application-modernization

Enterprise Application Modernization: Key focus areas

Application Modernization

This is the migration of legacy applications to new systems, applications, or platforms, perhaps integrating new functionality to older systems. Organizations modernize applications for many reasons; widening access scenarios, a digitalization requirement, or moving to a new IT infrastructure or API-based architecture. Whatever the reasons, modernized legacy systems must operate in sync with other application systems using, for example, Java or .NET.

Application modernization is a strategic decision factoring in organizational needs, priorities and budgets. Considerations include modernizing the application experience and access method and driving create new workflows around the application through integration and automation.

They may modernize the application code itself with analytical tools to increase programmer productivity, and improve performance. Modernizing dev, test, and production methods and platforms, either for individual applications or as part of a composite application, while leveraging new business models with COBOL investments is another thought.

IT Process Modernization

DevOps and Agile IT processes have improved application development, but the software development lifecycle for host-based application can still be slower than other platforms’ pace, especially when applications must be integrated. This requires application delivery process modernization.

Using DevOps and Agile to improve application development has significantly and positively impacted =the application development process. Nevertheless, the software development lifecycle for host-based applications can still be out of sync with the platforms with which these applications need to integrate.

This has resulted in a de facto hybrid approach to application delivery. Organizations need to extend the advantages, such as delivering applications ‘at the speed of business’, to all applications, whatever their value or platform.

Infrastructure Modernization

For infrastructure modernization to succeed, organizations must prioritize the application host platforms in terms of development, test, and production; whether it is a large host system, a distributed environment, the Cloud, or hybrid.

Organizations doing so can implement fit-for-purpose infrastructure to support traditional and new applications, whether current, Cloud-native, or next-generation applications. Additionally, Infrastructure modernization requires an organization to establish strong security for applications and data.

The IDC white paper Modernization: A Flexible Approach to Digital Transformation is clear; “With end-user platform refreshes running at a cycle of once every 3–5 years, an organization’s delivery platform of choice can be up for renewal at any given time. Large host systems such as mainframes may have a life span of 10–20 years. But oftentimes, the applications they support continue to outlive multiple platform refreshes. [So] there is a constant, cyclical re-evaluation of a business’ core systems — the applications and the platforms upon which these applications are developed, tested, and deployed.”

The Move to the Cloud

Modernizing applications, IT processes, or infrastructure, is a good time to evaluate their potential need to move to the Cloud. This Forrester report on Cloud adoption and modernization opines that, “Moving a core business application to a generic Cloud platform isn’t a pain-free sourcing change.

“Many applications can experience performance degradation, but organizations with existing technology management operations simply cannot start from scratch and rewrite everything for the Cloud. The more intensive the adjustment requirements, the more cost-intensive the move …will be.

“Organizations must devise a strategy for evaluating candidate apps —determining what, if any, changes should be applied to ensure the move is successful and the performance and cost balance is met”. Additionally, Forrester hosted a webinar with Micro Focus on this topic, Exploring Complexities to Cloud Migration & Modernization.

the-power-of-offline-marketing-in-retail

The Power of Offline Marketing in Retail

GDPR: The Renaissance of SMB Receipt Marketing

Today, because more than half of retail sales are influenced by digital – and GDPR influences data collection – a new trend is emerging: Retailers are turning to offline marketing.

GDPR (or the General Data Protection Regulation) has had implications for foreign small businesses and retailers, and now similar regulations are coming to the United States.

While large retailers may have the funds to dedicate to safeguarding their big data, SMBs tend to have smaller budgets and fewer staff to manage such procedures. How do these stores continue to successfully communicate with customers – and stay protected against regulation?

Receipt Marketing: A Secret Weapon to Boost Customer Engagement

Independent retailers may create email marketing campaigns or implement a basic loyalty program, but there’s another thing they could be doing: receipt marketing.

Apart from customer service at physical stores, what’s the one thing shoppers always take away with them? A receipt, which is an intuitive and significantly underutilized marketing channel!

Customer retention, loyalty and engagement are all built upon developing relationships, being memorable, standing out and creating a connection. What if a cute or funny message on a receipt could do that? What if coupons, discounts, QR codes and thoughtful messages on receipts could build rapport with your audience?

It’s Cheap, Easy, Safe and Humanizing

Because digital marketing doesn’t always produce results for brands with a strict budget, offline marketing that reaches all customers could be a more rational place to invest your customer engagement dollars.

Just think of the possibilities! Your messaging can be timely and feature endearing calls-to-action that brighten your customer’s day. And the best part? This type of offline marketing has no privacy infringements – just enticing offers and a personal touch that makes SMBs feel genuine.

Customer Incentives for Return Business

Receipts can be a great place to highlight special offers to boost future store, restaurant and kiosk traffic.

Offline Meets Mobile: QR Codes

QR codes embedded on receipts, cards and in-store posters mean offline marketing can sync up with mobile offers.

Persuasive Discount Offers and Time-Sensitive Offline Messaging

Receipt marketing is a great way to reach a lot of eyeballs at an extremely low cost. Discounts with time-sensitive offers can create some of the best results and are a part of the most persuasive loyalty campaigns.

microfocus-header

Digital Transformation and Micro Focus

Micro Focus enables modernization and digital transformation through a broad solution portfolio, characterized in this IDC white paper as “a holistic view of the whole application.” This is the idea that the application includes both the code, the access experience, and importantly, security.

“[The] Micro Focus perspective is that customers can approach modernization in [different] ways, incrementally, and with or without the need to change the underlying code — all depending on the level of modernization required as dictated by business requirements and priorities.”

The Micro Focus solution portfolio supports a successful modernization strategy in different ways:

Mainframe and COBOL

Back to IDC; “[The] Micro Focus COBOL and mainframe product portfolio … provide[s] support across the application delivery lifecycle, and while it can … be deployed as a holistic solution, it comprises products designed specifically for the key technical phases involved.”

The technologies in this portfolio include; analyzer technology (Enterprise Analyzer and COBOL Analyzer), development technology (Enterprise Developer and Visual COBOL), flexible mainframe testing technology (Enterprise Test Server), deployment technology (COBOL Server and Enterprise Server), and application delivery management and control technology (ChangeMan ZMF and Enterprise Sync).

Host Connectivity

Micro Focus organizes its Host Connectivity portfolio into three groups of solutions: access, integration, and management and security. These solutions include Reflection, InfoConnect, Rumba+, Extra!, Verastream, Databridge, Reflection for Secure IT, Host Access for the Cloud (formerly ZFE), and Host Access Management and Security (MSS).

To quote IDC again “Micro Focus solutions for accessing host applications have long since moved beyond the origins of ‘terminal emulation.’ It is now about modernizing application access from user experience, security, and data protection perspectives

“The Micro Focus Host Connectivity portfolio … is about modernizing and connecting core, business-critical applications to the rest of the organization, instead of replacing them, to create new value such as through digital transformation.”

In summary

To wrap up all three posts, let’s summarize the advice from Gartner, Forrester, and IDC about these modernization trends based on other organizations’ experiences. In Use Continuous Modernization to Build Digital Platforms from Legacy Applications, Gartner states “application leaders responsible for a strategy to build a digital business platform should exploit and extend the value of [their] legacy applications by removing obstacles, rather than viewing and treating those applications as a problem”. On a similar note, the Forrester report Exploring the Complexities of Cloud Migration and App Modernization opined that to keep pace with technology adoption, organizations must “consider how they manage transfer/move activities. Technology and business leaders must be laser-focused on what they want to achieve and remember to align business systems to the business strategy”.

So there seems to be a clear theme of making more of what an organization has now and aligning it with what they will need in the future.

IDC sum it up in their white paper Modernization: A Flexible Approach to Digital Transformation, acknowledging the “shift from a ‘rip and replace’ approach toward modernization strategies that are aimed at gaining significant business value in the form of agility, new business capabilities, and a reduction in TCO and risk.”

Why this matter:

Assistance on the journey to digital transformation comes in two strands.

There are the analysts who offer guidance on modernization, while the Micro Focus portfolio of mainframe and COBOL solutions provide support across the application delivery lifecycle, while the host connectivity solutions give access to the mainframe, while providing security and data protection.

These solutions align with that guidance to offer organizations a way to modernize applications, IT infrastructure and processes, while maintaining access to legacy applications.

millenials-eating-habits

Millennials’ Eating Habits: How They’re Changing the Food Industry

If there’s one generation that makes headlines, it’s millennials. According to the 2015 U.S. Census, there are 75.4 million millennials living in the country, officially making them the largest generation in the States. If you operate a restaurant, it’s worth paying attention to what millennials do and want – especially when you consider that they spend more dining out than they save for retirement. Here are the top four things millennials are seeking when it comes to dining out – and how these changes are affecting the food industry.

They Want Convenience

The first meal kit service started in 2007 – and now, 12 years later, it’s a booming industry estimated to hit $10 billion in revenue by 2020. Who’s to thank for that? Millennials, of course – they’re considerably more likely to subscribe to these services than non-millennials.

That’s just one example of the importance convenience has to millennials. Other popular (and booming) examples are grocery delivery services, food trucks, heat-and-eat options available at grocery stores, and online ordering (millennials are the most likely to get home delivery from restaurants). In fact, according to the 2017 Food and Health Survey by the International Food Information Council, 55% of millennials say convenience is a top driver when buying food.

They Want Transparency (And Responsibility)

Don’t be mistaken: just because millennials value convenience doesn’t mean they don’t also take healthiness and sustainability seriously. The trend is just the opposite, actually.

First and foremost, millennials are redefining what it means for a food to be considered “healthy” – instead of low-fat being a top priority, they now put natural, organic, locally sourced, and sustainable foods at the top of their list. Did you know that millennials eat 52% more vegetables than baby boomers and 52% of organic consumers are millennials?

This generation also wants to know where their food is made – a whopping 80% of them want to know more about where their food is grown – and they value how it’s made (you may have noticed the terms “locally sourced” and “farm-to-table” popping up on menus in recent years).

They Want Trendiness

Gone are the days of steak and potatoes – instead, unique, customizable items are making a splash with millennials. “Build-your-own” quick service restaurants (like Chipotle) are growing steadily, and for a good reason: 72% of consumers expect customization! Some examples of recent unique trends are food bowls, food mashups/hybrids (hello, cronuts), and avocado toast.

So, are unique meals actually popular with millennials, or do they just make headlines? The former is true: 40% of millennials report they like to order different things every time they eat in the same restaurant, and they don’t shy away from vegan and cultural cuisines. They’re also described as open-minded and curious. Besides adopting a creative menu, it’s a good idea to also create a unique, modern vibe in your restaurant – from your light fixtures to your point of sale.

Avocado toast, a trendy meal popular among millennials. Source: pexels.com

They Want an Experience

If you have a social media account, you know that photos from users experiencing a satisfying meal are popular. In fact, 75% of millennials report they value the experience of eating food more than the nourishment. And social media is a huge part of the dining experience: 41% of millennials log in to Facebook every day, 29% use Instagram regularly, and 25% use Snapchat on a daily basis. To top it off, 20% of millennials say that they receive food news from peers on Facebook.

To help make your restaurant “Instagram-worthy,” consider adopting a modern and aesthetically pleasing menu design, ambiance, and décor – and don’t forget to create social media accounts for your restaurant if you haven’t already!

hpe-&-suse-why-object-storage

Block vs Object Storage

What is Block Storage?

Block storage is a type of data storage that involves storing data in consistently-sized, easily accessible blocks.

Block storage definition

Ideal for data that must frequently be accessed and edited, block storage refers to a form of data storage wherein files are stored in even blocks. The most common type of data storage, block storage is usually used in SAN environments.

Why block storage?

Although block storage isn’t as scalable as object storage, it is the solution for those looking to store data they need to access and change often. With block storage, individual pieces of data can be edited without compromising the entire block of data. Block storage is more expensive and complex, but block data can be accessed without compromising operating system performance.

HPE block storage products and services

HPE solutions will help you consolidate, simplify and increase uptime. And help you address user file data headaches efficiently, effortlessly and without compromises.

Featured Products

storage-3

File Persona

HPE 3PAR StoreServ with HPE 3PAR File Persona is the industry’s most efficient storage engineered for the true convergence of block, file, and object access. It is easier to provision and easier to monitor in reduced data centre space.

storage-2

File Controller

Unlike typical gateways, HPE 3PAR file services provided by the HPE 3PAR StoreServ File Controller deliver advanced integrated capabilities, including repurposing capacity easily and dynamically between file shares and block volumes.

storage-1

HPE 3PAR StoreServ

Tier 1 all-flash data storage array that scales from midsize to the largest enterprises and service providers.

What is Object Storage?

Object storage is a type of data storage that involves storing data as objects with associated metadata and
unique identifiers.

Object storage definition

Ideal for data that must be accessed, but not edited, object storage refers to a form of data storage wherein files are stored as objects with associated metadata and unique identifiers that enable them to be accessed on a network. Common types of data stored as blocks include songs, photos, and video clips.

Why object storage?

Object storage is currently the best solution for storing mass amounts of data. It is virtually endlessly scalable, and, in a world where the rate of data being generated is increasing exponentially, this is good news for storing certain types of data. However, it is also important to remember that the data cannot be edited without the entire object being rewritten. Data that is often stored as objects includes songs, images, and video clips.

5-Ways-to-Incorporate-Internet

5 Ways to Incorporate the Internet of Things into Your Store

The Internet of Things (IoT) is no longer just a buzzword – it’s a living, breathing technology that’s making a splash in retail stores around the world. By 2020, it’s estimated that there will be over 30 billion IoT devices!

IoT offers great benefits to the retail industry. In fact, 77% of retailers believe it improves the customer experience, 89% report that it provides increased insights into customer preferences, and 77% say that it helps them work with partners to deliver quality products and services.

How will IoT devices impact stores’ bottom lines? By reducing inventory error, optimizing supply chain management, and decreasing labor costs, it’s estimated that the potential economic impact of IoT in retail environments will range from $410 billion to $1.2 trillion per year by 2025!

So, how can you take advantage of IoT? Below are five ways to incorporate this new wave into your store.

  1. Personalized Discounts

Did you know that nearly half of consumers are willing to share their personal data in exchange for exclusive benefits? One of the biggest benefits shoppers are looking to receive is personalized promotions. By installing connected sensors around your store, you can send loyalty discounts to customers when they stand near certain products.

You can also use IoT to track what items a customer has looked at online, and then give them a personalized discount on that specific item when they visit your physical store. Another great way to use customer data to promote sales is through Star Micronics PromoPRNT, a value-add program that works with your existing receipt printer to deliver promotions directly on printed receipts.

2. Smart Shelves

Soon retail shelves as we know it will be completely different, thanks to smart shelves. This next-generation shelving includes electronic labels, personalized advertisements, RFID technology, and IoT sensors. One popular use case for smart shelves is supermarkets – grocery retailers are expected to increasingly use smart shelves to quickly update product prices, as well as display promotions, nutritional data, coupons, videos, and more.

Smart shelves can also interact with apps on a customer’s phone and do things like show shoppers where to find all the items on their grocery list, and enable each item to be scanned by a robotic checkout.

Smart Shelving in a Kroger Store. (Source: Microsoft News)

3. Beacons

Beacons – or small wireless sensors that can be attached virtually anywhere – work with customers’ smartphones to collect locational and contextual data (if they have downloaded your app). These sensors can be used to track shoppers when they’re in your store and send them personalized content, coupons, and more. In the age of online shopping, this level of exclusive, tailored content is just what stores need to keep drawing customers into their brick and mortar establishment.

The truth of beacon success is in the numbers: approximately 75% of shoppers provided with beacon content say it increased their chances of making a purchase, and over 60% said they’re willing to spend more money on holiday shopping at brick-and-mortar stores if they’re sent special offers.

4. Digital Signage

Any way you cut it, digital signage is huge in both helping boost a store’s attractiveness, as well as pushing data-driven content to strategically targeted customers. Digital signage can truly unify your IoT efforts by collecting customer data from beacons, sensors, and smart devices, and then display commercials, product information, and personalized promotions – at just the right time.

Curious how big of a market digital signage is? Hint: huge. The global market value for digital signage is expecting to grow to $32.84 billion by 2023! If you’re looking to make the most of your digital signage, consider using a tool such as Sales Receipt Viewer & Analytics. The tool provides web-based receipt data and allows you to download digital receipts, analyze sales trends, discover sales anomalies, and more.

An Example of Digital Signage. (Source: Sophatar)

5. Supply Chain Management

Simply put, IoT is redefining supply chain management across the globe. Here are three examples:

  • Asset Tracking: RFID and GPS sensors can track products from factory to store. This not only makes asset tracking much easier, but it can also provide important information such as what temperature a product was kept at and how long it took to sell.
  • Inventory: Using IoT sensors, retailers can instantly check inventory levels and proactively receive alerts when a product’s inventory is low. The sensors are also very helpful in tracking purchasing trends, making inventory management a more efficient process.
  • Maintenance: IoT sensors can also be placed on manufacturing equipment to keep on top of scheduled maintenance, preventing expensive and untimely break-downs.
key-management-policy-

Understanding Key Management Policy – Part 2

In the first part of this two-part series on Key Management, we saw how an increasing number of organizations are encrypting their sensitive data to mitigate cybersecurity risks. As covered earlier, with cybercriminals getting more sophisticated, merely encrypting data is not sufficient.

With data encryption, the risk is transferred from the data to the encryption keys and to ensure optimal data protection, organizations should make sure that their encryption keys are efficiently managed and safeguarded at each stage of their lifecycle.

In this part, we will cover the various benefits of centralizing your key management and guide you on how to adopt key management for your organization.

Centralized Key Management

When it comes to securely storing the encryption keys, three pertinent questions should be addressed:

1. Where are the keys stored – in third-party applications, in the cloud (private, public or hybrid?), in a heterogeneous environment that supports multiple databases?

2. Are the keys protected with strong access management mechanisms that prevent unauthorised access?

3. Is your approach to key security compliant with the statutory mandates of the regulatory bodies?

As more and more data gets encrypted, the dependence on encryption keys increases and safeguarding all the keys (throughout their entire lifecycle) becomes challenging. The task becomes more daunting in an environment where organizations use diverse vendor systems that generate their own keys.

Further, as encryption keys undergo a lot of changes throughout their lifecycle – like creation, key versioning, distribution, rotation, storage, archival, backup, and ultimately destruction, managing the keys at each juncture of their lifecycle becomes critical.

This is where centralized key management comes handy. With the inherent ability to safely store and manage all the encryption keys centrally in a secure and efficient manner, organizations can uniformly view, control, and administer the encryption keys for all their sensitive data – whether it resides in the cloud, in storage, in databases, or virtually anywhere else.

Leading Key Management Solutions (KMSs) can seamlessly manage keys across heterogeneous encryption platforms and offer extensive support for the Key Management Interoperability Protocol (KMIP) standard, as well as for proprietary interfaces, managing a disparate set of encryption keys becomes easier.

Apart from secure storage and management, another important aspect of centralized key management is key governance. Merely storing and managing the keys is not sufficient but ensuring foolproof access management is equally important. Centralized key management enables proper key governance – even when the data and people move from department to department within the organization.

Requisites for Effective Centralized Key Management

Now that we understand why organizations should adopt centralized key management to ensure optimal data protection, let’s look at the three important requisites for centralized key management to work smoothly:

1. Key Management Server

At the heart of any good Key Management Solution is a FIPS 140-2, Level 3-certified intrusion-resistant, tamper-proof hardware server (also known as a Hardware Security Module or HSM) that plays the important role of creating, storing, retrieving, rotating, archiving and deleting the encryption keys.

This server also facilitates seamless communication with all other applications (both internal as well as external) through native encryption using the Key Management Interoperability Protocol (KMIP).

Below are three important points that organizations should consider while selecting a key management server:

(1) Adherence to Regulatory Compliances

The server must comply with federal security requirements that mandate the destruction of all the stored encryption keys upon detection of a forced entry.

(2) Role Management

The server should have in-built role management features that provide separation of duties between various user roles with handy tools to quickly assign/delete roles. As more and more data gets encrypted leading to an increasing dependence on encryption keys, role management becomes a crucial feature for any organization.

(3) Interoperability

The server should be able to coherently interoperate with other business applications by providing access to its user interface through APIs, web services and encryption connectors.

As a best practice, organizations should:

(a) Store all encryption keys (and not just the Root of Trust Master Key) in the hardware server.

(b) Ensure that the autorotation and versioning of keys take place as per a pre-defined schedule without any downtime during the key rotation process, and

(c) Ensure that the whitelisting of the IP address happens within the secure hardware server itself.

2. Key Management Policies

As seen in our previous post, a key management policy (KMP) is a pre-defined set of rules that cover the goals, responsibilities, and overall requirements for securing and managing an organization’s encryption keys.

While a key management server can centrally manage all the encryption keys and enforce set policies, it cannot create a KMP on its own. The onus of chalking out a comprehensive KMP lies with the organization’s Cybersecurity & IT Heads, like the Chief Information Security Officer (CISO), Chief Risk Officer (CRO), etc. who are responsible for ensuring the adoption of KMPs for data protection. ‘Unambiguity’ is one of the most important pillars of a good KMP that makes sure that there are no misinterpretations whatsoever while accessing the encryption keys. For example, a KMP can unequivocally state that the employees of one business unit or department cannot access the encryption keys of another unit, or that access to the keys can be granted only through the corporate LAN.

3. Key Management Processes

Key management processes are a host of diverse processes like inputs, activities, and outputs that are pivotal to centralized key management.

These processes help users in using their organization’s KMP and can be automated or implemented manually. For example, depending on the sensitivity of the data to be accessed, the Key Management Process may instruct users to either connect through a VPN or through the corporate LAN.

3. Key Management Processes

As the global leader in enterprise key management, Gemalto’s SafeNet KeySecure is widely adopted by organizations across the globe to centralize manage their encryption keys.

Available as a hardware appliance or virtual security appliance, SafeNet KeySecure is a plug-and-play, secure centralized key management platform that can be quickly deployed in physical, virtualized infrastructure and public cloud environments.

Holistically supporting data encryption and key management of a diverse set of databases like Oracle, IBM DB2, Microsoft SQL, Mongo DB, etc., SafeNet KeySecure also seamlessly supports the generation, storage and exporting of keys in a Bring-Your-Own-Key (BYOK) environment from cloud players like Microsoft Azure, Amazon Web Services, etc.

Below is a quick snapshot of the diverse integrations ecosystem that Gemalto’s SafeNet KeySecure supports:

For organizations that have already invested in HSM devices, Gemalto offers a cost-friendly Virtual Key Management Solution – SafeNet Virtual KeySecure that centralizes all cryptographic processing and provides scalable key management at remote facilities or cloud infrastructures such as VMware or AWS Marketplace.

To Sum It Up

With rising incidents of cyber attacks and data breaches, neither front line defense mechanisms suffice, nor does mere data encryption. To safeguard sensitive data, organizations should not only secure their encryption keys from unauthorized access, but also efficiently manage them centrally through a state-of-the-art, highly scalable key management solution. Learn more about Enterprise Key Management and how it can help your organization efficiently manage your encryption keys.

hpe-and-suse-article-1

Storage for Unstructured Data

Harness unstructured data at any size

Drive value to your organisation with the right infrastructure for unstructured data. HPE file and object storage solutions span your needs, from affordable NAS to durable petabyte-scale storage.

Scale with unstructured data workloads

Solve your unique data storage challenges and economically keep pace with human, sensor,
and business-generated unstructured data growth.
store-easy

HPE StoreEasy Storage

Flexible, affordable file storage appliances and gateways for small and midsize businesses plus the branch offices of distributed organisations.

file-persona

HPE 3PAR File Persona

Unified file services for user workloads and block-adjacent data preservation included as a standard feature within flash-optimised 3PAR arrays.

store-serv

HPE 3PAR StoreServ File
Controller

Dedicated gateway to attach file services to 3PAR arrays with multisite stretch-cluster support and sophisticated services for Microsoft environments.

scalable

HPE Scalable Object Storage
with Scality RING

Extremely scalable and durable storage for warm to cool machine and application data with native file and S3 interfaces for established and cloud-centric apps.

apollo

HPE Apollo 4200 with Qumulo
File Fabric

Modern scale-out NAS for hot and warm machine and application data with up-to-the-minute analytics for actionable data management.

Innovations in file and object storage

Built for the evolution and growth of unstructured data, HPE file and object storage solutions address requirements with data protection, cloud extensions, futureproof flexibility, and software-defined architecture.

Protected

Safeguard unstructured data with resilient and self-protecting platforms. Reduce security risks through native capabilities like data encryption, sophisticated access controls, file access auditing, file immutability, and deletion prevention.

Cloud-ready

Reap the benefits of a scalable infrastructure with data mobility between systems, sites, and the public cloud. For small and midsize businesses to Enterprises, gain on-site connectivity to Microsoft Azure and AWS for off-site tiering, archives, and backup.

Timeless

Meet today’s unstructured data requirements with diverse storage architectures and financial flexibility. Easily adapt to changes in your organisation’s workloads and take advantage of emerging technologies with solutions built to be futureproof.

Software-Defined

With purpose-built hardware platforms, rolling software upgrades, and seamless scalability, software-defined storage architectures let organisations take advantage of the latest server technology and storage trends while lowering cost and complexity.

5-reasons-brick-and-mortar

5 Reasons Why Shoppers Still Prefer Brick-and-Mortar

The constant evolution of e-commerce provides a hybrid of digital and physical purchasing possibilities to customers. While the appeal of an online market is steadily increasing, consumers still cannot resist the social experiences and certain advantages that brick-and-mortar is able to provide. Among the many irreplaceable elements of the in-store shopping experience that cannot be replicated online, here are the top five reasons why shoppers still rely on – and prefer – brick-and-mortar retailers.

The DCIG Buyer’s Guide provides users with comprehensive and in-depth procurement analyses and suggestions from a technical perspective. The evaluation covers numerous aspects, including commercial value, integration efficiency, and data reliability, and is regarded as an important reference for CIOs looking to purchase data center infrastructures.

  1. Personalized Shopping Experience

With all of the advancements that online shopping provides, it still cannot compete with the personalized in-store shopping experience that’s found at brick-and-mortar stores – and that customers crave. Walking up and down the aisles, listening to the music, taking the time to browse and linger; there’s just no way the web can parallel such an immersive experience.

It’s this sort of engagement and excitement that continuously attracts shoppers to brick-and-mortar stores. In fact, according to Retail Touch Points, during the 2018 holiday season 96% of consumers did at least some of their shopping in-store, thanks to the ambiance and festive decor found in physical stores.

In addition to a store’s ambiance, physical stores also attract (and retain) customers through hosting events and classes – something an online store just can’t do. Some examples of events held in retail stores are product launch parties, book signings, holiday parties, charity events, and various classes for cooking, crafting, DIY home projects, and more. And don’t be mistaken, just because events are held in person doesn’t mean they can’t feature the convenience of the digital world. It’s easy for customers to securely pay registration fees and obtain event tickets online, using tools like Star Micronics’ partner Authorize.Net to provide a simplified payment process.

Simply put, brick-and-mortar stores offer a level of customer service and personalized experience that online shopping simply can’t duplicate, making one thing clear: the need for physical stores is here to stay.

2. Ability to Preview Products In-Person – Before Purchase Commitment

One of the biggest advantages that brick-and-mortar stores have is the ability for consumers to inspect products before buying them. Getting a feel for the material, verifying the quality, and testing the product before committing to it is a surefire way to avoid surprises that can be caused by misleading online information and pictures. A recent TimeTrade report showed that as many as 87% of modern consumers want to see and experience a product prior to “taking the plunge.”

Who can blame them? Shoppers value seeing goods in person because it helps avoid inaccurate sizing, malfunctioning equipment, and product scams. Even with an abundance of high-quality photos and videos available online, there’s still nothing like seeing a product with your own eyes and touching it with your own hands, which is why consumers still travel to physical stores to get the most bang for their buck.

3. Quick, Hassle-Free Returns

Even with the alluring ability to inspect products before purchasing, there’s always a possibility that customers may need to return an item. But there’s no question about it, the return policies available at brick-and-mortar stores offer a more simplistic and engaging process than their online counterparts. With just one quick stop, shoppers are able to verbally discuss their returns, ask questions, learn about new deals, and possibly even negotiate the return policy terms.

Brick-and-mortar returns are a clear winner for customers seeking an urgent solution – they can replace the item right then and there, with no shipping costs, no deadline stress, and certainly no waiting. While online platforms consistently update return policies to better enhance customer service, brick-and-mortar stores continue to have benefits up their sleeves that makes in-store returns simply irresistible.

4. Easy, Quick and Detailed Customer Service

It’s undeniable that face-to-face customer service continues to reign supreme, even with the rise of modern online customer service tools. The interactive service offered at brick-and-mortar stores helps shoppers locate products in the store, get second opinions, and more. This sort of personalized expertise and knowledge is highly favored because it provides consumers with a level of interaction that can only happen in-person, as well as answers that even the web might not have (yes, that skirt matches that blouse).

A recent Retail CX Trends study showed that 30% of consumers claim that personalized treatment is what elevates an experience and makes them feel special. The ability for brick-and-mortar stores to offer consistent service that is tailored to the customers’ specific needs and situations ultimately saves the consumer time and improves their overall shopping experience. You just can’t find that level of customized, instant attention online.

5. Ability to Take Items Home Immediately

Even if an online store offers two-day or same-day delivery, no form of expedited shipping can compare to the delivery speed experienced at physical stores. When consumers choose a brick-and-mortar store, they don’t need to worry about waiting, handling fees, or damaged and lost packages. Only physical stores are able to offer the satisfaction of immediately bringing an item (that you know is correct and in satisfactory shape) home.

Today’s shoppers have spoken and they want their purchases now. A recent Retail Dive survey shows that 49% of consumers choose brick-and-mortar stores over the web because they like to take home items immediately. Just one swipe of a credit card unlocks the instant use of your latest buy – the perfect option for the impulse buyer or last-minute shopper in all of us.

key-management-policy-1

Understanding Key Management Policy – Part 1

With rising incidents of data breaches, organisations across the globe are realising that merely implementing perimeter defense systems no longer suffice to thwart cyber attacks.

While front line defense mechanisms like firewalls, anti-theft, anti-spyware, etc. definitely act as a strong deterrent against cyber attacks, they are rendered useless when a hacker gains inside entry by exploiting their vulnerabilities to bypass them.

Alarmed by a spike in data breaches, many regulations like the Payment Card Industry Data Security Standard (PCI DSS), UIDAI’s Aadhaar circulars, RBI’s Gopal Krishna Committee Report and the upcoming Personal Data Protection Bill in India now urge organisations to encrypt their customers’ personal data.

This has resulted in an increasing number of organisations adopting data encryption as their last line of defense in the eventuality of a cyber attack. Unfortunately, with cybercriminals getting smarter and more sophisticated with every passing day, merely encrypting data is no longer the proverbial silver bullet to prevent data breaches.

In this two-part blog series, we will deep dive into the concept of (encryption) key management and cover the pivotal role a well-defined Key Management Policy (KMP) plays in data protection.

Let’s first begin with the basics!

Types of Encryption (Crypto) Keys

Crypto keys can be broadly categorised in two types – ‘symmetric keys’ and ‘asymmetric keys’.

In symmetric key encryption, the cryptographic algorithm uses a single (i.e. same) key for both encryption and decryption. Contrastingly, in asymmetric key encryption, the algorithm uses two different (but related) keys for encryption and decryption. These keys are known as ‘public keys’ and ‘private keys’.

While the public key is used for data encryption, the private key is used for data decryption. Since any data encrypted with the public key cannot be decrypted without using the corresponding private key, ensuring optimal security of the private keys is crucial for foolproof data protection.

Key Management

Since crypto keys pass through multiple phases during their lifetime – like generation, registration, distribution, rotation, archival, backup, revocation and destruction, securely managing these keys at each phase is very important.

Effective key management means protecting the crypto keys from loss, corruption and unauthorised access.

Challenges to Key Management

As more and more organisations generate thousands of crypto keys today for a diverse and disparate set of encryption-dependent systems spread across multiple businesses and geographical locations, key management becomes a big challenge.

To ensure that crypto keys do not fall in the wrong hands, a common practice followed by many organisations is to store these keys separately in FIPS-certified Hardware Security Modules (HSMs) that are in-built with stringent access controls and robust audit trail mechanisms.

However, with organisations using a diverse set of HSM devices like Payment HSMs for processing financial transactions, General Purpose HSMs for common cryptographic operations, etc., key management woes intensify. Further, merely storing the keys separately in HSM devices is not sufficient, as apart from secure storage, efficient management of the crypto keys at every phase of their lifecycle is very important.

Some of the other key management challenges that organisations face include using the correct methodologies to update system certificates and keys before they expire and dealing with proprietary issues when keeping a track of crypto updates on legacy systems.

Hence, cybersecurity experts recommend that organisations centralise the management of their crypto keys, consolidate their disparate HSM systems and chalk out a comprehensive KMP that provides clear guidelines for effective key management.

Key Management Policy (KMP)

While most organisations have comprehensive Information Security and Cybersecurity policies, very few have a documented Key Management Policy.

A well-defined KMP firmly establishes a set of rules that cover the goals, responsibilities, and overall requirements for securing and managing crypto keys at an organisational level.

Designed to cohesively cover each stage of a key’s lifecycle, a robust KMP should protect the key’s:

1. Confidentiality
2. Integrity
3. Availability, and
4. Source Authentication.

The KMP should also cover all the cryptographic mechanisms and protocols that can be utilised by the organisation’s key management system.

Last, but not least, a good KMP should remain consistent and must align with the organisation’s other macro-level policies. For example, if an organisation’s information security policy mandates that electronically transmitted information should be securely stored for a period of 7-10 years, the KMP should be able to easily align to such a mandate.

To Sum It Up

Data encryption is no longer sufficient to prevent data breaches and merely storing the crypto keys separately no longer guarantees foolproof protection against sophisticated cyber attacks.

The need of the hour is to safeguard the keys at each phase of their lifecycle, manage them centrally and implement a robust KMP to ensure optimal data protection.

In the next part, we will discuss how organisations can leverage Key Management Interoperability Protocol (KMIP) to manage their encryption keys and how Gemalto’s Key Management Platform can help to streamline their key management centrally.

In the meantime, familiarize yourself with our Key Management Platform, and learn how security teams can uniformly view, control, and administer cryptographic policies and keys for all their sensitive data—whether it resides in the cloud, in storage, in databases, or virtually anywhere else.