Who Decides What Is Ethical?

In the video below on CxO Talk, I asked Rob Chesnut, Former Chief Ethics Officer of AirBnB, the framework needed for ethical behavior inside organizations.

In my view, ‘who’ decides ‘what’ is ethical behavior matters here. This goes back to the moral compass of the leaders who lead by example and not just by cheap talk. Whenever there are doubts about ethical behaviors inside organizations, we should be transparent about it and ask:

  1. How is ethical behavior systemized in terms of policies, procedures and incentives in your organization?
  2. Who manages the ethical standards of your organization? Hint: It is not one person.
  3. Why ethical behaviour is important for your organization and those you interact with?

Technical Chops Of The Democratic Presidential Candidates

On November 3, 2020, The United States of America will hold its presidential election. This presidential election will determine if Republican President Donald J. Trump gets another 4 years in office or if there will be a new Democratic President. The Democratic Presidential Candidates cover a lot of topics that they think are of interest to the American public.  For me that topic is technology. Specifically, the technology policies, the technology uses and the technology abuses in the private and public sectors.

Everything we do today and the foreseeable future is either directly, or indirectly related to technology. Thus, in this post, I am going to go through each Democratic Presidential Candidate’s campaign pages to know what they are saying about technology and then provide my own views. Here it goes…

In My Point of View:

The United States needs data privacy legislation at the federal, state and local levels. In order to create data privacy legislation, all levels of government and industry have to:

  1. Define what data is and isn’t
  2. Who (companies, consumers, government) have this data
  3. How data privacy legislation would apply when data is captured, at-rest, in-motion, in-between systems/apps, etc.
  4. Create global alliances across countries and regions
  5. Develop a course of action when agreed-upon rules are not followed

Let’s keep this in mind that even though Europe has the General Data Protection Regulation (GDPR) and California has the California Consumer Privacy Act (CCPA), currently, there is no data privacy legislation that is 100% global in nature.

In regards to taxing the organizations that sell consumer data, while on paper it seems alluring but the problem is that when most consumers sign up for ‘free’ services online (i.e., social media, email, etc.), they essentially agree to however the organization likes to use their data. Also, some organizations could avoid data taxation if they simply store and sell the data in a country that doesn’t tax them on data transactions. This, in turn, can create more problems for the safekeeping of the data.

In regards to putting extra government fees on megadeals (i.e., mergers, acquisitions, etc.) would although make the budgets bigger for regulatory agencies but, on the flip side, megadeals could become a rubber stamp just to collect higher government fees. In a megadeal, when organizations have to figure out if their deals would affect current and future competition, this would require a tremendous amount of time and resources whose costs might be passed on to the consumer in either price and/or more detailed data collection.

If a government agency is tasked with breaking up tech, this would require a big budget and expertise to truly understand what is happening in tech and it’s nuances in these companies. Asking these agencies to go break tech up would just create a mess especially when these companies always have the option to operate from another country whose rules might be more relaxed. Additionally, the government doesn’t pay well and to think that super-smart people will work for the government their whole careers are just foolhardy.

In My Point of View:

The Green New Deal focuses on creating technologies that can tackle climate change. While this is a good approach, I think in order to make it stronger, it is essential to look at the current impact of technology on consumers, how technology is marketed to consumers and the waste technology creates when it comes to energy consumption and physical materials harvested from the Earth. We also have to look at how recycling of technology works. Recycle should not be just a collection of technology waste and disposal, but it should be a 360-degree approach where the emphasis is on reusing old technology and technology parts. Also, we have to consider the impact to jobs when moving to a 100% green economy. The government could provide free training and job training which could help reduce some anxiety.

In regards to Broadband, it should be a fundamental right for every person to have access to high-speed Internet. While the government can help in creating the incentives to create the infrastructure for it, we have to be reminded that the monopoly of internet access providers is a very real threat.

In My Point of View:

Information and disinformation tactics have been used for a long time throughout human history. These tactics have taken on a new face in today’s digitally connected world. The idea that anyone can start disinformation on any social media website with a few clicks is concerning. Ideally, the private sector and public sectors would put checks and balances in place to monitor and ensure disinformation is not used. However, it is a threefold problem where disinformation production, disinformation consumption, and disinformation monitoring have to be dealt with equally. As humans, we are prone to biases and these get amplified once we are online. Additionally, we have to note that most social media organizations are for-profit entities and thus there are no incentives for these organizations to make disinformation dissemination a priority.

In regards to breaking up tech, to spur innovation and competition seems good on paper but what is essentially being said is that if an organization reaches a certain size then the government will look into breaking them up. This idea seems anti-capitalistic. Tech is an ecosystem and breaking up tech means disrupting that ecosystem. To be clear, because of these tech ecosystems, many small businesses have also emerged. Think about the small businesses that are able to advertise on Google to anyone in the world, think about small businesses that use Amazon to sell their products to a wider audience, think about small businesses that have used Facebook as a place to test their marketing strategies at a bare minimum cost. The ripple effects of a tech breakup have to be understood and studied thoroughly before going this route. Additionally, due to global reach and connected, tech is not bound to one geographical location. These tech organizations can simply pack their bags and move to more tech-friendly countries which means that not only will there be job loss but also brain drain.

In My Point of View:

For the climate change revolution to take place, we need to look at energy production as well as energy consumption. We can’t out-tech our way out of the imminent climate disaster. We have to look at energy holistically which means to make tough choices when it comes time to do so. But these tough choices don’t have to be at the expense of anyone. While it is true that climate change revolutions will create many jobs but what about the jobs that would be lost. We have to provide incentives for people to join the new green economy. No one should be left behind.

The future of Education requires us to think in terms of a lifetime approach to pursuing knowledge. In this pursuit, teachers, coaches, parents, and guardians play an important role in addition to the environment that we create for the students. To hamper a student’s lifetime success simply because they were born in certain zip codes is simply, cruel. Everyone should have the ability to pursue knowledge physically and/or virtual regardless of their situation. This is where technology comes into play. Technology can be the great equalizer not only in terms of pursuing knowledge online but also in terms of making students globally competitive. We have to teach not only the ability to use technology but teach the ability to enhance, modify, develop, and extrapolate what technology can do.

  • Michael Bloomberg
  1. Infrastructure
  2. All-In Economy

In My Point of View:

The US needs to update its infrastructure and create new infrastructure that enhances the quality of life for all its residents. Infrastructure is not only about roads, bridges, and transportation but it’s about technology as well. Technology infrastructure means fiber optics, networking switches, broadbands, various types of clouds and software. As long as we don’t include technology as part of overall infrastructure goals, we will surely become obsolete sooner than later.

In regards to creating jobs of the future, we have to make a decision about what future we want. A future without considering the effects of technology will not be a future at all. In the long term, most jobs can and will be replaced by technology. The question is not if but when and when is happening right now. The people who will be displaced are tremendous and its high time we take our heads out of the sand. As technology becomes more commoditized, jobs will be for people who not only understand the technology but who can also connect the dots through technology.

  • Pete Buttigieg
  1. Education
  2. Building for the 21st Century

In My Point of View:

When it comes to looking at the economy as a whole and other countries are doing. Providing technology education is important. What is also important is not losing those who pursue higher education in the US and then are forced to leave to their home countries. These people in those countries then compete directly with the US. This process can’t continue. Technology education can unlock the potential of a generation but we can’t forget those who will be left behind.

In regards to building for the 21st century, we have to think about where we are, where we want to be and what it will take in terms of initiatives from federal, state, local, non-profit, for-profit and academia. We have to think not only in terms of physical things but we also have to look at the happiness of our residents and the positive effects we can create for the environment.

In comparison, here are the technological achievements of President Trump so far.

Final Thoughts

While all of the above technology-related topics are important but what we are missing is a comprehensive National Digital Strategy that is agreed upon at the federal, state and local levels. What we need are legislators and regulators who understand the power of technology. What we need are people who know that technology can change the economy and even the government.

Processing…
Success! You're on the list.

5 Questions To Ask About Enterprise Architecture (EA)

In 1987, John Zachman published an article in the IBM Systems Journal called A Framework for Information Systems Architecture which laid the formalized foundation of Enterprise Architecture. In the 1990s, John Zachman further develop the idea to classify, organize and understand an organization by creating The Zachman Framework™. The Zachman Framework™ talks about understanding an organization in terms of:

  1. Data
  2. Function
  3. Network
  4. People
  5. Time
  6. Motivation

Today, the field of Enterprise Architecture (EA) also draws from the fields of Engineering, Computer Science, Business Administration, Operations Research, Psychology, Sociology, Political Science, Public Administration, and Management. Due to the advancements and inclusion of various fields, the definition of what EA is continues to evolve depending upon if you are a practitioner, academic, vendor or government but the basic premise of Enterprise Architecture is to holistically understand the entire organization to make management decisions.

In addition to The Zachman Framework™, there are many other EA frameworks that have emerged over the years to help an organization understanding where they are (current state or as-is), where they want to be (future state or to-be) and what steps (transitions) they should take to get to the future. Some of these EA frameworks include:

  1. The Open Group Architecture Framework (TOGAF)
  2. Federal Enterprise Architecture Framework (FEAF)
  3. Department of Defense Enterprise Architecture Framework (DoDAF)

To be clear, EA is not only about frameworks but its also about the EA methodology, tools, artifacts, and best practices. As you develop EA within your organization, you will realize that not all frameworks and tools would fit perfectly but it is a continuous improvement over time. Regardless of the size of the organization, EA can help create a holistic thinking mentality, optimize business processes and improve decision-making.

By now you might be thinking that of course, EA is the answer to your woes. But hold on! Before you jump into EA, it is critical to know: 1) The term EA and its jargon can confuse people, 2) EA is about the entire enterprise (aka organization) and not about just certain functions of the organization, 3) People working under the EA function should have a complete grasp of Business operations and IT capabilities, 4) EA is not an IT activity and 5) EA’s purpose is to communicate what is happening and what could happen.

For organizations, EA is like an overarching umbrella which when used effectively can have a profound impact but if used incorrectly can turn into a burden to carry. Keeping these things in mind, let’s ask the following questions:

Today

Tomorrow

Who is demanding the need for EA and who is creating it?

Who should be demanding a need for EA and who should be creating it?
What if EA fails?What should happen when EA fails?
Where EA is helping in decision-making?Where EA should help in decision-making?
When EA artifacts are being collected?When should EA artifacts be collected?
Why EA is being used?

Why EA should be used?

As we can see, whoever sees a need for EA matters, EA champions within various organizational functions matters, EA execution matters, EA measurement matters and EA best practices for organizational-wide improvement matters. It should be noted that all organizations do EA in some way (unformalized, semi-formalized or fully formalized).

Processing…
Success! You're on the list.

A Voice Over Internet Protocol (VoIP) Solution

Credits: Alex, Arsalan Khan, Dan Hopkins, Eddie Heironimus and Uzair Khan

1. EXECUTIVE SUMMARY

This report provides the Chief Information Office (CIO) of Citadel Plastics (CP)  – a fictional organization – recommendations and justifications that would help her make procurement decision on selecting a Voice over Internet Protocol (VoIP) solution. In this paper, we analyze the business and technology issues faced by the organization. Our team performs this analysis by identifying the current issues with the telecommunications environment across various worldwide locations and the future needs of CP. For this report, we have made the following assumptions:

General Assumptions

Business Assumptions

Technology Assumptions

  • Final decision is with the CIO to choose the VOIP solution
  • Various vendor business applications are flexible to connect with any other system
  • The sales offices have high-speed broadband connection while the remote sites do not
  • Each sales office has 15-20 users
  • Each manufacturing sure has 300-400 users but only a handful would be receiving CAD models
  • File Transfer Protocol (FTP) is used to exchange CAD models between engineering team in the sales office and manufacturing sites
  • CAD models are between 100MB to 300MB
  • Currently the mobile computing options are limited

Table 1: VoIP Solution Assumptions

Based on the above assumption and keeping in mind the future growth of CP, our team recommends the following two options to be considered for the purchase of a VoIP solution:

Benefits Risks

Costs

Option # 1

(Cloud)

  • Easy to set up and maintain
  • Simple plug and play functionality
  • Low Cost
  • Full featured functionality
  • No Quality of Service (QoS) on Internet traffic to cloud provider
  • Risk of provider outage (both technical and operational)
  • Lack of control over technical solution
  • Privacy/Security: exposure of call data to Cloud provider.
  • ·   Updates/changes to the cloud would impact our deployment
  • $24.99 per user per month for Standard account
  • $34.99 per user per month for Premium (for Salesforce.com integration)
  • $44.99 per user per month (10,000 toll free minutes) for Enterprise
Option # 2

(On-premise)

  • VoIP solution control
  • Maintenance and upgrades

Table 2: VoIP Solution Options

While both options have pros and cons, our team has determined that due to reliability considerations, on-premise VoIP solution is a better choice. We have assessed that even though in the short-term the on-premise VoIP solution is more expensive but in the long-term it would prove to be practical.

2. PROBLEM STATEMENT

The decision to deploy a VoIP solution can be a large hurdle for Citadel Plastics, especially for end-users that are habituated to our legacy systems of corporate communication. Aside from the difficulties involved in breaking the habit, old systems such as Public Switched Telephone Network (PSTN) and Plain Old Telephone Service (POTS) have a proven track record of being stable over a long time. Regardless, these systems should be labeled as outdated technologies that are no longer applicable to the business growth that we are experiencing. Given our increasing dependency to exchange data between our manufacturing sites and sales offices, it is imperative that we switch to a solution that increases our broadband capacity. Transitioning to a VoIP solution seems to be the dominant alternative, but our main analysis will be to determine which vendor is better suited to satisfy our business needs; consideration on how the transfer of CAD files is now as important as the point of sale in CP business model.

General assumptions:

  1. There are certainly many VoIP solutions in the market place we could cover but we will limit the scope to the best two in our report. The decision to pick one over the other is really a subjective one for the CIO as they all offer rather comprehensive feature support.
  1. All of the solutions we consider can interconnect with a large number of different interfaces, terminals and gateways depending on the requirements of a specific deployment, thus allowing a large amount of flexibility in business applications.

3. REQUIREMENTS

Our aim is to procure a solution that can 1)offer cost-effective and seamless communication to all our users, regardless of their role within CP, 2)have the ability to merge disparate technologies such as mobile platforms and web-aware business applications and 3)not simply enable efficiency by voice and data integration but leverage telephony implementations across our manufacturing and sales force. The following table shows CP’s different sales and manufacturing locations:

Sales Offices (15-20 people)

Manufacturing Sites (400 people)

Europe

Asia North America

South America

 
  • Dublin, Ireland
  • Frankfurt, Germany
  • London, UK
  • Madrid, Spain
  • Milan, Italy
  • Beijing, China
  • Tokyo, Japan
  • Bombay, India
  • Islamabad, Pakistan
  • Moscow, Russia
  • Mexico City, Mexico
  • Ottawa, Canada
  • Washington, DC
  • Brasilia, Brazil
  • Bogotá, Colombia
  • Santiago, Chile
  • Pretoria, South Africa

 

  • Haryana, India
  • Chandigarh, India
  • Dongguan, China
  • Guangdong, China
  • Tampa, Florida

 

Table 3: Citadel Plastics’ Locations

3.1 Technology Overview (current)

CP has a global presence with two types of offices around the world. The sales offices are located in major cities with access to high-speed Internet connections. The three manufacturing facilities are located in remote parts of the world with limited access to high-bandwidth. Currently the sales offices share their CAD files using FTP servers. There is no formal process in place and with the recent growth in business there have been a lot of file transfer delays.

Business Assumptions:

Based on the information, we have made the following assumptions:

Transfer Route

  1. The sales offices receive sales orders from customers via phone and the web.
  2. The engineering team creates the CAD files (100MB – 300MB) at the sales offices.
  3. Sales then sends CAD file to manufacturing site via an FTP server.
  4. Manufacturing site downloads the CAD file and builds the product.

WAN Connections

  1. The sales offices have T1 connections, 1.5 Mbps down and 1.5 Mbps upload speeds.
  2. The manufacturing sites have satellite connections with speeds from 1.5 Mbps download and 128 Kbps upload (which often experience delays).

Mobile Computing Options:

Every CP user operates onsite with limited mobile computing options. There are two shared stand-alone laptops at each sales site. These laptops are used by the sales staff for rare client-site meetings. Manufacturing facilities do not have any laptops onsite.  Additionally, no mobile phones are provided to the users.

Interoperability/Integration:

Voice and data integration is a critical part of the network design. CP has many internal employees that work at different locations around the globe. These users need to be able to quickly and easily communicate, collaborate and share their data. External customers need to be able to submit orders and discuss any issues via phone or email. However, the current design does not utilize current integration and automation technologies. Initially this was not a problem but with the recent growth in business, all members are experiencing issues. These issues range from transfer delays and voice quality issues when dealing with customers and vendors.

There are many application silos that have been created over time and have not been designed to share information easily. The three key types of information at CP are sales orders, email and CAD files. Sales orders are received via email or phone. There is a dedicated mail server at the Washington, DC location that handles email for the entire organization. The mail server is running Microsoft Exchange 5.0 on Windows Server 2003. Generally the mail flow is fine as long as Internet and power is available. However, the hardware is out of support and outdated. Additionally, there is a dedicated Internet connection at every location to the outside world.

For FTP transfers, users have access to a dedicated workstation with a dedicated layer 2 private line. This setup is installed at each location. Both the sales team and the engineering team complain about delays during FTP transfers. The delays are being caused by multiple factors. The lack of a queue causes the download links to receive numerous downloads at the same time. Most of the manufacturing facilities have lower connection speeds and cannot handle that load all at once. This causes frustration between the manufacturing and sales departments.

The voice network is entirely copper-based. Each site has a dedicated PBX with PRI lines that go out to the PSTN. The offices are using TDM phones with copper lines between the phone and the PBX. Though this is a traditional design, the phone company provides data, voice and power over the copper lines. This allows the phones to continue to run even when the local power company loses power. However, customers often complain about noise during phone calls and fast-busy signals and often resort to using their personal cell-phones.

Network Topologies:

The current network topology is shown here below:

VoIP Figure 1 - Current Network Diagram

Figure 1: Current Network Diagram

This topology is used at both the sales offices and the manufacturing facilities. The diagram shows a dedicated uplink/downlink to the Internet. The speeds of this link vary between the sales offices and the manufacturing facilities. However the topology remains the same.

The router is sent to a firewall, which is the only layer of protection from the outside world. Currently they are running a Juniper firewall with the default settings. There are no custom configurations on the firewall. The site is prone to attacks that cause some of the Internet outages at the sites.

The firewall has a dedicated switch, wireless access point, mail server and an FTP terminal for file transfers. Wireless access point has been turned off to help lower the load on the bandwidth.

As mentioned earlier, the voice communication is currently configured over copper. All the TDM phones at each site connect to a router that is directly connected to a PBX. The PRI provider installs and manages the equipment and the call routing. This consumes a lot of power. During peak business hours, customers complain about static and voice degradation. The following figure shows the current voice communication setup:

VoIP Figure 2 - Current Voice Communication Setup

Figure 2: Current Voice Communication Setup

Network Usage:

The T1 line at each sales office is over utilized. Users complain about transfer rates and slow Internet access during peak business hours. This causes a delay when building orders for customers over the phone. In addition, each sales office sends 10 orders (CAD drawings) to the manufacturing facilities per day. These files are uploaded via a T1 connection then downloaded from the manufacturing facility through a satellite connection.

Customers often complain about static and noise when calls are made from the office phones. This causes users to have to use their own personal cell-phones to make phone calls. After further investigation, the leading cause of the noise is due to the limited number of lines on the PTSN.

The manufacturing sites receive calls from the sales offices but are only able to make two outside calls at any time. The users have managed to make this work but often calls are missed and sales offices have to wait until next day to get their orders in.

Security:

CP utilizes a Juniper firewall in their current environment. All workstations are equipped with stand-alone instances of Symantec Antivirus. There were no managed instances of AV clients on the entire network. Local machines are configured with Windows Firewall but since all users have admin privileges, users often turn them off.

Security updates are pushed out manually and rarely ever verified. The vulnerability scanner reported 600+ security updates across the entire network. The doors to do the network closets are often kept open to help with ventilation. This is a liability as it allows easy access to the organization’s critical IT services.

Implementation:

The current implementation plan was not documented. Current managers of CP suggest that a couple of hardware guys that were not experts in network design did the implementation.

3.2 Technology Overview (future)

Regardless of which vendor we decide to procure for our VoIP solution, we need to acknowledge the variety of caveats inherent from a VoIP solution and define the scope as much as possible. What application? What platform? What protocols? We know VoIP is a broad term, describing many different types of applications installed on a wide variety of platforms using a wide variety of both proprietary and open protocols that depend heavily on your preexisting data network’s infrastructure and services. Therefore, we need to narrow the future technological overview of the VoIP solution we want to explore.

Because VoIP technology, as opposed to POTS, interacts with the Internet and can be configured in various types of network topographies, it is therefore very susceptible to unwanted attacks. According to David Persky, the evolution of VoIP is rid with vulnerabilities because  “the security aspect was an afterthought and as such, there has been this seemingly endless game of cat and mouse between security engineers and vendors fixing vulnerabilities.” Therefore we have to make sure that the future solution CP engages in considers the following preventive measures:  1) promotion of greater log analysis to provide a clearer vision of voice and data traffic, 2) implementation of regular 3rdparty VoIP penetration testing tools such as Nessus, 3) segmentation of data and VoIP traffic in separate Virtual Local Area Networks (VLANs) to ensure that the VoIP VLANs cannot be used to gain access to other data VLANS, and vice versa, 4) creation of firewalls to block all outbound traffic for known destination VoIP service ports, and 5) avoid a single line of failure by not putting the IPS inline with the VoIP traffic.

Some of the main vulnerabilities we will reduce from these measures are denial of service attacks (DOS), man-in-the-middle attacks, call flooding, eavesdropping, VoIP fuzzing, signaling, audio manipulation, SPIT or voice SPAM and Voice phishing attacks. When comparing these vulnerabilities with those from POTS, they share most of the vulnerabilities except the ones involving the web interface. Unlike our old POTS system, when you know a line is vulnerable when you are actually operating the telephone line, VoIP can be exposed to the previous vulnerabilities even when the line or device is inactive. Since VoIP integrates voice and data on the computer, it is possible to hack into the VoIP if the computer it’s connected to is online. This is accomplished because most users “overlook the fact that the VoIP phone can possess a web management Graphical User Interface (GUI), and can be compromised to then attack other VoIP and data resources, without placing any calls.” Still there are vulnerabilities in POTS that are also present in VoIP, these are Caller ID spoofing and VoIP toll fraud or phreaking.

Aside from sharing vulnerabilities, POTS and VoIP also share particular legislation that is applicable to both technologies. The two main pieces of legislation that the new solutions we adopt must comply with 1) the Communications Assistance for Law Enforcement Act (CALEA), which require carriers and Internet Telephone Service Providers (ITSPs) to have a procedure and technology in place for intercepting calls and 2) the Truth in Caller ID Act of 2007, which makes it unlawful for any person in the US to cause any caller identification service to transmit misleading or inaccurate information with the intent to defraud or cause harm. Based on these overall technological considerations, we can proceed to analyze our recommendations.

4. RECOMMEDATION # 1: Cloud VoIP Solution

The first solution we are recommending for consideration is a hosted PBX or “Cloud” based phone solution. There are a number of vendors that offer hosted PBX solutions that would enable a cost effective and simple VoIP solution, while also providing cutting edge technical features and functionality.

A hosted cloud provider would primarily offer CP the following benefits:

  1. No hardware: Beyond core network routers and switches, No PBX or other VoIP equipment would be necessary for the solution. This would reduce the Capital Expenditure requirements and implementation costs that buying an “in-house” VoIP solution would provide.
  2. Ease of deployment: the initial and subsequent deployment of physical phones is effortless with a cloud solution. CP can simply plug in a phone into the network and the phone uses DHCP to automatically configure itself for the network.
  3. Web based administration: A cloud-based solution is controlled by a web administration portal that allows for web based provisioning and administration from any Internet accessible computer.
  4. Full features and functionality: Most cloud solutions have cutting edge features and functions such as voice mail to email, automatic presence (availability) detection, etc. Additionally, as the company improves their offering or provides additional features, CP would be able to leverage these.
  5. End Point Options: Most cloud providers offer “soft” phones in addition to physical phones that can be installed on a computer or smart phone device giving a user many different options for making and receiving calls.
  6. CRM Integration:Somecloud providers would give CP the ability to seamlessly log calls into certain CRM solutions (like Salesforce.com) to provide for enhanced process efficiencies, tracking and reporting.

A cloud based VoIP solution however does pose some risks and challenges for CP. Primarily, these risks relate to call quality and outages. Since all calls have to route through the cloud provider, without a dedicated Multiprotocol Label Switching (MPLS) connection to the selected cloud provider, calls would route over the public Internet and there are no QoS guarantees outside of CP controlled networks. Additionally, any outage impacting the cloud provider would inherently impact CP so proper and thorough due-diligence is needed during vendor selection.

4.1 Cloud VoIP Solution Project Implementation Plan

A cloud based VOIP solution really reduces the complexity of a VOIP implementation for CP and is a primary compelling driver of such an alternative. First, CP would want to estimate the number of calls and current calls it expects to use through the VOIP system. This data would drive plan selection (international calling plans) and ensure the proper connectivity to each location for supporting such a solution.

Second, CP would complete a technical assessment of internal network architecture. For example, they would need to ensure that all core switches and routers allow for QoS, that the necessary firewall ports are open to allow for the UDP traffic of the phone vendor, and ensure that Internet connectivity to each site can support the VOIP traffic. Most cloud vendors suggest an average of at least 64Kbps per call (up/down), which can then be multiplied by the number of expected concurrent calls to create a baseline minimum connectivity standard.

After the planning stage of the implementation is complete, CP could leverage the Cloud providers web based control panel to set up each extension, VM, user etc. for each phone that it will deploy (don’t need to configure the physical phone itself).

When the phones arrive onsite to the user, the user can simply plug the phone into the network and it will automatically configure itself with a DHCP issued device and contact the Cloud providers website to download it’s assigned profile. This will reduce the need for IT staff to physically support the VoIP rollout at each location, saving CP additional implementation funds.

4.2 Cloud VoIP Solution Disaster Recovery

In the event of a Disaster, a cloud solution provides CP with a number of options.

Since the cloud VoIP solution is offsite, it is inherently removed from any disasters that impact the continuity of CP directly, as access to the phone system requires only an acceptable Internet connection. Should an event occur that impacts CP operations in any way, calls to CP would still occur since they route through the cloud providers network. Since most cloud providers allow for roll over functionality to mobile phones, calls could still route to the intended recipient or at worse case, go to voice mail.

Additionally, most cloud providers have “soft phones” that enable calls to be made and received – using the same number/extension — from software installed on their computer or smart phone device. So in an event of a disaster, we would develop a number of procedures that accommodate ongoing use of the cloud phone system in a variety of different ways, assuming a user has any acceptable Internet connection.

While a cloud solution would inherently offset most of the technical disaster recovery needs, it would expose CP to the disaster recovery solution of the provider. Therefore, when we recommend a specific vendor, we will ensure proper due-diligence is undertaken on the cloud vendors strategy, process and procedures.

4.3 Cloud VoIP Solution Failover Remediation

From a technical perspective, a cloud solution means that CP simply has to consider redundancy in its local area networks and Internet connections, as we would offset the technical failover mechanisms to the chosen cloud provider. In this sense, we can use the redundancy we’ve already built into the existing LAN and WAN to hedge against issues getting to the cloud phone provider.

In the event a failure occurs to the network or Internet, CP phones systems would technically not go down because all calls route through the cloud provider. As mentioned in the Disaster Recovery section, calls could automatically reroute to mobile devices or “soft” phones to reach the intended recipient or extension.

However, since CP effectively would be outsourcing their VoIP solution, CP would also outsource the failover remediation to the selected cloud provider and would be exposed to any outage that the Cloud provider may have. Industry leading Cloud providers have failover remediation solutions and processes internally which would be more redundant and resilient than what CP could likely afford, however outages do occur and we would be beholden to the cloud provider for resolution if a system outage were to occur.

4.4 Cloud VoIP Solution Vendors, Price, SLAs and Value

There are a growing number of cloud based / hosted PBX options available for CP to choose from – most of which cater to the mid-market. Industry leaders include RingCentral.com, Comcast, Verizon, XO communications, Vonage (business solutions), 8×8 and Grasshopper.com.

Most cloud solutions offer their service at a per-month; per-user rate and prices can range from about $19.99 – $49.99 per month, which typically includes unlimited minutes, and some allocation of international long distance minutes.

Unfortunately, Service Level Agreements (SLA) are typically not offered for any solutions that require communication to the providers through the public Internet, as QoS cannot be ensured. However, if CP can enable a MPLS network to a selected cloud provider, typically cloud providers will negotiate SLA’s to provide some guarantees.

5. RECOMMEDATION # 2: On-Premise VoIP Solution

Verizon was chosen as the network provider due to its substantial global footprint for both MPLS and SIP Trunking connectivity. Verizon also receives high marks for its Voice over IP Service portfolio from industry critics such as Gartner. Verizon provides full VoIP services (i.e., local, long distance, and international) to North America and most of Europe.  Countries that are not covered by full VoIP services will utilize a hybrid approach that employs 3rd party voice services to fill in the gaps in services.  In all cases, MPLS connectivity will allow each country to realize cost savings by directing intra-company calls across the MPLS network.

In the site listing below, the sites in Red have full VoIP services from Verizon.  For the blue sites, Verizon is able to provide international and intra-company VoIP services.  The customer will need to order local services via ISDN PRI or some other PSTN connectivity via a third party provider.  The purple sites have MPLS connectivity only.  The customer will need to order local, long distance, and international service via a third party provider.  The customer’s dial plan will be configured such that intra-company calls will be sent over the MPLS connection directly to the called site allowing them to still realize cost savings through bypassing the tolls for those international calls.

5.1 On-Premise VoIP Solution Project Implementation Plan (for hub sites)

The CP will employ a Cisco VoIP solution for call processing utilizing the Cisco Unified Communications Manager (CUCM) to support a multi-site, distributed call processing deployment with a group of call processing servers operating in a cluster to form a single logical call processing server.  Two hub sites will provide call signaling and application services to the network.  A hub site in Washington, DC will provide direct support to the locations within North and South America while another hub site in London, UK will support the locations within Europe, Asia, the Middle East, and Africa.  Both the Washington, DC and London, UK hubs will have a CUCM Publisher server for CUCM configuration and two additional Subscriber servers for primary and backup call signaling and application services.    Cisco Unified Border Element (CUBE) routers will provide the Session Border Control (SBC) functionality between the CP and the Verizon SIP Trunking network provided over MPLS dedicated circuits. The following figure shows the different offices that would use this solution:

VoIP Figure 3 - On-Premise VoIP Solution Locations

Figure 3: On-Premise VoIP Solution Locations

5.2 On-Premise VoIP Solution Disaster Recovery (for remote sites)

The remote Sales and Manufacturing offices will also have CUBE routers to terminate their Verizon SIP Trunking connections.   The routers will utilize Cisco’s Survivable Remote Site Telephony (SRST) feature that automatically detect the loss of call processing to the hub site’s CUCM and auto-configures the router to provide local call processing to the IP phones while network connectivity is restored either locally or to the hub site.  Each remote site will also be configured with two onboard Foreign-Exchange-Office (FXO) interfaces for Plain Old Telephone Service (PSTN) lines to allow for emergency outbound dialing such as 911. The router will automatically redirect outbound calls to the FXO interfaces until connectivity is restored to the hub CUCM servers at which time any new calls will again be sent over the WAN link.

For countries that have limited or partial SIP Trunking service with Verizon a hybrid approach is required whereby the customer procures PSTN service via a 3rd party local service and routes either or both intra-company and international voice calls across Verizon’s MPLS SIP Trunking network.

5.3 On-Premise Solution Failover Remediation (for networking size)

To conserve bandwidth the CP will utilize the compressed G.729a codec that requires 33kbps per call compared to the G.711 codec that requires 83 kbps per call.  Verizon’s SLA includes a MOS score of 4.0 for G.729a traffic which supports high quality voice.

The sales offices and major locations all have 15-20 people.  The network was sized to support concurrent calls for half the users at any given site.  10 calls multiplied by 33 kbps equals 330 kbps of required bandwidth per site resulting in a fractional T1 or E1 circuit with room to grow.  Although the manufacturing sites have large numbers of employees, very few of them will have their own phone or actually spend much time on the phone so the concurrent call requirements will be very similar to the sales offices and major locations.  For resiliency, the Hub sites will have two diversely routed T1 / E1 circuits.  This will allow the hubs to have alternate network paths for their own SIP Trunking connectivity and phone service as well as providing backup paths for the remote sites that depend on the hubs for their signaling and call control.

5.4 On-Premise VoIP Solution Network Changes and Design

For the initial VoIP rollout, the CP will be converging voice and data on the LAN network.  The new MPLS connections will be dedicated solely to Voice traffic.  A separate WAN network is already in place for data traffic.  To support voice and data convergence on the LAN, QoS configurations will be implemented to prioritize time sensitive voice traffic over data traffic.  QoS will also be configured on the WAN network to prioritize voice traffic across the MPLS backbone.  CP would use its LAN convergence experience as a stepping-stone to eventual full convergence over both the LAN and WAN.

VoIP Figure 4 - On-Premise VoIP Solution Network Design

Figure 4: On-Premise VoIP Solution Network Design

6. CONCLUSION

To summarize, the two VoIP solutions consolidate the voice and data networks of CP in order to provide more bandwidth for the exchange of the CAD models. The benefit of looking at two solutions is to see the choices that are available to us. This analysis also indicates that with any solution that we proceed with we have to take into consideration risks that revolve around people, processes and technologies. These risks include change management, circumventing of the new processes, obsoleteness of the technologies and the vendors going out of business. Taking into account all these risks and the long-term benefits for the organization, we recommend the On-premise VoIP solution for Citadel Plastics.

Processing…
Success! You're on the list.

5 Questions To Ask About Mashups

In computing, a mashup integrates/combines data and/or functionality from multiple sources and presents it in a single view. In organizations, mashups are used every day in the form of business (accounting, administration, business development, customer service, engineering, finance, human resources, management, manufacturing, marketing, operations, production, research and development and sales) dashboards and Information Technology (IT) dashboards. These dashboards can ingest simple data and/or even Big Data and then show an overall summarized visualization of what is going on.

In order for mashups to work, there are business processes and data management procedures that need to be followed. By consistently providing relevant data, mashups can reveal great insights and also help in strategizing. At its core, mashups “gather” data from multiple sources where data might have been manually or automatically (e.g., IoT) entered. Since the data is being pulled from various sources, it can create issues in terms of provenance and governance.

Provenance of Mashups

For provenance, since the origin of the data is not always displayed, this can create problems in terms of:

  • The authenticity of the data
  • Copyright of the data
  • Misrepresentation of the data
  • Manipulation before displaying the data
  • Incorrect correlations of the data

Governance of Mashups

For governance, since policy, organization, and structuring of the data matters, this can create problems in terms of:

  • Timeliness of data
  • Unintentional avoidance of new data
  • Skewed conclusions due to duplication of data
  • Deciding if/when data governance should be done by Business or IT or both

In light of the above issues, let’s ask the following questions about mashups in your organization:

Today Tomorrow
1. Who is responsible for defining and managing data’s lifespan in mashups? Who should be responsible for defining and managing data’s lifespan in mashups?
2. What does your mashups data show you? What should your mashup data show you?
3. Where does the data come from in mashups? Where should the data come from in mashups?
4. When data is relevant? When should data become relevant?
5. Why mashups are used? Why mashups should be used?

It should be clear by now that the strength of a mashup is directly related to the weaknesses in the underlying data regardless of how pretty the picture of the mashup might look.

Processing…
Success! You're on the list.