European Union Organization’s IT Budgets Impacted by GDPR

How will General Data Protection Regulation (GDPR) impact your organization? How can Spinnaker Support help you achieve your GDPR compliance objectives?

February 20, 2018 | Iain Saunderson | Chief Technology Officer

Based on a survey conducted by Crowd Research Partners, an overwhelming majority of EU companies are aware of the regulations, but only 33% stated they are compliant or on their way to being compliant by the May 2018 deadline. 27% are not confident they will meet the deadline. In a separate LinkedIn survey, 50% of survey respondents lack the budget for GDPR compliance and 48% lack the expertise to implement a new GDPR compliance strategy.

Thus, increasingly more organizations are engaging in GDPR discussions with Spinnaker Support because they recognize the importance and imminence of GDPR compliance. Whether they require either extra budget or more expertise, organizations find that Spinnaker Support can help. Those who lack budget can redirect savings gained from lower Oracle and SAP support costs towards GDPR funding initiatives. Those who need expertise can gain guidance and advisory from Spinnaker Support, based on our own quest to achieve GDPR compliance processes, and from the significant knowledge we’ve amassed from discussions with many organizations.

Organizations have been transformed in the last few decades by technology advances, such as big data, business intelligence, artificial intelligence, and Internet of Things. The European Union (EU) is implementing mandates to deal with the monstrous amount of data that organizations are processing and capturing on a daily basis. Organizations worldwide are now facing the challenge of finding the budget and expertise needed to comply with the new EU GDPR policies.

When organizations collect private information on EU citizens or residents, the GDPR will dictate what rules they are now obligated to follow. The EU will start enforcing GDPR on May 25, 2018, which means time is limited to ensure compliance measures are implemented. To add to that, non-compliance with the GDPR can lead to administrative fines by Supervisory Authorities, that can reach up to €20,000,000 or up to 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher.

GDPR is about the privacy of information; rights of privacy. The EU has worked on this privacy regulation since 2012, to replace the 20-year-old Data Protection Directive 95/46/EC. The GDPR is designed to protect and empower EU citizens and residents with the right of protecting not only their identities but their everyday actions. The GDPR regulations not only apply to organizations located within the EU, but also to organizations located outside of the EU if they offer goods or services to, or monitor the behavior of, EU data subjects.

GDPR will also monitor the legal basis as to why and how they are collecting the information. Organizations will need to review how they are going to ‘redefine consent’ regarding data usage. When it comes to consent, organizations will need to define how they explain to their customers what data they plan to use, as well as how and why they plan to use it. There is much talk of the need for each organization to designate a Data Protection Officer, who is responsible for the data collection compliance and reporting, which is just one more added expense that will hit the organizations bottom-line.

The GDPR places onerous accountability obligations on controllers and processors to demonstrate compliance. Some of the requirements already exist in French or German data protection law today, and some formalize what is regarded as best practice (but not legally required) under the laws of other EU Member States. The net effect is that organizations will likely need to develop and implement a formal data protection program by May 25, 2018.

GDPR is real. The cost of non-compliance is high. The savings generated from Spinnaker Support’s third-party Oracle and SAP support can help fund your GDPR initiatives. Plus, for the 48% of organizations seeking expertise, we can share our experience as well.

Does IDC’s Take on the Third-Party Enterprise Software Support Market Tell the Whole Story?

February 14, 2018 | Lee Mashburn | Vice President, Marketing

In 2017, IDC published a perspective piece entitled “Third-Party Enterprise Software Support: Key Risks and Questions to Ask”. The title alone can create suspicion, portraying third-party support as risky and questionable. In many opinions, IDC’s perspective piece over-focuses on one side of the story – the software vendors’ side. Since there was no interest in hearing the case for third-party support from us, this blog focuses on the positive case for third-party support. After all, third-party Oracle and SAP support has been around for years and thousands of organizations have thrived after replacing the software vendor support. We are past the risky, questionable stage.

IDC’s executive snapshot recommends considering five key areas when CIOs and IT managers plan their digital transformation roadmap – and the potential benefits and risks associated with each: (1) security, (2) compliance and governance, (3) software support features and functionality, (4) overall IT expertise and support, (5) annual support cost. Let’s dig into the facts by outlining a true comparison of third-party support services to those offered by Oracle.

1.  Security

IDC recommends making sure that security policies and procedures include the latest best practices regarding security hygiene across all vulnerable enterprise systems. Updates with the latest security patches are identified by IDC as a key challenge for IT organizations. The potential risks outlined by IDC are not risks at all should a switch to Spinnaker Support be made.

  • Customers will indeed lose access to Oracle security patches, which many clients deem stale, late, and often not applicable. Spinnaker Support delivers quicker, more localized security patches for each customer. Contrary to what IDC claims, we include proactive monitoring from experienced security analysts using the most modern tools.
  • Compliance readiness in highly regulated industries (and those industries not as regulated) is included as a standard feature from Spinnaker Support. Spinnaker Support manages compliance activities in dozens of countries and all 50 United States – for many industries. Our ISO 9001:2015 certified process alleviates risk by helping our customers prepare for cyclical and new changes across their tax and regulatory landscape.
  • Limited, “around the edge” security from Spinnaker Support is simply untrue. We deliver full stack, seven-layer security and vulnerability protection. We identify known good, known bad, and suspicious activities which have been classified by humans – so our clients get solid intelligence and prevention, not false alarms. Full stack is superior to database-only endpoint and patching offerings.

2.  Compliance and Governance

According to IDC, an area of intensifying concern is audit trails and protection of intellectual property. Other than those, IDC’s snapshot fails to bring forth any new arguments that weren’t already covered in the security section. Bottom line; Spinnaker Support is capable of meeting the procedures and regulations required by client auditing and compliance teams. Our contracts provide detailed, clear, and concise language regarding how we handle the software vendor’s intellectual property (IP). We deliver support the right way, always respecting the IP rights of others and don’t need access to vendor IP in order to provide best-in-class support. Finally, under third-party support, our customers are free to purchase new licenses from the software vendor and do so on a frequent basis.

3.  Software Support Features and Functionality

IDC states that software vendors and third-party providers each bring a distinct set of capabilities to the table regarding enterprise software support. They infer that software vendors offer access to engineering talent and an array of expanded toolsets and utilities. As an Oracle customer, ask yourself how many times you’ve had direct access to a seasoned engineer or developer. Ever? One reason Oracle offers access to information utilities is because they expect customers to use websites to resolve their own issues. Access to a seasoned engineer is a last resort in Oracle’s “self-support” model.

Third-party support is not right for everyone, but our prospects are looking for more comprehensive support at a lower price. Their on-premise enterprise applications are no longer being enhanced, so several of IDC’s arguments are irrelevant. However, as IDC does state, third-party support provides direct access to seasoned engineers that are familiar with each customer’s unique environment and support for custom code, where many problems originate.

4.  Overall IT Expertise and Support

In this section, IDC suggests that software vendors are better positioned to help facilitate the customer’s digital transformation and that third-party support vendors are focused on legacy systems. I suppose it’s true that software vendors can paint a better vision for digital transformation that includes their own cloud solutions – but many organizations that run Oracle believe that these solutions are not ready and won’t be for years.

Spinnaker Support customers depend on us for unbiased technology advisory. We are often involved in their digital transformation projects and they appreciate our full stack expertise. Importantly, the money they save by switching to third-party support is helping to fund and accelerate their journeys to the cloud.

5.  Annual Support Cost

IDC misrepresents the amount of savings (25-50%) that result from switching to third-party support. Spinnaker Support saves customers an average of 62% on annual maintenance fees and delivers a more comprehensive and responsive level of support – including tax and regulatory updates, security protection, and invaluable technology advisory services. Unlike the software vendors, we do not diminish service as software ages and never force unwanted upgrades to software versions that make little to no business sense. Our policy is to support the customer’s current version for as long as required and to help them upgrade using software that our team of experts legally archived.

Summary

There are two sides to every story. IDC’s perspective piece is well written and thought-provoking, but it doesn’t tell the whole story. We welcome the questions they pose and can provide an abundance of happy reference customers who will address arguments made.

You can read IDC’s full article by accessing their website at  https://www.idc.com/getdoc.jsp?containerId=US43312917

Sybase ASE SBE Upgrade Path

Sybase ASE SBE is the entry level ASE server from SAP comparable to the standard editions of Oracle or Microsoft SQL Server. For limited use or internal applications, its limitation of 256 concurrent connections and hard limit to physical CPU chips are not a problem. But the limitations to 2 CPU CPU sockets makes it nearly impossible to find hardware these days or migrating a physical server to a virtual environment.

SAP replaced the ASE SBE server a few years ago with its new ASE Edge Edition server. This is actually a fully functional ASE Enterprise server only limited to a max of 8 cores and it runs on virtual servers.

You could just go ahead and purchase a license to the new ASE Edge Edition to overcome the limitations, but what does this mean if you already invested into the ASE SBE server?

Good News

SAP will now allow legacy Sybase SBE customers to get conversion credit for existing licenses. That credit can then be used to acquire ASE Edge licenses and execute the new license transaction on SAP paper. You will also get a prorated rebate for any maintenance paid that will be applied to any new maintenance cost.

Here are the highlights and benefits of moving from ASE Small Business Edition to ASE Edge Edition and the SAP license model:

  • Removes ASE SBE restriction limit of 256 connections and two chips/sockets
  • Core based license model with unlimited users
    • Includes platform exchange rights
  • Up to 8 cores of ASE Edge can be deployed per server instance
  • Virtualization at core level removes restriction of running on box with 2 chips
  • Only production environments need to be licensed
  • Standby and development/test environments can be deployed at no cost
  • This package includes the runtime use of Replication Server for warm stand-by of ASE, Edge databases
  • Packaging includes these key ASE options at no additional cost:
    • Directory Services
    • Encryption
    • Compression
    • Partitioning

Contact us today to start the process reviewing your license profile and discussing pricing and next steps.

Check out the features of Sybase ASE Edge Edition