Recently, we have completed another large international IT project. This time our client was a company from Spain. What was the task of SNP?

Our Spanish partner needed comprehensive support in building the whole IT environment for their factory being launched in Poland. We acted as an integrator, providing all the IT solutions necessary for the plant organized from scratch to start its production operations.

As part of the project, we ensured the delivery, installation, configuration and deployment of all elements of the architecture — from the infrastructure (rack, UPS), through network elements (LAN, WAN, and SAN), servers (x86 and Oracle SPARC), arrays, a backup system to software licenses for all workstations.

You’ve mentioned a lot of elements. I conclude that the comprehensive IT implementation for a large factory was quite a difficult task.

After objectively assessing the complexity and scale of the built environment — one has to admit that it is complicated. It consists of a large variety of solutions selected to best meet the needs of the business. The key to the success of such an advanced implementation project is, however, a team of consultants with high competence and many years of experience, as well as a precise schedule. As a result, during the integration of all systems, even in such a complex environment, all elements “played" together at the right time and place.

Also the duration of the project is an indication of the planning precision. Excluding the time of waiting for the delivery of equipment, the entire implementation took use only a month to complete. The implementation in such a short time was made possible by the commitment of the team of more than a dozen people with all the competencies required for the successful completion of work.

I suppose that at the stage of selecting an integrator the Spaniards verified the performance potential of various service providers. What made them take the decision to start cooperation with SNP?

Yes, the main criteria for choosing an IT partner were the knowledge and experience of consultants. In addition, a decisive factor for our advantage was many years’ experience in various IT technologies gained in connection with the maintenance and development of SNP Data Centers. For the customer, this meant that we would carry out the implementation correctly not only in technical terms and in accordance with the documentation of producers, but that we would also propose the solutions that we applied themselves — based on our own experience — as good practices increasing the security and performance of the IT environment.

It should be here noted that the experience necessary for the project implementation covered, among others, HP servers and network devices, Oracle servers and tape drives, EMC VNX arrays, SANs built on the basis of Brocade devices, Checkpoint security devices, the Web BlueCoat security system, VMware and Oracle OVM virtualization, and finally McAfee systems (Intel Security) — the antispam and workstation protection system, as well as the Symantec NetBackup system.

The list of elements is long indeed. Does the customer have the competence to maintain such an extensive IT architecture on their own immediately after the completion of work?

The final stage of the project was the transfer of knowledge and the hand-over of as-built documentation. This provided the customer’s IT staff with the ability to take over the administration of the launched environment. Nevertheless, understanding the potential need to provide help with more complex reconfigurations or escalations in case of problems, we offered the customer the second line support provided by the SNP Outsourcing Center. Under this contract, we provide both proactive monitoring of systems as well as the response to the submitted questions, according to the agreed SLA. The combination of the competence of the local IT department and SNP guarantees the availability and performance of IT systems, which in turn determines the continuity of production.

So the whole cooperation with the customer goes beyond the classically understood implementation or integrator projects.

Yes it’s true. In IT systems, the support of the entire lifecycle of IT systems used by customers is equally important as their proper implementation. It is clear that any implemented solution must be adapted over time to changing business needs and new IT technologies — it is necessary to reconfigure, update it, or just periodically test its operation continuity plan. IT administrators usually have their hands full; they perform multiple tasks, mostly transparent to the business user.

Is this awareness that the IT system is “alive" and growing widespread?

Definitely yes. Customers fully understand that the implementation of a specific IT solution is not an end in itself. Most often it is a “trampoline" leading to a rapid increase in the effectiveness of the organization or the security of information processed. A well designed and implemented IT system quickly brings measurable benefits to the business, which often generates further needs and ideas to improve subsequent business processes or even entire business areas. Therefore, the continuous development is simply necessary, and it is certain that there will be changes.

Is it possible to specify the main directions of IT development followed by companies and organizations on the basis of projects carried out by SNP?

My experience shows that the leading area is the widely understood security. Both the security defined in the area of IT only and the security of entire organizations where IT tools play a key role. Here we can distinguish infrastructure projects, such as building a server room or modernizing an existing one, or implementing a backup data center in another location, optimizing the architecture of IT environments in terms of reliability and data protection, and the implementation of solutions that allow you to comprehensively manage the IT area — here it is worth mentioning monitoring systems and SIEM systems enabling the central analysis of events. The category of information security includes also the implementation of backup systems — both for workstations and servers — and the management of users and authorizations.

The strictly technical solutions which I mentioned are complemented by organizational audits, penetration testing, social engineering testing and consulting in the field of information security.

We have competence and many years of experience in all these areas.

Rafał Grześkowiak, IT Project Team Leader at SNP Poland

How do individual organizations choose priorities for the implementation of further IT projects?

I can see here an evolutionary approach — gradual maturation of the organization to pursuing more advanced needs, often combined with dynamic business development. What’s interesting — sometimes the changes are initiated by the IT department following the trends and familiar with the technical capabilities of the solutions available on the market; but more often it is the business that consciously defines its expectations towards IT and requires the translation of business needs into specific IT implementations.

A prelude to changes is usually an existing and well-functioning IT environment — both in terms of technical resources and staff competence. It provides favorable conditions to reflect on what could be done better — how to increase the reliability of systems or data security. An honestly performed analysis — preferably with participation of an external, objective auditor or consultant — enables conclusions to be drawn and priorities to be set for the implementation of changes.

And here we come to the point where each organization may consider a completely different aspect of the business to be its priority. In one case it may be a need to provide an above-standard level of availability of systems; in another — changing a backup system to a faster one; in some other — independent verification of security of IT systems; and in yet another — IT process organization, for example through the implementation of ISO 20000 or ISO 27001 standards.

And which of the mentioned issues is a priority in your opinion?

My answer will be a little evasive — the most important thing is to maintain balance. Although each organization has its own development priorities, we must remember that the whole IT environment is a system of connected vessels. Too much focus on one issue can cause adverse or even catastrophic effects in another, forgotten area. For example — even the best ERP system or a central corporate file server does not provide the organization with a sufficient level of data security without an effective backup system and periodic testing of recovery procedures.

IT services offered by SNP for the growing business
– Comprehensive IT implementations for new offices, branches, production plants
– IT environment security management (SIEM integration)
– Centralization of IT management and monitoring in geographically dispersed organizations
– IT architecture optimization
– Management of authorizations and users
– IT and business expert consulting
– Dedicated training and workshops for IT teams

 

We have talked about many aspects of building and developing IT environments. What are distinguishing features of SNP as far as the implementation of IT projects is concerned?

We combine broad technical and organizational competencies. As a result, we provide both engineering and business support. Our consultants are people with extensive experience in the implementation of projects and maintenance of IT systems, starting from a low-level infrastructure through to managing large databases and business applications. This allows us to take full responsibility for the results of our work — related to both audits and implementations. We have a total of several hundred technical certificates issued by the largest suppliers of IT solutions, covering a full range of issues — from designing a data center infrastructure to managing IT services.

Interviewed by: Mirosława Huk, SNP Poland