As data is the heart of an enterprise, its security and availability is the core issue. Kartik Shahani, Regional Director, India McAfee Inc., who sees data as the core asset, spoke about the essence of integration of IT assets in an interview with B.V. Shiva Shankar, CIOL. Excerpts:
                             
CIOl:  When we talk about enterprises, we generally discuss about how they  make use of their IT assets. What would be the core IT assets, and why should enterprises talk about their integration?

Kartik Sahani: For any organization, security of data is the most important issue. Critical asset any enterprise has, it is not the server, or the gateway, or the desktop, it is the core data. If the data resides on a server, then server is the core asset.

If the data is in a pen-drive, then the pen-drive is the core asset. In case of a manufacturing company, probably their core asset would be their ERP server and the Web server. Maybe in a bank, an online transaction server and an authentication server, which does payment gateways, are the core assets.

If you have multiple consoles and multiple management areas, it becomes very difficult to co-relate information. Integration of these assets enables an organization to co-relate information. By integration of various solutions, of various parts of the organization, you can have a proper overview and everything is under your control.                                                                                                                                      

CIOL: Do you see integration of the various IT assets happening globally, and how does it compare with the scenario among Indian enterprises?

KS: It’s happening in both the places. In most of the MNCs, the management console actually sits in the US and boxes are deployed in India. The policies are pushed from the US and they are automatically applicable to all units. So they have standardization, they have same level of policies and same level of security in every single location. This is one form of integration that is happening globally.

In India, exactly the same thing is happening because Indian companies are turning into MNCs. For example, companies such as Infosys, TCS, Wipro, etc., are all global companies and they are doing exactly similar kind of set-ups. It becomes easier for them to have compliance to policies, which are uniform across the world.

CIOL: What are the main drivers for the integration of IT assets? Is security the key driver behind the integration, or are there other factors?

KS: I think security is one issue, while the other thing is compliance. Most of the large organizations would be having some form of compliance or the other, either for their own internal requirement or for external regulations. If they don’t have standardization, if they don’t have integration, then there would be no way to be compliant.

CIOL: Tell us about your integrated products?

KS:  McAfee is the security player who is purely focusing on security. All of our products are point products integrated into a single console. We have vulnerability assessment and management solutions, Foundstone. Then, we have a network intrusion prevention system.

Foundstone will do vulnerability analysis and dump the data into the intrusion shield, which is on the network IPS. Any data flowing from the network will be also scanned for vulnerability. Both are talking to the same console. Then, we have anti-virus that sits on the desktop, which also respond to the same console.

We have a solution called Network Access Control, which is basically for compliance and to see whether the end-node is compliant with the organization’s requirement or not. If it is compliant then only it will get accessed. We have other solutions also.

CIOL: What are the points that the enterprises need to keep in mind during any integration process?

KS: One important point is that the integrated data should be useful to different people in the organization. By this I mean the usefulness of integrated data should not be restricted to the system administrator only. It should be useful to CIO, CFO, CEO, etc., and everybody, including the people at the lower levels. You should ensure that data is available for anybody at anytime. That should be the main intension of integration.

CIOL: What are the challenges involved with the integration of IT assets?

KS: There are various challenges. The biggest challenge is, while you select a product you must see that the product should be able to talk to the console or talk to the common source. Otherwise, you end up in spending money on equipment or solutions that are bound to be outdated.

If the product, which you have picked up, does not have scalability in the near future or ability to speak to the other parts the integration will not happen. You need to have the solutions, which are not only the best in class but also with the ability to get integrated with the other solutions.

CIOL: What will be the future trends in this regard?

KS: If you look at the kind of mergers and acquisitions that are happening, you can make out a kind of consolidation that is taking place among hardware and software. What you can really notice is very large companies – either software companies or hardware companies – are now going about acquiring other parts of the business.

For example, IBM, which used to be a hardware company, is now acquiring a lot of software companies. Then you have software companies acquiring hardware companies. So, there is a kind of consolidation happening that would trigger an automatic integration.

CIOL Bureau