, post-event. Streaming content, synchronized to speaker slides, captures every analyst-led presentation, including Gartner keynotes and select solution provider sessions. Visit gartnereventsondemand.com to explore, search, listen and learn. Explore. Search. Listen. Learn. 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information