In My Opinion: Sajan Pillai, UST Global

BUSINESS & TECHNOLOGY

siliconindia
VC Talk: Bijul Somaia, Lightspeed Venture Partners PUBLISHED SINCE 1997 IN THE U.S. & INDIA JANUARY - 2011 SILICONINDIA.COM

Enterprise Security Special

Karl Mehta, CEO

siliconindia
JANUARY - 2011
Editor-in-Chief

Harvi Sachar

Publisher

Managing Editor

Pradeep Shankar
Deputy Editor Editorial Staff

Editorial

Christo Jacob

Swipe or Wave? A Dilemma!

Jaya Smitha Menon Eureka Bharali Hari Anil Vimali Swamy
Sr.Visualizer Subscription Manager

Raghu Koppal P Magendran

Mailing Address

T:510.440.8249, F:510.440.8276

SiliconIndia Inc 44790 S. Grimmer Blvd Suite 202, Fremont, CA 94538

January 2011, volume 14-01 (ISSN 1091-9503) Published monthly by siliconindia, Inc.

siliconindia

Copyright © 2009 siliconindia, Inc. All rights reserved. Reproduction in whole or part of any text, photography or illustrations without written permission from the publisher is prohibited.The publisher assumes no responsibility for unsolicited manuscripts, photographs or illustrations. Views and opinions expressed in this publication are not necessarily those of the magazine and accordingly, no liability is assumed by the publisher thereof. mainstream retail outlets such as Barnes & Noble, Borders, and Tower Records. It is also available at ethnic Asian Indian stores in major Indian hot spots across the U.S.The magazine is also distributed at major trade shows and conferences, including Comdex, Internet World and PC Expo.

Visit www.siliconindia.com or send email to subscription@siliconindia.com

To subscribe to siliconindia

siliconindia’s circulation is audited and certified by BPA International. siliconindia is available through

ill now, we swiped our credit or debit cards to make a purchase. In the coming years, this concept may disrupt and we will see consumers waving their mobile phones for the same purchase. Mobile payment platform is busting with activities and Near Field Communication (NFC), a short range wireless technology is opening new avenues for service providers, banks and new players for commercialization of new technology. What is clear is that the market is still in flux as users are doubtful about how secure this might be. But those developing this technology confidently vouch about the security since consumers will be able to instantly lock all the mobile wallet services on their phone if the device is lost or stolen and then have the services automatically transferred onto a new phone. They will also be able to use their phone to make payments even when the battery is flat. In Korea and Japan, the potential of these services have already been realized and is already available for commercial use. One in every 15 today there makes a purchase using NFC enabled phones. Just how digitization of content earlier leveraged credit card and online payment usage, mobile phone penetration is sure to give a similar push to the rapid adoption of NFC enabled phones as a mode of payment in the coming years. Moreover, it is expected that the worldwide shipments of mobile phones with built-in NFC capability will rise to 220.1 million units in 2014, up by a factor of four from 52.6 million in 2010. In 2014, 13 percent of phones shipped will integrate NFC, up from just 4.1 percent in 2010. While Nokia has declared that all the new smart phones that will be introduced in 2011 will support NFC, Google has announced support for NFC in Android 2.3. However, a bigger push could come from Apple as it has been pouching the NFC experts and has already filed several NFC related patents since early last year. Apart from these bigwigs, there are a lot of startups experimenting on creating new modes of payment platform. Santa Clara based PlaySpan is one such company. In an era where the global payment industry is morphing rapidly especially going digital with all the new devices, PlaySpan has made the much alluded micropayment services digital and versatile over a myriad of devices by leveraging on social network. Today, the four year old company has made much headway in this industry and is competing almost neck to neck with Golaiths like Google, Adobe, Yahoo and more, who are trying to grab a large chunk of the pie. While this digitization of payment industry is a good news for the Goliaths of the industry, the scope of commercialization of new technologies like NFC will also give a platform for the Davids to be the new Goliaths of this emerging industry in the coming years. Wish you all Happy New Year! Please do share your thoughts with us. Christo Jacob Managing Editor editor@siliconindia.com

T

Contents January 2011
14
Cover Story

Innovation
By Vimali Swamy

Leading
playspan

in the Global Payment Industry

Karl Mehta, CEO

04 [In My Opinion] Beyond the Metros: Bringing IT Opportunities to Tier II and III Cities 06 [Infocus]
By Sajan Pillai, UST Global

22 [Management] Managing Compliance Through Physical Identity and Access Management 24 [Technology] Evolution of Mobile Devices and Services 25 [Business] Indian Startup Founders Are They Serious on Sales? 26 [Technology] Security Challenges in Using Social Media
By Eureka Bharali By Arun Samudrala, United Mobile Apps By Ajay Jain, Quantum Secure

34 Securing the Cloud

10 [VC Chakra]

36 [Technology] Successful Integration of Technology in Schools- Opportunities and Challenges 38 IPR Issues in Cloud Computing 40 Open Source ERP is Ready Willing & Able 42 ERP Implementation for Midsize companies Necessary Expense or Strategic Investment? 44 Secure Cloud Computing The future of Information Technology Management 46 [SI 20 Profile]
By Kartik Shahani, RSA By Vinay Singh, Vital Wires Consulting By Tom Rodgers, CIGNEX By Rahul Chaudhry, Lall Lahiri & Salhotra By Sanjiv Pande, NIIT

By Ravi Shankar, Navales

12

Appnomic Systems Receive $ 2.5 Million in Series B Funding iYogi Raises $30 Million Verismo Networks Secures $17 Million Funding SnapLogic with $10 Million in Series B Funding RiseSmart Raised $3 Million in Equity

20 [VC Talk] Financial Services & Education Potential Areas for Startups
By Bejul Somaia, Lightspeed Venture Partners

[CEO Spotlight] Desktop Virtualization & Cloud Computing: Building blocks of Nex gen Technology It is the Social Era for Internet Dynamic content sparks growth of new tools and technology

28 Enterprise Level SAN Features and Solutions at SMB Prices 30 The State of the Cyberstate 32 Mobile Data Growth in Indiaan Opportunity and a Challenge
By Amit Yoran, NetWitness

By Gary Bahadur, KRAA Security

By Tad Lebeck, Huawei Symantec

By Anjan Ghosal, IntelliNet Technologies

siliconindia

|3|

January 2011

a bit of research into the geographical.5 times in the state. some of our clients.” but that is being rapidly replaced in favor of “employee engagement. and a Attrition is a costly affair in most few small private companies peporganizations—the cost of replacing an pered over Technopark. and communication. Employees must be confident that there is a sufficient supportive infrastructure in town to justify bringing their families to live there. Suddenly. we need an amalgamation of four fundamental aspects: government support. political. “Why would When we looked at the big cities—what we you choose Kerala?” asked our well-wishers. either. but the requirements don’t end there. What we do have in our favor is the abundance of skilled talent and the cost factor. but investors should be made aware that these are available together in one place. businesses have tried to speak the language of “employee satisfaction.we saw the advent of a whole lot of industrial ity of education in Kerala is among the best in clusters. In fact. engaged employees are an essential factor for any business.” which is now being replaced in favor of “employee engagement” Most cities in South East Asia have a rich culture and heritage like the one we often boast of. industry regulations. Although we do have some infrastructure. are so impressed that they want to bring their own businesses here. delivered on their promises with prompt follow ups. There is no substitute for any of these. Traditionally. If the government steps in at the right time. the skills and concepts required in professional life can be learned from the employer organizations. the governments welcomed us with open arms. We detions in 1999. it is not enough to support the amount of business that can potentially come to our shores. While a beautiful countryside is nice to have. and economic climate of the state reveals an unattractive side as well. Philippines and Chile. Since employment must have consequences more farreaching than simple contentment with a job well done. and other this part of the world. Cities like Thailand and Shanghai offer the same or even better cost advantages than India does. that gration to and from the state. The qual. Keltron. UST Global in my opinion Beyond the Metros: Bringing IT Opportunities to Tier II and III Cities siliconindia |4| hen we started our opera. And being a service industry. India has many promising locales for an IT destination. It became very apparent that these limits would have an adverse impact on our ability to reduce costs while operating in these locations. are sur. there were a whole lot of them to invest in.original strength. For sustained commercialization and confident investment. primarily due to efficient employee engagement practices. In terms of social displacement. there are no environmental concerns to worry about. Unfortunately. and facilities. there are so many options available today that they just don’t have to take the risk. and prospects were hes. Let’s make it work! si siliconindia |5| January 2011 . We believe in giving our associates the gift of lifetime employability. India still needs to work on a few critical aspects like education. hubs.basic elements into consideration. we were cided: Kerala had to be the right place. the use of Tier II and III cities makes use of what you might call an IT “necklace strategy” that builds mega-centers offering employment opportunities to the masses in more dispersed areas around.business units. We at UST Global have special career development programs.the potential of a service economy. we have grown to 500 times our looking for the perfect location for our offshore devel. many of which focus on the new generation. Traditionally. after they have seen Kerala while visiting our facilities. for its part. Today. too. Schooling should be more oriented towards communication skills right from that level.driven by the desire for cheaper talent and reernment at the time was slowly waking up to duced operational costs. while the gov. Competition among these cities is intense. UST Global has been successful in keeping attrition to a level well below industry standards. I can speak from UST Global’s experience of expanding operations into Manila. quality talent input. entertainment options. The workforce is the concept of outsourcing was primarily highly stable and productive. Attrition is a costly affair in most organizations—the cost of replacing an employee is estimated to be 1. largely because about 60 peropment centers. So these two points will no longer set us apart from the crowd. should ensure that we have the right kind of infrastructure to showcase to potential investors. which in turn reduces attrition. and most importantly. civic amenities. surprised everyone around us.” In this context. a well-engaged workforce results in happy employees. They promised us the best resources. We must strike while the iron is hot. businesses have tried to speak the language of “employee satisfaction. The government. now call Tier I. it is hardly enough.5 times the employee’s annual compensation. estates. First. In both cities. When looking at possible target prisingly cosmopolitan from years of exposure sites. This calls for solid marketing on behalf of the government. I should emphasize that important personality development is taking place during high school. No global company had a significant presence employee is estimated to be 1. Eliminating much of the social displacement in this way is one of the biggest social benefits of Information Technology. at least in the Indian context— Kerala’s industrialization in 1999 included ER&DC.the employee’s annual compensation itant to take the plunge. But we cannot afford to wait another decade for the effects to trickle down. There was also social January 2010 W Sajan Pillai displacement—the need for people to immigrate to find work. The Tier I cities were becoming saturated with people and were nearing the limits of their infrastructures. If the basics are in place. Tier II and III cities were a refreshing alternative. corridors. What I mean by “infrastructure” in this context goes beyond office buildings and telecom facilities to include aspects such as a decent way of life. These are the kind of cities that are competing with India for investments. Investors need to be convinced of the commercial advantages they can expect from investing in a country like India.By Sajan Pillai The author is CEO. We decided to look at the facts rather than believe the propaganda. The people. bringing investment to our cities will be a cakewalk. Our choice cent of our workforce is located in Kerala. rather than in the country’s biggest cities. While we might have convinced them in earlier times that the advantages we have to offer easily outweigh the disadvantages. and this is where key differentiators can come into play to help with cost reductions. once the model was seen to work. and security. resources. we envisioned a model that took two to different cultures and from considerable mi. When I speak of education in Tier II and III cities.

They said that this actually raised the prospect that diamond-studded stars may exist.in ndian companies are keen in adapting best global practices and are increasingly doing so. Nikku Madhusudan. and his colleagues have observed that an extremely hot planet discovered last year has a never before seen characteristic of having more carbon than oxygen. it has to sustain low oxygen. Indian Astronomer Led Team |6| perature of this planet.200 lightyears from Earth.” said Stephen Wagner. The surface temsiliconindia A Diamond Studded Planet Discovered by U. espe- cially those associated to corporate governance. Scientists used U.” Madhusudhan said. used to analyze the atmosphere of the planet which orbits a star about 1. si January 2010 .S. low water and lots of methane and other hydrocarbons that would be in the atmosphere. “If life exists on such planets. He also added that the structure of this planet might make us rethink our long-ingrained ideas of planetary formation and that with much hotness and no solid surface the planet could not support life. though he warns that these companies need to have regular evaluation at all levels to sustain good corporate governance. a Banaras Hindu University (BHU) alumnus who works at Princeton University. stronomers led by an Indian American have discovered a giant planet with an atmosphere and a core dominated by carbon. said that WASP-12b is made largely of gas and only its core contains carbon-based minerals such as diamonds and graphite.” Wagner said while talking about the change in taking and managing risk by the companies in the recent years. named WASP12b. Madhusudhan. A computational technique developed two years ago by Madhusudan. It was the `14. He also suggested that there should be an annual evaluation process in place to assess the effectiveness of the board as well as the corporate governance in companies. which makes it hot enough to melt stainless steel. should be framed after taking into account the view points of all market participants. space agency NASA’s Spitzer Space Telescope to observe light emitted by the planet WASP-12b.000 crore accounting fraud of Satyam by its founder-chairman Ramalinga Raju that brought the issue of corporate governance into sharp focus in India. while he was at the Massachusetts Institute of Technology (MIT). “Good governance at companies usually translates into good finan- I Indian Companies Adapting Best Global Practices cial numbers while just having good names on the (firms’) board need not ensure the same. This planet was discovered in 2009 by researchers in the UK-based consortium called Wide Angle Search for Planets (WASP). Chairman Emeritus of global consultancy Deloitte’s Global Centre for Corporate Governance.S. mainly since the world is getting more interconnected that is also resulting in connectivity of shocks. “Corporate governance has evolved enormously in India and many big companies in the country are committed to embrace global best practices for their business. Wagner pointed out that regulations. who is now a postdoctoral scientist in the department of astrophysical sciences at Princeton. New Jersey.” he said. “Entities should anticipate and be more prepared to tackle risks and shocks. says an expert. seems to be 2300°C.

who has recently joined the boards of Zephyr Peacock as its Director quickly pinpoints.000 crore per annum. The study assessed how IT managers are evolving their data centers and taking advantage of new technologies. as remedies to these ailments. si nformation. Communication and Technology (ICT) solutions have the potential to reduce India’s total greenhouse gas (GHG) emissions by 10 percent by 2030. si siliconindia January 2010 |9| January 2011 .S.partly as energy. The ranking is based on Cisco Connected World Report. transport and nine sectors under PAT (Perform. As per Attero’s Founder. companies’ crucial data were found openly distributed on an online site of Nigeria. This contributes to about 30 percent of the overall reduction. and to encourage research and development. Best practices can even recover 100 percent of the materials . at the same time working to accommodate new trends in the workplace like social media. Achieve and Trade). The biggest snag is the lack of awareness and the urge to socially come to a conclusion. For instance. Nokia claims that 65-80 percent of the materials in their mobile phones can now be recycled and given a second life. HCL. On the other side. no report in India has quantified the specific savings possible using ICT solutions. Also a large majority (88 percent) of IT respondents expect to store some percentage of their company’s data and applications in private or public clouds in the next three years.” says Rohan Gupta. how would a company venturing into the realm bring in a better return on investment? Sachin Maheshwari. the law will not be implemented on a full force.” During his stints in Draper Fisher Jurvetson Maheshwari himself was a part of one of the recycling startups. market-research firm InsightExpress. Nitin Gupta. for instance. The report recommends to create a platform for green jobs. recently. Whether it’s metal or gold. “The amount of recycled goods that comes out of a product covers all the recycling cost. U.in in he green statement has been luring a lot of startup to grab a pie of the huge e-waste market. For instance. I India Third Largest Cloud Service User ndia is the third largest cloud service user in world and is ahead of U. undertake steps to develop ICT adoptions. E-waste management firms claim that now it is possible to recycle around 98 percent of a cellphone. use a specific technology to re-format the hard-disks to ensure no data can be retrieved from the product. followed by India (26 percent).National Mission on Enhanced Energy Efficiency (NMEEE). To some extent even electronic manufacturing firms have started taking a notice of the re-usability part. many of the U. and currently. the open market has a good price for it. But will it happen before 2012. The computing devices. the work of the organized recycling companies comes. device proliferation. Herein. If a general consensus on orsiliconindia T e-Waste Recycling By Eureka Bharali Startups-VCs Confident. China (69 percent) and India (76 percent) in the near future. there are 75 million computers in India since the life cycle of a PC has come down to 3-4 years from 7-8 years a few years back. India is presently the third largest emitter of GHG after China and the U. Higher cloud adoption rates are predicted in Brazil (70 percent).S. Yet till 2012. The market is huge. attributed the maximum potential of saving of carbon dioxide emission to the construction industry with a whooping 42 percentage. NMEEE has set targets to reduce 100 million tonnes of carbon dioxide emission by 2015. The high technology costs. just five percent gets recycled in an organized way.S. weak regulatory norms on carbon emission standard and low research and development support are the main factors that are preventing the country from ICT adoption. The report named ‘ICT Contribution to India’s National Action Plan on Climate Change (NAPCC)’.S. (23 percent) and Mexico (22 percent). It maintains that globally 52 percent of the IT professionals have stated that they use or plan to use cloud computing. Cofounder of Attero Recycling. A sneak view of the recent laws show that the government has introduced legal compliance whereby every company will have to give out the goods to the authorized recyclers.” said Rahul Bedi. Also the hazardous bi-products are disposed safely. rationalization of direct and indirect taxes. Even if being socially conscious about pollution is kept on the products once it reaches the unorganized scrap dealers’ hands. Similarly. National Mission on Sustainable Habitat (NMSH) and National Solar Mission (NSM). In such a scenario. DESC Chairman. the sidelines for a minute.S. video and an increasingly mobile workforce. funds allocation. According to a report this will result in energy cost savings of around Rs 137. I ICT Can Reduce GHG Emission by 10 Percent The report by the Digital Energy Solutions Consortium India (DESC) and CII-ICT Centre of Excellence for Sustainable Development investigated the possible GHG reduction opportunities via ICT solutions in three mitigation-related missions of NAPCC . inadequate energy benchmarks. and Google among others. Tata Tele Services. The NAPCC was released by Prime Minister Manmohan Singh in 2008 as part of the nation’s strategy to manage GHG emission. yet till a complete agreement from every nook of the society comes it may not grow big. There are 58 million television units in India which is expected to reach 234 million by 2015. This happens as there is no track of |8| The study conducted in 13 countries also revealed that just about 18 percent of respondents are using cloud computing today. electronic garbage that piles up within every company. thanks to the scrap dealers. The study was conducted by the U. there are also issues on security. while an additional 34 percent plan to use the cloud. chances seem to be meek. Yet Too Many Loopholes ganized e-waste recycling is achieved then there is no looking back for any firm in this sector. The countries that lead the list by taking maximum advantage from cloud computing today are Brazil (27 percent) and Germany (27 percent). It serves more than 200 clients which include Wipro. have always been a source of the quick cash. the Indian mobile handset market is set to zoom across the 100 million mark soon. “Till date. a new study commissioned by network equipment vendor Cisco. We. followed by road transport with 30 percent while power sector came third with 16 percent.S. “One is paid for giving out the garbage to an unorganized recycler. the country may also be seen as a hub for e-waste management considering the fact that it takes $2 to recycle a single PC in India compared to $20 in U. The report allows industries to quantify their potential energy as well as monetary savings by adopting ICTbased solutions. of which 31 million tonnes reduction comes as a result of the adoption of ICT in buildings.

The company presently runs with 90 employees. an outplacement service to help exiting employees find new positions. Chennai.1 billion). The developer community has strength of about 50 developers who publish applications to SnapLogic’s app store.S. and with the funding the company has plans to increases its services to other countries in the Europe.5 million. and international markets. Apart from Sequoia Capital. Co-founder and Chief Architect. CEO of Appnomic. Co-founder and CEO of iYogi. “NVP has been very supportive of Appnomic’s growth and we are happy to be extending our relationship with them with this round of funding.” said Shailendra Singh. With this investment iYogi will expand services outside the existing consumer market and the Windows Operating System platform. Like Salesforce’s customer relationship management (CRM) software and Google Apps. The connected devices market is very large and is expected to grow to 140 million units by 2014. DataCore Software. Tata Business Support Services Ltd. The company headquartered in Palo Alto also has its presence in India with offices in Bangalore. for any device. customers such as Cypress Semiconductor. to which the Verismo powered set-tops connects to and separates content quickly without programming the device. The company’s existing market includes North America. founder and Sanjay Sathe CEO. “We have invested significantly in extending our game changing platform-as-aservice delivery model and believe that we have established the new market stan- R iseSmart. Stratus ASP. “I believe that iYogi will be cited amongst case studies of disruptive business models delivering world-class service to global consumers from India. Verismo Networks. a San Mateo based cloud integration company.85 million from Norwest Venture Partners (NVP).” said Promod Haque.. This is ultimately the key to our continued growth and success. The company will expand its research and development (R&D) and sales efforts and has plans to develop its next generation product focused on service providers and Multi System Operators (MSO) both in the U. General Partner at NVP.” said Sanjay Sathe. Everest Bank Ltd.com. V erismo Networks. in 2007. a San Jose based outplacement and recruitment process outsourcing (RPO) company has completed a $3 million equity financing round. the cloud based version of their solution. launch operations in Europe and enhance the application aware IT infrastructure management platform. Roku and others. Appnomic’s Application Aware Infrastructure Performance Management solution has been adopted by many customers including one of the largest banks in India. “RiseSmart has developed recruitment and outplacement solutions that are truly unique in the talent management space – utilizing its proprietary technology which leverages Web 2. a recruitment process outsourcing (RPO) solution for finding new talent and SmartRedeploy which is a Software-as-a-Service solution. Formerly. “RiseSmart provides talent management solutions at the two most critical talent transition points: joining and leaving an organization.” Unlike Boxee and Roku whose focus is on creating consumer devices. iYogi is the world’s largest independent remote consumer tech support company which has driven an impressive siliconindia |10| 300 percent growth for its premium annual subscription service alone. RiseSmart. and continue to experience high demand for its services offering. iYogi Raises $30 Million Yogi. Snapsuperior results for our clients’ recruitment and outplacement programs. Verismo has healthy revenues and the technology risk is eliminated since the product is already deployed by many customers. “We believe Appnomic continues to be well positioned to address IT management requirements of growing enterprises that are working with both on-premise and hosted/cloud-based technologies. a leading travel portal and a mid-sized bank in West Africa.5 Million in Series B Funding ppnomic Systems. “Through our methodology. and at affordable price-points. NVP had previously invested $4 million in the company. However. Recruit Concierge. The revenue sharing model is the same as other app stores with 70 percent reaching the developers and 30 percent remaining with SnapLogic.” said Venkat Mohan.0 and social networking features and capabilities to provide a richer and more compelling solution to its growing roster of Fortune 500 enterprise clients. the company currently deals in three solutions.” says Satish Mugulavalli. including Andreessen-Horowitz and Floodgate. “The digital media landscape is very big.S. Middle East and India. It will provide the company with the capability to extend its platform to the global SME market and also aggressively address the growing need for supporting mobile consumer devices. The company’s total financing to date stands at $6. The company presently runs with 30 employees. Europe and Middle East. We look forward to partnering with Appnomic to help grow the company further. Our planned expansion includes making our services available in any geography. SAP Ventures and Draper Fisher Jurvetson. has raised $10 million in Series B funding led by existing investor Ben Horowitz of Andreessen-Horowitz. “We offer a complete solution as opposed to many companies that develop just middleware or set top devices. across any platform. VCs love this as opposed to a consumer electronic dard for tech support and related services through a consistent user experience. Mugulavalli adds. Canada. the company is led by Gaurav Dhillon who was the former CEO of data integration giant Informatica (now a public company with market cap of $4. Yatra. and solved more than two million tech Uday Challu problems for consumers since its inception. SVB Capital Partners. Tata Sky. India. the United Kingdom and Australia. The expansion plans particularly involves expansion into European territories. an Internet TV Platform headquartered in California and with development centre in Bangalore. Verismo will use these funds to accelerate its growth and expand operations to continue to deliver its technology to its customers and channel partners worldwide. iYogi’s existing investors Canaan.$ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $$ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ Appnomic Systems Receives $2. Appme- A i ter. and Karnataka Bank. The funds will be used to expand internationally. a provider of application aware IT infrastructure management solutions to large and growing enterprises. the firm had raised $ 11. managing partner.” said D Padmanabhan. Their existing clients include Rediff. Verismo is a platform company and thus plays in a lot of digital media verticals. Floodgate also took part in the fund raising round just behind Andreessen-Horowitz.8 million in funding from several high-profile investors. also took part in this round of fund raising. The company previously raised $4. We leverage a common technology platform to ensure next-generation efficiency and RiseSmart Raised $3 Million in Equity angel investors. Transition Concierge. Managing Director of Sequoia Capital India. In accord with the funding. The company plans to use this series B funds to further enhance its sales presence in the U.” added Sathe. The VCs are interested in large markets.5 million Series B round of funding led by existing investor Norwest Venture Partners (NVP). the first consumer service brand from India. NVP. Founded in 2006. si siliconindia January 2010 |11| January 2011 . Storm Ventures and S SnapLogic with $10 Million in Series B Funding Logic also runs an app store that provides connect i v i t y software for various cloud applications. The company plans to use this fund to continue its expansion into new markets and further the development of its technology platform for bi-directional matching of jobs and job candidates. It helps in the transfer of data effecbeGaurav Dhillon tively tween those cloud applications and makes sure definitions are the same across multiple applications. we have consistently reduced time-to-hire for our recruitment clients and time-to-placement for our outplacement clients. has closed a $2. our customer devices will compete with boxes made by Boxee. napLogic. Verismo is focused on service provider market helping them deliver triple-play services.” said Uday Challu. Hyderabad and Mumbai. He believes their main differentiating factor is Verismo’s service platform. The company has built a platform for such devices and the demand for the same is worldwide. We are grateful for the support of NVP and Storm Ventures as we work aggressively to expand our market position. has been featured on the Rackspace and Amazon cloud for D Padmanabhan monitoring transaction performance of cloud-based applications. Ramco. has raised a funding of $17 million in a round led by Intel Capital.S. for product development and help expand the team’s marketing branch. one of the leading hosting and cloud companies. Founded in 2006. Ben Horowitz has joined the company’s board of directors. has raised $30 million in a new round of funding lead by Sequoia Capital. si Satish Mugulavalli Verismo Networks Secures $17 Million Funding firm trying to sell devices in retail. They have also acquired key U.com.

It’s important to recognize how early a stage of development. Each day. and at the same time. a growth that will ramp up as global adoption of the Internet continues to rise. One example is Intel’s Mobile Internet Device line running the Atom processor. Access to content is no longer static. The challenge for enterprise computing is to deliver legacy and corporate applications to end users with the same level of flexibility and rich user experience as Apple has brought to consumers with its iTunes. new social networks and over the top video in return will gain momentum. LinkedIn and Twitter. As leaders and entrepreneurs in our R&D process we have to keep developing key components that we can quickly productize and bring it to market. Once initial funding is obtained. Social media continues to revolutionize the distribution of online applications. more people are on the Internet from more places around the world than ever before. followed by the advent of Web 2. the right partners. While building an app for a Smartphone does not require much capital. advertising revenue. not just with mobile browsers. since no product or service can stand alone. entrepreneurs have to react quickly and bring newer products to life within a shorter time span. will redefine the online landscape both by changing how we communicate.com ver the last two decades. Apple’s FaceTime) and entertainment (for example. This is a very exciting time for entrepreneurs because innovations are occurring at every level. Facebook. engaged audience. the future is indeed bright for entrepreneurs. Mobile is dramatically changing how we access information online. while enhancing the security and provisioning of corporate desktops. but with applications on platforms like iOS and O Android as well. This new era. Funding and personnel will always be critical challenges for entrepreneurs. often referred to as the social web. for example. upgrading to provide faster download speeds which in turn enables providers and media giants to push contents directly to the subscribers. which will be shaped by the significant new trends we have seen in recent years. stemming primarily from the rise of YouTube. From a corporate perspective. Raising capital is still a challenge in this environment. It will be challenging for the MSO and cable operators and interesting to see how they maintain their ARPU and also invest in infrastructure upgrade. Cloud computing is reaching scale with the significant adoption of both its infrastructure and related applications. support new mobile devices. Vijay Srivastava. so entrepreneurs with a great idea for technical innovation must work harder than ever to secure financing capital from a variety of sources. DV holds the promise of enabling any user to have their desktop anytime. More people are now on the Web all the time. Coaxial Network able technology has evolved in the last decade many folds. you want your content to follow you and move with you. Everyone in Silicon Valley. SimplyHired. with the mobile device becoming the main way we stay connected. But with the proper funding. Another significant trend is the emergence of rich online media. In addition to its changing focus. These apps leverage both the Web and the social graph. Companies are on the hunt for those with the right skills. With this digitization of the cable spectrum and adoption of DOCSIS 3. Founder & CEO. and businesses are tentative about making large investments. We are just getting started. and by facilitating the creation of applications that leverage these new social connections. As user habits remain unpredictable in a dynamic market. Adoption of digital technology has provided Multi System Operators (MSO) and cable operators to deliver services that traditionally only Telecommunication companies could provide. providing a quantum leap in the utility of mobile computing. using payment systems. iPad and the App Store. startup companies need to establish meaningful partnerships with an ecosystem of companies that offer complementary technologies and go-tomarket capability. all have different social graphs and create interconnections between people in unique ways. Hulu). Having competent team players on staff is essential to the success of any startup. anywhere. mobile Internet specialists and social media experts. Venture capital is not as readily available as it used to be. We are going to see continued innovation as video production and distribution become easier and more cost-effective. Newer methods of monetizing the Dynamic Content Sparks Growth of New Tools and Technology C cable infrastructure will emerge as social media and over the top applications such as Facebook and Netflix drive away customer from traditional cable. Video has taken the Web by storm. Now we are entering a new era of the Web. the market for DV in 2011 is expected to outpace the market for the hugely successful server virtualization market. DeskStream esktop Virtualization (DV) is the hottest trend in the field of virtualization. Building an organization that is formidable and self sustained is especially difficult if you don’t have the right people. and entrepreneurs that get started now will have a running start as the economy gets traction. Video is an increasing part of our lives. especially programmers. The Web is no longer just about connections between websites. the right products. the Web is now accessed in many more ways. Mobile computing is the future. Entrepreneurs must ensure that they create offerings with a degree of longevity to carry them through what may be a very slow economic recovery. on any device – including mobile devices — without compromising on the user experience. According to industry analysts. building a product for corporate use is vastly different. The economy is just regaining strength. And. But ultimately the winner is one who controls and owns the masses eager for entertainment. This shift will spur the growth of new technologies and products. As MSO’s and cable operators increase download speeds.CEO SPOTLIGHT Desktop Virtualization & Cloud Computing: Building blocks of Nex gen Technology D Rao Cherukuri. and access to a large. with a talent war underway for the most in-demand specialties. President & CEO. Rao Cherukuri There is a continued push from customers to reduce Desktop Management costs. It is a dual edge sword. DV and cloud computing will be the buildsiliconindia ing blocks for delivering secure corporate applications on-demand to a new generation of ultra-thin mobile devices designed for standard desktop applications. from small start-ups to giant companies such as Google.0 after the dot-com bust. and the right people. the Web is really in. deliver desktop software on-demand and improve user productivity. Products have to be timed very well as products that are both early and late can fail in the market. It’s easier than ever to create a Web company with an array of tools and open source offerings. Coaxial Networks’ products help in enabling and delivering this paradigm shift. mostly in engineering. but has become centered on connections between people. we have seen first the emergence of the Internet as a commercial medium. is scrambling to fill critical jobs. creating changes in communication (for example. |12| Changing dynamics of the market creates more challenges for entrepreneurs. Entrepreneurs have a wealth of opportunity right now. DV dramatically lowers the total cost of ownership as well as power requirements.0 cable operators can deliver bandwidth upwards of 150 Mbps along with hundreds of standard and on demand video on the same cable infrastructure that earlier delivered few operator defined programming. Co-founder and Chief Executive Officer. the product or service must demonstrate early proof points with successful beta deployments or early customers. The latest trend is to leverage DV and cloud-based delivery models to provide Software as a Service (SaaS) or Desktop as a Service (DaaS). si siliconindia Vijay Srivastava January 2010 |13| January 2011 . Gautam Godhwani It is the Social Era for Internet Gautam Godhwani.

Karl Mehta seems to be on their toes. Menlo Ventures. Mumbai (India) Customers: 27 million consumers and 1000 plus enterprises Employees: 135+ Investment: $43 Million (in the 3 rounds of series funding) Investors: Easton Capital. CA Other Offices: Charlottesville (Virginia). the latest being in August 2010 for $18 million. Novel TMT Ventures. STIC Investments. With this the company is also in the path of revolutionizing the e-commerce industry by leveraging both online/mobile gaming and social networks on its platform.corp.com www. Leading playspan Founded: 2007 CEO: Karl Mehta Headquarters: Santa Clara. And why not? Within four years of its humble beginning in 2007. And today it is on its way to disrupt the 50 year old global payment industry with its payment platform — UltimatePay™.playspan.playspan. Vodafone and SoftBank Website: www.com T By Vimali Swamy Karl Mehta siliconindia |14| January 2010 .Cover Story Quick Facts: Innovation in the Global Payment Industry he headquarters of Santa Clara based PlaySpan is bustling with activity and everyone including the CEO of the company. the company has raised three rounds of venture funding from leading investors in the valley and large mobile operators.

there has been tremendous interest amongst developers. UltimatePay has gained considerable traction as users in 180 countries use it to pay for their virtual goods in games. With one click. Game coins. The lack of a secured wallet or a digital vault that enables an in-app/ in-game purchase that works fast and across all profiles/ avatars was simply not available from any existing payment providers. Game Cash.. to maintain its first mover advantage against establish players. “Being a startup. Hence. Be it a startup or a billion dollar enterprise. merchandising. Players today are wiling to pay for virtual currencies to buy virtual goods. Since. Upon further research. PlaySpan’s biggest competitors are the internal engineering teams at large merchants. These pain-points were big enough to convert the idea into a real solution and PlaySpan was founded as a platform where developers and users could enable a secured in-app payment. helping them to optimize more Conversion (Paid Users) and ARPU (Average Revenue Per user) out of their games. several large payment companies have been spending billions of dollars to build this infrastructure internally but PlaySpan built the platform over the past four years with an agile culture and trend — which started with enterprise companies such as Salesforce. “The entire digital space has been undergoing a remarkable change in siliconindia Today. But this success. users gets diverted to a new webpage by the payment gateway thereby causing a disconnect in the users mind. Disney. traditional payment gateways like credit card charge anywhere between 3-4 percent access fee per transaction which are cost prohibitive for a sub $2 transaction. apart from traditional payment gateways. there was almost no interest in the platform. with all the components of both online and mobile payment solution that a merchant needs in an out of the box PCI compliant hosted infrastructure. The idea caught on especially with younger users who needed one account that they can be funded by their parents and can be used at multiple games. Our UltimatePay lightbox technology was designed to ensure that a gamer/user does not have to navigate away from the app and complete the entire transaction within the application. and promotion to game companies. it took the complexity of managing payment for enterprises/merchants by creating a monetization platform known as MaaS (monetization as a service™) platform.” says Mehta. team and market traction rapidly. and lacks the in-app. e-commerce is in the way of getting a makeover. PlaySpan has empowered merchants and consumers across 180 countries with over 90 different payment options with multichannel devices. The greatest feat amongst PlaySpan many technological achievements is the speed at which proven engineering teams working in 24 hour cycle (US/India plus integrating two payment companies it had acquired over the past three years. Warner Bros. it is placed right with an application/content so that the user need not navigate away from the web page she is in. From social network biggie Facebook to online gaming publishers like Zynga. There has been a significant increase in the consumption of interactive media like online/ mobile games and social networking. Secondly. and other online accessories for one’s virtual gaming profile. Mehta made bold moves to follow an aggressive M&A strategy to build out the platform. any one can use this Application Programming Interface (API) based payment platform and transact across million users globally. Revision3 and Nickelodeon to name a few. this disjoint in usage tends to make the user re-evaluate one’s decision. Nexon. Adobe. The company also brings services such as fraud prevention.. Mehta saw a much bigger opportunity envisioning that this solution will be needed for all digital content or physical goods and across all devices.” explains Mehta. this virtual currency can be spent on various content across multiple devices. console and web TV now. was not an easy one for Playspan. Perfect World. “Usually while making an online transaction. For years. Its clientele varies from small businesses to globally recognized brands including Facebook. file capabilities that is needed by both consumers and merchants. But these goods cost as low as 25 cents to 99 cents. Since the wallet is also portable. We have observed that since lots of these purchases are impulsive. they found out that game developers were struggling to keep users engaged and complete a purchase without friction.com — can be extended to the business of providing services for online games. Today. with over 28 million users globally (growing at over 100 percent annual rate) and hundreds of millions of audience across its merchant networks. About four years ago.The Technology Gap in Payments The company originally started with a simple idea to provide an easy to use single-account of virtual currency based on aggregation of multiple in-game accounts and currencies. console and web TV now. the past few years. digital goods space by offering Facebook Credits. all have ventured into With digital content going cross-platform from open web to social web. it is this gap PlaySpan hoped to bridge by developing a next-generation payment platform. the greatest challenge for us was we were entering a siliconindia January 2010 |17| January 2011 . but the chargebacks associated with digital goods and existing out-ofgame ecommerce flows were some of the biggest technical challenges. publishers and merchants to sell digital goods. With digital content going cross-platform across open web to social web to mobile devices. a next gen PayPal type platform where both consumers have in-app access to accounts in virtual currency and merchants have easy to integrate SaaS based monetization platform to monetize their mobile or online sites across multi-channel. But eventually. This could lead to a loss of revenue. though quick. cross-platform portable wallet/ pro- |16| Developing a Disruptive Product So how does PlaySpan make this happen? The company’s payment infrastructure has two sides to it. Hello Kitty Online. mobile devices. Firstly it offers a wallet infrastructure. The service shows that the software-as-a-service PlaySpan has built and emerged as a global leader in a complex industry.

It is no wonder that Vodafone and Softbank. building and funding technology start-ups in the U. try. entrepreneurial style risk-taking culture are the keys to success in a fast growing space. Master Card. “To develop a robust payment platform takes a minimum of three years in a super-agile environment and we are already three years ahead of the new entrants. Nextag. he is looking to continue to lead the ‘monetization platform’ category that he created in the payment industry. Yodlee. adding to its technological prowess and has raised a total of $43 million in three rounds of funding. Menlo Ventures. a payment system that works around the world. The 50 year old traditional payment industry too has been secretive about its operations and to break their business model with micropayment platform was a challenging task. This opens up a lot more opportunity for content developers and aggregators. What is different now is that game publishers should be able to implement features such as a virtual goods store. based in Singapore and India. and international markets.” explains Mehta. For Playspan it was a typical ‘chicken and egg cycle’. apart from its monetization platform PlaySpan has several capabilities layered on top of each other in a “multi-layer architecture”. At any given time. recently joined the company’s investment round. evangelizing them about their product and also improving it with their Karl Mehta: A global CEO driving entrepreneurial culture ness has skyrocketed. and one in Mumbai. The mobile phone is the new wallet and that will change everything in the 50 years of payment industry payment system that allows companies to offer a fast. si siliconindia January 2010 |19| January 2011 . Customers can login to a web service and just get it all done. Prior to that. and enjoys 1000 plus developers and 2-3 million transactions a day. the process is automatic. and other features that online games need in just a matter of days.” explains Mehta. “With consumers shifting across platform. in return shaping up the e-commerce industry.com marketplace. where users can play games for free but pay real money for virtual goods such as better weapons. we too have continuously evolved our wallet platform both in terms of its in-app capability and portability. large mobile operators and Internet giants like Google. the mobile will be the new wallet. Ask him of his ambition. offloading the task of creating this infrastructure from game developers. the real opportunity for the company lies in the next few years.. Keeping up with its business expansion. Adobe.S. To conquer this continuous challenge of anticipating and evolving with market demands while keeping user confidence intact. to gain a leadership edge. Visa.S. Mehta feels. But what keeps Mehta optimistic about this situation is its first mover advantage.” he adds. PlaySpan provides virtual currency and virtual goods platform. With the advent of NFC. he held executive positions at Hughes. CEOs and game designers alike can use the dashboard to see how their games or videos are doing at any given moment. Oracle. in-app and secured transaction system. The company prides in the fact that it has the latest and best state of the security processes in place. A true entrepreneur. Novel TMT Ventures.S. besides great technology and market-traction market that no one had treaded. How? A one-percent increase in conversion of non-paying customers to paying customers can result in a 25 percent increase in revenue. the company has invested heavily in the technology and compliances (PCI Level 1 and SAS-70 certifications). PlayStation and Wii. Despite the company’s quick run to the top echelon in payment indus- It is very rare to catch Karl Mehta not juggling multiple tasks a time. the virtual goods busisiliconindia Building a world-class team and an agile. he was part of the founding team at MobileAria Inc. reducing the rate of credit card fraud can yield big profits. Also the payment industry is the most targeted sector in cyber space. executives at our merchant partners can use PlaySpan to tune their sites in real time. In short. Its investors today include Easton Capital. Karl believes that the global payment industry is up for a whirlwind transformation in the next three years and this will be a crucial time for every player. Apple. PlaySpan doesn’t have to babysit the customers as they implement it manually over a period of weeks. and he states the desire to break open the decades old traditional payment industry and take PlaySpan to dizzying heights that perhaps no one has yet reached. one can see the passion that is filled in him.. It provides merchants with one-stop service when it comes to introducing their own virtual currency. subscriptions and microtransactions. But the few minutes one manages to catch up with him. Similarly. is aware of the challenge and the risk that lies in the way for he is not perturbed that to maintain the numero uno position he has to continue to partner with majors like AMEX. Middle East and South America. And it sells Ultimate Game Card gift cards at 50. leading new business and technology development. and .” says Mehta. and others. But with persistence. PlaySpan has bagged over 28 million wallet accounts as against PayPal’s 80 million accounts that it bagged in a decade. Vodafone and SoftBank. The company has prospered as publishers flock to the free-to-play business model. There was no company that previously attempted to create a platform like this. Hence. the physical plastic card is expected to become obsolete. (acquired by Wireless Matrix) based in Mountain View and co-founder/ CEO of OmniLabs Inc. But this jet set CEO. India. The company also has a strong team of 135+ across its two offices in the U. Visa and Pay Pal who ruled the roost till date and giants like global mobile operators who are trying to make a dent in this industry too. it is no surprise that all major credit card companies. The digital space is an ever changing one. Revenues have grown more than 100 percent a year in the past three years with 50 percent from U. Also TV is going to become the next big internet device.000+ retailers so that users who don’t have credit cards can pay cash for the cards at stores and then enter a code to get virtual currency in a game.S. thus we did not have any model we could emulate. entire new arena.” explains Mehta. Thus the challenge is also to continuously evolve our platform’s security threshold. Rather. figuring out how to raise average revenues from paying users and get more non-paying customers to pay. Its management at present is filled with technology team who earlier worked with PayPal. Prior to founding PlaySpan. the company continuously worked in close quarters with both customers and merchants. he is flitting between customer and product development meetings. Apart from his other accomplishments. Facebook are trying to grab a piece of this pie. it has recruited the best of minds in the payment industry. 25 percent Asia and the rest from Europe. Mehta has over 18 years of experience to PlaySpan in founding. anti-fraud systems. With the success of virtual goods and micro-transactions in Asia and with the impact of the recession on U. the latest feather in his cap is the ‘Entrepreneur of the Year 2010’ Award from Ernst & Young for Northern California. “We have built a great team and more importantly a company culture that works on each and every feedback we get from our users in a super-iterative mode to respond in 24 hour cycle with a new release. also came the challenge of being accepted in the market by both the consumers and merchants. The gaming industry especially has journeyed from open browser to portable and connected devices like smart phones and Internet TV and consoles like Xbox. Today. especially PlaySpan. Also. Millions of gamers are using the Ultimate Game Card and PlaySpan’s own PlaySpan. Along with this. opening up an |18| The Present and the Future Today. The challenge lies in anticipating the market need before even the users themselves realize it. STIC Investments. the company has made two acquisitions till date. gamers. It also provides the UltimatePay “Also.feedback.

In 2010 it is expected to generate $9. so it is not fair to say that there are only limited ways to innovate. because if it is painful then people will pay. financial services. Take a Potential Areas Financial Services & Education T look at education sector. The same trend is beginning to be seen in the Indian market too. the banks typically lend to the cream of the crop in any particular area. That is why it is important to solve a large and painful problem. A lot of activities are being registered around the cloud. Lightspeed Venture Partners VC Talk: By Bejul Somaia ferent ways. This Research firm. which are seeing a revival of activity. So curriculum services. The same is the case with mobile sector with 3G and BWA rollouts. In India where ever you look there are opportunities to innovate and apply technologies in interesting ways. In financial services. These sectors seem to be reflective of the opportunities set in India. It is still at the ground floor in terms of innovation. In India the willingness to pay is often a challenge. education and media. If you are solving it well. Financial service to me is very exciting I read an article recently according to which from $15 billion seven years ago. We are also witnessing a lot of activity in the education sector. the bank consumer credit outstanding had become $100 billion a couple of years ago. This is an area of new trend. Now this is an innovation in a very large. An increase of this magnitude in five years! and we are just at the beginning. In these large traditional sectors there are pockets of emerging subsectors that create a lot of opportunity for entrepreneurs. Areas that are gaining speed more than others would be Internet and e-commerce.7 billion in 2011." the breakdown could exceed 90 percent by 2014. siliconindia |20| is a company that is now a couple of years old so it is essentially a start up and it is being a transparent competitive market for electricity. one can see a lot of companies trying to leverage the current teaching or school infrastructure to improve the quality of education. This helps to increase your chances of success. That is something that India needs. This means that the head room is significant and an entre- Entrepreneurs need to make sure that they are solving a large painful problem. it is an unnatural act to build something from nothing and so the human capitol that you assemble is the most prudent weapon you have. si siliconindia January 2010 |21| January 2011 . very mature market but still it is a disruptive innovation that has a significant impact on the industry. we are seeing increasing opportunity for niche or specialized lending businesses. Even though these sectors sound like traditional sectors we have actually invested in the non-traditional segments of these sectors. There are opportunities for real innovations across the board. curriculum products and technology products would be distributed through the existing school infrastructure rather than trying to create an all together new infrastructure. unlike a sector that sets a single target market. Then there is technology and technology enabled sectors like the internet and ecommerce. And finally the focus should be on execution.2 billion. Entrepreneurs need to make sure that they are solving a large painful problem. then over time you will be able to build a business that can survive recession. not just schools but in IP related businesses and content driven businesses. products and services that are provided and so the number of businesses that are going to grow out of this sector will be significant. The limitations are only by the entrepreneur’s imagination and knowledge of a sector.The author is Managing Director. Financial services were quite badly hit by the recession but it also recovered very strongly and fundamentally whether you look at credit cards or home loans or insurance products the penetration is tiny compared to any other markets including other emerging markets. The power related sectors are going through a lot of changes now. to create the right kind of incentives for investments and price signals.As the "SAAS model matures and converges with cloud services models. but what an entrepreneur must to do is stay focused as if there is a large unmet consumer need. though it is not generally focused on the domestic market. This is a growing trend. predicts a strong doubledigit growth in revenue for the enterprise Software-asa-Service (SAAS) applications market soon. Building businesses are not easy. Another thing is to have a great team. Worldwide revenues for enterprise applications will reach $10. For example. Currently we focus on four investments— power sector. in power we are investing in the Power Exchange and in the financial segment we have invested in a prepaid card company. Gartner. For example. preneur has to find the right way to serve those needs. and a shift from housing finance or construction finance or student finance to microfinance is being seen and at the same time specialized lenders are coming to the market as well. One of our recent innovations is in Power Exchange. Sometimes we see solutions looking for problems and sometimes we see really interesting technologies or ideas that no one is willing to pay for. Financial services touch every one’s lives in dif- Bejul Somaia When a financial recession comes there is generally nowhere to hide. for Startups he areas we invest in India are fairly broad.

Today. By quickly identifying and mitigating compliance concerns — such as ensuring that cardholder access is driven by policy. Internal threats such as employee pilferage and collusion pose even a greater threat for corporate entities. and to create a transparent. |22| organization’s reputation. leading to costly.The author is President and CEO of Quantum Secure Technology: By Ajay Jain Managing Compliance Through Physical Identity and Access Management he turn of events at the beginning of this millennium will be etched in the memory of global security practitioners for the next few decades. and their correlation with physical security events in a multi-stakeholder environment while providing real-time compliance. CFATS. As a software-based solution for Physical Identity & Access Management. NERC/FERC. it helps organizations avoid any penalties and ensures that the organization does not face any embarrassment because of compliance exceptions. error-prone data siliconindia T Save Time. Smarter Compliance Control With a Very Clear ROI SAFE makes physical security compliance a real-time. across both physical and IT infrastructures. GLBA. there are few means by which to ensure that compliance-related exceptions are not allowed in the first place. weekly and monthly operational reports can be automatically generated and sent to respective individuals within the organization. standalone software solutions and adding more manpower will only compound the issue. SAFE Compliance and Risk Management solutions provide a comprehensive range of functions across the entire lifecycle of internal policies and external regulations. emails. that signature may be easily captured as part of the automated process. These exceptions can not only result in fines and penalties for the organization but they can also dent the process which means that an employee can still have physical access despite having the logical access terminated. it has also prompted businesses to assess their own risk exposure as they operate multiple locations spread throughout the world. Additional hardware. If infractions occur against pre-defined policies. ISO 27000. Regulations such as Sarbanes-Oxley (SOX). compliance exceptions are reported by third-party agencies. Basel II. etc. we have created the industry’s first and most comprehensive physical security management software: the SAFE suite. organizational and industry regulations. remediation and reporting actions against these controls. access management is a manual process which can be errorprone and lead to compliance violations. access provisioning. Similarly. At Quantum Secure. contractor and vendor base. SAFE Compliance and Risk Management solutions can enable security practitioners to define both traditional and electronic correspondence (letters. triggering notifications or automating access privilege changes. creating a transparent. Delay in removal of physical access for a terminated employee can lead to compliance exceptions. remediation and reporting as per defined review cycle Defining. physical security) and with physical security events Compliance and reporting as it relates to physical security Specifically related to compliance. It should subsequently automate the measurement. creating new elements of cost and risk. This level of automation is especially important with regards to internal governance. Automating policies using SAFE eliminates human-led errors and delays.) to be distributed by policies. facility. budging and other related resources. daily. In this environment. SAFE Compliance and Risk Management solutions provide the capability for an organization to log any type of security policy infraction against managed identities. SAFE delivers security practitioners unprecedented control over a scattered infrastructure. As most security processes are manual. process workflows and access events. compliance has become much more than a simple buzzword. automate manual security processes and reduce both costs and risks. SAFE also enables physical security department to ensure a more secure and risk-free workplace. All these efforts spent may go waste if due to some oversight.S. SAFE is designed to connect disparate physical security and IT and operational systems. many physical security policies and various administrative tasks are executed manually by the security staff. physical security practitioners need a centralized and streamlined approach to managing compliance and risk—on a more holistic level—to assess and deal with risk in a more proactive and corporate-wide fashion and meet governing. Quantum Secure SAFE Compliance and Risk Management solutions allow security practitioners to enforce governance across diverse and disjointed physical access control systems (PACS). badging Integrations with all types of external systems (logical and physical) for ensuring one identity definition Policies which are rules governing relationships of identities across different systems. Money While Streamlining Global Compliance Management entry that can lead to duplication and erroneous identity information within the system. Dashboards showing consolidated and correlated events reduce time and improve quality of response from security staff. this unified approach should allow security practitioners to enforce governance across diverse systems. with different stakeholders (like IT. traceable and repeatable real-time global compliance process. faxes. SAS 70. auditing and enforcing Segregation of Duty (SOD) policies across your physical security infrastructure Enabling physical security change management based on regulatory policies Automatically triggering compliance-based actions based on physical access events Managing infractions/violations and rule-based generation of actions/penalties Managing internal watch list of identities who pose threat to the organization along with their risk profile and historical details Detailed reporting and risk analysis SAFE Compliance and Risk Management solutions allow organizations to automate compliance initiatives in real time. Using a unified approach involves centrally managing the following aspects of physical security: Identities through various stages of their lifecycle including on-/off-boarding. if a manual signature is needed to satisfy internal governance or external reporting regulations. U. creating realtime benefits for the entire organization and a measureable ROI. Additionally. whereas deviation to deployed policies can be reported across global locations to a single Web console. repeatable. For example. While 9/11 ushered in a spate of changes in physical security management at government institutions and airports. as many organizations need to enforce global policies across a diverse employee. sustainable and cost-effective process. si siliconindia January 2010 |23| January 2011 . it has become a way of life. Additionally. traceable. These challenges can be addressed by a unified approach towards physical security management using policy-driven software that can seamlessly manage identities. government-mandated FIPS201/HSPD-12 and numerous international and EU privacy laws have all driven the need to regularly enforce strict governance in financial reporting and security controls. security practitioners often need to spend additional efforts to ensure that compliance-related controls are operating effectively. providing security practitioners with the information needed to optimize staffing. that change history is always available and dormant/orphaned accounts are reliably deactivated — physical security practitioners can create a robust security infrastructure that keeps pace with today’s ever-increasing compliance regulations. They are also expected to prepare reports asserting their compliance. and repeatable real-time unified compliance process. including: Centrally managing all the regulations and associated controls and automating assessment. The solution should allow users to centrally define controls as per external regulations and internal policies. For organizations in today’s global economy. SAFE Compliance and Risk Management solutions also include customized assessment reports. educational institutions and other non-government entities. To compound these challenges. their physical access. Since it eliminates manual compliance initiatives. Off-boarding is a manual The SAFE Approach to Managing Compliance and Risk One thing is certain: the traditional way of solving physical security problems simply will not suffice.

while inter-platform data sharing remains unaddressed. Qualcomm Brew. In such a scenario. However. the selling does happen. who have also contributed immensely. out much loopholes instead of moving across the market and making the sales pitches. But how far are today’s startup founders and CEOs in India willing to put their hands on sales? “One has to sell the vision of the company at every point. Now the second wave of innovation using Mobile phone as platform will transform how we use computational abilities in our day-to-day activities. before passing on the league to a set of sales managers. Gautam Rage. but also across desktops.9 million units. the CEO doesn’t handle any of it he is a core IT person. the company needs to have an amiable CEO. sometimes sales might be compensated by bringing in an expert. They move forward with a better goal in mind and as their hands get full with the other core activities they tend to sideline the sale proposition. The industry has several hardware and “I Are They Serious on Sales? f a product can not be sold by the makers themselves. The deskbased PC market will grow five percent totalling 7. Windows Mobile just to name a few. this convenience of personal content creation and sharing is not without limitations. Blackberry.” says an ex-business developer of a loan startup. And of course. At United Mobile Apps. each vying to be the market leader – Google Android. has led device manufacturers to focus on improving networking and data sharing among their own devices. the ‘mobile’ is now a personal data and media repository. one is in some way or the other involved in selling whether in a conventional or in an unconventional way. United Mobile Apps Technology: By Arun Samudrala BUSINESS software platforms. Sony. Video call with Facetime is limited to iPhone 4. the mobile has ushered in an era of information and content creation and sharing such as never before. laptops and ipads. Founder and Director of Josh Software quickly pinpoints. advances in the deployment of faster data transfer Technologies such as 3G and 4G have considerably enhanced user experience on the other hand.7 percent to total 13. the Tally Chief. So. at times CEOs are not ready and rely on a more businessexperienced person. “We make sure that either me or the other co-founder are the only ones who become the face of the company while doing sales. Symbian. LG and you can see CEOs with significant sales experience.2 million units year-on-year. The deterring factor is always about doing for the first time. “They are initially hesitant as it takes time to move out of their comfort zone. we tend to work on the product development. according to research firm Gartner. This phenomenon is a reflection of the global ubiquity of mobile phones. Two parallel developments have contributed to the transformation of mobiles into all-in-one information sharing and storing devices. we solve precisely this problem. The scope of innovation in this space appears limit-less. However. “When we as VCs look towards investing. mobile phones have emerged as gateways to create. Whether it is to the employees or to the investors. while mobile PC shipments will grow 61 percent with 5. Look at every big product firm. share and consume personal content. In order to present a comprehensive solution.” says Bharat Goenka. “In terms of sales and marketing. In the past few years. Ovi is for Nokia devices alone. each company has its own suite of software that’ll enable Users to backup and share content. si By Eureka Bharali Indian Startup Founders he rapid growth of Mobile usage in India is indeed remarkable. si siliconindia January 2010 |25| January 2011 . Seamless data and media sharing across devices of any make (of course limited by their hardware capabilities) is still not available. a look at product companies. Unify enables individuals to not only share their content across Mobile devices. From being a voice only device.2 million units in 2011 over 2010. if one has a company. Mobile Me is for Apple devices. at times. only if the CEO has unmatched tech knowledge. This decade has witnessed not only strong proliferation of mobile technology. there exists a significant opportunity to improve user experience in leveraging cross platform capabilities and share content regardless of the recipients phone make. a module that enables remote management of devices. Infact. a module that provides an intuitive interface to share content. do the coding and at the same time make time for proper research to pitch in for sales”. Some salient components of Unify are – a module that syncs data on multiple devices and keeps them all up to date. In direct selling of the products.The author is President & Co-Founder. Associate at Accel Partners.” says Abhishek Goyal. I can snap pictures on my holiday trip and siliconindia T |24| Evolution of Mobile Devices and Services instantly share them with my friends all over the world. but also phenomenal advances in innovation. and a powerful processor. Mobile phones have transformed how we communicate.” says Gaurav Saraf of Epipheny Ventures. It is hard to find a device in the market that does not have a high resolution camera. they are more oriented towards building a taut product with- Computer shipments to India are expected to increase by 24. Our cross platform software Unify combines a rich set of features that leverage the native device capabilities and present application developers with simple interfaces to develop innovative information sharing and distribution software that cuts across this device-data barrier. Being a convenient handheld device with such capabilities.” says an Associate VP of a learning solution provider. for a startup it’s important that they do look at the sales proposition of the CEOs. driven by increasing demand from smaller cities in the country. Race to grab the biggest market share. we would see more of technocrats towing the entrepreneurial line. Apple. What is not realized. mobiles have penetrated the most remote sections of our country where getting a landline used to be a distant dream. However. While the capabilities of the devices themselves have improved on the one hand. no sales team perhaps can make the sale. Goenka jumpstarted the accounting software firm by selling the first 700 products on his own. While the industry waits to herald a leader with a steadily increasing share in the platform space. there are also founders who have plunked their hands on every possible domain.

1) it is most likely not a reputable site. Employees who have been used to giving up all their information in places such as Facebook and Twitter must now be retrained to use social media in a whole different manner to meet corporate standards. a hospital or other such entity that must shield private information should at least ask or force their employees to adhere to some Social Media Policy guidelines. Tracking and Monitoring – If you are going to have a policy. Passwords should be complex and change every 90 days. There should be some level of monitoring off hours postings by employees. who they endorse. For instance. and other confidential information. What’s in that guideline will vary from company to company. You already have things like Expense Policies. Social media usage is being retrofitted into the corporate environment. intellectual property. anything about the technology one’s company uses or will use. there can be drawbacks to the usage of the said media when one is employed in certain career fields. It can go wrong as was the case in 2006 when Hewlett Packard illegally used pretexting to gain information on employees. as an individual can easily hack all of one’s accounts if they know the one password. reporting on activity and have consequences for breaking that policy. Today we have social media in the corporate environment. you have to give them standards to follow. or an employee ID number. yet not posting these items to public social media sites is probably a good idea. While these applications can open up a great many doors for communication. 1. (Assuming we have a corporate standard for social media security) But what is a corporate standard for using social media in an appropriate fashion that does not put the company at risk? Corporations have not made a concerted effort to define that secure social media strategy. Accessing social media sites should be over SSL and only from trusted network connections. HR has to know to take action even if it’s difficult to measure the value of defamation. and Internet Use Policies. training in appropriate usage and monitoring and reporting of social media activity. and any projects the individual may be working on. such as the healthcare industry. who they friend. The compliance risks increase with uncontrolled social media utilization. 3 Keep It professional – If you allow your employees to Socialize information about your company. Develop and follow practical posting guidelines and do not share more information than is necessary in corporate social media activities. The main problem we have is how social media has evolved. If your employees post too much personal information about themselves and your company. Things like cursing. Because banning the use of such sites is most likely unenforceable or impractical. Social Media has become part of the user community several years ago. 4. This list of requirements can include: Defining the necessity for monitoring community managers and employees use of social media Understand and update security threats to social media platforms used by the company and monitor employee activity on affected platforms Monitor reaction and change in behavior based on training Monitor sites mentioning the company Track tools used by employees in social media usage Monitor activity of other organizations in your industry Monitor and report on what online communities are saying about your company Track the influencers in your industry and those specific to your brand Monitor your competitor’s use of social media si siliconindia Social Media Policy Infrastructure What is a good starting point for implementing a social media policy? Here is a basic guideline. Define a policy – You cannot assume employees will do the right thing without guidance. Some information may not be considered confidential. “information must be free” manner. so when using social media sites. We can take a lot of security requirement from traditional IT security practices. this could entice an attacker to try and gain access to your company with the information the employee has posted. to purchases the company plans on making. If a site requires this information. By bottom up I mean that the consumer has determined how to use a technology and the corporation is playing catch up. customer information.The author is CEO. However. one should use separate passwords for the different sites. Write a basic guideline. grammar mistakes. apply the same security requirements. do not let your employees post information that is confidential. Acceptable Use Policies. not coffee shops especially for business purposes! When looking at confidential information. But the consumer is already used to using social media in an insecure. But the social norms that are appropriate for a consumer “product” are not appropriate in a corporate environment. A security breach of one account could snowball. Social media applications are not just a part of one’s personal lifestyle. Employees should be made aware through training and written social media policies that the company will be monitoring for confidential and proprietary information and activities such as defamation. and employee recruitsiliconindia ment. Employees have to be made aware of the polices on the corporate brand image. It has evolved to become a bottom up approach. or even a strategy for training their employees in the “correct” use of social media. such as date of birth. If your employees do not know how valuable information is then you cannot blame them for inadvertently being sucked into the blogosphere. his or her social security number. Conclusion A baseline set of requirements has to be agreed upon between IT and HR and Legal departments to implement a secure social media strategy. business associates and friends. Information Classification – You have to explicitly define what information can be shared and what information should not be Tweeted or FaceBooked. 2. If an employee’s personal posting about the company can be considered defamation or are targeting a customer or competitor. some form of guidance or governance is necessary. communication. A company would let an employee send out confidential information to someone who didn’t have authority |26| to read it. this has also become incorporated in the corporate climate. A number of senior managers were in trouble over the poor judgment in how to manage employee monitoring. Many places use social media applications for marketing. Laws already cover the social media posts of employees when it comes to things like defamation. confidentiality and intellectual property theft. you have to have social media monitoring tools in place to actually know what information employees are posting on the Internet Another thing one should not do is post his or her own identifying information publicly. Utilizing social media networks can inadvertently give way to the sharing of confidential patient information with people that may not have a need to know which would then cause the company to violate HIPAA Security Rule compliance. A social media policy is required to address all the concerns about employee posting. you have to have a mechanism for tracking compliance. and/or 2) one could make something up or ensure that it is not going to be displayed in a profile that will be public. January 2010 |27| January 2011 . KRAA Security Technology: By Gary Bahadur S Security Challenges in Using Social Media ocial media sites have gained popularity in the past ten years as a medium to keep in contact with loved ones. when utilizing social networking sites. Human resource monitoring should be strictly controlled. file sharing. casual conversation style discussions might not be the image you want to portray when discussing anything related to your company. In order to block them from doing that. This can include anything from rumors.

many SMBs are scattered across multiple locales. costeffective features such as an advanced snapshot interface that enables SMBs to keep RPO and RTO extremely tight. iSCSI. many SMBs are forced to be very cost-conscious and might not even have someone on staff dedicated to IT backup. resources at SMBs have stayed at the same levels. Second. given the constant inflow of data. database servers. SMBs will begin to explore virtualization strategies and will try to control the tide of data growth using data deduplication. IT staff at SMBs may not be able to keep up with the increasing flow of data. or a combination of both. storage area network (SAN) comprises the most powerful technology available for blocklevel storage and has been used by enterprises for years. but Entry-level SAN solution for SMBs Growth of data continues at an exponential rate. This type of next generation SAN aligns itself perfectly with both the resources available to and the needs of SMBs. In addition. SMBs simply need to look at their data storage. there will be seismic shifts in the way SMBs approach data storage. Two underlying factors have |28| Managing storage in an age of data explosion According to research firm IDC. out of their investments. Backups. data protection becomes crucial. SANs have become commoditized and plummeted in price while their feature sets have gone better and better. data does not necessarily equate to useable information unless it can be easily sorted and readily accessed. cloud computing will play a role in data storage. Third. In addition. economical. and easy to use. Fourth. will balloon to 35 zettabytes or. management. for instance.The author is CTO. the S2600 provides superior data protection with value-added. 35 trillion gigabytes. Enterprise level features and solutions at SMB prices Look around the marketplace today. Vendors now recognize that SMBs constitute a significant constituency. Without the means to catalog the growing amount of data. and protection situations here and now. The future is now for SMBs: enterprise-level data protection that is cost effective. and ascertain what is necessary and viable to grow their businesses in an efficient manner today. This is due in part to cost constraints. but it is an effective use of resources that will maximize return on investment. recovery. what they can. Certainly. feature-packed SANs that are specially priced and designed for SMBs. and due in part to existing behavioral norms. This is a key point in the context of data storage. for instance. Disk space is relatively cheap so many SMBs simply buy more disk space on an ad hoc basis and neglect to consider the moment when they might need to perform a comprehensive backup. It allows SMBs to reduce total cost of ownership by buying a piece of consolidated equipment that will keep both long-term capital expenditures and operating costs low. The answer lies not in some complex solution but instead. As a result of this massive growth in data. In addition. as the amount of data grows. offers the Oceanspace S2600. backup servers—and provide hierarchical storage using either the FC or the iSCSI networking mode. many SMBs simply did not have the need for large amounts of scalable storage space and were therefore able to function adequately using direct-attached storage.2 zettabytes (1. is both scaled down and scalable. Preventive care is essential in order to minimize total cost of ownership. next generation SAN. It is to the benefit of SMBs that they learn as much as they can about the options available in the market. it merely becomes a steadily growing collection of bits and bytes that can suffocate SMBs who rely on manual methods to access it. or archiving methods. in other words. SMBs do not necessarily have standardized data storage. including fiber channel (FC). scalable. Huawei Symantec. By 2020. while many more are confronted with the reality that their inadequate backups have caused them to permanently lose important business data. Lucky SMBs would have been able to recover data after spending an excruciating amount of time. The S2600. In addition. si siliconindia is now attainable.2 trillion gigabytes). While there is more digital content to handle now more than ever. Additionally. This means that a SMB can attach multiple servers— mail servers. Given the limited resources. If a SMB performs a backup at the end of a business day but its system fails in the middle of the next day. secure. in the near future. backup. a half day’s worth of valuable data is lost. the barriers have indeed come down. It is crucial to keep the amount of time it takes to recover data in case of a failure (a concept called “recovery time objective” or RTO) as short as possible so that downtime is minimal. it offers multiple options of host interfaces. file servers. a next generation storage solution for SMBs that was designed with the intention of allowing SMBs to have access to enterprise-level technology in one small box. Preventive care is not only prudent. First. That said. Most importantly. SMBs will face a number of challenges in the coming years as they try to deal with the increasing flow of information. and protection in order to deal with this reality. energysaving. SMBs need to utilize resources efficiently to squeeze. management. SANs were long out of reach due predominately to their high cost. the amount of digital information created. many SMBs may not have developed systematic ways to handle backups. but additional redundancy infrastructure is now a necessity. In addition. January 2010 |29| January 2011 . install. and have therefore scaled their wares accordingly. and can accommodate between 12 and 96 SAS or SATA disks. or replicated in 2010 will amount to 1. it is important to do backups frequently in order to minimize the amount of data that could be lost (commonly known as “recovery point objective” or RPO). The first is the recent explosion of digital data. as online storage services will become more prevalent and affordable going forth. as noted above. are vitally important. captured. Failure to address storage and recovery issues with foresight can mean that an SMB is one catastrophe away from enduring a devastating loss of valuable business information. For many small to medium sized businesses (SMBs) though. Huawei Symantec TECHNOLOGY By Tad Lebeck A siliconindia Enterprise Level SAN Features and Solutions at SMB Prices changed the storage landscape and have made SANs more important and accessible to SMBs. in an entry-level. and maintain is well within reach. it is vitally important that SMBs do not get too lost in the big picture or in hypothetical scenarios. and trying to organize and access data in multiple locations and jurisdictions can be a doubly impossible task without the right tools. Those who have had the misfortune of having to recover data are exposed to the nightmare caused by haphazard backups and the existence of fragmented information located across multiple servers and storage elements. IDC estimates this With limited resources. and you will see that a large number of vendors now offer middle-range and entry-level SANs that are both priced and scaled for SMBs. and the second is the increasing availability of entry-level. This level of data protection was never before even considered by SMBs.

They remained entrenched in these companies for more than 18 months. many security programs have proceeded along a simple. A medium sized instance of the well-known ZeuS botnet. Insider threat is compelling too (Verizon Survey): 48 percent of data breaches are caused by insiders 48 percent are the result of privilege misuse 61 percent were discovered by a third party versus the victim organization Detection of advanced threats is low (Ponemon Survey) How have organizations found themselves in this untenable position. understanding and addressing global business risk. due to an increase in better-equipped adversaries and the lowering limits of preventive technologies. in terms of the state of cyber security. and that offer the agility to adapt and respond to any threat on the horizon. not protection in pieces. the combination of conventional wisdom. Adversary networks are intelligent enough to typically fly below the detection radar and make effective use of common technology advances – multilayer attacks.” such as distributed denial of service (DDOS) and web site defacements. the operators behind Kneber slipped past what should have been morethan-adequate defenses within over 2. Continue to patch the human vulnerabilities. fear mongering. The survey results highlight systemic failures in people. At the same time.500 companies. and analyzed in real time. and there was no allowance in this paradigm for the geometric increases in attack velocity and complexity. according to an Ernst & Young report. Aurora initially breached defenses through a phishing attack via webmail. Unfortunately. both in India and abroad. not knee jerk threat protection through point security solutions. for all that was said to be average about the malware involved in Kneber. and corporate policies. The Way Forward Apart from discussions of specific technologies. response-stimulus mentality. The anonymity. Indian companies will increase their budget on information security this year. information security risk management. The infamous Aurora attack on Google. Attackers also continue to prey on the weakest link – human nature and good will – to circumvent even the best enterprise defenses. The goal is real-time situational awareness and the variety of analytics required to detect and thwart new attacks as they occur. Recent SEC filings – from Google to Northrop Grumman – are now including shareholder risk language to protect corporations in an environment where cyber defense is an inexact science. and complexity of the Internet and the current technology landscape favor the aggressor and severely challenge the defender. redundancy. organizations can find everything from unwanted data leakage by misbehaving employees or external attackers. process and technology that are too stark to ignore. and Aurora. and both peer to peer and cloud computing concepts. advanced threats. the answer lies in the fact that attackers live in an unbounded and rapidly innovating environment. compliance with regulatory requirements. and 46 percent took one month or longer to detect an advanced threat 45 percent discovered these threats “by accident” Kneber used competing botnet technologies – Zeus and Waledac – to provide “backup” redundancy. Intel and other companies underscored both the potency of data theft and the acknowledgement by corporate America that. an attack had to occur before cyber-defenders could conceive of a proper defense. Achieve defense in depth. and why has this evolution of powerful adversaries and unstoppable malware seemingly taken them by surprise? Ultimately. flexibility. There must be an executive level commitment within all organizations to mapping. designer malware. In 2010 the Kneber botnet. provided a perfect representation of the state of the cyberstate.The top five priorities for all organisations. Organizations must decrease their reliance on blinking lights as an indicator of a problem and empower everyone on the front lines to be an analyst contributing to the collective cyber intelligence of the organization. while many security programs have based success on the inadequate requirements of compliance programs or have implemented security paradigms lacking agility and headroom for new threat vectors. data leakage. But such technologies clearly do not exist today and will likely never be 100 percent effective due to the problems stated previously in this article. In the current doctrine. are business continuity. targeted. Among the most prominent findings are: The need for change is compelling (Ponemon Survey): 81 percent felt that their leadership lacked awareness of the seriousness of advanced threats. and better financed. multifaceted. But all is not lost for cyber defenders in government and commercial organizations in 2011. and other unwanted network communications. and margin protection has perpetuated a security model that has long been rendered obsolete. The goal has been to attempt to keep pace with attack and exploit development – an approach that from inception has relied on tolerance for acceptable losses and collateral damage. It would be great if organizations could implement a silver bullet prevention technology that would kill all malware. and leveraging the vast amount of network data that can be recorded. Born in the days of slow moving viruses and “inconvenience attacks. to the kind of zero day malware that was previously believed to be undetectable. Organizations must deploy solutions that are robust. Only 32 percent report that their current security-enabling technologies are adequate to deal with the growing threat from undetected malware Only 26 percent report that the training of their security personnel is adequate to deal with advanced threats. The answers are in the network – organizations just have to ask the right questions. at both policy and technical level. siliconindia |30| Gaps In Effectiveness Surveys by Verizon and the Ponemon Institute provide insight into what organizations are seeing and doing. By making detection a fundamental and well-funded security strategy. fused. attackers have become more sophisticated. these attacks on corporations are representative of new “offensive-indepth” methodologies that are multilayered. and in one month alone managed a massive data theft totaling 75GB of sensitive data. Conclusion The state of the cyberstate became more challenging in 2010. All staff must understand the true nature of current threat landscape and be engaged in the process of identifying real risks to the enterprise. Cases in point. But. data leakage. there are three critical areas both government and commercial organizations must address to achieve a deeper level in cyber defense footing: Understand the criticality of detection in enterprise cyber security strategies. Any forward-leaning cyber security strategy must include a comprehensive technology architecture committed to network analysis and visibility. and where online pillaging presents explosive growth opportunities for adversaries with little upfront investment. for now.The author is CEO of NetWitness Technology: By Amit Yoran The State of the Cyberstate 2010 In Perspective Cybercrime and other politically and economically motivated attacks on public and private networks have crossed the line from a looming threat to a cost of doing business. si siliconindia January 2010 |31| January 2011 . the battle is being lost.

The 3GPP and 3GPP2 standards bodies have published specifications for these techniques and some companies have developed products to enable seamless integration of Wi-Fi and Cellular networks. Tra c is routed directly to the Internet using the Wi-Fi operator’s infrastructure.6 billion to buy 3G spectrum. The alternative solution that is gaining favor is to enable the Wi-Fi radio on the user’s smart phone and deoliver data over that interface rather than over licenced spectrum like UMTS/3G. CEO and Founder.S. This can be compared to an ARPU of more than $50. iSuppli forecasted that 3G will garner 250 million subscribers by 2012. is built on meshed networking routes traffic over wired and wirelessly meshed access points. The continued price pressure on data rates together with an unprecedented growth in demand has created a major challenge for operators around the world forcing them to seek ‘unconventional’ solusiliconindia M |32| Mobile Data Growth in India an Opportunity and a Challenge tions.and do so at a fraction of the cost of deploying 3G infrastructure. Both these technologies allow data to be moved at a fraction of the cost – though Wi-Fi can be an order of magnitude cheaper than deploying femtocells. Indian operators will have to increasingly look at data services to drive revenue growth. enable prepaid subscribers. the low penetration of laptops and personal computers means that the primary source of internet access are likely to be mobile devices. IntelliNet has been actively involved in a commercial trial with a leading edge operator in India and the initial results are promising.00 for post paid service in the U. Post authentication. Tata Communications and Bharti Airtel have been actively deploying hundreds of Wi-Fi hotspots across the country as a service to their broadband subscribers.000 or more in revenue each year. So it is reasonable to assume that as 3G gains momentum. a lot of these services will be supplemented by high bandwidth services like video sharing. alternative wireless services are being deployed to address the demand for wireless Internet services. si siliconindia Service (QoS) for mobile data subscribers Seamless transition between 3G and Wi-Fi – no need for subscribers to manually register or log in to use the network Utilization of the existing mobile billing and charging infrastructure Subscriber access to secure content provided by the mobile operators – known as “walled garden” services January 2010 |33| January 2011 . Femtocells are a valid proposition for them but they are pricey and are still not proven in the current deployments. IP TV and access to video content over sites like YouTube on the Internet access. This technology will not only assist operators with 3G licenses offload their excess traffic but also will help operators with 2G licenses to provide their subscribers a 3G-like experience . phones. As of June 2010 the ARPU for GSM was Rs. While there are similarities between India and other 3G enabled nations. mobile network operators can provide: Improved coverage and Quality of A recent survey conducted by CA Technologies found that businesses are losing more than a quarter billion dollars annually due to IT system downtime with small companies suffering the most. some work must be done to implement this functionality. Public-sector organizations are impacted the least. hospitals. Most of this growth is attributed to high bandwidth video related services like video chat.The author is President. to recover their huge investments in 3G. Hence. the focus on mobile data is likely to become a double edged sword. AT&T for example has noted a data growth of over 5000 percent in just three years.e. As of end of September 2010. It allows operators to implement volume based billing. Another important factor that is likely to drive up data traffic is India is general internet access from mobile devices. this is an initiative to increase customer stickiness and enhance average revenue per user (ARPU) of our broadband customer base.6 percent for CDMA subscribers. However. Indian operators do have a great track record in generating significant revenue from VAS services like ring back tones. Operators are already aware of this problem and are actively seeking solutions to this problem using offload techniques. By deploying a Wi-Fi data offload solution. However.64). The Telecom Regulatory Authority of India recently reported a year-over-year decline in Average Revenue per User (ARPU) per month of 33.a variation of WiMAX. CMO for Telemedia Services at Bharti Airtel was quoted as saying: “Airtel Wi-Fi hotspots will be strategically located at leading premium hotels. These factors. coffee shops and corporate buildings that are the hub of corporate. multi- player high-definition gaming and videoconferencing which can become a major revenue generator for them. quickly outstripping network capacity. North American businesses alone reported a loss of $26. chains of restaurants. referred to as WI-BRO . are building all-IP wireless networks using unlicenced spectrum. For us. 122 ($2. IntelliNet Technologies Technology: By Anjan Ghosal obile data continues to grow at a phenomenal rate in countries that have already deployed data centric 3G networks.” Levels Unmanaged O oad Description Cellular devices (i. with the average company losing $224. Companies like Tikona. The enables carriers to deliver premium content and walled garden services to their subscribers via the Wi-Fi interface. there are some very significant differences. a recent startup. The technology. A more appropriate solution for the Indian market is data traffic offload to Wi-Fi networks. Whatever be the driver. Due to fierce competition. Data in this case is also backhauled via the pubic Internet. Financial services are impacted the most by downtime. Both. music downloads.5 billion in revenue each year from IT system downtime with the biggest impact on SMBs. Reliance and Spectranet are also offering Wi-Fi Internet access. second only to China. successful deployment of this solution will require the vendors and the operators to work closely to implement a complete end-to-end solution which will not only address the technological aspects but also all the operational issues in deploying this service such as the integration with the backend OSS systems. Managed O oad Converged O oad In parallel with the 3G roll out. One such solution is a ‘small cell’ approach where operators deploy femtocells in locations with poor cellular coverage. perform legal intercept. India has been late to the 3G party but is fast catching up. SMS and a variety of downloadable applications.71) and for CDMA INR 74 ($1. voice tariffs in India are one of the lowest in the world. Studies have shown that the majority of mobile data is generated by smart phones in indoor settings which make Wi-Fi an excellent data offload technology. enforce tra c shaping and policy controls. the tra c is routed via an ‘edge’ device that is managed by the operator. BSNL. With this in mind operators are looking at developing Wi-Fi zones of their own or partnering with Wi-Fi operators and aggregators to see if some of the data can be offloaded to these networks. Vikas Singh. mobile TV. seven private operators paid a whopping $14. Most of these services are offered through a strong web portal as ‘premium services’. While India has a rapidly growing mobile subscriber base. coupled with the limited spectrum allocated to operators in India. Based on the operators’ requirements we have classified them into the following three categories. However. The iSuppli study forecasted a subscriber base for such services to reach 19 million by 2012. Earlier this year. etc. may lead to a ‘perfect storm’ where the networks get overwhelmed. In addition to the above establish seamless connectivity with the core network – so that as required tra c can ow between the two. the wireless subscriber base in India stood at 687. community and social activities.71 million. This edge device allows the operator to ‘control’ the subscriber’s internet tra c without having to route the tra c back to the core networks. dongles) detect the presence of available carrier or partner hotspots and automatically connect to them after authentication against the operator’s subscriber database. This is extended to provide seamless hando between the two networks. The data is backhauled via the existing broadband network using standard IP providing a more cost effective data coverage.9 percent for GSM subscribers and 19. A number of operators like Reliance and Tata have already launched their 3G services.

The cloud can’t be secured. 29 enterprises. But on the flipside. Nevales provides SMB owners a security services platform which is on demand to connect securely and access the benefits of the cloud. The Indian online advertising market comprising of text and display advertising will grow to 993 crore in this fiscal from Rs 785 crore in the financial year 200910. This survey highlighted the following as the leading threats for cloud computing: Abuse and nefarious use of cloud computing Insecure application programming interfaces Malicious insiders Shared technology vulnerabilities Data loss/leakage Account. But customers too need to realize the security implications associated to cloud services before they shift the processes to it. and consulting firms shared their feedback about cloud environments. This will ensure that they have a more efficient network to securely leverage benefits of the Cloud. the SMB company can protect its own assets and better leverage cloud services. service and traffic hijacking Unknown risk profile In the end. But before they pop the champagne they need to bear in mind one fact – just because the service provider is taking the charge for the security of the data on the cloud.” where information security experts across One of the reasons why cloud computing is throwing up challenges for security is because the data resides on a single service provider’s cloud and can be accessed through various shared computing sources. When a customer subscribes to a cloud service. the onus of ensuring the security of this data gets transferred automatically to the service provider. as a first step. si siliconindia |35| January 2011 . A first step to this will be for the SMB to ensure his connectivity with the cloud.The author is Co-Founder & CEO. The cloud service providers will definitely do their bit to ensure that the right levels of security is built into their service models. Financial Services and Insurance (BFSI) emerges as the leader in both text and display advertising spends with 24 percent in each category. its security is yet to be proven convincingly. Travel is close behind and FMCG a new entrant to this space. a cloud as it can be hacked into. For instance. especially where data security is concerned. But here’s a newsflash for them. to be able to fully leverage on the benefits of cloud computing it is essential that organizations invest the right resources to appropriately secure their data assets. till then SMB owners must focus on taking the first step of securing the access points at their end to the cloud. Some CIOs worry that the data is not safe on Cloud Securing the SMB owners need to focus on how to secure their assets and resources which connect with the cloud and are within their control. And if you stop to think about it.The total online display advertising market is expected to grow by 28 percent to touch Rs 534 crore in 2010-2011 from Rs417 crore in 2009-2010. One of the compelling reasons that vendors have been using to get their customers to shift their processes to a cloud is the freedom from managing the security of their data assets. This resulted in the research paper. How secure is a cloud? There is no denying that cloud computing security is considered to be an issue and vendors of all hues are trying their best to come up with ways to make it completely secure. Navales Technology: By Ravi Shankar T he term cloud computing has become ubiquitous in the tech world and even SMB companies are leading the pack to opt for cloud services. a study says. We believe that the services delivered from the cloud will be extremely compelling for SMB owners in the near to medium term. In fact the perception of threats for cloud computing is diverse. is there a need to secure it? For a SMB business owner cloud computing is attractive from a cost point of view. solution providers. it does not mean that they will also take the responsibility that the data complies to various international regulations. ‘Top Threats to Cloud Computing Report. There is still some distance to go before Cloud is recognized for safety. Others feel that the cloud service can act as a wormhole for hackers to attack their own networks. this will come as music to the ears of IT managers and CIOs. By doing so. it is always better to be safe than sorry. At a time when IT budgets are dissolving. After all. Banking. SMB owners need to focus on how to secure their assets and resources which connect with the cloud and are within their control The Cloud Security Alliance (CSA) was commissioned by HP to conduct a research to detail the potential threats surrounding the use of cloud services. given the investments in this space continue to be significant and that customers will be made very attractive offers at throwaway price points. Of course they are concerned about the security implications of making the transition to cloud computing.

Their approach at best is piecemeal. is the key to the effectiveness of a solution. If it comes to integrating technology in classroom there will be another vendor vying their attention. the impact of technology in how we educate our kids or how they educate themselves is also of great significance. through its Other major business opportunity exists in the form of tutoring and many mom and pop stores are making merry.The author is President . There is a severe problem of lack of an integrated solution Hardware focus without emphasizing on content Generally schools like to believe that more the hardware. it is imperative to have a strong pedagogical framework does not fit all is the mantra here. Customers also tend to get carried away by look and feel. Our work in technology in K-12 education space in India over the past decade has given us some rare insights into kind of challenges that schools faces in integrating technology successfully: and half-baked solutions. As in other spheres of human life. teachers. it is imperative to have a strong pedagogical framework. efforts by Govt. It is currently pegged at more than $40 billion promising a double digit annual growth rate. I Successful Integration of Technology in Schools. While office staff may need detailed training and re-training on features of a solution. management etc with a single solution School education market in India: Opportunity paradox There have been so many studies and estimates which have painted a very rosy picture of India’s School Education market. Obsolescence of technology Technology gets outdated very fast. These costs can include hidden costs like higher electricity bills. January 2010 |37| January 2011 . NIIT Technology: By Sanjiv Pande schooling system have shown limited results. is fascinating to watch. security etc. IT skilling and Change management These are perhaps most critical factors for successfully integrating technology in the learning ecosystem of a school. Technology enabled learning solutions space has seen a lot of excitement in the past few years. needs to be highly careful. Teachers need a specific type of support which may be more academic than technical. At the same time. management etc with a single solution. India’s 75000 odd private schools account for 7 percent of total institutions but enroll 40 percent of country’s 219 million students. at the click of a button. In this write up we shall dwell a bit on the challenges we face as well as opportunities that lie ahead of us in integrating technology successfully into our learning ecosystem in schools. which is an appropriate technology to invest in. si siliconindia Total Cost of Ownership Many times a school. It is better if a school goes through an extensive exercise of defining the vision and scope of IT integration program and involve other parties who can help them in coming up with a well defined plan. After all it is not about For technology to make sense to its users in educational institutions. Other business opportunities have just opened up and many players are entering these segments every day. however anyone who gets smitten by this side of story. the better is the solution. One needs to understand that quantity of hardware and content in a learning solution is the last thing that a school should look for. Well meaning and well intentioned schools who really want to make a difference to the learning ecosystem for their students unfortunately end up burning their fingers. NIIT has been involved in bringing up people and computers together successfully for over 27 years now. textbooks/stationery items and provision of other technology enabled learning solutions etc. it would be right to say that more than change. the content. However.Opportunities and Challenges There is a severe problem of lack of an integrated solution which can address the needs of all the stake holders like students. The focus will be on private schools of India since the govt.School Learning Solutions. Even in the case of content schools are led to believe that more the content the better it is. It has been observed that off-the shelf technology solutions end up impacting the learning ecosystem negatively by creating a passive learning environment. It is very important for a school to consider before purchase. which can address the needs of all the stake holders like students. This leaves the school management with the trauma of integrating the piecemeal solutions into their system and sub-optimal utilization of resources. They may not only end up wasting huge sums of money but also playing with the lives of hundreds of young minds whose future is trusted to a school by parents. |36| Lack of integrated solutions Schools as a rule always fail to see the bigger picture while trying to integrate ICT into their system. Newer technologies are being rolled out which reduce the impact of obsolescence. Lack of right pedagogy in learning solutions For technology to make sense to its users in educational institutions. school ERP. K-12 education institutions are still in the infancy stage as far as integrating technology is concerned. More and more schools are experimenting with technology solutions to make use of tools that positively impact learning in schools. If we look siliconindia a bit deeper we shall know that this sector may show lots of promise but challenges over-shadow the hope and opportunities that exist. the pace at which change happens. It is therefore extremely important for any institution to be very careful in selecting the right technology and consider its consequences in detail. teachers. Be it in classrooms or in laboratories. Education continues to be a Not-for-Profit industry in India which makes many genuinely interested private players stay away from the core business opportunity of setting-up and running brick and mortar schools. Aggregated content technology but about education. One of the most important contributors to this mind-boggling change and its pace has been technology. Sometimes even if it is considered. consumables. About 142 million children are not in the schooling system. the cost is highly underestimated. It is easier to get children used to technology however the bigger challenge is to impact the mindset of teachers and support staff. There may be lots of hidden costs involved in use of a solution. It is whatever we make out of it. When it comes to automating the back-office operations. Nothing can be farther from truth. However if we look at how the world has changed around us in the last few decades. t is very rightly said that ‘Nothing is permanent but change’. So far so good. Lots of players are also operating in areas like pre-schooling. overlooks the total cost of owning a solution. This happens to push aggregated content to un-suspecting schools under the garb of covering entire syllabus and all topics. A school as a result has to either deal with multiple vendors for different solutions or at times develop inhouse solutions. Technology over-shadows the real purpose of learning. However we need to understand that technology in itself in neither a genie nor a master. lots of small and big entrants try to make a quick buck by churning out unmindful Challenges in successfully integrating technology solutions in schools: ‘Wonders of technology’ is a theme that every teacher and every student would have spent reams of paper writing on. while going ahead to adopt a solution. as happens with any great business opportunity. A simple hardware support does not work. it is seen as a separate activity and without fail some local player holds the key to their administration engine. How much does this appeal to the conscience of an interested corporate player has to be seen since tutoring is looked down upon by many. One size has obvious issues of irrelevance to the curriculum being followed by the school. Normally a school spends on setting up a computer lab and creates a small computer department that takes care of computer education program of the school.

Cloud computing covers a gamut of services and can broadly be categorized as Software as a Service (SaaS). Here too. there is bound to be anxiety among data owners of its safety and protection from manipulation. Security is probably the biggest concern for any business. since there have been several instances of data being lost due to technical hitches or due to the vendor closing up shop. it must also be stated that while cloud computing does in fact present challenges to the business world. can go a long way to establish the liability of the vendor at the time of a trial or discovery process. The issues concerning intellectual property that arise and the risks that emerge for intellectual property owners. legislative and regulatory policies in some cases require certain types of data to be protected with certain prescribed standards. its application to businesses in new and unique modes along with the scale of adoption of new techniques have made it a fairly current subject. A range of operations can now be performed on the cloud without the need for capital investments in purchasing. security. Infrastructure as a Service (IaaS). risk allocation or mitigation. the myriad rules of various jurisdictions have to be taken into account. to ensure that adequate safety measures are taken by it and to be transparent about them. these are all examples of cloud computing in their simplest manner. Consider your regular email and social networking sites. Contractual negotiations also play a vital part in determining liability of the parties for inter-parte faults and resultant losses. Questions of jurisdiction are bound to arise in such a scenario. Also. it is essential that the business ensures that these guidelines are met. and Platform as a Service (PaaS) modes. setting up. to multiple users. Clarifying these issues is the first step towards establishing a relationship with the vendor In certain situations. financial or other difficulties. For Intellectual Property owners. through contract. every user must ensure that their service provider is reliable and would ensure safety of the data. operating. The manner of storing information and databases themselves are copyright protected in most jurisdictions. For example. and managing systems within the business. legislative or regulatory. As a consequence. siliconindia loud Computing is the new buzzword for businesses. the questions of ownership of IP in the work may become worrisome. in the ‘cloud’. in certain cases. However. included in operational issues are those of upgrade and vendor lock-in. an immense quantum of business in innumerable industries and various business operations. determine the governing law and jurisdictions. The question of who would be liable in such a case. in the event of discontinuation of relationship between the vendor and the business or in case of technical. Any data stored in a cloud. The legal issues arising out of cloud computing can be broadly categorized as operational. despite adequate safety measures by the vendor. However. All of these services require storage of information. IPR Issues Contractual negotiations with a cloud computing service provider are important in protecting data and intellectual property. Another question that may be troublesome for intellectual property owners is related to jurisdiction. While no straitjacketed rule may be prescribed and it depends on each case. However. by its very definition. in cases where results are obtained by converging software or by multiple users working on segments of a work. In such cases. The problem presented by this is that data concerning individuals of a certain jurisdiction may warrant certain standards that may not be necessary at the jurisdiction where the data is being stored or processed or accessed. When operational data is stored online on an outsourced server that is accessible in a controlled manner or otherwise. Risk allocations and mitigation is an important consideration that can mean the difference between advantageous use of the cloud computing model or disadvantageous. it is important that every business must first obtain clarity on these issues before data is made available to the vendor. It is also essential. while the user owns the content. Cloud computing as such is an unregulated field with a patchwork of legislation and regulation in limited jurisdictions. Data concerning individuals of a certain jurisdiction may warrant certain standards that may not be necessary at the jurisdiction where the data is being stored or processed or accessed tion. However. Lall Lahiri & Salhotra Technology: By Rahul Chaudhry with certain basic guidelines on data protection as provided for under the European Union’s Data Protection Directive. if provided for and dealt with in the contract between the parties can go a long way in eliminating risks and also allocating liability in case of loss. such considerations are not essential for data stored in India and neither is the service provider bound by such regulation. Contractual negotiations with a cloud computing service provider are of immense importance in protecting data and intellectual property over the cloud. are being performed ‘in the cloud’. the proprietor of the information is at one location and so is the server of the service provider. Certain questions of risk allocation. while being serious. shall be responsible for the process. as the first step towards establishing a relationship with the vendor. It is imperative that such issues be addressed prior to availing services of a service provider and be adequately dealt with in the contractual negotiations. there exists no doubt. especially when legislation in this respect specifically provides for jurisdiction. such as liability in case of breach of security by a third party. Would it be possible. How much liability a vendor accepts for the data and its protection shall be a question of vital importance in case of breach in the data or service. Businesses have readily embraced these modes of services. These issues must be clarified. for the business to access its information through other applications or service providers? It is essential for businesses to consider such a scenario. In such a scenario. are no more greater or challenging than those posed by use of the Internet even prior to cloud computing. data. with professional assistance if necessary. and those relating to jurisdiction. While it is not an entirely new concept. and to what extent. it is imperative that the legal implications of using cloud computing services be unsiliconindia C in Cloud Computing derstood by a business and that steps be taken to overcome the challenges and mitigate the risks presented by it. In addition. any data that relates to nationals of the European Union must comply |38| January 2010 |39| January 2011 . and results obtained from using those applications. is on the Internet and accessible at any location in any part of the world. while performing its operations. This would imply that the business must consider as to whether.The author is Partner. is a question that remains unanswered and depends upon the law in various countries. This Cloud computing is an unregulated field with a patchwork of legislation here and there. The question that arises here is how does one ensure compliance with the myriad legislative and regulatory frameworks? A form of ‘hybrid system’ is required to be formulated and implemented wherein the regulatory requirements of all jurisdictions are taken into account and this can be the best evaluation and implemented at the stage of contractual negotiations. The parties can. may present difficulties for the business. Such contingencies. Another question that arises is related to the ownership of the intellectual property in the information. However. the advantages that it provides are many. third party contractual limitations. such as a cloud computing service provider owns the infrastructure and any applications being run on it. today we see a proliferation of new tools of cloud computing that have made businesses turn around and take notice of the immense advantages that cloud computing has to offer. However. at times of a sensitive nature. However. from the day-to-day mundane tasks to collaboration and operative tasks. The challenge that cloud computing presents is that the data is stored on the service provider’s system and the owner of the material cannot exercise more control over it than to merely access and manipulate and process the data. Another operational concern that a business must consider is data portabilLegislative and regulatory issues are another aspect of cloud computing that present an area of considerable ambiguity. Operational legal issues concern legal issues that arise from the use of cloud computing services on a day-today basis and include concerns such as access to information of the business and manner of storage of the said informaity. it would be able to upgrade to newer operating procedures and systems and who. for both the business and the service provider. regardless of the location of the server or the service provider. Here the rule of ‘Caveat Emptor’ would prevail. even this agreement may not be able to oust the jurisdiction of multiple courts. the anxiety is greater with respect to the protection of valuable data and trade secrets.

We have all experienced situations where proprietary ERP companies have been acquired with the sole intention of killing competition or have filed for Chapter 11. Are you? si nies based on a range of variables.an open technology stack that is easily accessible and modifiable. Supply Chain and Financial functionality in an integrated manner. provide robust multi-national and orga- |40| Adoption and Partner Programs By definition. there are robust Open Source options that can be easily. They typically focus on user experience but have the same traits as the Tier 1 providers – closed systems built on proprietary development toolkits. The key to ERP is maturity and stability. However. the answer is a resounding NO (it is not that important). roll out and support the Open Source ERP that is the right fit for your organization. but the approach may be different in how they have crafted their architecture. Well. The world of ERP has been dominated for years by the likes of SAP. Oracle. look to the universe of people and companies that have downloaded software: Functionality If you are one of the thousands of companies world-wide that distributes or manufactures products and services then there are stable and mature Open Source ERP products that meet your functionality needs.truly a compelling case for its adoption. Willing & Able revenues with multi-location and country presence and these providers do a good job of meeting the majority of the functionality requirements across most industries. Alfresco and SugarCRM. you would be entitled to the latest functionality. Whether a company requires additional features and functionality to support Customer Relationship Management and ECommerce or requires comprehensive reporting tools. Integrating with Other Software As most Open Source ERPs are built on modern and mature Open Source architecture.net and Open Source ERP Guru as well as the sites sponsored by Open Source ERP integrators and commercial Open Source companies. Increasing Enterprise adoption of Open Source systems has created a niche for Commercial Open Source – Open Source software with the support levels and commitments that enterprises need. let’s focus on overall stability. if that isn’t an important differentiator we don’t know what is. Compiere and OpenBravo both made the top 25 in a strong group of Open Source companies that includes RedHat.000-pound gorillas and are commonly known as Tier 1 ERP. as opposed to the Community Edition (CE). About 11 years ago an early adopter of Open Source technology within the ERP space began a journey. and cost-effectively. Who would have known what would spring from this start. but for thousands of companies world-wide. Started by an ex-Oracle employee. For a nominal annual subscription. many are and it is those that deserve a serious consideration. all of which adds to the Total Cost of Ownership (TCO). You get the Code Open Source ERPs provide you access to the source code. Then there are several Tiers of ERP that accommodate the needs of smaller companies and certain industry niches. Willing and Able? Stability First.thevarguy. all of the Open Source ERP products mentioned above are stable. We would recommend you do your homework and involve a partner that can help you identify. typically. Is that really important? It depends. With a large following from impartial sites like SourceForge. The subscription programs are typically managed on behalf of the ERP provider by partners or VARs (Value Added Resellers). The annual survey tracks Open Source compa- About Author Tom Rodgers is Director of ERP Sales and Services for CIGNEX January 2010 siliconindia |41| January 2011 . tested well before release and supported by the company or a representative partner. but all have a common theme . Stability means that the project or company provides a consistent product that works and a methodology and toolset that can support new functionality when it is released. Not all Open Source providers are able to pass this test and this is one of the most important factors in Open Source ERP evaluation. As for Adoption. but as we all know. leaving customers with no support or an upgrade path! Access to source code ensures that you are in control of your ERP system. But stability comes in several flavors. While functionality is broad. While not all available Open Source ERPs are mature.Technology: By Tom Rodgers or many years Open Source ERP has been quietly maturing. including size. Next focus would be on the stability of the technical tools the ERP is built on. Generally speaking you will see all of the Open Source ERP provide the core Order to Cash. Then there is OFBiz an Apache project with a much different architecture but strong to those who desire the specific benefits. All the software mentioned pass that test.com) ranks Open Source software in general and several of the Open Source ERP products mentioned earlier in this article make the list for the second year. Each project or company has its own approach and focus. Open Source ERP also comes in several flavors from free to commercial subscription programs. PeopleSoft and Baan. we recommend the adoption of Commercial Open Source ERP (or Enterprise Edition). Some. it is important to mention that most products available do not dive deep into the pool of functionality such as true capacity planning for manufacturers. the information and collaboration is remarkable. For the sake of argument we can say these are the 1. Open Source software is a community effort and in many cases free. In summary. Willing and Able to meet your business needs. Open Source ERP has come of age and is Ready. the services they employ for integrating with other software is both open and flexible. Compiere ERP began a journey that included splits in the road that brought life to is Ready other ERP Open Source projects such as OpenBravo and ADempiere. Why do we believe Open Source ERP Is Ready. That is not to say they cannot be integrated with other software. like Compiere. including SMBs and large Distributors. integrated with the chosen Open Source ERP. they can and are every day but it is more difficult and requires specialized functional and technical knowledge. Tier 1 software is meant typically for companies that have over $200 million in siliconindia F ERP OpenSource nizational hierarchy structures that can support most organization’s business requirements. it is not as deep as Tier 1 ERP. For the most part. a utopian dream with most proprietary ERPs. Commercial Versions Generally Payoff To ensure peace-of-mind. influence and growth of their partner programs. Adopting commercial Open Source ERP has yielded reduced TCO in excess of 90 percent . but at a fraction of the cost associated with proprietary tools. are difficult to implement and often expensive to support. Open Source ERP is ready for thousands of companies world-wide. These ERP systems are broad and deep in functionality. The VAR Guy (www.

production. Can we possibly incentivize our dealer network if our marketing department’s vision of a rebate system cannot be automated through our ERP system. This translates to 10 percent more revenue collection and proportionate profits year after year. Single minded pursuit to finish the project on original schedule 8. not enabling itself with a good ERP system today is like trying to conduct business without using basic technological tools like emails. Long ago organizations worldwide started realizing how adoption of an ERP system makes some of them distinctly competitive and others an exact opposite. Is it going to be possible to sell to an OEM in Europe if our ERP system does not help us in tracing the component supplier in case our client had to unfortunately recall its product. At the very basic level. Higher Throughput – Getting more out of your installed capacity could mean crores of saved capital investment. On the other hand a good ERP system can be source of sustainable competitive advantage. Trust based system leads to scope of mismanagement. quality management. On the other hand ERP product development over last three decades has ensured that ERP products are not just a competitive differentiator siliconindia E |42| from the investment. What if my USP is fastest order-to-delivery. Selection of a worthy partner who can bring definitiveness to your project in terms of time lines and ability to give you the best solution for your business It’s important for the product that you choose as your ERP system to be able to enable all of the above over a period of time. competitive edges and USPs. On one hand ERP is as necessary to a business as an email system. quality check and logistics. Basics of guaranteeing on the investment Not every collection of features is an ERP product: ERP is a software product. si siliconindia ensuring compliance and management time. but a critical enabler for midsize companies as well. Buy-in and support from company leadership 4. For most of us it means a tool that helps an organization run various functions of its day to day operations and also help drive strategic decisions. Manufacturing functions and Warehouse Management functions. Evolution of ERP followed the general evolutionary trend of Information Technology (IT). Explosive growth and high returns come from your ERP system when you are able to take beyond operational execution and use for one of following: Operational Excellence Strategic Decision Making Competitive advantage Scalability Enabler 2. Faster inventory turns means significantly lower amount of working capital and its cost. A clear solution strategy and implementation plan 3. Buy-in on the solution features from all function leaders 5. scalability and above all reliability. Dr. So. Implementing an ERP system and fine tuning it to be a business enabler over a well defined roadmap requires that the product chosen by you does not exhaust itself as you go beyond operational execution and look to enable your strategic insight. for a proper management their should be a balance between the two. January 2010 |43| January 2011 . materials management. It is not possible for the vendor to bring down their standards for the sake of the company neither is it feasible for the later to upgrade for the sake of the former.The author is CEO. Communication strategy for every section of ERP user 6. It’s too elaborate a topic to address in a few paragraphs but just as a word of caution.Finance and Information Technology at Munjal Showa and a doctorate in Inventory Optimization says – “For a company that is past `50 crores turnover. Implementation process does not mean just setting up the transactional parameters and master data for a product so that it can function for a specific company. Customer Relations Management. The main problem faced by SMEs when it comes to ERP is that their requirement is limited while the product offered exceeds their specifications in all ways (including the costs). Lower Cost of Compliance – Accurate and demonstrable operational execution means higher statutory compliance. financial accounting and financial control. ERP product market has evolved over last two decades to have clear market leaders and a host of other products. Most immature ERP products exhaust themselves at the level of Operational Execution itself. For an Indian manufacturer growing beyond about `50 crores turnover. The great news is that it is actually a wealth creator. AVP. This translates into saving significant amount of money on ERP Implementation for Midsize companies Necessary Expense or Strategic Investment? for large companies. Control on intended inefficiency – As the organization grows. Financials. To clarify for the uninitiated. cost of the best ERP solution can be recovered from the material handling efficiency itself”.The gap between these two needs to be analyzed by the companies and SMEs. The company should discuss with the vendor to analyze the pros and cons of every possibility to match their requirements. This system unleashes possibility of implementing management practices that make one organization fundamentally different from another. like any other change initiative all the following are critical success factors – 1. sales. production. Apart from tangible benefits there are plenty of intangible benefits. A good ERP system brings a huge deterrent of audit trail and traceability into the system. The list of ROI elements goes on. With a good ERP product and a well implemented solution one can optimize its production capacities and coordinate with sales to achieve higher throughput. ERP Systems have the potential to cover a wide arena from functions as Human Resources. Can I ever ignore the fact that a core of well defined processes that is embedded into my ERP system can free my management to drive the company to a growth target in four years time that was otherwise to be achieved in five years time. Enterprise Resource Planning (ERP) is an integrated system which facilitates the required collaborative effort for various departments of an organization such as marketing. efficiency. Vital Wires Consulting Technology: By Vinay Singh nterprise Resource Planning (ERP) has become quite an established term over last couple of decades. choosing a product that covers 75 percent of your operational execution is similarly imprudent. Higher Serviceability to Customers – A company that operated at 85 percent serviceability ratio to its customers can operate at 95 percent of serviceability as a result of collaborative efficiency between sales. Just as it is well understood today that developing a software system from scratch as your own ERP is a big waste of energy. visibility and transparency is sacrificed. productivity. if I cannot make it happen through my ERP system. higher profits and scalability. logistics. This leads to crores of money saved over a period in material handling itself. integration of such a system helps in ensuring accuracy of information. Faster Inventory Turns – Most manufacturing companies have 70 percent of their cost in the raw material. having a good ERP solution is a must. For every midsize company. Can we really think of implementing vendor evaluation or distributor management if we can’t measure a few key result areas accurately in real time. It’s a purely business driven exercise of bringing about a change and taking the organization along with it. Supply Chain Management. A project control procedure that leaves no room for lack of accountability and has the ability to incentivize everyone involved Where do you get the return on investment from? Lower Cost of Operation – Higher productivity and efficiency leads to lower cost of operation across the organization. Choosing the right product is very basic to ensuring that one gets highest return Implementing the Product well is as important as the product itself: Implementation is a crucial exercise in ensuring the success of an ERP initiative. and leave no scope for growing to subsequent steps of evolution. Mahesh Taneja. Commitment of right resources to the project 7.

and services. RSA Technology: By Kartik Shahani C siliconindia Secure Cloud Computing loud computing delivers convenient. organizations need to learn as much as possible about their cloud providers’ security policies. Organizations must evaluate the new monitoring opportunities and the evolving risks presented by the hypervisor layer and learn to account for them in policy-setting and compliance reporting. With this unprecedented level of visibility. the accessibility of a company to audit security controls is low. To satisfy requirements. systems and controls. on-demand access to software applications. some of which may be different from or incompatible with their own. The cloud introduces new risks resulting from co-residency. In many cases. software and services running on top of that infrastructure falls into doubt. procedures. The adoption of cloud-based services affects the level of control that an organization has on data security within the cloud. the consumer is carried away with the generic statements of compliance to industry standards by the cloud service provider. There’s currently no easy way for organizations to monitor actual conditions and operating states within the hardware. However. accountability needs to be affixed on all members to the contract to ensure there is no breach or lapse of processes Organizations running private clouds need to factor their cloud providers’ practices into their overall security and compliance assessments. which adds a hypervisor layer to the traditional IT services stack. parency at the bottom-most layers of the cloud by developing the standards. However. The resulting infrastructure stack would be tied into data analysis tools and a governance. For these assessments to be thorough and reliable. either in component parts or as an integrated whole. This type of integrated hardware-software framework would make the lowest levels of the cloud’s infrastructure as inspectable. we believe clouds can develop the infrastructure-level policy controls and the end-to-end security attestations to handle even the most demanding security requirements for applications and data. flexible. This means we can deliver new waves of efficiency. the IT industry and cloud providers need to develop real-time monitoring solutions that provide configurable reports of actual conditions within the cloud. at RSA. as well as new planes of exposure to risks. on a continuous and reliable basis. The cloud computing paradigm—made possible by sophisticated automation. the following points need to be tackled appropriately and adequately by service providers and cloud developers Organizations have the onus of proving. hypervisors and virtual machines comprising their clouds. a generic statement of control compliance may not be sufficient. Finally. When companies outsource parts of their IT infrastructure to cloud |44| providers. physical boundaries that help define and protect an organization’s data. tools and linkages to monitor and prove that the cloud’s physical and virtual machines are actually performing as they should. While the cloud provides organizations with a more efficient. we believe that Cloud Computing will turn the way we deliver security inside out. such as when malware is injected into the virtualization layer. Any new layer in the services stack introduces new op- Cloud Security and Compliance – What the future holds The next frontier in cloud security and compliance will be to create trans- portunities for improving security and compliance. Ultimately. one may need to rely on the results of an audit performed by an independent third-party auditor. that the infrastructure supporting their data and processes is secure. this will enable organizations to take advantage of the cloud’s benefits in supporting a much broader range of business processes. Challenges range from the unintentional – such as when a VM’s activities consume so much processing power and memory that it starves co-resident VMs of resources – to the deliberately malicious. In a cloud. the security of all the data. Given that organizations have little option but to go by the word of the service providers or the service level agreements (SLAs). agility and collaboration for organizations of all sizes since many of the physical operations and roles will converge with virtual machine administrators playing the roles of network. risk & compliance (GRC) console. Creating secure partitions between co-resident VMs has proven challenging for many cloud providers. si siliconindia January 2010 |45| January 2011 . The future of Information Technology Management Moving to the Cloud In order for organizations to move their high-value business processes and regulated data into the cloud. analyzable and reportable for compliance as the cloud’s top-most application services layer. which would contextualize conditions in the cloud’s hardware and virtualization layers to present a reliable assessment of an organization’s overall security and compliance posture. Many times. cloud services are typically virtualized. Access to certain transactions. they effectively give up some control over their information infrastructure and processes.The author is Country Manager – India & SAARC. convenient and cost-effective alternative to owning and operating their own infrastructure. events and audit logs may be crucial for auditors. For this. The shift toward cloud services is more than just a shift in technology. even while they are required to bear greater responsibility for data confidentiality and compliance. which are made available to all customers. cloud providers and members of the IT Industry are collaborating on a conceptual IT framework to integrate the secure measurements provided by a hardware root of trust into adjoining hypervisors and virtualization management software. Verifying what’s happening at the foundational levels of the cloud is important for the simple reason that if organizations can’t trust the safety of their computing infrastructure. storage and server administrator simultaneously. enabling hostile parties to monitor and control all the VMs residing on a system. it also makes mitigating risk more complex as it erases the traditional. which is when different users within a cloud share the same physical equipment to run their virtual machines. provisioning and virtualization technologies—differs dramatically from today’s IT model because it decouples data and software from the servers and storage systems running them and allows IT resources to be dynamically allocated and delivered as a service. It fundamen- The next frontier in cloud security and compliance will be to create transparency at the bottom-most layers of the cloud tally alters the way business and IT systems function. And information security will enable cloud computing to take full advantage of the Internet turning current IT models inside out as well.

there is no better way to secure your future than siliconindia. VCs etc. siliconindia is the most powerful medium to reach out to the CIOs. We bring you information. navigate through today's changing business landscape.com m Log on to: http://www.09.2010 73 48 37 50 34 20 21 34 17 38 19 20 17 23 10 5 21 37 21 15 52 Week HIGH 73 53 38 52 36 22 22 34 22 40 25 18 24 10 5 34 37 22 52 Week LOW 42 31 22 25 26 9 10 6 14 21 9 7 12 6 2 16 23 15 9 % CHANGE IN PRICE 4 Weeks 52 Weeks 11 -1 32 11 0 0 -9 21 -6 4 6 -18 8 9 24 21 -32 5 3 19 59 26 37 67 17 102 91 240 -11 57 0 101 135 58 15 113 -1 50 19 36 CAPITALIZATION In $ Millions 22200 1990 19360 11760 6430 3290 2080 2240 1790 1690 1720 1130 1130 982 1040 331 593 687 629 136 siliconindia From high profile columnists to Innovations in business siliconindia gives you relevant information that truly matters to you. 44790. # 202 Fremont.S.com/magazine/subscribe. Syntel Juniper Networks SanDisk Corporation Microchip Tech Tibco Software Aruba Networks Isilon Systems* Qlogic Corporation Cavium Networks Netezza^ iGate Ixia NetScout Infinera Corporation Magma Design Sycamore Networks OSI Systems EXL Service holdings Keynote Systems CTSH SYNT JNPR SNDK MCHP TIBX ARUN ISLN QLGC CAVM NZAF IGTE XXIA NTCT INFN LAVA SCMR OSIS EXLS KEYN Index of the top tech public companies in India 52 Week LOW 1040 358 197 205 87 6 138 382 94 187 32 63 181 40 257 25 14 35 13 19 % CHANGE IN PRICE 4 Weeks 52 Weeks 12 7 12 18 2 19 4 -11 -18 -1 2 -5 -1 13 17 1 3 -1 11 0 32 52 -24 -16 25 -20 -4 -7 0 30 -4 -24 -18 -28 71 15 0 20 34 -44 CAPITALIZATION In Rs. Crore 173376 181493 108893 9715 28444 11347 13445 5670 5760 4034 2730 2582 2018 1192 2903 1688 1148 524 517 341 With its presence in the tech industry for over a decade. CEOs. CA . INDIA INDEX RANK COMPANY * Isilon Systems has been acquired by EMC2 ^ Netezza has been acquired by IBM and will trade on NYSE henceforth Stock Price INR Closing 27.S founded and managed by Indians Stock Price (US$)Closing 11.29.siTech20 U. and entrepreneurship ip for Indian professionals in the U.S Grimmer Blvd. ideas and insights to help you pe.94538 You may call us at 510-440-8249 Write to us at: subscription@siliconindia. 418 6 Mahindra Satyam 96 7 Mphasis 641 8 Financial Technologies 1231 9 Patni Comp 446 10 GTL Ltd 417 11 Rolta India 169 12 HCL Infosystems 118 13 Mindtree 509 14 Moser Baer 71 15 CMC Ltd 1924 16 Polaris Software 171 17 NIIT Ltd 70 18 Sasken Communications Technology 192 19 Sonata Software 49 20 Subex Systems 52 By subscribing The only magazine that covers business. you'll join the 3 Wipro Ltd 445 elite group of readers who receive unbeatable. forthright and objective views of the trends in the Indian industry. It also presents bold.2010 52 Week HIGH 2070 943 639 860 352 299 732 1895 510 343 206 189 641 115 1320 181 78 162 35 96 Cognizant Tech.siliconindia. CXOs. 1 Infosys Technologies 3033 2 Tata Consultancy Services 928 now. This is why readers rely on siliconindia.php cribe siliconindia |46| January 2010 . technology. And make sure your brand catches their eyes. 4 Tech Mahindra 776 5 HCL Technologies top-quality venture capital news every day.S INDEX 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 RANK COMPANY Index of the top tech public companies in U. career. $50 for 12 issues Please send us your cheque to siliconindia Inc.