67
October - December 2013 Volume 02 Issue 01 www.ctoforumbd.org p. 42 p. 35 p. 20 p. 18 p. 11 Technology Prediction & Technologies to Lead 2014 Ethical Hacking Data Centers Play Fast and Loose with Reliability Credentials How to Determine if Your Application is Suitable for the Cloud Empowering Women Through ICT * Image Source: Internet

Cto magazine volume2 issue1

Embed Size (px)

DESCRIPTION

 

Citation preview

Page 1: Cto magazine volume2 issue1

October - December 2013 Volume 02 Issue 01 www.ctoforumbd.org

p. 42

p. 35

p. 20p. 18p. 11

Technology Prediction & Technologies to Lead 2014

Ethical Hacking Data Centers Play Fast and Loose with Reliability Credentials

How to Determine if Your Application is Suitable for the Cloud

Empowering Women Through ICT

* Im

age

Sour

ce: I

nter

net

Page 2: Cto magazine volume2 issue1
Page 3: Cto magazine volume2 issue1
Page 4: Cto magazine volume2 issue1
Page 5: Cto magazine volume2 issue1

Areas of Expertise NRB BANK

Page 6: Cto magazine volume2 issue1
Page 7: Cto magazine volume2 issue1
Page 8: Cto magazine volume2 issue1

October - December 2013 www.ctoforumbd.org4

SECURITY06 Mobile Security - Basic Challenges

11 Ethical Hacking

LEADERSHIP27 Why Workplace Leadership is About to

Get its First Major Makeover...

30 7 Ways to Raise Up Young Leaders

32 Challenges of Effective Communication in an ESL Workplace

33 Integrating and Leveraging...

35 Technology Prediction & Technologies to Lead 2014

INNOVATION15 Trends in Building Data Centers -

2014

18 Data Centers Play Fast and Loose with Reliability Credentials

20 How to Determine if Your Application is Suitable for the Cloud

22 Top 10 Cloud Computing Certifications

24 Electronic Document Management: a New Hub for Document Paradigm

DIGITAL BANGLADESH42 Empowering Women Through ICT

44 Bangladesh ICT Industry Accomplishments in 2013

CONTENTVOL. 02, ISSUE. 01, OCT - DEC 2013

Page 9: Cto magazine volume2 issue1

October - December 2013www.ctoforumbd.org 5

Bangladesh has been growing at a more or less satisfactory rate around 6 percent during the last few years. Government has framed policy to support the ICT sector as per the vision of a “Digital Bangladesh”. There is however a lot of skepticism that government has not done enough to fulfill its pledges. However, our hope is that both the government and the private sector may now realize and come forward in a big way in the coming years to support this sector. Lot of research is needed to find out how far better or worse we compare with different groups of countries which are starting from a similar state of the economy or for that matter from ICT sector growth. It has been amply demonstrate that the ICT sector could have thrived even in difficult situations as the input and output may move unhindered if only the network support is up and running. Many countries have done well by producing good quality mobile phones like South Korea. We should also explore in which area the world demand is increasing and how the collaboration between government and the private sector may be harnessed to enter the appropriate area of the market thus generating employment, skill, education and consequent income growth.

Our hope in the New Year is that things will improve in the future.

MD. NAZMUL HOQUE

EDITORIAL

Chief Editor

Md. Nazmul Hoque

Advisory Board

Professor Dr. M. Lutfar Rahman Professor M Omar Rahman Professor Dr. M. Kaykobad Professor Dr. Suraiya Pervin

Editorial Board

Tapan Kanti Sarkar Nawed Iqbal Debdulal Roy Dr. Ijazul Haque Kanon Kumar Roy Professor Dr. Syed Akhter Hossain

E-mail us:Feedback:[email protected]

Visit us on the web:www.ctoforumbd.org

Contact Information:Office SecretaryCTO Forum Bangladesh12-F (12th Floor) Meherba Plaza33, Topkhana Road Dhaka – 1000Bangladeshemail: [email protected] Phone: +880-1818-525236

The articles available on this magazine are copyrighted and all rights are reserved by the CTO Forum Bangladesh and respective author. No part of this magazine may be reproduced or copied, stored in a retrieval system, or transmitted by any means electronic, mechanical, photocopying, recording or otherwise, without the prior written permission from the author. Breach of this condition is liable for appropriate legal action. Published and printed in Bangladesh by The CTO Forum Bangladesh.

OCT-DEC 2013 n Vol. 02 Issue 01 n www.ctoforumbd.org

Page 10: Cto magazine volume2 issue1

SECU

RITY

October - December 2013 www.ctoforumbd.org6

Introduction

The above quote might well apply to desktops and laptops as well. But it’s much more probable that your mobile device might be used by someone or lost, compared to your laptop or desktop. This fact changes the entire scenario. With the advent of mobile phones and smart phones, the game has enormously changed in the last few years with respect to the ease with which tasks are accomplished. This article focuses on various security-related aspects which are involved with increased use of mobiles. Before jumping into the security concerns, here is a small introduction about how the mobile technology has slowly taken over the whole world.

The first hand-held mobile device was demonstrated by two Motorola employees in 1973. After 10 years, i.e. in 1983, the first mobile was commercially made available. From 1990 to the early 2000s, mobile phones spread rapidly; people used it mainly for communication. In the last 10 years, with the rapid increase in internet usage, mobiles started accommodating the features of personal computers and finally took a new shape with the introduction of “smart phones.” Today mobiles have penetrated into each and every corner of this world, serving a variety of tasks including mobile applications, GPS navigation, storage, entertainment, etc. In this article we will mainly focus on mobile applications and their security concerns.

Mobile applications

Mobile phone applications extend the functionality of

mobile phones. Everything is readily available and the tasks which were previously accomplished in a desktop world are now available on mobile just with a single click. People now use mobile applications to assist them in several day-to-day activities and enterprises are in a mad rush to develop the mobile apps to reach out to the users in a better way.

What is a mobile app anyway?

A mobile app is a software application developed to run on mobiles. Each mobile operating system has a corresponding distribution platform from where these mobile apps can be downloaded. For example, Android apps can be downloaded from Google Play and iPhone apps can be downloaded from the Apple App Store. So an individual or a company can develop a mobile application and upload it to the

SECU

RITY

Mobile Security - Basic Challenges“Data stored on the device is worth more than the device”By Md. Tawhidur Rahman Pial

Page 11: Cto magazine volume2 issue1

SECU

RITY

October - December 2013www.ctoforumbd.org 7

distribution platform and advertise it so that users can download and use it. The general demand and the ease of development of these mobile apps have resulted in their enormous growth. So these days we have a mobile app for everything – fox example, mobile banking, online shopping, ticket purchases, games etc. The real question is how secure are the mobile apps that deal with sensitive information. So let’s have a look at general mobile security-related issues which are common to all the platforms.

Mobile Security

Mobile security is increasingly playing a crucial role as more sensitive and personal information is now stored in the mobile phones. Security is considered as a crucial and central aspect during the unveiling of any Smartphone. Moreover, with the corporate world embracing the mobiles in a big way, the focus is very much on the security of these devices. Attacks that have been seen on PCs are now slowly making their way onto the mobiles. At a higher level, mobile-related attacks can be classified into these categories:

Attacks based on OS–Exploiting the loopholes present at OS level. So the concerned vendor has to release a patch to fix the issue.

Attacks based on mobile apps–Exploiting the security holes present in mobile application, which are a result of poor coding/development.

Attacks based on communication networks–Attacks on GSM, Wi-Fi, Bluetooth, etc.

Malware-related attacks–Malware attacks on mobiles have been rising continuously. A successful attack can steal the photos on your mobile, hijack the camera click, hack the emails, and delete the files on the mobile.

Let’s now move on and talk a little bit more about the current issues related to mobile security. The following is a list of the main issues in the field of mobile security. Please note that this is not the complete list and it is not in any particular order. Let’s have brief look into the security issues which revolve around the mobile devices currently.

Page 12: Cto magazine volume2 issue1

SECU

RITY

October - December 2013 www.ctoforumbd.org8

Physical security

Physical security is one of the biggest challenges to the designers of mobile phones and their applications. Mobile

phones are lost, stolen, and borrowed (many times by others to make a call or view the photos). When a mobile device is lost, the real concern is not about the cost of the mobile but the amount of sensitive data that is present on that mobile. Imagine that the personal phone which is provided by your employer for enterprise activities falls into the hands of the wrong person, who tweaks the data present in it.

Imagine a situation where your neighbor asks your mobile for a quick call and then downloads a malware onto that phone (by the way, it just takes a few seconds to do that). These issues are rather less when you are dealing with a desktop, because it would be unusual if you lose your desktop computer. So the bottom line is that mobile applications and systems are to be designed assuming that untrusted parties will be granted access to the phone.

No such thing as “logging” into mobile

In the desktop world, each user supplies a username and password and logs into the system where he gets access to his environment. Each user has a different environment and thus the privileges and data that each user has are separated. This ensures that one account doesn’t have access to the data of other account.

But this concept is not valid in a mobile world because there is nothing like logging into a mobile for each user. So sharing and accessing of data between applications is a big concern.

Secure storage of data on the phone

In addition to the sensitive files present on your mobile (photos, contacts, documents, etc.), mobile applications also store sensitive information like authentication tokens, password-related files etc. It’s very important that these files are protected.

One way is by storing them securely on the mobile so that they are not accessible or usable. For instance, password files must be stored in encrypted fashion so that even after accessing those files they are of not much use.

Mobile browsing environment

In a mobile browser, it is not possible to see the entire URL; sometimes the URL can’t be seen at all. This paves the way for hackers to unleash phishing-related attacks. So the display space on a mobile device increases the possibility of phishing attacks manyfold. The fact that people are more inclined to follow links on mobile blindly adds to this problem. So in this mobile browsing environment, it’s impossible to expect a normal user to verify every link before following it.

Isolating the applications

The range of mobile applications that we install today is diverse: social applications to connect to family and friends, enterprise applications to manage your work, banking applications to transfer funds, gaming applications for entertainment, and many more. So it’s very important that a social networking app does not gain access to your corporate app or that a gaming app does not gain access to the banking app. In short, application isolation is crucial. This would depend on the factors like OS permissions in

Page 13: Cto magazine volume2 issue1

SECU

RITY

October - December 2013www.ctoforumbd.org 9

different platforms and how these permissions are granted. Exploiting the existing mechanisms to gain unauthorized access is one area where hackers are actively targeting.

Update Process

Operating systems require patches/updates to resolve any security issues that are discovered. OS’s like Windows look continuously for updates and install them. But when it comes to mobile OS the patching process is not as simple as that. When a bug is reported in a particular OS, the OS vendor comes with a patch. He then publishes this information to all the carriers (like GP, ROBI and Airtel etc.). Now these carriers will not be proactive in installing these updates because there is every chance that during patching processes other applications might break down. Hence if these carriers find such cases with the patching, they hold it on for some time without applying the patch/update immediately.

Proper Authentication

The authentication process is very important in mobile phones because, as explained earlier, it is just a matter of seconds before someone asks your phone and does something malicious and you have no idea about it. In the cases where a company offers extranet access to its corporate network through

mobiles, there should be a means of multifactor authentication because if that mobile falls into the hands of the wrong guys, it would expose the internal network of the company. Multifactor authentication needs to be implemented and improved in order to solve many issues.

Poor coding of mobile apps

Poor coding or development practices of the developers could lead to severe consequences. For example: hard coding of sensitive data like passwords, transmission of information in unencrypted channel, weak server side controls, improper session handling, etc. Many of the vulnerabilities that apply to the web will apply to mobile applications as well.

Bluetooth and other attacks

Bluetooth and other drivers pose a security threat to the overall security posture of the mobiles. We have seen in the past about the vulnerabilities reported on Bluetooth and other third-party drivers. Since these have system access, by exploiting a critical vulnerability an attacker might even get access to everything on a mobile. So even if the underlying operating system has excellent built-in mechanisms that do not easily grant system access, these

Page 14: Cto magazine volume2 issue1

SECU

RITY

October - December 2013 www.ctoforumbd.org10

vulnerable third-party drivers would be a setback at any time.

Malware Attacks

Many surveys point out that malware attacks on mobile phones is on the rise. If you are someone who browses through tech news every now and then, you must have seen some news about android phones getting infected by malware in a big way. Malware is something which harms the system in which in resides. With a new computing environment, a new class of threats in new forms arise. It is very important that these issues are addressed proactively leveraging on our experiences of the 1990s. Reports have also been published which forecast the situation to be worse in the coming year and some say that 2013 will be the” year of mobile malware”!

Jailbreaking the phones

Many users jailbreak the phone in order to run applications for free or to run applications which are not authorized by the vendor. Jailbreaking a phone removes the restrictions imposed on a device by its vendor. Hence jailbroken devices are more susceptible to computer viruses and malware. Downloading the apps from an unauthorized third-party store will only put your mobile at risk.

New features like NFC pose a serious threat

NFC (Neat Field Communication) is a technology that allows you to beam the content to nearby devices and lets you use your mobile as a wallet to purchase items. It has been demonstrated in Black hat conferences that by brushing a tag with an embedded NFC chip over an android phone, it is possible to take over the control of the phone.

So with increase in technology, you will need to address more complex attack scenarios. In future, many more advanced technologies like these are expected to come and they bring a whole lot of new issues to address.

User awareness

User awareness is major factor in controlling many of the attacks and, when it comes to mobiles, it’s even more important. There are many things from the user end which he should be careful about: having a passcode for the device and looking out for the permissions granted to application (a gaming application may not need access to dialling), not following the links sent by unknown persons.

As the time progresses, the industry has more challenges to face and answer. For instance new ideas pose a security threat like BYOD (Bring Your Own Device) where employees bring their personal mobile devices to their work place. Since there are huge number of devices out there, each having its own security issues, it’s a huge task for any organization to guarantee the corporate equivalent of privacy on these devices. These are some of the basic issues that are involved in current mobile security. If anyone of you has more points to make, I sincerely ask that you comment and share with the community.

Md. Tawhidur Rahman Pial, was lived in Afghanistan, previously was in Atlanta, USA; Singapore, Bangkok, Malaysia, Bangladesh, have 9 years experience on IT Security & telecommunication field and worked in Nokia, Ericsson, Now working as Cyber terrorism & Network Security Consultant at DGFI and was Sr.Lecturer in a Private University in Bangladesh. Done Vendor Training On Cisco, IBM, Juniper, EC-Council, CISSP, PMI, SOTM (U.S.Army).

Author Details:

Md. Tawhidur Rahman Pial Cyber terrorism & Network Security Consultant, DGFIAssociate Member, CTO Forum Bangladesh

Page 15: Cto magazine volume2 issue1

SECU

RITY

October - December 2013www.ctoforumbd.org 11

Ethical hacking is related to two words - ‘Ethics’ and ‘Hacking’. Ethics, also known as moral philosophy, involves systematizing, defending, and recommending the concepts of right and wrong conduct. It is related to moral principles, moral duty, obligation, and the distinguishing of these two things. Ethical means being moral, choosing the right from wrong. Being ethical is following the rules of the land. On the other hand, hacking is the process of taking advantage of weakness in a computer or computer network to accomplish the goal of the perpetrator. The person who is engaged in hacking activities is known as ‘Hacker’. Hackers may be motivated by a multiple reasons, such as money, profit, protest, challenge or just for fun.

An ethical hacker is usual which trusts him or her employed by an organization who trusts him or her to attempt to penetrate networks and/or computer systems, using the same methods/tools as a traditional hacker uses, for the purpose of finding computer security vulnerabilities / weaknesses, rather than with malicious or criminal intent. Unauthorized hacking (i.e., gaining access to computer systems without prior authorization from the owner) is a crime in most countries, but penetration testing done by the request of the owner of the targeted system(s) or network(s) is not.

The job done by Ethical Hacker is known as Ethical hacking. Before doing such a job, a Non-Disclosure Agreement (NDA) must be signed between the Ethical Hacker and the Organization.

Classification of Hackers

White hat hacker

A white hat hacker breaks security for non-malicious reasons, perhaps to test their own security system or test security vulnerabilities of other company on contract basis. White hat hacker is also called ethical hacker.

Black hat hacker

A black hat hacker is a hacker who breaks computer security for malicious activities or for personal gain. They destroy/steal data or make the network unusable for those who are authorized to use the network.

Grey hat hacker

A grey hat hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked. Then they may offer to repair their system for a small fee.

Blue hat hacker

A blue hat hacker is someone outside computer security consulting firms who is used to bug test a system prior to its launch, looking for exploits so they can be closed before hand.

Hacking Approach

A typical approach in an attack on networked system is:

1. Network enumeration: Discovering information about the intended target.

2. Vulnerability analysis: Identifying potential ways of attack.

3. Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.

In order to do so, there are several recurring tools and techniques used by computer criminals and security experts.

SECU

RITY

Ethical HackingBy Biprajit Saha

Page 16: Cto magazine volume2 issue1

SECU

RITY

October - December 2013 www.ctoforumbd.org12

Hacking Tools & Techniques

Vulnerability scanner

A tool used to quickly check computers on a network for weaknesses. Hackers also

commonly use port scanners to see which ports on a specified computer are “open” or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number.

Password cracking

The process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try by guessing for the password.

Packet sniffer

A tool that captures data packets, which can be used to capture passwords and other data in transit over the network.

Spoofing attack (Phishing)

A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program.

The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.

SQL injection

It is a technique often used to attack data driven applications. This is done by including portions of SQL statements in an entry field in an attempt to get the website to pass a newly formed rogue SQL command to the database (e.g., dump the database contents to the attacker). SQL injection is a code injection technique that exploits a security vulnerability in an application’s software. The vulnerability happens when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL commands are thus injected from an application form into the database of an application (like queries) to change the database content or dump the database information like credit card or passwords to the attacker. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

Social engineering

A common practice for hackers who use this technique, is to act as legitimate user/customer and thereby collect security information about the organization and takes advantages of the weaknesses.

Rootkit

A rootkit is designed to conceal the compromise of a computer’s security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Rootkits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.

Trojan horses

A Trojan horse is a program which seems to be doing one thing, but is actually doing another. A trojan horse can be used to set up a back door in a computer system such that the intruder can gain access later.

Viruses

A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents upon user intervention. Most computer viruses are considered malicious.

Page 17: Cto magazine volume2 issue1

SECU

RITY

October - December 2013www.ctoforumbd.org 13

Worms

Like a virus, a worm is also a self-replicating program. A worm differs from a virus in that it propagates through computer networks without user intervention. Unlike a virus, it does not need to attach itself to an existing program.

Key loggers

A key logger is a tool designed to record (‘log’) every keystroke on an affected machine for later retrieval. Its purpose is usually to allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user’s password or other private data. Some key loggers uses virus-, trojan-, and rootkit-like methods to remain active and hidden. However, some key loggers are used in legitimate ways and sometimes to even enhance computer security.

Automated Tools of Ethical Hacking

Here are the automated tools that are widely used in the world of hacking:

Nmap: mainly used for port scanning. It is used for Operating system fingerprinting too.

Nessus: a network vulnerability scanner and used for finding the critical bugs on a system.

Nikto: a free and open source tool. It checks for outdated versions of servers, and version specific problems on servers. It finds out the default files and programs. It is a best tool for web server penetration testing.

Kismet: best choice for penetration test on wireless network.

Metasploit: contains a database that has a list of available exploit and it is easy to use for doing penetration testing. Metasploit is used to execute exploit code against a machine and get the desire task done.

Netstumbler: For wardriving, netstumbler is available for windows based operating system. It can detect WiFi that is IEEE 802.11b, 802.11g and 802.11a networks. MiniStumbler is also available and works on Windows CE based system.

Importance of Ethical Hacking

Businesses and government-related organizations that are serious about their network security hire ethical hackers / penetration testers to help probe and improve their networks, applications, and other computer systems with the ultimate goal of preventing data theft and fraud. The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker and can involve active exploitation of security vulnerabilities.

Followings are the main goals for ethical hacking:

1. Determining the feasibility of a particular set of attack vectors

2. Identifying higher-risk vulnerabilities that result from a combination of lower-risk vulnerabilities exploited in a particular sequence

3. Identifying vulnerabilities that may be difficult or impossible to detect with automated network or application vulnerability scanning software

Page 18: Cto magazine volume2 issue1

SECU

RITY

October - December 2013 www.ctoforumbd.org14

4. Assessing the magnitude of potential business and operational impacts of successful attacks

5. Testing the ability of network defenders to successfully detect and respond to the attacks

6. Providing evidence to support increased investments in security personnel and technology

How to become an Ethical Hacker

What you need to do to get started on the road to becoming an ethical hacker depends on where you are in the IT field.

If you are a novice, start with the basics: Earn A+ Certification and get a tech support position. After some experience and additional certification (Network+ or CCNA), move up to a network support or admin role, and then to network engineer after a few years.

Next, put some time for earning security certifications (Security+, CISSP, or TICSA) and find an information security position. While you’re there, try to concentrate on penetration testing and get some experience with the tools of the trade.

Then work toward getting Certified Ethical Hacker (CEH) certification offered by the International Council of Electronic Commerce Consultants (EC-Council). At that point, you can start marketing yourself as an ethical hacker. For a hacker, networking know-how is vital; but make sure that you gain experience in related areas as well. Discover and play with Unix/Linux commands and distributions. Make sure you also learn some programming--maybe C, LISP, Perl, or Java. And spend some time with databases such as SQL.

Qualification for a CEH (a vendor-neutral certification) involves mastering penetration testing, footprinting and

reconnaissance, and social engineering. It also covers creating Trojan horses, backdoors, viruses, worms, denial of service (DoS) attacks, SQL injection, buffer overflow, session hijacking, and system hacking. You’ll discover how to hijack Web servers and Web applications. You’ll also find out how to scan and sniff networks, crack wireless encryption, and evade IDSs, firewalls, and honeypots.

Soft Skills: Hacking isn’t all technical. It also requires so-called soft skills, just as any other IT job does. You’ll need a strong work ethic, very good problem solving and communications skills, and the ability to stay motivated and dedicated.

Ethical hackers also need street smarts, people skills, and even some talent for manipulation, since at times they need to be able to persuade others to disclose credentials, restart or shut down systems, execute files, or otherwise knowingly or unknowingly help them achieve their ultimate goal. You’ll need to master this aspect of the job, which people in the business sometimes call “social engineering,” to become a well-rounded ethical hacker.

Conclusion

In today’s world, concern on Security is ever increasing and has also become the top priority.

Let’s all say ‘Hi’ to Ethical Hackers and ‘bye’ to all other hackers for the safety and security of the systems.

Author Details:

Biprajit Saha Assistant Vice President, IT Audit, ICC DivisionIFIC Bank LimitedAssociate Member, CTO Forum BangladeshEmail : [email protected]

Page 19: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013www.ctoforumbd.org 15

When hearing the term “data center”, many people probably imagine huge halls filled with long rows of racks full of servers. In reality, data centers come in several basic sizes that can fit any performance specification: small (several racks), mid-sized (rows of racks in one or more rooms) and really large (football field-sized rooms). However, a data center’s environment is very different from a standard office or industrial building, and therefore its construction is unique and purpose-driven. Based on the purpose of the data center, we can identify several types of data centers:

• Corporate data centers built by clients to serve their own needs;

• Housing data centers built to rent free space in either the room or in IT racks or free slots in the racks;

• Hosting data centers which rent out computing power of servers, disc space, etc.

The typical users of corporate data centers are banks, insurance companies, leasing companies, telecommunication operators, power and distribution companies, government institutions, the military, health care institutions, logistics and transportation companies and companies involved in multimedia productions and archiving.

Housing and hosting data centers are intended for clients – for example, service providers who rent a part of the area or computing power to third parties. These data centers have higher requirements when it comes to their physical infrastructure and operation. An independent data center is usually understood to be a facility with defined and rated physical infrastructure. Other key features include a power supply system, cooling system, transmission network infrastructure, environment parameter measuring and control and access monitoring. The goal is to create an environment that will house ICT equipment, such as servers, disc arrays, back-up equipment as well as active and passive network elements that will function throughout data center‘s entire lifespan. Under this scenario, the infrastructure would respond to changes and modifications in ICT technologies during operation and would adjust its own capacity to growing performance requirements, while staying energy efficient and green. Since the lifespan of modern data centers is about 15 to 20 years, the requirements and prerequisites mentioned above may only be met by adopting a modular design for data centers. A modular design may be described as a gradual, pre-defined and verified filling of a designated space by technologies in performance units (modules) using CFD modeling. A modular design’s infrastructure, secured during the first stage of a data center build-up, will help prevent down-time issues later on. The benefits of a modular design include lower investment costs (lower CAPEX), lower operating costs (lower OPEX) and significant savings throughout the life cycle of

INNO

VATI

ON

TRENDS IN BUILDING DATA CENTERS - 2014CONTEG Case Study

Page 20: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013 www.ctoforumbd.org16

the data center (lower TCO). Choosing a place to design and build a data center is very important, as this venue will require around-the-clock care given a data center‘s non-stop operation. Selecting a suitable location is often the first step in

ensuring the safety of a future data center. When designing any data center, many issues have to be considered. It is necessary to get information about the available power supply and data connectivity at a potential location. It is also important to consider the suitability of the location in regard to various safety risks and possible limitations, including floor load capacity, noise and exhaust emissions, layout, fire resistance and gradual construction requirements. There are professional companies and renowned manufacturers that assess the suitability of a location for building a data center. These companies give recommendations for building your facility according to industry standards, while keeping your goals in mind (i.e. future expansion, etc.). When picking a location for a „brick“ data center, for example, several basic principles must be followed. The location has to be geologically stable (no earthquakes, volcano eruptions, etc.). The climate must also be stable, and there should be no risk of flooding. When looking for a suitable location, one must take into account factors like whether the site is near aircraft landing corridors or if there is a high fire risk. If the potential location does not meet some of the requirements mentioned above, it is possible to opt for a „mobile concept“ instead of a “stone” data center. Mobile data centers are placed into specially manufactured modules (containers), which protect data against earthquakes, fire, vandalism and theft and are easily transferable in the event of an emergency (i.e. flood).

Although newly built data centers house more modern energy-saving IT equipment, which decrease the power consumption of each unit, the overall IT power consumption is growing globally. The logical consequence is that the heat-load density of each data center is also on the rise. With a growing need for more power and the availability of ICT equipment for data centers, ICT elements must be consolidated. This means replacing equipment with a low rate of utilization and high power consumption with more powerful equipment with lower power consumption and a higher rate of utilization. This is where the development of virtualization and cloud

solutions comes in. While the weight and input power of new ICT equipment is rising, the virtualization and utilization of servers significantly reduce the amount of equipment installed in a data center, making the data center more efficient. ICT equipment‘s power supply is more efficient with higher loads and can react to varying output power capacities.

All electric power consumed in a data center by IT equipment, management systems, lighting or cooling, will ultimately be transformed into heat. This means that as much as 15 kW of heat may be generated per 1 square meter of floor area. This is

Page 21: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013www.ctoforumbd.org 17

several times more than it was a couple of years ago. For that reason, cooling and heat transfer technology must be adapted.

The cooling units in particular must quickly and very precisely respond to fluctuations in the output power of modern ICT infrastructure and deliver the required amount of conditioned air exactly where it is needed. At the same time, the units must quickly remove exhausted hot air to prevent hot spots. From this perspective, the most suitable solution is to use modern inbetween-rack cooling units located in the rows with the data racks, called in-row or in-line cooling units. The close proximity will shorten the air path between the cooler and the server. That is why these in-row air-conditioning units are quickly replacing large perimeter cooling units (blowing air into the raised floor), which once dominated the market. Of course, the trend is to save energy, particularly when it comes to cooling. This results in using new technologies, such as EC motors, and modern arrangements, such as direct or indirect free cooling. Introducing modern technologies often involves the need to change the approach of a data center‘s operation. What we recommend is to raise the pre-set air temperature, a strict separation of cold and hot zones, and change the indoor temperature and humidity limits. Even small adjustments in this respect may lead to major energy savings.

In addition to new ICT equipment and cooling units, it is also necessary to adapt other non-IT infrastructure in a data center, including data racks, power supplies and standby power sources, and management and monitoring systems.

Data and telecommunications racks must be designed for the easy installation of all passive and active equipment and must be equipped with elements that support high-density cable management, power supply, and cooling systems. The important features of data racks are their load-carrying capacity (1500 kg), adaptability (easily replaceable components, including bottom and top plates and door and side panels) and modularity (the internal space that allows for maximum use of ICT equipment). Identical dimensions with in-row cooling units is a major advantage, as cooling units and the row of racks create a natural barrier to separate the air-conditioned air in the

front section and the hot exhaust in the rear section. For maximum efficiency and power savings, zone separation elements are frequently added to the racks and a data center‘s cooling system. Having a cold or hot aisle containment has become the norm in today’s data centers.

Last but not least, one must point out investors‘ growing efforts to reuse waste heat from data centers. Energy recuperation does not seem very efficient at the moment, but may later prove to be beneficial from an economic point of view in large-scale data centers. The use of heat waste to heat premises and utility water may in many cases bring about good results within a short period of time. To start this process, there must be prospective clients for this heat, and a data center owner needs to become a licensed energy distributor.

To conclude, society‘s growing dependence on information and IT technologies is leading to the design and implementation of a new generation of data centers with a keen focus on modularity, scalability, physical security and back-up technology systems. Modern data centers rely on efficient and professional solutions for all their systems. The functionality of a data center with a totally defunct cooling system would collapse within a matter of seconds. A data center with no backup power will also face serious risks of down time. In an event where temperature would increase above acceptable limits or the main power system fails, a data center will need sophisticated, well-designed and dimensioned solutions to get it through these types of crises. This is why design and implementation are key elements in modern data centers. A data center is housing your irreplaceable data and so it needs to be safe.

For more information visit at www.conteg.com.

Page 22: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013 www.ctoforumbd.org18

How reliable is your data center service provider? Perhaps not as reliable as you think.

The Uptime Institute says some data centers are playing fast and loose with its “tiering” system for rating data center reliability, making false claims or at best being economical with the truth about how resilient their facilities are.

The upshot, the Institute says, is that some companies may be running important applications in data centers that are more susceptible to failure than is advertised, and they may get a rude awakening the next time a hurricane strikes or a transformer blows out in the local power grid.

“At a time when more enterprises are moving at scale to an outsourcing option, the stakes couldn’t be higher,” said Julian Kudritzki, Uptime Institute’s chief operating officer, who along with a few data center operators is trying to raise awareness of the issue.

The Institute’s tiering system is only one way of indicating data center resiliency, but it has become well known in the industry. It gives four tiers of certification, with Tier III the most common type awarded. A Tier III data center has multiple delivery paths for power and cooling, and redundant critical components, so that downtime is minimized and maintenance can be performed without taking the computing services offline.

Customers can be misled in a variety of ways. Some data centers imply they’re Uptime certified when they’re not, while others advertise their Uptime “design” certification, which shows only that the plans for a facility met certain criteria. Vendors are expected to follow that up with a “constructed facility” certification to verify the data center was built to spec, but many never do.

Complicating matters is that Uptime’s “tier” language has become part of the industry vernacular. Some operators say they use it as a shorthand to convey a certain level of reliability, and that they’re not trying to intentionally mislead customers.

Not surprisingly, data centers that have made the investment to get certified don’t buy that argument.

“It’s a bit of sleight of hand,” said Chris Crosby, founder of Compass Datacenters.

Two of Compass’ data centers are Tier III constructed facilities, and Crosby wants the system better policed so that the credentials remain meaningful. In the long run, he argues, better policing is good for the rest of the industry, too. More and more customers are outsourcing their computer operations, and if enterprises start to think they can’t trust their service provider, the commercial data center industry as a whole will suffer, he says.

Users need to educate themselves about the various certifications and press commercial data centers to verify their credentials, Kudritzki said. “The counsel is buyers beware.”

Some data centers certainly appear to make questionable claims. Arsalon Technologies of Lenexa, Kansas, says on its website that its hosting facilities “comply with Uptime Institute data center standards.” A page headed “Data Center Certifications” refers several times to “tier III” standards.

In reality, Arsalon doesn’t have any certification from the Uptime Institute. The company didn’t return calls and emails seeking comment.

More common are data centers that advertise their tier “design” logo. It’s a real certificate, but it was introduced as a way to help data centers secure “anchor tenants” before a facility is built, Kudritzki said, not for marketing a data center once it’s operational. A lot can change in between: contractors cut corners, plans change and budgets get cut.

To be certified as a constructed facility, data centers go through extensive on-site testing by Uptime staff. But some data centers imply their design certificate is the only one customers need to care about. Recovery Point Systems of Gaithersburg, Maryland, for example, describes its design certificate as “the

INNO

VATI

ON Data Centers Play Fast and Loose with Reliability CredentialsThe Uptime Institute says some data centers are getting creative with their reliability claimsBy James Niccolai

Page 23: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013www.ctoforumbd.org 19

industry’s most coveted recognition.” Others use the tier language as a general shorthand for reliability.

“We’re a tier 3 on the electrical side, Tier 4 on mechanical, Tier 4 on communications and security, and we’ll go through several audits to determine physical security and data connectivity,” Don Phares, a contractor for Nebraska Colocation Centers, told the Journal Star newspaper last month about a data center he was building.

“Then once you get through everything, we’re a 2 enhanced almost to a 3,” he told the paper.

That type of language is Kudritzki’s worst nightmare, but Phares says he wasn’t trying to mislead anyone. In a telephone interview, he said that even some of his equipment vendors market their products as meeting certain tier requirements. Ken Moreano, president of Scott Data Center, said customers should be specific when they’re shopping for services. His company runs a Tier III constructed facility in Omaha, Nebraska, and he’s concerned at the number of RFPs (requests for proposals) he sees that don’t ask for any type of verification.

“Many RFPs provide the latitude for people to claim a tier level without an actual certification,” he said.

He doesn’t think all data centers that claim a tier level without certification are being “malicious,” but he says he’s seen facilities that fall far short of the level they claim to have achieved, “and I have to question their motives.”

Uptime Institute charges a fee for certification, and some data centers say they simply don’t want to pay it, but Moreano thinks those arguments are spurious. The fees are “very minor compared to the overall cost of these large-scale data centers,” he said. In some ways, Uptime Institute has created problems for itself. The design certification arguably opened the door to misuse. And the Institute has licensed its rating system to the Telecommunications Industry Association, which incorporated the tier language into its owndata center standards, known as TIA-942-A.

Uptime says the TIA has been misusing the tier language, and in June it wrote

the association a letter asking it to stop using it.

Kudritzki said the Institute generally doesn’t file lawsuits against data centers; its goal is to help the industry rather than cause it problems. But it has asked some facilities to make clear that they are not Uptime certified, with some success.

In the meantime, he said, customers should ensure they know what level of service they’re paying for. The Institute keeps an up-to-date list of the data centers that are design certified and construction certified on its website.

Author Info

James Niccolai covers data centers and general technology news for IDG News Service. Follow James on Twitter at @jniccolai. James’s e-mail address is [email protected]

Sourse:http://www.itworld.com/data-center/383531/data-centers-play-fast-and-loose-reliabil i ty-credentials?page=0,0

Page 24: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013 www.ctoforumbd.org20

For more than 40 years, NHTV Breda University in the Netherlands has been training students for management positions in such fields as hospitality, logistics, media and entertainment, tourism, and urban and rural planning. The university, which offers courses in both Dutch and English, is located on a five building campus in historic Breda, where more than 6,000 students from around the world come to learn the more practical aspects of their chosen fields through hands-on experience. To facilitate this process, the education department at NHTV wanted to offer students and its 500-member faculty a more flexible way to work and learn.

Objective

The goal was to provide students and employees with access to a variety of information resources, such as educational software and the Internet, regardless of where they are on campus and what kind of laptop or what version of Windows they use.

The university was interested in designing and deploying a wireless network that could be easily upgraded and modified in the future, and it needed to have the ability to deliver state-of-the-art security with robust authentication.

Solution

NHTV worked with Dutch integrator Vosko Networking, which recommended Juniper Networks® Wireless LAN Portfolio to meet the university’s needs. The Wireless LAN Portfolio consists of Juniper Networks WLC Series Wireless LAN Controllers, WLA Series Wireless LAN Access Points, and an operating system. Juniper stood out among wired and wireless network equipment providers with its ability to provide robust, secure wireless that could scale dramatically, yet still be easy to design and manage.

For wireless LAN planning, management, monitoring and performance optimization, NHTV used the Juniper Networks RingMaster Software suite. RingMaster Software automatically factors in wireless LAN capacity based on bandwidth requirements and RF coverage based on AutoCAD files of the building’s floor plan.

On the security front, the NHTV campus network utilizes IEEE 802.1X mutual authentication, which ensures that users are who they say they are when trying to connect to the wireless and that the wireless LAN is a legitimate network. NHTV uses RADIUS servers to support 802.1X, as well as to support user authorization and accounting.

Result

“It’s unique for the Netherlands that over 6,000 students and employees have full, secure wireless Internet and application access through their laptops at all NHTV campus locations,”

INNO

VATI

ONHow to Determine if Your Application is Suitable for the CloudBy John Humphreys

Page 25: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013www.ctoforumbd.org 21

says Ferry de Jong, head of the Information and Communications Technology Department at NHTV. Juniper Networks RingMaster Software facilitates easy network management, so the entire wireless LAN can be configured, monitored and controlled from a single location. NHTV’s more than 200 WLA Series Wireless LAN Access Points don’t require any configuration upfront; all intelligence is handled centrally by the WLC Series Wireless LAN Controllers. As a result, management of the network is completely centralized at the NHTV IT department.

This centralized management not only makes the wireless LAN simpler to manage, it makes the wireless LAN more secure, because a stolen or lost access point will not work without the intelligence provided by its WLC Series Wireless LAN Controllers. The WLC Series Controllers also contain backup configurations for specific fail-over scenarios.

NHTV particularly appreciates the design of the WLA Seriesaccess points, which can be installed on ceilings. Because WLA Series access points are designed to look like smoke detectors, physical security is greatly improved for this portion of the wireless infrastructure.

One of the unique characteristics of the university’s network is that virtual LANs (VLANs) are totally transparent and available throughout the complete i n f r a s t r u c t u r e . Students, educators and other users are divided into functional groups and after the authentication

and authorization process, users are automatically redirected to their own VLAN, where they can connect to their specific system resources, applications and peripherals.

With identity-based networking, users’ access policies, including VLAN assignments, authentication and encryption requirements, roaming policies and quality of service parameters follow them wherever they roam, regardless of whether they have a wired or wireless connection.

Wherever students or educators are located on the NHTV campus, Juniper recognizes them as authenticated users and delivers continuous service to them.

“The collaboration between our IT staff, our system integrator Vosko and Juniper Networks’ pre- and post support teams has been instrumental in a seamless and problem-free implementation and integration of our wireless network,” says de Jong.

For more information visit at www.juniper.net.

Page 26: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013 www.ctoforumbd.org22

As the cloud becomes more critical to IT departments and businesses worldwide, it can be difficult to gauge whether you have the right skills or knowledge in a competitive job market. If you’re looking for a way to get an extra edge -- whether you’re job hunting, angling for a promotion, or just want tangible, third-party proof of your skills -- cloud certification is a great option. Certifications measure your knowledge and skills against industry- and vendor-specific benchmarks to prove to employers that you have the right mix of cloud skills, knowledge, and expertise. Here 10 ten cloud computing certifications you should consider.

1. CCSK - Cloud Security AllianceWhat it’s all about: This is the mother of all cloud computing security certifications. The Certificate of Cloud Security Knowledge certification is vendor-neutral, and certifies competency in key cloud security areas. The test is based on the Cloud Security Alliance Security Guidance for Critical Areas of Focus in Cloud Computing V3, English

language version, and the ENISA report “Cloud Computing: Benefits, Risks and Recommendations for Information Security.”

How to prepare: The best way to prepare is to study the CSA Security Guidance for Critical Areas of Focus in Cloud Computing v3, and the ENISA report “Cloud Computing: Benefits, Risks, and Recommendations for Information Security.”

2. Cloud U - RackspaceWhat it’s all about: According to Rackspace, Cloud U is a vendor-neutral curriculum designed for IT professionals and business leaders that covers and certifies knowledge of the fundamentals of Cloud Computing. Cloud U content is available to any professional at any time, but if you want a formal recognition of your knowledge about Cloud Computing, you should complete the courses and requirements for a certificate.

How to prepare: Study each Cloud U lesson whitepaper, and then successfully complete each of 10 Cloud U lesson quizzes based on the whitepaper’s content. Successfully complete a 50-question final exam drawn from materials covered in the 10 Cloud U lessons.

3. CompTIA Cloud Essentials - Comp TIAWhat it’s all about: According to CompTIA, the Cloud Essentials Certification covers the basic fundamentals of cloud computing and shows that individuals understand cloud computing from both a business and a technical perspective. In addition, the certification covers migration to the cloud and governance of cloud computing environments.

How to prepare: CompTIA offers study and training materials, and -- while it’s not required -- CompTIA recommends that individuals taking the exam have at least six months experience working in an IT services environment.

INNO

VATI

ON TOP 10 CLOUD COMPUTING CERTIFICATIONSLooking for a way to benchmark your cloud computing knowledge and skills? Want an extra edge when looking for that cloud computing job? Get cloud computing certifiedBy Sharon Florentine

Page 27: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013www.ctoforumbd.org 23

4. Cloud Certified Professional - CloudSchool.com

What it’s all about: CloudSchool.com offers a number of vendor-neutral cloud certifications, each based on a one-day course module and aimed at competency in specific areas of cloud computing. There are certificates for Cloud Architects, Cloud Technology Professionals, Cloud Governance, and Cloud security, among others. How to prepare: Cloud School offers self-study kits as well as on-site and remote workshops and study sessions and instructor-led workshops to help prepare applicants for the exams.

5 & 6. IBM Certified Cloud Solution Architect v1 and v3 - IBM

What it’s all about: IBM has two cloud-specific certification: IBM Certified Solution Architect v1 and v3. These solutions architects will demonstrate the design, plan, architecture and management capabilities for IBM’s cloud computing infrastructure once they’ve completed the certification requirements. According to IBM, these certifications, “Provide a reliable, valid and fair method of assessing skills and knowledge; provide IBM a method of building and validating the skills of individuals and organizations; and to develop a loyal community of highly skilled certified professionals.”

How to prepare: You should have a working knowledge of cloud fundamentals and a basic knowledge of IBM cloud computing essentials. You will be required to take a test to confirm that knowledge for each version of the certification exam.

7. Google Certified Deployment Specialist - Google

What it’s all about: This is Google’s technical certification; the applications giant also has a Google Certified Sales Specialist. This certification covers the fundamental skills, knowledge and technical expertise required to deploy Google Apps for Business and Education, according to Google.

How to prepare: Google recommends gaining practical experience by participating in at least three Google Apps for Business deployments, and having at least 3 to 6 years of hands-on IT experience. You’ll also complete hands-on, online, self-paced training and, finally, take an exam.

8. Salesforce.com Certified Professional - Salesforce.com

What it’s all about: Salesforce.com offers several certification tracks, including Salesforce Administrator, Force.com Developer, Implementation Expert, and Architect.

How to prepare: According to Salesforce.com, the certification tests real-world knowledge as much as book learning, and each certification track offers a variety of ways to prepare for the exams. There are individualized programs available for everyone available on the company’s web site.

9. VMware Certified Professional - VMware

What it’s all about: The virtualization pioneer offers six cloud-specific certifications, from beginner to advanced. These tracks certify knowledge and expertise in a variety of cloud and virtualization-related technologies and methodologies.

Offerings include the VMware Certified Associate -- Cloud, VMware Certified Professional -- Cloud, and VMware Certified Advanced Professional, among others.

How to prepare: Study and preparation materials are available through VMware, and real-world experience with cloud and virtualization are also highly recommended.

10. Red Hat Certificate of Expertise in Infrastructure-as-a-Service - Red Hat

What it’s all about: This is one of the newest cloud certifications available. The Red Hat Certificate measures professionals’ ability to design, build, deploy and manage private clouds based on the Red Hat Enterprise Linux OpenStack platform.

How to prepare: Red Hat says the best way to prepare for the exam is hands-on, real-world experience. The exam is also a live, real- world test of skills and competency, requiring candidates to perform tasks on a live system.

Source: http://www.itworld.com/slideshow/129914/top-10-cloud-computing-certifications-383943

Page 28: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013 www.ctoforumbd.org24

Electronic Document Management: A New Hub for Document ParadigmBy Tasnuva Ayesha HaqueIN

NOVA

TION

Legal records, invoices, product plans, strategy articles or even just records of meetings or casual brainstorming sessions, in daily business we generate these kind documents. Whichever industry you are in, these have value to somebody somewhere in your organization.

But as years go by, you grow, so does your organization. Which means, your virtual sea of documents too expand - exponentially! Once upon a time, this ocean was limited to paper documents then computer files and printed documents, but these days we must also keep track of the information we email, broadcast, publish online, collaborate on, compare, and present — as well as the related content that others send us. So all in all it is an ever growing list. Additionally there are regulatory measures that make it an obligation for organizations to produce more documents and track them more methodically. Considering this as a whole, the entire paradigm of created and related content acts as your organizations knowledge base. Yet when as an employee we create and collect documents, we miss the opportunity to take advantage of this knowledge. Not only do these documents contain information we all can reuse, we can also study them to understand past organizational decisions and parse them to produce metrics on organizational goals and efficiencies.

Let’s face it, a discussion about documents or document management is not a topic you would choose to be the life of the party at a social gathering. However, understanding document management can have a major impact for you and your organization. Effective document management is becoming an increasing priority for large companies as well as for smaller ones. While there are free tools that can help you increase your document management efficiency, you need more refined and secure document-management platforms.

But without a document management system in place, that value can easily be lost, especially as companies grow. An IDC study estimates that an enterprise with 1,000 workers wastes between $2.5 and $3.5 million a year searching for and failing to find important

documents. Moreover a recent study by the Ponemon Institute - the pre-eminent research center dedicated to privacy, data protection and information security policy revealed that data breaches cost organizations an average of $5.4 million per incident

Basics of Document ManagementDocument Management is the use of a computer system and software to store, manage and track electronic documents and electronic images of paper based information captured through the use of a document scanner. Document management technology helps organizations better manage the creation, revision, approval, and consumption of electronic documents. It provides key features such as portal services, document classification, document categorization, searching, multiple levels of document security and most importantly keep a track of who is accessing which document.

However, you must understand that bringing in a document management system in place does not mean that you have conquered the battle. It’s never enough to manage content. Of course, the ability to access the correct version of a document is important, but you must go further - Content in the documents must be managed so that it is used to achieve business goals that is the system in place and also be able to manage the complete lifecycle of a document - birth to death. The document m a n a g e m e n t system that you use must be able to tie all documents together.

The documents within the system could be indexed by key factors such as department,

Page 29: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013www.ctoforumbd.org 25

date, unique id number or any other concept that makes it relevant to the business and operations of your organization. This gives you the ability to search and retrieve documents based upon different criterion. With a document management system, the documents are immediately retrieved for the person looking for information. This not only makes you more productive for that one task, it shifts the focus from the document retrieval to starting off with the task right away.

With the concept of document management comes along the concepts of document capture and indexing. Document capture of paper documents is the process of scanning a document so that it becomes a digital document. But document capture is not just the process of scanning paper documents it also takes into account electronic documents.

Always remember that the power of a document management system is the ability to tie all your documents together. The electronic documents are just as important as the paper files, maybe even more important in many instances. Then comes document indexing which is the process of associating or tagging documents with different search terms. The point is that indexing is a path to the documents and that path is based upon your business and your staff.

Planning the placement of Document ManagementTo ensure that a document management system is deployed effectively in your organization, it is important to plan and have a strategy against which developments and usage can be compared.

Step 1 – Set priorities. For setting up a good system it is mandatory that you know what types of documents your organization creates, what data to make available about each document, where to store documents at each stage of the life cycle, who needs to have access to the documents, how they are handled in the organization and what the legal, regulatory and organization requirements are for record-keeping.

Step 2 - Plan your system based on your priorities. Decide on how you and your organization want to organize the documents, how information will be shared and moved between parts of the organization, which documents should be preserved and which can be trashed and how to control access to documents that should not be shared with everyone or anyone.

At this stage it is importantly that you understand that you will need to create and develop a holistic strategy for adapting a document management system. Because if a department within your organization intends to be an early adopter of the technology you must ensure that the department does not later dominate proceedings and that the views of the whole organization are represented from the beginning, providing for a document management solution that other departments can join successfully later, eventually enabling the whole organization to benefit from investment in the document management system.

Step 3 - Talk to the people who actually deal with the documents. Find out if what you have in mind will work for them. If they have objections, decide if the objections are reasonable or just a lack of interest in change. If they see valid problems, find a way to fix them.

Budgeting for Document ManagementJustifying the cost of a document management system requires an understanding of both financial and nonfinancial benefits. For you to start off, you can consider all the cost components of a system and develop a realistic budget.

Step 1 - Evaluate the start-up costs of converting old documents to electronic form. Decide on how many documents you want to capture into the system. Decide on whether it will be in house or outsourced. If it is in house, in addition to any new computer and scanning equipment you might need, scanning old documents into electronic form will take time and manpower. If you do not intend to take the task on

Page 30: Cto magazine volume2 issue1

INNO

VATIO

N

October - December 2013 www.ctoforumbd.org26

your own there are a number of companies offering such services under the name of BPO services.

Step 2 - Price the labor hours involved in handling material in hard copy. The upfront

costs are steeper when converting paper files to the computer, but searching, sorting and analyzing documents manually costs more in labor than doing the same tasks on the computer. Additionally, account for training costs of your employees for the document management system and research the maintenance costs.

Step 3 - Put together a budget that covers both the start-up costs and operating expenses. In the budget segment in two sections – one for initial costs and the other for recurring costs. If you have a budget limit and exceed it, see if there are places you can cut costs without sacrificing function.

Emerging trends in Document ManagementWith a document management system in place you have a more secure and efficient environment to store and retrieve your documents. Along with your escape from the perils of paper based system you can manage a huge volume of document seamlessly and also collaborate throughout your organization effectively. All of these factors together have contributed to making document management one of the fastest developing management systems of the decade. The newest turns of the system are marked by:

Document management on the cloud – This has additional advantages to the field of document management. It provides an easily accessible resource and repository for both documents and related software and it also is helpful in being cost effective. It provides ease of access and reduced maintenance efforts. Cloud environment is among the most researched areas in the current days and we can definitely expect to see huge improvements in this

area which signifies that document management through the cloud would only be more and more visible.

Mobile device integration – this is inevitable because every technology is going mobile these days and everyone has access to them. Mobile devices are being used more frequently for business communication purposes and there has been a

huge leap in the amount of business documents being stored and transferred through and on mobile devices. From mobile capture to managing the documents on the mobile we are seeing that the trend is being set on this note.

This article has described the basic know how about document management and highlighted the need for a coherent strategy if an organization is to obtain the optimum benefits from investment in a document management solution.

Many a times we see examples where this has not been the case, and difficult projects ensue to integrate existing disparate document management solutions throughout an organization into a coherent whole.

Author Details:

Tasnuva Ayesha Haque Pre – Sales ConsultantElectronic Content ManagementTech One Global

Page 31: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013www.ctoforumbd.org 27

LEAD

ERSH

IP

“The difficulty lies not so much in developing new ideas as in escaping from old ones.”

Our common and traditional approach to leadership hasn’t significantly evolved since the dawn of the industrial age. When it comes to managing people in a work environment, we’ve always treated workers like any other input: squeezing as much as possible out of them and pay them as little as possible.

This idea was introduced nearly a century ago when the expansion of the US economy largely was based on industrial machinery. Workers were required to perform relatively unchallenging tasks and were easily replaceable. Companies motivated workers primarily with money, paying by the piece to reward those who produced the most widgets.

But as we fast forward to today’s business world shaped by rapidly evolving technology and the far greater importance of institutional knowledge, creative thinking and sophisticated collaboration, the value of each employee has grown exponentially. Companies are focusing on innovation and unique differentiation – and almost exclusively are looking at people, not machines, to provide it.

As workers have become increasingly more critical to the overall success of their organizations, what they need and expect in exchange for their work also has profoundly changed. Money no longer inspires performance as it once did. Being paid equitably will always be important as a driver of job engagement and productivity, of course, but people across the globe now have aspirations in their jobs that were virtually unimaginable in an earlier age.

Extensive research confirms that people want to grow and develop in the roles. They want to feel valued and appreciated by their leaders, and to know their work has significance. And, just as Abraham Maslow predicted 70 years ago, they seek to feel fulfilled and even maximized by the work they do.

That leadership practices have remained essentially unchanged through this evolution – and have failed to fully respond to the 21st Century workplace – has much to do with a deeply entrenched status quo. Many organizations, along with their long-in-the-tooth leaders, have failed to embrace workers as being their most important stakeholder. Instead, they cling to the threadbare paradigm that employees are a costly input, rather than human beings who associate their life’s happiness with their contentment at work. Thus far, they’ve failed to see that more fully supported workers are more loyal, productive and drive an expanded bottom-line.

But, I believe the stars are now perfectly aligned to force a massive change in how we collectively seek to motivate human performance in the workplace. Here are three important reasons why leadership is about to be greatly transformed, why the change will be long sustained – and what key practices will define the highly successful manager for the foreseeable future. The one hint I’ll give you now is that future leaders in all workplaces will be required not just to have strong minds, but also generous and caring hearts. I’m dead serious.

Why Workplace Leadership is About to Get its First Major Makeover in 100 YearsBy Mark C. Crowley

Page 32: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013 www.ctoforumbd.org28

Traditional Leadership Practices Are Failing And Businesses Are Paying The Price

I recently interviewed Dr. Jim Harter, Gallup’s Director of Research, and learned

that only 30% of US workers today admit to being engaged in their jobs. In their “State of the American Workplace” report released early this month, Gallup reveals that the main reason an astounding 7-in-10 workers are disengaged at work is because they’re not getting proper support from their leaders.

For an article I wrote for Fast Company Magazine, Harter explained the gap: “Workplaces in general have paid a lot of attention to process and far less to people. Too often employees are given managerial roles tied to success in a previous role, or as a reward for their tenure. It’s unrelated to whether they can effectively support and positively manage human beings.”

What Harter’s 27 years of research experience has taught him is that people will continue to be unhappy in their jobs (and therefore greatly underperforming) just as long as their leaders fail to be their advocates. For things to change, therefore, organizations must start promoting people into management roles who have a stronger inclination to mentor and care about their employees rather than compete against them.

According to a worldwide study by Towers Watson, the single highest driver of engagement today is whether or not workers feel their managers are

genuinely interested in their well-being. Less than 40% of workers now feel that support.

As further evidence that our leadership practices have the effect of undermining rather than driving productivity, the Conference Board reports that 53% of all US workers today effectively hate their jobs.

The Next Generation Of Workers Demands A Far More Nurturing Form Of Leadership

If we’ve reached a tipping point in workplace leadership (which I believe we have), it’s because a new generation of workers has arrived on the scene that simply won’t tolerate a work environment that fails to support them and their needs. Said another way, organizations will be unable to attract and retain this young talent if they don’t adopt far more authentically supportive management practices. (Inevitably, this will be good news for all workers, regardless of their age).

If you don’t know already, the Millennials (born 1980-2003) are the largest generation in US history. Totaling 17 million more people than the Baby Boomers (the last pig in society’s python), this group is just coming of age. Their impact on influencing major changes to workplace leadership is just being felt – and it only will get stronger in ensuing decades as they grow older and inevitably assume senior manager and, ultimately, CEO roles.

While derided by some (Boomers mostly) as an unambitious, video-game playing generation still living in their parent’s homes, Millennials are the best educated age group ever. And, collectively, they have very different values than their predecessors. They’re highly self-confident, very concerned about the well-being of others and group oriented. It might surprise you that they’re also extremely generous group; a spirit of service permeates the entire generation.

But here’s what’s most important. To these young workers, money is far less important. Instead, they have a strong desire to find meaning through their work. In a recent study, 88% of Millennials rated “opportunity to have an impact on the world” important when choosing an employer. These incredibly high aspirations will ensure workplace leadership practices are fully reinvented.

Page 33: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013www.ctoforumbd.org 29

Organizations That Don’t Change Will Be At A Great Competitive Disadvantage

In just the past few months, I’ve visited companies like Google (where the median age of employees is just 29) and SAS – organizations routinely ranked by the Great Place To Work Institute (and Fortune Magazine) as America’s “Best Companies To Work For.’’

There are two important things you need to know about firms like these which place extremely high value on people:

They’re helping to reinvent leadership. What these companies have in common is that they give employees a meaningful voice in how the business gets run. They place great value on trust – so much so that people have discretion on when they begin and end their workdays, and when they take their breaks. They’re also uncommonly generous, and provide perks and benefits many traditional CFOs would reject as being blatant profit killers. Workers are encouraged to contribute to projects outside of the scope of their normal roles (partly to ensure they have some variety in their day) – and are routinely made to know how their work and efforts contribute to the success of the firm.

They have high engagement, very low turnover, and consistently outperform competitors in financial performance and shareholder return. Several recent studies have shown that companies where employees are happiest and better supported consistently achieve significantly higher profits. SAS, for example, has had 37 consecutive years of record profitability, and Google’s stock price has appreciated nearly 700% over the past 8 ½ years (since its IPO) compared to just 51% for the Dow Jones average. What all firms on the “Best Companies To Work For List” are proving is that highly supported human beings are more loyal, more creative, and sustainably drive far greater financial results. This exceptional and broad success will force competitors to adopt similar leadership practices; shareholders will demand it.

The Future of Workplace Leadership

Workplace leadership is failing today largely because it has yet to acknowledge the importance of “emotional currency™” – a form of reward that makes people feel important, supported, valued, developed and appreciated. In fact, science now has proved that it’s our feelings and emotions that determine our level of engagement in life, what motivates us, and what we care most about.

Where once the idea of appealing to the hearts in workers was seen as heresy, we’ve come to understand that it’s always been essential. The greatest advice I can give you is this: “When you lead from the heart, people will follow.”

Consultant and speaker, Mark C. Crowley, is the author of Lead From The Heart: Transformational Leadership For The 21st Century. His work has been published by Reuters, LinkedIn and the Huffington Post; he’s also a frequent contributor to Fast Company Magazine. Connect with Mark at his website, www.markccrowley.com,

Source: http://www.greatplacetowork.com/blog-carnival-entries/2019-leadership-makeover

Page 34: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013 www.ctoforumbd.org30

I talk to pastors and leaders my age and older who want to see a new generation of leaders but either don’t know how or can’t seem to find them. Frankly, some pastors I talk with are frustrated with what they see as a lack of leadership among the newer generations.

I’m frequently asked how we have managed to find so many talented young leaders at Grace Community Church. Much of the work God has done among us has been done through the leadership efforts of people 10, 15, and 20 years younger than me. I’m not the oldest guy on staff anymore, but I’m definitely outside the mode, mean, or median average.

7 Ways to Raise Up Young LeadersBy Ron Edmondson

LEAD

ERSH

IP

1. Give them opportunities

That sounds simple, but it’s not. Many leaders are afraid to hand off real responsibility to leaders half their age. I understand because I made some huge mistakes as a young leader, but at the same time, that’s how I learned. Younger leaders want authority and a seat at

the table now, not when they reach an expected age. Is it risky? Of course, but it has the potential for awesomeness to occur.

2. Share experiencesYoung leaders are open to learning from a mature leader’s successes and failures. They enjoy hearing stories of what worked and what didn’t. That’s actually one of the beauties of the newer generations. The young leaders on my team actually seek out my personal experience. They will still want the chance to learn on their own, but they are ready to glean from the wisdom of those who have gone before them, especially in the context of relationships.

3. Allow for failure

People of all ages will make mistakes in leadership, regardless of their years of experience. For some reason, that seems magnified for the younger leaders, which is one reason older leaders sometimes shy away from them. An atmosphere that embraces failure as a part of the growth process invites younger leaders to take chances, risking failure and exploring possible genius discoveries.

HERE ARE 7 WAYS TO RISE UP YOUNG LEADERS

Page 35: Cto magazine volume2 issue1

October - December 2013www.ctoforumbd.org 31

4. Be open to changeMore than likely, younger leaders will do things differently than the older leaders did things. They want more flexible hours, different work environments, and opportunities to work as a team. It may seem unnatural at first, but let their process take shape, and you’ll have a better chance of leadership development occurring.

5. Set high expectationsHaving different working methods shouldn’t lower standards or quality expectations. The good thing is the younger leaders, from my experience, aren’t looking for a free ride, just a seat on the bus. Hold them accountable to clearly identified goals and objectives. Applaud them for good work and challenge them to continually improve. It’s part of their growth process.

6. Provide encouragement

Younger leaders need feedback. They seem to want to know how they are doing far more often than the annual review system of the past afforded. They are looking to meet the approval of senior leadership and the organization. Keep them encouraged and they’ll keep aiming higher.

7. Give constructive feedbackAgain, younger leaders appear more interested in knowing they are meeting the expectations of senior leadership, so acknowledge that fact by helping them learn as they grow. Don’t simply share “good” or “bad” feedback. Rather, with the goal of helping them grow as leaders, give them concrete and constructive reviews of their performance. Help them understand not only what they did right or wrong, but practical ways they can get better in their work and leadership abilities.

Raising up younger leaders is crucial to growing and maintaining healthy organizations and churches. We must be intentional and diligent about investing in the next generation, understanding their differences, and working within their culture to grow new leaders.

Young leaders, what did I miss?

Mature leaders, what else are you doing?

Mature leaders, what else are you doing?

Source: http://www.churchleaders.com/pastors/pastor-how-to/160295-ron_edmondson_7_ways_to_raise_up_young_leaders.html?p=2

LEAD

ERSH

IP

Page 36: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013 www.ctoforumbd.org32

Challenges of Effective Communication in an ESL WorkplaceBy Lisa Carlson, Demand Media

Effective communication can be difficult in the workplace. Each person has nuances, intonations and facial expressions that can influence the way a message comes across. Adding on the challenges of effective communication in an ESL workplace makes it even more important to ensure verbal and written messages are delivered effectively and accurately.

FearWorkers who use English as their second language can have a fear of mispronunciation or misinterpretation of their communications by their American counterparts. If an employee feels he or she will be judged or made fun of for not using grammatically correct English, or if he or she will be reprimanded for less-than-perfect written reports, there may be a breakdown in communication. To be able to effectively work on improving English skills, the ESL worker should feel comfortable in her work environment and not be afraid of making a mistake in front of co-workers.

TimeLearning any language can be a lengthy process. The Center for Adult English Language Acquisition estimates that it can take five to eight years for a person to learn a second language on par with native speakers. Oftentimes employers are unrealistic about their expectations of ESL workers to get up to speed.

SupportIf an ESL employee is surrounded by empathetic co-workers who help the employee through her communication difficulties, it can increase the chances of effective communication. But if an ESL employee feels she is in an unsupportive work environment, she may shut down emotionally and begin to look for other job opportunities. Having a diverse group of employees is important, yet providing a sense of connection to employees through an informal work “family” is also very important, especially with the ESL workers. If the

employee doesn’t feel like anyone understands her, she can start feeling lost.

Limited OpportunitiesIf there are no opportunities to improve English skills, the ESL worker can become stagnant in hercommunication skills. It’s important to provide opportunities for communication improvement, such as workshops or an ESL coach. One-on-one training can be very effective as well, where the employee can work on improving her communication skills without worrying about making mistakes in front of superiors or co-workers

Unrealistic StandardsAny job can be stressful, but placing unrealistic standards for perfection on ESL workers can compound the stress further. If an employer demands perfect grammar on a report, for example, this may be an unrealistic expectation on the ESL employee and can make things worse, unnecessarily adding more anxiety to an already stressed worker.

About the Author

Lisa Carlson works as an associate director of recruitment and graduate programs at a public university, and has experience in management, marketing, personal finance and nonprofit organizations. She is a peer-reviewed author on publications for higher education recruiting and holds a B.S. in marketing and a M.B.A.

Source: http://work.chron.com/challenges-effective-communication-esl-workplace-1163.html

LEAD

ERSH

IP

Page 37: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013www.ctoforumbd.org 33

LEAD

ERSH

IP

Today, organizations globally are seeking to integrate the information present in disparate silos to streamline its flow between all business functions. Simultaneously, they are looking to mitigate the risks arising out of sporadic business process re-engineering efforts, high costs and legacy system limitations. The need is for a real-time system, which provides instant data availability and traceability, while leveraging a centralized database.

Forbes, in the article “2013 ERP Market Share Update”, says that the worldwide Enterprise Resource Planning (ERP) software market in 2012 stood at $24.5 bn. On the one hand, global organizations are embracing Software-as-a-Service (SaaS) ERP, which according to a study by Research and Markets, will grow 13.93 percent annually from 2012 to 2016; on the other, on-premise ERP has strong supporters who place control on information, customization capabilities and ownership of the solution, high on their priority list.

In either case, businesses that are looking at a fully integrated enterprise business solution that is fast to implement, easy to configure and simple to use will find that Microsoft Dynamics meets the requisite checkpoints and Thakral One’s capabilities around ERP surpass market standards.

THAKRAL ONE AND MICROSOFT

Thakral One and the parent company, Thakral Group, have been partners with Microsoft for over 10 years. The long-standing and successful partnership extends across Sri Lanka, Bangladesh, Nepal, the Philippines, Vietnam and Cambodia. Few of the recognitions received in 2012 include Microsoft Silver Certified Partner (Enterprise Resource Planning) for Sri Lanka, Microsoft Partner Network

Gold: Portals and Collaboration for The Philippines and Certification of Excellence for Cambodia.

Thakral One has built a strong Microsoft center of excellence with core teams around Microsoft SharePoint, Microsoft Dynamics and Infrastructure Services consisting of sales, technical, functional, implementation and support expertise. The

company is continuously building capabilities around Cloud, Business Productivity, Core

Infrastructure and Business Analytics. The company is also focused on

offering services surrounding Active Directory and Microsoft Exchange to its client base.

A key reason for Thakral One’s success is the vast and

versatile global partnerships and strategic alliances with leading Independent Software

Vendors (ISVs) and System Integrators (SIs). This ensures

that clients consistently receive the latest and best of breed solutions and

technologies from around the world. Few of these solutions include records and document management, workflow applications development, business process solutions, contracts lifecycle management solutions and HR management.

Behind all this stands a fine and committed team of professionals. 85 Microsoft certifications awarded to Thakral One employees around the world is testimony to their technical capability.

HOW BUSINESSES ARE DEPLOYING MICROSOFT® DYNAMICS®

Thakral One has a growing repository of industry-specific functionalities and best practices, which its customers have been able to leverage to bring in greater accountability and increased productivity in their business environment.

Integrating and Leveraging the Optimal ERPBy Rishi Kumar Singh, AVP-Infrastructure Solutions, Thakral One

Page 38: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013 www.ctoforumbd.org34

Thakral One’s Microsoft Dynamics business has several success stories to its name which include Paradise Toys, Damro, ACL Cable, Rockland Distilleries, among others. A case in point is real-time retail management solution implemented

for a large furniture manufacturer. The manufacturer wanted to enable sharing of real-time data among showrooms and reduce the number of systems in each. The large number of systems was hindering access to real-time information on inventory, finance and sales. Thakral One implemented Microsoft Dynamics NAV with LS Retail as an add-on solution, in the client’s Head Office, 2 warehouses & 3 showrooms. The complete, seamless ERP solution included in-store management, replenishment, stock ledger reporting, financial accounting and Point-of-Sale (POS) modules.

Success Story: A Leading Toy Manufacturer Leverages ERP for Consolidating IT Infrastructure

When a leading toy manufacturer based in Sri Lanka figured out that their IT infrastructure needed a major overhaul to overcome its integration and process complexities, they approached Thakral One to help them implement and manage the new Enterprise Resource Planning (ERP) solution.

The CEO shared that the biggest challenge for them “…was the implementation and customization of the Manufacturing Module. The module and our complex production processes needed to be integrated seamlessly with functions like Finance and Exports, among others. Thakral One team mastered this task in a sophisticated manner.”

Thakral One helped overcome the limitations of the existing software in handling business processes as well as the delay in preparation of financial statements owing to the absence of a real-time MIS. Thakral One also helped implement customized processes for the supply

chain along with the standard features of Microsoft Dynamics NAV, enabling the manufacturer to consolidate its existing infrastructure into a single system.

Thakral One aims to bridge the gap between business and information technology by ensuring that its offerings are customized and the applications are well adapted to the needs and realities of emerging Asian markets. Backed by the multi-billion dollar Thakral Group, Thakral One draws on its pan-Asian presence and a specialized pool of skill-sets to offer robust IT infrastructure solutions and services, carefully selected enterprise applications and reliable long-term managed support to its clients. Thakral One specializes in partnering end-to-end with its customers - from Enabling business IT strategy and roadmap, Optimizing existing and future IT infrastructure investments and processes and, offering continuous, localized Support.

Thakral One is present in Singapore, Hong Kong, China, India, Malaysia, Philippines, Vietnam, Cambodia, Nepal, Bangladesh, Sri Lanka, UAE, Bhutan and Afghanistan To know more about Thakral One, please visit www.thakralone.com .

Source:

h t t p : / / w w w . f o r b e s . c o m / s i t e s /louiscolumbus/2013/05/12/2013-erp-market-share-update-sap-solidifies-market-leadership/

http://it.toolbox.com/blogs/inside-erp/global-erp-market-embraces-saas-57000

Page 39: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013www.ctoforumbd.org 35

LEAD

ERSH

IP

Technology Prediction & Technologies to Lead 2014By Tapan Kanti Sarkar

The happenings of last years belong to last years event. And next years happenings and innovations await another voice. Naturally to make a revaluation in industry is to make a beginning of new innovation. And new invention and introduction need execution and acceptance.

Industry need to keep the spirits and determination unshaken and shall always walk the glory road. With courage, faith and efforts industry shall conquer everything desire for the development and positive growth in ICT.

The year may have 12 month of equivalent length but every month is not created equal. Beginning the year with a purpose and a plan increases your chances of success.

There are lot of innovations and smarter technology has announced and introduced in globally and locally to lead the year 2014. The best year for affordable and portable device and other smarter device and service solution is 2013 and 2014 will be even better. Or not, depending on whom you ask.

Prognosticators and crystal-ball gazers say big data will remain sexy; the mobile revolution will push further on; and more startups will rely on crowdfunding as venture capital firms steer further away from seed investments. Here i tried to accumulate most talked and discussed technology and devices which is going to lead the year.

Key Themes for 2014 - Contextual Computing, Next Phase of Post-PC Era, 3D Printing and Wearable computingYear 2014 should be an interesting one for business tech as multiple tectonic plates are shifting all at once and refiguring industry leadership. Here is a look at the key themes for 2014 around the world:

1) We are in Post PC Era: To me one of the biggest themes will be the fate of Windows 8.1. The time for excuses is over, the hardware has improved from the ecosystem and the Windows systems are priced well. The big question: Will people buy Windows machines? If not, what does that mean for the future Microsoft franchises such as Office? We shall know how this one turned out early in 2014 when tech giants start reporting their results. A few reasons why Windows worries are warranted:

• Chrome books have sold pretty well.

• Apple’s Mac franchise is holding steady.

• There is a good chance to see PC makers diversify their OS options. We may even see some Android running PCs.

A few other trends worth noting:

• 3D Printing goes Mainstream (in the supply chain): A lot of the coverage around 3D printing will revolve around consumer

applications. The real revolution is already about to happen and that will be in the supply chain in 2014. As 3D printing bolsters the supply chain and creates parts on demand there could be a manufacturing renaissance ahead. We shall all be makers.

• Big Data goes Production: Big data may sound like so 2012, but the real enterprise applications are on deck in 2014. Those pilots have not gone production and every company knows that data is the primary asset they have.

• Enterprise Software Companies make the cloud turn. Adobe’s transition from licensing and maintenance to the Creative Cloud was instructive. It will also be copied by every other software company that did not start out. The

Page 40: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013 www.ctoforumbd.org36

year ahead may bring a shakeout among those tech players merely cloud washing.

2) China’s Increasing Footprint, Local Players to Battle Global Leaders: It became the world’s largest Bit coin

trading platform amid the buying frenzy that took the global market by storm in 2013, and it is expected to bypass the U.S. to become the world’s biggest e-commerce market by the turn of the new year. China will likely continue its upward climb in 2014, with local players such as Huawei, Xiaomi, and Alibaba leading the way. Chinese market offers so much growth potential that it got the likes of Apple and Samsung in 2013 to issue rare public apologies for less-than-adequate product repair policies and quality issues.

Huawei, for one, has its eyes on expansion in Europe where it has committed a US$2 billion investment to grow its footprint across the region, following a government over spying allegations. And Chinese smartphone maker, Xiaomi, may be a relatively young market player - making its debut in April 2010 - but it is currently valued at US$10 billion and is making. It is now planning a Singapore office to serve as its Southeast Asian hub, and expects to double its sales to 15 million units in 2013 from 7.19 million in 2012. It will be interesting to see how global market leaders such as Cisco Systems, Apple, and Samsung are planning to fan off the Chinese onslaught in 2014.

China, however, faces several key challenges. It has strong detractors who remain sceptical of its ability to innovate without plagiarizing, while others still have concerns over spying allegations against the Chinese - although Snowden diffused some of this by proving the accusers were guilty of spying themselves.

2014 may also mark the year big data will finally take off. There is still much untapped potential in the Internet of Things and machine-to-machine (M2M) communications. If predictions about wearable technologies going mainstream do actually materialize, these will further fuel the need for M2M and big data to integrate the various services and provide the information businesses will need to better understand customer requirements.

3) Fragmentation in Mobile: Should Windows Phone continue gaining market share, app developers will have to start giving the platform the time of day, while at the same time, a group of upstarts in the guise of Firefox OS, Jolla, and

Samsung with Tizen will be looking to steal market share from the lower end of the mobile market.

Valve’s Steam Machines - not only because it has the opportunity to overturn the PC gaming industry, but also because it is the first reason in a long time that many developers have had to take a second look at building for Linux-based platforms. Gaming was one of the reasons why Microsoft got into the household, and it could be one of the reasons why it disappears from it too.

4) Wearable Devices Become Mainstream: Whether we Like it or Not: Everybody got a smartphone, tablet prices are crashing and the biggest consumer tech companies are trying to figure out what they can make next to keep the profit rolling in. As such, we are going to see through 2014 renewed attempts to make wearable technologies – glasses, watches and others – into desirable and useful consumer devices. The devices we have seen so far are at best intriguing but flawed; marred by limited capabilities, clunky designs and poor battery life. And they’re being anxiously pushed by hardware manufacturers on a mostly underwhelmed public. But they hold promise – whether that is in health monitoring or just allowing us to check messages without digging out a smartphone. So next year will see better versions of these devices and maybe – just maybe - if Apple has not thought better of the whole thing, the arrival of the iWatch. If anyone can make smartwatches a success (and many, many have tried and failed) and start the age of wearables, it is likely to be Apple.

5) All Change in Telecoms: 2013 has not been short of big name companies buying and selling communications companies: E-Plus in Germany, Virgin Media in the UK and O2 in the Czech Republic were among those to find new owners this year. It is unlikely to be the end of such shenanigans: EE in the UK and KPN in the Netherlands should be finding new homes in 2014, while former bedfellows Vodafone and AT&T have both made no secret of seeking acquisitions in the continent.

On the network side, if 2013 was the year LTE

Page 41: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013www.ctoforumbd.org 37

became mainstream, 2014 could be the year of its successor, LTE-A after trials kicked off in France, Germany, and the UK. And if 2013 was marked by the end of Nokia’s handset business, 2014 should see the growing maturity of Europe’s new breed of mobile upstarts not afraid to do things differently.

6) The Rise of Contextual Computing: Our technology knows more about us than we can possibly imagine. In some cases, it even knows things about us that we barely understand about yourself, which scares some people and is going to raise more red flags than ever during 2014. Nevertheless, contextual computing can be shockingly useful and efficient, and that is what is going to make more and more people tacitly opt in to it over the coming year.

The general idea with contextual computing is that our tech tools triangulate data about us from our various digital services, our location and our history of usage activity. Then, it serves us information tailored to us just when we need it, or sometimes even before we know that we need it.

The flag for contextual computing was carried by Google Now in 2013. I wrote about it several times this year, even calling it one of Android’s two “killer innovations” of the year. It was the first consumer-

facing app that showed us the power of Big Data on a large scale. Look for a lot more products and services to experiment with contextual computing in useful and scary ways in 2014.

7) Others to Mention

Health and Fitness Monitoring Devices

this a big promise with this to make people feel healthier and these technologies are there to try to push people along. By this technology ware they monitor how many calories you’ve consumed, track your sleep or your blood alcohol level, it’s all valuable information!

3-D Printing

You can print all different types of objects with these things now. You can print ceramics. You can actually make cups and plates and saucers.” “3-D printers are cool, but I am just not sure there are enough uses for them yet to justify having one in the phone. When they can print dinner, then I’m in!”

Microsoft, Apple, and Google

There will be high-profile departures and murmurings of dissent as the new chief executive digs in. Consumers will continue to ignore Windows 8. The coming death of Windows XP (in corporate terms) in April will prompt first-quarter commercial PC sales, but see a lull afterwards. Windows Phone will make gains at the low end, but be unable to dislodge Android or iOS at the high end.

Apple TV

It won’t release a TV – the same TV it hasn’t released for years. It might update the Apple TV set-top box to do more (add an App Store?), but that’s been a “safely wrong” prediction for years too.

Curtsey: TechWorld Bangladesh

Author Details:

Tapan Kanti Sarkar EVP & CTO; NCC Bank Ltd. and President, CTO Forum Bangladesh

Page 42: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013 www.ctoforumbd.org38

Cloud Training in a Box: Inexpensive and Reproducible Training Environments for Cloud Solutions

Executive Summary

Providing lab-based training on highly complex, multi-server solutions presents challenges.

Dell Global Support and Deployment Learning and Development sought to overcome these challenges by delivering training that:

• Provides a high student/lab station ratio

• Is not be prohibitively expensive

• Is reproducible for eventual use in regional training centers

• Is a model for training on a variety of Cloud Computing Solutions including OpenStack and Hadoop

In order to meet this need, Dell Global Support and Deployment leveraged existing available servers and the native virtualization capabilities of current Linux distributions to provide a 1:1 student/lab station ratio with no incremental cost to Dell. Additionally, this model is easily reproducible at any of Dell’s training centers that have the capability of providing one virtualization-capable server per lab station.

The Challenge

When delivering hands-on lab-based training, a tension exists between the desire to provide every

single student with the opportunity to perform the lab exercises and the need to control costs for hardware purchases. This tension exists even when training topics only require a single server per lab station. It is amplified when training solutions require multiple servers.

One response to this tension is to have students share a workstation and work together or take turns performing the lab exercises—but when forced to make that compromise, Dell knows from learner feedback that the “customer experience” is reduced. Also, the effectiveness of the training is likely reduced.

Dell needed to be able to deliver training on Dell Solution offerings of OpenStack and Hadoop. In order to replicate the minimal configuration of each

solution’s reference architecture, Dell needed to have at least six systems (and one or more network switches) in each lab station. A d d i t i o n a l l y , each reference architecture calls for different server models and for P o w e r E d g e C-Series servers, which is often not

as suitable for use in other training.

To provide each pair of students, in a class size of 8, with a lab station to share, requires 24 servers (48, if strictly following the reference architectures for those two solutions). These numbers reflect one implementation, which has to have remote access for classes in other regions. You have to double

LEAD

ERSH

IP

Page 43: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013www.ctoforumbd.org 39

those server numbers if Dell wants to provide individual lab stations for each student.

Once Dell assembles this infrastructure, you can remotely access the infrastructure for classes in other regions, but it requires an administrative presence in the physical location in case the servers need attention. Many instructors have a strong preference for physical access to their class infrastructure in case something goes wrong during class—or at least to have confidence that someone will be available during their class hours, rather than having to wait for a remote administrator in another time zone.

Therefore, if Dell regional training centers prefer to have locally available lab infrastructure, Dell either has to ship hardware around the world, or buy more servers. Also, each training center has to have to have the skilled and available headcount, and the data-center space to set up this complex infrastructure.

Selecting a Platform

These considerations forced Dell Global Support and Deployment to consider the possibility of delivering these solutions using virtualization.

Is Virtualization a Possible Solution?

Two considerations persuaded Dell Global Support and Deployment that Dell can move to a virtualized solution:

• While elements of our OpenStack and Hadoop solutions offer enhanced functionality when deployed on PowerEdge C-series servers (such as the ability to update and configure BIOS and firmware), the basic functionality of each solution was hardware-agnostic within certain

broad requirements. The solution can run, with compromises of some minor functionality, on virtual machines.

• While the reference architectures for these solutions call out specific Dell PowerEdge C-series servers, the target audience for training had already been trained on the support of those servers. These courses were only tasked with the training of the solutions and the deployment process for each; Support Services was not attempting to train the hardware as well.

Which Virtualization Platform?

Many virtualization platforms are currently available: VMware, HyperV, Xen, KVM, Virtual Box, and others. Dell Global Support and Deployment chose to go with the KVM virtualization that is natively available in recent Linux distributions for several reasons:

• The target audience is responsible for support of Linux/KVM virtualization as well, but gets

less opportunity for hands-on experience with it than they do with VMware. By using KVM virtualization in these labs, learners gain experience in that skill set as well.

• Because the KVM tools are open source and exist in the package repositories native to each distribution, the deployment of this infrastructure is

simplified and more easily scripted.

• Because the KVM tools are present in distributions that are free of charge (for example, CentOS) Dell Global Support and Deployment can easily document for customers how they can set up a similar testing/training environment at a very minimal cost.

Page 44: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013 www.ctoforumbd.org40

What type of Remote Access?

Choosing a method of remote access to the virtualization hosts involved the following considerations:

• Because these solutions are built on top of a Linux OS, rather than MS Windows, access through RDP (Remote Desktop Protocol) is not a first choice.

• If students are going to access the systems from Linux-based client systems, then SSH with X-forwarding is an ideal solution; however, in most of Dell’s classrooms, the existing student stations are running MS Windows.

• Access through a DRAC or BMC is a possibility (and remains so in the solution that Dell Global Support and Deployment ultimately chose—in case remote access is needed for access to system setup or other pre-OS configuration tasks) but often feels slow compared to more advanced remote access solutions.

• VNC (Virtual Network Computing) is a possibility, but generally does not offer secure access by default. Also, most of the VNC clients Dell considered required administrator privileges for installation, which can be a problem at some sites.

Ultimately, Dell chose to use the open source FreeNX server on the hosts, and to install the NoMachines nxclient (a free download) on the student systems, for the following reasons:

• It is encrypted and more tightly compressed than VNC.

• It offers secure access by default.

• The server can be installed from publicly-available repositories, making scripted installation easier.

• The client can be installed without requiring administrator privileges on the student systems.

What Hardware?

The hardware requirements are minimal. The Hadoop requirements are the more substantial of the two solutions and can be satisfied with 20 GB of disk space dedicated to the host, 20 GB of space for the

virtual machine serving as the admin node for our cloud, and 40 GB of space for each of 5 other virtual machines. Each virtual machine functioned with 2 GB of RAM; Dell did not test for functionality at lower amounts because of the abundance of RAM in the available systems.

Dell Global Support and Deployment finds

that each lab station can be provided with a single server that meets the following requirements:

• 16 GB of RAM

• 240 GB of storage

• Multicore CPUs with the VT extensions

These requirements are satisfied with a chassis of M605 blade servers already configured with RHEL6.

Implementation

Deployment of the training infrastructure involves the following steps:

1. Configuration of the Blade servers for remote access via their DRACs

2. Development of a Kickstart installation script

Page 45: Cto magazine volume2 issue1

LEAD

ERSH

IP

October - December 2013www.ctoforumbd.org 41

(Appendix A: Sample Kickstart installation script) for the virtual hosts that accomplishes each of the following deployment tasks:

• Installation of Red Hat Enterprise Linux 6 x86_64 with the appropriate virtualization packages configured by default

• Configuration of a local repository for post-install package installations

• Installation and configuration of SSH and the FreeNX server

• Download of the Cloud Solution software to be used

• Configuration of the virtual machines and their virtual storage

• Configuration of the isolated virtual networks to be used

3. Integration of the Blade Servers and the Kickstart scripts into Dell’s local deployment Solution, enabling reinstallation with a simple PXE boot.

Once the initial deployment is complete, each server is remotely accessible to students through the NXclient or through the DRAC and is equipped to be a standalone lab station hosting multiple virtual machines in a cloud configuration.

Deployment of the solution software can be performed in either of two ways:

1. To fully simulate the field deployment process, an “Installer” VM is used temporarily to act as a PXE server for the installation of the admin node. This takes the place of the deployment laptop described in the Crowbar Deployment Guide and allows students to simulate the process that will be used by Dell deployment teams.

2. The admin node can be configured for one-time boot from the Crowbar/OpenStack ISO. This installs the admin node OS and copies all necessary packages for the installation of Crowbar and the admin node services.

Outcome

Using this solution, Dell Global Support and Deployment is able to develop a combined course on OpenStack, Hadoop, and the Crowbar deployment tool used in both solutions. Support Services achieved this outcome without purchasing new hardware. This solution provided a reproducible model that Dell can use for future training in regional training centers globally.

After each class, the preparation process to refresh the solution completely for the next class takes approximately 45 minutes, but can be mostly unattended once the process is initiated.

Conclusion

This model is not applicable to all Dell courses because many of them are dependent on particular hardware requirements. But for courses that are focused on software training only, and on software that is largely hardware-agnostic, this project provides an incredibly cost-effective model for training.

Page 46: Cto magazine volume2 issue1

Digi

tal

Bang

lades

h

October - December 2013 www.ctoforumbd.org42

Empowering Women Through ICTBy Suparna Roy & Pushpita Saha

Case Story- 1:

Nasrin, a woman entrepreneur from Barahor Union Information and Service Centre (UISC) of Ullahpara upazila of Sirajganj district has gone on to achieve great strides in her professional sphere. Before 2009, she was a homemaker. She engaged herself as a woman entrepreneur in 2011. Nasrin was the first woman in her Union Parishad to introduce the delivery of public and private sector services through modern Information and Communication technology (ICT). She established a computer literacy training centre in her locality. The centre has trained over 10,000 locals, 70% of whom were women. This exemplary initiative has opened new professional avenues for the local women, who are now able to pursue better paid jobs as technicians or typists in the IT industry in urban areas. The application of new technologies to economic and social processes has created better economic and employment opportunities for the locals of Barahor Union Parishad.

Case Story-2:

Laboni, a woman UISC entrepreneur, said, “I have been working to prevent early and forced marriages in my Union. I believe if we all join forces, we will be able to completely eradicate this vile practice from our society very soon.”

In February 2011, 15 year old Amena’s mother came to Narayanganj port UISC and insisted Laboni change Amena’s birth certificate so that it shows her age to be 18 instead of 15. Amena’s parents wanted to marry her off before she reached the legal age. Amena original birth certificate was issued through online registration. Laboni tried to explain that once a birth certificate is issued in someone’s name, a new one cannot be issued for the same person. But Amena’s mother was determined to obtain a fake certificate. She even requested the Union Parishad chairman to authorise the issuance of a fake birth certificate for Amena. Recognising the imminent gross violation of a child’s rights, Laboni made a judgement call to make a blog post on Amena’s plight on UISC Blog. Thankfully, the post was seen by Naranyanganj Upazila Nirbahi Officer (UNO), who ordered relevant authorities to stop the child marriage and take immediate action against Amena’s parents. The modern communications technologies saved the day for a bright young girl like Amena, who will now get to complete her education and marry someone of her choosing at a legal age.

The stories of Laboni and Nasrin are not isolated incidents. Like Laboni and Nasrin, women entrepreneurs have become the propellers of change at the remotest part of the country through their strength, active participation, commitment and the correct and timely use of information and communication technology (ICT) tools available at their disposal.

In Bangladesh, women are already on the front line battling against hunger, poverty and environmental degradation- factors which socio-economically incapacitates them more when compared to their male counterparts. There are also flagrant disparities

DIGI

TAL

BANG

LADE

SH

Page 47: Cto magazine volume2 issue1

Digi

tal

Bang

lades

h

October - December 2013www.ctoforumbd.org 43

in access and use of ICTs women and men. Severe constraints to women’s access to information have been identified as the chief factor behind the pervasive and persistent discrimination against women. It is universal consensus that equal access of women to science and technology is a fundamental and vital component of development.

A fundamental government duty is to provide information and services aimed at improving the social and economic welfare of its citizens. Experience around the world has shown that, if used correctly, ICT can be a powerful tool in empowering marginalised populations by reducing costs, corruption and inefficiencies, improving quality, transparency and promoting access to government services. The government of Bangladesh, headed by Sheikh Hasina, correctly interpreted the power of ICT and as its first step towards ensuring easy access of information by the citizenry, has enacted the Rights to Information Act, 2009. This landmark and progressive act recognizes that the right to correct information is the core component of freedom of speech and conscience. The law protects the rights of the citizens and promotes transparency and accountability.

As the second step towards bringing information and services to citizens’ doorsteps, the government has successfully launched The Union Information and Service Centres (UISCs). These Information and service Centres are common access points established under a PPP arrangement at Union Parishads, to improve ease of access to services and have enabled over 4 million citizens to receive services such as birth registration, government forms, land records, mobile banking, university applications, examination results, among many other services every month near their homes. Also, the UISC entrepreneurs, one man and one woman in each UISC, are rapidly becoming a strong voice for service quality improvement and are successfully innovating new alternatives for public service delivery. These

decentralized service access points have improved inclusiveness not only for the poor, but also for traditionally marginalised sectors of society such as women, elderly, ethnic minorities, and the disabled. Women across the country have largely benefitted from the service centres as now information is at their fingertips. Easy and affordable access to information has strengthened rural women’s economic, political and social participation, thus validating comprehensive use of ICTs in public service delivery.

Already these remote service points have delivered different types of ICT services to 118, 649, 16 women from 4516 UISCs. 24,500 women have received computer literacy training from 3250 UISCs, which is 70% of total service recipient. 22,400 women have received telemedicine services from 25 UISCs, while about 25,295 women received mobile banking services through 2773 UISCs. Between April and May, 2013 more than 40 thousand women registered from Union Information and Service Centres (UISC) and Town Information and Service Centre (TISC) across the country for recruitment in Hong Kong, Singapore, Middle East and other countries.

ICT has been globally recognised as driver for knowledge based economy given its ability to access, transfer and apply knowledge and information to every facet of human engagement. Thus, development policies that do not redress women’s unequal access to information and modern communications technology can be deemed inherently counterproductive. According to APC, systematic concentration on ICT tools will be one of, if not the major, development concerns of the coming decade. In this backdrop, if women’s presence is not ensured at all socio-economic tiers, we will witness new forms of marginalization that could seriously undermine other advances made by women in the twentieth century.

Author Details:

Suparna RoyLocal Development ExpertAccess to Information (a2i) Programme Prime Minister’s Office

Author Details:

Pushpita SahaResearch AssistantA2i, PMO Office

Page 48: Cto magazine volume2 issue1

Digi

tal

Bang

lades

h

October - December 2013 www.ctoforumbd.org44

Bangladesh ICT Industry Accomplishments in 2013By Habiba Nasrin Rita

Bangladesh is moving slowly up in ICT advancement, ranking 113th in the “networked readiness index” in 2013 among 142 countries. In the previous three years, Bangladesh progressed from 130th to 118th to 115th, according to the Global Information Technology Report: Living in a Hyper connected World, prepared by the World Economic Forum (WEF). The report explores the causes and consequences of living in an environment where the internet is accessible and immediate; people and businesses can communicate instantly; and machines are interconnected, creating opportunities and at the same time new challenges. So the opportunity in ICT for Bangladesh is huge especially for the youth. After declaring to transform the country into digital by the present government the national movements towards technologies is perceptible. The days have past extremely fast and 2013 has gone forever. However, the success and failures of 2013 will be resonated throughout the New Year. Though, inadvertent initiatives from both government and non government and the unstable political situations have significantly overshadowed the success stories of 2013. Here are some of the highlighted happenings in 2013.

Budget:

Our government’s vision of a ‘Digital Bangladesh’ is not reflected in the proposed budget, as there is no specific focus on the information technology sector specially remain the continuation of 15%

value added tax on internet use and e-commerce transactions. The government framed the policy in 2009 after coming to power but it never tried to fulfill its pledges through proper budget allocation.

The government has proposed to reduce supplementary duty (SD) on digital camera, web camera, server rack, SIM card and optical fiber significantly in the fiscal year 2013-14 in order to fulfill its vision of making a ‘Digital Bangladesh’. The government took some measures for the next year by proposing reduction of tax from gadget that is essential for boosting the ICT sector.

The Government proposed to reduce the customs duty on digital cameras and web camera to 10 percent from existing 25 percent. CD on Server Rack is proposed to be reduced to 10 percent from 25 present per cent considering the present duty and tax incidence as high on server rack that need for the expansion of

ICT. SIM (subscriber identification module) card is so important for expansion of telephone sector, 30 percent SD is being proposed to be reduced to 20 percent.

To ensure smooth supply of quality optical fiber to the users at cheaper price, it is proposed to reduce its import duty from 12 percent (proposed 10 percent) to 5 percent and that of its identified raw materials to 0 percent as well from existing 25 percent and 12 percent customs duty.

DIGI

TAL

BANG

LADE

SH

Page 49: Cto magazine volume2 issue1

Digi

tal

Bang

lades

h

October - December 2013www.ctoforumbd.org 45

It is important to increase infrastructure support through tax exemption. There was a demand from the IT industry for withdrawing the current 15 percent VAT applicable to internet use. It would increase usage, but the government did not consider it.

Infrastructure:

Political commitment of the government to build an ICT-based society is good, but still there are deficiencies in the regulatory framework and infrastructure development to implement the vision of a ‘Digital Bangladesh’

Though Bangladesh is among the low-profile countries in the overall ranking, its position is in top in some cases. Mobile tariff in Bangladesh is one of the lowest in the world, and the country stands second followed by Hong Kong. But Bangladesh has not yet introduced mobile broadband and the country’s internet penetration is poor which affects its overall ICT performances

Software manufacturers and exporters expressed concern about the government’s decision to turn Janata Tower into the ICT ministry office instead of making the multi-storey building a software technology park. The ICT ministry is trying not only to shift its own office from the secretariat to this building, but also to rent different floors of the building to different government and private offices. We seek the prime minister’s intervention in the matter, so that the government establishes the software park in Janata Tower and does not shift the ICT ministry office to the building. Such type of decision may discourage many local and foreign software companies and they will feel discouraged if the government cancels the allocation of the tower to the association. This was the story about Janata Tower in 2012 which is still in same position, no development has been taken place as yet.

The government has established Union Information Centers in more than 4000

unions with a view to introducing e-Governance by 2014. Task of establishing 24,000 web portals at districts, upazila, and union levels is at the final stage of completion. Industry urged to give special emphasis on how to reach internet services to the commoners at cheaper rate. Citing weaknesses in access to internet, the BASIS and Bangladesh Computer Samity (BCS) could play an important role in overcoming these weaknesses as well as to develop necessary human resources in this sector.

PC Market

The tablet is eating into the personal computer (PC) and laptop market pie as the growth of PC market wasn’t so impressive like during 2011 and 2012 .

“The overall IT hardware industry scenario seems to be on a conservative side with most of the markets posting either a muted growth or decline. The year 2012-13 has been the year for notebook and tablet PC with consumers preferring tablet over PC as their replacement. Netbook sales has declined.

“The combination of basic functioning of a PC coupled with affordability is turning the tide favourably towards tablet PC. The industry is hopeful that the overall PC sales especially tab and laptop during 2013-14 will increase along with the widescreen smart phones. Other hardware product market has also declined from the 3rd quarter of the year 2013 and the last quarter was worst in terms of sale.

Page 50: Cto magazine volume2 issue1

Digi

tal

Bang

lades

h

October - December 2013 www.ctoforumbd.org46

Software & Outsourcing:

The earning from outsourcing IT jobs has increased by 56 percent in 2013, as per sources in the Bangladesh Association for Software

and Information Services (BASIS). In the 2011-12 fiscal year, the earning was USD 70.6 million, while it was USD 46.35 million in the 2010-11 fiscal year, referring to the latest available data of the Export Promotion Bureau (EPB). The earning from the world market could be multiplied by at least USD 2 billion with a little support from the successful public and private partnership ventures. The ventures can establish systematic IT outsourcing facilities and projects, available from major buyers of the US through the Internet, to facilitate the growing numbers of IT professionals in Bangladesh. According to BASIS officials, at present there are more than 500 software companies in the country. Of these, about 178 are doing outsourcing jobs In addition, Almost 1,50,000 IT professionals graduate each year in India, compared to a meagre 24,000 of the same in Bangladesh. The dynamic and highly ambitious youth of this country is playing a significant role in developing ICT sector of Bangladesh. So the growth of ICT sector of Bangladesh will be increasing remarkably and more global recognitions will be achieved like Gartner’s ranking as one of the top 30 IT outsourcing countries. the country’s ICT export exceeded 100 million US dollars in the last fiscal year and BASIS is now working with 1 billion US dollars. Software leaders hoped that this industry will contribute 1 percent of GDP in coming years. Apps developments also was most talked about and inspiring among the youth. The mobile app development sector is poised to will grow phenomenally, as more subscribers will be downloading and using the apps on their phones, The government took all sort of initiatives to encourage and trained the youth in apps development and outsourcing.

VoIP:

Bangladesh Telecommunication Regulatory Commission issued licences for handling international calls through VoIP in the early part of the year. Voice over Internet Protocol is a set of facilities for managing the delivery of voice information using the internet.

The licence policy has almost been finalised and BTRC is now giving it a final scrutiny. The government loses Tk 50 million in revenue every day due to illegal VoIP, according to BRTC.

The financial sector made remarkable progress in adopting electronic forms of payments instead of traditional paper-based ones in the just concluded year.

M-finance

After The significant use of debit card, credit card, automated teller machine (ATM), internet banking, mobile banking, automated cheque processing and credit information system in 2011 the online banking was the latest in 2012 and mobile banking in 2013. M -finance increased significantly in 2013.Government has introduced e-Payment and mobile banking to make delivery of services easy and transparent. Besides, we have taken steps to launch electronic money order and mobile cash card.”

The number of mobile banking subscribers rose by 15.7 percent to 1.15 crore in November 2013, thanks to a rapid expansion of commercial bank outlets. The value of mobile banking transactions stood at Tk 5,533.6 crore in November as disclosed by Bangladesh Bank in a statement.

The total number of agents providing such services across Bangladesh stood at 1.72 lakh until November 30.

Page 51: Cto magazine volume2 issue1

Digi

tal

Bang

lades

h

October - December 2013www.ctoforumbd.org 47

There were 99.8 lakh mobile banking subscribers in October, rising from 89.3 lakh in September, according to data. As part of the government’s financial inclusion programme, the central bank allowed 27 banks to provide mobile-banking; to date, 19 have launched the service. There is a lot of enthusiasm with mobile banking as BB is promoting commercial banks to develop the financial service, the central bank disclosed in a statement.

Launched in 2011 by two private banks in the country, mobile banking services have now become popular. Using a mobile phone and without having to make a visit to a bank branch, a customer can transfer money, receive salaries or pay bills from their accounts through mobile banking.

The central bank has allowed mobile banking systems to provide almost all services from disbursement of inward remittances to cash in and out, person to business payments, business to person payments, person to government payments, government to person payments and person to person payments.

3G and Telco:

The country’s telecom tariff is satisfactory but businesses or individuals could not make the best use of low tariff. Businesses and stakeholders should work further on it the commercial operation of 3-G mobile technology has also been initiated. Following various steps that we undertook in the telecommunication sector, the number of mobile users has increased to 9.86 crore and internet users to 3.40 crore. Side by side, tele-density and internet density have increased to 64.6 and 19.9 percent, respectively.

The state-owned cell phone operator, Teletalk, has launched the much awaited ‘3G’ or ‘Third

Generation’ phone service in the country on October 2013. People, at divisional headquarters got the service at December and the coverage would be expanded across the country in phases. Teletalk’s existing subscribers are getting preference and it has already sought applications from them. State-run mobile operator Teletalk Bangladesh limited launched countrywide 3G services using UMTS with HSDPA facilities.

The rest GSM operators G r a m e e n P h o n e , Banglalink, Robi and Airtel also obtained 3G licenses. Grameenphone has also launched the 3G service in end quarter of the year. Grameenphone has a plan to launch 4G LTE services first time in Bangladesh using TD-LTE technology. In this connection Grameenphone brought 10 MHz spectrum at 3G auction by BTRC. The target of connecting

Bangladesh with the second sub-marine cable has made significant headway. Indian telecom giants TATA and Reliance have shown their interest to get licenses for 3G operations in Bangladesh. Two other operators, Qubee and Banglalion, currently offer 4G Wimax data services in Bangladesh. CityCell operates a nationwide third-generation CDMA2000 network. The 3G mobile service is a fully wireless broadband, which is technically called High-Speed Packet Access (HSPA), and it can be enjoyed through 3G- enabled handsets, smartphones and modems. The divisional cities are the initial targets of the 3G launch since about 10 lakh 3G-enabled cell phone users are based there.

E-commerce:

E-commerce is emerging day by day for example bikroy.com, ajkerdeal.com, akhoni.com, punoh.com become the popular market place for e sell and buy.

Page 52: Cto magazine volume2 issue1

Digi

tal

Bang

lades

h

October - December 2013 www.ctoforumbd.org48

Not only that, those sites also are the highest classified adv and received 400, 000 free advertisements over the last one year and half and has become the highest visited classified advertisement sites in Bangladesh.

The websites provides a simple, safe, and fast buying and selling experience for the millions of Internet users in the country.

Free classified advertising is also regarded as one of the most powerful tools for online advertisements over the Internet. Entrepreneurs in Bangladesh can also promote their business free of cost at ecommerce sites in Bangladesh.

Expo & Exhibition:

A number of Expo and Fair were planned to be held round the year in different place of the country including Dhaka. The industry body BCS, BASIS, CTO forum, ISPAB, and other were having their Calendars of events round the year, but the unstable political situations and others movements were the obstacle to arrange such kind of event. There have been a very few programs which took place in the early quarter of the year.

International Achievements & local addressing:

Mustafa Jabbar, president of Bangladesh Computer Samity has received ASOCIO special contribution Award for his contribution in the ICT industry particularly in Bangladesh and the Asia Pacific region. It should mentioned that Mustafa Jabbar has been working in the IT sector since 1987 K. Mustafa Jabbar is the registered member of Bangladesh Computer Society association

from the time of its registration in 1992. He is the present president of the BCS. Before that holds different position of EC for 3 times. In addition he is the architect of Bijoy keyboard and software.

Global Women Inventors & Innovators Network (GWIIN) has presented Luna Shamsuddoha, Chairman, Dohatec New Media and President Bangladesh Women in Technology with the Honorary Special Recognition Award at the 4th Bi-Annual International European Women Inventors & Innovators Network Exhibition, Conference & Awards on 28 November 2013 in Stockholm, Sweden.

This year Nafis bin Zafar the first Bangladeshi to achieve OSCAR has visit Bangladesh. He achieved this award for his outstanding performance to branding Bangladesh in the OSCAR. Different programs have been arranged on his honor. Bangladeshi software engineer bags Oscar Award in the year 2007 for the animation of the Hollywood movie ‘Pirates of the Caribbean: At World’s End’. He achieved Scientific and Engineering Awards, for the development of the fluid-simulation system by generating water, smoke and explosion with the help of computer.

Conclusion

Achievements so far are encouraging experience will enhance the productivity in due course. Constructive criticism help to set right the endeavor and team work and inter industrial relationship helps to achieve more. I do believe with the learning and experience and achievements we did have in 2013 will encourage us to move forward in 2014.

Author Details:

Habiba Nasrin Rita Director, Operation Unique Business Systems Ltd.

Page 53: Cto magazine volume2 issue1

CTO FORUM EVENTS

October - December 2013www.ctoforumbd.org 49

Bangladesh CIO Summit 2013 - 4th Edition held at Hotel Ruposhi Bangla, Dhaka

His Excellency Ambassador Dan W. Mozena, Embassy of USA, Bangladesh was unfolding the CTO Magazine.

Page 54: Cto magazine volume2 issue1

CTO FORUM EVENTS

October - December 2013 www.ctoforumbd.org50

Page 55: Cto magazine volume2 issue1

CTO FORUM EVENTS

October - December 2013www.ctoforumbd.org 51

Seminar on “IT Security in Today’s Global Banking ” held at Pan Pacific Sonargaon Dhaka

Page 56: Cto magazine volume2 issue1

CTO FORUM EVENTS

October - December 2013 www.ctoforumbd.org52

Seminar on “Role of IT in 21st Century” held at BIBM

Seminar on “Faster Collaboration! Smarter Decision Better Business for the Industry”

held at The Westin, Dhaka

Page 57: Cto magazine volume2 issue1

CTO FORUM EVENTS

October - December 2013www.ctoforumbd.org 53

Seminar on “Enterprise ICT Security” held at BRAC INN, Dhaka

“Innovation Forum- Public Private Partnership on e-Service Delivery”

held at Karabi Hall, Prime Minister’s Office

Page 58: Cto magazine volume2 issue1

CTO FORUM EVENTS

October - December 2013 www.ctoforumbd.org54

Roundtable on “National Payment Switch & New Opportunity for e-Commerce”

held at BASIS Auditorium

Roundtable on “Online Transaction Securtiy” held at Dhaka Press Club

[Left to Right] Syeeful Islam, Ex. President, DCCI, Shafquat Haider, Director, FBCCI, Nazneen Sultana, Deputy Governor, Bangladesh Bank, Tapan Kanti Sarkar, President, CTO Forum, Kabir Bin Anwar,

Director General (Admin), PM’s Office & Project Director, A2I and Dasgupta Asim Kumar, Executive Director, Bangladesh Bank were present in the roundtable.

Page 59: Cto magazine volume2 issue1

CTO FORUM EVENTS

October - December 2013www.ctoforumbd.org 55

Industry–Academy Dialogue on “21st Century ICT Graduates” held at DCCI

Md. Nazrul Islam Khan, Honorable

Secretary, Ministry of ICT

Md. Sabur KhanPresident, DCCI

Chairman (State Minister) of University Grants Commission (UGC) Professor Dr. A K Azad Chowdhury was addressing the dialogue

Dr. Syed Akhter Hossain, Head of CSE, Daffodil International

University

Page 60: Cto magazine volume2 issue1

CTO FORUM EVENTS

October - December 2013 www.ctoforumbd.org56

Seminar on “Cyber Security” held at Department of MIS, University of Dhaka

[Left to Right] Kanon Kumar Roy, Director General, NBR, Bangladesh, Tapan Kanti Sarkar, President CTO Forum, Dr. Md. Mahfuz Ashraf, Director of EMBA, DU, Dr. Ijazul Haque, Treasurer, CTO Forum

and Md. Mohiuddin Dewan, Assistant General Manager, Bangladesh Krishi Bank.

Seminar on “e-Banking Security: Chanllenges and Solutions”

Page 61: Cto magazine volume2 issue1

CTO FORUM EVENTS

October - December 2013www.ctoforumbd.org 57

Seminar on “Emerging ICT Careers and Prospect ” held at IUB

Page 62: Cto magazine volume2 issue1

CTO FORUM EVENTS

October - December 2013 www.ctoforumbd.org58

Seminar on “Cloud Computing and its Application”

Seminar on “Data Center Design: Private - Virtual - Cloud”

Page 63: Cto magazine volume2 issue1
Page 64: Cto magazine volume2 issue1
Page 65: Cto magazine volume2 issue1
Page 66: Cto magazine volume2 issue1
Page 67: Cto magazine volume2 issue1

CTO MAGAZINE, VOL: 02, ISSUE: 01, OCTOBER - DECEMBER 2013