With the AI hype cycle and subsequent backlash both in full swing, IT leaders find themselves at a tenuous inflection point regarding use of artificial intelligence in the enterprise.

Following stern warnings from Elon Musk and revered AI pioneer Geoffrey Hinton, who recently left Google and is broadcasting AI’s risks and a call to pause, IT leaders are reaching out to institutions, consulting firms, and attorneys across the globe to get advice on the path forward. 

“The recent cautionary remarks of tech CEOs such as Elon Musk about the potential dangers of artificial intelligence demonstrate that we are not doing enough to mitigate the consequences of our innovation,” says Atti Riazi, SVP and CIO of Hearst. “It is our duty as innovators to innovate responsibly and to understand the implications of technology on human life, society, and culture.”

That sentiment is echoed by many IT leaders, who believe innovation in a free market society is inevitable and should be encouraged, especially in this era of digital transformation — but only with the right rules and regulations in place to prevent corporate catastrophe or worse.

“I agree a pause may be appropriate for some industries or certain high-stake use cases but in many other situations we should be pushing ahead and exploring at speed what opportunities these tools provide,” says Bob McCowan, CIO at Regeneron Pharmaceuticals.

“Many board members are questioning if these technologies should be adopted or are they going to create too many risks?” McCowan adds. “I see it as both. Ignore it or shut it down and you will be missing out on significant opportunity, but giving unfettered access [to employees] without controls in place could also put your organization at risk.”

While AI tools have been in use for years, the recent release of ChatGPT to the masses has stirred up considerably more controversy, giving many CIOs — and their boards — pause on how to proceed. Some CIOs take the risks to industry — and humanity — very seriously.

“Every day, I worry about this more,” says Steve Randich, CIO of The Financial Industry Regulatory Authority (FINRA), a key regulatory agency that reports to the SEC.

Randich notes a graph he saw recently that states that the ‘mental’ capacity of an AI program just exceeded that of a mouse and in 10 years will exceed the capacity of all of humankind. “Consider me concerned, especially if the AI programs can be influenced by bad actors and are able to hack, such as at nuclear codes,” he says.

George Westerman, a senior lecturer at MIT Sloan School of Management, says executives at enterprises across the globe are reaching out for advice from MIT Sloan and other institutions about the ethics, risks, and potential liabilities of using generative AI. Still, Westerman believes most CIOs have already engaged with their top executives and board of directors and that generative AI itself imposes no new legal liabilities that corporations and their executives don’t abide today.

“I would expect that just like all other officers of companies that there’s [legal] coverage there for your official duties,” Westerman says of CIOs’ personal legal exposure to AI fallout, noting the exception of using the technology inappropriately for personal gain.

Playing catchup on generative AI

Meanwhile, the release of ChatGPT has rattled regulatory oversight efforts. The EU had planned to enact its AI Act last month but opted to stall after ChatGPT was released given that many were concerned the policies would be outdated before going into effect. And as the European Commission and its related governing bodies work to sort out the implications of generative AI, company executives in Europe and the US are taking the warning bells seriously.

“As AI becomes a key part of our landscape and narrow AI turns into general AI — who becomes liable? The heads of technology, the inanimate machine models? The human interveners ratifying/changing training models? The technology is moving fast, but the controls and ethics around it are not,” says Adriana Karaboutis, group chief information and digital officer at National Grid, which is based in the UK but operates in the northeast US as well.

“There is a catchup game here. To this end and in the meantime managing AI in the enterprise lies with CxOs that oversee corporate and organizational risk. CTO/CIO/CTO/CDO/CISOs are no longer the owners of information risk” given the rise of AI, the CIDO maintains. “IT relies on the CEO and all CxOs, which means corporate culture and awareness to the huge benefits of AI as well as the risks must be owned.”

Stockholm-based telecom Ericsson sees huge upside in generative AI and is investing in creating multiple generative AI models, including large language models, says Rickard Wieselfors, vice president and head of enterprise automation and AI at Ericsson.

“There is a sound self-criticism within the AI industry and we are taking responsible AI very seriously,” he says. “There are multiple questions without answer in terms of intellectual property rights to text or source code used in the training. Furthermore, data leakage in querying the models, bias, factual mistakes, lack of completeness, granularity or lack of model accuracy certainly limits what you can use the models for.

“With great capability comes great responsibility and we support and participate in the current spirit of self-criticism and philosophical reflections on what AI could bring to the world,” Wieselfors says.

Some CIOs, such as Choice Hotels’ Brian Kirkland, are monitoring the technology but do not think generative AI is fully ready for commercial use.

“I do believe it is important for industry to make sure that they are aware of the risk, reward, and impact of using generative AI technologies, like ChatGPT. There are risks to data ownership and generated content that must be understood and managed to avoid negative impacts to the company,” Kirkland says. “At the same time, there is a lot of upside and opportunity to consider. The upside will be significant when there is an ability to safely and securely merge a private data set with the public data in those systems.

“There is going to be a dramatic change in how AI and machine learning enable business value through everything from generated AI content to complex and meaningful business analytics and decision making,” the Choice Hotels CIO says.

No one is suggesting a total hold on such a powerful and life changing technology.

In a recent Gartner poll of more than 2,500 executives, 45% indicated that attention around ChatGPT has caused them to increase their AI investments. More than 70% maintain their enterprise is currently exploring generative AI and 19% have pilots or production use under way, with projects from companies such as Unilever and CarMax already showing promise.

At the MIT Sloan CIO conference starting May 15, Irving Wladawsky-Berger will host a panel on the potential risks and rewards of entering generative AI waters. Recently, he hosted a pre-conference discussion on the technology.

“We’re all excited about generative AI today,” said the former longtime IBM researcher and current affiliate researcher at MIT Sloan, citing major advances in genomics expected due to AI.

But Wladawsky-Berger noted that the due diligence required of those who adopt the technology will not be a simple task. “It just takes so much work,” he said. “[We must] figure out what works, what is safe, and what trials to do. That’s the part that takes time.”

Another CIO on the panel, Wafaa Mamilli, chief digital and technology officer at Zoetis, said generative AI is giving pharmaceutical companies increased confidence of curing chronic human illnesses.

“Because of the advances of generative AI technologies and computing power on genetic research, there are now trials in the US and outside of the US, Japan, and Europe that are targeting to cure diabetes,” she said.

Guardrails and guidelines: Generative AI essentials

Wall Street has more than taken notice of the industry’s swift embrace of generative AI. According to IDC, 2022 was a record-breaking year for investments in generative AI startups, with equity funding exceeding $2.6 billion.

“Whether it is content creation with Jasper.ai, image creation with Midjourney, or text processing with Azure OpenAI services, there is a generative AI foundation model to boost various aspects of your business,” according to one of several recent IDC reports on generative AI.

And CIOs already have the means of putting guardrails in place to securely move forward with generative AI pilots, Regeneron’s McCowan notes.

“It’s of critical importance that you have policy and guidelines to manage access and behaviors of those that plan to use the technologies and to remind your staff to protect intellectual property, PII [Personable Identifiable Information], as well as reiterating that what gets shared may become public,” McCowan says.

“Get your innovators and your lawyers together to find a risk-based model of using these tools and be clear what data you may expose, and what rights you have to the output from these solutions,” he says. “Start using the technologies with less risky use cases and learn from each iteration. Get started or you will lose out.”

Forrester Research analyst David Truog notes that AI leaders are right to put the warning label on generative AI before enterprises begin pilots and using generative AI in production. But he too is confident it can be done.   

“I don’t think stopping or pausing AI is the right path,” Truog says. “The more pragmatic and constructive path is to be judicious in selecting use cases where specialized AIs can help, embed thoughtful guardrails, and have an intentional air-gapping strategy. That would be a starting point.”

One DevOps IT chief at a consulting firm points to several ways CIOs may mitigate risk when using generative AI, including thinking like a venture capitalist; clearly understanding the technology’s value; determining ethical and legal considerations in advance of testing; experimenting, but not rushing into investments; and considering the implications from the customer point of view.

“Smart CIOs will form oversight committees or partner with outside consultants who can guide the organization through the implementation and help set up guidelines to promote responsible use,” says Rod Cope, CTO at Minneapolis-based Perforce.  “While investing in AI provides tremendous value for the enterprise, implementing it into your tech stack requires thoughtful consideration to protect you, your organization, and your customers.”

While the rise of generative AI will certainly impact human jobs, some IT leaders, such as Ed Fox, CTO at managed services provider MetTel, believe the fallout may be exaggerated, although everyone will likely have to adapt or fall behind.

“Some people will lose jobs during this awakening of generative AI but not to the extent some are forecasting,” Fox says. “Those of us that don’t embrace the real-time encyclopedia will be passed by.”

Still, if there’s one theme for certain it’s that for most CIOs proceeding with caution is the best path forward. So too is getting involved.

CIOs must strike a balance between “strict regulations that stifle innovation and guidelines to ensure that AI is developed and used responsibly,” says Tom Richer, general manager of Wipro’s Google Business Group, noting he is collaborating with his alma mater, Cornell, and its AI Initiative, to proceed prudently.

“It’s vital for CIOs and IT executives to be aware of the potential risks and benefits of generative AI and to work with experts in the field to develop responsible strategies for its use,” Richer says. “This collaboration needs to involve universities, big tech, think tanks, and government research centers to develop best practices and guidelines for the development and deployment of AI technologies.”

Artificial Intelligence, IT Leadership

Behind every successful IT project, you’ll find a highly skilled project manager. From hardware and software upgrades to ongoing security patches, to application development and the rollout of software itself, project managers keep your teams on task and productive.

Almost any IT pro can benefit from adding a project management certification to their list of IT credentials, showing you have the know-how to plan, schedule, budget, execute, deliver, and report on IT initiatives. Here, CIO.com outlines the most popular project management certifications that will add value and help you hone your skills this year, whether you are just starting out your project management journey or are a seasoned PM pro.

Project management certifications for beginners

If you’re just starting out on your project management career or are looking to make the switch to project management, there are certification designed for entry-level candidates. These certifications require little to no experience and have few, if any, prerequisites for taking the exams. They’re designed to certify your entry-level project management skills, while also teaching you more about project management in the process.

Associate in Project Management (APM)

The Associate in Project Management (APM) certification offered by The Global Association for Quality Management (GAQM) is an entry-level project management certification to validate your fundamental knowledge of the Project Management Framework. It’s aimed at those with little to no experience in project management and includes an online course that you will be required to complete before taking the certification exam. The course covers topics such as project management fundamentals, project management training, and all the basics of the project management role that you will need to be successful in the role. It’s targeted at managers and project team members, students at the graduate or undergraduate level, entry-level practitioners, and anyone with an interest in project management as a career.

Price: $175

Requirements: GAQM body of knowledge study and e-course; no formal education or experience requirements

Certified Project Manager (CPM-IAPM)

The Certified Project Manager certification is offered by the International Association of Project Managers (IAPM) as an entry-level certification for those with a basic understanding of project management. It covers the necessary knowledge to “theoretically plan, organize, and implement a project effectively,” according to the IAPM. It’s designed for those who aspire to have a career in project management and doesn’t require prior experience in the field. The exam covers a range of topics, including project check, project environment, steering committees and core teams, creation of the Phase Model, creation of the WBS, cost breakdown and budget, risk analysis, project review, and more. The certification includes a combination of hard and soft skills that are relevant to the role of project manager. For novices, the IAPM offers a Certified Junior Project Manager certification and for those with extensive experience, they offer the Certified Senior Project Manager certification.

Price: Fee depends on candidate’s nationality, as pricing is based on country-of-origin’s GDP; in the US, the exam cost is $514

Requirements: None, but IAPM offers workshops through global training partners, or recommended literature for self-study. Candidates can also take a self-test to benchmark their knowledge.

CompTIA Project+

The CompTIA Project+ certification is an entry-level credential for IT professionals charged with managing smaller, less complex projects as part of their job duties. Candidates for this certification should have knowledge and experience with managing project life cycles, maintaining project documentation, managing resources and stakeholders, and ensuring appropriate communication. The exam covers project basics, project constraints, communication and change management, and project tools and documentation. It’s best suited for IT project coordinators or managers, IT project team members, business analysts, managers, directors, or team leaders.

Price: $358

Requirements: At least 12 months of cumulative project management experience or equivalent education

PMI Project Management Ready

The PMI Project Management Ready certification is an entry-level exam for those who have zero to three years of experience in project or change management. The certification covers project management fundamentals and core concepts, traditional plan-based methodologies, agile frameworks, and business analyst frameworks, among other topics. Students can “immerse themselves in the project management industry and connect with a passionate community of professionals while gaining a competitive edge,” according to PMI. The certification is aimed to set students up with the foundational knowledge they need for a career in project management, while certifying their skills and abilities as a project manager.

Price: $142

Requirements: None, but it’s recommended that candidates read at a ninth-grade level and have a fundamental understanding of computer literacy

PRINCE2 Agile Foundation

The PRINCE2 Agile Foundation certification offered by Axelos is designed for those working in agile environments to validate your knowledge of PRINCE2 governance requirements, agile concepts, and techniques. The Foundation certification covers the fundamentals of the PRINCE2 method and covers governance requirements and agile concepts such as Scrum, Kanban, Lean Start-up, and Cynefin.

Price: Price varies based on location

Requirements: None

PRINCE2 Foundation

Projects in Controlled Environments (PRINCE2) is most well-known outside the US, especially in the UK and its government entities. The PRINCE2 certifications are delivered by Axelos and focus on directing, managing, and delivering projects across all phases, pre-project, initiation, delivery, and final delivery. The PRINCE2 Foundation certification is an entry-level credential that tests basic project management terminology and methodology, and is targeted at aspiring project managers, project board members, team managers, project assurance professionals, project support professionals, and operational line managers or staff.

Price: Price varies based on location

Requirements:  PRINCE2 Foundation course

Top project management certifications

For project managers who already have experience under their belt, there are plenty of well-regarded certifications that can validate intermediate to advanced project management skills. These certifications cover project management at a higher level, and often cover specific areas of project management, such as risk and IT security. Typically, these certifications require a stronger background in project management — often requiring several years and hundreds of hours of experience and education to qualify for the exam.

Agile Certified Practitioner (ACP)

Offered by the PMI, the Agile Certified Practitioner (ACP) certification is designed to validate your knowledge of agile principles and skills with agile techniques. The exam covers topics such as Scrum, Kanban, Lean, extreme programming (XP), and test-driven development (TDD). It’s aimed at those who work on agile teams or in agile organizations and focuses on seven main domains of knowledge, including agile principles and mindset, value-driven delivery, stakeholder engagement, team performance, adaptive planning, problem detection and resolution, and continuous improvement.

Price: $435 for members; $495 for nonmembers

Requirements: Candidates for the exam must have a secondary degree, 21 contact hours of training in agile practices, 12 months of project experience within the past five years or eight months of agile project experience within the past three years; a current PMP or PgMP certification (see below) can satisfy the requirement for 12 months of experience but is not required

BVOP Certified Project Manager

Business value-oriented principles (BVOP) is an agile-based framework that has grown in popularity in the UK. BVOP emphasizes business value in all project management activities and practices. The BVOP Certified Project Manager is for senior practitioners with experience in both project management and people management. The focus on a people-oriented culture sets it apart from other project management certification programs. It’s a certification aimed at senior project managers, agile professionals, product managers and owners, Scrum masters, and business analysts. The BVOP approach helps to develop professionals’ collaboration skills, and candidates for certification not only gain project and product management skills, but also learn to become more people-focused leaders. The exam includes questions from the project management, program management, and product management sections of the course materials.

Price: $130

Requirements: No previous professional project management experience required; free study guides and preparation materials available online

Certified Associate in Project Management (CAPM)

Administered by the Project Management Institute (PMI), the Certified Associate in Project Management certification is the precursor to the Project Management Professional (PMP) certification (see below). For professionals without a college degree, or with only rudimentary project management experience or those who want to achieve their PMP certification in steps rather than all at once, the CAPM is a stepping-stone to the more rigorous PMP.

For more information, see “CAPM certification guide: Certified Associate in Project Management exam explained.”

Price: $225 for PMI members; $300 nonmembers

Requirements: High-school diploma, associate degree or equivalent, and at least 1,500 hours of project management experience or 23 hours of project management education.

Certified Project Director

The GAQM’s Certified Project Director certification is the credentialing body’s highest-level project management certification. This designation is designed for experienced project managers who are involved in directing multiple complex projects and programs. The certification focuses on managing, budgeting, and determining scope for multiple projects, multiple project teams, and assessing and mitigating interdependent risks to deliver projects successfully. The CDP program is only for those who have significant project management experience.

Price: $280

Requirements: Qualified candidates must have a bachelor’s degree or post-graduate degree or global equivalent and must hold one of the following certifications: a PPM certification from GAQM; a PMP certification from PMI; a PRINCE2 Practitioner certification from APMG; or a CPM certification from GIAC 

Certified Project Management (CPM)

The EC-Council was formed after the Sept. 11, 2001, terrorist attacks to address issues of cyberterrorism and the information security of nations at large. The EC-Council’s Certified Project Management certification course is for project managers who want to benchmark their skills through hands-on experience and across various management techniques and tools necessary to successfully manage complex projects efficiently. The course includes on-demand instructor-led training videos, online CyberQ Labs, a continuing education video subscription, and live instructor-led training in-person or online. You can select from three course options: The basic package includes a single video course, labs, e-courseware and the certification exam; the midtier package adds on the CodeRed continuing education video subscription and live instructor training; and the top-tier package includes an additional certification course, exam insurance, and online exam prep.

Price: $999 for the single video course package; $2,999 for the unlimited video courses; or $3,499 for the full live-course bundle

Requirements: No prerequisites

Certified ScrumMaster (CSM)

The use of agile methodologies has become standard, so it’s not surprising that IT practitioners uniquely qualified to manage projects in agile environments are in high demand. While there are different Scrum master certifications available, the Certified ScrumMaster (CSM) from Scrum Alliance is a great jumping-off point for project managers getting started as Scrum practitioners. The Scrum Alliance, which offers this credential, is a nonprofit organization that encourages the adoption of Scrum and agile practices, promotes user groups and learning events, and provides resources for professional development. The organization boasts more than 450,000 certified practitioners worldwide.

For a deeper look at the CSM, see “CSM certification guide: Certified ScrumMaster exam explained.”

Price: Varies by training provider, but approximately $995 to $1,395

Requirements: General familiarity with Scrum; completion of two-day CSM training course

Master Project Manager (MPM)

The American Academy of Project Management (AAPM) has modeled the Master Project Manager (MPM) after the “professional licensure” model that many professions such as pilots, engineers, doctors, and lawyers follow. The AAPM focuses on professional project managers, but also includes professionals with business and technical management responsibilities. The MPM certification is aimed at senior project managers and project directors who have an undergraduate or master’s degree.  

Price: $300 for application, review, processing, review, initiation, and certification

Requirements: Three years of project management experience and training; waivers available for professionals holding a master’s degree, with other qualified training and experience, the military or project management instructors

PRINCE2 Agile Practitioner

Building on the PRINCE2 Agile Foundation certification, the PRINCE2 Agile Practitioner certification takes the foundational knowledge covered in the first exam and validates your ability to apply it in real-world management examples.

Price: Price varies based on location

Requirements: Agile Foundation certification

PRINCE2 Practitioner

In addition to its entry-level Foundation certification (see above), PRINCE2 offers the PRINCE2 Practitioner certification, which tests advanced project managers who have already achieved PRINCE2 Foundation. The certification is targeted at experienced project managers, project board members, team managers, project assurance professionals, project support professionals, and operational line managers or staff.

Price: Price varies based on location

Requirements: One of the following: PRINCE2 Foundation, Project Management Professional (PMP), CAPM, or an IPMA certification

Professional in Project Management (PPM)

The Professional in Project Management (PPM) is a midtier project management credential from the GAQM. The GAQM’s project management certifications are focused on a broad knowledge base and emphasize effective resource allocation, clear direction, adaptability to change, effective communication, and assurance of quality deliverables at minimal risk. The certification covers how to plan, execute, control, and complete project schedules and how to develop project measures, approach project control, and lead project teams. It focuses on project management fundamentals, project management training, effective planning and scheduling, team building, risk management, crisis management, time management, leadership skills, communication strategies, and knowledge management. The PPM is targeted towards intermediate to experienced project managers who are involved in risk and crisis management, and who are involved in the day-to-day management of projects.

Price: $340

Requirements: GAQM body of knowledge study and e-course; no formal education or experience requirements, but candidates should have at least some project management experience to pass the exam

Project Management in IT security (PMITS) 

The Project Management in IT Security (PMITS) certification from the EC-Council focuses on how to manage IT security projects and how to enhance the success rate for organizations and IT managers. The course associated with the certification guides students through an operational framework for designing IT security projects, providing a roadmap for how to enhance and implement IT security in an organization, and outlining global best practices followed by other experts in the field. It’s specifically designed for federal employees.

Price: $250

Requirements: Must be over 18 years old to complete the exam; candidates are recommended to have an intermediate proficiency level

Project Management Professional (PMP)

The gold standard in project management certifications, the Project Management Professional certification offered by the PMI is a rigorous test that covers absolutely everything you need to prove your knowledge and skill in managing the “triple constraints”: time, cost, and scope. The certification validates your project leadership experience and expertise and demonstrates your capabilities to help organizations work more efficiently and perform better. The exam covers topics such as managing conflict, leading teams, building effective teams, training and empowering team members and stakeholders, executing projects to deliver business value, assess and manage risks, engage stakeholders, plan and manage budgets and resources, among other topics.

For more about the PMP, and tips on how to pass it, see “PMP certification: How to ace the Project Management Professional exam.”

Price: $405 for PMI members, $575 for nonmembers

Requirements: Four-year secondary degree plus three years of project management experience, 4,500 hours leading and directing projects, and 35 hours project management education or CAPM certification; or a high-school diploma, five years of project management experience, 7,500 hours leading and directing projects, and 35 hours of project management education

Program Management Professional (PgMP)

The Program Management Professional (PgMP) certification offered by the PMI is designed for program managers who are senior-level practitioners who are responsible for advancing the organization’s strategic goals. Candidates for this exam should have extensive experience managing multiple, related projects and navigating complex environments across various departments, job functions, regions, or cultures to align results with organizational goals. The exam covers topics such as strategic program management, program life cycles, benefits management, stakeholder management, and governance.

Price: $800 for members; $1,000 for nonmembers

Requirements: A secondary degree or global equivalent, 48 months of project management experience or a PMP certification and 84 months of program management experience within the past 15 years; those with a four-year degree will need 48 months of project management experience or a PMP certification and 48 months oof program management experience within the past 15 years

Careers, Certifications, IT Skills, Project Management Tools

While there’s an open letter calling for all AI labs to immediately pause training of AI systems more powerful than GPT-4 for six months, the reality is the genie is already out of the bottle. Here are ways to get a better grasp of what these systems are capable of, and utilize them to construct an effective corporate use policy for your organization.

Generative AI is the headline-grabbing form of AI that uses un- and semi-supervised algorithms to create new content from existing materials, such as text, audio, video, images, and code. Use cases for this branch of AI are exploding, and it’s being used by organizations to better serve customers, take more advantage of existing enterprise data, and improve operational efficiencies, among many other uses.

But just like other emerging technologies, it doesn’t come without significant risks and challenges. According to a recent Salesforce survey of senior IT leaders, 79% of respondents believe the technology has the potential to be a security risk, 73% are concerned it could be biased, and 59% believe its outputs are inaccurate. In addition, legal concerns need to be considered, especially if externally used generative AI-created content is factual and accurate, content copyrighted, or comes from a competitor.

As an example, and a reality check, ChatGPT itself tells us that, “my responses are generated based on patterns and associations learned from a large dataset of text, and I do not have the ability to verify the accuracy or credibility of every source referenced in the dataset.”

The legal risks alone are extensive, and according to non-profit Tech Policy Press they include risks revolving around contracts, cybersecurity, data privacy, deceptive trade practice, discrimination, disinformation, ethics, IP, and validation.

In fact, it’s likely your organization has a large number of employees currently experimenting with generative AI, and as this activity moves from experimentation to real-life deployment, it’s important to be proactive before unintended consequences happen.

“When AI-generated code works, it’s sublime,” says Cassie Kozyrkov, chief decision scientist at Google. “But it doesn’t always work, so don’t forget to test ChatGPT’s output before pasting it somewhere that matters.”

A corporate use policy and associated training can help to educate employees on some of the risks and pitfalls of the technology, and provide rules and recommendations for how to get the most out of the tech, and, therefore, the most business value without putting the organization at risk.

With this in mind, here are six best practices to develop a corporate use policy for generative AI.

Determine your policy scope – The first step to craft your corporate use policy is to consider the scope. For example, will this cover all forms of AI or just generative AI? Focusing on generative AI may be a useful approach since it addresses large language models (LLMs), including ChatGPT, without having to boil the ocean across the AI universe. How you establish AI governance for the broader topic is another matter and there are hundreds of resources available online.

Involve all relevant stakeholders across your organization – This may include HR, legal, sales, marketing, business development, operations, and IT. Each group may see different use cases and different ramifications of how the content may be used or mis-used. Involving IT and innovation groups can help show that the policy isn’t just a clamp-down from a risk management perspective, but a balanced set of recommendations that seek to maximize productive use and business benefit while at the same time manage business risk.

Consider how generative AI is used now and may be used in the future – Working with all stakeholders, itemize all your internal and external use cases that are being applied today, and those envisioned for the future. Each of these can help inform policy development and ensure you’re covering the waterfront. For example, if you already see proposal teams, including contractors, experimenting with content drafting, or product teams experimenting with creative marketing copy, then you know there could be subsequent IP risk due to outputs potentially infringing on others’ IP rights.

Be in a state of constant development – When developing the corporate use policy, it’s important to think holistically and cover the information that goes into the system, how the generative AI system is used, and then how the information that comes out of the system is subsequently utilized. Focus on both internal and external use cases and everything in between. By requiring all AI-generated content to be labelled as such to ensure transparency and avoid confusion with human-generated content, even for internal use, it may help to prevent accidental repurposing of that content for external use, or act on the information thinking it’s factual and accurate without verification.

Share broadly across the organization – Since policies often get quickly forgotten or not even read, it’s important to accompany the policy with suitable training and education. This may include developing training videos and hosting live sessions. For example, a live Q&A with representatives from your IT, innovation, legal, marketing, and proposal teams, or other suitable groups, can help educate employees on the opportunities and challenges ahead. Be sure to give plenty of examples to help make it real for the audience, like when major legal cases crop up and can be cited as examples.

Make it a living document – As with all policy documents, you’ll want to make this a living document and update it at a suitable cadence as your emerging use cases, external market conditions, and developments dictate. Having all your stakeholders “sign” the policy or incorporate it into an existing policy manual signed by your CEO will show it has their approval and is important to the organization. Your policy should be just one of many parts of your broader governance approach, whether that’s for generative AI, or even AI or technology governance in general.

This is not intended to be legal advice, and your legal and HR departments should play a lead role in approving and disseminating the policy. But hopefully it provides some pointers for consideration. Much like the corporate social media policies of a decade or more ago, spending time on this now will help mitigate the surprises and evolving risks in the years ahead.

Artificial Intelligence, CIO, IT Leadership, IT Training 

Across the manufacturing industry, innovation is happening at the edge. Edge computing allows manufacturers to process data closer to the source where it is being generated, rather than sending it offsite to a cloud or data center for analysis and response. 

For an industry defined by machinery and supply chains, this comes as no surprise. The proliferation of smart equipment, robotics and AI-powered devices designed for the manufacturing sector underscores the value edge presents to manufacturers. 

Yet, when surveyed, a significant gap appears between organizations that recognize the value of edge computing (94%) and those who are currently running mature edge strategies (10%). Running edge devices and smart-manufacturing machines does not always mean there is a fully functioning edge strategy in place. 

Why the gap? 

What is holding back successful edge implementation in an industry that clearly recognizes its benefits?

The very same survey mentioned above suggests that complexity is to blame– with 85% of respondents saying that a simpler path to edge operations is needed. 

What specifically do these complexities consist of? Top among them is: 

Data security constraints: managing large volumes of data generated at the edge, maintaining adequate risk protections, and adhering to regulatory compliance policies creates edge uncertainty.Infrastructure decisions: choosing, deploying, and testing edge infrastructure solutions can be a complex, costly proposition. Components and configuration options vary significantly based on manufacturing environments and desired use casesOvercoming the IT/OT divide: barriers between OT (operational technology) devices on the factory floor and enterprise applications (IT) in the cloud limit data integration and time to value for edge initiatives. Seamless implementation of edge computing solutions is difficult to achieve without solid IT/OT collaboration in place.Lack of edge expertise: a scarcity of edge experience limits the implementation of effective edge strategies. The move to real-time streaming data, data management, and mission-critical automation has a steep learning curve.

Combined, these challenges are holding back the manufacturing sector today, limiting edge ROI (return on investment), time to market and competitiveness across a critical economic sector. 

As organizations aspire toward transformation, they must find a holistic approach to simplifying—and reaping the benefits of — smart factory initiatives at the edge.

Build a Simpler Edge 

What does a holistic approach to manufacturing edge initiatives look like? It begins with these best practices: 

Start with proven technologies to overcome infrastructure guesswork and obtain a scalable, unified edge architecture that ingests, stores, and analyzes data from disparate sources in near-real time and is ready to run advanced smart-factory applications in a matter of days, not weeks. Deliver IT and OT convergence by eliminating data silos between edge devices on the factory floor (OT) and enterprise applications in the cloud (IT), rapidly integrating diverse data types for faster time to value Streamline the adoption of edge use cases with easy and quick deployment of new applications, such as machine vision for improved production quality and digital twin composition for situational modeling, monitoring, and simulationScale securely using proven security solutions that protect the entire edge estate, from IT to OT. Strengthen industrial cybersecurity using threat detection, vulnerability alerts, network segmentation, and remote incident managementEstablish a foundation for future innovation with edge technologies that scale with your business, are easily configured to adopt new use cases— like artificial intelligence, machine learning and private 5G— that minimize the complexity that holds manufacturers back from operating in the data age.

Don’t go it alone

The best way to apply these practices is to start with a tested solution designed specifically for manufacturing edge applications. Let your solution partner provide much of the edge expertise your organization may not possess internally. A partner who has successfully developed, tested and deployed edge manufacturing solutions for a wide variety of use cases will help you avoid costly mistakes and reduce time to value along the way. 

You don’t need to be an industry expert to know that the manufacturing sector is highly competitive and data-driven. Every bit of information, every insight matters and can mean the difference between success or failure. 

Product design and quality, plant performance and safety, team productivity and retention, customer preferences and satisfaction — are all contained in your edge data. Your ability to access and understand that data depends entirely on the practices you adopt today. 

Digitally transforming edge operations is essential to maintaining and growing your competitive advantage moving forward.

A trusted advisor at the edge

Dell has been designing and testing edge manufacturing solutions for over a decade, with customers that include EricssonMcLarenLinde and the Laboratory for Machine Tools at Aachen University

You can learn more about our approach to edge solutions for the manufacturing sector, featuring Intel® Xeon® processors, at Dell Manufacturing Solutions. The latest 4th Gen Intel® Xeon® Scalable processors have built-in AI acceleration for edge workloads – with up to 10x higher PyTorch real-time inference performance with built-in Intel® Advanced Matrix Extensions (Intel® AMX) (BF16) vs. the prior generation (FP32)1.

See [A17] at intel.com/processorclaims: 4th Gen Intel® Xeon® Scalable processors. Results may vary.

Edge Computing

Business analysts are in high demand, with 24% of Fortune 500 companies currently hiring business analysts across a range of industries, including technology (27%), finance (13%), professional services (10%), and healthcare (5%), according to data from Zippia. And the Bureau of Labor Statistics predicts that business analyst jobs will grow 11% from 2021 to 2031.

Business analysts help organizations make the most of the data they collect by finding trends, patterns, and errors that might otherwise go unnoticed. Successful business analysts have the skills to work with data, the acumen to understand the business side of the organization, and the ability to communicate that information to people outside of IT. Top skills for business analysts include project management, data analysis, business analysis, user stories, and user acceptance, according to Zippia. And the top employers of business analysts include Google, Citi, JPMorgan Chase & Co., Amazon, Capgemini, and IBM.

Business analytics is a lucrative role in IT, with an average entry-level salary of $82,084 per year. Throughout their careers, business analysts report average salaries ranging from $66,000 to $103,000 per year, according to Glassdoor. One of the chief ways to kickstart a career as a business analyst or to earn more is through certification.

Certifications offer an avenue for professional development by offering credentials that demonstrate mastery of relevant job skills and expertise. Following are the most in-demand certifications for business analysts, broken out by where they fit best in the business analyst career path.

Business analyst certification for beginners

For entry-level business analysts, or anyone looking to change career paths, the following certifications can help get you started. These credentials are geared to those just starting out in analytics, demonstrating your overall abilities as an entry-level business analyst.

Associate Certified Analytics Professional (aCAP)

The Associate Certified Analytics Professional (aCAP) is a vendor-neutral certification that validates your skills as an entry-level analytics professional and that you agree to adhere to the aCAP Code of Ethics. It’s the first step on the path to earning a Certified Analytics Professional (CAP) credential, which requires three or more years of experience in the industry. But for entry-level business analysts, the aCAP certification is designed for any level of education or experience. The exam will test your knowledge in seven domains of the analytics process: business problem framing, analytics problem framing, data, methodology selection, model building, deployment, and lifecycle management. The aCAP designation is a great way to start building your resume and demonstrating your proficiency in analytics, even if you don’t have a lot of experience.

Exam fee: $200 for INFORMS members, $300 for nonmembers

IIBA Entry Certificate in Business Analysis (ECBA)

The Entry Certificate in Business Analysis (ECBA) is the first level of certification with the International Institute of Business Analysis (IIBA). It is designed for less experienced and entry-level business analysts. You will need to complete at least 21 hours of professional training credits, within the past four years, before you will be eligible for the exam. You don’t have to renew your ECBA certification, but it’s assumed you’ll move on to the second or third levels of certification. For more, see our guide on the ECBA.

Application fee: $45Exam fee: $150 for IIBA members, $305 for nonmembersRetake fee: $95 for IIBA members, $250 for nonmembers

IQBBA Certified Foundation Level Business Analyst (CFLBA)

The International Qualifications Board for Business Analysts (IQBBA) offers the Certified Foundation Level Business Analysis (CFLBA) as an entry-level certification, which will qualify you to earn higher levels of certification. It’s a globally recognized certification with accredited exam and training centers across the world. It’s designed for “people involved in analyzing business processes within an organization, modeling businesses and process improvement.” The foundation level covers enterprise analysis, business analysis process planning, requirements elicitation, requirements analysis, solution validation, tools and techniques, innovation and design. Accredited training and exam centers in the United States are limited, with centers in Illinois, Maryland, Oklahoma, Florida, and Texas. But there are options to take training courses and exams online.

Exam fee: Varies by location

SimpliLearn Business Analyst Certification Masters Program

If you’re new to the industry or want to change careers and start on the path of a business analyst, SimpliLearn offers a Business Analyst Masters Program that is accredited by the IIBA. Through the program, you can opt to earn your CCBA certification as well as certifications in Agile Scrum Foundation, Digital Transformation for Leaders, Python for Data Science, and R Programming for Data Science. Completion of the program will also earn you 35 IIBA and 25 Project Management Institute (PMI) professional development units.

The course promises to make you an expert in Excel, CBAP, Tableau, Scrum, SQL, and CCBA. You’ll also learn how to build interactive dashboards, apply statistical tools and concepts, plan and track Scrum projects, understand business analysis key concepts, analyze data using Tableau, and more.

Course fee: $1,499

In-demand certifications for advanced business analysts

For business analysts already into their careers, there are several certifications that will help validate your advanced skills. As you progress through your career, these certifications can help demonstrate to employers that you have the right skills as an advanced business analyst.

Certified Analytics Professional (CAP)

The Certified Analytics Professional (CAP) is a vendor-neutral certification that certifies your skills and ability to draw valuable insights from complex data sets to help guide strategic businesses decisions. To qualify for this certification, you will need a master’s degree in a related field and at least five years of relevant experience, or a bachelor’s degree in a related field along with seven years of experience in data or analytics.

Exam fee: $495 for INFORMS members, $695 for nonmembers

IIBA Certification of Competency in Business Analysis (CCBA)

Level 2 of the IIBA certification, the Certification of Competency in Business Analysis (CCBA) requires a minimum 3,750 hours of business analytics work aligned with the IIBA’s Business Analysis Book of Knowledge (BABOK) guide in the past 7 years, 900 hours in two of six BABOK knowledge areas, or 500 hours in four of six BABOK knowledge areas. The certification also requires a minimum of 21 hours professional development training in the past four years and two professional references. The CCBA exam consists of 130 multiple-choice questions that are scenario-based and require some analysis. It covers fundamentals, underlying competencies, key concepts, techniques, and all six knowledge areas covered in the BABOK.

Application fee: $145Exam fee: $250 for IIBA members, $405 for nonmembersRetake fee: $195 for IIBA members, $205 for nonmembers

IIBA Certified Business Analysis Professional (CBAP)

The Certified Business Analysis Professional CBAP certification is the third level of certification with IIBA and it’s designed for “individuals with extensive business analysis experience.” To qualify for this certification, you’ll need a minimum of 7,500 hours of business analyst work experience in the past 10 years, 900 hours of work experience hours within four of the six BABOK knowledge areas, at least 35 hours of professional development in the past four years and professional references. The exam is 3.5 hours long and includes 120 multiple-choice questions that are based on case studies. After you pass, you’ll need to report at least 60 hours of continuing development units every three years. For more, see our guide on the CBAP.

Application fee: $145Exam fee: $350 for IIBA members, $505 for non-membersRetake fee: $295 for IIBA members, $450 for non-members

IIBA Agile Analysis Certification (AAC)

As a methodology, agile has been rising in importance for business analysts over the past several years, according to the IIBA. The association’s competency-based Agile Analysis Certification (AAC) exam was designed to address this skillset and to certify business analyst professionals working in agile environments, which require fast adaption and rapid change. The exam was developed using the Agile Extension to the BABOK guide and was released in May 2018. It is a standalone certification and is separate from the other IIBA business analyst certifications, which stack on top of one another.

The exam is offered through remote online proctoring and consists of 85 multiple-choice, scenario-based questions to be completed in 2 hours. The exam’s four main topics include agile mindset (30%), strategy horizon (10%), initiative horizon (25%), and delivery horizon (35%). Your certification will last for three years, at which point you’ll need to renew the certification. There aren’t any eligibility requirements to take the exam, but the IIBA recommends at least two to five years of agile-related experience.

Exam fee: $250 for IIBA members, $400 for nonmembersRetake fee: $195 for IIBA members, $350 for nonmembers

IIBA Certification in Business Data Analytics (CBDA)

The Certification in Business Data Analytics (IIBA-CBDA) from the IIBA is a new certification that “recognizes your ability to effectively execute analysis-related work in support of business analytics initiatives.” To pass the exam, you will need to examine a real-world business problem, identify the data sources and how to obtain data, analyze the data, interpret and report results from the data. You’ll then need to demonstrate how those results can influence business decision-making and guide company-level strategies for business analytics.

Exam fee: $250 for IIBA members, $400 for nonmembersRetake fee: $195 for IIBA members, $350 for nonmembers

IQBBA Certified Advanced Level Business Analyst (CALBA) 

The IQBBA Certified Advanced Level Business Analyst (CALBA) certification builds off the CFLBA foundation level cert, with the exam covering more advanced analytics skills and knowledge. You’ll be tested in your knowledge of business analysis process management, requirements management, and strategic analysis and optimization. The three modules cover higher-level concepts of business analytics such as strategy definition, solution evaluation and optimization, business analysis processes, people management, relevant tools and software, change management, conflict management, and more. The exam is multiple choice and you can choose to take a course prior, or study on your own time and take the exam when you are ready. The IQBBA announced an expert-level certification, but as of this writing it has not yet been released.

Exam fee: Varies by location

IQBBA Certified Agile Business Analysis (CABA)

The IQBBA Certified Agile Business Analysis (CABA) certification is designed to help bring more clarity to how agile can help maximize the effectiveness of business analytics. It aims to help business analysts have greater impact on agile software development projects. The exam covers how to identify the role of a business analyst in an agile development project, how to establish the responsibilities of a business analyst on an agile team, and how to integrate the concept of continuous improvement into analytics. The certification helps establish the role of a business analyst in an agile environment and offers a blueprint on how to integrate agile into the business analytics process.

Exam fee: Varies by location

IREB Certified Professional for Requirements Engineering (CPRE)

The International Requirements Engineering Board (IREB) offers the Certified Professional for Requirements Engineering (CPRE) certification is designed for those working in requirements engineering (RE), and it’s offered at three levels. The Foundation Level is first, where you’ll be certified in the basics of RE. The Advanced Level is next, where you can choose between three paths, including Requirements Elicitation and Consolidation, Requirements Modeling and Requirements Management — but you’ll need to wait 12 months after completing the first exam to take the advanced level exam. The Expert Level certifies you at the “highest level of expert knowledge,” which includes both your hands-on experience as well as your knowledge and skills gained through previous certifications.

Your certification will not expire, and you will not need to renew it. The IREB states that the CPRE is “based on the fundamental methods and approaches of Requirements Engineering, and these alter only slowly,” so at this time, they don’t see a need for renewal.

Exam fee: Varies by testing center

PMI Professional in Business Analysis (PBA) Certification

The PMI Professional in Business Analysis (PBA) certification is designed for business analysts who work with projects or programs, or project and program managers who work with analytics. It’s offered through the Project Management Institute (PMI), which specializes in widely recognized project management certifications, such as the PMP. The certification focuses on business analysis training through hands-on projects and testing on business analysis principles, tools and fundamentals.

If you’ve already earned a bachelor’s degree, you’ll need at least three years’ experience, or 4,500 hours, in business analysis consecutively within the past eight years to earn this certification. Without a bachelor’s degree, you’ll need five years or 7,500 hours experience.

You’ll be required to earn 60 professional development units within three years after completing the certification to maintain your renewal status. If you let your renewal lapse, your credentials will be suspended for one year until you fulfill the requirements — after that, it will be terminated and you’ll need to reapply.

Exam fee: $405 for PMI members, $555 for nonmembers

Business Analyst, Careers, Certifications, IT Skills

Data governance definition

Data governance is a system for defining who within an organization has authority and control over data assets and how those data assets may be used. It encompasses the people, processes, and technologies required to manage and protect data assets.

The Data Governance Institute defines it as “a system of decision rights and accountabilities for information-related processes, executed according to agreed-upon models which describe who can take what actions with what information, and when, under what circumstances, using what methods.”

The Data Management Association (DAMA) International defines it as the “planning, oversight, and control over management of data and the use of data and data-related sources.”

Data governance framework

Data governance may best be thought of as a function that supports an organization’s overarching data management strategy. Such a framework provides your organization with a holistic approach to collecting, managing, securing, and storing data. To help understand what a framework should cover, DAMA envisions data management as a wheel, with data governance as the hub from which the following 10 data management knowledge areas radiate:

Data architecture: The overall structure of data and data-related resources as an integral part of the enterprise architectureData modeling and design: Analysis, design, building, testing, and maintenanceData storage and operations: Structured physical data assets storage deployment and managementData security: Ensuring privacy, confidentiality, and appropriate accessData integration and interoperability: Acquisition, extraction, transformation, movement, delivery, replication, federation, virtualization, and operational supportDocuments and content: Storing, protecting, indexing, and enabling access to data found in unstructured sources and making this data available for integration and interoperability with structured dataReference and master data: Managingshared data to reduce redundancy and ensure better data quality through standardized definition and use of data valuesData warehousing and business intelligence (BI): Managing analytical data processing and enabling access to decision support data for reporting and analysisMetadata: Collecting, categorizing, maintaining, integrating, controlling, managing, and delivering metadataData quality: Defining, monitoring, maintaining data integrity, and improving data quality

When establishing a strategy, each of the above facets of data collection, management, archiving, and use should be considered.

The Business Application Research Center (BARC) warns that data governance is a highly complex, ongoing program, not a “big bang initiative,” and it runs the risk of participants losing trust and interest over time. To counter that, BARC recommends starting with a manageable or application-specific prototype project and then expanding across the company based on lessons learned.

BARC recommends the following steps for implementation:

Define goals and understand benefitsAnalyze current state and delta analysisDerive a roadmapConvince stakeholders and budget projectDevelop and plan the data governance programImplement the data governance programMonitor and control

Data governance vs. data management

Data governance is just one part of the overall discipline of data management, though an important one. Whereas data governance is about the roles, responsibilities, and processes for ensuring accountability for and ownership of data assets, DAMA defines data management as “an overarching term that describes the processes used to plan, specify, enable, create, acquire, maintain, use, archive, retrieve, control, and purge data.”

While data management has become a common term for the discipline, it is sometimes referred to as data resource management or enterprise information management (EIM). Gartner describes EIM as “an integrative discipline for structuring, describing, and governing information assets across organizational and technical boundaries to improve efficiency, promote transparency, and enable business insight.”

Importance of data governance

Most companies already have some form of governance for individual applications, business units, or functions, even if the processes and responsibilities are informal. As a practice, it is about establishing systematic, formal control over these processes and responsibilities. Doing so can help companies remain responsive, especially as they grow to a size in which it is no longer efficient for individuals to perform cross-functional tasks. Several of the overall benefits of data management can only be realized after the enterprise has established systematic data governance. Some of these benefits include:

Better, more comprehensive decision support stemming from consistent, uniform data across the organizationClear rules for changing processes and data that help the business and IT become more agile and scalableReduced costs in other areas of data management through the provision of central control mechanismsIncreased efficiency through the ability to reuse processes and dataImproved confidence in data quality and documentation of data processesImproved compliance with data regulations

Goals of data governance

The goal is to establish the methods, set of responsibilities, and processes to standardize, integrate, protect, and store corporate data. According to BARC, an organization’s key goals should be to:

Minimize risksEstablish internal rules for data useImplement compliance requirementsImprove internal and external communicationIncrease the value of dataFacilitate the administration of the aboveReduce costsHelp to ensure the continued existence of the company through risk management and optimization

BARC notes that such programs always span the strategic, tactical, and operational levels in enterprises, and they must be treated as ongoing, iterative processes.

Data governance principles

According to the Data Governance Institute, eight principles are at the center of all successful data governance and stewardship programs:

All participants must have integrity in their dealings with each other. They must be truthful and forthcoming in discussing the drivers, constraints, options, and impacts for data-related decisions.Data governance and stewardship processes require transparency. It must be clear to all participants and auditors how and when data-related decisions and controls were introduced into the processes.Data-related decisions, processes, and controls subject to data governance must be auditable. They must be accompanied by documentation to support compliance-based and operational auditing requirements.They must define who is accountable for cross-functional data-related decisions, processes, and controls.It must define who is accountable for stewardship activities that are the responsibilities of individual contributors and groups of data stewards.Programs must define accountabilities in a manner that introduces checks-and-balances between business and technology teams, and between those who create/collect information, those who manage it, those who use it, and those who introduce standards and compliance requirements.The program must introduce and support standardization of enterprise data.Programs must support proactive and reactive change management activities for reference data values and the structure/use of master data and metadata.

Best practices of data governance

Data governance strategies must be adapted to best suit an organization’s processes, needs, and goals. Still, there are six core best practices worth following:

Identify critical data elements and treat data as a strategic resource.Set policies and procedures for the entire data lifecycle.Involve business users in the governance process.Don’t neglect master data management.Understand the value of information.Don’t over-restrict data use.

For more on doing data governance right, see “6 best practices for good data governance.”

Challenges in data governance

Good data governance is no simple task. It requires teamwork, investment, and resources, as well as planning and monitoring. Some of the top challenges of a data governance program include:

Lack of data leadership: Like other business functions, data governance requires strong executive leadership. The leader needs to give the governance team direction, develop policies for everyone in the organization to follow, and communicate with other leaders across the company.Lack of resources: Data governance initiatives can struggle for lack of investment in budget or staff. Data governance must be owned by and paid for by someone, but it rarely generates revenue on its own. Data governance and data management overall, however, are essential to leveraging data to generate revenue.Siloed data: Data has a way of becoming siloed and segmented over time, especially as lines of business or other functions develop new data sources, apply new technologies, and the like. Your data governance program needs to continually break down new siloes.

For more on these difficulties and others, see “7 data governance mistakes to avoid.”

Data governance software and vendors

Data governance is an ongoing program rather than a technology solution, but there are tools with data governance features that can help support your program. The tool that suits your enterprise will depend on your needs, data volume, and budget. According to PeerSpot, some of the more popular solutions include:

Data governance solutionDescription and featuresCollibra GovernanceCollibra is an enterprise-wide solution that automates many governance and stewardship tasks. It includes a policy manager, data helpdesk, data dictionary, and business glossary.SAS Data ManagementBuilt on the SAS platform, SAS Data Management provides a role-based GUI for managing processes and includes an integrated business glossary, SAS and third-party metadata management, and lineage visualization.erwin Data Intelligence (DI) for Data Governanceerwin DI combines data catalog and data literacy capabilities to provide awareness of and access to available data assets. It provides guidance on the use of those data assets and ensures data policies and best practices are followed.Informatica AxonInformatica Axon is a collection hub and data marketplace for supporting programs. Key features include a collaborative business glossary, the ability to visualize data lineage, and generate data quality measurements based on business definitions.SAP Data HubSAP Data Hub is a data orchestration solution intended to help you discover, refine, enrich, and govern all types, varieties, and volumes of data across your data landscape. It helps organizations to establish security settings and identity control policies for users, groups, and roles, and to streamline best practices and processes for policy management and security logging.AlationAlation is an enterprise data catalog that automatically indexes data by source. One of its key capabilities, TrustCheck, provides real-time “guardrails” to workflows. Meant specifically to support self-service analytics, TrustCheck attaches guidelines and rules to data assets.Varonis Data Governance SuiteVaronis’s solution automates data protection and management tasks leveraging a scalable Metadata Framework that enables organizations to manage data access, view audit trails of every file and email event, identify data ownership across different business units, and find and classify sensitive data and documents.IBM Data GovernanceIBM Data Governance leverages machine learning to collect and curate data assets. The integrated data catalog helps enterprises find, curate, analyze, prepare, and share data.

Data governance certifications

Data governance is a system but there are some certifications that can help your organization gain an edge, including the following:

DAMA Certified Data Management Professional (CDMP)Data Governance and Stewardship Professional (DGSP)edX Enterprise Data ManagementSAP Certified Application Associate – SAP Master Data Governance

For related certifications, see “10 master data management certifications that will pay off.”

Data governance roles

Each enterprise composes its data governance differently, but there are some commonalities.

Steering committee

Governance programs span the enterprise, generally starting with a steering committee comprising senior management, often C-level individuals or vice presidents accountable for lines of business. Morgan Templar, author of Get Governed: Building World Class Data Governance Programs, says steering committee members’ responsibilities include setting the overall governance strategy with specific outcomes, championing the work of data stewards, and holding the governance organization accountable to timelines and outcomes.

Data owner

Templar says data owners are individuals responsible for ensuring that information within a specific data domain is governed across systems and lines of business. They are generally members of the steering committee, though may not be voting members. Data owners are responsible for:

Approving data glossaries and other data definitionsEnsuring the accuracy of information across the enterpriseDirect data quality activitiesReviewing and approving master data management approaches, outcomes, and activitiesWorking with other data owners to resolve data issuesSecond-level review for issues identified by data stewardsProviding the steering committee with input on software solutions, policies, or regulatory requirements of their data domain

Data steward

Data stewards are accountable for the day-to-day management of data. They are subject matter experts (SMEs) who understand and communicate the meaning and use of information, Templar says, and they work with other data stewards across the organization as the governing body for most data decisions. Data stewards are responsible for:

Being SMEs for their data domainIdentifying data issues and working with other data stewards to resolve themActing as a member of the data steward councilProposing, discussing, and voting on data policies and committee activitiesReporting to the data owner and other stakeholders within a data domainWorking cross-functionally across lines of business to ensure their domain’s data is managed and understood

More on data governance:

7 data governance mistakes to avoid6 best practices for good data governanceThe secrets of highly successful data analytics teams What is data architecture? A framework for managing data10 master data management certifications that will pay off

Big Data, Data and Information Security, Data Integration, Data Management, Data Mining, Data Science, IT Governance, IT Governance Frameworks, Master Data Management

Technology work attracts neurodivergent people. So if you are leading a tech team, it’s likely that someone in your crew may be on the autism spectrum (ASD), be living with ADHD, or have an auditory processing disorder, learning disability, or other mental difference. Without the right accommodations, many neurodiverse professionals can struggle and, eventually, leave. These modifications are typically not equipment you can install or tasks to add to HR’s plate. They are behaviors and processes that start with you.

“This is the unique challenge of leadership,” says Brian Zielinski, vice president of technology at Circa. “Some of the most productive, talented individuals have challenges in terms of how they interact with others, or with the world. That talent is precious. If you can create an environment where they can be productive, you’ve got a leg up on the competition.”

To accomplish that, you likely need to do more than you are. A recent Wiley study found that 60% of business leaders believe they are working to foster an inclusive culture while half of Gen Z tech workers felt uncomfortable in a job because of their gender, race, ethnicity, socio-economic background, or neurodevelopmental condition. This disconnect is hitting companies hard when it comes to retaining talent. The reason most young tech workers gave (20%) when asked why they left or wanted to leave a role was that they lacked a sense of belonging.

I asked experts how to fix this. And it turns out that most of the adjustments neurodiverse people need are relatively simple and inexpensive to implement.

“And most of what we think of as accommodations make the environment better for everybody,” says Cara Pelletier, M.A., senior director of DEI at holistic performance management platform 15Five. “When you’re implementing something that makes life easier for somebody with a disability, you’re making life easier for everybody.”

1. Ask people what they need

Neurodiversity includes a wide range of styles, disabilities, preferences, and needs. You can’t know what any of those are until you ask, which is the best place to start.

“In most of my internal messaging before a meeting, I ask, ‘Do you need any accommodations?’” explains Chloe Duckworth, co-founder and CEO of Valence Vibrations, which makes digital solutions for neurodiverse teams. “I make sure I’m asking the question in our very first encounter.”

If you are leading a team and have not already done this, you might hesitate to raise the subject.  

“The most important thing you can do as an executive trying to support disabled or neurodivergent employees,” says Duckworth, “is to ask them what they prefer. It can be uncomfortable for people to constantly advocate for themselves without knowing if their boss or peers will be accommodating. So a lot of disabled people don’t feel comfortable disclosing their diagnosis. As executives, it’s incumbent on us to proactively ask employees what they need.”

You might feel that you don’t want to probe into things that aren’t your business, bring up something that might make your team member feel uncomfortable, be rude, or know what to say. You don’t have to ask about their disability or neuro type, though.

“People don’t need a diagnosis — and shouldn’t have to disclose one — for you to be able to accommodate the best way for them to perform in your environment,” says Duckworth. Ask instead, “What type of workplace environment helps you focus,” she says.

2. Build a safe psychological space

If you find that getting people to ask for what they need is a challenge, it may mean that your work environment does not feel safe or that people don’t trust the company.

“The more psychological safety there is in an environment, the more you’re going to find disclosure of what would help people perform best or deliver results best,” says Bettina Greene-Thompson, program manager for DEI talent acquisition at Amazon.

For Circa, this took some effort. “The biggest cultural change was building an environment where individuals felt comfortable sharing,” says Zielinski. “We were not getting that reporting early in our journey. That took bold statements by leadership. We did mental health roundtables, where we split up into groups and talked about our own experiences. I think that humanized it for everybody.”

This was true at Amazon, too. “Having environments where conversations can exist and you can feel seen and authentic, has an impact on how secure an individual feels,” says Greene-Thompson. “I know, for myself, having leadership come forth and identify and be public about it, allowed me to feel comfortable with my own disclosure.”

3. Learn to speak many emotional languages

Some people talk in meetings and chat effortlessly with you and coworkers. Others communicate as if they are being charged a fee for every word. Some gesticulate enthusiastically while others present such a flat affect, you wonder if they spoke at all. The way someone expresses themselves can be the result of ASD, their cultural background, and many other factors. It’s important to listen to the intention and meaning of what people say, not only their emotional delivery.

“About 10% of the worldwide population is estimated to have alexithymia,” explains Duckworth. “This is an emotional perception deficit that commonly coexists with autism, ADHD, and anxiety disorders.”

Emotional perception can have a huge impact on the way your team communicates, though. Duckworth offers an example: Duckworth offers an example from another company that had many brilliant, autistic engineers. All of them raised a red flag that something in the stack was broken. “But because they had a very flat affect in the way they were communicating that challenge, the people on their team didn’t address it appropriately. They didn’t realize how severe the issue was,” she says.

This emotional communication breakdown can happen between people of different genders, cultural backgrounds, and neurotypes, too. “We are trained, neurologically, to interpret emotions by comparing them to people like us,” she explains. “So, if we’re speaking to someone that doesn’t have our same vocal tone patterns to convey emotions, we often misinterpret them and may not realize it.”

4. Document expectations and action items

One simple step that helps every neuro type — and takes the onus of asking for an accommodation off neurodiverse people — is to practice good hygiene around work expectations and the action items that arise in meetings. Use daily, weekly, or monthly checklists to make your expectations clear and easy to reference. And write out action items in the meeting chat or a shared document during the meeting.

“Having clear goals and a checklist of things you’re supposed to accomplish between check-ins is important,” says Pelletier. “People with autism or ADHD also sometimes have auditory processing disorders so they miss part of the conversation, or it takes them longer to process what you’re saying.” That checklist becomes an easy source of truth, viewed by both parties, that can prevent misunderstandings and keep people on track.

“It’s another way to be sure you are on track, which is huge for someone with ADHD, anyone who struggles to prioritize their time, or who’s on the autism spectrum and who may come out of conversations without clarity,” says Pelletier.

5. Offer a written version of meetings and agendas

A simple way to address a wide range of needs is also just good meeting hygiene.

“Make meetings more friendly for neurodivergent people,” suggests Pelletier, “by putting out an agenda ahead of time. This gives people a chance to read it, think about it, process it, and prepare for the meeting.”

Also turn on captioning in meetings and make a transcription of it readily available. This helps anyone with an auditory processing disorder overcome the difficulty of following meetings that are audio only. If you make this standard operating procedure, neurodiverse people for whom auditory processing is a challenge won’t have to ask for anything. And those tools, though often intended for people who are hearing impaired “are also helpful for people in a noisy environment, on their commute, who have kids in the background, speak English as a second or third language, and for lots of other reasons,” says Pelletier. It’s even helpful for people who simply prefer to glance over meeting notes for an idea or task, rather than rewatch a video or listen to a recording.

6. Take a break from meetings

One thing 15Five does to provide a more neurodivergent-friendly workplace culture is to have a day without internal meetings, Pelletier says. Most people on your team will appreciate the uninterrupted time as well as a day where they don’t have to dress up, wear makeup, or be social. But for some neuro types, this is huge.

“For many autistic people, video conversations are mentally and emotionally taxing,” explains Pelletier. “Many autistic people have a difficult time matching their facial expression with their emotions. Behind the scenes, there is another track where I’m thinking, ‘Fix your face so you look engaged. Don’t look angry or upset. Look into the camera. Don’t spend a lot of time looking away. It’s like when you watch a duck go across the water. You see only the bird gliding on top. What you don’t see underneath is the feet paddling like hell. If I can turn the camera off, all I have to do is close my eyes, focus on what I hear you saying, and try to interpret the tone of your voice. I don’t have to worry about what is my face doing.”

Video calls can sometimes be necessary or desirable. But often they aren’t. “Provide the grace and flexibility to allow people to show up in a way that’s going to be most productive for them at that time,” says Pelletier. “Sometimes tiny adjustments like that make a huge difference for people.”

7. Get some training

“Education is the foundation,” says Amazon’s Greene-Thompson. The actions you take in your role as leader are important to the success and productivity of a wide range of neuro types. We all know only our own way of seeing and interacting with the world. But ours might not match what others experience.

To discover what you don’t already know, you have to study. Read about neurodiversity. Invite speakers to give presentations. Take a class. “The more you understand,” says Greene-Thompson, “the more you see that your lived experience is only your own perspective. But how do we understand the lived experience of another? How do we make the work environment more accommodating, equitable, and inclusive for everyone? We start with education, training, presentations, through accessing the latest research, and in seeking out subject matter experts in this field.”

This effort usually has benefits beyond your neurodiverse team. “We find that managers start to think, ‘This is going to work for everybody!’ If I, say, start asking what is your communication style or how can I support you best. For a neurodivergent individual, it might be one thing. For a working parent, it might be ‘Can I start at 10 am? Can we schedule meetings at 11?’”

Everyone is different. When you learn about these differences, you might discover people are struggling with something that’s easy to change.

“When we recognize that everybody’s showing up uniquely and support them delivering their best work,” says Greene-Thompson, “we are much more inclusive.”

Diversity and Inclusion, Staff Management

In today’s cybersecurity environment—with new types of incidents and threat vectors constantly emerging—organizations can’t afford to sit back and wait to be attacked. They need to be proactive and on the offensive when it comes to defending their networks, systems, and data.

It’s important to understand that launching an offensive cybersecurity strategy does not mean abandoning traditional defensive measures such as deploying firewalls, intrusion detection systems (IDS), anti-malware software, patch management, security information and event management (SIEM), and other such tools.

Going on the offensive with cybersecurity involves taking extra steps to preemptively identify weaknesses before bad actors can take advantage of them. It means thinking like they do and anticipating their moves. While the idea of taking a proactive approach to security is not new, it has taken on greater significance given the level of risk so many organizations face today.

Threat hunting strategy

One of the most effective ways to be proactive with security is to deploy a threat-hunting strategy. Cyber threat hunting is a proactive defense initiative in which security teams search through their networks to find and isolate advanced threats that evade existing security tools.

Whereas traditional solutions such as firewalls and IDS generally involve investigating evidence-based data after an organization has received a warning of a possible threat, threat hunting means going out to look for threats before they even materialize.

Gain visibility

Several key components make up the foundation of a strong threat-hunting program. The first is the ability to maintain a complete, real-time picture of the organization’s environment so that threats have no place in which to hide. If the security team is not able to see the threats within their organization’s environment, how can it take the necessary steps to stop them?

Having the kind of visibility that’s needed can be a challenge for many organizations. The typical IT infrastructure today is made up of diverse, dynamic, and distributed endpoints that create a complex environment in which threat vectors can easily stay out of sight for weeks or even months.

That’s why an organization needs technology that allows it to locate each endpoint in its environment and know if it’s local, remote or in the cloud; identify active users, network connections, and other data for each of the endpoints; visualize lateral movement paths attackers can traverse to access valuable targets; and verify whether policies are set on each of the endpoints so they can identify any gaps.

Proactively hunt for threats

The second key component of threat hunting is the ability to proactively hunt for known or unknown threats across the environment within a matter of seconds. Security teams need to know if there are active threats already in the environment.

They need to be able to search for new, unknown threats that signature-based endpoint tools miss; hunt for threats directly on endpoints, rather than through partial logs; investigate individual endpoints as well as the entire environment within minutes without creating a strain on network performance; and determine the root causes of any incidents experienced on any endpoint devices within the environment.

Remediating threats

The third foundational component of threat hunting is the ability to respond to and resolve any threats that the security team finds within the same unified platform. Finding a threat is not enough—it has to be obliterated.

A threat-hunting solution should enable security teams to easily shift from threat hunting to response by using a single dataset and platform; quickly applying defensive controls to endpoints during an incident; learning from incidents and, through this knowledge, hardening the environment to prevent similar attacks,and streamlining policy management to keep endpoints in a secure state at all times.

What to look for in a threat-hunting solution 

A key factor to look for in a threat-hunting solution is the ability to use statistical analyses to better understand whether particular incidents are notable. That can only happen when a system can enrich data telemetry in real time, at scale, and in constantly changing situations.

Security teams can leverage every log source, piece of telemetry, and bit of endpoint metadata and traffic flow in an aggregated manner to get a clear understanding of what’s going on. Threat actors will not be able to get into an organization’s environment completely undetected. It’s only a matter of whether the threat-hunting team is leveraging the right data to track them down.

It’s important for security hunting teams to have high-confidence threat intelligence and to follow the right feeds. While enriching alerts with real-time intelligence is not always easy, it’s vital for success. Teams need to work with trusted sources of data and must be able to filter the data to reduce false positives as well as false negatives.

In addition to threat hunting, organizations can leverage services such as penetration testing and threat intelligence. With penetration testing, an organization hires a service provider to launch a simulated attack against its networks and systems to evaluate security.

Such tests identify weaknesses that might enable unauthorized actors to gain access to the organization’s data. Based on the results, the security team can make any needed enhancements to address the vulnerabilities.

Cyber threat intelligence is any information about threats and threat actors that is intended to help companies mitigate potential attacks in cyberspace. Sources of the information might include open-source intelligence, social media, device log files, and others.

Over the past few years, threat intelligence has become an important component of cybersecurity strategies, because it helps organizations be more proactive in their approach and determine which threats represent the greatest risks.

By being proactive about security, organizations can be out in front of the ever-expanding threat landscape. They can help to ensure that they’re not just waiting impassively for attacks to come, but taking initiatives to stop bad actors before they can act.

Learn how a converged endpoint management platform can help CIOs keep pace with tomorrow’s threats. Check out this eBook, The cybersecurity fail-safe: Converged Endpoint Management.


The effective management of mobile devices is a game of high risk. While every company is dependent on their devices to generate revenue, they also increase vulnerability to ransomware attacks costing an average $4.5 million and consume 34% of IT’s time and productivity. Keeping the corporate fleet securely up and running is top of mind for business leaders, and yet the job of management is becoming more difficult.

The burden of maintaining wireless technologies is more costly and complicated than traditional computers, because of the wide range of device types, operating systems, services, and applications that are unique to them. Consider cell phones and tablets, point-of-sale devices, wearable scanners in warehouses, diagnostic devices in healthcare facilities, and smart tags monitoring behavior and processes across a variety of industries. Most companies have thousands of wireless devices to manage, and that number can grow 10X for larger enterprises.

Trends in mobile-first strategies, remote work, artificial intelligence, and the Internet of Things (IoT) have more companies taking on responsibility for an ocean of devices and services.

Although these help companies digitally transform, devices create a mountain of IT and security work—not to mention expense. That explains why businesses are looking for standards to help them lighten the load.

Here are five best practices for managing your mobile strategy, the fleet itself, and the costs.

5 best practices for mobile device management

1. BYOD or corporate-owned: stay flexible in your device strategy

As mobile-first strategies have come under the spotlight, so too have the corporate policies around them. Bring Your Own Device (BYOD) approaches have increased in popularity due to their perceived low cost and convenience, but corporate-owned approaches are still common. So, which is better? Both have pros and cons:

BYOD Pros & Cons: Companies can save capital and employees value the freedom of this convenience (and the monetary reimbursements that come with it), but security concerns prevail.Corporate-Owned Pros & Cons: Corporate ownership brings more security and can streamline company-sanctioned applications but lacks in enabling remote work and creates an inflexible work environment making employees feel more controlled. 

Today’s dominant approach is to use BYOD for mobile phones and corporate ownership for laptops, but there is little confidence in it. Vanson Bourne research shows 81% of companies are considering changing their mobile strategy in the future. With best practices in the throes of change, there’s no right or wrong decision here. Executives are trying to balance the demands of mobile security with the needs of remote work and employee satisfaction, and it’s not easy. The best advice: Determine how well your current approach is working. Think of it as a trial run and consider what it would take to shift your stance.

2. Security & management: make fleet inventory the cornerstone of your approach

Security is a high priority concern when it comes to mobile, and security professionals are quick to tell you: “You can’t secure what you can’t see.” An accurate inventory makes observability and governance possible. Without a comprehensive list of connected devices, companies cannot ensure security coverage, applying mobile device management and unified endpoint management technologies that push updates to devices and help IT teams monitor and respond to security threats.

Most companies have a hard time keeping up with all those devices—and when phones get tossed into drawers as employees leave the company, who can blame them. It comes down to data cleanliness, requiring the resources to obtain information, track granular details, and inform decision making. When companies and their devices change daily, discipline and dedication are key to accuracy as are integrations and APIs that help automate inventory updates. 

Here are a few data fields every inventory should include:

Unique device identifierModel number, service type and operating systemSecurity requirements and unique applications installedStatus—active or inactiveCurrent owner and their locationAny accessories—case, screen protector, headset, etc.Vendor, service contract, and account numberAverage usage/cost per month or yearAssociated cost center or department  

3. Lifecycle management: don’t underestimate the duties of end-to-end administration

The range of responsibilities and ongoing work required for effective device management is grossly underestimated. Devices are often viewed as static assets, but management is not a set-it-and-forget-it activity. Instead, it’s a cyclical system. Successful mobile programs address the complete and repeated nature of the device lifecycle:

Planning: Needs assessment, contracts, procurement, configuration, deployment, activationManaging: Inventory, compliance, reporting, expenses, help desk supportRecycling: Repair and replace, decommissioning, reassignment

It’s easy to miscalculate the time investments necessary to address these ongoing needs. Analyst firm Nemertes finds that managing 500 devices requires three dedicated, full-time staff, and the skills are not as trivial as one might expect.

Challenges arise particularly when companies experience the high employee turnover rates—typical in today’s world. Complexity can also be an issue as IT teams must work across distributed dashboards and siloed systems. Cost optimization requires even more sophisticated information gathering and analysis. Standardized request forms and automated workflows can speed processes, as can mobile management services taking on all or part of the lifecycle.

4. Cost and ROI optimization: get to a fixed cost that makes budgeting easy

When it comes to maximizing return on investment for the mobile fleet, business leaders drive to two important goals. First: A low cost. Second: A fixed and predictable monthly cost that makes it easy to budget and forecast business needs. Getting there may warrant several of these key actions.

Lower Your Mobile Costs: Identifying cost savings requires a well-managed inventory of assets that never go unused and leveraging an expense management tool or service to quickly:

Compare your costs across the best prices in the industry.Compare invoices to usage, ensuring billing is accurate and late payments and fees are avoided—carrier-imposed surcharges continue to rise and have a material impact on costs.Evaluate your usage across tiered service plans, so you’re not overpaying for the unlimited data plan when a lower tier will do.Decouple the device hardware cost from the carrier’s monthly recurring charge—key in cost evaluation and contract negotiation.

Move from Capex to Opex: Device as a service (DaaS) providers can transition your ownership models to service models, so you can standardize costs and reach a predictable monthly price.

Forecast with Accuracy: Use historical data and predictive analytics to make data-driven estimates about future expenses.

5. Innovation: use emerging technology to automate mobile management 

Most companies recognize that they don’t have the ability to control, manage, and optimize their fleet without a set of advanced technologies. Leverage these innovations to eliminate much of the manual work required:  

Robotic process automation, bots, and workflow engines help accelerate processes in fulfilling orders, recycling assets, and paying invoices.Advanced analytics and artificial intelligence are key in auditing and normalizing complex data so you can benchmark industry-leading pricing, recognize unused resources, identify cost savings, and predict needs.Integration and a catalog of APIs with IT and financial applications as well as mobile providers and telecom carriers enable you to gain real-time insights, centralize data for accelerated decision making, and automate mobile services.Electronic data exchange is key in capturing and ingesting invoices, orders, and the latest pricing data from providers.

When relying on mobile management platforms for innovation, providers should also bring a level of industry intelligence gleaned from AI and advanced analytics. Whether they track a database of technology providers and their pricing, evaluate the way companies spend billions of dollars on technology, or leverage data to help clients with contract negotiations, they should be able to achieve business outcomes.

Keep Stepping Up Your Mobile Operational Excellence

An effort to simplify and optimize mobile management will drive operational excellence, and mature programs work first to maintain an accurate inventory, support security, and administer the complete device lifecycle. Taking programs to the next level means moving beyond asset management into expense management and innovation to further optimize mobile strategies.

If you’re just starting, focus on simplification by gaining visibility and streamlining manual processes. When you’re ready to advance, start leveraging emerging technologies to audit usage and align contract terms with payments. Reconciling usage and spend against terms is the secret to pinpointing inefficiencies and cost savings that make for the most well managed mobile fleet. 

To learn more about mobility management services, visit us here.  

Endpoint Protection, Master Data Management, Remote Access Security, Security, Security Infrastructure

Enterprises driving toward data-first modernization need to determine the optimal multicloud strategy, starting with which applications and data are best suited to migrate to cloud and what should remain in the core and at the edge.

A hybrid approach is clearly established as the optimal operating model of choice. A Flexera report found the shift to hybrid infrastructure supported by overwhelming numbers of survey respondents, with 89% of them opting for a multicloud strategy and 80% taking a hybrid approach that combines use of public as well as private clouds.

The shift toward hybrid IT has clear upsides, enabling organizations to choose the right solution for each task and workload, depending on criteria such as performance, security, compliance, and cost, among other factors. The challenge is that CIOs must apply a rigorous process and holistic assessment to determine the optimal data modernization strategy, given that there is no one-size-fits-all answer.

Many organizations set out on the modernization journey guided by the premise that cloud-first or cloud-only is the ultimate destination, only to find that the path is not appropriate for all data and workloads. “Directionally correct CIOs and the C-suite looked at the public cloud and liked the operating model: the pay-as-you-go, predefined services, the automation and orchestration, and the partner ecosystem all available to you,” says Rocco Lavista, worldwide vice president for HPE GreenLake sales and go-to-market. “Many tried to move their whole estate into public cloud, and what they found is that that doesn’t work for everything. It’s less about what application and data should go on public cloud and more about a continuum from the edge to core [in colocated or private data centers] to public cloud.”

Close to the Edge

There are several reasons why certain data and workloads need to remain at the edge, as opposed to transitioning to public cloud. Data gravity is perhaps the most significant arbiter of where to deploy workloads, particularly when there is a need to analyze massive amounts of data quickly — for example, with X-ray or MRI machines in a hospital setting, for quality assurance data from a manufacturing line, and even with data collected at point-of-sale systems in a retail setting. 

Artificial intelligence (AI) projects are another useful example. “Where I’ve seen AI projects fail is in trying to bring the massive amounts of data from where it’s created to the training model [in some public cloud] and get timely insights, versus taking the model and bringing it closer to where the data is created,” Lavista explains. “Here, there is a synergistic need between what is happening at the edge and the processing power required in real time to facilitate your business objectives.” 

Application entanglement presents another barrier keeping organizations from migrating some applications and data to cloud. Some legacy applications have been architected in a way that doesn’t allow pieces of functionality and data to be migrated to cloud easily; in other cases, making a wholesale migration is out of the question, for reasons related to cost and complexity. There are also workloads that don’t make economic sense to refactor from operating in a fixed environment to a variable cost-based architecture and others with specific regulatory or industry obligations tied to data sovereignty or privacy that prevent a holistic migration strategy in embrace of public cloud.

The HPE GreenLake Advantage

Given the importance of the edge in the data modernization strategy, HPE seeks to remove any uncertainty regarding where to deploy applications and data. The HPE GreenLake edge-to-cloud platform brings the desired cloud-based operating model and platform experience, but with consistent and secure data governance practices, starting at the edge and running all the way to public cloud. This can be applied across any industry — such as retail, banking, manufacturing, or healthcare — and regardless of where the workload resides.

HPE GreenLake with the managed service offering is inclusive of all public clouds, ensuring a consistent experience whether data and applications are deployed on AWS, Microsoft Azure, or Google Cloud Platform as part of a hybrid mix that encompasses cloud in concert with on-premises infrastructure in an internal data center or colocation facility.

“IT teams want a unified solution they can use to manage all technology needs, from infrastructure as a service (IaaS) to platform as a service (PaaS) and container as a service (CaaS), that drive automation and orchestration that are not snowflakes,” says Lavista. “HPE GreenLake provides that standard operating model from edge to core and all the way through to the public cloud.”

By aligning with HPE GreenLake solutions, IT organizations also free themselves of the day-to-day operations of running infrastructure to focus on delivering core capabilities for business users as well as DevOps teams. The HPE GreenLake team works with organizations to assess which workloads are a better fit for cloud or edge, by evaluating a variety of factors, including technical complexity, system dependencies, service-level agreement (SLA) requirements, and latency demands. For example, a quality control system on a manufacturing line might be better suited for an edge solution, due to the need to analyze data in volume and in near real time. But an AI application that could benefit from a facial recognition service might be better served by public cloud for such service, given the broad ecosystem of available third-party services that eliminate the need to re-create the wheel for every innovation. 

To ensure top performance, Lavista counsels companies to fully understand their core business objectives and to be pragmatic about their cloud migration goals so they avoid the trap of moving data and workloads simply because it’s the latest technology trend. “Understand your options based on where you are coming from,” he says. “If what you are looking for is to optimize the IT operating model, you can still get that without moving applications and data.”

For more information, visit https://www.hpe.com/us/en/solutions/edge.html

Hybrid Cloud