THINK MOBILE SECURITY: INSIDE THE WORLD-FIRST FOR EMERGENCY RESPONDERS PUTTING THE ‘BIG’ IN ‘BIG DATA’ THE GREAT DATA-CENTRE MIGRATION EMERGENCY SERVICES ROUNDTABLE – CLOUD FILE SHARING REDUX MARCH/APRIL 2014 • ISSUE 23 S andbox GOVERNMENT TECHNOLOGY REVIEW
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
The GTR Knowledge Series brings together senior government decision makers from all levels of government as well as business leaders from across Australia. It showcases solutions to key business challenges facing government today and in the future through a dynamic knowledge experience.
The platform delivers knowledge interactively via its on-demand webinar library and state-of-the-art virtual expo technology enabling the GTR community to access relevant and compelling content.
CPMEnsure your presence at the event Ensure your presence at the event with a level of impact to suit your needs.with a level of impact to suit your needs.Virtual Expo Booth $900+GSTVirtual Expo Booth $900+GSTVirtual Expo Booth $900+GSTVirtual Expo Booth $900+GSTVirtual Expo Booth $900+GST
Showpiece Your Products or Services in a Showpiece Your Products or Services in a Showpiece Your Products or Services in a Showpiece Your Products or Services in a Showpiece Your Products or Services in a Content PresentationContent PresentationContent Presentation $2,000+GST $2,000+GST $2,000+GST $2,000+GST $2,000+GST $2,000+GST
Sponsor Featured Content Sponsor Featured Content $3,000+GST $3,000+GST
AUSTRALIA’S MOST INNOVATIVE CONTENT MARKETING SOLUTION
Launching April 29th with Vivek Kundra The fi rst chief information o� cer of the
United States from March, 2009 to August, 2011 under President Barack Obama
a Level 8, 574 St Kilda Road, Melbourne VIC 3004d +61 3 8534 5008e [email protected] www.commstrat.com.au
UNIFIED
COMMUNICATIONS
GTR MAR/APR 2014 | 1
PUTTING THE 'BIG' IN 'BIG DATA'The considerable promise of big-data analysis is continuing to push government departments towards finding new ways of servicing citizens. Even as early wins are being chalked up on the board, efforts to frame big-data initiatives within governmental controls are gaining speed. We catch up with the effort to legitimise big data.
ROUNDTABLE: EMERGENCY SERVICESEmergency services organisations (ESOs) are a worst-case use case for most types of technology, since there is no room for error when lives are on the line. Within those operating parameters, however, ESOs are moving to embrace new technologies that will empower field workers and boost efficiencies. Our expert panel discusses the latest.
SPECIAL FEATURES
8
42
COVER STORY:MOBILE SECURITY: THINK INSIDE THE SANDBOX
A slew of rivals are offering secure, business-focused file-sharing alternatives to Dropbox.
24 Data centre migrationsIncreasing government momentum is turning the data-centre migration into a stampede.
32 National Safety AgencyA massive R&D investment has produced a world-first vehicle packing massive computing and communications power to support emergency relief efforts, even in the most remote of areas.
CASE STUDIES12 Australian Taxation Office
The ATO's big-data investments are already delivering real benefits.
28 Australian National Audit OfficeTransformation and efficiency efforts are helping ANAO recover its service mojo.
30 Swan Hill Rural City CouncilAn investment in a Web-facing mapping system has given the public extensive self-service capabilities.
31 Central Coast CouncilMoving to a cloud-based upgrade has improved an important but ponderous council process.
Your employees have been pushing to use their own mobile devices at work for years, but it's only now that new security technology looks set to provide a secure way to deliver bring your own device (BYOD) policies safely and securely. We look at how mobile sandboxing works and what the mobile industry is doing to realise the BYOD dream.
It was always going to happen that mobiles – beloved by many, used by nearly all of us – were going to present their share of negatives as well as the many positives they offer. Yet few might have thought that the onslaught would be so ferocious: Google's Android, in particular, offered an open design that has attracted the attention of malware authors the world over.
IT managers were stuck between the proverbial rock and hard place: they needed to rein in the tendency for malware to wreak havoc on their ICT, while giving users the freedom they wanted to get their jobs done right. The industry is now, appropriately, converging around the idea of sandboxing – a technique that has been used for years by virtual-server solutions but is now producing strong outcomes on certain Android implementations as well as the BlackBerry 10 operating system.
This month's cover feature explores the latest in sandboxing as a solution to the mobile and BYOD threat. Yet better app management is only part of the challenge: organisations also need to manage their data into the cloud and beyond. For this reason, we also look at the state of the art in cloud-based file syncing tools, which are quickly evolving beyond their simple Dropbox-like features to add everything from tough encryption and granular data control to back-end integration that makes commercial cloud services act like an extension of your file system.
The net effect of all this will be to ease the pressure on government agencies to limit their storage consumption – sure to be particularly useful as big-data initiatives kick in and agencies begin looking in earnest for ways to store and process all that data. Our big-data feature weighs up the challenge in that fast-growing area, highlighting early successes as governments jump on the big-data bandwagon in an effort to boost their business efficiency and effectiveness.
This month we also feature the usual interesting case studies – on the Australian National Audit Office as well as Swan Hill and Central Coast councils – and a special look into emergency-services technology that includes both our ever-interesting roundtable and a photographic tour of a world-first, purpose-built emergency-response truck.
I should also mention the GTR Knowledge Series, an innovative new online endeavour in which we’ll be catching up with a range of public-sector thought leaders. Through an ongoing series of video interviews and presentations, complemented by related learning materials, we’ll be pulling out and sharing best practices for public-sector ICT deployments from the people that have made them happen. Watch the GTR Web site (www.govtechreview.com.au) for more details.
All this and more is buried between here and the back cover – so start digging, and drop me a line if you have any burning questions or comments.
(61), and aerospace and defence (58) rounded out the top eight.
'Watering hole' attacks, which strike visitors to popular Web destinations
based on hackers' knowledge of the type of victim they are trying to hit, were
used particularly frequently by APTs targeting US government Web sites.
The research also showed that attackers were regularly finding
"creative ways" to detect and work around the limitations of virtual malware
'sandboxes', which are increasingly being used to try to manage and isolate
malware's behaviour.
"Sandboxes make an attacker's job more difficult (and therefore more
expensive) by requiring at least two exploits,” the report says. “One is to obtain
code execution, and another to bypass the sandbox.... Even given these
increased challenges, it is clear that attackers still find a sufficient return on
investment to devote the time, energy, and resources required to bypass
sandboxes altogether.”
FireEye also tracked zero-day campaigns run during 2013, with Internet
Explorer (IE) targeted by 37 percent of attacks and Java (23 percent), Flash
(23 percent) and Adobe Acrobat Reader (15 percent) making up the rest.
The high proportion of IE-related attacks was enough to make IE "the
single most dangerous zero-day attack vector in 2013," FireEye reported,
noting that the proliferation of old versions of IE – for example, v7 and v8
widely used in established environments – "could be due to the security
enhancements in newer versions of Windows and Internet Explorer".
ANAO chooses BlackBerry 10 for mobile management, security
Government agencies most frequently-targeted by hackers, analysis shows
8 | GTR MAR/APR 2014
PUTTING THE ‘BIG’ IN
DATA HAS ALWAYS BEEN THE ALL-IMPORTANT FOUNDATION FOR THE WISDOM PYRAMID:
FIRST COMES DATA, THEN INFORMATION, THEN KNOWLEDGE AND FINALLY WISDOM. IT
IS THAT PINNACLE OF WISDOM THAT IS THE HOLY GRAIL OF BIG DATA INITIATIVES.
● By Beverley Head
Big Data
GTR MAR/APR 2014 | 9
Government has always had access to a lot of information – tax files, ratepayer records, electoral roles, cadastral databases. Growth in data
reserves is such that in 2008-2012 Government agencies installed an additional 93 petabytes of computer storage.
As this information has been digitised, it has been stored in large structured databases, and available for analysis. That analysis has been largely historical and often described as a look in the rear-view mirror.
The promise of big data is that its volume, variety and velocity – combined with access to relatively inexpensive computer horsepower and a raft of data analysis algorithms – will allow forward-looking historical and predictive analysis with significant implications for operational efficiency and evidence-based policy design at all levels of government.
A blueprint for its implementation, the Australian Public Service Big Data Strategy (www.finance.gov.au/big-data) was issued by the Department of Finance in August 2013. It defines big data analysis as occurring across structured, unstructured, semi-structured and even incomplete data sourced from a variety of sources including sensors, machine logs, mobile devices, GPS systems and transactional events.
Recognising data as a national asset, and the opportunity to “realise substantial productivity and innovation gains from the use of big data”, the strategy nevertheless also recognises that big data raises new challenges with regard to privacy and security.
The Strategy is just a first line in the sand; further guidance is being developed to support public sector organisations seeking to link cross agency data; harness third party datasets; de-identify data; release open data; and develop data retention policies with regard to cross border data flows.
According to Gartner research vice president Doug Laney, government organisations are looking to use data to help drive economic development; anticipate, improve and expand community services; reduce the costs of government; identify and reduce fraud or compliance issues; and to monitor and improve the performance of suppliers and partners.
“Big data sources including social media and feeds from sensors, along with untapped 'dark data' that many agencies are sitting on are the fuel for these innovations,” he explains. “The challenge, however, is that many big data uses start out as something speculative or
experimental – but public sector organisations often are not set up for that, culturally and for budget reasons.”
Some are embarking on the journey, however.
David Ives is an independent consultant, currently working with the City of Gold Coast. He acknowledges that constructing the wisdom pyramid from a big data foundation is not a trivial exercise – but notes that one of the first challenges is to make clear the benefits that could accrue.
Ives believes that there is growing interest in the sorts of data that could be collected or accessed and the insight or opportunity for predictive analysis that could provide.
Local governments, in particular, have much to gain, he says, offering the example of local traffic control. Ives outlines a potential application which could see traffic light sensors, CCTV images, and mobile phone apps being used to create an information mesh that could be analysed to allow traffic flows to be optimised on the fly, reducing congestion and leading to energy savings.
While the advent of open data policies across all levels of Government has already vastly expanded the array of information sources
that can be accessed, inexpensive sensors that can connect to the Internet are also of interest. Ives believes a sensor network across the water reticulation network to monitor water flow could identify potential pipe problems, allowing maintenance crews to be automatically directed to maintain a section of the network identified as being at risk, in advance of a water mains rupture.
While the City of Gold Coast is at an early stage with its big data initiatives, Council is working on a plan to establish a centre of excellence focused on big data in local government, and for major events such as the Gold Coast 2018 Commonwealth Games.
New South Wales, meanwhile, has rolled out a predictive application in its Traffic Management Centre in association with Pegasystems which takes data from more than 20,000 traffic management devices such as traffic lights or flow control signs.
At the first sign of a problem the system can schedule preventive maintenance or divert traffic, according to Luke McCormack, Pegasystems’ APAC vice president. McCormack said that in the future it might be possible to integrate social media content – for example Twitter commends regarding traffic snarls – as long as there was some way of validating that data.
To ensure success of any big data initiative, he said it was necessary to have support from the top levels of management, and also that the project was seen as a business, rather than purely being an IT project.
According to Evan Stubbs, chief analytics officer with big-data vendor SAS Australia-New Zealand, there is no lack of public sector intent to harness big data – but there are challenges in managing the complexity.
Evan Stubbs
“There is a lot of discussion on how to manage the information and ethically use it... the private sector was probably at the same point on this trajectory two to three years ago – but the public sector does face unique challenges.”
10 | GTR MAR/APR 2014
“It is still very much in the early stages,” he explains. “There is a lot of discussion on how to manage the information and ethically use it... the private sector was probably at the same point on this trajectory two to three years ago – but the public sector does face unique challenges,” for example with regard to citizen privacy.
However, progress is being made and, Stubbs says, “In the federal government, the ATO and Department of Human Services are leading in terms of getting a single view of the citizen”.
A key issue for the future will be ensuring a level of trust regarding big data exploitation by governments. There is in the post-PRISM era a degree of skepticism among citizens about the way their personal data and privacy is handled.
Analyst Ovum speaks of the need for big data exploitation to go hand in hand with the development of “big trust” which can be eroded by what it refers to as thoughtless data “fracking”.
Big Data PotentialDirk Klein, general manager public sector with SAS, says that Government is still assessing the potential of big data and its implication for business processes, and policy development. “That means the way policy development is approached needs to change and the skills need to change,” he says.
Access to skills remains an issue for both the public and private sectors. Stubbs cites a survey released last year by the Institute of Analytic Professionals of Australia, which revealed that more than 50 percent of their members had seen their salaries increase moderately or substantially “and the median salary is already twice the national median – so that's indicative of a shortage.”
Gartner has forecast that 4.4 million jobs directly related to big data will be created globally, noting that only a third of those roles could be
filled given the current academic pipeline. Public sector employers will have to stand in line along with banks, resources companies and retailers to attract these scarce skills.
But Stubbs warns that big data “is not a nice to have; it's a must-have if the federal government is going to achieve its savings targets. If you get it right, it can lead to massive savings.”
More specifically, the government’s Big Data Strategy notes that “Big data analytics can be used to streamline service delivery, create opportunities for innovation, and identify new service and policy approaches as well as supporting the effective delivery of existing programs across a broad range of government operations – from the maintenance of our national infrastructure, through the enhanced delivery of health services, to reduced response times for emergency personnel.”
To liberate that value, public sector agencies need a roadmap to support their big data initiatives.
The Government’s Data Analytics Centre of Excellence (DACoE), led by the Australian Taxation Office, was announced a year ago by AGIMO to build analytics capability for the public sector by establishing a common capability framework for analytics, sharing technical knowledge, skills and tools. It will also forge relationships with universities in order to help influence skills development and access.
Government will also need to explore the range of private data sets to liberate the most value, argues Martin Gregory, managing director of iSpatial Asia Pacific, which supplies a range of spatial data sets to public and private sector customers.
While much of the data is stored in structured databases, Gregory notes the increasing appetite for crowdsourced data to update or enhance
existing data reserves. Land Information New Zealand, for example, is augmenting its topographic data reserves with crowdsourced information to support tourist mapping.
Paul Watson, 1Spatial’s chief technology officer, notes that traditional data management practices need to be augmented with big data techniques because of the volume, variety and velocity issues.
“With increasing transparency and scrutiny of government information and increasing volumes being collected, the premium placed on completeness, currency and consistency has never been higher for government,” he says.
“Achieving this will require that we take the people element out of the data processing chain and the latency and error-proneness that comes with them. Employing automated big data techniques more universally will allow us to scale the collection, summarisation and privacy scrubbing of government data in a much more sustainable way.”
“Increasingly, automated sensor-based data collection and data grids will be harvested to feed rules-based data cleansers and data portals with data that is e-Government ready – accurate, up-to-date and safely anonymous for the public.”
Dirk Klein
Martin Gregory
“With increasing transparency and scrutiny of government information and increasing volumes being collected, the premium placed on completeness, currency and consistency has never been higher for government.”
Big Data
GTR MAR/APR 2014 | 11
Tools and techniquesThe range of skills and tools for big data analysis continues to grow. Hadoop, an open source tool used to analyse unstructured data, has been a front runner though access to skills remains challenging.
But as Evan Stubbs notes, the learning curve is still steep. “There are a lot of people trying to solve problems with Hadoop that Hadoop was not designed for,” he says. “It's not just about Hadoop – it's the whole ecosystem. Two years ago Hadoop was the answer; now, it is recognised as just part of the answer.”
An ATO spokesperson says Hadoop is already earning its place within the big-data ecosystem.
“While there is still much that can be achieved with our current systems, in the longer term technologies such as Hadoop and the ecosystems are likely to play an important role,” the spokesperson explains, “and in many cases are
already playing a role in the use of big data across government agencies.”
“The precise configuration of these will depend on the use cases of each agency. At this stage these technologies are developing quite rapidly and government agencies will need to take lean, agile approaches to adopting and evolving their toolkits.”
Not every big-data question has Hadoop as its answer, however. Andrew McGee, pre sales director for HDS in ANZ, says that although Hadoop is one of the technologies that people are gravitating toward, “People shouldn’t be quite so hung up on it”.
While it had an open source advantage meaning that it was developing swiftly, he said it was only one of a raft of tools and techniques required for effective big data exploitation.
Having spent the last seven years in Canberra, McGee says that the main impediments still to public sector big data
initiatives remain access to skills, data scientists and “people who know how to get started.”
Eventually he predicted that the supporting technology frameworks would support to the extent that “You won’t need a PhD to run these things.” For the present, however, McGee warns, “This is not for the faint hearted.”
Andrew McGee
hadoop & the data warehousewhen to use which
For more information please contact us on 1800 440 021 or [email protected]
QR: http://bitly.com/1nP8GUM.qrcode
12 | GTR MAR/APR 2014
THE ATO TAKES THE LEADThe Government’s recently established Data Analytics Centre of Excellence (DACoE) is being led by the Australian Tax Office.
Not surprisingly, the agency is well ahead in terms of its deployment of big data technology.
For many years ATO has used data warehousing to cross check the data in its systems with that held by other agencies. While comparing large structured databases is not a trivial exercise, the advent of big data technologies is allowing the agency to significantly expand its data analysis capabilities.
“The ATO has a comprehensive program in place cross referencing information reported in tax returns against over 600 million transactions provided to us by third parties,” an ATO spokesperson said, noting that this information is used to provide prefill services in income tax returns, and to identify issues such as omitted income and incorrectly claimed offsets, such as the dependent spouse tax offset.
“Recognising the opportunities in big data we are expanding the volume and variety of the information we collect to encompass a greater range of areas,” the spokesperson continued, noting that this included areas such as capital gains tax from the disposal of shares, collectibles, precious metals and property, foreign source income and contractor income from payments made by government agencies.
Our matching algorithms are increasingly being enhanced through the use of big data analytics. These analytics improve matching rates and reduce manual intervention by bringing the variety of data sources together, including semi-structured data along with traditional structured data. This involves using fast analytics engines in additional to traditional data warehouses.
“For the ATO we see the benefit of big data in the long term supporting our strategic direction by informing our approaches to improving services to taxpayers and businesses,” the spokesperson said.
“This includes more online services to taxpayers underpinned by intelligent analytics providing secure transactions, better context driven advice, and better detection of non-compliance.”
BIG DATA DOESN'T MEAN ALL DATA
Tight budget pressures mean many government agencies are embracing big data more quickly and effectively than their private-sector counterparts,
a big-data analytics specialist has found after working with a number of agencies to plan and execute their big-data strategies.
“The concept of big data and analytics has yet to be properly defined, certainly in the Australian market,” says Dr Theo Gazos, a former KPMG and PwC director who is now director and co-founder of analytics consultancy Predictive Analytics Group (PAG).
Gazos says his work with government bodies suggests that they are “a bit ahead of most private organisations” in this process because they are driven by tight budgets and business cases face strong competition between departments when angling for precious IT budget.
In many cases, this means working against the assumption that big data necessarily involves the collection of every single piece of data; rather, Gazos says, the focus of big-data planning should first look at what data is already being collected and how it can be more efficiently used.
“Most of the conversations about big data are about the quantum of information,” he explains, “but we tend to tell organisations that, before they run off and spend tens of millions on technology designed to capture all this information, that they think about analysing the information they currently have and collect.”
“Make sure the analytics you're providing are robust and unique,” he continues, “and that they produce reliable forecasts. Then think about the information that's missing. Agencies should target their future investments to collect that information, instead of just assuming that everything out there is required and is going to be useful.”
One current engagement has seen PAG working with Victoria's Emergency Services Telecommunications Authority (ESTA), which has been using big-data techniques to model its contact-centre activities.
While the engagement involved establishing a baseline of ESTA's activities, it became clear that other data – specifically, Australian Bureau of Statistics figures on population growth – would add additional value by allowing models of current demand to be meaningfully extrapolated into the future.
“They want to be able to produce forecasting for the future and understand how call-taking volumes, for example, will change as the population changes,” Gazos explains.
“In developing those mathematical models there's a lot of work that goes into identifying, in this case, the relationship between 000 calls, crime rates, population trends, and so on. They've got potentially thousands of calls coming in per day, and this gives them an opportunity to say 'what if?', and to simulate the outcomes of various things occurring simultaneously.”
The promise or demonstrable reality of such value is helping legitimise targeted analytics approaches as business leaders work to build viable business cases to justify big-data projects.
“They recognise the value of providing a robust business case to treasuries and central purchasing agencies,” Gazos says.
Theo Gazos
Big Data
GTR MAR/APR 2014 | 13
“The value is in having a model that lets you look at the impact of many changes simultaneously. It's creating an evidence base of information, and providing a more convincing argument when you're pitching for funds.”
Each big-data analytics model will be different, Gazos says, since it's based on the unique characteristics of each organisation adopting the technology. Extensive customisation of analytical models may require specialist skills and go against many organisations' predilection for low-risk, off-the-shelf solutions, but it also provides a competitive
advantage that is tailored to the business and cannot be easily replicated by others.
Ultimately, big data is about unearthing new insights in the data that organisations have, or collect into the future.
“It's only through careful analysis of data that organisations will be able to answer some of those questions,” Gazos says. “You need to make sure the mathematics you're using to generate your forecasts are solid and robust. That doesn't mean they have to be complex; they just have to be correct.” – David Braue ●
“The value is in having a model that lets you look at the impact of many
changes simultaneously. It's creating an evidence base of information, and
providing a more convincing argument when you're pitching for funds.”
14 | GTR MAR/APR 2014
Cloud Applications
CLOUD STORAGE:
FILE UNDER 'S' FOR
'SECURE'DROPBOX MAY HAVE DEFINED A CATEGORY BY ENABLING SYNCING OF CONTENT BETWEEN COMPUTERS AND MOBILE DEVICES USING THE CLOUD AS AN INTERMEDIARY, BUT THE FIELD HAS BECOME POSITIVELY SATURATED WITH COMPETITORS AS RIVAL COMPANIES SEEK TO 'OUT-DROPBOX' DROPBOX WITH MORE SECURE, MANAGEABLE AND WELL-INTEGRATED COMPETITORS.● By David Braue
GTR MAR/APR 2014 | 15
Most major software vendors now offer their own version of Dropbox, each with a slightly different pedigree. Symantec,
for one, has built up its Norton Zone based on the security credentials of the brand, while large-file sending pioneer YouSendIt recently rebranded as Hightail to reflect its broader file-sharing remit. LogMeIn's Cubby file-sharing service addresses data-sovereignty concerns by using the cloud as a conduit between systems but not actually storing data in the cloud; 256-bit encryption secures files at rest.
Then there's SpiderOak's eponymous file-sharing service, which uses the cloud, but implements a 'Zero Knowledge' technique that means the company has no way to decrypt the data stored on its systems; the company is also promoting the Zero Knowledge approach through its open-source Crypton project, which provides building blocks for developers to integrate the same technology into their systems.
Organisations “are still trying to figure out ways in which they are going to approach the cloud in a much more secure way,” says Ethan Oberman, founder and CEO of the cloud-storage company, which recently announced a flat-rate, unlimited-capacity file-syncing service for businesses.
“It has been a very good time to have a mature offering in the marketplace that provides consumers with privacy and security,” he continues, “but we are really pushing very aggressively into the enterprise market now. [Fixed pricing] is proving to be much better received in the enterprise because it helps them do the budgeting better.”
Other companies are entering the field on a regular basis, with solutions like Accelion kiteworks, Intralinks VIA, TeamDrive, Thru, Varonis, Objective Corporation’s Objective Connect, and other contenders jockeying for position with increasingly homogeneous feature sets.
Australian hosting provider OzHosting recently took a different tack against local rivals like NineFold, Rackspace, Optus, Dimension Data, and others by building a virtualised architecture that uses open-source ownCloud technology to offer customers individual storage repositories based on discrete virtual machines hosted in-country.
Longtime Dropbox rival Box has also been pushing into the business market, while Dropbox offers a Dropbox for Business and Microsoft recently released a business-focused version of its rebranded OneDrive cloud-storage environment. Its OneDrive for Business offers direct integration with the company's Office productivity suite, as well as enterprise-grade content management, compliance and administrative controls. It's also delivered against the Office 365 service level agreement, ensuring certain levels of uptime.
CLOUD INTEGRATIONWhile consumer-grade solutions climb the value chain by bolting on new enterprise-styled features, others are taking a different approach by positioning the cloud not only as a transitional point for the movement of data – but as an endpoint in its own right.
IBM subsidiary Aspera, for example, recently released an Aspera Drive product offering built on what the company bills as a High-Speed Transfer Platform delivering “extreme file sharing”.
While it facilitates movement of files between systems via the cloud, the Aspera model also incorporates enterprise features like encryption over the wire and at rest, and integration with Active Directory/LDAP capable directory services for high-granularity control over access to online resources. Aspera also offers syncing with platform-as-a-services (PaaS) cloud services including IBM SoftLayer, Google Storage, OpenStack Swift, Amazon S3 and Microsoft Azure Blob.
Cloud connectivity is also built into AppSense DataNow, which incorporates a data broker appliance that can be added to existing IT storage infrastructure and links to Amazon S3 and Microsoft Azure services. Boasting what the company calls “a robust set of data orchestration and policy controls that address both corporate and personal devices”, DataNow also offers tight resource control that the market now positions as a requirement for a cloud-storage offering to be truly enterprise-grade.
Andrew Kupetz, chief technology officer for the cloud with IBM Australia-New Zealand, sees the trend towards granular control as a defining characteristic of the cloud file-sharing market.
“It's not enough to say anymore that there is whole big piece of backup data that needs to stay in Australia,” he explains. “It's becoming very personalised. I would say data needs to get to the point where we're looking at the individual elements of the data, and starting to talk about policy and role based data down to the level of granularity so governments can be very flexible in what they choose to do or not to do.”
Making that happen, however, requires additional investment in a range of integration tools based on open standards capable of building bridges between cloud environments. Organisations “will end up using all sorts of different vendors' clouds,” he explains.
“There is not ever going to be just one. So, it's all about how we connect them up so they can talk – and making sure there are standards around storage that let clients move their data around.”
“IT'S bECOMING vERy pERSONALISED. I wOULD SAy DATA NEEDS TO GET TO ThE pOINT whERE wE'RE LOOkING AT ThE INDIvIDUAL ELEMENTS OF ThE DATA, AND STARTING TO TALk AbOUT pOLICy AND ROLE bASED DATA DOwN TO ThE LEvEL OF GRANULARITy SO GOvERNMENTS CAN bE vERy FLExIbLE IN whAT ThEy ChOOSE TO DO OR NOT TO DO.”
16 | GTR MAR/APR 2014
ENGINES FOR COLLAbORATIONWhether they transfer data between systems via the cloud, or move it to cloud-based storage destinations, enterprise-grade file-sharing solutions are rapidly being kitted out with a range of additional features that are turning the humble file-syncing tool into an engine for corporate productivity.
Because the files can be easily accessed via the Web from multiple sites or devices at once, they can be easily shared with a range of people with full version control – facilitating collaborative project work and easy access through desktop, smartphone or tablet apps.
The integration of cloud file-sharing capabilities into broader control environments is particularly valuable for organisations working to ensure compliance with the recently changed changes to the Privacy Act 1988, which put increasing burden on public and private-sector organisations to keep track of where their data goes and who accesses it.
Document-management company Workshare is promoting those capabilities as it becomes yet another vendor firms making the transition to the cloud-based environment. By expanding its document control and auditing product set with cloud connectivity, director of
marketing Laureen Smith says the company's take on corporate file sharing is proving to be popular with government, legal and other industries with strict data-tracking requirements.
“These regulated industries are really focused on keeping documents secure,” she says. “We're now taking the security we've previously focused on emails, and keeping documents secure beyond the corporate network – on smartphones, iPads, and other devices people are using to work any time, anywhere.”
Behind that collaboration engine, however, is a range of controls that ensure organisations can keep data where it belongs. A hybrid deployment model, for example, allows storage of some data inside the corporate firewall as well as replicating it externally via Amazon Web Services' S3 service. Workshare can strip sensitive or personally-identifiable metadata from documents before they're stored in the cloud. Data is encrypted in transit and at rest.
“You can set up the rules on how the documents are distributed,” Smith explains. “You have a full audit capability on who the document is sent to, when it's sent, and what comments are added. You can track it down to a minute level. And, when it comes to offshoring of data, we're finding that being able to select
where you store the data, the security you have around it, and metadata rules that apply – these are resonating with prospective customers with real business issues.”
Because they have been designed from the ground up to support mobile devices – apps are de rigeur requirements for basically every cloud-storage service – these services are proving to be useful partners as organisations seek to wrest control over bring your own device (BYOD) rollouts back from their users.
Apps not only facilitate access to data, but many have capabilities like remote wiping and tight restrictions on attempts to copy or move data where it shouldn't be. In this way, mobile devices are becoming companions to centrally enforceable access control regimes – and simplifying the expansion of cloud-storage services in the process.
“As end devices get smarter and smarter, it becomes a lot easier for us to do our jobs because the machines can do more of the compute,” says SpiderOak's Oberman. “If all you're storing is encrypted data blocks and you never know what the data is, and the server is not actually doing any compute on that data, it's much easier to scale because all you're doing is scaling horizontally.” ●