VitAL Magazine - November-December 2010 by 31 Media

f ew m vi its e e pr ag e -p nc 16 re e nf co

vital Inspiration for the modern business Volume 4 : Issue 2 : November / December 2010

Closing the gap between business & IT Shifting the focus on to business benefits

The consumerisation of IT The changing face of IT in the workplace

IT governance Securing the IT estate

FEATURE FOCUS: SOFTWARE AS A CHOICE â&#x20AC;&#x201C; THE RISE OF SaaS: 28-31

leader

Stating the blindingly obvious Leader Y

esterday the Government of the UK published a report which put ‘cyber terrorism’ at the top of its list of security threats. About time perhaps, but as with any Governmental announcement these days, one can’t help pondering the timing... two days before massive cuts to the defence budget are due to be announced. While the timing does seem a little rum – and one can’t help wondering whether the authors were inspired by watching Bruce Willis tackle a rogue cyber security chief in Die Hard 4.0 when it was on TV the other week – it is reassuring to know that resources will be funnelled in this crucial direction even if it is only because it’s a cheap option compared to Joint Strike Fighters, aircraft carriers and updating Trident. One thing you can be certain of, somewhere out there someone is looking to hack and disrupt our IT-controlled utilities and financial system. It’s a scary thought but as we have seen of late it doesn’t take much to tip things over into chaos. So, perhaps I should shelve my cynicism and be thankful that – for whatever reason – the issue of cyber security has been placed at the top of the agenda. And on the subject of the cuts, it remains to be seen, as we go to press, how the cuts, to be announced tomorrow, will affect IT policy and spending in the public sector. Given that massive savings (£11 billion) were promised through the adoption of cloud, private cloud and various other best practise approaches it should be a no-brainer, but no one ever got rich over-estimating the agility and intelligence of central Government! I suspect the outcome will depend on how much up-front investment is needed to realise these projects. On to more uplifting matters... You can’t have failed to notice that this is a bumper 80-page issue of VitAL, packed with all the usual useful information and thought leadership as well as a preview of November’s itSMF conference and exhibition in London which promises to be a fantastic event. For the first time our company – 31 Media – will have a stand in the exhibition area, so feel free to drop in, we shouldn’t be hard to find on stand number A02. See you there

Matt Bailey, Editor

If you have any thoughts, feedback, or suggestions on how we can improve VitAL Magazine, please feel free to email me matthew.bailey@31media.co.uk

www.vital-mag.net

November / December 2010 : VitAL 1

Take Control of Business Service Management

The vision of InfraVision for Business Service Management.

Customers Services Request Man.

SLM

Service Support

Problem Man.

Change Man. Event Man.

Capacity Man.

Service Assurance

CMDB

Service Automation

Availability Man.

ALM Continuity Man.

The sure choice: InfraVision! InfraVision enables IT departments of large and mid-sized organisations, profit or non-profit, to run their IT department as a business; a business with a clear service portfolio for its customers, adding value to the core business of the organisation. InfraVision has many years of experience with ITIL; the reference framework for setting up management processes within a service organisation. Unlike any other company, InfraVision has proved to be capable of turning the ITIL theory into real best practice solutions for customers.

Service management | InfraVison delivers their services in the form of projects. This means that for you as a customer it is completely clear up-front what results will be achieved, what the deliverables of the project will be, which costs will be related to the project and what is the delivery time frame for the solution. When the solution is accepted you could choose to hand over the maintenance

Service Security Data Loss Prevention

Identity Man.

Risk & Vuln. Man.

and support of your environment to the support department of InfraVision. In our projects, we combine our thorough application knowledge with our broad know-how of ITIL and Service Management. As a consequence we have very high standards when selecting software vendors to work with. All of our vendors are leaders in their area of Customers expertise. Services

SLM With this â&#x20AC;&#x153;out-of-the-boxâ&#x20AC;? software Request we man. create tailor made solutions for you as our customer. When implementing Service Change these solutionsProblem we try to think out-of-the-box to create a man. Support man. project that fits your needs, budget and time frame. Capacity man.

Service Network & Service System management | The next step CMDB

Assurance Automation in your service organisation. Get proactive and more effiALM managecient by Availability integrating (existing) network and system man. ment tools in your service Service management tool. Identity man. Security

InfraVision Ltd. Delegate House, 30A Hart Street, Henley-on-Thames, Oxon, RG9 2AL T + 44 (0)1491 635340, F + 44 (0)1491 579835, info@infravision.com, www.infravision.com

contents

vital Inspiration for the modern business

f ew m vi its e e pr ag e -p nc 16 re e nf co

vital Inspiration for the modern business Volume 4 : Issue 2 : November / December 2010

Closing the gap between business & IT Shifting the focus on to business benefits

The consumerisation of IT The changing face of IT in the workplace

Contents 6 News The VitAL Cover Story

10 Closing the gap between business and IT Ivar Jacobson and Kurt Bittner Ivar Jacobson and Kurt Bittner of Sweden-based consultancy Ivar Jacobson International address the gap between the business and IT, offer solutions and note that the gap actually requires closing rather than bridging.

IT governance Securing the IT estate

VitAL Signs – Life in a world with IT FEATURE FOCUS: SOFTWARE AS A CHOICE – THE RISE OF SaaS: 28-31

Editor Matthew Bailey matthew.bailey@31media.co.uk Tel: +44 (0)203 056 4599 To advertise contact: Grant Farrell grant.farrell@31media.co.uk Tel: +44 (0)203 056 4598 Production & Design Toni Barrington toni.barrington@31media.co.uk Dean Cook dean.cook@31media.co.uk

15 Two Hopes, and one of them is dead Steve White Caught in the pincers of despair, Steve White is tackling problem management.

VitAL management

16 Can consumer attitudes really change the face of enterprise IT? Ferenc Szelenyi With the triumph of new portable IT and communications technology, Ferenc Szelenyi explores the growing consumerisation of IT in the workplace and explains how organisations can best position themselves to take advantage of this trend.

Editorial & Advertising Enquiries Tel: Fax: Email: Web:

+44 (0) 870 863 6930 +44 (0) 870 085 8837 info@31media.co.uk www.vital-mag.net

Printed by Pensord, Tram Road, Pontllanfraith, Blackwood. NP12 2YA © 2010 31 Media Limited. All rights reserved. VitAL Magazine is edited, designed, and published by 31 Media Limited. No part of VitAL Magazine may be reproduced, transmitted, stored electronically, distributed, or copied, in whole or part without the prior written consent of the publisher. A reprint service is available. Opinions expressed in this journal do not necessarily reflect those of the editor or VitAL Magazine or its publisher, 31 Media Limited. ISSN 1755-6465 Published by:

20 Could your data be the next Wiki Leaks headline? David Gibson What steps can IT professionals in charge of permission management of employee data access take to implement a formal data governance programme to ensure their confidential data isn’t making headlines? Dave Gibson has an action plan.

VitAL support

24 Time for the smaller picture Noel Bruton VitAL Magazine, Proud to be the UKCMG’s Official Publication ITIL® is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.S. Patent and Trademark Office.

VWe must focus on the detail of support delivery to fill in the gaps we had to l eave out while we were changing a whole industry. It’s time to see the smaller picture according to Noel Bruton.

Subscribing to VitAL Magazine VitAL Magazine is published six times per year for directors, department heads, and managers who are looking to improve the impact that IT implementation has on their customers and business. For a FREE annual subscription to VitAL Magazine please visit: www.vital-mag.net/subscribe November / December 2010 : VitAL 3

International

Introducing APMG-International’s Change Analyst qualification

Developed in response to market demand for practical, focused qualifications

■ Gain an understanding of the wider implications of Change within ITIL® service delivery, giving you the knowledge and confidence to authorize change initiatives.

■ Learn how to assess the potential benefits, risks, impacts, and costs of proposed changes and get advice on how to get approval to proceed with such changes.

■ Get credits towards your ITIL V3 Expert Qualification.

■ Gain practical knowledge based on industry good practice.

This course and examination is available only through our network of Accredited Training Organisations

www.apmg-uk.com www.apmg-international.com Tel: 01494 452 450 Tel: 01494 452 450

COntents

Contents VitAL management

VitAL interview

28 Software as a Choice – The rise of ITSM solutions via the SaaS model

44 The gold standard

Tony Probert Tony Probert defines and eliminates some of the confusion about Software as a Service and discovers that true SaaS is all about choice.

After 50 years serving industry as the ‘Gold Standard’ in organisational issue resolution, Kepner-Tregoe has chosen Operational and Service Excellence as its core vertical markets, which can only be good news for IT Service Management. Regular VitAL columnist and the company’s global application manager, Steve White explains their philosophy

VitAL planet

48 Why reuse is better than recycling 32 Protecting your network Arvind Benegal When dealing with the all too evident problem of network security, governance, risk and compliance (GRC) has cost US companies around $29.8 billion so far this year. Arvind Benegal shows how you can maximise security using GRC.

VitAL processes

36 Driving up customer satisfaction Kent County Council provides a text-book case study on improving customer service, measuring the benefit and securing public recognition for ITSM.

Reuse of functional IT equipment is the environmentally superior recovery option and this is before we consider the additional socioeconomic benefits it reaps. Computer Aid International collects, reconditions and distributes used computers to the developing world, here the charity explains why it believes reuse is the greenest option.

VitAL drive – IT hits the fairway

53 Victory for Europe Geraint Lewis As IT manager for the Professional Golfers’ Association, Geraint Lewis has recently returned from an intense few days at the Ryder Cup in South Wales.

54 Not my department? Murray Sherwood A recent survey by the green IT specialist Externus revealed that responsibility for green initiatives is unclear in many businesses. Murray Sherwood discusses the findings of the review and explains why it is essential that organisations define and implement companywide green IT strategies.

38 T en reasons why you might not fully implement ITIL Malcolm Fry If you are building a service that is fit for purpose you may not need all the ITIL components. ITIL guru Malcolm Fry says it’s OK to pick out the bits you really need.

VitAL eyes on

41 Scooby Doo Where Are You!

itSMF UK Conference Preview

Jonathan Westlake With Facebook Places it’s never been easier to get yourself or your business on the map. Jonathan Westlake reports.

42 Does my business really need to embrace ITSM and if so, why? matt bailey Following last month’s look at the transition from ITIL v2 to v3, Wardown Consulting director and acting CEO of itSMF UK, Rosemary Gurney tells VitAL why service management is crucial for the modern IT business.

www.vital-mag.net

Now it its 19th year, the itSMF UK Conference offers education, networking and an annual awards dinner all under one roof. This is VitAL’s 16 page in-depth preview of the top Service Management event of 2010.d.

64 Secret of my success After a career spent This issue, Dave Ramsden of Atrion Networking Corporation in the USA gives us the benefit of his experiences in the IT industry.

November / December 2010 : VitAL 5

news

Companies wasting millions on unused applications N ew research showing that eight out of ten IT professionals across Europe believe corporate networks are hosting unused applications and data has been published by Informatica Corporation. According to the research these inefficiencies are placing significant cost burdens on organisations in terms of IT resource, power and management time. In some cases, the expense is estimated to amount to more than e2 million per year. The problem is particularly pronounced for companies with more than 1,000 employees. Eighty-six percent of such IT professionals also said their IT systems would run more efficiently if these unused applications were removed. Findings from the same research, which surveyed more than 600 IT, sales and marketing professionals, also showed that 32 percent of companies surveyed across France, Germany and the UK give all employees’ access and amendment rights to a variety of corporate databases and the data contained within them. Despite this ‘open policy’ to information the research findings also demonstrated that

sales and marketing departments are prone to side-stepping the IT department when it comes to adding new software and applications to existing systems. “Through chaotic and inconsistent approaches to how data is managed across the enterprise, companies increasingly have to ‘mind the data gap’. This has an obvious impact on businesses’ ability to utilise what is

Support for VitAL Focus Groups

eading ITSM industry vendor Cherwell Software has been announced as the overall event sponsor for The VitAL Focus Groups which take place on 28th June 2011 at the Park Inn Hotel, Heathrow, and will focus on key strategies to help senior IT professionals map clearly defined paths and implement change to help their businesses be more effective as the UK economy grows. “It is a tremendously exciting time for the IT industry,” comments VitAL editor Matt Bailey. “With the economy growing again – albeit tentatively – the emphasis is still very much on cost reduction. IT outfits with their eyes on the ball should be convincing the powers that be in their organisations that IT is capable of delivering value when it is businessfocussed. The VitAL Focus Groups will help them in this quest.” In addition to overall event sponsor Cherwell Software, Hornbill, Pink Elephant, Kepner-Tregoe and Wardown Consulting have all added their support with many more leading vendors expected to participate in an event which promises to become a highlight of the IT management calendar.

vital focus groups

The VitAL Focus Groups will consist of fifteen syndicate rooms, each a forum to discuss a specialist subject for IT leaders. With some of the industry’s leading minds on hand to help facilitate and steer each session, we predict that the VitAL Focus Groups will quickly become a ‘must-attend’ event for anyone serious about IT in the modern environment. In addition to the syndicates there will be networking opportunities available as well as an exhibition area where delegates can interact with their peers and source the latest products and services. The VitAL Focus Groups are open to all professionals within the IT industry although complimentary places are limited to 120 and are offered to managers, directors, and board executives on a first come first served basis. www.vitalfocusgroups.com

6 VitAL : November / December 2010

arguably their most valued asset. If data exists ad hoc across the enterprise, but organisations can’t integrate it in order to generate a single view of their customers, then they’re missing out on significant market and revenue growth opportunities,” said Mark Seager, vice president technology EMEA at Informatica. “Companies must control their data, not the other way around.”

Now is the time to take the cloud seriously

he overwhelming majority of UK businesses believe that a move to cloud-based computing is one of the most important trends in IT over the next few years, according to research conducted by Cordys. The research, conducted at the recent Cloud World Forum in London, found that 59 percent of those questioned thought that the advent of the cloud was a pivotal issue for business. The same sample found also that: 17 percent had already migrated to a cloud model; 39 percent were actively implementing a cloud strategy; and 32 percent weres planning to implement one in the next six to 12 months. Peter Karsten, VP, UK sales, Cordys, stated: “There will be many ways in which the cloud will change businesses and the economy, most of them hard to predict, but one theme is already emerging. Businesses are becoming more like the technology itself: more adaptable, more interwoven and more specialised. These developments may not be new, but the advent of the cloud will speed them up. What is certain though is that business has to embrace change. That means the underlying business processes and operations must be both thorough and yet still quickly adaptable.”

www.vital-mag.net

news

Private cloud adoption now widespread

new survey has revealed much broader adoption of cloud computing than has been suggested by previous research, and shows accelerating momentum behind developing private cloud infrastructures. The research strongly suggests cloud computing – both public and private – will be an increasing part of the mix of resources deployed by enterprise IT organisations, and that companies are particularly interested in simplifying management across their integrated physical, virtual and cloud environments. Cloud adoption is a focus for many enterprise organisations – but the question remains, what is the best way to leverage the power of cloud computing, maximising efficiency gains and cost savings while

minimising risk? According to this survey by Harris Interactive, focused primarily on IT director and above at large enterprises organisations (2,500-20,000+ employees), 77 percent report using some form of cloud computing today, much higher than previously reported. “The survey results are telling,” said Jim Ebzery, senior vice president and general manager of Security, Management and Operating Platforms at Novell. “The path to public cloud computing needs to begin with the private cloud, learning to leverage the public cloud within the safety of the enterprise network. Despite these concerns, enterprises are moving forward with cloud computing -whether in a private cloud, public cloud or in a hybrid cloud environment. Based on the

market need for secure, compliant solutions to better manage applications in the cloud, Novell’s leading-edge WorkloadIQ products and solutions are well positioned to provide customers with the technology necessary to secure and manage cloud environments.”

Lunchtime surfing could cost more than £23 million per annum F

igures showing that UK SMEs are funding their employees’ lunchtime surfing habits to the tune of over £23 million per year have been released by Star. The figures, which are based on actual usage monitored from the managed services provider’s data centres serving more than 3,000 UK businesses, highlight that lunchtime is consistently the peak period for bandwidth usage. On average this lunchtime peak is 18 percent higher than any other time of the working day. Bandwidth usage per customer has been growing over the last year as bandwidth intensive applications like Internet TV, video conferencing and VoIP are becoming common place amongst SMEs. According to John Adey, COO at Star, “As ISPs are increasingly moving towards capping bandwidth utilisation for high volume users and offering different levels of service at different rates, companies will be forced to take a closer look at how their bandwidth is being used in order to ensure that they are not sizing their bandwidth capacity around non business usage.” According to Star, companies may now begin enforcing Acceptable Usage Policies (AUPs) to keep their usage within capped limits, so as not to incur extra charges. This approach may mean that employers start to prioritise certain types of traffic, ensuring that the chairman’s email isn’t slowed down by an employee catching up on last night’s episode of Eastenders on iPlayer. Adey believes that the move by service providers away from ‘all-youcan-eat’ pricing schemes – both in the business and consumer markets – towards charging more for high bandwidth users, will be a bitter pill for some companies to swallow. He continues, “In a society where, as consumers we have embraced a viewpoint that anything Internet-oriented should be free, it will be hard to accept higher pricing for internet access. Yet the fact remains that the cost of providing next generation services requires investment to provide the infrastructure and tools to deliver them efficiently, and someone has to foot the bill.” He adds, “As we see an increasing trend of SMEs in the UK moving to cloud based services, the need to manage the use of internet access will become ever more pressing. We believe that allowing employees

www.vital-mag.net

the freedom to use the web is vital to a well motivated and productive workforce but not at any cost. Like any other resource, there will be an increasing need for businesses to control and manage bandwidth or risk jeopardising the undoubted benefits that services delivered from the internet using ‘cloud’ technology can deliver.”

November / December 2010 : VitAL 7

news

Are you handicapping productivity with outdated technology? A

new study, “Digital Workplace Choices: Preparing for the 2020 Workplace,” reveals that UK employers are handicapping corporate productivity by failing to measure employee satisfaction of technology devices or whether they are even fit for business purpose. According to the research, most ‘millenials’ or ‘echo boomers’ in their 20s are more IT savvy than their Baby Boomer bosses, creating a generational divide of frustration around corporate devices issued to employees. Senior company management, boards of directors, as well as CIOs, are distancing themselves from workplace technology and tools. The majority of employers view ‘strategic IT’ as the large servers and enterprise IT infrastructure residing in their offices, rather than the small technology devices in employees’ hands. In doing so, they are not only hindering employee productivity, but also missing opportunities to make their own organisations more competitive. The author of the research, Dr Katy Ring, director, K2 Advisory, commented, “It’s almost become accepted that corporate laptops and mobile phones are standard issue clunky, outdated pieces of equipment. New styles of working mean new rules. IT should be consulting HR about specific job profiles and take a much more cross-functional and collaborative approach. The one size fits all approach to IT and personal IT devices is at odds with the way the digital workplace is evolving.

In many cases, employees know more than their bosses about what they need. The focus needs to be on end user productivity rather than a ‘use what you are given’ approach. As a result, we will see the emergence of more ‘digital allowances’ with employers giving staff a set amount of money to purchase a digital device, in the same way a company car allowance operates. While budgetary constraints will always be a key consideration, there is also a significant opportunity for CIOs to drive fundamental change across the organisation through both strategy and leadership.”

Computer Aid launches first café in Kenya

‘Smart IT’ the best way to motivate workers

n 15 October at 10am Kenyan time, the IT charity Computer Aid International launched its first solar powered Internet café in Kenya in conjunction with its longstanding Kenyan partners Computers For Schools Kenya (CFSK). The Internet café made its long journey from London to Nairobi in the guise of a standard 20ft shipping container – normally used to transport refurbished computers. On arrival the container converts into a fully functional Internet café for 11 users at a time. The café requires little power due to the thin client network, which includes 11 flat screen monitors that run off a single Pentium four PC. Six solar panels have been fitted on the roof enough to provide 12 hours’ worth of electricity every day. The panels will last up to 25 years. The container can be placed and used anywhere on the planet, with no mains electricity or wired connectivity needed. To function, the only requirements are power from the sun and internet access through cellular data connection, wifi or VSAT. Tony Roberts, CEO of Computer Aid, said: “the solar Internet café is an exciting new project for Computer Aid that enables us to reach even the most isolated rural 8 VitAL : November / December 2010

communities. Computer Aid is committed to removing the barriers to ICT access in developing countries. The solar powered Internet café is just one of a number of projects we are working on to provide ICT solutions for rural communities. We are planning to set up several more solar Internet cafés in sub-Saharan Africa over the coming year, and we’re keen for sponsors to get involved and help us expand this solution that illustrates commitment to social development and the environment.” See Computer Aid’s reasons why reuse is better than recycling on page 48 of this issue.

survey of over a thousand office workers has found that over half of people think that smart IT is having secure access to the things they need when they need them, 31 percent think it is technology that lets them collaborate with customers and partners and just 18 percent think it is the latest smart device like a smart phone or laptop. When asked what is more important to help you do your job better 35 percent said a new desk top, 57 percent a laptop, 21 percent wanted a Smartphone and one percent an iPad. However 61 percent said that they would be incentivised by being given a smart phone or new PC. Denise Plumpton director of 360°IT comments: “It’s clear from the survey that smart IT means many different things to different people and this is probably related to the way they use their IT and whether it’s for work or pleasure. Most interesting is that only a small proportion thinks that a new smart device counts as Smart IT whereas a significant majority would feel incentivised by being given one.” One in ten workers said that they are not given the right IT tools to make their jobs run smoothly, whilst the majority of workers were happy with their IT. One in ten said that their IT at work made their job harder and less productive compared to the majority how said that IT made their jobs easier. When asked what technology they would prefer to have at work 72 percent wanted smooth running IT infrastructure that works, 31 percent wanted technology that enabled them to collaborate and nine percent wanted the latest ‘IT gizmo’ that makes the right impression to their peers. www.vital-mag.net

Cherwell. The service desk solution that sets you free to deliver service excellence The complete Service Management solution EMISE PR

Set yourself free of that legacy system, contact us today on 01793 858181 or visit www.cherwellsoftware.com

ic e

c ho r u o y It s’

No matter how hard you try, do your legacy systems just keep holding you back? Cherwell is the service desk solution that can really improve your performance and productivity. Offering true enterprise capability, it is easy to deploy, simple to manage and delivers ITIL best practice straight ‘out-of-the-box’. Built on a .NET framework with Web 2.0 technology, it is more powerful, customisable, scalable and cost effective than other comparable solutions. Our unique CBAT platform empowers customers to customise, configure and develop the system without the need for programming resources. Cherwell offers the solution that will help you to truly deliver service excellence.

DEM

Innovative Technology Built on Yesterday’s Values

cover story

Closing the gap between business and IT Ivar Jacobson and Kurt Bittner of Sweden-based consultancy Ivar Jacobson International address the gap between the business and IT and note that it requires closing and not bridging. Ivar Jacobson

Kurt Bittner

rom the time that computers were first applied to solving a business problem more than 50 years ago, there has been a communication gap between business and IT. For almost as long we have sought solutions, but the gap has only grown wider until it is now a chasm that needs a fairly substantial bridge. From the business you may hear “we have no confidence in IT’s ability to deliver useful solutions”, or “we have limited visibility of progress, risks and problems”, and “we don’t know how we should measure the value of our investments in IT.” From IT you may hear that “they (the business) don’t fund the projects adequately”, or “they don’t know

10 VitAL : November / December 2010

what they need”, or “they don’t know what is possible to develop”. Each side feels the other is responsible for the problem. And, you know, both are right. Over the years many things have been tried to close the gap, from the one extreme to another. Some have viewed the gap as a soft problem: if only business and IT could collaborate better and learn from one another the problem would be solved. Improvements in communication and sensitivity training were tried, but still the gap grew. At the other extreme people have tried to apply engineering approaches to the problem, assuming that rigor would succeed where informal communication has failed. The result www.vital-mag.net

cover story

was usually a formal business process model, understandable only by its creators who were typically IT people. This usually made the business people feel ignorant and annoyed, and the gap grew wider. So we know what doesn’t work - let’s try something different! Our view is that the solution lies somewhere in the middle. Starting with the end in mind, what everyone wants is an executable solution that supports and improves the ability of the business to succeed. That end is often forgotten, but no one wins if it is not achieved. All of the document sign-offs and hand-offs and other techniques to ensure accountability and transfer responsibility mean nothing if business results do not improve. It has been said that a sign of insanity is doing the same thing time and again and expecting different results. We have ample proof that traditional approaches like writing and approving a comprehensive requirements document and then ‘throwing it over the wall’ to be implemented does not produce good results. It is beyond human ability to specify all requirements upfront. But let’s go beyond that to the real heart of the matter - the very nature of the business-IT relationship.

The broken business model for IT The dominant model in IT to date has been to think of IT as an internal ‘supplier’ to the business, with the business as the ‘customer’. This model is at the heart of the problem. The reality is that IT is not a supplier. If it were a supplier, it would be free to pursue other business if it did not find the terms the business offered attractive - and in most cases, the terms the business offers are unattractive: the business typically dictates cost and schedule and features. Or rather it tries to - it usually dictates the cost and the schedule but lets the features pile on so that the initial cost, usually unachievable, becomes burdened with extra features (‘usually irrelevant’) so that the original cost and schedule are guaranteed to be unachievable. If IT is not a supplier, then neither is the business the customer. If it were a customer it would be free to source services from any supplier, and it often tries to do so. The reality is that most suppliers would not accept the terms that the business imposes on its own IT organisation: fixed cost and schedule and thoroughly variable scope. The business wants, and has been allowed to believe it is reasonable to demand, the ability to endlessly change its mind, or at least to be imprecise www.vital-mag.net

about what it really needs without bearing the cost. It should be obvious to anyone familiar with the situation that the current model does not work, and has never worked. We need to approach the problem in a different way!

Starting with the end in mind, what everyone wants is an executable

Playing together to win Let’s consider a proven model for working together as a team to win. A soccer team has specific positions with specialised skills: goalkeeper, defender, forward etc. Despite the specialisation, anyone can kick the ball, including the goalkeeper. If we look at business and IT as a single team (let’s call this the Solution Team) we also have many kinds of specialists: people with knowledge of business processes and resources of various kinds (human, machines etc), people with knowledge of how to understand needs and devise solutions. All of these specialties are essential to deliver the best solution, but everyone must collaborate and work as one team for everyone to be successful. On a soccer team everyone must also understand the basic rules of the game in order to contribute to winning. On the Solution Team everyone must know how to play the ‘game’ of software development for the team to win. Business people especially need to understand how to participate in the development effort by communicating the essence of business processes and the outcomes the business needs to achieve. Working together, then, the Solution Team (which includes the business) explores different ways the outcomes can be achieved and together agrees on how to move ahead. One of the reasons for the business-IT gap is that typically the business is expected to define detailed requirements (which are really specifications for a solution) when they are poorly equipped to understand how technology can be creatively applied to deliver the end result that needs to be achieved. This causes everyone to lose focus on the real problems to be solved. By being clearer about the outcomes that the business wants to achieve it is possible for the whole team to have a clearer focus on what must be done. This does not mean that there is not a role for requirements and other specifications - there is, but as a record of the agreements made within the team. These agreements can be as formal or as informal as the team collectively agrees, as they serve mainly as a convenient way to document discussions, not as a comprehensive communication mechanism.

solution that supports and improves the ability of the business to succeed. That end is often forgotten, but no one wins if it is not achieved. All of the document sign-offs and hand-offs and other techniques to ensure accountability and transfer responsibility mean nothing if business results do not improve.

November / December 2010 : VitAL 11

cover story

This means that everyone, including and especially the IT team members, needs to understand business goals, strategies and business processes. Business and IT need to both change and learn new skills so that they can, despite their different backgrounds and perspectives, join together as one team working toward a single goal: to deliver creative solutions that create business value. This means that business people need to gradually come to better understand what technology can do for them, and technology people need to gradually come to understand how the business works so that they can devise creative solutions. In order to reach this goal the team needs to agree on a way of working and on the practices they think they need to solve the problem at hand. By working together as one team, business and IT will win together.

Challenges in getting business and IT to play on the same team It’s nice to talk about business and IT playing on one team, but the reality today is that if they were a soccer team they would probably not win many, if any, games. Extending the soccer analogy, the business often acts like the absentee owner who wants the team to win but does not really want to take the time to be directly involved. Instead they try to micro-manage from a distance, demanding a detailed play-by-play plan for who is going to score and when, and they berate the team for not adhering to the plan. They will say that they will provide players (business representatives and product owners) but the players they assign are usually absent because they are too busy doing other things. As the team owner, they also don’t want to spend too much to hire the best players and coaches, but they still want to win against teams that are willing to spend more. But IT is often not any better. Instead of providing convincing proof that the team is making progress, they hide behind detailed play-books and technical jargon. They claim they cannot win unless they get the best kits, and a nice practice field, and the best shoes, and a new stadium. They spend lots of time coming up with new strategies and playbooks and little time on the field actually practicing. They require the owners to review 12 VitAL : November / December 2010

and sign-off on all plays, and if a play does not work they blame the owner for not providing good feedback. Here is what often happens: 1. The business often wants to dictate, or at least lock-in, the cost and schedule even before they really understand what they really need or what problem they are solving. 2. The business is rarely accountable for the business benefits claimed in the business case. Business cases are often ‘rigged’ to justify a project that the business wants to do – but the project team is held accountable for cost and schedule estimates based on an often poorly conceived ‘wish list’ of features, and on the ‘overly optimistic’ business case. 3. The business often feels that anything less than meeting all their initial expectations, no matter how poorly understood or unrealistic, is a failure. 4. The business often is unclear about its real needs, and tends to demand a lot of things that it does not really need and that never get used. 5. When they do change their mind about what they want or need, they rarely adjust the original cost and schedule. 6. The business is often not willing to invest time in better understanding their needs because that will take too much time, and yet failure to deliver will be considered IT’s failure. 7. The business is often not willing to provide access to the most knowledgeable people because they are considered too valuable to take away from their regular jobs, even though the project cost is great and the need for success even greater. 8. The business often regards IT as a commodity skill that they can outsource to the lowest cost provider. They do not value IT professionals who actually understand their business and they are often not willing to invest in developing the IT organisation as a strategic resource. But IT is not a blameless victim in this game: 1. IT usually accepts the situation, feeling that they are powerless to do anything about it. Even when they know they cannot provide estimates of cost and schedule with only a vague understanding of the needs,

they provide one anyway, and this ‘vague estimate’ becomes the measure against which the project is held accountable, even when it is a poorly-informed guess. 2. IT managers often think that people are interchangeable, that a good process can compensate for lack of skills and experience, that teams and teamwork are not important, and that success means delivering what the business asks for as opposed to what they really need. 3. They often measure the wrong things rather than whether processes have become better and whether the customer is happier. 4. IT’s engagement often tends to be lowlevel, not strategic, focusing on ‘cool technology’ that is poorly connected to business benefits. They are not trusted by the business to contribute as strategic problem solvers, mainly because they have not demonstrated that they really understand the business and how to apply technology to creating business value. They wait for the business to tell them what to do, rather than proposing solutions. 5. The technology itself is immature and not well understood, and decisions are often driven by fads and the desire to ‘play with the latest technology’. This results in systems that age badly and often need replacement only a decade after their original deployment. 6. And finally, the IT team members often do not respect each other’s contributions. Given these challenges, it would seem impossible to get business and IT to work together. Is there really a simple way to break down these barriers to really working as one team? Yes, and no. Some of the changes are simple in concept but hard to put into practice. Other changes require a fundamental re-thinking of the relationship between the business and IT and will take changes in the cultures of both organizations.

Ten fundamental steps you need to take to get started As noted above, the first step is to fundamentally rethink the relationship between business and IT, and to change the relationship from being based on a ‘customer-supplier’ model to one in which business and IT are one team working toward one goal. The journey will www.vital-mag.net

Capacity and Performance Management Training Capacitas's training service offers the customer a number of ways to learn new skills and techniques. Training courses and workshops can be run at the customer's premises or at Capacitas's training centre in Central London. Student-centred, tutor-led learning We are aware that different people learn in different ways so our tutoring methods cater for all types of student learning styles. We not only teach using the traditional lecturing style but facilitate learning by way of Group Discussion; Team Exercises; Simulations; and Practical Case Studies. Our tutors are all experienced in the field of capacity and performance management and bring this practical experience to the classroom. Check our website for information on our training courses and workshops. Design your own course We realise that capacity and performance management is a broad discipline and everybody's knowledge and experience is different, therefore we allow our customers to design their own personal training course by choosing relevant modules from our existing courses. Submit an online enquiry for a custom training course. We can come to you If you'd rather not come to our central London training centre then we can come to you. You can save money by booking an on-site course. Use our online service and obtain an instant quotation for an on-site course. Save costs Once you've found the right training courses make sure that you can make the most of it and save money at the same time. Capacitas offer discounts for booking more than one attendee on the same course as well as if a selection of courses are booked at the same time. Submit a training enquiry via our website for block bookings. Personal Development Programme Capacitas offers an extensive range of courses to suit everyone from novices to practitioners to managers. You can plan to undertake an integrated set of courses over a particular time period to get the training that you need. By ordering multiple courses for the same trainee you can save money. Submit an enquiry via our website for a Personal Development Programme. Accreditation Programme Cement your learning by taking part in the Capacitas accreditation programme. Students can sit a multiple choice examination based on their training course, supported by an optional tutorial, to lead them to Capacitas accreditation. Students can be accredited to Foundation, Practitioner, Advanced Practitioner or Manager level. Find out more about the Capacitas Accreditation Programme on our website.

+ Prince Consort House 109-111 Farringdon Road London EC1R 3BW 8 www.capacitas.co.uk enquire@capacitas.co.uk ) 020 7841 9950

cover story

be neither easy nor short, but there are some things you can do to get started. Most fundamentally, you need to recognise that the problems are deeply rooted in, and protected by, an IT management approach that has come to be accepted as “simply the way it is”. In order to change the ‘IT as Supplier’ model, you will need to create cross-cutting solution teams with members from both the business units and IT. Each contributes essential and unique skills and perspectives without which success is impossible. Unfortunately we have created a model that tries to minimise collaboration, and a culture in which business people seek to minimise interaction with IT instead of looking for opportunities to create value through creative application of technology to business problems. There are a number of things you can do to start the necessary transformation: 1. Choose a technically competent CIO who understands and is respected by the business leaders, a CIO who can instil in these business leaders an appreciation of the value of modern technology, a CIO who can lead with enthusiasm, inspiration and passion. Giving such a leader a significant seat at the executive management table will help to establish an organisational appreciation of the potential for technology to enhance the creation of business value. 2. Fund IT-related projects directly from the business’ budget, rather than from a centralized ‘pool’ for all IT projects. Doing so has an immediate tendency to increase the attention paid to IT projects by the business – it is now their money that is being spent, not ‘IT’s money’ – and this creates a direct connection between cost and what the Business asks for. 3. Charge the business for the fully allocated cost of operating their applications, including maintenance. Today these costs tend to be buried in IT overhead, rendering it hard to see when an application is aging badly and costing more to support. Often the business only sees the cost of new development, which is usually less than a quarter of all IT costs. The result of this 14 VitAL : November / December 2010

is that the true cost of ownership, and therefore the cost of not modernising, is hidden, often leading to poor investment decisions. 4. Prioritise the projects based on the business value that they will deliver over their planned lifetime, considering the full lifecycle costs and benefits not simply the initial costs and benefits. Most project funding requests fail to consider the long-term costs and benefits of applications, resulting in unfunded longterm support costs. 5. Let IT and business collaborate during the chartering of projects to define the problems to solve, or the goals that are to be reached, and to work together to find creative technical solutions to these problems, stimulating innovation. Today, too often, the Business requests or demands a solution based on a limited understanding of what could be done, and often based on an incomplete or flawed understanding of the problems that need to be solved and the goals to be met. Working together, with a focus on really understanding what is needed and what can be done to meet those needs, better solutions can be devised. Only then should projects be funded and chartered. 6. Once a project is chartered, select a project lead from the business - someone who really understands the business and its needs, who can assemble the right team members to deliver the right solution. Some of these will come from the business and others from IT. Resources should be brought together from different organisations into a single cross-functional team, focused on delivering business value – and measured against their success in delivering that business value. Once the project is under way, ensure that both Business and IT participate in the development project as if the business depended on it – which it should if the project is worth doing. This does not mean that project team members cannot have other commitments (everyone does), but that commitments to the project need to be negotiated and honoured, or someone else should be assigned.

7. Measure the performance of the project against the goals established in the business case, and hold the team, with representatives from both Business and IT, accountable for these results. When you publish internal progress measures, always present them in business terms. 8. Recruit and promote IT leaders who have business sense, that is, who understand the business and have a proven track record for delivering innovative solutions. In the business units, recruit and promote people who can create value by solving problems using innovative applications of technology. 9. Promote IT discussions that value communication in business terms and not in technology terms by continually focusing the discussion on how technical solutions will create business value. Stimulate cooperation and collaboration between IT and business by ensuring that representatives of both speak with one voice and avoid one-way ‘monologues’. Apply practices that get business and IT to collaborate and which, if correctly performed, result in measurable success.

Fixing what’s broken This is not all that needs to be done, but it is a start. The broken relationship between business and IT has been years, even decades, in the making, and it will take a long time and focused effort to fix the problem. In our discussion we have consciously chosen the word ‘closing’ instead of ‘bridging’ when we speak of the gap between business and IT. A bridge acknowledges the gap, even accepts the gap, and tries to make a small connecting path across the gap. We think that the gap needs to be eliminated. Business, and therefore IT, cannot afford for there to be a gap – the two need to work as one in order to deliver better business solutions. The benefits can be substantial – not merely automated afterthoughts to improve existing business processes, but whole new ways of delivering value and fulfilling the needs of real customers. VitAL www.ivarjacobson.com www.vital-mag.net

VitAL signs: Life in the world with IT

Two Hopes, and one of them is dead Caught in the pincers of despair, Steve White is tackling problem management.

Today, too often, the Business requests or demands a solution based on a limited understanding of what could be done, and often based on an incomplete or flawed understanding of the problems that need to be solved and the goals to be met. Working together, with a focus on really understanding what is needed and what can be done to meet those needs, better solutions can be devised. Only then should projects be funded and chartered.

www.vital-mag.net

ike a giant crab with a huge pincer movement stalking the land, there is mischief afoot. Some businesses and UK Government IT support departments don’t understand the value of Problem Management. There’s clear management and business support for deploying floors of people with twitchy eyes ready at a moment’s notice to do whatever it takes to restore service, but Problem Management is not well understood, and is therefore undervalued and under-resourced. Here’s a worked example which I hope will make the difference, and the value clear. Call logged, application down, can’t log in. Incident managers appraise, involve a network specialist and the application owner. Network debugging finds that the application is hitting the name service unexpectedly hard when login is attempted. Application is running out of file descriptors. Look at application code, find name service search depth is set to ‘unlimited’. Change search depth to ‘1’ on test box, reboot, can log in (unexpectedly quickly). Change search depth on live application to ‘1’, reboot, test with users, service restored in about 120 minutes. Why did application stop working? Some innocent change in the name service elsewhere tipped the unlimited depth search on this application over the file descriptor limit – it had been running perfectly for a year. Incident Management stops there, service is restored, and root cause was found effectively and efficiently. Let’s explore what ITIL were hoping to achieve by splitting Incident and Problem Management into two processes: two totally different, but equally determined areas of focus. If the Incident Managers are also responsible for stopping this root cause chain dead they will be onto the next Incident before any PM time can be spent on this one.

A dedicated Problem Manager would take that incident and identify the following kinds of concerns: Why was depth unlimited coded in the first place? What are the implications to the application of changing depth unlimited to depth=1? What other applications written by the same person reuse the same code? How could we identify entirely other applications which also have ‘depth unlimited’ set unnecessarily (network debug) which are working OK but could break in the same way? What programming policies or procedures need to be changed to stop unnecessary ‘depth unlimited’ coding being used? And there are more concerns than just those. The PM would then rigorously chase these threads to exhaustion – with the same tenacity and focus that the IM’s had to service restoration. “Admin Error” or “3rd Party support missed step3” are not acceptable conclusions, PMs will put in place actions to prevent human error from damaging the live production environment. For sign-off this PM activity would be reviewed by the IM and PM management. The pincer movement is this; poor support of Problem Management plus business pressure for ever more features (driving complexity) equals a technical environment on the brink of collapse. I am not making this up. There are only two hopes, No Hope and Bob Hope. Who is going to tell the Board that their IT infrastructure is running on only one kind of hope? VitAL

November / December 2010 : VitAL 15

vital management

Can consumer attitudes really change the face of enterprise IT? With the triumph of new portable IT and communication technology, Ferenc Szelenyi, vice president EMEA public sector services at Dell Services, explores the growing consumerisation of IT in the workplace and explains how organisations can best position themselves to take advantage.

16 VitAL : November / December 2010

www.vital-mag.net

vital management

he concept of consumerisation is a macro-level social and business trend that is multi-faceted. The term â&#x20AC;&#x2DC;consumerisationâ&#x20AC;&#x2122; refers not only to the increase of consumer-oriented technology and behaviours in our daily lives, but also to the introduction and expansion of consumeroriented technologies such as the tablet devices and smartphones into enterprise IT strategies. In light of this evolution, we are starting to witness business adoption of consumer norms, and as a result, a generational shift is occurring. In a nutshell,, the purview of enterprise IT is no longer a dogmatic discussion about mainframes, servers, networks, desktop support and business applications. Consumer technology is clearly becoming a big issue for IT in the workplace, with the exponential increase in personal form factors, such as tablet devices, smartphones and flip video cameras. The statistics also underline this point. According to a recent report by analyst

www.vital-mag.net

Gartner, worldwide smartphone sales grew by 50 percent during the second quarter of 2010, with Google Android becoming the third-largest operating system with total sales passing 10 million units for the first time. In addition, the onward march of consumerisation is strengthened by collaboration technologies like Skype and the uptake of social networking sites such as Facebook and Twitter. The robust and game-changing popularity of these increasingly innovative technologies and communication channels mean that consumerised IT will have a far bigger impact than was originally envisaged in and on the workplace and how companies interact with their staff, consumers and other stakeholders. Consumerisation also means that the ubiquity of IT opens up new possibilities for information access, availability, and sharing, resulting in the accelerated influence of consumer information on business strategy. November / December 2010 : VitAL 17

vital management

Consumer-powered IT growth shows us that the balance of power is shifting away from a traditional top-down model to a more democratic one, where stakeholders can engage more directly and make decisions far more quickly. These trends will have far-reaching implications, but on the positive side they bring many opportunities to those organisations which are able and willing to take advantage of them.

However, many barriers have to be overcome before the enterprise space sees the full benefits of consumer technology.

Challenges with consumer adoption Unfortunately, so far the consumerisation of IT has confirmed that many organisations are on the defensive and do not have a clear vision or plan to manage the big change coming their way. Given that the enterprise adoption of these technologies is inevitable if companies want to stay competitive and agile, ignoring this trend could have significant business implications. We are already witnessing employees using the same technology at work that they are so accustomed to using in their private lives, such as the widespread use of smartphones. At the same time, we are also starting to see consumers and business partners demanding similar consumer-oriented services and capabilities from organisations that they are doing business with. One such example is the growing adoption of the business social network LinkedIn. Soon it will be a case of C-level executives having to be on the site because their rivals are. Competitive pressure will build as companies wise up to the benefit of these technologies and platforms and early adopters will have a huge competitive advantage. This is because online history tends to indicate that those who enter later in the game, never really manage to catch up with the pioneers The Google domination of the search market is a classic example of this with others scrambling around for the scraps because they were too late to the party. 18 VitAL : November / December 2010

Therefore today, the immediate challenge for organisations is first and foremost just to adopt consumer technology and communication channels within their business model to make sure they are not missing out. Over the longer term, organisations need take a look at their strategy to see how they will adopt these new technologies to create competitive advantage, increase productivity and foster innovation. It is my view that the real opportunity ahead of us is to adopt these consumer technologies into the mobile working environment. Whether it is access to business information, processes, and functions on devices, or the use of a new generation of social collaboration capabilities built in or around the core business applications, tremendous value can be unlocked by adopting these new technologies regardless of where an employee is situated.

Opportunity for mobile working The rise of flexible working enables the business adoption of consumer technology, introducing great potential to significantly change the way we communicate in the enterprise space. The public experience with social media is now being adapted into the business world to create the next-generation collaboration infrastructure and not before time. We need to move beyond e-mail and document-centric collaboration techniques to people-centric, context-aware platforms. The uptake of consumer technologies can enable businesses to improve their collective organisational intelligence and knowledge, and form virtual teams and communities in natural and productive ways. The adoption of

technologies such as video chat and instant messenger is a good example of technologies previously associated with consumers now being accepted as an integral part of working life. Moving forward, the real question that organisations need to ask themselves now is where they want to be in five to ten yearsâ&#x20AC;&#x2122; time regarding the adoption of consumer technologies into their enterprise capabilities and applications? I believe that they need to start thinking about how their customers will consume their goods and services, through what channels they will buy them, which capabilities will give them the most competitive advantage, and how they will collaborate internally in a mobile business environment. Based on this vision, organisations will need to develop a blueprint to evolve and modernise their business applications in order to adapt to this new world. In summary, the bottom line is that the face of the enterprise space is changing fast and this time the change is not being driven by an organisationâ&#x20AC;&#x2122;s own terms, but rather than what the consumer is demanding. Consumer-powered IT growth shows us that the balance of power is shifting away from a traditional top-down model to a more democratic one, where stakeholders can engage more directly and make decisions far more quickly. These trends will have farreaching implications, but on the positive side they bring many opportunities to those organisations which are able and willing to take advantage of them. VitAL www1.euro.dell.com www.vital-mag.net

supporting your ITSM journey Value

Chaos The journey of service improvement can take the IT organisation from the reactive and technologycentric focus characterised by the ‘chaotic’ helpdesk, to a vision of business-centred services that demonstrate IT value. Supportworks provides the foundation to transform your service organisation, from chaos to value. The Supportworks platform offers a simple upgrade path from basic helpdesk, through your first ‘Bite-Size’ steps in ITIL adoption, to mature ITSM processes that deliver what the business needs. With its unique ‘Human Touch’ features, Supportworks places the customer at the heart of IT Service Management, delivering increased service quality and improved customer satisfaction. Register for the new white paper “Chaos to Value: the IT Service Management Journey” (Part 1: Chaos to Service Focus) www.hornbill.com/journey

“Our SLA rates consistently reach 94%; of the fixes we carry out, 80% of the time we are faster than the published SLA target. Now we receive many ‘thank-yous’ from the business!” Service Desk Manager, Comet Group plc

Tel. +44 (0) 20 8582 8282 | Email sales@hornbill.com | www.hornbill.com

vital management

Could your data be the next Wiki Leaks headline? In this article, David Gibson, director of Technical Services at Varonis Systems explains the steps that IT professionals in charge of permission management of employee data access need to take to implement a formal data governance programme.

he recent worldwide controversy surrounding confidential material being supplied to Wiki Leaks by anonymous whistle-blowers – leading to the publishing of tens of thousands of secret US military documents in the likes of The New York Times and The Guardian – should act as a catalyst for IT departments across the globe to take control of company data governance and offer a guarantee that employees only have access to the information they need. By following the steps outlined below, IT professionals should be able to find areas with excessive permissions and abnormal

20 VitAL : November / December 2010

access activity, understand who can access, who is accessing, who shouldn’t have access, and who owns the data, and remediate risk faster than traditional data governance and classification methods.

Business context At present, IT professionals – rather than the people that create the data (be it a spreadsheet, PowerPoint presentation or company report) – are the ones making many of the decisions about permissions, acceptable use, and acceptable access review. However, as IT personnel aren’t www.vital-mag.net

vital management

Even if an IT department could ask its organisation’s users if they used each data set, the end users would unlikely be able to answer accurately – the scope of a typical user’s access activity is far beyond what humans can recall. Without a record of data usage, you cannot determine the proper organisational owner for a data set, and neither the unfound owner nor IT can make informed decisions about protecting it, archiving it, or deleting it.

equipped with adequate business context around the growing volumes of data, they’re only able to make a best effort guess as to how to manage and protect each data set. Until organisations start to shift the decision making responsibility to business data owners, it is IT that has to enforce rules for who can access what on shared file systems, and keep those structures current through data growth and user role changes. IT needs to determine who can access data, who is accessing it, who should have access, and what is likely to be sensitive. Here are some must-do actions for the IT team’s ‘to do’ list, to carry out as part of a daily data management routine, to create a bench mark for data governance:

‘everyone’, or all ‘domain users’ (nearly everyone) to access the data contained. This creates a significant security risk, for any data placed in that folder will inherit those ‘exposed’ permissions, and those who place data in these wide-open folders may not be aware of the lax access settings. Global access to folders should be removed and replaced with rules that give access to the explicit groups that need it. Also every file and folder on a Windows or Unix file system has access controls assigned to it which determine which users can access the data and how (ie, read, write, execute, list). These controls need to be reviewed on a regular basis and the settings documented so that they can be verified as accurate by data business owners and security policy auditors.

Identify data owners

Audit permissions changes

The IT department should keep a current list of data business owners (eg, those who have created original data) and the folders and SharePoint sites under their responsibility. By having this list ‘at the ready’ IT can expedite a number of the data governance tasks, including access authorisation, revocation and review, and identifying data for archival. The net effect of this simple process is a marked increase in the accuracy of data access entitlement and, therefore, data protection.

Access Control Lists are the fundamental preventive control mechanism in place to protect data from loss, tampering, and exposure. IT requires the ability to capture and report on access control changes to data – especially for highly sensitive folders. If access is incorrectly assigned or changed to a more permissive state without good business reason, IT and the data business owner must be quickly alerted, and able to remediate the situation.

Remove global groups from ACLs and perform data entitlement reviews It is not uncommon for folders on file shares to have access control permissions allowing 22 VitAL : November / December 2010

Audit group membership changes Directory Groups are the primary entities on Access Control Lists (Active Directory, LDAP, NIS, etc); membership grants access to unstructured data (as well as many

applications, VPN gateways, etc). Users are added to existing and newly created groups on a daily basis. Without an audit trail of who is being added and removed from these groups, enforcing access control processes is impossible. Ideally group membership should be authorised and reviewed by the owner of the data or resource to which the group provides access.

Audit data access Effective management of any data set is impossible without a record of access. Unless you can reliably observe data use you cannot observe its misuse, abuse, or non-use. Even if an IT department could ask its organisation’s users if they used each data set, the end users would unlikely be able to answer accurately – the scope of a typical user’s access activity is far beyond what humans can recall. Without a record of data usage, you cannot determine the proper organisational owner for a data set, and neither the unfound owner nor IT can make informed decisions about protecting it, archiving it, or deleting it.

Prioritise data While all data should be protected, some data needs to be protected much more urgently than others. Using data owners, data access patterns, and data classification technology, data that is considered sensitive, confidential, or internal should be tagged accordingly, protected and reviewed frequently.

Align security groups to data Whenever someone is placed in a group, they get file system access to all folders that list the www.vital-mag.net

vital management

group on its ACL. Unfortunately, organisations have completely lost track of what data folders contain which Active Directory, LDAP, SharePoint or NIS groups. This uncertainty undermines any access control review project and any Role Based Access Control (RBAC) initiative. In Role Based Access Control methodology, each role has a list of associated groups, into which the user is placed when they are assigned that role. It is impossible to align the role with the right data if the organisation cannot verify what data a group provides access to.

Lock down, delete, or archive stale, unused data Not all of the data contained on shared file servers, and network attached storage devices are in active use. By archiving stale or unused data to offline storage or deleting it, IT makes the job of managing the remainder simpler and easier, while freeing up expensive resources. At the very least, access to inactive data should be tightly restricted to reduce the risk of loss, tampering, or theft.

The principal of least privilege is a well-accepted guideline for managing access controls—only those that have an organisational need to access information should be able to do so. However, for most organisations, achieving a least privilege model is almost impossible because data is being generated far too quickly and personnel changes are numerous. Even in small organisations the growing data set and pace of organisational changes exceed the IT department’s ability to keep up with access control lists and group memberships. By automating and conducting the ten management tasks outlined above frequently, organisations will gain the visibility and auditing required that determines who can access the data, who is accessing it and who should have access. This detailed data access behaviour will benefit organisations in a plethora of different ways, most significantly securing their data, ensuring compliance demands are met and freeing up expensive storage resources. VitAL www.varonis.com

846_specialist_advert_vital_hp_ma_v2_Layout 1 06/10/2010 09:53 Page 1

Visit us at stand A14 itSMF UK 2010

New Specialist qualifications in IT service management from BCS, The Chartered Institute for IT Our new series of qualifications focus on specific IT service management job roles. The six qualifications: • embrace best practice from COBIT®, ISO/IEC 2000, SFIA/SFIAplus and ITIL® • enable job specific skill development • are industry-relevant and internationally recognised • attract credits towards ITIL Expert

Find out more at www.bcs.org/specialist/itsmf ITIL® is a Registered Trade Mark of the Oﬃce of Government Commerce in the United Kingdom and other countries. The British Computer Society (Registered charity no. 292786) 2010 MTG/AD/846/1010

www.vital-mag.net

November / December 2010 : VitAL 23

vital support

Time for the smaller picture We must focus on the detail of support delivery to fill in the gaps we had to leave out while we were changing a whole industry. It’s time to see the smaller picture says Noel Bruton.

t is something of a business cliché that we often endeavour to see the ‘bigger picture’, so as to better inform our decisions. In IT Support, we have been looking at the bigger picture for nearly a decade now, as IT support has taken a back seat to the broader perspective of ‘IT Services Management’ (ITSM). I say nearly a decade, because ITSM, as the ITIL framework is marketed, really only became widely popular after 2002 when the IT support software vendors and Pink Elephant began to build it into their products. At about that time, I was noticing a change in the way IT support was run. Toward the end of the 1990s, I regularly published on my Website, a rolling survey of average salaries in IT support. A trend emerged, where the ubiquitous

24 VitAL : November / December 2010

‘Helpdesk Manager’ began to appear in job advertisements increasingly rarely, while the prominence of the comparatively new post of ‘IT Services Manager’ began to grow. IT support soon lost management ground, its functions being led by team leaders and supervisors instead of the managerial authority and consequent attention of overall IT seniors it had enjoyed since the late 1980s. Soon after the rise of ITSM, the position and concept of the ‘Helpdesk’ almost disappeared, replaced by the now common ‘Service Desk’.

Greater whole Big pictures abound – the ‘Service Desk’ idea was one of them. It gauchely tried to lump all enquiry-based work into the same category.

So the erstwhile specialised service to solve IT users’ problems was subsumed into a greater whole to deal with all enquiries because, well, they all took telephone calls, didn’t they, so that made them the same, didn’t it? There certainly was a ‘Big Picture’ in evidence here, but it was nothing to do with the mere means of enquiry collection, but more to do with a clumsy attempt at enforced uniformity. We must remember that all this occurred a little after the rise of the Call Centre as a means of handling retail customer enquiries. It appeared to some that the call centre and the helpdesk had so much in common that they might as well be run the same way. A lot of companies forgot the fundamental difference, namely that the Helpdesk had a diagnostic purpose to create solutions to

www.vital-mag.net

vital support

specific problems, as opposed to the Call Centre’s job of simply repeating solutions from a catalogue of pre-known information.

Economic driver The main reason the Service Desk took off was economic. A uniform function reduces duplication and, because by design it passes its enquiries on to specialists, it functions primarily as a reception desk and so does not need expensive, specialist staff. This was evident in the rolling survey, as support staff salaries fell sharply from the late nineties on, only to begin to recover recently. As a helpdesk manager in 1990, my staff and I were earning more than our typical counterparts a decade later. The rise of ITSM drove down the authority and value of IT user support in favour of the bigger picture of IT Services overall. In 2007, ITSM officially abandoned the scant titbits of practical guidance it used to give to Service Desk management, by writing them out of the ITIL documentation in version 3. Having decimated IT user support management, ITSM could now officially no longer advise IT user support at all. The bigger picture had won – but at what cost?

Confusion That has not been the only result. There is a lot of confusion now in the IT support industry as to what the future direction should be, as witnessed in the behaviour of some of its vendors. A senior representative of a vendor arriving only lately to this market has shown it in his self-contradictory statement, “a service desk that reacts to problems by logging them is still a helpdesk.” The helpdesk was never a ‘log-and-flog’ (IT support jargon for ‘record and reassign’) function – that concept only really arrived with the Service Desk. The Helpdesk was solutions-based, as I documented in several books I wrote at the time. And witness the Service Desk exhibition in London last spring, where the only game in town seemed to whether a vendor’s software could claim to have implemented more ITIL processes than the product on the stand next door. Directionless confusion mars the Big Picture. One of the problems is that although we may have taken ITSM to be a strategic direction, the truth was that even up to ITIL v2, its picture 26 VitAL : November / December 2010

really wasn’t that big at all. At birth, it focused solely on ‘Processes’, only one leg of the traditional management tripod, the other two of which are usually ‘People’ and ‘Tools & Technologies’. Not only that, but because it gave no guidance of success, it described only a state, not a policy. Those omissions led me to write ‘Managing the IT Services Process’ and several years later, ITIL v3 arrived at conclusions similar to some in that work. But those works only made the picture bigger still and moved the guidance yet further away from where it is now desperately needed, namely down at the point of delivery of IT support, the ‘smaller picture’. Let us not forget that ITSM only really took off because of IT support query-handling software. The small picture fed the big one, emaciating itself in the process. But the big picture did not improve end user support, it just formalised other processes around it. Of itself, that’s a good thing – but it means we have neglected actual IT support for too long and that’s what makes it now time to see the smaller picture.

Tackling the issues And there is an awful lot to be done down there. The confused vendor I mentioned earlier confirms it – he wrongly thinks the Service Desk is a diagnostic function, showing he doesn’t realise that it is actually the bastard spawn of a forced marriage between the Helpdesk and the Call Centre, arranged with the prime purpose of reducing the dowry. A lot of companies have realised this and reversed this shortcoming by incorporating erstwhile helpdesk functionality (on-the-spot resolutions, triage desks, remote support, second line work carried out by first line staff etc) into the service desk and pushing up the all-important first-line fix proportion of resolved enquiries. Like it or not, the real Helpdesk is being reinvented out of necessity, because that’s what IT users need, not just a log-andflog Service Desk. And then there’s the question of the ‘Second Line’. In ITSM, ITIL only began to deal seriously with the crucial ‘Second Line’ support stratum in v3. This is despite the fact that the Service Desk, a v2 concept, was to rely so heavily upon, indeed define its very purpose by its need for second line resolutions conducted

elsewhere. This is another area where we need to concentrate our attention urgently. Industry surveys I conducted showed that while first line productivity had increased; second line seemed to have stagnated, despite its importance. I would suggest that one reason for this might be the absence of second-line support strategy from ITSM’s big picture until only recently. Then there is the whole concept of support measurement. Nowhere in the ITSM big picture does it indicate how much productivity constitutes success, what is the difference between a good service desk and a bad one or to what numerical extent the service desk should depend on the productivity of other departments for the resolution of the enquiries it collects. Then there is effectiveness. Some of the ideas in ‘incident management’ seem to suggest that bureaucracy is more important than efficiency, expecting a clerical function to be able to influence the priorities of senior staff in a different department.

Benefits Support strategy and structure, measurement, interdependency and efficiency; these and other issues, the ‘small picture’ of the day-to-day running of IT support have become the needles lost and forgotten in the haystack that is ITSM. And yet without them, ITSM as we currently know it might never have emerged from the obscurity it knew before the support software market began to foster it. We needed the big picture – there is no doubt about the benefits it brought to our organisations, to give the UK genuinely world-class IT services that the rest of the world now adopts. The big picture is pretty much complete. Now we must focus on the detail of support delivery to fill in the gaps we had to leave out while we were changing a whole industry. It’s time to see the smaller picture. *Noel Bruton is a UK-based consultant and trainer specialising in IT support, who since 1991 has offered a range of services to organisations looking to improve services to users and job satisfaction for support staff. He is the author of numerous books on the topic. VitAL www.noelbruton.com www.vital-mag.net

Desktop Management Software for the Modern IT Support Team

www.netsupportservicedesk.com

www.netsupportmanager.com

Web-based Incident Management

Remote Access & Desktop Management

With over 20 years experience and a global install base approaching 9,000,000 systems, NetSupport products have a proven reputation in the Service Management industry. Web-based and ITIL compliant, NetSupport ServiceDesk provides your IT support team with the tools needed to pro-actively manage the Incidents, Problems and Change Requests that may be impacting on the availability of your business critical systems.

As the complexity and diversity of systems has evolved, remote control tools have also had to evolve to ensure that a single technology solution can manage and negotiate a wide range of platforms and environments. NetSupport Manager provides a single operator console that delivers a unified approach to the connectivity and management of multi-platform computers, including MAC, Linux and Mobile, across LAN, WAN or the Internet.

Easily integrated into your existing IT Infrastructure, NetSupport ServiceDesk’s intuitive interface and streamlined workflow processes ensure your support team are focused on resolving issues and managing customer expectations. Real-time status reports gauge the effectiveness of how support requests are being managed while your customers can search online for answers before logging a support request as well as check and review the status of their reported incidents.

All of the key elements you would expect from a leading remote control solution are catered for - screen control and recording, the ability to interact with keyboard and mouse, transfer files, log activity to a central point, chat, message and instant request help. What sets NetSupport Manager apart is its ease of use. Real-time visual thumbnails of all connected computers, with the option to dynamically group by platform and operating system, ensures an operator, from a single viewpoint, is able to identify all activity across the environment and pinpoint where assistance is needed.

www.netsupportnotify.com

www.netsupportdna.com

Desktop Alerting

IT Asset Management

Sometimes you can’t wait for someone to read their emails or check the intranet and sometimes you just need to get your message out there in a hurry!

Providing you with the tools needed to manage the TCO of your IT Assets, NetSupport DNA is a modular solution that delivers best-ofbreed Hardware & Software Inventory and License Management - vital information if purchasing decisions are to be made from an entirely informed position.

NetSupport Notify removes the barriers associated with traditional forms of communication by enabling administrators and technical support teams to deliver attention-grabbing alerts and notifications direct to all or selected desktops across your network within seconds. Whether it’s general news, IT announcements or even security alerts, NetSupport Notify ensures your message can’t get lost in a busy inbox, saved for later or ignored. With its notification gateway component, a single message can be delivered to staff across many sites or locations in a single action, with full delivery/ receipt logging and reporting. Messages can be fully branded to fit with your corporate identity and can include an audible alert for added impact.

Including Application and Internet Metering, Software Distribution and an eco-friendly Energy Monitor component, NetSupport DNA also provides an integrated communication gateway allowing secure interaction with your assets, anywhere, over the internet without the need for a VPN or changes to your existing network or firewall configuration.

For more information and to download a free 30-day trial visit: www.netsupportsoftware.com

vital management

Feature sponsored by:

Software as a Choice The rise of ITSM solutions via the SaaS model In this article Cherwell Softwareâ&#x20AC;&#x2122;s Tony Probert tries to help define and eliminate some of the confusion about Software as a Service and discovers that true SaaS is all about choice.

28 VitAL : November / December 2010

www.vital-mag.net

vital support

Feature sponsored by:

According to Gartner, even though only approximately five percent of the IT Service Management (ITSM) software market today has embraced SaaS, it is estimated that ten percent of this industry will do so by 2012.

hat is SaaS? The term SaaS is an acronym for Software as a Service. Forrester Research reports that fifty-four percent of all organisations are interested in SaaS deployment. According to Gartner, even though only approximately five percent of the IT Service Management (ITSM) software market today has embraced SaaS, it is estimated that ten percent of this industry will do so by 2012. So while it certainly appears that many organisations are demanding the benefits offered by SaaS, evidence indicates many organisations are confused about what SaaS truly entails, and whether or not it is the best choice for their software needs. Consider the following question recently posted on a SaaS blog: “Please tell me just what exactly is SaaS? Is it a business model? Is it a delivery/hosting model or something else?” What a great question! This person is not alone in their confusion. Unless we can define the term and understand the components of SaaS, it is difficult to determine whether or not SaaS is the best option for an organisation’s specific needs. In a recent report Ovum/Butler Group recommended the following: “SaaS solutions must be architected so a customer is able to self-customise its ‘application instance’, with these customisations preserved through an effortless upgrade process. Without these facilities, the SaaS business case is not so compelling.” The purpose of this article is to help define and eliminate some of the confusion about SaaS. After looking at a brief history of SaaS, we’ll explore SaaS from its three major components: Financial; Deployment; and User interface. Some believe that SaaS is limited to subscription pricing, offsite hosting, and browser-only access. We believe SaaS is about customer choice. www.vital-mag.net

We’ll examine the ‘once size fits all’ SaaS approach versus SaaS that offers choices in its core components. Finally, we believe so strongly in implementing SaaS with user optimised choices that we propose a new concept that may more accurately describe what most mid-to enterprise-sized companies are demanding – Software as a Choice (SaaC).

The evolution of SaaS In his article, On-demand/SaaS reality, author Rick Sklarin described the three generations of SaaS evolution. The first generation, which he calls ‘SaaS 1.0’, became popular in the 1990s and involved the early Application Service Provider (ASP) model. This first generation of subscription-based pricing typically was offered via client-server, was mostly accepted by the SMB market, and had very limited ability to customise the applications and integrate with other systems. The second generation of SaaS, which Sklarin calls ‘SaaS 2.0’ or pure SaaS, was made popular by the success of Salesforce. com. This second generation of SaaS currently defines the SaaS marketplace. It typically requires; subscription pricing; deployment and hosting of the application and the data off the customer’s premises (ie off-premise); delivery over the Internet through an HTML browser (such as Internet Explorer, Firefox, Safari, etc). In short, pure SaaS, or ‘modern’ SaaS as some vendors label it, offers few choices. This model also has been criticized as having very limited customisation and integration capabilities. As a result of these deficiencies, Sklarin predicts the evolution to SaaS 3.0, which is a hybrid SaaS alternative, offering many more choices for end-users. As he describes: “larger companies are demanding an evolution from the pure-play SaaS model” November / December 2010 : VitAL 29

vital management

Feature sponsored by:

Clients should evaluate the inherent advantages and disadvantages of SaaS before selecting this model. Trust in the vendor, customer references, contracts and service levels should be foundational when buying SaaS. Understand how the architecture of the onpremises offering is different from the SaaS (off-premises) model.

30 VitAL : November / December 2010

Software as a Choice (SaaC) – the 3rd generation of SaaS 1. Financial component – lease or own? It is quite odd, and unfortunate, that the financial model for pure SaaS has been inherently tied to the delivery and hosting models, which are technical issues. The financial component has legal and accounting implications – but no technical connection. From a legal perspective, software generally is licensed from software vendors. However, these licenses can be purchased or leased. By purchasing the software license from the vendor, the customer generally has the right to use the software forever – in perpetuity. When the software is leased, however, the customer only has the right to use the software for as long as the subscription fee is paid. If the vendor goes out of business or becomes insolvent, a leasing model could be problematic. Leasing software, commonly referred to as a subscription model, is not much different than leasing a car: Leasing may be cheaper in the short-term (ie, the first two to three years), but typically is much more expensive over a longer timeframe. Notably, innovative software vendors are beginning to offer a ‘lease to own’ financial option. They understand some organisations may prefer initially to lease the software because of short-term cash constraints, and then purchase the licenses within the next couple of years when operating conditions change. From an accounting perspective, when software is leased it is paid out of the company’s operations’ budget. In other words, all of the current subscription costs can be expensed on the income statement in the current period. Alternatively, purchased software over a certain purchase amount must be capitalised. The software shows up on the balance sheet as an asset that must be depreciated over time (eg, three to seven years). So which financial approach is preferable? It depends. Some organisations that are constrained from a cash-flow perspective may be more short-term oriented and choose to lease the software. Other organisations might be concerned about utilising a mission-critical application that they do not own. These are questions primarily for the lawyers and accountants – with some help from the IT professionals. There is no correct answer, it will vary given the business circumstances. With respect to the financial model – choice

matters. But there is no technical reason that a software product could not be deployed ‘on premise,’ yet paid for using a subscription model. 2. Deployment component – on-Premise or off-Premise hosting? Should the application and data be hosted on-premise or remotely off-premise? Traditional pure SaaS typically requires that the software application and the company’s data be hosted offsite, which has some real advantages. For example, the software vendor or service provider supplies and administers the server, the operating system and deploys all software updates from a remote location. Accordingly, all such costs and services are bundled in with the leasing or subscription price. Such a model can offer great efficiencies and economies of scale. However, this approach is hardly a nobrainer. Some organisations, such as Government and financial institutions, have greater security requirements for their data. The concept of hosting their data somewhere else and trusting an outside company to protect their confidential data can be a show-stopper. Hosting data offsite also has implications for organisations that are subject to legal requirements, such as the EU Data Privacy Directive, Canada’s PIPEDA, HIPAA and other governance regulations. Additionally, most SaaS 2.0 hosted environments require that every client has its software and data upgraded at the same time – offering no choice regarding when that occurs. That may be great for early adopters, but for companies that would rather wait until all the kinks and bugs are worked out in the applications, it is not a desired approach. From a technical perspective, customers should be able to switch back and forth between hosting on-premise and hosting off-premise as their business needs change. This choice should be driven by the customer and should not matter to the software vendor, with the obvious exception that the software vendor will charge additional fees for the hosting costs if off-premise. The bottom line is that the hosting model should be a choice. Once again, there is no “correct answer.” It depends on the business needs. 3. User interface component – rich-client or browser? Transporting data via the Internet has become the de-facto standard for delivery, and this approach is much cheaper to most companies than deploying large area www.vital-mag.net

vital management

Feature sponsored by:

networks on a global basis. The advent of the Internet has been revolutionary with respect to an inexpensive way to share data from multiple geographic locations. However, should the data and application be accessed via a browser or smart-client? From a technical perspective, the hosting choice discussed above of On-Premise or Off-Premise should support either method of accessing the data. However, many pure SaaS vendors imply that a remote hosting model requires that the application and the data be accessed only by using a common browser, such as Internet Explorer, Firefox, or Safari. This is not the case with more modern and flexible software applications. Regardless of whether a smart-client or browser-client is utilised, software applications today can deliver the data over the Internet in exactly the same manner, utilising protocols such as SOAP over HTTP. In other words, today’s smart-client applications can still be web-enabled. With a smart-client, less bandwidth typically is needed and the user experience can be faster and more robust, because the screens and other software overhead do not need to travel over Internet. An example of a smart client on a mobile device is an iPhone application. Normally when someone is working in an application two to eight hours a day, the rich-client user experience is greatly preferred over a browser application. A browser-based application also has its advantages. For example, all upgrades to the software are done remotely at the server level. This approach is no different than the mainframe computer in the 1980s that was accessed with a ‘dumb client’. With a smart-client, updates to the client must be downloaded or “auto-deployed.” However, this automated installation to the client typically requires very little effort on the part of the enduser. Apple’s iTunes application is a common example of a client update that must be autodeployed. Probably the greatest advantage of a browser-only application is that it can be accessed from different computer platforms, such as Windows, Mac, or UNIX. Once again, the choice in the interface depends on the circumstances. There are good business reasons for each. It seems like the ideal solution would be for the user to be able to choose a rich client interface as the standard, yet be given the capability to switch to a browser interface when required (eg, when accessing the data from a UNIX www.vital-mag.net

system). With both user interface options, the data can be delivered over the Internet.

Evaluation and selection In a recent report Gartner made the following recommendations regarding evaluation and selection of SaaS-based ITSM solutions: “Clients should evaluate the inherent advantages and disadvantages of SaaS before selecting this model. Trust in the vendor, customer references, contracts and service levels should be foundational when buying SaaS. Understand how the architecture of the on-premises offering is different from the SaaS (offpremises) model. “Clients should compare the SaaS vendors’ products with the more traditional perpetual-licensed products in features, functionality, adherence to best practices, total cost of ownership, high availability, manageability and security, being sure not to choose one product over the other based solely on licensing model or cost. In addition, IT operations tools do not exist as an island, and some level of information, data and process integration is required, which should be an important SaaS evaluation criterion. Finally, organisations that have unique requirements may find that the one-sizefits-all approach to SaaS might not be a good fit for an environment that requires the ability to customise the tool.”

Hello SaaC SaaS 2.0, aka ‘pure’ or ‘modern’ SaaS, has been narrowly defined and deployed. Because of this, its days may be numbered. Enterprise-savvy customers today are demanding more choice in the financial model, the deployment model and the user interface model. An organisation should be able to choose, to host the application and data onpremise, yet pay for the software using a subscription model – while accessing the data using either a rich-client or a browser. If any model is really going to offer true ‘service,’ it should offer choices to the customer. SaaS is here to stay, but it will continue to evolve because of customer demands. The third generation of SaaS solutions will continue to emerge, forced by enterprise companies to offer choice. Goodbye ‘pure’ SaaS, hello SaaC – Software as a Choice! VitAL www.cherwellsoftware.com

SaaS 2.0, aka ‘pure’ or ‘modern’ SaaS, has been narrowly defined and deployed. Because of this, its days may be numbered. Enterprisesavvy customers today are demanding more choice in the financial model, the deployment model and the user interface model.

November / December 2010 : VitAL 31

vital management

Protecting your network In dealing with the all too evident problem of network security, governance, risk and compliance has cost US companies around $29.8 billion so far this year. Arvind Benegal, general manager security services at MindTree shows how you can maximise security using GRC.

s new technologies continue to emerge and evolve, new threats, and motives behind the threats, are correspondingly evolving. From scriptkiddies and hackers to cyber-terrorism and cyber-crime such as corporate espionage, there is a whole new underworld economy. It is not just the iPods and iPads that are on sale on the web, but botnets, zombies and a host of other malware that can be purchased just as easily.

32 VitAL : November / December 2010

AMR Research indicates that US companies have this year spent around $29.8 billion on governance, risk and compliance (GRC), and that risk management remains the top GRC motivation. Organisations worldwide continue to spend huge amounts in protecting their network, regulating their data and maintaining business viability. As each year goes by, security and compliance spend is on the rise but so are the threats and tangible and intangible losses due to those threats. www.vital-mag.net

vital management

It is very clear that the underworld cybereconomy has been constantly working overtime to beat the good guys. There are many reasons for rising losses and this often leads to organisations resorting to quick-fix solutions and trying to beat the competition. One of the key reasons for these losses is that controls and procedures are not always based on sound governance and a risk management structure which spans the entire organisation. Network security controls play a vital role in protecting an organisation. It provides the basis on which other controls, including application controls, can be built upon to maintain a more formidable security position. While it is true that GRC encompasses a whole host of initiatives, this article focuses on maximising the effectiveness of network security controls by using an approach that revolves around GRC.

Get the big picture Knowledge about business requirements for security, privacy and compliance must percolate through all the levels of an organisation. Though the roles played by a security guard, or even a member of staff who’s at the bottom of the hierarchy may

be less consequential to the mind’s eye when compared to the role of senior leadership, this could be the first weak link in the chain. Knowledge of the ‘Big Picture’ can significantly lower the likelihood of failure in controls and processes Knowing, for example, about the organisation’s compliance requirements helps build a strong business case for network security controls, especially in the wake of proliferating regulations and customer demands. Aligning with security and compliance requirements helps justify the budget for additional network security controls, including consolidation such as using IAM, SSO, etc. Knowledge of the big picture can also help avoid implementation of controls in silos and re-inventing the wheel. It points out the significance of collaboration among key stakeholders such as business, IT, security, risk and audit personnel and helps them to connect the dots. Better connected policies and technologies provide for greater business agility and help you stay ahead of the competition. Regulations such as PCI DSS can certainly be used by organisations to narrow the gap between business and compliance alignment.

PCI DSS helps by being more prescriptive about the control requirements. It ensures that not just security and compliance professionals but also business process owners can better connect the dots. Thus a system or firewall administrator can better understand where it will hurt them and the organisation the most and also appreciate the role from an organisation perspective. For example, knowing the network segment where card holder data resides can help you design more effective firewall and IPS policies.

Create a culture of risk, security & compliance If people form strong links then weaknesses in technological controls and processes can be overcome. Certainly the reverse may not always be true given the fact that ‘the insider’ threat landscape is continuously expanding. Controls and processes can be weakened due to ineptitude or ignorance therefore building awareness about compliance requirements at all levels will certainly help. Accidental violations and breaches by ‘insiders’ are, for example, costing organisations more heavily than external malicious attacks. It’s often been said that an organisation’s success is due to its employees.

Out from the cloud… Heroes have emerged

A GARTNER COOL VENDOR

Innovative ITSM Learning and Readiness Solutions from G2G3

» ITIL/ITSM Simulations » Cultural Change and Transformation Programs » Cloud-based ITIL/ITSM Assessments » Virtual Business Games » Business Continuity Simulations

Visit G2G3.COM/HEROES to find out more www.vital-mag.net

November / December 2010 : VitAL 33

vital management

However, according to Corporate Combat Inc, USA employees from the entry-level customer service representative to the senior executive are costing US organisations more than $40 billion a year through theft. If fraud is included as theft, the figure rises to more than $600 billion!

violations, and in reducing the opportunities for fraud. However technology requires people to create and maintain it and that scenario is likely to continue for a while. The rate at which insider threat rises, controls would tend become more information-centric and less people-centric.

Risk assessment

Audit, analyse and align

Articulation of business impact demands knowledge of business requirements for security, privacy and compliance. The key here is to make network security in sync with business applications. Data classification is, for example, one of the building blocks of a successful security strategy. It provides the basis for validating risk and, depending upon business requirements for security and compliance, it helps build a case for successful implementation of IT general controls such as Information Security (IS), Business Continuity Process (BCP), Network Access Control (NAC), Data Loss Protection (DLP), and Identification & Authentication (IA).

Governance, risk management, security and privacy are a part of a continuous journey in any organisationâ&#x20AC;&#x2122;s initiatives and investments in compliance. As businesses change and develop so risk and compliance are also in a state of flux to meet the growing threat landscape. It is interesting that web applications have become the face of organisations. In an effort to reduce overall costs and maximise productivity, organisations continue to take advantage of cutting edge technologies such as Web 2.0 services, cloud computing and virtualisation. However, increased automation, mobile workforce, the need for multiple access mechanisms, web enabled services, IT driven businesses strategies and delivery have thrown open the floodgates for new risks. Aligning the use of these emerging technologies requires a deeper understanding of the underlying business processes that these applications support and automate. Network security controls need to be designed and built with the knowledge of the applications and the data handled by them. In conclusion, every standard and best practice in information security stresses on the fact that the human resource is the biggest asset. It is ironic therefore that information assets are primarily required to be protected from people assets, stemming from unintentional or malicious actions. Governance, risk and compliance must look beyond technology which, in most cases, is likely to be implemented in a piece-meal fashion, given the pressures of the marketplace. GRC has a central role in governing and facilitating IT projects and aligning them with the overall business goals. VitAL www.mindtree.com

Consult, communicate & collaborate People are essential at every stage of the GRC journey. Success and effectiveness of GRC is heavily dependent on a common and consistent language across the organisation. It relies on consistent and timely communication and it is crucial to build the culture with executive leadership leading from the front. Knowledge of PCI-DSS requirements can, for example, certainly help in design and testing of the controls needed for applications to protect card holder data. Many of the applications continue to be exploited more by abuse of functionalities rather than by a specific attack code. GRC is a continuous process affected by a set of people and run by a set of policies, processes and procedures. While technology is an important ingredient of any such process, by itself it cannot meet or sustain compliance. Technology can help in automation, reducing errors, omissions and other accidental 34 VitAL : November / December 2010

If people form strong links then weaknesses in technological controls and processes can be overcome. Certainly the reverse may not always be true given the fact that â&#x20AC;&#x2DC;the insiderâ&#x20AC;&#x2122; threat landscape is continuously expanding. Controls and processes can be weakened due to ineptitude or ignorance therefore building awareness about compliance requirements at all levels will certainly help.

www.vital-mag.net

What tool do you use to turn traditional customer support into dynamic customer service? Kepner-Tregoe’s Problem and Incident Management programme. Think dynamically. Kepner-Tregoe’s Problem and Incident Management programme offers unrivalled insight into how to align your organisation’s most powerful assets. We can reduce time-to-close, increase first time fix-rate, reduce no fault found, increase customer satisfaction and lower the operating costs of your customer support centre. The result? Service can now be a direct driver of revenue and profit. Find out how Kepner-Tregoe’s knowledge could help power your business by contacting our European Head Office on 01628 778776.

vital processes

Driving up customer satisfaction Kent County Council provides a text-book case study on improving customer service, measuring the benefit and receiving public recognition for ITSM.

most of the Council’s functional requirements out of the box, and was the most user-friendly and the easiest solution to use. Paula Davies, Service Desk manager at Kent County Council explained, “We particularly liked the apparent simplicity of Hornbill’s solution. It handles quite complex and powerful processes, while making it very easy for the end user. This ease of use, particularly in the management of priority calls and SLAs has, we believe, enabled us to manage our workload better resulting in faster response times and the delivery of improved service to our customers.”

Automation is the key

ent County Council is one of the most diverse councils in the UK, employing over 44,000 people. It has achieved a four star rating from the Audit Office in its annual Comprehensive Performance Assessment for the last six years. A diverse range of services are provided by staff based in over 500 buildings across the county, and the council relies heavily on its IT systems to keep services running smoothly. As part of the council-wide recognition that its customers are different and so need different services, the IT service desk is committed to providing staff with the most appropriate IT services to support them in doing their jobs. Driven by this focus on service, the council carried out a detailed selection process to procure new service management software in 2008. The process included an evaluation of solutions from Touchpaper, Remedy and Hornbill, and a delivery of a proof of concept system. Hornbill’s Supportworks ITSM Enterprise was the preferred choice, as it met

36 VitAL : November / December 2010

Supportworks ITSM is used by 150 ICT operations staff to support 10,000 council staff. The first phase of the implementation provided incident management and request fulfilment for the service desk. To support the council’s transition from a focus on technology to a focus on service, a SelfService portal was also deployed to all staff via the council’s intranet. This allowed staff to check the status of their incidents and service requests, which reduced calls to the service desk, improved customer satisfaction ratings and resulted in immediate savings equivalent to a full time member of staff on the central service desk. In the second phase of the implementation, Problem and Change Management were integrated within Supportworks. A dedicated Service Management Team was created incorporating, Problem, Change, Major Incident Management and MI reporting. Marie Beard, operations service manager at Kent County Council commented, “The way that Supportworks is designed made it easy for us to pull these functions into one team and very quickly reap the benefits. Also during the second phase of implementation a customised SelfService portal was added for the Libraries division. Having SelfService for highly specialised applications in the different directorates ensures that requests for service can be tailored according to the needs of the

customer and routed directly to specialist teams for fulfilment, while remaining visible to the service desk as a whole. The introduction of SelfService for individual directorates has been very successful and the service management team has engaged with other directorates with a view to rolling out similarly customised services.

Reporting capabilities Supportworks ITSM is supplied with a range of standard reports, and it is also very easy for users to design their own reports. This has empowered team leaders to draw down their own reports to manage their individual areas. Now second and third line support teams are better able to manage their workload, which has resulted in faster resolution times and better performance against Service Level Agreements (SLAs) across the entire service desk. Since implementing Supportworks, the service provided to customers has improved measurably. The call abandonment rate is now running at an average of five percent, down from 17 percent in 2007/2008 (a reduction of 70 percent). The volume of calls taken and number of calls resolved at first contact have both increased significantly. Around 80 percent of calls are now resolved within one working day, largely due to more efficient working practices and use of Supportworks. The reports also show that the average wait time for a call to be answered is down from 1.3 minutes to 19 seconds (a reduction of over 75 percent). This has been a significant factor in driving up customer satisfaction ratings. To drive service improvement the IT team uses a feedback feature provided within Supportworks, enabling customers to rate the service they have received. When the call is closed the customer receives an email with an invitation to rate the service and a link to the specific call. This feature has encouraged customers to provide www.vital-mag.net

vital processes

feedback, enabling the service desk to monitor performance of both individuals and teams to determine how service can be improved. One of the most recent initiatives empowered by Supportworks is a process to monitor all calls logged for new starters. Marie Beard explains, “By analysing service requests received from new employees we are able to make suggestions for training. Ensuring that end users are adequately trained in the applications that they need to use to do their jobs is a tangible way of driving down the number of calls received by the service desk, and so reducing the cost of providing IT support. Problem Management enables us to analyse where calls are coming from and to be proactive in finding ways to reduce the volumes and prevent recurrence.”

Four star certification As part of its council-wide on-going commitment to Service Excellence, the service desk team undertook SDI certification. An initial audit was performed by the SDI in 2009 resulting in a list of recommendations for areas that needed improvement which the project team turned into an action plan. Members of the project team met up every two weeks to review the action plan and ensure that they stayed on target. The team also communicated regularly with staff so that they could be included in the process. Marie Beard explained, “Joining up Incident, Problem and Change management was key to improving service, but we needed strong evidence that this had been done. Supportworks has helped us to provide that proof.” When SDI returned for a full four day audit in April 2010, Kent was awarded a four star accreditation, which is the highest level attainable at the first attempt. “We were delighted to receive the four star rating from the SDI,” said Beard. “Kent is the first public sector body to achieve this level. Using Supportworks ITSM has certainly helped us to achieve this.” www.vital-mag.net

White papers Chaos to Value, the ITSM Journey part 2, Technology to Service Focus, a new white paper, looks at the next stage in the ITSM Journey, the evolution from a ‘technology’ to ‘service’ focus. Hornbill’s research found that the majority of ITIL adopters are at this stage of their journey. They have adopted the basic ITIL processes, realised benefits, and are now looking to become more service focused. It is this stage of the journey that demands the greatest cultural shift, requiring IT staff to think less about ‘servers’ and more about ‘services’. The white paper offers visionary comment and structured advice on taking the challenging next step for most organisations on their ITSM Journey. Based on experience, best practice and customer insight, the new white paper provides the IT organisation with critical advice for the next steps of the ITSM Journey, from Chaos to Value. VitAL www.hornbill.com/journey

Having SelfService for highly specialised applications in the different directorates ensures that requests for service can be tailored according to the needs of the customer and routed directly to specialist teams for fulfilment, while remaining visible to the service desk as a whole.

November / December 2010 : VitAL 37

vital processes

Ten reasons why you might not fully implement ITIL ITIL guru Malcolm Fry says you should be building a service that is fit for purpose and as such you may not need all the ITIL components.

t seems that nowadays ITIL is surrounded by naysayers claiming that it is doomed or even worse flawed and causes more damage than good. Why is this the case? Is any other best practice subjected to so much criticism, especially when none of the naysayers can provide a viable alternative? Yes ITIL has it faults but so do other best practices. One of the reasons driving this negativity is the complexity of implementing ITIL v3. It is totally valid not to fully implement ITIL after all it is a framework not a methodology, isnâ&#x20AC;&#x2122;t it? As a framework you should be building a service that is fit for purpose and as such may not include all of the ITIL components.

Ten reasons not to fully implement ITIL There are many reasons why it is valid not to fully implement ITIL and here are just ten of them: 38 VitAL : November / December 2010

1. Cost : This is a very common reason and often with justification, especially given the change in the financial market in late 2008. Many companies are now looking to cut costs and do not have the budget or resources for a complete ITIL v3 implementation project. In fact, in many cases, it would be quite foolhardy to approach senior management for permission to start a full ITIL v3 implementation project. 2. No customer support: Customer satisfaction is at the forefront of service management and a key driving factor for ITIL v3. However, it is difficult to fully implement ITIL v3 if the customer refuses to cooperate. For example, there is little point producing service level agreements (SLAs) if the customer will not participate in creating them, or even read them. This should not stop the production of service targets based on typical SLA contents www.vital-mag.net

Launching iCore

IT Transition as a Service Transition is the process for moving large projects or major changes through Appraisal, Design, Build, Deploy and Operate stages in a manner that assures a smooth introduction into your Production environment.

Transition as a Service (TaaS) will: • Provide improved visibility to the cost, risk, functional capability and service delivery aspects of the change / project

iCore has a track record

• Introduce more reliable planning and sizing of the release and deployment activities, putting Live Service onto the Project Critical Path

many leading IT Organisations

• Engage with Change, Project, Program Managers and Teams at the right time, in the right way • Ensure solutions are designed and built with Operations in mind • Provide transition resources with both project and operational service expertise • Build you a fully effective transition operation and, if required, manage the skills transfer back into your own in-house team • Do this for an agreed price

For more information about

IT ‘Transition as a Service’ please contact: sales@icore-ltd.com or telephone 020 7464 8883

working on IT Transition for (including Global) and covering many leading technologies (including SAP and Virtualised). iCore will provide practical experience and methods in Service Transition to Clients as a Managed Service, which is both flexible and scalable and can be applied to anything from a project of around 6 months to a large program of 3-5 years. We utilise best practice methods and guidance from ITIL v3, COBIT, CMMI-SVC and other industry frameworks to develop a strong approach to Transition which is both pragmatic and effective.

vital processes

though, which can then be measured as if SLAs were in place. 3. ISO20000 limitations: ISO20000 was originally designed when ITIL v2 was in place and many organisations therefore obtained their ISO20000 certification by implementing ITIL v2. ISO20000 has not altered much over the last few years and so it logically follows that ITIL v3 does not need to be fully implemented in order to obtain ISO20000 certification. 4. Time constraints: There is no doubt that implementing ITIL v3 is a long and timeconsuming project. After all, one of the reasons that many organisations don’t have SLAs is because they can’t find the time to write them. Sometimes, too much time and effort is being spent on items where savings could actually be made. Service management is often seen as an operational function and, as such, headcount is sufficient to support operational activities but not sufficient for project or development activities. 5. Ownership: It is often assumed that all the components in ITIL are owned by service management whereas, in reality, many of them are owned by other IT departments. For example, a capacity planning department, an IT continuity team, or an asset management group may already be in existence. If this is the case, and they report through a different management hierarchy, then it can be very difficult to convince the different departments of the value of ITIL implementation. Some may wonder what is in it for them, while those in control of IT assets may be reluctant to configure them. In this latter example, while they may care about configuration, the asset administrator will have a different set of objectives. 6. Running out of steam: This does not usually occur during planning but as part of 40 VitAL : November / December 2010

the implementation. An ITIL v3 or v2 project often starts with high levels of energy and enthusiasm that begin to wane as the project progresses. An ITIL implementation project is not like the majority of IT projects that work towards a crescendo – for example, the development of a new service starts with an idea then progresses and grows until the excitement of the day when a new live service is installed. An ITIL project, on the other hand, starts with energy and enthusiasm but with no exciting end product fails to inspire those working on the project. 7. Too complex: This can be a common problem because service management staff are practical and familiar with operational activities, but with little or no experience of project design or project management. These skills need to be learnt or imported into service management because ITIL v3 is a daunting task for experienced project managers, let alone inexperienced staff. 8. v2 already implemented: This is a common argument. Organisations that implemented ITIL v2 may be reluctant to begin the implementation of v3, offering a different approach and more content. It can be tricky convincing an organisation to implement ITIL v3 when they are happy with the v2 already in operation. 9. Already have some best practices in place: There are many best practices that can be adopted by IT Service Management for example there are societies and institutes for change management, asset management and service desk management while there are also more specific best practices and support tools such as COBIT, CMMI and Six Sigma. It is quite possible some of these have already been adopted by some IT functions in which case will be difficult, and in many cases undesirable to remove them for ITIL. The rest

of the ITIL components could be implemented but only to compliment those practices not to remove them. 10. No Credible sponsor or champion: Most projects that are multi-dimensional, that cross departmental and functional boundaries need a focal point to provide status, guidance, integrity and impetus. Implementing ITIL is one of those projects because of the sheer scope of ITIL it will require diverse IT functions to work together as a cohesive unit which is why a figurehead is so important because it provides a single point for authority, decision making and delegation. Without a sponsor or champion it is difficult to achieve fully integrated ITIL services.

Methodology and framework So there we have it ten valid reasons why we may choose to not fully implement ITIL. Remember it is not a sign of defeat or weakness to not fully implement ITIL in fact in many cases it shows diligence and awareness. Maybe we should remind ourselves of the difference between a methodology and a framework: Methodology: A body of practices, procedures, and rules used by those who work in a discipline or engage in an inquiry; a set of working methods. Framework: A set of assumptions, concepts, values, and practices that constitutes a way of viewing reality. IT continually ebbs and flows with new technologies being introduced with an increasing frequency IT must remain supple and flexible enough to react and adapt to these new technologies. We cannot do this if we adopt rigid methodologies. Every ITIL project should start with an open mind which means accepting from day one that it is not necessary to fully implement ITIL but it is prudent to create a Service Management function that is ‘fit for purpose’. VitAL www.TheITILLiteBook.com www.vital-mag.net

VitAL eyes on

Scooby Doo Where Are You! With Facebook Places it’s never been easier to get yourself or your business on the map. Jonathan Westlake reports.

Yes ITIL has it faults but so do other best practices. One of the reasons driving this negativity is the complexity of implementing ITIL v3. It is totally valid not to fully implement ITIL after all it is a framework not a methodology, isn’t it? As a framework you should be building a service that is fit for purpose and as such may not include all of the ITIL components.

www.vital-mag.net

here can be no doubt that Facebook has been in the news recently with stories ranging from privacy concerns to the recently launched film covering the origins of Facebook. Now I’m a self confessed user of Facebook and I use it from an educational point of view and also privately for social use. So in Facebook speak I have a ‘presence’. I am particularly interested in the use of Facebook on the move via an internet enabled mobile such as iPhone or an Android phone. One very recent addition to the Facebook stable is the Places facility. When this became available in the UK in August there was an outcry about a potential further infringement of privacy. In this case people would be able to see where you were. Indeed one of my local radio station presenters insisted this was bad technology despite my best efforts to appease his concerns! To briefly explain how Facebook Places works. The essential idea is that users can ‘check in’ their location and their Facebook friends not only see the message but the location on their mobile or on their PC/Mac. This application uses Global Positioning System (GPS) location and can therefore includes a map but it can also include a business address like a hotel or coffee bar. For example, one of my Swedish friends was over in the UK recently and mentioned, using Facebook Places, that she was in Cardiff. It displayed her location and the name of the hotel she was staying at on my mobile. If I had been in Cardiff no doubt I could have arranged to go round. Facebook Places has potentially great use for socialising but I am more interested in the use by businesses as a means of

promoting their services and location. To this end a business can claim a Facebook Place and once approved this will display on a user’s mobile phone in a directory (see the references at end of article). In summary this is an applied use of location-based services that combines the best of the Internet’s available technologies: maps, location via GPS and internet enabled content about a firm. And the best bit? Facebook Places is free! Get your Place registered and let Facebook users do the work for you. We now know where Scooby Doo is, as long as he has checked in! VitAL Useful references: www.facebook.com/places/ www.facebook.com/help/?page=1159 November / December 2010 : VitAL 41

vital processes

Does my business really need to embrace ITSM and if so, why? Following last month’s look at the transition from ITIL v2 to v3, Wardown Consulting director and acting CEO of itSMF UK, Rosemary Gurney tells VitAL why service management is crucial for the modern IT business.

t is well recognised that far too often IT fails to fully appreciate the nature of the business it underpins. This failure represents a disconnect which fundamentally results in IT failing to meet the business’s expectations and needs. The business’s reliance on IT in all organisations means that technology is now seen like a utility as fundamental as gas, water and electricity. Moreover, there is a real need for IT to act as an enabler so the business can fully realise the opportunity that technology affords them in their market. Service Management is a key method for IT services professionals to focus on business delivery rather than the technology. 42 VitAL : November / December 2010

The alignment of business and IT Service Management at its best should provide solutions for business problems as well as offering business opportunities. By using Service Management practises in a consistent and repeatable way you can measure how your organisation is growing and this in turn matures the organisation’s business focus. A key component in this Service Management picture is ITIL. From its origins here in the UK it has grown to become an international framework of recognised best practise in IT delivery. It offers common sense that focuses on delivering value to the business. www.vital-mag.net

vital processes

ITIL’s ‘adapt and adapt’ approach means that organisations of all forms can benefit from any or all of the best practices it champions. The service lifecycle approach that it promotes enables IT provision to be more suitably aligned to the actual business outcomes so that IT services are delivered in efficient and effective ways to meet the present and developing business requirements in a timely fashion. The right IT, for the right reasons, in the right place at the right time for the right cost.

The ITIL lifecycle Service Strategy: “The future belongs to those who prepare for it today” Malcolm X 1925 –1965 Having a service strategy which identifies and translates the organisations journey into IT requirements is crucial. Understanding who the customer is and what they need in relation to your own capabilities, strengths and weaknesses is the starting point. And if you can’t deliver everything that your customers require then you can seek out partners with these capabilities and develop your service with them. Strategy is really all about making sound decisions and establishing what you are going to do. Service Design: Service design is the translation of the ideas defined in Service Strategy into blue prints for success. You have to look at what you have and design in change if necessary. This includes making sure that you have the right people and the right partners. To get the design right, you need to make sure your customers’ requirements are all met. It is about mapping the right people (their skills and capabilities), processes (such as Incident, Problem and Change), products (technology hardware and software) and partners (third party vendors and suppliers) in order to satisfy the business outcomes that they are seeking to achieve. Design the measuring and the metrics of the solution. It is ultimately about improving the customer service and you can’t improve it without measuring how good or bad it is in the first place. This should be done in a repeatable way to reduce risk to key business systems. Done correctly it should also save money. Design always takes total cost of ownership into consideration. www.vital-mag.net

Service Transition: Far to often in the past the uncontrolled release of IT into the live environment, just chucking stuff over a wall and seeing what happens, has been proven to be the quickest way to undermine the live environment and ruining the perception of IT in the eyes of the business. It is only through the considered build, test and implementation of the right solutions in the right way that will provide the necessary level of stability and support the business truly needs. All the planning and setting of success criteria needs to be established early on. Change must always be managed in a controlled, flexible and repeatable way Service Operation: “The customer doesn’t expect everything will go right all the time; the big test is what you do when things go wrong,” Sir Colin Marshall, former CEO of BA. Service operation is where the customer finally sees a return on its investment from IT. It is the point where the technology is managed, processes followed and the services delivered. This includes Incident and Problem management and is where the Service Desk has its biggest influence since the IT has been suitably planned, designed and optimised so the customer is able to see the real value that is being delivered. Continual Service Improvement: Continual Service Improvement is about developing a momentum of enhancement based on leaning and improvement, seeking to continually to improve the IT delivery. Through reviewing IT’s approach across the lifecycle from cradle to grave, it ensures that the services and the mechanisms behind them are subject to a constant cycle of review and improving levels of effectiveness and efficiency in line with the developing and changing needs of the business.

Where do I start? “A journey of a thousand miles begins with a single step,” Lao-Tzu 604 BS-531 BC. You have to sit down and think ‘where do I want to be’. By using maturity scales it is possible to identity how it can be done. You need to find out where you are on the journey to assess how and exactly where to start and where you want to be as an organisation. From there you can plan your journey. As long as you retain your focus you should end up where you need to be. VitAL www.wardownconsulting.com

Design the measuring and the metrics of the solution. It is ultimately about improving the customer service and you can’t improve it without measuring how good or bad it is in the first place. This should be done in a repeatable way to reduce risk to key business systems. Done correctly it should also save money. Design always takes total cost of ownership into consideration.

November / December 2010 : VitAL 43

vital interview

The gold standard After 50 years serving industry as the ‘Gold Standard’ in organisational issue resolution Kepner-Tregoe has chosen Operational and Service Excellence as its core vertical markets which can only be good news for IT Service Management. Regular VitAL columnist and the company’s global application manager, Steve White explains their philosophy.

44 VitAL : November / December 2010

www.vital-mag.net

vital interview

s a global provider of consulting and training services, Kepner-Tregoe (KT) says it helps its clients implement their strategies by embedding problem-solving, decision-making, and project execution methods through individual and team skill development and issue resolution process improvement. According to the company clients build competitive advantage by using its systematic approaches to achieve rapid, targeted results and create lasting value. Since 1958, the company has studied how effective business leaders manage difficult business challenges. It aims to incorporate their habits into repeatable, logical, and consistent methods for resolving problems, making decisions, planning ahead, and managing people and projects. KT helps individuals and organisations to meet everyday business challenges with improved processes and new approaches to quality, competitiveness, cost, cycle time, www.vital-mag.net

business strategy, or other issues. Many clients embed its systematic methods into the way work is done, transform their organisations, and achieve quantum leaps in performance according to the company. Steve White should be familiar to all VitAL readers; he pens the regular ‘VitAL Signs – Life in the world with IT’ column in this magazine. But his day job is to provide global leadership for KT ResolveSM, a systematic approach to achieving step-change improvements in the quality, speed, and cost of technical support operations. As product manager, he collaborates with client and Kepner-Tregoe teams to develop improvement programmes that combine process improvement, skill development and performance management to achieve rapid, targeted results and lasting value. VitAL asked Steve White to explain the KT company philosophy...

The place in a company

VitAL: What are the origins of the company; how did it start and develop; how has it grown and how is it structured? Steve White: Kepner-Tregoe was built on the premise that people resolve issues more effectively when they approach problems and decisions in a rational manner. While working for the Rand Corporation in the 1950s, Dr Charles Kepner and Dr Benjamin Tregoe, conducted research on breakdowns in decision making at the American Strategic Air Command. They discovered that successful decision-making by Air Force officers had less to do with rank or specialism than the logical process an officer used to gather, organise, and analyse information before taking action. Kepner and Tregoe spent thousands of hours observing the practices of both effective and ineffective decision makers responding to complex, repetitive challenges. Based on their initial research, they founded Kepner-Tregoe and their findings became the foundation for ‘Rational Process’, the Kepner-Tregoe method for effective organisation management. Their

historical event that KT

where we find universal application is in the IT support department, specifically in the Incident and Problem Management team. The most well known

had an influence on is the Apollo 13 ‘Incident’, where successful incident management was literally a matter of life or death.

November / December 2010 : VitAL 45

vital interview

Our goal is always to create transformative results for our clients. We have programmes and processes that form the foundation of our work and we customise these to exceed the market demands our clients face. The need for people to maintain rational approaches to their work in the midst of complex workplace conditions has not changed. Our core processes have stood the test of time and are today more relevant than ever.

book, The Rational Manager, (McGraw Hill, 1965) has become a business classic. At the same time that Mr Hewlett and Mr Packard were tinkering with computers in their garage in Palo Alto, Ben Tregoe and Chuck Kepner were founding KT in Ben Tregoe’s garage in Pacific Palisades, California. KepnerTregoe has since built a network of offices that circles the globe. We specialise in data-rich, information-poor environments where multiple stakeholders are engaged in problem-solving or decision-making: where there is a high cost of failure and a high value in success. In addition to finance and IT support in all industries, these environments include the nuclear industry, pharmaceutical manufacture, oil and gas production, mining, and continuous process manufacture. VitAL: Is that specialisation to make the best use of skills in the company or because it fits the company’s world view or has it simply evolved? SW: What we do today employs the core principles from the body of work created by our founders. As the rate of business complexity speeds up, our services evolve to meet today’s challenges. The IT support world embraced a core KT approach decades ago and these methodologies were included in all three versions of the ITIL framework. IT professionals have been using KT processes with a particular focus on IT Problem and Incident Management driven by worldwide customer interest and demand. VitAL: How has any specialisation influenced the company’s general stance? SW: Over the decades KT has realised that in order to add significant value to clients it needed to evolve from a pure training company to a ‘solutions company’. We realised that while training clients in Rational Process made advances in workforce productivity, it was not the answer to solving the complex business issues that abound today. As a true solutions provider KT now integrates its methodologies into the business processes and performance systems of our clients to maximise bottom-line results. So, in a chameleon-like way, we work inside of existing systems so this improved process will be sustainable. VitAL: who are the company’s main customers today and in the future? SW: The place in a company where we find universal application is in the IT support department, specifically in the Incident and Problem Management team. The most well known historical event that KT had an influence on is the Apollo 13 ‘Incident’, where successful

46 VitAL : November / December 2010

incident management was literally a matter of life or death. NASA had already prepared itself to think correctly under pressure by adopting KT processes years beforehand. In the ‘bubbling’ boiler-room of incident management, their ingrained experience in KT processes - and the resulting alignment of their personal ‘operating systems’ – contributed to a return to ‘systems normal’. The complexity of the incident, and a quarter of a million miles between the team and the hardware may have meant it took months to find the root causes, but service was restored with speed and efficiency to get the mission home safely. VitAL: What is the company’s business model, ie, does it select a market and then design solutions to meet the needs of that market or does it specialise in particular solutions and seek markets where those solutions are needed? SW: More the latter than the former. Our goal is always to create transformative results for our clients. We have programmes and processes that form the foundation of our work and we customise these to exceed the market demands our clients face. The need for people to maintain rational approaches to their work in the midst of complex workplace conditions has not changed. Our core processes have stood the test of time and are today more relevant than ever. Unlike IT technical knowledge that has a shelf life of just a few years, KT core processes have a permanent and scalable capability. The personal ‘return on investment’ from getting good at these rational processes is life-long. VitAL: What is the company’s commitment to corporate social responsibility, ie, ‘green’ issues? SW: We are wholly committed to the importance of CSR to both our and our clients’ businesses. Over the past few years we have moved from printing our materials in one central location to a model where this takes place closer to our customers, saving valuable travel miles. In addition, many of our industrial clients who have deployed our processes department-wide have benefited from large savings in scrap, waste, logistics and reworking. And, recently we have developed a ‘Distance Learning’ delivery model for our training and coaching service. This, in turn, eliminates the need for clients to travel, reducing their carbon footprint. VitAL: How is the company encouraging social responsibility in its customers and the wider world? SW: Through its support of the non-profit, www.vital-mag.net

vital interview

TregoED, Kepner-Tregoe is helping ensure that today’s students and teachers have access to the same powerful critical thinking and collaborative decision-making strategies that KT provides to its customers. Via its highly-regarded workshops, TregoED offers school and district leaders the opportunity to learn strategies for developing consensusbased solutions to the complex problems today’s educators face. In addition, TregoED has developed an innovative classroom tool which helps students collaborate and apply critical thinking strategies in order to make well-developed arguments and better, more thoughtful choices. TregoED workshops and tools feature Kepner-Tregoe strategies which have been adapted for use in the educational arena. VitAL: How does the company communicate with vendors and customers? SW: As collaboratively and relevantly as possible. For KT alumni we host an online user community called the KT Circle. This is currently at 3,000 members and growing. We also host and participate in a number of on-line forums including LinkedIn, Facebook and Twitter. Our website (www.kepner-tregoe. com) offers many opportunities for current and past clients to contact us as well as read case studies and white papers – and view webcasts. However, with over one million people trained to use KT core products it has been difficult to stay in touch with such a large group. We often have people contact us saying “I attended a KT workshop 20 years ago as an engineer. Now I’m CIO and interested in getting you involved in helping my organisation”. Our workshops are a great way for a company to explore the value of KT within their organisations. We also attend a number of key conferences and exhibitions throughout the year. VitAL: What does the product range cover? SW: Moving aside our manufacturing-focused services, KT offers a unique suite of process solutions for support and service environments that we call KT Service Value ManagementSM (SVM). SVM is aimed at maximising CustomerLifetime-Value. Our core product here is KT ResolveSM. This solution, takes a support environment through the implementation of good quality consistent troubleshooting for IT support staff including, managers and directors up to the CIO. Our experience in helping big and small support organisations deploy the KT processes allows us to prevent management teams from making critical errors in implementation. That way we can identify and leverage the best practices an organisation currently has in place. Core training is supported by a KT coaching www.vital-mag.net

workshop (‘how to coach KT processes’) and a facilitation workshop (‘how to facilitate KT processes to drive results’). The ‘Trainthe-trainer’ workshop is where we transfer our process capability to our clients, and our Implementation workshop is where we show our clients how best to implement KT in their organisations. KT ITSM Problem & Incident Management is a public session workshop that is an excellent first step. The workshop and syllabus is supported by a Foundation exam from ISEB. VitAL: What is your view of the current state of IT Service Management and IT in business and the economy in general, the challenges and the opportunities? SW: The key challenge here is the growing complexity of the IT environment, which is clashing with constant reductions in IT budgets. Everyone needs to do more with less. This means even higher levels of productivity need to be accomplished by: solving problems faster, reducing recurring issues, and identifying capabilities that are scalable across multiple product platforms. We believe that IT organisations will have to reassess their strategies to identify who their key business customers are and choose the most critical applications for these IT users. All other applications and services should be considered for outsourcing. VitAL: Has the company grown organically or by acquisition and how much is growth expected in the future? SW: Largely, KT has grown organically. The company is exploring new growth strategies which include geographic expansion and building a channel (reseller) business as well as different forms of licensing of its successful model. VitAL: What are the future plans for the business? SW: After 50 years serving a wide number of industries as the ‘Gold Standard’ in organisational issue resolution KT has chosen Operational and Service Excellence as its core vertical markets. This focus will bear fruit in the form of new services and applications for IT, Support, Quality and Manufacturing functions in several industries. VitAL: Any other points you would like to add? SW: None, other than we are very excited about our new direction and the body of work that lies front of us. VitAL: Steve White, thank you very much. VitAL

www.kepner-tregoe.com November / December 2010 : VitAL 47

vital planet

Why reuse is better than recycling Reuse of functional IT equipment is the environmentally superior recovery option and this is before we consider the additional socioeconomic benefits it reaps. Computer Aid International collects, reconditions and distributes used computers to the developing world, here the charity explains why it believes reuse is the greenest option.

nd-of-life IT equipment forms part of an exponentially-growing pile of global e-waste–all those unwanted televisions, kettles, washing machines, stereos, light bulbs, and myriad other electronics that have or could enter the waste stream. Europeans alone generate some 20 kg of e-waste per year and according to the UN, 200 million computers and 550 million mobile phones reached the end of their life in 2008. Numerous attempts are under way to stem the rising e-waste tide. While the specifics of each country’s approach differ, in the main all aim to increase the separate collection of e-waste and its recovery by reuse and recycling. However, of these two options, recycling is often the default end-of-life response, regardless of whether the equipment is at the end of its useful life.

48 VitAL : November / December 2010

Production IT equipment production is energy and material intensive, and the equipment contain substances that are hazardous, valuable or both, so keeping them out of landfill makes clear sense. High levels of product replacement and the concentration of energy intensity in the ICT production rather than use phase (80 and 20 percent, respectively) means that any activity that extends the life of the equipment, such as reuse–should be prioritised. Reusing working computers is up to 20 times more energy efficient than recycling them. Also, reuse has lower resource depletion costs than recycling. Thus, the waste hierarchy, which has reuse as more environmentally beneficial than recycling, equally applies to unwanted IT equipment as to other wastes. While IT

equipment is often replaced long before the end of its productive life, its reuse brings additional benefits, such as providing access to those unable to afford new equipment. The superior performance of reuse has been recognised in EU legislation. The Waste Electrical and Electronic Equipment (WEEE) Directive contains language that prioritises reuse, though a lack of specific reuse targets means that recycling often becomes the practical reality. More needs to be done in the EU and elsewhere to reap the many benefits of reuse. Producers must maximise the reuse potential of their goods through effective product design and consumer education about the environmental benefits of reuse Consumers must maximise the use phase, either by postponing replacement or providing www.vital-mag.net

vital planet

A 2002 study suggested that a two-gramme memory chip requires 1.3 kilograms of fossil fuels and chemicals. Also, a 2003 analysis revealed that at least 240 kilograms of fossil fuels, 22 kilograms of chemicals and 1,500 kilograms of water are required to produce one desktop computer.

50 VitAL : November / December 2010

it to a second user. Governments must take necessary steps to ensure that, in accordance with the waste hierarchy, reuse is prioritised by legislating reuse targets and standards.

Reuse is better than recycling Waste management is often conceptualised in terms of a ‘waste hierarchy’, which ranks the different ways in which we can manage waste in order of relative environmental benefit. This hierarchy is reflected in various legislative frameworks, such as in the EU, where current policy first aims to prevent waste, then to reduce waste disposal through reuse, recycling and other waste recovery operations. Reuse is a form of upstream management, or ‘source reduction’, which refers to those strategies that reduce the size of the incoming waste stream. Reuse sits higher up the hierarchy than recycling because the latter can demand high amounts of energy and other inputs (for transport, disassembly, destruction and other processing) to recover the desired product fractions. Recycling does not always recover all of the raw materials, creating residual wastes that will require disposal. Also, even if a recycling process recovered 100 percent of materials from a product, this does not account for wastes generated during its manufacture, which can be considerable. In the case of e-waste, recycling is often the favoured management method, though it is

not necessarily the best one. This is particularly so when we consider one part of the e-waste supply chain: unwanted PCs. Compared to some other waste electronics, for PCs, the environmental ‘payback’ of recycling is relatively small. This is due to the concentration of energy intensity in PC production and typically short life spans of their actual use, fuelled by rapid product innovation and high levels of replacement. For instance, for a refrigerator, 88 percent of total energy use goes into running the device, so activities that improve usephase energy consumption, like designing a newer, more efficient machine, makes the most environmental sense. On the other hand, only 20 percent of total energy use goes into running a computer; the rest is in its manufacture.

What’s to be gained by reusing All waste streams, if managed improperly, can have negative impacts on the health of humans and the environment. Waste also represents a loss of resources, such as the metals or other recyclable materials or energy it contains. Therefore, sound waste management is crucial to mitigate these impacts and losses. In the case of end-of-life PCs, management decisions must consider the high energy and material investment involved in their production, and their toxicity. The complexity of their parts, such as printed circuit boards and memory www.vital-mag.net

Subscribe FREE to the most VitAL source of information e ag -p 16

/ June 2010 Volume 3 : Issue 5 : May

vital vital : ige ide L D Ins VitA

mod ern busin ess Inspi ratio n for the

VitAL : Inspiration for the modern business

for the modern business VitAL : Inspiration

vital

Inspiration for the modern business Volume 3 : Issue 6 : July / August 2010

Inspira tion for the moder n busine ss Volume 4 : Issue 1 : September / October 2010

IT delivers for Britain

standard IT Broadcast adc aster’s IT strategy The world’s biggest bro

How to do more with less in the public sector

5 : May/June 2010 Volume 3 : Issue

Volume 3 : Issue 6 : July/August 2010

A perfect storm

Rediscovering the value of IT

Dave Ramsden says it’s time to add more value

Reaching cloud nine

Securing the IT estate

Selecting the right cloud partner

Doing more with less

Greening the enterprise

climate IT in a tough economic

Punching above your weight

Using the cloud for rapid growth

The need for speed

Strategies for going green

Does faster broadband mean faster applications?

THIS ISSUE: CLOUD COMPUTING SPECIAL VISIT VitAL ONLINE AT:

WWW.VITAL-MAG.NET

VISIT VITAL ONLINE AT: WWW.V ITAL-MAG.NET

News, Views, Strategy, Management, Case Studies and Opinion Pieces

vital Inspiration for the modern business

www.vital-mag.net/subscribe 31 Media will keep you up to date with our own products and offers including VitAL Magazine. If you do not wish to receive this information please write to the Circulation Manager at the address given. Please tick here ■ if you do not wish to receive relevant business information from other carefully selected companies.

vital planet

chips, means that PC manufacture demands much more energy and other inputs than many other consumer products. A 2002 study suggested that a twogramme memory chip requires 1.3 kilograms of fossil fuels and chemicals. Also, a 2003 analysis revealed that at least 240 kilograms of fossil fuels, 22 kilograms of chemicals and 1,500 kilograms of water are required to produce one desktop computer. While we could expect there have since been advancements in production processes to decrease some of these material and energy requirements, efficiency improvements are likely to lag other industry innovations. Thus, the implication is clear; making computers is a costly exercise. Modern electronics can contain up to 60 elements; many of these are valuable, some are hazardous and some are both. Inappropriate disposal or recovery of electronics can generate significant levels of hazardous emissions. Also, many of these elements are scarce and under increasing demand. Supply of 14 of the minerals used in modern electronics is at critical levels, with demand for these materials expected to triple by 2030. Raw materials for electronics are primarily supplied through mining, which demands large amounts of land and energy and generates 52 VitAL : November / December 2010

numerous harmful emissions. For instance, 10,000 tonnes of carbon dioxide emissions are generated to produce one tonne of gold, palladium or platinum. Additionally, the social impacts associated with the extraction of materials that are used in electronics are a significant concern. Diverting PCs from landfill is clearly desirable. Recycling, using appropriate handling techniques, can help avoid hazardous emissions while recovering valuable materials, and may reduce the greenhouse gas emissions associated with production of new equipment and mining. Reuse avoids the need to extract more valuable resources or expend energy in the manufacture of new equipment.

IT boom, waste, bust? Rapid product innovation and replacement, plus economies of scale that have driven down prices means that there is burgeoning global demand for PCs. For instance, by 2008 the billionth PC was installed, a figure that could double by 2014. Emerging markets are increasingly contributing to this demand. For instance, some 14 million PCs were sold in China in 2005, adding to the more than 48 million TVs and nearly 20 million refrigerators sold there in 2001.

Clearly, when these goods are no longer wanted, we have a significant waste challenge to meet. This means that any activity that extends the lifespan of a PC to avoid superfluous manufacture is a key strategy to mitigate its environmental impacts. Indeed, a 2003 study suggests that reuse is 20 times more energy efficient than recycling. Increasing the life span of PCs through reuse, is also beneficial when we consider the depletion of the many resources that go into their manufacture. A recent analysis that modelled the resource depletion costs of computers and mobile phones demonstrated a significant decrease in costs when their average in-use lifespan was extended. The same benefit was not at all evident under scenarios of increased recycling. This is likely due to the complex composites in PCs and phones (like semiconductors) that require high tech partitioning processes, and the fact that mineral recovery can be inefficient and imperfect (creating residual materials that require other treatment), and often creates lower grade minerals as output. Such outputs are not necessarily suitable for the manufacture of new electronics; here, demand for new PCs will contribute to overall demand for new raw materials. Thus, any activity that delays this, such as reuse, should be prioritised. www.vital-mag.net

VitAL Drive: IT hits the fairway

Victory for Europe As IT manager for the Professional Golfers’ Association, Geraint Lewis has recently returned from an intense few days at the Ryder Cup in South Wales.

Social and economic benefits Reuse has additional social and economic benefits. For example, PCs are vital for modern business function and can increase access to education and health services. The ‘digital divide’ contributes to the wealth gap and the expense of IT is one major contributor to this divide. The lower purchase cost of refurbished equipment can make it available to those that could not afford it new, and can contribute to achieving economic and social development goals. Also, the reuse industry can create income-generating opportunities. UN estimates show that compared to PC disposal, reuse creates 296 more jobs for every 10,000 tonnes of material disposed of annually. Indeed, in terms of e-waste management, the superior environmental performance of reuse has already been recognised in legislation. The WEEE Directive aims to minimise the impact of electrical and electronic goods on the environment, by increasing reuse and recycling and reducing the amount of e-waste going to landfill. In line with the waste hierarchy, preference is given to reusing whole appliances. Like other waste streams, there are environmental and human health benefits to be gained by diverting unwanted ICTs from landfill. These benefi ts are particularly relevant to PCs, given the high energy and material intensity involved in their production. When equipment has reached the end of its productive life, recycling - when using appropriate techniques that protect the health of humans and the environment - is certainly a part of a responsible e-waste management chain, inasmuch as it can help avoid harmful emissions from the hazardous fractions of electronics and recover valuable resources. The reality is that often unwanted PCs are not actually end-of-life; many have a productive lifespan that far exceeds typical use. These artificially short life spans drive additional, unnecessary production and waste generation, magnifying the environmental impacts associated with the manufacture of PCs. VitAL www.computeraid.org

s I type my column, my waterproofs have just emerged from the washing machine after the third attempt to remove the remainder of the Ryder Cup Mud from them. Yes, as Max Boyce once said, “I was there” and rather than being Monty’s Magic Monday it was more like Monty’s Muddy Monday. Despite the worst of the Welsh weather, the Celtic Manor 2010 course provided the stage for yet another fantastic Ryder Cup and with the tightest of finishes, Europe claiming back the famous golden trophy by half a point from a gutsy US Team. We witnessed once again some great golf being played over the four days. Firstly, the US taking the lead on a rain wracked Friday; honours even on Saturday; Europe in front with an almost clean sweep of the Sunday Session; and then Europe doing just enough to hold on for the win on Monday, when the sun shined and the crowd of 35,000 witnessed a thrilling final day. My highlights of the week, apart from the golf? The crowd playing their part with some fantastic banter with players from both teams, while still respecting the etiquette of the game and applauding both sides’ shots.

It was also amusing to see the US Team having to purchase waterproof clothing from the public merchandise tent after the failure of their equipment to cope with the worst of Friday’s downpour, did they have to charge it to Cory Pavin’s Ax Ex card I wonder? On Monday I noticed a significant number of people, dodging the cameras as they swept over the crowds, leading me to believe they had phoned in sick to allow them to return to the course for the singles matches. A few Ryder Cup Facts for the ‘Statos’ amongst you: - Approximately seven miles of crowd control barriers were used around the site. - About 300 buses ferried 45,000 punters a day in and out, and once they arrived they devoured 20,000 portions of fish & chips, 5,000 bottles of bubbly, 132,000 pints of beer, 10,000 bottles of wine and 1,500kg of Welsh cheeses. - An estimated 80 live cameras – plus 22 hi-tech 3D cameras – beamed pictures into approximately 620 million households via 50 different broadcasters who had 850 TV staff working on the event. - Meanwhile, some 1,000 accredited media pored over every on-course move as 100 courtesy cars ferried the players and VIPs around the manor while 320 golf buggies were in operation as 7,000 staff staged an event fit for sporting and celebrity royalty. The final fact is of course: - One team of twelve golfers from UK and Europe, beat one team of twelve golfers from USA by 14.5 points to 13.5 points. VitAL November / December 2010 : VitAL 53

vital planet

Not my department? A recent survey by the green IT specialist Externus revealed that responsibility for green initiatives is unclear in many businesses. Here, managing director Murray Sherwood discusses the findings of the review and explains why it is essential that organisations define and implement company-wide green IT strategies.

n office-based environments there are limited opportunities to reduce carbon but many offices are unaware that in some cases IT represents over half the overall energy usage. Many large organisations already have environmental policies but these often overlook the contribution of the IT department and can contain false or misleading claims that are easily identifiable as â&#x20AC;&#x2DC;greenwash.â&#x20AC;&#x2122;

The survey In order to create a snapshot of attitudes and green IT adoption in UK businesses, earlier this year Externus undertook a survey in which we invited individuals from a variety of different organisations to submit their views. The professionals who responded included IT workers, directors, and CEOs, from enterprise organisations, in sectors including finance, telecoms, retail, local government and healthcare. In some areas, the results were largely as expected, but in other areas we were surprised that many professionals were uninformed, particularly in relation to green legislation which could result in the company facing financial penalties. Another significant outcome of the survey was the discovery that responsibility for implementing green measures in businesses 54 VitAL : November / December 2010

www.vital-mag.net

vital planet

is being taken-on by staff in a variety of different positions and it is not always clear who is responsible for green strategies.

What is being done in practice? Most businesses surveyed (89 percent) reported that paper recycling facilities were available in their organisations and that equipment was turned off when not in use in three quarters of companies. Plastic recycling was undertaken at 67 percent of organisations, with glass in slightly fewer (58 percent). Printers had been set up to print double-sided in 59 percent of companies and just over half were applying advanced IT strategies such as virtualisation. Fewer organisations (35 percent) prioritise ‘green’ business supplies when purchasing materials.

Why isn’t everyone going green? Eighty percent of organisations said that green issues were important to their company because they believe that all businesses have an ethical responsibility. Other reasons for ‘going green’ included improving customer (54 percent) and industry (40 percent) perception. In 38 percent of organisations, green measures were written into existing business policies, while 24 percent said that legislative requirements were a motivating factor. The small percentage that admitted green issues were not important to their business said that it was because they did not see the business benefits (16 percent); or they did not want staff to ‘waste’ time (14 percent). In a small amount of cases (five percent) respondents feared that highlighting green issues in the organisation may lead to unwelcome criticism from external sources. In terms of business priorities as a whole, the three major objectives for organisations – many of whom are still feeling the effects of the economic downturn – were identified as profit growth/sales (54 percent), generating new business (20 percent) and making efficiencies (21 percent).

What contributes to carbon emissions in businesses? Energy is used in buildings for space heating, cooling, ventilation, lighting, hot water and for electrical appliances. Combined, these applications result in buildings being responsible for about 40 percent of all UK CO2 emissions. In the research findings, most respondents believed that heating and air conditioning www.vital-mag.net

generated the most carbon emissions (44 percent). Twenty-eight percent said that they thought transport had the biggest impact, while the IT department was identified by just 21 percent. All of these necessary business requirements contribute to a company’s carbon footprint in different ways. IT, for instance, is directly responsible for the production of substantial amounts of greenhouse gas emissions, electronic waste disposal and toxic production methods.

Who is responsible for green improvements? The majority of the UK professionals surveyed (34 percent) reported that, in their organisations, directors and senior management were in charge of green initiatives. For other businesses, responsibility was mixed; 13 percent said that it fell to a dedicated ‘green’ person, while 17 percent identified the facilities manager. Over half of individuals surveyed (56 percent) said that green improvements are on their company agenda, while a further 30 percent said that they are ‘occasionally’ planned for. Just eight percent reported no plans for green improvement, while six percent did not know. The results show clearly that, in most organisations, the desire to make improvements – whatever the motivating factor – clearly exists. Yet for any changes to be successful, the green IT process should be holistic and therefore requires commitment from all areas of the business. When asked directly who was responsible for implementing green measures, it was overwhelmingly CEO-level or senior management (34 percent). For other businesses, responsibility was mixed; 13 percent said that it fell to a dedicated ‘green’ person, while 17 percent identified the facilities manager. Other roles identified as having environmental policy responsibilities included office managers/ administrators (six percent) and human resources (four percent). Eight percent said that they did not know and 11 percent said that nobody within the organisation held responsibility. Defining or understanding who in the business holds responsibility is of great importance if sustained green improvements are to be made. A potential reason for the failure of green IT, or indeed any other change management programme, is

According to Gartner, who listed ‘IT for green’ as one of its top ten strategies for 2010, IT is an enabler for other green initiatives. The use of IT, particularly amongst white collar staff, can greatly enhance an organisation’s green credentials by promoting the use of e-documents, reducing travel and teleworking.

November / December 2010 : VitAL 55

vital planet

A high ranking could enhance reputation with customers, suppliers, business partners, employees and investors alike. It is expected that a company’s position in the league table with respect to their competitors could have a big impact on their reputation and brand value. Consequently, companies that end up lower in the league table will pay more and without considerable action, the process is likely to add cost to many businesses’ products and services and could damage reputation.

because of a lack of proper planning at CEOlevel or director-level. If the project is too ambitious with no ‘quick wins’ or successes in the early phases, this can also leave people very disillusioned. A successful project will therefore typically have a combination of vision, quick wins and direction.

How can green IT help? According to Gartner, who listed ‘IT for green’ as one of its top ten strategies for 2010, IT is an enabler for other green initiatives. The use of IT, particularly amongst white collar staff, can greatly enhance an organisation’s green credentials by promoting the use of e-documents, reducing travel and teleworking. The survey commissioned by Externus showed that the areas of business which respondents felt most benefited from green improvements included IT (67 percent), marketing (52 percent), finance (51 percent) and human resources (39 percent) – all of which are either highly process-driven or are public-facing. Gartner believes that IT can also provide the analytic tools for others in the organisation to use to reduce energy consumption in the transportation of goods and other carbon management activities. Operationally, IT is at the heart of most organisations. Clearly defined, a green IT roadmap can therefore be used as a catalyst and enabler for change throughout the organisation, improving IT applications and equipment use as well as the organisation as a whole. For instance: • Remote working can reduce not only commuter miles but overall energy use 56 VitAL : November / December 2010

by reducing the amount of dedicated office space; • Smart energy applications adjust energy consumption to real-time need patterns and climate conditions, resulting in dramatic reductions in waste; • Virtualisation can eliminate hardware and increase utilisation, thereby reducing energy and floor space.

Legislation The Externus survey showed that 71 percent of business professionals had no idea whether or not their company will be affected by the Carbon Reduction Commitment (CRC) energy efficiency scheme, the UK’s new domestic cap and trade initiative – despite the fact that the legislation was introduced in April 2010 and the deadline for registering for the scheme was September 30. Over 54 percent had not even heard of the CRC energy efficiency scheme, which has been created with the aim of stimulating energy efficiency in organisations. In total, approximately 5,000 large, nonenergy intensive businesses will be affected by the CRC, including most corporations and sizeable companies. The first major impact of the legislation, which will affect companies on a yearly-basis, will be the release of league tables in October 2011. Published, one year on from the CRC energy efficiency scheme registration deadline of 30 September, the tables will show exactly how energy efficient businesses actually are. A performance league table will rate and compare the participants’ carbon reduction efforts. A high ranking could enhance reputation with customers, suppliers, business partners,

employees and investors alike. It is expected that a company’s position in the league table with respect to their competitors could have a big impact on their reputation and brand value. Consequently, companies that end up lower in the league table will pay more and without considerable action, the process is likely to add cost to many businesses’ products and services and could damage reputation. Rather than forcing companies to spend money in levies simply to comply with legislation, a Green IT Assessment can help organisations to understand and adapt to climate change regulations and, at the same time, give a clear, manageable change plan that shows how improvements will bring a real and demonstrable return on investment.

The bottom line When you consider that in some offices IT represents over half of all energy usage, it’s easy to see why it’s important that organisations align their IT strategies with sustainability goals. Motivating factors such as a sense of environmental responsibility, legislative requirements and the desire to improve public image mean that some businesses and IT departments do consider environmental issues, while others perceive any investment as potentially being too costly. Whatever the motivation, the business benefits of a clearly-defined and implemented holistic green IT strategy are numerous; not only can green IT drive significant reductions in IT-related energy usage, it can also help to achieve multi-million pound cost savings on IT budgets and enhance reputation and brand value. VitAL www.externus.co.uk www.vital-mag.net

itSMF 2010 London Conference & Exhibition Preview

itsmf preview

London calling VitAL’s 16 page preview of the itSMF UK Conference. The itSMF, this year at the Novotel London West on the 8th and 9th November 2010, is now in its 19th year and going strong. It is the annual event for IT Service Management professionals, offering education, networking and an annual awards dinner all under one roof.

n its nineteenth year the itSMF UK conference and exhibition remains a key calendar event in the IT service management diary. For the first time, this year it takes place in London, running at the Novotel London West on 8th and 9th November, a switch from its usual venue in the NEC Metropole near Birmingham. With many highlights promised the event continues to be the must-attend date for service management professional. Another first this year is the 31 Media stand (A02 – see floorplan) where the VitAL team will be promoting publications and events. Make sure you pay us a visit while you’re there. The itSMF UK’s deputy chief executive Ben Clacy explained why the Forum had decided to move the event to London in 2010: “We believe the new London location will greatly improve the entire conference experience for sponsors, exhibitors, speakers and delegates alike,” he said. “However we are also tailoring sponsorship packages, providing greater flexibility to delegates and giving the conference programme a complete makeover with a reduced number of streams and presentations, as well as introducing three further days of ITSM training for those who wish to take full advantage of their time in the capital.” In total there are over 40 educational sessions in the programme, broken down into five topic areas

(Lessons Learned, People, Continual Service Improvement (CSI), Tips & Techniques, and Back to Basics, as well as a further selection of interactive sessions). In addition, there is an exhibition involving more than 50 trainers and vendors.

User experience The main aim of the conference programme is to allow speakers to share their practical service management experiences with delegates. The Lessons Learned topic area, for example, includes a case study by Lara Osgood and Carl Chambers of Virgin Atlantic. Their presentation describes the formation of Virgin’s Service Delivery and Management Programme, launched in a climate of global aviation price and cost cutting and driven by a desire to improve service by moving to industry best practices underpinned by tools that supported this philosophy. The session offers invaluable input for delegates to add to their own service improvement programmes. In ‘The right capability in the right place at the right time’ in the People group of presentations, Daryl Back of Unilever talks about his company’s methodology for obtaining resource for its IT function, which has changed from predominantly internal development to also include external recruitment and supply through strategic outsourcing contracts.

58 VitAL : November / December 2010

Guilio Tedeschi and Helen Morris of Belron International go ‘back to basics’ with a session entitled ‘I can see clearly now – working towards ITSM best practice in a changing environment.’ This presentation discusses the challenge of managing the expansion of the organisation, including international mergers, while maintaining stable, effective and efficient IT services. With best practice in mind, the speakers describe their first steps towards ISO/IEC 20000 accreditation. In the CSI topic area, Dave Howard of Toyota Financial Services introduces Toyota Business Practices (TBP), an eight-step process that clarifies a problem, identifies the root cause, develops counter-measures, monitors and measures the results of the improvements and standardises the successful process. TBP combines the familiar Deming Cycle (Plan, Do, Check and Act) with the principles of the Toyota Way (Continuous Improvement and Respect for People.) If you don’t believe that process maturity assessments are ever simple, fast or free, try the ITIL Cooper Test, a technique from Ben Kalland of Tieturi. Based on ITIL, COBIT and ISO/IEC 20000, the test allows delegates to assess their own Incident Management process in twelve minutes and determine where improvements are needed. And they get the charts for the Change Management process as well! VitAL www.vital-mag.net

itsmf preview

Keynote speakers Sir Ranulph Fiennes Bt OBE – Opening keynote address Often described as the world’s greatest living explorer, Ran Fiennes also made it into the record books by completing seven marathons on seven continents in seven days – not long after receiving emergency heart surgery. Then he took up climbing, starting with the North Face of the Eiger. At the age of 65, and at his third attempt, Ran became the oldest person to conquer Everest. Ran inspires and entertains conference and after dinner audiences across the world. Presentations draw a connection between nature’s most dangerous and difficult challenges, and the day-to-day hurdles we all face. Teamwork, determination, patience, discipline and creative thinking are vital to the success, and sometimes the survival of Fiennes and his colleagues. We may not risk our own lives in the same way, but all these qualities are equally important in less hazardous occupations. Join Ran on Monday 8th November at 9.40 in the Cremont Room (Champagne Suite).

Jon Culshaw – IT Service Management Awards Dinner host The Dead Ringers star Jon Culshaw is seen by many as Britain’s best impressionist. His repertoire of over 350 voices stretches from Dale Winton to Ozzy Osbourne, Russell Crowe and (for fans of the radio show) Brian Perkins. Originally a DJ, Jon won a Radio 1 talent contest and joined the team on Spitting Image. He played 40 characters, including Frank Bruno, Michael Portillo, Bill Clinton and Liam Gallagher. Jon then became ‘the man of a thousand voices’ on Channel 4’s Big Breakfast. Jon’s other TV credits include Friday Night Armistice and his own series for the BBC: The Impressionable Jon Culshaw, Jon Culshaw’s Commercial Breakdown and, most recently, The Impressions Show with Culshaw and Stephenson. He is also a regular guest on election programmes, providing necessary comic relief with impromptu impressions of politicians. The awards dinner takes place on Monday 8th November in the Champagne Suite from 20.00 onwards, with live music and entertainment after the presentations.

Points of Service

www.vital-mag.net

November / December 2010 : VitAL 59

itsmf preview

Keynote speakers contd James Staten – Opening plenary, second day James is vice-president and principal analyst at Forrester Research, focusing on emerging infrastructure technology and services trends including cloud computing (IaaS and private clouds), strategic rightsourcing, infrastructure consolidation, and applicationspecific infrastructure optimization. He is the author of best-practice analysis on maturing your virtualization practices, building a cloud computing consumption strategy, and optimizing Web site infrastructures for blazing fast performance. James has more than 20 years’ experience in the industry, having served as a reseller, vendor strategist, CMO, journalist, and analyst for companies including Autodesk, Azul Systems, Gartner, Rockwell International, and Sun Microsystems. He is a frequent speaker at industry, corporate, educational, and Wall Street events and has guest lectured at leading business schools. Join James for his plenary session, “The Cloud Computing conundrum: business agility at the cost of IT process efficiency?” on Tuesday 9th November at 9.00 in the Cremont Room (Champagne Suite).

Sharon Taylor – Closing keynote address Sharon Taylor, president of Aspect Group, is a very well known and respected figure within the IT Service Management community. As the chief architect and examiner for ITIL, she oversaw the introduction of ITIL V3 in 2007, and she is the author of numerous ITSM books and columns worldwide. As the former chair of itSMF International, she was responsible for ensuring the global growth and governance of itSMF in over 40 countries. She is also the president of the North American Institute of Certified Service Management Professionals, a sister organization to the UK Institute of Service Management. In 2008, itSMF UK presented Sharon Taylor with the Paul Rappaport Award for Lifetime Achievement in Service Management,

TH NOVEMBER TIMETABLE A5:Layout 1 21/10/10 12:24 Page 1 the pinnacle achievement in the ITSM profession.

Join Sharon on Tuesday 9th November at 15.55 in the Cremont Room (Champagne Suite).

60 VitAL : November / December 2010

www.vital-mag.net

itsmf preview

www.vital-mag.net

November / December 2010 : VitAL 61

itsmf preview

IT as a Service Virtualisation is the foundation for unlocking the potential of cloud computing. VitAL editor Matt Bailey asked John Murnane of virtualisation leaders VMware, how Service Management will feature in the move into this brave new virtual world.

igration to the cloud is becoming increasingly accepted by many organisations as the foremost solution to an increasingly complex IT world. “IT infrastructures have become too complex and brittle,” confirms EMEA sales director for virtualisation specialist VMware, John Murnane. “IT has become pervasive in business, but its organic growth means that it has ended up as a mishmash of services and solutions. With users demanding faster response times from IT organisations and management demanding lower costs, IT needs a better strategy for delivering services to the business. “Cloud computing is an approach that reduces IT complexity by leveraging the efficient pooling of on-demand, self-managed virtual infrastructure, consumed as a service. Cloud computing is central to that better strategy and virtualisation is the foundation for enabling this transition.”

A virtual pioneer VMware delivers customer-proven virtualisation, cloud infrastructure and management solutions that reduce IT complexity and enable the transition to a more efficient and flexible service delivery model: IT as a Service. VMware’s innovation and excellence has been recognised by strategic research firms globally and more than 260 industry awards. As part of its expanding portfolio of management solutions, earlier this year, the company acquired certain software products and expertise from EMC’s Ionix IT management business. At the time Paul Maritz, president and chief executive officer of VMware commented, “Customers are increasingly leveraging virtualisation as the foundation for modern IT architectures and their path to cloud 62 VitAL : November / December 2010

www.vital-mag.net

itsmf preview

computing. Essential to this evolution is the ability to provide visibility and compliance from virtualised applications down to the underlying physical infrastructure. The acquisition of these Ionix products and expertise promises to further establish VMware vCenter as the next generation management platform for private cloud infrastructures.”

Transforming IT IT departments are tasked with handling increasing demands from the business, with responsiveness and agility. Yet many IT organisations struggle to meet business needs in a timely way because applications and services run on infrastructures that can be costly to manage and challenging to change. Cloud computing can provide the solution to overcoming these challenges. “When building a cloud infrastructure the initial challenge is how you start the journey. And it’s the service management function that has to address the change from the current state to the desired state,” says Murnane. “There has been a gold rush into virtualisation with organisations retrospectively trying to work out how to deal with it. The change has to be managed properly, and to virtualise successfully customers need a high degree of confidence that their infrastructure will be managed accordingly. While cloud computing provides the approach, we deliver a pragmatic path and customer-proven solutions that allow organisations to preserve existing technology investments, while achieving the goal of enabling IT as a Service.”

IT as a Service IT as a Service is the transformation of IT to a more business-centric approach, focusing on outcomes such as operational efficiency, competitiveness and rapid response. This www.vital-mag.net

means IT shifts from producing IT services to optimising production and consumption of those services in ways consistent with business requirements. This changes the role of IT from a cost centre to a centre of strategic value. VMware’s method to help organisations begin enabling IT as a Service is a three-step approach: Step one: Is to begin with virtualisation and leverage legacy investments. Since virtualisation is the foundation for cloud computing and IT as a Service, the first task for any organisation transitioning to the cloud is to virtualise. This allows IT staff to guarantee service levels more easily and economically. Step two: Is to turn the IT department into an agile and user-friendly internal service provider. This requires providing IT services to internal users through Web-based portals as a fully automated, catalogue-based service. In addition, IT staff must offer a new level of automation to minimise cost and ensure control and compliance. In order to effectively manage these increasingly dynamic environments VMware offers cloud infrastructure and management solutions that deliver policy-driven automation and provide IT management as an intrinsic part of the system allowing organisations to achieve the efficiency, control and compliance needed to move from cost centre to service provider. Step three: Is to deploy a private cloud. A private cloud yields improved IT efficiency and agility while enhancing security and choice. VMware advocates that deploying a private cloud on their platform provides a practical path to the highly scalable, high-performance public clouds being built by recognised service providers also leveraging this platform. This enables organisations to move workloads between or across private and public cloud infrastructure allowing them to benefit from the

Cloud computing is an approach that reduces IT complexity by leveraging the efficient pooling of ondemand, self-managed virtual infrastructure, consumed as a service. Cloud computing is central to that better strategy and virtualisation is the foundation for enabling this transition.”

November / December 2010 : VitAL 63

itsmf preview

elasticity, scalability and security of a hybrid cloud environment. “With VMware you have actual control of the platform. Management tools are inherently part of the infrastructure.” says Murnane.

Self service business automation At the application or service layer, cloud computing offers a new service consumption approach that applies standardisation and automation to enable rapid service provisioning. By standardising processes, increasing automation and delivering IT as a Service, VMware can help drive additional savings beyond virtualisation, while significantly reducing the amount of maintenance required per IT administrator. Instead of waiting for manual IT procurement and provisioning processes, organisations are able to consume services exactly when they need them. IT organisations can now deliver standardised IT services on shared infrastructure through a Web-based catalogue. By standardising these service offerings, organisations can simplify many IT management tasks, from troubleshooting and patching to change management, and eliminate much of the administrative maintenance that burdens the IT team. They can also automate provisioning through policybased workflows that empower validated users to deploy preconfigured services with the click of a button. Meanwhile, IT retains control over policies and billing that govern service usage. “What we want to achieve is control with end-to-end automation to allow businesses to achieve the end state and strategy they are aiming for,” explains Murnane. “With service 64 VitAL : November / December 2010

management in the cloud we get a higher level of choice and control. The challenge is how we migrate the existing infrastructure and get to the cloud-based operation. How do we live with this hybrid arrangement? And how do we make the business aware of the value and the benefits? These are the important questions for IT service managers. IT is currently hugely underutilised in most organisations. They need a well thought out, end-to-end and achievable way to exploit their IT estate and optimise its usage. VMware offers the means to deliver and manage virtualisation and move to cloud environments. The challenge overall is to optimise how businesses work.”

Cloud Security Virtualisation is indispensable for transitioning legacy applications to new cloud infrastructures and a critical security enabler in a cloud environment. VMware provides the foundation for the next generation of cloud security to address the challenges of securing applications and data. With introspection capabilities that help to identify hard-to-detect problems and enable comprehensive security controls, VMware maintains its capabilities result in better performance, reduced complexity and more comprehensive security. Security policies can be rapidly implemented and monitored for IT compliance while maintaining the relevant levels of control and visibility into ownership domains. They can make security agile, so IT staff can leverage dynamic capabilities, such as live migration, and ensure that the security policies follow the IT service www.vital-mag.net

itsmf vitalpreview events

seamlessly. They can also deliver a single, cost-effective framework for the comprehensive protection of cloud deployments.

Automation and management Instead of spending valuable time managing physical infrastructure or applications, VMware solutions allow organisations to focus on innovation and delivering crucial value to the business. Once all hardware resources are pooled into virtual building blocks and service-levels are defined with associated applications, organisations can deploy an automation plan based upon business rules and application needs. Cloud automation and cloud management drive the ultimate efficiency in IT, mapping plans and policies to the business and defining them within the service delivery mechanism of the cloud. “Automation and management rules applied to the cloud effectively lead to a zero-touch infrastructure, where IT is available as a service. IT organisations can also better manage risk with an approach to cloud computing that retains the security, control and compliance that the business demands,” says Murnane.

Interoperability and openness In addition to serving as a secure foundation for cloud computing, VMware solutions ensure application portability between internal data centres and external hosting and service provider clouds. This enables applications to run with little or no modification internally or externally. Beyond infrastructure, the platform allows developers to create portable cloud applications that further enhance an www.vital-mag.net

organisation’s ability to respond to change. VMware maintains that IT staff can extend this agility to end users by leveraging its solutions to dynamically provision and manage cloud-ready IT services securely across multiple devices.

There has been a gold

Pooling and dynamic resource allocation

retrospectively trying to

The private cloud changes an IT organisation’s approach to resource management from discrete hardware to virtualised pools of shared resources. These shared resource pools are abstracted into logical building blocks that consist of storage, network and server units, effectively creating virtual data centres. Based on business demands, these resource containers can be constructed to provide specific service-levels or meet particular business needs, or they can be divided by logical business units or functions (for instance, sales, finance or R&D). By standardising on a set of well-defined offerings, organisations can evolve toward a policy-driven approach to computing. “In this era we have to rely on our platforms to manage themselves, they have to have management engineered in,” concludes Murnane. “Having simplified the management of the infrastructure Service Management can be used to abstract the business requirement from the underlying technology, forcing IT to focus on what matters – the business services – regardless of how they are being delivered and how that delivery changes over time. Without it, you’ll never make the transition, never drive automation, and never measure your successes.” VitAL www.vmware.com

rush into virtualisation with organisations

work out how to deal with it. The change has to be managed properly, and to virtualise successfully customers need a high degree of confidence that their infrastructure will be managed accordingly.

November / December 2010 : VitAL 65

itsmf preview

Balancing the people with the process Experts advise that about 80 percent of the effort and resources required for successful IT-related change are – or should be – deployed on the ‘soft’ aspects of change, such as changing behaviours and providing training at the right time; only 20 percent is required for the IT itself. APMG makes the case for more balance in IT projects.

t will always be a challenge to implement successfully and meet the expectations of those affected by change. In ITIL environments there is a misguided belief that if the process is ‘correct’ then all will be well. Too often the people aspects of change are underestimated. Being able to analyse and predict the impact on both the process and the people is key to understand what the likely outcomes of change will be. “Organisations should think through desired outcomes and decide on a balanced people and process approach, “ says Richard Pharro, CEO of APMG-International.“One key to this is to be able to answer the question “what’s in it for me” (WIIFM) for all those affected by

66 VitAL : November / December 2010

the change before starting the programme. To do this the IT department must have clarity regarding training, job impact, coaching and mentoring that will be required to support the change.” Pharro says that service managers are under increasing pressure and scrutiny to deliver IT services in a robust, timely and cost effective way. “Focusing on keeping negative impacts to a minimum while at the same time improving customer experience, the challenge of understanding how changes will impact systems is ever increasing.” This ongoing challenge prompted APMG to look at the development of ‘role-based’ service management qualifications which focus on the www.vital-mag.net

itsmf preview

core competencies of individual roles. Change Analyst is the first of these qualifications and is being launched at the itSMF UK Conference which takes place in November.

Role-base service management “Our Change Analyst certification enables candidates to assess the potential benefits, risks and impacts of proposed changes. It also gives them advice on how to get approval to proceed with such changes, as well as looking at what the impact on those who will be affected by the new process will be,” says Pharro. The qualification has been developed in response to market demand for practical, focused qualifications. “It’s designed to help candidates understand the wider implications of change within ITIL service delivery,” asserts Pharro. “The course will give them the knowledge and confidence to authorise change initiatives, while at the same time earning them a recognised certification and ITIL v3 credits.” Change Analyst and the other role-based qualifications have been developed by APMG- International in partnership with itSMF UK. They are very closely aligned to the Skills Framework for the Information Age (SFIA) framework regarding core competencies of an individual in a role. SFIA enables employers of IT professionals to carry out a range of HR activities against a common framework of reference – including skill audit, planning future skill requirements, development programmes, standardisation of job titles and functions, and resource allocation. Barry Corless, chair of ITSMF UK, comments: “Change Analyst gives knowledge and practical experience of the main skills and competencies required in fulfilling the role of a Change Analyst within IT Service Management. The qualification is multidimensional, combining a more detailed look at the structure and application of the key change processes and procedures, together with an insight into the soft skills required to meet the everyday challenges in the role of Change Analyst.” The qualification is for those specialising in Change Management and who wish to extend or formalise their understanding and knowledge working in a role where Change www.vital-mag.net

Management forms an integral part of the day-to-day activities. IT professionals who are working within other areas that have a direct interface with Change Management, such as third party suppliers, application developers and other related service management functions will also benefit from the course. “The qualification provides detailed, practical knowledge based on industry good practice and collateral which the candidate can apply in their work environment. It provides a follow on from the ITIL Foundation certificate and a bridge to Intermediate levels of the main ITIL scheme. The course and examinations have been developed by itSMF UK industry experts alongside APMG-International and are available through their international network of Accredited Training Organisations,” Corless says.

About the exam The Change Analyst Qualification is to be completed in 60 minutes. It is comprised of 20 questions (20 marks) and 13 marks are required to pass. Some questions require supporting information from a scenario booklet to be answered. It is a paper format with a mixture of simple and complex objective testing questions. In addition to this the candidates have to complete a workbook during the course which demonstrates the practical application of the theory.

“Focusing on keeping negative impacts to a minimum while at the same time improving customer experience, the challenge of understanding how changes will impact systems is ever increasing.”

The launch of the qualification Change Analyst is being launched by APMG International and itSMF UK at the itSMF UK conference in November. Candidates can take the qualification through APMG’s network of Accredited Training Organisations. Change Analyst is one of a suite of service management role based qualifications. Problem Analyst is the next in the series to be released and is scheduled to be released at the end of the year and Service Level Analyst will follow in 2011. “These role based qualifications will make a significant contribution to the skills and learning of service management professionals who have wanted certifications which help them with their specific work-place challenges,” concludes Pharro. VitAL www.apmg-international.com November / December 2010 : VitAL 67

itsmf preview

Floorplan

itSMF 2010 exhibition listing For further details of companies listed here in bold see the listings section in this preview (p68-72). 31 Media â&#x20AC;&#x201C; VitAL Magazine A02 APMG-International B05 ASG E06 Axios D02 BCS A14 Best Management Practice B01/C01 Capacitas Ltd A06 CEC Europe G02 CGI C07 Cherwell A09/10 ConnectSphere C06 First Option Solutions A03 Focus Group B02 Fox IT E03 Front Range B03/04 G2G3 E02 Global Technology E04/05 Hornbill D09 HP A11/12 IBM F5 iCore B07 ILX Group G01

68 VitAL : November / December 2010

Kaseya B08 Kepner-Tregoe C02 Lamri D05 LANDesk G03 LiveTime Software Ltd D04 LogMeIn Europe B06 Marval D01/E01 Milestone Project Management Solutions E08 Numara F04 Omninet A08 Pink Elephant F01 QA Ltd D06/07 Service-now.com C03/04 Sextant E07 Sunrise Software C05 TechExcel G04 TOPdesk A07 VMware A15 Wardown Consulting E09 Wendia UK A01 xMatters A13

www.vital-mag.net

show listings show listings show listings show listings show listings show listings show listings

APMG-nternational

Stand B05

W: www.apmg-international.com APMG-International is an accredited examination Institute offering accreditation and certification in a wide range of products for knowledge-based workers. Our portfolio of qualifications includes the OGC Best Practice qualifications of ITIL®, PRINCE2®, MSP®, M_o_R®, and P3O®. In addition we offer a host of specialist management qualifications. We have a suite of other specialist management certifications such as Agile Project Management and Service Catalogue. We also accredit consultants working with OGC’s Maturity Models to help organisations improve their delivery of Best Practice. At the itSMF UK Conference this November APMG-International is launching its new Change Analyst Qualification. Richard Pharro, CEO APMG-International says, “The qualification has been developed in response to market demand for practical, focused qualifications. It is designed to help candidates understand the wider implications of Change within ITIL service delivery. The course will give them the knowledge and confidence to authorise change initiatives, while at the same time earning them a recognised certification and ITIL v3 credits.” Change Analyst is very closely aligned to the Skills Framework for the Information Age (SFIA) regarding core competencies of an individual in a role. SFIA enables employers of IT professionals to carry out a range of HR activities against a common framework of reference - including skill audit, planning future skill requirements, development programmes, standardisation of job titles and functions, and resource allocation. Change Analyst is the first in a suite of role-based qualifications developed in partnership with itSMF UK. Come and visit us at Stand B05 for more information on Change Analyst and our other ITIL complimentary qualifications. APMG’s portfolio of qualifications is offered through our network of Accredited Training Organisations (ATOs). APMG accreditation provides formal recognition to clients that Accredited Organisations have been rigorously assessed. They have proven they have the experience and knowledge to deliver professional and cost effective training.

ASG Software Solutions

stand E06

Contact: Pamela Guyton Address: Ziggurat, Grosvenor Road, St. Albans, AL1 3DX UK T: +44 (0) 1727 736300 F: +44 (0)161 449 7122 W: www.asg.com ASG Software Solutions provides a full range of practical software solutions that help IT organisations solve complex problems to lower costs, save time, and make proactive decisions that drive business success. Known for a broad portfolio of best-value, results-driven technologies, ASG partners with 85 percent of the world’s largest companies to optimise IT service delivery in both mainframe and distributed environments. For more than two decades, ASG’s market-driven software solutions have enabled IT teams to monitor, report and manage IT to consistently improve the delivery of business and IT services. ASG’s practical software management solutions enable clients to manage their businesses across every function – from C-level to end-user. Through a full range of enterprise software solutions dedicated to information optimisation and infrastructure optimisation, ASG provides a fully integrated Enterprise Automation Management Suite to effectively manage highly sophisticated and complex IT environments.

We are a global organisation, aware that different geographies have different economic conditions. We price our exams according to local pricing structures, ensuring that those who want to take an examination for one of our qualifications are not restricted by cost.

ASG helps companies optimise IT service delivery by providing a practical strategy and proven software solutions that ensure complete availability and high performance of critical business applications. Our technology abstracts and consolidates information and key metrics from any existing IT management tool, enabling organisations to easily identify and take action on potential service disruptions before they affect business. ASG is committed to our clients’ success, working to fuse IT with business functions, strategies, and goals.

Our commitment to high standards means that all candidates, no matter where they take their examinations, can be assured that the certification they have earned is consistent with every other candidate and represents a level of training unsurpassed in the industry.

Visit the ASG stand to experience the power of ASG’s Foundation Technology, and start managing IT complexity today.

We don’t offer training services ourselves thereby avoiding conflicts of interest with the organisations we accredit. Instead we encourage our accredited organisations to work with their clients to offer our qualifications and assessments. Our ATOs have gone through the most rigorous assessment process in the industry. We review their policies and procedures, their training materials, and the proficiency of their instructors to make certain that their students are receiving the highest quality training available.

Cherwell Software

stand a09 / 10

www.cherwellsoftware.com Tel: +44 1793 858181 Cherwell Software is the developer of Cherwell Service Management™ – a fully integrated solution for IT and support professionals for the delivery of internal IT or external facing support services. Designed using the Microsoft .NET platform and Web 2.0 technology, Cherwell delivers ‘out-of-the-box’, 11 fully integrated ITIL v3 PinkVERIFIED management processes including; Incident, Problem, Change, Release, Configuration, SLA, Service Catalogue, Event and Knowledge. Plus, a fully customisable end user self-service portal for unlimited end user access, open API for systems integration, dynamic dashboards for customised displays of key operational data and integrated customer survey module, plus much, much more. Offering a true holistic approach to IT service management, Cherwell provides a 360 degree view of incident, problem and change records, empowering IT and support departments to fully align themselves with the organisations they support. Being quick to deploy and easy to use, implemented as either a traditional On Premise perpetual license solution or a fully hosted On Demand SaaS subscription service, Cherwell delivers true enterprise power, scalability and flexibility. The Cherwell Service Management solution is 100 percent customisable and configurable, without the need for specialist resources, requiring no changes to source code, needs no bespoke programming and no SQL or Java scripting. The solution delivers a highly scalable and extensible development platform, enabling customers to add new custom built applications through the use of customisable business process templates. In a recent Total Economic Impact (TEI) study by Forrester Consulting at an organisation where Cherwell was used to replace an existing Enterprise Service Desk solution, the detailed financial analysis demonstrates how the organisation evaluated the value proposition delivered by Cherwell Service Management. Based on information collected from in-depth customer interviews with a real life customer, Forrester calculated a three year risk-adjusted ROI of 108 percent, with a total investment return in less than ten months. In these difficult economic times when organisations are being challenged to reduce costs, deliver improved services with fewer resources, the Cherwell solution can provide a compelling business case for the replacement of expensive, resource intensive and technologically out dated solutions being used to deliver existing support services. For more information on Cherwell Software, to arrange a product demonstration, or to receive a full copy of the Forrester reports “Market Overview: ITSM Support Tools” and/or “Total Economic Impact Study”, then please contact us on the number above or visit our website to view a selection of short product videos covering topics such as; Service Catalog, Visual CMDB, System Configuration and Integration.

Visit our stand and enter our free draw to win an Apple iPad

show listings show listings show listings show listings show listings show listings show listings

BCS Stand A14 www.bcs.org/iseb/specialist Our mission as BCS, The Chartered Institute for IT, is to enable the information society. We promote wider social and economic progress through the advancement of information technology science and practice. We bring together industry, academics, practitioners and government to share knowledge, promote new thinking, inform the design of new curricula, shape public policy and inform the public. Our vision is to be a world-class organisation for IT. Our 70,000 strong membership includes practitioners, businesses, academics and students in the UK and internationally. We deliver a range of professional development tools for practitioners and employees. A leading IT qualification body, we offer a range of widely recognised qualifications. These qualifications include The Institute’s ISEB portfolio; created to raise the standard of competence and performance of people working in IT. Our professional qualifications are internationally recognised and are available in Foundation, Practitioner and Higher levels in 8 major subject areas: • ITIL/ IT Service Management; • Software Testing; • Sustainable IT; • Business Analysis; • Systems Development; • Project Management; • IT Governance, Information and Security; • IT Assets and Infrastructure. Delivered via a network of high quality accredited training and examination providers, the breadth and depth of ISEB’s portfolio encourages knowledge, understanding and application in various disciplines. This allows candidates to demonstrate their skills in specific business and IT areas which measure competence, ability and aptitude, helping to promote career development and provide a competitive edge for employers. BCS Specialist Qualifications in IT Service Management BCS, The Chartered Institute for IT, has launched its suite of six new Specialist Qualifications in IT Service Management. The qualifications, which focus on specific job roles within organisations, draw on the broad range of good practice in service management and are not limited to ITIL®. They embrace COBIT®, ISO/IEC 20000, SFIA/SFIAplus and ITIL – enabling job specific skill development. The new qualifications compliment the ITIL scheme and provide an ideal stepping stone between the ITIL Foundation and ITIL Intermediate Qualifications in IT Service Management. All six qualifications, Service Desk & Incident Management, Change Management, Service Level Management, Business Relationship Management, Problem Management and Supplier Management have been endorsed as ITIL Complementary Products each attracting 1.5 credits towards the ITIL Expert award.

fox it

stand E03

Address: Fox IT Limited, Chester House, 76-86 Chertsey Road, Woking, Surrey GU21 5BJ T: +44 (0)1483 221200 F: +44 (0)1483 221500 E: enquiries@foxit.net W: www.foxit.net Fox IT is a global independent Service Management specialist having undertaken transformation engagements in over 50 countries. Recognised as the premier supplier of consultancy, education and tools Fox IT has the most extensive ITIL based ITSM and Governance practice in the world. The company has been at the forefront of practical implementation of Service Management techniques since 1981 during which time it has established a worldwide delivery network. Our services are underpinned by world-class Service Management and Governance concepts and practices based on a range of industry standards, including the IT Infrastructure Library (ITIL), the global de facto best practice guidance for delivering business focused IT services, MOF, ISO/IEC 20000 and COBIT. New technologies such as virtualisation, cloud computing, grid computing, Software as a Service and Platform as a Service are already a reality, yet only a few people in IT Service Management have started to understand what it means to them and to the future of IT Service Management. Moving to this new world of utility computing, on-demand services, and dynamic distributed environments provides many challenges to our traditional approaches to ITSM and to IT. Many people will tell you that they can all be solved by tools, but the old adage of ‘a fool with a tool is still a fool’ will apply even more to these new environments. The good news is that the solution to many of the challenges already exists. By using the service lifecycle as the basis, and by morphing the ways that we apply service management concepts, we can help to realise the potential benefits of these technologies. Or we can just put our heads in the sand whilst the cloud blows over... This exhibition will highlight the specific challenges, and suggest practical ways to how you can modify your approach to service design, service transition, and service operations to avoid these technological marvels turning into service catastrophes.

icore

stand B07

www.cherwellsoftware.com Contact: Steve O’Dononghue – sales executive Tel: +44 1793 858181 M: 07961 553199 T:

0207 464 8883

steve.odonoghue@icore-ltd.com

www.icore-ltd.com

iCore is the largest specialist IT Service Management Consultancy in the UK. iCore has a long and impressive track record in delivering and embedding pragmatic IT service management processes and projects. This has been achieved by combining strong leadership, discipline, outcome and value driven projects that focuses on cost control. iCore relies on the deep, real world experience of our mature and determined consultancy team to ensure our engagements deliver solutions that work and stick. As a result of our focus on practical service management iCore can be more effective and responsive when compared to IT generalist or business consulting firms. This focus has been applied to a large number of clients in the financial services, utilities, construction, energy, and government sectors. These clients have enjoyed both service improvement and cost benefit – thereby gaining commercial advantage over their competitors. At iCore we believe that it is not just about process, rather the effective integration of process with people, technology and partners. iCore consultants are able to call on their knowledge of the various best practice frameworks and standards such as ITIL, COBIT, CMMI, Lean Six Sigma, SFIA, PRINCE2, ISO20000, ISO27001 or SAS70 etc, as appropriate. At the same time the consultants will adopt a flexible approach in the design and delivery of projects and services. The use of these frameworks and standards, along with our own methods, tools, templates, accelerators and utilities, means we can avoid re-inventing the wheel and quickly add value. iCore can help you assess, design, implement, embed and improve your services and organisation. This can be achieved as a programme of improvements run by our expert consultants; or providing interim managers and operational staff to work within your team; or deliver as a managed service.

show listings show listings show listings show listings show listings show listings show listings

Kepner-Tregoe

stand C02

Contact: Steve White T:

01628 778776

swhite@kepner-tregoe.com

www.kepner-tregoe.com

Kepner-Tregoe (KT) helps service organisations significantly improve their strategic and operational results by maximising Customer Lifetime Value (CLV) – the ultimate measure of success for a service-driven business. With over 50 years’ experience, we understand the challenges of consistently delivering high-quality, world-class service and support. Our clients’ results demonstrate dramatic performance improvements in increased customer satisfaction, reduced resolution times, decreases in service costs, increases in first time fix-rate, reduced service performance variances and increased employee retention. Our KT Service Value ManagementSM (SVM) suite of business solutions is focused on the six key drivers that contribute most to CLV. These are: Strategy and Culture, Monitor and Control, Service Processes, People, Tools, and Organisation. Within each of the key areas that drive CLV, KT then offers a range of services that are customised to client need. Kepner-Tregoe Resolve®, a core SVM service offering, for example, is the only proprietary method acknowledged by ITIL as best practice for problem analysis and troubleshooting. Through a combination of analysis, training, business process integration, and performance system improvement, KT helps organisations improve their ability to delight customers and become more efficient. The KT Resolve® process dramatically increases performance against key indicators like Mean-Time-To-Resolve, Customer Satisfaction, Cost of Service, helping organisations transform their support function from being a cost centre to a true competitive advantage. KT combines proven methodologies, capability transfer, over 50 years of experience, and a relentless focus on execution to drive predictable, measurable results. We collaborate with organisations to diagnose their greatest needs to design tailored, effective solutions. And we bring together the right team to deliver rapid results. Because the work is collaborative, improvements are sustainable and add lasting value – offering a truly effective alternative to traditional business consulting. But don’t take our word for it. Find out for yourself by contacting us via our details below.

G2G3

stand E2

E: info@g2g3.com T: @g2g3 W: www.g2g3.com G2G3 creates innovative people-based readiness solutions, including immersive simulations, serious games, education, communications, infographics and more. Engaging G2G3 will drive the success and raise the profile of your IT transformation initiative, project or product, ensuring the effective onboarding of all involved. G2G3 is different from other vendors; we use our energy, enthusiasm and creative flair to create your competitive advantage. The unique products and services offered by G2G3 include: Ready-to-go simulations: G2G3 offer a range of high-impact, in-room business simulations that accelerate learning and transformation initiatives. These are available in a number of industry variants for ITSM, ITIL, ISO/IEC 20000, Cloud, Lean IT, Project Portfolio Management, Business Continuity and many more. Bespoke simulations: G2G3 can design and develop a bespoke in-room simulation solution around your specific requirements in a scenario of your choice. G2G3’s high-profile bespoke simulation clients include HP, BMC, CA, IBM, Microsoft and many more. Virtual simulations and serious games: G2G3 are experts in creating virtual serious games and simulations. Our power lies in our ability to combine advanced 3D technologies with gaming dynamics and excellent IT enterprise industry knowledge. Virtual simulations and serious games are ideal for marketing, education or transformation purposes Infographics and knowledge visualisation: Take a new look at your processes and complex information with G2G3’s Infographics services. By combining collaborative consulting with information design, G2G3 can create a visual knowledge strategy that will deliver tangible results across your transformation, change or communication initiative. Cloud-based assessments – Pathfinder: Pathfinder is a cost-effective, cloud-based assessment portal. Pathfinder reveals where your key processes are now, where they need to be, and how to get there. With a Pathfinder consultation, in less than ten days, you will receive a bespoke, facts-based Journey Plan for the future providing structured, actionable and measurable service improvements aligned to your everchanging business needs. Readiness programmes – Consulting, Education and Communications: G2G3 offer a range of people-focused consulting, education and communication solutions for IT enterprises, including Readiness Programs, ITIL Foundation courseware (blended with or without simulation), Contextual Learning, Sales Enablement, Communications Programs and more. Our enviable list of readiness clients include: BP, Intel, DHL, Thomson Reuteurs and many more.

landesk software

stand G06

T: 01483 744444 E: contactus@landesk.com For more than two decades, LANDesk Software Inc has developed solutions that help organisations manage IT complexity; discover, track and safeguard assets; and enable IT staff to improve service levels. LANDesk® systems management, endpoint security, and IT service management (ITSM) solutions are easy to use, reliable, and deliver rapid ROI. LANDesk solutions have won a number of industry awards, and research firms like Gartner and Forrester consistently rank LANDesk as an industry leader. Specifically, our ITSM solutions combine LANDesk® Service Desk, LANDesk® Process Manager, and LANDesk® Asset Lifecycle Manager, offering world-class support to employees, citizens and customers: • LANDesk Service Desk helps organisations deliver cost-effective IT services, improve resolution rates, minimise recurring incidents, and enforce standardisation. Consolidating ITIL®-verified, process-driven incident, problem, change, and configuration management in a single touch point, LANDesk Service Desk handles all types of incidents, problems, and service requests. The solution has achieved PinkVERIFY status through Pink Elephant’s software certification scheme for all 14 processes that make up ITIL v3, the worldwide standard for IT service and support. • LANDesk Asset Lifecycle Manager helps customers manage hardware and software assets from initial request to procurement and all the way through to disposal. The solution enables organisations to manage compliance, regulatory, security, license, privacy, and tax requirements while maintaining tight control over investment and aggregation of cost data for informed decision making. • LANDesk Process Manager offers a single tool to both build and execute consistent, predictable IT processes, rescuing IT staff from endlessly repeating the same tasks. It can be used stand-alone or to complement other LANDesk solutions— from LANDesk® Management Suite to LANDesk Service Desk—simplifying IT management with less infrastructure and resource investment. LANDesk technologies are offered either directly or through an extensive international network of solutions providers serving markets that include education, financial services, healthcare, IT, law, manufacturing, professional services, retail, transportation and utilities. The company has regional offices and development centres worldwide and employees in 18 countries.

show listings show listings show listings show listings show listings show listings show listings

logmein Contact: T: E: W:

Stand B6

Allyson Pelletier, director EMEA Marketing +31 20 522 1800 apelletier@logmein.com www.LogMeIn.com

techexcel

stand Go4

T: 0207 470 5650 E: emeainfo@techexcel.com W: www.techexcel.com TechExcel, a leading provider of IT Service Management software, has 1,500 customers in 42 countries and maintains offices in USA, UK, China and Japan.

Users worldwide rely on LogMeIn solutions for remote control, systems management, business collaboration and on-demand customer support of PCs, servers, Macs, smartphones and other Internet-connected devices. Our award-winning solutions are easy to try, buy and deploy from any web browser with an Internet connection. Over 100 million devices worldwide have connected to a LogMeIn service. Whether you require personal or business remote access, remote support or remote administration, we have a product designed specifically to meet your needs. Consumers and mobile workers use LogMeIn solutions to access and back up their remote computers online. Users have multiple options for remote desktop control, including access from a Windows PC, laptop or pocket PC; a Mac; their iPhone or iPad - and even from their Ford 150 truck - to maximise their mobility and productivity. • LogMeIn Free, our flagship product, offers fast, simple, and secure remote control of a PC or Mac – 100 percent free, all the time • LogMeIn Pro2 adds premium features to basic remote control, including file transfer, file sharing, remote sound and remote printing, for maximum productivity when working remotely • LogMeIn Ignition gives users the ability to remote control their LogMeIn-enabled PCs and Macs from their Apple iPhone, iPad, or Android device. Businesses and IT service providers rely on LogMeIn to remotely support, manage and back up hundreds or thousands of desktops, laptops, servers, kiosks, POS machines and the applications that run on them. Cross-platform capabilities include support for Windows PCs, Macintosh computers and smartphones, including BlackBerry, Symbian, and Windows Mobile devices. • LogMeIn Rescue enables customer support and help desk technicians provide on-demand support of PCs, Macs, and smartphones over the Internet, without preinstalling software. • LogMeIn Central is a web-based management console that allows IT administrators to proactively access, manage, and monitor hundreds to thousands of geographically dispersed, hard-to-reach devices. Founded in 2003, LogMeIn’s world headquarters are located just outside Boston, Massachusetts, with European headquarters in Amsterdam, a sales and marketing office in London, Asia Pacific headquarters in Sydney, and development centres in Budapest and Szeged, Hungary. •Our passion: Delighting customers and users of our technology; •Our mission: Maximise mobility, connectivity and business productivity; •Our vision: Worldwide connectivity for mobile work and life styles.

ServiceWise is a customisable and comprehensive internal Helpdesk, ITSM and ITIL compliant solution. It can enforce business rules and optimise business processes regardless of the size of your organisation. Automate and streamline services and helpdesk activities with configurable workflows, process management, email notifications and a searchable knowledge base. Provide support from a browser by creating a customised self-service portal that matches the look and feel of your company’s website. The self-service portal includes online incident submission, status updates, online conversations and a knowledgebase. ServiceWise includes modules such as incident management, problem escalation and analysis, change management and asset management.

VMware

Wendia UK

stand A15

E: servicemanager@vmware.com W: www.vmware.com/servicemanager/uk Visit the VMware Stand at the itSMF UK Conference and enter our draw to WIN* an Apple iPad. IT management must change. Traditional tools and processes that were designed for siloed, static, physical infrastructures don’t provide the automation and control needed for inherently dynamic virtualised environments and cloud infrastructures. A new breed of solutions that ensure service levels and transform operational efficiency is needed. From the leader in virtualisation and cloud infrastructure, VMware management solutions are purpose-built for dynamic environments to fundamentally change how organisations manage IT and deliver services. Visit the VMware stand at this year’s itSMF UK Conference and learn how VMware’s IT Management Solutions enable you to move from: • Slow and error-prone manual processes to intelligent, automated workflows; • Inconsistent and manually intensive requests to intuitive self-service with integrated request fulfilment; • Expensive supplier audits to controlled software license and asset management; • Virtual sprawl to policy-driven control and confidence. Visit our website (see below) for a host of free IT and Service Management resources or contact us at the address below. (*The prize is a 16GB Wi-Fi and 3G Apple iPad valued at £529. The winner must be a delegate of the itSMF UK Conference 2010. Vendor representatives and organisers are not eligible to win. The winner will be notified by email post event).

CustomerWise is an integrated CRM solution focused on customer service throughout the entire customer lifecycle. Provide your support, sales, and marketing teams the necessary tools, processes, and information they need to meet customer demands and improve the customer’s experience. CustomerWise allows you to refine sales, customer service and support processes to increase cross-team communication and efficiency while reducing your overall costs. Combine sophisticated process automation, knowledgebase management, workflow, and customer self-service to improve business processes that translate into better customer relationships. AssetWise aids the process of monitoring, controlling and accounting for assets throughout their lifecycle. A single and centralised location enables businesses to monitor all assets including company IT assets, managing asset inventories, and tracking customer-owned assets. All asset changes, including maintenance information, trouble ticket data, status inventory, utilisation metrics and usage, are recorded in the central repository and linked to other Service and Support tasks. As part of the TechExcel Service Suite, AssetWise can be accessed by members of TechExcel CustomerWise and ServiceWise and provides a single version of asset truth for sales, service, help desk, IT, and other teams. DownloadPlus is an easy-to-use website management application for monitoring file downloads and analysing website download activities. Integrated with TechExcel Service Suite, Download Plus improves sales lead generation, lead qualification, and software delivery. DownloadPlus enables businesses to enhance their web presence by integrating web activities with their customer records to improve sales and customer service. DownloadPlus does not require any programming or HTML. With customer download activities tracked automatically, sales and marketing managers can accurately and intelligently qualify sales leads. DownloadPlus provides controlled download management for all downloadable files, from software products and documentation, to marketing materials and multimedia files.

stand A01

Contact: Steve Lawless – sales director T: +44 (0)800 033 7480 M: +44 (0)7810 480 550 E: S.lawless@Wendia.com W: www.Wendia.com Wendia UK launches POB (Point of Business) Smart Suite at itSMF 2010 in London. POB is one of only three software solutions Pink Verified for 14 processes against ITIL v3. It’s been described as a highly functional Service Management solution, combined with a lean implementation timeline. And now for the first time it’s available in the UK. If you are looking to transform Service Management in your organisation, or want to achieve organisation-wide benefits from Service Management, then come and see what you’ve been missing until now. Wendia has been providing Service Management solutions in Europe for over 20 years, and over that time has continually and heavily invested in the ongoing development and improvement of its offering to the point where it is in the top tier of Service Management solutions. Over this time Wendia has also built up an impressive and loyal customer base across Europe and recently in the United States and continues to grow its market share in both the public and private sectors. If you want reference sites, just ask. We have loads of happy customers. At Wendia we believe that we don’t just sell a software solution; we believe that we provide a one stop shop for all your Service Management needs. Our process and implementation consultants and trainers are all ITIL ‘Experts’, each with many years of ‘hands-on’ practical experience in Service Management. This means that the advice, guidance and ultimately the solution you get will be second to none, and will ensure that your tailored Service Management solution meets your specific business needs. At the itSMF conference we will be demonstrating the latest version of POB, ‘G6’. If that wasn’t enough, right now we also have a special offer for all new customers: buy 2 POB modules and get POB ‘self service’ Password Manager absolutely free. POB Password Manager provides a ‘self service’ facility to allow users to manage their own password access problems. Your Service Desk will experience a noticeable reduction in password reset calls, and the benefits are immediately measurable. Come and meet the CEO of Wendia Europe, Hans Fredsted, and the newly-appointed sales director of Wendia UK, Steve Lawless, who will be on the stand both days of the conference.

vital focus groups Helping you overcome obstacles

28th June 2011 ●

One Day Event ● 120 Decision Makers ● 15 Thought Leading Debate Sessions Peer-to-Peer Networking ● Exhibition ● Cutting Edge Content

For more information Contact Grant Farrell on +44 (0) 203 056 4598 Email: registration@vitalfocusgroups.com

Powerful multi-protocol testing software

Website: www.vitalfocusgroups.com Can you predict the future? Event Sponsor:

Sponsors:

Forecast tests the performance, reliability and scalability of IT systems. Combine with Facilita’s outstanding professional services and expert support and the future is no longer guesswork. visit Facilita at:

WINTER 2010

4th October

7th December

Guoman Tower Hotel. London

Plaisterers Hall, London

Facilita Software Development Limited. Tel: +44 (0)1260 298 109 | email: enquiries@facilita.com | www.facilita.com