1

Created and Presented by:

Rand Morimoto, Ph.D., MCITP, CISSPAuthor, “Unleashed”-series / Sams PublishingPresident, Convergent Computinghttp://www.cco.com randm@cco.com

Developing an IT Strategy in the 21st Century Rand Morimoto President, Convergent Computing

Series Lead Author of over 30 bestselling books• Windows 2012 Unleashed

• Exchange Server 2013 Unleashed

• System Center 2012 Unleashed

• Network Security for Corporate Executives

• Project Management in Enterprise Environments

Keynote and Session Speaker at Over 50 Conferences and Conventions around the world each year

Cyber-Security Advisor to President Bush (2002-2007)

Y2K Advisor to President Clinton (1997-2000)

PresidentConvergent Computing

ConvergentComputing

Founded in 1986

65+ Employees (over 35 published author/experts)

Early adopter for every major Microsoft product (2-3 years experience before product launch)

Consulting firm for small, medium, and enterprise organizations HQ’d in the SF Bay Area with offices around the globe

Oakland, CA

We no longer work in IT environments where organizations simply upgrade to the latest version just because a new version is out…

Organizations strategically implement technologies when the technologies meet

core business needs…

Common Business Needs and Initiatives

• Lowering IT Costs

• Improving IT Efficiencies and Relevance

“Cloud Strategy”

“BYOD” / “MDM” / “VDI”

“Social Media Strategy”

• Addressing Security, Compliance, Privacy

• Protecting Intellectual Property

• Focusing on User Access to Information

• Improving User Experience

“Big Data” / “B.I.”

• Data Collection and Consolidation

• Information Analysis & Data Utilization

“Cloud Strategy”

Lowering IT Costs

Improving IT Efficiency and Relevance

Datacenters of the Past

Storage Network Compute

Today’s datacenter

2

Datacenter of the (New) Present“Datacenter without boundaries”

Service Provider(ie: Rackspace,

Latisys, etc)

Storage Network Compute

On-premises infrastructure

• CCO is working with some of the largest datacenters in the world

• “Server Pods” – 1160 16-core Host Servers in a shipping container

at 57% less cost than the deepest corporate discount for HP, Dell,

Fujitsu, IBM servers

• “Cheap Storage” – Instead of $2500/TB (times 2 for site

redundancy), storage costs in bulk (JBOD) now $300/TB (times 3 for

high availability and site redundancy), so $5,000/TB or $900/TB???

• “Virtual Networking” – Instead of appliances and devices, just

embed switching and internetworking within the Hosts, Pods,

Servers, and Apps (decrease of $10,000-$25,000 per site or per

connection)

• “Service Automation” – Spin up 2,350 VMs in 1-hour. Failover 1,000

VMs within a site in 30-seconds. Failover 1,000 VMs across sites in

3-minutes

• THIS hosted datacenter efficiency (now at $.46/$1, heading to

$.37/$1 within 6 months) will drive costs down, and put pressure on

internal IT departments to improve internal IT efficiencies…

Optimized Datacenter

Service ProviderOn-premises infrastructure

Where to Start…

Service Provider[Rackspace]

Storage Network Compute

On-premises infrastructure

Onsite (Existing) Datacenter

• Run Active Directory for identity

• Focus on Business Applications

(Accounting, HR, etc)

• Manage Compliance (on-premise and

cloud)

• Support Endpoint Devices

Extend to Azure Services as Needed

• Running simple servers (like

www.cco.com, file system storage, time

and billing entry server, etc)

• Extending the corporate network (so the

cloud is seen and managed just like a

virtual guest on the corporate network)

• Servers are geo-replicated (so 99.9%

guaranteed uptime)

• Leverage Azure AD for “shared directory”

between multiple orgs (SharePoint

scenarios, a better “file sharing” solution)

• Copy systems (HyperV

VHDs) to the cloud

• Remote (RDP) to the

guest session and

manage just as you

would a local virtual

guest, so 100% control

• Monthly cost $57/month

for a full running VM

http://www.networkworld.com/community/blog/virtual-networks-windows-2012-and-azure-vms

MANAGEMENT & AUATOMATION

NEW! Improve traditional storage with Storage Spaces with

Automated Tiering (SSD/SATA) and Disk Deduplication

Hyper-V Replica permits replication for

business continuity & failure recovery

NEW! Non-Windows support for Remote

Desktop Services (ie: Apple Mac, iOS, Android)

NEW! Hyper-V Replication (local), Site to Site Replication

(to cloud), Azure-based HyperVRecovery Mgr

NEW! Hyper-V – Grow & Expand Virtual Machines

while they are running

NEW! Multi-Tenant Site-to-Site VPN Gateway to

enable cross-premises connectivity

UPDATED! Non-Windows endpoint (Mobile Device

Management) support in ConfigMgr / Intune

NEW! WorkPlace Join (iOS, Win8.1), WorkFolders (folder sync

(tablets/phones)), Web Application Proxy (app

authentication)

UPDATED! Hyper-V Network Virtualization to

isolate network traffic on shared infrastructure

UPDATED! Monitor (SCOM) and Provision (VMM) VMs

seamlessly on-premise or in the cloud

Enterprise Systems Management• Single console to view on-

premise & cloud; servers & clients; Microsoft & non-Microsoft apps; router & switches; firewalls & storage

• Automate management and recovery

• Build capacity on-premise or in the cloud on demand and cost

• Consolidate capacity on-premiseor in the cloud based on demand and cost

• Inventory, Patch, Update, Replace, Replicate, Restore –Servers, Desktops, Laptops, Tablets, Phones anywhere at any time

3

“BYOD”“Mobile Device Mgmt”

“VDI”Addressing Security, Compliance, Privacy

Protecting Intellectual Property

Information Technology: 7-15 years ago“Datacenters” were centralizedApplications and data commonly distributed by sites / geographies at bestAll endpoints for the most part were Windows-based clientsEmergence of first Web-based Apps and “mobile” were Blackberries

From

Home

VPN

Server

Over the Past 4 years…Heavy focus on regulatory compliance and standardizationTighter management control over Windows PCs (locked down and highly managed Windows XP guest sessions)Tight controls on “firewalls” and central ITPut 100% of our focus on the “managed / locked down Windows XP PC”Let users sync their email with any mobile device they wanted to bring iniPhones, iPads, Android became more than just PDAs but common endpoint devicesApple’s domination in mobile phones and tablets along with lack of innovation in PC laptops / tablets let the MacBook and iPad proliferateLackluster economy has had businesses and IT focused on other things

SOX HIPAA 21CFR FISMA

Information Technology – Today

Endpoint is no longer just a Windows client (now Mac, iPad, Linux, Tablet)

Applications and data no longer in just 1 place (cloud-based applications (Salesforce.com; Box.com; Dropbox; etc), distributed apps)

Mobile users need access to more than just email (access to full apps from any place and from any device)

Options for IT Executives Today…

Option 1: Block the evolution of technologies (ie: no Macs, no Cloud, no Tablets, company owned mobile, locked down environment). Which is doing things the way we’ve been doing the past couple decades…

Option 2: Try to force a managed environment using new technologies to do things the old way (ie: VDI “Windows looking guests” on all devices, join Macs and Linux systems to AD just like we have done with Windows, Mobile Device Mgmt (MDM) to lock down devices) – Which are all small “point solutions” to a bigger problem…

Option 3: Outsource IT – Hoping that someone else can do Option 1 and Option 2 better and cheaper

Option 4: Rethink IT

Option 4: Rethink IT(the balancing act)

User wants and needs… The business needs…

Access to business applications

Access to data

Ability to communicate

Access any time / anywhere

Control who has access to info

Audit and report on access

Ability to deprovision users quickly

Protect data and users

4

Solving the Endpoint Management Challenge

1. Identity / Single Sign-on is Imperative - User must logon to a common directory (like Active Directory) before getting access to ANY other app (on-prem or cloud)

2. Encrypt All Data - Protect the data, and then you don’t have to worry if it “leaks” and ends up on Box, Google Apps, Skydrive, iPads, Mac Laptops that may not be secure

Step 1 – Focus on “Identity”Going from Multiple Passwords…

Enterprise Firewall

Active Directory

Internal Apps

eBusiness

Portal

…to a common Single Sign-on Solution

Access to public

cloud applications

Shared info access

with business

partners

Corp apps in

the Cloud

Client-facing

applications

Consumer-facing

applications

Active DirectoryInternal Apps

Step 2 - Encrypt All Data

Encrypting a device is good, but ineffective the minute the data leaves the device

Encrypting emails or encrypting communications is great, but only for emails or SL connectivity

Encrypt ALL DATA so you don’t have to worry about the device (laptop, thumbdrive), endpoint storage medium (ie: Box, DropBox), locality (China, N.Korea, Middle East), or transport (SSL, VPN)

Tie data encryption to Active Directory, so when you disable the AD account, all of the files associated with the AD user become inaccessible

Leverage automated encrypted technologies

Set Security Criteria on Content

Author of the document can define who can do the following:• View document• Edit document• Print document• Copy/Paste• Forward an email• and set doc expiration

5

Office 2011 Mac Natively Supports Microsoft Rights Management Services Encryption and Protection

Native support for Microsoft Rights Management Services (RMS) for document encryption / protection

Leveraging 3rd Party Plug-ins for RMS Captures and Applies Encryption to Files in Transit in Exchange 2007/2010/2013 & SharePoint 2007/2010/2013

Providing a Common App for ALL Endpoints Types(ex: Microsoft Exchange 2013, SharePoint 2013, etc)

Exchange / SharePoint (2013) have native support for mobile phones and tablets

Exchange leverages Outlook Web App (OWA) and the “offline capabilities” in HTML5 built in to IE 10+, Safari 5.1+, Google Chrome 18+

Mobile Phone

“1 wide” formatTablet “2 wide” format

Normal Desktop/Laptop “3 wide” format

6

Remote Desktop Connection Clients (by Microsoft)for Apple Mac, iOS, Android (released Oct 17, 2013)

MacOS https://itunes.apple.com/us/app/microsoft-remote-desktop/id715768417?mt=12&ls=1

iOS https://itunes.apple.com/us/app/microsoft-remote-desktop/id714464092?mt=8

Android https://play.google.com/store/apps/details?id=com.microsoft.rdc.android

Remote Desktop Client – Apple Mac

Remote Desktop Client – iPad

Going Mobile with Windows

Great, consistent

experience across devices

Mobile app consistency Unified device

management

Shared Windows Core and Security Architecture

Productive and

connected on the go

Your Apps and Data Always With You

Replacement DeviceUser Settings on

Replacement Device

Pro

Workfolders

Windows DeviceLost or Damaged Device User Data on

Replacement Device

“Social Media Strategy”

Focusing on User Access to Information

Improving User Experience

Enterprise social and your businessTransform your business from the inside out

EXTERNAL SOCIAL INTERNAL SOCIAL

7

Providing organizations Microsoft’s trusted business technologies (Exchange, SharePoint, Lync, Office)

on-premise, in the cloud, or both. Flagship “2013” versions with full support for non-Microsoft

endpoints (Macs, Android, iOS) with the exact same version in the cloud with Office 365

Introducing Yammer:Integrating SharePoint, Yammer, SkyDrive, Lync…

83% of users feel

better connected

with their team

25% boost in

productivity in social

organizations

20% rise in

supplier & partner

satisfaction

67% of new

employees get up to

speed faster

78% of users

communicate more

effectively

41% of users are

more prone to share

feedback via

Yammer

50% of users can

locate relevant

information and

people faster

80% of users are

more informed with

what is happening

40% greater ROI

when using Yammer

and SharePoint

together

Sources: IBM Global CIO Study, 2011 - Yammer User Survey, 2010 - McKinsey, The Social Economy, July 2012 - Gallup Consulting “Employee Engagement, What’s Your Engagement Ratio?” 2008 - Yammer User Surveys,

2010 and 2013

Improve team alignment

- Collaborate across geos and functions

- Manage projects and events

- Drive competitive intelligence

Increase employee engagement

- Identify expertise

- Accelerate learning, development & onboarding

- Share best practices

Continue to evolve

- Innovate faster

- Adapt and respond to change

- Build a unified culture

Accessing Yammer from Any DeviceWindows, Apple Mac, iPhone, iPad, Android, Linux, Windows Mobile, etc

Like and Reply to others’ messages

Notify people immediately

with a message

Post to a group on the go

Browse your network

8

“Big Data”“Business Intelligence”

Data Collection and Consolidation

Information Analysis and Data Utilization

Uncover new

insights with

the world’s

data

Move fast. Move first.What more could your business do with the data available?

“Yahoo! can now provide more relevant advertising data which has increased

advertising spending and campaign effectiveness. We have achieved this by

combining Hadoop and Hive technologies that handle large data sets with the

powerful analytic insight provided by the Microsoft BI platform.” Yahoo

Web app optimization

Smart meter monitoringEquipment monitoringPerformance analysisLife sciences research

Fraud detection

Healthcare outcomesWeather forecasting

Natural resource exploration

Social network analysis

Churn analysis

Traffic flow optimization

IT infrastructure optimization

Legal discovery

Industry Impact & OpportunityGaining competitive advantage leveraging data analysis and optimization Data

Analytics with

SQL 2012 R2,

Excel 2013,

SharePoint B.I.

Power “suite”

Power Query

Power View

Power Q&A

Power Map

Power BI

Guidance

Developer Tools

SystemsManagement

IdentityManagement

Cloud

Information Protection

Client and Server OS

Server Applications

Edge

Unified (optimized) Datacenter whether On-premise or the Cloud Management and datacenter server tools that support Microsoft and non-Microsoft environments (ie:

cross-platform manage - Vmware, Linux, NetApp, EMC, Cisco, etc) Support for Microsoft and non-Microsoft endpoint client systems (ie: Macs, iPads, iPhones, Android) In the box (Office Servers 2013) client support for non-Microsoft endpoints with Apps on-premise

and in the cloud (Office 365) Social networking collaboration and communications, Improving existing communication processes Leveraging data tools and data analytics to be fast and be first