• With a focus on seamless sharing across domains, OpenText Documentum for Life Sciences 16.4 takes a giant leap forward

  

  When major acquisitions happen, market analysts, competitors, customers, and employees alike are watching closely to determine what’s next.

  In fact, employees like me were not terribly nervous when OpenText™ – a long-standing leader in enterprise content management – acquired Dell EMC’s Enterprise Content Division in January 2017. In fact, we assured our customers that OpenText would come through with flying colors. Now, with the release of OpenText™ Documentum 16.4, which extends to our industry-specific offerings for Life Sciences, that confidence has been confirmed.

  Documentum for Life Sciences 16.4 represents the investment OpenText has made in Documentum and the Life Sciences industry since the acquisition. We’ve made a strong effort to raise our game with this update, adding more new features and delivering more value than planned before the acquisitions.

  Let me first share a few highlights. This latest release improves upon the solution in four key ways:

  • Smoothing out the unification of processes by enabling seamless information sharing across domains and external partners
  • Supporting the management, tracking, and reconciling of printed documentation to reflect new data integrity guidance
  • Providing a dynamic security framework to manage content access that matches changing business needs
  • Packaging ICH-compliant rendering, annotations, and reporting for singular accountability from OpenText

  That’s a lot of efficiency gains packed into four bullet points. And efficiency is the most important aspect, because in Life Sciences today, there is more pressure than ever to increase productivity, which ultimately results in accelerating time to market.

  Seamless information sharing across domains

  This advantage is nothing new for OpenText; in fact, Documentum has been helping Life Sciences organizations improve their efficiency for some time. What is new, then? An even more sophisticated architecture with mapping of metadata for live linkage of documentation across domains. Because of the way Documentum for Life Sciences solution suite is architected, all suites in the solution interoperate – a single shared source for accurate, current regulated content.

  This is an enormous step forward. Now, instead of exporting digital document sets from one domain to the other, just to share them, and reimport to the next, the processes are unified. Clinical documents that must be included in regu­latory submissions are linked to both clinical and regulatory stakeholders. Similarly, relationships are created between quality and regulatory documentation to cover the full product lifecycle. As your product progresses through clinical trial toward commercialization, role-based access enables stakeholders to easily locate the most recent copy to comply with regulations.

  In the quality and manufacturing domain, the content set typically includes specifications that carefully establish parameters for drug efficacy and suitability for intended use, testing criteria, process validation, and reports related to investigation, audit, and training. With Documentum for Life Sciences, you can ensure consistency and maintain control over these documents from the moment they are created or enter the content management system. There is much less likelihood that research and development (R&D) data will be misinterpreted, production context left out, or past improvements undocumented.

  The overall result? Your organization can make great strides in overcoming the challenge of ensuring completeness, accuracy, and control in accordance with each phase of the drug lifecycle. You can let go of sharing documents the old way and adopt a single shared repository.

  Management, tracking, and reconciliation of printed documentation and batch records

  Documentum for Life Sciences 16.4 helps you meet new regulatory guidelines with full management, tracking, and reconciliation of printed documentation and batch records. This ensures data integrity and compliance with cGMP found in EMA and FDA guidance for the industry. There are configurable options to allow print restrictions based on status and document type, where each print and reprint will obtain a unique issued print number including electronic signatures to approve and reconcile items.

  Restricted content access with dynamic security

  The latest version of Documentum for Life Sciences encompasses dynamic security controls to restrict content access to a set of users in accordance with changing business needs. For example:

  • M&A activities may require temporary protection of acquired assets including product-related documentation.
  • Content for products developed with controlled / toxic substances need to be protected.
  • Clinical trials require content-blinding for the whole study or subsets of documents.
  • Financially sensitive or confidential documents must be restricted.
  • Safety information might require temporary or permanent protection.

  With the updated dynamic security framework, out-of-the-box Documentum for Life Sciences provides an open model that can easily be modified to fit your business needs. New access rules can be configured by authorized users and business administrators without IT assistance – another efficiency gain.

  Complete accountability from OpenText

  Documentum for Life Sciences solutions are built on content management and relied on the third-party technology for ancillary, yet necessary functionality such as annotations, rendering, and reporting. Taking advantage of OpenText’s vast portfolio, Documentum for Life Sciences 16.4 natively integrates with market-leading products to deliver ICH-compliant rendering, annotations, and reporting. As a single vendor, you can count on OpenText to deliver a complete solution with full accountability from end to end.

  A major update to reduce total cost of ownership and boost productivity

  Nearly every component in this new release has been updated. New tools and options simplify and reduce development and administration costs. Productivity tools help users to be more efficient in working with Documentum and stored content. enable users to access content and participate in associated workflows. Added integrations offer new capabilities to take advantage of OpenText technologies.

  Come to Enterprise World to see it for yourself, and register for the OpenText Live webcast to learn more.

  Robin Gellerman

  July 3, 2018

  Cloud, Content Services, Information Management, Life Sciences, Technologies

  clinical trials, cloud, cloud application, Compliance, Content, digital transformation, Documentum, Documentum for Life Sciences, ecd, ECM, enterprise content management, eTMF, Life sciences, manufacturing, OpenText, pharmaceutical, QM, Quality, quality documentation, regulatory professionals, regulatory submission documentation, regulatory submissions, user experience

• The benefits of site-to-site VPNs when moving to the cloud

  

  The Virtual Private Network (VPN) has been an important part of enterprise computing for many years. For many companies, it remains a key method to enable secure remote access to corporate network resources. Security has become the prime concern for organizations as they increasingly adopt cloud computing. Implementing a site-to-site VPN solution delivers a highly secure means to maintain control and access of corporate assets in a cloud environment. But what should you look for in a site-to-site VPN?

  Companies in every industry sector are moving rapidly towards the cloud. According to IDC, worldwide spending on public Cloud computing will be more than $160 billion by 2020—almost double the spending in 2017. Forbes suggests that 80% of all IT spending will be on Cloud solutions by 2019. However, data security and cyberattacks are a major concern when transitioning to the cloud.

  Every enterprise needs a secure way to transfer data between offices, among users and to share it with partner companies. A secure VPN solution is very often the best approach to achieve this in a cloud environment.

  TechTarget says: “The cloud computing infrastructure is comprised of hosts, servers and network transports. The multiplicity of devices and transports and the abstraction of management and trust require enterprises to layer security throughout to ensure data and connections are properly protected”. The publication states that VPN “is considered the most secure and can decrease vulnerability exposure”.

  The cost of data breaches

  As cloud computing increases, so does the concern about the security of the public cloud infrastructure. Forbes quotes research showing less than a quarter of organizations trust public clouds to keep their data secure. This is hardly surprising as the amount of reported data breaches explodes. In 2017, it’s estimated that over 99 billion records were exposed due to data breaches —data breaches in healthcare increased by 426% from the previous year.

  It is estimated that the average cost of a data breach will be over $150 million by 2020, with the global annual cost forecast to be $2.1 trillion. The financial cost is just one aspect of data breaches. Reputational damage can be worse and, in some cases, fatal. For example, the data breach at Nortel led to one of the world’s largest telecom companies closing.

  Business today relies on the fast and secure transmission of data within the organization, with remote workers and with trading partners and suppliers. An organization must ensure protection for vital corporate data and intellectual property while delivering the level of access to the right people at the right time. An enterprise site-to-site solution is ideally suited to this task.

  Why implement a site-to-site VPN?

  An enterprise site-to-site VPN allows offices anywhere in the world to establish secure connections with each other over a public network. This includes any number of branch offices connecting with head office as well as connecting one company with its partners and supply chain. In addition, a VPN also allows for user-to-office connection to easily enable remote working.

  The power of a VPN solution—such as the OpenText™ PositivePro—is its ability to combine the highest levels of security with ease-of-use and cost-efficiency.  Traditional remote access VPNs were designed to connect remote workers to the corporate office. They required that a VPN client was attached to every machine and all users had to have a little technical know-how to use the VPN. In some cases, the VPN server at the corporate office sat outside the firewall, making the system slightly more vulnerable.

  A site-to-site VPN resides on a server within the corporate firewall and removes the need for a VPN client on every server and device. The VPN solution creates a secure tunnel to the public Cloud that provides highly secure end-point connectivity that an authorized user can access via the browser-based device of their choice.

  5 key components of a site-to-site VPN

  Using an enterprise VPN lessons security concerns while decreasing costs and reducing administrative burden. So, what should you look for when considering a site-to-site VPN solution?

  1. Watertight security

  The VPN you select should provide the highest levels of security. Data must be protected at rest and in transit through comprehensive authentication, authorization and administration. It must be able to support key management and security policies and ensure that all relevant policies are applied before any connection is made.

  A VPN delivers sophisticated security controls that ensure that common Secure Socket Layer (SSL) traffic and other types of cyberattacks are simply ignored. If the data traffic does not have the correct authentication then it is immediately dropped from the network.

  2. Ease of operations

  The important aspect for any VPN is that the system must be highly secure but also deliver high performance and ease of use. Users should be able to access the network via a web browser interface. The best networks shield the end-user from much of the VPN complexity and automate much of the set-up process without the need for them to know about email or firewall protocols. This simplified operation also significantly reduces work for the support team.

  As the use of tablets and mobile devices becomes the primary way that many uses access the corporate network, the solution you select should be able to create a secure VPN connection with virtually any mobile device.

  In addition, a VPN managed service reduces a great deal of the administrative burden. Managing the remote side is virtually removed and you have centralized control over the complete network with a single infrastructure. A VPN affords a fast, easy and effective means to upgrade security policies and procedures while ensuring you always comply with the security regulations in the markets where you operate.

  3. Simple and secure scalability

  A VPN is incredibly scalable. It is easy to add a new user, site, office or partner company to the network. Without the need to add VPN clients to every new connection, it is fast and cost-effective to add more connections. If you need to relocate a remote office, it is almost pain and cost free to set up the new location.

  4. Business continuity

  Effective disaster recovery and business continuity are key for all businesses. Unplanned events such as power outages, natural disasters or terrorist attacks can impact your business. A VPN can deliver a high degree of remote access during an emergency. Connectivity to new devices or locations is easily reassigned so that employees can work from home or another office. In this way, you can minimize downtime and ensure productivity.

  5. Flexible deployment

  Using a VPN should allow you to deploy a solution for secure managed access in the way that best suits your business. OpenText PositivePro offers Cloud, hybrid Cloud, user access or full managed hosting.

  The benefits of a VPN managed service

  When organizations implement an on-premises solution, the VPN often becomes a pain point. The system can be costly to implement and maintain, and requires full time expertise to properly manage—especially where an enterprise is expanding. It is difficult to ensure that the VPN system remains current as upgrades and enhanced technologies appear.

  The answer for many companies is to move to fully managed hosting from a trusted service provider. This allows them to focus on their core business while the provider ensures they have the secure data connectivity they need to drive business agility. They have a single, scalable solution to connect all offices and partners throughout the world. The entire set-up, upgrade and change processes are handled by VPN experts that deliver reliable anytime, anywhere support.

  The best managed services providers can provide their own cloud infrastructure to deliver enhanced performance, security and scalability. For example, the OpenText PositivePro managed service is based on our own cloud to ensure that your exposure to the public cloud is kept to a minimum.

  To find out more about how a VPN can help secure your vital data, join us at OpenText Enterprise World 2018 for the Business Network session entitled, “BNX-110 Improve privacy & productivity with secure remote access for employees, partners & providers.” If you’d like to talk with someone today, simply complete the contact form beside this blog.

  Amy Perry

  July 2, 2018

  OpenText World, Security, Security, Technologies

  Business Network, cloud security, enterprise world 2018, security

• Choosing the right programming language for machine learning algorithms with Apache Spark

  

  When it comes to writing machine learning algorithms leveraging the Apache Spark framework, the data science community is fairly divided as to which language is best suited for writing programs and applications. As a widely used open source engine for performing in-memory large-scale data processing and machine learning computations, Apache Spark supports applications written in Scala, Python, Java, and R. The Spark engine itself is written in Scala.

  Often, the language of choice is decided by the level of comfort, expertise and prior experience of the developer. While this helps with rapid prototyping and development, in the long run it may not be the best choice for developing models based on the business problem being solved and the amount of data processing that would be needed.

  Here are a few key considerations to keep in mind before deciding on the language of choice for your machine learning application and modelling for the business problem at hand.

  Performance

  Java and Scala are compiled languages, wherein the code gets compiled to byte code first prior to execution. The Spark engine itself is written in Scala. Any code written in Scala runs natively on Java Virtual Machine (JVM).

  Python and R on the other hand are interpreted languages. The interpreter executes the program directly, translating each statement into a sequence of one or more subroutines, and then into another language for compiling to successfully run on a Java Virtual Machine (JVM).

  From a strictly performance perspective, the compiled languages (Java and Scala) provide better general performance than the interpreted languages (Python and R) in most cases. However, it would be prudent to profile the application at some point to determine if language is going to be a big factor, especially for small applications.

  Concurrency

  Concurrency means that a task is not finished until all the working threads and sub threads have completed processing. Thus, all the threads start and finish at the same time.

  As Scala runs on the Java Virtual Machine (JVM), it has full access to the JVM’s multi-threading capabilities. However, unlike Java, Scala is not just limited by default to the concept of Threads for achieving concurrency. There are other advanced options to achieve concurrency like Futures, and Actors too.

  Both Python and R on the other hand do not support true concurrency and multi-threading. Multi-threading can only run in parallel for some IO tasks, but can only run one at a time for CPU-bound multiple core tasks. Thus, there’s more overhead in managing memory and data processing tasks.

  Application Development

  From an ease of use perspective, for dynamically typed languages like Python and R, variable type checking happens at run time, allowing developers to quickly develop applications. Type checking is the process of verifying and enforcing the constraints of variables and data types. Statically typed languages, like Scala and Java perform type checking at compile time . However, refactoring and maintaining applications over a period is a lot easier with Scala and Java than Python and R.

  Java is verbose, meaning Java based applications would need a lot more lines of code to perform the same operations than Scala or Python or R. Additionally, Java does not support Read-Evaluate-Print-Loop making it impossible to use with popular data science tools like Jupyter Notebook.

  As Apache Spark is written in Scala, having a good knowledge of this can help developers understand and potentially extend what Spark does internally. Moreover, new upcoming features will initially have their APIs in Scala and Java. Python APIs usually evolve and get updated in the later versions.

  Learning Curve

  Scala, Python and Java are all object oriented and functional languages. R on the other hand is functional and procedural in nature.

  Python is more analytical oriented and is easier in terms of learning curve and ease of use. Python is less verbose and more readable (easier to understand syntax) than Scala or Java, making it ideal for those who don’t have much programming experience or expertise. Scala and Java are more engineering oriented and are ideal for those with a programming background, especially Java. R is developed with academics, statisticians and data science in mind, and is often used for data visualization and data plotting.

  Community Support

  This is one area where both Python, R and Java have a clear advantage over Scala.

  Python and R have a much more mature ecosystem with readily available out-of-the-box packages implementing most of the standard procedures and models that are already broadly adopted across various industries and academia.

  With its MLlib, GraphX and Spark Streaming libraries, Scala has made huge strides in making standard implementations available out-of-the-box. However, it still has some way to go before matching the maturity level like Python and R.

  Conclusion

  In the end it all depends on the problem you are trying to solve, prior experience, capabilities and the amount of data to be processing. Another consideration is whether you are building a quick prototype application or an enterprise wide application. Python offers quick prototyping and development, while Scala and Java are better choices for processing large data-sets and enterprise wide deployments. R is good for specific requirements that must be best addressed by R, or if you want to move an existing R environment in to Apache Spark platform.

  OpenText™ Magellan™ is a flexible artificial intelligence (AI) and analytics platform that combines machine learning, advanced analytics, and enterprise-grade business intelligence (BI) with the ability to acquire, merge, manage, and analyze structured and unstructured big data. The platform combines open source machine learning with advanced analytics, enterprise-grade BI, and capabilities to acquire, merge, manage and analyze Big Data and Big Content stored in your Enterprise Information Management (EIM) systems. Magellan enables machine-assisted decision making, automation, and business optimization.

  Learn how OpenText Magellan leverages Apache Spark to quickly deploy an enterprise wide AI and machine learning platform with out-of-the-box built in support for all these programming languages here.

  This post is part of an ongoing series on machine learning. Learn about how to get started or how to leverage Apache Spark for development.

  OpenText

  June 29, 2018

  Analytics, Aviator AI, Professional Services, Services, Technologies

  AI, Analytics, artificial intelligence, big data analytics, Data Architect, data governance, Data Science, Data Scientist, machine learning, magellan, ML, OpenText Magellan, OpenText Professional Services, Professional Services

• Better insights. Better decisions.

  

  The OpenText^™ team has spent the last year enriching the OpenText eDOCS user experience ꟷ giving users more choice and more flexibility in how they work. We’ve launched a new dashboard interface called eDOCS InfoCenter and a new mobile app ꟷ so users can work when and how they want ꟷ delivering better, faster service to their clients.

  With version 16.4 launch of OpenText Document Management, eDOCS Edition,  we’ve shifted our focus to the Document Management (DM) Administrator ꟷ providing tools for increased productivity and better decisions. Specifically, we’ve added a new Analytics tab to the eDOCS Management Studio, providing a standard set of reports with the following information:

  • Library usage – when the eDOCS library is used (number of active users; time-of-day usage)
  • User activity – which users are actively engaged (group, location) and what they are doing (viewing, editing, etc.)
  • Library contents – the current makeup of the eDOCS library (breakdown by file type, document type/classification)

  

  By understanding what’s inside your eDOCS library, how your users are engaging with it, and when they are active, you can make decisions to manage your work environment better. For example:

  • Looking to optimize your infrastructure? Identify groups of users and peak usage by location to ensure they have adequate bandwidth
  • Rolling out a new feature? Looking for user feedback? Identify your top users and get their opinion
  • Looking to reduce content classifications? Identify those that are not frequently used

  The list goes on, but you get the gist. There’s a lot you can do once you have the tools and the insights you need. And now you do!

  The new reports provided in eDOCS are powered by OpenText Information Hub, a highly-scalable analytics and data visualization platform. With this release, eDOCS DM customers receive a limited-use iHub license as part of their annual maintenance, so administrators can create their own dashboards and explore their eDOCS data even further.

  To learn more, visit our website or contact us today.

  Kris Mills

  June 29, 2018

  Analytics, Aviator AI, Technologies

  Analytics, enterprise content management, Information Management

• Give the people what they want: Better financial product recommendations

  

  One of the big advantages of doing business in a digital world is being able to make use of the data exhaust left by practically every action and interaction—from what a person buys on Amazon to what newspapers or magazines they read, who they’re Facebook-chatting with and what time they drove across the Golden Gate Bridge, as tracked by their RFID automated toll tag.

  Theoretically, a smart business could assemble all those pieces of information into detailed, individualized pictures of each customer and make predictions about their preferences and behavior.

  By doing so, that business could figure out “buying propensity”: the customer’s level of readiness to purchase something at the moment, as opposed to what the business finds most profitable to sell or is most eager to unload.

  You might think it would be easy to figure out, given the zettabytes of data pouring in, all kinds of clever targeting schemes to pick from, and nearly a century’s worth of research into demographics, psycho-graphics, behavioral economics and other approaches meant to get into the consumer’s head.

  The problem is, without intelligence, this data-rich approach doesn’t always work.

  Many offers are not just irrelevant to consumers, they may actually strike the wrong note. For example, romantic getaways for someone who just got divorced, or retirement community units to someone under 30. Or, the sheer number of offers could prompt the annoyed customer to delete them all, unread.

  Customizing financial services for a mass audience

  This challenge of understanding buying propensity is particularly acute for banks, investment firms, and similar financial organizations. They’re no longer just the province of wealth management, where a courtly, silver-haired gentleman would sit down at a walnut desk in a stately marble office with each client to discuss their individual needs and fiscal health. Today, an ever-growing proportion of the population has savings and investments, such as a retirement account, and could benefit from guidance on how to manage their money. But not everyone can afford a private financial advisor.

  Moreover, banks have their hands full. They’ve inserted themselves into so many lines of business, from home mortgages and credit-card protection to auto-paying utility bills and even retail shopping, that they have literally millions of potential combinations of offers, customers, times and channels to market—desktop, mobile, kiosk, partner site and more.

  In that deluge of data, it can be hard to decide which product offer to present to customers, and when to offer them. Some financial providers, frustrated by the difficulty of building an effective propensity model, default to a simple tactic that arbitrarily rotates offers at each new visit. But that’s leaving money on the table—and downgrading the customer experience.

  AI: When the machine learns from its mistakes

  Now there’s a smarter alternative, thanks to breakthroughs in machine learning—artificial intelligence-augmented product recommendation software. Not only is this kind of tool constantly sizing up consumers’ readiness to buy and displaying offers it thinks will interest them, it “learns” from its failures and successes.

  With AI-augmented financial recommendation intelligence, financial companies can mine not just a consumer’s past online activity, credit score and demographic profile, but behavior patterns of similar customers, retail partners’ purchase histories—even the unstructured data of a customer’s social media posts or comments they’ve made in customer support chats.

  It can keep score of the myriad of permutations of offers—headline, offer wording, size of the discount, the particular products displayed—like the world’s biggest A/B test. (Even abandoned orders can be a rich source of insight. They show that something attracted the customer initially, but then something else put them off, which the AI can tease out.) With every interaction the software observes, it gets smarter.

  AI-guided recommendations = ROI

  Here are some of the benefits a financial institution can realize from AI-enhanced product recommendations:
  • Higher “hit rate” on offers leading to stronger sales
  • Higher profits
  • Greater customer satisfaction
  • Better insight into larger customer preferences and buying trends to inform future product development
  • Lower administrative burden to evaluate and fine-tune offer models
  • Fewer complaints to customer service about offerings that miss the mark
  • Less customer churn
  • Improved competitive position

  Curious how AI-augmented financial product recommendations could work for you? Read this infographic, or click here to learn more about how intelligent recommendations could help your business.

  OpenText

  June 27, 2018

  Analytics, Aviator AI, Banking, Industries, Technologies

  AI, Analytics, artificial intelligence, Banking, Customer Experience, financial services, Industry, unstructured data

• Why the US Government eInvoicing mandate is positive for business

  

  Last year, the Office of Management and Budget (OMB) backed up its 2015 government eInvoicing mandate with a memo instructing all agencies to use eInvoicing to pay contractors by the end of fiscal year 2018. That deadline is rapidly approaching. If you supply the US federal government and want to continue to do so, you need to issue invoices electronically. This blog looks at what this means for your business and how you can benefit from eInvoicing.

  The US government is the largest purchaser of goods and services in the US. In 2016, for instance, this added up to $461 billion in federal government procurement contracts. The much-quoted figure is that the US government handles 19 million invoices each year, of which only 40% are electronic. The OMB estimates that moving to eInvoicing will save the government as much as $260 million each year.

  On issuing the memo, Dave Mader, Acting Deputy Director for Management at the OMB said that non-electronic invoice processes “provide little visibility to businesses and can result in tax dollars being used for late payment fees rather than to support critical agency missions”.

  It’s clear that, although implementation timelines may slip, the US government is committed to making eInvoicing compulsory for Business-to-Government (B2G) invoicing. It also sees this as a springboard to encourage the adoption of Business-to-Business (B2B) eInvoicing – with a view, you must expect, to mandating its use in the future.

  The benefits of eInvoicing

  While steady, the adoption of eInvoicing in the US has been slow – especially compared with other areas of the world. This is slightly surprising given that the benefits are clear and understood. Compared with paper-based payment processes, eInvoicing is faster, more accurate and far more cost effective. In fact, Billentis, the specialist eInvoicing consultancy, found that electronic invoice processes can result in savings of 60 to 80% compared to traditional paper-based processing.  The firm noted that: “Thanks to electronic and automated invoice processing, savings between 1 and 2% of turnover are realistic objectives”.

  In addition, eInvoicing allows for end-to-end processing of invoices between the supplier’s ERP or enterprise application in the accounts payables and automatically flow in to the ERP or business software of the buyer’s accounts receivables. This is a point emphasized by the Federal Reserve Bank of Minneapolis that stated: “E-Invoicing is an important part of an efficient financial supply chain, optimizing the end-to-end process of B2B transactions, as it links the internal processes of enterprises to payment systems. As a result, eInvoicing is a vital component of the overall goal of making the end-to-end process (procure-to-pay and order-to-cash) more efficient”.

  So, while meeting the government mandate may initially seem a hassle, it undoubtedly opens up a huge range of benefits to organizations to fully adopt the technology.

  As the US is slightly behind the curve on eInvoicing, it is worth very briefly looking at how it’s working in other regions.

  Lessons from the EU

  The European Union (EU) has always been seen as a leader in eInvoicing with 30 countries across Europe already using some form of electronic invoicing. Indeed, the EU government eInvoicing mandate requires that member countries define rules for electronic invoices in public procurement processes by November 2018.

  From an US perspective, another date in the EU’s adoption of eInvoicing may be more significant – 18 April 2019. That’s the date set for the EU to introduce an interoperable, common standard for all B2G trade in Europe. This eInvoicing standard has been designed to counteract the complexity of the wide variety of eInvoicing formats throughout Europe and facilitate cross-border trade in the EU.

  The US faces a very similar eInvoicing landscape where every agency could institute it’s own eInvoicing approach and this would be further complicated as state and local governments make the transition. The initial eInvoicing mandate certainly gave scope for this to happen. However, the OMB is following the EU in attempting to deliver a simplified, interoperable model. It is introducing a model where companies work through a Federal Shared Service Provider (FSSP) or an OMB-approved eInvoicing solution – both have to deliver seamless integration into the federal government’s Integrated Award Environment (IAE) system.

  While this is a positive step, a quick look at another region in the vanguard of eInvoicing introduces a note of caution.

  Lessons from Latin America

  Most Latin American government eInvoicing mandates are a means to tackle tax fraud. The results have been very impressive. The UN estimated in 2015 that VAT evasion alone costs Latin American governments as much as 37% of their total VAT take each year.  With eInvoicing, Brazil collected $58 billion in additional tax revenue in a single year, and Mexico saw a 34% VAT collection increase in a single quarter. It’s little surprise that eInvoicing has been so enthusiastically adopted in the region. However, although the eInvoicing systems are similar, there are significant differences between countries that mean, for organizations trading across Latin America, complying with a wide range of eInvoicing formats and requirements.

  More importantly, it’s instructive to see how eInvoicing has developed across Latin America. After the initial success with VAT fraud, countries in the region have moved quickly to extend the use of electronic document transfer into other business areas. Brazil, for example, has expanded it’s B2G mandates into accounting, inventory management and human resources. In addition countries including Mexico, Peru, Chile and Uruguay have extended their VAT and tax legislation.

  However, it is government eInvoicing mandates for B2B transactions that have made Latin American the world leader in the adoption in the technology. It is no wild extension of logic to say that the speedy transition from B2G to B2B transactions that has happened in Latin America will occur in the US – it’s already started in the EU with countries such as Italy mandating eInvoicing for B2B transactions.

  From B2G to B2B

  We know it’s no wild extension because the US government explicitly states that this is what they want to happen. The Federal Reserve says: “The argument is, if a private business supplier implements eInvoicing to address government requirements, they may well extend this implementation to other businesses they supply”.

  It is becoming more and more evident that governments want to see private business adopt eInvoicing with their business partners. And, they’d like for this to extend from invoicing into other areas of your business. We’re currently seeing the carrot – hey, you’re already using electronic invoicing for B2G, so why not B2B? – but, if the development of B2G is repeated, you can be quite sure that the stick – full mandate – won’t be too far behind.

  The eInvoicing challenge for global enterprises

  The eInvoicing challenge for global enterprises can be summed up by the extremely wide variety of eInvoicing formats and standards at play throughout the world. Even where real steps are being made to simplify and standardize – like the EU – history teaches that the eventual standard will be applied differently within different countries.

  This environment means that every global organization will need to be able to support a multi-format, multi-channel environment to practice effective eInvoicing. Add to this that eInvoicing standards are constantly changing and evolving, and you’re faced with a complexity that almost no company will be able to manage by itself. Working with a global eInvoicing service provider – such as OpenText™ – is likely to be far more attractive to ensure compliant eInvoicing processes in each country or region where you operate, as well as delivering the potential to quickly enter new territories as business requires.

  Learn more about eInvoicing.

  OpenText

  June 26, 2018

  Integration, Public Sector, Supply Chain, Technologies

  B2B Integration, Business Network, e-Invoicing

• Why Italy’s eInvoicing mandate could impact you

  

  In a previous blog, I looked at how governments are now driving eInvoicing adoption around the world. Now, Italy is set to be the first country in Europe to mandate eInvoicing for all B2G and B2B transactions. Regardless of whether or not you do business in Italy, this is a major development that will have implications for organizations everywhere. In this blog, I’ll explain why.

  January 2019 is the date the Italian government has set for all companies to use eInvoicing for all B2B transactions for the supply of goods and taxable services. To achieve this, Italy is moving to real-time tax reporting – often called the ‘clearance model’ – where all invoices are submitted to the tax authority prior to their issue to the supplier.

  By ensuring that invoices can’t be sent directly between buyer and seller, the clearance model allows the government or tax authority to control and authorize the transaction before and during the invoice exchange process. The advantages for government are clear: they can dramatically reduce tax fraud and increase revenue collection.

  Italy’s move sees the government attempting to emulate the successful clearance regimes in Latin America – especially Mexico and Brazil. It will be the first country in Europe to fully embrace this approach.

  Although Europe has been at the forefront of eInvoicing for many years – with eInvoicing becoming mandatory for B2G transactions in 2018 – it has adopted the ‘post-audit’ model where the buyer and seller exchange eInvoices and the tax authority conducts an audit after the transaction is completed. This model is vulnerable to fraud and corruption, leading to what has become known as the ‘VAT gap’.

  Closing the VAT gap

  The VAT gap is the gap between what a tax authority is owed and what it actually collects. And that gap is huge. In Europe, this gap is estimated to account of between $185-$310 billion each year. It’s thought that the global VAT gap may be as much as 30 percent of total global revenue.

  Italy has one of the largest VAT gaps in Europe, standing at around $42 billion in 2015. A quick glance at how other governments around the world were gaining visibility and transparency into invoice data would have convinced the Italian authorities of the benefits of this move. Mexico is an excellent example.

  Mexico: The exemplar of the clearance model

  Mexico is seen as a pioneer of eInvoicing and the clearance model – and with good reason. The immediate effects that the country has seen from moving to real time tax reporting is stunning. Today, the government handles over 10 billion eInvoices annually and has increased tax collection by 34%. The country reports that it has reduced the shadow economy by 4% and closed its VAT gap by an amount that is, astonishingly, equivalent to 21% of its annual budget.

  The clearance model makes this possible as it places the tax authority – or its agents – at the heart of the transaction. The government is now in a position to levy and enforce stringent fines, loss of trading privileges and even criminal prosecutions. Mexico, for example, is able to exclude suppliers from raising invoices. Effectively, they’re out of business until they comply.

  But, Mexico doesn’t just exemplify the benefits to the government, it also shines a light on how eInvoicing can transform business for private organizations. Mexico and Brazil have begun to work on ways to facilitate friction-less, cross-border trade. The concept is that, if the clearance systems in each country can talk to each other, the private companies attached to these systems will not need any customs documentation for these transaction.

  Mexico and Brazil have also begun a pilot to extend this approach to cross-border trade with Spain and Portugal.

  The rise and rise of the clearance model

  The announcement of the Italian government is only another step along the road towards worldwide adoption of the clearance model. Global eInvoicing compliance experts TrustWeaver suggest that, by 2025, it will be the norm for tax authorities across the globe. This is a trend of which all organizations have to be aware. Increasingly, you will have to be able to deliver compliant eInvoicing in all of your markets worldwide.

  That’s hugely complex as there is no such thing as a single clearance model. As TrustWeaver explains: ‘Clearance models continue to spread across the globe, with countries learning from each other but making local decisions, resulting in clearance flavors that add compliance complexity, especially for multi-national companies. But there is one common crucial enabler – confidence and reliance on electronic signatures as the only feasible mechanism for ensuring integrity and authenticity for real-time tax controls’.

  The pivotal role of the eInvoicing service provider

  The complexity of the clearance model means that it has always been envisaged that organizations would work with service providers to ensure the effective operation of the process. However, selecting the correct service provider is even more important today. More many countries, pure eInvoicing services are no longer enough. Government are beginning to demand support for additional documents, services and processes to gain even more control and visibility of all business transactions.

  Compliance may have to be considered not just at an eInvoicing but a complete supply chain level. The move to compliant eInvoicing – especially cross-border – should best be seen in the context of improving all your supply chain processes. Large multi-national companies require global service providers – such as OpenText™ – that can combine the experience of eInvoicing compliance in all your markets with services encompassing e-procurement, accounts payable and enterprise application integration into a single solution.

  Learn about how OpenText eInvoicing solutions can benefit your business.

  OpenText

  June 22, 2018

  Integration, Supply Chain, Technologies

  B2B Integration, Business Network, e-Invoicing

• The Identity of Things is here

  

  The massive growth of Internet of Things (IoT) devices is placing significantly increased focus on identity management. Forrester has suggested that, by 2022, there may be up to 100 times more IoT devices in the world than there are cellphones and laptops. In this hyper-connected digital world, security and accessibility are must-have foundations. Welcome to the Identity of Things (IDoT). Let’s look at why you’re going to need an identity platform for your IoT initiatives.

  Although slightly less optimistic, figures from Statistica estimate that there will be over 50 billion IoT connected devices globally by 2020 ꟷ almost double the number in 2017. Gartner predicts that, by 2020, there will be 215 trillion stable IoT connections, and 63 million new ones every second.

  The use of IoT brings real benefits to the organization implementing the devices and those benefits grow the more devices they connect. In their IoT Barometer 2017/8, Vodafone found that 26% of companies with under 100 connected devices reported significant business benefits from their IoT investments, which rose to 67% for organizations with over 50,000 devices.

  In addition, Vodafone found that organizations were integrating IoT closely with their business processes ꟷ 44% of respondents said IoT projects were part of wider initiatives and a further 46% reported integrating IoT with core systems such as ERP and CRM. As IoT becomes increasingly mission-critical in a wide range of industry sectors, organizations need a fresh approach to managing identity that moves beyond simple users to encompass all network entities ꟷ applications, systems, devices and things.

  ABI Research predicts that identity and management of IoT will be worth $21.5 billion by 2022, noting: ‘We are entering a transformational period where device IDs, system IDs, and user IDs are forced to merge under the hyper-connected IoT paradigms, effectively altering the way IDoT will be perceived from now on.’

  Just reading that sentence gives a great idea of the complexity that every organization faces as they increase their adoption of IoT technologies. However, the challenge starts with the devices themselves.

  IoT devices – The weakest link?

  No one really needs reminding of the security implications of IoT ꟷ the damage a hacker could achieve through compromising a connected vehicle, a copier connected to your corporate network, or even a medical device. The stakes are high and protecting an always-on IoT network is essential. Forrester points out that few IoT devices have been designed with security as a paramount consideration. This leaves enterprises vulnerable because IoT devices can act as a “back door” to the corporate network. Hackers can use the IoT devices connected to the network to launch major attacks on your company’s infrastructure and other resources. Once a vulnerability is identified and exploited, the cybercriminal can create botnets of IoT devices for the likes of denial of service attacks.

  Lack of sophisticated operating systems

  Forrester suggests that, in the drive to bring new devices to market, manufacturers can overlook the security of the operating system or firmware on the device. Devices like sensors are, by their nature, designed to conduct a specific discrete task so the operating system is going to be as limited as possible, lacking in security features especially authentication and cryptography. This appears an attractive opportunity for hackers.

  No input mechanisms for complex passwords

  Forrester also notes that almost any IoT device doesn’t have a keyword to enter a password. Let’s face it. If you have thousands or hundreds of thousands of IoT devices spread throughout your organization, you don’t want this to be your form of authentication. You need authentication at scale. This is a challenge as implementing multi-factor authentication ꟷ which you would employ for users ꟷ is going to be extremely difficult and probably inappropriate for IoT devices.

  Traditional identity and access management (IAM) technologies and methods are ill-suited to this IoT environment. You require a new approach to delivering the secure and robust technologies needed to provision, authenticate, authorize and audit the identities of IoT devices. More importantly, you need to be able to manage the relationships between those devices, your systems, your applications and your people.

  IDoT – A new identity management paradigm?

  As early as 2014, Ant Allen, Vice President of identity and access management at Gartner was warning that traditional IAM systems would be unable to cope with the proliferation of connected IoT devices because traditional authentication was based solely around the user and their access to applications and data. What Allen pointed out as an issue four years ago has become a pressing concern today.

  A new generation of identity management solutions such as OpenText™ Core Secure Access have developed to address the security and identitiy management needs of the new IoT-driven world. They address five key areas:

  The relationships of networked entities

  IAM can no longer be seen in the context of granting users ꟷ whether internal or external ꟷ access to network resources. You have to address all the devices, systems, people and things on the network. Each has multiple, multi-faceted relationships with other network entities. A device will communicate with other devices, end-users and applications. Every second there is a huge number of different relationships that have to be controlled, managed and secured.

  Multi-tiered authentication

  While most companies are moving beyond single sign-on and implementing multi-factor authentication for their people, this is unlikely to be the answer for device authentication. Many experts suggest that using the public key infrastructure (PKI) information already in the device will be the answer. Either way, you need to support multi-tiered authentication to govern relationships where different entities require different authentication methods.

  Identities and contextual access management

  We all know that security isn’t just about giving the right levels of access. It is equally about when and why access is granted. Just as you will want to grant temporary or real-time access for users, you will need to set limits for IoT devices and determine what is appropriate. This type of large-scale provisioning must be able to understand the context of what the device does and why it is making the request ꟷ and, even better, if the system can make a prediction or suggest an action based on a determination of a normal state of behavior (related: this is one direction we’re headed and I’ll save the topic of identities and artificial intelligence (AI) for a future blog). This is an enormous undertaking and IT teams will struggle to reach this point on their own, even with the right talent, funds and resources, and other vendors are still focused on identity management for new employee onboarding and not identities for IoT initiatives.

  Effective provisioning and de-provisioning

  I doubt there’s a security manager today that has not had sleepless nights worrying about orphan accounts. How do we ensure that all access rights are removed when someone leaves the company? This issue is multiplied horribly when dealing with a massive amount of disparate devices ꟷ potentially spread globally. You not only need to provision new identities to devices quickly ꟷ with the correct access rights, which means you also need a rules engine ꟷ but you also need to be able to de-provision them just as effectively.

  Delivering excellent user experience

  IAM in the IoT world is much more multi-layered and complex than previously, but the compromise between accessibility and usability is less acceptable now than ever. People are used to the Internet as a medium that brings almost instant results, and they expect that whether online shopping or working on the corporate network. Today, how you deliver excellent user experience must be at the heart of your IDoT system.

  The need for an IoT identity platform

  I want to take a step back for a second and look at Forrester’s definition of IAM for IoT: ‘A collection of existing and emerging technologies that allow manufacturers, operators and end users to manage the identity life cycle, governance and authentication of IoT devices’.

  This definition describes the current state of the market where there are many specialist solutions that address specific elements of the IDoT challenge. While excellent, these solutions require organizations to create an ecosystem of complementary solutions to address their overall requirements. It adds cost, complexity and management overhead to security and access in the IoT world.

  This situation, according to Philip Windley of Brigham University, won’t continue. He says, “All the communities that already identify IoT components will become more aware of each other and begin to collaborate on broader IoT identity platform standards.” In fact, this type of comprehensive, enterprise IoT identity platform already exists today.

  With the new generation of identity management platforms for IoT ꟷ such as OpenText Core Secure Access ꟷ you already have the capabilities to effectively manage all the entities on your IoT network and the relationships between them.

  If you’d like to know more about how an identity management platform can accelerate IoT success, this is a key topic at Enterprise World next month in Toronto. For a personalized and private meeting, please contact us through the website or email me directly.

  OpenText

  June 21, 2018

  Line of Business, News & Events, OpenText World, Supply Chain, Technologies

  Big Data, Business Network, Digital Supply Chain, digital transformation, IAM, IAM security, identity and access management, Information Management, internet of things, IoT

• Query Tuning with Vertica: Dos and Don’ts

  

  Query tuning in Vertica is not an exact science. Recommendations differ based on your database. This document assumes that all nodes in the cluster are UP, your Vertica configuration is ok, and that v*perf tools have been executed.

  The following diagram shows the query flow in Vertica:
  

  Vertica Optimizer

  Queries can be executed in many ways. The Vertica optimizer quickly finds the best way to execute a query. Vertica uses a cost-based optimizer. The cost model represents the costs as a function of the amount of data flowing through the plan. Each query plan alternative is associated with a cost that estimates the amount of resources Vertica needs to execute the query, including CPU, disk, memory and network. The query optimizer selects the plan with the lower costs, which is also usually the one that is faster.

  The query optimizer relies on statistics and heuristics to determine the execution plan costs, including the following:

  • Number of rows in the table
  • Cardinality of each column
  • Min/max values of each column
  • Values distribution histogram for each column
  • Column footprint
  • The access path with the fewest expected I/O operations and lowest CPU, memory, and network usage
  • Join types based on different projection choice
  • Join order
  • Predicates selectivity
  • Data redistribution algorithms across nodes in the cluster

  Do: Check the SQL

  Start by looking at the SQL itself. Try to reduce complications as much as possible. For example, this SQL with 5 nested function calls and two string concatenations can be reduced:
  to_char(YEAR_ISO(period_key)) ||'-W’|| lpad(to_char(WEEK_ISO(period_key)),2,'0')
  Replace it with 1 function call and no string concatenations:
  to_char(period_key, 'IYYY-"W"IW')
  Avoid passing UDx arguments. Instead, use parameters. Keep in mind that inequality predicates and OR operators are slow.

  Do: EXPLAIN Your Query

  The EXPLAIN plan describes how the optimizer would like to execute a query, before the query is actually executed. You should check the following:

  • GLOBAL RESEGMENTATION
  • BROADCAST
  • JOIN ORDER
  • JOIN TYPE
  • GBY TYPE
  • COSTs and ROWs
  • Projections being used
  • Columns being materialized

  Do: Update Statistics

  You should update your statistics:

  • After a consistent table load or update
  • After a table is altered
  • When a projection is refreshed

  You can also run ANALYZE_STATISTICS immediately before running your benchmark.

  Do: Run Your Query Using vsql

  Use vsql to run your perf test:
  $ vsql -AXtnqi -f query.sql -o /dev/null
  Axtnqi means:

  • Use unaligned output mode (A)
  • Do not run commands in the vsql initialization file (X)
  • Disable printing column names (tuples only) (t)
  • Disable command line editing (n)
  • Work quietly (q)
  • Print timing information (i)

  Do: Check QUERY_EVENTS

  QUERY_EVENTS contains very useful information generated during either the OPTIMIZATION or EXECUTION of event categories.

  Do: DDLs and Projections

  DDLs and projection definitions are some of the most important optimization techniques. DDLs are used to profile your data and ensure it uses the right data types. Consider replacing fat joining or grouping columns with slick integers. Also consider flattening tables to avoid or reduce joins. Take advantage of LAPs when possible.

  Avoid creating too many projections, because loads will be slower. Use the SEGMENTED BY clause to avoid resegmentation with either joins or GROUP BY. Each node should be able to group or join its own data without looking into other nodes.

  Use ORDER BY to influence the GROUP BY and join type:

  • Joins: projections are sorted on the joining column(s). You get a MERGE JOIN rather than a HASH JOIN. MERGE joins never spill to disk.
  • GROUP BY: if grouping columns are a subset of the ones in the SORT BY clause, you get a PIPELINED GROUP BY rather than a HASH GROUP BY. Pipelined GROUP BYs never spill to disk.

  Do: Profile Your Query

  The query profile provides very detailed information about each single operator used during the execution. Data profiling is available in the V_MONITOR.EXECUTION_ENGINE_PROFILE if you explicitly profiled the query. Even a simple query can easily produce thousands of EXECUTION_ENGINE_PROFILEs.

  The EXECUTION_ENGINE_PROFILE contains the following information:

Counters change from one operator to another.

Do: Update System Config (If needed)

You might want to change some system parameters to improve performance. Do this with caution.

Don’t: Underestimate Data Extraction

If your query returns a large result set, moving data to the client can take a lot of time. Redirecting client output to /dev/null still implies moving data to the client. Consider instead storing the result set in a LOCAL TEMPORARY TABLE.

Useful Queries

The following query checks the data distribution for a given table. This is often useful to look into a plan when no statistics are available:
select
projection_name, node_name, sum(row_count) as row_count, sum(used_bytes) as used_bytes, sum(wos_row_count) as wos_row_count, sum(wos_used_bytes) as wos_used_bytes, sum(ros_row_count) as ros_row_count, sum(ros_used_bytes) as ros_used_bytes, sum(ros_count) as ros_count
from
projection_storage
where
anchor_table_schema = :schema and
anchor_table_name = :table

group by 1, 2
order by 1, 2;

The following query shows the non-default configuration parameters:
SELECT
parameter_name, current_value, default_value, description
FROM v_monitor.configuration_parameters
WHERE current_value <> default_value
ORDER BY parameter_name;

The following query checks encoding and compression for a given table:
SELECT cs.projection_name, cs.column_name, sum(cs.row_count) as row_count, sum(cs.used_bytes) as used_bytes, max(pc.encoding_type) as encoding_type, max(cs.encodings) as encodings, max(cs.compressions) as compressions
FROM
column_storage cs
inner join projection_columns pc
on cs.column_id = pc.column_id
WHERE
anchor_table_schema = :schema and
anchor_table_name = :table
GROUP BY 1, 2
ORDER BY 1, 2;

The following will retrieve the EXPLAIN PLAN for a given query:
SELECT
path_line
FROM v_internal.dc_explain_plans
WHERE
transaction_id=:trxid and
statement_id=:stmtid
ORDER BY
path_id, path_line_index;

The following shows the resource acquisition for a given query:
SELECT
a.node_name, a.queue_entry_timestamp, a.acquisition_timestamp,
( a.acquisition_timestamp - a.queue_entry_timestamp ) AS queue_wait_time, a.pool_name, a.memory_inuse_kb as mem_kb, (b.reserved_extra_memory_b/1000)::integer as emem_kb, (a.memory_inuse_kb-b.reserved_extra_memory_b/1000)::integer AS rmem_kb, a.open_file_handle_count as fhc, a.thread_count as threads
FROM
v_monitor.resource_acquisitions a
inner join query_profiles b
on a.transaction_id = b.transaction_id
WHERE
a.transaction_id=:trxid and
a.statement_id=:stmtid
ORDER BY 1, 2;

The following gives query events for a given query:
SELECT event_timestamp, node_name, event_category, event_type, event_description, operator_name, path_id, event_details, suggested_action
FROM v_monitor.query_events
WHERE
transaction_id=:trxid and
statement_id=:stmtid
ORDER BY 1;

The following query shows transaction locks:
SELECT node_name,(time - start_time) as lock_wait, object_name, scope, result,description
FROM v_internal.dc_lock_attempts
WHERE
transaction_id = :trxid
;

The following query shows threads by profile operator:
SELECT node_name, path_id, operator_name, activity_id::varchar || ',' || baseplan_id::varchar || ',' || localplan_id::varchar as abl_id, count(distinct(operator_id)) as '#Threads'
FROM v_monitor.execution_engine_profiles
WHERE
transaction_id=:trxid and
statement_id=:stmtid
GROUP BY 1,2,3,4
ORDER BY 1,2,3,4;

The following query shows how you can retrieve the query execution report:
SELECT node_name , operator_name, path_id, round(sum(case counter_name when 'execution time (us)' then counter_value else null end)/1000,3.0) as exec_time_ms,
sum(case counter_name when 'estimated rows produced' then counter_value else null end ) as est_rows,
sum ( case counter_name when 'rows processed' then counter_value else null end ) as proc_rows,
sum ( case counter_name when 'rows produced' then counter_value else null end ) as prod_rows,
sum ( case counter_name when 'rle rows produced' then counter_value else null end ) as rle_pr_rows,
sum ( case counter_name when 'consumer stall (us)' then counter_value else null end ) as cstall_us,
sum ( case counter_name when 'producer stall (us)' then counter_value else null end ) as pstall_us,
round(sum(case counter_name when 'memory reserved (bytes)' then
counter_value else null end)/1000000,1.0) as mem_res_mb,
round(sum(case counter_name when 'memory allocated (bytes)' then
counter_value else null end )/1000000,1.0) as mem_all_mb
FROM v_monitor.execution_engine_profiles
WHERE transaction_id = :trxid and statement_id = :stmtid and counter_value/1000000 > 0
GROUP BY 1, 2, 3
ORDER BY
case when sum(case counter_name when 'execution time (us)' then counter_value else null end) is null then 1 else 0 end asc , 5 desc ;