Our articles.

May 6th, 2019

Cybersecurity: everyone’s concern

Cybersecurity isn’t merely the concern of your IT department: it is everyone's business. Not only does it concern all levels of your decision-making, up to the highest level, it also concerns each and everyone of your employees. Not to mention your external partners, since your company is increasingly opening up to the outside world.

Bruno van Marsenille

In a recent study entitled ‘Risk Value 2018’, NTT Security assessed 1,800 companies’ cybersecurity policy. According to that global survey, nearly one third of Benelux companies are not well prepared for a cyber attack. Also, they most often fail to advance their prevention and preparedness policy. In fact, only 45% of Benelux respondents say they have established an IT security policy, i.e. 12% below the international average. And those same companies spend only 12% of their ICT budget on cybersecurity. And there’s more: 34% of companies in the Benelux say they would be prepared to pay a ransom if they fell victim to a cyber attack, such as a ransomware infection. In addition, the survey shows that the distribution sector is the least prepared for a cyber attack, followed by the transportation sector, the wholesale trade and the services industry. The telecoms, pharma, chemistry and technology industries are better protected.

Leadership required

At the global level, the study holds some other surprises. To begin with, only 19% of companies regard the Chief Information Security Officer (CISO) as the person who is ultimately responsible for IT security, whereas 22% refer this responsibility to the CIO and 20% to the CEO. This shows a great dilution of responsibilities and skills in IT security. And the new General Data Protection Regulation (GDPR) does not help matters since a Data Protection Officer (DPO) has now also been added to the list of functions. And here’s another other disturbing survey result: barely 57% of organizations have a well-established security policy, while 26% are still working on it. Finally, only 39% of managers believe that their employees fully understand the security measures defined by their company.

Within your company, clear and effective leadership must therefore be established, especially since digital transformation requires a solid and secure foundation. It will be up to your CISO to define your IT security policy and to raise awareness for it among all your stakeholders: management, staff, business partners, etc. All the more so as with the emergence of the Internet of Things (IoT), the cloud, social networks and mobile devices, new attack vectors are equally emerging. It is imperative that your security policies are embedded in your daily business and that data-centric incident management solutions are deployed throughout the life cycle of your data.

Cloud to the rescue

In addition, the cloud requires a clear view of the movement of your data, wherever it is, as well as measures to protect that data and specific procedures for incident management. However, along with the cloud we also see the emergence of managed security solutions that exploit the potential of artificial intelligence and machine learning to identify threats as quickly as possible and counter them with maximum effectiveness. This could well be an interesting solution to the glaring shortage of specialized security profiles.

Moreover, the cloud can present an immense potential for computational power and flexibility, enabling ultra-sophisticated algorithms that are capable of analyzing threats in real time, of modelling risks and of providing a quick response in case of attack. Similarly, the cloud can enable closer collaboration between security actors by sharing threat information (especially details on attack life cycles) and information on cyber criminals (including their most commonly used tactics, techniques and procedures).  This is notably the mission of the Cyber Threat Alliance (CTA) and its project Adversary PlayBooks.

Collaboration: the way to go

More than ever, collaboration seems the right way to fight cybercrime effectively. Collaboration not only between departments within your company (transparency is without a doubt the best approach in case of attack), but also collaboration with your technology partners.

As an IT specialist, Aprico Consultants helps organizations establish their ICT strategy and assists them in their digital transformation, in order to improve the performance, productivity and competitiveness of their business. We combine in-depth knowledge of various aspects of ICT with technology expertise and an end-to-end understanding of our clients' business processes.

Given that the cybersecurity market is particularly fragmented (even though a certain consolidation of the ecosystem is under way), the choice of a reliable and trusted technology partner is essential in your search for a sustainable and global ICT platform. In other words: a partner who is capable of not only selecting the most relevant offer, but also of deploying and maintaining it.

Aprico aims to help companies innovate and rethink their business processes by putting security at the centre of their strategic thinking. We share best practices, technologies and organizational models that allow your organization to open up to the outside world and to share information securely.

April 1st, 2019

Putting simplicity and agility first with microservices

While the cloud clearly remains one of the cornerstones of your company's IT flexibility, a new style of architecture is now increasingly needed: microservices. It promises greater ease of development and deployment, better scalability, easier maintenance and more flexibility in the way you engage with technology.

Bruno van Marsenille

Your company has always faced many IT challenges: whether to ensure the availability and performance of your applications, as well as their quick and inexpensive upgrade, or to develop and deploy new solutions more quickly.

Advantages

In short, your organization, if it wants to keep up, must be synonymous with responsiveness and flexibility in order to fully meet the demands of your business. Yet all too often your IT department inhibits this dynamic process, because of your installed base (i.e. your historical applications), the inflexibility of your infrastructure and the lack of flexibility of your development teams. Of course the cloud - and especially the hybrid multi-cloud (see our previous blog) - can provide an answer to these challenges. But nowadays, it’s possible to go beyond that answer, thanks to microservices.

Schematically, a microservices-based architecture aims to develop an application as a suite of small services, each operating its own process and communication through lightweight mechanisms. These services are built around business functionality and can be deployed independently as part of an automated process, while centralized management is minimized.

In other words, a microservices architecture offers you several advantages: shorter development cycles, scalability built in from the start of your development, the possibility of deployment on-premise or in the cloud, the ability to handle complex requirements, less vendor lock-in thanks to the many products available in open source, the possibility to choose the best implementation technology to solve your specific problem, as well as ease of maintenance and upgrade.

Constraints

While the microservices approach has many advantages, adopting it requires that you respect a number of conditions. For one thing, as a complex technology and architecture, it requires certain specialized skills. In addition, a DevOps and automation culture is absolutely essential. Finally, the boundaries of each service must be clearly defined, while organizational changes are also needed to ensure the success of such a project.

In short, you definitely shouldn’t look at microservices as the new Eldorado for your IT department: this type of architecture is only suitable if your company needs scalability, complexity and speed of implementation. And you certainly shouldn’t underestimate the organizational challenges it brings. It effectively requires you to set up inter-functional teams, multidisciplinary and autonomous, with clear boundaries between them (and therefore between your microservices). Ideally those teams have a double dimension: a vertical business aspect and a technological communication structure between teams to create the knowledge network and establish border governance between services.

 DDD approach

To meet these challenges, we at Aprico propose a type of structure, based on the idea of DDD or Domain-Driven Design. It is neither a framework nor a methodology, but rather an approach (as described in the book of the same name by Eric Evans) that aims to define a common vision and language shared by all people involved in the development of an application.

In practice, DDD allows you to offer tools capable of establishing the service boundaries, the upper limit being the associated context and the lower limit the aggregate. Domain events are powerful building blocks for service orchestration, while domains constitute natural boundaries for the business-oriented team. In addition, context integration and team relationships are governed by strategic design.

Partnership

Microservices represent the logical evolution of a distributed systems architecture. They are intended to meet your needs of complexity, scalability and speed of delivery. But to succeed, your organization must be aligned. DDD offers powerful tools for structuring a microservices architecture through aggregates, associated contexts, domain events and the strategic design that ensures relationships between contexts and teams.

As a consulting firm specializing in information systems architecture and transformation, Aprico Consultants allows you to resolutely accelerate your digital transformation processes. We provide you with the flexibility, performance and competitiveness needed to strengthen your position in the market. Aprico Consultants works with you to translate your company's strategy, objectives and constraints into pragmatic transformation programs that deliver real added value and proven return on investment.

March 4th, 2019

Here comes the hybrid multi-cloud

Even when the cloud has caused much ink to flow, it seems that most organizations prefer hybrid cloud, combining private and public cloud, to enjoy the best of both worlds. Transparency and portability remain the big challenges. Hence the need to call on the services of a professional provider to make the right choice.

Bruno van Marsenille

According to a study by IDC, companies will spend $554 billion on cloud computing and related services by 2022, twice as much as in 2016. A survey by IDG among 550 IT decision-makers revealed that 73% of the organizations have already adopted the cloud, while 17% plan it in the next 12 months and only 10% have a migration planned within the next 3 years. On-premise data and applications are not becoming obsolete, but implementation models are evolving into architectures that combine public and private clouds, as well as on-premise data and SaaS-based applications.

In addition, a study by Computer Profile revealed that in recent years, the adoption of cloud solutions has accelerated considerably. In 2010, only 13% of Belgian companies used one or more cloud solutions. In 2018, that number rose to 64%: 5 times the number of 8 years ago. The survey also revealed that the cloud is most popular among SMEs.

The cloud, yes but...

Among the reasons that justify cloud investments, companies mention the need to accelerate IT service provisioning, the need to have more flexibility in responding to changing market conditions, the need to have guaranteed business continuity, the reduction of development time, the improvement of service and customer support, and the reduction of Total Cost of Ownership (TCO).

On the other hand, major cloud adoption obstacles include vendor lock-in (47%), security risks (34%), the location of the data storage (34%), the shortage of skills to manage the cloud and maximize the investment (31%), as well as difficulties related to integration (29%).

Hybrid is the answer

Facing this reality, more and more companies are choosing hybrid cloud, combining the benefits of public cloud and on-premise private cloud. But this approach requires rigorous and technically challenging management skills, especially in terms of security, as well as a need for transparency when switching from one environment to the other. Therefore, the most important choice is that of the technology provider.

According to the IDG study, companies manage an average of 4 Software as a Service providers (SaaS), 3 Platform as a Service partners (PaaS) and 2 Infrastructure as a Service vendors (IaaS). At the same time, they consider increasing the number of their partners in the next 18 months (5 in SaaS, 3 in IaaS and 3 in PaaS).

Conclusion of the study: “Organizations are no longer wondering whether they should turn to the cloud. They are now looking to optimize the use of new cloud services by adopting new delivery models and implementing multi-cloud architectures.”

Challenges

While the adoption of the cloud was initially justified by cost savings, it now seems that the cloud is needed at the very request of the IT department to improve the availability of IT services, speed up development and deployment, expand the IT services portfolio, increase flexibility, and offer better disaster recovery capabilities. This evolution increases the need for integration between cloud provider platforms, even if the arrival of Kubernetes-based managed service offerings should facilitate compatibility between solutions. In addition, the maturity and depth of the offers, as well as the pricing of the products, will be part of the selection criteria, as is customer experience.

Proving the success of hybrid multi-cloud, IDC announced that for the first time sales of traditional IT infrastructure has been exceeded by sales of cloud infrastructure in the 3rd quarter of 2018. Sales of cloud infrastructure are expected to continue growing by 13.3% in cumulative growth by 2020 to reach 57.6% of all sales.

In this context, companies and their IT departments will benefit from relying on their IT partners to select the offer that best meets their needs - current and future. Aprico Consultants is a consulting firm specializing in architecture and information systems transformation. By accelerating the digital transformation process, Aprico provides its customers with the flexibility, performance, and competitiveness they need to strengthen their position in the market. Aprico strongly collaborates with clients to translate their strategy, objectives, and constraints into pragmatic transformation programs that deliver real added value and proven return on investment.

February 18th, 2019

Mobility: the foundation of digital transformation

These days, information must be available and accessible everywhere, at any time and by any partner of the company, including employees, customers, suppliers, prospects, and more. This requires an infrastructure that is powerful, reliable, and secure, as well as digital processes. Welcome to the virtual IT environment.

Bruno van Marsenille

More than ever, the enterprise is moving beyond its internal borders to open up to all its stakeholders. No longer working in isolation, the organization must make its platforms and data accessible to drive growth.

Here are some numbers that explain the extent of the phenomenon. According to a study by StrategyAnalytics, the number of mobile employees will increase from 1.45 billion in 2016 to 1.87 billion in 2022 worldwide – or 42.5% of the active population. Accenture estimates that the annual number of security breaches increased by 27.4% in 2017, showing the fundamental importance of finding the right balance between unhindered mobility and information security.

According to PwC, 50% of all employees will be from Generation Y by 2020. This generation grew up using computers and mobile technology. It is clear that companies will have to adapt to the needs of Generation Y. If not, they fail to attract the talent they need and will risk to see employees leave, as 44% of employees today – according to a Dell and Intel survey – believe their professional environment is not smart enough and not connected.

Internal organization

The old architecture silos must give way to virtual environments, relying heavily on the cloud - private, hybrid or public - to facilitate the exchange of information. Similarly, the workstation becomes more virtual, especially using Virtual Desktop Infrastructure (VDI) technology, making the user more mobile and stimulating collaborative work. The underlying IT infrastructure also becomes virtual to provide greater flexibility and enable change. The rise of edge computing improves employee productivity - of both remote and on-site employees - as well as relieve pressure on the internal IT infrastructure and enhance the security level of the extended IT environment.

Road congestion and workspace costs stimulate teleworking and videoconferencing, while agile collaboration methods and collaboration in virtual teams become part of everyday business. This is why network operator Proximus estimates that by 2020, 90% of organizations will deploy telework applications for their employees. At the same time, there is a rise in the use of apps, and not only to improve productivity, whereas storage evolves into shared storage in the cloud.

Apart from mobile devices and software, IP telephony and instant communication are indispensable collaboration tools. Not to mention fixed-mobile convergence and unified communications that allow employees to work wherever they are.

The network

Thanks to the cloud, the organization are able to focus on the added value of IT and on business innovation, leaving the management of its infrastructure in the hands of trusted partners. In addition, the cloud will integrate both applications and data in a more open and flexible global system, provided the necessary security is in place. The cloud will also enable better activity-based IT resources provisioning and turn capex into opex, a particularly relevant argument in times of budget cuts.

Networks – LAN or WAN – are essential links in data transmission. The focus won’t only be on WiFi wireless networks, but also on 5G technology, which will speed up transfer speeds and allow ever larger volumes, following the evolution of unstructured data growth, images and video in particular. 5G will also facilitate the breakthrough of IoT (Internet of Things) and M2M (Machine-to-Machine). The technology is expected to arrive on the market in 2019 and will need to be quickly standardized and tested. At the same time, devices will need to be ready as well, allowing large scale deployment, especially in the professional market.

The outside world

By deploying digital processes, the organization opens up to its partners. As a result, customers enjoy a richer user experience. They find information faster, benefit from more personalized data, take advantage of automated processes (including the order process), and use different communication channels. As a result, the customer enjoys a richer offer of customized services.

Suppliers benefit from digitization and mobility to access a wider range of internal data and automate their logistics processes, which will improve operational excellence, reduce costs, and increase the levels of productivity, innovation, and creativity.

In the field

In any mobility project, it goes without saying that security is an important, if not crucial, dimension. Likewise, change management as well as user information and training need attention to ensure the widest possible adoption. And why not clean house before installing new mobile solutions?

To help companies succeed in their mobile transformation, Aprico respects and implements three basic rules: smart, lean, and agile. The smart approach aims at understanding the real added value of mobile technology for the organization and to set the business priorities to achieve the transformation. Aprico is open and independent. Its recommendations are based on the platforms and technologies that fit the client best. Aprico strongly believes in the lean improvement culture that involves planning the right resources at the right time and at the right cost. Finally, our agile methodology combines ongoing collaboration (involving stakeholders as early as possible) throughout the development process, rapid prototyping, and frequent testing (splitting the project into manageable entities resulting in regular delivery). Our approach reduces time-to-market, ensures easier change and maintenance, and ultimately improves customer satisfaction.

January 25th, 2019

Is microservice architecture about to kill the ESB?

Are these diametrically opposed architectures incompatible?

Sébastien Vanderen

The flexibility of microservices comes with an even bigger challenge regarding service-to-service communication. As the number of microservices grows, the death star anti-pattern lurks around. Service meshes were developed to address a subset of the inter-service communication problems in a totally distributed manner.

January 7th, 2019

Trends in IT service management: making technology work for the business

Making technology work for the business – and not the other way around

Bruno van Marsenille

The emergence of DevOps, self-service and digital: these are the three major developments that drive the IT Service Management (ITSM) market in 2018, according to Forrester. ITSM aims at integrating processes, people and technology, in order to support the business objectives of the organization.

December 19th, 2018

How to turn virtual reality into a real reality for your business?

Thanks to video games, the general public got to know virtual reality first. Today, virtual reality also starts making waves in the industry, with a number of really practical and value-added applications for companies.

Bruno van Marsenille

December 4th, 2018

Aprico hires and retains only the best talent

To guarantee operational excellence to its clients, Aprico Consultants developed a selection process for new hires based on a simple principle: we are looking for employees who are not only the most competent, but also able to deliver.

François Chabot Solution Architect

November 26th, 2018

IoT relies on integration

When you – like 60% of all companies – are planning an IoT project, be aware that integration is the main challenge. And as the IT and business capabilities you need are rare, you really can’t go without a technology partner.

Bruno van Marsenille

Tomorrow’s world is a connected one. Almost all objects will be intelligent and will communicate through the Internet of Things (IoT). Of course, we need high-performance and reliable infrastructure and platforms to collect data and to run the solutions that process it. In all this, we cannot deny the importance of interoperability between these elements. In the IoT world, integration is a key success factor.

October 8th, 2018

AI: a true added value for your company

AI: it’s now or never!

Bruno van Marsenille

Data is the new oil. Clever use of data adds an obvious competitive advantage to your company’s digital transformation. Large companies have already understood this for quite some time. But also SMEs can integrate artificial intelligence into their business processes to further exploit the data they own – as long as they adopt a clear strategy first.