suite--Remedy ITSM 7.0--to Hong Kong. The application suite supports 17
languages, including simplified and traditional Chinese, and aims to
help IT shops comply with IT service management best practice ITIL (IT
Infrastructure Library).
"There are multiple service units within an IT shop, often using various
management tools to provide IT services," said Jason Andrew, director,
service management solutions, Asia-Pacific. "The suite integrates these
islands of applications, allowing IT to implement a single standardized
policy across different IT units."
The application suite updates four applications-support service desk
management, asset management, change management and service level
management. Andrew said one of the new features under the service desk
management application is intelligent ticketing integration, which
creates incident alerts based on services required and automatically
prioritizes their urgency according to business needs.
Another new feature under the asset management application, according to
Andrew, is software license management-the application now tracks the
number of licenses purchased and their expiration dates, but also their
usage.
"The application will track how many of the 100 licenses of Oracle CRM
applications were actually used," he said. "If only 80 were used, then
when there's a new system and [you] require more licenses, you can buy
maybe only 20 more licenses instead of 40 more."
Among all the applications within the suite, service desk management
remains the most popular among Hong Kong enterprises, noted Raymond Li,
director of ITApps, a long-time local partner and distributor. He said
service desk management can bring a fast and obvious enhancement to IT
services for a large group of business users.
"As the relationship between IT and businesses are becoming more dynamic
and inter-related, enhancing IT services is no longer as simple as
installing an application," said Li. "It's now a long journey, and
service desk management is the easy first step in this journey."
The second step of the journey often includes the development of a
configuration management database (CMDB), a repository of information
related to all components of an information system, said Wallace Chan,
BMC country manager for Hong Kong and Taiwan. The database records
configurations and incidents within the system, providing the data to
track changes and automatically discover such incidents, he added.
"The ultimate goal to introduce asset management and change management
applications to complete compliance with ITIL best practice," said Chan.
ArcSight: HK info risk high
Despite its IT maturity, Hong Kong must harden its security awareness
and regulatory requirements, said Robert Lau, VP and general manager,
Asia Pacific and Japan, for security information management (SIM)
provider ArcSight. SIM is software that collects and analyzes security
data from multiple devices and other relevant sources.
The company recently established its Asia Pacific headquarters in Hong
Kong. But Lau noted the city, as compared to nearby countries like
Singapore and Japan, lacks regulatory requirements in managing
information risk.
"Singapore is probably one of the safest places to access the
cyberworld," he said. "The city-state is ahead of Hong Kong in promoting
and regulating online security."
Convicted Singaporean hackers and virus writers may be jailed for up to
three years or fined up to US$5,800. Japan has introduced J-SOX,-the
Japanese version of Sarbanes-Oxley-to enhance risk management levels
among listed companies, added Lau. But Hong Kong's Monetary Authority
merely provides a set of guidelines in relating to data integrity and
risk management, instead of compulsory regulatory requirements, he said.
As more local enterprises and multinational corporations build complex
security infrastructures, they generate massive security-related
information.
"Extensive investment in security has created a complex security," said
Steve Sommer, senior vice president, market and business development of
ArcSight. "The infrastructure generates overwhelming floods of security
logs, numerous false positive alerts and fragmented islands of defense."
He said this is why enterprises are turning to SIM, which turns raw
security data into useful information to monitor and enforce corporate
security policy. According to Sommer, ArcSight's SIM software, ArcSight
ESM (for enterprise security management) and can process data in a
heterogeneous environment and supports over 200 security log formats and
60 technology vendors. ESM also aims to tie security data for analysis,
allowing IT to monitor enterprise security and compliance status and
generate related reports.
"Our application can also integrate with other physical systems, like
facility access card system, to enforce specific security policies,"
said Sommer. "If an employee has entered the company's facility using an
access card, but is accessing the system via a VPN in India, the
software will alert the company."
Lau said Hong Kong's Hospital Authority is currently using ArcSight to
safeguard and monitor its IT infrastructure.