Talktech: Visibility as the foundation for digitization

Hong Kong-based IT executives shared their views about business and infrastructuHong Kong enterprises are digitizing their businesses, aiming to optimize their operations and to offer better customer experiences. But these benefits cannot be achieved without a clear visibility of both the business strategy and technology infrastructure, according to a group of Hong Kong-based IT executives.

At a recent Talktech executive roundtable organized by Computerworld Hong Kong and Fortinet, IT executives talked about the significance of visibility in their digital transformation journey and the challenge to develop a clear vision in both the business and technical perspective.

The value of visibility

When we talk about visibility being a critical component, we are referring to business visibility and technical visibility,” said Alvin Rodrigues, chief security strategist, Asia Pacific at Fortinet.

According to Rodrigues, business visibility means understanding the workflow, the unique business value proposition, revenue driver and most importantly, the business’ new directions for growth. The lack of business visibility often results in misallocation of resources, creating a missing link of IT-business alignment. 

“Depending on the nature of the job of the IT and security professionals, they may not have the visibility of the strategic direction,” he said. “If you are aware of the latest business directions, you’ll likely allocate resources aligned with business growth.”

Despite having a clear vision in business strategy, many IT executives also struggle with the lack of visibility in the organization’s infrastructure.

“In the infrastructure side, it’s the visibility of the network environment—what applications do you have and where is your network traffic going—these are questions sometimes not easily answered,” he said.
“Do you have visibility of both sides to build a strategy that aligns technology and business to drive growth? What are the red flags that you see to protect your digital transformation journey?”

Visibility in the cloud

These are exactly the questions that Patrick Cheung, head of IT at City Super is trying to answer. The city’s major supermarket operator has been an active public cloud user. It has deployed an array of cloud services, including recruitment, CRM systems and loyalty programs. Cheung said it is easier to gain visibility for its internal on-premise environment, but the external cloud environment adds complication.

“We only have transparency of the application performance, but we don’t have the visibility of their IT infrastructure and security architecture; we don’t know how they achieve the required performance or security,” he said. “We can only rely on the certifications that they have achieved.”

Using the public cloud environment reduces management complexity, but this also reduces the visibility and control of the infrastructure. Brian Chan, VP of information technology operations at PVH—an apparel company that operates Calvin Klein, Tommy Hilfiger and Heritage Brands—agreed.

“That is a given fact that using SaaS means you have less control,” said Chan. “The way we deal with this issue is to put in SLAs and penalty liability costs. We have a straight liability cost, if the provider fails in achieving certain SLA requirements, they have to provide [monetary] coverage for liability.”

This is the case not only among retailers. At plastic and chemical manufacturer Lyondell Basell Asia Pacific, the company’s Asia Head of IT Sunny Chan also faced a similar problem.

“With more companies adopting cloud services, it is important for the cloud provider to start sharing more information and reports with customers,” said Chan. “They should provide reports for more visibility about their security posture, network traffic and performance.”

Global visibility

But the challenge of gaining infrastructure visibility is not limited to running a public cloud environment.  Ville Sarja, group CIO and group security officer at Finland-based mobile and tablet charger manufacturer Salcomp faced similar issues.

The company has production plants in China, Brazil and India, with additional sales and marketing offices in the US, Taiwan, South Korea, Hong Kong and Japan. Although the company’s business nature does not require a lot of cloud-based applications and the IT infrastructure primarily runs on-premise, according to Sarja, it remains a challenging job to achieve visibility of this global company’s security posture.