Leadership in a Season of Change by ctof magazine

Technology for Growth and Governance

August | 21 | 2011 | Rs.50 Volume 07 | Issue 01

Leadership in a

Season of

Change

There is accelerating change and complexity in business and technology. We bring to you valuable takeaways from the annual CTO Forum Conference that address this changing scenario. | PAGE 30

THOUGHT LEADERS

Time to Review

Mission Critical Computing PAGE 62

A 9.9 Media Publication

I BELIEVE

The Future of

Office Environments

PAGE 04

BEST OF BREED

The CIOâ&#x20AC;&#x2122;s Role Morphs Yet Again PAGE 20

editorial Pramath Raj sinha | pramath.sinha@9dot9.in

India Bound! Held at

home turf, the annual event saw CIOs engaging enthusiastically on challenges confronting enterprise technology.

hen our company 9.9 Media acquired the CTO Forum we discovered that its flagship annual conference was held overseas. I initially thought this was to help our Indian CIOs imbibe best practices from their counterparts in more developed markets but it soon became clear that the reason was to lure CIOs to an exotic location and have dedicated time away from home and work. Nevertheless, we were afraid to go against tide and

editorâ&#x20AC;&#x2122;s pick 30

went ahead with CTO Forum annual conferences in Macau, Beijing and Dublin. It was with some courage accompanied with some trepidation that we decided to organise this yearâ&#x20AC;&#x2122;s CTO Forum annual conference in Kovalam, right here in India. Some CTO Forum veterans and industry experts felt we were diluting the value proposition for both attendees and sponsors. But we knew the reduced travel hassles and the availability of more time for the confer-

Leadership in a Season of Change. We bring to you valuable takeaways from the annual CTO Forum Conference that address the changing business and technology scenario.

ence itself would more than make up for this, especially if we continued to innovate on the agenda. Somewhere along the way, we were also tempted to increase domestic consumption and add to the India story! I am happy to report that the just concluded 12th annual CTOF Forum was well-attended and based on participant feedback, the India location was a big hit. Over a 100 CIOs joined us at the spectacularly located Leela Kempinski in Kovalam for 4 days. No connecting flights to worry about, no jet lag, no late check-ins, and a superb facility. The conference itself was themed CIO & Leader, defined by our continuing belief that the CIO must be both a technology specialist and a business and people leader. This issue of our magazine captures some of the

key takeaways from the event for those of you who could not attend. But we were fortunate to have a highly engaged audience of CIOs who not only came, but spoke and listened, engaged and contributed, and left with a promise to return undoubtedly the best testimony to our efforts. What we are most grateful for is their enthusiastic support and encouragement that has given us the confidence to organise future CTO Forum annual conferences in India itself. To all those of you who came to Kovalam : thank you for showing leadership in challenging the status quo and bucking the trend. We hope to see all of you next year at a bigger and better annual conference in India!

The Chief Technology Officer Forum

cto forum 21 august 2011

AUGUST 11 thectoforum.com

Cov e r D e s i g n by J o f f y J o s e

Conte nts

30 Cover Story

30 | Leadership in a Season of Change We bring

Columns

04 | I believe: The Future of Office Environments They will be dominated by Open Collaborative Spaces. By Paul Martine

to you valuable takeaways from the annual CTO Forum Conference that address the changing business and technology scenario.

64 | View point: Cloud Is Not The End - Itâ&#x20AC;&#x2122;s The Means Cloud is a new tools that is the means to a more aspirational end. By KEN OESTREICH

Please Recycle This Magazine And Remove Inserts Before Recycling

Copyright, All rights reserved: Reproduction in whole or in part without written permission from Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd, C/o Kakson House, Plot Printed at Silverpoint Press Pvt. Ltd. D- 107, MIDC, TTC Industrial Area, Nerul, Navi Mumbai- 400706

cto forum 21 August 2011

The Chief Technology Officer Forum

Features

50 | Tech for Governance Gap Analysis in Supply Chain Management By thomas Fox

www.thectoforum.com Managing Director: Dr Pramath Raj Sinha Printer & Publisher: Kanak Ghosh Publishing Director: Anuradha Das Mathur Editorial Executive Editor: Yashvendra Singh Senior Editor: Harichandan Arakali Assistant Editor: Varun Aggarwal DEsign Sr. Creative Director: Jayan K Narayanan Art Directors: Binesh Sreedharan & Anil VK Associate Art Director: PC Anoop Visualisers: Prasanth TR & Anil T Sr Designers: Joffy Jose, NV Baiju, Chander Dange & Sristi Maurya Designers: Suneesh K, Shigil N & Charu Dwivedi Chief Photographer: Subhojit Paul Photographer: Jiten Gandhi

16 A question of answers

16| All Set to Scale up Cloud

Subramanya C, CTO, HGS, talks about how he is harnessing cloud for his organisation.

RegulArs

01 | Editorial 08 | Enterprise Round-up advertisersâ&#x20AC;&#x2122; index

40 | next horizons: Is IaaS Really a Good Deal? For enterprises, the benefits relate less to the financial case. By Pam Baker

48 | NO holds barred: Doug Farber, MD, Asia Pacific, Google Enterprise talks about some of the drivers for cloud adoption.

CISCO IFC SCHNEIDER 05 PATEL INDIA 07 IBM 11 SAS 13 SAS WHITE PAPER 14,15 CHECK POINT 19 GOOGLE WHITE PAPER 26,27 WIPRO 43 JUNIPER WHITE PAPER 46,47 POLYCOM 55 BMC WHITE PAPER 58,59,60,61 RIVERBED IBC IBM BC

advisory Panel Anil Garg, CIO, Dabur David Briskman, CIO, Ranbaxy Mani Mulki, CIO, Pidilite Manish Gupta, Director, Enterprise Solutions AMEA, PepsiCo India Foods & Beverages, PepsiCo Raghu Raman, CEO, National Intelligence Grid, Govt. of India S R Mallela, Former CTO, AFL Santrupt Misra, Director, Aditya Birla Group Sushil Prakash, Country Head, Emerging Technology-Business Innovation Group, Tata TeleServices Vijay Sethi, VP-IS, Hero Honda Vishal Salvi, CSO, HDFC Bank Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay Vijay Mehra, CIO, Cairns Energy Sales & Marketing National Manager-Events and Special Projects: Mahantesh Godi (09880436623) Product Manager: Rachit Kinger (9818860797) GM South: Vinodh K (09740714817) Senior Manager Sales (South): Ashish Kumar Singh GM North: Lalit Arun (09582262959) GM West: Sachin Mhashilkar (09920348755) Kolkata: Jayanta Bhattacharya (09331829284) Production & Logistics Sr. GM. Operations: Shivshankar M Hiremath Production Executive: Vilas Mhatre Logistics: MP Singh, Mohd. Ansari, Shashi Shekhar Singh OFFICE ADDRESS Published, Printed and Owned by Nine Dot Nine Interactive Pvt Ltd. Published and printed on their behalf by Kanak Ghosh. Published at Bunglow No. 725, Sector - 1, Shirvane, Nerul Navi Mumbai - 400706. Printed at Tara Art Printers Pvt ltd. A-46-47, Sector-5, NOIDA (U.P.) 201301 Editor: Anuradha Das Mathur For any customer queries and assistance please contact help@9dot9.in This issue of CTO FORUM includes 12 pages of CSO Forum free with the magazine

This index is provided as an additional service.The publisher does not assume any liabilities for errors or omissions.

The Chief Technology Officer Forum

cto forum

21 August 2011

I Believe

Paul Martine CIO & Corporate VP, Operations, Citrix Systems Inc. has about 27 years of industry experience and is a passionate advocate of open collaboration.

The author

The Future of Office Environments They

will be dominated by Open Collaborative Spaces.

In the coming months and years, you're going to see more and more companies and their employees opting to work in open collaborative spaces. The open and collaborative environment is the way office spaces will transform. I really don't think you're going to see any more traditional, cubicle type of spaces.

cto forum 21 August 2011

The Chief Technology Officer Forum

current challenge Giving strategic leadership to world wide Information Technologies and Real Estate departments at Citrix.

These spaces also bring with them the option of open, 'work anywhere' concept. I know of some big companies that have gone this way: Cisco has done it, parts of IBM have gone this way, we are certainly moving in this direction. It's not a dedicated spot for every employee anymore. Just pull up a chair, with the people you need to be working with at that given time, use your computing device and when you're done, you move on to the next task. It's efficient and cost effective from even the real estate point of view, and it certainly encourages collaboration, where perhaps in traditional set ups, people didn't collaborate all that much. In today's work environment, we all need to work with a lot of other people in different teams. Just look at the projects that you need to do and all of the different people you need to work with. Calling all the people together in to a meeting in a stale, static environment... well you'll get something, but call them together in a coffee shop type of environment, and then you get a whole different kind of interaction going. I've seen a lot of entrepreneurial and start up firms using such open collaborative office spaces and a lot of it was done just to be cost effective, but they end being a bit more collaborative with everyone sitting together. In our own company, the vice president of application delivery, who owns applications delivery, project management and enterprise architecture... his building is built completely around the work anywhere concept. He is the vice president and he doesn't have an office.

Must stay open 24/7! Need redundant data centre power & cooling that fits my budget!

Business & IT is growing! Need more power and cooling on the fly for 10 new servers today!

IT is complex enough! Need an easy-to-operate data centre solution — from concept to deployment!

At last, your data centre can grow with your business! Only InfraStruxure delivers the triple promise of 24/7/365 availability, speed, and efficiency-driven cost savings Introducing Next Generation InfraStruxure

Whether your company has just doubled its sales or staff, you need to make sure that its data centre can support such business growth — not hinder it. All too often, though, businesses feel constrained by the capabilities of their information technology (IT) and supporting infrastructure. Is there enough rack space to handle more servers? Can power capacity accommodate larger IT loads? Today, APC by Schneider Electric™ eliminates these hurdles with its proven high-performance, scalable, and complete data centre architecture solution: InfraStruxure™.

InfraStruxure data centres mean business!

We say that InfraStruxure data centres mean business. But what does that mean to you? The answer is simple. A data centre means business when it is always available, 24/7/365, and performs at the highest level at all times, is able to grow at the breakneck speed of business, continues to achieve greater and greater energy efficiency — from planning through operations, and is able to grow with the business itself. What’s more, InfraStruxure is an integrated solution that can be designed to your exact requirements at the start, while still being able to adapt to your company’s changing business needs in the future.

The triple promise of InfraStruxure deployment

InfraStruxure fulfils our triple promise of superior quality, which ensures highest availability; speed, which ensures easy and quick alignment of IT to business needs; and cost savings based on energy efficiency. What better way to ‘mean business’ than to enable quality, speed, and cost savings — simultaneously?

Business Growth Data centre scaling Years

InfraStruxure data centres mean business! Availability: 24/7/365 uptime is made possible through best-in-class critical power with ’snap-in’ modular power distribution units, close-coupled cooling, and proactive monitoring software. Speed: Deployment is fast and simple because all system components are designed to work together ‘out of the box’ and the system can grow at breakneck business speed. Efficiency: True energy efficiency and savings are achieved via advanced designs, including three-stage inverters in UPS units and variable speed fans in cooling units. Manageability: InfraStruxure Management Software Portfolio enables you to see and manage capacity and redundancy levels of cooling, power, and rack space for optimal data centre health. Agility: Flexibility comes from enclosures with any-IT vendor compatibility and whole system scalability for both power and cooling.

Data Centre Projects: Growth Model

> Executive summary

Contents 1 2 7 7 9 10

Plan your data centre growth simply and effectively! Download White Paper #143, ‘Data Centre Projects: Growth Model’, today for guidance. Visit www.apc.com/promo Key Code 93846t Call 1800-4254-877/272

©2011 Schneider Electric. All Rights Reserved. Schneider Electric, APC, and InfraStruxure are trademarks owned by Schneider Electric Industries SAS or its affiliated companies. email: esupport@apc.com • 132 Fairgrounds Road, West Kingston, RI 02892 USA • 998-3811_IN

LETTERS CTOForum LinkedIn Group Join close to 700 CIOs on the CTO Forum LinkedIn group for latest news and hot enterprise technology discussions. Share your thoughts, participate in discussions and win prizes for the most valuable contribution. You can join The CTOForum group at:

S P I N E

CTO FOR UM MOBILE

Techno logy for Growth and

Gover nance

PAYM ENT GOIN

August

G MAIN

| 07 | Volume 2011 | Rs.5 06 | Issue 0 24

STREAM SOON

| IS IT

A CIO’s

POSSIBL E TO ACHIEVE A RET URN

LEA TRADITERSHIP S

ON ITIL?

It is pr leade obable that traits r but it is ce a CIO is a any CIcan be in rtain that le born ership burningO. What isculcated inad to ne desire to learneded is the .| PAGE

Some of the hot discussions on the group are:

| PRACTIC AL SEC URIT

Y MAN AGE MENT

THOU

FOR STAR

DATA EXP GHT LEADERS LOSIO

TUPS

CORP WORRIESN ORATES PAGE 55

SUMM ER

VIEWP OINT

e 06 | Issue 24

Volum

LOVE AND SOFTW LICENSARE ING PAGE 56

A 9.9

Media

www.linkedin.com/ groups?mostPopular=&gid=2580450

Publicatio

The Cloud is all air and no substance Do you think cloud is going to die a quick death of SOA or is it going to make big headway into the enterprise? Is it old wine in a new bottle? What does it lack in making a convincing case?

COLLA

I BELIE VE

USERBORATION IS DRIVEN PAGE 04

What are the attributes of a good CTO? What are the prerequisites for a CTO role ?

I see the CTO's role as that of a technology leader bridging the gap between the commercial requirements of the enterprise and the technology support of those requirements. An effective CTO should be able to guide the efficient implementation of IT strategy of the business.

Its real and all about today and tomorrow. However, you have to bring it back to a realistic service that gives tangible benefits. There are a great deal of 'cowboy' stories and not many who really understand it.

—Ronald Kunneman, Director at Digitra

cto forum 21 August 2011

The Chief Technology Officer Forum

http://www. thectoforum.com/ content/“all-youneed-a-definedchain-commands”

Future lies in Open Collaborative Spaces

Open-Concept spaces are efficient and cost effective and it certainly encourages collaboration. “In the coming months and years, you're going to see more and more companies and their employees opting to work in open collaborative spaces.” To read the full story go to:

WRITE TO US: The CTOForum values your feedback. We want to know what you think about the magazine and how to make it a better read for you. Our endeavour continues to be work in progress and your comments will go a long way in making it the preferred publication of the CIO Community.

Mahendra Negi, COO and CFO, Trend Micro in a draws parallels between Japanese Tsunami and enterprise risk management in a discussion with CSO Forum.

Opinion

RIChard WArd, Head of Technical, WIN Plc

Send your comments, compliments, complaints or questions about the magazine to editor@thectoforum.com

CTOF Connect

Paul Martine CIO and Corporate VP of Operations, Citrix Systems

http://www.thectoforum.com/content/futureoffice-environments-will-be-dominated-opencollaborative-spaces-0

FEATURE Inside

Consumers Tired of Social Media Pg 10

Enterprise

ILLUSTRATION BY Binesh Sreedharan

Round-up

Acer dethroned HP from the No. 2 position in India Acer picked up 12 percent

market share in overall PC market in India. The combined desk-based and mobile PC market in India totaled nearly 2.5 million units in the second quarter of 2011, a 2.5 per cent increase over the second quarter of 2010, according to Gartner. “This growth was primarily driven by the mobile PC market which grew 17 percent year on year in the second quarter of 2011,” said Vishal Tripathi, principal research analyst at Gartner. “Economic factors such as rising interest rates and high inflation costs resulted in slower consumer demand.” All the major multinational PC vendors, with the exception of HP, experienced double-digit growth in

cto forum 21 August 2011

The Chief Technology Officer Forum

PC shipments in the second quarter of 2011. Multinational brands contributed more than half of the total PC shipments in the second quarter of 2011 with shipments from Acer, Dell, HP and Lenovo, the top 4 vendors, representing 50.4 percent of the market. Local vendor HCL accounted for 6.6 percent of PC shipments in the second quarter of 2011. Acer dethroned HP from the No. 2 position in the market due to its strong commercial business. Dell, with 17 percent market share, held to its No.1 position, while Acer was in the No. 2 ranking with 12 percent market share.

Data Briefing

48% Android’s global share in handset market.

E nte rpri se Round -up

They Steve Jobs Said it Steve Jobs submitted his resignation to the board of directors recently and "strongly recommended" that the board name Tim Cook as his successor. Jobs, 56 years old, has been elected chairman of the board and Cook will join the board, effective immediately, the company said.

PHOTOs BY PHOTOS.COM

“I believe Apple's brightest and most innovative Bing Has higher success rate than Google Experian Hitwise finds days are ahead of it.” Microsoft’s Bing more effective. A study conducted by Web tracking company Experian Hitwise has revealed that Microsoft’s Bing is more effective than Google, when judged by the yardstick of Success rate. In search parlance, “Success rate” is defined as the click-through rate after a user conducts a search. The report from Experian Hitwise says, “Yahoo! Search and Bing achieved the highest success rates in July 2011. This means that for Yahoo! Search, more than 81.36 percent of searches executed resulted in a visit to a Website. Google achieved a success rate of 68 percent, an increase of 1 percent in July 2011. The share of unsuccessful searches highlights the opportunity for both the search engines and marketers to evaluate the search engine result pages to ensure that searchers are finding relevant information.” The researchers at Experian are of the opinion that the results show that there continues to be room for both Google and Microsoft to step up their games when it comes to search accuracy. The users of Search engines could also probably help themselves a lot by formulating more precise queries. Experian's numbers show that the plurality of searches, 25.32%, are made with just a single word, followed by twoword and three-word queries, with shares of 24.09% and 19.49%, respectively.

Quick Byte on MOBILITY

— Steve Jobs, Co-Founder, Apple Inc.

A class action suit has been filed against Apple in South Korea seeking up to $25 million in compensation for a feature that allows iPhone to keep track of the owner’s movements. Apple is already facing class-action lawsuits in the US over its iPad and iPhone tracking. The Chief Technology Officer Forum

cto forum

21 August 2011

E nte rpri se Round -up

Consumers Tired of Social Media 31 percent of younger, more

mobile, consumers indicated that they were getting bored with social media.

STRATEGY There are signs of maturity in the social media market, as some users in certain segments are showing “social media fatigue”, according to a survey by Gartner, Inc. The survey reveals continued localization of usage, whereby certain country-specific social characteristics dictate preferences. However, large global brands such as Facebook are making headway in countries where they have not historically been strong. Gartner surveyed 6,295 respondents, between the ages of 13 and 74, in 11 developed and developing markets in December

2010 and January 2011. Consumers were asked about their use of and opinions about social media sites with the aim of examining usage trends and how enthusiastic users were about social media in general across a range of countries. “Overall, our survey underlined respondents’ continued enthusiasm for social media,” said Charlotte Patrick, principal research analyst at Gartner. “Teenagers and those in their twenties were significantly more likely to say that they had increased their usage, while at the other end of the ‘enthusiasm spectrum’, the

Global Tracker

Destination Amazon

Amazon Sites reached

cto forum 21 August 2011

The Chief Technology Officer Forum

282 Million

Source: comScore

more than 282 million visitors in June, or 20.4 percent of the worldwide Internet population.

age-related differences were much less marked, with fairly consistent percentages saying that they were using social media less.” Of the respondents, 24 percent said they use their favorite social media site less than when they first signed up. These respondents tended to be in segments that have a more practical view of technology. But 37 percent of respondents, particularly those in younger age groups and more tech-savvy segments, said they were using their favorite site more. “The trend shows some social media fatigue among early adopters, and the fact that 31 percent of Aspirers (younger, more mobile, brand-conscious consumers) indicated that they were getting bored with their social network is a situation that social media providers should monitor, as they will need to innovate and diversify to keep consumer attention,” said Brian Blau, research director at Gartner. “Branded content needs to be kept fresh and must be able to capture people’s attention instantly. The new generation of consumers is restless and short on attention span, and a lot of creativity is needed to make a meaningful impact,” Blau added. Gartner analysts also examined whether the type of social media site respondents used affected their enthusiasm. Given that 24 percent of respondents indicated that they were using their main social site “a little less” or “a lot less” than when they first started using it, respondents were asked what negative factors might be influencing their decision. Although none of the options given to the respondents resonated extremely highly, 33 percent said they were concerned about online privacy. Attitudes to privacy were also age-related, with teenagers citing privacy concerns significantly less often than older respondents (22 percent of teenagers agreed or strongly agreed that privacy concerns were decreasing their enthusiasm, against an average of 33 percent). “The level of consumer concern around privacy will require ongoing vigilance for brands concerning customer opt-in and education. Lessons should be learned from the likes of Facebook as they test the boundaries of consumer tolerance in search of more revenue,” Patrick said.

E nte rpri se Round -up

Verizon Launches Mobile Satellite Solutions To provide access where terrestrial communication is unavailable.

Verizon is adding Mobile Satellite Solutions to its Private IP service suite, combining a highly reliable connection with portable satellite technology to provide services where traditional terrestrial services are unavailable, unreliable or expensive. By leveraging Verizon’s multiprotocol label switching (MPLS) global private IP network, these satellite services provide Private IP customers with access to their private networks from virtually

any place within the satellite coverage area. Mobile Satellite Solutions comprise any combination of auto deploy kits, communications trailers and an executive coach to provide dependable backup service and enhanced disaster recovery for customers looking for primary access, business continuity, digital signage, IPTV and content delivery. “With Verizon’s 20-plus years of offering satellite services to business and government customers, we are well-equipped to provide the flexibility and coordination satellite projects require,” said Nicola Morris, vice president of marketing and strategy for Verizon Business. “Our Mobile Satellite Solutions offer the powerful combination of satellite technology and Verizon’s Private IP network.” Using an MPLS-based virtual private network, Mobile Satellite Solutions offer the scalability and any-to-any connectivity of IP while providing a high level of security. With quick and easy implementation, Verizon can deliver these mobile satellite solutions virtually anywhere in the continental U.S. within 24 to 36 hours, depending on the specific configuration. The solutions provide the bandwidth, high availability, performance and quality of service required to meet today’s complex business needs. Verizon has extensive experience in this field, having designed and implemented global satellitebased telecommunication services since 1992. Currently, the company provides connectivity to thousands of satellite terminals around the world that support a variety of industries and applications. The company has also used this mobile satellite technology to provide humanitarian services following a wide range of natural and manmade disasters.

Fact ticker

NFC and Private Cloud in Gartner Hype Cycle 2011 Wireless power, Internet TV also featured. Activity streams, wireless power, Internet TV, NFC payment and private cloud computing are some of the technologies that have moved into the Peak of Inflated Expectations, according to the 2011 Emerging Technologies Hype Cycle by Gartner. Other newly featured high-impact trends include big data, and natural language ques-

cto forum 21 August 2011

tion answering. "Themes from this year's Emerging Technologies Hype Cycle include ongoing interest and activity in social media, cloud computing and mobile," Fenn said. "On the social media side, social analytics, activity streams and a new entry for group buying are close to the peak, showing that the era of sky-high valua-

The Chief Technology Officer Forum

tions for Web 2.0 startups is not yet over. Private cloud computing has taken over from more-general cloud computing at the top of the peak, while cloud/Web platforms have fallen toward the Trough of Disillusionment since 2010." "Mobile technologies continue to be part of most of our clients' short- and long-range plans and are present on this Hype Cycle in the form of media tablets, NFC payments, quick response (QR)/ color codes, mobile application stores and location-aware applications."

Resource hub

TE Co r p o r a t i o n h a s announced it has established ZTE India as the company’s global experts resource hub. As the global resource hub, ZTE India, a wholly owned subsidiary of ZTE Corporation, will serve as a key technical resource provider for ZTE’s operations and subsidiaries in other countries as the company continues to scale up its global growth. The company aims to have 2000 employees at the center in two years. “We are delighted to name ZTE India as our global expert resource hub,” said, ZTE Director of Human Resources, Jie Li. “With its vast pool of skilled talent and resources and excellent language skills, India is the instinctive choice.” Under the initiative, ZTE India’s employees will have the opportunity to work with and lead global teams on various innovative projects and expand their expertise in the latest technological developments in the telecommunications arena. The India hub will address the unique requirements of the Indian market and will assist ZTE employees with building knowledge of new technologies as they are adopted worldwide. The center will be staffed with technical experts in the fields of LTE, broadband, next-generation network, managed services and IT application solutions for enterprise and telecoms service providers to meet global demand for ZTE products.

ANALYTICS Build on your future.

SAS® Analytics help you discover innovative ways to increase profits, reduce risk, predict trends and turn data assets into true competitive advantage. Decide with confidence.

Scan the QR code* with your mobile device to view a video or visit sas.com/india/build for a free Harvard Business Review report.

For more information please contact Jaydeep.Deshpande@sas.com.

*Requires reader app to be installed on your mobile device

SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies. © 2011 SAS Institute Inc. All rights reserved. S75378US.0611

LEVELS of anaLyTIcS

Not all analytics are created equal. Like most software solutions, you’ll find a range of capabilities with analytics, from the simplest to the most advanced. In the spectrum shown here, your competitive advantage increases with the degree of intelligence.

1 2 3

Standard reportS

answer the questions: What happened? When did it happen? example: Monthly or quarterly financial reports. We all know about these. They’re generated on a regular basis and describe just “what happened” in a particular area. They’re useful to some extent, but not for making long-term decisions.

ad hoc reportS

answer the questions: how many? how often? Where? example: custom reports that describe the number of hospital patients for every diagnosis code for each day of the week. At their best, ad hoc reports let you ask the questions and request a couple of custom reports to find the answers.

Query drilldoWn (or olap)

answers the questions: Where exactly is the problem? how do i find the answers? example: Sort and explore data about different types of cell phone users and their calling behaviors.

Query drilldown allows for a little bit of discovery. OLAP lets you manipulate the data yourself to find out how many, what color and where.

alertS

answer the questions: When should i react? What actions are needed now? example: Sales executives receive alerts when sales targets are falling behind. With alerts, you can learn when you have a problem and be notified when something similar happens again in the future. Alerts can appear via e-mail, RSS feeds or as red dials on a scorecard or dashboard.

StatiStical analySiS

answers the questions: Why is this happening? What opportunities am i missing? example: Banks can discover why an increasing number of customers are refinancing their homes. Here we can begin to run some complex analytics, like frequency models and regression analysis. We can begin to look at why things are happening using the stored data and then begin to answer questions based on the data.

ForecaSting

answers the questions: What if these trends continue? how much is needed? When will it be needed? example: retailers can predict how demand for individual products will vary from store to store. Forecasting is one of the hottest markets – and hottest analytical applications – right now. It applies everywhere. In particular, forecasting demand helps supply just enough inventory, so you don’t run out or have too much.

predictive Modeling

answers the questions: What will happen next? how will it affect my business? example: hotels and casinos can predict which vip customers will be more interested in particular vacation packages. If you have 10 million customers and want to do a marketing campaign, who’s most likely to respond? How do you segment that group? And how do you determine who’s most likely to leave your organization? Predictive modeling provides the answers.

optiMization

answers the question: how do we do things better? What is the best decision for a complex problem? example: given business priorities, resource constraints and available technology, determine the best way to optimize your it platform to satisfy the needs of every user. Optimization supports innovation. It takes your resources and needs into consideration and helps you find the best possible way to accomplish your goals.

the best analytics for your business problem The majority of analytic offerings available today fall into one of the first four areas, which report historical data on what happened in the past but no insight about the future. For simple business problems, these analytic solutions will be all you need. But if you’re asking more complex questions or looking for predictive insight, you need to look at the second half of the spectrum. Even better, if you can learn to use these technologies together and identify what type of analytics to use for every individual situation, you’ll really be increasing your chances for true business intelligence.  �nline SAS Analytics: www.sas.com/technologies/analytics

A Question of answers

S u b r a m a n ya C

Subramanya C | CTO, HGS

All Set to

Scale up

Cloud

Cloud computing fits well into today’s business environment. In a conversation with Yashvendra Singh, Subramanya C, CTO, HGS, talks about how he is harnessing cloud for his organisation. How is Hinduja Global Solutions doing? HGS is doing really well. With a successful re-branding activity (where we changed to a new log and a new brand name ‘HGS’) and three successful acquisitions in the past 14 months, we are on a high growth trajectory. We now have 22,000 employees servicing a flourishing portfolio of multilingual offerings across our 46 Global Delivery Centres. Together with our subsidiaries, we are now a USD 300 million plus organisation. We are entering new markets and acquiring new competencies to diversify and de-risk our business model.

cto forum 21 August 2011

The Chief Technology Officer Forum

Through one of our recent acquisitions, we now have HRO capabilities which can be cross sold to our existing clients. With the business pipeline looking healthy and a CAGR of 16 percent in the last five years, the future looks promising for HGS. How have you achieved alignment between business and IT within Hinduja Global Solutions? With 46 Global Delivery Centres across 6 countries, we work across multiple time zones to run 24X7 operations, each with highly demanding technology requirements. This makes

the role of IT very important in HGS. IT provides the required technology backbone in partnership with the right vendors to run operations seamlessly. Our involvement begins from the decision making process i.e. the early stages of customer acquisition. I and my team support our processes completely across the life cycle of the business, enabling them to meet & exceed customer commitments and increase automation. The technology team analyses the requirements for each new process and arrives at solutions which ensure optimum utilisation of the new features and seamless change for our clients.

S u b r a m a n ya C

A Question of answers

Cloud Power: HGS's Subramanya has adopted cloud services and is evaluating the possibility of scaling it up. The Chief Technology Officer Forum

cto forum

21 August 2011

A Question of answers

S u b r a m a n ya C

Describe the IT governance process in your organisation. IT governance in HGS is guided by the needs for compliance and greater accountability. Though our IT infrastructure is centrally coordinated and architected across our centers, each center is locally responsible and accountable for its business needs. We enable efficient operations by maximising IT sharing and reuse. There is sufficient process documentation and key metrics are clearly defined and adhered to. Each stakeholder has clear accountability for his/her respective responsibilities in the decision making processes affecting IT in HGS. While managing risk and ensuring compliance are essential components of our IT governance, the focus is constantly on delivering value and measuring performance. What are the major technology trends in the BPO sector? Cloud Computing - As the platforms mature and become safer, more applications will get built into the cloud than what has been witnessed in the past few years in the BPO sector. Virtualisation – More servers and desktops will be virtualised now to generate operational and cost efficiencies. Mobile Applications – With a fast evolving platform, mobile applications will witness greater adoption. How are you leveraging these trends in your organisation? We have started adopting cloud services and are evaluating the possibility of scaling it up across our locations. We are also studying the possibility of using the Cloud based apps for business analytics and performance dashboards. We are keenly watching the development in this space and analysing the costs, benefits & feasibility of using these Services.

cto forum 21 August 2011

The Chief Technology Officer Forum

“Cloud Computing fits well into today’s business environment by helping in management of market demands, minimising IT issues, optimising IT budgets and lowering TCO.” As a CTO, what is the biggest challenge for you? How are you tackling this challenge? We have acquired three new entities in the last one year. All of them have their own unique IT infrastructure. Integration of these acquired entities by optimising their technology and telecom resources, standardising them according to our architecture while allowing some customisation is currently keeping me occupied. We conduct a technology due diligence and discuss all issues with the technology team of the acquired company, look at the scope for cost optimisation and prepare a transition plan to gradually align the two architectures. What are your future plans for the company? I am looking at an accelerated migration to the cloud and standardised IT architecture across all our Global Delivery Centres including the acquired ones in the coming years.

things I Believe in Running 24X7 operations makes the role of IT very important in HGS. hile managing W risk and ensuring compliance are essential to IT governance, our focus is constantly on delivering value and measuring performance. loud helps C in managing market demands, lowering TCO, and minimising IT issues.

Cloud is the buzz word these days. What are your thoughts on it? Cloud Computing fits well into today’s business environment by helping in management of market demands, minimising IT issues, optimising IT budgets and lowering TCO. Provides scalability, enables switching from CapEx to OpEx. The cost benefits are especially relevant to the BPO industry where cost efficiency remains a big competitive advantage. It is particularly important for us to be on the cloud because we are growing fast and looking at becoming a billion dollar entity in the next few years. Selecting the right vendor is of paramount importance as this is a field evolving by the day and the right vendor has to be fast and innovative enough to adjust to new technology and changing business needs.

Best of

Breed

Features Inside

Integrating Defect and Problem Management Pg 22 The CIO's Role Morphs Yet Again Pg 24

Image by photos.com

‘Go Opposite,’ get solutions The following classic examples

prove how going opposite produces stellar results By Daniel Burrus

cto forum 21 August 2011

The Chief Technology Officer Forum

rom managing the exploding volume of data to keeping the network secure to taking a high-level strategic role at the C-level table, CIOs live in a complex and intense environment. Therefore, when challenges appear, overcoming them quickly is key for long-term success. But part of the challenge about challenges is knowing how to do that. Experience tells us that our biggest challenges are often quite different from what we think our biggest challenges are. But in searching for the real problem we want to address, it’s not always easy to know where to look. One way to help tease that insight to the surface is to note where everyone else is looking -- and then look in the opposite direction. It is often breathtaking how quickly this strategy makes the invisible visible and reveals surprisingly practical solutions to problems you didn’t even realise you were facing. In fact, this counterintuitive idea is often a quintessential flash foresight strategy. Not sure how going opposite could realistically play out in the corporate world? Consider the following classic examples of how going opposite produced stellar results: Amazon.com - Jeff Bezos looked at how Barnes & Noble had taken the traditional bookstore to a new level of size and substance, creating the modern superstore -- and went the other way. He shrank the size to nothing and made it completely insubstantial. It didn’t take Barnes & Noble, Borders (now going out of business), and the other major book retailers long to create their own versions of virtual

Remember, your biggest problem is typically not the problem at all.

i n n o vat i o n

book superstores. But, by the time they caught up, Amazon had gone in an opposite direction again: It added consumer electronics, toys, clothing, home and garden accessories, etc. ... in short, everything. Next, Bezos rented excess technology capacity to any size company, acting as a virtual IT department. Having become the first major virtual bookstore, it has now become a virtual unbookstore. Dell - Dell looked at the PC industry’s reliance on retailers and did something else: direct marketing. All the other personal computer manufacturers created their own line of models and then offered them to consumers to buy through retail outlets. Dell showed its consumers the full range of options, on the Internet, and then invited them to design the models they wanted themselves. JetBlue and Southwest - JetBlue looked at the hub-and-spoke system used by legacy carriers and decided to do the opposite. Launching their low-cost airline based on a point-to-point system, they profited while others suffered and went into bankruptcy. The founders of JetBlue came from the opposites-work-better culture of Southwest Airlines. Southwest does almost everything the opposite of the legacy carriers, right down to how they put you on the plane. Instead of assigning you seats on the plane, they assign you a place to stand in line at the gate while waiting to board. Sounds crazy, but it works. By 2007, as measured by number of passengers carried per year, Southwest Airlines had become the largest airline in the world.

The opposite of no money There is hardly any conversation where the idea “that’s impossible” more commonly enters the picture than the conversation about budget and finance. Only in this context, the phrasing usually goes like this: "We can’t afford it." You’ve probably heard this regarding your IT budget. You propose an investment in new software, upgraded network security, adding tablets, and you’re met with the age-old reply of ,“We can’t afford it!” Anytime you hear someone say, “But we can’t afford it,” or hear yourself saying it, know this: You are probably looking at the wrong it.

B E S T OF B R E E D

Our biggest challenges are often quite different from what we think our biggest challenges are. But in searching for the real problem we want to address, it’s not always easy to know where to look. Remember, your biggest problem is typically not the problem at all. And once you’ve figured out which problem really needs solving, then "go opposite" is one of the most fruitful ways to approach the question of how. Here are three examples of the power of going opposite involving an elementary school, a college, and a Fortune 500 company. Perhaps one of them will inspire you with new ways to think opposite, too:

A pint-sized think tank In the late 1980s, my education division worked with a school district in northern Wisconsin that was struggling to raise enough funds to meet their schools’ needs. They had been approaching leaders in the business community and asking for money; a strategy that met with mixed results. As leaders in the community, these prominent businesspeople were constantly being approached by people representing one good cause after another. Clearly, they were very community-minded, but there were only so many dollars they could contribute. We decided to look for a way to turn the situation on its head. “We’re asking them for money to help us solve our problems,” I suggested. “What if instead, we ask them to give us their problems?” Kids are loaded with creativity. The problem is, if that creativity is not focused on something constructive, it can get them into trouble. These schools had hundreds of creative kids whose creativity wasn’t focused on anything in particular. What if we took some big real-world problems and gave them to these kids to see if they could come up with some creative solutions? What would motivate them to try? We could tell

them, “Hey, we’re adults, and we don’t have the answers!” We found a municipality that was struggling with a major waste disposal problem that they were about to turn over to an expensive New York firm. Instead, they gave the problem to all the students in a local school district. Sure enough, the kids came up with an idea that worked and solved the problem. The municipality paid the school a lot less than they would have had to pay the consulting firm, yet to the school district, it was a major windfall.

A shrinking budget problem I met recently with the dean of a school of engineering at a major California university. We had only about 20 minutes to talk, so we got right down to business. He had a problem. The governor of California had recently established a 10 percent budget cut for all education, across the board. “This is huge,” he said. “We’ve got a good 30 percent more engineering students coming in next semester, yet somehow I have to cut our budget by 10 percent. And what can I cut? We can’t reduce the fixed costs of campus and facilities. The only thing we can really cut is staff. So we’re looking at a 30 percent increase in the student body, with a 10 percent decrease in our teaching staff. How can this possibly work?” This was a big problem, indeed. It occurred to me that the opposite of cutting staff is hiring staff, so I asked him how much the average engineering faculty member made. He told me the average salary figure. Then I asked, “How much does each faculty member bring in to the school, on average, in research moneys and grants?” This latter figure turned out to be about The Chief Technology Officer Forum

cto forum 21 august 2011

B E S T OF B R E E D

i n n o vat i o n

twice the average engineering faculty salary. “That could be the answer right there,” I pointed out. “You need to be hiring, not firing. The only way I can think of for you to handle that 10 percent budget cut is to hire more engineering professors.” Opposites work better. The dean went to the chancellor with his exciting idea, which, not surprisingly, was immediately shot down. He could see the visible future, but his boss could not. He called me up and told me what had happened. “But you know what?” he added. “I’m going to do it anyway. I’m hiring ten new people. I’m sure I’ll get my hand slapped, but because we’ll bring in more money than we’re spending to hire them, it’ll all work out.”

Creating a million-dollar ad In the world of American sports, there are many contests, many arenas and then there’s the Super Bowl. In American advertising, there are millions of opportunities to promote a product, but there is only one ultimate ad slot: The Super Bowl ad. The single most heavily watched American television broadcast, this is the most expensive ad slot in the calendar, costing as much as $100,000 per second of airtime. The big consumer

was so close that they ended up goods companies typically throw running not one but two of the their biggest advertising budgets consumer-created ads. The ads and top PR talents at these tiny were so good that they ranked peepholes of super-concentrated fifth in a Nielsen survey of most public exposure. year on year popular Super Bowl ads that For years, Frito-Lay had heavgrowth in india year. One of the ads cost just ily advertised its Doritos brand server market in $200 to make. during the Super Bowl; spendMuch to Frito-Lay’s surprise, ing millions upon millions of q2, 2011 consumers got so engaged they dollars. In preparation for the continued submitting their 2007 event, they decided to do ads long after the Super Bowl. the opposite. “Instead of hiring Two years later Frito-Lay ran the contest the very best pros and paying them millions,” again. This time the winning commercial they said, “let’s hire complete amateurs and was ranked by USA Today’s Super Bowl Ad pay them nothing!” Meter as the year’s best ad. It also won the Sound crazy? Crazy like a fox. Because of two unemployed brothers who created it a the explosion in processing power, storage, cash prize of $1 million. and bandwidth, the ordinary consumer had the capacity to make a high-quality television-ready ad on their desktop and —Daniel Burrus is the founder and CEO of Burrus Frito-Lay knew it. Instead of passive ads, Research, a research and consulting firm that they went opposite, getting their target monitors global advancements in technology drivaudience engaged and, by making the ad en trends. He is the author of six books, including itself newsworthy, they also got valuable free How To See the Invisible and Do the Impossible as media exposure. well as the highly acclaimed Technotrends. They launched a contest called "Crash the —This article was first published on www. Super Bowl" for consumers to create their cioupdate.com. It is reprinted here with the prior own Doritos commercials. The public would permission from CIO Update. To see more articles vote on the best ad, and they would run the regarding IT management best practices, please winning ad during the Super Bowl. The vote visit www.cioupdate.com.

18.2%

Integrating Defect and Problem Management Integrating the two will help minimise the impact that software defects have on the business.

By Martin LikierAuther

hile a primary objective of ITIL's Problem Management process is to prevent problems and resulting incidents from happening, most organisations commonly start implementing Problem Management with a reac-

tive approach. This is commonly referred to as "reactive" Problem Management

cto forum 21 August 2011

The Chief Technology Officer Forum

(PM) because, as its name implies, a service disruption has already occurred. On the other hand, "proactive" Problem Management (PPM) is an approach where problems and known errors are identified before incidents occur. If PPM can identify problems and known errors prior to an incident, why do most organisations start with reactive Problem Management? The answer lies with the reality that it is easier to start

m a n ag e m e n t

B E S T OF B R E E D

a PM initiative by reacting to incidents. In some cases, it can require incremental costs to procure and deploy tools that proactively monitor events to predict possible future service, application or infrastructure failures. This article presents one approach you can use to develop a PPM process by leveraging the existing tools you likely have in place. The approach is based on integrating your organisation’s IT application development group’s defect management tool with a PM process. What is defect management, you ask? Analyse the results of any software development effort and you are sure to find defects. No matter how hard you try or how much money you spend, it is impossible to eliminate all defects. IT application and software development teams generally implement some form of a defect management tool and process to help mitigate defects in the solutions they develop. Integrating this defect management capability with your organisation's ITILaligned PM process will help minimise the impact that software defects have on the business once the solution is deployed.

The 3 objectives of PM

No matter how hard you try or how much money you spend, it is impossible to eliminate all defects.

According to ITIL, the PM is the process responsible for managing the lifecycle of all problems. There are three primary objectives of PM: 1 Prevent problems and resulting incidents from happening; 2 Eliminate recurring incidents; and 3 Minimise the impact of incidents that cannot be prevented. As IT development teams create and test new functionalities, they commonly discover defects and log them in a centralised repository known as a defect management tool. Logged defects are then assigned to team members who categorise, verify and prioritise each logged defect. As development and operation teams prepare for transition from dev to ops, these teams collaboratively review all defects that were not resolved and determine whether the release should be made operational with the known defects. It is at this time that PM becomes directly involved with problem managers or coordinators, recording these identified known defects as known errors within the known error database (KEDB). The KEDB should include details of common error messages, possible workarounds and resolution activities that will help assist the Incident Management and Service Desk teams. Another factor to consider when integrating your organisation's defect management process with the PM process is establishing a common set of defect and problem naming conventions that both processes and toolsets can use. It is also worth considering whether toolset integration is possible to streamline activities such as entering or updating data.

This reduces “swivel chair” activity for database administrators and helps to ensure data accuracy and updates occur in simultaneously in both databases when defects are logged, worked on or fixed. There are five advantages of integrating defect management and PM: Reduces Incidents - Making clients aware of known errors or defects prior to the release of new functionality can help set and manage their expectations. Some IT organisations may not want to alert clients of known defects. The reality is clients and users generally assume new releases will not be totally fault free and would rather know up front. By keeping clients informed, the number of incidents can be reduced and client satisfaction will increase. Reduces support costs - Having the details of known errors, workarounds and resolution activities formally documented in the KEDB means that there will be fewer situations where incidents have to be re-diagnosed and resolved all over again. Improves resolution times - Clients and users will also experience improved resolution times due to the service desk and other support personnel having appropriate diagnostic and resolution information at their fingertips. Prioritises bug fixes based on incidents - IT operational support groups can also benefit from the integration of defect management The Chief Technology Officer Forum

cto forum 21 august 2011

B E S T OF B R E E D

m a n ag e m e n t

and PM. As clients and users report issues back to the service desk, the support groups can analyse this information to help identify which faults should be corrected first based on what has the highest impact to the business. Improves team coordination - Organisations that design the integration between the development and operational processes improve information sharing and coordination. In turn, continual improvement efforts occur. This information includes identifying characteristics and attributes of defects that are innocuous. This provides additional insight, as to the nature of defects allowed in operations. There are many benefits for leveraging faults detected in the development environment and integrating them with PM. This one approach will allow you to position your IT organisation as

being proactive rather reactive simply by effectively leveraging people, tools and processes you likely have in place. In addition, making sure IT operations are involved earlier in the application development lifecycle is a good service management practice for improving an organisation's operational readiness. Additionally, these activities can be linked to a continual service improvement program, which helps with long-term and short-term improvements. —Marty Likier is a master consultant in Forsythe's IT Service Management practice. He can be reached at mlikier@forysthe.com. —This article was first published on www.cioupdate.com. It is reprinted here with the prior permission from CIO Update. To see more articles regarding IT management best practices, please visit www.cioupdate.com.

The CIO's Role Morphs Yet Again By Pam Baker

he CIO role continues to morph in the face of changing economic and technological pressures. The good news is that the CIO’s new role surpasses the initial goal of winning a seat at the table with the other C-suite players. Unfortunately, that’s also the bad news. “Never has the pressure been higher for the CIO to be on top of his game,” said Raj Sabhlok, president of ManageEngine, a division of Zoho Corporation. “Whereas in the past, the CIO focused on outfitting the organisation with networks, servers, desktops and applications at well negotiated prices, the CIO now is on the hook for the success of the business as a whole.” That’s not to say that the CIO has received a reprieve on his back office responsibilities. Everyone in the entire organisation still expects the lights to stay on and their latest personal gadget to work seamlessly on the

cto forum 21 August 2011

The Chief Technology Officer Forum

Illustration by PC Anoop

The CIO role continues to change. For the bold and the brave, this new spotlight is warming and the challenges thrilling.

B E S T OF B R E E D

leadership

Despite continued responsibilities carried over from the traditional role, the CIO now finds himself in need of a completely different skill set in order to cope with the expanded role. virtual machine at a whim, use appliances without prior approval and thus hike licensing costs, and go off the reservation to download apps with little regard for security. Still, the CIO is accountable for it all. "In the past six months alone, we have observed increasing growth of purchases by non-IT personnel, which is driving sales of cloud services and replacing or paralleling established command and control IT structures,” said Soumen Ganguly, principal of strategy consulting group Altman Vilandrie & Company. “CIOs are not only challenged by the consumerisation of IT, but also the democratisation of IT; changes at the bottom are rising to the top.” Meanwhile, the enterprise is expecting the CIO to also identify and generate new revenue streams. “In other words, the CIO has become a business partner to innovate new business models and make money as opposed to simply being a cost center supervisor,” explained Sabhlok. Innovation is not the same as invention. The CIO is therefore relieved of any need to write code or design IT products to carry on the company’s business. Instead, he is expected to look at the full menu of current and emerging technologies and mash them up in ways uniquely suited to powering the company’s profits and future. It’s akin to doing a magic hat trick without knowing whether you should pull revenue share a rabbit or a giraffe from it in of x86 servers in order to please the audience. Still, the elevation of CIO the Indian server to prime rainmaker is a logimarket in q2, cal step. “If you think about it, the 2011 CIO is one of the few execu-

company network. And he’s not off the hook on security matters either -- although there’s at least some help on that front. “Information security, traditionally a CIO responsibility, has been pushed into the chief information security officer (CISO) role,” said Mike Meikle, CEO of the Hawkthorne Group, a boutique management and technology consulting firm. “However the inside and outside threats that potentially could impact the enterprise are still regarded as a component of the CIO’s job description.” Despite continued responsibilities carried over from the traditional role, the CIO now finds himself in need of a completely different skill set in order to cope with the expanded role. It also helps if he has the ability to willingly release bits and pieces of his former turf even while he continues to shoulder the responsibility. "Don’t be afraid to give up the data center and re-architect backend systems to keep up with the business demands that change so frequently,” advised Michael Walsh, VP of IT and Technical Services at D-Link. “In today’s fast-paced business landscape, it’s critical to move out of the infrastructure business and focus on business automation.”

Strategy and revenue The modern CIO must be able to strategically select and manage an ever-changing field of technologies based on their capability to add or enhance revenue all the while knowing that she no longer has full control of technology adoption. She knows that business users are likely to spin up a third-party or internal

69%

tives who has visibility across the entire company -- from development, point of sale, fulfillment, to accounts receivable -- they support the whole process,” said Todd McKinnon, CEO of Okta, a cloud infrastructure company, and the former head of engineering for Salesforce.com. “Who better to understand how to engineer growth? The most successful CIOs we work with are known more for their change management and vision-fulfillment skills rather than their technical skills," he added. For the bold and the brave, this new spotlight is warming and the challenges thrilling. For the more timid, this can be a scary job change. In any case, the role of CIO has changed so much that some think it has become an entirely new job. “It's time to throw out the title of ‘CIO,’ and build a new role and title that better reflects the business value that heads of IT can bring to the business,” said Mark Settle, CIO of BMC Software. —A prolific and versatile writer, Pam Baker's published credits include numerous articles in leading publications including, but not limited to: Institutional Investor magazine, NetworkWorld, ComputerWorld, NY Times, and Knight-Ridder/McClatchy newspapers. She has also authored several analytical studies on technology and eight books. Baker also wrote and produced an award-winning documentary on paper-making. —This article was first published on www.cioupdate.com. It is reprinted here with the prior permission from CIO Update. To see more articles regarding IT management best practices, please visit www.cioupdate.com.

The Chief Technology Officer Forum

cto forum 21 august 2011

White Paper | The Google Content Network

100% Web Google’s vision for the future of enterprise IT

Devices

Apps

We envisage the 100% web world as an ideal state for business IT where applications are delivered from a shared infrastructure via the Internet and accessed on any browser enabled device. This model is proven to deliver significant improvements in the areas of: • Collaboration across the borders of language and location • Productivity improvements across the board • Mobility that just works for everyone

Platform

• Cost efficiency and revenue uplift At Google, we are committed to moving beyond the current notion of cloud computing to bring customers to a world we call 100% web. While many IT vendors have now adopted (or co-opted) the term “cloud computing” to describe a wide variety of technologies, most don’t deliver on the true promise of the cloud. While these concepts may deliver value in the short term, they lock customers in to multi-year release cycles, leave them with the significant costs of managing client software, and expose sensitive data through insecure devices. True cloud computing does not include the following: • Hosting single-tenant server products in a vendor data center • Requiring customers to install thick client software • Virtualizing existing infrastructure and applications within a customer data center. With 100% web, both the applications and the data are stored centrally and are served from a highly scalable, secure and reliable multi-tenant infrastructure. Devices like notebooks, tablets, and smartphones are portals to the data that help people be productive from anywhere, at any time. Additionally, upgrades aren’t necessary to get access to the latest innovation, just refresh the browser. Businesses no longer own or manage servers and client software: they purchase integrated applications and development platforms from others, and can devote valuable resources to solving strategic business challenges that create competitive advantage. While we recognize that not all businesses will be able to make the 100% Web model a reality today, we do believe that starting the journey can help businesses realize significant improvement in costs, speed, flexibility, and productivity. To make this more tangible, we will outline the current context of enterprise IT, illustrate the solutions available today and highlight the bridging technologies that can help businesses start this journey today.

“Mobile access increases productivity 2.8x. 42% more time spent collaborating with colleagues.” —Telegraph Media Group “Saving around $2.8M in one year.” —Jaguar Land Rover “Reducing email costs 60% and power/storage 10%.” —BI-LO

The change imperative This is a profound yet necessary change from the technology most businesses use today. The current IT paradigm was designed decades ago for a world where users worked on a single computer, in a particular office, on a secured physical network behind a corporate firewall and assumed that users did most of their work individually. Today, a majority of employees worldwide work outside the office at least some of the time (according to IDC 35% of the worldwide workforce will be mobile by 2013)1, and many work with corporate applications and data using a variety of devices, including mobile devices (according to iPass, 50% of mobile workers now carry three or more devices) 2. The model of delivering software over the internet has become very common (according to IDC, 85% of new IT vendors will be focusing on developing SaaS applications)3. Productivity, mobility and collaboration Users want the tools that make them most productive but are too often left waiting for the next big upgrade cycle. Users are required to use work-arounds, such as VPN and memory sticks, to be productive when away from the office, added complexity that can hinder productivity while mobile. The ability for employees to collaboration in real-time is becoming increasingly important, both within and outside of a business, yet the products available in the workplace are optimized for individual content creation. Evolving the role of IT As systems have grown increasingly complex, IT is less and less able to respond with the agility and flexibility required to keep users happy and productive. According to Gartner, 80% of IT spend is simple to keep the current systems running. IT administrators need to escape the endless cycle of patching, upgrading, and managing servers and desktops. IT developers will be able to quit worrying about backups, scalability, reliability, and performance. Instead, IT will be able to focus its resources on partnering with the business to design and build solutions that create real competitive advantage. This will allow IT to move from a world of large capital outlays based on estimates of future needs to smaller operational expenses that match actual usage. Moving to a 100% web world will help alleviate these problems. Users will be able to work in whatever way is most productive for them, without being limited by technology. They will be able to seamlessly transition from any device to any other device, without losing access to their applications or data. Applications will always be up to date, and with the power of HTML5, web applications can now be as rich and interactive as traditional client software, if not more so. Finally, all of their applications will enable real-time interactivity with other users from both inside and outside the company, seamlessly and securely.

1. Worldwide Mobile Worker Population 2009-2013 Forecast, IDC 2. www3.ipass.com/about/news-room/press-releases/ mobile-workforce-report-08242010/ 3. Worldwide Software as a Service 2010–2014 Forecast: Software Will Never Be the Same, IDC

Case Study | MindTree Ltd.

Challenge:

Going well beyond an existing intranet, MindTree has put together a corporate portal that will have much more far-reaching results for its employees, making working at the IT and product engineering services provider a lot more fun, in addition to making life more convenient and productive.

hen MindTree Ltd. reported strong first-quarter results last month, for the three months ended June 30, Chief Executive Officer Krishnakumar Natarajan was aggressive about the IT and product engineering services provider’s prospects. “Momentum in both our businesses is expected to continue and we are confident of delivering higher than industry average growth,” Natarajan said, after MindTree reported a two-fold increase in quarterly profit from the year-earlier figure, Press Trust of India reported, citing the CEO. Even as the company gears up for more business, MindTree, which serves clients including the Carlyle Group, Microsoft Corp. and ArcelorMittal, is gearing up to make life at the company both increasingly interesting and employee-friendly with initiatives aimed at letting them be while getting the most out of them. The People Hub is one such initiative, championed by CIO Sudhir Kumar Reddy.

People Hub The company already had an Intranet, called 'PeopleNet,' from which there were portals for transaction applications and different sets of

cto forum 21 August 2011

The Chief Technology Officer Forum

photo by Gireesh GV

A ‘People Hub’ for Enhanced Productivity

c a s e s t u dy

B E S T OF B R E E D

"I'd like to be bold enough to say it will be 30-45 minutes, but I don't want to jump the gun here, I'd like to wait and see the results."

Greater efficiency, device agnosticism COMPANY DASHBOARD Company: MindTree Ltd. Established: 1999 Headquarters: Bangalore key people: Krishnakumar Natarajan (CEO & MD), Subroto Bagchi (Vice Chairman) employees: 10000

Reddy expects the portal will be very people friendly and that he can deliver whatever his business stakeholders want much more efficiently. The beauty of this platform is that "everything is like a mini-app," which means that adding a new app on it would take more like a week for delivery rather than months, he said. "It means I'm really giving business agility to the organisation," he said. This whole portal is also coupled with a very strong search engine, which pulls together a myriad set of applications, be it travel or expense or time sheets. The search engine is fine tuned to not only bring up the best hits in a logical order, but also create groupings of the results when there are multiple results. Now that everything is accessed via https, through the browser, it also makes access to the applications device agnostic. In the past, people were restricted to a certain type of machine, a certain type of browser to get something done on a particular application.

The big picture

sudhir kumar Reddy, CIO, MindTree believes the new corporate portal will enable at least 15 minutes of productivity improvement per person per day.

applications that they had. One of the requirements with this set up was that people, especially new recruits, had to be shown how to work it, to access what they want and also fill in information that the company needed from them for various transactions and tasks. "If Google and Yahoo can be used by children, why should our corporate application require training," said Sudhir Kumar Reddy, CIO at MindTree. "It should be as easy as browsing the Net, and that's how ''People Hub' was conceived," he said. People Hub is the new corporate portal at MindTree, built on the Sharepoint platform. More importantly, it is the THE only portal that will be available, with all application identities being dissolved. "Anybody who can traverse a Yahoo or run a search on a Google will be able to find what they want within MindTree with this portal," Reddy said. The benefits of this portal is that "I personally think that it wil enable, if not more, at least 15 minutes of productivity improvement per person per day at MindTree," he said.

This is something that is very close to Reddy’s heart, and enabling device agnosticism hints at the big picture that he has in mind, which he shared with us last month in our leadership issue: A simple thing like bring your own device can make a difference, because a college hire today is already comfortable using a combination of apps she has found on the Internet to figure out the most productive way for her to do her work, Reddy said. If a company then says ‘you’ll only use this stodgy laptop/desktop with these set of applications’ that is obviously a big turn-off. The same logic can then be applied to flexible work hours and work from anywhere. “I use this as an illustration to show how a small change (in policy) can make a huge difference down the line, with thousands of new, eager recruits,” he said. “What can I do today to help many people find that balance which is dear to me?” So can MindTree for instance, subsidise a new recruit’s purchase of her device of choice – Thinkpad or Macbook (for example), if that’s her preference -- to the extent the company’s budget allows, instead of forcing her to use what the company can afford? Can the organisation get as much productivity with ‘work from anywhere’ and effectively deploy non-intrusive monitoring and controls. “If you extend that philosophy, you’ll see what I’m getting at and what I want to achieve,” adds Reddy. The Chief Technology Officer Forum

cto forum

21 August 2011

COVE R S TO RY

Leadership

cto forum 21 August 2011

The Chief Technology Officer Forum

XXXXXX

COVE R S TO RY

p i h s f r o e d n a o e s L a

e S a

IDE Age ip INS h ew e N eaders h t CIO der: L on Lea ransiti in T 32 in Page ing rkets: iver Del bal Ma s for Glo llenge Cha IO a C 34

ge n a h c d n g a n i t ess a r u e l o n i e y s c u o c t b a l g a s n i i n u i r n y re lexit b n at e a e h e T mp y. W h e th t o g m c c o . o l n r o f o d i e r r n n s a a tech way onfe cen a m C ing s e k a t Foru ang e l b h a O c u l T s a i C s th v s e r d ad

The Chief Technology Officer Forum

Page

g agin ore Manfts in C y Shi hnolog Tec 36 Page

a like â&#x20AC;&#x153;Be etahâ&#x20AC;? e ch 38 Page

cto forum

21 August 2011

CIO the new age leader

Leadership

in Transition CIO's today are on the cusp of a decisionmaking role. Getting into this leadership role, however, needs a change in mindset, both from the CIO and CXO perspectives.

IOs today are in a unique position to play a key role in strategic decision making. However, the transition has not been easy. The CIO role has primarily been supporting various stakeholders. However, today, the CIO is considered to be an essential advisor within the board room. This transition can only take place with a change in mindset - both from the CIO perspective and the CXO perspective. Who would be better than Raghu Raman, CEO, NATGRID, to talk on this subject. Raman has through his diverse career path and series of transitions, still emerged a leader. Prior to NATGTRID, he was helping clients with various security strategies while heading Mahindra's Special Services Group. In his keynote address at the 12th Annual CTO Forum Conference held in in Kovalam, Raman helps us understand what it takes for CIOs to move into a leadership role using various learnings that he has himself had on the way to the top. â&#x20AC;&#x153;A transition is not a real transition until there is some level of trauma associated with it. Change is never easy, especially when you consider it in the context of leadership.

cto forum 21 August 2011

The Chief Technology Officer Forum

leadership

COVE R S TO RY

There are good amount of issues ranging from proving yourself to scrutinisation.'What will he try that we haven't already,' is a among a new peer group, to dealing with sub optimum employees commonly heard comment. It is important to secure early wins so and the likes,” says Raman in the context of change. that one can establish credibility amongst peers and the stakeholdRaman's journey started with defence, after which he moved into ers. This builds up trust and momentum that is required for you the corporate sector as part of Mahindra's Special Services group. At to take charge of the situation and lay the foundation for a success. Mahindra, Raman's role required him to consult with various enterYou will be required to take tough decisions - and you must make prises and strategise on security. Post Mahindra, Raman was asked sure you rise up to it. to be part of NATGRID - as its CEO. This is a big transition in his Build the Team: One of the key things to consider when entering a life, as he moved from the private sector to the public sector, where new role is to build your team efficiently. You will inherit unwantprocesses and operations largely differ. ed elements. You need to be in a position to evaluate the levels of Using his state of flux as a learning experience, Raman broadly competence within the members of your team, with an unbiased classifies leadership requirements in terms of Start-ups, Turnand deep approach. You must focus on building relationships and around, Re-alignment, and Steady State (STRS). As the names state, evaluate who you can trust. Since these are the people who are each of these environments has its own set of leadership requiregoing to execute your vision, you need to make sure they are well ments. For example a start up environment calls for pro-activity, a suited to you and vice versa. total can-do attitude, and the ability to make hard decisions quickly. Create Alliances: No leader can work in silos. A good leader On the other hand, a steady state environment needs to be dealt must have well suited sub-ordinates to execute a vision. It is also with more carefully with preset processes, and extremely important to identify the influenmilestones, which are not subject to change. tial stakeholders within your organisation. “When you move from one environment These are the people whose trust you can to another, most leaders need to understand gain and bring in line with your vision. which environment they fall into. In my case Alliances can have a direct impact on your I ended up being in a start-up but the entire success as a leader and these must be built organisation (the Government) is in a steady carefully. state, as one can imagine. So the challenge Achieve Alignment: It is important to align here is that you can't really change much; you yourself to the bottom-line while recognishave the same set of resources, however good ing your capabilities and limitations. You or bad they are, and yet the need of the hour is must factor in the constraints that you will to operate as if you were in a start-up environface, and re-align yourself to deal with these. ment,” explains Raman. Some of the pitfalls while creating an alignIn an effort to quantify and structure transiment strategy can come from complex struction, Raman speaks about a few learnings that tures; change just for the sake of change; and he has had in his experience, that can help underestimating peripheral stakeholders. making the transition softer than it is. Managing Oneself: One of the most imporClarify Expectations: In a new environment tant factors of personal and professional Raghu Raman it is extremely important to clarify your expecleadership is Managing Oneself. You must CEO, NATGRID tations towards your boss and the various personally discipline yourself, and plan to stakeholders involved. Many a times execuplan. Focusing on process is key to making tives have a certain degree of predefined expectations based on the it in any organisation. It is difficult to recognise when to quit and performance or capabilities of your predecessor. Many a times these move forward - learn when to do this; as well as building support expectations have to be re-calibrated and clarified. networks around yourself. In my experience, past advisors may not Match Strategy to Situation: CIOs need to figure out which strategy be able to help going forward for a variety of reasons. It is impor(STRS) best suits the situation – be it combining two strategies tant to remember this on your journey forward. (applicable in my case) or using the best suited one to your environIn the context of leadership Raman concldes, “You must map out ment. However, it is important to note that you cannot use a steady your new environment in terms of power centers, agenda's, supstate strategy for a start-up and so on. porters and detractors. Your arrival will have consequences for the Accelerate Learning: When you go into a new environment you need stakeholders – find out what these are, and understand them.” to get accustomed to it. There are many who are more well-informed Any new system features its own processes, heirarchy, terms of about the organisation and its mechanics. Learning in a new envireference, red buttons and boundaries. CIOs need to understand ronment is a little like standing under a waterfall and trying to drink what the line is and how they can go about breaking or following water. There is a huge amount of data to understand, and no time. it to ensure success. Apart from this recommends that one must Choose your advisors carefully considering many times new enviprepare to recalibrate benchmarks and set a realistic bar – one that ronments can feature a good amount of hostility and peers around you can follow. One can also choose to bring in, on board, counsels you will have hidden agendas. and mentors from the past, who can add value to the your leaderSecure Early Wins: In a new organisation, you will always be subject ship and build up a strong seat of power for you to execute.

“A transition is not real until there is some level of trauma associated with it. Change is never easy, especially when in the context of leadership.”

The Chief Technology Officer Forum

cto forum

21 August 2011

COVE R S TO RY

XXXXXXXME

Delivering in Global Markets:

Challenges

for a CIO

Indian enterprises today are going truly global as they set up nodes across continents or acquire corporations around the globe to expand their reach in foreign markets.

According to Parthasarathy, the business has acknowledged the work done by IT in being an enabler for the enterprise, and has urged IT to actively participate in shaping the future of business. “IT has played a pivotal role in the way we work. Be it in the form of analytics for better decision making, or brand building and providing more of a choice to customers, to operational flexibility and delivery excellence,” says Parthasarathy. IT has now come to appoint where it needs to create business opportunity and bring it to a maturity level where it can become a revenue generator for the business.

Technology challenges when faced with globalisation:

When the boundaries of an enterprise are extended beyond the native point of operation, there are many challenges that can erupt in the context of technology. The first would be an extension in the hen enterprises cross borders, one of the kind of pressure one faces, in terms of global viz-a-viz local presmost crucial aspects of expansion is the sure. Although global integration is a must, one also needs to make implications it has on the systems that sure that local infrastructure is responsive and does not get affected. drive these organisations. Data is king, “There is definitely a gap between technology and ensuring its usage from region to region; in this case, one integrity, globally, is needs to analyse the different levels of technola herculean task for the CIO, and has its set of ogy adoption and infrastructure maturity. One challenges. needs to ask the question, how are the processes In his address at the 12th Annual CTO Be Global – Act Local different and how do the fundamental rules and Forum Conference, V S Parthasarathy, Group It is important to use local manpowregulations of operations differ from region to CIO and EVP – Finance and M & A, Mahindra er to ride over geographic business region. These are some very basic things to conGroup, helped CIOs take a peek into what it differences like in the US and China, sider in the context of globalisation,” explains takes to deliver in a global landscape. for example. Parthasarathy. Grasping local business practices The true challenges for the CIO emerge in the and cultural nuances is of utmost Business view of IT: form of a few fundamental choices that need to importance. Even though you may be Just as the CIO role has undergone a transition be made; for example, which processes and seran outsider, you cannot act like one. from being a fundamentally technology driven vices need to be standardised across the globe, or role to more of a strategic advisor, the business Business rules and policies must be to what extent do uniform technologies deployed view of IT has gone through a transition from understood very well so as to avoid at a large scale, meet local business needs. These understanding IT as being an enabler to using disrespect and tough situations. are important questions with difficult answers. it to create business opportunity.

W 34

cto forum 21 August 2011

Managing Cultural Diversity

The Chief Technology Officer Forum

leadership

COVE R S TO RY

“There is a gap between technology usage from region to region; one needs to analyse the different levels of technology adoption and infrastructure maturity.” V S Parthasarathy

Photo by Jiten Gandhi

Group CIO and EVP – Finance and M & A, Mahindra Group

As a result of poor system integration, there is no cost reducSometimes it becomes difficult to see where the beginning ends tion, no increase in revenue from customers, no increased market and the end begins, however, there are a few key thoughts that one share, and no success in technology transfer. These are all very needs to factor in to get onto the global journey; balance between important when one is considering an M&A scenario, and are cruglobal scale and local relevance for the organisation, changes in this cial to its success. balance as a result of internal and external forces, the technology model that suits the organisation best, and finally, globally what are my customers like to deal with, how do they tick Conclusion and how do they operate? If one can generate real “There are some fundamental learnings when answers for these thought points, then one can you talk about IT from a globalisation perspecbegin the journey to delivering globally. tive, and I have been fortunate to have had these learnings through my experience, however, they Each region comes with its own are important to succeed in a global scenario,” set of market specific product Managing mergers and acquisitions says Parthasarathy. The IT role is not important requirements. With an M&A failure rate of 70 percent, CIOs but it is of paramount importance – Parthasaraneed to be very careful of how they handle this Small but necessary product thy mentions in the context of technology's role scenario. Some of the common reasons of failchanges are important from region in globalisation; there is no short cut. As a CIO, ure, Parthasarathy mentions, are attributed to an to region. What may work in the one has to have the ability to sell himself in the aggressive business case, poor analysis of a probUS is not guaranteed to work in board room. This is where the CIO has the power lems statement, inadequate integration of sysEurope. to sell the value of technology and the value it can tems and processes, and a lack of understanding Continuous product improveadd to business. On a final note, Parthasarathy of needs and culture. One of the primary reasons ments is important. One has to mentions that one should think of early involveof failure is underestimating the role of IT in the catch up. ment of IT not by choice, but as a mandate. M&A integration.

Market Specific Requirements

The Chief Technology Officer Forum

cto forum

21 August 2011

COVE R S TO RY

XXXXXXXME

Managing Shifts in Core Technology

There is a glut of IT vendors and solutions; newer delivery models are emerging; and social media is gaining ground. With the face of IT changing rapidly, how does the CIO decide what is the best fit for his enterprise?

he days when CIOs spoke about centralised and decentralised servers are long over. The mainframe is now a company heirloom – its value reduced to a legacy box full of historic company data. Today, decisions revolve around hosting infrastructure on the cloud, outsourcing your data centre, managing multiple vendors and so on. And, the CIOs are having a field day trying to keep pace with this changing landscape. In one of the panel discussions at the 12th Annual CTO Forum Conference, Bhasker Raj Iyer, CIO, FIS Global, says, “One of the major challenges confronting CIOs and CTOs today is how to

cto forum 21 August 2011

The Chief Technology Officer Forum

move away from their legacy infrastructure. The move away from this transition is not as easy as it looks." "While making his transition from the legacy infrastructure, a CIO also has to look at making the right investments and see that he is headed in the right direction. He has to prioritise if he has to move to virtualisation or move to the cloud or outsource the data centre,” he says. In addition to managing the legacy and change, a CIO today also has to confront rising costs. “The cost of people and facilities is increasing thereby pushing technology costs also. In addition to this, the CIO also has the social responsibility of going green,” says Iyer. Compounding the situation further for a CIO is the fast growth in business and stiff competition. “A CIO has to be prepared for the business growth that is happening. Competition is pushing for to meet stiff timelines, and if you are not delivering on time, your competitor will. Then there are so many products in the market, and a CIO is confused as to which product to choose and which not to choose,” says Iyer, summing up the challenges. The wave of social media is hitting enterprises big time, and a CIO can hardly ignore it. In fact, a CIO needs to understand this new trend, and try and harness it for his for the good of his organisation. As a first step, a CIO needs to connect with those within his company that are proactive in social media. This would help him in better understanding the issues and challenges associated with social media. He would also have to work with all the social media stakeholders within the enterprise so that there is a policy framework around the acceptable use of social media.

leadership

COVE R S TO RY

As a business leader, a CIO should take steps to ensure the information emerging through social media is integrated and leveraged by the marketing department. Social media also presents a great opportunity for a CIO to incorporate the customer’s voice within the company’s operations and strategy. Keven Jai Kumar, Advisory Software Consultant, BMC, compares the changing landscape of IT with that of the automobile industry in the 1980s. “What happened in the auto industry, the same is happening in the IT industry today. There was a time when the Indian auto market was dominated by Ambassador and Padmini. Then Maruti Suzuki entered the market. The company came with a purpose. At that time, 45000 cars were being sold in the Indian market and they decided to sell 100,000 cars,” he says. “They decided to bring in certain things in the market which were earlier not present. They brought in agility, efficiency, easy availability and low maintenance in their operations and in their products. It was because of the tremendous support that Maruti received that several new players came into the market,” says Kumar. Just like the auto industry in the past, the IT industry at present is undergoing a transformation. There are several changes happening in the IT industry – new delivery models for faster and bet-

of the CIO, the latter ends up confused. He needs to figure out what technology he needs to outsource and what he needs to keep in-house. Given the range of products, he has to make the tough decision of what software and hardware to buy that aligns with his organisation’s business goals. Grappling with these emerging trends, CIOs are trying to understand how they can use technologies such as cloud and virtualisation for maximising benefits. After understanding their use, comes the strategy part. Using these technologies, CIOs would then formulate strategies to be adopted within their organisations. However, with so many options available, how does the CIO decide what is the best fit for his enterprise? “For a CIO to manage his core technology, he would have to keep a few things in mind. “First, he should not be tied to one single vendor. A CIO should not get into a situation wherein he is on the same hardware platform. He should have the flexibility of trying option A today and if not satisfied he should be able to move to option B,” avers Kumar. “Second, consumers don’t want to come back to IT for service, they are looking at self-service. They are looking at a portal which they can access and get services that they want immediately. The last thing is that as consumers, CIOs want to know the cost, and as providers they want to know the level of optimisation that they can do when they are providing the service. These four things is what IT management is all about,” he says. On the future, Kumar believes that there will be heterogeneity, and the CIO will have to decide how to deploy his business services. “Going forward, heterogeneity will be there across hardware, software, service providers, infrastructure, irrespective of whether it is cloud environment or physical environment. Also, business services are going to be delivered onpremise or as managed services or as software-as-a-service,” says Kumar. In effect, businesses will come to the CIO, and he would then decided which services have to be hosted on-premise, which have to go on to the cloud, which Speakers at a panel discussion during the conference. From the left are Bhaskar Raj Iyer, CIO, FIS Global, Sanjay Mehta, CEO, MAIA ones have to be outsourced and which Intelligence, Rajgopal Srinivas, Senior Vice President, Tulip, and Keven Jai Kumar, Advisory Software Consultant, BMC. ones have to be hosted on managed services hosting provider,” he says. “Since you do all this, it is critical to have an integrated services management platform that talks across ter delivery are emerging; consumerisation of IT is happening; and all these services that you are consuming and provide you the vissocial media is gaining traction within an enterprise. ibility of these services across each platform. This is going to be “This evolution is pushing different players to do different the IT management roadmap of the future," he says. things. Vendors are competing with each other in assuring a CIO “The management of IT of the future would call for a unified that they would help him manage all these changes. There are way of supporting all these independent functions like access comvirtualisation players, hardware players. Then you have platform pliance, software compliance, security, capacity, access, SLAs etc,” disruptors like Google and Amazon. Then there are service providadds Kumar. ers,” Kumar says. Today, the CIO is spoilt for choice. There is a plethora of vendors out there, each trying to outsell the other. In vying for the attention The Chief Technology Officer Forum

cto forum

21 August 2011

COVE R S TO RY

XXXXXXXME

Keep your eyes and ears open: BSE's Chauhan believes a CIO should be on his toes to grab any opportunity that comes his way.

â&#x20AC;&#x153;Be like a

cheetahâ&#x20AC;?

Ashish Chauhan has donned several hats before becoming the CEO of Bombay Stock Exchange. In conversation with Pramath Raj Sinha, Founder, 9.9 Media, Chauhan reveals how he successfully managed the various transitions.

Tell us about your professional journey till now. I did my mechanical engineering from IIT and then business administration from IIM. While at IIT and IIM, I realised I was very good at finance and so decided to develop my finance skills. I, therefore, joined IDBI as a project finance officer. IDBI was to later on set up the National Stock Exchange (NSE) after the Harshad Mehta scam. I was amongst the few (and the youngest) chosen for this

cto forum 21 August 2011

The Chief Technology Officer Forum

project. All my colleagues were 7-8 years older than me. As I was the youngest, I was told to handle several things -- IT, premises, legal, and commercial. While at NSE I was instrumental in setting up the satellite communications. When NSE became successful I was told to do the derivatives market, which nobody had heard of at that time, including me. From NSE, I moved on to set my own company. Reliance had assured that they would fund my venture if I ever decided

leadership

COVE R S TO RY

to set up one. This is how I set up an e-commerce marketplace for paper, steel, petrochemicals. However, in some time the purpose of the company for which Reliance was financing was lost. I then moved into Reliance Infocomm and eventually became Reliance’s group CIO. I was also the head of PR and of Mumbai Indians. While working in Reliance, I also had a parallel company running, which was into stock broking. It was the largest back office stock broking company in India. As it was growing fast, I had the choice of working full time with the company or selling it. I decided to sell it. Bombay Stock Exchange (BSE) bought the company on the condition that I joined them for a year. That’s how I came to BSE where I am now currently. It is an absolutely fascinating journey in terms of the number of different roles, jobs, and industries. Did you have supernatural capabilities to achieve all this or can anyone do it? Anyone can do it. It is just that you should be ready to grab the opportunity. Whatever I got, I grabbed it. I remember the time Reliance launched Infocomm. To gain traction, they had launched Rs. 501 scheme. Within a couple of months, Reliance was able to get 1.5 crore customers. However, it could not bill the customers with the result the company started to run into heavy losses. Mukesh Ambani called me and said you are the CIO and now you have to clean up the mess. I took up the challenge, and within six months, the company had a positive EBIDTA. Eventually I became the CIO of Reliance Group. There is another instance that comes to my mind. While at Reliance, I once got a call at 2 in the night. After four days there was this IPL first match, and there were 40,000 tickets to be sold. I don’t why Mukesh had the confidence in me but he insisted that the job be given to me. I again took up the opportunity and delivered. I was eventually made the Head of Mumbai Indians. But didn’t this scare you? You had not done such things in the past. Are you foolhardy? I am but more than that. I know what is doable. In this (Reliance) organisation one is never penalised for not trying. Even NSE was supposed to be a hugely difficult project but I had to find a way to do it. Is it that opportunities were always handed to you rather than you creating them? Opportunities never get handed to you. They come because somebody has seen your past. Mukesh loves cricket and he knew that I loved cricket. On his birthday, I decided to take 400 people in three flights to Jamnanagar to play night cricket. I feel a CIO needs to be like a cheetah on the tree always keeping the eyes and ears open so that whenever the opportunity comes, you are ready to take it with all your might. I remember I was going to the US to look at the three vendors while finalising the satellite communication at NSE. I was refused the visa because I was a Gujarati, was single (25 years of age) and there was a high probability that I wouldn’t come back. My boss gave it in writing to the embassy that this boy will come back. He wrote to the US ambassador saying that this boy should get visa otherwise

Ashish Chauhan, CEO of Bombay Stock Exchange (BSE), in conversation with Pramath Raj Sinha, Founder, 9.9 Media, at the 12th Annual CTO Forum Conference in Kovalam, Kerala.

we won’t give contracts to American companies. So even though you make not feel confident, if your boss does that means you can do the job. My past work has spoken on my behalf, which resulted in me getting more opportunities. So if a CIO should be like a cheetah, what should he be looking at? The big question is how do you push the envelope? Most people say they would just do IT. You have to realise that you are not pure IT. Therefore, don’t restrict yourself just to IT, take up bigger roles. You should continue to add value to the ecosystem and start taking more and more responsibilities. I have handled the process of compliance, retail, marketing and interacted with SEBI and the stock exchanges. While it was not my job to sell IPL tickets, I took the initiative to do it. I worked for 18-20 hours a day. You basically have to outsmart, outwork everyone else for positive, result-oriented outcome. So have you encountered any failures? In 1994, the best protocol used was CPAP. It was just coming up and had everything practically good about it. I had a different protocol running at NSE, which was stable but dying. Now that I look back, that was a technical failure on my part. Ultimately the responsibility was mine. You take them in the stride. How do you get into the zone that you keepo getting these opportunities? What are the actions, behaviour that you can take? You have to wait and be alert all the time. This is the short term planning. For long term, you should know where are technology and business going. You should tend to align with these trends so that when the opportunity comes, you are ready for it. Going forward, what is the world doing in the next 10 years. I believe personalised medicine, nanotechnology, biotechnology are the areas with potential. Today also I am prepared for every opportunity that comes my way. Try to solve smaller problems instead of solving one big problem. The Chief Technology Officer Forum

cto forum

21 August 2011

HORIZONS

Features Inside

Case for Chromebook in the Enterprise Pg 42

image by photos.com

Is IaaS Really a Good Deal? For enterprises, the benefits relate less

to the financial case and more to timely deployment in supporting short term and unforeseen needs. By Pam BakerÂ

cto forum 21 August 2011

The Chief Technology Officer Forum

iven that everything is spinning towards the cloud and sold "as a service," it's easy to automatically jump to the conclusion that infrastructure as a service (IaaS) is a good deal. "It is easy to just assume or buy into the hype of amazing improvements to your TCO when moving to the cloud, but the reality is you may not be improving your TCO at all," said Bryan Thompson, VP of Services at Tier 3, an enterprise cloud platform company. "For many companies, the move from on-premise infrastructure to the cloud may simply be trading physical servers for virtual ones, and while you are trading capital expenditure for operational expenditure this may be without significant improvement to the overall TCO," he said. "This is because, often times, migration to pure IaaS providers will still carry the same costs associated with managing that infrastructure if not more as additional skill sets may be required to learn and manage using new toolsets." It is important then to know when IaaS is a mega trend with actual promise and when it can be just another money pit.

IaaS

N E X T H OR I Z O N S

Scale matters With every technology known to man, scale matters. While the most attractive aspect of anything in the cloud (IaaS included) is the ability to scale up to meet demand and down again to save costs when demand is low, that alone is insufficient to fully evaluate its advantages or disadvantages in terms of scale. "The economies of scale that are available in SaaS models and, to a lesser degree, in PaaS [platform as a service] models are nowhere near as attractive in IaaS," said Alexander Pasik, CIO of IEEE, the world's largest professional technical association. Pasik has held executive IT positions at a number of organisations, and is a former Gartner analyst who in the 1990's predicted the rise of Web-based computing and coined the term services oriented architecture (SOA). Using a SaaS application like Gmail for email or Salesforce.com for CRM allows the vendor to leverage its entire technology stack to serve all of its clients. This approach produces vast economies of scale and those savings are shared with the client. "In contrast, IaaS only shares core data center services such as power and virtualised hardware, thus limiting the cost benefit," he said. Pasik isn't the only one sending up a flare. "For ROI, there is limited 'I' in infrastructure as a service," said Jonathan Shaw, a principal at Pace Harmon, a third-party outsourcing advisory firm. "For total cost of ownership (TCO), it comes down to size and the anticipated utilisation of deployment. It's cliché, but it doesn't make sense to 'buy by the sip' if you need a gallon." Shaw said that while any size enterprise can benefit from the deployment of IaaS, "the case for implementation will vary depending on the scale of the enterprise, available resource capacity, and the type of business service that the infrastructure will support."

The pros For SMBs, the pros of using IaaS are striking: quick and easy access to enterprise class capabilities, ability to buy only that which is needed as it is needed, and simplicity given that the provider is straddled with facilities management, hardware/soft-

Using a SaaS application like Gmail for email or Salesforce.com for CRM allows the vendor to leverage its entire technology stack to serve all of its clients. ware procurement, provisioning, patching, and all the other complex details involved with infrastructure. In bigger businesses, the pros look a bit different. "For large enterprises, which generally need 'bigger' services thereby reducing the benefits of 'by the sip' pay models and which typically already have sizeable internal infrastructure and operational capabilities, the benefits relate less to the financial case and more to timely deployment in supporting short term and unforeseen needs," said Shaw.

The cons

Common obstacles that companies encounter with IaaS, said Shaw, include: Performance commitments - Weak SLAs are prevalent; enterprises will not generally incorporate cloud computing into critical business services. Business risk - Even with extensive diligence, ongoing audits and proactive management, IaaS still requires trust in the vendor infrastructure/operations for availability, data security etc. Regulatory compliance - For companies with industry specific regulatory requirements, e.g., HIPPA and FDA regulation, the "one size fits all" cloud model may not be able to meet those specific needs. Data security - Compared to internal deployment on standardised architecture, it is tough to incorporate cloud services into enterprise-wide data archiving, backup and recovery processes. enterprises lost The issue of obtaining data in the event of vendor termination or exposed (and, in particular, if the proconfidential vider ceases operations) should data through also be addressed. Contractual terms - Although social media the cloud model promises great

41%

flexibility and "on demand" pricing, volume commitments, change fees and minimum terms can significantly constrain the expected scalability and flexibility. Other problem areas include broad vendor termination rights absence of post-termination assistance, weak data security warranties, and ineffective SLAs. In many circumstances, material contract terms are not negotiable, with the providers maintaining that their shared delivery model precludes them from offering custom solutions. For example, many IaaS offerings have click-through licenses that the provider can unilaterally alter. For larger enterprises, IaaS is better suited for non-critical workloads and temporary requirements such as unexpected peaks in demand or for test and development. However, that is likely to change as both the technology and the related business models mature. Enterprises are "looking seriously at how to get the benefits of IaaS in-house, i.e., transforming their existing infrastructure to make it behave like a private cloud with the speed, flexibility and chargeback capabilities of IaaS," said Chandra Rangan, senior director of Product Marketing, Storage & Availability Management at Symantec. "Then they can get serious about bringing cloud benefits to their core applications."

—A prolific and versatile writer, Pam Baker' has authored several analytical studies on technology and eight books. She is a member of the National Press Club (NPC), Society of Professional Journalists (SPJ), and the Internet Press Guild (IPG). —This article has been reprinted with permission from CIO Update. @ http://www.cioupdate.com. To see more articles regarding IT management best practices, please visit www.cioupdate.com.

The Chief Technology Officer Forum

cto forum 21 august 2011

N E X T H OR I Z O N s

cli e nt computi ng

Case for Chromebook in the Enterprise Comments from IT security professionals drive home a different, more favourable view of the Chromebook. By Robert McGarvey

cto forum 21 August 2011

The Chief Technology Officer Forum

illustration by shigil N

he reviews are in and they are not especially flattering. In the Wall Street Journal, Walt Mossberg suggested the innovative, Googleinspired Chrome OS netbook is buggy, pricey, and just not ready for primetime. In the New York Times, tech columnist David Pogue was, if anything, more brutal; dis'ing the device (he reviewed the Samsung edition but there’s also one from Acer) as a three-pound paperweight ... Ouch. Comments from IT security professionals drive home a different, more favorable view of the ChromeBook and business, maybe, ought to make reviewing the Chromebook for possible adoption a high priority. Why? 1 “The Chromebook is built with security as an inherent concern, not an afterthought,” said Lance James, a security consultant with Vigilant. That’s a crucial observation. Security has been grafted on today’s PC/Apple computing models and the results are spotty. With Chromebook, the device was designed to be secure. 2 Chromebook is cloud-based so there’s no downloading applications and therefore there probably is no downloading malware. (But see the reasons to shun Chromebook for a more expansive viewpoint.) 3 “Chrome OS uses process sandboxing that makes it basically impossible for one app to interact with another,” added James. Apps can’t talk with each other in Chrome OS, that is built into the architecture. This is another safeguard against malware working havoc on the network. 4 Faster boot times, i.e., Chromebook boots like a rocket. “On

average, it boots up in 10 seconds. You can see the screen instantly switch on when you open it,” said Sam Alapati, senior technical director, Miro Consulting. 5 Secure transmission of data: “All data, including downloads, are fully encrypted, so you don't need any anti-virus software,” said Alapati. 6 Automatic updates: “As soon as you switch on the device, all updates are made automatically,” said Alapati. This is big because, basically, Chrome OS eliminates user responsibility for managing updates. The network handles it like it or not. That, however, may be an obstacle in some organisations where IT is unhappy that a third party (Google, in this case) is deciding when to push out updates and to whom. It is worth noting that this is pretty much the model that applies to

N E X T H OR I Z O N s

cli e nt computi ng

Why to shun it smartphones, where carriers call the shots, and, although there are grumbles, most of us have come to accept this Good as the Chromebook security looks, it may have transfer of decision making. flaws. Matt Johansen, application security specialist at 7 There’s nothing to lose. “If you lose your laptop, no WhiteHat Security, emailed this round-up of concerns his team found in its poking into the Chrome OS: user data is lost since everything is in the cloud. The enterprises 1. “Chrome OS can be hacked to open a number of Chromebook shifts storage of user data away from the encrypt data sensitive sites that the user might be logged into and local device. In fact, the Samsung model spots a tiny stored over access their cookies or exploit any known vulnerabilities 16GB internal drive, barely large enough to store cached on other sites to leverage and steal sensitive information. Web content and the Chrome OS itself,” said Adam Powcloud 2. Hackers can create a malicious extension and coners, CTO of Lancope. 8 Easy sharing of hardware: “Since all of your data is vince a user to install a malicious man-in-the-browser app that can lead to a multitude of difficult to control securely stored in the cloud, you can lend your Chromesecurity problems. book to others and they can use the device through the Guest Mode 3. Simple vulnerabilities can be exploited in the Chrome OS platoption, without affecting your own data,” said Alapati. 9 Better battery life: “The average battery lifetime is eight hours; form via XSS vulnerabilities and how lenient application permissions can easily be made viral and wormable. much longer than that offered by traditional laptops,” said Alapati. 10 The ubiquity of MiFi and HotSpots suddenly has made a cloudAre those worries enough to cross off Chromebook from the enterprise wish list? It’s too early to say but as good as Chromebook based netbook -- one with essentially no usefulness when not connected security appears to be, it may not be the magic bullet security profesto the Internet -- useful despite that limitation. Critics harp on this need sionals have hoped for. for connectivity, but does it really matter? Probably not anymore. 11 Add in enterprise pricing at $30 per device per month for the Samsung Chromebook ($27 for the smaller Acer) and the value —This article has been reprinted with permission from CIO Update. @ www. proposition gets sharp, especially when software add-on costs will be cioupdate.com. To see more articles regarding IT management best practices, little or nothing. please visit www.cioupdate.com.

93%

Tackling Network Security in BFSI Sector CIO of Viteos Capital Market Services and CRO of Bharti AXA GIC, share their views on network security in BFSI sector. By harichandan arakali

n top emerging trends K B Venkataramanan (CIO, Viteos Capital) : Protection of transactional information during transit is at the core of the challenge. To me the entire perspective of security, be it network or otherwise, first needs to address the issues of privacy. Privacy and its interpre-

cto forum 21 August 2011

The Chief Technology Officer Forum

tation is fundamental to evolution of security as a subject. Parag Deodhar (Chief Risk Officer, Bharti AXA General Insurance Company): Insider threats – data loss/leakage through network, rogue devices connecting to networks – e.g. non-company device plugged in to the network port in a meeting room or a device connecting to a wifi LAN, external threats –

malware, DoS attacks, APT including phishing attacks etc. How to tackle them Venkataramanan: We tackle this across various levels. If the information sought – transactional or other wise is always sent as an encrypted mail. Additionally identity of the participant be in in a banking space or the insurance space is a sacred commodity. We

securit y

N E X T H OR I Z O N S

ensure that this piece of data is managed only by a set of people who are well versed with the privacy laws. Additionally this information is versioned and not allowed to be accessed outside the office. Deodhar: It has to be a integrated approach including technology, process and people. While we have deployed the standard network security measures like firewalls, IDS/ IPS, web-email filtering etc. it is important to implement advanced tools like NAC, DLP and continuous user awareness about new threats. On openness (Devices that allow users to download applications at will, and tap services): Venkataramanan: This is the way the future will be. Over the last few years we have seen access to public networks grow. If we look at India as an example the cost of this access to networks has decreased. If we look at San Francisco the service of access is a non paid utility that the city infrastructure uses and is available to all the people in that area. The challenge is to create a secure environment that has built in precautions and yet allows the freedom to operate from areas that are traditionally envisaged. From a business perspective it is an issue of being retrograde when IT managers do not allow access outside the traditional boundaries. Business has expanded and the need for information is extremely important if one needs to see business grow. Deodhar: While there is an increasing demand towards allowing open devices into the network, such devices would be prone to being compromised / infected and would be a greater threat to the corporate network. It is imperative that we ensure conformance to corporate network policies and minimising the threat by using “sandbox” on such machines and enforce mandatory security policies on such “open” devices before allowing them access to the corporate network. Rank network security Venkataramanan: I would rate network security as being secondary. Primary for me would be a good policy that is evolved around data protection and ownership of data. Once the primary issue is resolved it is only data in transit that needs attention. Segregating data into what is critical and what is not also helps in evolving the network security policy. Deodhar: One of top three priorities.

“Financial services customers are faced with increasing phishing/ malware/social engineering attacks.” Parag Deodhar Chief Risk Officer of Bharti AXA General Insurance Company Ltd.

Requirements for external partners Venkataramanan: The partner ecosystem will move towards a more open framework that is all encompassing. I do not think primary or secondary service providers will have much of a choice in dertermining what they can do and what they cannot. Deodhar: We do not allow partners to connect to our network. The only way is to login to our website and access web-based applications. On customers' choice of channels Venkataramanan: A good example of this is the ipad revolution. We now see bankers and others being open to transact business or review information on a ipad. The device that was for entertainment has now moved to an area of prominence in the business circle. The reason why I give this as an example is that the apple architecture was never geared to access heavy transactional data and it is doing exactly that now. There has be a paradigm shift in the way users have moved and this will create the demand/pull from the service community.

Deodhar: Financial services customers are faced with increasing phishing/ malware/ social engineering attacks. Financial services companies are trying to 1. Create security awareness amongst customers, 2. Use innovative methods to avoid attacks during the transactions e.g. dual factor authentication, encryption, virtual keyboards etc. Summing up Venkataramanan: I would like you to address the fundamental issue of why security in the context of the various laws enacted with the use of data like HIPPA etc. It would be an interesting reading for the reader to understand the transition of data to the need for security and therefore the need for network security as a subject. Deodhar: BFSI sector is prone to data leakage threats and need to focus on DLP projects. Also prone to APT by organised crime, and need to focus on these areas as any incident would cause huge reputation damage.

The Chief Technology Officer Forum

cto forum 21 august 2011

N O H O L D S B A RR E D

D o u g Fa r b e r

DOSSIER Company: Google Inc. Established: 1996 Headquarters: California, US Products: Desktop, mobile, online products

“You can’t put

cloud in a box”

Google has seen a good amount of adoption for its cloud services in India. The Internet giant feels its penetration would further increase as it moves up the maturity curve. Doug Farber, MD, Asia Pacific, Google Enterprise talks to Varun Aggarwal about some of the drivers for this adoption and how Google differentiates itself from competition. 48

cto forum 21 August 2011

The Chief Technology Officer Forum

key People: Larry Page Eric Schmidt Sergey Brin

d o u g fa r b e r

How is consumerisation of IT driving adoption for Google Apps? When you talk about the cloud, the real innovation that happens in the IT industry is on the consumer side. We all use Gmail, Picasa, Twitter or Facebook at home and then we go to the office and we’re stuck with these clunky client based servers, which is really heavy, extremely unfriendly to use. The whole notion behind delivering the consumer based services is what’s driving the cloud. We have a multi-tenancy architecture, we have a massive infrastructure, and we’ve been delivering services to hundreds of millions of users worldwide in a very intuitive way. The most important part is that users do not require any training to get on to our services like Gmail or Picasa etc. Achieving collaboration using products like Oracle, Outlook etc has been very clunky, complicated and also very expensive. So, what we found is that cloud is not about if anymore, it is more about when. We’ve seen many organisations have made the decision to go to the cloud and at Google we have three million customers using Google apps and we have three thousand customers signing up every day. And all these users are signing up because they get the same interface at work as they are used to at home, be it for Youtube, Gmail, Picasa or Docs. Moreover, organisations do not have to worry about maintaining servers and infrastructure, they don’t need to hire support and IT staff and can focus on their core competencies. RBI regulations do not allow BFSI companies to host their data in data centres outside the country. Do you plan to set up a data centre in India anytime soon to cater to this huge market? When we go back to the economics of cloud computing, the reason why Google is able to offer such an excellent service at such a low price point is because we’re leveraging globalised infrastructure and that we are location agnostic. We recognise there are particular segments in the industry that are not comfortable with this. So, what we’re seeing is that cloud computing is going through the classic adoption curve. Five to seven years back,

cloud computing was at an early adopter stage where few ambitious companies who were first movers, went for it. Then the education process came in and people became more familiar with the compelling economics vs the on-premise software, that is now driving demand for cloud. However, there’ll always be the laggards—the industries that have different requirements. But as we move forward, this segment would become thinner and thinner as the issues these companies would have would if not eliminated completely, would definitely be mitigated significantly. How do you define a true cloud experience? A true cloud experience is accessing the applications over the internet through an

“In a true cloud computing experience, your security layers, your upgrade and maintenance would be taken away.” array of multi-tenant servers on subscription base. That means we get to provide the same service, same benefits and the same transparency to users in India, US, Canada or even Australia. We also get to innovate at a very rapid pace to the level that we had 200 product releases of Google Apps all of which are transparently delivered to our users, offering quantum benefits to our customers but they don’t have to worry about running around and installing CDs or updating hardware etc. Everything is pretty seamless from an IT perspective. The more enterprises outsource their non-core functions to the cloud, the more

N O H O L D S B A RR E D

benefit they’ll get and the cloud would gain more prominence. What are your views on private and hybrid cloud? There is nothing called a private cloud. You can’t put a cloud in a box. If you try doing that you lose all economic benefits of the cloud. You will still have to worry about managing everything yourself similar to conventional software. Private cloud is just a new marketing term for the same conventional software. However, in a true cloud computing experience like that of Google, your security layers, your upgrade and maintenance— everything that is extremely resource and time intensive would be taken away. But when you go to a private cloud, and move that box into a room, you still have to maintain it, secure it, upgrade it etc. What are your strategies for India? India is compelling and leading edge geography for us. We’ve got some big customers in India like the Indian Youth Congress that has deployed Google Apps for 28,000 users, India Infoline which has 17,000 users. We also have customers like Flipkart and Indiamart have also signed up for Google Apps. Indian companies have appetite for new technologies for cost savings. With the growing traction, we’re building a stronger team on the ground in India. We are making significant investment in India for not just sales and marketing but also in technology. We have started offering our services in four Indian languages apart from Hindi. There is going to be a huge ecosystem building around the Google Apps. We see it as a platform and an application delivery mechanism and we have a whole array of APIs to integrate with other enterprise tools like SAP, Oracle etc. There are a number of third party apps that are now being hooked into Google Apps and we see this ecosystem growing significantly. Previously it took five clicks to get on to Google Apps but now we’ve reduced that to just three clicks. We’re also looking at offering different payment options for customers and would soon update you on the same.

The Chief Technology Officer Forum

cto forum

21 August 2011

T E C H FOR G O V E R N A N C E

compliance

POINTS

f or any corporate ethics policy to be effective, it must be perceived to be fair i f regular outside counsel investigates their own prior legal advice, “a plethora of loyalty and privilege issues” can come up in the investigation

Imaging BY Binesh Sreedharan

T here is a need for independent counsel for serious corporate investigations If a regulatory authority cannot rely on a company’s own internal investigation, it may perform the investigation with its own personnel

Who Should Handle

Your company needs to hire some seriously good lawyers to handle any internal investigation

Serious Internal

Investigations? Your company needs to hire some seriously good lawyers, independent from the company, to handle any internal investigation. By Thomas Fox

cto forum 21 August 2011

The Chief Technology Officer Forum

compliance

In the most recent issue of the

SCCE, Compliance and Ethics Professional Magazine, Issue 08/2011, is an article entitled “Foxes and henhouses: The importance of independent counsel”, in which author Dan Dunne discussed what he termed a “critical element” in any whistleblower response, which is a “fair and objective evaluation.” for all its legal work for the company. Dunne wrote that a key component The third point Dunne raises is the relaof this fair and objective evaluation is tionship of the regular outside counsel or the WHO question; that is, who should law firm with regulatory authorities. If a supervise the investigation and who should company’s regular outside counsel perhandle the investigation? Dunne’s clear conforms the internal investigation and the clusion is that independent counsel should results turn out favorably for the company, handle any serious investigation. the regulators may ask if the investigation Dunne list three factors which he believes was a “whitewash”. should cause a company to retain indepenIf a regulatory authority, such as the Secudent counsel for internal investigations of rities and Exchange Commission (SEC) or serious whistleblower complaints. First, for Department of Justice (DOJ) cannot rely on any corporate ethics policy to be effective, it a company’s own internal investigation, it must be perceived to be fair. André Agassi may perform the investigation all over again was right, perception is reality. with its own personnel. Further, these reguIf your employees do not believe that the lators may believe that the company, and its investigation is fair and impartial, then law firm, has engaged in a cover-up. This is it is not fair and impartial. Further, those certainly not the way to buy credibility. involved must have confidence that any Jim McGrath, writing in his Internal Invesinternal investigation is treated seriously tigations Blog, noted that despite the fact that and objectively. using specialised investigation counsel is a Secondly, if regular outside counsel invesbest practice that is worth the money, one tigates their own prior legal work or legal of the more difficult things is convincing advice, Dunne believes that “a plethora of decision-makers of the this advantage. loyalty and privilege issues” can come up in This is particularly so when speaking with the internal investigation. mid- or small-sized companies It is a rare legal investigation, that are part of larger supply where the lawyer or law firm chains. While general counsels which provided the legal advice and compliance officers may be and then investigates anything up to speed on outsourcing critihaving to do with said legal increase in cal inquiries, managers in busiadvice, finds anything wrong with its legal advice. malware leading ness segments often are not and frequently reply that they’ve “got Dunne also notes that if the to 12 million someone” in the company who law firm which performs the unique samples in “takes care of that stuff.” internal investigation has to However, it is clear that such waive attorney client privilege, h1, 2011 an approach will be more costly it may also have to do the same

22%

T E C H FOR G O V E R N A N C E

to a company in the long run. McGrath emphasises the need for independent counsel for serious corporate investigations. I would add a couple more reasons to those listed by Dunne and McGrath. If there are serious allegations made concerning your company’s employees engaging in criminal conduct, a serious response is required. Your company needs to hire some seriously good lawyers to handle any internal investigation. These lawyers need to have independence from the company so do not call your regular corporate counsel. Hire some seriously good investigative lawyers. I believe that there is another reason to hire outside counsel. It is also important because, no matter what the outcome of your investigation, you will most probably have to deal with the government. If the investigation does reveal actionable conduct, your company will need legal counsel who is most probably an ex-DOJ prosecutor or ex-AUSA to get your company through that process. Even if there is a finding of no criminal activity, you will need very competent and very credible counsel to explain the investigation protocol and its results to the government. One need only look at L’Affair Renault to see the hazards of not following the WHO approach of Dunne, McGrath or myself.

—This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The author can be reached at tfox@tfoxlaw.com. —This article is printed with prior permission from www.infosecisland.com. For more features and opinions on information security and risk management, please refer to Infosec Island.

The Chief Technology Officer Forum

cto forum 21 august 2011

T E C H FOR G O V E R N A N C E

SCM

Gap Analysis in Supply Chain Management The key to compliance is having the proper structure to identify the issues, implement policies and procedures to address them. by thomas Fox

cto forum 21 August 2011

The Chief Technology Officer Forum

Illustration by photos.com

here is no question but that international trade is more prevalent now than ever before. In many industries, international trade is more of a necessity than a luxury. The ability of a company to compete and financially grow in a particular industry may depend upon tailoring a program to buy and sell goods and services from and to companies and consumers in other countries. There are numerous laws (international, federal, state and local) that employees within the Supply Chain Management (“SCM”) Department are required to comply with in order to perform the responsibilities inherent in their jobs. How does the Compliance Department make certain that the Supply Chain Management Department as a “risk center” and the employees as “risk owners” have a system in place to know, abide by and monitor the compliance of the laws under their domain? Here are a few questions that the Compliance Officer may pose to the SCM department in order to perform a gap analysis regarding policies and procedures: (Note: many of the questions listed below are similar, if not identical, to the ones I posed for dealing with the HR department. Obviously, there are overlapping questions, but it is important to document that the question has been asked and answered with all “risk centers’). 1 Does the SCM department have an inventory of policies, procedures, laws and regulations covering supply chain related matters applicable to the company’s business?

2 If yes, do you have a specified person who is in charge of updating the inventory? 3 If no, what system does the SCM department utilise to ensure that it is aware of the various laws and regulations and has a process to comply with them? 4 What evidence would the SCM department be able to produce to the government to support a finding that the company has a solid compliance program for applicable supply chain laws and regulations? 5 What types of enforcement actions are predominate in the supply chain arena? How does the SCM department track such actions?

scm

T E C H FOR G O V E R N A N C E

regulation in 45 practice areas and more than 100 jurisdictions. (i.e. import and export requirements; customs; freight forwarding, There are books addressing Public Procurement, Anti-Corruption; port clearances, “deemed exports”, blocked persons; etc.) 6 Are employees within the SCM department specifically trained Mining; Oil; and Gas Regulation to name a few. Each book is written in a question and answer format addressing many common issues to understand compliance requirements applicable to the supply that arise with the particular topic of the book. Each chapter focuses chain arena? 7 Does the SCM department provide senior management with on one of the various international jurisdictions highlighted. periodic updates on the monitoring of results, key risks, and compliGregory Husisian, Foley & Lardner, LLP, wrote a great article in ance violations within SCM? January 2009 “Coping with U.S. Regulation of International con8 Has the SCM department established some type of duct: Compliance Strategies for the Foreign Corrupt Practices Act, Export Controls, Sanctions, and Anti-Monescalation criteria to ensure that high-risk issues are ey Laundering Laws and Regulations”. reviewed at the corporate level? 9 Does the SCM department have compliance moniMy final suggestion is to work with the Supply Chain Management Department (and possibly the Audit) toring standards in place? Does the SCM department organisations department to have a consolidated “Supply Chain Manperform periodic audits to ensure that the policies and agement Compliance Audit Checklist” that can be used procedures are being complied with? have hybrid 10 Do any of the following laws impact the SCM departto audit (and document) the company’s SCM Compliapps or public ance Program. ment? Foreign Corrupt Practices Act; Embargo; Anticloud in When in doubt, contact a good attorney both in the Boycott; Anti-Money Laundering; Export Administration U.S. and locally in whatever foreign country you are (such as ITAR, EAR and OFAC or “deemed exports”?); production operating, and have them review the SCM Compliance Custom and Import laws? Audit Checklist. Enlist their help in keeping you advised These are only a few of the questions that you may of changes in the applicable laws and regulations, which apply to the want to ask to begin the process of assessing what laws and regulaSCM department of your company. tions applicable to the Supply Chain Management Department apply The key to compliance, in my opinion, is having the proper to your company. structure to identify the issues, implement policies and proceIn addition, I am always looking for good resources so that I don’t dures to address the issues, audit for compliance and document, have to recreate the wheel. Here are a few that I found searching the document, document. Internet that may be of assistance in identifying legal and regulatory requirements applicable to SCM department. —Mary Shaddock Jones, Attorney at Law can be reached at msjones@msjllc.com —This article is printed with prior permission from www.infosecisland.com. “Getting the Deal Through Online” http://www.getFor more features and opinions on information security and risk management, tingthedealthrough.com/ - This website (free for in-house counsel please refer to Infosec Island. according to the website) provides international guides to law and

15%

Guidance on the Use of Social Media On privacy and security, financial institutions walk a tightrope when using social media. By David Navetta

anks and other financial institutions face unique issues when it comes to the use of social media. Faced with conflicts between social

media platform rules, customer expectations, self-regulatory standards, and the strict regulations that govern the industry, guidance has been needed. The industry received some of that guid-

ance recently through a whitepaper issued byBITS, the technology arm of The Financial Services Roundtable whose members are 100 of the largest financial institutions in the U.S. The report addresses the compliance, The Chief Technology Officer Forum

cto forum 21 august 2011

Image by photos.com

T E C H FOR G O V E R N A N C E

social media

legal, operational, and reputational risks – and related mitigation strategies – of using social media in connection with a financial or banking operation. Regarding compliance, the report discusses the myriad of compliance areas relevant to banks, including marketing, privacy and security. For example, because social media web sites and web activities are deemed advertising by regulators, the report warns of the risks of failing to comply with various marketing laws and regulations applicable to the banking industry, including state Unfair and Deceptive Acts or Practices Acts and Prize and Gift Acts, as well as others that require additional steps for financial institutions, such as Truth in Lending, Truth in Savings, and FDIC membership rules. The paper predicts even stronger and more subjective requirements to come under the Dodd–Frank Wall Street Reform and Consumer Protection Act. Risks of non-compliance vary widely – from litigation and reputation risk, regulatory enforcement actions and in some cases civil money penalties. On the issues of privacy and security, financial institutions walk a tightrope when using social media. The report warns that protected data could be exposed much more readily as consumers interact with bank staff on social networks. The increasingly real-time nature and features of many social media sites pose additional risks because staff must know the report-recommended policies, remember them, and act accordingly – all in near real-time. This is all in addition to the risks of third parties, who could try to use such features to try to expose information and may be more likely to succeed given the conversational nature of the platforms and features. Also, since social media sites and companies often make changes to those policies

cto forum 21 August 2011

The Chief Technology Officer Forum

The increasingly real-time nature and features of many social media sites pose additional risks because staff must know the reportrecommended policies, remember them, and act accordingly.

as they add new features or expand their partnerships with other online companies, the report warns banks to be vigilant in monitoring the privacy policies and practices of the various social media sites they use. The report discusses generally the requirement under the FTC’s endorsement guidelines’ that online publishers “disclose relationships with advertisers when they receive free products for review, compensation or other consideration.” The requirement seems simple, but administration and enforcement of it can become complex. So, the report urges financial institutions to develop policies and practices for educating associates, bloggers and other endorsers regarding disclosure requirements, including guidelines about the required disclosure format. These new policies should also be confirmed consistent with the myriad of other policies that likely exists, and even some that may not be entirely obvious, including any Code of Conduct/Ethics Policies, Sarbanes-Oxley Policies, Marketing/Brand/Logo Enforcement Policies, Risk Management Policies, Employment Verification/ Professional Reference Policies and various others. Although it is no substitute for clear rules from the federal banking agencies and other regulators about banks’ use of social media, the BITS report helps summarise the issues to spot when navigating banks’ use of social media and how to begin resolving potential conflicts. The report is targeted to the financial industry, but because it covers use of employees’ information and resolution of institution’s internal policies, it could be a helpful read for those companies outside of the industry, as well. —This article is printed with prior permission from www.infosecisland.com. For more features and opinions on information security and risk management, please refer to Infosec Island.

E V E N T R E P ORT

leadership

HP event at

Delhi 24 JUne 2011

Event

Bringing Agility into the Business HP event at

Bangalore 27 JULY 2011

cto forum 21 August 2011

The Chief Technology Officer Forum

leadership

E V E N T R E P ORT

CTO Forum in partnership with HP organised a two-city leadership event on taking the leap to handle trade-offs and exceptions in business.

n aspect that comes up often for discussion in the CIO’s leadership journey is your role in bridging the divide between capability and performance of individuals and building highly productive, outstanding teams. CTO Forum in partnership with HP organised a two-city leadership event named “Take the Leap” in Bangalore and Delhi. The sessions were focused on how CIOs should handle the tradeoffs between driving performance versus trying to use technology to drive the productivity of your organisation. Setting the context for discussion, Dr. Pramath Sinha, MD, 9.9 Media asked the panel, “How do you trade-off equipping an individual or function with the best technology and tools they deserve against ensuring compliance to organisation-wide standards and benchmarks that drive efficiency? How "flexible" do you need to be? What works and what does not? How do you actually do it? Where do you start?” Quoting a similar situation in his organisation and explaining how he handled the situation, Nagaraj G N, Director & Chief technology Officer at Religare Enterprises Limited said, “Each line of business has their own processes and when you try to standardise you face a lot of issues. When it came to allowing email access on a mobile device, it was difficult to decide which device to standardise on considering device proliferation that currently exists. We then decided to make e-mail available on all devices but ensured that user authentication is done correctly. We focused on authenticating the user on the best of our ability and kept reviewing it. We decided not to go for Blackberry at all and instead of funding for “How "flexible" do the device, we decided to you need to be? What fund the data charges for works and what does the employees.” not? How do you “Our CEO was still peractually do it?” sistent on standardising Dr. Pramath Sinha the device, but we decided MD, 9.9 Media not to own the asset and allow any device access. To ensure sensitive data is not leaked, we decided to strip-off the attachments from the mails that went on to the mobile device,” Nagaraj added. Tradeoffs largely depend on the organisation cul-

“iPads are now becoming very common but our company globally decided not to allow iPads in the organisation.” Rajeev Seoni

CIO, Ernst & Young.

ture. How open is the culture. Are we open to deep dive into a technology area that allows a variety of devices. Along with these trade-offs CIO’s often have to make exceptions for certain users and business divisions. But often, making these exceptions create a huge problem since the moment you make one exception the flood gates open and it is difficult to say no to others demanding similar exceptions. In certain cases even if you have a blanket policy, you are bound to make exceptions. Explains, Rajeev Seoni, CIO, Ernst & Young. “iPads are now becoming very common but our company globally decided not to allow iPads in the organisation. But when our MD recently bought an iPad we were bound to make an exception for him and allow the iPad.” Suggesting ways to handle exceptions, Nagaraj said, “In order to allow for exceptions you need to ask the users for the RoI. For eg if they say they need an iPad instead of a desktop or along with a standard desktop, then they need to show the RoI they’ll get out of that investment into the iPad.” Sunil Sirohi, VP-IT, NIIT opined, “People’s choices are changing and they want to exercise those choices. Trying to dictate their choices is not going to work easily. The industry is throwing out so many choices to the end user that you, sitting in your cocoon, may not be able to fathom that what you’re serving is probably not the best. You need to accept changes happening around and learn to deal with those changes.”

The Chief Technology Officer Forum

cto forum

21 August 2011

b m c i N D U S T R Y insiGhts

COUNTDOwN TO ClOUD: wHAT IT Really TAkES TO BE ClOUD-READy By Mark Settle, Chief Information Officer, BMC Software

Although cloud computing is still in a fairly early stage of adoption by IT practitioners, it has been fully embraced by IT vendors selling software, hardware, and services. In fact, “fully adopted” is a polite way of referencing the “feeding frenzy” that has occurred over the past two years as vendors of every stripe and description have linked their value propositions to the cloud computing bandwagon.

Investments in new tools and technologies are a

Countdown to Cloud readiness

necessar y, but not sufficient, precondition for

As a CIO, you and your organization will not be “Cloud-Ready” until:

realizing the theoretical benefits of cloud computing. Equally important, and perhaps more difficult to achieve, are the changes in operational procedures, procurement practices, and organizational structures that must accompany these investments. In principle, cloud computing provides businesses with new ways of virtualizing their business application portfolios, virtualizing and pooling their IT infrastructure assets, and gaining virtual access to highly scalable computing resources on an “as-needed” basis. Companies will find it difficult, however, to realize the gains in business agility and cost effi ciency afforded by these new capabilities unless they specifically address the following issues.

You hAve A sinGLe-siGn-on ArChiteCture thAt CAn be eAsiLY repLiCAted for both “on-preMise” And “off-preMise” AppLiCAtions

Users of SaaS (Software as a Service) applications don’t want to manage multiple authentication procedures to gain access to the tools they need to perform their jobs. As smart phones and tablet computers become more ubiquitous in the workplace, conventional VPN solutions for enabling secure access to SaaS tools are being viewed as increasingly cumbersome and anachronistic. Users want to be directly URL-enabled to gain access to their business applications through a

wide variety of devices, increasing the need for robust and extendable security architectures.

You estAbLish stronG, serviCe oriented ArChiteCture (soA) CoMpetenCies in MAnAGinG Your existinG AppLiCAtion portfoLio

SaaS applications present a wide variety of data integration challenges. Invariably, they need to exchange data with corporate databases within the corporate firewall, other “on-premise” applications, and other SaaS products. Moving data among these different entities with the appropriate synchronization and ETL procedures can be quite challenging. It’s not advisable to be expanding your SOA and SaaS management skills at the same time. Hopefully, you have the SOA sophistication required to manage the integration of SaaS products into your pre-existing application and database ecosystem. You proACtiveLY MAnAGe the onLine experienCe of Your business users

How will you ever be able to manage the performance of your SaaS providers if you don’t proactively monitor the availability, response times, and integrity of their services from all of your major operating locations? If you are not proactively monitoring the quality of the services they are delivering, you are implicitly relying on your users to detect and report performance issues. At best, that’s a fairly random and inconsistent process.

At worst, it’s a tremendous inconvenience to impose on your users and will invariably result in longer recovery times in the event of a problem or failure. If you are not already performing this type of surveillance on your existing applications, you will be challenged to develop such competencies as your SaaS portfolio expands. You fuLLY inCorporAte sAAs AppLiCAtions in Your disAster reCoverY (dr) pLAns

DR planners are typically thrilled to learn that their company plans to expand the use of SaaS applications. They think that a “SaaS-first” strategy will reduce the scope of their responsibilities since the infrastructure supporting SaaS tools is no longer owned or operated by their organization. Although there’s a certain logic to that perspective, the truth of the matter is that SaaS applications are inextricably linked to the security applications, corporate databases, and “on-premise” applications that must have formal DR protection plans. If those plans fail in whole or in part, they may compromise access to SaaS applications or the integrity of the data being delivered by SaaS applications. You hAve fuLL ownership And ControL of the infrAstruCture resourCes supportinG Your business AppLiCAtions

Private clouds are constructed by virtualizing all components of your operating infrastructure (i.e., servers, storage, and networks), pooling capacity, and allocating capacity in a dynamic fashion to satisfy the ever changing needs of your business. The financial benefit of private cloud computing is the ability to optimize capacity utilization of the overall pool, instead of optimizing the utilization of individual clusters of assets. If your corporate finance group thinks they need to be consulted before you start virtualizing the servers hosting their applications or co-locating their applications on servers being used by other departments, then you’ve got some significant political issues to overcome before you will realize tangible business benefits through virtualization. Your storAGe And network teAMs reALize thAt CLoud CoMputinG And server virtuALizAtion Are two verY different thinGs

Storage, network, and ser ver engineers need to stop trying to optimize the availability, performance, utilization, and scalability of their individual technologies. Instead, they need to transform themselves into

b m c i N D U S T R Y insiGhts

infrastructure engineers that understand how their technologies work together to deliver services to end users. With this understanding, they need to optimize the effectiveness and resiliency of the integrated technology stack that is being used to support individual business applications. Server, storage, and network technologies are converging faster than the skills, job descriptions, and organizational structures we use to manage them. If the engineering and operations teams managing these technologies are in a state of denial about the technology convergence that is happening around them, you’re not ready for the cloud! You Are AbLe to stAndArdize on A LiMited nuMber of teChnoLoGY ArChiteCtures to support the MAjoritY of Your deveLopMent, test, And produCtion requireMents

Technology diversity in the data center will stymie the most well intended and enthusiastic efforts to construct a private cloud. Optimizing the performance and utilization of pooled resources requires the ability to move workloads across those resources and reassign the resources when they are no longer needed. The lethal efficiencies in provisioning times, availability, response times, and capacity utilization that cloud computing can deliver in principle will not be realized in practice if every application team requires a unique combination of app/web/DB server platforms, storage-tiering solutions, and network bandwidth. Standardization of software utilities, DBMSes, and patch levels above the OS layer is also required to deliver functional environments to application dev/test teams on a self-serve basis. One of the abiding IT principles that must be continually relearned by successive generations of IT practitioners is that standardization is the key to affordability, and affordability is the key to business agility. Technology standardization initiatives should precede any and all private cloud computing initiatives. You Are AbLe to proCure infrAstruCture CApACitY in AdvAnCe of deMAnd

If your current procurement procedures require incremental investments in infrastructure capacity to be justified on a project-by-project basis, you will find it difficult (if not impossible) to maintain the surplus capacity in the server farms, storage pools, and network circuits that’s required to optimize the overall performance of your private cloud. CIOs require

a rechargeable “debit card” from their CFOs that will enable them to procure capacity in advance of demand to achieve higher levels of overall asset utilization. Surplus capacity is also needed to assure users that their future needs will not be compromised if they return assets to the global pool when no longer needed. Traditional project-based procurement policies were initially designed to deliver hardware to users on an “as-needed” basis. Ironically, they have had just the opposite effect, requiring tortuously long lead times to move from purchase order approval to hardware availability. “Debit card” procurement practices will enable the just-in-time access to internal computing resources that users have sought for a long, long time.

If you do not already have rigorous practices for monitoring, reporting, and managing the utilization of distributed computing resources, you will be poorly prepared to quantify the financial benefits achieved through cloud computing.

You routineLY Monitor And MAnAGe the utiLizAtion of existinG Assets

As indicated above, the principal financial justification for adopting a cloud-computing framework is the ability to achieve a greater return on infrastructure investments through improvements in capacity utilization. Mainframe-based IT shops closely monitor the utilization of their mainframe resources because they are so expensive. Mainframe utilization levels of 90+ percent are standard in most IT shops during prime shift; many operate at even higher levels. The capacity utilization of distributed computing environments receives much

b m c i N D U S T R Y insiGhts less attention because incremental capacity can be procured at modest expense in response to individual user requests. Server and storage virtualization has made capacity management relevant again within distributed environments. If you do not already have rigorous practices for monitoring, reporting, and managing the utilization of distributed computing resources, you will be poorly prepared to quantify the financial benefits achieved through cloud computing. If you don’t know the utilization levels of your internal resources, how will you decide when it’s cost effective to employ public cloud providers to satisfy spikes in demand? Inability to quantify improvements in capacity utilization and translate those improvements into financial terms will likely undermine the overall sustainability of any cloud initiative.

ready for Liftoff? The IT industry has arrived at a historic crossroads. The Y2K experiences that occurred more than a decade ago taught us how to virtualize our workforce, enlisting the aid of IT professionals from around the world in remediating Y2K issues embedded in legacy business applications. SaaS tools, which once were thought to be niche applications solely supporting sales force automation, have become ubiquitous. SaaS applications can now support a wide variety of front office, middle office, and back office processes. Annual revenues of Salesforce.com — the bellwether of the SaaS industry — have exceeded $1 billion, a meteoric accomplishment for any startup software company over a ten-year period. Most recently, Amazon has emerged as the industry pioneer in furnishing virtual access to scalable computing resources on demand. Amazon’s success has given rise to a variety of competing public cloud providers. In a largely unplanned and unanticipated fashion, we have reached a seminal convergence of trends in which our professional workforces, application portfolios, and underlying infrastructures can all be virtualized to varying degrees. Every commercial company is seeking to leverage these trends to reduce cost and increase agility. Those that confront and overcome the challenges outlined here will be ready for liftoff to a new world in which revolutionary responses to competitive threats and opportunities are enabled by IT. For more information about BMC solutions for cloud lifecycle management, visit www.bmc.com/cloud.

About the Author

Mark Settle, chief information officer for BMC Software, joined the company in 2008. He has served as the CIO of four For tune 300 companies: Corporate Express, Arrow Electronics, V i s a Inter n atio n a l , a n d Occidental Petroleum. Settle has worked in a variety of industries, including consumer products, high-tech distribution, financial services, and oil and gas. He received his bachelor’s and master’s degrees from MIT and a PhD from Brown University. He is also a former Air Force officer and NASA Program Scientist.

business runs on i.t. i.t. runs on bMC softwAre Business thrives when IT runs smarter, faster and stronger. That’s why the most demanding IT organizations in the world rely on BMC Software across distributed, mainframe, virtual and cloud environment s. Recognized as the leader in Business Service Management, BMC offers a comprehensive approach and unified platform that helps IT organizations cut cost, reduce risk and drive business profit. For the four fiscal quarters ended March 31, 2011, BMC revenue was approximately $2.1 billion. For more information, visit www.bmc.com.

ThoughtLeaders Dane Anderson, danderson@springboardresearch.com

Dane Anderson, is the CEO and EVP, Springboard Research.

Time to Review Mission Critical Computing Virtualisation and cloud computing are

playing a critical role in the changes taking place with mission critical infrastructures. Virtualisation and cloud computing are playing a critical role in the changes taking place with mission critical infrastructures across the region. These enabling technologies present Asian organisations with a new set of capabilities to make fundamental adjustments to their mission critical computing approach. According to our survey of over 1000 Asian IT buyers survey, virtualisation topped the list as the area that received the greatest investment over the past two years as well as the one expected to receive the greatest investment levels in the coming 12 months. Springboard Research believes that virtualisation will challenge the historical mission critical computing model that has created silos of technologies to support different applications across the datacenter. Virtualisation is most commonly leveraged in Asia to pool computing resources, processes and people to increase utilisation rates and reduce capital wasted to simply keep running inefficient systems. As virtualisation continues to grow as a foundational element in the computing infrastructures of Asian organisations, it will contribute to breaking

cto forum 21 August 2011

down boundaries between all computing silos, including legacy mission critical infrastructure and processes. It is not surprising that cloud computing rates toward the bottom of the list over the past two years considering its low maturity level over the past two years. When looking toward the coming 12 months, cloud computing moves up the list as a hot solution area with 17 percent of respondents indicating plans to invest in it. Moreover, the lines between virtualisation and cloud computing are blurry with many Asian organisations viewing virtualisation as a first foundational step in their cloud computing investment plans, which artificially reduces the cloud responses provided. We recommend the following to Asian organisations crafting their future mission critical infrastructures: Challenge historical mission critical perspectives and approaches that depend on silos of separate infrastructure, people and approaches for applications deemed mission critical. By breaking down these silos, organisations can unleash operational cost savings, reduce total cost of ownership and inject greater efficiencies.

The Chief Technology Officer Forum

â&#x20AC;&#x153;Historical methods of managing mission critical workloads are modernising to include missioncritical needs.â&#x20AC;?

When considering building a single virtualised platform, consider the degrees of mission critical protection required for your application from business critical to mission critical or fault tolerant. Look for a supplier with the capabilities to simplify, automate, and integrate your data center to deliver the most cost savings. Historical methods of defining and managing mission critical workloads are modernising to include a range of mission-critical needs, especially in the Asian region where a lack of legacy infrastructure and strong growth are contributing to new strategies. As part of a broader market drive to lower costs and improve efficiency, leading Asian organisations are creating highly efficient virtualised foundations and processes that combine with mission-critical infrastructure to deliver different quality of service levels according a workloadâ&#x20AC;&#x2122;s specific needs. As this process continues to build momentum, platforms previously considered unable to support mission critical workloads will become increasingly relevant in the mission critical infrastructures of Asian organisations.

VIEWPOINT KEN OESTREICH

illustration by santhosh kushwaha

Cloud Is Not The End - It’s The Means Cloud is

a new tool that is the means to a more aspirational end. Once you get a new tool, you ask: What can I build that I couldn’t before? Cloud computing, at its core, is an operational transformation mostly focused on infrastructure. If you’re an enterprise IT shop, you’re right to think that such a change will (ultimately) simplify your world. But simplification, faster time-to-provision, and on-demand capacity aren’t the end points of IT transformation. They are the new tools that are the Means to a more aspirational end. What every business craves is the ability to respond to new ideas and to market pressures (competitive, consumers) faster and more completely -- Agility. A recent McKinsey study shows that the top three metrics of “agility” were centered on revenue growth rather than cost reduction - signalling that companies value growth over expense-cutting. And IT is the chief approach to enabling revenue growth for many enterprises. But merely having faster infrastructure is necessary but not sufficient for an enterprise to achieve real business agility.

cto forum 21 August 2011

The Chief Technology Officer Forum

My thesis is that Cloud computing - whether Private cloud, or a mix of Private/Public (Hybrid) - is really the means to a bigger end: Enabling IT to serve and enable the business, rather than simply respond to technology requests. Think of IT as an internal Service Provider (ITaaS) - developing, marketing, pricing and refining technology to meet the specific needs of Line-of-Business users. Forrester research even makes the valid observation that IT needs to undergo the conceptual transition to BT (business technology). The Goal is IT (I’ll continue to use the term for now) that is structured and goaled to serve the business. And that is a whole lot more than just providing a virtualised cloud infrastructure. ITaaS transformation isn’t about infrastructure only... it includes how IT works with the business as a Service Provider - at times actuallycompeting for business against “Shadow IT” from external sources. There are four basic facets to think about this transition From “monopoly” to “market”:

About the author: Ken Oestreich is a marketing and product management veteran in the enterprise IT and data center space, with a career spanning start-ups to established vendors.

Rather than IT being “the only game in town”, Shadow IT is causing indirect competition - where IT will have to offer and price services in a manner (and speed) that will cause internal customers to want to purchase from them. From vertical to horizontal: where the organisation shifts from stackfocused to service-focused. Literally, the orgcharts and skills-sets change over time. From “enterprise tax” to consumerised pricing: Rather than the fixedprice based pricing for standing-up a stack, IT will shift to a variablepriced model based on consumer needs and competitive pricing. From IT as a cost center to IT as a center of value, where IT teams with the LoB to create and offer services that move the business - whose job it is to generate revenue - forward. The desired end-game is for the enterprise to be more competitive, responsive, and agile. Cloud is an enabler - but don’t overlook what needs to be paired with technology to get the full effect.

Run applications up to 50x faster.

What IT performance can be. With WAN optimization solutions from Riverbed®, you can increase application performance up to 50 times faster over the WAN, delivering LAN-like performance just about anywhere — from remote offices to the data center to the cloud. Learn more at riverbed.com/50x For any queries, please contact marketingindia@riverbed.com

MAHENG/2005/15409