S P I N E
CTO FORUM
Technology for Growth and Governance
July | 21 | 2010 | Rs.50 Volume 05 | Issue 23
GET
LINKED TO TROUBLE | FAST TRACK | 10 STEP CIO HANDBOOK
YOURHEAD IN THE
CLOUD The cloud is
getting more mysterious,
look before you
step on this shaky ground | PAGE 18
A QUESTION OF ANSWERS
Cloud is not
a Product PAGE 10
LITTLE GIANTS
All Tanked Up PAGE 30
Volume 05 | Issue 23
CSO FORUM
A 9.9 Media Publication
Infosec Game Plan
EDITORIAL RAHUL NEEL MANI | rahul.mani@9dot9.in
Sustainable IT: Are we any closer?
s responsible corporate citizens do we look for cheap, or sustainable, IT? While releasing the “2009 EMC Sustainability Report”, Joe Tucci, Chairman and CEO of EMC, made a very responsible comment. “We’re part of an interconnected world system. Our ability to prosper in the long run will depend upon the existence of a healthy physical environment, as well as an educated, inclusive
and economically-vital society. We strive to make decisions and operate our business in a sustainable way—a commitment we sum up with the phrase: 'people, planet, prosperity',” he said. For this cause, the company has established an office of sustainability headed by a Chief Sustainability Officer. Don’t, for a second, think that I am praising one company, and discarding others. What I want to
EDITOR’S PICK 10
Cloud is not a product
Jim Whitehurst, CEO and President, Red Hat, says that the technology vendors should listen to customers more and not merely sell their products.
derive from here is the compelling idea of “Sustainable IT”. No matter how much we talk about sustainability, only a handful of companies place environment, society, or the planet, before business interests. Often, the decision to buy technology is dictated by low acquisition cost. The repercussions of buying unsustainable technology products are ignored. I believe that the time for fundamental, systemic change is now. It’s about time we realise that environmental and social sustainability should be an essential part of every decision and action we take in our organisations. As bulk consumers of real estate, public utilities and technology, we have to either think of alternatives to attain sustainability, or take responsibility for contributing
towards this massive ecological imbalance. We need to manage all our resources more intelligently, before it is too late. Though clichéd, there are a few options which have gained prominence in the past couple of years. Majority of the companies are already moving from hardcore physical infrastructure and processes to more consolidated virtual processes. Among others, cloud technology–private and hybrid–is gaining acceptability and will possibly offer a viable option for sustainable IT. Again, I believe that it can do a lot to help preserve and restore our natural resources.
CTO FORUM thectoforum.com
21 JULY 2010
1
VO L U M N 0 5 | I S S U E 2 3
JULY 10 THECTOFORUM.COM
C O V E R D E S I G N B Y: S A N T O S H K U S H W A H A
CONTE NTS
CTOFORUM
18 COVER STORY
18 | Do you need the cloud?
COLUMNS
04 | I BELIEVE: FAST TRACK Arup Choudhury Sr. GM – IT, Eveready Industries India Limited on the automation of sales force in the FMCG sector
Cloud is a fitting term for something so shrouded in mystery and hard to grasp. It is getting difficult for CIOs to stay anchored and not be swept away by the buzz.
48 | VIEW POINT: THE BIG BATTLES Gazing into the future of the big vendors. BY STEVE DUPLESSIE
FEATURES
Please Recycle This Magazine And Remove Inserts Before Recycling
2
COPYRIGHT, All rights reserved: Reproduction in whole or in part without written permission from Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd, C/o K.P.T House, Plot Printed at Silverpoint Press Pvt. Ltd. TTC Ind. Area, Plot No. A-403, MIDC Mahape, Navi Mumbai 400709
be rotten inside. Seven signs that help you know if you are being cheated. BY JEFF VANCE
CTO FORUM 21 JULY 2010
28 | NEXT HORIZONS: AT THE CORE OF THE DEAL What seems like a good deal may
thectoforum.com
VOLUME 05 | ISSUE 23 | 21 JULY 2010
www.thectoforum.com Managing Director: Dr Pramath Raj Sinha Printer & Publisher: Kanak Ghosh Publishing Director: Anuradha Das Mathur EDITORIAL Editor-in-chief: Rahul Neel Mani Executive Editor: Geetaj Channana Resident Editor (West & South): Ashwani Mishra Associate Editor: Dominic K Assistant Editor: Aditya Kelekar Principal Correspondent: Vinita Gupta Correspondent: Sana Khan DESIGN Sr. Creative Director: Jayan K Narayanan Art Director: Binesh Sreedharan Associate Art Director: Anil VK Manager Design: Chander Shekhar Sr. Visualisers: PC Anoop, Santosh Kushwaha Sr. Designers: Prasanth TR, Anil T & Suresh Kumar Designer: Sristi Maurya Chief Photographer: Subhojit Paul Photographer: Jiten Gandhi
10 A QUESTION OF ANSWERS
10 | Cloud is not a Product. Jim
Whitehurst, President and CEO, Red Hat, says that CIOs want to pay for what they use and when they use it.
14
45
REGULARS
01 | EDITORIAL 06 | ENTERPRISE ROUND-UP 47 | HIDDEN TANGENT advertisers’ index
14 | BEST OF BREED: LINKED TO TROUBLE The use of business social networking could lead companies to doom
45 | HIDE TIME: NAGARAJ BHAT, DIRECTOR OF GLOBAL INFORMATION SERVICES, APPLIED MATERIALS INDIA
IBM SIGMABYTE VIZEUM ACE DATA CANON
IFC & 15 05 17 IBC BC
This index is provided as an additional service.The publisher does not assume any liabilities for errors or omissions.
ADVISORY PANEL Ajay Kumar Dhir, CIO, JSL Limited Anil Garg, CIO, Dabur David Briskman, CIO, Ranbaxy Mani Mulki, VP-IS, Godrej Industries Manish Gupta, Director, Enterprise Solutions AMEA, PepsiCo India Foods & Beverages, PepsiCo Raghu Raman, CEO, National Intelligence Grid, Govt. of India S R Mallela, Former CTO, AFL Santrupt Misra, Director, Aditya Birla Group Sushil Prakash, Country Head, Emerging Technology-Business Innovation Group, Tata TeleServices Vijay Sethi, VP-IS, Hero Honda Vishal Salvi, CSO, HDFC Bank Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay Vijay Mehra, Former Global CIO, Essar Group SALES & MARKETING VP Sales & Marketing: Naveen Chand Singh National Manager-Events and Special Projects: Mahantesh Godi (09880436623) Product Manager: Rachit Kinger Asst. Brand Manager: Arpita Ganguli GM South: Vinodh K (09740714817) Senior Manager Sales (South): Ashish Kumar Singh GM North: Lalit Arun (09582262959) GM West: Sachin Mhashilkar (09920348755) Kolkata: Jayanta Bhattacharya (09331829284) PRODUCTION & LOGISTICS Sr. GM. Operations: Shivshankar M Hiremath Production Executive: Vilas Mhatre Logistics: MP Singh, Mohd. Ansari, Shashi Shekhar Singh OFFICE ADDRESS Nine Dot Nine Interactive Pvt Ltd C/o K.P.T House,Plot 41/13, Sector-30, Vashi, Navi Mumbai-400703 India Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd C/o K.P.T House, Plot 41/13, Sector-30, Vashi, Navi Mumbai-400703 India Editor: Anuradha Das Mathur C/o K.P.T House, Plot 41/13, Sector-30, Vashi, Navi Mumbai-400703 India Printed at Silverpoint Press Pvt. Ltd. D 107,TTC Industrial Area, Nerul.Navi Mumbai 400 706
CTO FORUM thectoforum.com
07 JULY 2010
3
I BELIEVE
BY ARUP CHOUDHURY Sr. GM – IT, Eveready Industries India Limited THE AUTHOR has been in technology decision-making roles for more than eight years .
Fast Track
FMCG companies are quick to link their systems with suppliers and distributors FMCG organisations have been looking at extending their IT initiatives to touch business partners like suppliers on one hand and the distributors on the other. Extending the IT chain to link the distributors for instance would be of mutual benefit. This would propel a movement from a 'push' based system to a 'pull' based system, translating into
4
CTO FORUM 21 JULY 2010
thectoforum.com
CURRENT CHALLENGE ENTERPRISES IN THE FMCG SECTOR WANT TO AUTOMATE THEIR SALES FORCE IN A COST-EFFECTIVE MANNER.
inventory efficiencies right from the distributor stock point to the CFA and to the manufacturing location. The primary role of the sales force in the FMCG sector has undergone a transformation. In the past, focus would be to fill up the shelves of the distributors (selling to the channel). Today the primary focus is to empty the distributor shelves to be replenished automatically (selling through the channel), resulting in in faster inventory turnaround, and generating better ROI for the distributor thereby strengthening the relationship with the organisation. Besides, the organisation would have a regular view of the secondary sales (from the distributor to the retailer) translating into a higher degree of accuracy in forecasting and demand planning. Connecting to the suppliers on the other hand has allowed FMCG organisations to move towards Vendor Managed Inventory (VMI) type of a relationship. Hence the supplier can not only control the inventory at his level, but also at the organisational level. He also gets a view of future requirements which allows him to plan his production schedule efficiently. Awareness of the use of Java-based mobile phones is definitely increasing and more applications are being built for this platform. FMCG companies are looking at automating their sales force with the help of such applications. It is envisaged that the efficiency of the sales force would increase by at least 15-20 percent with the help of such packages. This would have a direct and a favourable impact on top line growth. Most of the planning activities of the sales person, like the retail outlets to be visited during the daily 'beat,' and the order-taking process at the retailer's outlet, are being automated, thereby allowing him to spend more time with the retailer for selling.
INTERVIEW INISDE
Enterprise
High technical skill availability is accelerating Linux adoption in India Pg 09
ROUND-UP
SAS 70 Stands Inadequate. By 2012,
PHOTOS BY PHOTOS.COM
cloud customers will not accept it alone as proof of effective security and compliance STATEMENT on Auditing Standards (SAS) 70 is being misused by many vendors, and certified public accountants (CPAs), in the hosted-application, software as a service (SaaS) and cloud computing spaces, according to Gartner. Gartner analysts said SAS 70 is too often treated as a certification "proving" security and compliance with privacy or other regulations that require enterprises to monitor their exposure to vendor risks. "SAS 70 is basically an expensive auditing process to support compliance with financial reporting rules like the Sarbanes-Oxley Act (SOX)," said French
Caldwell, research vice president at Gartner. "Chief information security officers (CISOs), compliance and risk managers, and others involved in the purchase or sale of IT services and software need to recognize that SAS 70 is not a security, continuity or privacy compliance standard." Published by the American Institute of Certified Public Accountants and intended for use by the customer's auditor, the result of a SAS 70 is either a Type I attestation that the processes as documented are sufficient to meet specific control objectives, or a Type II attestation, which additionally includes an on-site evaluation.
10 DATA BRIEFING
TIMES COSTLIER — EMPLOYEE THEFT OF INFORMATION COMPARED TO ACCIDENTAL LOSS. Forrester Consulting Study
6
CTO FORUM 21 JULY 2010
thectoforum.com
E NTE RPRI SE ROUND -UP
THEY TODD SAID IT BRADLEY HP announced in April that it would be acquiring Palm at USD 1.7 Billion. On completing the acquisition in early July, Todd Bradley, executive vice president, Personal Systems Group, HP, said:
HP’s New Security Solutions. The first product in the HP TippingPoint SVF suite of products. HP has announced new security solutions designed to prevent network breaches by delivering data protection across both physical and virtual environments. The HP TippingPoint Secure Virtualization Framework (SVF) is a suite of products designed to help prevent network threats from impacting virtualised environments. The TippingPoint Virtual Controller (vController), the first product intro-duced under the SVF, extends TippingPoint security protection from physical to virtual networks by routing it through an HP TippingPoint N-Platform Intrusion Prevention System (IPS) appliance. The vController prevents security attacks by inspecting all VM traffic as it moves through the network – either between VMs or from VMs to traditional servers. Virtualised environments and their applications are subject to the same threats that impact traditional data centres. While many virtual machines (VM) are hosted on a single server, one security breach can have a disastrous impact. As a result, when organisations accelerate the migration of production workloads and missioncritical assets to a virtualized environment, security requirements must become a strategic element of these plans.
QUICK BYTE ON IT SECURITY THREATS
“With webOS, HP will deliver its customers a unique and compelling experience across smartphones and other mobility products. This allows us the opportunity to fully engage in growing our smartphone family offering and the footprint of webOS.” —Todd Bradley, Executive vice President, HP
The recently discovered KHOBE (kernel hook bypassing engine) attack technique is creating ripples in the IT security field. The technique, which was discovered by security research group Matousec on May 5th, 2010, has been in the midst of a controversy: some experts argue that it's a very serious threat while others brush it off. CTO FORUM thectoforum.com
21 JULY 2010
7
E NTE RPRI SE ROUND -UP
Meanwhile, the launch of Windows 7 is driving a new IT refresh cycle across the world. The launch of Windows 7 means that countless organisations will be refreshing their software infrastructure, allowing them the opportunity to make wider changes with minimal impact for greater ROI. By looking again at their virtualisation infrastructure, organisations in India will be able to reduce costs and improve performance.
Enter, Desktop Virtualisation.
WHAT ARE the virtualisation challenges (for instance virtual server licensing and inadequate virtual management tools) faced by CIOs and how is Citrix addressing them? Desktop virtualisation solves some of IT’s most persistent problems. But it also moves PC maintenance into the datacentre, consolidates desktop storage, and places new demands on networks. These new challenges can be overcome by careful planning, selection of an experienced technology partner and sustained focus on a single goal: to make applications and desktops in the new virtual environment more responsive than they ever were in the physical environment.
The key challenge, however, is primarily related to resistance to change within organisations. Many organisations are unsure how to approach its implementation. Can you discuss the trends in desktop and server virtualisation Two trends are seen: BYOC (Bring Your Own Computer) and the 2010 IT refresh cycle. While 2009 saw the advent of BYOC schemes, this innovative new way of provisioning technology in the enterprise is taking hold in 2010. Several companies across Asia are beginning to investigate its impact on staff morale and IT TCO.
Growth in worldwide PC shipments
GLOBAL TRACKER
Worldwide PC shipments reached 82.9 million units in the second quarter of 2010, a 20.7 percent increase from the second quarter of 2009
82.9 million
68.68 million
SOURCE: GARTNER, INC
ILLUSTRATION BY ANIL T
Mick Hollison, Vice president, Desktop Marketing at Citrix Systems in a conversation with Vinita Gupta.
Second Quarter of Year 2010
8
CTO FORUM 21 JULY 2010
thectoforum.com
How would the next generation of desktop be like? Citrix believes that the next generation of desktop will encompass two important advances in desktop technology: desktop as a service (DaaS) and client-side virtualisation. The DaaS concept is about centralising and delivering desktops as a service to users anywhere, revolutionising desktop lifecycle management. Organisations need to look at desktops in a radically different way. Enable one image, one instance of data for one good user experience. By building once and leveraging infinitely, organisations can slash desktop management costs to each user. A key enabling technology is client-side virtualisation. The client-based virtual desktop is maintained by a central server, which periodically checks the desktop to patch the operating system or update applications. Unlike other forms of desktop virtualisation, it is not dependent on being connected by the network to that server. Disconnect the laptop, for example, from the network and the virtual desktop still functions en route to its next networked destination. How is Citrix addressing the mobile computing market (laptops & mobile phones)? With the highly-anticipated Apple iPad now available, Citrix Systems has extended support of Citrix Receiver to the iPad. Using the Citrix desktop virtualisation infrastructure the companies already have, users can get any Windows application or document directly on the iPad with simple one-tap access through Citrix Receiver. The iPad’s larger screen size and the safe and secure access with Citrix Receiver, the iPad is transformed into a powerful and portable business tool for patient care, field service and any mobile workforce. —Vinita.gupta@9dot9.in
E NTE RPRI SE ROUND -UP
PHOTO BY PHOTOS.COM
Tata Communications’ New Webbased Connectivity Portfolio. Collaborates with Google to provide email, IM, etc.
TATA Communications and Google India have announced plans to combine their global resources to offer a portfolio of web-based, collaborative business connectivity tools that provide email, instant messaging, calendar functionality, video and office presentation tools for business’ across India. The portfolio of business tools, powered by Google App, is a significant move by both parties to bring value-added applications to Indian
enterprises while offering localised pricing, billing and support. The service streamlines the complexities of IT while allowing businesses to pay for only what they need. Indian organisations, particularly the emerging enterprises, will now have expanded access to Tata Communications’ cloud-based software services, helping them migrate their IT requirements to a pay-as-you-use business model. Building on Tata Communications’ leadership position as a SaaS service provider, the portfolio will help organisations reduce IT cost and complexity and be more productive. It will be particularly beneficial to companies with fast growing teams, offices spread across the country, or staff who travel frequently. “The launch of this service marks the coming together of two global entities to change the way enterprises communicate and collaborate both within their own organisations as well as with their partner and customer ecosystems. The relationship leverages Tata Communications’ market presence and expertise in India with Google’s innovative enterprise offerings, to provide a unique and easily-accessible business application for organisations in the local Indian market,” David Wirt, Senior Vice President, Global Head of Managed Services, Tata Communications said. The service will streamline business setup and minimize maintenance without the need for additional hardware or software. It will be accessed via the Tata Communications website (www.tatacommunications.com) over a web browser or smart phone and will provide secure, real-time collaboration among workgroups of all sizes. Orders can currently be placed through the customer facing sales team.
FACT TICKER
Websense's 5 tips to Increase Email Protection. Return of the attachment amongst one of the traps
THE SECURITY vendor has announced new guidelines for protecting one's system while checking emails. 1.Close the window of exposure New threats are discovered every minute. Look for an email security solution that offers real-time classification in order to catch the threats as they happen.
2. Social engineering scams Cleverly wrapped social engineering scams use highly customised phishing emails. Spammers have abused big brand names to entice possible victims into clicking on URLs. 3. Beware the return of the attachment In 2010, emails have re-emerged as a key medium for spreading files and delivering Trojans as attachments
following an upsurge last year. 4. Unify your security to stop converged threats Scammers use a combination of all three areas – email, web and data stealing – so it makes sense to have a unified security solution which takes all three areas into account. 5. Keep your security up to date Because of the dynamic nature of threats, real-time updates are critical. One of the easiest ways of managing this is to opt for Security-as-a-Service (SaaS). SaaS provides the latest threat intelligence and ensures exceptional Web and Email security services.
LINUX GROWS
THE LINUX SERVER operating system (OS) has grown its way to a prominent position in the Indian server OS market, with its adoption rate increasing from 7.0% to 8.1% (and rising) over a 13-month period (since April 2009), per the latest research from Springboard Research. The rise in Linux adoption in India has been fuelled by verticals including the government, education and enterprise. SMBs(1-999 devices) dominate the Linux server OS market with an adoption growth rate of 8.3%, 2.4 percentage points higher than that for large enterprises (>1,000 devices). Factors such as low cost of ownership, a perception of minimized security threats, lack of piracy-related issues and a strong online support community have been the main growth drivers for Linux adoption. Linux proved to be the right product for SMBs who were looking for a low cost solution to meet their business goals. “An interesting trend that has gained momentum in the recent past is the SMB demand for customized solutions. Today, enterprises look for products and solutions specifically designed to meet both their and their customers' needs and open-source solutions offer that flexibility,” said Sameer Bhatnagar, Senior Research Analyst at Springboard Research. “Also, high technical skill availability is one of the key accelerators of greater Linux adoption in India.”
CTO FORUM thectoforum.com
21 JULY 2010
9
A QUESTION OF ANSWERS
JIM WHITEHURST
Death of PC: It may exist as a desktop but would lose share to other computing devices
10
CTO FORUM 21 JULY 2010
thectoforum.com
JIM WHITEHURST
A QUESTION OF ANSWERS
JIM WHITEHURST | CEO, REDHAT
Cloud is Not a
Product PHOTOS BY JITEN GANDHI
Jim Whitehurst, President and CEO, Red Hat, in a conversation with Geetaj Channana, says that technology vendors must listen to customers and not only sell products.
Have the platform wars, like the ones between Windows and Linux, turned into service oriented wars? I think that platform wars are moving much more to a stack war. People are now looking for holistic environments to build and run applications. For most companies it is not about choosing between Unix or Linux or Windows — it's all the about the platform on which my developers will be developing — that's changing. With Red Hat we have always been very operating system centric but now we have to think about reasonable well-integrated infrastructure components. Would you agree that vendors like you, Microsoft,
Amazon and Google are trying to oversimplify the cloud in some manner? Yes, because I do not think cloud is a product that a vendor brings to the table. My view of cloud, the way customers say cloud, and what they really mean, is a modern layered architecture where you have a choice of those various layers and application development capability that delivers rich quick application development. By definition, you cannot have cloud in a box. So, I do think there is a bit of an over-simplification. Is there a disconnect between what people are asking for and what is being delivered?
Absolutely. Most CIOs are not ready to move their applications outside of their data centre. There is so much hype around cloud; people are saying different things. But, when I go to CIOs, I hear three things – 1.They want to pay for what they use and when they use it – they don't like the model where they buy all the software and the hardware and take risks. 2.They want a layered modular architecture which allows them to move their applications and run it where it is best. 3.Richer, better and faster application development experience People hear hype and they think that it is cloud – which does not necessarily mean cloud. And cloud done wrong actually makes these problems worse.
CTO FORUM thectoforum.com
21 JULY 2010
11
A QUESTION OF ANSWERS
JIM WHITEHURST
I think that is where the disconnect is, because when people say 'cloud' we literally take it as an off-premise solution to run functionality. I think that’s a mistake and is not really what the customer is asking for. You have said in your past interviews that PCs would die in the future – why and how? PCs will exist but they will be a minority among devices because of the explosion of mobile. By 'mobile' I refer to mobile devices and mobile broadband that have changed radically the way we interact with technology. The iPhone, iPad, Android – those experiences are getting richer. The way we see the PC, may exist on some desk tops, but in terms of computing devices, it's going to have a smaller share everyday. Earlier the enterprise drove consumer technology – now, do you think the consumer is affecting the enterprise more? A: Oh yes! When I talk to CIOs around the world, I hear over and over again that they are being forced to support consumerist things like software as a service or devices. And, they have to do it because everybody is demanding it. People are going to blog, they are going to tweet, whether you like it or not. So, CIOs have had to set policies to help people connect their personal devices. I do think that it is a very different world where innovation is being led by certain Web 2.0 type companies and they are setting the pace for IT. And, it really puts a lot of pressure on the CIO – not only to support these devices and applications, but also puts a lot of pressure on the expectation levels of what they should deliver. I would also like to talk about the death of version 2.0. There is no Google Docs 2.0 or 3.0, there is just rapid innovation that is adding feature and functionality. The whole programming model that is being used inside of large corporations
12
CTO FORUM 21 JULY 2010
thectoforum.com
has to change. And, that is as much behaviours as it is underlying technology. The usual way was to plan a new implementation and spend years spec-ing it and coding it - then many years later you introduce a new product. The pace of innovation and the way people work at home has radically altered the way you spec the work. Would you say the role of the CIO in an organisation has changed from being a guardian of technology to an enabler of business? I think that the role of the CIO needs to change really to be an enabler of the business, but, I’ll be frank - half the CIOs are still struggling to keep the lights on, keeping close to the budget and just surviving - that they are not playing the role that they need to play. When 80% of your costs are lights on then you are always concerned about how you can keep those costs down. Most CIOs need and want to be strategic but are completely hampered by their IT infrastructure. They have no time left whatsoever from
THINGS I BELIEVE IN Customers want to pay for what they use and when they use it They want a layered modular architecture which allows them to move their applications and run it where it is best. You cannot have cloud in a box
keeping the lights on to focus on strategic parts of the business. But IT drives business – it is a core of operation for many businesses, and presents new opportunities but in a day to day operation, the CIO is more concerned about how to keep their e-mail server running or how to keep their ERP going - things like that. That is why we see an interest in the cloud - because of the frustration with what they have and what they have to maintain. They think that “If I could source it from somewhere else – from this miracle light shining on top of that hill” it would make life so much easier. But are people really doing that – shoving the old things out of the window and investing in the cloud - or are they just talking about it? Oh, they are just talking about it. There are a lot of companies that are investing in development and testing on Amazon EC2 cloud or the IBM cloud. But, these are all development and test, lots of playing around. We also have some companies pool-
JIM WHITEHURST
“The programming model being used inside of large corporations has to change. It is as much behaviours as it is underlying technology.”
where I refer to the Gartner hype cycle – this is why there is going to be a valley of discontent.
ing and trying to set up private clouds but I would say that these things are in the advanced R&D stage now. And, most of it is because the CIO’s boss, the CEO or the CFO is asking them about it. Whenever I talk to the CIOs, they are sick of listening to the cloud! This is because it is so far away from really being able to deliver on the components and the pain points like – flexible modular architecture, newer, faster ways to develop functionality and paying on what you use and when you use it. We think that it is the cloud – but what is really happening is that the technology industry does not listen to the customer – we just take the technology that we have and shove it down the customer’s throat. So, cloud, from an IT industry perspective has turned out to be a hammer and everything else is a nail when actually, there are screws out there – we in the IT industry need a different tool. That's what I say in Red Hat’s marketing too, if you want to pay by the drink – we do that already with our subscription model; you want a layered modular architecture – we do that already. What we have to be careful about is what we understand from customers on what they think the cloud is – and so we are delivering off-premise computing. Off premise could be an option in the long term but what customers are demanding now is a solution. This is where the disconnect is, and this is
You entered pretty late into virtualisation space – how do you see yourself placed in the market within the next 3-5 years? We see ourselves as one of the major players. This is because going forward, architecturally, virtualisation will be a part of the operating system. This is similar to the way 25 years ago you used to buy the TCP/IP stack for networking. Virtualisation is now a feature in the operating system it is not a stand-alone layer. VMware was the first to find the market as a stand-alone hypervisor but there are so many architectural constraints to that. I think our model is superior. We made the switch in November 2009 - before that we were offering our version of Xen - and it was painful for us to explain to our large customers why we were making the change. But, it is really the next generation of virtualisation that is built into the operating system – you can get the benefit of reusing the code and security. Secondly, you get the power of open source and Linux for hardware management. This what we announced at the summit, today with KVM and in the Fall when Red Hat 6 comes out, it will blow away ESX , whether it is in terms of performance, the number of cores supported, server density and other things. And I wish I could take credit for that, but frankly, that credit goes to Intel. In five years our virtualisation share will be roughly the same as our operating system share. It will be difficult to say that for VMware though – when Microsoft and Red Hat both integrate virtualisation in our underlying operating system. This is a very interesting relationship that you share with VMware – you compete with them, yet you support that
A QUESTION OF ANSWERS
too. Yes, it’s the same with Microsoft. We support HyperV on Red Hat Enterprise Linux(REL) and they support REL on Windows. Its an interesting set of relationships, but it is really important. They key to the next generation data centres is that they have to be layered. So we are adamant that we will neither lock layers nor provide the alternatives that our customers want at each layer. We have something called cloud foundation for that. It is important for us because we cannot come out with a cloud in a box. Thus it is about giving your customers choice – at the hypervisor level, at the operating system level, at the messaging layer, application layer – all the way up the stack. We call it cloud foundation because it is foundational elements that you can take and set up together. They would help you build and manage cloud. That does not mean that it all has to be on the cloud – it could be on ESX or on Windows. Quite frankly, you cannot run ESX without buying their management suite. You are tied to the layer and stack together. The problem is that as soon as you tie them together, it is very difficult to move things around because you have to hardcode the links. On the other hand, if you have a nice clean layered model you do not face these problems. However, this creates a problem for vendors as it is difficult to make money in these models because they are unable to lock-in their customers. A lot of these spaghetti architectures keep the cash registers ringing. Finally, how do you see Red Hat evolving over the next five years? We are focused on defining the 21st century enterprise architecture. We may not deliver that architecture; we may deliver components of it, but not the whole. We are working hard to ensure that this architecture is defined by open layers that give customers a choice at each and every layer. Obviously, we do not supply every layer, (we are not in the database business) but we are working hard to create that architecture. This is a hypervisor that is open and inclusive, an operating system that can run on any hypervisor, an application server that can run on any operating system. — geetaj.channana@9dot9.in
CTO FORUM thectoforum.com
21 JULY 2010
13
BEST OF
Out of Proportion The LBS bubble - will it burst? Pg 15
ILLUSTRATION BY PHOTOS.COM
BREED
FEATURE INSIDE
Linked to Trouble
DATA BRIEFING
65%
SOCIAL MEDIA SECURITY CONCERNS ARE ASSOCIATED WITH BOTNET AND MALWARE. SOURCE: NIELSEN COMPANY
14
If companies are not careful about having the right controls, use of business social networking could lead them to doom.
S
ocial media is now as common as a cup of coffee. Millions of people each day visit Facebook or Twitter, or spend their time blogging or "wiki-ing" (if that's really even a word!). If those people, however, are your employees, you have to take it seriously. According to the Nielsen Company, business social networking is becoming one of the predominant ways that people interact and communicate with one another professionally. In February 2009, social net-
CTO FORUM 21 JULY 2010
thectoforum.com
BY JEFF SIZEMORE
working sites eclipsed personal e-mail in global reach. While social media can be a good communication tool, there are obvious concerns and risks for corporations whose employees use it. Siphoning precious bandwidth is one concern, which can happen when a large number of employees are sharing the latest YouTube video. However, there are higher risks to be concerned with, which include or could result in cyber security data breeches and costly downtime. Over 65% of these security concerns are associated
LO C AT I O N - B A S E D S O C I A L N E T W O R K
trols in place to deal with an incident or event once it is detected. Finally, when you think about the perimeter, don’t just think about technology. There are also social and physical elements. For example, a clean desk policy and confidential waste program (shredding) will ensure that printed material is destroyed properly and unauthorised personnel cannot copy or take pictures of documents and post them on social media sites.
Compliance Compliance is set up within an organisation to ensure that proper controls are in place to protect customer data and comply with regulatory requirements. It’s not an option – it’s about being held accountable for the safety and security of a company’s and its customers’ confidential information. If you’re a credit card issuer, you must be compliant with PCI regulations. If you’re a healthcare organisation, you must be HIPPA compliant. At a minimum, it’s important to be compliant within your industry. But due to social media, there are new challenges relative to security infrastructures and breeches, and new areas of concerns for compliance. Social media is a vehicle that social engineers use to gain information on a company that otherwise would not be available. To protect a
BEST OF BREED
company, you have to go beyond just patch policy and management, and configuration management. It’s about ensuring that the security devices protecting your company are up to date. And while many Unix and Windows servers have robust patch and configuration management systems, many of the security controls are not up to date. In the end, it’s important to implement controls, verify that they are working, and produce the evidence in a relative frequency. And be sure that you can quickly identify the breech or vulnerability and take swift action to mitigate the incident. By looking at these four essential areas within a company and implementing a comprehensive security program that “makes it real” for employees, you’ll be protecting the company and its employees, and your risk factor will start to decrease. For now, treat social media with respect because it’s here to stay. Keep an open mind, address the issues at hand, and be thorough with a program that speaks clearly, fills the obvious gaps and outlines consequences.
— Jeff Sizemore is director Product Management at Forsythe. Cisco, Symantec and EMC all recently named Forsythe Partner of the Year. This article has been printed with prior permission from www.cioupdate.com.
Out of Proportion LBS smacks of dot-com era hype. Let's see if the bubble bursts or keeps growing. BY PAM BAKER
ILLUSTRATION BY PHOTOS.COM
F
oursquare, a locationbased social (LBS) network startup, is all the rage at the moment. Valued at $95 million before the latest $20 million infusion from Silicon Valley venture capital firm Andreessen Horowitz, Foursquare appears to be slated for super stardom in the combo social media and location-based services (LBS) arena. But not all that glitters is painted in gold or banked in silver. The year-old Foursquare has yet to show any visible means of generating serious revenue. Given its soaring popularity and its pitiful profit record, this begs the question of whether Foursquare may turn out to be the MySpace-flash in the location based services (LBS) pan.
MySpace, as you may remember, was a forerunner in social media. It was a near overnight sensation with apparently endless potential, albeit with the sketchiest of business models. Still, nearly everyone was certain MySpace was a long-term hit. Indeed, it was billed as "the future" as many technologies are wont to be. But its popularity waned as quickly as it rose and other social media giants sprung forth -namely Facebook, Twitter and LinkedIn -- to shove MySpace aside. Today, MySpace is an albatross around media mogul Rupert Murdoch's neck and hemorrhaging money almost faster than can be counted. Its once impressive numbers of unique visitors are plummeting monthly with only the tiniest of reprieves to cushion the fall: MySpace Music and a glimmer
CTO FORUM thectoforum.com
21 JULY 2010
15
BEST OF BREED
LO C AT I O N - B A S E D S O C I A L N E T W O R K
of a shot as a gaming site in its MySpace Games Lab. If those two attempts fail too, Murdoch will have trouble giving the site away. That's one bitter pill considering he paid $580 million for it. Now Foursquare is flashing plenty of promise at investors but few rewards to users and merchants. While "checking in" is of some amusement initially the actual reward for users is more of the same in a quaint and silly game. There's nothing to hold user momentum and precious little to benefit merchants in the long-run.
Game or utility For there to be any real value to Foursquare specifically, and LBS in general, there must be a shift from game to utility. Perhaps Foursquare will make that leap soon. Certainly Andreessen Horowitz is a savvy group with a long record of making successful companies out of startups. The firm has undoubtedly sized up Foursquare's many shortcomings and the competitive threats rising from the likes of Loopt Star and Gowalla . But Rupert Murdoch is no business slouch either. The media magnate owns such profitable companies as Fox and Wall Street Journal, and the London Times as well as many others. Yet he failed miserably with his now washed out, watered down social media venture. His Midas-touch worked on everything but MySpace. Business and investment savvy, then, may not be enough to overcome a fickle social-networkempowered group of users. "With competition running rampant, Foursquare is faced with leaping tremendous hurdles in order to keep pace," said Kevin Green, vice president of Social Media Marketing at Digital Influence Group. "The MySpace analogy is a perfect example, but the challenges facing all LBS is the limited payoff for users." Indeed, LBS is set for a major shock in the foreseeable future, said Ray Wang, founding partner and research analyst for Enterprise Strategy at Altimeter Group. “A consumer backlash is coming. The first time something big happens like a stalker uses LBS to find and hurt someone or a tax dodger is found by the IRS, users will withdraw to ensure privacy and safety.” Some of Foursquare’s competitors get the user payoff issue and have already
16
CTO FORUM 21 JULY 2010
thectoforum.com
50%
moved to rectify that problem at Courage to fight alone? least. For example, Loopt Star uTest conducted a recent study is turning LBS into a loyalty showing Foursquare's checkbased offering. It is essentially ins grew 50% last month with a virtual loyalty card tucked nearly 900,000 check-ins on GROWTH IN neatly in a social LBS game June 4th alone. uTest conducted FOURSQUARE structure. Gowalla, meanwhile, a recent survey of some 300 CHECKINS WITH has teamed with USA Today on professional testers from nearly travel content and travel reward 40 countries who ranked LBS 900K CHECKINS programs. One of the user check-in offerings across several ON JUNE 4 ALONE awards is to be profiled in USA key features including programToday if you win the game. Now ming bugs, location accuracy, there's a benefit that strokes a social media integration, and user's ego! ease-of-use. Foursquare performed best at Loopt and Gowalla are sure to rain on 59.4%; Brightkite came in a close second Foursquare's parade at some point. Fourwith 57.3%; and, Gowalla with 44.7%. Howsquare has other problems as well. "It works ever, opportunities to receive special deals/ on the honour system and I think that's discounts received a historically low score probably going to be its downfall," said across all three apps. Wang. "People can falsely report on Four“Location-based services are unquestionsquare which brings up a trust issue with ably among the hottest segments in the merchants and other users." mobile app space,” says Matt Johnston, Then there are the security problems that uTest’s VP of Marketing and Community. plague all LBS efforts. “That said, I wonder if they will take off as Wang said Foursquare could secure a standalone category like social networks its leadership position by correcting the did, or if they will become a critical feature false reporting issue and bringing into within social networks.” play a LBS loyalty program that strongly The answer to that lies in whether fickle aids merchants. "If merchants could users decide to play and stay and whether learn from Foursquare who their top 20 merchants see enough advantage to pay. patrons are, the time and days their most "It's all about when things become maininfluential customers come into the store, stream," said Peter Shankman, the man what offers drew which customers, in that turned a Facebook page into a PR powother words, offer some useful analytics, erhouse company, HARO (Help a Reporter then Foursquare would have a solid, Out), and sold it for untold millions to sustainable offering." Vocus, a PR management software vendor. "Enough people now have GPS in their devices – and enough restaurants and stores see the value proposition of getting their people in the door – that I don't see Foursquare going away anytime soon."
With competition running rampant, Foursquare is faced with leaping tremendous hurdles in order to keep pace. The MySpace analogy is a perfect example.
—A prolific and versatile writer, Pam Baker's published credits include numerous articles in leading publications including, but not limited to: Institutional Investor magazine, CIO.com, NetworkWorld, ComputerWorld, IT World, Linux World, Internet News, E-Commerce Times, LinuxInsider, CIO Today Magazine, NPTech News (nonprofits), MedTech Journal, I Six Sigma magazine, Computer Sweden, NY Times, and Knight-Ridder/ McClatchy newspapers.She has also authored several analytical studies on technology and eight books. Baker also wrote and produced an award-winning documentary on paper-making.
COVE R S TO RY
C LO U D C O M P U T I N G
Cloud is a fitting term for something so shrouded in mystery and hard to grasp. It is being pushed hard by the vendors and it is getting more and more difficult for CIOs to stay anchored and not be swept away by the buzz.
18
CTO FORUM 21 JULY 2010
thectoforum.com
ILLUSTRATION BY SANTOSH KUSHWAHA
CTO FORUM thectoforum.com
21 JULY 2010
19
COVE R S TO RY
C LO U D C O M P U T I N G
Embracing the cloud is ultimately a matter of business and not just technology By Faisal Hoque
IT’S NEARLY IMPOSSIBLE
to pick up a technology magazine or sit through a strategy meeting without encountering a reference to what some consider the next and greatest wave in enterprise computing – the cloud. Cloud is a fitting term for something so shrouded in mystery and hard to grasp. We’re not helped by the plethora of buzzwords that seem to accompany this concept: grid, utility, service oriented architecture (SOA), service management, software as a service (SaaS), platform as a service (PaaS) and so on. It’s easy to get lost in the wonders of the technology and the lofty promises of the new age it will usher in, but we must stay anchored: this is ultimately a matter of business, not technology. And, as such, its usefulness must be assessed in the context of the enterprise as a whole. New ways of thinking are required. Investment decisions and the measurement of success will not be about individual technologies, or projects, or even the IT department itself, because the cloud is about the whole organisation. Cloud computing can be thought of as processing and storage done “elsewhere”; meaning, typically, physically removed from the user and, typically, off-site. The user does not need to think at all about the hardware; that is selected and made available by the company that maintains the cloud. In some cases, a user won’t need to think about specific applications they will just specify the functionality they need. In still other cases, a business side customer will employ the functionality without a technology department acting as an intermediary; the strategic and tactical guidance now performed by internal technology departments will reside in the cloud.
20
CTO FORUM 21 JULY 2010
thectoforum.com
C LO U D C O M P U T I N G
EFFICIENCY AND AGILITY While efficiency and cost savings are a legitimate motive for pursuing cloud computing, and will be the initial one for most companies, some see clouds as enablers of innovation and agility. If hardware and software are instantly available and always up to date, and if reliability and privacy are guaranteed, then a firm can focus all of its energy on new business models, experimenting on the fly, and learning from new approaches to finding and satisfying customers. And factoring in the computing resources needed for a new initiative will be a matter of when to push the button. It is best to not get too wrapped up in parsing the various terms associated with the cloud. Utility computing, for example, refers to the pay-per-use or metered approach that Amazon.com uses in its EC2 cloud offering. Electric power is often used as an analogy: you plug in your appliance and don’t really care how the electricity is created or who is doing it. Grid computing refers to the linking of thousands of computers to which pieces of a gigantic problem, often scientific in nature today, are distributed. The grid offers processing power and storage unavailable in a typical single organisation. In practice, organisations will move to the cloud incrementally, shifting portions of their computing needs to it over time. Smaller companies will see immediate payoff in moving completely over to the cloud. Larger companies must wrestle with proprietary systems that are strategically critical and extremely complex and unique business processes that have been built up over time and can’t be easily handed off.
WORK WILL CHANGE What we cannot avoid -- and it is much more difficult than buying servers and software seats -- is the changing nature of work itself. Leading companies are moving toward the convergence of their management of business and technology. This simply means that decision-makers are conversant in each and act on each to advance a corporate strategy. For them, technology is no longer a mysterious activity hidden away in a black box.
The computing tools in the cloud will be represented to the end customer virtually, in non-technical ways, so that he or she can use them without excessive specialty training. At the same time, the customer will be ever more knowledgeable about the potential of the tools and ever more adept at manipulating them.
ENTERING THE CLOUD Deciding to move to the cloud and using it wisely will require the creation of a strategic enterprise architecture (SEA). An SEA is a story of what the organisation is trying to accomplish and how. It includes both the business purpose and the enabling technology, i.e., a business architecture and a technology architecture mapped to it. At the highest level the SEA is expressed in non-technical language anyone in the organisation can understand. An SEA lays out all of the business processes, end to end, incorporating external partners and customers. Most organisations have various documents describing what they do, from the
HAVE YOU ever worried about losing your data in a cell phone crash? You may say that you backup your cell phone data on your laptop. What if you lose your cell phone and laptop at the same time? Solution is simple, park this data on the cloud and sync it whenever you need it. Port contacts from one cell phone to another, without ever worrying about multiple software, different formats and OS of your phone and cables. Check out vodafone360.com or zyb.com Now, imagine the same
COVE R S TO RY
thick notebooks of long-range plans gathering dust on shelves, to various mission statements. An SEA makes sense of those islands of information. It should clearly show where contradictions in purpose and redundancies in execution lie. At its most granular level, the SEA becomes technical: it specifies the various information technologies in use. In leading organisations, these are now expressed as a service oriented architecture (SOA), i.e., software is maintained as modules that can be combined to create applications as needed; sometimes by business users. An SOA can reside within the organisation or in the cloud. An SOA is not a necessity to work in the cloud, but it adds tremendous flexibility as the organisation senses and responds to changes in its environment. Other management capabilities are important, particularly organisational and change management. An SEA should indicate whether existing organisational structures are helping or hindering the overall strategy. This includes entire divisions
RISHI KAPOOR Director -IT, MetLife GOSC
flexibility for your enterprise data. Opening another site will be a breeze with much less complexity and head
ache. Imagine, your CEO and mobile workforce accessing their data/applications securely using any device connected to network without nagging. Cloud Computing is a very promising technology but it has its own challenges that we will have to deal with. Security of data, data privacy and compliance laws, cross border data access are just a few hurdles. But in spite of all the challenges, it’s simplicity to end user, cost efficiency and portability is something which is unmatched.
CTO FORUM thectoforum.com
21 JULY 2010
21
COVE R S TO RY
C LO U D C O M P U T I N G
but also working groups and reporting relationships. It should lead to questions such as: Do we have the right people in the right places? Do they have the training they need? Are their incentives encouraging them to do what we need them to do?
Security concerns are a blocking issue when it comes to cloud computing
MEASURING THE FINANCIAL VALUE These capabilities, and 15 others, are taken from the Business Technology Management Framework, a management standard advanced by the BTM Institute, a sister organisation to BTM Corp. According to this management framework, a maturity model is designed to assess the progress of organisations in adopting these capabilities. It specifies five levels of maturity, which can be determined using an assessment tool. This then would be the first measurement of an enterprise’s readiness to move to the cloud: assessing the enterprise’s management readiness in such areas as strategy and planning, technology investments, and managing partnerships. Cloud computing is not an incremental variant of classic outsourcing. It is more fundamental, and the organisation must be made ready. If it is not, if it blindly pursues the cloud without the clarity of an SEA and with the organisation arrayed as it has always been, then it can expect less than pleasing results. A company could move all or some of its computing to a cloud and simply compare the costs of cloud versus in-house, but that would be missing the larger potential. The organisation might very well be simply trading one source of computing for another in support of redundant or inefficient business processes. If it takes the
49% 14% 16%
14% 7%
Strongly Agree Strongly Disagree
Agree Disagree
Undecided Source: KPMG the Netherlands, 2010
time to create an SEA, however (and this should include both current and desired state scenarios) it can optimise the entire business, not just its technology. An SEA and maturity in these other capabilities can help the enterprise answer such questions as: What information do we need and aren’t getting? How can we get it? What information could we have with the resources of a cloud or grid? Would this give us the basis for a new strategic thrust? How would we benefit from more sharing of information internally and externally? Would a cloud enable this? Is anyone managing each process end to
Large companies must wrestle with proprietary systems that are strategically critical and extremely complex and unique business processes that have been built up over time.
end? How does a process interact or interfere with others? What effect does each process have on customers? Do currently available clouds have the technical sophistication we need? Above all, what can we and should we be doing differently using a cloud? At some point the enterprise will need to answer the big questions: Is the company, as a whole, better off? Is it finding and retaining good customers? Is it delivering new, innovative products to them? Is it adjusting on the fly to changes in customer demand, marketplace realities, new technologies, and competitor moves? Beyond that, what are changes in management and technology doing for the bottom line? Taking the holistic measure of an enterprise’s performance is a rather straightforward process. This measurement can be combined with interim assessments on the efficiency of individual business processes currently and in a projected best state, and the costs of internal versus external computing. In no case should such measures be made in isolation from their impact on customers and the firm’s overall purpose and strategy. Now is the time to wrestle with these issues. Purveyors of the cloud from traditional big-picture providers to relative newcomers are ramping up their capabilities, looking for benefits in joint ventures, and trying to understand the value proposition for future customers. Traditional suppliers of pay-perseat, one-niche software applications are also anxiously wondering how they fit in. Some “big thinkers” are prophesying the end of IT departments as we know them. It is more likely, however, that IT departments will continue but in a new, more strategic role. The CIO will become truly the "Chief Information Officer" as opposed to the Chief Information Technology Officer signifying a shift in focus from the technology to its ultimate purpose. Faisal Hoque is an internationally known entrepreneur and author, and the founder and CEO of BTM Corporation. His previous books include Sustained Innovation and Winning The 3-Legged Race. BTM innovates business models and enhances financial performance by converging business and technology with its products and intellectual property.
22
CTO FORUM 21 JULY 2010
thectoforum.com
C LO U D C O M P U T I N G
COVE R S TO RY
An unsurprising report hides some surprising implications for enterprise private cloud computing. By John Jainschigg
“HONESTLY, it’s not as if anything coming back from this report is hugely surprising,” said Stuart Feil, editorial director at Forbes|INSIGHTS, as we discussed its recent report, “Seeding the Cloud: Enterprises Set Their Strategies for Cloud Computing,” sponsored by EMC. The report summarises the results of a survey of 235 CIOs and other IT executives— more than 90 percent vice president or director level or higher—at companies with annual sales exceeding $500 million. The survey also includes quotes from interviews with five CIOs and CTOs from diverse industries, including health care, government, engineering and energy. Feil’s laconic opener about the report might be taken to mean that nothing important is happening in the enterprise cloud space, but that wouldn’t be accurate. In fact, the Forbes report reveals that “Cloud computing projects are still at an early stage at most companies, if they are happening at all. However, the overwhelming majority of IT executives have at least begun evaluating the benefits of cloud technology, with much of their focus on private clouds.” The Forbes|INSIGHTS report describes a private cloud as one “in which infrastructure and applications are managed and controlled by the IT organisation using
CTO FORUM thectoforum.com
21 JULY 2010
23
COVE R S TO RY
C LO U D C O M P U T I N G
them, whether developed internally or delivered by an external services provider.” In contrast, it labels a public cloud as one “where infrastructure and applications are delivered to multiple clients by a third-party, and housed and managed in that provider’s data centre.” According to Feil, one top-line take-away is that the public cloud still has a way to go to establish real credibility among top-tier enterprise users. (See Figure 1.) Only 4 percent of respondents describe themselves as having a public cloud strategy that they are currently implementing. Most are evaluating (38 percent) and piloting (23 percent) public clouds, and fully 35 percent of respondents say they have no plans to use them. This is not surprising when you consider that core enterprise needs for manageability, insight, security and regulatory compliance are still not well met by the public cloud paradigm. Feil suggests that the emerging picture for an enterprise public cloud is about selective adoption around key applications and work practices (sales, for example), and he suggests that, beyond this, uptake may eventually be seen to map to dynamics such as corporate strategy for assimilating acquisitions, maintaining regional offices, supporting global teams, partnering and federating, letting people work from home and other situational variables. All of these create needs, trends, financial considerations and centre-of-work footprints that resemble those of the small- to medium-size businesses normally considered the sweet-spot for service provider applications. Quite a different picture is emerging for the private cloud, Feil said. (See Figure 2.) While only 7 percent of Forbes’ survey respondents describe their firms as “currently implementing” a private cloud, more than half of the respondents are evaluating them. In addition, a quarter of the respondents have pilots running, and only 16 percent “do not plan to use” this technology. Comparing charts for the two paradigms side by side shows an approximate halving of marketretarding positions (16 percent versus 35 percent that “do not plan to use”), and an almost
24
CTO FORUM 21 JULY 2010
thectoforum.com
Where does your IT organisation stand with respect to public cloud computing? 4% 23% 35% 38% Figure-1
We do not plan to use public cloud computing. We are at the evaluation stage with public cloud computing. We already have some pilot public cloud computing projects in place. We have a strategy for public cloud computing that we are currently implementing.
Where does your IT organisation stand with respect to private cloud computing? 7% 16%
25% 52% Figure-2
We do not plan to use private cloud computing. We are at the evaluation stage with private cloud computing. We already have some pilot private cloud computing projects in place. We have a strategy for private cloud computing that we are currently implementing.
doubling of market-accelerating positions (7 percent versus 4 percent that “are currently implementing”) for the private cloud over the public cloud paradigm. “It’s pretty obvious,” Feil said, “that the private cloud is where the action is now.” The accelerating movement toward implementation of private cloud solutions is being driven hard by every business fundamental and by the whole scope of evolving enterprise IT requirements. It’s also being coaxed along by the nowproven viability of core technologies such as virtualisation and their obvious role in data center consolidation and IT workflow optimisation. Virtually all respondents view cloud technology as enabling cost-reduction, which 89 percent say they are under pressure to realise. The vast majority think that cloud solutions offer a clear path to reaching brass-tacks goals for dynamic compute/storage allocation, application and license management, and backup, as well as to IT-local issues such as workforce management. And a not-insignificant number think the cloud is key to pursuing more strategic goals, including collaboration and improved communications with partners, suppliers and customers. (See Figure 3 ) The “big trend” forces that are driving IT priorities and budgets in the current year—consolidation and virtualisation—tend to support cloud applications. So do still-important goals such as data integration, which is easier in environments that support light, Internetstyle APIs and Web services. Feil pointed out that another key IT priority and budget item—security—clarifies where the dividing line may fall for larger enterprises in evaluating public versus private cloud solutions. “Security is very, very important to these companies,” he said, “and concerns about security clearly retard uptake of public cloud solutions.” On the other hand, Feil added, if you look at things another way, the increased homogeneity, standardisation, improved process, auditability, reduction in number of applications and versions in use, and other direct results of cloud implementations can all be viewed as security positives.
PHOTO BY JITEN GANDHI
C LO U D C O M P U T I N G
Based on the report, the achievement numbers are stellar. For example, under the direction of CIO Geir Ramleth, the international construction firm Bechtel has used cloud technologies—notably server virtualisation—to collapse 27 data centers to just three, totaling about 1,000 square feet. At the same time, Ramleth has produced a suite of remote-cloud solutions called Project Services Network (PSN). These solutions enable Bechtel to set up shop on any continent and support farflung, long-term projects without building or maintaining any local IT infrastructure beyond, as Feil summarises, PCs, a LAN and an Internet connection. In the process, Ramleth’s team has reduced the number of applications they need to support from around 1,600—each with multiple versions—to a little more than 200. “We wanted to find both higher efficiencies and more simplicity,” said Ramleth, who is quoted heavily in the report. “Driving down the number of applications, the number of locations, and the number of physical boxes is important for doing that. The fewer locations you have, the less chance you have to waste, and the less
“ I do not think cloud is a product that a vendor brings to the table. My view of the cloud... is a modern layered architecture” JIM WHITEHURST President and CEO, Red Hat
Read the full interview on page 10
chance you have to mess something up.” Such a simplified system is more agile, more serviceable and more efficient. It also is, at least in principle, more robust and easier to secure. Other benefits include the ease of producing metrics, codifying processes and scaling in different ways to achieve even higher
Please rate how useful cloud computing could be in meeting the following IT objectives. 30% 88%
58% Dynamically allocating computer power
36% 81%
45% Making it easier to maintain or upgrade applications
48% 92%
44% Reducing infrastructure costs
40%
40% 80%
40%
41% 81%
Data backup
Reducing the cost of developing or licensing applications
26%
45% 71%
Enabling internal collaboration
44% 66%
22%
Improving communications with key partners, suppliers or customers Very useful
Somewhat useful
COVE R S TO RY
Figure-3
levels of service, availability, resilience and lower cost. This kind of highly virtualised, consolidated data centre—with its application suite and process envelope— is the latest “new thing,” and it appears as if enterprises need to build this thing, play with it, optimise it, and then learn to manage, scale, secure and ultimately trust it. Unfortunately, the report reveals that CIOs still identify “lack of internal/staff expertise” as an important residual gating factor on private cloud acceptance. But they are learning fast. And once this process has concluded, paradigms such as public clouds may start to look more attractive. Bechtel is already dealing with demand spike by going to the public cloud for data-storage services. The next step, Ramleth predicts, will be to explore running some of their servers in someone else’s data centre. “Once you have reached the point of dealing with this as a cloud service, actually adopting other public services—versus the ones that you’re doing yourself— is not that big a shift,” he said. “You start adhering to the same form of architecture, the same form of technology, the same form of standards and the same form of operating. You pretty much look like peers. The demarcation line between private clouds and public clouds starts to get blurry. At that point, it becomes extremely interesting.”
CTO FORUM thectoforum.com
21 JULY 2010
25
COVE R S TO RY
C LO U D C O M P U T I N G
Cultural values and business context hold the key.
PHOTO BY R CHNDRU
THE ADOPTION
of cloud is purely contextual to the organisation and difficult to generalise. It depends upon the extent to which IT has penetrated into an organisation, and the types of systems— ERP or shop floor management in manufacturing—are being used in business. It also depends upon the number of legacy systems that are being used. If there are a lot of legacy systems, then it is generally difficult to integrate them with standard systems and the cloud may not be the immediate answer. Another aspect to consider is the value system of IT in an organisation. It depends upon whether the organisation uses IT as a transformational tool. Or, simply as a transaction tool to achieve operating compliance. If it uses IT as a transformational tool, and if IT gives the
organisation the benefit of bringing some breakthrough initiatives to improve operational excellence, or bring strategic impact to it—then taking IT into cloud is out of the question. If the organisation considers IT just as a transaction tool and would like to look at IT for ensuring operational adherence, or operational compliance, then IT can get into the cloud without any hindrance. The questions whether processes are all standardised, or they are subject to change with the business context, affect the adoption of the cloud, too. A good example of standardised processes is a petrol bunk— when a vehicle comes into a petrol bunk, employees there have to fill petrol, take money, clean the vehicle—there is no innovation required in the process. These simple situations are best suited for the cloud.
“for regular processes, to get into the cloud, the exit point is more important than the entry point. ” TG DHANDAPANI Group CIO, TVS Motor Company
There are certain organisations where innovation is constantly a challenge—in order to bring cost competency and productivity improvement, or to bring improvements in top and bottom-line performances. Here things are so dynamic that an organisation has no scope of getting into the cloud. But, one good opportunity for using the cloud is in strategic initiatives. When an organisation is getting into a new business it is risky, It does not want to commit to expensive IT resources for it. Also, it would like to get out of business, as and when it wants. Here, the cloud is extremely beneficial since the entry barrier is negligible. But for regular processes, to get into the cloud, the exit point is more important than the entry point. When migrating from a particular vendor, or cloud, how an organisation is able to get the data out is important. It should be able to get data out on the day it wants and the time want because the business cannot wait. This clarity is one of the major concern and a decision-making factor for an organisation opting for a cloud offering. Vendors may be pretty excited about the cloud and are using this as a big marketing push, but the adoption by individual organisation is based upon the cultural values, or the business context, as mentioned. There has been a lot of talk regarding the cloud—let us see when we see the actual thunder in form of deployments. —TG Dhandapani Group CIO, TVS Motor Company
26
CTO FORUM 21 JULY 2010
thectoforum.com
C LO U D C O M P U T I N G
COVE R S TO RY
CLOUD IS projected like that ray of light that CIOs have been looking for. But, like many technologies that promise freedom from regular pain points of technology, it's filled with holes. A lot of refinement and ironing out is needed before we go in for adoption. People say that production environments are difficult. The easiest thing to take to the cloud is e-mail and collaboration services. So, we started off by talking to a few cloud service providers, specifically for e-mail and collaboration services. But the offerings are plagued with loopholes that transfer into concerns for us, and users in our companies. Some of the concerns that are stopping us from moving ahead are: Security and confidentiality: How do we ensure security and confidentiality of the communication? An assurance about compliance standards of service provider may not convince the management. We need to see a few like-minded case studies. Though there is a lot of talk about people using these services, there are still no convincing cases of use that can be quoted. We certainly do not want to be the guinea pigs. No cost advantage: Cloud providers harp on the fact that e-mail on the cloud is extremely cheap, compared to an in-house solution. We don't see a major cost advantage. In the past two years we have been focusing on cost optimisation. At the current spend level; we need to negotiate hard to get a significant cost advantage. Vendor lock-in: We will have to go through a painstaking exercise to port our solutions to cloud as it is, we do not want to be locked in to the vendor–and that is a major concern. If we go to a different vendor today for cost advantage, can we move to any other solution without any loss of data? How fast will we be able to move? Bandwidth usage: In the current scenario, our e-mail and collaboration network works on leased lines. With cloud, the load will be on internet links. There
The cloud may hold a lot of promise, but for now we need to see the results
“ An assurance about compliance standards of the service provider may not convince the management. ” ASMITA JUNNARKAR Chief Information Officer, Voltas Limited
is no way to find out how much more bandwidth do we need. Yes, there are some calculations, but no way to validate the calculations. Data availability: Yes, the data will be available for employees to access from
anywhere, but is there a way to ensure data availability over the long-term? Today, we maintain backup of all communications of separated employees. Will we have similar options in the cloud? Integration: How will we integrate cloud environment with business applications? Will all work flows get transferred to new environment? Or, will we need to create costly new work flows? Statutory requirements: Where would our data be stored? Will we be able to meet statutory requirements of countries? Is there any data to support that the solution meets those requirements? These are the host of questions that have no plausible answers, as we learnt from our experiences. We are using hosted services for collaboration with vendors and customers alike in the Middle East since the past two years. Though this was a business need, we saw a lot of challenges, with the internet bandwidth chocking, and also sensed people’s apprehensions about data security. Yes, we see a lot of promise–but, it is high time that we saw some results also.
—Asmita Junnarkar Chief Information Officer, Voltas Limited
CTO FORUM thectoforum.com
21 JULY 2010
27
NEXT
HORIZONS
AUTHOR SAYS
Well into a contract – do you know how to evaluate whether you’re getting a good deal?
ILLUSTRATION BY PHOTOS.COM
F At the Core of the Deal
What seems like a good deal may be rotten inside. Seven signs that help you know if you are being cheated. BY JEFF VANCE
28
CTO FORUM 21 JULY 2010
thectoforum.com
or many organisations, a good deal is defined at the bargaining table: Did you get the price concessions you wanted? Did you get service add-ons thrown in for free? Are extra features included in the base package? Yes? Well, then it’s a good deal. Software vendors love this line of thinking. It’s lazy and it prevents scrutiny. Seasoned negotiators, on the other hand, evaluate deals the way scouts evaluate pro sports drafts. Despite all of the report cards papers and magazines bandied about, you can’t evaluate the success of a draft until well after the fact. Everything else is guesswork and hot air. The same is true with software vendor contracts. Yet, even well into a contract, do you know how to evaluate whether or not you’re getting a good deal? IT contracts can be so complex that unless the software vendor is delivering an obviously shoddy product or is blatantly falling short on customer service, it’s difficult to judge the deal’s relative worth. Most of us simply don’t have the time to rethink each and every deal. What’s done is done. Think about your personal life. How often have you thought that you were getting ripped off for mobile phone service, broadband, car insurance, etc.? What did you do?
N E G O T I AT I O N S
If you’re like most people, you waited until the contract was up to worry about it. But it’s not a simple matter of procrastination. There’s also the fact that I may spend time looking for a better deal only to end up no better off. Of course, car insurance doesn't usually carry a multimillion dollar price tag or maintenance fee so that's where my analogy ends. For you, here are seven symptoms of a bad deal to help you weigh the relative value of your existing contracts:
1
Limited pricing models (limited to you, that is) - Large vendors have many pricing schemes, and the sheer complexity of them makes it nearly impossible to know which is best for you. Jonathan C. Scott, Partner at Scott & Scott, a business and technology law firm, has represented companies in financial services and insurance that were stuck with a poor pricing model. “We determined that the component parts that made up the vendor’s pricing – a combination of fixed monthly charges, add-on fees and yearly escalators – while good for the vendor, were not aligned with the way the client used those services,” Scott said. Scott renegotiated the pricing model, better matching it to his client’s business needs. The end result was a 56% savings, or roughly an $8 million projected savings over the life of the new contract. As you would expect, software vendors typically offer up the pricing models that guarantee them the highest revenues. That doesn’t mean you should just accept them. The best way to gain insight into pricing structures is through your peers. Otherwise, you may have to sharpen your sleuthing skills.
2
Eyebrow-raising discounts - If your vendor delivers quarter-end discounts, you’re happy, right? Maybe you shouldn’t be, advises Leon Thomas, CEO, Jelecos, an IT services and consulting firm based out of Omaha, NE. “The quarter-end discount is often an affirmation that you weren’t getting the best price to begin with.”
3
One-sided terms - While many one-sided terms, such as unilateral indemnification clauses, often fail to stand up in court, others like exorbitant early termination fees are nearly impossible to escape. One-sided
terms should serve as a red flag, warning you that other terms in the contract may not have your best interests in mind.
NEXT HORIZONS
56%
known issue is that many apps do more than form silos. According to John Locke, founder of Freelock ComputSAVINGS ing, a provider of open-source Web development solutions for Unsupported configuration ACHIEVED BY SMBs, if it’s easy to put data into clauses - Many software vendors structure their contracts SCOTT&SCOTT BY a system, but nearly impossible RE-NEGOTIATING to get it out, you should be conso that any changes to their software or systems results in a loss PRICING MODELS cerned that you’ve been roped into a bad deal. You should worry of support and the invalidation that you’ll be stuck with this deal of warranties. It’s one thing if for years to come or risk losing your data. the software won’t work if you make certain changes; it’s another if the vendor is simply trying to lock you into an expensive propriUnresponsive customer service - This etary platform. one practically goes without saying, but At Jelecos, Thomas was in the process of since companies routinely tout “great cusupgrading the company’s security systems. tomer service” as a competitive advantage, The vendor, however, required them to purwhether they deliver on that promise or not, chase new hardware even though the actual it’s important to remember the old cold-war security product was software-based. “They mantra of, “Trust but verify”. marked the third-party hardware up and enjoyed high margins reselling another venVendor obsesses over requirements docdor’s equipment,” Thomas said. uments - “As a vendor, I think the way The way around this for Jelecos was to run contracts have been done in IT has been a pilot on Jelecos’ existing infrastructure messed up for quite a while,” said Locke. to ensure the vendor that this configura“The single biggest problem is a requiretion would meet the security vendor’s own ments document. It can be used by vendors benchmarks. It did, and Jelecos avoided purto under-deliver, or by customers to extract chasing unnecessary hardware. unnecessary work, or by either side as a stick to beat the other.” The major problem with the requirements Data lock/vendor lock - Piggybacking document is that it’s an artifact from anothon the concept of unsupported configuer industry, construction, that doesn’t transrations is the concept of vendor lock. It’s late well to IT. “Lots of software concepts a common complaint in tech circles, and and terms come from construction: hackfighting vendor lock is one of the clarion ing, builds, project management methodcalls of the open-source movement. Another ologies, resource management, and more,” common tech complaint focuses on data Locke noted. However, when it comes to silos. Applications that don’t share informaIT, the chore of defining requirements is tion limit their value. However, a lesseroften a bigger job than actually implementing them. Moreover, IT software isn’t built out of bricks and mortar, meaning that it’s much simpler to change on the fly. The permanence of buildings and the high expense of making changes well into the project is largely why requirements documents exist in the first place and neither of those factors applies to IT.
4
6
7
5
Vendors offer pricing models that guarantee them the highest revenues. That doesn’t mean you should just accept them.
— Jeff Vance is a freelance writer and founder of Sandstorm Media, a writing and marketing services firm focused on emerging technology trends. This article has been printed with prior permission from www.cioupdate.com.
CTO FORUM thectoforum.com
21 JULY 2010
29
LITTLE GIANTS
MERU CABS
COMPANY DASHBOARD COMPANY’S NAME Meru Cab Company ESTABLISHED April 2007
PHOTO BY JITEN GANDHI
SERVICES AVAILABLE IN 4 cities (Mumbai, Delhi, Hyderabad and Bangalore) NUMBER OF BOOKINGS PER DAY More than 20,000 NUMBER OF CABS 5,000 cabs
ALL TANKED UP
Meru Cabs' implementation of a slew of applications including ERP and CRM is helping it obtain real-time information to take prompt decisions. BY VINITA GUPTA
30
CTO FORUM 21 JULY 2010
thectoforum.com
MERU CABS
M
eru Cab Company is India's largest radio cab ser-
vice provider that started its operations three years back with presence in four major Indian cities, owning and operating 5,000 cabs catering to more than 20,000 bookings per day. Since the company's business model was quite unique and none of the available packages could cater to its processes, Meru built an in-house system to cater to its business needs for the first couple of years. The company had big plans – to be among the largest radio cab companies globally. The company's board soon found that its systems had outgrown their utility. In early 2009 the company decided to look for a best-of-breed, highly scalable system that would also help the company strengthen its governance and control mechanism. The major business challenges that the company faced were inadequate visibility into vehicle procurement; inappropriate utilisation of vehicles, improper cab maintenance and a high closure time. PWC helped define the as-is and to-be processes and float an RFP for the ERP systems to suit the company needs. After an in-depth review and demos, Oracle suite of applications were selected. Oracle E-Business suit 12.1 was selected for Financials (GL, AP, AR, Cash Management, Purchasing, Fixed Assets, Inventory), HRMS (Core, Employee Self Service, Performance Management) and Enterprise Asset Management for Fleet Management and Maintenance. “We kicked off the ERP implementation initiative to achieve a business solution that would support our growth plans by achieving speed, accuracy and cost optimisation in all our operations,” said Nilesh Sangoi, CTO, Meru Cab Company. The solution integrates all major organisational business functions and has enabled Meru to make many policy changes around how they operate. “It has made us more competitive and enabled us to cater to customer/market needs faster,” he said. “In just four months (the system went live in Feb) we have seen around 2% improvement in the cab utilisation rate which means that we will get a Return on Investment on this project within 18 months.”
ERP in place The ERP project started in June 2009. The first phase went live in November 09 and all modules covering all departments went live within a record time of 8 months from project initiation by February 2010. Meru Cabs uses Cab Dispatch System which in turn is connected to Mobile Data Terminal present in the cab which is GPS and GPRS enabled. The entire process of despatch of cars is automated based on the location of customers and cabs and their status in the queue. The ERP system is tightly integrated with the
LITTLE GIANTS
cab dispatch system. An application sends messages to drivers about their daily tasks.
Smart integration Siebel Call Center eAutomotive Edition 8.1.1 was selected for managing the lifecycle of calls made by subscribers and for sales force automation of advertising and sales. Oracle Business Intelligence suite (OBIEE) was selected to build data warehouse and analytics platform. The Siebel system (CRM solution) helps Meru to consider drivers as customers and not as employees of the company. It manages various functions concerned with the running of the business such drivers' recruitment, training cab allocations, payments, performance, grievances, etc. The Enterprise Asset Management solution helps to do project management of procurement, deployment of cabs, automatic scheduling of cabs to workshops based on distance travelled, workshop available capacity and workshop rating. It also helps in creating automated work orders, purchase orders and invoice matching for various maintenance activities such as regular servicing and breakdown and accident repairs. New technology and clever integration has helped Meru Cabs tackle many a problems that crop up while ensuring quality. The company is concerned that the drivers in its fleet adhere to the company's guidelines for appropriate behaviour. So what does it do if a driver whose services were terminated in the past due to disciplinary issues tries to reapply by faking a name and a driving license? A smart integration does the trick – Siebel CRM is integrated with a biometric system that helps identify such situations. “Such checks have helped us maintain the quality of our service,” said Sangoi.
Overcoming roadblocks Seemingly challenging tasks have been carried out by using integration. Could it be possible to assign drivers to cabs depending on the level of training of drivers? The CRM system is a repository of information about trained drivers and the ERP system has information about available cabs. The integration of the system makes it possible to decide which cab has to be allocated to which driver. The ERP solution helped in strengthening and combining all systems together into a single, integrated software program that runs off a single back-end system so that the various departments can more easily share information, have a uniform view of information and communicate with each other more effectively. The company is aiming to attain a fleet of 10,000 cars by 2013 and planning to enter other emerging markets in India and abroad.
“IN JUST FOUR MONTHS WE HAVE SEEN AROUND 2% IMPROVEMENT IN THE CAB UTILISATION RATE WHICH MEANS THAT WE WILL GET ROI ON THIS PROJECT WITHIN 18 MONTHS."
—Vinita.gupta@9dot9.com
CTO FORUM thectoforum.com
21 JULY 2010
31
T E CH F O R G OVE R NAN CE
CIO'S MISSION
5
POINTS
MOVE AT THE SPEED OF BUSINESS REDUCE EXPENSES
PHOTOS BY PHOTOS.COM
MAKE DEMAND MANAGEMENT TRANSPARENT RUN THE SHOP EFFECTIVELY RELENTLESSLY DELIVER AS PROMISED
TEN COMMANDMENTS FOR CIO SUCCESS To stay on top of the game, a CIO can't afford to focus on only the most pressing issue. BY DON DESIDERATO
32
CTO FORUM 21 JULY 2010
thectoforum.com
CIO'S MISSION
CIOs and other IT executives
have a very complicated job. Systems need to run, hardware needs to be up to date, longer-term architecture strategy needs to be developed and executed upon, transformation programmes need to be rolled out, capabilities need to be developed, and proper governance around information security and risk needs to be ensured.
At the same time, CIOs must keep innovating and continuously demonstrate the competence, strength and value of the IT organisation. All of this is going on while budgets are being challenged, e-mail is piling up, and the leadership team is tending to the careers and morale of a complex mix of highly intelligent programmers, analysts and IT support staff. As a result, CIOs can become distracted and focus on one (usually the most urgent) of the many key ingredients that are essential to their success. Why do they do this? Because many times the IT leadership team, the IT organisation and business partners expect them to become very involved when an urgent matter arises. And let’s face it: CIOs enjoy digging into the latest urgent issue—especially if it is technical in nature—because many of them grew up as technologists. As with any typical IT organisation, urgent matters perpetually arise, and the CIO loses track of the most important elements of running the organisation. This is the scene at many organisations, and generally works to the time to the detriment of the CIO. CIOs try many things to avoid this trap. They hire a chief of staff. They ask their executive assistant to incorporate “think time” into their calendars. They go to leader-
ship training. They start lists. They work late. They have staff meetings to “catch up” on what is going on. They cancel town hall meetings. And the list goes on. However, for IT leaders, the real key to success is balance. CIOs must have a balanced list of key responsibilities and focus on all of them every day. To do that, they need to delegate more, trust their leadership, read current research on industry trends and communicate more effectively. Otherwise, business leadership will lose faith, dramatically shortening the CIO’s life span at the company. When running the IT organisation, CIOs and other IT leaders must focus on the broader picture. Their mission is clear: The
CIOs need to delegate more, trust their leadership, read current research and communicate more effectively. Otherwise, business leaders will lose faith.
T E CH F O R G OVE R NAN CE
CIO is foremost a business leader—one who relentlessly delivers IT in support of business objectives, while continually seeking to drive down overall costs. The recipe for success—for the CIO and the business—includes the following 10 ingredients:
1
Run the shop effectively. It seems basic and unglamorous, but this is the most fundamental principle of running IT. Nothing will undermine the credibility of IT leadership more than instability and a broken platform. Without predictable, reliable, and stable systems and infrastructure, permanent progress is not possible. Transformation goals cannot be achieved, building new software (on a broken platform) becomes more difficult, and multisourcing grows immensely more complicated and risky. The CIO must have a seasoned leader running the operational platform, and that individual must also understand the business. Putting a very technical leader in charge of operations won’t work. Rather, the leader must understand and be able to explain the business ramifications of operational issues, in addition to understanding the systems and technology. The operations leader must be able to articulate an operational vision for the organisation. The CIO, IT leadership and the IT organisation as a whole must develop a culture that values operational competency. The CIO should be briefed on operational matters (running the shop) every morning. He or she should know the status of overnight processing, review the key value metrics, and understand the main operational risks and issues (including audit findings, key risk indicators and information security matters).
CTO FORUM thectoforum.com
21 JULY 2010
33
T E CH F O R G OVE R NAN CE
CIO'S MISSION
2
Reduce expenses. Cutting costs is more than simply satisfying the latest mandate of the CFO. CIOs must demonstrate a commitment to reducing expenses perpetually, even in a climate in which budgets increase. A CIO who earns a reputation for financial prudence will quickly earn the respect of executive leadership. Ironically, CIOs who constantly find ways to reduce expenses are given more consideration when they request additional funding or an investment in IT. So, how can the CIO reduce expenses with tight budgets? It starts with culture. IT professionals at all levels know where the waste is. Incorporate cost-cutting goals into performance objectives. Most important, make it someone’s job to find ways to reduce expenses. At the same time, ensure that the organization understands that reducing expenses does not automatically mean eliminating jobs. The CIO should always be looking at the basics, such as the consulting rate structure, existing software contracts and licenses, multisourcing (Step 3), obsolete systems, server consolidation, virtualisation, workforce optimisation, data center chargebacks and storage use.
3
Multisourcing reduces costs and adds value. A strategic partnership with a global partner helps reduce overall expenses, if done properly (without introducing risk into the organisation). The key thing to understand about focusing solely on cost savings is that once the advantages of the cost-benefit analysis are achieved, the CIO receives a pat on the back and a new financial baseline is established, which will certainly be challenged later. Therefore, the strategic value benefit of the relationship is as important as the cost savings. For the CIO, a key strategic value in multisourcing is agility—the ability to quickly ramp up and ramp down. This capability allows the CIO to run as lean as possible, while still being able to react quickly to new initiatives. Additionally, offshore partners provide expert global advice, which should be regularly leveraged. In addition, it is important to tap the sourcing partner for ideas on cost reduction and for its expertise when evaluating new projects or initiatives.
34
CTO FORUM 21 JULY 2010
thectoforum.com
When introducing multisourcing to the IT environment, it is prudent to focus on both the cost savings and the strategic value benefits. Business executives expect IT organisations to employ responsible multisourcing strategies, certainly for costsaving measures. However, CIOs should ensure that they are also deriving value from the relationship.
4
Relentlessly deliver as promised. Nothing helps the reputation of the CIO and the IT organisation as a whole more than delivering what they’ve promised. Therefore, it’s important for the leader to understand how to set realistic expectations for the business, then deliver on time and on budget, and, finally, demonstrate that the promised benefits have actually been achieved.
CIOs who discuss only technical matters will quickly become pigeonholed. However, when CIOs actively contribute ideas, the perception of them broadens.
Here’s the tricky part: Business leaders tend to be unrealistic about what the IT organization can deliver—and when. So it’s up to the CIO and delivery leader either to set the proper expectations or to continuously deliver meaningful pieces of the project so businesspeople get value sooner, instead of at the end. Metrics are needed to demonstrate the organisation’s success to executive leadership. Be honest about the successes—and transparent during failures. This will bolster the reputation of the IT organisation to the executive leadership and provide an openness that will give confidence to the enterprise as a whole.
5
Move at the speed of business. As a CIO, the last thing you want to hear is that a slow-moving IT organization is preventing a new product from coming to market or enabling your competitors to gain a leg up. This is problematic because the software development life cycle or the complexity of what is being built often takes longer than the appetite of business executives. To combat this problem, the CIO must implement a culture of inclusion. The earlier an IT organisation is involved with innovation (Step 7), the faster it can figure out how to deliver business value. Bringing IT professionals to the table during the incubation stage of innovation can help them better understand requirements and give the architects a chance to figure out how best to build a design strategy that can move at the speed of business. Of course, business partners must be comfortable with having IT at the table earlier in the process. However, if the IT organisation has a good reputation and relationship with the business side of the house, partners are more likely to be open to the idea.
6
Make demand management transparent. Effective demand management is crucial to an IT organization, but many CIOs do not focus on it. The basic premise is that all work the IT organization does should be known, approved and prioritised. There should not be many “gates” into the IT organization through which work is introduced. Instead, there should be a formalised, transparent process. A CIO should
CIO'S MISSION
never hear the words, “What are your folks working on?” And, to the dismay of businesspeople, there should be no back-door way to get things done. Effective demand management is essential for the following reasons: The only way you will know the true productivity of the organization is to know precisely what is being worked on. Work that distracts from priorities is eliminated. Transparency breeds business confidence in the IT organization. By working on only the highest-priority initiatives, the CIO will see an improvement in satisfaction from the business side of the house. Contrary to what the IT organization or business may think, a solid structure around demand management will not make the IT department more bureaucratic; rather, it will make IT more transparent to business management.
7
Don’t align with the business. Be in the business. The CIO and IT organisation should not strive to align with the business, serve the business or design a strategy for the business. Those approaches sound like the IT organisation is a separate entity that is coincidentally working with a particular business entity. The truth is, the IT organization is a crucial component of the business. The CIO is an executive like all other contributing executives, including sales, marketing and product development. By being in the business, IT has a better chance of effectively supporting the mission of the organization. CIOs who discuss only technical matters will quickly become pigeonholed. However, when CIOs actively contribute ideas, the perception of them broadens. Additionally, if the whole IT organization thinks of itself this way, the team’s job satisfaction will skyrocket.
Be honest about the successes—and transparent during failures. This bolsters the reputation of the IT organisation to the executive leadership. that show 99.XX percent availability of all systems. Metrics should be comprehensive and cover the entire organization, including planning and strategy, architecture, delivery, operations and quality assurance. In addition, these metrics should be known throughout the organization and be used as a basis for performance objectives. A typical one-on-one meeting between a CIO and each business leader should include a discussion of the key metrics. What’s working well? Where are the danger signs? How are they managing their organizations with these metrics? The CIO also should make sure that business-value metrics are transparent. They should be reviewed with other business leaders regularly, and key issues and trends should be discussed. Nothing contributes to the confidence of the CIO more than a review of the organization through metrics. Using business-value metrics will help inspire confidence.
9
Ensure transformation (continuous improvement). The CIO should consider implementing a culture that values the continuous improvement of the IT organization. This is crucial in helping the CIO and IT staff avoid complacency. IT teams are complex, technology is constantly evolving, and good businesses are also evolving. If IT organizaAVAILABILITY tions are not continually raising their game, their performance IS THE NOT THE will be mediocre. ONLY MATRIX Although developing a transTO MEASUE THE formation program is an effective approach, this may imply SUCCESS OF IT that the project may eventually
99.xx%
8
Measure success through business-value metrics. The CIO must measure organisational success through a well-thought-out suite of business-value metrics. These are more than metrics
T E CH F O R G OVE R NAN CE
come to an end. It must be made clear to the organization that continuous improvement is the true goal. Like many of the other success ingredients, transformation, or continuous improvement, must be inculcated into the culture of the IT organization.
10
Have an architecture strategy— and advance the architecture. So many IT organizations have no stated architecture strategy and no stated evolutionary plan or process to ensure that software is being built with sound architectural guidelines. The CIO must have an architectural strategy (as well as an infrastructure upgrade strategy) based on the mission of the business. It is then OK for the CIO to acknowledge that it is acceptable to evolve over time to the desired state, as opposed to trying to sell an architecture project. The CIO must ensure that the architecture blueprint is widely known across IT and the business, adopted within IT and built into the system development life cycle. There will be a natural tension between the chief architect and individuals responsible for delivering new software, generally because there are competing interests. The architect will advocate for the purest architectural approach, while programmers will sometimes try to take shortcuts because of timeline pressures. This tension is normal and should be embraced.
About the author: Don Desiderato is a principal at Novarica and a former CIO of Prudential Annuities. This article is adapted from his recent report “Ten Essential Elements for Insurer CIOs.”
CTO FORUM thectoforum.com
21 JULY 2010
35
Scale-up is out
Scale-out is in
Being at the helm of product development for nearly two decades in the company, Roland Slee, Vice President, Oracle Database Product Management Team, in conversation with Rahul Neel Mani, thinks it is about time the industry relooks at the way it computes.
36
CTO FORUM 21 JULY 2010
thectoforum.com
ROL AND SLEE
DOSSIER NAME: Roland Slee DESIGNATION: Vice President, Oracle Database Product Management Team PREVIOUS JOB ROLE: Manager at Accenture
Do you think the computing will be done as the industry has predicted or will it change as time passes? I see three primary drivers in the way the world computes. In the current scenario, IT has not yet delivered economies of scale. When there are economies of scale there is consolidation and centralisation. But even today corporates including telcos, banks, manufacturing organisations etc. use hundreds of application silos, which are fragmented and distributed simply because everything is driven by money. If you build a larger, critical system on which your business depends, the price of that growing system outpaces its capacity. From both price and risk points of view, it makes sense to have ten small systems rather than one large system. This has to change. To help IT truly mature, we have to change the architecture in a way that enterprises can deploy one big system that is cheaper, less risky and requires little maintenance. It hasn’t happened yet. We are at the tipping point. Second important thing is a single, unified technical architecture. If you look at the data centre of any large corporation, you will find systems fragmented not only for economic reasons but also for technical reasons. In every business you need to work with at least three styles of computing – transact, analyse and collaborate. Traditionally, both at software and hardware level, these different styles of computing have different architectures. OLTP systems, data mart/data warehousing systems
and communication and collaboration systems in an organisation are all architected differently. However, the way business process flows, one would ideally want to capture transactions, understand their implications and collaborate with others to take action on the insight – in a continuous flow, within one process. In today’s world, the technical environment wouldn’t allow you to put these things together. Today, corporations spend most of their time working in three different silos – moving the data from one process to another. This has to change to bring the processes closer to the data and not the other way round. Thirdly, we need to bridge the gap between the real and virtual worlds. Computer systems are considered to be virtual reality for businesses, but it has a lot of gaps. Typically today, when you look at the warehouse management system, it shows a specific product lying at a specific location but which actually isn’t there. Ideally, the system should be the virtual reality of the real world. Normally, the system is wrong. The
“Today, most companies spend their time updating systems to keep pace with reality.”
NO HOLDS BARRE D
strategic agenda for IT is to make this virtual reality correct. What does IT? IT is transactions processing. Transactions record business events. In case of a warehouse, the product moves out of the shelf and if the systems record that, it should be reflected. Today, most companies spend their time updating systems to keep pace with reality. We need to move to a world where automatic sensing, location-based services and ubiquitous network access are put together which result into self-maintaining of the systems. This will result in continuous monitoring of reality without human beings required to manually key-in the transactions. This will free a lot of time from transaction processing. What is Oracle doing to help CIOs achieve economies of scale without spending huge money on IT? First, let’s talk about how to create economies of scale. The fundamental reason why traditional IT architectures are not able to deliver economies of scale is because of the inherent incapability of the systems in doing so. If you ask any traditional system vendor how to build a scalable system, the answer would be to buy a bigger computer. Bigger computers become exponentially expensive. You get reverse economies of scale. The bigger a system you create, the more internal friction there is, which leads to lesser efficiency. This is precisely why the price rises exponentially. Hypothetically even if you can buy the biggest computer
CTO FORUM thectoforum.com
21 JULY 2010
37
NO HOLDS BARRE D
ROL AND SLEE
which has about 128 CPUs, do you have an estimate how much will it cost to add a 129th CPU? The answer is - infinitely expensive. The crux is that there is a ceiling on scalability, when you are trying to build a scalable environment through bigger, powerful computers. Secondly, there is an inherent risk in doing this. When you are trying to consolidate workloads into large systems, instead of having thousands of users to one system, you are perhaps exposing hundreds of thousands of users to one system. If that system goes down, your entire global enterprise comes to a grinding halt. You cannot afford that sort of downtime. And the cost of avoiding downtime also rises exponentially. Thus the solution here is to move from ‘scale up’ architecture to ‘scale-out’ architecture. Instead of putting clever hardware and software to create scalable and continuously available architecture, CIOs should look at solving it through databases and middleware. This is what Oracle has been doing for 30 years. We make it possible to bring together a very large number of standardised, lowcost computers allowing them to work in concert in a grid or in today’s fashionable language – in a cloud. We may be slow in adopting the language of cloud computing, but from an engineering perspective, we are ten years ahead of the competition. Oracle is perhaps the only company which can manage information in the cloud in a way which is invisible to the applications. Oracles journey from scale-up to scale-out and from ‘big boxes’ to the ‘cloud’ has been invisible to applications. This is the magic. Oracle Exadata, the new database machine is the clearest indication of the strategic importance that we are talking about. Exadata is actually a private cloud. Inside a full rack Exadata system there are 22 servers – 14 storage servers and 8 database servers. You can scale it out up to eight full racks just plugging in cables to network. The architecture never changes; it is identical for any scenario. This is our answer to bring economies of scale to IT for the first time. What about the unified computing? For the last 30 years, Oracle has been working to create better middleware and database technologies which can support transaction processing, decision support and
38
CTO FORUM 21 JULY 2010
thectoforum.com
“The fundamental reason why traditional IT architectures are not able to deliver economies of scale is because of the inherent incapability of the systems in doing so.”
data warehousing, and content management and collaboration on a completely unified, standardised technology stack. We recently released Oracle Enterprise Content Management (ECM) version 11G. The tech stack for this is: Oracle fusion middleware running on Java; running against an Oracle Exadata database machine. Similarly, we have launched Oracle Business Intelligence application as well. In Oracle it doesn’t matter what kind of applications you want to build, the architecture remains identical so that you can put the data in the middle of the architecture and bring the processes to the data. Later this year, we are going to announce the fusion applications. One of the things that they will integrate is the three styles of computing that we talked about – transactions, analysis, and collaboration. This may be true for a homogenous environment. What if the customer has an extremely heterogeneous environment?
Heterogeneity is a norm today. In fact customers should choose the best for their businesses. If I need to describe Oracle’s strategy in four simple words, they would be: functionally complete, open standardsbased, integrated and best of breed. Openness involves embracing the heterogeneity of the customer’s IT environment so that they can make the best choices for themselves. As we build more complete, more best-of-breed solutions, in the long term most customers will find it suitable for their business to deploy what Oracle can offer. But along the way, they may make other choices which are unique for their own industry and it makes sense. Oracle will just make it easier for the customers to adopt these solutions because whatever we do, we use Java, SOA and open standards for easy integration. However, as a best practice advice to customers, we suggest simplifying and standardising the infrastructure to derive better business value.
ROL AND SLEE
The final piece remains unanswered. How can CIOs bridge the gap between the real and virtual environments? The key concept here is the notion of extreme transaction processing. If transactions keep your system in sync with the real world and the real world is changing very quickly, you will, practically, need lots of transactions. Today's customers are looking at extreme levels of performance, which is technically very challenging and expensive to satisfy - Oracle is now building a technology where that level of performance is woven into the architecture. Again Exadata is a good example of how one machine can support a million random I/Os per second. Getting such a performance out of a box is absolutely unheard of. Customers have personally reported that when they adopt this technology, they see a 10-fold increase in performance. In the past, there was normal IT for normal purposes. When there was a need for extreme compute power, companies had to resort to proprietary systems. But today those extreme demands can be met by using
normal, standardised off-the-shelf technology like Exadata. And when you combined that with ubiquitous network like wireless network and smart portable mobile devices, it helps in keeping the systems perfectly in sync with reality. This is the trend. And the business solutions created by Oracle are well in tune with the trend. When you put all these pieces together, you get a massively scalable, continuously available, standards-based grid to handle every kind of data for every purpose keeping in sync with reality. This is the future of enterprise computing. I am compelled to ask if all the acquisitions, done by Oracle till date, were aimed at creating this massively scalable and continuously available grid. I have been studying Oracle since 1987, much before I started working for it. I am convinced that the strategy of the company hasn’t changed ever. It is just the tactics that change. The decision to acquire Sun Micro-
NO HOLDS BARRE D
systems is part of the latest tactics and not a change in strategy. I will try to paint a simple picture for you. The business value in IT is like an upside down pyramid. The biggest value resides in core industry-specific applications. If you are selling a core banking system to a bank, that’s the conversation you will have in the CEO’s office and not the CIO’s office. But if you are selling some storage to a bank, you may probably talk to the CIO or the storage management team. In Oracle, we started with database, went up in the middleware and database tools and then into horizontal applications, which we sold to everybody. After that we got into industry applications mostly through acquisitions. We very smartly integrated the front office to the middle office and the back office and offered a whole suite as one. Progressively, the company is modernising, integrating and standardising the applications to deliver an open, complete, agile, industry-specific footprint for which we have literally no competitor. —rahul.mani@9dot9.in
THINKINGBEYOND CHRIS CURRAN | chris.curran@diamondconsultants.com
CHRIS CURRAN is Diamond Management & Technology Consultants’ chief technology officer and managing partner of the firm’s technology practice. He writes the CIO Dashboard blog at www.ciodashboard.com
Delivering Enterprise Architecture Value Early
Spend majority time working within projects HOW to demonstrate the value of enterprise architecture is a constant question we get from our clients. In fact, a more basic question might be “what is the business value of EA?” We strongly believe that EA should be the way that a business connects its strategy to its technology investment plan – through the use of business capabilities. As good as that might sound in concept, the hard work is in breaking organisational myths and stereotypes. Our experience tells us that the services to be launched (or re-launched) first must show tangible value and their selection should depends upon current maturity and pain points with the existing EA group and IT organisation. Here are several options to show value early.
Launch (or re-launch) Project Architecture Assistance Services These are great services to improve immediately if the EA organisation is young or has struggled to gain the trust of the development organisation. Trust must be developed in the
40
CTO FORUM 21 JULY 2010
thectoforum.com
trenches, so helping projects make decisions and keep projects on track is a good place to start. Our experience indicates that Enterprise Architecture should spend approximately 60% of its time working within projects, helping those projects get through the software development life cycle. The value here is immediate as there should be a positive impact on the delivery of the new business capabilities (e.g. improved speed to market, improved reliability, etc).
Blueprint a High Priority Business Domain If an enterprise or business unit strategy exists and especially if there is some kind of external mandate (e.g. regulatory compliance) you may want to launch a blueprinting effort for the affected domain. Completing a successful blueprint often has a snowball effect. Once the business owners see how their goals and objectives translate into IT initiatives, they typically become converts to the blueprinting process. Business value is derived from the impact the blueprint has on the IT prioritization
Trust must be developed in the trenches, so helping projects make decisions and keeping projects on track is a good place to start.
and delivery time frames. IT knows it is working on the right projects to deliver the greatest business value. The most tangible value, however, is through delivery of the projects identified by the blueprint. This circles back to the first option listed above – architecture assistance and governance. Keep repeating the cycle.
Develop an Enterprise “Core” Blueprint In complex organisations (e.g. a large number of business units / business domains), value can be delivered quickly by identifying the core IT functions that serve as many business units as possible. This requires going through a high level enterprise wide blueprint to understand the use cases that are similar across the enterprise. The future state then describes the reusable technology patterns which can then be sequenced into a roadmap.
Develop a Blueprint For One or More Core IT Capabilities Some companies may have already identified a handful of core IT
P R OJ E C T M A N AG E M E N T
services such as master data, data management, application integration, portal platforms, or B2B integration. The EA group can launch a blueprinting effort focused on one of
these core areas. This effort requires looking across the business domains to understand the business capabilities that would be enabled by the core pattern, and then proposing the
T H I N K I N G B E YO N D
future state technology solution to implement the service. Co-authored by David Baker, Partner and Chief Architect at Diamond Management & Technology Consultants
Is Your Troubled Project Jumping the Shark?
When a project is going awry, network leadership needs to make the right moves. JOHN Sviokla examines Google’s acquisition of travel information company ITA in his post Friday and wonders if they might be taking their eyes off the ball. He stops short of saying Google’s “jumping the shark” with this move, but in view of the growth of Facebook and even LinkedIn, it’s still an interesting question. References to “jumping the shark” have been coming out of nowhere lately to this term that refers to the point in the life of a TV show that it starts going downhill. The term itself comes from the Happy Days episode when Fonzie attempts a water ski jump over a shark. Jumping the shark happens when network leadership senses that something needs to change and starts doing silly things or making cosmetic changes instead of examining what got them there in the first place and fixing anything there that’s broken. For more on the subject, TV Guide lists 19 ways that shows jump the shark and hundreds of examples. As John suggests, there is a decent analogy for businesses. If Google takes its eye off the ball and starts making off-strategy acquisitions, maybe they are jumping the shark. I was wondering if there are similar signs for IT projects. When project leadership senses that something isn’t quite right, do they step back and evaluate the overall plan,
approach, schedule, and business case or do they tweak a few things and hope that it will get better? Thinking through a few good and bad projects, some projects that were starting to slip took both routes – some fixed the core and some just put some makeup on the pig. Thinking of the latter case, here are some signs that your project might be jumping the shark.
Changed the Project Manager It’s important to know if it’s the project manager who is unable to lead the project or the project plan and approach that’s broken. Cut Major Amounts of Scope Scope is an ongoing focus for me. It is may be the most important design aspect of a project because each scope element has business value associated with it. However, “cutting scope” is also one of the most widely discussed remedies on project teams – from the most junior team member to the leadership – when things get tough. Trying to get things on track by cutting large amounts of scope may make the project seem more manageable but it will also likely gut the business value delivered.
Fired the Consultant I can’t think of a time in which a
consultant was asked to leave or whose contract was not renewed before a project finished where the project was successfully completed as planned (yes, this is a self serving, albeit true point). The best case after firing a consultant may be to kill the project and start again. Trying to continue to execute a project planned to optimise the skills and approaches of a 3rd party but without that 3rd party is not a good idea.
Renamed the Project This is more common than you would think. One of my insurance clients has renamed their policy administration system replacement project at least twice and it’s still a few years away from completing. A few years ago, I worked with a wireless telecom firm who named their transformation program with their company name and the year – like “WidgetCo 2007.” Needless to say, when their schedules started to slip, they changed the name and removed the date to de-emphasise how long they had taken. There are certainly reasons for doing these things, but doing them as fixes for an unhealthy core won’t help. Make sure you are changing your project approaches, operating model and staffing for the right reasons and are not “jumping the shark!”
Scope may be the most important design aspect of a project because each scope element has business value associated with it.
CTO FORUM thectoforum.com
21 JULY 2010
41
Author: Claude Roeltgen
HIDE TIME | BOOK REVIEW
“It is permanently necessary to solve problems that others have created.”
One Million Dollars or One Year. Exploring the inner workings of an IT shop.
I RECENTLY READ IT’s Hidden Face a book written by Claude Roeltgen, the former CIO of Credit Suisse in Luxembourg. It explores the inner workings of an IT shop (without a single spaghetti diagram!), and I came away realising it might be the first time I read a book that talks comprehensively about management process and procedures of IT in a no-nonsense manner. Roeltgen ties several sections of the book together with stories and anecdotes that at first appear to be non sequiturs. But after digesting the content, I found that all the pieces worked together nicely (much like an IT department, no?). Take, for example, a short chapter entitled, “The punchcard sorter,” and his tale of eating lobster for the first time. IT planning never truly ends and it tends to eat up more time than we think. But if CIOs and their teams are to lead the charge to get leaner in planning, they must also help their counterparts on the business side make sense of the “organized jun-
44
CTO FORUM 21 JULY 2010
thectoforum.com
gle,” a term Roeltgen uses to describe the state of IT in 2009. A jungle of any sort is a challenging environment to map out, but Roeltgen does an excellent job of diagramming the IT shop. The book devotes significant space to “one million or one year,” the running joke that IT departments reply to project requests with one of two answers (or sometimes both): “It will cost one million,” or “It will take one year.” In my opinion, this section (chapter three) of “IT’s Hidden Face,” is the true heart of the book and I’d almost suggest reading it first. It’s essentially a map for anyone who’s ever wondered about the myriad reasons IT projects can become so expensive and laborious. Roeltgen describes the notion of near-endless planning in chapter five, “Change is the only constant.” As he writes, change brings instability and, therefore, instability is inevitable and permanent within the IT department – as it is in most facets of business. “It is permanently necessary to solve
ABOUT THE REVIEWER
Chris Curran is Diamond Management & Technology Consultants’ chief technology officer and managing partner of the firm’s technology practice. He writes the CIO Dashboard blog at www.ciodashboard.com
problems that others have created.” I think we’ve all grown accustomed to this truism, which also gets to the heart of why planning never ends. IT planning for most companies originates with several IT leaders (with titles like business consultants and portfolio managers) eliciting business requirements for the year, part of a “bottom-up” process. But a CIO needs the ability and the platform within his or her company to say: Here are the 10 projects on our multiyear roadmap and these will guide the majority of our investments, thus greatly streamlining the process. But at the same time, we need to resign ourselves to the fact that nothing we work on today has a great deal of staying power; it’s simply the nature of technology. Roeltgen notes that when we start projects for new systems, we often know from the outset when that project will be decommissioned. If you’ve read Roeltgen’s book, I’m interested to get your thoughts.
HIDE TIME | CIO PROFILE
Run, Walk and Crawl Director of Global Information Services, Applied Materials India WORKING in a start up, getting your hands dirty may be seen as a good way to understand the nuts and bolts of running an IT organisation. But, eleven years ago, in 1999, when Nagaraj Bhat held the role of Director of Technology of Mi8 Corporation, a New York-based service provider, he sought the opportunity to do more. “I had to be very connected to the business issues while planning the IT infrastructure,” he said “VCs were looking for a long, sustainable business models.” The IT plan too had to pass their scrutiny. To his credit, Bhat was a part of the team that helped the company be the first American service provider to obtain 90001:2000 certification. At that time the ASP model was an unproven technology model, but the company did eventually emerge as a market leading application service provider. When in 2002, Bhat moved to Applied Materials India as their head of IS&T, there was a challenge at hand again: learning different policies and procedures and navigating through the larger organisation while the India subsidiary was just being setup. A startup-like environment again.
HUMBLE BEGINNINGS: Bhat was born in a middle class family in a village tucked away in the picturesque coastal Karnataka. He studied at a government school with bare minimum infrastructure and later studied mechanical engineering. Bhat credits his father for giving him the courage and guidance to stay the course and reach his destination through his academic years.
COSING UP TO THE CEO'S THOUGHTS: “What the CEO wants you to Know” by Ram Charan is Bhat's favourite book. The book gets down to the basics and fundamentals of business, Bhat says. “The author describes the key elements of a business model and concludes that it is not too different to run a big company than to sell fruit from a cart or run a small shop in a village,” he says.
Bhat thinks he has benefited a great deal by working in startuups. “I believe that my work with start-ups has helped me cultivate entrepreneurial skills, thus increasing my risk-taking ability and giving me the confidence to tackle unforeseen circumstances.” Run, walk and crawl, all of it.
CTO CTOFORUM FORUM thectoforum.com
21 JULY 2010
45
PHOTOS BY S RADHAKRISHNA
NAGARAJ BHAT
HIDE TIME | CIO PROFILE
Snap Shot Raising the stakes is something that gives Bhat an extra thrill. “I like to challenge the status-quo that ultimately enables the creation of high performance IT capability that supports the rapid pace of business change,” he said. At Applied Materials India, Bhat has risen up the ranks to take on the position of Director of Global Information Services. Conservation of nature and environment are matters very close to Bhat's heart. Green IT isn’t just about the technology; it is also about employee behaviour, he says. Creating a culture of thinking green can help employees remember to minimise printing and turn off the PC when not in use. Bhat's team has introduced innovative activities like identifying the “worst printer in the building”, helping bring about a positive change in employee behaviour. Bhat serves as Country BCP Champion within the Global Business Continuity Program management office framework. In serving this role, he has to prepare the business to deal with disasters and coach the crisis management team members on an ongoing basis. Strongly believing in the concept of enabling senior leaders to develop rising leaders, Bhat makes succession planning a priority. “That (succession planning) is key to ensure that you don’t leave a void when you need to make your next move,” Bhat says. He insists that this should not just be mere talk but senior leaders should leverage the privileged insight gained through their role in the organisation to help rising leaders navigate internal networks. “Senior leaders must create room for rising leaders to reflect and learn from experience,” he says. —By Aditya Kelekar
46
CTO FORUM 21 JULY 2010
thectoforum.com
Digging in the mud: Moderate exercise and Spa therapy are Bhat's mantra to unwind and relieve stress. Spending time with his family – wife, a homemaker and daughter – helps him strike a work-life balance. “When I am at home and not working, I usually watch TV or play with my 2 year old daughter,” Bhat says. Bhat also likes to plant different trees and do gardening in his back-yard. A trip to Germany: Bhat was deputed to Bonn, Germany for a 3 months assignment in 1999. “It was a great business cum leisure trip when I explored many European cities,” Bhat says. He visited five other countries in Europe and had the opportunity to experience different cultures. News redefined! A quote from Jim Morgan, Chairman-Emeritus, Applied Materials is among Bhat's favourite quote. “Bad news is good news, good news is no news, no news is bad news!”
HIDDENTANGENT GEETAJ CHANNANA geetaj.channana@9dot9.in
THE AUTHOR IS Executive Editor, CTO Forum
The Social Media Scope
Save your company from social media slip-ups. APPLE launched the latest version of their iPhone a few weeks ago. As with the iPad, they sold millions of these phones within few weeks. To be exact – close to three million phones in three weeks. However, the bigger the launch, the bigger are the PR hassles. One small spark can quickly explode in to a negative PR that can kill a product. That nearly happened with the Apple iPhone 4. People started reporting of a problem dubbed “AntennaGate”. It was reported that the iPhone 4, which sports a “revolutionary” antenna design–with the antenna going all around the phone's periphery–drops signals if it held in the normal way. Now, that’s a problem. You will need to hold the phone to talk, and if you hold it normally, it would drop signals. Renders the phone useless–right? The whole thing exploded on the web and over social media websites. There were videos on YouTube describing how the signals dropped. There were reports of people receiving e-mails from Steve Jobs saying that, “do not hold it that way”, or “its just a phone”. Now
this, added fuel to the conversations people were having across the world. It made the problem worse. The whole thing was all over the internet in a matter of minutes. Subsequent to this, Apple held a press conference and admitted to some problems. But, the company shared alternative figures, too. According to their figures, only 0.55 percent of all iPhone 4 users complained of antenna-related issues. CNN’s senior editor for Middle Eastern affairs, Octavia Nasr, faced a similar problem. The CNN veteran for 20 years tweeted about the death of Hezbollah leader, and wrote, “Sad to hear of the passing of Sayyed Mohammed Hussein Fadlallah... One of Hezbollah's giants I respect a lot.” The tweet got so much negative attention that she had to lose her job. All her explanations about the reasons for her tweet were buried under the news. The only thing that stood out was the fact that she praised somebody who was hated to the core by her audience. Reports of reporters losing jobs because of what they wrote outside their newspapers, are plenty. But,
“Your employees are no different from others; they may be leaking out confidential information over social networking sites.”
the problem is that though they lost their jobs, the damage that they leave behind is permanent. Your employees are no different from the employees of CNN. A lot of them are on Twitter. They may be leaking out confidential information. The first Indian company to take this seriously is Infosys. It was recently reported that Infosys has a full-fledged social media policy for its employees. The head of HR at Infosys was reported saying that there was an instance when two people working on a project shared information on Facebook regarding the project. It was a serious breach of security, and there was nothing that the company could do to stop it. Not anymore. Infosys' new policy aims to define various dos and don’ts for employees who participate in discussions on the social media sites. But, this is also not a fool-proof solution. It's like a SLA without the monitoring tools to ensure that the SLA is being met. But, it is a start none-the-less. Have you thought of having such a solution? Do let us know.
CTO FORUM thectoforum.com
21 JULY 2010
47
VIEWPOINT STEVE DUPLESSIE | steve.duplessie@esg-global.com
The big battles
ILLUSTRATION BY PHOTOS.COM
Gazing into the future of the big vendors
IBM has been too quiet during the downturn but now seems intent on changing that. The company is diligently working to develop messaging that works – to tell the world what they are and what they want to be. They do great at high-end esoteric junk like “Smart Planet” but have been terrible at arming their soldiers and partners and customers with product and solution rationalization. Granted, it’s a hard problem when you have a billion products, but they haven’t been able to do it at the macro level (between storage, networking, servers, services)–or micro level (when do I sell/buy XIV vs. DS5000 vs. DS8000?). Until this is fixed, IBM garners no efficiency in the selling motion, and will continue to sub-optimise. The good news is they are massive and entrenched, and if/when they do fix this, they will see immediate benefit. IBM’s biggest battle near term will be fought amongst itself. The biggest threat to the majority
48
CTO FORUM 21 JULY 2010
thectoforum.com
of the big players is Oracle now that they have a whole stack approach. We’re watching it in the “level 2 big iron” world – those app environments that use the same stuff as the level 1 transaction systems – but in much greater quantity. Exadata is just the first instantiation of this for the big O. What happens is companies run big iron mainframes or megahuge Unix boxes, Cisco, Symm/ HDS/DS8000s and Oracle in as their transaction systems–at a huge cost. They then build data warehouses, BI systems, decision support systems, etc., by replicating those same transaction systems – only they do it in a much bigger way (10X is normal). This level 2 business is HUGE for those who sell stuff into it. Now Oracle is screwing up a cash cow by coming into your company, finding you out of compliance on your Oracle Dbase licensing, and making the whole problem go away by ripping out what you have and replacing it with a $7m all Oracle stack–hardware
ABOUT THE AUTHOR: Steve Duplessie is the founder of and Senior Analyst at the Enterprise Strategy Group. Recognised worldwide as the leading independent authority on enterprise storage, Steve has also consistently been ranked as one of the most influential IT analysts. You can track Steve’s blog at http://www. thebiggertruth.com
and software. And, it’s working. If you are EMC or NetApp or even IBM, this is bad news. IBM can play the game as they have the pieces, but I’m not sure they have the sales muscle or focus. HP is in the same boat. There are BILLIONS at stake just in the level 2 big iron world. Look for those under threat to be forced to partner or buy in order to negate the threat–namely the Dbase function itself. You won’t beat Oracle as long as they control the rules – and the Dbase controls the rules. You’ll need to find a better/cheaper way – Vertica, Greenplum, etc. are suddenly looking very appealing. This is not lost on VMware either, as Oracle will try to do their own virtualisation thing and keep VMware out. Make no mistake about it – Oracle has the potential to be the most disruptive force in this IT universe, bar none.