Hong Kong's leading CIOs of 2011 - Enterprise Innovation

viewpoint Winnie Tang: Internet learning with choice Page 8

Hong Kong’s source of IT insight

www.cw.com.hk

July/August 2011 • Vol XXVIII No 4 Price HK$40

Hong Kong’s leading CIOs of 2011 Joe Locandro earns top spot Page 14

bizpeople

Jason Chiu: Cherrypicks www.cw.com.hk Page 10

securitysupplement

CWHKawards

Brutal new hack attacks Page 30

Winners on parade Page 40 July/August

backpage

2011

The rise of Apple’s iOS Computerworld Hong Kong Page 42

1

ReliableReliableFast to deployFast to deployEasy to manageEasy to manageEasy to

Energy-efficientEnergy-efficient ScalableScalableVendor-neutralVendor-neutralVend

The only high-performance data center infrastructure for any business and budget Our triple promise: 24/7/365 availability, speed, and efficiency-driven cost savings Introducing Next Generation InfraStruxure

Whether your company just doubled its sales or staff, you need to make sure that its data center can support such business growth—not hinder it. All too often, though, businesses feel constrained by the capabilities of their information technology (IT) and supporting infrastructure. Is there enough rack space to handle more servers? Can power capacity accommodate larger IT loads? Today, APC by Schneider Electric™ eliminates these hurdles with its proven high-performance, scalable, and complete data center architecture solution: InfraStruxure™.

InfraStruxure data centers mean business!

We say that InfraStruxure data centers mean business. But what does that mean to you? The answer is simple. A data center means business when it is always available 24/7/365 and performs at the highest level at all times, is able to grow at the breakneck speed of business, continues to achieve greater and greater energy efficiency—from planning through operations, and is able to grow with the business itself. What’s more, Infrastruxure is an integrated solution that can be designed to your exact requirements at the start, while still being able to adapt to your company’s changing business needs in the future.

The triple promise of InfraStruxure deployment

InfraStruxure fufils our triple promise of superior quality, which ensures highest availability; speed, which ensures easy and quick alignment of IT to business needs; and cost savings based on energy efficiency. What better way to ‘mean business’ than to enable quality, speed, and cost savings—simultaneously? Data Center Projects: Growth Model

> Executive summary

Contents 1 2 7 7 9 10

InfraStruxure data centers mean business! Only InfraStruxure ensures that your data center can adapt effectively, efficiently, and quickly to business growth and other changes via the following benefits:

Availability: 24/7/365 uptime is made possible through best-in-class critical power with ’snap-in’ modular power distribution units, close-coupled cooling, and proactive monitoring software. Speed: Deployment is fast and simple because all system components are designed to work together ‘out of the box’ and the system can grow at break-neck business speed. Efficiency: True energy efficiency and savings are achieved via advanced designs, including three-stage inverters in UPS units and variable speed fans in cooling units. Manageability: InfraStruxure management software portfolio enables you to see and manage capacity and redundancy levels of cooling, power, and rack space for optimal data center health. Agility: Flexibility comes from enclosures with any IT vendor compatibility and whole system scalability for both power and cooling.

To win a FREE vacuum cup! Plan your data center growth simply and effectively! Download White Paper #143, ‘Data Center Projects: Growth Model’, today for guidance. Visit www.apc.com/promo Key Code 43250y • Call (852) 8200 8589 • Fax (852) 2593 0536 • Email : [email protected]

2 Computerworld Hong Kong July/August 2011

www.cw.com.hk

©2011 Schneider Electric. All Rights Reserved. Schneider Electric, APC, and InfraStruxure are trademarks owned by Schneider Electric Industries SAS or its affiliated companies. e-mail: [email protected] 132 Fairgrounds Road, West Kingston, RI 02892 USA • 998-3810_HK

contents

July/August 2011

coverstory

o manage

dor-neutral

Hong Kong’s leading CIOs of 2011

First ever Hong Kong CIO Awards honors Joe Locandro, Sunny Lee and Daniel Lai

Page 14

20

22

industryprofile Vizualize: Shopping environment tracking is big biz

special:cloudcomputing Businesses look beyond cost as cloud driver

Shopping-environment trackingrelated tools work industries such as hospitality as well as retailers

China puts cloud front and center with one trillion RMB investment

4 upfront Hong Kong’s CIO of the Year

30 securitysupplement Hacking takes a brutal turn

6 news

Recent arrests may have turned the tide... but no one’s sure

36 techwatch Social commerce takes more than a Facebook page

8 viewpoint Internet learning with choice 10 bizpeople Jason Chiu from Cherrypicks

38 socialnetwork Is Google+ really Google Buzz 2.0?

24 sepcial:cloudcomputing Education and standards critical to minimize cloud risk 28 chinawatch Check: www.cw.com.hk for daily news and online features. www.cw.com.hk

40 cwhkawards Two pages of classic glamour shots

China reaches 485 million Internet users as growth slows, and Apple’s China sales up six-fold in fiscal third quarter

42 backpage The rise and rise (and rise) of Apple’s iOS

July/August 2011 Computerworld Hong Kong 3

UPFRONT

stefan hammond

Hong Kong’s CIO of the Year

F

or years, the editorial staff at Computerworld Hong Kong debated naming a “CIO of the Year” category. After all, we’ve published continuously for 27 years, and introduced our “Hong Kong Company of the Year” five years ago. We’re committed to Hong Kong tech-development and want to laud its grade-A participants. Every award we decide is difficult (note that the CWHK Readers Choice Awards is exactly that: we decide on the categories and the readers vote for the winners). But choosing a “Hong Kong Company of the Year” is never easy. Through the Industry Profile articles we publish in each issue, we hope that our readers gain a better understanding of how much tech talent, ambition and drive exists here in the HKSAR. But choosing one over the others involves much discussion and evaluation. It isn’t any easy task. Choosing a CIO is exponentially more difficult. What metrics can you use? If a CIO spent a lot of money on replacing a legacy system and the new system improves their processes so much that employee efficiency and morale receives a huge boost, how much does that score? Not much with the accountants who look at the balance sheet and see little costsavings. They’re happier with a CIO who didn’t replace a Stefan legacy system, which of course is a large cost-savings...unHammond less that system breaks or is compromised, causing havoc. Editor Too often, CIOs aren’t praised for their efforts. It’s when a shammond@ technical failure or breach occurs that attention is focused questexasia. com on tech processes. Given the current security landscape (see “Hacking takes a brutal turn,” page 32), savvy CIOs are making efforts to harden their weak points. We know a number of CIOs here who we feel are world-class. Their talent-level means they could work anywhere in the world, but they prefer the challenges of Hong Kong companies. Their core-competencies vary (some are “out-of-the-box” thinkers, some create new tech facilities out of whole cloth, some have so much energy/drive/devotion that they achieve the seemingly impossible), but not their competence. Focusing an award on a single person is a difficult task, but choosing one of these top-shelf CIOs was singularly difficult. Don’t overlook the two winners of “Outstanding Achievement”—they too deserve full marks, as do several others. In the end, based on criteria explained in Chee-Sing Chan’s cover story, we made our selection. Congratulations to Joe Locandro of CLP: Computerworld Hong Kong’s first-ever CIO of the Year.

Stefan Hammond Editor [email protected]


http://www.cw.com.hk Computerworld Hong Kong is published by Questex Asia Ltd, 13/F, 88 Hing Fat Street, Causeway Bay, Hong Kong. PUBLISHER

Simon Yeung

[email protected]

EDITORIAL EDITOR-IN-CHIEF Chee Sing Chan [email protected] EDITOR Stefan Hammond [email protected] SENIOR REPORTER Teresa Leung [email protected] [email protected] SENIOR CORRESPONDENT Carol Ko CONTRIBUTING WRITERS Jason Krupp, Ross Milburn SALES ACCOUNT DIRECTOR Connie Yip MARKETING & SALES Carvin Lee SUPPORTING EXECUTIVE ADMINISTRATION ART DIRECTOR Eric Lam CIRCULATION & John Lam DISTRIBUTION DIRECTOR ASSISTANT CIRCULATION Allie Mok MANAGER

[email protected] [email protected]

[email protected] [email protected] [email protected]

MANAGEMENT MANAGING DIRECTOR Jonathan Bigelow [email protected] HR & ADMIN MANAGER Janis Lam [email protected] ACCOUNTING MANAGER Nancy Chung [email protected] Computerworld Hong Kong is published monthly. All material is Copyright 2011 by Questex Media Group, Inc. Reproduction is strictly forbidden without written permission. Sales and Custom Publishing Enquiries: E-mail can be sent to syeung@ questexasia.com Computerworld Hong Kong is circulated to IT, computing and internet companies and other private and public companies who use IT and computing. It is edited for IT professionals, engineers, and senior managers responsible for design, installation, marketing and maintenance of IT systems and networks. Free subscription offer valid in Hong Kong only. To subscribe, go to www.cw.com.hk.

www.cw.com.hk

Computerworld Hong Kong (ISSN 1023-4934) is published eleven times yearly by Questex Asia Ltd. Subscription rates: 1 year HK$330 (Hong Kong only), HK$440 (Macau only), US$109 (within Asia) and (852) 2589-1313 US$119 (outside Asia), 2 years HK$580 (Hong Kong only), HK$770 (Macau only), US$190 (within Asia) and US$210 (outside Asia). Single/Back issue (if available) HK$40 per copy (Hong Kong only) US$11 (within Asia) and US$12 (outside Asia) plus US$5 handling charge per order. Printed in Hong Kong. Postage paid in Hong Kong. For subscription enqui(852) 2559-2015 ries, change of address or delivery services, please contact our circulation department by: fax (852) 2559-2015, e-mail [email protected] or by mail. Computerworld Hong Kong is on sale in bookshops in Hong Kong at HK$40 per issue.

Questex Media Group LLC 275 Grove Street, Newton, MA 02466, Tel: +1 617 219 8300 PRESIDENT & CHIEF EXECUTIVE OFFICER Kerry C. Gumas EXECUTIVE V.P. & CHIEF FINANCIAL OFFICER Tom Caridi EXECUTIVE VICE PRESIDENT Tony D’Avino Printed by: DG3 Asia Limited 9th Floor, Haking (Tung Shing) Industrial Building 34 Lee Chung Street , Chai Wan, Hong Kong Tel: 852 2965 6777 www.dg3.com/ Average Circulation: 9,579

www.cw.com.hk

www.cw.com.hk


NEWS newsbites

china 

Alibaba launches imagematching service for clothes

Report: Fake Apple Stores surface in China

Chinese shoppers can now upload photos of clothing to a new service launched recently from e-commerce giant Alibaba Group that finds matching styles sold online. Tentatively called “Imagine” in English, it offers a way for users to buy the clothing they see in advertisements or in celebrity photos. The service is currently limited to apparel, shoes and bags. Once a picture is uploaded to the site, either from a computer or a Web link to the image, users select the category of product they want to search for.

ounterfeit Apple products are nothing new but evidence suggests that counterfeit Apple Stores are cropping up in parts of China. The author of the Bird Abroad blog (http://birdabroad.wordpress.com/ 2011/07/20/are-you-listening-stevejobs), an anonymous 27-year-old female

Oracle buys Pillar Data Systems Oracle has acquired storage vendor Pillar Data Systems to help efforts in building out its array of hardware products. Pillar makes storage area network Block I/O storage systems, technology Oracle needed to complement its ZFS Storage Appliance’s network-attached storage File I/O capabilities, said Oracle, adding that some 600 customers with 1,500 systems are running Pillar products now.

Report: Two new iPhones debut in September A report from 9to5Mac citing a tipster said Apple will launch in September a low-end model and a higher-end one. The low-end model will be aimed at taking on cheaper Android-based mobile handsets while the high-end model will sport an all-new design and be obviously different in looks and feature set to the low-end model, the source claimed.

C


Photo: Bird Abroad blog

“This was a total Apple store ripoff. A beautiful ripoff—a brilliant one—the best ripoff store we had ever seen (and we see them every day). But some things were just not right: the stairs were poorly made. The walls hadn’t been painted properly. “The name tags around the necks of the friendly salespeople didn’t actually have names on them— just an Apple logo and the anonymous designation ‘Staff’. And of course, Apple’s own website will tell you that they only have a few A picture of a fake Apple Store appears on Bird Abroad blog. stores in Beijing living in Kunming, China, claims that she and Shanghai, opened only recently,” walked into one of the counterfeit stores she continues. The author also contends that in a tenrecently, just a few blocks away from minute walk in the surrounding area, she where she and her husband live. Photographs on the blog entry show and her husband found two more rip-off what looks like, to all intents and pur- Apple Stores. Ironically, Apple reported yesterday poses, an Apple Store. The author was apparently stopped from photographing that China was key to the company’s by shop staff and security guards. One quarterly revenue of US$28.6 billion. photograph bears the legend ‘Apple “I firmly believe that we’re just scratching the surface right now. I think there is Stoer’ above some Chinese characters. “They looked like Apple products. It incredible opportunity for Apple there,” looked like an Apple store. It had the Cook said. If the report on the Bird Abroad blog classic Apple store winding staircase and weird upstairs sitting area. The is true, then it seems that the clamor employees were even wearing those blue for Apple-branded products in China t-shirts with the chunky Apple name tags is perhaps even greater than Cook bearound their necks,” the author writes. lieves. 3 www.cw.com.hk

An intuitive, integrated IT lifecycle management solution for the control freak side of you.

Managing your IT environment means challenges coming at you from all sides. You’ve got to track assets, distribute software, manage costs and stay compliant with licensing — all while maintaining airtight network and data security. The last thing you need is a complex set of tools to manage it all. • That’s why we developed Hitachi IT Operations Director. • As one of the world’s largest software providers, we know the best solution needs to be both powerful and intuitive. IT Operations Director is an integrated IT lifecycle management solution that gives you control over all of your IT assets and costs, automates tasks and helps you maintain the security of your systems and data. • So let the control freak side of you (not to mention the efficiency expert and risk-averse sides) experience the power and ease of use of IT Operations Director with a 30-day free trial. Download it today at www.itoperations.com.

HITACHI IT OPERATIONS DIRECTOR

Covering all sides of your IT: asset management, security management and software distribution.

Take control of your IT today with a 30-day trial offer! www.itoperations.com

© Hitachi Data Systems Corporation 2011. All Rights Reserved.

www.cw.com.hk


VIEWPOINT

dr winnie tang

Internet learning with choice

U

nder the spotlight of the media, the ‘i Learn at Home’ Internet Learning Support Program (ILSP) initiated by the Government was officially launched on 14 July. The program aims to assist needy students with Webbased learning. The eInclusion Foundation (the Foundation)— the Implementer for Eastern Service Zone covering districts of Kowloon City, Kwun Tong, North, Sai Kung, Sha Tin, Tai Po and Wong Tai Sin—also officially launched our offerings under the brand of “Net-Com rock n’ roll” on the same date. Despite the recent controversy around the ILSP selection process, the Foundation and its core partners—the Internet Professional Association (iProA) and the Boys’ and Girls’ Clubs Association of Hong Kong (BGCA)—are pleased that we started the program on schedule. Parents of the target students were excited to attend their first training session supporting Internet learning of their children. Their happy faces out-weighed the time and energy I spent dealing with the clarification of our stand with this coined ‘political’ saga.

Internet “supermarket” Net-Com rock n’ roll operates like an e-commerce business model: offering reasonably priced choices of hardware and Net access services to the students. This “supermarket” model aims to offer the lowest price through competition and maximize the number of choices so students can choose according to their learning needs. The vision for this program: a sustainable social enterprise. Frankly, I laughed off news and rumors about myself with ease—after the program was launched. But the wild and unbalanced speculation targeting the staff and members of the Foundation and our core partners was rather disturbing. I should point out that all members of the Board of Governors of the Foundation are highly regarded professionals from both industry and academia who serve as unpaid volunteers. It would be a shame if unfounded allegations dampens the enthusiasm of all those who selflessly serve the community. Facts speak louder than speculation. BGCA, one of the two core partners of the Foundation, has been serving Hong Kong for over 75 years and they have a solid track record on their contributions to the local underprivileged community—including children from low-income families. I’m amazed that anyone would challenge the relevance of their experience. iProA, the other core partner of the Foundation, has dedi8 Computerworld Hong Kong July/August 2011

cated ourselves to bridge the digital divide in Hong Kong for over 12 years. We are grateful and thankful to our many volunteers. A few facts and figures on our Internet-related education efforts: • In the past 12 years, our volunteers participated in more than 100 public talks, that translates into 150 hours, in public libraries; • We have participated in over 20 public talks held by the Office of the Privacy Commissioner for Personal Data and OFTA; • We organized the program “District Cyber Centre Alliance” to tackle the community’s digital divide. From 2009 to 2011, the program benefited more than 100,000 people and delivered more than 400,000 hours of services; • From 2003 to 2010, we held many activities for the children from low-income families. Those include 90 e-Inclusion activities totaling over 200 hours in our signature School Web Care Campaign; • We have serviced over 200,000 citizens through the above-mentioned activities; • We are the pioneer of bridging digital divide in Hong Kong and one of the earlier advocates of this initiative. The Foundation strictly followed the procedures and requirements in the tendering process of the ILSP. iProA is a political-neutral organization, and welcomes anyone with qualified experience in IT fields to join as members or volunteers, to build a better society for all through ICT. I advocate freedom of speech and feel obliged to provide facts so that people can make their own judgment objectively. There has been a huge amount of work done by colleagues and volunteers of the Foundation, iProA and the BGCA for the ILSP. Students from low-income families can benefit from e-learning in the new school term starting this September. I would like to earnestly call for the support from all members of Hong Kong society to support this program. 3 Dr Winnie Tang is president of the Internet Professional Association (iProA) and president of eInclusion Foundation. Note that the views expressed by ViewPoint contributors do not necessarily reflect the views of Computerworld Hong Kong or its editorial staff.

www.cw.com.hk

Don’t just be a cloud builder. Be a rainmaker.

IT thought leaders and over 1 billion end users profit from clouds built on a NetApp storage foundation. To make sure your storage architecture is designed to deliver all the rewards the cloud has to offer, visit NetApp.com/BuiltOn.

Scan to learn how to reap the full rewards of the cloud. Get the app at 2dscan.com. ©2011 NetApp. All rights reserved. Specifications are subject to change without notice. NetApp, the NetApp logo, and Go further, faster are trademarks or registered trademarks of NetApp, Inc. in the United States and/or other countries. All other brands or products are trademarks or registered trademarks of their respective holders and should be treated as such.

www.cw.com.hk


BIZPEOPLE

Mobile apps drive Cherrypicks to premier Hong Kong status Hong Kong firm Cherrypicks survived the dotcom-bust to become one of Hong Kong’s prime players in the mobile space. CWHK talks to CEO Jason Chiu By Stefan Hammond

Chiu: One thing we’re proud of: all our intellectual property and design creativity is home-grown here in Hong Kong

What was Cherrypicks?

the

inspiration

for

Chiu: When I worked in high tech strategy at Deloitte Consulting, we often use the term “cherry-picking”: selecting the best. I founded Cherrypicks with a team in 2000—our vision was that mobile What portable device or devices won’t you leave home without? a) When I leave home, I tend to forget my keys but not my phones. I carry three smartphones and a tablet. When outside I tend to lose my phones but not my keys. b) What are your must-view Web sites? http://www.coolinfographics.com/, YouTube, http://www.slideshare. net/ c) Twitter, Facebook, or LinkedIn? Can we visualize a person’s “sociability” by analyzing how connected and active he or she is in various social networks?

communication would become mass media, yet personal for its users. We believed that the advent of mobile data would create an ecosystem. We were right about mobile but the ecosystem didn’t coalesce until Apple released the iPhone in 2007. Our dayone vision and aspiration are now relevant as mobile communication increasingly becomes the norm.

survive profitably by serving the backend infrastructure of large telcos in Asia. One project—with SK Telecom in Korea—involved ringback tones sent via CDMA and required tech expertise and “soft skills”...the deployment intrigued a professor from Harvard Business School, who wrote a case-study about it. With a proven profit track record (and a vision of mobile social networking), we raised about US$25mil from VCs in 2005, allowing us to expand into social networking and mobile in the China and Taiwan markets. We’ve reached a userbase of five million supported by hundreds of employees in ten offices in Asia—six in China. We needed more funding, but despite our supportive VCs, we couldn’t raise sufficient funds and we had to sell the social networking business—at a loss—just before the 2008 financial meltdown. After a management buyout

We’re using our technology and innovation from Hong Kong to expand into overseas markets

Who founded the company, and how did you fund it? Chiu: In 2000, we had angel investors like Taiwan’s FarEasTone Telecom and Korea’s SK Telecom. But further funding was a challenge with the dotcombust, 9/11 and SARS. We managed to


of the company, we re-focused on pure mobile plays again and have enjoyed strong growth with the rise of smartphones and apps. Even though our management and development teams are in Hong Kong, continued on page 12 4 www.cw.com.hk

C

M

Y

CM

MY

CY

CMY

K

www.cw.com.hk


BIZPEOPLE 4 continued from page 10

only about 5% of our group’s total revenue came from here. But in 2008, thanks to smartphone-evolution, today over 50% of our revenue comes from Hong Kong. And now we’re using our technology and innovation from Hong Kong to expand into overseas markets. One thing we’re proud of: all our intellectual property and design creativity is home-grown here in Hong Kong. Perhaps now the HKSAR government can be helpful to us in the areas such as patent or intellectual properties application, trade and licensing facilitation with overseas buyers and special mobile project funding for community courses. For example, we are currently setting up a mobile giving-platform across all five mobile operators to benefit NGOs and charities.

Chiu: We are specialists in the “mobile UX” (User eXperience) and mobile marketing, and we develop our own product platforms. As for our clientmix, we are strong in financial institutions, luxury brands, retails, transportation, media, tourism & travel, utilities and transaction-based clients. We provide creative breakthroughs in large-scale deployments for firms like HSBC, Hang Seng Bank, the Jockey Club, Hennessy, the MTR and TVB. Our R&D efforts include user-experience-related technologies, augmented reality, 3D experience, transactions, social media technologies and cloudbased cross-media innovation.

invested in high-end augmented reality and unconventional user experience for years. Today, we are more technical than digital agencies and more user experience driven than mobile developers. We are very selective—our clients are typically top players in their respective industries or have a strategic reason to partner with us (e.g. the Hong Kong Arts Festival). We believe in quality long-term relationships with a limited number of clients. But this allows us to maximize our creative powers, technologies and resources on those clients. The MTR is a good showcase of this strategy, our MTR Mobile app

We’ve reached a userbase of five million supported by hundreds of employees in ten offices in Asia, six in China

C

M

Y

CM

What was your first product? Chiu: The “m-coupon” service on Orange (now the 3 network) in 2001. And we launched “iButterfly”, a coupon entertainment service, on iOS and Android platforms in May 2011. Ironic: two coupon services, ten years apart with a different generation of userexperience, business model, network and device technologies. In ‘01 we celebrated with Hutchison’s team when we accomplished 1,000 mobile-coupon downloads in the first month. Compare that to “iButterfly” with almost half a million downloads in the first month. And now we’ve been selected by Dentsu—the largest advertising firm in Japan—as their JV partner for regional deployment of the “iButterfly” service outside Japan. How would you describe your company today?

MY

How did you get so many of Hong Kong’s prime firms as users? What makes you irresistible to such a wide, diverse group of clients? Chiu: We are extremely grateful to our prominent client base. However, we are still a long way from a successful global enterprise. We believe there will be powerful mobile marketing players in Asia, and hopefully we are well positioned to be among them. Our secret of winning clients is “mind over matter”: if you don’t mind what others think, it doesn’t matter. We have a singular positioning strategy and we stick with that regardless of our competitors and market’s initial reaction. When the market seemed to demand mass-production low cost apps, we positioned ourselves as a premium quality, large-scale mobile app player. We


for iPhone/iPad (and soon, Android) has won eight local and international awards to date. I credit our team, who I consider the best mobile marketing team in the world. What’s your roadmap for the future? Chiu: The breadth of experience and our painful lessons in mobile and Internet over the last ten years have forced us to become fast and agile. Without our foresight in UX, Augmented Reality (AR) and 3D, we wouldn’t be a world-leader in mobile AR today. I don’t have a crystal ball, but I know we can’t rely on a particular platform, be it iOS or Android. We need to develop our core competence, which is using technologies to develop creative, relevant and great mobile user experiences. It’s the only way for Cherrypicks to be more future-proof. 3 www.cw.com.hk

CY

CMY

K

Brought to you by HDS

www.cw.com.hk


COVERSTORY

Hong Kong’s leading CIOs of 2011 First ever Hong Kong CIO Awards honors Joe Locandro, Sunny Lee and Daniel Lai By Chee-Sing Chan

W

ith papers such as Nicholas Carr’s “IT doesn’t matter,” there was a time not so long ago that media reports were circulating claims that “CIO” stood for “career is over.” While the doubts around the significance of IT have subsided, the role of the CIO has if anything gained in importance. With the need to manage growing consumerization, the surging cloud computing wave as well as the ever growing risk and threat landscape, CIOs are now being tasked to advise the business on how best

to navigate these major changes while keeping the business on a safe path towards growth. This trusted advisor role is where all IT leaders should aspire to but the path is far from easy as many of Hong Kong’s IT elite will testify. In an effort to acknowledge the skills of this elite, three of Hong Kong’s IT leaders were recognized for their excellence at the first Hong Kong CIO Awards program organized by Computerworld Hong Kong and CIO Connect.

CLP’s Locandro: Good people can thrive in all environments and I believe that IT leaders in small and growing businesses have the greatest opportunity to do more with IT


Joe Locandro, director of Group IT at CLP was named the overall “CIO of the Year” winner, while Sunny Lee from Hong Kong Jockey Club and Daniel Lai from MTRC both picked up awards for ‘Outstanding Achievement” as a CIO.

Industry first The first CIO awards program dedicated to Hong Kong IT leaders was created to assess individuals serving in the role of CIO, Head of IT, VP/director or any other role with the designated responsibility of leading the IT organization. All nominating companies had to be based in Hong Kong or Macau. “The judges identified Joe as a seasoned IT professional who pushes the boundaries of innovation and people development,” said Nick Kirkland, Judging Committee Chairperson for the Hong Kong CIO Awards. “Joe demonstrates clear understanding that IT must be integrated fully into the business and his dedication to staff development is critical to the success of the company,” said Kirkland, who is also chief executive at CIO Connect, the peer network group that has built CIO communities in Europe, Hong Kong and Singapore. The Awards Judging Committee was headed by Kirkland and made up of some of Hong Kong’s most respected current and former IT leaders. These included: Paul Chow, current Chairman of Cyberport Hong Kong and former CEO at HK Exchange; YB Yeung, formerly at HSBC; Tom Sheppard, formerly at Cable and Wireless HKT, Raymond Wong, formerly at Immigration Department, HKSAR Government; Edward Nicol, formerly at www.cw.com.hk

Class of 2011 Overall “CIO of the Year” Joe Locandro, Director of Group IT, CLP Winners for “Outstanding Achievement” Sunny Lee, Executive Director of IT, Hong Kong Jockey Club Daniel Lai, Head of IT, MTRC Cathay Pacific; and Tim Sheedy, senior analyst & advisor to CIOs, Forrester.

Back to basics For aspiring CIOs, charting the path to the top involves a matrix of skills and capabilities. CLP’s Locandro noted that it’s critical to observe what your start-point is before determining the required steps. Much depends on the maturity of the organization and its view of IT. “If IT is still seen as a cost center and reports to finance on every matter then you need to work on earning credibility and trust,” said Locandro. “Start with getting the basics right – fix unreliable e-mail, network issues or other pain points.” He added that if IT leaders find that users are regularly complaining about IT services then it’s impossible to gain any trust to focus on anything strategic. With credibility and trust in place, IT leaders can then be looked upon to give advice on business issues and sit in an executive leadership discussion as an equal. But even with a strong IT capability and a leadership track record, IT leaders must earn that respect over time. “CIOs cannot just walk into an organization and receive that level of trust, even the best CIOs must deliver some major contribution to earn that trust,” Locandro noted. He added that it is important to free time to build relationships with the key www.cw.com.hk

stakeholders, but stressed the need to manage time. “At this level you need to spend time with the right people, be focused on the right things and have the necessary headroom to think strategically,” noted Locandro. There is only so much time in a CIO’s day and no-one can do everything so a good litmus test for aspiring CIOs is to ask how much time is being spent on what Locandro calls “business-as-usual” activities such as managing the data center, monitoring applications and networks.

Take the knocks Anyone that spends 70% - 80% of their time on these activities is likely to be operating at the low to mid level of IT leadership as they have insufficient time to be strategic. “The ones that are reducing this

often fall into the trap of allowing the environment to determine their outlook. Locandro insists that each organization will operate differently and while some are highly structured and others operate more freely, each will have its own potential for innovation to occur.

What’s your value? “Good people can thrive in all environments and I believe that IT leaders in small and growing businesses have the greatest opportunity to do more with IT,” he said. “Resources will always be available if you can prove your value to the business.” Locandro noted how it is vital to keep asking yourself the question of what value do you bring to the business? During mentorship discussions with up and com-

Without the passion you will merely be a very good IT manager

percentage are the ones creating the headspace to be effective at being innovative and strategic,” said Locandro. Another issue to overcome for IT leaders is roadblocks and barriers in the path to being a strategic CIO. Drive, energy and passion are absolute musts in the makeup of a modern successful CIO. “Without the passion you will merely be a very good IT manager,” Locandro said. “There will be problems and there will be rejections but you have to push through.” He noted that in Hong Kong he sees too many get dissuaded when they meet any push-back. It is the drive to succeed and the personal belief that allows the best to push through these barriers and have others follow them, Locandro stressed. When looking to innovate or build strategic initiatives, often IT leaders can

ing IT managers, Locandro often asks: “What is the book value of the IT assets? What value do these IT assets generate for the business? What SLAs and corporate KPIs are they trying to meet? “If they say their SLA is 99.99% uptime then that tells me exactly the type of IT leader that they are and that they are focusing on traditional IT operations management,” he said. He demonstrated that for every dollar CLP spends in IT, the IT leadership can show how many dollars return in benefit is derived and how much of that is in cash and how much is non-cash benefits. “It is discussions in these terms plus knowledge of risk, business yield and enabling business change that give CIOs the required credibility in front of business.” 3


COVERSTORY

Taking IT to the next level Sunny Lee, executive director of IT for the Hong Kong Jockey Club, lauded for “Outstanding Achievement” By Stefan Hammond Kong most interesting. The fact that he remains with the HKJC is a point in the HKSAR’s favor.

Commitments from IT

Lee at HKJC: I will to continue to help strengthen Hong Kong’s IT talent pool through promoting IT as a career choice to students

T

he Hong Kong Jockey Club is dependent on IT. As Lee put it during his presentation at the recent CIO Leadership Forum: “If IT fails at a bakery, they can continue doing business. If IT fails at our business, we’re dead in the water.” Few Hong Kong IT experts are so keenly aware of the term “mission-critical.” Lee not only involves himself with the IT community-at-large, but constantly strives to improve his own staff through training exercises, and still finds time to work on world-class projects like the HKJC’s veterinary hospital—which uses tablet computers to keep health records on hundreds of thoroughbreds. For years, Sunny has helped Computerworld Hong Kong in many different ways—from giving us story-ideas to training-descriptions that lead to new ways of approaching our editorial-mix— Sunny Lee is one of our more creative sources for high-level Hong Kong technology strategies. We view him as a world-class CIO: he could find a prime CIO position anywhere in the world, but finds the challenges here in Hong

“The IT Division will provide innovative technology solutions that contribute significantly to the Club’s mission and strategic objectives,” said Lee. “We strive to become a value partner for the Club’s business by pursuing excellence in the following key areas: 1. Ensure alignment of Club business and IT Division strategy. 2. Deliver fast and high quality IT solutions and services that address the Club’s business needs. 3. Provide secure, stable and reliable IT systems and infrastructure. 4. Ensure that the Club makes sound technology selection and investment decisions. 5. Nurture a cohesive, competent and motivated IT workforce. 6. Establish sound IT governance in compliance with the Club’s policies. 7. Exercise prudent cost management and spending within budget. “Some of the key issues I’m now addressing include working with the business to maximize value contribution to business through IT innovation, aligning business requirements with our enterprise architecture to optimize solutions and delivering innovative solutions to enable the Club’s strategic business programs,” said Lee. “Other important tasks are developing and managing the talent pool within the IT organization and maintaining IT asset health to enhance asset performance.”


“I’m a great believer in fostering a fertile environment for experience sharing and communications between myself and my team, business users and Club management,” said Lee. “We’ve held a bi-annual forum for many years involving all 300+ IT colleagues—I share updates on Club and IT matters and gather feedback from colleagues. Its success has created a separate forum for Program Managers and Project Managers, focusing on project-related issues and best practices.”

Training and future plans Lee added he is “steering a major transformation program of the IT Division— with the objective to take performance to the next level by enhancing our agility and our role as a catalyst for business innovation. I have long been committed to serving the community and particularly with nurturing a new generation of IT professionals.” “To this end,” said Lee, “I will to continue to help strengthen Hong Kong’s IT talent pool through promoting IT as a career choice to students (as Past President and Honorary Advisor of Hong Kong Computer Society), helping graduates develop a rewarding career in IT (as Chairman of the ICT Career Centre advisory committee), and elevating the qualification and status of IT professionals through certification (as Chairman of HK Institute of IT Professional Certification).” “Importing talent from China is great,” concluded Lee, “but we must motivate them by giving them market opportunities. We need a government-to-government arrangement [between Hong Kong and the mainland].” 3 www.cw.com.hk

Putting IT shoulder-to-shoulder with business

B

Daniel Lai, head of IT at MTRC recognized for his excellence with the “Outstanding Achievement” award By Chee-Sing Chan

eing a business partner is central to the ethos that Daniel Lai brings to the CIO role. As Head of IT at MTRC, Lai is a firm believer that IT leaders that aspire to be elite CIOs must be visionaries that are not occupied by the day-to-day activities of IT and look further beyond. “CIOs must think like the CEO and perceive the needs of the future and not just for today,” he said. The mission of the MTR is to be a regional leader in railway and transport operations and likewise that translates into an IT mission of delivering best-inclass and innovative technology solutions for the business. To reach this goal, the company often needs to be at least an early mover on new trends. “But we will only adopt appropriate technology which doesn’t have to be the most advanced,” said Lai. “Ultimately we must deliver innovation and new capability to the business regardless of the technology.”

Proactive action Lai advised IT managers to spend more time with internal users and customers of the company. He personally sits on all major project steering committees and makes time to meet with users to hear about their plans and business goals. The IT teams are regularly involved in business planning sessions to review needs and ongoing trends. “We actively plan with the business on their next moves rather than wait for formal requests,” said Lai. “IT strategy must be part of the overall business strategy and therefore be developed in conjunction with the business.” Lai has insisted his project managers www.cw.com.hk

sit with the business and perform business relationship management roles to work with their business counterparts to identify opportunities for improvement. Once those needs are established the number one goal for these managers is to deliver the solutions with sound project management.

Knowledge key to development

and network implementations is the company’s drive to become a true knowledge company. Lai has been instrumental in driving the company’s “Learning Organization Culture Program” which emphasizes a need to collect, retain and share knowledge and expertise. Lai puts heavy emphasis on team development and he added that without a competent and motivated team it is simply not possible for IT to spearhead and support key business initiatives. Lai’s track record as an IT leader puts him in the elite CIOs in Hong Kong and fully justifies his “Outstanding Achievement” award in the first Hong Kong CIO Awards. And add to that his numerous other awards from organizations in China, Taiwan and across Asia, he is clearly an IT leader that has much to offer others who aspire to reach a higher status. He himself plans to eventually write a book on IT Governance and work with educational institutions to develop training programs for potential CIOs of the future. 3

He expects most future CIOs to come from these roles where IT is heavily interacting with the business. That does not discount IT managers who primarily focus on infrastructure though. “Those from the infrastructure side have a different mindset and it is harder to appreciate the cross-organization view that strategic CIOs must possess,” said Lai. “If they can get the business exposure and push themselves to be a part of the business discussion then they stand a better chance of succeeding.” He added that unfortunately in Hong Kong, many managers who have served in a technical position struggle to adapt to viewing technology from different angles and therefore struggle to communicate effectively when in front of business leaders but he is constantly reminding his team that this is a necessary part of being an IT leader today. One major initiative that is more strategic MTR’s Lai: CIOs must think like the CEO and perceive the needs than the usual systems of the future and not just for today


COVERSTORY

CIO priorities: transformation and talent Recent CIO Leadership Forum featured key panel discussions that highlighted the ongoing shift in IT focus and the talent management challenge By Carol Ko

A

t the Hong Kong Jockey Club (HKJC), 98% of the IT systems are business and missioncritical as they help support the massive betting operations that cover racing days and the always-on dynamic world of football betting. Even with such significant demands on the IT team, the HKJC still expects the staff to fully understand and proactively support the growing needs of the business and customers. And to do that requires getting into the minds of customers. Time Warner’s Tsui: IT is often afraid of failing, so they tend not to share developing products with the business

We can’t have all leaders in the team. —Joe Locandro, CLP

“But when I joined the Club five years ago, the HR people told me I couldn’t have a betting account. Then I thought: if we can’t eat our own dog food, how can we serve our customers? Even McDonalds’ staff have to taste their own burgers to tell whether they’re good,” said Sunny Lee, executive director IT of HKJC. In 2007, Lee worked with the HR department to launch a “Live and Breathe with Customers” campaign. During the two-week on-site training program, the approximately 70 IT staff—mostly programmers and system analysts—mingled with the customers and frontline staff to

serve and answer customer phone calls at the customer service centers and the tele-betting centers. “We planted mystery customers who gave our IT staff a hard time. But this helped them to better understand the operation, the products and the complexity of the betting types. They could also understand the frontline staff better, as some of us in IT staff later came up with ideas on how to improve our services,” Lee said.

Measuring satisfaction At Time Warner, the delivery of media and entertainment content has evolved from mainly TV, movie theatres and print channels to internetbased ones: PCs, IPTV, mobile devices and tablets—“which are all in the ‘IT space,’” said Simon Tsui, VP of technology, Time Warner.


Tsui sees early communication with the business critical to ensuring product development success. “IT is often afraid of failing, so they tend not to share developing products with the business until they get some success. But more often than not they’ll miss the mark for not fully understanding the business requirements.” In 2010, Time Warner adopted on a new mission statement, which stressed the need for IT “to work with customers like partners.” For example, annual customer satisfaction surveys are conducted to track customer satisfaction levels. They survey asks individual businesses four basic questions, such as: Did you have a good experience with IT? What are the trends that you think may impact IT? “This way we will understand ourselves more,” Tsui said.

www.cw.com.hk

IT profit centers While many organizations still measure IT achievements by key performance indices, such as IT expenditures, system availability, service levels, lines of codes produced and the number of software defects, Daniel Lai, MTRC’s head of IT, asks: “Are these numbers meaningful to the management?” “I believe it’s not a matter of how much money IT spends, but what values IT introduces to the organization.” Lai said MTRC’s IT shop has journeyed through different stages of IT transformation: initially from a cost center to what he calls a “profit center” today.

also good at communicating, managing people, resolving conflicts and can appreciate the ‘big picture.’ As for ‘doers’, they are often reliable, willing to take responsibilities, and are good within their area of expertise. “We can’t have all leaders in the team, however, because not everyone can be promoted in the company. Without a good mix of different people, the talented ones will leave for not being promoted,” Locandro said. Each year at the global insurance company AXA, the senior management conducts talent reviews, and identifies leaders through different approaches: at-

“We planted mystery customers who gave our IT staff a hard time.” —Sunny Lee, HKJC

For instance, through an MTRC subsidiary called MTR Solutions, the company productized some of the systems it developed over the years to other rail organizations. “So far we licensed them only to our associated companies, joint ventures and subsidiaries,” said Lai. “In the system we embedded some of our best practices and competitive advantages we built over the years, and we don’t want those best practices or processes to fall into the hands of our rail competitors. This little entity we created has already turned profitable in year one, and is now able to fund other new innovative applications.”

tract, identify, listen, develop and retain. “From a managerial perspective, I’d see whether a staff has lots of appetite and the potential to grow,” said Stephane Vidart, CIO, AXA Asia Pacific, who conducts talent reviews with all the CIOs within the group himself.

AXA values “listening” as an important means to identify talents. A few years ago during a team building exercise at an off-site location, Vidart saw that while most IT staff were having a good time on their own, one particular staff stepped up on stage, began to talk, and took control of the scene. “Immediately we saw the dynamics. This man used to be very shy. But I see lots of leadership potential in him. Now he has become one of my leaders,” Vidart said. Besides spotting employees that go the extra mile, CLP’s Locandro arranges job rotation on a biannual basis. By reorganizing the group IT functions, the IT staff are expected to gain new skills and experience in different departments. “There are challenges though. Sometimes we find talented people in their areas but we can’t rotate them elsewhere, as there is no one coming up after them,” said Locandro. CLP’s IT talent management yielded good results. According to Locandro, there is a high degree of “ready now” successors for all group IT management positions. Besides retaining 94% of the staff identified with development potential, the IT staff involuntary churn rate has been kept at a low single digit percentage. 3

Leaders vs. doers An organization needs to have a good mix of leaders and ‘doers’. According to Joe Locandro, CLP’s group IT director, potential leaders are usually initiative, visionary and confident. They are www.cw.com.hk

AXA APAC’s Stephane Vidart: “Listening” as a critical means to identify talents July/August 2011 Computerworld Hong Kong 19

INDUSTRYPROFILE

Vizualize: Shopping environment tracking is big biz Shopping-environment tracking-related tools work for industries such as hospitality as well as retailers, says Vizualize CEO Michael MacMillan By Teresa Leung

CWHK: Your brief background? Michael MacMillan: I have been in tech for 25 years. Prior to this current shopping environment tracking business, I built automation systems and lighting control systems. Out of my 14 years in Asia, I spent ten in Hong Kong. My cousin invited me here because he had set up a people-counting system and was looking for someone to lead his Asian business. But I quickly saw opportunities in shopping-environment tracking, which is more interesting than people-counting because of the exciting retail space in Hong Kong. CWHK: When was Vizualize founded? Is the company Hong Kong-headquartered? MM: Vizualize is a Hong Kong company. Mac Chan—the other founder of Visualize and a bright tech guy—and we bumped into each other in Hong Kong in late 2003. Having complementary skills, we decided to partner and kicked off our business in 2005. CWHK: How many people now work for your company? MM: We have ten people—four are on the Hong Kong-based R&D team. We look to partner with local universities— for instance, in the area of computer vision, which is about making use of algorithms in interpreting data related to traffic in stores. CWHK: How do you ensure shopper privacy?

MM: Our products don’t video-record people or collect their personal data. What our products help clients do is to interpret what shoppers do. So we have cameras installed which point at the heads of people—not their faces. We also mask people’s bodies and faces in queue-analysis. Our systems process data in real-time—for instance, we can tell how many are in a queue and how many people have picked up a particular product on a particular shelf. CWHK: What are your most popular products? MM: Products that provide information on store-traffic. But there is now much higher uptake in products that help retailers understand how people interact with products and shopper demographics. CWHK: Which country is your biggest market? MM: Greater China—China and Hong Kong—is our biggest market. I also believe Asia offers us huge opportunities—we have 10 million target stores in the region where 70 percent of stores still collect traffic-data manually. In Hong Kong, 15 percent of stores that sell luxury goods have automated their people-counting system. Yet the percentage is still low among local brands, even though Hong Kong is a worldleading retail market. In China, we have customers that are in sports retail and luxury-goods. We are also now targeting health and beauty, supermarkets, and malls in the country.


Vizualize’s MacMillan: Our products don’t video-record shoppers or collect their data

CWHK: Who are your customers in Hong Kong? MM: We can’t name our customers, but many are inside malls—including The Landmark, where we’ve installed around 100 sensors, and Pacific Place, where we have 120-130 sensors. CWHK: Do you have a lot of competitors? MM: Many, but product quality varies greatly. Among our competitors, fewer than ten offer queue-analysis products. And fewer than five do shopper-behavior-analysis. CWHK: What’s Vizualize’s next step? MM: We need strategic investment to grow the company and gain a stronger foothold in China. We will also target segments like hospitality, branchbanking, and commercial buildings. We have seen commercial building managers who want to understand how men and women react to temperature changes and how light level could be adjusted at the same time without people feeling an impact. 3 www.cw.com.hk

The data that drives our world is evolving. Innovations in virtualisation, cloud computing, automation and sustainable IT aren’t just transforming your data centre — they’re opening up a new universe of possibilities for your business. Because when there’s no centre, everything is within reach.

DATA HAS NO CENTRE StarHub is keeping pace with rapid data growth thanks to a 10-year partnership with Hitachi Data Systems. A virtualised infrastructure mitigates costs and allows StarHub to deliver high-availability services to its customers — no matter how much data they create. Learn how at:

hds.com/nocentre Email: [email protected] Phone: +852 8120 1000

© Hitachi Data Systems Corporation 2011. All Rights Reserved.

SPECIAL: CLOUDCOMPUTING

Businesses look beyond cost

as cloud driver China puts cloud front and center with 1.1 trillion RMB investment By Carol Ko

I

n June, Computerworld Hong Kong and its sister online publication Asia Cloud Forum hosted the 2011 Cloud Technologies Forum, where CIOs, research analysts and industry players discussed the different facets of cloud computing in Asia. In particular, both KPMG and Forrester Research indicated the obvious rise in the awareness and adoption of cloud computing in China. Announced in March, the Chinese government’s 12th Five Year Plan paid specific attention to the use of technology, which was seen as a “strategic emerging industry.” According to James Mckeogh, senior manager, KPMG Hong Kong, the Plan is closely tied to the cloud computing agenda, which is aimed to improve energy efficiency. To help coordinate the efforts of various governments, the Ministry of Industry and Information Technology (MIIT) last month inaugurated the Professional Committee on Cloud Computing. The idea was to provide policy consulting and decision-making support for various governments and enterprises to drive cloud computing initiatives.

Booming investments The Chinese government is making fierce investments in cloud initiatives, with an investment of RMB 1.1 trillion ($154.5 billion) planned for the development of key cloud computing hubs, said KPMG’s Mckeogh. Apart from the five cloud hubs already

place, provinces in green such as Shandong and Hubei are working with industry players to form cloud alliances.

Crowded market

KPMG’s Mckeogh: China sees cloud as a strategic emerging industry.

set up in Beijing, Shanghai, Shenzhen, Hangzhou and Wuxi, the government plans to build 20 more cloud computing centers in the country, with over 10 million sq ft of cloud data center currently in construction, said Bryan Wang, VP & principal analyst at Forrester Research. “We estimate that the direct current cloud infrastructure investments made by different provinces and cities in China have already exceeded RMB 50 billion (US$8 billion).” Wang added that he expects further “sizeable announcements to be made in the coming months.” See Figure 1 (page 23) : this helps visualize the scale of cloud investments in China. While the provinces in light blue indicate large scale cloud projects in


In China, the cloud business operates on a public-private partnership model. This means multinational (MNC) cloud service providers have to either focus on MNC end users, or work with local partners to do businesses. “This is the case with EMC, which works with China Telecom in offering its cloud storage services. Without having a license, EMC cannot build data centers in China,” Wang said. China’s cloud computing market is crowded with MNC and local players. Even with the presence of big brands such as Microsoft, VMware, Citrix, IBM, EMC, Cisco and Brocade, Wang sees local players of Software-as-aService, Infrastructure-as-a-Service and Platform-as-a-Service being more active in the Chinese market. Such a crowded cloud computing market in China has led to a significant reduction in public cloud service prices. “Take SaaS CRM as an example, the competitive SaaS market has driven down the service pricing, and we expect a certain level of market consolidation in the next two years,” said Wang. “We have even seen some local players selling standard or basic CRM solutions at the price of RMB 200 per user per year. But does this make any business sense?” In contrast, the SaaS email market is www.cw.com.hk

more stabilized, as the hosted email market is more matured. As for cloud storage, a form of IaaS, pricing will tend to become stable, as service providers and large players add their footprints in different locations to increase their national coverage, Wang said.

$2.5b casino cloud project “The cloud conversation usually starts with IT. The problem is, it often ends there, too,” said KPMG’s Mckeogh. In general, cloud computing adoption can offer possible 40%-60% reduction in

Melco Crown Entertainment’s private cloud implementation at the City of Dreams (CoD) resort involved a $2.5 billion project which started in 2009, and has become the “second largest VMware installation in Hong Kong and Macau next to the Hong Kong Bank.” According to MCE’s SVP and CIO Roger Seshadri, the Infrastructure-as-a-Service (IaaS) project involves 81 apps, 50 VMware hosts and 277 virtual servers that utilize the virtualization technology. “You are only as strong as your weakest link,” Seshadri said. “For example, in

MCE’s Seshadri: What if we operate an online casino tomorrow?

The cloud conversation usually starts with IT. The problem is, it often ends there, too” IaaS being offered at CoD include VoIP, —James Mckeogh, KPMG CCTV, storage, security access and con-

total cost of ownership. “But it is wrong to think that we can make it cheaper. Cost-optimization is not enough to be the only driver of cloud computing adoption,” said Mckeogh. To illustrate, Melco Crown Entertainment’s (MCE) private cloud implementation best exemplifies how CIOs can add value to their businesses.

Macau we only have one fixed-line service provider, CTM. Therefore we can’t jump onto public cloud. And we decided we’re going to run our own fiber network [to implement our IaaS].” CoD’s private cloud was built on a converged architecture using Cisco network, IBM server, VMware virtualization platform and EMC storage. The

Figure 1: Booming Cloud Investment in China

Source: Forrester Research Inc June 2011

www.cw.com.hk

trol, job and task management, PMS, Wi-Fi, BMS, audio visual and video on demand. “We are now extending the use of IaaS in CoD and other non-CoD entities. These include DFS, Dragone, Grant Hyatt, Altria and Mocha.”

Way of the future Speaking of management buy-in, Seshadri said it is crucial to “present the possibilities to the senior management in a way they’re touched,” by showcasing the business values that they can appreciate. “Today we’re operating a local-based casino, what if we operate an online casino tomorrow?” Seshadri said such “transformational possibility” is possible because the infrastructure is already in place. “We are now doing the proof of concept with Cisco using their tablets called Cius,” he said. “Tomorrow, when you use your telephone to wire your organization with the IT infrastructure, that tablet can be used as a telephone or as video-conferencing equipment. You can also do all your commercial applications, or use it as a virtual concierge.”3


SPECIAL: CLOUDCOMPUTING

Education and standards critical to

minimize cloud risk The Cloud Computing Security Forum 2011 organized by Kornerstone Institute in Hong Kong featured experts speaking on the fears and doubts around cloud computing By Ross Milburn

T

he opening speaker at the Cloud Computing Security Forum 2011 focused on the growing impact of cloud computing on the whole IT landscape. “Everything on the Web is reinventing itself with a service orientation,” said Dr Meng-Chow Kang, director & CISO, APJC, Cisco Systems, and Advisor, (ISC)2 Asia Advisory Board. “Computing as a utility means that you can turn it on and off like a water tap, and subscribe or unsubscribe as you like. Users can also subscribe to several clouds, which may be public, private and hybrid form—even a community cloud used by several organizations with related needs.”

Kang quoted from the US-based NIST (National Institute for Stan-

service for provisioning of computing capabilities.” Kang also summarized the series of malware attacks made against highprofile organizations including Gmail, Twitter, Google, Amazon, and Sony. Security standards are needed for cloud computing, but rapid technology change makes that a big challenge. Concerns of cloud users include trust based on transparency and assurance; policy, which might preclude exposure of data to foreign governments, and other compliance issues; and data confidentiality, integrity and availability. “You may not know where the service provider is based and since some providers outsource, you may not even know who the real provider is,” said Kang. “The standards community is trying to provide solutions and professional certification is also important.” Kang advocated the use of security standards, especially ISO/IEC JTC1/SC27 Security Techniques and ITU Study Group 17.

Since some providers outsource, you may not even know who the real provider is —Dr Meng-Chow Kang, (ISC)2 Web security

But cloud computing demands a different security policy to traditional IT systems and software. “A major advantage of cloud technology is information segregation,” said Kang. “Moving your non-sensitive public data to the external cloud can reduce the exposure of your internal, sensitive data—this simplifies compliance analysis and makes your sensitive data more secure. In the private cloud, you can have private information about your core business.”

dards & Technology) definition of cloud computing: “Benefits include broad network access over the network through thin or thick client platforms, including mobile phones, laptops, and PDAs; rapid elasticity of provisioning to quickly scale out, and scale in; Measured Service, in which resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service; and on-demand self-


The second speaker emphasized a fundamental truth about web vulnerability: “All the security problems on the web are focused on attacking and exploiting software applications,” said Anthony Lim, director, AP, Security Business, Rational Software, IBM Singapore Lim supported his claim with a list of the top ten web security issues in 2010, from OWASP (Open Web Application Security Project), which were all related to manipulation or failure of applications. The top three, for example, were: SQL continued on page 26 4 www.cw.com.hk

www.cw.com.hk


SPECIAL: CLOUDCOMPUTING 4 continued from page 24

Injection; cross-site scripting; and broken authentication and session management. Clients need to take a more farsighted view of application development, said Lim. “Organizations want their new applications fast and cheap, but if they are fast and good, they can’t be cheap, and if they are fast and cheap, they can’t be good. Developers are not educated in secure coding and they forget that firewalls don’t stop application attacks.” Data leakage must be carefully guarded against when retaining cloud services. In some cases, cloud providers may outsource capacity so that users’ data may be processed by a 3rd party. “The worst thing is when your data is stored by a third party provider. If a hacker steals your customer data from the 3rd party, you are in big trouble—you may go to jail, but the cloud provider is in South America.”

SLA issues Cloud SLAs should include continuity in case of catastrophe, said Lim. “For example, when Lehman Brothers suddenly closed in 2009, the IT staff who looked after hard disks full of transactions and customer data lost their jobs. So where did the data go—is it for sale on eBay?” Another issue is data that is usually encrypted, so that when it is transmitted across the network, it needs policy-based secure email, said Lim. “Paper documents should be protected by a classification label indicating their sensitivity, supported by a corporate policy on classified emails. Classified emails should be kept in an envelope when transported. And to guarantee that the email is authentic and has not been changed, we need to add a digital signature to important documents that are transmitted.”

Lim advocates “intuitive email security”, using the same security classification and controls as for paper documents. “This minimizes user training, and provides centralized control through a security policy, logged entries that can be audited, and centralized key and certificate management.” Lim also drew attention to security education and standards, including a key facilitator for secure software, the CSSLP Certification for Application Development Teams.

IBM’s Lim: Developers are not educated in secure coding and they forget that firewalls don’t stop application attacks

Web weaknesses In the panel on cloud security, Chairman Henry Ng, head of Global Professional Services, North Asia & Japan, Verizon Business, asked Lim if his concerns about software vulnerability were really specific to the cloud. “If an enterprise faces security concerns about its applications, the problems will still be there in the cloud, but the cloud provider may provide better security for SaaS that the enterprise could with on-premises software?” Maybe or maybe not, said Lim. “The cloud is a superset of enterprise web applications and services that are relatively new. Yes, we may hope the cloud provider has better security, but they are still working on that.” Another panelist thought software is


less safe on the Web. “When enterprises used proprietary software, they were not threatened by Web malware,” said SE Leung, senior consultant, Hong Kong Productivity Council. “Now, enterprises use SaaS and the staff use a browser that’s not patched, they download a trojan and you have data leakage. So moving to the cloud is more than just a process change.”

Cloud profiling Responsibility for security continues with cloud service. “I formerly handled technology crime prevention with the police and I learned that users need to treat the cloud provider exactly the same as their own IT department,” said Tony Fung, senior investigation manager, AP, Microsoft. “Users need to demand the same SLAs, and service integrity checks, and checks on the background of staff and on the security standards used.” Users can scrutinize cloud providers’ security, but only if these giant organizations play ball. “When enterprises outsource IT, they check out the service provider.” asked Ng. “But can users do background checks on the staff and procedures at Google or Amazon?” An audience member pointed out that SMEs in Hong Kong cannot do security evaluation of cloud providers located overseas, and asked how compliance requirements handle this issue. “It’s not really about the law,” said Kang. “If customer data is the concern, then I should choose a cloud provider located in Hong Kong.” People are also vulnerable on the Web. “With so many people using Facebook, social networking is a big part of the cloud,” said Emil Chan, council member, Internet Professional Association. “We have to focus on the vulnerability of people to social engineering, just as much as the technical security issues.” 3 www.cw.com.hk

C

M

Y

CM

MY

CY

CMY

K

We’re ?*#! Serious About Virtualization!

Is Your Application Delivery Virtualization Ready?

Virtualization is serious business. It’s not just about the latest IT project – it’s now a part of the business. As the trend continues to virtualize more and more of the business, companies will require multiple deployment options to suit all their needs. From testing/staging/QA all the way through wide-scale, data center implementation. At Radware, we’re committed to helping you get it right. We’re the only application delivery vendor to offer you all the form factors you need to match your current and future virtualization state. It’s something we call – Virtual Application Delivery Infrastructure – or simply, VADI™. VADI includes the industry’s first ADC hypervisor and specialized hardware (ADC-VX™), a fully-featured softADC (Alteon VA™ – virtual appliance), an ADC management plug-in for orchestration with VMware (vDirect™) and dedicated appliances. With Radware VADI You Get: • Maximum Business Agility & Productivity • Unparalleled Flexibility & Control • Reduced Space, Power & Cooling Costs • Total Investment Protection Get started today for free! Please visit: http://www.radware.com/virtualizeforfree and download Alteon VA and vDirect at no cost. For more information on the entire VADI offering, please visit: http://www.radware.com/wereserious or contact your nearest reseller.

© 2011 Radware, Ltd. All Rights Reserved. Radware and all other Radware product and service names are registered trademarks of Radware in the U.S. and other countries.

www.cw.com.hk


CHINAWATCH

China reaches 485 million Internet users as growth slows China adds 27 million Internet users since the end of 2010 By Michael Kan, IDG News Service (Beijing Bureau)

C

hina added 27 million Internet users over the last six months, bringing the total number to 485 million, but the growth of China’s Internet population continues to slow, according to official statistics released on Tuesday. The statistics show that between January and June China’s Internet population grew 6.1 percent, a drop from the 9.4 percent increase the country saw during the same period in 2010. In previous years, the growth was in double digits, with China’s Internet population increasing by 20.5 percent in the first six months of 2008. The number of Internet users in China has more than doubled since the end of 2007, when there were 210 million. The figures released in late July came from the China Internet Network Information Center (CNNIC), a non-profit

group with ties to the government. China’s total Internet penetration is at 36.2 percent, still far behind the US, which is at 77.3 percent, according to Internet World Stats. The low Internet penetration in China leaves 815 million people who do not use the Internet, according to the CNNIC. Many of these people are older Chinese or from the country’s rural areas, and don’t know how to use a computer. Internet marketing research firm comScore has more conservative figures. In May it said the country had 304.2 million Internet users. It counted Internet users as people over 14 who have gone online either through a home or work computer in the past month. Another estimate from comScore, counting people who ac-

cessed the Internet through Internet cafes or public computers, put the figure at 415.6 million. Twitter is blocked in China as part of government measures to clamp down on politically sensitive content. But similar services that are domestically run have taken off in the country. The overall number of users of microblogging services is now 195 million, up from 63 million at the end of 2010, according to CNNIC. One of the most popular is a Chinese social networking service known as Sina Weibo, which reported 140 million registered users in May. 3

Apple’s China sales up six-fold in fiscal third quarter Apple COO Tim Cook said China has been key to the company’s record quarterly results By Michael Kan, IDG News Service (Beijing Bureau)

A

pple believes it is just “scratching the surface” of the Chinese market, as the company’s revenue from the country for the quarter ended June 25 increased by more than six times from the same period last year. Apple COO Tim Cook said the huge growth in “Greater China”, which includes mainland China, Hong Kong and Taiwan, propelled the company’s revenues in the market to US$3.8 billion in the quarter. For the past three fiscal quarters, total revenue from China amounted to $8.8 billion.

Cook said China was key to the company’s quarterly revenue of $28.57 billion, which was up by 82 percent from the same quarter last year. “I firmly believe that we’re just scratching the surface right now,” Cook said of the Chinese market. “I think there is incredible opportunity for Apple there.” Apple’s iPhone sales have been a major driver for the company’s booming sales in the Chinese market. For the first three months of 2011, iPhone sales in Greater China grew by almost 250 percent from the same period last year.


In 2010, Apple opened two new retail stores in Beijing and Shanghai to coincide with the launch of its iPhone 4. The company also launched a new online store for mainland China last October, and started offering its App Store in simplified Chinese. Apple still has a smaller share of the China’s smartphone market than its foreign competitors. During the first quarter of 2011, the company’s market share was at 8.4 percent, according to Beijingbased research firm Analysys International. Nokia leads with a 22.1 percent share, while the market shares of Samsung and Motorola market were 18.1 percent and 12.9 percent respectively, Analysys said. 3 www.cw.com.hk

www.cw.com.hk


SECURITYSUPPLEMENT

Hacking takes a brutal turn The recent arrest of 14 alleged “hacktivists” may or may not “stop the bleeding” By Stefan Hammond

R

ecent months have seen an unprecedented epidemic of website hacking. Credit-card firms, commercial computer-gaming sites, US Federal Government Web sites and more have had their data purloined. What’s happening? Just before we went to press, fourteen suspected members of hacking group Anonymous were arrested as part of a federal raid. The suspects are charged with “various counts of conspiracy and intentional damage to a protected computer,” according to a US Department of Justice press release. But have the Feds got the right guys? Let’s back up. Remember Julian Assange of WikiLeaks? The grey-haired Australian, who looks more like a reclusive author than a cybercriminal, founded WL in 2006, after decades as a hacker and brushes with Australian law. But he didn’t become the poster-boy for cyber-intrusion until 2010, when a US soldier named Bradley Manning allegedly sent 251,000 US diplomatic cables to WikiLeaks. This information was never intended for public consumption. Suddenly Assange was front-andcenter in the mainstream media. Senior US officials declared him a terrorist and wanted him prosecuted, although there was a rapid retreat when it became apparent there were no applicable US laws for the case. Assange remains important (although he’s returned to media-invisibility)

because he represents “one throat to choke.” What happened next was the opposite.

Enter the “hivemind” Targeting Assange was simple. His Swiss bank froze his assets, and several credit card companies refused to process contributions to WikiLeaks. This catalyzed a beehive-effect: a pre-existing group of anonymous hackers then conducts DDoS (dedicated denial of service) revenge attacks on WikiLeaksspurning credit card companies. This group had declared themselves “hacktivists” and named themselves “Anonymous” for their first action: a 2008 attack on the Church of Scien-


tology to protest the religious group’s attempt to control information about itself online) and appeared in public. Anonymous members often wear Guy Fawkes masks and their hacking activities, they declared, had higher motives than profit or anarchy. But anarchy soon erupted. Another group called “LulzSec” (in NetSpeak, “lulz” means “laughs”) arrived with a vengeance. The group made headlines with its smash-and-grab data breaches against Sony, the US Senate, Arizona’s Department of Public Security and USbroadcaster PBS (all for different reasons), but took things further by postcontinued on page 32 4 www.cw.com.hk

www.cw.com.hk


SECURITYSUPPLEMENT 4 continued from page 30

ing press releases and telling the world how they did it. The releases I’ve read are a curious mix of literate clarity and puerile nose-thumbing, but the content is rich. Here’s an excerpt (from the release on the Sony hack):

This is vital data to consumers and computer security professionals alike. LulzSec doesn’t seem sophisticated, but were able to compromise a million users with a single SQL injection—a security flaw any competent firm should have sealed long ago. By revealing HOW they hacked Sony, they demonstrated some level of social consciousness. But like Anonymous before them, LS is a confused mix of “hactivism” and pure mayhem. As they say, they’re “in it for the lulz.”

Who ARE these people?? The roots of Anonymous/LulzSec seem apparent, says Richard Stagg, managing consultant of Hong Kong security firm Handshake Networking.

Although LulzSec proved they were willing to turn in “snitches,” they eliminated themselves after a 50-day period, with a surprisingly lyrical farewell note you can read here (http://pastebin. com/1znEGmHa). Rik Ferguson, director of Security Research & Communication at Trend Micro, agreed with Stagg on the Anon/ LS ‘schism’: “I think that certain members of the group Anonymous decided they wanted to have a little more ‘fun’ and a little more freedom to do as they pleased and they broke off into a splinter group, LulzSec,” he said. “When they felt that law enforcement was getting uncomfortable close to them, they (publicly at least) disbanded and reintegrated into Anonymous.”

AntiSec isn’t a cause, it’s an excuse — Rik Ferguson, Trend Micro

Trend Micro’s Ferguson: The majority of the attacks have been simple to perpetrate, relying on DDoS, SQL injection or old fashioned leaks

“We recently broke into SonyPictures.com and compromised over 1,000,000 users’ personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts...Our goal here is not to come across as master hackers, hence what we’re about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?”

“Anonymous and LulzSec are just two sides of the same coin,” said Stagg. “They literally do it for ‘the lulz’. That it creates anarchy and chaos is a side-effect but not the overall intent. We can’t credit these folks with a cogent political agenda—they turn on each other precisely because they have no shared cause.” Stagg is referring to a case where LS turned on two of their members and, in a breathtaking press release titled “Hi FBI & other law enforcement clowns,” gave up personal information on two members they excommunicated, including real names, pictures and home addresses. “These goons begged us for mercy after they apologized to us all night for leaking some of our affiliates’ logs. There is no mercy...snitches get stitches,” boasted the hacker-group.


“In the meantime, the “Operation AntiSec flag has gone up, giving disparate hackers and groups a banner to unite under,” said Ferguson, referring to indications from both Anonymous and LS that they would form a new group: ‘AntiSec’. “This ‘banner’ is ostensibly cause-driven, being aimed at governments, law-enforcement, security etc. However hacks are taking place under this banner that have nothing to do with [these] ‘legitimate’ targets, hence my [stance] that AntiSec isn’t a cause, it’s an excuse. (http://countermeasures. trendmicro.eu/anti-sec-is-not-a-causeits-an-excuse/).” “The majority of people operating under this banner are not hackers of any continued on page 34 4 www.cw.com.hk

Effective managed services comes through effecting change Ricoh paves the way for effective change management and optimized document processes

W

ith limited budgets, tight deadlines and the ever-present challenge to do more-with-less, today’s IT leaders rely on managed services to handle their non-core functions while they focus on enabling their businesses to compete in the global market. The printing and document cycle is one of those areas where enterprises leverage managed document services to significantly improve their efficiencies by centralizing printing functions, using multifunctional devices, and implementing innovative workflows.

"There is nothing wrong with the technology, why it goes wrong is people's behavior"

But no matter how well equipped the provider, or advanced the technology platform, outsourcing processes can often fall short of the stated goals by forgetting to factor in, and plan for,the most significant hurdle to most projects – employee resistance. “Managed document services are not as simple as technology upgrades, or putting in new software and new technology,” said TC Chao, strategic planning & marketing manager at Ricoh Hong Kong. “It’s a major change initiative, and too often people forget to implement and manage these arrangements in a holistic way, and so fail to leverage the true efficiency benefits of a managed service.”

Workflow strategy

It is for that reason that Ricoh, the leading document solution and workflow provider, has married its managed services offering with a change management framework. Now customers can leverage multifunction devices that are backed by produc-

tivity boosting workflows, made efficient through outsourcing, and implemented using proven methodologies. “I can tell you from my experience as a knowledge worker that the first thing people always ask is ‘why change? I am so happy and proficient with this system as it is now, so why this change?’,” said Chao. “Unless this is managed effectively it can get to the point where the system is only half used, the organization fails to see the efficiencies, and you start to see regrets about upgrad- Ricoh's TC Chao: Managed document services are not as ing. There is nothing wrong simple as technology upgrades, or putting in new software with the technology, why it and new technology goes wrong is people’s behavior.” tion phase, thus enabling the organizaRicoh’s managed service offering aims tion to achieve its goals faster. to address the people factor by setting up “Together, these benefits translate into a change management team made up of dollars added to the organization’s bothigh level sponsors, project managers, tom line,” said Chao. “Conversely, if the marketing and communication experts change is not managed effectively, the and end users from within the company opposite results. Decreased employee which is advised by Ricoh analysts and productivity and increased transition operational experts. time, most likely will occur.” He backs this up with studies that show where change management effectiveness Managing change “Where we differentiate ourselves is that was rated as excellent, almost 90% of projwe provide a change management pro- ects met or exceeded objectives. However, gram that links the goals of what senior where change management was rated as management envisioned when they en- poor, over 80% of projects failed to meet gaged a managed service provider with their states objectives and deadlines. And while the studies and statistics certhe behaviors of the end users,” Chao tainly back up Ricoh’s joint change mansaid. The ADKAR change management agement and managed service approach, framework is a proven methodology perhaps the greatest testimony from its which builds awareness, creates desire, customers, who include Kraft Foods, establishes knowledge, creates ability, Johnson & Johnson, U.S. Bank, Accenture, Hosipra, and Bristol-Myers Squib and reinforces new skills. The aim, said Chao, is two fold: Firstly, among others. “So, it just proves that you can lead a to ensure the managed service is used efficiently and effectively, and secondly to horse to water and get it to drink... you shorten the project cycle by coaching and just need to coax it using the right change mentoring employees through the transi- management approach.”

Brought to you by Ricoh

SECURITYSUPPLEMENT 4 continued from page 32

for decryption of data (“No security in place, no effort for intrusion needed”) nor for “media and press” as “Trolling is our specialty, we provide this service free of charge.” Chris Wysopal, cofounder and CTO of applications security firm Veracode, added that recent data heists have attracted more attention thanks to mediasavvy public relations campaigns. Both LulzSec and members of Anonymous maintain public Twitter accounts and post press releases announcing data leaks. At one point LulzSec even published a telephone number to take attack requests from the public. “The new trend of hacks by groups like LulzSec and Anonymous is accentuated because attackers are trying to publicize it more,” said Wysopal.

landscape for the worse.” “Before [LulzSec/Anonymous], there was more of a criminal element involved so [hacking] wasn’t publicized as much,” said Wysopal. “It wasn’t as if all of a sudden Web sites became vulnerable.”

What now? The picture is still murky, but it’s been suspected that the various “hacktivist” groups all have their roots in “4chan”: a notorious Web site not suitable for public consumption. “One thing we know about Anonymous is that they [have] the false impression that they are unimpeachably anonymous,” said Stagg, “whereas there’s strong evidence from elsewhere that the Feds get copies of all 4chan’s web logs.” Perhaps this served as target in-

C

M

Stagg from Handshake: Anonymous and LulzSec are just two sides of the same coin

Y

CM

great technical prowess,” said Ferguson. “The majority of the attacks have been simple to perpetrate, relying on DDoS, SQL injection or old fashioned leaks.”

PR for hackers In mid-July, “Antisec” hacked military contractor Booz Allen Hamilton’s network, posted 90,000 military mail addresses and passwords online and detailed how they did it in a press release (http://pastebin.com/MiTk4huL). The release contains alleged “shady practices by the company, including potentially illegal surveillance systems, corruption between company and government officials, warrantless wiretapping, and several other questionable surveillance projects.” And Antisec included a new twist with this one: an invoice for “our audit of your security systems”—that’s right, they invoiced the company they hacked. However, they didn’t charge

They literally do it for ‘the lulz’—anarchy and chaos is a side-effect — Richard Stagg, Handshake Networking

MY

CY

CMY

K

Ferguson sees an upside to all this: “Hopefully, the response from government and business alike will be to beef up security, carry out more thorough independent penetration testing, and deploy encryption wherever sensitive data is held. We should at least learn some of the lessons these people are trying to teach.” Stagg also sees an upside to the LS actions, noting that the script-kiddies of the 90s were always in it ‘for the lulz’. “Sure, this generated a certain amount of chaos and woe,” he said, “but it raised awareness without adding the risk of massive costs for fraud/ID theft, etc. Then the criminal gangs turned up [in the 2000s] and changed the hacking


formation for the recent arrests. Perhaps other hacker-kiddies will “take up the cause.” Perhaps penalties imposed by the US Federal government will dissuade others from the shocking attacks we’ve seen in recent months. But one thing remains forever true: AFTER a firm’s computers are hacked, security jumps to the top of the list. Be proactive—review your security policies: independent pen-testing and proper encryption are no longer luxuries. The bad guys are out there and ideology may be as motivational as economic gain. And remember these words from Richard Stagg: “Rule #1 of 4chan is: ‘You do not mention 4chan’,” he said. “It really is.” 3 www.cw.com.hk

©2011 Cisco Systems, Inc. All rights reserved. All thirdparty products belong to the companies that own them.

we’re not just making servers. we’re making server history. Cisco UCS captured #3 spot in x86 Blades Server Market Share Worldwide Find out more: www.cisco.com/go/servers

Phone : 800 www.cw.com.hk

963 699

Email : [email protected]


TECHWATCH

Social commerce takes more than a Facebook page Social media might help but retailers must have coherent strategies, says Lori Schafer, executive advisor, SAS Global Retail By Teresa Leung, Antwerp, Belgium

I

f you think simply bile phones, social net- making mobile increasingly hot in the having a presence works, call centers, and retail arena. “Mobile payment is exon social networks physical locations.” pected to see uptake in the next two will help drive your Disseminating mes- years,” she said. “There are already business, think again. sages that customers retailers using QR (quick response) Retailers are testing want to hear is crucial, codes that mobile phones can scan for the water of social combut it isn’t enough, said product information, videos or promomerce, starting with Schafer. “Retailers tions.” social media including must also make these Facebook, Twitter, and messages relevant, lo- Mobile an upward trend Schafer from SAS: Tackling YouTube. According to cal, personal, and seChecking the tech startups bought the “the social-retail mashup” Lori Schafer, co-author lective, because retail recently by retailers is instructive, of “Branded! How Retailers Engage is now a demand-driven rather than Schafer noted. For instance, Amazon Consumers with Social Media and Mo- supply-driven market.” entered the flash sale fray by buying bility”, and executive advisor for SAS To maximize use of social networks, MyHabit that sells high-end apparel Global Retail, 75 percent of major retailers have Facebook pages. “However, social media isn’t a Social media isn’t a strategy—it amplifies your strategy—it amplifies your stratestrategies gies,” said Schafer at The Premier — Lori Schafer Business Leadership Series organized by SAS and held recently in Antwerp. “It isn’t a substitute for a coherent strategy and a compelling consumer retailers must communicate with cus- at big discounts, she said. While Walproposition.” tomers rather than having them hit Mart acquired social media tech firm ‘Like” on Facebook. “For instance, Kosmix, eBay bought RedLaser, a New York-listed reatailer BestBuy has barcode scanning app for the iPhone Customers in charge The major difference between the 25,000 employees responding to cus- and related assets from Occipital, current wave of social commerce tomers who ask questions on Twitter,” Schafer added. “I call this the social-retail mashand the dotcom era is that customers said Schafer. “The company also alrather than corporations are in charge, lows customers to buy on Facebook— up—it’s different from what we Schafer noted. “Customers are tech- if you don’t engage customers, you saw before when there were distinct spheres of social networking, social savvy and no longer want to find your will be left in the dust.” Schafer claims that 70 percent of the shopping, social fashion, and flash stores,” she said. “You must bring your stores and brands to them via mo- global population has mobile phones, sales,” she concluded. 3 36 Computerworld Hong Kong July/August 2011

www.cw.com.hk

SOCIALNETWORK

Is Google+ really Google Buzz 2.0?

G

oogle+ has taken the social network world by storm and created significant demand in a relatively short period of time—and that is just for the invitation-only beta version. While clicking around my Google-verse, though, I stumbled upon something which seems to indicate that Google+ is just Google Buzz with a fresh coat of paint. Do you remember Google Buzz? You should. It was only last year that Google launched the attempt at social networking. When Google Buzz was unveiled, it received a similar shower of praise and accolades. Google Buzz was going to take over the world and show Facebook and Twitter what a real social network is capable of...until it didn’t.

The fizzle of the Buzz

By Tony Bradley, PC World (US)

cool user interface and a fresh bag of tricks.

Disabling Buzz...impossible? Before you tell me I am wrong, or crazy, or both—go try to disable your Buzz account. If you ever joined the Buzz world, it should still there lurking around in your Gmail somewhere. I saw Buzz in the left pane while I was using Gmail and clicked on it just to see what is even there now. I decided that since I don’t use it, and I have Google+ now, I don’t really need Buzz, so I clicked on the link that says “Turn off Buzz”. That is where the fun begins. That click brought me to the account settings page for Buzz. At the bottom of those settings is a section called Disable Buzz, with a similarly named link—”Disable Google Buzz”. Beneath that link is a description that reads, “This will disable Google

When the world rushed to Google Buzz—or rather when Google dumped Google Buzz on the world—reality quickly set in and the honeymoon was over. It turns out, Google Buzz had some significant privacy issues, and didn’t quite live up to the expectations set by the initial fawning reviews. Fast forward to now, and it’s hard not to draw comparisons between the way Google Buzz was initially received and the current wave of Google+ mania. Google+ isn’t Google Buzz, though. Or, is it? Certainly, Google+ is different from Google Buzz. It has that snazzy Circles concept that lets you drag and drop picture of your contacts to assign them to different groups—Buzz didn’t have that. But, beneath the hood, it seems that Google+ is essentially Google Buzz 2.0—Google Buzz with a 38 Computerworld Hong Kong July/August 2011

Buzz in Gmail and delete your Google Profile and Buzz posts. It will also disconnect any connected sites and unfollow you from anyone you are following.” That seemed like a reasonable description of what I was trying to do, so I clicked “Disable Google Buzz”. That’s where things got sticky. The next window that appeared was titled “Delete Google+ content and your entire Google Profile.” What? Hold on. I want to disable or delete Google Buzz. I didn’t click on anything indicating that I want to delete Google+. It seems a bit suspicious that “Disable Google Buzz” would lead to “Delete Google+ content” unless the two are really one and the same. You can try this experiment with your Buzz account, but your mileage may vary. Google+ continues to quickly assimilate the Googleverse, and things behind the scenes seem to be changing rapidly.

Things are not what they seem Google is melding Google+ with the rest of the Google tools, and in the process it may have also tied up loose ends and removed evidence of the direct relation between Google Buzz and Google+. I confirmed the experience on multiple accounts, though, and captured it using Problem Steps Recorder in Windows 7, so I can at least tell you how it worked in mid-July. Is Google+ just a revamped Google Buzz 2.0? It really doesn’t matter as long as Google has learned some lessons from the Google Buzz experience, and applied those lessons to come back from the ashes with a better social network. It’s only an issue if Google+ is really just Google Buzz with some lipstick on. 3 www.cw.com.hk


www.cw.com.hk

www.cw.com.hk


BACKPAGE

mike elgan

The rise and rise (and rise) of Apple’s iOS

W

hen the first iOS gadget shipped in 2007, The New York Times’ David Pogue published a list of questions about the new iPhone. The last question on the list was: “Who on earth would buy this thing?” It’s a question nobody would ask today. The phone, and Apple’s other mobile devices that run the iOS are succeeding beyond anyone’s predictions. Apple says the iOS is currently installed on more than 200 million devices. Another small thing happened in 2007 that has become a big thing: Apple filed a patent request for the capacitive touch screen used by the iPhone, iPad and, in fact, by nearly all of Apple’s competitors in the market. That patent was granted in June. One possible outcome of the inevitable court cases to come is that competitors may have to pay Apple a licensing fee for every non-Apple smartphone or tablet shipped.

Hype versus reality Since its 2007 launch, there has always been a lot of hype around the iPhone far beyond actual market share. The many brands that run the Android OS collectively own more market share both globally and in the US than the iPhone. And internationally, handsets from giants like Nokia have maintained more sales than those from Apple. But all this appears to be changing. In the first quarter of this year, Android phone market share declined nearly 3%, while iOS’s share rose by more than 12%. Android still has nearly half the smartphone market, and Apple significantly less than that (about 30%.) These changing fortunes could represent a temporary blip caused by Apple’s availability on Verizon. Or it could be a trend. Another possible trend is the decline and fall of Nokia. That company’s smartphone handset market share dropped from 24% to 16% in one year. Apple remained at 17% share while the overall pie grew significantly. When the iPhone shipped in 2007, nobody—and I mean nobody—predicted that Apple would sell more handsets worldwide than Nokia within four years. A recent survey measuring Web traffic by various devices found that some 97% of all tablet traffic in the United States comes from iPads. And if you think that’s high, the number is 100% in Japan and 99% in the UK (the global average is 89%).

Money-printing machine All these market share and traffic numbers mask a stark busi42 Computerworld Hong Kong July/August 2011

ness reality: Apple makes vastly more money from mobile devices than its competitors. Firstly, Apple makes money from handsets, which Google no longer sells. Secondly, Apple makes money from apps—far more per app than any other platform, and far more apps. For example, last year Google Mike Elgan earned about US$102 million from apps writes regularsales, while Apple raked in $1.7 billion. ly about techApple’s iOS is even more profitable than nology and tech culture Microsoft Windows—2.3 times higher. for CW(US). App developers point out that iOS is easier Contact him to develop for and monetize than the Google at Elgan.com Android platform, and presumably other competitors as well. The success of iOS devices thus far is nothing compared with what’s coming. One report says Apple has ordered two manufacturers to build enough iPhone 5 handsets to sell 15 million in the first month of sales. The new phone is expected to launch in August or September. A study coming from the Yankee Group next month finds that about 40% of all smartphone buyers in Europe say they intend to buy an iPhone next time they buy a phone.

China Mobile + iPhone = ¥¥¥ A reasonably credible rumor from a blogger in China says that China’s biggest carrier, China Mobile, will soon announce a deal to sell the iPhone 5. The current iPhone is available in China only from the No. 2 carrier. Such an announcement would suggest a radical increase in iPhone sales in the world’s largest country, and one with an incredible 910 million mobile phone subscribers, where the iPhone is very popular. Apple currently dominates the tablet market, having sold 25 million iPads to date and possibly over 14 million more iPads in the third quarter. But one analyst believes Apple will sell a billion of them. Over the next five years, we’ll see more people using phones and tablets as their main computing device. And I think we can also expect to see current desktop platforms like Mac OS X, Windows and Linux replaced by touch-friendly interfaces like iOS, Android, Metro and so on. In other words, Apple’s iOS is poised to take over mainstream computing. 3 www.cw.com.hk

Introducing AsiaD: All Things Digital AsiaD is the inaugural expansion of D: All Things Digital on a global stage. Just like its predecessor, AsiaD will feature Walt Mossberg and Kara Swisher and their unyielding brand of live journalism as they take a close look at the influencers and innovations shaping the digital revolution worldwide. With Hong Kong as the backdrop, AsiaD will take place October 19-21 and unite the leaders and visionaries from North America with the top players from across Asia –– all while showcasing the uncompromising D formula of unscripted, unrehearsed interviews and dialogue. Space is limited so we encourage you to reserve your attendance today. To register, please visit http://allthingsd.com/d/asiad/register/.

www.cw.com.hk



www.cw.com.hk