Case study: CharterCARE Health Partners leverages cloud and VDI to aid digital records management, security, regulatory compliance

Listen to the podcast. Find it on iTunes/iPod. Read a full transcript or download a copy. Sponsor: VMware.

Our next VMworld case study interview takes the pulse of CharterCARE Health Partners, and examines how virtualized desktops and thin clients are helping with digital records management and healthcare industry compliance and privacy requirements.

We learn how Rhode Island-based CharterCARE has embraced private cloud and virtual desktop infrastructure (VDI) to support its distributed, 579-bed community-based health system. The organization operates the Roger Williams Medical Center, Our Lady of Fatima Hospital, and several other caregiver facilities.

We'll hear how the tag team of private cloud and VDI has provided better data management, security, reliability, and regulatory auditing capabilities. The successful infrastructure modernization effort has also helped CharterCARE move to electronic health records and has helped improve their processes for clinicians.

This story comes as part of a special BriefingsDirect podcast series from the recent VMworld 2011 Conference. The series explores the latest in cloud computing and virtualization infrastructure developments.

Here to dig into more detail on the CharterCARE IT infrastructure improvement story is Andy Fuss, Director of Technology and Engineering at CharterCARE Health Partners. The discussion is moderated by Dana Gardner, Principal Analyst at Interarbor Solutions. [Disclosure: VMware is a sponsor of BriefingsDirect podcasts.]

Here are some excerpts:

Gardner: I'm interested why data management has been a primary driver for you as you've looked to adopt both the private cloud and VDI. What is it about the data equation that’s made this look like a good solution for you?

Fuss: We need our data to be accessible everywhere, at every time, no matter what provider is at what facility. Even from an engineering and technology standpoint, no matter what system analyst, what network engineer may sit down wherever they are to troubleshoot an issue, we need that common set of tools.

Common repository

We need the common repository of information for a caregiver. That would be the electronic medical information. It could be the x-rays, the slides, the CT scans, or the results that were dictated by a radiologist. Whatever it might be, that information needs to be available in a flexible manner and delivered directly to the deskside experience.

Now, if that’s a desktop, it needs to be on a regular PC, but if we're talking about a tablet, we need to accommodate the tablets that people bring in and have come into the facility and are now actively being used, or zero client technology.

We have all the different technologies and pieces. We're trying to promote these pieces to be used and trying to be flexible with accommodating them and getting people to the information that they need so they can take care of the first priority, which really is patient care.

Gardner: Tell me about the extent of your distributed campus and environment. Not only are you dealing with many different types of data and many different endpoints, but you're also distributing this across a multitude of different environments.

Fuss: We have two main acute hospitals. We have a nursing home, a cancer center, outpatient care offices, and several different offices all around the community. So the data truly needs to not be resident in one spot.

Where you're accessing that data from or where you're using it is seamless to the end user and provides a solid customer experience.

We also needed to have a secured disaster recovery (DR) facility, so that if anything were to happen to our primary data center that’s on one of the campuses, we could flex seamlessly over.

So building a cloud for us made total sense. That cloud hovers between one of two data centers. One is at one of the acute facilities, and then 100 miles away in another state, we have another data center. Our cloud roams between the two, and we have data flowing from each area.

So the connection really is no longer about where it’s physically located by any restriction. It’s more of just gaining access to the internet and being able to make connections. Where you're accessing that data from or where you're using it is seamless to the end user and provides a solid customer experience.

... There are a lot of people who can embrace different types of clouds. You've got hybrid clouds, private clouds, public clouds, all with different offerings. For us it made sense to do a private cloud. For others, it may make sense to do hybrid type cloud.

As we move toward the future, I can see that we might be able to offload some of our services toward the public cloud. As we increase the size of some of our data and we have patient care cut over to the side, there might be some other data that does not follow the same guidelines. We can put that into a secure public cloud and attach everything.

I'm not worried about theft of an individual device, because the device has nothing more on it than some connectors to get somewhere.

VMware is coming out with those tools and using those tools to make that kind of continuation project possible to look at. We're very excited about some of the initiatives that we've seen at VMworld -- the vCloud Director, with security, the different layers built into that that could make some of the public cloud usable for us for specific applications.

Gardner: Correct me if I am wrong, but it sounds as if private cloud to you means better security.

Fuss: Oh, it does, most definitely. I'm no longer worried about the endpoint device walking away from us. I'm not worried about theft of an individual device, because the device has nothing more on it than some connectors to get somewhere.

When we were first embracing zero client technology in a lot of places, we did some studies. We talked to some different people who had already embraced it. One particular hospital I spoke to said they had on video someone stealing a zero client device, perhaps thinking that they had stolen some great new utility tool for home, a new PC. They were all excited.

They also have them on video, bringing it back the next morning, because they couldn’t do anything with it when they got to their house. Using cloud, using the technologies that ride in the cloud, like VMware View and access to the data through VMware View, really helps to lock things down and it helps to prevent things.

No data leakage

In the past, somebody could have taken a PC, and let’s say that PC could have had metadata on it or could have had some files on it that were saved in someway. It was comical to hear that story from another person who was in a similar situation as us, where there was no data loss or data leakage, even if that device had never come back. So the cloud really has tightened things down for us.

One of the primary concerns for our electronic medical records is that it’s patient data, financial data, and so needs to be PCI-, and HIPAA-compliant. All the different compliance standards that we need to abide by are all satisfied with the ways that these machines are locked down, by the way the cloud is moving, and where we allow it to move to.

Gardner: How do you view private cloud and VDI -- separate, distinct, together? What’s the relationship?

Fuss: They're definitely together. They have to be together. In my opinion, it’s what makes sense. We want to see the data tight. We want to see the integration tight. We can have a cloud where the data roams back and forth, but the connection into the cloud actually uses that data.

As I sit here on a device, a personal device at the office that is connected to my virtual desktop instance, this device doesn't even have to be on my network. I'm utilizing a public network that we have here at the hospital system and I've connected into my virtual desktop. I have full accessibility. I'll flip over here in a few minutes when I go into another meeting. I'll bring my iPad with me, another personal device, and I'll be connected right to that same virtual desktop.

So the cloud has allowed me, with View, to seamlessly move between all these different devices. I no longer am tied to something. I'm no longer tied to a specific physical location, a physical anything. I really am completely mobile. I can work anywhere at any time and have that same common set of tools.

I should no longer call it disaster recovery. I should call it our second data center because even though it really is 100 miles away, I can still sit there and work all day long just like I'm anywhere else.

It doesn't matter if I'm working out of the DR site. I should no longer call it disaster recovery. I should call it our second data center because even though it really is 100 miles away, I can still sit there and work all day long just like I'm anywhere else. That ability is really the value that using a cloud and using View gives you.

I want a physician in his office, out on the road or wherever they might be, at home, in a practice have access to that same data and have a similar look and feel every time they connect from whatever device. That's what these solutions that we've opted for have provided for us.

... We can already see the expansion, the use of that technology in different areas. We have some physicians with iPads working throughout the facility, visiting the patient’s bedsides, looking at their charts, all that kind of flex room is great.

I've seen it in our administrative areas, our human resource officer using iPad remotely. We’ve had our Chief Information Officer using an iPad, using a PC at home, and connecting through the View client to her machine.

We’ve gotten support not just from forcing the technology out there, but by people asking for the technology. That’s how you can tell you have a good product. People asking, "Can I be moved to this new product, because the flexibility of my supervisor, director, whoever is using is what I need."

Hit a home run

If the director calls saying, "I need this employee to have this flexibility," you know you've hit a home run with the technology. I haven’t had anybody call asking for another PC at another location for the same person to work. I have people calling saying, "I really need to get them onto this technology as soon as it’s possible, because it's made this employee so efficient. I need to do that for everybody else."

... Also, everything that we're doing allows us not to focus on location, and that's the big thing. We break away from location. So where is the data center? Is it going to be affected by the next hurricane coming up the East Coast? Well, if we have a fear of where the hurricane is, we can move our data center 100 miles inland. Or if we think that inland is going to be more affected, we can keep it in Rhode Island, which is right on the ocean.

So we have that ability, and nobody knows where that data is other than the IT department. We know it's within the system, within the security, but nobody would ever notice the difference or question where the data is running or residing. They might ask, and we could tell them, but nobody says, "Wow, that's slow" or "I can see a difference." None of those kind of calls comes in as the cloud flexes.

Gardner: At VMworld, you've had a chance to look over View 5, and the PC-over-IP benefits there; is that something that’s in your pipeline?

Fuss: Absolutely. We’re blessed to be in the VMware 5 beta test user group, and we’re loving what we see. We like the performance. The PC-over-IP expansion is amazing. They’ve written a great protocol there with their partners, and that is the technology that’s going to continue to drive the reinvention of the desktop.

We’ve gone through the reinvention of the desktop a few times in my career, from somewhat dumb terminals to smart terminals to client server. We seem to be making our way back to where we’re keeping our data safe in data centers and in silos. We’re giving people a great end-user experience to give them a full PC feature-set. We’re doing it all securely and we’re doing it all with products that integrate seamlessly with one another, and that’s really the goal.

We seem to be making our way back to where we’re keeping our data safe in data centers and in silos.

We want the user to sit down and feel comfortable with whatever technology they use, and to have a way to take care of our patients that need our help and take care of what other important administrative business they may do, so we can keep moving forward.

... So the benefits are there, and they’re just growing now, as it's integrated and being used more in the clinical areas. We’ve seen some growth recently. Even our pharmacy staff is starting to carry iPads around, when they’re doing inventories of some of the medication machines and being able to get that information right there, but on a device that’s secure. If they were to leave it behind, nobody could connect to anything, and that data all sitting safe inside the data center.

So the adoption is there, the benefits are already there, and it's just growing and growing. Every time I turn around, we’re bumping another 50, another 75, virtual machines, into another pool of machines for a new purpose, and that’s the expansion that I keep wanting to encourage.

Listen to the podcast. Find it on iTunes/iPod. Read a full transcript or download a copy. Sponsor: VMware.

You may also be interested in:

• Tampa Bay Rays Hit Home Run with Virtualization that Enables Tablet Applications Delivery in the Field
• VMware's Carl Eschenbach on the Scope and Depth of Cloud Computing and How CIOs Will Have to Adapt
• VMworld Showcase: How ADP Dealer Services benefits from VMware View in its expanding use of desktop virtualization
• VMworld Case Study: City of Pittsburgh's IT success and the beneficial synergy between virtualized servers and desktops
  
• From VMworld, Cosmetics Giant Revlon Harnesses the Power of Private Cloud to Produce Impressive Savings and Cost Avoidance
• From VMworld, NYSE Euronext on Hybrid Cloud Vision and Strategy Behind the Capital Markets Community Platform Vertical Cloud

Cloud-mobile mega trends point to need for rapid, radical applications transformation, says HP

Listen to the podcast. Find it on iTunes/iPod. Read a full transcript or download a copy. Sponsor: HP.

In many ways, the mobile device explosion and the cloud computing ramp-up reinforce and support each other.

Cloud services make mobile devices -- like smartphone and tablets -- more productive, while making users better connected to enterprise resources and work processes. On the other hand, mobile devices -- with their ubiquitous, non-stop wireless access -- make cloud-delivered applications, data, and services more relevant and more instantly available anywhere.

The next BriefingsDirect podcast discussion then focuses on the rapid and massive shifts confronting enterprises as they adopt more mobile devices and broaden their uses of cloud services ... in some kind of managed fashion, one would hope.

There are good reasons for doing these in tandem, with strategic coordination. By leverging cloud and mobile, applications can be supported by a common, strategic, architectural, and converged-infrastructure approach.

Furthermore, by making cloud-delivered applications and data context-aware, delivering enterprise applications to any device securely can be done at a reduced cost (a lot when compared to conventional applications infrastructure models). It therefore over time makes little sense to have unique stacks beneath each application for each application or device type.

So how do enterprises adjust to these mobile-cloud, dynamic-duo requirements in the strategic and a proactive way? How can they leverage and extend their current applications or identify which ones to fold and retire?

It’s clear that radical, not incremental, adjustment is in order to make sure that the cloud-mobile era is a gained opportunity and not a fatal or devastating misfire for IT operators -- and business strategists alike.

Our next guest, Paul Evans, Global Lead for Application Transformation with HP Enterprise Business, helps explore the promises and perils of adjusting to the cloud-mobile shift. The interview is conducted by Dana Gardner, Principal Analyst at Interarbor Solutions. [Disclosure: HP is a sponsor of BriefingsDirect podcasts.]

Here are some excerpts:

Evans: We have to go through a radical transformation now in terms of our applications. I don't use these words lightly. There are these new technologies, part of the megatrends that are affecting organizations.

In the technological world, we have the world of cloud, and we have the world of mobile. We cannot ignore them. People can’t abdicate and say, "I'm not going to go do it." It's not going to be that way.

At the same time, the CIOs and senior stakeholders are looking outward and asking what are these new technologies, what could they do for me, how could they improve customer service, and what will my competition do?

They also look also over their shoulder and say, "I spend 70 percent of my IT budget keeping the applications I have today working. I probably don’t have enough budget or resource to do both. So the question is, which one of these should I spend more of my time on?"

The answer is that you really can’t afford not to spend time on either. So it's a balancing act between how I encompass the new and exploit it, and at the same time, what do I need to do with my existing applications.

Andy Grove, the former head of Intel said that this is a major inflection point.

This year people are predicting that if you count the amount of smart phones and tablets that will be shipped, i.e. bought, that it will be greater than the number of desktop, laptop, and network PCs. So we're tending now toward an inflection point in the marketplace that says more people will interact using mobile devices than they will static devices.

That trend isn’t just a blip for 2011. That continues as we accelerate, as people just get more comfortable with using that technology, as functionality improves, and security and manageability come under control.

We're at that point now. That’s why we use this term radical transformation, because for the people that really want to exploit this, they're making their plans, they're drawing up their action lists of what they have to do, both at the front end with the mobile and cloud environment, but also with their legacy environment.

Although we see the world of cloud and mobile as very new-age, very sexy, and all the rest of it, at the end of the day, people have to sit down and deal with what the environments they have right now. They may not be so exciting. They may not be so new-age, but at the end of the day, they make products, count money, and run the organization as it is today. They are the legacy applications.

I often sit down with a customer who says, "We have to take stock. We have to make a plan. We're not going to do this one day at a time or a week at a time. We have to appreciate how we are going to exploit cloud.

What applications that we have in the back-end server environments are we going to bring forward to the cloud to service a mobile environment? What we are going to do about the use of mobile within our organization and what we are going to do about serving our customers better through mobile devices and the technologies that go with them?"

This is going to be pervasive. This is the way we're going to do things for the foreseeable future. Therefore, if we don’t get it right now, we stand a risk of making decisions about platform types or architectures, or whatever it may be, that within six months, we’re going to say that it wasn’t such a good idea.

Never been here before

I meet so many customers now that are saying, "We’ve never been here before. We’ve never been with this volume of devices. We’ve never been through the fact that over half of our workforce now brings their own device with them into the office."

They're sending out policy documents that say, "you shall not do this," and it's totally ignored. The changing workforce has a totally different level of expectation as it were, of what's possible, just in terms of the amount of transactions that are performed over the net or 20,000 applications downloads in a minute.

These are transactional rates in volumes that we've never seen before. Despite a lot of our previous experience, you just can’t leave it and say, "It worked five years ago. It’s going to work for the next five years." That's what our customers are dealing with today.

There are two critical questions have to get answered. One is the organizations that are going to move applications to a cloud environment are not going to move all of them. One of the questions we get all the time is, What percentage of my applications or products should I be moving to the cloud? And of course the answer is ... It’s not a percentage thing. It’s the type of application.

It’s still formative times, but in HP’s view, clearly applications that probably are not embodying intellectual property would be a type of application that's well served moving into the cloud. And, any form of application including servicing, providing a service across a wide population of users as well, especially those who are obviously in a mobile environment; applications that are productivity-centric.

You really want to drive the cost down as low as possible for any of these productivity applications. There's no sense in running on aging infrastructure where the costs are high. You really want to be getting the cost down, because if it’s a productivity application, it doesn’t differentiate you. And if it doesn’t differentiate you, then why would you spend anything more than the minimal cost?

So put those productivity applications onto the lowest cost environment where you couldn't provision an infrastructure that has this elasticity that the cloud environment provides.

No clear line of sight

So we're moving applications from back-end environment to the cloud. Then we have an opportunity to rationalize the portfolio. Rationalizing the portfolio had two big impacts. One, it takes cost out, which means that you can consider that as saved money or money that can reinvested in the mobile world.

But also you're taking out complexity. Every organization, I think, would agree at the moment that their environments are too complicated, and by virtue of being to complicated, it makes it difficult to change them, and people are looking for agility and flexibility.

So first things first. When we're talking to organizations, what we're trying to understand is what are the candidates that can move to the cloud, and that’s a big hot topic. A lot of our users and customers say, "We sort of get our head around cloud. That’s okay. We can see it’s a different paradigm. It has a different cost model. It helps me with provisioning. Life’s good."

The technical challenge is to support this environment agnostically and say, 'We don’t care what you're using.'

So they can get their head around that, and as you can tell by just reading the press and listening to what goes on in the world, you would say people are on the move with cloud.

On the other hand, when they are looking from the outside in with mobile, there is less of a precedent there. The sharp customers that we are working with are saying, "We don’t want to fall into traps. We're going to build an environment that suits one type of mobile environment and we are going to be able to test it and manage it." They know that they don’t have that order of control. The days when it was, "You shall use this device, and that device we know how to work," have gone.

If you think back to mainframe days, people had to use a 3270 device. That was it. It was defined by IBM. That’s the way you're going to do it. And if you didn’t have one, then you didn’t get to participate. The world is now totally the other way around.

The technical challenge is to support this environment agnostically and say, "We don’t care what you're using." What we can do is understand how to manage and provide the right level of security to that device, whatever that device may be. Maybe you come inside the network and that’s going to be a high performance network these days, because of the whole issue of impatience.

As I said, the volume and the variety of platforms are unprecedented. Even though we had the PC world, the PC as the client was a single entity. It had some interesting characteristics initially, but there was one brand. What we're dealing with now is many different ways. Therefore, we have to understand this from an agnostic standpoint, so that the consumer can continue to use the device of their choice and can get the services they require from this new cloud and server environment.

Virtuous architecture adoption

As organizations begin to realize that the world is going to change, their view is going to be "We need architecture."

By virtue of developing an architecture, people are beginning to realize, as they begin to take stock of where they have been spending their money, that they have in the past and may have an opportunity to drive more efficiency and effectiveness into that organization, whilst at the same time delivering innovation.

So I think this inflection point can have some really good signs about it. ... It’s forcing decisions on people now, because the people that appreciate that this radical transformation is something that they can’t stop and they should exploit, rather than trying to ignore. People are actually seeing that there are significant efficiencies to be gained from deploying these new technologies.

Radical travel changes

What’s interesting is that there are always industry "skews" of technology. We have a tool in HP called the Business Value Framework. What that tries to do is interpret where the business wants to go.

If you can serve people better, if you can give them better information, then there is highly likely that they are going to come back as a repeat customer.

Ignore the technologies for a moment. You could argue the airline industry is relatively commoditized -- then what people are going to look for is how we're going to have that small differentiation that makes us better than the rest of the world.

When you look at this business value framework and you look at things like services and transportation, what comes through very loudly is customer service and customer satisfaction is key. If you can serve people better, if you can give them better information, then there is highly likely that they are going to come back as a repeat customer.

You don't want to spend a truckload of money dragging people to your airline and then displeasing them, so they go to somewhere else, because that's makes the whole initial effort worthless.

What people are looking for is obviously loyal and devoted customers who come back and back and back, and that all comes down to deliver customer satisfaction. One of the customers we've been working with, Delta Air Lines, has really put that at the forefront. They can provide very rich, very high quality information, so that people know what's going on.

Range of devices

Working with Delta, they've been providing to a range of mobile devices, like smart phones, tablets, etc., but also to traditional desktop environment, rich information, not only when you're waiting for the plane, but also when you're on the plane by virtue of seat-back videos screens so that people get a continuous feed.

If you're flying from A to B to C, you're going to change planes in the middle. If you're going to miss your connection, you usually sit on the plane, knowing you're going to miss your connection, and then what are you going to do? That means you get off the plane, queue with 500 other people, and then you eventually get another plane -- eventually -- all the time trying to figure out how you can tell your family why you are late and rest of it.

Delta is trying to provide an environment that says while you're on one of your airplane, it's already working out the next connection and it will give you that information on the plane. It will give the e-boarding card. It will send you the vouchers that would allow you to get some refreshment, all to your mobile device, so that all of that stress and angst that you’ve had traditionally gets taken out. In a commodity industry that's the sort of thing you have to do to be different from the rest.

We see that in a number of industries. We see people today delivering and developing mobile applications, particularly in the commodity world, to deliver up a much higher level of customer service and satisfaction.

What they value are things like structured workshops, to have an open debate between technology and business.

What we are definitely doing in some respects is using the experience we built up in dealing with people's legacy environments and understanding what they value. What they value are things like structured workshops, to have an open debate between technology and business that says who is leading, who is following, where are we going, and what do we need?

A lot of the things we do in terms of those initial services set the scene, so that we just don't leap in and decide, "Well, we're going to support X device. We're going to provide this app on it." And then, six months later, we're struggling with how we're going to deploy that app over multiple platforms and how we're going to use new technologies like HTML5 etc. to give us that agnostic approach?

It’s this convergence between the mobile world and the traditional world, because we believe that’s the big thing. We can talk about the sexy front end, the smart phones, the pad environment -- and it's great to talk about those -- but at the end of the day, those devices only really get to do what they are paid to do, when they connect to rich and meaningful information at the back end. So for this convergence we sit with users, sit with the CIO, and understand what is it that they're going to be converging in terms of information from the back end and the utilization of the mobile device on the front end.

Put into context

Then, how do we connect those together? How do we sit down and say, "What sort of speed of transaction, what volume of information are we talking about here," and obviously understanding that. That information has to be put into context now for the device of the front-end. If you're delivering this to a smart phone, it has to be represented in a totally different way than if you were going to deliver it to a desktop PC or, in the middle, a pad.

So the point being is we've got to be aware of those. We’ve got to be aware of the user’s context and understand what we can and cannot deliver to them. But I think behind the scenes, and of course, this is where the consumer says, "I don’t really care," but the whole management and security that you put in place, and HP has spent a lot of time, and a lot of effort, and a lot of money in acquisitions and development of technologies that allow people to manage and also provide a secure environment, to those devices that are at the front-end.

There are serious challenges. I wouldn’t for a second say this is a piece of cake. Just ring us up, and 30 days later you get a solution. It is not like that. This is a big deal. There are serious challenges and therefore they need serious people to fix them. We're into understanding how you get this end-to-end view, because if you only look at a piece of the puzzle, you aren’t going to build what is absolutely necessary.

There are serious challenges. I wouldn’t for a second say this is a piece of cake. Just ring us up, and 30 days later you get a solution. It is not like that.

If you type in hp.com/go/applicationtransformation, there are a plethora of different links there for people to read up on things, watch videos, whatever. We're also developing a digital repository for predominantly video material. We find that our customers are very clear in telling us that they like watching short, sharp pieces of materials that are being videoed, so they can get the message quickly and get offline.

Maybe the days of reading a 20 page white paper are gone, which I am not sure is true, but definitely our clients told us very clearly that they like watching videos. So we're developing a whole series of video-based material, whether it's on application rationalization, application modernization, mobility in the enterprise world, or infrastructure.

The intention here is not to hear from HP, because we will do what we're paid to do, which is trying to convince you we have some very smart people in technologies and products, but also hear from industry experts, hear from our customers about what they're doing, how they're doing it, and the sort of benefits.

So if you stay in touch through hp.com/go/applicationtransformation, we'll always point you to materials that in some instances are not being delivered by HP, but just hear from our customers and hear from industry analysts about really what is now possible.

Listen to the podcast. Find it on iTunes/iPod. Read a full transcript or download a copy. Sponsor: HP.

You may also be interested in:

• Making the Leap from Virtualization to Cloud Computing: A Roadmap and Guide
• HP's Liz Roche on why enterprise technology strategy must move beyond the 'professional' and 'consumer' split
  
• HP Expands Security Portfolio to Battle Threats from Mobile, Cloud and Social Media
• Tag-Team of HP Workshops Provides Essential Path to IT Maturity Assessment and a Data Center Transformation
• HP Premier Services Closes Gap Between Single Point of Accountability and Software Sprawl
• HP Discover Interview: Security Evangelist Rafal Los on Balancing Risk and Reward Amid Consumerization of IT

App stores-They're not just for consumers any more, as more enterprises adopt the model to support mobile work

Listen to the podcast. Find it on iTunes/iPod. Read a full transcript or download a copy. Sponsor: Partnerpedia.

The latest BriefingsDirect podcast discussion focuses on the impact that mobile devices and applications are having on enterprises. We specifically examine what steps businesses can take to better manage mobile applications and develop their own versions of enterprise app stores.

The skyrocketing popularity of mobile devices like smartphones and tablets has, on one hand, energized users, but on the other hand, it has caused IT and business leaders and CIOs to scramble to support these new clients productively and safely.

In order to explore how enterprise app stores are part of the equation for better mobile management and overall mobility-enabled work success, we examine the trends driving enterprise mobility with a principal analyst from Forrester Research. Then we'll hear from Partnerpedia on how enterprise app stores can be added to the usual mix of IT applications delivery and management strategies. [Disclosure: Partnerpedia is a sponsor of BriefingsDirect podcasts.]

We're really at this rare moment in time for the technology sector, whether you're talking about vendors, end-users, or CIOs who are trying to manage all this.

The app store trends panel consists of John McCarthy, Vice President and Principal Analyst at Forrester Research, and Sam Liu, Vice President of Marketing at Partnerpedia. The disucssion is moderated by Dana Gardner, Principal Analyst at Interarbor Solutions.

Here are some excerpts:

Gardner: How profound is the shift that we're in? Is this iterative, or are we in a real sea change?

McCarthy: It’s definitely the latter. We're really at this rare moment in time for the technology sector, whether you're talking about vendors, end-users, or CIOs who are trying to manage all this. It’s not just mobile. It’s not just cloud. Software as a service (SaaS), smart computing, machine to machine, analytics, social -- all these things are spinning up together to create an accelerating array of change in the marketplace.

Gardner: You mentioned cloud and SaaS. It seems to me that the mobility issue is almost accelerated in a virtuous cycle. That is to say, the more mobility, the more reliance on cloud, the richer and safer it is. The more confidence people have in cloud, the more they can do with their mobility.

McCarthy: These things are feeding off of each other. As soon as I start talking about deploying mobile, and increasingly, it’s not just deploying mobile to my employees, but deploying mobile to my partners and customers, whether it’s B2B or B2C, I am talking about a much broader network problem.

So the network architectures of the cloud solutions are becoming almost synonymous with mobile solutions. So the two innovation cycles are intersecting and feeding off of each other.

Gardner: What is it now that organizations need to do to get their very necessary mission-critical information out to these mobile devices? How does it compare to the past?

McCarthy: The analogy that I draw, when I have discussions with clients now, is that it’s like being the captain of the Titanic, if you're the CIO. Everybody is focusing on those things that they see above the waterline -- how am I going to design these applications and how am I going to deliver them? There's this whole debate of whether I need to go native, hybrid, or browser-based.

But below the waterline is a huge broader part of the iceberg -- how am I going to manage these applications, how do I need to rethink my security architecture, is SOA really going to be enough for the level of integration that I need? The skill sets that I need as an IT shop are very different in this world?

We are working from a current research point of view that mobile and all these other things that are being bundled up with it that we just talked about are going to drive probably an order of magnitude bigger shift in IT and the CIO’s organization than the PC did 20 years ago.

It’s the PC shift on steroids that we are going to be looking at over the next three to five years as mobile completely enables companies to rethink their business processes, and that drives rethinking of their technology architectures, management, and skill sets underneath that.

The app store

Gardner: Sam Liu, why does the app store model have applicability to the enterprise?

Liu: [The app store model] is setting the bar in terms of the user experience in the enterprise, the fact that people who are both consumers and employees of companies are essentially buying the devices, bringing them into the workplace, and forcing the issue onto IT.

You have the mobile professionals and power users of the company taking what they've experienced in the consumer role and requesting a similar experience in the enterprise. The challenge for IT is that this opens up a whole new can of worms for them in terms of policies, procedures, security, and control.

If you look back maybe 15, even 10 years ago, a mobile device was somewhat of a luxury, used by a few people in the company for primarily email. Most of the time, it was a BlackBerry device. We've gone from a singular device and a singular application environment to this perfect storm of a combination of a multitude of devices, platforms, and apps, popularized by the consumer world. That's a big challenge for IT.

Gardner: John, how confident are you that the app store is going to be an integral part of what the enterprise does vis-à-vis mobility?

McCarthy: Clearly the notion of an app store is an interface to this technology. The rate of change and the complexity of this environment basically says that I need more of a self-service module. I can’t go out there and hand-provision these applications like I did in the PC world.

The rate of change and the complexity of this environment basically says that I need more of a self-service module.

Because people have become so accustomed to this app store model, as Sam just pointed out, from a consumer adoption point of view, that user interface paradigm is going to continue over. I think what’s going to happen is that, behind the scenes, the enterprise app store functionality, from a management point of view, will be much richer over time, and that's where the divergence is going to be.

But as an interface and a way to get people the information and applications, there's one school of thought that says these app stores will replace the old intranet as the paradigm for not only getting apps, but actually subscribing to information.

Using technologies like Flipboard where you subscribe to the travel policy and you ultimately get the most updated version of that. That it’s going to evolve pretty dramatically from where we are today. It’s going to be the user interface paradigm to all this management capability that IT will use, but also these additional capabilities that the end-user -- whether that's customer, employee, or partner -- will access.

Mobile internet paradigm

Liu: I agree with John on the point about the app store becoming the sort of mobile intranet paradigm. Today, I'm not seeing any corporate intranet that work even halfway decent on a mobile device. So if you extend the concept of an app to content, information, anything that is relevant in a corporation, the app store paradigm is a very nice interface and a very effective delivery model for a mobile intranet, for that matter.

McCarthy: The other thing Sam is that, if you think about these apps, they're called apps, because they are not full-fledged applications. They're much simpler and task-oriented, so there's going to be more of them to manage.

The app intensity of the organization is going to grow geometrically, as we start to unbundle these big complex systems like SAP and Office and provide them in more digestible and more segmented experiences. It’s no longer a one-size-fits-all world. The homogeneity of these applications and the PC as the end-user device is blowing apart as we speak.

Gardner: What is it that people need to do? Should they build, buy, partner? How are you seeing it manifest in the market?

They're not going to be able to stop it, and so they're trying to figure out the right approach to dealing with all this multitude of devices and applications.

Liu: You're going to see a range of approaches. We've been talking to about a dozen or so enterprise IT organizations. The majority of them are in the early stages of trying to figure this out. They see the momentum coming. They're not going to be able to stop it, and so they're trying to figure out the right approach to dealing with all this multitude of devices and applications.

In most cases, they seem to be prompted by the influx of tablets and smartphones, but many of them are thinking beyond that. They're actually planning ahead. They're thinking about devices in general. It could be a mobile device or it could be even a desktop or a stationary endpoint. So they're looking beyond the immediate issues.

Our advice to them is, look, figure out your near term and long-term objectives, and then scope a pilot accordingly. Start with a clear definition of what you're trying to accomplish from a business standpoint, the objectives and the metrics, and then go about it that way. Identify the most pressing needs in terms of the users, apps, and devices and define your first project around that, so you can get a handle around what’s feasible and what’s not.

One of the challenges is that clearly the technology has changed a lot, but also just the lifecycle of hardware and software. It used to be anywhere between three to five years that IT could depend on. Now, you're looking at one year for changes of the devices, platforms, and new apps. That rate of change is also a big challenge for them.

Working in parallel

McCarthy: There are two things happening in parallel.

People are moving out of the renegade pilot phase, and as Sam laid out, trying to take an architected approach. How do we holistically look at what our strategy is around mobile? Not just developing the apps, but how are we going to manage the apps? How are we going to manage the fact that different constituents, both internal and external, need different amounts of functionality and different amounts of security is driving it?

The other thing that we're seeing happening is, companies are now saying, "Oh my God, how am I going to manage the lifecycle of these apps? It’s relatively cheap and easy to build them, but how do I keep up with the endless releases that are going on and the operating system wars on these devices?" Apple and Google are doing four operating system releases a year that you need to manage to make sure your apps still runs.

Then there is the whole point, particularly in the customer-facing space, of how do I update my app so that it stays competitive, and we can really use that system of engagement with our customers to build that ongoing communication, which every company wants to get with their customers?

What we are seeing is that people are starting to look at how to manage the lifecycle of these apps and then, in parallel to that, I need to figure out what are my policies going to be and then how do I enforce or instantiate those policies That's where people are turning to these enterprise app stores from the vendors.

Then there is the whole point, particularly in the customer-facing space, of how do I update my app so that it stays competitive.

It's less of a selling and more of a management prerogative and design point. Then, of course, there is the complexity of the device environment.

Liu: The enterprise app store, is all about the app, how to procure and vet the app, so to ensure security and integrity, as well as distribute it to users, and controlling which users can have access to which apps. Also, it's enforcing policies, such as mandatory installs and updates of versions. Those are overall key elements of enterprise app store.

That said, it's not the end-all be-all. Enterprise app lifecycle management is much more than that. It's another issues, from tools to the actual hardware device controls, but certainly when it comes to apps and managing apps on mobile devices, mobile users, the enterprise app store is a big component of that.

Other features

Some enterprise app stores don’t go beyond a basic app distribution and tracking, but in others you'll find features such as license management. Not all apps will be developed in-house. Some will actually even be purchased from third parties.

In a mobile world, you can expect to see more and more of that, only because, if nothing else, most IT organizations don’t have the system and the resources in-house for mobile devices and apps, so those tend to look outside to third parties for their solutions.

So in that situation, license management is an important part of enterprise app stores, so that IT can actually control just who has what license. If their job changes, we can bring it back and reallocate it to another user. Otherwise, you lose that cost that you paid for the app. Things like that should be built into enterprise app store.

You can also do bulk licensing. Most recently, you saw Apple’s program around bulk purchasing for businesses. Similarly, enterprise app stores will have some mechanism, when it's applicable, where companies can make bulk purchases and manage a pool of licenses across entire employee or contractor base.

Gardner: John, do you see an economic benefit to this as well as a convenience and productivity benefit?

They have to go out to a third-party universe, because the value isn’t going to come from managing these things.

McCarthy: Initially it's going to be, "I need to manage these things." It's going to be knowing what's out there and making it easy for people to get at these things.

Sam made the point that this is much more of an ecosystem play. This notion where I am going to be developing everything myself isn’t going to work. There's going to be a lot of these third-party apps that the company, either on their own or through their services provider vets and says, "Here are all these other productivity apps that you can take advantage of. We have made sure that they work with our core business apps that we've developed."

But that focusing of what are limited IT resources is part of what's driving the app store phenomenon. IT doesn’t have time to build this themselves. They have to go out to a third-party universe, because the value isn’t going to come from managing these things. The value is going to come from these new customer or employee apps that allow us to rethink our business processes. We need to manage that complexity or we're going to have huge liabilities and huge risk and compliance issues.

Gardner: Sam, it sounds as if the enterprise app store could also have a benefiting role when it comes to a hybrid model. Apps might originate with third parties, clouds, or SaaS providers. So is that the vision over time with these app stores?

Liu: It shouldn’t matter, especially to the employee or the user, where the apps come from or who built it. It's all about the experience.

Also, in some ways it shouldn’t matter what device they're coming in from, whether it's a smartphone, an iPad, laptop, or desktop. There should be a similar rich user experience that’s appropriate for that particular form factor. So you abstract these hows and whats from a user standpoint. It becomes a more user-friendly and more productive environment for the user.

Reinventing the process

McCarthy: I think we are going to see more and more of these apps driving the reinvention of business processes. The reliance on these apps is only going to explode over the next three to five years. So we need a way, as we have talked about, where it's easy to find those apps, but also it's easy to manage those apps.

It's serving both sides, serving the needs of the businessperson or the customer, but also serving the requirements of the organization to allow us to harness this, but minimize the cost of managing these devices, making sure that they are secure, that we are not doing stuff with consumer data that’s going to get us into trouble. This is part of the whole rethinking of management and security in a world where it's much more mobile and much more outside the firewall.

Gardner: Any thoughts about the future for how businesses use app stores, not just internally, but as a business channel?

Liu: Actually we've run into a few enterprises already thinking in that mode. Initially when we talk to IT, they're thinking about the internal issues, especially about controlling management policies, but they're also being asked to build systems that are customer-facing, and in some cases systems that deliver and sell products to customers. So, where it applies, such as software and apps, they're looking at how to use the same paradigm for delivery of app services and apps to end customers.

So it's potentially a new channel and a new revenue model for companies, not just simply a cost issue of trying to manage and control.

This is part of the whole rethinking of management and security in a world where it's much more mobile and much more outside the firewall.

McCarthy: And there are all of those businesses that are going to emerge where people talk about data exhausts. We know what people are doing. The app store becomes a way for people to tap into that and you can start to monetize that.

Gardner: And it strikes me that there shouldn’t be any reason that the same infrastructure that supports an internal app store wouldn’t also support an external one.

Liu: No, it's very similar. Furthermore, we have an app store white paper that’s freely available as a download on our website, www.partnerpedia.com.

Gardner: And John, any research reports or notes that are available on this subject from Forrester?

McCarthy: There are a number of reports that we've done outlining kind of the future of mobile management. People can come to forrester.com and search the site and they'll find the stuff that myself and a number of colleagues have written relative to this topic.

[For free white papers on enterprise app stores and better mobile management, go to www.forrester.com or www.partnerpedia.com.]

Listen to the podcast. Find it on iTunes/iPod. Read a full transcript or download a copy. Sponsor: Partnerpedia.

You may also be interested in:

• Enterprise App Store Trends Point to Need for Better Applications Marketplace for ISVs, Service Providers, Mobile Business Ecosystems
• Enterprises Seek New Ways to Package and Deliver Applications and Data to Mobile Devices
• Rise of WebKit Advances Mobile Web's Role, Opens Huge Opportunity for Enterprise Developers on Devices
• Verizon Rolls Out Enterprise App Store
• Enterprise 'App Store' Unveiled . . . Cool Idea

HP expands security portfolio to battle threats from mobile, cloud, and social media

In an effort to combat increased security threats facing enterprises, HP today expanded its Enterprise Security Solutions portfolio with integrated solutions from such HP brands as ArcSight, Fortify and TippingPoint. The new portfolio includes new capabilities to help enterprises assess, transform, manage and optimize their security investments.

The threats that enterprises face from security breaches are growing in both number and complexity. In just the past year the types of attacks are up, the costs associated with them are higher and more visible, and the risks of not securing systems and processes are therefore much greater. Some people have even called the rate of attacks a pandemic.

The path to reducing these risks, even as the threats escalate, is to confront security at the framework and strategic level, to harness the point solutions approach into a managed and ongoing security enhancement lifecycle. [Disclosure: HP is a sponsor of BriefingsDirect podcasts.]

HP's strategy then is to provide a fabric of technology along with a framework of processes, to progress to a lifecycle of preparedness that helps organizations become and stay more more secure, said Rebecca Lawson, Director of Worldwide Security Initiatives at HP.

"It's important to bring the right people together and to assess the whole situation, and those people are going to be from all over the organization: IT, AppDev, legal, accounting, supply chain," she said. "You need to really assess the full situation so that everyone is not only aware of where vulnerabilities might be, or where the most costly vulnerabilities might be, but to look ahead and say … let's make sure we build security into everything from the get-go."

In addition to the new products, HP announced an Enterprise Security Discovery Workshop, an expanded Secure Boardroom (an online portal that combines existing sources of security data into one central system), and released a report from HP Digital Vaccine Labs on vulnerability, threat and attack data for the first half of 2011.

Organizations today are quickly realizing the importance of a comprehensive risk management strategy to securing assets across their corporate infrastructures.

Cyber threats have become more sophisticated, persistent and unpredictable, said Lawson. Research conducted on behalf of HP demonstrates that the volume and complexity of security threats has continued to escalate.

HP's research shows that more than 50 percent of senior business and technology executives surveyed believe that security breaches within their organizations have increased during the last year. Nearly 30 percent responded that they experienced a security breach by unauthorized internal access, while 20 percent responded that they had experienced an external breach.

"There are so many different points at which different incidents can occur that getting your arms around all of them and focusing your attention on those that are most likely to cause reputation damage or financial damage or operational damage, that’s really the trick," said Lawson.

"We also noticed in our research that the number of attacks, particularly on web applications, is just skyrocketing. And of course we know that web apps are used on mobile devices and they are used on laptops and desktops. And so we are really seeing an alarming rate of web attacks happening. … The context can change so rapidly that you have to really think differently about what it is you are protecting and how you are going to go about protecting it. So it's really, it's a different game now," she said.

ArcSight Express 3.0

ArcSight Express 3.0, a unified security solution, transforms the delivery of advanced correlation, log management and user activity monitoring to improve an organization‘s ability to rapidly detect and prevent cyber threats. Powered by the new Correlation Optimized Retention and Retrieval Engine (CORR-Engine), it delivers the scalability required to correlate, process, and store vast amounts of data to advance the detection and prevention of cyber threats and risks.

ArcSight Express 3.0, a single turnkey appliance that simplifies the installation and operation of a Security Information and Event Management (SIEM) solution, enables IT administrators and security analysts to more quickly respond to business threats.

TippingPoint

HP has also launched the updated HP TippingPoint Web Application Digital Vaccine (WebAppDV) 2.0 service, which delivers real-time identification of vulnerabilities in web applications and delivery of virtual patches until a fix can be developed. This is achieved by HP WebInspect, a security scan that incorporates the new Adaptive Web Application Firewall Technology (WAF) to protect commercial and custom-built online applications, such as retail websites or online banking sites from vulnerabilities.

Many network firewalls cannot discriminate between normal network activity and malicious traffic aimed to disrupt web applications. To address this gap in protection, the updated WebAppDV 2.0 filters are deployed alongside the traditional Digital Vaccine filters in the HP TippingPoint Intrusion Prevention System (IPS).

TippingPoint IPS is powered by research from HP DVLabs, which discovered four times the number of critical vulnerabilities than the rest of the market combined. Updates and patches addressing these vulnerabilities are created and automatically delivered to clients online each week, or immediately when critical vulnerabilities and threats emerge.

Other components

Other offerings in the security portfolio include:

• Reputation Security Monitor, which provides ArcSight clients with an advanced, real-time list of known bad IP and DNS addresses to combat attacks that exploit web application vulnerabilities.
  
  
• Fortify Software Security Center suite, a comprehensive application security testing solution available on-premises or on-demand that scales to identify vulnerabilities in thousands of applications.
  
  
• Information Security Management (ISM) services, an approach to managing security policies and processes, enabling clients to make informed security decisions and minimize risks.
  
  
• Enterprise Cloud Service (ECS) protects desktop and notebook PCs and servers against viruses, malware, spyware and intrusions by blocking unauthorized communication and preventing installation of unwanted programs.
  
  
• SIEM services collect and log security-relevant events to provide a unified view of the security activity across an enterprise as well as generating predefined reports to demonstrate compliance with policies and regulations.

  More than 50 percent of senior business and technology executives surveyed believe that security breaches within their organizations have increased during the last year.

  
  
  
• Application Security Testing-as-a-Service identifies and closes security vulnerabilities in the application layer with code scanning and web penetration services that reduce the risk, time and investment needed to deliver software security assurance.
  
  
• Secure Boardroom, an enterprise-level online portal that combines existing sources of security data into one central system. Senior-level executives and CIOs are provided greater insight and actionable information that facilitates business-led strategic investment and management decisions.
  
  
• Digital Vaccine Toolkit (DVToolkit) 2.0, which allows clients to import custom or open-source IPS filters, such as Snort, directly into the HP TippingPoint IPS.
  
  
• TippingPoint Reporting and Archiving. Powered by Logger software, this solution collects security event activity and analyzes data to create custom reports, perform trend analysis and integrate reporting to support compliance requirements.
  
  
• Enterprise Security Discovery Workshop, a one-day workshop designed to help clients understand their organizations' vulnerabilities to external and internal threats, identify the critical success factors for a secure enterprise, and create tailored transformation programs based on best practices.
  

Availability

• ArcSight Express 3.0 is expected to be available worldwide soon.
  
  
• WebAppDV 2.0 is currently available worldwide. Price varies based on the number of web application scans.
  
  
• DVToolKit 2.0 is currently available worldwide at no additional cost to clients with an existing HP TippingPoint IPS solution.
  
  
• HP TippingPoint Reporting and Archivingis currently available worldwide to Logger clients as an add-on product at no additional cost.

You may also be interested in:

• HP delivers applications appliance solutions that leverage converged infrastructure for virtualization, data management
• HP delivers NMC 9.1 as new demands on network management require secure, integrated, and automated response
  
• New HP Service Manager tackles time and cost associated with help desk productivity
• HP's IT Performance Suite empowers IT leaders with unified view into total operations, costs
  
• HP takes plunge on dual cloud bursting: public and-or private apps support comes of age
  
• HP rolls out EcoPOD modular data center, provides high-density converged infrastructure with extreme energy efficiency

Tampa Bay Rays hit home run with virtualization that enables tablets with core applications in the field

Listen to the podcast. Find it on iTunes/iPod. Read a full transcript or download a copy. Sponsor: VMware.

Our next VMworld case study interview scouts out how the Tampa Bay Rays, a Major League Baseball team, is using an extensive amount of virtualization on and off the field.

The Rays' IT department has just started bringing more and more of their applications, data, and processes out to the mobile tier using virtualization and thin-client approaches to make the preferred mobile device, the tablet, super powerful for them. And they're extending the value of virtualization into disaster recovery (DR) too.

This story comes as part of a special BriefingsDirect podcast series from the recent VMworld 2011 Conference. The series explores the latest in cloud computing and virtualization infrastructure developments.

To hear more winning statistics about the Rays and their back-end to client virtualization experience, we're joined by Juan Ramirez, Senior Director for Information Technology with the Tampa Bay Rays. The discussion is moderated by Dana Gardner, Principal Analyst at Interarbor Solutions. [Disclosure: VMware is a sponsor of BriefingsDirect podcasts.]

Here are some excerpts:

Gardner: Why has virtualization been good for your organization?

Ramirez: Back in 2007 when we first looked out at virtualization, we had a lot of issues. Our main data center was located at our stadium in Saint Petersburg, Fla. We were actually running out of space. Electricity was a huge problem. We kept hearing from our operations department that our data centers and our equipment were just consuming too much energy.

We had to come up with a new data center. We needed to build something else, because we were just basically outgrowing it. We needed a plan to say, "You know what, this is going to be our new data center. We're going to be there 5 to 10 years," without going back and requesting additional space or consuming more electricity.

That's when everything started. We went from a two-room data center room to basically just using half of that room with virtualization. We started very small -- four hosts to manage our own infrastructure. Now we have 10 hosts in production and growing.

Another dilemma that we had was every time we needed to provision servers, or a new application needed to be introduced, it would have taken weeks, if not a month, for us to procure the proper hardware and software to make this available for different departments. So we needed to cut time on that and make things happen faster. It is a fast business.

Gardner: To what degree have you actually embraced virtualization?

Without VMware and the different products that we deploy, I think today we'd be in a lot of trouble if we wouldn’t have gone that route.

Ramirez: Currently, we're at 95 percent. We had certain goals to start -- about 50 percent -- and gradually every year just adding more and more resources. At 95 percent, you can see that we really value this, and this is the route that our business is going to.

Gardner: What IT does it take to support a major league team?

Ramirez: First of all, coming from a small-market team, we don’t have the luxury to have a large IT department to support the 300 plus users that we currently have. So it’s very important for us to be very proactive and be ahead of the game.

It is a 24×7 operation, especially during the season, which as we all know, is one of the longest in professional sports, with 162 games per year, not counting playoffs. So it is challenging for us, but I believe that we have a great team.

We also have great resources that we've implemented in the last five or six years and we're on top of it. Without VMware and the different products that we deploy, I think today we'd be in a lot of trouble if we wouldn’t have gone that route.

Gardner: Clearly it's working for you. Tell me about how many apps you're supporting. What sort of workloads have you?

Ramirez: From the applications perspective, we have everything from our scanning application, which is homegrown SQL back-end, Windows application front-end, and web-based front-end to our finance departments, Great Plains, Microsoft Great Plains 2010.

We also have our customer relationship management (CRM) system, which runs on a proprietary application from Ticketmaster, to homegrown application. Close to 10-30 applications are used on a daily basis from every department and different aspect, which is incredible.

Our email system, Microsoft Exchange 2010, is 100 percent virtualized. And every new application that comes up in our pipeline is basically virtualized. Going forward, nothing resides in our physical server, which is tremendous for us.

Products enrich the roster

When we started, we wanted to go slow and to make sure that everyone throughout the organization had a good feel for it, a good vibe. Once we earned the trust from the different departments and other department heads, we introduced it, we showed them and we trained them. It was a no-brainer. Everyone was on board. Everyone loved the technology. Just loved the fact that while it previously took weeks and months for them to provision anything from our department, it's now hours, at the most, which is great.

It also helps us big time with disaster recovery (DR). Our second data center is located in our Port Charlotte Spring Training facility. It's easier for us to move workloads, depending on where we're at in the season and the time of the year. We can move a machine from the production main data center to the backup data center and provide those resources over to our different departments.

When we started with DR, it was a very tough decision because we wanted to do everything automated, but management did not see the need for it. So we actually started with manual processes. We started building a data center down in Port Charlotte. We did some migrations and that didn’t work out too well. So we came back to the drawing board and said, we need a tool that can help us automate this process. This has to be 100 percent automated.

We came back to the drawing board and said, we need a tool that can help us automate this process. This has to be 100 percent automated.

Our recovery manager had just come out and we wanted to test it. We actually beta tested it and received some evaluation licenses. We put together a quick product to show administration and management how good the product was and how important it was to us, especially in the location that we are at.

The rest is basically history. We have pretty much 100 percent coverage on everything that is virtualized. We're able to take periodic snaps and move them over to the VR facility, where we do a weekly test of each individual virtual machine (VM).

Gardner: So that must make you sleep a little better during hurricane season?

Ramirez: Absolutely. It used to be nightmare from June to the end of September around here, but not anymore.

Gardner: Let's move into this other innovative area you have been experimenting with, and it's the use VMware View 4.6. You've been involved with moving into thin clients, virtualized desktops, and I understand also using mobile apps on tablets. Tell me why that's been important for you and what you've done.

250 remote users

Ramirez: Throughout the year, we've grown tremendously. We now have close to 250 remote users. All those remote users need to be equipped with very expensive laptops. It's very expensive and very hard to manage.

We're a small IT department. It's very hard to track down 250 users throughout the year. It's very hard to keep older machines up-to-date. When something goes wrong, it gets ugly pretty fast. We needed to get an alternative and come up with a plan where it would be easier to manage, where it would be easier for them to conduct their work.

We started very basic by putting the in VMware View client. First of all, we set up a lab here and asked a few of our key guys to test and give us some feedback. The feedback was overwhelming. We started with five or six guys, and now we probably have close to 65 users using it on a daily basis.

Users have come back and handed in their laptops. Now, they're strictly on iPad or Android tablet, which is tremendous for us. It's easier for my department to manage. It's easier for them to go out there on the field and just use a lightweight device to connect and conduct business with it.

So it's big for us right now. It should be a huge hit in the upcoming year. With our development department, everything that we are projecting is basically basing it on VMware View.

Users have come back and handed in their laptops. Now, they're strictly on iPad or Android tablet, which is tremendous for us.

Gardner: In addition to VMware View, you also seem to be using an iPad app, how did that come about? How does that fit into the equation?

Ramirez: That came as we started adding more users and receiving feedback. I started using it for my daily management show, introduced a few key personnel to it, and they liked the idea. Now, everyone is basically using that app to connect and do most of their work.

We decided to introduce other departments and show them the capability and how easy it is to connect and get their business done without turning on their laptop -- waiting for it to boot, the VPN, the password, and all that stuff that sometimes gets in the way.

Gardner: I understand you have scouts, managers, you have lots of folks out in the field. They're at ballparks. They're watching ballplayers. They're in the field, and can they just download an iPad app and then sign into VMware View. How do they actually connect in, and what are the logistics for really linking your resources and apps out to that field?

Everyone wants a tablet

Ramirez: Everyone in the organization wants a tablet. They come to us, which helps us big time. Normally we do the procurement for them, or if they go out there and buy it, they will just bring it over to us, and by default our installation and process includes that application. It's the first application that they're introduced to.

My department is able to figure the necessary settings on the application and just leave it ready for them and let them know that right now you can just use your iPad application to connect into your resources and conduct, and use most of the applications that you will be using on a daily basis. It's a big plus for us and for the user. They just love the fact that they have a small application, a small tablet, and one application to deal with. Everything else is handled from our end.

Gardner: So this is productivity for you, because you're supporting more users in the way that they want to work, probably with fewer resources when it all comes down to it, when you can consolidate. And then they're getting that added productivity of access to the data and the apps wherever they are, whenever they want to use it. So it's kind of a win-win.

Ramirez: Absolutely. From a management perspective, it’s great, it's awesome, getting apps for a better application and a better system to have deployed.

We've had nightmares throughout the years, lost laptops with very sensitive information. We have to protect users, and there are so many things that goes on on a daily basis. Now if there's an issue, it just takes seconds to correct, and the users just go back in and continue doing their work.

From a management perspective, it’s great, it's awesome, getting apps for a better application and a better system to have deployed.

Gardner: What’s been the return on investment (ROI) for you moving in these directions?

Ramirez: The ROI has been huge. We used to buy 10-15 servers on a yearly basis. Now, we just procure our servers every three or four years. We get hit from left and right with different departments. They have different needs -- we need 10 servers, we need 15 servers. We no longer have to procure those and spend all that money right away. We have resources allocated for it.

So the ROI has been there. As a matter of fact, we did research two years ago and have discovered that on our initial investment for both data centers the return on investment was 24 months, which was probably more than we thought. We didn’t realize how fast we were able to recoup our investment and how much flexibility we had moving forward.

For DR, we were coming from a situation where we had nothing. Everything was in one data center, and if a storm came by, we would basically be out of business. Having a fully automated system in place is huge for us.

Very important

I don’t even know where to start and what number to tag this with, but it is very important to us. It has helped with insurance cost. It has helped with just the ease of everyone knowing that if something happens near our stadium, we have our data and we can still conduct business moving forward.

We are buying fewer laptops. We no longer need all the extra services that with 250 laptops can get very costly. Instead of ordering an $1,800 laptop for a user, which normally lives 12-24 months, now we can just buy an iPad or have the users use their own iPad, and connect. That makes a big saving for us going forward.

We have very big plans to move ahead and try to be 99 percent virtualized. Private cloud is very important. It's high for us. We keep growing, and our needs and demands are huge. So we definitely have a lot of plans.

We have very big plans to move ahead and try to be 99 percent virtualized. Private cloud is very important.

Coming down the line, we're counting big on the upcoming vSphere 5 and SRM 5. That’s going to help us tremendously. It has some features there that are must-have for us.

Again, moving forward, application development and everything will hopefully be based on a thin app and ease of use and administration for our users. VMware View is another big component for us.

Listen to the podcast. Find it on iTunes/iPod. Read a full transcript or download a copy. Sponsor: VMware.

You may also be interested in:

• VMware's Carl Eschenbach on the Scope and Depth of Cloud Computing and How CIOs Will Have to Adapt
• VMworld Showcase: How ADP Dealer Services benefits from VMware View in its expanding use of desktop virtualization
• VMworld Case Study: City of Pittsburgh's IT success and the beneficial synergy between virtualized servers and desktops
  
• From VMworld, Cosmetics Giant Revlon Harnesses the Power of Private Cloud to Produce Impressive Savings and Cost Avoidance
• From VMworld, NYSE Euronext on Hybrid Cloud Vision and Strategy Behind the Capital Markets Community Platform Vertical Cloud
• VMware's vSphere 5 Hits the Streets