Handling BI Modernization in Secure Environments

July 29, 2013
143 Views
ImageDuring BI modernization initiatives, we work with a variety of firms with differing security concerns.
 
Our fi

ImageDuring BI modernization initiatives, we work with a variety of firms with differing security concerns.
 
Our first step in our toll-gated DAPPER modernization methodology is to always perform a quick Legacy Assessment to evaluate the existing state of BI affairs. With this, we can better understand how we can automate its replacement and retirement.

Why do a Legacy Assessment? 

 
I like to say that with this simple step, you will spend a little to learn a lot.
 
You may already feel you have a good handle on your current legacy reporting environment. Unfortunately, I do not. Without a quick assessment, I cannot tell you how to save years and millions of dollars in converting the applications.
 
In just a short time, we can tell you: 
  • How big and difficult is this BI modernization initiative? 
  • Where are the pitfalls that could cause this project to fail? 
  • How much money and time will we have to spend to modernize? 
  • Should we really do it? 
  • If we do decide to proceed, what is the best course of action? 
 
Our quick assessment creates a digital profile of your legacy reporting applications. With that picture, not only can we analyze the current state but we can better predict the future state and decide how to get there easiest.

Security Concerns about a Legacy Assessment

The first security concern is always data. At no time during the Legacy Assessment do we access our client’s data; we only use legacy application code.
 
Many companies do not consider this source code to be highly secure and will transfer copies outside of their organization. We then need no access to the client’s network whatsoever and can perform all work on our external computers that have the BI Modernization installed.

Not all firms view source code this way. If you work for a financial institution such as a bank, a healthcare provider, or an insurance company, you may not be allowed to share legacy source code. 

 
For clients who do consider legacy source code to be secure and not allowed to leave their environment, we can split the BI Modernization Workbench processing between the client’s and our external computers. Unlike the scenario where we do all work remotely, we will now need access to the client’s network to perform the scanning and subsequent analysis. 
 
On the client’s computer, we install a small batch processing component that can read copies of the client’s legacy source code. We scan on the client’s computer and then transfers the results–load instructions of keyword counts–to the external BI Modernization Workbench computer. There, we will perform the subsequent processes of database loads and analysis.   
 
This model requires clients to agree that the scanning results are safe to copy externally to the BI Modernization Workbench. Prior to the Legacy Assessment, we can share examples to provide assurance of security compliance. These files basically contain only the names of legacy programs and associated keyword counts. 
 
Keep in mind that this model can cause the Legacy Assessment to take longer since we will not have easy access to the legacy source code while performing analysis on the external computer. Customizing the scanning module for a client could be difficult since the BI Modernization Workbench’s development environment will have no legacy code for testing.  

You may be wondering about a third option: just do everything within the client’s environment. If a client is secure enough that they will not transfer copies of legacy reporting code, then they are probably going to be adverse to having the entire stack of the BI Modernization Workbench installed on their network for use by external consultants.

Resource Concerns about a Legacy Assessment

Although not related to our topic of security, many firms are concerned that a Legacy Assessment might be resource intensive and their already over-worked technical staff will not have the time to devote to this engagement.

During a Legacy Assessment, we need very little time from the client’s staff over than assistance with setup, pointing us in the right direction, and answering occasional questions. 


Don’t Take the Hard Road

If you are converting legacy reporting tools such as SAP Business Objects, Crystal Reports, IBM Cognos, 4GLs (FOCUS, NOMAD, and RAMIS), or just plain old reporting tools to modern software products and want to do the initiative with the minimal time, cost, risk, and skill set requirements, contact me to discuss the best option.