IT Next_April_2010 by Manan Mushtaq

Edu Tech December 2009

Editorial

Gates open On July 20, 2006, Bill & Melinda Gates Foundation made it mandatory for all researchers accepting its grant for HIV/AIDS research to share their scientific findings. Here was a man whose company had reaped rich dividends from proprietary IPs, and his foundation was now applying the ‘commons’ philosophy to another area. It indeed had come full circle! The Foundation’s frustration stemmed from the fact that decades of professional secrecy among researchers had impeded development of an AIDS vaccine. Apparently, the Foundation considered that if researchers piggy-backed on each other’s works, it would speed up the development process. That exactly is what ‘open’ is all about: making technologies and researches accessible to the larger community towards larger goals and benefits. Examples include the 1960s’ collaborative telecommunication project (ARPANET) that led to the birth of the Internet in 1969, and the more recent human genome sequencing project. To quote Open Source Initiative president Michael Tiemann: “…free and open source… has opened innovation, and helped the world transcend the limits of conventional industrialisation.” In fact, the modern day growth of automobile sector also owes it to the ‘open’ initiative led by Henry Ford, who challenged the two-cycle gasoline engine patent owned by George B Selden and won it in 1911. That led to the setting up of a new association (now Motor Vehicle Manufacturers Association), which instituted a cross-licensing agreement among all US auto manufacturers. While companies filed patents for the technologies developed by them, these would be shared without any financial consideration among all manufacturers. Closer home, India’s White Revolution is yet another amazing story of how a ‘community’ led work shaped a massive success story called Gujarat Co-operative Milk Marketing Federation or better still, the brand called Amul. What could be more telling of the shift to ‘open’ than the fact that the world is already talking about ‘open source politics’ and ‘open source governance,’ in what amounts to having direct citizen inputs into the governance. Gates all over are swinging inwards for ‘open.’

“Making individual work accessible to the larger community is in interest of larger goals and benefits” S h u bh e n d u Pa r t h

Blogs To Watch! Economic impact of FOSS in India www.iimb.ernet.in/~rahulde/ RD_FOSSRep2009.pdf Open source software web site www.sourceforge.net Your views and opinion matter to us. Send your feedback on stories and the magazine at shubhendu.parth@9dot9. in or SMS us at 567678 (type ITNEXT<space>your feedback)

A p r i l 2 0 1 0 | it next

Content For the l atest technology u PDATES Go to itnext.in

april 2010 Volume 01 | Issue 04

Facebook: http://www.facebook. com/home.php#/group. php?gid=195675030582 Twitter: http://t witter.com/itnext Linked In http://www.linkedin.com/ groups?gid=2261770&trk=myg_ ugrp_ovr

Gaps are closing! Page

The support system has been stable on the server for quite some time, and now the story gets better on the client front too

insights

boss talk

interview

22 On a roll with openware 24 No more expensive upgrades! The leading foam maker is glad it switched to open source. The new system runs 50% faster, is easy to scale and saves Rs 40 lakh per annum

28 Can it get any cheaper? This retail financing major saw its loan-and-collection system go live at one-fourth the cost of a proprietary solution

36 Run social media in safe mode With enterprises planning to use Web 2.0 tools in a big way, internal compliance is becoming the key to keeping silent threats posed by social media at bay

it next | a p r i l 2 0 1 0

06 To be a CIO, think like one | Use the ASK scale to measure

when you are ready for the CIO’s role

30 “Linux is getting better on the desktop” | Prakash Advani debunks the numerous myths that surround Open Source

c ov er des ign/illustratio n: bines h sh rid haran

A do-it-yourself open source framework from an IT manager who’s been there, done it—successfully

itnext.in

MANAGEMENT Managing Director: Dr Pramath Raj Sinha Printer & Publisher: Vikas Gupta

EDITORIAL

Page

Group Editor: R Giridhar Editor: Shubhendu Parth Consulting Editor: Pravin Prashant Associate Editor: Shashwat DC Sr Correspondent: Jatinder Singh

tech race all win! | Zero legacies gave private banks a jumpstart, but PSU banks got on IT fast tracks too—now both are eyeing mobile banking

opinion

08 Tech Talk: Pocket-wise, otherwise too | by Venkatesh

Hariharan, Corporate Affairs Director, Red Hat 11 Money Wise: On the move now | by Vadiraj Aralappana-

var, Head-Mobile Applications, MindTree

15-Minute manager 49 What fails a project | A ‘for the user, by the IT manager’ approach is guarantee for disaster

DESIGN

54 Security | 5 trends that will shape information security in 2010

Sr Creative Director: Jayan K Narayanan Art Director: Binesh Sreedharan Associate Art Director: Anil VK Manager Design: Chander Shekhar Sr Visualisers: Anoop PC, Santosh Kushwaha Sr Designers: Prasanth TR & Anil T

55 Sweat your storage assets | Drifting islands of unused

storage can be tapped to create a large pool and to minimise new buys

sales & marketing VP Sales & Marketing: Naveen Chand Singh (09971794688) Brand Manager: Siddhant Raizada (09990388390) National Manager-Events & Special Projects: Mahantesh Godi (09880436623) National Manager Online: Nitin Walia (09811772466) GM South: Vinodh Kaliappan(09740714817) GM North: Pranav Saran(09312685289) GM West: Sachin N Mhashilkar(09920348755) Assistant Brand Manager: Arpita Ganguli

56 Training Calender | 5 Career booster courses for you

the big Q 57 How to deliver with a soppy SLA? | Managing big ticket

enterprise IT projects 50 Office Yoga | Asanas for BACK PAIN

cube chat 62 Learning is golden | “Lead-

52 Hiring? Use a rulebook | Standardised recruitment, prospect benchmarking and risk mitigation will help make a robust IT staffing plan

ership comes from learning new things and showing others how to apply it to situations,” says Pushkar Raj, Manager IT for Express Retail Services

Production & Logistics Sr. GM Operations: Shivshankar M Hiremath Production Executive: Vilas Mhatre Logistics: MP Singh, Mohamed Ansari, Shashi Shekhar Singh

RegulArs

Office Address Nine Dot Nine Mediaworx Pvt Ltd K-40, Connaught Place, Outer Circle, New Delhi–110 001, India

Editorial _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 01 Letters _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 04 Industry Update _ _ _ _ _ _ _ _ _ _ 12

Printed and published by Vikas Gupta for Nine Dot Nine Mediaworx Pvt Ltd K-40, Connaught Place, Outer Circle, New Delhi–110 001, India

Open Debate_ _ _ _ _ _ _ _ _ _ _ _ _ 64 My Log_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 66

Page

advertiser index IBM Reverse gate fold EMC IFC RedHat 05, 07 HP 09 IBM Advertorial 40-43 London Speakar Bureau IBC Sharp BC

Editor: Vikas Gupta K-40, Connaught Place, Outer Circle, New Delhi–110 001, India Please recycle this magazine and remove inserts before recycling

Printed at: Nutech Photolithographers B-240, Okhla Phase–I, New Delhi–110 020, India © A ll rights reserved: Reproduction in whole or in part without written permission fro m Nine Dot Nine mediaworx Pv t Ltd is prohibited.

a p r i l 2 0 1 0 | it next

INBoX SPINE

IT NEXT

MARCH 2010 / RS. 150 VOLUME 01 / ISSUE 03

BI & BA

SOCIAL MEDIA

XaaS

Page

WE JUST LOST OUR EDIT TEAM!

SPECIAL ISSUE

SECURITY

Page

20 VIRTUALISATION

Page

ENTERPRISE MOBILITY

Page

A 9.9 Media Publication

march 2010

I E

UNIFIED COMMUNICATIONS

GREEN IT

PRIVATE CLOUD

Page

IT NEXT | M A R C H 2 0 1 0

VOLUME 01 | ISSUE 03

DATA CENTRE TRANSFORMATION

M A R C H 2 0 1 0 | IT NEXT

IT NEXT thanks its Readers for the warm response

IT NEXT values your feedback

We want to know what you think about the magazine, and how we can make it a better read. Your comments will go a long way in making IT NEXT the preferred publication for the community. Send your comments, compliments, complaints or questions about the magazine to editor@itnext.in.

www.linkedin.com/ groups?gid= 2261770&trk= myg_ugrp_ovr 300 members

explained very well in today’s context, and ‘Beyond e-mails’ which talks of the fast emerging trend of social networking have been put across very well. Also, experience sharing through articles like ‘Dare to lead’ reiterates the core values and ethics. The concept of sharing 10 best practices brings in encouragement and also provides a platform to share the best of the industry. It not only motivates the doer but also illustrates the best initiatives among the IT mangers’ community, and facilitates more innovations and best practices to happen. On the whole, it’s a wonderful coverage, full of knowledge and wide experiences. PERTISTH MANKOTIA Head-IT | Sheela Foam

The design and visual effect of this issue are good. Content wise, the magazine has definitely made an impact. However, it is difficult to go through the soft copy in the format made available on the Net. While it’s always a pleasure reading the magazine in a hard copy format, can you do something to make the digital issue more readable?

read this issue online http://www.itnext. in/resources/ magazine

S K PALUSKAR GM—Marketing & IT | Excel Industries

Information ahoy! The 9.9 Media team has outdone itself. The magazine is so rich in content that I could not figure out how to prioritise and read. Do I look at virtualisation first or do I read the BI article? It was a good problem to be confronted with, but that also brings up something to think about—how will the average reader prioritise and how will they go through the magazine. While there is a deluge of good and useful information in the magazine, my suggestion is that IT Next should device a way to make it easier for the readers to grasp the information that is there in the articles. Maybe one subject area can be covered in detail while another one can be just touched upon. This approach will give readers some breathing space.

SANJEEV SINHA Director-IT | Epoch Expo

ANAND KUMAR PADMANABAN Founder Director| Career Weaver & SurgeForth Technologies

Congratulations! The March issue of the magazine has come out very well. The cover is extremely eye catching and innovative. The manner of introducing the magazine and ‘people who made it happen’ in different categories—‘40 practical IT managers on tech trends,’ ‘10 influencers on best practices’ and ‘10 IT decision makers as editors’ is really exceptional. All the articles are admirable and very well related to the current scenario. Articles like ‘Enterprise sharpener’ where BI and BA have been

it next | a p r i l 2 0 1 0

Really innovative and amazing The March 2010 issue was really innovative and amazing, both in terms of concept and content. The participation of such a large number of IT managers itself is the proof of the pudding. In fact, I was a little sceptical when the IT Next edit team called me with the request to join one of the editorial panels. After all, this was only the third issue and the plan that the entire magazine would be written by the readers themselves sounded too ambitious. However, I am happy to see that you guys have really pulled it off very well.

ITNEXT<space> <your feedback> and send it to

567678 *Special rates apply

Erratum The price of Fujitsu fi-6800 production scanner as reported on page 65 in the February 2010 issue of IT Next was inadvertently mentioned as Rs 15,995. The company has clarified that it is yet to announce its India price. The error is regretted. —Editor (Note: Letters have been edited minimally, for brevity and clarity)

boss talk | PA Kalyanasundar

leadership

To be a CIO, think like one

verybody yearns for professional growth and promotion. I’m sure you as an IT manager also aspire to be in the CIO’s role at some point in your career, sooner the better. In today’s agile organisations, experience and knowledge alone do not guarantee a journey to the top of the IT organisation ladder. There are other important factors that distinguish a budding CIO from the rest of IT managers. Sure, ambition is one of the important factors. Yet, in the course of my long professional career, I have seen many ambitious and technically competent persons who did not succeed in making it to the big club. Often, I have pondered over the subject and have come to believe that while ambition is important, there is a trait more that is perhaps even more important. That’s attitude or the mindset. It plays a very vital role in developing leadership traits in a person. What exactly is attitude and how does one get it? Well, attitude can be defined as a behavioural trait of individuals as which they come to exhibit as they carry out day-to-day affairs at work or at home. Often these traits are either genetically coded or imbibed early in life, at home and during the school days. These traits mean that faced by the same set of problems, different people react differently. While some take a problem as an opportunity many others tend to see it as a challenge. Now that is what I call an attitude. How do you get an attitude, or the right attitude? Like I said, part of it is encoded and part of it is imbibed. So go, work on it, if you lack it. Let me illustrate. The CIO’s role has changed dramatically over the past decade or so. No longer is he the technologist who looks after the company’s IT infrastructure. The CIO is now more of a confidante of the CEO, who keeps finding new ways to increase

it next | a p r i l 2 0 1 0

“Use the ASK scale of attitude, skill and knowledge to measure when you are ready for the CIO’s role”

Suggestion BOX

The book ‘Who Killed Change’ is a business parable that teaches organisations how to cope successfully with change Writer: Ken Bl anchard Publisher: Harper Collins Price: INR 150.00

the top-line while working to reduce the expenses. The CIO today is a business leader, who is often a face of the organisation dealing with customers, vendors and employees. Thus IT managers must not only have sound technology knowledge, they should have good people management skills. They also need to measure actions in terms of financial considerations and scales like RoI and TCO. So, how will you know that you are ready? Actually, it’s not very difficult. Keep weighing yourself on the ASK scale—attitude, skill and knowledge. While knowledge and skill can be gained over a period of time, one needs to consciously work to acquire the right attitude. Just like a good mentor can help you pick up skills fast, a mentor can give you tips to develop the right attitude too. And most often, an indulgent boss is a good mentor too. So if you have such a boss, maybe you have already got what you need. Once you have imbued the right attitude too, it is often a matter of time that you step into the CIO’s shoes. Remember that to be a CIO, you have to think like one. The author, GM—IT at Bank of India, has over three decades of experience and prefers to be known more as a banker than a technologist

Opinion

tech talk Vadiraj Aralappanavar Head-Mobile Applications, MindTree

On the move now

Photog raphy: girees h gv

nterprises have been waiting for technologies to reach high functional standards and want to understand how mobility can impact their business processes. So far, it’s mostly been a few early adopters that have been deploying mobility solutions, with mobile e-mail leading the way. However, this is set to change over the next few years with mobility growing from just a good-to-have factor to an essential part of the IT infrastructure. Companies take two different approaches to justifying their mobility initiatives. Some organisations focus on cost-cutting measures and benefits, while others focus on mobility solutions to achieve larger business benefits like productivity increase or customer service improvements. Interestingly, a recent Forrester analysis says that approximately 40% of firms are planning to cut the number of employees who qualify for corporateliable mobile data services, and a similar percentage of organisations will decrease the number of employees who qualify for corporate-liable mobile voice services. This is an indication that organisations expect productivity improvements with the use of mobility. Firms continue to use mobile investments to enhance the productivity of employees who are truly mobile such as sales professionals, field service professionals, and logistics personnel. Then there are also categories of employees who work out of their desks. There are mobile applications that can serve this category as well for

it next | a p r i l 2 0 1 0

“Multi-pronged benefits and newer platforms make enterprise mobility viable and a must have” productivity improvements. Mobile applications are also being used by some companies to maintain and improve customer relationships and satisfaction levels. The applications in this area can range from mobile CRM solutions and mobile inventory management solutions to mobile asset management solutions that can provide real-time data to the employees and in turn the customers. This has resulted in significantly decreased calls from field reps to

the customer care team, allowing the customer care reps to focus on addressing complex customer issues. As per a survey conducted by Forrester, mobile sales force automation (SFA) systems are on the radar of the companies and 25% of them are either piloting or using some kind of mobile SFA systems. Another 23% appear to be considering mobile SFA in some manner in the coming year. This indicates that there is a tremendous interest in this mobile line of business application compared to rest of the mobile applications that can be deployed in an enterprise context. Mobile SFA solutions have existed for quite some years now in different forms. Earlier, they were deployed on the rugged proprietary handheld devices. However, certain smartphones are now gaining acceptance as a device option for field forces, in part because they offer higher functionalities for a relatively lower cost. These smartphones are typically the ones based on newer versions of operating systems that are open to thirdparty application development. Their mass market availability has created a wide variety of affordable form factors that span the continuum of voice and data-centric features. Enterprises are evaluating smartphones as the main device for certain types of field workers for three reasons: l To show an always-connected status l Their ability to act as the user’s primary communication terminal l As a platform for mobilising enterprise applications From an Indian perspective, Blackberry has gained a good acceptability as a platform of choice because of the functionality that RIM provides. However, companies are also evaluating lower-cost solutions and even home-grown solutions that can meet their specific enterprise mobility needs.

The author is a hands-on communications and wireless expert with over 12 years of experience in the mobility space

Opinion

money wise Venkatesh Hariharan Corporate Affairs Director, Red Hat

Pocket-wise, otherwise too

Q “

uality. Price. Service. Pick any two,” said a very succinct placard at Damodar’s tailoring shop. Damodar was among the best in the tailoring business and he definitely knew what he was talking about. However, in the software industry, the emergence of open source software (OSS) no longer allows a vendor to dictate terms. The new catch phrase is ‘pick all three’ and not ‘pick any two.’ Take quality for a start. Studies by Coverity have found that the number of defects per thousand lines of code is lower with OSS than with proprietary software. One of the most famous sayings in the OSS community is that ‘many eyes make bugs shallow.’ The open, transparent, community driven development model of open source has lead to the creation of some of the most robust software systems ever built. Those who have migrated from proprietary server operating systems to open source systems will happily testify to this fact. Is it any surprise that 466 out of the top 500 supercomputers in the world run on Linux? Or that mission critical applications like telecom billing solutions, stock exchanges and others are increasingly moving to Linux and other OSS systems? On the price front, the industry has had to deal with the forced upgrade cycles, vendor lock-ins and hugely bloated software licenses imposed by proprietary software vendors. While the development model of OSS is community driven, many commercial vendors have built business models

“To be moneywise, IT managers should focus on all three aspects—quality, price and services” around service and support for OSS deployments. Many top-notch system integrators around the world routinely incorporate OSS in the solutions they offer to their clients. Unlike their proprietary competitors, OSS vendors do not have to incur huge development costs and this enables them to offer high quality software implementations at prices lower than proprietary software vendors. The good news for IT managers is that OSS is no longer restricted to infrastructure software categories like operating systems and middleware, but has expanded to encompass application areas like CRM, ERP, business

intelligence, enterprise portals, content management systems and many others. On the service front, everything boils down to how well the software is implemented and supported. In OSS, commercial vendors usually sell their services in the form of annual subscriptions that have to be renewed. And the quality of services rendered to the client determines whether subscriptions are renewed or not. This gives OSS vendors an inherent incentive to offer good quality services. This gives IT mangers the confidence to actively consider OSS while procuring software, especially where the OSS option is mature and meets their functional requirements. At a macro level, OSS is also becoming a key component in IT solutions. A Gartner study estimates that by 2012, 80% of all commercial software will have some OSS components embedded. Market research group IDC said that open source software is gaining ‘enormous momentum’ and constitutes the ‘most significant all-encompassing and long-term trend that the software industry has seen since the early 1980’s.’ A study done by Prof Rahul De of IIM Bangalore, on the economic impact of OSS in India says that OSS can help India save Rs 10,000 crore. These factors necessitate a shift from opportunistic, piecemeal, tactical adoption of OSS to making OSS an integral component of the overall IT strategy. Given the recent downturn in the economy, cost has been one of the drivers for organisations turning to OSS. However, to be moneywise, they should focus on all three aspects— quality, price and service. In this context, I cannot resist quoting from another placard in Damodar’s tailor shop. “I have no quarrel with competitors who charge less. They know the value of their goods and services.” The author is a journalist turned open source evangelist who works on policy issues like open standards and collaborative innovation

a p r i l 2 0 1 0 | it next

update

SAP revamps BI on demand offerings TECH TIDINGS | SAP has significantly upgraded its Business Objects

(BO) BI OnDemand offering. The offering now consolidates SaaS offerings and presents simpler interfaces for new BI adopters. The upgraded SAP BusinessObjects BI OnDemand unites and replaces two formerly distinct offerings—CrystalReports.com and the past version of BI OnDemand, which was based on the SAP BusinessObjects XI BI suite. The new service delivers a single environment in which users

opern ce sou

The new BI OnDemand unites CrystalReports. com and the previous version of BI OnDemand

Enterprises can save Rs 46,388 million in 2010 if they use FOSS in half of their new PCs (Figures in Rs Million) 70000 60000 50000 40000

Source: Economic Im pact of FOSS in I ndia by IIM- B (Sponsored by Red Hat India)

it next | a p r i l 2 0 1 0

2013

2012

2011

2010

20000 10000

59,692

55,257

50,822

46,388

41,953

30000

2009

Enterprise sales refer to bulk orders from large organisations and governments

trends deals products services people

can harness online versions of familiar tools, including Crystal Reports for reporting, Web Intelligence for query and analysis, Xcelsius as a dashboard and data visualisation, and SAP Business Objects Explorer for fast, in-memory data analysis. According to SAP, the new offering delivers a very intuitive, guided workflow for people of any expertise level. “The backbone of the service is a simple to explore report-share workflow. In the exploration phase, users can find and blend data from their own desktops and corporate sources without being an information management guru,” the company said. The upgrade is also aimed at enabling people with no prior BI to experience access, explore, visualise, and share data, without actually needing to switch between applications. It also gives users the ability to access all on-demand and on-premise data–including SAP data and data from the Salesforce customer relationship management (CRM) application. “It is an on-demand solution for creating ad-hoc reports, conducting what-if analyses, and securely sharing this information inside or outside the company,” SAP said. The company also announced that the offering will include flexible pricing and ease deployment scaling features. However, SAP is yet to announce the pricing and details of data integration options.

Photo graph y: photo s.c om

Update I n d u s t r y

SECURE YOUR LAN

UPGRADE YOUR MAC MEMORY

portable storage solutions

Fortinet has launched new enterprise thin access product line for high performance wireless networking. It enables businesses to control network access, with a single console and helps monitor regulatory compliance.

Strontium has introduced the new Mac Memory module made especially for Macbook, Macbook Pro and iMac users. The new modules are available as 2GB single piece, 4GB single piece, 4GB kit or 8GB kit.

Seagate has introduced new portable storage solutions under the BlackArmor series. The solutions are designed to meet the digital asset management needs of enterprises, with no or limited IT support.

HP, Polycom to collaborate on video conferencing TECH ALLIANCE | HP and Polycom have decided to join hands to consolidate their video conferencing market share. Under the agreement, while HP will sell Polycom’s video and voice solutions for unified communications. HP will deliver its stand-alone solutions as part of the company’s Unified Communications and Collaboration Services portfolio. The partnership aims to enable enterprises leverage the expertise of HP and Polycom for implementing and supporting communications systems to achieve high return on

Deal will intensify the competition between HP and Cisco

investment. The strategic relationship will also support Polycom’s open collaboration network strategy to provide open and

Around The World

interoperable collaboration solutions that give customers greater flexibility and investment protection for their UC environment. The deal, according to industry sources, will intensify the already heated competition between HP and Cisco. Notably, Cisco, which had been providing a range of video-based offerings to HP, recently disengaged their reseller agreement. Cisco has also been moving aggressively into data center and server fields, which traditionally have been strong areas for HP, some years back. According to industry analyst firm Gartner, total demand for visual communication solutions and services is projected to reach US $8.6B, with a compound annual growth rate of 17.8% between 2008 and 2013.

quick byte

Tele-presence market to grow by 64% in 2010 With large businesses increasingly turning to video as an alternative to cut travel cost, tele-presence solutions have been the major gainer. Revenues for ready-built tele-presence suites in Asia-Pacific grew an estimated 71.1% in 2009, up from 46.6% in 2008. For 2010, Frost & Sullivan expects a growth of 64.4%, with revenues of just over US $73.0 million by year-end. The market is expected to grow at a CAGR of 22.9% (2009-2015) per annum, before touching US $110.1 million by end-2015.

Dell founder and CEO Michael Dell at the Nasscom-CEO conclave

“Our India business is growing 100%. We are growing faster than the market, which is growing at less than 100%. We see enormous opportunities for growth in India”

a p r i l 2 0 1 0 | it next

update

Microsoft to release Office 2010 TECH TIDINGS | Microsoft has

Interview Prabha Aithal CTO, CanvasM

The latest version includes online versions of MS Word, Excel, Power Point and One Note

basic home productivity software. According to the company, the Share Point Workspace 2010 will allow users reconnect their laptop to the network with ease as the changes they make offline will get synchronised. The consumer would have to shell US $499 for a box of professional edition, and US $279 for the home and business edition.

India bought 42% more PCs in Q3: MAIT taken together recorded a massive growth 27% and 90% respectively, on ciation for Information Technology a YoY basis. In terms of volume, India (MAIT) has announced that the total bought 0.66 million (6.6 lakh) netbooks PC sales in the country during the and notebooks during the period. October-December (OND) 2009 quarThe study was conducted ter jumped 42% over the same PC sales by market research firm period last fiscal to touch a for 2009-10 expected IMRB and is a bi-annual record 20 lakh volume. This to cross study conducted to address includes desktop computers, the hardware sector’s efforts notebooks and netbooks. to manage the business According to the report, the environment, gauge the sales of desktops stood at 1.35 mn market potential and million (13.5 lakh) units, while units Source: MAIT consumer trends. netbooks and notebooks

TECH TRENDS | Manufacturer’s Asso-

7.3

it next | a p r i l 2 0 1 0

IT NEXT: How would you rate the enterprise mobile VAS offerings on the maturity curve? Aithal: Although mobile VAS offerings are mature for enterprise customers outside India due to availability of 3G, the same is not true of the offerings in India. However for enterprises, who are ready to extend mobility to their employees, the same offerings can easily be customised. There are many innovative applications like mobile conferencing, m-Commerce support and SMS tracker to manage supply chain issues that will see wide acceptability amongst enterprises in coming years. How can IT managers leverage these offerings to draw business benefits for their organisations? IT managers extending mobility to their employees will see increased productivity, loyalty, employee satisfaction by usage of these applications. For instance, there would be no need to come back to office to download proposals, and upload sales data. What are the major deterrents in adoption of mobile solutions? Enterprises today understand the technology well. However, challenges like device provisioning, different browsers preferences, lack of security mechanisms, and ineffective management control can block the acceptability of these solutions. It is hence crucial for an IT manager to make a comprehensive roadmap to make sure that the mobility projects are successful. By Jatinder Singh

Photo graph y: Jayan K Narayanan

announced that it will launch its latest office version MS Office 2010 by this year. The software major has confirmed that it will begin shipping the product to business users and partners from May this year. The latest version of the office suite boasts of online versions of MS Word, Power Point and One Note. This move was perhaps a necessity, rather than the option for the company. The online version would help the company fight the growing popularity of Google Docs as an online alternative to MS Office. Microsoft had already released the beta version of MS Office 2010 and related web applications in November 2009. The company has also announced that it will discontinue Microsoft Works platform, which will be replaced by Office Starter 2010, a

update

IBM announces cloud plans The new plans will help in reducing cycle time and eliminate software defects by up to 30%

TECH TIDINGS | IBM has announced

plans to go online with its commercial cloud service for software development and testing and is now allowing enterprise and government clients to test and develop applications on IBM Cloud. Following a successful beta program, IBM is working with partners in cloud management, cloud security, software development and testing support to provide businesses with a mix of flexibility, scalability, enterprise-grade security and control for development and test on the IBM Cloud.

News @ blog

The new development will help in reducing cycle times from weeks to minutes and eliminate software defects by up to 30%. Experts suggest that while an average enterprise devotes up to 50% of its entire technology infrastructure for development and testing, up to 90% of it usually remains idle. The new developerWorks Cloud Computing resources provide a single point of entry to beta and production cloud environments, as well as a place for visitors to learn how to make the most of cloud computing initiatives.

NETWORKING

Ciena buys Nortel’s Ethernet business Ciena has announced that it has acquired the optical and carrier Ethernet business of Nortel. With over 1,000 customers spread across 65 countries, Nortel had been considered a leader in this market. The acquisition is expected to accelerates Ciena’s position to leverage and innovate in next-generation networks The US $773.8 million, all-cash acquisition, will create the world’s largest supplier exclusively focused on converged optical Ethernet. The company, as part of the integration process, has selected a senior management for the new entity. Ciena further informed that it would retain 85% of Nortel employees. Philippe Morin, previously president of Nortel MEN, has been appointed Ciena’s SVP, Global Products Group. Owing to its bankruptcy filing and the economic downturn, Nortel’s Ethernet business has suffered a decline of 21% from a year ago. The company is expected to announce a comprehensive portfolio update by the end of this month.

IBM loves its own cooking

“The company is doing what it preaches its customers: make computing environment more efficient and less expensive,” says IBM CIO Pat Toole at an analyst meet | Sandy Kemsley in <http://www.column2.com/>

The blog reports that IBM has consolidated 100 data warehouses into a single Cognos environment for 80,000 internal users in their Blue Insight initiative. It expects to add another 30 applications and double the user base in a year. IBM also turned on LotusLive web conferencing for all employees to use for internal and external meetings, logging 200 million minutes last year. a p r i l 2 0 1 0 | it next

<cover_story>open_source</cover_story>

gaps are <head>

</head> <h1>

the_support_system_has_been_stable_ on_the_server_for_quite_some_time,_ and_now_the_story_gets_better_on_ the_client_front_too </h1> <h2> By S h ash wat D C

</h2> The age old war between the two technologiesâ&#x20AC;&#x201D;open source and proprietary software is still very much on. Like the proverbial good versus evil clash, one camp is eager to paint the other camp in black. Lost somewhere in the debate is the real issue. The question one really needs an answer for is which of the two is cheaper, secure, and easier to maintain.

What is in a debate? One of the issues that lot many experts often raise is: are open source and proprietary comparable in the first place? Open source has been around for several decades, thanks to the mainframe legacy, where the computer belonged to the technologist. A breed of technologists emerged who believed in technology for the sake of technology. The proprietary software is a relatively later phenomenon when the likes of Bill Gates and Paul Allen started dealing in software for profit.

it next | a p r i l 2 0 1 0

<cover_story>open_source</cover_story>

closing!

a p r i l 2 0 1 0 | it next

<cover_story>open_source For the last three decades, the war between open source and proprietary has continued, with the technologists driving open source movements and marketers gunning for proprietary stuff. As such, the very characteristics of the two wares have been different, much like the chalk and the cheese. And yet, in the unending battle to be one-up, both camps have also picked up some good features from the other side and improved their offerings. However, for the IT managers, whose prime concern is to ensure that their IT infrastructure is safe, secure, up and running, what really matters is what is affordable and causes lesser headache. Indeed, there has to be a comparison to arrive at the right IT decision, but the ideological debate is frivolous. The two paradigms are to be compared only from an operational standpoint. Let’s do the comparison.

Is it TCA versus TCO? One will certainly like to start with a cost comparison. So for example, how much does it cost to put up a Microsoft server versus a Linux server with similar sets of specifications? That should tell us the story. Sadly, it does not. The devil apparently lies in the detail. So while open source systems are indeed inexpensive to implement compared to proprietary systems, there are a lot of other costs involved, namely administrative and training costs. Because of the pervasiveness of proprietary systems like Microsoft, getting people to work on MS Word is much easier than on an OpenOffice Word processor. And therefore, often the argument is that rather than focussing the total cost of acquisition (TCA), it is better to focus on the total cost of operation (TCO) over the system’s lifecycle. Yet, experts have noted that even on a TCO front, certain open source systems, especially on the server side, work out to be cheaper.

How free is an open ware? It is a known fact that for proprietary systems, the biggest cost component is the licensing. While there are some discounts for enterprise systems compared to home and consumer systems, it still turns out to be hefty. The basic argument is that this high cost ensures that companies are able to invest in R&D and are thus able to release improved versions. But then there are vendors in the open source space too, who also come out with new releases of their open source wares at a steady pace. They also provide support on operational fronts, for a fee, just like the proprietary guys do. These include the likes of Red Hat, Canonical,

it next | a p r i l 2 0 1 0

Does open source work out cheaper than proprietary software? Balwant Singh, Head IT, Indo Asian Fusegear

Definitely, open source gives you a lot of benefits in terms of cost saving, lower downtime, robust and secured system and better performance compared with the proprietary software. Our current operations rely extensively on Linux and other open source software and solutions to provide state-of-the-art redundant services with unparalleled reliability and the lowest possible TCO. At present, we have 70 servers and 1,000 systems across 25 locations in Asia, and all of them are running on Linux OS and open source software. SK Goel, Vice President, Om Logistics

We have more than 3,500 desktops and around 300 servers across the country in 450 locations. All desktops are running on Fedora core and servers on RHEL. We have eight IT executives, who maintain all desktops across the country. Our desktops range from PIII to Dual Core. Even PIII desktops are working fine with Red Hat 7.0 Linux without any problem. I personally feel that comparing Linux with proprietary is software is like comparing a BMW with Nano. I see Linux as a BMW where safety, security and stability are prime concerns, along with other features. Nikunj Karia, Assistant Manager-IT, NDTV

With unrestricted access to the source code to run or modify at will, and support coming from an ad hoc collection of software developers and fellow users, the open-source model is very different from proprietary software. Whether open source software is less costly to administer than proprietary software depends largely on a ready pool of resources trained on the system, the availability of administration tools that allow system administrators to manage a greater number of systems, and the number of version upgrades and patches that are issued by the developer. Satish Mahajan, Head IT-Infrastructure, Raymonds

If you select open source software, it’s a challenge to get the right updates for removing bugs or adding new features. Another important factor is change management. This is one of the biggest challenges that IT professionals face. Technically, everything is possible but how about the acceptability at the users’ end. We need to look at that as one of most important factors, while considering shifting to open source. Study has shown that enforcement of policy from top has always helped in this change management. Shiva Shankar, VP& Head-IT Infrastructure & Security-Operations & Engineering, Reliance Communications

Human psychology is to stay in a comfort zone. When that’s challenged, there is a reverse-kick. Nevertheless, if there is a sound back-end or an in-house system >>Next

<cover_story>open_source</cover_story> Microsoft Licensing Cost (IDSP) Item

Unit Cost (US$)

Quantity

Total Cost (US$)

Server

3,999

59,985

Proxy Server

1,499

MSSQL Server

739

Client

125

134

16,750

Anti Virus

149

7,450

Office Application

350

134

46,900

Operating System

Total Cost

US$ 1,33,323

PKR

79,99,380

Source: PSEB-OSRC

Open Source Licensing Cost (IDSP) Server Ubuntu/Centos

US$ 0

Client Ubuntu/Fedora

US$ 0

OpenOffice

Bundled

Anti Virus

No Need

PDF Writer

Bundled

PDF Viewer

Bundled

Download Manager

Bundled

Mail Client

Bundled

Graphic Design Application

Bundled

PostgreSQL

Bundled

Source: PSEB-OSRC

Five Years TCO (US$) Microsoft

OpenOffice (2006-10)

Operating System Server

2,36,460

Operating System Client

1,28,936

Anti Virus

37,250

Office Application

2,26,622

Deployment Cost

12,750

18,000

Total Cost

6,42,018

18,000

Source: PSEB-OSRC

Novell and even IBM, and of course, Sun (now Oracle). Support for an open source ware from an established vendor helps address support-related issues from the IT manager’s view and is indeed a welcome thing. While this makes the cost differential between proprietary and open source look a little less big, it increases the management’s confidence in the solution.

The manageability issue Proponents of proprietary systems also highlight the fact that managing an open source system is fairly complex and cumbersome. The notion that you need to be a hardcore geek to be able to tinker around with kernels has been much perpetuated over the years. However, while that was true earlier, the scenario has rapidly changed over the past few years. With the open source vendors paying a lot of attention to GUI and ease of use, there is not much difference left between the two. In fact, were you to compare an Ubuntu with Microsoft Windows, there will only be nominal differences between the two. The open source players have understood that to reach out to the mass user base, they need to engage them with simplicity. So one need not be a geek anymore to implement and operate an open source system.

More secure? A big factor that has worked in favour of open source systems is that it is seemingly more secure and robust, as there have not been any major malware affective Linux-based systems. Since Linux is a derivative of UNIX which was built on the foundation of robustness and security, it is often dubbed as robust.

a p r i l 2 0 1 0 | it next

<cover_story>open_source Another thing that works in favour of open source is its higher uptime. It is hardly ever when one hears of a Linux crash. In Linux, the core operating system (kernel) is separate from the GUl (X-Window) and from the applications (OpenOffice, etc), so most of the problems in a Linux environment can be fixed without requiring a re-installation. Another benefit is that all user preferences can be preserved even if the OS needs to be re-installed. The case is quite different when it comes to proprietary systems, as virus attacks are very common to such environments.

How pervasive is it? Proponents of proprietary systems stress that the reason why open source is considered more secure and why it hasn’t faced any major attacks is because of its small scale of deployment. The open source universe is so small that no hacker bothers attacking them, they argue. But dive only a little deeper and this claim turns out to be hollow. For instance, 60% of the Web servers today run on Apache, which is open source. A majority of Smartphones are powered by open source operating systems including Symbian, Android and Linux. A vast majority of websites are powered by open source like Wordpress and 95% of the top supercomputers run Linux. In fact, Linux can be found in Sony TVs, Linksys Routers, Tvios and Nokia phones. Even MacOSX has a kernel that is open source. It will be a fallacy to say that the universe of open source is small. In fact, it is very ubiquitous. One of the best things that open source still has is a wide and highly diffused support base. Help on any topic can be readily found on various forums that propagate open source. Also there are numerous websites that list freeware and applications that can be downloaded and installed immediately. Unlike in a proprietary system, where you are completely by yourself or at the mercy of the vendor, there is a much bigger safety net for open source. All you have to go online and ask for help, like we did while working on this story. In fact, this story will not be over without a big ‘thank you’ to the respondents at IT Next’s LinkedIn forum, after we put up the question if open source was cheaper than proprietary software. Responses just started pouring in. Experts and professionals were soon debating the issue intensely. Some were die-hard open source proponents others came from the proprietary camp. All the responses have helped us analyse the issues and shape this story from an implementation and operational perspective, steering largely clear of an ideological debate!

it next | a p r i l 2 0 1 0

Does open source work out cheaper than proprietary software? engineering team which you can bank upon then you have won half the battle. There is a lot of perception which also needs to be massaged on the way. I know it will make a CFO smile but IT has to struggle a lot before it becomes business as usual. TCO will be little compared to owning a proprietary system and so there is will be a positive ROI. Binu Lakshman, Manager, IT at Honda Siel Cars India

I think what was previously considered as a Linux hype has slowly and steadily become a successful and maturing phenomenon. With the tough economic conditions and a focus on budget cuts, more organisations started adopting open source. They have started exploring it as an alternative to proprietary software. With the open source community growing and maturing, it is definitely a safe and cost-effective alternative to be embraced. I can definitely vouch for open source products as ones that are here to stay. Open source is winning the platform war for sure. Alok Maheshwari, Head IT, Terex Vectra Equipments

Open source ERP is cheap. It’s not really free. You can download, install and use it for free. But most companies using any ERP system will want 24/7 support, bug fixes and free upgrades. Almost all open source ERP vendors offer some kind of support package. The prices are very cheap, comparing to other offerings. Open source software delivers major cost and implementation advantages over traditional software. Hardware costs such as servers can be up to 50% lower with open source software, because the open source code is less storage and processing intensive. Ratnakar Nemani, Head IT & CIO, VST Industries

Open source is cheaper than proprietary initially. Licenses are free but they do not run on their own. OS implementations require good in-house team or consultants. We need to recruit skilled resources with regular trainings and pay high salaries to retain them. Potential Loss in terms of Knowledge is high when IT member leaves the organisation. The cost will be three to four times even in case of audits. Though the initial cost is zero, the operating expense (opex) may be higher than TCO of proprietary software. That also puts RoI under question. SK Rudra, Manager (Group IT), Usha Martin

We at Usha Martin were perhaps first in eastern region of India to migrate in the scale of 700-plus desktops from proprietary software to Linux in 2007. It was multi-location rollout consisting of four manufacturing units and four marketing offices. I and SK Jala, CIO, Usha Martin Group were project leaders. The implementation team’s strength was five, including both of us. Yes, today we can say that we are reaping the benefits of the open-source technology in terms of TCO as well as better levels of IT security. << previous

Edu Tech December 2009

<insight>open_source</insight>

on a roll with openware <head>

</head> <h1>

a_do-it-yourself_open_source_framework_from_ an_IT_manager_who’s_been_there,_done_it— successfully </h1> <h2> By M d. Jaw e d A h me d

</h2> One has seen that the use of open source applications in large enterprises has been increasing over the years. But there is a marked divide on the kind of organisations that venture into open source area. Mostly, the adopters are the educational institutes and the R&D organisations. Commercial enterprises still give open source a wide berth. And the reasons are clear: enterprises still continue to face challenges in using open source applications. Lack of support: No commitments are possible since support is usually on a best-effort basis, and that too by a set of invisible virtual people. Lack of a single point of responsibility: Since it’s not purchased, there is no commercial contract or a transfer of risk to the vendor. Lack of continuity: Open source initiatives are usually driven by innovative individuals in the IT department. When they leave, they take their expertise with them leaving the organisations at a disadvantage. However, despite these factors, it’s still possible to use Open Source applications successfully if enterprises and IT managers use a framework approach to select applications. We, at Sterlite, have been using open source applications quite extensively for the past three years. At present, our file servers, Internet acceleration servers, security firewalls, mail servers, document management systems, project management systems, storage servers, and desktop-level backup applications run on open source. Here, we are not talking of a single location, but multiple, large manufacturing locations on multiple servers. And, we are not running them because they are free. That’s a misconception that many people have. The TCO might be less but it’s certainly not free. The kind of uptime and performance that we get is, if not better,

it next | a p r i l 2 0 1 0

<insight>open_source</insight> definitely as good as provided by the commercial applications. When you run a search, for any single requirement, one will come up with many applications. Logically, as the next step we test them out in a development environment and check out the different features and their technical fitment with the existing architecture. And then in the end, we subject the application to the ‘enterprise litmus test for open source.’ This is the clincher that helps us take the final “go” or “nogo” decision, particularly because unlike commercial applications one doesn’t have a support agreement to seek help from the vendor. So it makes sense to check that the application ecosystem is sound before you commit your enterprise to it. Development activity: As part of this criterion, one needs to check how frequently updates have been coming and what the open bugs or feature requests are. Very frequent updates or very few updates are both problematic. Frequent updates point to an unstable system that requires

frequent tweaking whereas delayed updates point to a dead or dying development cycle. The sweet spot, from our experience, is around two to three updates every year. Development roadmap: Try to find out the roadmap as envisaged by the developers. There should be a plan for at least 18 months ahead. Lack of a clearly defined roadmap normally points to an impulsive application lifecycle. For some applications which are not very critical and are small this can do. But generally when you are planning to deploy an application in an enterprise, there has to be a clear enough roadmap. Forum activity: This is one place where you can get lot of information about the application. First, check the activity on the forum. There has to be a sizable number of members and daily updates with people asking questions and getting answers. Second, check that answers should be provided by more than one person. It should not be that

<!-- There is <no vendor support>

for open sources applications, so the developer ecosystem

should be sound enough before

you commit to it -->

The framework

Identify the application area

List down the available open source applications

Filter them out based on their technical fitment with existing IT architecture

Apply ‘enterprise litmus test’ (read complete text to understand) to shortlisted apps

Implement the application

only one person is providing the answers to all the questions raised by members. Third, look at the kind of questions being raised by members. Is there any pattern? Is there any feature that everyone’s asking for? Or is there some feature that is not working for lots of people? You can go ahead and ask questions yourself and see what kind of responses you get. Developer background: You need to check the background under which the application development got started. How many people are involved? Are they from a common place or whether the organisations are spread out? It’s better if they are spread out. Availability of commercial support: First, you have to check if there are organisations which provide paid support. How is it structured? Is it incident-based? Can it be done remotely? It’s better if there is a mechanism for commercial support. And while all this information can be conveniently sourced from the developers’ site, do not forget to share it with the entire eco-system of your organisation. We have developed this framework based on our experience and have shared it with other organisations as well. Empirical evidence from them also supports the framework. By using the above mentioned criteria, IT personnel can take informed decision regarding the fitment of the particular application to an enterprise’s requirements. If it does not have a good fit, one can still use the application, but in that case there will be an impact on TCO. This is because one needs to either take external help or the IT department will have to devote additional time to the issues arising from the use of the application. The author is Head IT (PTB) at Sterlite Technologies

a p r i l 2 0 1 0 | it next

<strategy>Sheela Foam</strategy>

<head>

no more expensive upgrades! </head> <h1>

</h1> <h2> By Jat i n d e r S i n g h

</h2>

it next | a p r i l 2 0 1 0

Photo graph y: subhojit paul

the_leading_foam_maker_is_glad_it_switched_to_ open_source._the_new_system_runs_50%_faster,_is_ easy_to_scale_and_saves_Rs_40_lakh_per_annum

<strategy>Sheela Foam</strategy> In the midst of a recovering business environment, companies today are swiftly realising the importance of aligning IT requirements with their core business needs. Given that organisations are no longer looking at IT as a support function, IT managers today are not hesitant to evaluate technologies that are ‘value for money’. The only catch is: it should not compromise the performance. A year ago, Pertisth Mankotia, Head-IT at Sheela Foam was thinking on somewhat similar lines. For his company, a Rs 950-crore group and among the top five manufacturers of slab stock polyurethane foam in south-east Asia, the challenge was to reduce dependence on Unix systems, improve the costefficiency ratio, and simplify systems management to improve scalability for business growth.

The genesis Founded in 1972, the firm has a number of manufacturing units in India. Also, there are more than 70 distributors and 3,000 dealers. In order to manage its operations effectively, the company ran an in-house ERP on a legacy server in a proprietary Unix environment. The custom-built ERP was integrated into Sheela Foam’s distribution network. However, owing to the proprietary system, there was too much dependency

on the vendor to test and implement the desired processes to improve functionalities. This was proving to be costly and timeconsuming. Moreover, the legacy system was of limited use and the IT department of the company was unable to introduce new applications for scalability. “Since the ERP solution was hosted on a proprietary product, there was very little room to customise the home-grown ERP solution,” elaborates Mankotia.

The problem

SAN storage: 2,31,664

Prior to the migration to open source, the company was using three Rx (Itanium) series servers and a SAN storage solution. The approximate annual maintenance cost with four hours of critical support was more than Rs 65 lakh. And despite all that investment and cost, the performance was not getting any better. And then, when on a penultimate day, the company’s system went down and took more than 16 hours to recover, Mankotia decided to put his bet on an open source solution. “You can imagine my situation, when my network got down for 16 hours. And I was in no position to take any remedial action. It was really hurting the business” he painfully recollects. “At the end of the day, any system downtime takes a heavy toll on the company’s goodwill

<tr>{Total cost of Rx series servers (in Rupees)} Server 1: 5,86,628 Server 2: 5,52,285 Server 3: 5,75,100

Maintenance cost/annum: 17, 14,013

Annual maintenance cost: 19,45,677 Three year maintenance cost: 58,37,031

Three year up-gradation cost: 8,00,000

Total expense (in three years): 66,37,031 Dell Server with three years Gold Support: 4,00,000

Net saving in three years: 62,37,031</ tr>

and customer satisfaction fronts,” he remarked further. Reflecting back, he also feels that the incident came as a blessing in disguise and prompted the company to consider migrating to an open source solution that could be independently maintained by an internal IT team.

The solution With the proprietary solution, it was difficult to try things out and innovate even if one wanted to. Things like setting up a rack and clone servers were cumbersome and costly affairs. With the open source, there is always an opportunity to add new features and manage them at a much lesser cost. After a careful analysis, Mankotia and his team consulted Dell for a product performance demo. Through with the successful trial, the company decided to go for Dell PowerEdge server with factory installed Red Hat Enterprise Linux (RHEL). In April 2009, the company deployed its home-grown mission-critical ERP application ‘Greatplus’ that was hosted on RHEL. Despite all enthusiasm for the new solution, the core IT team at Sheela Foam had its moments of anxiety as well, for there was still an iota of doubt. Since the previous legacy servers based on the Unix platform were very

“you can imagine my situation, when my network got down for 16 hours. And I was in no position to take any remedial action. It was really hurting the business” P e rtist h M a n koti a , H e a d - I T at S he e l a Foa m

a p r i l 2 0 1 0 | it next

<strategy>Sheela Foam</strategy>

“there were certain reports that used to take lot of time to analyse. Open source has tremendously improved ability of the system to handle such loads” C h a r u B h a r gava B u sin ess A n a lyst at S he e l a Foa m

high-end machines, the team was not sure whether the new server would be able to sustain the load. During the first phase of trail, the company replicated its ERP system on the Dell PowerEdge server, with a load of 300 users. The load was increased to 1,000 users, in the second stage and to their surprise the server handled the load 50% faster than the existing system.

The benefits This migration, to the surprise of many, resulted in annual savings of Rs 40 lakh. Apart from cost savings, Linux gave the company a lot of flexibility in terms of usage as well. What’s more, RHEL has helped the firm deploy its ERP on a single server, compared to the two servers previously required. “In the earlier environment, even a small increase in the load over and above the threshold capacity of the system, required an expensive upgrade. With RHEL and Dell, incremental load can be easily handled by

it next | a p r i l 2 0 1 0

<!-Improvement in overall performance by almost 100% -->

adding another low-cost server,” Mankotia says. “The saved rupees can be better utilised on application development, security hardening and other areas that will further help us to innovate and improve offerings to customers and internal users,” he says talking about the company’s future plans. Apart from offering reliability and flexibility, open source has also been useful in updating the patches and fixes at much lower cost. “We had various units and the load was increasing. There were certain reports that used to take lot of time to analyse. Open source has tremendously improved the ability of the system to handle such loads,” says Charu Bhargava, Business Analyst at Sheela Foam. The uniqueness of this project lies in migration of the missioncritical application for India and Australia (which carries a load of approximately 1,500 concurrent users) from high-end Unix servers to the Red Hat Linux and Xeon server in less than three weeks.

“We can now choose from a wide array of storage solutions. There were many new features like automated mailing which we introduced after shifting to the open source,” adds Mankotia. “Earlier the processing work was really slow and carrying out rectifications based on customer calls, was a big-time issue. After the deployment of open source there is more robustness and prompt support. I am a relieved man,” says Vishal Aggarwal, Assistant Manager-IT Support at the company. The new solutions has also eliminated vendor lock-in, doubled system performance, slashed costs and given the company the ability to independently manage systems. They also are able to focus better on strategic issues to boost the competitiveness of the company. Taking a step beyond, the company has also integrated Open Office with its Greatplus ERP for 1,000 terminals and has achieved further cost savings.

Edu Tech December 2009

<strategy>MMFSL</strategy>

<head>

can it get any cheaper?

</head>

<h1>

this_retail_financing_major_saw_ its_loan-and-collection_system_ go_live_at_one-fourth_the_cost_ of_a_proprietary_solution

</h1> <h2> By S h ash wat D C

</h2>

Suresh Shanmugam, Head– BITS, Mahindra & Mahindra Financial Services (MMFSL), should have been a contented man with the robust growth that his company was able to post on a year-on-year basis. Yet, even as hundreds of company agents from its around 500 branches went about the country financing loans and collecting payments, Shanmugam was constantly thinking of ways and means to automate or ‘technolise’ the whole process. Could there be a mechanism by which collections by agents instantly reflected in the central database? Also, could the central server send alerts to customers

it next | a p r i l 2 0 1 0

confirming that their payments had been received? MMFSL needed all these, and much more, but at an affordable cost.

Getting started Prior to deciding on a solution that would work best for the company, Shanmugam asked his team to map the users of the company on the basis of their roles and requirements. An in-depth study was also done to access how the agents interacted with customers, and what were the specifications of the transactions that were carried out. Based on the study findings, the team put together specifications that would best suit the organisation’s growth plans.

{*Improvement in customer confidence as the payments made by them is updated online and acknowledgment sent via SMS}

<! Elimination of duplication in data capturing (from manual documents), leading to a reduction of back-office manpower to half > < Over 96% reduction in connectivity, power and other recurring costs >

Also, since the aim was to reduce cost and increase productivity, it was decided that open source would be used to achieve the objective. Exceptions were also defined. For example, it was decided that those constituting top 10% of the management would be provided any system they required, based on their needs, closed or proprietary. “The next 20% (in terms of hierarchy) were also to be provided with solutions that suited them. However, it was decided to encourage them to use open solution,” Shanmugam informed. For the remaining 70%, the decision was clear: the

<strategy>MMFSL</strategy> workforce would be moved on to the open source systems in a phased manner.

The solution To automate the business processes, the team set about searching for a handheld device that would enable the company run the necessary business solution. The proposed solution aimed at establishing a seamless linkage between the company’s customers and a centralised database. After much deliberation and search, and close to 22 failed attempts, Shanmugam and his team were finally able to identify one of the smaller hardware vendors to design a solution that mapped with the MMFSL needs. And thus MFConnect was born, a handheld that supported automating the processes. The company decided to take up a new area not automated

so far. Along with the partners, MMFSL went in for the development of software for recording the happenings in the field instantly through handheld devices. Three specific areas were chosen—receipt generation, customer commitment recording and capturing of data pertaining to the visit. Over a period of time, close to 3,000 such devices were introduced within the company with remarkable success. Based on the feedback from the use of MFConnect, in 2008-09, MMFSL went for the next generation of handheld devices, dubbed as BizConnect. The BizConnect devices were revolutionary in the sense that each of these devices could support biometric, camera operation, voice-recording and signature capturing. Thus the agent on the field could now

The system architecture

Web Server

Mobility architecture

Web service side architecture

Build-out and deployment

OS Redhat Linux

OS Linux

SQLite 3 as database

Proprietary SDK from the device vendor

WS Tomcat Apache

C++ for application

Quartz 1.x for scheduled jobs

Encrypted XML for data transfer SQLite3 as database

<!-Identifying the best solution for interface scheduling and design architecture was a tough task. The MMFSL IT team decided to seek experts’ guidance to solve the issues -->

<!-Replication of servers for ensuring zero data loss was a major challenge. Shanmugam and his team had to put in lots of effort in set-up and testing -->

take customers’ photograph, record their voice affirmations (in case they were illiterate), use biometric thumb scans, and update all the information to a centralised database using a GSM connection. “All the applications and software used in the machine were open source, and that really helped us significantly bring down the cost of the handhelds,” explains Shanmugam, adding that while similar handheld devices had a price tag of around Rs 90,000 per piece, the BizConnect cost the company less than one-fourth of the amount. “The decision to get a custom built device that could run on open platform proved an extremely cost-effective proposition for the company,” he reiterated. Today, there are close to 1,000 such devices, and Shanmugam intends to steadily replace the earlier MFConnect devices with the upgraded ones. So far, he did not have any major hassles with the devices after the initial issues had been ironed out. He is extremely happy with the performance of these devices and now, a content man, because he could achieve all of what he had set out for in a very cost-effective manner. An open source enthusiast now, Shanmugam along with his core team is already thinking of the next big automation project for the company.

“all the applications and software used in the machine were open source, and that really helped us significantly bring down the cost of the handhelds” S u r es h S h a nm u gam Head – B I TS , M M FS L

a p r i l 2 0 1 0 | it next

<interview>prakash advani</interview>

<head>

“linux is getting better on the desktop” </head> <h1>

How has the journey for Ubuntu been so far? Ubuntu started five years ago when many of the Linux distributions were not even focussing on the desktop, believing it would be unsuitable for the purpose. We started with the desktop and today we are the No. 1 Linux distributor in the space. We continue to evolve and focus a lot on providing a great user experience, which has been our key strength. We have made a lot of investment in creating better user experience—there have been lot of additions and enhancements from version 8.10 to 9.04, and the existing version 9.10. We are now laying the foundation for the latest 10.04 version, which we call the long-term supported Ubuntu. It will be supported for three years on the desktop and five years on the server. One of the key driving philosophies behind Ubuntu is that it is free and will always remain so; that has helped us a lot in terms of market share gains. It’s a good alternative to the established players in the market. And today enterprises are deploying Ubuntu, and governments and education sectors are also looking very seriously at Linux on the desktop.

it next | a p r i l 2 0 1 0

Photo graph y: subhojit paul

</h1>

<interview>prakash_advani</interview>

a p r i l 2 0 1 0 | it next

<interview>prakash advani</interview> While Linux has found much acceptance on the server front, how would you describe the shift to the desktop front? Actually, Linux is getting better on the desktop. The hardware requirements of Linux are decreasing with every deployment. We have done nine releases of Ubuntu, and for the last eight releases our hardware requirements have remained unchanged at a 300 MHz computer with 256 MB RAM. And that’s a big value addition, as people who deploy it do not need to keep upgrading their hardware with every new release of the OS. The second thing is the licensing fees. Even for the longterm Ubuntu release, where customers can use it for five years; they do not have to pay any fee. Only if they want support from Ubuntu, they pay for the support charges. So that’s a big plus and allows customers to try and then commit themselves to Ubuntu, unlike other OS. It is run off a live CD or you could even run it over a pen drive. So we have reduced the barrier to adoption. Also, what has changed significantly is that we work closely with all the top OEMs, and we do a pre-installed Ubuntu. What this essentially means is that when customers get a machine, it is ready to use with the applications and OS, so there is not much hassle in finding and installing the OS. But there is some hitch associated with Ubuntu because of the philosophical bearings of Open Source, wherein Linux is considered to be complex and tough to handle vis-a-vis proprietary software. Has there been a change in that mindset? Of course there has been a big shift from that arcane view.

it next | a p r i l 2 0 1 0

The evidence is in the way open source has become pervasive over the years. We have the largest collections of applications of Linux. In fact, many of the antivirus gateways run on Linux, and they don’t get affected by viruses. On the contrary, they defend the Windows network from there.

Today, the largest numbers of Internet servers are Linux servers. Google runs Linux, Gmail is on Linux, Amazon runs on Linux, and so does eBay. Wikipedia is also on Linux; in fact, they are an Ubuntu customer. The upcoming Chrome OS is based on Linux. Amazon Kindle runs on Linux, many of the set-top boxes and all the routers

<interview>prakash_advani</interview>

“it’s a myth that anybody can tinker with the Open Source code. Today, 99% of patches get rejected as they come from unknown sources.” P r a k a s h A d va n i run on Linux. Today, some very large banks are using Linux, for them obviously cost is not a factor, security is. Many of the CIOs I have spoken to say they want UNIX or Linux and nothing else.

You have spoken about the user experience on Ubuntu, how much of that is a priority? Linux has been the blue eyed project of the developer community. Yet, there is a significant portion of people who will not opt for your system, unless it is easy and simply to use and Ubuntu has been specifically built keeping in mind the needs and requirements of such users. So for instance, we have a sevenstep installation process, there is a live CD, there is also the option of automatically install, so if you don’t know much about partitioning you can still install it. You can even install it in the Windows partition, or run it from a pen drive. We take lot of pains to ensure that the user does not have to face any sort of complexity when it comes to installing and using Ubuntu. We even have Netbook Remix, for people who use it on Netbook. Besides, we have even learned to have fun and you can see a lot of games on Ubuntu, especially educational games.

The fact that you need not commit to Ubuntu unlike other OS, could also be a factor, right? Indeed, with other systems, people tend to get stuck as there is a significant cost involved, the license will be tied to a machine. So, sometime back I was talking to a large bank: they had Microsoft OEM license, they moved to Open Office, but they had applications linked to Windows, so they could not move out of it. They have these old computers with 256 MB or 512 MB memory and they are just not able to transit those machines, and they cannot upgrade the memory either. They have an OEM license, so they cannot port the OS to a new machine, if they change the motherboard of the machine, the license becomes invalid. So they have no choice. They can either continue with the same infrastructure or change the applications. What are the benefits of Ubuntu, apart from the cost factor? Security is a big plus, as we are well aware that Linux is very secure. It is designed in a way to be robust and secure. We also bundle a tool called Apparma, which provides the security along with the application. What

it actually does is, for instance, if you are running a Web server and assuming that someone manages to break into it, Apparma builds a firewall around the application. Generally, what happens is when someone breaks into a server he or she gets access to everything on it. However, if I run an Apparma profile on Apache and somebody breaks into it, they will not get access to the rest of the system. So Apparma acts as a layer of security around the system. We bundle Apparma even on the desktop, so there is much protection on that level as well.

But the fact that the OS is open could mean that anyone can edit the source code? That’s a myth that being Open Source is unsecure as anybody can tinker with the source code. Today, 99% of patches that Linus Torvalds receives get rejected because they come from someone who is not known. So, there is a much organised structure. Anybody can view the code or make a suggestion, but it gets accepted only after multiple levels of checks. That’s why, while the average industry standard is around 40-50 bugs per 1,000 lines of code, a Stanford study of the Linux Kernel suggests there were just 0.17 bugs for every 1,000 words of code. And the interesting thing is that most of these bugs were already fixed. Today 54% of the Internet is driven by an Open Source application called Apache and if Apache was not secure some of the biggest websites would not be using it. In a sense, Open Source has evolved much like the Wikipedia, which even when being collaborative in nature has been able to maintain highquality content that is universally available. More importantly, it is free..

a p r i l 2 0 1 0 | it next

insight | Security

Run social media in

Il lustrati on: Bi nesh S ree dharan

safe mode

it next | a p r i l 2 0 1 0

Internal compliance is the key when it comes to keeping silent threats posed by social media at bay By D e e pa k K u m a r

Security | insight

Awareness up two-fold, victims six-fold While consumer awareness of phishing attacks has doubled between 2007 and 2009, the number of consumers who reported falling prey to this attack also increased six times during the same period. According to the EMC security division RSA’s 2010 Global Online Consumer Security survey that polled more than 4,500 consumers on their awareness of online threats, while thousands of people join social networking websites each day, nearly two in three (65%) of respondents who belong to these online communities indicated that they are less likely to interact or share information due to their growing security concerns. Social networking websites have become a hotbed for online criminals because of their global reach and the participation by hundreds of millions of active users from all walks of life. This makes these communities prime targets for exploitation by criminals who seek to steal personal information through socially engineered attacks. Reflective of this trend, the survey exposed that four out of five (81%) people using social networking websites displayed concern with the safety of their personal information online. In a similar RSA survey in 2007, one in three (38%) consumers reported they were aware of the threat of a phishing attack— and this figure has doubled in two years when three out of four (76%) consumers became aware. Despite increased awareness, there have been a growing number of online users that have fallen victim to a phishing attack. In the 2007 RSA survey, only one in twenty (5%) consumers cited they had fallen victim to a phishing scam; this rate increased six-times in 2009 to represent three in ten (29%) consumers. This increase can be attributed to more advanced communications tactics and greater sophistication such as improved writing and web design skills on the part of the fraudsters. Phishing attacks have also evolved in an attempt to exploit users in different ways and through a broader variety of methods including offshoots known as ‘vishing,’ ‘smishing’ and ‘spear phishing.’ The sheer volume of phishing attacks launched in recent months is also contributing to these trends. The RSA AntiFraud Command Centre reported the highest-yet detected rates of phishing attacks between August and October 2009, as well as a 17% increase in the total number of attacks between 2008 and 2009. 50% consumers agreed that their identities should be better protected than a simple username and password on social networking.

a p r i l 2 0 1 0 | it next

insight | Security

The biggest data losses of the decade Five million credit card numbers and expiration dates are stolen from Data Processors International— an insider attack is suspected.

Hackers announce the theft of personal data on 46,000 customers from US web hosting firm ADDR.com.

Travelocity exposes data on 51,000 customers on a company web server.

nov 2000

apr 2001

40 million credit card numbers are taken from a hacked credit card processing firm.

mar 2003

jun 2005

Jan 2000

mar 2001

feb 2002

jun 2004

may 2006

300,000 credit card numbers are stolen from online music retailer CD Universe—news is leaked to the web after ransom demands are rejected.

Bibliofind.com, an Amazonowned service website, is breached and records of 98,000 customers are compromised.

A former employee of US financial services firm Prudential Insurance Company is charged with stealing a database of 60,000 clients to sell online.

92 million email addresses of AOL subscribers are sold to spammers.

Details of 26.5 million US Army veterans are stolen by hackers.

Source: Security Threat Report: 2010

it next | a p r i l 2 0 1 0

just makes the IT manager’s work more challenging. Besides, the almost sudden opening up of boundaries has led to a state of action without responsibility. And this has happened when enterprises are still at a stage where security policies are not an integral part of their security strategies. Even in cases where policies have been implemented

Major Concerns

they are not adequately adhered to or employees are able to understand and appreciate their benefits. This has encouraged enterprises to look at security less from a ‘control’ standpoint and take a more inclusive approach. The way security policies are written and observed is changing too. There is more emphasis on educating users at

Firms citing malware as their number one concern with social networking tools

Dec 2009

April 2009

15%

6.9 MySpace

6.5

Twitter

9.3

8.3 Facebook

8.0

10%

LinkdIn

nterprise data security has since long outgrown and evolved beyond the mere functions of antivirus, firewall and intrusion detection. Endpoint security and network security are also no longer all encompassing paradigms. And the rapid adoption of social media at various layers has simply exploded the boundaries that need to be monitored for potentially countless breaches. While the first leg of Internet’s growth into enterprise networks itself added a number of holes into the security fabric, the 2.0 phase has been unnerving to say the least. The traditional security paradigms are just ineffective to this address enterprise security in this era. No controls seem to work. And the debate whether to open up to the social media or not has long been put to rest. It has been accepted that business benefits of social media far outweigh their perils. That, however, does not make those perils look less threatening. In fact, it

Source: www.sophos.com

Security | insight

Japanese telecom firm KDDI admits data on 4 million customers was leaked.

Two CDs containing records on 11 million people are found on a Seoul scrapheap. The data is traced to oil refinery GS Caltex.

UK HM Revenue & Customs loses detailed records of 25 million taxpayers.

Jun 2006

nov 2007

Networks at Heartland Payment Systems are hacked, exposing data on 130,000,000 credit card users.

sep 2008

Hard drives sent for repair are found to contain data on 76 million US Army veterans

Jan 2009

oct 2009

Jan 2007

mar 2008

oct 2008

may 2009

TJX Companies Inc., the global conglomerate that includes T.J. Maxx, T.K. Maxx, Marshalls and Winners, loses at least 45 million sets of credit card details after systems are penetrated by hackers.

12.5 million sets of records on backup tapes are lost by BNY Mellon shareholder services.

T-Mobile Germany loses a hard disk containing information on 17 million customers.

Secret information on the Joint Strike Fighter and President Obamaâ&#x20AC;&#x2122;s personal helicopter were leaked through P2P networks.

various levels and making them aware to the heightened need for protecting information and IT assets in the enterprise.

reckon with. The live streaming of IPL3 is a live testimony to the importance it has gained.

But why social media?

Tackling social media threats

Social media is an increasingly important channel for marketing and branding, among other things. As such, corporate professionals are keen to use it to their advantage. A bad post about a brand on a Facebook channel will probably do more harm to the company than in another media, partly because it can potentially be read by more number of consumers and also because it can be posted to target those very readers who are also likely consumers of the brand. It therefore becomes important for brand managers and marketers to remain updated about such posts and take corrective actions and duly address the concerns of the complainant. More importantly, one needs to proactively reach out to the existing and potential customers on a regular basis, as part of a focused brand building exercise. Social media has become a channel to

Access to a social media site poses risks that are manifold, and yet not so obvious, to the user. For, example, if you access a regular site and download an infected file, the antivirus will warn you or even better, the firewall will block the site itself. In case of a social media, where the user has opened an account and has added a certain set of people to the friends list and joined a few relevant groups, the threat comes in different forms and from various quarters. It can come in the form of an infected link from a friend, who would be merely passing it on without knowing. But more importantly, the threat could lie in the usersâ&#x20AC;&#x2122; profiles created and posted by users themselves. Cybercriminals are on the prowl to harvest detailed personal information posted by users on social networking sites. Social media profiles often

provide a very rich haul of information to hackers, who can analyse these to guess user passwords. In particular, if the users are not very password-savvy and have used names of their cities, spouses, date-of-birth and celebrities they like as passwords, their SNS profiles will easily give away the clues. Worse, often users keep the same password for the public as well as enterprise logins. So if hackers crack users SNS logins, they effectively crack their enterprise logins as well. It is therefore important that users are adequately educated on these aspects so as not to put themselves or their organisations at the mercy of cybercriminals. However, provisioning for measures to address social media threats in the policy document is one step. The next step will be to create user awareness by way of formal sessions as well as information communication channels.

How did you like this story? Send your feedback at editor@itnext.in

a p r i l 2 0 1 0 | it next

Tech for banking

it next | a p r i l 2 0 1 0

tech for banking

tech race

all

in!

Zero legacies gave private banks a jumpstart, but PSU banks got on IT fast tracks too—now both are eyeing mobile banking By S h ash wat D C

Photo graph y: photo s.c om

decade ago or so, banking was a rigorous and time consuming activity. The hours were limited, queues were unending and there were multiple counters to be attended to. Even mundane things like depositing and withdrawing money from one’s own account could take hours. To add to customers’ woes, banking staff was far from being cooperative, partly also because the system encouraged them be so. Today, most of the routine banking activities can be completed from the perimeter of one’s home or office. All one needs is a computer with an Internet connection and your terminal becomes your window to banking. Even more, several banking operations these days can be performed over the mobile as well—a few SMSs back and forth and you are done. The transition of the Indian banking sector from an archaic and rigid structure to a contemporary and flexible one has been almost magical. Within the span of a decade or two, banks have transformed themselves into business houses that are professionally run and managed.

Around

crore banking transactions are done electronically every year

a p r i l 2 0 1 0 | it next

Tech for banking IT has played a pivotal role in bringing about this transformation, which has been rapid but certainly not easy. In his book ‘Imagining India – Ideas for the New Century’, Nandan Nilekani notes an interesting incident from the early 1990s, when he was making a pitch for ‘electronification’ at one of the banks. He received several hostile reactions from representatives of the bank unions in the audience and the chairman of the bank advised him to stop preaching, warning that ‘The unions will gherao you in your house.’ Today, even the union wallahs favour the use of technology.

Early catalysts The big step towards use of technology was taken when the Rangarajan Committee made recommendations for the banking sector in the early 1980s. It was then that some big banks embraced technology and the branch automation or ‘electronification’ got a headstart. Quite a number of PSU banks then took the first plunge and started to automate select branches. On receiving positive feedbacks, the automation was finally extended to all branches. Soon, banks decided to bring the whole system onto a single centralised network and thus corebanking came into being. In the following years, competitive pressures posed by the global banks as also the need to cut flab further compelled PSU banks to take the tech path. According to a report released by Reserve Bank of India (RBI)— Trend and Progress of Banking in India 2008-09—from September 1999 to March 2009, PSU banks invested Rs 17,897 crore on ICT. SBI was the largest spender, at as high as Rs 4,290 crore. While no similar report is available on private sector banks, ICICI and HDFC are the obvious big spenders in the category. PA Kalyansundar, GM (IT), Bank of Baroda, touches upon another aspect that accelerated the need for IT adoption in the banking sector.

it next | a p r i l 2 0 1 0

PSU banks invested

Rupees

17,897 Crore on ICT between September 1999 to March 2009 The ATM Spread

Old private sector banks

29%

Foreign banks

34%

Other public sector banks

Nationalised banks

29%

New private sector banks

Despite the fact that nationalised banks are perceived to be lower on IT implementation, they are actually ahead in terms of ATM spread across the country.

43,651 is the total number of ATMs in the country, as of March 2009 Source: Reserve Bank of India

“Around year 2000, the voluntary retirement scheme (VRS) came into being and about 20% of the workforce availed it. With the volume of business going up, and the number of employees actually going down, the banking sector saw more reason in embracing technology to manage their operations efficiently and profitably. Year 2000 onwards, business at our bank has increased by about 3.5 times with reduced or same staff, majorly because of the use of technology,” he states.

Technology: A leveller While public sector banks were taking baby steps towards the tech bandwagon, private sector banks appeared on the scene. Though flush with funds, these banks needed to be competitive and profitable from the word go. For them IT was not a choice, but a dire necessity. They quickly had their IT departments up and running. With them, the new-age banking became a reality in India, with innovative banking solutions and products designed to woo the consumer. IT played an enabling role. ING Vysya, which came into being in 2002 after Dutch giant ING took over Vysya Bank, was no exception. Almost from the beginning, the bank went on a hyper tech drive. By 2006, the bank had networked all the branches on the core and was offering anytime, anywhere services. CVG Prasad, CIO, ING Vysya, feels that private sector banks that have entered late in the market may have an edge over others. “This is because they did not have to tackle too many legacy issues. Some of the private sector and public sector banks needed to invest in technology to tackle these issues. In our case, we made substantial investments in technology to modernise most of our systems,” he states. Nonetheless, thanks to extensive infusion of capital by public sector banks like SBI, BoI, and others, the differentiating factors between the public sector and private sector banks

tech for banking have come down. An SBI or a BoI today offers all the banking facilities that are offered by the likes of an ICICI or HDFC.

Focus: Core banking Not only in the foreground, there has been much work happening in the back end as well. The most telling proof of that are the ATMs, which have made it possible to withdraw cash from your account while travelling to any other city in the country. A key factor that enabled this convenience was the establishment of the Real Time Gross Settlement (RTGS) system. Because of that, credit pushbased fund transfers are settled on a realtime basis. The facility for inter-bank funds settlement through RTGS is today available across more than 55,000 bank branches, in more than 2,500 regional centres across the country, up from just 4,800 branches in 2004. “The rapid acceptance of RTGS by users can be measured by the daily transaction volume: today, we settle close to 100,000 transactions a day in the RTGS mode, up from just about 6,000 transactions a day in 2004-05. In fact, quick, safe and efficient electronic movement of funds from virtually any part of the country to any other location is now almost guaranteed,” D Subbarao, Governor, Reserve Bank of India had stated at a public forum. Another interesting development is that Indian banks have started to outsource their non-core services in a much bigger way. Usually, the services that are outsourced include hardware and software maintenance, hosting, data centre management, software application support, disaster management, and ATM networks management.

“New-generation private sector banks had a technology edge... they did not have to deal with too many legacy systems” —CVG Prasad, CIO, ING Vyasa

Banks are also engaging the services of BPO companies for things like callsupport services, help-desk support, credit card processing and printing, cheque processing and clearing, ATM cash replenishment, cheque box clearing and collection, loan servicing and data processing. It is estimated that Indian banks save

The facility for inter-bank funds settlement through rtgs is today available in 55,000 branches across 2,500 regional centres in India

“Considering the way mobile penetration is increasing in India, I am sure mobile banking will soon take off in a big way” V Subramanian, DGM and CISO, IDBI Bank

around 30-40% through outsourcing. And these benefits are not just for the big banks. Smaller banks are also able to draw the benefits of outsourcing (read interview) and thus are able to compete in the market on even terms. Banks like SBI, HDFC, Centurion Bank, and others have outsourced the management and maintenance of their off-site ATMs to third-party service providers. SBI has outsourced its networking services and maintenance of more than 1,500 branches and 3,000 ATMs in 49 cities to Datacraft. BoI awarded its outsourcing contract to India Switch in the year 2002. “We are very happy with the results of outsourcing. In the end, it must be remembered that we are bankers and

a p r i l 2 0 1 0 | it next

Tech for banking

Q&A with V Vijay

Author of recently published study by IIT-B, ‘Technology-led transformation of Indian banking’

IT NEXT: What is the next big frontier for the banking sector in terms of technology usage? VIJAY: Banks have just been through multi-year core banking rollouts and there is no appetite for large IT investments. Instead, the focus will be on information processing—on improving decision making, based on data available in core banking. Banks will also be looking at increasing customer usage of alternate channels. At present, leading PSU banks have just 25-30% of transactions through non-branch channels, as compared to 70% plus for private sector banks.

Do you feel that automation and data warehousing, will help banks in India utilise business intelligence (BI) in a much bigger, better way?

banking is what we are best at doing,” quips Kalyasundar.

Mobile: The next frontier Considering that the market is awash with choices, a disgruntled customer will just take his business to the next bank. This has put added pressure on the banks to keep their customers happy at all possible levels, online or offline. All banks these days offer a plethora of services from their ATMs, and also from their online portals. Prasad of ING Vysya Bank highlights the importance of the customer and the role played by technology. “Technology is the key differentiator in these times, as all of them are now focused at providing high-level of customer convenience through innovative products and services. Right now, we are focusing on Internet and mobile banking platforms as part of our initiative to improve customer convenience,” he says. The recent launch of ICICIActive by ICICI Bank and Dish TV, wherein subscribers can access information and perform transactions from their

it next | a p r i l 2 0 1 0

“In the end, it must be remembered that we are bankers and banking is what we are best at doing” PA Kalyansundar, GM-IT, Bank of India

accounts through DTH, is just one example of banks’ keenness to reach their customers through various channels. Many feel that mobile banking is going to be the next important frontier. V Subramanian, DGM and CISO, IDBI Bank, is very bullish about it and is sure that it is only a matter of time that mobile banking will be big. “With the recent announcements made by RBI that relaxed the limitation on mobile transactions, I am very sure that in the next few years mobile banking will take off in a big way. Considering the exploding mobile penetration in India, it is but natural that it will be so. All the banks, including my own are testing out the platform to build services that can be offered to the customer. In the near future, cheques will be obsolete,” he states. The wave of banking transformation is almost over, now a revolution is in the making.

Find similar stories online on the website www.itnext.in/vertical

Photo graphy: Sures h Vanga pally

The issue is less about technology and more about people, culture and management priorities. BI has to be made a strategic initiative in the bank and this message has to be sent out clearly to bank staff. A culture that respects decision making based on rigorous data analysis has to be created. BI initiatives fail to deliver in the absence of this enabling environment.

15minute manager

training Education workplace compensation workforce trends skills development personal development

Asanas For back pain Page 50

IT Strat Hiring? Use a rulebook page 52 Security 5 trends that will shape information security in 2010 Page 5 4 Manage IT Sweat your storage assets page 55

By Moh i t C h h ab r a

Photo graph y: photo s.c om

ajiv Saxena sat with his eyes closed, hanging on to every word that his guru chanted. “Visualise your success, don’t let the failures pull you down.” “Visualise your success, don’t let the failures pull you down,” guruji repeated. “One of the biggest secret of success lies in learning from failure,” continued guruji. While the words soothed, they also created a twirling of conflicting thoughts in Rajiv’s head as he was battling the near failure of a major IT implementation at work. Rajiv worked as the GM (IT) for an FMCG company that had a wide spectrum of food and beverage products. Sitting in a contemplative state, Rajiv reflected upon the moment when he was called by his boss Vikas Sharma five months ago. “Rajiv, we are battling with a waste issue, a lot of our inventory is coming back, unused because it reaches retail shelves late,” said Vikas. “And the management feels that deploying an ERP solution is the only way out, so let’s get cracking.”

Sleepless nights Rajiv had spent many sleepless nights in the last five months. Everything from

IT Strat

What fails a project A ‘for the user, by the IT manager’ approach is guarantee for disaster; user-navigators can keep it on track a p r i l 2 0 1 0 | it next

15-MINUTE MANAGER

The FIVE mantras State specific requirements clearly: At the very onset of any IT project, clear and specific requirements and deliverables of the project must be chalked out. These must be made distinct from the wish list of deliverables ‘expected’ from a project.

Let business users test it: 4 Technology and coding have matured to a point where errors are often contained. The flexibility and robustness is thus best tested by business users, as it simulates the final environment in which the project will function.

By Dr Naveen Arya | aryansclinic@gmail.com

Asanas for BACK PAIN Reasons of back pain The primary cause of the back soreness felt by office workers are due to limited movement. In fact, most office workers spend hours typing or just answering phone calls. Wrong sitting posture is the other prime reason. Proper sitting posture is very important, especially for office workers because it effectively lessens the strain and pressure applied on the spine. At times, psychosocial factors such as on-the-job stress and dysfunctional family relationships may correlate more closely with back pain than any structural abnormalities.

Get an internal sponsor to drive it: The success of a project is directly dependent on the conviction from the top management. Thus getting the force of executive leadership behind the project acts as a critical success factor.

getting the RFP in place to finally selecting the vendor had been a challenge, but the real downhill journey started when the rollout began. “And the management feels that deploying an ERP solution is the only way out,” was the one-line mandate

it next | a p r i l 2 0 1 0

Practicing yoga regularly relieves back pain by strengthening and stretching the muscles that support the spine and helps prevent future injury. However, it is best to do these exercises under the supervision of a certified yoga instructor. If you encounter any problems in between, you should consult an expert. Here are some good yoga poses for relieving back pain. Each pose should be held from five to ten seconds, depending upon your level of comfort, and should be done on a mat or other soft, supportive surface. Corpse position: Lie flat on your back in a relaxed position, arms resting at your sides, palms down, and legs lying naturally, with knees turned out slightly. If it hurts your back to have your knees turned outward, do this pose with knees bent, feet flat on the floor. Breathe in and out for a few seconds, allowing the body muscles to relax. Cat stretch: Start out on your hands and knees with a flat back. Your hands should be directly under your shoulders with fingers spread. Knees should be directly under the hips. Head is held loosely so that you are looking at the floor between your hands. Inhale, and as you exhale, arch your back toward the ceiling, tuck your chin in to your chest so that you are looking at your navel, and tuck your tailbone underneath. Hold, then release back into your original position.

According to British Chiropractic Association, office goers slouching in front of their keyboards are more prone to develop back pain

(Stay tuned for more postures for relieving back pain in the next issue) The author is a Ayurveda and Yoga expert and Director of ayuvrvedayogashram.com

Photo graph y: photo s.c om

Set realistic timelines: The length of a film is often discussed as a contributor to its success. Similarly, IT project’s success too is dependent on its timelines. Too long or too short means the same thing—unrealistic, and therefore, liable for failure.

Office Yoga

Photo graph y: Jayan K Narayanan

Involve the business users: For assured success of any IT implementation, it is imperative to involve all stakeholders from the very beginning. This means, business managers and other user groups must play a pivotal role from the word to.

15-MINUTE MANAGER that Rajiv had been working on. Now in retrospect, he realised that the requirement was very vague and abstract. In a flash it came back to him. With no real inputs from end-users, Rajiv and his team had been building what they believed was needed and not what was actually needed. The other aspect that had compromised the project, he realised, was their limited knowledge and understanding of the real business issues. So, inevitably when the system was delivered to business users, they only found limited use of it. Rajiv fished out his notebook and scribbled something.

Delivering value Rajiv continued his pursuit for answers and researched more on the Internet. His second flash of enlightenment came when he saw a survey report by UKbased advisory firm Dynamic Markets. The report indicated that while three out of five IT projects fail to meet their schedules, two out of five fail to deliver the expected business value. The term ‘business value’ now struck a chord with him. Soon, everything was falling in place for him. Rajiv’s hand instinctively went to his breast pocket, the home of his notebook. He took it out again and scribbled something. “Hey, what do you keep writing in there,” asked Rekha, Rajiv’s desk neighbour who worked for the marketing department. “Nothing.” “Come on, you can tell me.” “It’s actually nothing.” “All right, all right.”

Timelines in place After an awkward silence, Rajiv asked, “So how is work with you?” “Don’t ask, man. I am under so much pressure to deliver. My boss does not understand, he just throws unrealistic deadlines at me.” “You are lucky, you don’t have to bear this burden of deadlines that are unrealistic,” Rekha continued. Those words hit Rajiv like a rock.

“Hey Rekha, I will catch up later. Just remembered that there is something important that I have to attend,” said Rajiv, as he dashed to his work station. “Rajiv has been acting funny since morning,” thought Rekha. Rajiv opened multiple files on his terminal and started to make detailed notes on a sheet. After about 25 minutes of alternating between typing and writing, he leaned back with a definitive grin, his first in the last few tension-filled days. It was the smile of an enlightened man. He grabbed his small notebook again and scribbled a few words in it. Immediately after finishing the scribbling, he stood up and looked at Rekha and said, “Thanks Rekha.” “For what?” “Nothing.” “Hey, what’s with you tod…” Before Rekha could complete, Rajiv was out of the room. “Rajiv has been acting funny since morning,” thought Rekha again.

Does that fit? “Boss, I need a couple of hours off after lunch,” requested Vinayak. “Wedding shopping again?” asked Rajiv. Vinayak was a young systems administrator who was getting married the next week. “Naah boss, suit fitting.” “All right, but make that an hourand-a-half, we have some work to catch up on,” said Rajiv. The thinker in Rajiv was active that day. And he started to see a thought in Vinayak’s request too. The IT guys do a great amount of testing during project development, but should the users not run tests to see if the system meets their requirements. If testing was important for something like a wedding suit then an IT project definitely needed more than just one ‘fitting session.” It was scribble time again for Rajiv. Rajiv leaned back, knowing he had zeroed in on the problem. He picked up his land line and called Vikas.

The lessons at last Fifteen minutes later, Vikas was looking at a page in a small pocket notebook

62 49 47 41

enterprise IT projects fails to meet deadline

IT projects suffer budget overruns

enterprise IT deployments have higher-than-expected maintenance costs

IT projects fail to deliver expected business value and ROI Source: Dynamic Markets, UK

a p r i l 2 0 1 0 | it next

15-MINUTE MANAGER with five points scribbled on it. “Rajiv, you will have to explain.” “Boss, you know we are battling a failing ERP and I did some research and thinking,” said Rajiv. “The IT implementation landscape is dotted with many failures. While technology has progressed and advanced by leaps and bounds, IT project implementation is still stuck in quick sand—two steps up and one step down,” continued Rajiv. “I get that, but what’s your point?” Vikas sounded a little irritated. “Sir, I know why we are staring at failure and I think if we set these five things right even now, our efforts will be a success.” “And they are…?” “One, poor requirement statement from the management... we had only a single-line mandate. It has to be more detailed and precise for us to develop a system.” “Two, there is no user involvement. Nowhere in our development cycles the business managers were involved on what their needs from the system was. We thus developed something from our own understanding of the business, and that sir, proved inadequate.” Rajiv’s voice had a ring of command to it now, and yet Vikas seemed to like it. “Three, the timelines are unrealistic. I will not say too much on this. But they have to be rational and realistic.” “Four, lack of quality testing. While our QA has done its job and the code is clean, it lacks functionality that business users want. It is they who should be testing the final product, not us.” Vikas was nodding in agreement. And he felt proud of Rajiv. “And last and definitely not the least, this project is a change issue and not an IT project. So we need an internal sponsor, someone in the executive leadership to drive it for business results.” Vikas was dumb struck. “Can you repeat all of this in front of the CEO?” “Oh yes.” Without a word, Vikas picked up his phone and called the CEO. “Boss, we need to see you, now!”

it next | a p r i l 2 0 1 0

IT Strat

Hiring? Use a rulebook

Standardised recruitment, prospect benchmarking and risk mitigation will help make a robust IT staffing plan By M o h i t C h h abr a

rerna Rawat had been staring at her laptop screen for the last 15 minutes and yet her mind drew a complete blank. She was expected to draft a detailed recruitment plan in view of an IT outsourcing project the company had landed with a new Fortune 500 client. She sat immobile, confounded by stark contradictions between organisations’ recruitment policies and the ground realities in the wake of a recessionary environment.

Contradictions galore Despite a global economic meltdown and layoffs, finding the right talent has remained one of the biggest issues faced by organisations. Even in times of uncertainty, employ-

15-MINUTE MANAGER

Six steps to IT staffing 1 Create the profile or job

2 3 4 5

description for an ideal candidate Develop a structured interview plan. Focus on content and method of selection Assess the quantity and periodicity of demand for new employees Develop and have access to a pool of qualified prospects and applicants Screen the candidates based on various pre-defined parameters, including the job description and qualifications/ expertise Do a reference check after the final interview

ees have remained far less loyal to their organisations than in previous years. And yet, “One of the biggest faithshattering news (for employees) has been the mass layoffs by many IT majors across the globe,” say HR experts like Ashish Chhillar, director at Job Connect. “This totally contradicts the ‘people are assets’ philosophy that most companies try to espouse these days,” he adds. Such prevailing contradictions had made Prerna indecisive about the recruitment line to be towed. But with the customer delivery beginning soon, she was required to hire fast. She did not have the luxury of waiting for a couple of months to get the best talent on board. And she could ill afford a hiring decision that she would regret later. What if a new employee failed to deliver? That could cost her organisation far more, both in terms of time, money and delivery issues. This set Prerna thinking. She felt the need to go far beyond the recruitment plan she was asked to present. She wanted to contribute strategically towards the achievement of overall

“A structured interview format ensures that everyone hires to a consistant standard”

“The benefits of a well structured staffing plan far outweigh the effort put in and the time spent”

—Ashish Chhillar, Director, Job Connect

—Sankalp Popli, Director, Absolute Recruitments

business objectives of her organisation rather just serving as a recruiter.

is a niche recruitment company active in the BPO, KPO and IT areas.

End-to-end ownership

Adopt best practices

Prerna set out to develop an integrated staffing plan instead of just a recruitment plan for the project. While on one hand the plan enlisted the steps to be taken, on the other hand it also listed out the deliverables and milestones to be achieved corresponding to each step of the process. The approach adopted by Prerna is something that most professional recruiters follow. “We help companies develop a staffing plan that standardises recruitment practices and ensures that the recruitment that happens is consistent and mitigates any risk and uncertainty,” says Sankalp Popli, director, Absolute Recruitments, which

A key objective for Prerna now was to implement the best practices to get a strategic plan that delivered value, in line with the objectives spelt out by the client. But before she got cracking on the plan, she wanted some answers. Prerna picked her desk phone and reached out for the account director of the project to set up a meeting. “A variety of global staffing experts suggest that HR start with asking questions that help create a singular alignment of the HR’s efforts in getting the right candidates,” feels Popli. Between the doodles on Prerna’s yellow pad, the following key questions waited to be answered by the account director.

a p r i l 2 0 1 0 | it next

15-MINUTE MANAGER Security

5 trends that will shape

information security in 2010

The convergence of these trends will radically reshape the future of information security—both the vendor landscape and how we architect and manage information security internally Convergence onto security platforms: We will see the movement of related security controls into ‘security platforms’ capable of being adapted to new types of threats. We see convergence taking place in multiple areas in information security—at the endpoint, at the e-mail security gateway, at the web security gateway, at the next-generation firewall and, for small to mid-sized organisations, the multifunction firewall.

Virtualisation: Beyond just deploying virtualisation securely, the virtualisation of security controls will alter the information security landscape. Beyond this, virtualisation offers a new platform to enforce security controls in new ways—such as introspection techniques for rootkit detection.

Cloudification: The enforcement of our enterprise security policy via security controls and infrastructure that we don’t own. This isn’t necessarily new, but the other trends listed and adoption of cloud-based applications by enterprises is forcing this. Examples include the use of cloud-based web application firewalling or cloud-based filtering of web and email traffic.

Externalisation: The tearing down of walls between businesses and the opening up of our information, processes and systems to outside parties—whether these are contractors, outsourcers, partners and customers. Nearly every enterprise is being asked to enable and foster secure collaboration with external entities.

Consumerisation: The use of consumer-oriented technology (systems and software) for business uses. Examples include the connection of iPhone to enterprise systems, remote access via personal machines and employee demands for access to Facebook, LinkedIn and other consumeroriented sites in a business context. Combined with #4, this implies a large number of systems that we don’t own and don’t manage connecting to our systems and networks.

By Neil MacDonald (Source: http://blogs.gartner.com/neil_macdonald/)

it next | a p r i l 2 0 1 0

hat are the deliverables of the projW ect as a whole? How many new employees will be required to achieve the deliverables? What skills, both technical and soft, should these employees possess? Why are these skills critical? Can they be replaced with similar of other skills? When will these new employees be needed? Will all of them be needed on board when the project goes live or can their recruitment be staggered? Also, there were questions related to the length of the project and the placement of the new employees (onsite or offsite). Global best practices suggest that IT staffing plans must use objective, performance-based criteria as the basis. And that is possible only if the HR team works to create job profiles for each employee revolving around measurable criteria that is benchmarked against an ideal performance. The benchmark should be a normalised average of the company’s standards and the standards of top performers in the IT industry. A clear deliverable in this phase should be the development of a structured interview process, as it neatly helps to get the right information out of the applicant. Two aspects of the structure must be attended to—content and method. A sound planning is essential to get the right content and method for evaluation. Both, content and method must be aligned to check applicants’ past job performance on the measurable criteria. “A structured interview provides a standard approach that ensures everyone hires to a consistent standard,” feels Chhillar. The company must understand that the interview is the most critical component of the selection process. In a few minutes, the interview should be able to bring out all the inputs needed to make an informed and correct decision, one that will affect the fortunes of the company and the individual. A structured interview brings the required objectivity to clear all haze that is often there in a subjective assessment.

15-MINUTE MANAGER The next step is to create a pool of potential candidates from across a variety of sources such as staffing agencies, and also from the list comprising redeployment, promotion, and reassignment candidates.

Benefits outweigh effort “The benefits of a well planned staffing

plan far outweigh the effort put in by the organisation, and the time spent by it,” points out Popli. Two key benefits of such staffing plan accrue immediately and are very important for project-based requirements. The plan not only significantly increases the odds of hiring the right people, it also helps

MANAGE IT

Sweat your storage assets

Drifting islands of unused storage can be tapped to create a large pool and to minimise new buys By Shaj y Th om as

Consolidate islands of storage into a single storage pool

Sanity checks Do away with unwanted videos and music audios to free huge chunks of storage

uch bigger than the human population explosion is the data explosion that is continuing to take place. There are many factors that are responsible for this sudden spurt in enterprises’ appetite for data; from the shift to a hyper-connected world to an almost freefall in the cost of storage space and solutions. Other related

Get tools to help move duplicate information to less expensive disks

And then, make a fair assessment of how much storage is actually needed

factors like video and audio streaming, digital content creation, and statutory requirements are also driving the demand for storage. Historically, the move from mainframes to distributed client/ server environments has also added to the complexity of storage requirements. When almost all data resided on a mainframe and was supervised at a data centre, the focus was on conserving file

create consistency in the hiring decision-making process. “A long-term benefit is that when existing people leave, new hires come into the system on the basis of processes and standards specified in the staffing plan. This results in an improvement in the quality of workforce over a period of time,” points out Chhillar.

space and storing data efficiently. But in distributed processing, users have more control over creating and saving information. Given this scenario, most of the companies are shifting to a centralised working model as this helps in better data management and increased security. Besides, IT managers also need more than ad hoc approaches and need to understand the complete dataflow within the company. Here are a few simple approaches that can help you deal with the data monster in your organisation. Design, buy as per the need: A little homework always goes a long way, so diligently work out what you need before actually jotting it down in the RFP document. It is better to invest some time at analysing the storage requirements so as to identify a suitable solution. The important factors to bear in mind are—capacity, throughput and performance, IOPS, disk type, future requirement, scalability, application compatibility, backup and DR, management tools, and reports and alerts. Since all solutions come with their own sets of pros and cons, this due diligence will help in deciding on the right solution. Simple optimised design: Simpler designs generally offer good performance and more flexibility. Outline the growth strategy upfront. As the data size grows, how will you manage growth of data files, logic unite numbers (LUNs) and RAID groups? It is much better to design for all this at an early stage than to do a rebalancing act later. Consolidate storage silos: As companies grow, they inevitably create islands of storage that are both costly and inefficient. Consolidating these islands

a p r i l 2 0 1 0 | it next

15-MINUTE MANAGER

training calender Career booster courses for you

Program

Venue

Dates

Managing Software Projects

IMT Ghaziabad

April 05 - 06, 2010

Managerial Decision Making

NITIE Mumbai

April 05 - 07, 2010

Enhancing Executive

NITIE Mumbai

April 05 - 09, 2010

Brand Equity and Brand Valuation

IMT Ghaziabad

April 08 - 09, 2010

Developing Emotionally

IMT Ghaziabad

April 08 - 09, 2010

IMT Ghaziabad

April 12 - 13, 2010

Project Risk Management

IIM Ahmedabad

April 12 - 14, 2010

Business Intelligence

NITIE Mumbai

April 12 - 16, 2010

Communication Skills for

IIM Kolkatta

April 15 - 17, 2010

IMT Ghaziabad

April 19 - 20, 2010

IMT Ghaziabad

April 22 - 23, 2010

Negotiation Skills Workshop

IIM Kozhikode

April 26 - 28, 2010

Effective Communication

IIM Ahmedabad

April 26 - 29, 2010

IIM Lucknow

April 28 - 30, 2010

Competitiveness

Intelligent Leadership Service Management using Information Systems and Technology

Effective Management Building Globally Competitive Organizations Balanced Scorecard: Design and Implementation

Strategies: Men and Women @ Work Advanced Financial Analysis

(NOIDA Campus) Business Modelling for Changing Business Scenario

it next | a p r i l 2 0 1 0

IMT Ghaziabad

of storage or silos into a single storage pool provides tangible benefits, such as lower costs and improved operations. There are other advantages as wellâ&#x20AC;&#x201D;centralised troubleshooting, remote maintenance and centralised administration. Data management: The IT manager should know how the information flows within the organisation and how it is stored. This helps minimise or eliminate the data duplication and de-duplication. To do so, one must put in tools that provide relevant information on such issues to be able to delete or move the duplicate information to less expensive disks. The tools should also provide additional information on any unwanted files, especially videos and music audios. Armed with information like this, managers can often defer the purchase of more storage while boosting the utilisation of existing infrastructure. Validate configurations: Before going live, perform basic throughput testing of the IO subsystem with some benchmark tools like IOzone failover testing and policy testing. Storage policies: Itâ&#x20AC;&#x2122;s very important to create storage policies for efficient management. A few examples of such policies are user or group quotas, file access permissions, file type policies, backup and DR, file aging policies by which the unused files are automatically moved to virtual tape libraries. Data backup and DR: Many companies store data in multiple locations as a safeguard, but this increases the storage requirement, complexity, maintenance and power utilisation. These hassles can be eliminated by designing reliable online storage, nearline storage and a tape backup. Storage maintenance: To avoid or minimise storage issues, one needs to carry out pre-emptive maintenance like updating the host bus adapter certified drivers, storage array firmware, and multipath IO. Always remember that a better managed rack is not only more efficient but also easier to manage.

April 29 - 30, 2010 The author is Head, IT at Crest Animation Studios

Project management

the big

How to deliver with a soppy SLA? EXPERT PANEL

PRASAD RAJAPPAN Fou nder and Managing Director, Cnergyis

The Situation...

Cut it from here

Photograph y: s ubhojit paul

“Raghav, you seem to have lost all appetite,” said Suhasini. “Is something wrong at work?” Raghav tried to avoid the conversation, but could not hide the tension that writ large on his face. He was a senior IT manager at RapCorp—one of India’s largest real estate companies. But the last few weeks at work had been difficult for him because of the repeated delays in the ERP project that he was handling. And this had a direct bearing on a number of new projects that RapCorp was betting its future on. “I’m being made the scapegoat,” said Raghav wiping the beads of sweat off his worried forehead. “I came into the project only after the SLAs— the contractual obligations—were frozen and the price determined,” he said. “Mr Awasthi, our CFO, then negotiated the price on behalf of RapCorp after the SLAs were determined,” Raghav sounded exasperated. “It’s like saying to Nirmala, your domestic help, Your responses count. Log on to www.itnext.in/bigQ to submit your replies. The best entry will be published in the next print edition.

KARANDEEP SING H Head IT, Fu llerton Securities

DOLLY BHASIN Managin g Director, SPH Consu ltancy and eServ ices

that you will do all this but I will pay you only as much,” added Raghav. Suhasini immediately understood what Raghav was going through. The vendor was cutting corners to ensure the deal was not loss making and Raghav was bearing the rap. “Why don’t you tell Mr Awasthi and your MD,” said Suhasini sounding like an enthusiastic fifth grader. “No Suha, it doesn’t work like that.” “I am responsible for the smooth delivery of the project, and the vendor is using our project as a training ground. All new recruits are being tested at RapCorp by the vendor,” added Raghav. “The management does not understand and every morning, I dread the thought of picking up the phone when it rings.” “It’s either the MD or the sales head, and all they do is stop short of yelling.” “How do I explain?” Raghav’s predicament is rather genuine. He is being held responsible for the delivery of a project that he has not negotiated. He has not negotiated the SLAs, the deliverables or the price. He has no say on the resources being deployed too.

a p r i l 2 0 1 0 | it next

the big q

the big questions... What should Raghav do to ensure that the project is delivered

? ?

smoothly, without any further delays?

What should RapCorp do to institutionalise the process of deploying big ticket it projects in the future?

Here are the answers... ‘review, involve the vendor’ FIRST ANSWER

PRASAD RAJAPPAN Founder and Managing Director, Cnergyis About me: A production engineer, with experience in ERP, operations, business process reengineering and Information Systems. Has been previously associated with Reliance, Mahindra & Mahindra and Ernst & Young

it next | a p r i l 2 0 1 0

Raghav is in a typical position that most implementation managers come across. Invariably, the price negotiations take place without having a full perspective of the project dynamics and deliverables. Having landed into such a situation, here is what Raghav can do: Work with the vendor and document the deliverables against each milestone and create a list of gap areas. This could be in terms of deliverables or quality of service experienced so far. He should try and understand the vendor’s concern in terms of his profitability; if possible, identify internal team members to add to the vendor’s resources. If the vendor has genuine issues, Raghav should help find the solution. Having gained the support of the vendor, he should take the analysis sheet to the CFO or the MD and present it as more of an attempt to ensure project success, rather than a complaint. Raghav will have to impress upon the management on the need to revisit the project resource allocation, in case he feels that the current one will not yield the desired quality and timeline targets. Once he has succeeded in doing this, Raghav should present a periodic review and status update to his management so that they are in sync with the actual challenges and achievements.

SECOND ANSWER Ideally, the project or delivery manager has to be a part of the project planning and SLA signoff. The vendor should be made accountable to the project manager from day one. Even if the manager is not privy to the pricing, he should have a say in the deliverables. RapCorp should also form a project directorate or steering committee for future projects. This should include all the project sponsors and senior stakeholders. The project manager should make a joint implementation plan along with the vendor that should be presented to the steering committee before the kick-off. There should be a weekly or fortnightly review process. Besides, the vendor payment should be linked to the milestones and signed off by the project manager. Also, for any ERP implementation, it is important to have strong internal domain and process experts in the team who can measure and drive the outcomes. These internal process owners and power users should start learning the ERP so that the organisation gets what it aspires for. To summarise, RapCorp should follow the basics of any IT implementation project: n Involve top management and ensure proper organisation-wide communication n Induct team members from each of the business functions involved n Set up a steering committee that should have have complete project plan in hand n Chalk out deliverable-based payment schedule for vendors n Conduct periodic reviews and set up process for mid-term course correction

the big q â&#x20AC;&#x2DC;inform bosses, involve them tooâ&#x20AC;&#x2122; FIRST ANSWER Raghav should quickly take stock of the current stage of the project and call a meeting of CFO, CEO and core team members. He should apprise them of the background, current situation and stage-wise update of the project. He should also update them on how the vendor is treating the company and the kind of resources that are being allocated by the vendor. Raghav should then define the way the project is to be taken forward so that it can be successful and implemented as per the timelines. He should also split the project into phases and define roles for each person of the core project team. The CEO should acknowledge the same and inform the core team members to be accountable for the delivery. As a next step, Raghav should arrange for a meeting of his senior management with the vendor and discuss the current state of the project, pushing them hard to have best resources working on the project. He should redefine the timelines if required. All payments should be linked to actual deliverables and strict penalties should be laid out in case of slippages. With all this groundwork and focused approach, the project should come back on the track.

KARANDEEP SINGH Head IT, Fullerton Securities About me: An MBA and MCA by qualification. Has over 14 years of experience. Worked with firms like Lucent Technologies and Fidelity Investments

SECOND ANSWER Moving forward, for all projects, a core team should be formed, drawing members from IT and functional departments. However, the overall responsibility should lie with the department wanting an application to be rolled out. The functional person should own the project and the IT department should help coordinate with the vendor. The entire requirement should be frozen at the earliest so that the SLAs can be defined and commercials linked to them accordingly. The project phases should be monitored closely by the project manager, followed by a weekly update to all stakeholders and a monthly update to the steering committee. No new changes to applications should be made unless there are regulatory changes or other such exceptions. Any mid-term changes should be approved by the CEO and a strict change management process should be adhered to. Any changes in time or cost requirements (again, only in case of an exception) should also be signed by the CEO.

slas

7-step improvement process Gather the data Who? How? When? Integrit y of Data?

Process the data Freq uency? Format? System? Accu racy?

A nalyze the data Relations? Trends? According to plan ? Tar g et met? Correctiv e action?

2 D efine What you can measure

Present and u se the information assessment summary action plans, etc.

goals

1 Define What you should measure

Identify Vision & Strategy Technical Goals Operational Goals

Implement correctiv e action

Source: Oblicore, 2008

a p r i l 2 0 1 0 | it next

the big q

‘Categories concern areas’ FIRST ANSWER

DOLLY BHASIN Managing Director, SPH Consultancy and eServices About me: IT professional with over 25 years of experience in R&D, data communications, product development, project marketing and consulting

Raghav should list out the key areas of the SLAs and mark them by the following categorisations: Critical: Activities very crucial for the company (high risk and critical). Compliance: Activities that need compliance (need to be done). To watch: Activities that need to be monitored closely to prevent recursive and repetitive negative effects. Difficult to achieve: Activities which are difficult to achieve but have been agreed upon in the SLA. Raghav should then try to allocate time and resources to plan how to monitor and keep close check on the activities in the above listed manner, to ensure compliance to SLAs. For the last category of activities, a realistic assessment should be done and adjustments made accordingly. The team working on the project need to be communicated the above and given incentives to ensure compliance to SLAs. Taking a proactive approach to ensure proper adherence to the SLAs in this manner will reduce the risks.

SECOND ANSWER The company should ensure that someone from the delivery team (project manager or supervisor) is part of the team doing SLA negotiations. The person should either be a direct signatory for the SLA document or should indirectly approve it through an internal document. Proper project management and governance system should be planned and implemented by the company in future to avoid such occurrences.

Notes NOTEs

More Resources

it next | a p r i l 2 0 1 0

SLA Best Practices: http://www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a008011e783.shtml What about SLAs?: http://www.itbusinessedge.com/cm/blogs/all/saas-bpo-convergence-what-aboutslas/?cs=38590

Edu Tech December 2009

cube chat | Pushkar Raj

Learning is

golden “Leadership comes from learning new things and showing others how to apply it to situations,” says Pushkar Raj, Manager IT for Express Retail Services at Big Apple By Jati nde r Si n g h

“

My sucess

mantra Work hard and give your 100% to whatever role you are assigned

it next | a p r i l 2 0 1 0

hy do we need God, if we are doing our work religiously?” said Pushkar Raj when asked if he was religious and God fearing. As Manager IT, Express Retail Service, Big Apple, Raj believes in learning from every situation that life provides and is not the one to be much perturbed with challenges that come in the way. Having started his career as System Engineer with Pantagon System in Mumbai, he is currently responsible for managing the IT infrastructure of Express Retail Service. A leader is one who himself makes continuous effort to learn new things and is able to teach subordinates the art of applying the learning when a situation arises, says Raj. Armed with degrees in chemistry and computer science, Raj stresses very much on team

building exercises and values the support of team members to get the project done successfully. “It gives you lot of pain when your team members don’t give you the helping hand for challenging projects. It’s the only thing that irritates me,” he recalls. However, he feels fortunate that he doesn’t have to deal with such situations very often, and expresses his gratitude to all engineers and team-members with whom he has worked so far. “I am fortunate to have got great support from my team-members most of the time so far in my career,” Raj notes. He believes that the various challenging assignments in his career have helped him stay focused. He remembers the IT-enablement project during his tenure at the Cafe Coffee Day as the most complex of all. “During that time, I was responsible for

cube chat

Fact File Name Pushkar R aj Curre nt desig natio n Manager IT, Ex press Retail S ervices, Big Apple Curre nt role Managing and taking care of IT infrastruc ture Expertise ERP implementation , net work infrastruc ture set up, net work securit y Work experienc e 2005 – present Manager IT, Ex press Retail Servi ces, Big Apple

Photo graph y: subhojit paul

“A good it manager should have strong team building abilities. He should encourage team members to think out of the box and innovate” routing customer calls of different units to different call centres, with whom we were dealing with. Since I was the only person to manage it, the pressure was too much,” he recollects. “However, after a thorough discussion with different vendors, we successfully managed to deploy a suitable software solution,” he adds. The solution helped the company to transfer all calls directly to the respective centres seamlessly. He loves to spend his Sundays with family and is always keen to learn new technologies and study lives of technology leaders. “I always take inspiration from reading good and motivational stuff. You can essentially add to your experience by reading and analysing what others have

done, thus avoiding the mistakes and taking the right approach,” says Raj. “A good IT managers should have strong team building abilities. He should encourage team members to think out of the box and innovate,” he adds. IT apart, he is an avid reader. “I am currently reading a book on Art of Living for peace of mind,” he laughs. “Reading helps me take inspiration from leaders from all walks of life,” he adds. Confident of achieving his dream to become a CIO, he asserts that commitment and coordination are the two key ingredients responsible for success. “You just give your 100% to whatever role you are into. Follow this and I bet there won’t be any looking back,” he shares as a piece of advice.

2001-2005 System Admi nistrator, Caf e Coffee Day--northern region 1999 -2001 System Engi neer, Pentagon System, Mumbai Edu c ation 2000 -2002 M CSE, IAC M, Delhi 1998 -2000 PG Di ploma in Hardware Net working, J etking, Mumbai 1996 -1999 Bac helor in Commer c e (Com puters), Cali cu t Universit y 1995 -1998 B Sc (H) Chemistry, TMU Universit y, Bhagalp u r Achievements 2005: Excelle nc e in infrastruc ture and setu p, Express Retai l S ervic es 2002: All India best admi nistrator awa r d, Cafe Coffee day

a p r i l 2 0 1 0 | it next

update

open Debate

book For you A platform to air your views on the latest developments and issues that impact you

Is green IT pressingly urgent or can we go slow?

SK PALUSKAR GM - MARKETING AND IT, EXCEL INDUSTRIES

VIRENDRA DESHPANDE DGM IT, RELIANCE TECH SERVICES

PRASAD REDDY MANAGER-IT & ADMINISTRATION, PRELUDE SYSTEMS

I am very much in favour of green and eco-friendly technologies. However, I do have a fair amount of reservation on the way the whole green IT movement is taking shape in India, as well as globally. It is driven mainly by vendors to push their wares under the garb of green. One can spot so many green products around, right from servers to cables. In fact, the first question we need to ask is: do we really need to invest in certain equipments? Whether it is green or not is the secondary question. We really need to assess the need and impact of these technologies.

Considering the times that we live in, I see little doubt in green being a pertinent issue not only for now, but also in the days to come. As far as green IT is concerned, because of the empirical instances in which it has helped companies save on power, and thus reduce the carbon footprint, there is little doubt in my mind about the viability and the necessity of it. Green IT is very much the need of the hour. Considering the increasingly high amount of power consumed by IT equipment, technologies like virtualisation are relevant in today’s time.

Speaking from a holistic perspective, the issue of environment has gained much prominence during the last couple of years. Hence, it is quite natural that the impact of IT infrastructure on environment is now coming under the scanner, with talks about low-energy electronics gaining ground. The focus on reducing energy consumption is always welcome. But we need to guard against the tendency to over-focus on the economics of green. While much of the talk is centered around RoI, we also need to look at the social and environmental costs.

Captain courageous The father of India’s low-cost aviation tells the story of his life Publisher : Harper Collins Price : Rs 499

Most Indians used to treat airplanes as some sort of identified flying objects which they thought were almost alien to them. They never thought they could ever afford the luxury of flying, until one fine day when Captain Gopinath stepped in with the country’s first nofrills airline, Air Deccan, in 2003. Simply Fly: A Deccan Odyssey is a from-the-horse’s-mouth story of a village boy’s entrepreneurial overdrive, which takes him through different avatars—from Udupi Hotel owner to agricultural consultant, politician, and a dealer in motor bikes. Interestingly, when Gopinath, launched India’s first low-cost airline, a report called it an “Udupi Hotel in the sky”, referring to the low-cost business model of the self-service vegetarian eateries, originally from Udupi in Karnataka, that have become a generic name for cheap but good quality meals in the country. Alongside the story of the rise and later the reversal of fortunes of Air Deccan, the book, offers an inside view of India’s aviation sector, with all its lobbies, cutthroat competition and backstabbing. IT NEXT Verdict One reason why this book should be read is that it is the story of a quintessential entrepreneur who dared to innovate and changed

Your views and opinion matter to us. Send us your feedback on stories and the magazine to the Editor at editor@itnext.in

it next | a p r i l 2 0 1 0

the rules of the Indian aviation sector. Star Value:

my log

Dr Chindu Sreedharan Lecturer, The Media School, Bournemouth University

r at

ion

: anoop pc

The epic centre

Storytelling lives on, with a newfound tweeting and chirping form, on micro-blogging sites

it next | A p r i l 2 0 1 0

3 Essential

Reads

<strategy>SHEElA FoAm</strategy>

<strategy>SHEElA FoAm</strategy> In the midst of a recovering business environment, companies today are swiftly realising the importance of aligning IT requirements with their core business needs. Given that organisations are no longer looking at IT as a support function, IT managers today are not hesitant to evaluate technologies that are ‘value for money’. The only catch is: it should not compromise the performance. A year ago, Pertisth Mankotia, Head-IT at Sheela Foam was thinking on somewhat similar lines. For his company, a Rs 950-crore group and among the top five manufacturers of slab stock polyurethane foam in south-east Asia, the challenge was to reduce dependence on Unix systems, improve the costefficiency ratio, and simplify systems management to improve scalability for business growth.

<head>

no more expensive upgrades!

the genesis Founded in 1972, the firm has a number of manufacturing units in India. Also, there are more than 70 distributors and 3,000 dealers. In order to manage its operations effectively, the company ran an in-house ERP on a legacy server in a proprietary Unix environment. The custom-built ERP was integrated into Sheela Foam’s distribution network. However, owing to the proprietary system, there was too much dependency

</head> <h1>

p h oTo G r a p h Y: S u B h o J i T pau L

the_leading_foam_maker_is_glad_it_switched_to_ open_source._the_new_system_runs_50%_faster,_is_ easy_to_scale_and_saves_rs_40_lakh_per_annum </h1> <h2> BY JATINDER SINGH

</h2>

the problem

SAN storage: 2,31,664

<tr>{Total cost of Rx series servers (in Rupees)} Server 1: 5,86,628 Server 2: 5,52,285

Maintenance cost/annum: 17, 14,013

Annual maintenance cost: 19,45,677 Three year maintenance cost: 58,37,031

Three year up-gradation cost: 8,00,000

Total expense (in three years): 66,37,031 Dell Server with three years Gold Support: 4,00,000

the solution

Server 3: 5,75,100

Net saving in three years: 62,37,031</ tr>

With the proprietary solution, it was difficult to try things out and innovate even if one wanted to. Things like setting up a rack and clone servers were cumbersome and costly affairs. With the open source, there is always an opportunity to add new features and manage them at a much lesser cost. After a careful analysis, Mankotia and his team consulted Dell for a product performance demo. Through with the successful trial, the company decided to go for Dell PowerEdge server with factory installed Red Hat Enterprise Linux (RHEL). In April 2009, the company deployed its home-grown mission-critical ERP application ‘Greatplus’ that was hosted on RHEL. Despite all enthusiasm for the new solution, the core IT team at Sheela Foam had its moments of anxiety as well, for there was still an iota of doubt. Since the previous legacy servers based on the Unix platform were very

“you can imagine my situation, when my network got down for 16 hours. And I was in no position to take any remedial action. It was really hurting the business” P E RT I ST H m A N KoT I A , HEAD-IT AT SHEEL A FOAM

it next | A p r i l 2 0 1 0

A p r i l 2 0 1 0 | it next

No more expensive upgrades! What made Sheela Foam go open source? Pg 24 SeCuriTY | INSIgHT

INSIgHT | SeCuriTY

AWARENESS UP TWO-FOLD, VICTIMS SIX-FOLD While consumer awareness of phishing attacks has doubled between 2007 and 2009, the number of consumers who reported falling prey to this attack also increased six times during the same period.

RUn SOCiAL MeDiA

According to the EMC security division rSA’s 2010 Global Online Consumer Security survey that polled more than 4,500 consumers on their awareness of online threats, while thousands of people join social networking websites each day, nearly two in three (65%) of respondents who belong to these online communities indicated that they are less likely to interact or share information due to their growing security concerns.

in SAFE mo DE

Social networking websites have become a hotbed for online criminals because of their global reach and the participation by hundreds of millions of active users from all walks of life. This makes these communities prime targets for exploitation by criminals who seek to steal personal information through socially engineered attacks. reflective of this trend, the survey exposed that four out of five (81%) people using social networking websites displayed concern with the safety of their personal information online. in a similar rSA survey in 2007, one in three (38%) consumers reported they were aware of the threat of a phishing attack— and this figure has doubled in two years when three out of four (76%) consumers became aware. Despite increased awareness, there have been a growing number of online users that have fallen victim to a phishing attack. in the 2007 rSA survey, only one in twenty (5%) consumers cited they had fallen victim to a phishing scam; this rate increased six-times in 2009 to represent three in ten (29%) consumers.

This increase can be attributed to more advanced communications tactics and greater sophistication such as improved writing and web design skills on the part of the fraudsters. phishing attacks have also evolved in an attempt to exploit users in different ways and through a broader variety of methods including offshoots known as ‘vishing,’ ‘smishing’ and ‘spear phishing.’

internal compliance is the key when it comes to keeping silent threats posed by social media at bay

The sheer volume of phishing attacks launched in recent months is also contributing to these trends. The rSA AntiFraud Command Centre reported the highest-yet detected rates of phishing attacks between August and October 2009, as well as a 17% increase in the total number of attacks between 2008 and 2009. 50% consumers agreed that their identities should be better protected than a simple username and password on social networking.

BY DEEPAK KUMAR

it next | A p r i l 2 0 1 0

A p r i l 2 0 1 0 | it next

Run social media in safe mode Set up right policies to keep the silent threat at bay. Pg 36 TECH FoR BANKINg

TECH FoR BANKINg

TECH RACE

All

IN!

Zero legacies gave private banks a jumpstart, but PSU banks got on IT fast tracks too—now both are eyeing mobile banking BY SHASHWAT DC

ph oTo Gr a ph Y: ph oTo S. Co M

Bhimsen, a reimagining of the Mahabharata. The tale was perfect for the experiment. For one, it provided plenty of dramatic tension—surely that should hold the reader. There was also the irony of fitting the world’s longest and arguably most philosophical epic into a micro-blogging site meant to keep your friends updated about your nonactivities (‘am in shower. shoot, phone got wet’). Plus, I really, liked the Mahabharata. And so began the Epicretold (www. twitter.com/epicretold). The first tweet had six-year-old Bhima standing wide-eyed at the Hastinapur palace, “staring at the lady with the black cloth over her eyes”, “disturbed, scared”, but unable to “look away”. A week later, he had his first confrontation with Duryodhana: He is taller, bigger, but I am stronger—born to the forest, not to palace maids. I leave him against the wall. In the months since, Bhima has captured quite some media attention, including that from the Time. Importantly, the ‘new new media’ has taken off: applications like Kobo, Stanza bring fiction to your mobile, publishers put out Twitter versions of the new work, the news media has climbed the mobile bandwagon (mostly with shovelware— shame!), and armchair academics like me are paid to research topics such as ‘episodic storytelling in the digital world’. Excuse me, I need to go now. Bhima is about to kill Baka.

iL LuST raT i o n : Bin eSh Sr ee Dh a r a n

Honestly, this wasn’t my idea. I just rolled with it. Late last July, in the midst of a busy workday, my colleague Bronwen turned to me. “Chindu, have you seen this?” “What?” “This article about mobile fiction.” It was about amateur novels being read as SMS on mobile phones. Apparently, Japanese teenagers were crazy about it. Bronwen sent more news. While the Japanese were, umm, thumbing through ‘portable novels’, elsewhere a very determined bunch was making its way through similar bursts of fiction, on Twitter. A new genre of narrative was emerging, a different kind of storytelling, on platforms that discouraged the traditional format. This was ‘fiction-to-go’, for the tech-savvy audience, for the smartphone addict. And this audience was growing, demanding more micro-content; it was only a matter of time before we produced micro versions of everything we put up on, well, the old ‘new’ media. The question then was: what kind of narrative will work on micro-blogs, and mobile sites? How should it be structured so readers stay with a story delivered in episodes? The best way to find out was to dive in. Soon enough, I was reading Prem Panicker’s

it next | A p r i l 2 0 1 0

ArOUND

crore banking transactions are done electronically every year

A p r i l 2 0 1 0 | it next

PSU banks have got on IT fast track and are eyeing for more. Pg 44