Embed Size (px)
DESCRIPTION
Unser weltweites CSC-Kundenmagazin.
Citation preview
Spring/Summer 2013
WORLD
Intermountain Healthcare’s Cybersecurity Challenge
INSIDE5 Steps to Enterprise Cloud
Why Data Is the “Next Big Thing”
Your Driver’s License Is Obsolete
3D Printing and the Future Factory
New Healthcare New Risks
Intermountain’s Marc Probst, CIO
The old “do it yourself” approach to cybersecurity leaves you vulnerable to today’s sophisticated attacks. Attacks that can come from anywhere in the world and at any time day or night. Attacks that make you focus less on your business strategy and more on getting your reputation back. What you need is a partner that monitors the globe day and night looking out for you — armed with advanced abilities that can recognize a dangerous threat in the midst of the white noise. And, the capability to protect you before the attack gets to your doorstep.
Change the model and run your business on your terms. Get CyberconfidenceTM, with integrated global cybersecurity solutions from CSC.
Learn more at CSC.COM/CYBERSECURITY.
ADVANCED THREATS DEMAND ADVANCED TECHNOLOGY
1SPRING/SUMMER 2013 | CSC WORLD
DIRECTOR, GLOBAL BRAND & DIGITAL MARKETING
Nick Panayi
EDITORIAL DIRECTOR
Patricia Brown
SENIOR MANAGING EDITOR
Jeff Caruso
SENIOR EDITOR
Chris Sapardanis
CONTRIBuTING WRITERS
Jim BatteyDale CoynerPeter KrassJenny Mangelsdorf
ART DIRECTOR
Deric Luong
DESIGN & pRODuCTION
Creative Services
CSC
www.csc.com
GLOBAL HEADquARTERS
3170 Fairview Park DriveFalls Church, VA 22042 United States+1.703.876.1000
CSC WORLD (ISSN 1534-5831)is a publication ofComputer Sciences Corporation.
Copyright ©2013Computer Sciences CorporationAll rights reserved.Reproduction without permission is prohibited.
Comment on what you’ve read in CSC WORLD at www.csc.com/cscworld.
Or write:
CSC WORLD3170 Fairview Park DriveFalls Church, VA 22042 USA
The IT transformation that will touch us all
If you want to find a poster-child for an industry that has been fundamentally transformed because
of the recent shifts in enterprise technologies, look no further than healthcare. IT professionals
in healthcare often proclaim they are reluctant to be early adopters of new technologies due to
privacy and security concerns. But the fact is many healthcare providers and payers are among the
more mature adopters of business processes that leverage cloud, mobility and big data.
In the U.S. alone, healthcare organizations are increasingly under pressure to do more with less
while meeting new healthcare-reform legislation designed to improve information sharing, security
and patient care. Similar scenarios are playing themselves out in other regions of the world in their
own unique fashion.
So let’s map the major technology trends to the healthcare sector’s new objectives:
• Mobility, consumerization and healthcare providers. The introduction of tablet computing has
been enthusiastically embraced by new physicians and veteran doctors alike. These physicians
immediately grasped the advantages of using mobile computers to improve the way they track
and share information with patients to optimize their bedside manner and also provide better
patient care. The initial IT response was to push back because of concerns about governance,
risk and compliance (GRC). But in the final analysis, the bring-your-own-device (BYOD) trend
was too overwhelming. With some smart GRC adjustments from the IT organization, it is now
recognized that healthcare provider productivity has improved, along with patient experience.
Do risks remain? Yes. But it’s now taken as a given that the risks need to be understood and
constantly managed.
• Cloud and the extension of healthcare services. In an effort to get the most out of their
systems, executives in the healthcare sector are investing in private cloud solutions to get the
benefits of virtualization (which optimizes resource utilization) while streamlining operations,
by creating service-delivery systems that can be self-provisioned. But cloud will do much
more for healthcare than just improve infrastructure efficiency. Our friends at Cisco this year
conducted a global survey of 1,547 consumers and healthcare decision makers across 10
countries. According to the study, 74% of consumers are open to virtual doctor visits. New
technological capabilities, combined with new attitudes about how personal and medical
information is managed by trusted parties are taking telemedicine to an entirely new level.
• Big data and predictive analytics enhance quality of care. The proliferation of electronic
patient records, and the increasing adoption of mobile and cloud-enabled remote healthcare
delivery are just a few of the factors now contributing to the explosion of data (structured
and unstructured) that can be mined to gain insight into the diagnostic, prognostic and
prescriptive process. Many studies are available now that explore the opportunities associated
with bringing massive amounts of data from a multitude of sources to buttress the decision-
support systems in healthcare so that outcomes can be improved.
We dive into these topics in this issue’s healthcare section. We also get real-world perspectives
from Marc Probst, CIO of Intermountain Healthcare, Phil Fasano, CIO of Kaiser Permanente and
David Guzmán, CIO of H. D. Smith on how their organizations are thriving in today’s connected
world. Speaking of healthcare, big congrats to CSC, which was ranked #11 in Healthcare Informatics’
annual list of the top 100 healthcare IT vendors in the U.S. Don’t miss some
of the other insightful perspectives and research in this issue on cloud
computing, cybersecurity and big data.
Enjoy your summer!
patricia BrownEditorial Director, CSC World
Inside CSC WorldWORLD
1
www.csc.com/cscworld
2 CSC WORLD | SPRING/SUMMER 2013
CSC WORLD | SpRING/SuMMER 2013 | VOLuME 12 | NuMBER 2
4 NEWS CSC partners with SAP to offer next-gen banking
solutions; Maruf Majed is named vice president and general manager for Asia, Middle East and Africa; and CSC agrees to sell its Applied Technology Division.
6 HEARD ON CSC.COM Experts are coming to CSC.com to make their voices
heard, in CSC Town Halls, online communities and Ingenious Minds blogs.
ExECUTIVE PERSPECTIVES8 Catering to a Connected World Mary Jo Morris, vice president and general manager of
Diversified Industries at CSC, shares thoughts on the importance and prevalence of connectedness.
9 Exploring the Nordic and Baltic Regions John Walsh, vice president and general manager of
the Baltic and Nordic regions at CSC, discusses the opportunities and challenges facing business leaders.
COVER STORY
Intermountain Healthcare’s Cybersecurity Challenge The healthcare industry is entering a world of great opportunity and tremendous risk. Intermountain, a 22-hospital health system, is using innovative technology to improve care and secure systems.
HEALTHCARE14 Kaiser permanente CIO: ‘The Consumer
Is in Charge’ There’s a revolution brewing in healthcare, and one of its
chief insurrectionists is Phil Fasano. The executive VP and CIO of Kaiser Permanente discusses his new book.
17 A New Model for Medicine The practice of medicine is changing. Lisa Pettigrew,
industry general manager for Global Healthcare at CSC, unveils three new models for care.
18 Medical Device Firm Grows Better Data With Salesforce Application
Biomet Microfixation, an innovator in the medical industry, chooses enterprise cloud applications by Salesforce.com to improve its ability to generate real-time, accurate data.
10
14
28
30
40
10
3SPRING/SUMMER 2013 | CSC WORLD
MANUFACTURING 36 Automotive Industry Goes Driving
in the Cloud While flying cars may still be out of reach, cloud
computing, mobile broadband, location-awareness and big data technologies are bringing the car of the future to market today.
40 How 3D printing Will Turn Manufacturing
on Its Head 3D printing sounds like something straight out of science
fiction, but the idea that you can use a computer to quickly create complex objects seemingly out of thin air is a reality.
PUBLIC SECTOR 42 Your Driver’s License Is Obsolete The Internet and mobile devices have brought us wonderful
conveniences but also significant challenges. Paper-based IDs are no longer suited for this world.
43 Could a Smartphone Solve Immigration Reform? Many people dream of visiting the U.S. But new rules
have made the travel visa process too difficult for some. Smartphone biometrics could help.
LAST WORD44 Four Waves to the Cloud At H. D. Smith, a pharmaceutical distributor, the cloud is not a
choice, but an imperative. CIO David Guzman, discusses why cloud computing offers compelling economics and capabilities.
FINANCIAL SERVICES20 Financial Regulations Sweep the Globe
The U.S. government continues to look for ways to prevent anyone from not paying their fair share of taxes. A new law designed to improve reporting will affect everyone.
21 How Cloud Is Disrupting Financial Services Cloud-driven change is affecting how processes are
managed, how IT investment is handled, and how costs are allocated. But the biggest changes are not related to IT.
BIG DATA22 5 ‘Must Haves’ for Every BI Dashboard The effective use of business intelligence gives companies a
competitive advantage. Delivering timely information to decision makers can be accomplished with a well-designed BI dashboard.
24 putting the ‘I’ Back in IT The growth of the IT industry has been driven by the “T”
in IT. New technologies have captured most of the public’s imagination. That dynamic is changing.
CYBERSECURITY 26 The Case for Managed Security Services Organizations face a dilemma: the number of cyberattacks
continues to grow, while budgets continue to remain flat. Managed security services are often the best option.
28 Decoding the president’s Cybersecurity Mandate The growing frequency of cybercrime is top-of-mind for
U.S. officials. Samuel Visner, executive vice president and general manager of cybersecurity at CSC, explains why.
CLOUD COMPUTING30 3 Reasons to Believe in Hybrid Clouds Cloud services come in different shapes and sizes. Lately,
many organizations are turning to hybrid solutions and infrastructure models that can be tailored to specific needs.
32 Why Enterprise Clouds Rule Cloud computing has become a key part of an IT leader’s
toolkit. Many organizations use cloud for various reasons. It’s critical to select the appropriate cloud model.
34 5 Steps to Enterprise Cloud Will the consumer cloud — the popular, low-cost service
offered by Amazon and others — be to cloud what the iPhone was to mobile? Siki Giunta, vice president and general manager of cloud services at CSC, says no.
NEW ON CSC.COM Infographics Central: Explore key trends and data in visual and interactive ways with a collection of CSC infographics on emerging technologies such as cloud computing, big data and mobile banking. csc.com/Infographics
CSC Town Halls: Join a continuing series of online conferences on IT topics that matter to you, featuring CSC experts and special guest speakers ready to answer your questions. csc.com/TownHall
Success Story Briefing Center: View video success stories featuring CSC subject matter experts, clients and global partners or search hundreds of stories that cover a wide range of solution areas. csc.com/Success_Stories
4 CSC WORLD | SPRING/SUMMER 2013
NEWS
CSC has reached a definitive agreement with PAE for the sale of its base operations, aviation and range services business unit, Applied Technology Division (ATD), for $175 million in cash. CSC acquired ATD with the 2003 purchase of DynCorp.
Announced on May 29, this agreement is CSC’s sixth divestiture in seven months, furthering CSC’s transformation strategy to rebalance its portfolio of services by focusing on its core strength in next-generation technology solutions and services.
CSC will sell the aviation maintenance, base operations and maintenance, test and training range, and space range businesses of ATD, while retaining the division’s training and simulation business. ATD currently performs work at more than 20 client locations in the continental United States.
“The sale of ATD supports our realignment of company assets with our strategy of leading in the next generation of technology solutions and services, including cybersecurity, big data and cloud computing,” said CSC President and CEO Mike Lawrie.
PAE’s dedicated focus providing mission-critical services to the U.S. government and its allied partners will ease the transition for clients and employees. ATD’s senior management team and its approximately 5,400 employees will transfer to PAE as part of the agreement.
In fiscal year 2013, ATD revenue was approximately $760 million with low-to-mid single-digit operating margins. ATD revenue has been reported within CSC’s North American Public Sector (NPS) and will be recast as discontinued operations.
The transaction is subject to customary closing conditions, including the receipt of various consents and an anti-trust clearance under the Hart-Scott-Rodino Act. CSC expects to close the transaction in the summer of 2013.
Get the latest CSC news at csc.com/newsroom.
CSC AGREES TO SELL ITS APPLIED TECHNOLOGY DIVISION
5SPRING/SUMMER 2013 | CSC WORLD
In May, CSC announced an expanded partnership with SAP designed to accelerate the banking industry’s move to next-generation technology platforms. CSC and SAP have cooperated to define a new global go-to-market strategy for their banking software and services offerings to help reduce the risk, implementation time, and cost of modernizing business processes and IT environments.
Under the expanded alliance, CSC will be an SAP global services partner for the banking industry and is expected to provide systems integration services for banks using SAP solutions. CSC is also now a global value-added reseller of SAP, authorized to resell SAP products, services and support. In addition, SAP and CSC will co-sell their banking software and solutions.
The companies’ software and services address a wide spectrum of enterprise technology and business needs to help banks keep pace with evolving customer, market and regulatory demands. Banks that have delayed upgrading their infrastructure and applications can modernize them incrementally, which can help lead to both lower costs and risk. The companies can unify for customers a set of next-generation consulting, software, enterprise services and testing technology platforms that are designed to leverage both companies’ banking industry expertise and extensive offerings.
“Modernization is both a costly and complex undertaking for banks around the globe,” said Robert Hunt, senior research director, CEB TowerGroup. “Because of this, many banks continue to operate on legacy systems developed decades ago. Choosing services and software from CSC and SAP makes perfect sense
and offers a compelling proposition to banks that have pushed out or barely started their modernization projects to help meet customer demands or improve operating efficiency.”
“Our vision for this software partnership is to help enable large global and mid-sized regional banks to drive profitable growth through cost savings, greater agility, more innovation and a superior customer experience,” added Thomas E. Hogan, executive vice president and general manager, CSC Global Business Services. “Banks will now have more choice when modernizing their technology systems.”
“CSC and SAP have been partnering for 30 years, helping to bring value to customers around the world,” said Robert Enslin, president of Global Customer Operations and a member of Global Managing Board, SAP. “With this expanded relationship, we look forward to further accelerating our efforts in the banking industry.”
As a long-time SAP global services partner, CSC implements and delivers SAP solutions to customers across many industries and is an SAP-certified provider of cloud services, hosting services and application management services. In addition, CSC has a successful practice in Central Europe focused on SAP solutions used in the banking industry and has collaborated with SAP on many complex implementation projects.
Learn more at csc.com/SAp.
In April, CSC named Maruf Majed, vice president and general manager for Asia, Middle East and Africa. As the regional managing director, Majed will drive and coordinate all CSC operations across the region.
“Asia, the Middle East and Africa represent an enormous opportunity for growth,” said Thomas E. Hogan, executive vice
president and general manager for CSC’s Global Business Services & Regions. “CSC is committed to establishing a leadership position in these important regions, and we are delighted to add an executive with Maruf’s credentials to our team.”
“I am thrilled to join CSC and look forward to leveraging CSC’s strengths in next-generation solutions, such as cloud computing, cybersecurity and big data, to enable improved business outcomes for our clients,” said Majed.
Majed has a rich background in technology leadership roles, including senior assignments at IBM, Gulf Business Machines, Siebel Systems, webMethods, and, most recently, Misys. He holds a Bachelor of Science from the University of North Dakota and a Master of Business Administration from the University of Texas.
Learn more about CSC at csc.com/about_us.
MARUF MAjED NAMED HEAD OF ASIA, MIDDLE EAST AND AFRICA
CHANGING THE WAY BANkS DO BUSINESSCSC and SAP Align Banking Portfolios to Deliver Advanced Solutions
6 CSC WORLD | SPRING/SUMMER 2013
Telecommuting:
NOGOINGBACk
Some will argue that telecommuting hurts productivity, but studies have shown that the opposite is true. With modest investments in technology, you can have the best of both worlds. Employees can see each other’s faces in meetings, and they can collaborate in ways that are both productive and creative. Telecommuting doesn’t have to be sacrificed, and we couldn’t go back if we wanted to.
Dean FernandesOne of CSC’s Ingenious Minds
csc.com/ingenious_minds/blog/telecommuting
Heard onCSC.Com
Experts inside and outside of CSC are coming to CSC.com to make their voices heard, in CSC Town Hall webcasts, our online communities and our Ingenious Minds blogs. Here are some highlights.
The promise of 3D Printing3D printing can make objects with a complex internal structure that would be almost impossible using traditional methods. There’s no large factory and no retooling of an entire assembly line. The same
printer that creates a piece of art can be used next to print a bike part. And that printer can be kept close to the point of consumption, which has implications for logistics.
Vivek SrinivasanRegional Manager, Executive Programme, Leading Edge Forum
Town Hall, “How 3D Printing Will Turn Manufacturing on Its Head”
csc.com/townhall/3Dprinting
6 CSC WORLD | SpRING/SuMMER 2013
7SPRING/SUMMER 2013 | CSC WORLD
The desktop’s meteorSure, you still see them around the office, but make no mistake: Desktop computers are the equivalent of dinosaurs in the days after Earth
was struck by a large meteor. They were still there, but they were the walking dead, doomed to eventually vanish. The desktop’s meteor is mobile computing.
Chris NerneyTechnology writer
CIO Engage blog post, “The desktop is (pretty much) dead”
community.csc.com/community/cio-engage/blog/2013/03/28/
the-desktop-is-pretty-much-dead
Accountability in securityIs the typical CIO’s performance rated on the effectiveness of the IT security and risk management pro-gram? Not really. They’re focused on keeping new IT running on time, keeping IT costs low, and getting
new IT initiatives out quickly. In an effective security orga-nization, everyone is responsible for IT security, and they’re held to it. Whoever is reporting directly to corporate leadership, such as the chief executive or operating officer, needs be held accountable.
George HulmeTechnology writer
CIO Engage blog post, “The 5 Keys of Effective Security Management”
community.csc.com/community/cio-engage/blog/2013/ 04/08/the-five-keys-of-effective-security-management
Taking stock of CLIMATENot only is the National Climate Assessment a huge undertaking, the subject is a dynamic system that is changing while we study it. It’s like trying to give someone an
exam while they’re running a marathon. We discover new variables, inputs, influencers and rhythms to our climate on a regular basis. But are those observations — say, for example, the recent spate of extreme weather events in the U.S. — an isolated incident? Part of a long cycle repeating pattern? Or representative of a genuinely new trend? Accurately characterizing such an intricate system takes a lot of thought and discussion.
Sharon HaysOne of CSC’s Ingenious Minds
csc.com/ingenious_minds/blog/climate
Avis Budgetleverages
BIG DATAThere were a lot of automobile renters who were never engaged in any kind of campaign, communication, survey — anything except the rental. The name of the game these days is ‘engagement.’ You hear that over and over with mobile and social and everything out there now. It led to some thinking about the best way to engage with those customers.
Alex BlackSenior partner in CSC’s Big Data & Analytics group.
Town Hall, “How Avis Budget Uses Big Data in Marketing”
csc.com/townhall/avis
7SpRING/SuMMER 2013 | CSC WORLD
8 CSC WORLD | SPRING/SUMMER 2013
Getting connected has never been more important, or more valuable. That’s true whether you work in private industry or the public sector. It’s also true whether you’re connecting with co-workers, customers, partners or suppliers. The need to connect is the new requirement.
Fortunately, today’s technologies can connect us as never before. Social media changes communications between suppliers and customers from monologues to conversations. Smart grids connect utilities with consumers by adding intelligence, smart metering and more. Cloud computing connects technology providers with users to enable new forms of IT as a service.
CSC’s Diversified Industries group is making connections in three main sectors: Energy and Natural Resources; Communications and High-Tech; and Consumer and Transportation. While there is great diversity among these sectors, they are bound together by common market drivers, including aging infrastructure in need of modernization, increased security and intelligence, real-time information demands, and a growing velocity and volume of data.
Three connectionsIn Energy and Natural Resources, there’s a new focus on smart energy. These industries have, over time, built large
infrastructures composed of heavy plant and equipment. Now they want
to get more intelligence out of that infrastructure. They want
to operate more efficiently from remote locations, with more safety, better security, fewer people and greater precision. Their goal is to build so-called smart grids: networks that connect providers
with consumers and suppliers in an intelligent and automated way and
provide access to the growing volumes of
by Mary Jo Morris
INDUSTRY PERSPECTIVE
data at the point of production. These smart grids empower energy providers to gather and act on information in new ways.
In the Consumer and Transportation sector, we’ve seen entire companies transformed by the rise of the Constantly Connected Consumer and passenger. This new level of connectivity has inspired many consumer companies to rethink the very nature of how they go to market, and with whom. What’s considered “good service” has been transformed, too; by harvesting data from social media and customer databases, manufacturers and retailers can offer customized products based on predictive analytics.
Similarly, in Transportation, we have solutions that extend the Connected Consumer to another client base — the Smart Traveler. By using data and analytics to detect traveler preferences, we can “automate the journey” for transportation companies that serve the traveler. We also enable those companies, through automation and modernization, to provide a more secure, reliable, efficient, and pleasant experience for their customers.
Finally, in Communications and High-Tech, it’s these companies that provide the enabling infrastructures and products that connect us all. Mobility, cloud, social media, dynamic storage, virtual networks — are all technologies that underpin our solutions.
Going eastIn addition to wanting greater connectivity, most of our clients share another desire, namely, to expand into Asia. Here especially, getting connected is vital. Social media, mobile technology, cloud and other IT innovations will be key enablers for these companies to do business globally. Application modernization is also important, as many expand geographically by offering cloud-based applications as a service.
Agility is increasingly important, too. In today’s business environment, innovations appear at an ever-faster rate, and they are increasingly disruptive. Consider, for example, how the rise of mobility has transformed the entire telecom industry. Again, the cloud is helping, this time by allowing companies to dynamically allocate infrastructure resources.
Security and privacy are important elements of these new ways of connecting. One unfortunate side effect of offering greater connectivity is that organizations also connect hackers, criminals and other “bad guys” with their systems. So as they extend their connections, they must also strengthen their protections.
The ability to connect with suppliers, partners and customers — and to do so with high levels of privacy and security — will define the leaders of tomorrow. But the time to build the IT infrastructures that enable greater connectivity is today.
MARY JO MORRIS is VP and general manager of Diversified Industries at CSC.
CATERING TO A ConneCted World
9SPRING/SUMMER 2013 | CSC WORLD
As an American working in the Nordic region, I’ve been impressed by the happiness. If you look at the latest worldwide indices, Norway ranks first, making it the happiest country on Earth. Right behind is Denmark at number two, Sweden at number three, and Finland, a close number seven. Perhaps they’re so happy about their countries’ strong social-welfare states. For example, Norway distributes all the profits from its oil business into a national pension plan, now worth more than $710 billion, that benefits every citizen in the country.
I’m happy to be here, too, but for a different reason: for the opportunity to help local businesses and public sector agencies dramatically improve their competitiveness. That’s a top goal right now for many of the region’s enterprises, which — despite the region’s small population — include such large, well-known brands as Ikea, Lego, Maersk, Nokia and Saab. While their region’s citizens may be protected by the state, these Nordic businesses must compete in tough, fast-moving international markets, where it’s every company for itself.
Fortunately, CSC has been able to help with a range of IT-powered business solutions. When Nordic businesses and government agencies need help with cybersecurity, cloud computing, data analytics, or utility-based computing and storage models, they know they can turn to CSC for solutions.
Attacking hackersTake cybersecurity, a major concern in the Nordic region. When one of our clients was recently attacked by hackers affiliated with Russian organized crime, we helped the client identify the details of the attack, eliminate it, repair the damage, and bolster protections for future prevention. Other local enterprises face serious threats from rogue nations, organized criminals, spies and others, and we’re helping them detect attempted attacks and deter them.
Another important tool for the region is cloud computing, and the related ability to offer IT capabilities as a service. The cloud helps enterprises gain agility, increase cycle times, improve service quality, mitigate risk, innovate, reduce waste and lower their costs. We recently implemented BizCloudTM, our private-cloud solution, for Telenor Group, a Norway-based mobile operator. Telenor, with 148 million subscribers in 11 national markets, is one of the largest telcos in the world, and it’s using
NORTHERNexpoSureCSC sees big opportunities in the Nordic and Baltic regions.
our service to gain high levels of both scalability and flexibility. Similarly, the cloud lets us offer Storage as a Service, a utility-model solution that lets our clients pay for only the storage capacity they actually need.
Data analytics is another huge and growing opportunity. Companies with large amounts of data, such as insurers, are looking to transform those files into actionable information. To do this, they will need new tools and techniques that not only solve business problems, but also improve the customer experience and boost profitability. They will also need new data tools that can handle new forms of information — much of it unstructured — now being collected from social media, online videos and industry researchers.
public projectsWith Nordic governments playing such a large role in their economies, you may not be surprised to hear that we also work extensively with the local public sector organizations. For example, we’re helping the Danish government undertake an innovative e-business transformation. The project involves registering property, vehicles and other assets; operating major tax systems; and running significant components of the government’s IT infrastructure.
The countries of the Nordic region, while sharing many cultural commonalities, also differ from one another in important ways. They speak different languages, take different approaches to decision making, and specialize in different industries. Yet they all share a large and growing business environment, a willingness to invest in IT and automation, and an intense desire to work faster, cheaper and simpler.
JOHN WALSH is VP and general manager of the Baltic and Nordic Regions at CSC.
REGIONAL PERSPECTIVE
Exploring the Nordic and Baltic RegionsHear more from John in the video: Applying Next-Gen Technology in the Nordic and Baltic Regions at csc.com/nordics
by John Walsh
10 CSC WORLD | SPRING/SUMMER 2013
While attacks on the healthcare industry aren’t as high-profile as those experienced by the financial services and energy sectors, security experts say cybercriminals have increased their assaults on critical medical systems to steal valuable patient data. Surveys show that most health organizations have suffered some kind of data breach or security incident. For example, Ponemon Institute’s Third Annual Study on Patient Privacy reveals 94% of the healthcare organizations it interviewed reported at least one data breach in the past two years, and 45% said they had more than five breaches during that time.
With risks continuing to escalate, some organizations are taking a proactive approach, working to better protect patients’ data and fortify their systems before an attack or theft occurs.
One organization keen on building greater resiliency and security is Intermountain Healthcare, a health system
repeatedly honored for excellence and innovation both in healthcare and its use of technology. Last year, CSC began working with Intermountain to help strengthen its security. Along the way, the team has applied innovative approaches to better secure Intermountain’s network of systems and data.
Managing risk with innovationIntermountain Healthcare is a nonprofit health system based in Salt Lake City, Utah, consisting of 22 hospitals, 185 physician clinics, an affiliated health insurance company and 33,000 employees that serve the state of Utah and southeastern Idaho.
“Intermountain Healthcare has a long legacy of very high quality in healthcare and, from a cost perspective, we are one of the lowest-cost providers of healthcare in the country,” says Marc Probst, chief information officer and vice president of Information Systems at Intermountain Healthcare. “That comes from a focus on using systems and really smart people taking the data from these systems and making good decisions. In areas like privacy and security, though, we are looking to other industries.”
Intermountain Healthcare’s Cybersecurity Challenge
New Healthcare. New Risks.
by Jenny Mangelsdorf
The healthcare industry is venturing into a world of tremendous opportunity — and tremendous risk. By linking systems and medical devices to the Internet, adopting electronic health records and implementing regulatory reforms, the industry is drastically improving healthcare for all of us. But the changes are also creating a health IT landscape fraught with security challenges.
COVER STORY
10 CSC WORLD | SpRING/SuMMER 2013
11SPRING/SUMMER 2013 | CSC WORLD
Client: Intermountain Healthcare
Challenge•Growinguseofvulnerable,complexmedical
technologies, mobile devices and medical diagnostic devices with IP addresses
•Escalatinghealthcarefocusbycybercriminals,partially due to increased black-market value of patient medical records
•Evolvingregulationscarryingbothlegalandfinancial penalties
Solution•Dataclassification,identification,encryptionand
enclaving•Auditpreparedness•Revisedsecuritypolicies,procedures,guidelines
and training
Results•Aninnovativescalable,self-healing,controlled
and managed network infrastructure design that protects data, applications and systems
•Greaterresiliencyandsecuritytoprotectpatientsand thwart current and emerging cyberthreats
•Creativeinformationsecurityawareness,trainingcontent and delivery
Read more CSC client success stories at csc.com/success_stories.
Information systems security and privacy ranks a close second in the top challenges facing healthcare CIOs after attaining effective meaningful use of electronic medical records, adds Probst. “Regulation changes and the complex nature of medical services create a huge security and privacy challenge.”
Cybercriminals’ increased focus on healthcare data compounds that challenge. Intermountain wanted to ensure that it was reducing the risk to its organization and that it stays current with the latest security controls.
“The dynamic has changed substantially,” says Ashif Jiwani, CSC Global Cybersecurity partner, Healthcare. “A year ago, the financial services industry was attacked from everywhere in the world; now the healthcare industry has become the easiest target for commercial hackers.”
For cybercriminals, stealing identities from sick people is fairly easy since they’re focused on getting well and many times let other responsibilities slip, such as ensuring that their identities haven’t been stolen. Healthcare records, which contain megabytes
of valuable personal data ranging from Social Security numbers to blood types, have also become more valuable than simple credit card numbers, which financial industries have worked hard to protect with antifraud capabilities.
“Through CSC’s global threat intelligence, we are constantly watching the black-market exchange boards to see what’s happening on behalf of our clients,” says Tom Patterson, CSC Global Cybersecurity Consulting general manager. “Currently, criminals are getting an average of $2 for a credit card record, whereas a medical record brings about $20.”
An issue of reputation and regulationAt $20 a record, criminals can quickly make a lot of money and simultaneously damage an organization’s reputation and budget. Take last year’s attack on the state of Utah’s Department of Technology Services computer server, which stores Medicaid and Children’s Health Insurance Program claims data. Cybercriminals stole 280,000 Social Security numbers and “less sensitive” personal information of another 500,000 people. The Utah department is still dealing with the fallout.
11SpRING/SuMMER 2013 | CSC WORLD
12 CSC WORLD | SPRING/SUMMER 2013
“Until a breach occurs, security usually tends to be an afterthought,” says Jiwani. “Intermountain has decided that’s not where it wants to be. The system has made security a priority because it feels that the protection of its patients’ information and privacy as well as its reputation is as important as any of its other prime strategies.”
State and federal regulators also have strong feelings about securing patient data and have set penalties, both penal and financial, for noncompliance and breaches. For example, under the U.S. Health Information Technology for Economic and Clinical Health Act, hospitals and other organizations can be fined up to $1.5 million per year for serious security incidents. Corporate officers can also go to jail for negligence.
Intermountain, because of its scope, must follow health-related, banking and insurance regulations, all of which continue to evolve as cybersecurity gains importance. Evidence of this evolution can be seen in last year’s audits by the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). The OCR, which audits and enforces regulations from HIPAA and the HITECH Act, randomly audited 20 healthcare organizations; 19 failed, says Jiwani.
“We’re finding the OCR has interpreted the regulations differently [from] industry,” says Karl West, Intermountain Healthcare chief information security officer. “Because of this, we decided to innovate and partner with someone who could help us move into a new paradigm and a new interpretation of the regulations, and help us create a leadership position in the protection of patient information. That’s how we came to work with CSC.”
Segmenting networks and data encryptionA key area where CSC and Intermountain have teamed to set new benchmarks in the healthcare industry is a network approach that classifies data, encrypts data at rest and in transit, and then segments, or enclaves, data and systems — an approach that simultaneously protects data if stolen
and protects data from being stolen. This approach, which CSC mainly uses in its public sector work, is a first for the healthcare industry, says Jiwani.
“Few organizations have looked at developing a strategy where they can encrypt and enclave their enterprise storage networks,” he says. “We essentially took defense-level security and applied it to healthcare.”
Under CSC’s security work with Intermountain, CSC is helping the healthcare organization apply cutting-edge technologies and equipment from leading vendors that is mapped and embedded into these network design solutions.
Addressing BYOD, mobility and telemedicineThe network design principles encompass separationof duties and separation of data access. The design allows for managed and controlled access to containerized data based on need-to-know and access rights. They also include the use of approaches that support the confidentiality, integrity and availability of data through controls, and management around data access, data at rest and data transport across the network.
The end result provides Intermountain with a sound, scalable, self-healing, controlled and managed network infrastructure design that protects data, applications and systems containing electronic health information.
“This innovative approach, which balances a ‘security everywhere’ focus with one of ‘security only where it’s required,’ allows us to be very agile and focus on those priorities that have the highest risk,” says Jiwani. “We can dynamically change the areas where we want the most impact and resources, and use tools in a much more efficient way. It also allows us to determine the right level of risk versus cost.”
Karl West, CISO, Intermountain
Marc Probst, CIO and VP of Information Systems, Intermountain
13SPRING/SUMMER 2013 | CSC WORLD
NEW DATA BREACH RuLES HAVE BIG IMpACT
by Richard Staynings
This January, the Department of Health and Human Services’ Office of Civil Rights published the Omnibus Final Rule on amendments to the Health Insurance Portability and Accountability Act’s Security Rule and the Health Information Technology for Economic and Clinical Health Act.
The rule makes significant changes to requirements involving security incident response and the notification of data breaches for HIPAA “covered entities,” “business associates” and their subcontractors. Essentially it reverses the existing process, removes the “no harm, no foul” rule and requires CEs and BAs to conduct a comprehensive risk assessment to prove that no personal health information is compromised when a possible incident occurs. CEs and BAs are thus assumed guilty until they can prove themselves innocent — a fairly significant change in the fundamentals of U.S. law.
What’s more notable is that the rule presumes that any unreasonable access, impermissible use or disclosure of PHI is a breach, irrespective of whether this caused, or was even likely to have caused, harm or damage to anyone. Thus if a nurse inadvertently sees the record of a patient not in her care, under the new rule, that action would constitute a breach and, at the very least, would require that a risk assessment be conducted.
These changes place a heavy burden on CEs and BAs’ risk assessment resources and incident response teams, which need to rapidly investigate, document and report incidents as possible breaches to meet the new rule’s requirements.
Other changes involve encryption, notices of privacy practices and breaches — even by organizations that do not have direct relationships with patients. The presumption is that organizations “know” collectively what their agents know and are liable for that knowledge as well as liable for acts or omissions of its business associates.
JENNY MANGELSDORF is a writer for CSC’s digital marketing team.
RICHARD STAYNINGS is a global cybersecurity and privacy officer, Healthcare, CSC.
Learn more at csc.com/cybersecurity.
Karl West, CISO, Intermountain
While increasing security was already in Intermountain’s five-year plan, because of rapidly escalating cyberthreats and evolving regulations, Intermountain decided to accelerate its security work. CSC helped the company leverage its discovery and monitoring tools to quickly and efficiently discover sensitive information without buying new technology. This effort, in turn, enabled the team to more quickly begin securing Intermountain’s data.
“We normally see a program like this take three to four years to fully complete,” says Jiwani. “Through some innovative approaches to programs, and using a new and differentiating approach to setting up this program, we have accelerated our timetable by 50 percent with less than half the budget we’d normally [devote] to this kind of project.”
This kind of speed and network approach becomes increasingly critical, especially as physicians, patients, staff and visitors want to use their own devices to access Intermountain’s systems.
“Every physician, every clinician has a favorite device, a favorite phone, a favorite mobile technology, and for us to keep ahead of those devices is challenging,” says West. “We are working to develop strategies and technologies that enable them to safely and securely use these devices in their workflow and environment.”
CSC is also helping the healthcare organization strengthen its administrative security controls, including updating existing policies, procedures and guidelines. With its extensive security training expertise, CSC is helping Intermountain develop a long-term training strategy and educational content that can be delivered through different forms of media to help its workforce better understand their security responsibilities.
“Our ability to help Intermountain Healthcare spans three key areas: people, processes and technology,” says Jiwani. “We are bringing Intermountain an understanding of an industry-wide paradigm for security relevant to healthcare, while helping them understand the technology landscape and develop processes that are innovative and unique.”
“I believe CSC is going to help us become a model healthcare system in the area of IS security,” adds Probst. “We’re not there today, but we have ground to move forward on. I’m very bullish on what we’re creating together.”
Intermountain Healthcare’s Cybersecurity Challenge Watch our Intermountain Healthcare Success Story Videos at csc.com/intermountain.
Ashif Jiwani, Partner, Healthcare Group, CSC
14 CSC WORLD | SPRING/SUMMER 2013
In an interview, phil Fasano, executive Vp and CIO of Kaiser permanente and the author of a new book, explains how technology-enabled care can make patients — and the industry — healthier.
HEALTHCARE
kAISER PERMANENTE CIO: “THE CONSUMERIS IN CHARGE”
There’s a revolution brewing in healthcare, and one of its chief insurrectionists is Phil Fasano. In his role as executive VP and CIO of CSC client Kaiser
Permanente, an integrated healthcare provider and not-for-profit health plan that serves more than 9 million patients, he oversees IT for one of the largest healthcare organizations in the United States. Fasano is also the author of a recent book, Transforming Health Care: The Financial Impact of Technology, Electronic Tools and Data Mining (Wiley, 2013). To learn more, I spoke recently with Fasano. The following is an edited version of our conversation.
by Patricia Brown
15SPRING/SUMMER 2013 | CSC WORLD
Your job as a CIO must keep you extremely busy. So why also take the time to write a book?
Because it seemed to me that the healthcare and information technology industries were coming together. And although the ability to leverage information technology in healthcare and transform the industry was beginning to happen, the pace wasn’t — and still isn’t — sufficiently fast. One reason I wrote the book was to instigate a conversation between the healthcare and IT industries.
I also wanted to bring some of the venture community along. I wanted to present venture firms with new opportunities for investing in both health IT and other technologies that support the healthcare industry. I saw an opportunity to show them that they could truly make a difference in people’s lives. And to persuade them that transforming healthcare was where they should be spending their time and energy, and investing their money.
Finally, it became clear to me that IT holds enormous promise for the future of healthcare in the United States. When you look at healthcare around the world, you realize that the United States is not first in quality. We do not have the best healthcare system in the world. In fact, we are No. 1 only in terms of having the highest cost. So, there is no greater opportunity in the world right now than being an American focused on improving healthcare with IT.
In the foreword to your book, Dr. Jack Cochran writes that “the power has moved to the patient.” What does that mean for IT? And how has it affected your work at Kaiser permanente?
As health IT begins to alter the healthcare landscape, the consumer is increasingly in charge. Consumers have the ability to do everything — from deciding which health plans and systems they want to be part of, to making it clear to the health system and their physicians and other clinicians how they want to be interacted with.
We already see this in other industries. For example, your bank lets you set your personal preferences for online banking. Elsewhere, you can indicate whether you’d like people to reach you by phone or by email. But in healthcare, if you want your physician to email you, that’s still seen as innovative.
At Kaiser Permanente, that’s become a foundational part of how we operate. The power is tremendous, mainly because so many of our members are taking advantage of it.
I also see this on the more individual level. Just the other night, I met a doctor who is a user of Fitbit [an app that tracks the user’s steps and calories burned], and he proudly told me that he had recently walked more than 20,000 steps in a single day. He was really proud of himself. So technology can also be a motivating factor, enhancing people’s ability to stay healthy.
Before coming to healthcare, you worked in financial services. What are some of the key differences between these two industries?
In healthcare, the stakes are so much higher. We’re talking about people’s lives, whether it’s a life-critical event or simply improving people’s lives. When I worked in financial services, everything was focused on improving the bottom line and increasing our profit. Whether it was making a process more efficient or enhancing a service, that’s what it all came down to. But in healthcare, we’re here to make people’s lives better.
Kaiser Permanente is a not-for-profit organization. So while we do make money, we reinvest it, largely in capabilities that better serve our members. It gives us the freedom to invest for the long term, and to do the right thing for our patients and members. It’s a wonderful thing, and I say that proudly.
The u.S. government is mandating compliance with electronic health records (EHRs) by next year. But in your book, you point out that many healthcare organizations are also moving toward electronic medical records (EMRs). What’s the difference, and why does it matter?
EMR is a record of a patient’s basic medical reports. It’s essentially a foundational tool that will help us to reach the next level of healthcare.
EHR, by contrast, is a more comprehensive record of your health; it includes EMR, but also more. If you had a lab test this afternoon, that’s in your EHR. If you ever visited a hospital emergency room, that’s in your EHR, too.
Through several initiatives, the U.S. government is supporting the implementation of EMRs across the country. The next step will be expanding them into fully functional EHRs. But in my opinion, even that will not go far enough. To produce the outcomes our country can be proud of, we in the United States should have the best health system in the world. To achieve that, we will need to connect the EMR and the EHR systems across the country, much as the banking system was connected years ago. Today, you can use your bank card to withdraw cash from nearly any bank. Similarly, if I’m with my physician, having my EMR should be my right, not just a privilege.
To get there, we’re going to have to implement EMRs, expand their use until they are EHRs, and then connect them nationally so that all EHRs in the country are seamlessly connected for the benefit of our citizens.
16 CSC WORLD | SPRING/SUMMER 2013
HEALTHCARE
But what about industry resistance? Some physicians, healthcare providers, insurers and others are opposed to these and other IT enhancements.
Well, if it were easy, everybody would have done it already! Seriously, about half the physicians in the country already have EMRs, and a smaller share of hospitals do, too. So everyone is moving in this direction; most of the industry is now implementing these systems.
That said, no matter the industry, any disruption involves a change, and any change is challenging. Change requires people to relearn how they do things. Some physicians view change as lost productivity, so it becomes a barrier to progress. To these doctors I would say, the payoff will greatly outweigh the loss in productivity. As for that productivity loss, it is only temporary.
At Kaiser Permanente, we’ve had to go through this, too. For example, we had to help some of our physicians with additional training. But now, some 17,000 of our physicians have made the transition to electronic records. I’m sure that if you got any of them on the phone, they’d tell you that they’re never going back. The benefits are that remarkable. Now they have a full view of their patients’ histories, they are completely informed, and they can practice medicine to the best of their abilities.
How about security? What’s being done to protect our healthcare information from thieves and other bad guys?
Healthcare systems are life-critical, so that means two things. One, they have to be always on, always available. And two, there’s an embedded promise to our patients that we’re going to protect their personal information.
If someone steals your credit card information, you just get a new card with a new number. But if someone steals your healthcare information, that’s forever.
Of course, there are legal reasons for protecting security, such as HIPAA and other state and national laws. But there are ethical reasons, too. You want to do the right thing. So to fulfill both needs, the industry needs to invest in a security infrastructure that will make sure our data at rest is protected, and our data in motion is encrypted.
How about healthcare and social media? How can Facebook, Twitter and other related services help?
The healthcare industry is only beginning its adventure into social media. People are starting to create self-selected social networks of people who have the same disease. For example, you might have a group of cancer patients, or a group of those with heart conditions. These people can form social circles that reinforce the positive things they can do to enhance their health and wellness. The industry is just starting to embrace those capabilities, but the potential is quite significant.
pATRICIA BROWN is director of digital content strategy at CSC.
Learn more at csc.com/healthcare.
16 CSC WORLD | SpRING/SuMMER 2013
17SPRING/SUMMER 2013 | CSC WORLD
FOR MEDICINEA
NE
W M
OD
EL
The practice of medicine is changing, propelled largely by new models of care. These models replace the age-old practice of “going to the doctor” by bringing the doctor — and other healthcare providers — to the patient. And they do so with IT networks and systems.
Several factors are driving this transformation. For one, the nature of disease has changed in the Western world; many people now suffer from chronic diseases. Fortunately, most chronic diseases are not life-threatening, but we have to live with them every day. For another, we’re seeing profound demographic changes as life spans increase. As a result, we’re living with diseases longer, and we’re vulnerable to a new range of neurodegenerative ailments that didn’t affect our shorter-lived ancestors.
Another factor is patient preference. People have grown tired of the long waits common today, and they’re ready to try new forms of interacting with medics. Yet another factor is economics. In nearly every Western country, no matter its healthcare economic model, costs are rising so fast, they’re becoming unsustainable.
Taken together, these factors have created a moment that’s ripe for change. And change is upon us, in the form of three new models of care:
Telemedicine connects physicians and patients with high-speed videoconferencing. This is especially helpful for patients who live in remote areas, far from major healthcare centers. It’s also useful for patients for whom public transport or driving would be difficult or dangerous.
Telehealth equips patients with portable devices that monitor their vital signs, then streams that information to healthcare providers for monitoring. This service can be supplemented by telephone coaching and support, and by clinician visits to the patient’s home.
Telecare uses assisted-living technologies that alert care-givers when there may be a patient issue. For example, digital sensors could alert family members whenever the patient’s house lights have been off for 24 hours.
by Lisa Pettigrew Blended modelsThese three new models of care are often blended. This lets patients receive care from not only their physicians, but also nurses, therapists and other healthcare clinicians. Using these new teleservices, patients can better understand their treatments, monitor their medication use, get answers to questions, and receive assistance in navigating the system.
These new models of care deliver other benefits, too. They help people living with chronic diseases stay on the favorable end of the wellness–sickness spectrum. IT-powered healthcare means more illnesses can be managed and treated while the patient remains at home. This also can prevent patients from ending up in the hospital, where they could be exposed to infections, viruses and other ailments.
The new healthcare models also improve quality of life. Those with the appropriate capabilities, interest and social conditions can be helped to take greater control of their medical conditions, save time and, in many instances, stay employed and in their communities.
CSC’s solutions empower healthcare organizations to offer their services in new ways — and they do so cost-effectively through innovative commercial models that are attractive to both payers and providers. Our 8,000 healthcare executives work across 30 countries, managing solutions that support more than 100 million electronic health records. We create solutions that help healthcare organizations mature from point-to-point telemedicine to networked models; these incorporate information from all consultations into the patient’s healthcare record, making it accessible to other clinicians.
Also, CSC’s cloud and enterprise architecture capabilities underpin our solutions. And our analytics capabilities enable healthcare organizations to analyze trends for individuals and populations, learning which services are needed, where and when.
LISA pETTIGREW is the industry general manager for Global Healthcare at CSC.
Telemedicine, Telehealth and Telecare: Delivering Healthcare Directly to the patient
Learn more atcsc.com/health_services.
18 CSC WORLD | SPRING/SUMMER 2013
HEALTHCARE
MEDICAL DEVICE FIRMGROWS BETTER DATA WITH SALESFORCE APPLICATION
Data is the lifeblood of any business. In sales, access to high-quality information is crucial to closing deals. For global enterprises, however, the challenges of providing consistent data and real-time access to it can be daunting.
by Jenny Mangelsdorf
In the biotech field, innovative companies that use technology to create life-saving medical implants and devices also need constant innovation for their critical back-end sales and marketing processes to stay competitive.
That’s why Biomet Microfixation, an innovator in the medical industry, chose enterprise cloud applications by Salesforce.com. Since 2011, Microfixation has used the applications to power its service and marketing organization. Recently, the company wanted to improve its ability to generate real-time, accurate data and build a stronger Salesforce foundation that it can leverage in the future.
Real-time data and analyticsCSC provided consulting, systems integration, and data architecture and modeling services. A key goal was to give Microfixation’s sales organization and upper management real-time data and analytics, such as sales trends related to budgets, forecasts and quotas.
“Our sales force was consistently requesting real-time data,” says Kirk Brennan, Biomet Microfixation controller. “That fundamental information wasn’t available in our existing reporting structure. Today, users know they can rely on the accuracy of the data being presented whenever they log in to the system.”
To ensure that Microfixation would have the talent it needed for the Salesforce.com project, the medical innovator first looked at its alternatives.
“We actually interviewed several consultants for a partnership to implement Salesforce and selected CSC because of the depth of its technical talent — both the scope of team members the company has globally and its technical competency,” Brennan says.
CSC has deep Salesforce.com expertise, including with the application’s foundational aspects, overall architecture and the operation of its data model. These skills were essential when helping Microfixation improve its data integration processes.
For example, in the past, making minor changes to the integration process between Salesforce and Microfixation’s back-office system took a great deal of work. Now, adding fields and migrating new data takes only a few minutes.
“A lot of the integration we performed was very complex,” says Jeff Selander, CSC’s North American Salesforce.com Practice director. “Through the integration and data model work we did, we’ve now positioned Microfixation in a place where they can begin to realize the real return on investment that’s embedded in Saleforce.com.”
Before CSC began the Salesforce project, when the sales team needed data, the team members would have to scroll through page after page of numbers, with subjects such as accounts, territory and region each having more than 150 fields. CSC has created custom visual pages that collapse lengthy data into a single view that shows salespeople the financial details they need. Because of custom visualization work like this, 90% of Microfixation’s salespeople now report that the system is easy to use — compared to 30% who thought so earlier.
“They really like this capability, because instead of scrolling and scrolling through numbers, they can open an account and instantly see sales numbers in a way they want to see them,” says Selander. “It also performs a lot of the calculations they want that the standard Salesforce.com application wouldn’t let them do.”
Automating data entry CSC also provided systems integration services — transforming, for example, what was previously a manual process to upload data. Now Microfixation can automatically upload data covering the complete sales cycle, from the moment contact is made to the time a product is delivered to a customer.
18 CSC WORLD | SpRING/SuMMER 2013
19SPRING/SUMMER 2013 | CSC WORLD
Before the process was automated, data was uploaded daily. Today incremental data loads run hourly, with full loads consisting of a million rows of data running every three hours. By automating the data-transfer processes, Microfixation has been able to reduce the opportunity for potential errors and reassign IT staff to strategic projects. The sales team’s Salesforce adoption rate has also increased from 40% to 85%.
In the past, Microfixation had to wait and process its full data loads during the weekend. Now, the medical innovator can process data whenever it wants without affecting user groups; if needed, it can even speed the hourly load processing to run every 15 minutes.
Salesforce.com has also enabled Microfixation’s sales to become more mobile. Previously, the sales team, which serves clients throughout the world, had to rely on PC-based email for data. With Salesforce, Microfixation’s staff can access data on tablets and smartphones.
Transferring knowledgeMicrofixation aims to drive innovation in the medical industry, and is committed to its customers — a trait shared by CSC. “We want to make sure our customers have a solid understanding of the systems we’ve worked on before we leave so they can continue to excel going forward,” says Selander. “When a customer wants to take on the next set of complicated, intricate issues that require multiple disciplines, CSC will be ready to assist again.”
“CSC very explicitly stated when we started this project that they prided themselves on transferring that knowledge,” says Brennan. “Our IT department has shown a significant increase in its ability to support our users’ needs.”
Besides transferring technical knowledge and developing a stable, custom Salesforce.com foundation, Microfixation also looked to CSC to provide consulting services and build a roadmap that the company could follow beyond the current project.
“That vision that CSC helped provide was a big reason why we partnered with the company,” says Brennan.
Through laying this new foundation and building a roadmap, Microfixation can take Saleforce.com to the next level, and gain an even greater return on its investment by leveraging capabilities embedded in the application, such as opportunity management, campaigning, marketing and inventory control.
“This foundation will allow Microfixation [to accomplish] really game-changing
sales and marketing innovations in the future,” says Selander. “Already they can do
a whole lot more, and later they’ll be able to leverage this platform for advances they’re not
even contemplating yet.”
JENNY MANGELSDORF is a writer for CSC’s digital marketing team.
Client: Biomet Microfixation
Challenge:
• Provide sales team with convenient and current data• Give upper management and key stakeholders accurate
sales-related information• Offer international sales team a real-time mobile
interface capability
Solution:• Deep Salesforce.com expertise • Dedicated systems integration and consulting experts• Proven data modeling and architecture services
Results:• A stable Salesforce.com foundation and roadmap
for future innovation • System scalability increased from 40% to 80%• User adoption increased from 40% to 85%• Real-time accurate sales data available on PCs
and mobile devices• Automated data transfer, reducing potential errors
and relieving personnel for strategic activities
Learn more at csc.com/salesforce.
20 CSC WORLD | SPRING/SUMMER 2013
FINANCIAL SERVICES
FINANCIAL REGULATIONS SWeep the Globe
What’s more, FATCA — the Foreign Account Tax Compliance Act — may be just the tip of the iceberg. Governments around the world recognize the opportunity to secure tax revenue, and we could see FATCA-like legislation on a global scale. Financial institutions must be ready for a wave of regulations, and that requires having the systems and processes in place to deal with them.
FATCA does have a tax withholding component, but it’s all about transparency, said Rob Limerick, managing director for global information reporting at PricewaterhouseCoopers, in a recent online CSC Town Hall. “Its real goal is to generate reportable information to the IRS, so that they can track U.S. taxpayers that may have accounts overseas.”
“FATCA is really setting the trend for transparency in global tax reporting,” said Claudia Haberland, global FATCA program manager for financial services governance, risk and compliance at CSC. In the Town Hall, she pointed out that there are hundreds of related initiatives around the world. The efforts could lead to a multinational platform where different countries can exchange tax information.
In fact, many countries want to take a step further: to not only exchange information, but also to help collect unpaid taxes — which means we could see a global enforcement regime. “That [possibility] should not be underestimated, as many countries are in need of tax money, as we know,” Haberland said.
The U.S. government continues to look for ways to prevent anyone from not paying their fair share of taxes. A big piece of this effort is FATCA, a law designed to improve tax reporting on foreign financial assets and offshore accounts — and the burden of these regulations will affect every financial institution worldwide.
by Jeff Caruso
How to respondFinancial institutions, already under pressure to comply with recent regulations, will have to look at systems to cope with FATCA — but will also have to look beyond.
“Don’t just look at FATCA, but look at all of the things that are going to happen over the next couple of months,” said Christophe Lesieur, global practice lead for financial services governance, risk and compliance at CSC. “Anticipate those market moves coming up on you. You can define a target operating model — looking at business lines, looking at business structure and so on, and then elaborate a kind of strategic roadmap.”
One approach would be to use a service provider in an as-a-service model. “For small companies to spend a whole lot of money, time and resources and build the functionality in their own environment may not actually be the best way,” said Shyamal Sen, partner and global lead for financial services consulting solutions and technologies at CSC. Meanwhile, large companies may have the resources, but “it is about cost and it is about time to market,” he said.
Certainly, financial institutions that can stay on top of the regulations will have an edge — and they have to act fast, as FATCA goes into effect on Jan. 1, 2014.
JEFF CARuSO is senior managing editor for CSC’s digital marketing team.
Listen to the full 60-minute recorded Town Hall and a 5-minute sound bites version: csc.com/fatca.
THE GATE WAYTo help financial institutions deal with FATCA in a way that minimizes disruptions and costs, CSC offers a comprehensive, long-term strategy through its Global Administration of Tax Enquiries (GATE) software and consulting services.
CSC GATE’s scalable enterprise tax compliance framework provides a cost-effective way to meet FATCA regulations and rapidly adapt to future tax requirements. Compatible with major financial reporting platforms, the CSC GATE rule- and process-driven software bridges silos in your legacy estate to categorize affected customer accounts, both existing and new, and calculate the appropriate potential tax withholding.
It also generates reporting for governmental, internal and customer stakeholders and is prepopulated with the rules for FATCA compliance. Additional countries’ reciprocal tax information exchange agreements can be added as required.
Get more information on CSC’s FATCA-related IT offerings: csc.com/csc_gate.
21SPRING/SUMMER 2013 | CSC WORLD
FINANCIAL SERVICES
Cloud-driven change is affecting how processes are managed, how IT investment is handled, and how costs are allocated. The biggest changes are not those related to IT but to mind-set and behavior. The journey to an entirely virtualized, cloud-delivered IT environment may be long and complex, but it is possible to monetize benefits if a cloud strategy is executed with care.
A new world of customer serviceFirst, the cloud enables new approaches to customer service. Banks and insurers need to become much more responsive. The key factor is building closer customer relationships, understanding customers more deeply and achieving maximum value from each relationship.
Cloud is also changing the way financial services companies approach risk management. It is no longer appropriate to make complex risk calculations about future big bets when it is becoming easier to try new ideas in real time, and simply go with those that work.
Cloud can help the most in these areas:•Rapid product development: Cloud-based test environments
can be set up in minutes, making it possible to try out concepts at high speeds and low cost.
•Mobile and multichannel services: Complex and real-time services can flourish in the cloud, such as transforming customer service environments to self-service.
•Apps stores: In a world of customer mobility, once a virtualized service layer is embraced, it is much easier to add components.
•Social media: This can include a peer group review of services, leading to better-informed customers and more proactive relationships with them.
Banks and insurers have a wide range of operational issues to deal with, from capital adequacy to business continuity, and the cloud enables a new world of operational efficiency. By creating a cloud-based layer on top of the existing core infrastructure, it is possible to move faster in creating and implementing services, while continuing to push down costs.
After five years of crisis, financial services companies have become used to dealing with a new operational reality. Major changes are happening in client-supplier relationships, and traditional business models are under intense pressure as a result of cloud-related strategies.
by Brian WallaceServices on demandThe move to purchasing services on demand represents one of the most important strategic changes the financial service industry has ever seen. Yet there is one more element of change that also plays its part in making cloud a practical tool for achieving performance breakthroughs in banking and insurance: commercial innovation.
Cloud can drive innovation by enabling:•Global delivery models: Virtualized environments can be
moved quickly to delivery centers around the world, making it easier to centralize business and gain access to the lower cost that offshoring offers.
•Business-focused SLAs: The ability to flex and scale services to reflect user demand enables more accurate contractual arrangements, based on measurable results.
•Flexible payment methods: It is natural for costs to reflect usage, leading to a move away from traditional, license fee payments for software, as well as standard maintenance costs for infrastructure.
•Commoditization: Profit margins are thin in many key product areas, making it essential to find ways to reduce development and delivery costs.
The ability to develop and deliver simple — yet targeted — products and services to
millions of people on a semi-automated basis is a
vital benefit. The tech-
nology require-
ments and issues related
to a large-scale move to the cloud
are significant and must be dealt with in a
systematic way, but the business advantages to
banks and insurers of embracing cloud are overwhelming.
HOW CLOUD IS DISRUPTING
BRIAN WALLACE is a principal technologist in CSC’s Financial Services group.
Learn more at csc.com/financial_services.
22 CSC WORLD | SPRING/SUMMER 2013
5The effective use of business intelligence (BI) can give companies a distinct advantage over their competitors. Delivering timely information to key decision makers can be accomplished via the deployment of a well-designed and well-maintained BI dashboard.
BI dashboards deliver numerous benefits to enterprises. Companies can achieve significant cost savings by adopting performance dashboards, because they allow for better decision making by giving management recent or even live information. Additionally, by consolidating disparate reports via a BI dashboard, companies save money by reducing or eliminating effort.
by Sanjiv Koshal
‘muSt haveS’ FOR EVERYBI DASHBOARD
1. CuSTOMER VALuE This dashboard displays the results of data ingested by an analytic model that assesses the value of the customer to the company, ranked against other customers. On this dashboard, customers are grouped based on income, age, product and other segments. The analytic model estimates a customer’s expected value in dollars over a period of time.
2. CHuRN ANALYSIS This dashboard uses information about customers who have already left the company or who have dropped services. The underlying correlation model estimates the probability that a customer will churn or defect, using terms such as attrition (leaving), renewal (staying) and retention (retaining). Scores are attributed to customers to rank the need of business intervention.
3. BuYING ANALYSIS With this analysis companies can be guided about what products to offer to their prospective or existing clients, depending on the customer’s demographics and/or existing products owned. This dashboard’s results are driven by a model that features a data mining algorithm that provides association rules to estimate which products a customer may purchase, given past purchases.
3 Types of BI Dashboards
BIG DATA
23SPRING/SUMMER 2013 | CSC WORLD
IDENTIFICATION
Key performance indicators (KPIs) displayed on the dashboard need to reflect strategic and tactical value drivers. KPI selection is probably one of the most important aspects of a dashboard build-out. KPIs should reflect the strategic value drivers defined by the executives of the company and should be based on corporate standards, backed by valid, easy-to-comprehend data. KPIs are the link between strategy, its execution and performance management. CSC is convinced that an integrated enterprise intelligence framework should be supported by a well-defined set of KPIs.
1
2INTEGRATION
An enterprise BI platform should be established that integrates disparate data sources to achieve consistent information. Those charged with maintaining the dashboard should streamline the processes for gathering and processing the data to ensure the timely display of critical information.
3STANDARDIzATION
Dashboards should employ a consistent user interface, with matching color schemes and summary information that is standardized across the enterprise. Standardization and consistency are important for user acceptance and the long-term sustainability of performance dashboards. Dashboards should also be interactive and designed to give users the ability to drill up and down, filter data and take a guided analysis path to access detailed reports.
4VISUALIzATION
Dashboard designers should provide a rich visual interface and use proper design paradigms that enhance the end-user experience. In designing the dashboard, following the “rule of 7” for visualization is important. Cognitive research has shown that the average human can keep seven objects in memory at once, so no more than seven objects should be present on a single dashboard screen.
5kNOW YOUR AUDIENCE
The typical audience for dashboards ranges from C-level executives to vice presidents of finance, human resources managers, and directors in compliance and supply chain departments. Constantly get feedback from your audience to keep improving the quality of metrics and the presentation of the information.
Taking actionCommon uses of dashboards are to manage exceptions, reduce manual administration work, improve organizational alignment, respond to business changes faster, and enable rapid problem detection and escalation. A top priority is to build a dashboard that can be leveraged by executives so they can take quick action to achieve specific strategic goals.
Additionally, with dashboards available on mobile devices, business executive and operations teams can improve their decision making and productivity when working remotely, by accessing strategic and operational information about financial figures, customer orders and product performance, etc.
SANJIV KOSHAL is practice lead, Financial Services Big Data and Analytics at CSC.
‘muSt haveS’ FOR EVERYBI DASHBOARD
Learn more at csc.com/big_data.
Gaining competitive advantageDecision makers within an organization rely on BI dashboards to make strategic and tactical decisions. Above all, it is imperative that these dashboards provide them with timely and reliable information. Maintaining and enhancing a BI dashboard ensures that the decision makers can use them to make effective decisions that translate to a company’s competitive advantage in the marketplace.
BI dashboards have been in existence for decades, and the recent explosion of big data and analytics has made them more indispensable than ever. Performance dashboards are used to synthesize information and present it in a way that is easy to digest. When deployed properly, BI dashboards can gauge a company’s performance and measure it against business objectives.
For organizations to maximize their usefulness, BI dashboards should include the following:
24 CSC WORLD | SPRING/SUMMER 2013
by David Moschella
puttinG
the
‘i’baCkinto
itWithdataStrateGieS
biGandSmall
Over the past 50 years, the growth of the IT industry has been driven by the relentless rise of the “next big thing” — mainframes, minis, PCs, LANs, Web, mobile, social, Software as a Service, cloud and so on.
Each era has successfully established a new platform — a combination of hardware, software and communications that expands the foundations upon which useful information systems can be built.
But curiously, in each era it has been the “T” in IT that has received top billing. New technologies and the suppliers behind them have captured most of the public’s imagination, with the implicit assumption that the “I” would eventually come along for the ride. It usually has.
BIG DATA
25SPRING/SUMMER 2013 | CSC WORLD
Today, this dynamic is changing. The next big thing is now information itself. Whether we are talking about big data, unstructured data, open data, user-generated content, data sciences, data at the edge, or the data-driven corporation, the emphasis is shifting to the “I” in IT.
This isn’t just happening in business, but in areas of high societal interest, such as the use of analytics in sports and last year’s U.S. presidential election; the computer models that accurately forecast Superstorm Sandy; and the role of Google in trying to track the spread of the flu and other epidemics.
Our ability to use data to better see and understand the outside world is now improving rapidly.
The future of dataHowever, in the Leading Edge Forum’s latest report, on the evolving future of data, we found that while there is clearly great promise in being able to use technology to identify patterns in vast databases, track real-time conversations and trends, deploy smart devices, and develop new data-driven business models, not everyone is fully on board. We were struck by the schism within today’s IT community.
The big data, open data and data science communities speak in revolutionary — even utopian — terms about the power of new and better information and algorithms to answer previously unanswerable questions. Companies such as Google, Amazon, Facebook, Netflix, Twitter, LinkedIn, Bitly, Intuit, Zillow, Kaggle and many others have access to unprecedented amounts and types of data that they will surely turn into important new forms of value.
But many CIOs, well-versed in the history and challenges of customer relationship management (CRM), data warehouses and other business intelligence systems, tell us that long-standing information management concerns such as integration, architecture, governance, security and the high costs of enterprise resource planning (ERP) are still dominant in their firms. Interest in new data uses is typically of secondary importance, and these areas are often led by other parts of the firm.
Developing a balanced data perspectiveClearly, data is not the only path to business success. While Google — with PageRank, AdWords and Trends — is a great
example of the power of new data-driven business approaches, Apple has flourished by eschewing traditional information-gathering practices, and relying on its own instincts, know-how and aesthetics.
Less obviously, there are two additional patterns.
First, while there are a great many interesting new data uses in the market, there seems to be a shortage of low-hanging fruit — the obvious early adoption examples. Previous eras of IT have all had core, driving applications, such as word processing, spreadsheets, email or search. The lack of these cross-industry applications in big data means that every firm will have to find its own way forward. This suggests steady, but less than revolutionary change.
Second, perhaps because of the extraordinary progress in the Hadoop community, the IT industry may be confusing big data with the idea that data is big. In other words, the size of the database is often less important than the novelty of the use.
Many advanced data applications — such as location-aware smartphone apps, linked and open data, specialized edge devices and the “Internet of Things” — do not necessarily rely on petabyte databases; they simply leverage data in innovative and useful ways. Such “small data” uses typically affect customers directly, and thus often have powerful market implications.
Organizations should seek a balanced data strategy, experimenting with the potential of new big data systems, while realizing that novel uses of data at the edge — what we call small data — will often prove equally or even more important.
By taking such an approach, firms can seek to put the “I” back into IT, and be leaders not just in technology deployment, but in using data — big and small — to make their firm both more competitive and better prepared for the data-driven customers, marketplaces and organizations of the future.
DAVID MOSCHELLA is global research director for CSC’s Leading Edge Forum, a global research and thought leadership community.
This story was originally published by ComputerWeekly, on April 22, 2013.
The IT industry may be confusing
big data with the idea that data is
big. In other words, the size of the
database is often less important
than the novelty of the use.
Download the executive summary from our Future of Data report at lef.csc.com/publications/1082.
26 CSC WORLD | SPRING/SUMMER 2013
$6.8 bil2010
Global outsourcing of security spending is expected to more than double by 2015.4
$14.8 bil2015 2100%
increase in reported cyberattacks from 2009 to 2011 on companies that manage critical infrastructure.
Many organizations face a dilemma: The number of cyberattacks against their IT assets continues to grow, while their IT budgets continue to remain flat. Unable to add significant resources to combat the attacks, they’re looking to managed security services as a way to get more bang for their buck.
Companies in the United States lose about $114 billion a year from cybercrime — and that number is more like $338 billion when you factor in the costs of downtime caused by cybercrime, according to Gen. Keith Alexander, director of the National Security Agency and commander of the U.S. Cyber Command. As reported by Foreign Policy magazine last year, Alexander called the losses “the greatest transfer of wealth in history.”
The incidents at U.S. federal agencies are staggering. The latest figures from the U.S. Government Accountability Office show that the number of cyber incidents reported by those agencies has swelled from 5,503 in fiscal year 2006 to 48,562 in fiscal year 2012, a 783% increase. Of the incidents reported in 2012, 20% were related to improper usage, 18% were malicious code, 17% involved unauthorized access, 7% consisted of scans and probes, and the remainder were still under investigation at the time of the March 2013 report.
Meanwhile, organizations of all kinds are facing a range of security challenges. In a recent survey by IDG Research, 57% of IT executives named mobile clients and unmanaged devices as one of their top security challenges for the next 12 months. While that was the most common concern, other commonly cited challenges included the increasing sophistication of attacks, controlling access to end-user data, and securing virtual environments.
the CaSe for manaGedSeCurity ServiCeS
by Jeff Caruso
CYBERSECURITY
27SPRING/SUMMER 2013 | CSC WORLD
2100%increase in reported cyberattacks from 2009 to 2011 on companies that manage critical infrastructure.
Budget battlesThose same IT executives cited budget as a key concern, with 40% saying that controlling IT security costs would be a challenge for them over the next year. At the same time, 32% said that their organization didn’t have the security experts or skill sets necessary to handle security effectively.
CIOs’ IT budgets have been flat to negative since 2002, according to Gartner. After a recent study of more than 2,000 CIOs, the research firm determined that CIO IT budgets will likely decline slightly in 2013, with a weighted global average decline of 0.5%.
This has forced many organizations to get creative with their IT dollars, and in the realm of cybersecurity, this increasingly means looking at managed security services. Providers of these services are able to attain economies of scale and provide better security for the same cost.
In the IDG Research survey, 67% of the IT executives cited cost reduction as a “critical” or “very important” benefit of using a managed security service provider (MSSP), and another 66% said the provider could drive operational efficiency.
Skill sets Interestingly, however, cost reduction wasn’t the most-cited benefit. Instead, a full 76% thought that such a provider could offer improved security effectiveness, and 70% cited enhanced knowledge sharing as a critical or very important benefit. Another 68% said the providers would give them access to specialized skills, and 66% said they expected enhanced compliance capabilities.
In other words, the bang is at least as important as the buck. And respondents to the IDG Research survey acknowledged that managed security service providers can do a lot of things better than internal security professionals. Three-quarters of the respondents rated their IT security organizations’ ability to secure the perimeter as excellent or good, but only about half would say the same about their ability to maintain real-time awareness of the changing threat landscape or to correlate security events in real time to compliance policy.
As a result, about 30% of the respondents said they would be likely to start using a managed security provider within the next year. About 9% already do. As IT security continues to be a high priority for all organizations, the appeal of managed security services is bound to remain high as well.
JEFF CARuSO is senior managing editor for CSC’s digital marketing team.
OF RESPONDENTS CITED57%
MOBILE CLIENTS AND UNMANAGED DEVICES AS THE TOP I.T. SECURITY CHALLENGE.
1/3OF RESPONDENTS THINK THEY ARE LIKELY TO START USING AN MSSP THIS YEAR.
RESPONDENTS BELIEVE MSSPS PROVIDE THESE VERY IMPORTANT OR CRITICAL BENEFITS:
70%Knowledge Share
68%Specialized Skills
67%Cost Reduction
66%Operational E�ciency
RESpONDENTS BELIEVE MANAGED SECuRITY SERVICES pROVIDERS pROVIDE THESE VERY IMpORTANT OR CRITICAL BENEFITS:
Learn more at csc.com/cybersecurity.
28 CSC WORLD | SPRING/SUMMER 2013
Until recently, when thinking about cybersecurity, nations primarily worried about theft — of data, identities and knowledge. Today, official concern has broadened as hackers increasingly attempt to disrupt and destroy critical infrastructure and foreign governments consider how cyberattacks can be used as part of their integrated approach to exercising power.
In February, President Barack Obama issued an Executive Order and Presidential Policy Directive aimed at reducing the risk of cyberattacks on U.S. critical infrastructure. Although the public and private sectors have been working in recent years to strengthen cybersecurity, protecting today’s Internet-enabled and increasingly connected infrastructure and IT systems involves more than one entity, agency or organization.
The President’s Order and Directive, which aim to improve system and network security and resiliency, encourages greater public-private collaboration. They also include deliverables and possible regulatory actions that, most importantly, apply to numerous private industry sectors that own and operate critical infrastructure.
While the Order and Directive are linked in goals, each is different, and it’s important to understand how each affects owners and operators of critical infrastructure, as well as federal agencies.
The Order directs increased federal distribution of cyberthreat information and the development of a Cybersecurity Framework that can be used to reduce cyber risks to critical infrastructure. The Order also mandates a review of existing regulation to determine what gaps, if any, exist, and what must be done to create useful standards to safeguard the cybersecurity of critical infrastructure.
The Directive, which updates the previous Directive issued in 2003, establishes national policy on critical infrastructure security, expanding the previous policy’s definition of threats from solely physical to includecyber, specifically.
DECODINGthe preSident’S CyberSeCuritymandate by Samuel Visner
CYBERSECURITY
29SPRING/SUMMER 2013 | CSC WORLD
Identifying critical sectorsBecause the Directive expands the definition of hazards, a number of initiatives will be updated. For example, the National Infrastructure Protection Plan Partnership Model, which describes critical infrastructure sectors and accompanying federal sector-specific agencies, is evaluating the existing partnership model to determine if it needs to be changed. The Directive has already identified 16 critical sectors and designated associated federal sector specific agencies for each of the sectors. These sectors themselves are broad and include: Chemical, Communications, Critical Manufacturing, Dams, Defense Industrial Base, Emergency Services, Energy, Financial Services, Food and Agriculture, Human Services, Healthcare and Public Health, Information Technology, Nuclear Reactors, Materials and Waste, Transportation Systems, and Water and Wastewater Systems. Owners and operators will be notified if they have been designated as part of the critical list and, for the first time, will have an opportunity to say if they think that decision is incorrect.
Under the Directive, the Secretary of Homeland Security will lead the identification effort and work with owners and operators in regards to significant cyber or physical incidents. The Directive has three strategic goals aimed at improving functional relationships, information exchange and operations decisions.
A guide to managing riskAs the Secretary of Homeland Security focuses on the Directive, through the Executive Order, the National Institute of Standards and Technology is coordinating development of the Cybersecurity Framework. The final product, which is due no later than Feb. 12, 2014, will include a collection of standards and processes, and advice on how to use them in different circumstances, to help operators and owners better manage risk.
Building secure ecosystems that go all the way from the mobile device in someone’s pocket to the programmable logical device that’s embedded in a power plant turbine, pipeline or air traffic control system is the next big challenge. The Cybersecurity Framework may be the launching point for meeting that challenge and the development of really secure architectures.
Besides the Framework, the Order and Directive’s deliverables range from instructions to produce timely cyberthreat reports to reports on whether agencies have the authority to establish requirements based on the Framework. As CSC leaders provide input to the Framework’s development, we expect to understand who will be impacted, and how, so we can help our clients apply cybersecurity requirements that flow to them.
Incentives and mandatesUnder the Order, the Secretary of Homeland Security, along with sector-specific agencies, will establish a voluntary program for critical infrastructure owners and operators to adopt the Framework. The Secretary will also coordinate the establishment of a set of incentives to promote participation. Agencies clearly anticipate wide adoption of the Framework
and, as the Order talks about the possibility of further regulatory actions, the various critical infrastructure sectors are watching closely.
For owners and operators of critical infrastructure, and the organizations that work with them, the Executive Order and Presidential Policy Directive’s deliverables may affect their industry or organization’s operations.
The clock has started; agencies are already engaged, working with their sectors, and some deliverables will be due soon. The preliminary version of the Cybersecurity Framework is due by October; the list of “Critical Infrastructure at Greatest Risk” is due by July.
Organizations should pay attention to these deadlines so they can prepare for new requirements and potential associated adoption costs, and can take advantage of more accessible threat information and new tools in the Framework to strengthen their infrastructure.
They should also look for advice from cyber experts, like CSC, that have deep legacies in public-private partnerships and are involved in helping develop the new Cybersecurity Framework. Organizations should look closely at the various industrial control and related systems used to manage the infrastructures they own and operate; some of these are legacy systems designed before today’s more challenging cybersecurity environment. They should consider what enterprise-level strategies and approaches they need to meet these cybersecurity challenges.
Through our long history of securing many of the world’s most important systems, we have insight into what works and what doesn’t. We have devoted our own R&D resources to deal with weapons-grade threats against which most commercial cybersecurity technology is largely ineffective. We also know more than most about the IT that’s used in public and private sectors, ranging all the way into industrial control and SCADA systems, and the threats to both.
Just as NIST is looking to the private sector to help develop the new Framework, organizations are increasingly turning to trusted partners for cybersecurity support, evidenced by surveys, such as ASDReports, which says the global cybersecurity market will be worth more than $68 billion this year. Today, no one can safeguard their operations entirely on their own and organizations need to begin aligning themselves with partners who can help address current and future challenges and build resiliency.
SAMuEL VISNER is vice president and general manager, cybersecurity, at CSC.
Download the Executive Order and Presidential Policy Directive white paper at csc.com/executive_order.
Learn more about cyber threats and protection at csc.com/cybersecurity.
30 CSC WORLD | SPRING/SUMMER 2013
CLOUD COMPUTING
From public to private to community, clouds come in different shapes and sizes. Lately, many organizations are turning to hybrid solutions that can be tailored to meet the needs of any enterprise.
Hybrid clouds give organizations the opportunity to meet unique requirements. Start with the privacy and security of a private cloud, which offers a dedicated compute environment for a single organization. Next, add the massive scalability of a public cloud, where the infrastructure is leveraged across many organizations.
REASONS TO BELIEVE INHYBRID CLOUDS 3by Jim Battey
31SPRING/SUMMER 2013 | CSC WORLD
REASONS TO BELIEVE INHYBRID CLOUDS
The resulting mixture gives you a hybrid solution that is quickly becoming the most popular cloud option among enterprises. Recently added to the mix is the hybrid infrastructure model, in which organizations can integrate legacy infrastructure with a cloud environment.
Growing popularityWithout question, use of a hybrid cloud approach is growing. As enterprises rapidly move to cloud-based delivery, they are seeing success with integrated cloud services arrangements. “Most of our customers are using either a hybrid cloud deployment or a hybrid infrastructure deployment,” says Hugh Brooks, director of cloud product development at CSC.
Brooks cautions that when adopting a hybrid solution, one of the most critical concerns is to ensure smooth interoperability among cloud models. “CSC uses the same architecture, offers the same management services and rate-card structure across our public, virtual private and private cloud deployment models, which simplifies the management of a hybrid cloud infrastructure,” he says. “You have consistency across the public and private clouds, and the two clouds work in tandem with each other.”
The hybrid model lets enterprises keep highly sensitive information in an environment totally dedicated to their use while allowing them to take advantage of the flexibility and scalability of the public cloud. Here are three reasons enterprises should consider deploying a hybrid model:
Increased Flexibility. Companies are using hybrid models to meet application needs and provide flexibility in a cost-effective manner.
For example, an enterprise may have a database that needs to stay on a physical server, either because the database itself cannot be virtualized or due to privacy/security concerns. A hybrid approach lets the enterprise keep the database in a private or virtual private cloud, while the external-facing Web-tier applications exist in a public cloud environment.
Greater Scalability. If enterprises have assets in the private cloud, they want to be able to extend, or “burst,” capacity when they have very high demand or need larger compute capability to take advantage of big data analytics.
Gabe Kazarian, global product manager for CSC, explains, “When you have workloads that are very volatile, meaning that you have spikes and demands and the spikes may not be forecast readily, you want to make sure you have access to additional compute resources and the ability to burst into a cover cloud.”
Multiple Environments. A hybrid cloud environment allows enterprises to use a public cloud for tasks such as development, testing and staging, and then once applications are ready to go into production,
they can move their highly sensitive production applications to a private or virtual private cloud environment.
“For security and privacy reasons, some enterprises want to retain their mission-critical production application in a private cloud environment. But they may choose to do their development, quality assurance testing and their staging in a public cloud,” Kazarian says.
One of the biggest benefits of an effective hybrid cloud service model is that companies pay only for the compute resources they need. Through flexible offerings such as CSC’s BizCloudTM, enterprises can gain access to the performance, reliability and cost benefits of private cloud services without the associated risk, expense and time to build their own private cloud solution.
Riding the hybrid WAVETM
A good example of a company deploying a hybrid solution is H. D. Smith, a leading distributor of healthcare products (see column on p. 44). The Springfield, Ill.-based company wanted to transform its data center to support its larger growth strategy, so it turned to CSC to help move its IT infrastructure into the cloud.
David Guzmán, H. D. Smith’s CIO, says, “If some of your applications are not cloud-ready, then you need a provider that can do both the traditional kind of outsourcing, the dedicated environment, and has the cloud environment and the ability to migrate between the two.”
H. D. Smith is deploying an off-premises cloud and hosting managed service that can support the migration of email, e-commerce and other x86 workloads and applications, as well as SAP from an AS/400 platform to an enterprise cloud. “Running a data center is not really our core business, and when you look at the cloud technologies that are out there, there are compelling economics around [them], but also compelling capabilities,” Guzmán says.
By going hybrid, H. D. Smith is refreshing its aging infrastructure while moving to an OPEX-based IT service-delivery model. The migration is taking place in phases, using the WAVE approach offered as part of the CSC Enterprise Cloud. CSC is providing hosting for the company’s legacy applications that will not be migrated to the cloud in the first wave.
“With cloud and CSC, we will have the scale and agility to support thousands, maybe tens of thousands, of customers and suppliers,” Guzmán adds. “Cloud gives us this perfect scalability to add resources when we need them.”
1
2
3jIM BATTEY is a writer for CSC’s digital marketing team.
Learn more at csc.com/cloud.
32 CSC WORLD | SPRING/SUMMER 2013
CLOUD COMPUTING
Cloud computing has become a key part of an IT leader’s toolkit. Many organizations use cloud as their deployment and management platform of choice for managing the challenges of growth or consolidation, implementing business process and application modernization, launching initiatives to improve workplace productivity and gaining operational efficiencies.
WHY ENTERPRISECLOUDS RULE
by Hugh Brooks
33SPRING/SUMMER 2013 | CSC WORLD
GET STARTED WITH CLOuD
CSC has a large, active network of cloud data centers around the world. We work with companies and agencies to assess and prioritize workloads and applications that can be transformed and modernized for the cloud. Enhancing CSC Cloud Services is a very complete service offering for refactoring, rewriting and developing new applications for cloud. CSC offers organizations a simple way to visualize and organize their move to the cloud.
These business goals present a diverse set of challenges, and organizations need to identify and align the best cloud model for their workloads and applications — especially if they intend to move mission-critical infrastructure and applications to the cloud.
Security, data protection and governance are critical factors in selecting a cloud provider, and they are also the most often-cited barriers to cloud adoption. The risk profile of the applications and workloads moving to cloud must be considered when selecting the right cloud deployment model and cloud provider.
Low-cost public clouds might be the right choice for the short term or temporary use of IT resources, where uptime and security are of lesser concern, but the workloads and applications of most organizations require an enterprise-class cloud.
As a result, many organizations — from global enterprises to small businesses — are now deploying and running production applications, and in some cases their entire business, on enterprise-grade clouds.
Research firm Gartner reports that cost reductions in IT, the out-sourcing of capabilities, and a push for more efficiency and agility have led IT organizations to seek options to supplement current legacy deployments. Gartner reports that IT organizations will be using cloud as a means to essentially replicate or replace their data center. 1
The business case for cloudAs part of this strategic move to enterprise-grade cloud architectures, IT organizations are building their business case both to justify the cost of such a move and highlight the model’s recurring and long-term business value. Building such a case involves four dimensions:
•Economic and financial validation. Enterprise-grade cloud computing shifts the financial model from capital expenses to operating expenses, dramatically reducing in-house infrastructure spending. It may also save on maintenance costs, while providing a predictable cost structure. Cloud economics shouldn’t be reserved for public cloud — look for cloud providers that bring cloud economics to private cloud as well.
•Risk mitigation. Working with a proven service provider of enterprise-grade cloud solutions allows an organization to leverage the provider’s deep experience and expertise, and ensures ongoing security and compliance. Competitive threats, shifting economic climates and unpredictable market opportunities present challenges. The best way to mitigate the risk associated with these challenges is to have the ability to act and respond quickly.
•Staff resource utilization. Working with an enterprise-grade cloud service provider essentially frees internal IT staff members from routine, day-to-day management, monitoring and problem remediation so they can focus on enabling new applications and strategic initiatives. Reduction in cycle
time for IT resource deployment and provisioning should be recognized as both a cost savings and an opportunity with an implementation of an enterprise cloud infrastructure.
•End-user experience. Swift, expert onboarding of new users is critical to helping an organization become more efficient and better leverage its existing IT resources. Robust, high-performance and resilient enterprise-grade clouds ensure that end users can access data, applications and services in a timely manner. Many users are no longer tethered to the enterprise — they are remote and moving. The enterprise cloud provides safe and secure access to enterprise data for such a dynamic group of mobile workers.
Start simple Smart organizations plan their migration to the cloud based on factors such as workloads, governance policies, legacy system complexity, the ability to integrate with enterprise service management, and financial considerations.
With budgets and other internal resources tight, many organizations are taking a deliberate, iterative approach to cloud migration, beginning with relatively simple deployments to gain cloud experience and then using their cost savings to fund more ambitious programs.
An experienced enterprise-grade cloud service provider can help organizations visualize the staging of their workloads to the cloud. While few debate the cloud alternative, there is much to consider when deciding which applications are “born for the cloud,” which are “fit for the cloud,” and how migrating workloads and applications will create top-line and bottom-line improvements.
1 “Predicts 2013: Cloud Computing Becomes an Integral Part of IT,” Gartner, December 2012
HuGH BROOKS is director of cloud offerings and management at CSC.
WHY ENTERPRISECLOUDS RULE
Learn more at csc.com/cloud.
34 CSC WORLD | SPRING/SUMMER 2013
CLOUD COMPUTING
FIVESTEPS TO ENTERPRISECLOUD
Now it’s widely assumed that the next technology to be “consumerized” will be cloud services. Many industry analysts now forecast that the consumer cloud — the kind of popular, low-cost service offered by Amazon, Rackspace and others — will be to cloud services what the iPhone was to mobile devices.
I disagree. Instead, I believe that the preferred option for many businesses will be what we at CSC call the “enterprise cloud.” Why? Five main reasons:
1. Tailoring: While approximately 80% of all customer solutions in the cloud are fairly standard in terms of their infrastructures, rate cards and the like, about 20% are not. For these nonstandard workloads and applications, tailoring is needed — a kind of tailoring that consumer cloud services simply don’t offer. This tailoring includes security and data protection, regulatory compliance, even the ability to optimize applications for the cloud.
2. Cloud access: Today’s consumer cloud services connect with customers using the most common method, namely, the public Internet. For workloads and applications that are neither critical nor sensitive, that’s usually fine. But what if a company has workloads and applications that are critical, sensitive or some combination of both? What’s needed then is an approach that both insulates and manages access to the cloud, much like the current management of enterprise networks.
3. Service availability: Not every workload or application requires the same level of service. A highly critical application might require recovery after a power outage or natural disaster in just minutes or hours. Yet for other, less-critical applications, it might suffice to recover in a matter of days. Today, consumer cloud services do not allow customers to make this type of application-by-application, or workload-by-workload, distinction. Instead, it’s one size fits all. But the enterprise cloud does let IT managers select the best service
for a particular application. In the process, the enterprise cloud also helps CIOs control costs. IT managers can balance their need for high levels of service availability (which are naturally more expensive) against their desire for cost control.
4. OS and application consolidation: As a result of mergers and acquisitions, many enterprises now run some applications, such as ERP and email, in multiple versions, often on multiple operating systems — including legacy systems that are both outdated and unsupported. Managing this technology mélange is not only complicated, but also expensive. Ideally, before an enterprise moves such applications to the cloud, it will consolidate the multiple versions into just one that runs on an OS that is current and cloud-supported. Consumer cloud services do not help with this important migration; enterprise cloud services do.
5. partner benefits: As no cloud is an island, all cloud providers must partner with hardware, software and network providers. But while consumer cloud providers compete largely by offering the lowest possible price, enterprise cloud providers do so by offering the best possible service. Which would you guess offers the latest, best-of-breed technology? For consumer cloud providers, that approach simply doesn’t pay. Meanwhile, in the enterprise cloud, many providers refresh technology on a 24-month cycle. Given today’s five- and seven-year depreciation schedules, that’s far quicker than the typical enterprise can manage on its own.
To be clear, consumer cloud services from Amazon, Rackspace and the like are not going away anytime soon. But neither are these services poised to become the enterprise’s next iPhone. The consumerization of IT has its limits. Where the consumer cloud ends, the enterprise cloud is just getting started.
SIKI GIuNTA is vice president and general manager of cloud computing at CSC.
Consumerization of IT is sweeping the enterprise. Personal smartphones, tablets, laptops, social media and more are stealthily infiltrating companies worldwide.
Learn more at csc.com/cloud.
by Siki Giunta
STAND OUTBE BRILLIANT
The biggest returns come from an enterprise cloud. A cloud that’s always on. A cloud where you feel safe and secure. A cloud that’s easy to manage, with total transparency into performance, availability and usage.
What are you waiting for? Your private cloud is ready to deliver.
Learn more at csc.com/enterprise_cloud.
CSC ENTERPRISE CLOUD: SIMPLE TO START, EASY TO GROW
36 CSC WORLD | SPRING/SUMMER 2013
The car of the future depicted in the cartoon series “The Jetsons” was a levitating capsule that flitted through the air, dropped George Jetson at the office and folded up into a briefcase.
While flying cars may still be out of reach, the adoption of cloud computing, mobile broadband, location-awareness and big data technologies is bringing the Jetsonian view of the automobile closer to reality.
Automotive firms worldwide will roll out more than 80 million vehicles in 2013. And they’re already gearing up for the day in the not-too-distant future when vehicles will access numerous external, largely cloud-based services.
Future innovations include location-based services (your car warns you that your fuel is low and finds the nearest service station with the lowest prices), as well as urban-area wireless traffic networks (external controls regulate your car’s speed and distance between vehicles to avoid accidents and traffic jams).
“Automotive companies have to meet customers’ needs before they even know they have those needs,” says Eileen Sweeney, vice president and general manager of CSC’s Manufacturing group. “They’re doing this with sensors, embedded software and integrated networks to improve safety and the overall driving experience. Cloud computing will play a key role in every aspect of the industry — from collaborative design tools, to supply chain systems, to sales and service programs.”
There are many good reasons for the automotive industry to go driving in the cloud. Automakers are looking for ways to drive down costs, and IT applications and infrastructure costs are prime targets as companies compete in a rapidly globalizing market (car and truck sales in China surpassed U.S. sales in 2009; Chinese production is expected to eclipse European and Russian totals in 2013).
Mobile, location-aware hardware and embedded software are part of the rolling showcase of technologies available in new vehicles, called Car IT.
Car IT and cybersecurityCar IT includes all of the embedded systems that control the engine, drivetrain, climate control, mobile communication, entertainment systems, diagnostics, locking and security. It also includes the electronic devices brought to the vehicle by its driver and passengers.
All of these software-based systems require the same type of support and raise the same issues as an IT infrastructure — adherence to development and testing standards, updates and patches, security and privacy issues.
In this environment, the security of a car’s IT systems is critical. Think of the potential impact on an automaker’s brand if car thieves or other malicious individuals hacked into car systems to defeat alarm systems and unlock doors or steal personal information.
by Berthold Puchta
Goes DrivinG
MANUFACTURING
IN THE CLOUDautomotive induStry
37SPRING/SUMMER 2013 | CSC WORLD
“When you’re designing systems for a vehicle, you’re outside of your company’s firewall and infrastructure, so you’ve got to treat those systems like a mobile network and make them self-defendable,” says Jeff Fawcett, a lead cybersecurity consultant for CSC. “It really begins with a security framework that’s trusted, integrated and efficient — then you can add all of the gadgets you want.”
A brave new (location-aware) world Emerging location-based services enable drivers to share their location with preferred companies in exchange for discounts (as you drive into the mall parking lot, your favorite shoe boutique gives you an electronic coupon valid for 50% off for the next 2 hours).
“It adds a new level of convenience,” notes Christian Kloeppel, head of CSC’s Mobile Business Center of Excellence. “If my car breaks down and I need a ride, all I have to do is call my friend and his car would choose the fastest route to my phone.”
Such services also raise questions about information privacy. Who has access to that information? How is it being used? Apple Computer, for example, recently disclosed that it archives the millions of recorded requests for directions and phone numbers made to its Siri voice-activated iPhone assistant. Apple keeps the digitized recordings for 2 years but said it has no plans to use or sell them.
“Many people spend more time with their mobile devices and cars than with their families,” Kloeppel jokes. “A smartphone
is often someone’s most personal possession, and now we’ve combined it with the car.”
Safety and autonomous drivingTechnology is transforming the car into an aware, actively engaged peer in the driving process. For example, Google’s fleet of experimental driverless cars, fitted with costly range-finding lasers, has already covered more than 300,000 miles (500,000 km) without an accident.
While Google has no immediate plans to commercialize its driverless car, automakers are already introducing drive-assist technologies into the safety systems of luxury-class models to monitor driver attentiveness, lane control and potential collisions. Hands-free parking assistance is helping owners save lives and avoid fender benders.
What’s the next step in autonomous driving? Cars may relay information about road conditions to the vehicles behind them. A skid on icy pavement or sudden braking ahead could warn other motorists — even those driving other vehicle models.
Social media and sales accelerationWhen it comes to selling vehicles, automakers rely on thousands of dealerships around the world to be the brand’s face to the customer. It’s worked that way for more than a century (the first independent car dealer opened in Detroit in 1896), but car manufacturers are now focusing on ways to get closer to the consumer to drive sales of vehicles, parts and services.
Tour the new lifecycle of the automobile at csc.com/drivinginthecloud.
38 CSC WORLD | SPRING/SUMMER 2013
BMW Goes FromKeyless to Hands-Free
During the 2013 Super Bowl, a 30-second commercial focused on BMW’s new hands-free trunk opening feature: The owner of a red 328i, carrying two large travel bags, opens the trunk (or boot, as it’s called in Europe) with a wave of her foot under the bumper. As she turns away, her mischievous dog pops the lid with the wag of his tail — and retrieves the bag with his play toy.
BMW’s remote trunk release feature is a function of an integrated system beginning with sensors in the bumper that detect the movement of the foot and then connecting with systems for the car’s body, remote key and locking mechanism. It’s part of a package of embedded software from CSC that also controls the car’s sunroof, washer/wipers and power seats with a pneumatic massage feature.
“We have received a great deal of positive customer feedback about our new hands-free feature,” says Dr. Pia Mondal, head of E/E Systems Engineering and Processes for BMW Body and Interior Trim. “If you have ever had your hands full and needed to open the boot, you can see how it enhances the overall experience of owning a BMW.”
Automakers are constantly looking for ways to add safety features and cockpit technology that truly differentiate their brand with car buyers, according to Tom Salva, director of Automotive Product Life-Cycle Management at CSC. “They’re under a lot of pressure to get features to market faster and get started on the next phase,” he says. “These embedded systems are getting increasingly complex to integrate, and everything takes up space and adds weight, which could potentially affect handling and fuel efficiency.”
“Today’s car buyers are tech-savvy, and they’re looking for a pain-free experience,” says Paul Scott, automotive industry executive at CSC. “For buyers under 30, it’s less about fuel consumption, comfort and performance, and more about the overall shopping experience and the cockpit technology.”
CSC is working with leading automakers on analytics technology that will unlock customer and prospect data from a variety of sources — online vehicle configurators that customers use to pick out the model, color and options; social media mentions on Facebook and automotive blogs; and dealership sales and maintenance records.
Customer analytics, in the hands of sales teams connected by cloud-based tools such as saleforce.com, can result in higher sales of cars and more visits to the service department by loyal customers.
Combined with vehicle-derived performance data collected throughout the life cycle of the vehicle, these analytics can help automotive design and development teams deliver what customers want. In the future, a growing number of sensors in the vehicle will generate real-time analytics that could open the door to unprecedented levels of service.
“Imagine your dealership showing up at your house with a loaner vehicle before your car actually breaks down,” Scott says.
39SPRING/SUMMER 2013 | CSC WORLD
Connecting Everything to EverythingToday’s manufacturing operations and supply chains stretch around the world. A highly complex web of systems manages and collects data about a wide range of processes including production, plant robotics, suppliers, distribution, workplace safety and risk.
CSC is helping manufacturers solve those challenges with machine-to-machine (M2M) factory automation that integrates physical assets in any location with modern sensors, networks and middleware over secure wireless networks. In fact, CSC helped one global automaker consolidate 150 instances of SAP software.
“It’s like social networking with the company’s machines,” says Paul Scott, automotive industry executive at CSC. “Managers only need to make decisions when the machines cannot.”
M2M, delivered wirelessly with low-cost cloud-based data storage, helps operations managers gain a host of insights from their data. For example, analytics from sensors in the equipment and throughout the factory predict future maintenance schedules — and avoid downtime.
Learn more at csc.com/manufacturing.
Volkswagen: on the road to big dataVolkswagen is already using big data to increase aftermarket service revenues and build brand loyalty in France.
The company developed a campaign management solution to entice Volkswagen owners to its service centers. Working with CSC, Volkswagen was able to combine customer data with vehicle data and qualitative notes written by the technicians at the service centers.
As a result, the company was able to use targeted communications to specific drivers about upcoming maintenance needs. “Our partners really appreciate the fact that we’re helping car owners get ahead of service issues and that we’re driving this business to their service centers,” said Christophe Droux, Communication & Sales Promotion Manager, Volkswagen Group France. “It’s not just about making the next sale. It’s about making a customer for life.”
The convergence of cloud, big data and mobility is putting the automotive industry in the forefront of technology innovation, notes CSC’s Sweeney.
“It’s a very exciting time for the industry. We’re doing things that weren’t possible 10 years ago,” she says. “The challenge for manufacturers is implementing these technologies in a planned and integrated way and listening to customers about what they want from the car of the future.”
BERTHOLD puCHTA is general manager, Global Automotive, Industrial & Chemical Industries for CSC.
Take a Deeper DriveFind related videos, download our iPad app or discover other automotive content at csc.com/automotive.
Automotive Industry Goes Driving in the Cloud Watch the Video: How Technology Powers the Vehicle of the Future at csc.com/drivinginthecloud.
40 CSC WORLD | SPRING/SUMMER 2013
3D printing sounds like something straight out of science fiction, but the idea that you can use a computer to quickly create complex objects seemingly out of thin air is a reality. With prices of 3D printers dropping, it’s a technology that’s becoming more widespread.
If making an object becomes as easy as downloading a file and clicking a “Print” button, what does that mean for the manufacturing industry? That and other implications of 3D printing were a topic in a recent CSC Town Hall meeting and report, “3D Printing and the Future of Manufacturing.”
“The term ‘3D printing’ has been broadly adopted, but what we’re talking about is additive manufacturing,” says Vivek Srinivasan, one of the researchers of the report and regional manager of the Executive Programme for CSC’s Leading Edge Forum. “For example, in traditional manufacturing, creating a tool like a wrench involves forging, grinding, milling and assembly, not to mention the molds, jigs and fixtures needed in the process. By contrast, 3D printing can create an adjustable wrench in a single operation, layer by layer. The wrench comes out fully assembled and ready to be used with all of its moving parts.”
3D printing is evolving rapidly, Srinivasan says. It won’t replace all forms of manufacturing, but for the right applications, 3D printing offers compelling benefits. “3D printing can make objects with a complex internal structure that would be almost impossible using traditional methods. There’s no large factory and no retooling of an entire assembly line. The same printer that creates a piece of art can be used next to print a bike part. And that printer can be kept close to the point of consumption, which has implications for logistics,” he says.
3D printing has been popular for creating prototypes and small sample parts for a few years now. Jarrod Bassan, another researcher who worked on the report and a CSC senior consultant in Melbourne, Australia, offered examples of the way 3D printing is being used to create finished products. One example demonstrated the use of a laser scanner to make an exact model of an athlete’s foot, building a 3D-printed shoe around that model. “It’s molded exactly to that foot using the minimum amount of material and is about 30% lighter than any other commercially made product,” Bassan says. “It’s designed to give a 3.5% performance improvement to the athlete.”
hoW3d printinGWILL TURN MANUFACTURING ON ITS HEAD
by Dale Coyner
Image courtesy of MakerBot Industries
MANUFACTURING
41SPRING/SUMMER 2013 | CSC WORLD
Bassan says that 3D printing is driving innovation in more ways than uniquely made printed objects. Business models are evolving as well. “There are a number of companies today that enable you to upload a design to a website and press the ‘Print’ button. They will print it and ship it to you. Companies like Sculpteo take it one step further. They help offer your product in a 3D marketplace. They will take the orders, print it and send it to the buyer. You collect the profit from the end of it.”
Gordon Fuller, a principal at CSC, says 3D printing creates unique opportunities and threats for a broad range of industries. “Companies have the ability to update their supply chains to take advantage of the local printing and use it as a cheaper supply chain, a more responsive supply chain. Of course, they have competitors doing the same thing, so they have to be aware that they need to be more nimble in moving forward with this,” Fuller says.
“When making decisions about new facilities or longer-term contracts, companies must decide how vulnerable their product lines and their supply chains are to 3D printing,” Fuller says. “Even for a facility that might have a payback period of five years or seven years, that’s starting to be in the range of time that companies have to examine seriously how 3D printing will improve or threaten their activities.”
NASA and 3D printingOrganizations with existing prototyping capabilities are already experiencing change with the introduction of 3D printing. NASA and the Jet Propulsion Laboratory have a long history of building one-of-a-kind vehicles that have relied extensively on intricate, custom-made parts, crafted by experienced machinists.
3D printing has allowed mechanical engineers to improve designs rapidly, but the group still relies on machinists for many of its finished products, says Gabriel Rangel, emerging IT specialist at the Office of the CIO, NASA/JPL.
“Our expert machinists with decades of experience in building one-of-a-kind space parts are looking at this capability and asking ‘Why do we need this plastic? We should put our resources together so that we can get even finer quality,’” Rangel says. “They were absolutely right, which is why we’ve adopted an approach of ‘innovating together.’ Our mechanical engineers need 3D printing to accelerate prototyping. And the process that we have to get a high-quality machined part doesn’t go away with 3D printing. In fact, it widens the audience and the need to get higher quality.”
NASA/JPL says 3D printing has driven down the cost of prototyping and helped develop a crowdsourcing aspect to innovation.
“We come up with designs for things that have never been done before to go to a different planet. We make a lot of different prototypes, and it takes a long time to select them,” says Tomas Soderstrom, CTO in the Office of the CIO, NASA/JPL. “Now we print them all out for 50 cents apiece, then select the right ones to go after in detail. That’s a huge advancement for us. That’s internal crowdsourcing.”
New kinds of objectsBassan says advances in material science will allow 3D printers to create objects that can’t be made by traditional manufacturing methods. “If we can control the crystalline structure of metals, just imagine some of the properties we could imbue to a metal part that’s hard and brittle at one end but the same piece of metal is springy and soft at the other end.”
Paul Gustafson, director of CSCs Leading Edge Forum, says some aspects of 3D printing will require companies to rethink business models or how they protect their intellectual property.
“We’ve seen the bumps along the way in the media world with DVDs. We have to look at leadership coming out of the media industry to drive some of the standards we need to help manage these bits and the rights so you can ‘print once,’ versus copy and replace. There are a lot of things in motion that need to be worked out,” he says.
Fuller says the impact of 3D printing will be felt more acutely in some industries than others. “The retail area will be completely revamped. What happens when you can scan something in a store and print it out at home?” he says. “Eyeglasses, for example. Currently $250 a pair. I can print them out on a 3D printer for 25 cents in materials… Large assembly industries, automotive, industrial machines, those are still going to be made as they have been. But beyond that — wow.”
DALE COYNER is a writer for CSC’s digital marketing team.
Download 3D Printing and the Future of Manufacturing at csc.com/LEF.
This e-reader stand was 3D–printed by our researcher in less than an hour. The design is available on Thingiverse by designer Billy Carr (“uni stand” by codemanusa).
How 3-D printing Will TurnManufacturing on its Head Hear from CSC and NASA experts in this special Town Hall discussion on 3D printing csc.com/3Dtownhall.
42 CSC WORLD | SPRING/SUMMER 2013
Fast-changing, disruptive technologies such as the Internet and mobile devices have brought us wonderful conveniences — banking without boundaries, limitless entertainment and countless productivity apps, to name just a few.
Those innovations have also created significant challenges — that threaten our personal security, privacy, financial welfare and in some cases, our liberty. It’s natural to expect some disruption when rapid change collides with institutional inertia, but the current state of personal identification, and the risks and bottlenecks it creates, has become untenable.
What functioned in a paper-based world was never suited to today’s commerce, nor was it designed to establish our identity in the absence of meeting face to face. As our online persona expands with the accounts we create, we release more information than necessary to “prove” our identity. This creates a multitude of companies engaged in a business (identity verification, identity authentication) for which they are poorly suited and distracts from their core objectives.
That was okay in a world where commerce wasn’t conducted globally. Information that was stolen couldn’t be used as widely or as rapidly as it can today. Yesterday’s credentialing processes operating in today’s system create a target-rich environment for cybercriminals. After all, the Internet that enables app companies to control your garage door can equally enable cybercriminals to remotely operate your bank account.
Replacing plastic IDsIt’s time to reinvent the process of identification. Many attempts have been made to tackle the problem. (Remember the push for a National ID card? You’ll be excused if you don’t. The idea faded fast.) None of the ideas presented to date have succeeded because they don’t address the fundamental flaws in today’s system.
A better approach to identification has some critical differences from the way we do things, but it’s important to realize that the technology is largely available today. The problem is that unwinding decades of dependence on current methods is complex.
The traditional method of establishing an identity, such as issuing a birth certificate, remains a government-controlled process. After that, verification or authentication of our identity doesn’t need to rely on the government.
by Chris Wiesinger
your driver’S liCenSeiS obSolete
Identity verification and management are best managed by a company whose responsibility is to you, and helps put you in control of who receives your identifying information.
This separation of identity and entitlement is a critical aspect of the system and a big part of what’s wrong now. Your driver’s license entitles you to drive. Your Social Security card entitles you to benefits. Neither of them actually proves your identity. Once your identity is established, companies (“relying parties”) that require identifying information about you could obtain it from your trusted ID provider (TIP), requesting only the information necessary to entitle you to a service. If a service required that you be 21 years of age, your TIP could confirm your eligibility without sharing your age or actual birth date.
On subsequent visits, the relying party will check with your TIP to authenticate you. This should be welcomed by millions of businesses today that must maintain more information about you than they want, face the cost and pain of password resets, and deal with data and account breaches.
A modern ID systemA modern ID system would incorporate biometrics, location and other modalities to establish high degrees of confidence about your identity. Biometric authentication methods far surpass the average human’s ability to accurately verify your identity.
Your smartphone is already capable of these functions, acting as your mobile biometric verification device, which means that this approach would meet a third, critical test. It would be easy and convenient to use. Other challenges and hurdles to developing a secure, robust system remain, but we deserve an identity system suited to the needs of 21st century businesses, governments and citizens.
Learn more at csc.com/ID.
CHRIS WIESINGER is a principal business architect for CSC’s Border and Immigration Solutions Center of Excellence.
PUBLIC SECTOR
43SPRING/SUMMER 2013 | CSC WORLD
The United States remains a country that many people dream of visiting. But for a sizable percentage, it remains just that — a dream. Visiting the United States today has become an inconvenient journey for many potential travelers because of changes made to the travel visa process following September 11, 2001.
Securing the visa process was necessary after 9/11, but the new rules turned an ordinary process into an onerous one. The current process includes an in-person interview at a U.S. consulate for most potential travelers, requiring many to make a long and expensive journey to the closest U.S. consulate to be granted permission to travel to the United States.
As a result, many have chosen to travel elsewhere. The impact on U.S. tourism and related businesses has been significant. The U.S. Travel Association reports that since 9/11, international travel grew by 40% overall. Travel to the United States grew by just 2%. The U.S. market share of the global travel market dropped from 17 to 12.4% by 2010.
The bad news is: The United States has lost billions of tourism, conference and business dollars to other countries during the past decade. The good news is: This is an issue that can be fixed, and the opportunity to do so may be at hand.
Immigration reformNew conversations about immigration reform in Congress have opened a once-in-a-generation
opportunity for the U.S. government to make substantive changes to our immigration and border-control policies.
Improving the visa and travel process requires moving beyond a traditional view of security that involves actual in-person interviews and repeated fingerprint collection. Rather, the process should evolve to one that uses the digital platform we all live on to create a positive customer experience.
COULD A SMARTPHONE SOLVE
immiGrationreform? by Lora Ries
Consular officials must be able to answer two questions about you when adjudicating a visa application: Who are you? and, Are you eligible for the visa? Answering the visa-eligibility question is an inherently government function that consular officials must perform. But the identity determination is common to any application or benefits process.
Realizing this, both U.S. and foreign consular agencies have outsourced biometric collection and other administrative activities to contractors such as CSC, who perform the functions at visa application centers (VACs) offsite from embassies and consulates to reduce costs and embassy security concerns.
Why not use this growing global VAC network, as well as other ubiquitous brick-and-mortar storefronts, to interview visa and trusted traveler applicants via secure videoconferencing with consular and border officials located elsewhere in their government offices?
Some adjudicators resist the idea of video visa interviews. They have greater confidence in seeing the person in the flesh. But when visa interviews last only a few minutes to keep the wait times down, remote video interviewing seems like a valuable tool to use in addition to in-person interviews as necessary.
Mobile devicesMany would-be travelers are holding the other half of the answer: a smartphone. Using current mobile applications, individuals can biometrically authenticate their identity and link it to their visa application on their mobile device. Biometric identity verification performed by a device that a traveler already owns is a cost-effective strategy that improves integrity in the visa system, while offering customers a great experience and faster processing.
It isn’t necessary to relax our visa requirements to maintain our national security. A visa application process that maximizes use of proven technologies can improve security, cut costs and facilitate travel to the U.S. When world travelers commonly use Skype and smartphones/tablets to communicate, the U.S. can regain its competitive edge in world tourism by speaking their technological language.
Learn more at csc.com/visa.
LORA RIES is senior principal of immigration reform strategy at CSC.
44 CSC WORLD | SPRING/SUMMER 2013
LAST WORD
by David Guzmán
fourWaveSto theCloudAt H. D. Smith, the cloud is not a choice, but an imperative. That may not be true for every company in every industry. But for us, the cloud delivers compelling economics and equally compelling capabilities.
Like many organizations, we realized that running a data center is not our core business. Focusing on our customers and bringing great solutions to market, is. What’s more, we in IT at H. D. Smith were recently asked to help our organization, which focuses on distribution of healthcare products, overcome a serious challenge: Our core business, which involves buying products from suppliers and then reselling them to our customers, is one of low margins. So how can we grow our company to not only deliver new sources of revenue, but also fulfill our strategic intent, which is to become the leader in controlling healthcare costs and improving patient outcomes?
Within IT, we naturally did all that we could. We implemented SAP, added automated tools to our warehouses, and did much more. But our Achilles’ heel was the data center. It simply couldn’t help us fulfill our vision.
We did look into building an entirely new data center, but found the costs would reach into the nine figures. So we sought instead to work with a partner who could help us build the data center. I also wanted a partner who could help us achieve my own vision for IT at H. D. Smith. That is, to become a revenue-generating part of the business by building IT-driven business solutions and services that serve our customers and industry. Ultimately, we decided to migrate our data center to the cloud, and to do so with help from CSC.
Cloud surfingOur vision for the cloud will take us through four distinct waves. The first wave is all about getting there. That means moving our existing data center and legacy applications. We chose a world-class provider with world-class processes that will improve our ability to keep the lights on today with process excellence, disaster recovery and security. Also during this first wave, we
migrated selected IT systems to the cloud — including email, ordering and e-commerce — all of which are compatible with the x86 architecture.
Our second wave involved completing that process by moving the applications themselves, the platforms they run on, all applications and systems software (and the management they run on) to the cloud. With this second wave, H. D. Smith has completed its cloud journey. But that’s not to say we’re done.
In our third wave, now under way, we’re building solutions, business services and applications that will take us beyond our four walls and start transforming us into a true services provider. In this wave, our partnership with CSC has been elevated to a new and higher level, as it now provides the ground services, IT infrastructure and support for these applications. We, meanwhile, provide the solutions and services to our customers.
Now, about a year into the process, we’re in position to ride our fourth wave. At the risk of sounding bold, even audacious, our goal is to make H. D. Smith the leader in controlling healthcare costs and improving patient outcomes. Now, you may ask, “If you’re going to really support thousands, maybe tens of thousands, of customers and suppliers, how are you going to scale to support that level of service?” My answer is: with the cloud. It will give us the perfect amount of scalability. That way, as we grow, we’ll be able to add the resources we need, whether computing power, staff, support resources or anything else. That’s the wave I’m most eager to ride.
DAVID GuzMáN is CIO of H. D. Smith, a Springfield, Ill.-based pharmaceutical distributor that serves hospitals, community pharmacies and medical suppliers.
Four Waves to the CloudWatch our H. D. Smith Success Story Video at www.csc.com/waves.
45SPRING/SUMMER 2013 | CSC WORLD
CSC WAS THERE
THE WORLD’S LARGEST
HELICOPTERSIMULATION FACILITY
CSC built and manages state-of-the-art
flight simulators that mimic real-world flying
conditions for training U.S. Army helicopter
pilots at Fort Rucker, Alabama.
CSC.COM/FLIGHT_SCHOOL
Global CSC Headquarters3170 Fairview Park DriveFalls Church, Virginia 22042United States+1.703.876.1000
About CSCThe mission of CSC is to be a global leader in providing technology-enabled business solutions and services.
With the broadest range of capabilities, CSC offers clients the solutions they need to manage complexity, focus on core businesses, collaborate with partners and clients, and improve operations.
CSC makes a special point of understanding its clients and provides experts with real-world experience to work with them. CSC leads with an informed point of view while still offering client choice.
For more than 50 years, clients in industries and governments worldwide have trusted CSC with their business process and information systems outsourcing, systems integration and consulting needs.
The company trades on the New York Stock Exchange under the symbol “CSC.”
© 2013 Computer Sciences Corporation. All rights reserved.www.csc.com/cscworld
