But what we see today, is that many systems are not really interconnected. Just as a theoretical example : your personal address. This is replicated in different databases : utility suppliers (electricity company for example), telecom suppliers (telephone company, cable TV), bank(s), insurance companies, employer(s), government, doctors, lawyers, … When you move, the information has to be changed manually in every database. If you now link the database of your employer with the group insurance company and the government, you would only need to change your address in one database, and all others being in sync, are updated automatically.

This linking saves money on all sides, since the change is being made on one spot. The money saving comes from less storage, since only one party needs to maintain the database. The money savings come from less errors, and from less overall labour, since the change has to be made only once. Everybody benefits. We were one of the first (in the 90ies) to link our ordering system to that of Cisco.

Today I see “Zoomit” coming up more and more : bills are being sent via their services and banks to my account and money is being withdrawn automatically. No mistakes, no errors, no paper, immediate money collection.

Question to ask yourself : how can my organisation integrate its business process with that of our customers (or suppliers) ? Which data do we share ? Which data re-entry could we save by linking our mutual systems ? How much does it make our ecosystem real-time ?

Two-sided business model means that the money in-flow is coming from two sides : customers and suppliers/partners who want to be part of your ecosystem. Here some examples.

Google search is reverse business model : the person consuming search capabilities is the product. Advertisers pay for the exposure of their message to targeted people. The consumer does not pay for the search operation. Maybe one day we will have to pay, and then their business model becomes a two sided one.

Apple has a two-sided business model with their stores. You have to pay to be on there, consumers pay for whatever they download. Apple gets revenues from both sides.

TV stations have more and more programs with interaction, where the audience can vote via SMS or “the red button” on their remote control. In that case there are revenues from the advertisers and sponsors as well as from the audience. People are pushed to express their voice. The more people vote, the more they win.

Supermarkets have other shops in their physical shopping space. Revenues come from the customers buying from the supermarket and rental revenues. The same for airports.

When we look back at the example of the bakery : the baker could for example place advertising of suppliers (or other shops in the neighbourhood) with digital signage. The baker could open up the store for another shop-in-a-shop. The baker could open up some of his assets : equipment, bakery, supplies, customers. For example could be a test field for a supplier wanting to test a new product in development.

Technology has made mobility possible : transportation systems, broadband connectivity, devices, batteries, mentality shift (the world is a big village), digital information. There are some limits : law of physics (my house is not mobile ;-)), smell and taste cannot be transported, etc. Maybe one day in the future, but not in the near term anyway. Belgium has installed a scientific lab on the South Pole. People need to be transported, digital communication needs to be activated, goods need to be transported. From the South Pole to the North Pole, we can transport people and goods in a day or so, but whatever is digital can travel in a matter of seconds.

People nearly always transport a digital device. The basic device is the mobile phone. Other digital attributes : cameras, navigation tools, computers, e-readers, netbooks, …  Cars become intelligent. Trucks become intelligent. Internet is being made available in trains and airplanes. So connectivity is anywhere, and intelligence is anywhere available too.

People wear electronic accessibility. It is part of their universe.  It is what we call “the any³ economy” : anywhere, anytime, anyhow.

Question is thus how your company can make use of this opportunity. Are you going to deliver information to them (news, location based information) ? Are you going to offer them the possibility to interface with your organisation ?  E-mail is one, but access to an online ordering system is another. Access to a portal where they consult their personal information they would need at that time or location ? An example could be consult information from the health insurance while being at the hospital. Another example could be the shopping list that was assembled at home and that is being used while at the shopping mall. A sales rep being at the customer location. Or an inspector investigating onsite.

“We are concentrating our energy on security projects that use mature technologies and which, like the seatbelt, can ’save lives’. Providing security for our Ethernet access, which has been operational since late January, was one of the essential needs,” begins Didier Martin, IT Infrastructure Manager at RTL Belgium.

To start with, because of the highly critical nature of this network: “it’s our lifeblood. Not only because it is shared by all the applications under the roof and it contains all of our digitized archives. But because it is necessary for our audio and video production: the files are stored on disks and servers connected with each other and with our 750  workstations via the network.” What’s more, production and broadcast naturally have to be as reactive as possible in relation to current events: having our network down due to a security problem caused by the connection of an unauthorized device is unthinkable!

At the same time, the NAC should protect the infrastructure from the dangers potentially posed by independent contractors, freelancers and consultants. “All of these ‘floating’ people may attempt to easily connect to our network since there are Ethernet outlets all over the place… inluding behind our IP telephones. We give temporary access to technical consultants who of course have to be able to carry out their work on the IT systems, while others can access the public Internet via WiFi or an insulated WLAN, and they can use one of RTL’s PCs if they need to connect to internal resources.”

Testing from every angle

Telindus, the long-standing network partner of RTL Belgium, quickly pointed them towards a Juniper solution, which was mature and interoperable with its  Avaya telephony. Specifically, 2 UAC (user access control) Infranet 4000 Controllers in cluster mode for redundancy, integrated with Cisco switches and the Active Directory. The installation was preceded by a proof-of-concept in which every possible scenario was validated: connection on a port, behind a telephone, on a mini-switch, etc.

“We especially appreciated the professionalism of Telindus during the PoC, as well as the efforts they made to find solutions for any problems,” notes Didier Martin, recalling the complexity of the project: “It involved 4 levels of systems. The Windows OS  of the client PC, in which the Juniper software  has to be embedded deep enough; the switching part, in which Cisco dialogues with the PC and Juniper; and then the UAC part, in which Juniper dialogues with the switches, the PC and the Active Directory. And on top of that, you still have to add the telephony part!”.

Concretely, when a device is connected through an Ethernet port, the switch verifies that it belongs to the Active Directory or that it has a local account on the Infranet controllers. If this is the case, a port is opened and the Ethernet traffic is authorized. In order to have full access to the network, the Infranet controller nevertheless has to verify the compliance criteria for the connected device:  that the anti-virus is on, that the device can be accessed by the management systems (inventory, updates…) etc. If not all of the criteria are met, it is isolated from the rest of the servers and from the storage in a remedial VLAN in order to correct the problem remotely.

Company Profile

RTL Belgium SA (RTL group) produces and broadcasts TV channels (RTL-TVI, Club RTL, Plug RTL ) and radio stations (Bel RTL, Radio Contact) that it manages. Its New Media division provides content for VOD, smartphones and other emerging media.

Business benefits

-       “Who/what is connecting to my LAN, and where?” is under control
-       No non-authorized PCs on the network
-       Easy diagnostic and remediation when connection is rejected: a PC is brought into compliance; detection of a faulty anti-virus; providing temporary access
-       Consolidation of logs in an interface allowing bugs to be detected
-       Transparent solution for end users

More info?

For more information on Inside Security, visit Belgacom Inside Security or contact your account manager.

Online business means that you have to change your business model. Most of the business models that most companies use are “asynchronous”. The best example is printed media. Newspapers and  magazines send a reporter to some event. This reporter will record what is happening, write an article about it, that will be published the day/week/month after it all happened. Another example is the production of a product. Somebody makes a forecast, the production makes it, the product is shipped in advance to the places where it can be sold.

Today it all happens online. The car industry was the first to introduce Just-In-Time delivery. They automated the logistics around the production. Suppliers deliver the products just at the moment the car is going to be assembled. But it is also based on the concept of forecasting and ordering. Customers have to wait for the car they ordered, in function of the planning of the production.

Things are changing though, as we are consuming more virtual/digital goods. And this isn’t just music or online newspaper. It is becoming any service and any product. Let me give you some examples. Tomtom’s online traffic jam information allowing your navigator to recalculate the route as it all happens.  Location based services allowing you to obtain touristic information on the spot. Reading your newspaper on your smartphone. Online payments, payments with your mobile phone. E-prescriptions allow you to go to the pharmacist (in Belgium with your electronic identity card) and the pharmacist gets the prescription on his PC. Any business process becomes an online process.

Questions to ask yourself are : Which process can I automate ? Most of them will be outward looking processes, because most of the internal processes have been automated. How can you integrate your process with that of your customers ? Whether you are in a B2B or in a B2C case, it does not matter.  They are online, and thus so should you. How online are they ? With a car (track and trace), with a smartphone, with a credit card, with an e-reader, with an iPad, with their server ?

Which information is of value for them in that particular situation, on that spot, on that time ?

Agfa HealthCare develops IT-solutions for the medical world. These include applications for medical imaging, medical workflow and medical file management. In Europe, Agfa HealthCare has implementations at 1,200 hospitals and 1,000 laboratories. “The patient’s privacy is extremely important,” says Geert Claeys, Technology Manager at Agfa HealthCare. “The laws are strict, but the hospitals themselves are also demanding more and more measures to safeguard information security and their patients’ privacy.” That requires an extra effort because the medical sector is highly computerized and runs because of that the greatest risk of compromise. “It only takes a moment, say an employee who loses a USB-stick with patient data on it, for example. But at the same time, there are still quite a few hospital IT-systems that are not adequately protected.”

As a supplier for the medical world, Agfa HealthCare has to ensure that the entire organization and all the products and services they supply meet the required information security standards. “For a hospital, it is important to know that our products have built-in security mechanisms. What’s more, we are increasingly supplying services remotely, which brings us into contact with the IT systems at hospitals. There again, there need to be clear agreements.” That is why Afga HealthCare decided to launch a program for obtaining the ISO27001-certificate. “By obtaining the certificate, as an organization, you demonstrate that you meet the strictest information security standards,” explains Geert Claeys. “It’s an important signal towards our clients because it shows that clear security measures have been taken. Plus, for the same reason, the certificate will probably also bring us new clients.”

Mixed project team

In order to complement the internal expertise in relation to ISO27001, Agfa HealthCare turned to Belgacom. “In Belgacom we found a partner with experience, in other sectors as well. Belgacom provided us with the knowledge we were looking for and also supported us in developing the right guidelines.” In doing this, Agfa HealthCare chose a process oriented approach. For each process, the company devised the necessary information security policy, throughout all the different departments and countries. “For each process, we draw up a ranking of the potential risks, with associated procedures, technical and physical measures that can be taken to neutralize the security risks.”

Through the analysis, it was determined that the required measures were for the most part already present somewhere within the organization. “The most important job was to develop those measures that were missing and to then roll out the entire program throughout the whole organization.” The result is an integrated system for information management, in function of the patient’s privacy and security and the environmental standards that Agfa HealthCare is required to meet. Belgacom developed the e-learning modules for training the staff. “We now have in place a coherent policy on information security and privacy,” continues Geert Claeys. “We have developed a clear governance based on guidelines that are applied worldwide throughout the entire company.” In the next three years, Agfa HealthCare will be rolling out the solution in the different product groups. Belgacom will continue to assist the company in making this possible.

Company Profile

Agfa HealthCare is part of the Agfa-Gevaert Group. The company has a workforce of 5000, ten research centers and hundreds of sales offices. Agfa HealthCare has a turnover of 1.2 billion euros.

Business benefits

- Coherent policy for information security and privacy in the development and rollout of an Information Security Management System, based on the ISO27001-standard
- Enabler for the company’s further growth: the solution is a prerequisite for many clients from the healthcare sector and this allows Agfa HealthCare to profile and differentiate itself in the market

More info?

For more information on 360° Security Services, visit Belgacom 360° Security Services or contact your account manager.

Emmaüs is a Christian-inspired organization for healthcare and well-being. The group comprises the AZ Sint-Jozef in Malle and the AZ Sint-Maarten, with three campuses in Mechelen and Duffel. The Emmaüs group also includes facilities such as psychiatric hospitals and residential facilities, rest homes and nursing homes for the elderly, and care centers for people with disabilities, among others. All told, Emmaüs has over and 20 sites, chiefly located in the province of Antwerp. There are 5,500 employees associated with the organization. The IT-support is centrally organized by a team of 30 staff members. “With that team we focus on the core tasks of IT: providing support to the business-side,” explains IT-manager Joris Everaert. “Monitoring and control of the network is absolutely crucial, but actually, it is not part of these core tasks.”

As the existing infrastructure regulating access to the network was gradually growing obsolete, Emmaüs was looking for a new solution. “In the first place, we needed to validate the existing environment,” continues Joris Everaert, “in order to find out the extent to which the protection of the network was still up to date. In the process, we considered whether we should invest in our own management of the firewall. But without internal experts who could follow up the monitoring and control, that didn’t look like it would make much sense.” For Emmaüs it was also important to review the network access because the organization is increasingly working with external partners. This external connectivity is becoming business-critical for Emmaüs, for aspects such as exchanging information with the government.

Security via managed service

“Among the proposals we received from suppliers, Belgacom was the only one who effectively offered a complete alternative,” according to Joris Everaert. It is a redundantly constructed managed service through which Belgacom monitors and controls the network access for Emmaüs at the sites in Duffel and Zoersel. The solution - one firewall that is virtualized for the two locations - protects the network from external attack. At the same time, it also regulates the Internet access for the Emmaüs-employees. In addition, the patients in certain departments are provided with Internet access from their rooms. Via VPN and Citrix the doctors working for Emmaüs are also able to access the hospital network remotely. Emmaüs receives a monthly overview from Belgacom of all of the security risks that occurred, as well as the measures taken to further increase the solution’s performance.

The monitoring and control is done at the Belgacom Security Operations Center. “Speed is a crucial factor in this,” observes Joris Everaert. “When a supplier logged in to access the network from an infected laptop, we instantly received a message from Belgacom about the risk. It was literally a matter of minutes. So the security is also effective from the inside out.” With the managed service for the monitoring and the control of the network access, all of the objectives of Emmaüs were met. “There’s no question the solution is effective. However, we view it above all as a good insurance policy. We buy the security for our infrastructure as a service - with a SLA that guarantees the level of service provided. At the same time, we are free to concentrate on our core activities, without having to invest in developing that specialized expertise ourselves.”

Company profile

The Emmaüs group offers high-quality healthcare that is affordable and tailored to the patient’s needs. Emmaüs works through a network of facilities overseen by a single central administration.

Business benefits

- Up-to-date security for the network access, including monitoring and follow-up
- Managed service at a fixed, predictable price, with no own investment in additional expertise
- Improved performance of the IT-environment for employees thanks to secure Internet access on-site and secure VPN-access remotely
- Secure Internet access for patients, separated from the network traffic for the internal staff

More info?

For more information on 360° Security Services, visit Belgacom 360° Security Services or contact your account manager.

As the IT manager in a hospital, your heart stands still when it’s decided to almost fully restructure telephone services and network infrastructure for four city campuses so that they can be controlled mainly from one campus in the future. The situation was no different for Wim Engelen, technical-management-systems domain manager at az groeninge: “The existing installation was untenable, with different components of ten thousand numbers in the various campuses. There were internal numbers that were unable to be dialed with an external line. Confusion also arose through the automatic switchover of numbers from one PABX to the other. We were frustrating our own staff, and the patients and their families as well. The planned relocation to a new campus outside Kortrijk was a dreamed-of opportunity.”

One secure, redundant network

Research showed that the only solution was a completely new ten-thousand number configuration with a logically ordered number plan. The new ten thousand number 63 was allocated to az groeninge, which means that all numbers that begin with 63 in the 056 telephone zone belong exclusively to the hospital. The switchover was prepared thoroughly. Six thousand old numbers had to remain active during a transitional phase, and switch through to the new number after a brief message.

Belgacom allowed all numbers from the new ten-thousand service to run via two different switching exchanges in the Kortrijk zone, which means that az groeninge can count on connectivity at all times. ISDN-30 connections and a fibre-optic infrastructure make it possible to host up to 540 communications simultaneously. “We wanted a redundant network”, Wim Engelen emphasises. “Belgacom had to guarantee that we would not be left without service during the migration or afterwards.”

From a complex to a logically structured telephone numbering plan

All ten thousand numbers of the new series were assigned separately to a campus, depending on where the most traffic occurred. The numbers were then split into blocks of ten, which ended up on the PRA connection of one of the campuses, depending on how the split was made.

“Splitting by tens is a difficult job that has to be don thoroughly”, says Wim Engelen. “We also had to develop a newly structured and logical telephone plan, which makes it easy for external callers to reach the right person and offers a transparent number plan for internal use.”

Step-by-step plan

Use of reliable standard solutions plus the experience of the best Belgacom experts ensured that the system’s migration fully satisfied the client’s expectations. All campuses were switched to the new series of ten thousand numbers in one weekend. The reconfiguration of all telephone exchanges for internal routing on all campuses also took place during the same weekend.

The rigorous preparation by az groeninge and the Belgacom team prevented unexpected setbacks. Each detail was meticulously prepared, says Wim Engelen: “Including the reprogramming of 1,400 mobile DECT handsets as well as reprogramming other fixed telephone terminals. There were also emergency numbers for elevators, medical device connections, automated teller machines, an internal radiophone system and fax numbers.”

Confidence in Belgacom

az groeninge uses Belgacom’s standard services such as Number Portability and Voice Managed Services (VMS), which guarantee the efficient management of all incoming calls, faxes and e-mails. Wim Engelen: “Belgacom configured the VMS so that all numbers are forwarded immediately to the right terminal. We received a trial contract to test VMS functionality a few months before the migration. We were able to test everything ourselves on a limited scale, to our great satisfaction. I was reassured that we had made the right choice, thanks to Belgacom’s thorough approach. Belgacom assembled a technical team, with the best experts, to support us immediately following our decision. That gave me the necessary confidence to start the changeover. Our contact person was available 24 hours daily and was also present during the entire overnight migration. Belgacom offered us anything but a standard service, especially for this migration project. I had a great deal of confidence in them, which proved to be well-founded.”

Business benefits

- Number Portability: retention of numbers during a relocation within the same zone.
- Voice Managed Services: possibility of routing according to time or caller identity, creating spoken menus and diverting to help lines, forwarding calls, messages, etc. to the addressee’s geographical numbers.
- Load Sharing: securing incoming and outgoing telephone traffic. Load Sharing enables to split the customer’s infrastructure up to the highest level of the Belgacom network, thanks to a dual connection with independent Belgacom public exchanges, in order to provide excellent redundancy. In case of uptime or access problems with one public exchange, the connection is ensured by the remaining exchange.

Company Profile

The Kortrijk hospital az groeninge is spread over a brand-new campus on the city outskirts and three campuses in the city center. The hospital’s activities will largely move to the new campus on a step-by-step basis by 2016. Approximately 2,700 employees care for 34,000 inpatients and 54,000 outpatients annually.

More info?

For more information on Enterprise Collaboration - Telephony, visit Belgacom Telephony or contact your account manager.

The XML-gateway is installed on the firewall and acts as a sentinel station. Depending on the function of the user, the gateway enables access to a data source. Initially, the gateway will chiefly regulate the internal use of the data resources. Later, external governmental authorities and citizens will also be able to access specific data resources of the province.The distribution of information is one of the core tasks of the provincial authorities. That is why the government of the province of Vlaams-Brabant wants to make its electronic resources accessible in a controlled manner. They called upon Belgacom as a webservice specialist.

The provincial government of Vlaams-Brabant is an intermediary governmental  body: it forms the link between the Flemish Community and local authorities. The regional approach of the provincial government is an asset in many policy areas: economy, culture, tourism, education… A team of 25 employees provides the ICT-support for this policy. The team is responsible for the ICT-infrastructure for project development. Karl Pottie, head of computer systems for the provincial government of Vlaams-Brabant, explains: “It’s a challenge to offer the available information to the appropriate parties in a secure way.” The ICT-department had previously carried out projects for making the province’s data resources available securely but the product with which they started the project was no longer supported. What’s more, in recent years, there has been dramatic evolution in the area of webservices. The department thought it was high time for a new solution.

Communicating via webservices

The provincial government of Vlaams-Brabant issued a public call for tender for a two-part assignment. On one hand there needed be a new gateway for managing the access to the data resources. This gateway had to provide security for a range of web applications that communicate over the Internet on the basis of webservices. On the other hand, the supplier also had to be able to offer best practices concerning webservices. “We did not feel it was feasible to arrive at this information any other way - and in such a short period of time,”  says project leader Wim Van Gelder from the department of projects and development. When the proposals were evaluated, Belgacom scored the highest for both aspects. “Belgacom’s expertise also proved a real advantage afterwards,” according to Karl Pottie. “Webservices and SOA (Service Oriented Architecture)  are now really coming into their own and more and more projects are overlapping each other to some extent: document management, ERP, GIS, you name it. In order to be able to link these systems to one another, webservices have become indispensable.”

Inevitable evolution

Concretely, Belgacom proposed using a business ready XML-firewall based on an XML-gateway from Vordel. This gateway supports the current XML-standards and also offers the necessary guarantees for the security of the webservices. Wim Van Gelder: “Vordel turned out to be one of the most user-friendly solutions. At the same time, Belgacom’s project based approach has worked out well here.” The Vordel XML-gateway is installed on the firewall and works as a sort of sentinel station. Karl Pottie: “An ordinary firewall allows two parties to communicate with one another. Vordel goes a step further: depending on the function of the user, the gateway enables access to a data source.” In the first place, the gateway regulates access to data resources for the provincial government’s own web applications. Ultimately, external governmental authorities will also be able to access specific data resources in the same way. Karl Pottie: “That is an inevitable evolution. Governments will need to share increasing amounts of authentic data sources .” This fall, a project is being launched to allow external governmental authorities - as well as citizens - to consult geographical information.

Company profile

Vlaams-Brabant is the youngest province in Belgium and the smallest province in Flanders. It was created in 1995 when the unitary province of Brabant was split. The province has a workforce of approximately 800 employees who are active in 36 policy areas.

Business benefits

-    Better and better controlled distribution of information from the data resources
-    Future proof solutions for more and better use of webservices

More info?

For more information on Business Applications Protection, visit Business Applications Protection or contact your account manager.

Everybody knows binary : it is either a 1 or a 0. There are only two states. And on that basis we made the whole computing world. Lyric has designed chips on the basis of transistors which can take a value between 0 and 1 and not just 1 or 0. This comes in very handy to calculate probabilities and to make statistics. On the 10th of April, I already wrote on this blog that we will need more statisticians, due to the explosive growth of data and the accompanying analysis that we need to make.

So here we have now a whole new kind of processor, together with a set of instructions and analysis features, which will be capable of making rapid predictions, in a small scale and with low consumption. It is exactly what we will need.

Examples : real-time premium calculation of an insurance, buying suggestions, chances that a patient is going to get a heart failure, probability it is going to rain within 2 hours, flood warnings, image analysis, compression, linguistic analysis, etc.

But more importantly, it can take huge advantages in security, pattern analysis, pattern based predicions, etc. In the future we will need more sophisticated tools to trace back and analyse potential or past security breaches. In the world of videosurveillance we want to analyse in real-time the behaviour of the people such as to detect strange events at the moment they take place. We had last week the proof with underwater cameras in a swimming pool giving an alert when a person sinks to the bottom to rescue him/her.

Although it may take a long time before we find these processors in our daily machines, this ís a breakthrough in the last century of computing. Were you waiting for this new step ?