cio magazine may 2012 issue
DESCRIPTION
125 Big Ideas that will change a CIO's perspectiveTRANSCRIPT
Disaster Recovery Customer Needs Business Continuity Virtualization Cost Optimization Career Big Data Analytics Users Strategies Tactics Management Staffers Business Intelligence Cost ROI Opex Capex Back Up Cloud Computing SLAs E-mail Applications ERP CRM Vendors Cost Imperative Niche products Advice CFO CEO Economy Slowdown P&L Forecasting Sales Products Hardware Bottom Line
Change Management IaaS Supply Chain Customer Experience Training Incentives Business Acumen Enterprise In-memory Relationships PaaS Long Term Goals Business-IT Alignment CISO Stakeholders Social
Media Mobiles BYOD VDI Integration Consumerization of IT Best Practices Policy Governance Tablets Survey MDM Applications Store OS Cloud DR Outage Security Security Operations Use Cases Cloud
Broker Manageability Storage Drive Infrastructure Erasure Codes Semantic Data Models Hadoop Competition Disaster Recovery Customer Needs Business Continuity Big Data Analytics Users Users Business Intelligence Cost Cost ROI Opex SLAs E-mail Applications TCO Niche
products Advice Advice CFO Economy Sales Products Products Hardware Hardware Bottom Line Supply Chain
Customer Experience Training Enterprise In-memory Relationships PaaS Business-IT Alignment
Stakeholders IntegrationConsumerization of IT Survey MDM Applications Store Applications Store Cloud DR Outage Security Security Security Operations Use Cases Cloud Broker Manageability Storage Drive Infrastructure
Erasure Codes Semantic Data Models Customer Needs Virtualization
Cost Optimization Career Big Data Analytics Users Strategies Tactics Management Staffers Business Intelligence Cost ROI ROI Capex Back Up Cloud Computing SLAs Vendors
Cost Imperative Niche products Niche products Economy Sales Products Hardware Bottom Line Change Management
Supply Chain Customer Experience Training Incentives Business Acumen Enterprise In-memory Relationships PaaS Long Term GoalsBusiness-IT Alignment Social Media VDI Integration Consumerization of IT Best Practices Governance Tablets Survey MDM Applications Store OS Cloud DR Outage Security
Security Operations Operations Use Cases Use Cases Cloud Broker Manageability Storage Drive Infrastructure Erasure Codes Erasure Codes Semantic Data Models Hadoop Hadoop Competition Competition Disaster Recovery Customer Needs Business Continuity Virtualization Cost Optimization Career Big Data Analytics Users Strategies Tactics Management Staffers Business Intelligence Cost ROI Opex Capex Back Up Cloud Computing SLAs E-mail Applications ERP TCO CRM
Hadoop Virtualization
Strategies Opex
PaaS Social Media Best Practices
Cloud DR
Disaster Recovery
Supply Chain Enterprise
Business-IT Alignment
Operations Security Operations Operations
Hadoop
125 Hadoop
125 Hadoop
125 Hadoop
125 Competition
125 Competition
125Disaster Recovery
125Disaster Recovery Customer
125 Customer
Virtualization
125 Virtualization Cost Optimization
125 Cost Optimization Big
125 Big
Tactics 125 Tactics Management125Management125 Staffers 125 Staffers Business 125 Business 125 Back Up 125 Back Up 125Cloud Computing125Cloud Computing125 SLAs 125 SLAs CRM 125 CRM 125 Vendors 125 Vendors Cost Imperative 125 Cost Imperative Niche 125 Niche
Economy 125 Economy 125 Slowdown 125 Slowdown Slowdown 125 Slowdown 125Forecasting125Forecasting Sales 125 Sales Change Management 125 Change Management 125 IaaS 125 IaaS IaaS 125 IaaS Supply Chain 125 Supply Chain
Incentives 125 Incentives 125Business Acumen125Business Acumen125Enterprise125Enterprise Long Term 125 Long Term Goals125 Goals125 Business-IT Alignment 125 Business-IT Alignment Business-IT Alignment 125 Business-IT Alignment
Mobiles125Mobiles VDI 125 VDI Policy 125 Policy 125 125 Tablets 125 Tablets
Cloud DR 125
Cloud DR 125Outage Security125Outage Security125
Security 125
Security 125
Disaster Recovery
125Disaster Recovery
125 Cost Optimization
125 Cost Optimization
Management125Management Back Up 125 Back Up Cloud Computing125Cloud Computing125 Cost Imperative 125 Cost Imperative Slowdown 125 Slowdown 125 P&L 125 P&L P&L 125 P&L
Change Management 125 Change Management Business Acumen125Business Acumen
Long Term 125 Long Term 125 Goals125 Goals Goals125 GoalsMobiles125Mobiles125 BYOD 125 BYOD 125 VDI 125 VDI
Policy 125 Policy 125Governance125Governance125 Competition
125 Competition
Virtualization
125 Virtualization
Strategies 125 Strategies 125 Tactics 125 Tactics Opex 125 Opex Capex 125 Capex
TCO 125 TCO 125 CRM 125 CRM Economy 125 Economy 125 Change Management 125 Change Management Change Management 125 Change Management
Incentives 125 Incentives 125 Long Term 125 Long Term Long Term 125 Long Term Social Media 125 Social Media 125Mobiles125Mobiles Best Practices 125 Best Practices 125 Policy 125 Policy 125 Opex 125 Opex 125 Capex 125 Capex
TCO 125 TCO Economy 125 Economy
Bottom Line 125 Bottom Line Training 125 Training 125 PaaS 125 PaaS 125
Hadoop
125 Hadoop Competition
125 Competition
Virtualization
125 Virtualization
Strategies 125 Strategies Tactics 125 Tactics Opex 125 Opex 125 Capex 125 Capex
TCO 125 TCO CRM 125 CRM Economy 125 Economy
Bottom Line 125 Bottom Line Change Management 125 Change Management 125 Incentives 125 Incentives Incentives 125 Incentives PaaS 125 PaaS Long Term 125 Long Term
Social Media 125 Social Media Mobiles125Mobiles Best Practices 125 Best Practices Policy 125 Policy
Cloud DR 125
Cloud DR Outage Security125Outage Security125Disaster Recovery
125Disaster Recovery
Virtualization
125 Virtualization
125 Cost Optimization
125 Cost Optimization
125Management125Management125 Back Up 125 Back Up Cloud Computing125Cloud Computing Vendors 125 Vendors 125 Cost Imperative 125 Cost Imperative
Slowdown 125 Slowdown P&L 125 P&L 125 Change Management 125 Change Management 125Business Acumen125Business Acumen Long Term 125 Long Term Goals125 Goals Business-IT Alignment 125 Business-IT Alignment
Mobiles125Mobiles BYOD 125 BYOD VDI 125 VDI Policy 125 Policy Governance125Governance 125 Outage Security125Outage Security Security
125 Security
125Disaster Recovery
125Disaster Recovery
125 Customer
125 Customer
Cost Optimization
125 Cost Optimization
125 Career
125 Career
125 Big
125 Big
Staffers 125 Staffers 125 Business 125 Business Cloud Computing125Cloud Computing
Cost Imperative 125 Cost Imperative 125 Niche 125 Niche Forecasting125Forecasting125 Sales 125 Sales Sales 125 Sales
IaaS 125 IaaS Supply Chain 125 Supply Chain Enterprise125Enterprise
Business-IT Alignment 125 Business-IT Alignment VDI 125 VDI 125Integration125Integration
Tablets 125 Tablets 125 Survey 125 Survey Security
125 Security Operations
125 Operations
125 Business-IT Alignment 125 Business-IT Alignment Integration125Integration
Survey 125 Survey Operations
125 Operations
125Disaster Recovery
125Disaster Recovery
125 Customer
125 Customer
Cost Optimization
125 Cost Optimization Big
125 Big
Staffers 125 Staffers 125 Business 125 Business Cloud Computing125Cloud Computing SLAs 125 SLAs
Cost Imperative 125 Cost Imperative Niche 125 Niche Forecasting125Forecasting Sales 125 Sales
IaaS 125 IaaS 125 Supply Chain 125 Supply Chain Supply Chain 125 Supply Chain Enterprise125Enterprise
Business-IT Alignment 125 Business-IT Alignment VDI 125 VDI Integration125Integration125 Tablets 125 Tablets Survey 125 Survey Security
125 Security
125 Operations
125 Operations
Cost Optimization mCost Optimization Cost Optimization ACost Optimization Cost Optimization y 15, 2012 | Cost Optimization Cost Optimization `Cost Optimization Cost Optimization 100.00Cost Optimization www.CIO.INManagementwww.CIO.INManagement
Career Staffers
Cloud Computing
Big Data Business Intelligence
Cloud Computing SLAs
Cost Optimization Management Staffers
Cloud Computing
Cost Optimization ManagementBack Up
Policy Cloud DR
Manageability Semantic Data Models
Outage Security Storage
Hadoop Hadoop
125 Hadoop
Outage Security Manageability Storage
Policy Cloud DR Outage Security
Manageability Semantic Data Models
Policy Cloud DR
Broker Manageability Semantic Data Models
Disaster Recovery Cost Optimization ManagementBack Up Vendors Slowdown
Change Management Incentives Long Term
MediaPractices OS
Broker Semantic Data Models
Bu
Sin
eS
S
t
ec
hn
ol
og
y
l
ea
de
rS
hip
Customer Experience In-memory In-memory CISO Stakeholders
Consumerization of IT Applications Store
Use Cases Erasure Codes Disaster Recovery
Cost Optimization ManagementCloud Computing
Cost Imperative Forecasting IaaS
AcumenBusiness-IT Alignment VDI Integration Tablets Tablets Survey Survey
Manageability Storage Semantic Data Models Hadoop
Business Continuity Users Strategies
ROI Opex Applications ERP TCO
CFO CEO CEO Economy Economy Bottom Line Bottom Line
Customer Experience Training Training Relationships PaaS PaaS
Stakeholders Social Media Consumerization of IT Best Practices
Applications Store OS OS Cloud DR Cloud DR Use Cases Cloud Broker Manageability
Erasure Codes Semantic Data ModelsDisaster Recovery Customer Needs
Cost Optimization Career Management Staffers Staffers Business Intelligence Business Intelligence Cloud Computing SLAs
Cost Imperative Niche products Forecasting Sales Products
Supply Chain Customer ExperienceEnterprise In-memory
Business-IT Alignment CISOIntegration Consumerization of IT Consumerization of IT
Survey MDM MDM Applications Store Applications Store
Hadoop
Strategies Opex
PaaS Social Media Best Practices
Cloud DR
Storage Hadoop
Manageability Storage Semantic Data Models Hadoop
Use Cases Erasure Codes Disaster Recovery
Cost Optimization ManagementCloud Computing
Cost Imperative Forecasting
Supply Chain AcumenBusiness-IT Alignment
Integration
Cloud DR Outage Security Manageability
Semantic Data Models Hadoop Customer Needs Business Continuity
Big Data Analytics Business Intelligence Cost Cost
E-mail Applications Niche products Advice Advice CFO
Products Hardware Customer Experience
In-memory Relationships Stakeholders
Consumerization of IT Applications Store
Manageability Semantic Data Models
Customer Needs Career Big Data
Business Intelligence SLAs E-mail
Niche products Products Customer Experience
In-memory CISO
Consumerization of IT Applications Store
Outage Security Security Storage Drive
Hadoop Competition Business Continuity
Analytics Users Strategies Cost ROI ROI Opex Opex
Applications ERP TCO CEO Economy Economy
Hardware Bottom Line Change Management Customer Experience Training Incentives
Relationships PaaS Long Term Social Media
Best Practices Policy Policy Applications Store OS OS Cloud DR Cloud DR Outage Security
Storage Hadoop
Business ContinuityAnalytics
Cost Applications
CFO CEO CEO Hardware Bottom Line
Customer ExperienceRelationships
Stakeholders Social Media Consumerization of IT Best Practices Best Practices
Applications Store
Security Operations Operations Infrastructure
Competition CompetitionBusiness Continuity Virtualization
Strategies Tactics Capex Back Up Back Up
CRM Vendors Slowdown P&L P&L
Change Management Business
Long Term GoalsMobiles BYOD
Policy GovernanceOutage Security
Operations Operations Operations
Competition Business Continuity
Strategies Opex Capex Capex TCO CRM
Economy Slowdown Slowdown Change Management Incentives
Long Term Social Media Mobiles
Policy Outage Security
Virtualization Tactics Capex
Virtualization Strategies
Opex ERP
CEO Economy Bottom Line
Customer Experience Training Relationships PaaS
Stakeholders Social Consumerization of IT Best
Applications Store
the125th
issuespecial
Capex CRM
Capex CRM VOL/07 | ISSUE/07
That Use Cases That Use Cases Erasure Codes That Erasure Codes w
Use Cases w Use Cases w Cloud Broker w Cloud Broker Cloud Broker w Cloud Broker Erasure Codes w Erasure Codes Semantic Data ModelswSemantic Data Modelsill Change Your Perspective Cloud Broker ill Change Your Perspective Cloud Broker ill Change Your Perspective Manageability ill Change Your Perspective Manageability Manageability ill Change Your Perspective Manageability ill Change Your Perspective Storage ill Change Your Perspective Storage Storage ill Change Your Perspective Storage ill Change Your Perspective Drive ill Change Your Perspective Drive Drive ill Change Your Perspective Drive
Semantic Data Modelsill Change Your PerspectiveSemantic Data Modelsill Change Your Perspective Hadoop ill Change Your Perspective Hadoop Hadoop ill Change Your Perspective Hadoop ill Change Your Perspective Competition ill Change Your Perspective Competition Competition ill Change Your Perspective Competition
Cover_May2012_Dummy_proof.indd 84Cover_May2012_Dummy_proof.indd 84Cover_May2012_Dummy_proof.indd 84 5/11/2012 4:24:21 PM5/11/2012 4:24:21 PM
JN_India_CIO_V1.1.indd 4JN_India_CIO_V1.1.indd 4JN_India_CIO_V1.1.indd 4
Vijay Ramachandran, [email protected]
From The ediTor-in-ChieF
We are the Pilgrims, master; we shall go
Always a little further: it may be
Beyond the last blue mountain barred with snow,
Across that angry or that glimmering sea.
—James Elroy Flecker
At first glance the data from the CIO Mid-Year
Review Survey felt more like a nightmare vision, but a
closer look convinced me that true economic recovery,
while distant, was more of a mindset game than one
connected to external factors alone.
The true impact of an economy in flux seems to be
coming through in the responses of about 200 organizations and their CIOs to the study.
Shorter business horizons are leading to a host of short-term solutions being demanded
of CIOs. Multiple projects, fast rollouts and quicker change requests from business are
stressing IT teams, who now have to deal with a crushing workload.
Given this tactical nature of IT, it’s no surprise that close to 40 percent of CIOs
flagged shortage of time for strategic planning as one of their biggest barriers to
success. Unclear business expectations and inadequate in-house skillsets are only
making the situation worse.
Interestingly, just 17 percent of IT leaders said that they were inadequately funded!
Throw in the 49 percent who state unequivocally that their organization’s risk and growth
appetite remains high and a strange picture emerges. While the fear of stumbling exists,
a significant number of organizations seem to be hoping that the Darwinian nature of the
current slowdown will take out the competition.
And, more than a few are trying to widen the gap by actually making the right moves,
albeit cautiously. It’s heartening that more organizations have worked on creating better
customer connect than those that have focused primarily of cutting cost.
To get ahead, organizations need to punch through this slump. You need to use it to
your advantage by considering models like the cloud to give you the short-term tactical
advantage while trying to build cost variability as a longer-term strategy.
(Coming next month our analyses on data from the CIO Mid-Year Review Survey)
Break on Through Organizations need to leverage the slump by considering variable cost models to gain tactical advantage.
All rights reserved. No part of this publication may be reproduced by any means without prior written permission from the publisher. Address requests for customized reprints to
IDG Media Private Limited, Geetha Building, 49, 3rd Cross, Mission Road, Bangalore - 560 027, India. IDG Media Private Limited is an
IDG (International Data Group) company.
Printed and Published by Louis D’Mello on behalf of IDG Media Private Limited, Geetha Building, 49, 3rd Cross, Mission Road, Bangalore - 560 027.
Editor: Louis D’Mello Printed at Manipal Press Ltd., Press Corner, Tile Factory Road, Manipal, Udupi, Karnataka - 576 104.
IDG Offices in India are listed on the next page
Publisher, President & CeO Louis D’Mello
e d i tO r i a l
editOr-in-ChieF Vijay Ramachandran eXeCutiVe editOr Gunjan Trivedi Features editOr Sunil Shah seniOr COPy editOr Shardha Subramanian seniOr COrresPOndents Sneha Jha, Varsha Chidambaram COrresPOndents Debarati Roy, Shweta Rao, Shubhra Rishi PrOduCt manager Online Sreekant Sastry
C u stO m P u b l i s h i n g
PrinCiPal COrresPOndents Aditya Kelekar, Gopal Kishore COrresPOndent Vinay Kumaar
d e s i g n & P r O d u Ct i O n lead designers Jinan K.V., Jithesh C.C, Vikas Kapoor seniOr designers Unnikrishnan A.V. designers Amrita C. Roy, Sabrina Naresh, Lalita Ramakrishna PrOduCtiOn manager T. K. Karunakaran
e V e n ts & au d i e n C e d e V e lO P m e n t
ViCe President eVents Rupesh Sreedharan sr. managers PrOjeCts Ajay Adhikari, Chetan Acharya, Pooja Chhabra asst. manager Tharuna Paul seniOr eXeCutiVe Shwetha M. PrOjeCt COOrdinatOrs Archana Ganapathy, Saurabh Pradeep Patil
sa l e s & m a r k e t i n g
President sales & marketing Sudhir Kamath VP sales Sudhir Argula asst. VP sales Parul Singh agm marketing Siddharth Singh manager key aCCOunts Jaideep Marlur, Sakshee Bagri manager sales Varun Dev sr manager PrOjeCts Ajay S. Chakravarthy assOCiate marketing Anuradha Hariharan Iyer, Benjamin Anthony Jeevan Raj, Dinesh P., Rima Biswas asst. manager- sales suPPOrt Nadira Hyder
F i n a n C e & a d m i n
FinanCial COntrOller Sivaramakrishnan T. P. manager aCCOunts Sasi Kumar V. asst. manager Credit COntrOl Prachi Gupta
2 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Content,Editorial,Colophone.indd 2 5/22/2012 3:52:16 PM
Networks are complex. Your network performance management shouldn’t be. Decomplexify it with Riverbed Cascade.
Go to www.Riverbed.com/Cascade to see how Riverbed is Decomplexifying network performance management by enabling end-to-end visibility into the performance and troubleshooting of critical business applications.For any queries, please contact
[email protected] or+91 9845652826, +91 80 40300567
iT has forever been the long standing ally of
business. It has supported business processes, and
propelled innovation. Viewed from that perspective,
innovation has been the hallmark of IT. But I also
believe that IT innovation is very short-lived. IT
innovation can be replicated by competition in no
time. This goads IT to disrupt the status quo and
break the mould.
To help this foward movement, business needs
to challenge IT. CIOs must cultivate this approach
to help their organizations realize the strategic
advantages of IT. They should encourage business users to challenge IT. This is a
methodology wherein the business users of an organization take a hard look at their
business processes or any other matrix of the business. Then they identify areas where
there is scope for improvement. After this, users challenge the IT department to find
a solution.
At Maruti Suzuki, I instituted this culture five to six years ago. I put business users
in a workshop and asked them to jot down the current business matrix then I asked
them to identify performance gaps in the process. Once that is done, I encourage them
to challenge IT to re-engineer the process. When they do that I get them to collaborate
with IT to conceptualize the project. This way I tap into the collective ingenuity of
IT and business. For instance, our business users once challenged IT to improve
their forecasting mechanism. We worked with them to re-engineer the process and
delivered the desired results.
This approach augurs well for the enterprise. It sustains a culture of unfettered
innovation. It assuages the pain of change management. Since users themselves ask
for improvements and work towards making it more palatable they have no reason to
complain. It’s not like something that is forced on them.
However, IT and business users can imbibe this culture only if they are equipped
with a keen understanding of business processes. I also believe business should
budget these projects as this will intensify their ownership.
This culture cannot be developed overnight. But once it’s established, challenging
IT could be central to how organizations resolve business complexities, cross new
performance thresholds, and outwit competition.
gOVerning bOard
alOk kumar
VP & Global Head-Internal IT& Shared Services, TCS
amrita gangOtra
Director-IT (India & South Asia), Bharti Airtel
anil khOPkar
VP-MIS, Bajaj Auto
atul jayawant
President Corporate IT & Group CIO, Aditya Birla Group
C.n. ram
Group CIO, Essar Group
deVesh mathur
Chief Technology & Services Officer, HSBC
gOPal shukla
VP-Business Systems, Hindustan Coca-Cola
manish ChOksi
Chief-Corporate Strategy & CIO, Asian Paints
murali krishna k
SVP & Group Head CCD, Infosys Technologies
naVin Chadha
IT Director, Vodafone Essar
PraVir VOhra
Group Chief Technology Officer, ICICI Bank
rajeeV batra
CIO, Sistema Shyam Teleservices (MTS India)
rajesh uPPal
Executive Officer IT & CIO, Maruti Suzuki India
s. anantha sayana
Head-Corporate IT, L&T
sanjay jain
CIO & Head Global Transformation Practice, WNS
Global Services
sunil mehta
Sr. VP & Area Systems Director (Central Asia), JWT
V.V.r. babu
Group CIO, ITC
From The governing boArd
CIOs should encourage business users to challenge IT to foster a culture of innovation that outwits the competition.
Who Dares, Wins
Bangalore: Geetha Building, 49, 3rd Cross, Mission Road, Bangalore 560 027, Phone: 080-3053 0300, Fax: 3058 6065
Delhi: New Bridge Buisness Centers, 5th and 6th Floor, Tower-B, Technolopolis. Golf Course Road, Sector 54 Gurgaon- 122002, Haryana
Phone: 0124-4626256, Fax: 0124-4375888
Mumbai: 201, Madhava, Bandra Kurla Complex,Bandra (E), Mumbai 400 051, Phone: 022-3068 5000, Fax: 2659 2708
Rajesh Uppal, Executive Officer IT & CIO, Maruti
Suzuki India
4 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Content,Editorial,Colophone.indd 4 5/22/2012 3:52:19 PM
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates.
Runs Oracle10x Faster*
The World’s Fastest Database Machine• Hardware by Sun
• Software by Oracle
* But you have to be willing to spend 50% less on hardware.
10x faster based on comparing Oracle data warehouses on customer systems vs. Oracle Exadata Database Machines.
Potential savings based on total hardware costs. Oracle Database and options licenses not included. Actual results and savings may vary.
PRODUCTION NOTES
Fonts: Univers LT Std. 75 Black, 65 Bold, 55 Roman, 45 Light, 67 Bold Condensed, 57 Condensed
PUB NOTE: Please use center marks to align page.
Please examine these publication materials carefully. Any questions regarding the materials, please contact Darci Terlizzi (650) 506-9775
READER
01LASER% RELEASED
1/242012
Print Ad Resize
22.23 x 27.6cmCIO
(1st Right Hand Page Ad)
Job No.:Headline:
Date:Project:
Type:Live:Trim:
Bleed:
312M_EXD_10xFaster_CIORuns Oracle 10x Faster* 01/24/2012 APAC Regional FulfillmentMagazine 20.32cm x 25.72cm22.23cm x 27.6cm22.86cm x 28.26cm
125 125 125 125 125 125 40 | 125 BIG IDEAS FeATures | sTrATegy From your career to your team, and from your vendor to your boss, these 10 features will open up a world of possibilities for your success.
42 | What’s driving Analytics?
48 | getting storage big data ready
54 | Cloud dr: sending mixed signals
58 | easy integration with the Cloud
64 | Consumer Tech Takes over
70 | Customers F2F
78 | nabbing insider Crime
88 | virtualization on double duty
92 | Keeping iT up
96 |beyond the Cio role
voiCes | Cio role And CAreerIT leaders from India's most prestigious organizations tell you what you need to know to become a better CIO—work-wise and otherwise.
22 | What have you done to ensure that ‘Cio’ does not stand for ‘Career is over’?
25 | best Piece of Advice you've given your staff
47 | how do you Keep iT staff Continually inspired to excel?
51 | An interview Question you like to Ask staffers When you
are recruiting
may 15, 2012 | Vol/7 | issue/07
CO
VE
R D
ES
IGN
By
VIK
AS
KA
PO
OR
contents
/7 | ISSUE/066 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
52 | moment of Truth: one Thing you’d like From your Technology
Provider
61 | What has been your biggest
Achievement This year?
62 | in your role as an iT leader, What has been your greatest
learning Till date?
67 | What Advice Would you give your CFo to Tackle the Current economic reality?
vieWs From The ToP:twenty-five of india's finest CeOs share their views on it and the CiO role.
departments
contents (cont.)
Columns24 | What About my Feelings? staff management You need to teach your staff that fixing user problems doesn't get the job done—and it won't be until they deal with user emotions.Column by Paul Glen
26 | in the hot seatunderCover oFFiCer One man’s adventure into the interviewing process for a CSO position. Column by an anonymous CSO
31 | Three Keys to Tomorrow Cio role Three things IT leaders need to do to move the CIO role forward .Column by Pravir Vohra
52
Case Files118 | Carzonrentrevenue mAnAgemenT Carzonrent puts in place a robust revenue management system after it loses track of 1.4 percent of its transactions.by sneha jha
120 | FlipkartinnovATion By using a system that allows Flipkart’s engineers to launch
52By using a system that allows Flipkart’s engineers to launch
52multiple versions of its website in real time, IT drives a new level of innovation.52multiple versions of its website in real time, IT drives a new level of innovation.52by Varsha Chidambaram
54
36
AlTernATive vieWs:how smart are monetary incentives?Is dangling money in front of your staff the best way to increase productivity and retain employees? Two CIOs debate.
VOL/7 | ISSUE/07/7 | ISSUE/078 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
2 | From the editor-in-Chief Break on ThroughBy Vijay Ramachandran
4 | From the Governing Board Innovation | Who Dares, Wins
By Rajesh Uppal, Maruti Suzuki India
11 | trendlines Innovation | Bump to Create CashQuick Take | Increasing Budgets in a SlowdownVoices | Lessons from Abhishek SinghviRetail | Trial BlazingInternet | Facebook ‘Likes’ and Your JobPopular Science | NASA Finds a New Sun GodVirtualization | Challenges Go Poof!Consumer Tech | BYOD in, Productivity UpCareer | Four Must-Dos for CIOs Online
16 | alert BYOD | The Inmates Have Control!
Legal | Indian Cyberlaw: Liability of CIOs
141 | essential technology IT Management | A Single Pane of Glass
Mobile | Time for Mobile Virtualization?
152 | 5 things I've Learnt The Voice of Experience | Alagu Balaraman, former CIO and current partner & MD India Operations CGN & Associates
AdverTiser index
This index is provided as an additional service. The publisher does not assume any liabilities for errors or omissions.
[CIO HOMEPAGE]
CiO.in revamps!To serve your needs better, we've redesigned cio.in. Now you'll be able to navigate content more easily, and quickly see the stories that demand your attention. We also have more surveys and more case studies!
Cio online
[BOOK CLUB]Conversation starter
Books have been known to spark conversations and on our website you can find the genesis of one. Learn what your peers think of a book and then visit the all new CIO Book Club section online and join the conversation with your peers. >> www.cio.in/bookclub
[DEBATE]is money the best way to retain employees?We invited two CIOs to kick-start a debate on whether money is the best way to hold on to staff. Read all about it in alternative Views (page 36). Which side are you on? We also have more debates for you on www.cio.in
Job Rotation: Harmful or Helpful? ayes Vs Naysayes Vs NaysaAre We Ready for Big Data?ayes Vs Naysayes Vs NaysaIs Jugaad a Good Thing?ayes Vs Naysayes Vs Naysa>> www.cio.in/cio-debates
must read @cio.in
>> Alert: Indian Cyberlaw: Liability of CIOs>> Column: Three Keys to Tomorrow>> Feature: 5 Things I've Learnt
CIOinO.in
accelPro Technologies India Pvt. Ltd. 15
BenQ India Pvt. Ltd 9
Bharti airtel Limited 57+ Belly Band
Ca (India)Technologies Pvt. Ltd 19
Cicso Systems (India) Pvt.Ltd 21
Ctrl S Datacenters Ltd 7
Dell India Pvt. Ltd 38 & 39
Eaton Power Quality Pvt. Ltd 13
Fujitsu India Pvt. Ltd 23
HCL Comnet Ltd 33, 34 & 35
HID India Pvt. Ltd 17
IBM India Pvt. Ltd 1
Juniper Networks India Pvt. Ltd IFC
Lenovo India Pvt. Ltd IBC
Oracle India Pvt.Ltd 5
Riverbed Technology India Pvt. Ltd. 3
SaS Institute (India) Pvt Ltd 27
Tata Consultancy Services 121 to 128
Tulip Telecom Ltd BC
[Case File]sold On innovationBy using a system that allows Flipkart’s engineers to launch multiple versions of its website in real time, IT drives a new level of innovation.>> www.cio.in
VOL/7 | ISSUE/071 0 1 0 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Content,Editorial,Colophone.indd 10Content,Editorial,Colophone.indd 10Content,Editorial,Colophone.indd 10 5/22/2012 3:53:09 PM5/22/2012 3:53:09 PM
I n n o v a t I o n Startup Bump Labs threw its hat into the crowded mobile payments ring by launching an app that allows people to exchange money by tapping their phones together.
The app, called Bump Pay, builds on the company’s core technology, which enables two smartphones using Bump apps to transfer data by being tapped together. Unlike NFC (near-field communication), which Google and others are promoting for mobile payments, Bump requires physical contact between devices. The company’s current app, called Bump, allows users to transfer contact information and photos.
To use Bump Pay, a user types in how much money he or she wants to send and then bumps phones with the intended recipient. Bump’s software determines which two phones collided. The app then transfers funds from one user’s PayPal account to the other’s. Both users must have previously
downloaded the app and linked it to their PayPal accounts. “Bump Pay is interesting because of its novelty, which may spur trial, but being within arm’s reach of the person you’re paying back is not always convenient and will limit its usefulness,” said Denee Carrington, an analyst with Forrester Research.
But Chris Silva, an Altimeter Group analyst, sees proximity as the right approach, “People are just so paranoid about using any type of technology where there’s a transaction taking place
and you’re not actually exchanging funds or a card. I think it makes sense for what people are going to feel comfortable using,” says Silva.
As for the security of the app, Silva notes that some Bump Pay users could claim that they
had accidentally tapped another person’s phone, and thus attempt to recoup their
funds. “There’s a risk, but it’s almost completely borne by the credit card
issuers and the banks.” —By Cameron Scott
As for the security of the app, Silva notes that
n e w * h o t * u n e x p e c t e dn e wn e w * h o t * u n e x p e c t e d
I t B u d g e t In a world dominated by shrinking IT budgets, some CIOs say their IT budgets have increased this year. One of them is K. N. C. Nair, CIO, Muthoot Group. Shweta Rao spoke to him to find out what this means to IT and his organization.
Has the global economic slowdown affected your IT budget this year?Not much. Muthoot Group exhibited growth even during the 2008 recession. That gave us the confidence to step into 2012. In fact, we have increased our IT budget by 50-60 percent this year.
Where are you planning to invest?About 60 percent of the IT budget will be dedicated to a core banking solution. The rest would be spent on system upgrades, HRMS and CRM. Our aggressive growth is forcing us to straighten our central operations so that we stay competitive. A core banking solution will help reduce IT infrastructure spending by 10 percent and enable us to invest in more business and mission-oriented projects.
Increasing Budgets in a Slowdown Despite the budget increase, responsible spending will always be
a challenge. How do you plan to tackle it?Continuing to do more with what you have is always better than doing more with less. The trick is figuring out how to efficiently embrace a new technology while getting rid of legacy systems. Also, I think the importance of testing a rollout is terribly underplayed these days. It provides a great learning experience and helps pre-empt unfortunate encounters. Good feedback has helped me avoid over-spending on more
than one occasion. One must have user focus groups to receive good feedback.
What would you advice CIOs facing budget cuts?With shrinking budgets, technology will be a key component in keeping critical operations on track. But that won’t suffice. Ideas like decremental budgeting can come to the rescue when working with reduced budgets. CIOs also need find innovative ways to solve to everyday problems that don’t require expensive solutions.K.N.C. Nair
E D I T E D B Y s h a r D h a s u B r a m a n I a n
QUICK TAKE:
Bump to Create Cash
Can't Heal Acne,
REAL CIO WORLD | M a y 1 5 , 2 0 1 2 1 1Vol/7 | ISSUE/07
tr
en
dl
Ine
s
Trendline_april 2012.indd 11Trendline_april 2012.indd 11Trendline_april 2012.indd 11Trendline_april 2012.indd 11Trendline_april 2012.indd 11
tr
en
dl
Ine
s
s e c u r I t y The recent controversy surrounding Congress party’s former spokesperson Abhishek Manu Singhvi, where his video was posted on a social media platform brings up an important question: Are technological advancements posing a threat to our own security? Shweta Rao asked your peers if they agreed.
SIDDEgOWDA SUDHAKARHead-IT, Majid Al Futtaim (Fashion)
“Instant access to information is making us less sensitive and less capable of understanding individual rights on our own. and social networking sites are loud, glass houses and the lack of physical contact over these sites lowers users’ natural defenses making them prone to distress.”
MAn MOHAn gOyALHead-IT, Phillips Carbon Black
“Today’s highly networked world allows for a faster and
more free flow of information and more exposure than before. But, technology advancement is a natural process and cannot be stopped. Every new technology is going to take us by surprise and make us vulnerable in some areas. But, like always, we soon learn to adapt, adopt and evolve.”
VALERIO FERnAnDES GM-IT, Continental Automotive Components India
“Technological improvement definitely poses a threat to individual and social security if not handled properly because it has the potential to be intrusive and devastatingly destructive. The world has raced towards embracing technology while significant loopholes still exist.”
VOICES: Lessons From Abhishek Manu Singhvi
Vol/7 | ISSUE/071 2 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
r e t a I l The cavemen must have been a happier lot. For one, they weren’t forced to live with the social-induced pressure of dressing up. Imagine the hours we could save waiting outside trial rooms.
Now, for the first time, one Indian company is trying to give shoppers back those hours—and still keep their shirts on.
According to a poll of 2,000 shoppers by market research firm OnePoll.com, women spend about 399 hours and 46 minutes on 301 shopping trips a year. That’s eight-and-a-half years worth of retail therapy if you live till 63. Yet, a lot of it is spent uncomfortably waiting outside or using clammy changing rooms swamped with other people’s bad taste.
A Hyderabad-based startup, Imaginate, offers customers the chance to be spared that fate with a shopping assistant it calls TRIALAR, a digital apparel and jewelry trial room platform.
More simply, TRIALAR combines HD cameras, a flat HD/LCD panel display, and Intel core advanced CPUs to allow shoppers to see how they look in clothing—without having to try them on. Using HD cameras, the system captures a customer’s measurements and allows them to choose clothes or jewelry from a digital catalogue—something most retailers with e-commerce abilities already have. And thanks to a multi-screen display, shoppers can compare how they look in different colors.
“We hope to save shoppers time standing in queues and trying on various items. And it allows retail stores to eliminate the damage that occurs when shoppers try out clothes,” says Hemant Sathyanarayana, CEO of Imaginate Software Labs.
Motion sensors around the display screen can recognize when a shopper wants to move to the next item by making a flipping gesture, tablet style.
“We cut out the touch screen option because that would force a shopper to keep stepping back and forth while making a choice,” says Sathyanarayana.
The system also displays additional information like fabric—or whether a celebrity wore something similar. And an analytics-based engine can throw up intelligent ‘you-may-also-like-these’ options.
e-Retailers can incorporate webTRIALAR for their online shopping websites. Online customers can use webcams or upload their pictures to virtually try out clothes—encouraging buyers who want to see how they look before making a purchase. Imaginate is currently developing mobTRIALAR, its mobile version on multiple platforms including Android, iPhone, and Windows 7.
— By Debarati Roy
tr
en
dl
Ine
s
Trial Blazing
Ima
gE
S b
y p
ho
to
S.c
om
Trendline_april 2012.indd 12 5/11/2012 4:38:23 PM
P o P u l a r s c I e n c e Could satellites one day beam solar energy back to Earth? It could be possible, thanks to a new research project. There have been some incredible advances in solar power technology over the years, ranging from simple solar panels to solar-thermal power and more efficient panels. But NASA scientists believe the next step in maximizing sun-based energy will come from satellites that would beam harvested solar power down to Earth.
The idea is to use a satellite with an array of mirrors to collect energy from the Sun and send it back to Earth via a Microwave beam. It might sound like another crazy death ray beam, but NASA thinks that it’s realistic enough that they’ve funded the Artemis Innovation Management Solutions group to develop its Solar Power Satellite via Arbitrarily Large PHased Array (SPS-ALPHA).
The array will feature a modular, tulip shaped satellite equipped with thin-film mirrors to reflect sunlight into photovoltaic cells. The collected solar energy will be converted into microwaves that will then be transmitted back to a receiving station on Earth at a low frequency and intensity.
Power plants on Earth will be able to convert the Microwave energy into electricity and add it to the power grid. NASA says that each array system could create anywhere from tens to thousands of megawatts of energy.
Since the satellite array will use so many small, lightweight parts, it will also be simpler and cheaper to build than previous solar-power satellite methods. Instead of building a gigantic array on Earth and launching into space, scientists could send parts up into space on current cargo spacecraft so they could be assembled in orbit (much like a space station).
NASA has been looking into satellite energy-beaming concepts for some time, but none have been as promising as SPS-ALPHA.
—By Kevin Lee
I n t e r n e t Facebook “likes” could get you fired, and if you take your employer to court over the punishment you may have an uphill legal battle.
that’s what some plaintiffs found when they took the matter to the US District court for Eastern Virginia. In the case bland versus Roberts, the plaintiffs, who had worked in the hampton, Sheriff’s office under b.J. Roberts—who was running for re-election against Jim adams—asserted that doing things to support their boss’ opponent eventually got them fired once Roberts had secured his seat. Such activities included placing a pro-adams bumper sticker on one of their cars, attending an adams-sponsored cookout, and “liking” adams’ Facebook page.
the court said Roberts was not aware of these activities, except for the Facebook endorsements. Even so, his knowledge of the “likes” was inconsequential, said the court.
“[Roberts’] knowledge of the posts only becomes relevant if the court finds the activity of liking a Facebook page to be constitutionally protected. It is the court’s conclusion that merely “liking” a Facebook page is insufficient speech to merit constitutional protection,” the court said. lawyer Venkat balasubramani disagrees. “the court veered off course in concluding that a Facebook like is not speech.” he said. “maybe the court slept through many other instances of online activism in the past five years.”
—by christina Desmarais
Facebook ‘Likes’ Could Make you Jobless
NASA Finds a New Sun God
Source:cIo Research
Inadequate in-house skill sets Inadequate in-house skill sets necessary for the migration
Inadequate in-house skill sets necessary for the migration
Inadequate in-house skill sets Inadequate in-house skill sets necessary for the migration
Inadequate in-house skill sets
go Virtualization Challenges
v I r t u a l I z a t I o n Indian CIOs show a new level of ease with virtualization when asked what their biggest issue with running mission-critical apps in a virtual environment was.
36%No issues
at all
necessary for the migrationnecessary for the migrationnecessary for the migrationnecessary for the migrationnecessary for the migrationnecessary for the migrationnecessary for the migration
go Virtualization Challenges
v I r t u a lr t u a lr t u a lr t u a lr t u a l I z a tz a tz a tz a tz a tz a t I o n Indian CIOs show a new level of ease
P of! P P P ooooo
25%
Increased latency & performance issuesIncreased latency & performance issuesIncreased latency &
11%
10%
problems with back-up
2%
governance, risk & compliance issues
9%
application workload difficult to define
8%
Some applications are not good candidates
for virtualization
running mission-critical apps in a virtual environment was.
tr
en
dl
Ine
s
Vol/7 | ISSUE/071 4 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Trendline_april 2012.indd 14Trendline_april 2012.indd 14 5/11/2012 4:38:26 PM5/11/2012 4:38:26 PM
c a r e e r Executives exploring options outside their current company are often in need of job search etiquette tips. Especially since the immediacy and transparency of today’s technology can easily create an uncomfortable situation. So how can you avoid being “that guy” while still incorporating social networking tools into your job hunt?
a good first rule of thumb: If you find yourself hesitating before clicking send, stop and review what you’re doing. laying the right groundwork with your network can also help protect your reputation.Organize your contacts by trust level. Say you’ve decided it’s time to look for a new job and want to begin to contact people in your network. you should be building concentric you should be building concentric ycircles based on trust levels and initiate contact with your core trusted resources first. never talk trash. bashing your current employer to professional contacts is never acceptable. too many too many tnetworking conversations begin with, “of course this must be
kept confidential, but so-and-so said...” Dishing dirt is infinitely appealing, but the world we work in is a small one. It’s far too easy for your name to be sullied when you toss around negative opinions.Be direct in your requests for help. Job seekers commonly make the mistake of being too hesitant to ask for help right off the bat. Don’t simply ask networking contacts to keep you on their radar screen. most of us have about 5,000 people on our radar screens that we’ve completely forgotten about. We all have good intentions when we use that phrase, but it’s too passive to be effective. Be present online. capitalize on tools such as linkedIn and use your status updates wisely. Share an article once a month. twice a month, swap out a book on your twice a month, swap out a book on your t amazon reading list. Regularly look for industry events or webinars and indicate you’re interested in attending, or join a professional group.
—by Kristen lamoreaux
Four Must-Dos for CIOs Online
30 X times faster than conventional SSL VPN Only True Enterprise/ISP level SSL VPN available in the market with Zero Support Calls TCP Optimization, WAN Acceleration, DLP, ANAC, End Point Compliance, Next Generation VPN all
features inbuilt into Single Product.
ADITyAyAy MALHOTRA, Co-Founder & CEO accelPro Technologies India Pvt. Ltd
[email protected] [email protected] [email protected]: +91 9871288832, +91 9911430044
Fast, secure Full remote access From anywhere
“We have evaluated all the available SSL VPN products in our environment and AccelPro could give us the best performance. We are also using AccelPro instead of international MPLS to connect our international offices, delivering VC, Voice and enterprise applications”
SREEnIVASREDDy RIVASREDDy RIVASREDD AnABOTHU,aGM - Corporate IT, LaNCO Infratech Ltd.
“We have evaluated all the available SSL VPN products in our environment and AccelPro could give us the best performance. We are also using AccelPro instead of international MPLS to connect our international offices, delivering VC, Voice and enterprise applications”
Sa
“AccelPro is a true Next Generation VPN product with very good performance and unmatched engineering support and is best suited for ISP environments, we are highly satisfied with their technology and support.”
MAnISH TRIPATHI,Product Manager, Tulip Telecom
“AccelPro is a true Next Generation VPN product with very good performance and unmatched engineering support and is best suited for ISP environments, we are highly satisfied with their technology and support.”
MProduct Manager, Tulip Telecom
When you talk about mission critical enterprise deployments, no other product can match the performance of AccelPro, Aditya Malhotra gives you three reasons which makes AccelPro a clear choice for ISP and Enterprise customers.
ACCELPROCustom solutions Group
tr
en
dl
Ine
s
Trendline_april 2012.indd 15Trendline_april 2012.indd 15 5/11/2012 4:38:28 PM5/11/2012 4:38:28 PM
alert
Mobile devices are multiplying and—sanctioned or unsanctioned—finding
their way onto corporate networks. For IT pros, the influx of personal mobile devices to the corporate network is raising security concerns, creating management challenges, and swamping the help desk with support calls.
In a survey of 400 IT pros jointly conducted by Network World (a sister publication to CIO) and SolarWinds, respondents shared a wide range of tactics for handling the mobile device management challenge.
For starters, the majority of respondents said their companies issue mobile devices that can access the corporate network, including laptops, tablets and smartphones. BlackBerry devices, iPhones and Android devices are among the most common corporate-issued smartphones, cited by 48 percent, 46 percent and 38 percent of respondents, respectively.
Just 15 percent said their companies don’t issue mobile devices with network access. Tellingly, some of respondents whose companies don’t issue mobile devices said there’s opportunity for end users to bring personal devices to work—the bring-your-own-device, or BYOD, trend—and receive support from corporate IT.
“We provide a monthly stipend where users can BYOD for smartphones,” one respondent said.
“We don’t issue mobile devices, but users who own their own mobile devices can access the corporate network once they have received IT permission,” another respondent said.
The BYOD trend is not universally embraced, however. In the pro-BYOD camp, 59 percent of respondents say there are no device restrictions when
it comes to employee-owned devices that are allowed to access the corporate network. (However, access is limited to specific Web apps or segregated
virtual networks.)When asked why
companies decided not to allow personal mobile devices, responses varied. Many were absolute: “If it is not company-owned, it does not touch our network,” one respondent stated. Another said
there’s “no need to have personal devices on the network when the company provides every resource necessary to do your job.”
Respondents also expressed security concerns and IT support challenges. They cited the potential for loss of confidential data; legal issues and regulatory compliance risks; and the management burden associated with supporting diverse device types.
EntErprisE risk ManagEMEnt
IM
AG
ES
by
PH
OT
OS
.CO
M
“The Inmates Have Control!”
fin
din
gs
VOl/7 | ISSUE/071 6 m a y 1 5 , 2 0 1 2 | REAL CiO WORLd
SOUrCE: NETwOrk wOrld ANd SOlArwINdS
Monitoring the MadnessIs byOd really a security threat? It’s hard to say, especially with many IT departments not monitoring mobile devices. 23%
of organizations aren’t sure if non-company-issued mobile devices
have been responsible for a security breach.
BYOD Duh How confident are you that you know of all the personal mobile devices on your network?
5%No clue
26%Somewhat confident
16%Certain
30%Very confident
23%Not at all confident
Alert_May2012.indd 18 5/11/2012 3:34:17 PM
Whether your organization needs a contact smart card for secure log-in, digital signature or secure remote access, or you
require the most convenient two-factor authentication solution, HID Global’s OMNIKEY® contact and contactless smart
card readers provide a fast and reliable solution. Compliant with industry standards, OMNIKEY contact and contactless
readers are compatible with virtually any smart card, any operating system and a variety of applications. Available in
numerous form factors, OMNIKEY readers offer a risk-appropriate choice for any organization.
For information on HID Global’s innovative line of smart card readers, visit hidglobal.com/smartcard/CIO
Convenience meets Security at the desktop. Convenience meets Security at the desktop.
The Logical Choicefor Security
HID_Omnikey_CORP_CIO.indd 1HID_Omnikey_CORP_CIO.indd 1HID_Omnikey_CORP_CIO.indd 1HID_Omnikey_CORP_CIO.indd 1HID_Omnikey_CORP_CIO.indd 1HID_Omnikey_CORP_CIO.indd 1HID_Omnikey_CORP_CIO.indd 1HID_Omnikey_CORP_CIO.indd 1HID_Omnikey_CORP_CIO.indd 1HID_Omnikey_CORP_CIO.indd 1 5/3/11 9:15 AM5/3/11 9:15 AM5/3/11 9:15 AM5/3/11 9:15 AM
If employees use personal devices, “in our experience they expect the IT dept. to support those devices, and we have a strict policy against supporting devices we didn’t issue,” said one respondent.
“Most often these devices are using pirated software, have been infected from home, or are being utilized to do non-work-related stuff,” another said. “We have not set up a method to segregate these from our production network, so for now they are not allowed.”
Unsurprisingly, permission to access the network is not always clear-cut. Some respondents said exceptions are made for certain job roles (and certain executives).
Nor is it always clear how often employees bring their own devices to work. Asked if they knew about all the personal mobile devices with access to the corporate network, respondents expressed varying degrees of certainty. Sixteen percent said they are certain, 30 percent are very confident, and 26 percent are somewhat confident. Meanwhile, 23 percent said they are not at all confident, and 4 percent saud they have no clue.
The BYOd EffectDespite myriad security concerns and manageability challenges, there are
EntErprisE risk managEmEntalert
positive effects associated with the BYOD trend. Among respondents whose companies allow personal mobile devices to access the corporate network, 46 percent said it increased productivity among end users. A nearly similar number (47 percent) said it has increased end users’ ability to work from home.
In some cases, having a BYOD policy has positively impacted employee relations. BYOD has “improved employee attraction and retention,” one respondent said. “We have seen a change in morale,” another noted. The policy has “increased job satisfaction for the employee and satisfaction with central corporate IT’s customer service,” another concluded.
Just 5 percent said allowing personal mobile devices to access the corporate network decreased employee productivity, and 28 percent said they haven’t seen any change in behavior.
On the security front, respondents were asked if a non-company-issued mobile device has been responsible for a security breach on the company network. Just 6 percent said yes, while 67 percent said no and 23 percent said they’re unsure.
Among the respondents with anecdotes about BYOD-spawned security incidents, the most commonly cited culprits were
personal laptops that introduced a virus on the company network.
On the support front, nearly two-thirds of survey respondents are in agreement on one particular BYOD issue: They need management help.
When asked if they have the necessary tools in place to manage non-company-issued mobile devices on the network, 65 percent said no, 28 percent said yes, and 7 percent said they’re not sure.
With the increased use of mobile devices, 44 percent of respondents said they’ve experienced an increase in helpdesk requests, 41 percent said they’ve experienced an increase in network traffic, and 16 percent said they’ve experienced an increase in security issues. Just over 14 percent said they’ve seen an increase in all three of those areas. Yet, 28 percent said they’ve experienced none of those upticks.
One respondent said the management overhead is significant since “we needed to outsource mobile phone device management to keep up with demand.”
Respondents said they’re employing a wide range of vendor tools and security tactics in order to provide safe, productive mobile access. Usage policies vary, and many are works in progress. Determining security policies that can be reasonably enforced on personal mobile devices is tricky. In some cases, companies have found they need to rethink blanket bans on personal devices at work as the BYOD trend gains momentum. To ignore the trend could be a big gamble.
“Our current policy disallows all personal devices on the corporate network. However, we’re not enforcing this. We are in the process of developing a useful/enforceable version of the policy,” one respondent said.
Put another way, another survey respondent humorously noted the mobile device management challenge is constantly evolving “because the inmates of the asylum have control.” CiO
ann Bednarz is associate news editor for NetworkWorld.
Send feedback to [email protected]
VOl/7 | ISSUE/071 8 m a y 1 5 , 2 0 1 2 | REAL CiO WORLd
Now, Hyperspeed SignallingSecurity engineers at the University of Tulsa have found a way to identify cyber attacks before they reach their target, enabling network administrators to take pre-emptive measures to protect their IT systems. In a report published in the International Journal of Critical Infrastructure Protection, engineers explained that slowing traffic by just a few milliseconds can give networks time to identify malicious data packets. The team have developed an algorithm that sends high-speed signals flying ahead of the malware to mobilize defences.
“Hyperspeed signalling uses optimal (hyperspeed) paths to transmit high priority traffic while other traffic is sent along suboptimal (slower) paths,” stated the report. “Slowing the traffic ever so slightly enables the faster command and control messages to implement sophisticated network defence mechanisms.”
but one of the report’s authors, Sujeet Shenoi, admitted that adapting an existing network to run the algorithm would not be cheap. Further, the system is only as good as the threat sensors that pick up the impending attack.
— by Sophie Curtis
Alert_May2012.indd 20 5/11/2012 3:34:18 PM
can you keep your data secure in the cloud?you canYou may feel more secure working in your own, private environment. Many IT professionals feel the same way. But the world is demanding more innovation, greater agility and higher levels of responsiveness. That means cloud.
We can help you “embrace the cloud” in ways that will help you achieve the kind of business agility you need to drive tomorrow’s success. Talk to us about ways to simplify, secure and accelerate—even from the most heterogeneous of computing environments.
For more information on how our cloud management solutions can help you simplify, secure and accelerate IT, visit ca.com/in
Copyright © 2012 CA. All rights reserved.
DATE: 9/3/12SIZE: 22.23cm x 27.6cm 0.33cm bleed
ADVERTISER: CA TechnologiesPUB: CIO India MagazineISSUE: April 2012
560 Harrison Ave., Suite 503 | Boston, MA 02118 617.338.4441
ca_datasecure_cioindia.indd 1 3/9/12 3:57 PM
EnTErprIsE rIskalert
OnE::LinEr
april 2012 is the first anniversary of the coming into force
of extremely significant rules which impact the use of computers, computer systems, computer networks, computer resources and communication devices.
The Information Technology Rules, 2011 were enacted and implemented in April, 2011. Does the CIO really need to take into consideration the Information Technology Act, 2000 and rules made there under? Should CIOs be really concerned with legal aspects concerning use of computers, computer systems, computer networks, computer resources and communication devices? The answers to all these questions is a resounding yes. Today’s CIOs need to be extremely alive and aware of the legalities impacting the use of computers, computer systems, computer networks, computer resources and communication devices. CIOs today cannot say that the legalities concerning computers, computer systems, computer networks, computer resources and communication devices have to be looked after only by the company’s legal department. On the contrary, a CIO is an integral element of the mindshare that has to be applied in the direction of ensuring compliances with the law.
Today’s CIOs have to ensure compliances with the parameters of the Information Technology Act, 2000. The Information Technology Act, 2000 as amended by the Information Technology (Amendment) Act, 2008 has put a tremendous focus on compliances. These compliances have become more critical and important in today’s context. Information Technology Rules, 2011 have further reinforced the need for consistent compliances by companies.
The immediate downside of non-compliances is potential exposure for the company and its top
management to two different kinds of liability for top management. The first
exposure is liability of a civil nature which will expose a
company’s top management to the liability of paying potential damages
by way of compensation of up to Rs 5 crore per contravention.
The second exposure that the company’s top management needs to be ready for is exposure to potential criminal consequences. The law of the land is very clear: If a contravention is committed by a company, then every person responsible for running its affairs shall be deemed to be guilty of the said offence and are liable for punishment accordingly. Of course, it will still be up to the top management to escape liability if they are able to show that the said contravention happened without their knowledge or that despite the exercise of due diligence they still could not prevent the commission of any contravention under the law. The exposure to potential criminal consequences for the top management could include imprisonment ranging from three years to life imprisonment and a fine ranging from Rs 1 lakh to Rs 10 lakh under various provisions of Chapter XI of the amended Information Technology Act, 2000.
Today, CIOs have to insist that their companies are compliant with the provisions of the Information Technology Act, 2000 and rules and regulations made there under. Compliance, compliance and compliance is the only way forward for achieving CIO nirvana. CiO
Pavan Duggal is asia’s and India’s foremost expert and authority on cyberlaw
and mobile law and is a practicing advocate, Supreme Court of India. Send
feedback to [email protected]
he problem with BYOD is you can’t disable functions like cameras and UsB
because it’s the employee’s device. Makwana, Vp and Head Datacenter & Information p and Head Datacenter & Information p security Officer, Dsp Blackrock
Investment Managers
Pavan Duggal, Advocate, Supreme Court of India
The Indian goverment is planning to spend an estimated rs 800 crore to set up an ‘Internet scanning agency’ that will monitor all web traffic passing through
Internet service providers in the country. It’s calling it the National Cyber Coordination Centre.
[ LEgaL EagLE]
indian Cyberlaw
: Liability of C
iOs
VOl/7 | ISSUE/072 0 m a y 1 5 , 2 0 1 2 | REAL CiO WORLd
is potential exposure for the company and its top
the problem with BYOD is you can’t disable functions like cameras and Uports because it’s the employee’s device.
—parparp EsH Makwana,
Vol/7 | ISSUE/072 2 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
What Have You Done to Ensure that ‘CIO’ Does Not Stand for ‘Career is Over’?
the125th
issuespecial
“All CIOs need to realize that Change Is Obvious and resort to an interchanging DR (Department Role) strategy. This will give them the necessary edge and transform into excellent CIOs.”Ashok R.V., Vice President (Information Systems), Sundaram Clayton
“Moving to the role of a global CIO would be my next step. This shared services role requires collaborating with finance, HR, etcetera, and requires both an understanding of tech and strategy.”S. Narayanan, Group IT Manager–Infrastructure & Security, Group IT Manager–Infrastructure & Security, Hindustan Unilever
“IT is transforming business and this has given the CIO role a much-needed edge. Today, new innovations are born everyday; your career is far from over if you stay focused.”Rakesh Mishra, GM-IT&C, Jindal Steel and Power
“CIOs should lead the e-business initiatives of their companies. It’s a new revenue channel that adds to the company’s bottomline. CIOs also need to align with CMOs to give direction to digital marketing initiatives.”Mohit Agarwal, CIO, Carnation
“IT is transforming business and this has given much-needed edge. Today, new innovations are born everyday; from over Rakesh Mishra,
of their
channel that adds to the company’s CIOs also need to
to give direction to digital marketing initiatives.”
“CIOs should be perceived as people who drive initiatives to enhance the business. So, one has to strive to take on a P&L responsibility.”JoydeJoydeJo ep Dutta, CTO, ICICI Securities
“I run a continuous improvement program to increase the efficiency of sub-optimal business processes. I’m also actively involved in new business development, strategic tie-ups and other development activities.”Ashish Mehta,Ashish Mehta, Director-IT & Infrastructure (APAC & Middle East) Euronet Worldwide(APAC & Middle East) Euronet Worldwide
Every IT person has had one of these situations. A user comes to you with a problem. You fix it and announce, "Problem solved!" or "Case closed!"
But you're met with a long, uncomfortable silence or a blank stare. It's an awkward moment that you can end only by saying something like, "Well, let me know if there's anything else I can do for you," before shuffling away, wondering where you went wrong.
Where we go wrong, more often than not, is in handling the facts of a problem but not the feelings that accompany it. The technology problem is solved, but the feelings that the problem aroused in the user—anger, disappointment or frustration—are unresolved.
I can imagine what you have to say to that: "Dealing with feelings is not in my skill set." We geeks are adept at handling the facts of people's problems and notoriously oblivious to their feelings. But if you want to be good at working with non-technical people, you have to expand your ability to deal with both. Whether they ask for it or not, whether they realize it or not, they need you to help them resolve both to move forward.
So why don't they just tell you that they're upset? Two reasons: At work, people don't feel comfortable talking about feelings. It's safer to complain about facts. And sometimes it's hard to put feelings into words. People may not even be able to articulate the nature of their disappointment.
I happen to think that geeks can handle these situations. We're problem-solvers, and if we just expand our definition of the problems we solve to include both the facts and the underlying feelings, we can deal with them like any other difficulty. Relax; you don't have to be Dr. Phil. You just need to use some responsive words and send subtle signals that show you care. Here are three easy ways to do that.
Empathize MethodicallyTrain yourself to recognize emotions that aren't explicitly stated. Listen to users' word choices. ("It
just died on me.") Recognize the feelings in their tone of voice. Put yourself in their shoes. Then, simply acknowledge what they're feeling by saying something such as, "This must be really frustrating for you." When you do that, users feel that you are trying to help them, as people, rather than just tending to the machines. And when the problem is solved and the case closed, speak to both the technical and experiential parts of the problem. Say something like, "It's working now and should make your life a whole lot easier." Seriously—it's that simple.
Apologize with DignitySometimes a simple apology will make the difference, even though you have nothing to apologize for. It's not a sign of weakness to let someone know you're sorry that they're experiencing discomfort or inconvenience. It's not necessarily an admission of personal guilt either. Just say, "I'm sorry that this is so difficult."
Share Your Own Feelings About the SituationIt comforts people to know that they aren't the only ones who might feel a certain way about a situation. Letting them know about your own experiences allows you to build a relationship rather than conduct a transaction. When you say, "This has been keeping me up at night too," you're sharing in the person's urgency and upset.
Technical people who can navigate both facts and feelings are the ones that business people really want to work with. When you include the user's emotional life in your problem definition, you become that magical person who can work with anyone. CIO
Paul Glen is CEO of Leading Geeks. His newest book is 8 Steps to Restoring Client Trust.
Send feedback to this column to [email protected]
What About My Feelings?
To learn more about how CIOs
can take the drudgery out of IT
read Making IT Fun Again on www.cio.in c o.in
A Kick Out of IT
If your staff wants to be good at working with non-technical people, they have to learn to expand their ability to deal with both people's problems and their feelings. Because whether users ask for it or not, they need help.
Paul Glen staff manaGement
VOl/7 | ISSUE/072 4 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
Coloumn_Feelings.indd 26 5/11/2012 4:13:36 PM
One of the Best Pieces of Advice You Have Given Your Staff
the125th
issuespecial
“Keep your eyes and ears open, be flexible and receptive, and try to wear the shoes of your users. One has to be aware of how new technologies can help business.”K. Karnatak, Sr. VP & Group CIO, RJ Corp
“Give immense importance to the quality of the code you write. This has a ripple effect in lower costs and better customer experience.” Viraj Patel, Head-Technology, Bigtree Entertainment
“Do your job to the best of your ability, enhance and learn new—relevant—skills, acknowledge the positives in your team, be self-aware, be real with commitments, have trust in your abilities and—most importantly—have fun.”Dheeraj Sinha, Head-Global IT & Supply Chain, Apollo Tyres
“Take ownership, take responsibility. It’s not a job, it’s your life, it’s your career. Only if you are convinced, will you be passionate about your work. Staffers should have the freedom to decide their own benchmarks.”Yogesh Zope, CEO, Kalyani Technologies & VP-IT, Bharat Forge
“Keep an eye out for new things happening around you. Be open to new technology, new processes, and new ideas; change is going to prevail.” Pratap Pat Joshi, GM-IT, JCB, India
“Always keep your commitments: We may cite a hundred reasons for not meeting our commitments, but the customer needs only one reason to stop business with us.” Dr. B.R. Reddy, Director-Operations, Natco Pharma
and try to wear the shoes of your users. One has
can
Sr. VP & Group CIO, RJ Corp
Be open to new technology, new processes, and new ideas;
importance to the quality
effect in lower costs and better customer
Head-Technology, Bigtree
and—most importantly—have fun.” Head-Global IT & Supply Chain, Apollo Tyres
“Take ownership, take responsibility. It’s not a job, it’s your life, if you are convinced, will you be
Staffers should have the freedom
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 2 5Vol/7 | ISSUE/07
Voices_BIG_IDEA.indd 33Voices_BIG_IDEA.indd 33Voices_BIG_IDEA.indd 33 5/11/2012 4:10:48 PM5/11/2012 4:10:48 PM5/11/2012 4:10:48 PM
Undercover Officer AnOnymOUs
In the Hot SeatOne man’s adventure into the interviewing process for a CSO position.
After establishing that this wasn’t some nutcase,
but instead a headhunter familiar to those in
our trade, I decided to play. “Tell me more,”
I answered.
So she laid it out as if she were offering me
a winning lotto ticket. “With your credentials,
you’d be a leading contender right out of the
gate,” she cooed. “It’s for a company with a
new CEO and CFO and a reinvigorated board
concerned about integrity, data security,
contingency planning. They recently had a very
mean workplace violence incident,” she said.
I started thinking about the security-related
news over the recent past to try and home in
on the company. No feedback from the fog. “So
these people are serious about a really senior
guy, but do they know what a CSO title is all
about?” I wondered aloud.
“I’ve teed up the CSO bit with them, and it
absolutely flies,” she told me. “They’re eager to
make a statement about security in its broadest
context. Are you interested?”
“If you’ve vetted this job and think they’re
serious, then sure,” I told her. “But keep it
totally confidential. I’m very satisfied here.”
“I’ll get back to you,” is how she left it.
I didn’t hear a thing for a few months. Then
another call came early one morning. “Sorry
I was silent but, to your point, I wanted to
confirm they’re serious about this job,” she
said. “I’ve put yours and a few other CVs before
their selection committee.”
The call came in early one morning and made it through my
usually protective security screen in part because of her
particularly pleasant first-name request to speak with me.
Without much of an intro, the caller got right to the point.
“Would you be interested in the CSO job of the millennium?” she inquired.
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 2 6VOl/7 | ISSUE/07
Anonimous_colunm_May2012.indd 3 5/11/2012 3:36:26 PM
Undercover Officer
Oh great, a selection committee, I
muttered to myself. But I was more
controlled in my response. “And the
answer is...?”
“You’re in the catbird seat!” she
said as though announcing an
Academy Award nomination for best
supporting actor. Hmmm. Let’s hope
not. “They want to see you ASAP.”
I knew I’d have to put this to the
wife who agreed to move here on
my pledge to sink an anchor into
the ground.
Getting the Whys and WhereforesMy wife was predictably unenthu-
siastic. “You’re going where to do
what?” she said without a hint of a
smile. But the kids thought the new
company was in an “awesome” area,
and my own pathetic look must have
led her to relent. “Go get this out of
your system. But no promises!”
So I started doing some homework
over the next several days, which
revealed some interesting facts. First,
the workplace violence incident had
caused some focus on security. But
from the business press, it looked as if
a couple of the newer audit committee
members had read the Sarbanes-
Oxley tea leaves and wanted to play
hardball. Other sources told me
that the CEO and the executive vice
president of administrative services
wanted a higher-profile security exec
to pull a more integrated program
together. Or is it to take the heat?
Note to self: Better make sure it’s
the former.
When I arrive at the appointed hour
and place, I’m immediately impressed
with the initial approach. No star
chamber, no apparent chairman. Just
a comfortable room with everyone at
one table. It’s clear that everyone has
been well briefed on my background
and experience. A good sign, I hope.
I learn that the committee is
composed of the head auditor, the chief
legal counsel, the senior vice president
of HR, the CIO and the executive vice
president of administrative services.
These are my primary stakeholders,
so I do not pass if I blow it here.
CIO: “You don’t have a technical
background, but you have information
security in your current job. How do
you do so without that experience?”
Me: “My employers expect me to be
on top of the full range of risks in my
playing field. They have given me
the scope of risk oversight because
we have discussed the linkages
between the threats that confront
global business today. That scope
has come with an understanding
that we need to have an information
risk management capability with a
team equal in strength to the risk we
face in this area of business, which
is significant.”
I went on. “Our CISO has a clientele
that wouldn’t give him the time of
day without total confidence in his
competence. We are partners with the
business and our CIO. I’m the orchestra
leader. He’s the principal soloist.”
CIO: “Would you propose that we have
information security under you here?”
Me: “Not at this point, or maybe not
at all. It’s far too early to say what
model I’d propose here. A lot depends
on what works in your culture, how
service units can most effectively
serve and lead here.”
Auditor: “Assuming you know about
Sarbanes-Oxley, what role do you
think security should play in our
controls if any?”
Me: “Frankly, most organizations
haven’t taken enough time to think
through a control model to create the
most appropriate mix of players given
the risk environment. I’m bullish on
security being an equal partner in the
governance team. Security is a lead
player in addressing reputational risk
with background vetting, third-party
due diligence, internal investigations
and vulnerability analysis. While not
as headlined as audit, I think these
are core processes in the evolving
Sarbanes environment, which is
about doing the right thing by
our shareholders.”
CFO: “We’re in the process of
identifying every dollar that
contributes to or detracts from our
being more efficient and productive
than our competitors. Security
represents a relatively large cost
center here, and still there’s a sense
that we should be doing more. How
would you propose to be a leader in
cost management and containment?”
Me: “I would get a fresh assessment
of the risks facing this company on
a global basis and demonstrate to
you that we have unmet priorities to
security is just one horse at the trough. my responsibility would be to make you aware of the risks and to propose solutions. you could always decide to accept the risk, I told the EVP.
AnOnymOUs
To learn more about interview
etiquette, read 5 Must Dos in an Interview on www.cio.in
c o.in
One on One
VOl/7 | ISSUE/072 8 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Anonimous_colunm_May2012.indd 4 5/11/2012 3:36:26 PM
CO
MP
UT
ERWRWR
ORLD & CIO IBEROROR
AMER
ICA
NO
S
IP R E M I O S 2 0 1 2
www. i d g . e s / p r e m i o s i b e r o am e r i c a n o s
r e g i s t r a t i o n p e r i o d i s n o w o p e n
s u b m i t y o u r a p p l i c a t i o n a t :
REGISTRATION
PERIOD IS NOW OPEN
AWA R D S 2 0 1 2C O M P U T E RWO R L D & C I O
B E R O A M E R I C A Nd e c e m b e r 2 0 1 2 • m a d r i d
address them. It’s incumbent upon
the CSO to show that the company
has a higher likelihood set of threats
for which it is unprepared and find
the most cost-effective solutions he
can, reduce costs if possible and then
convince you that the new expense is
worth it.”
CFO: “What if we shoot it down
anyway?”
Me: “Hey, security is just one horse at
the trough. My responsibility would
be to make you aware of the risks
and to propose solutions. You could
always decide to accept the risk.”
HR: “We’ve had some issues with
our security folks giving off a Big
Brother sense to our employees. It
doesn’t sit well in our culture and
seriously impacts your department’s
credibility. What would you do to
restore confidence in
security here?”
Me: “Well, given that
dark assessment, I would
make that a very serious
first priority because
everything else I’d likely
want to do here will
depend on bottom-up confidence in
our functions. So I would meet with
employees at all levels to find out how
they’re feeling about our services,
what we do well and not so well. I
believe in being a very close business
partner with human resources and
legal, so I would really suss out their
perceptions of our strengths and
weaknesses. And I’d be looking at
our team’s competencies for things
such as relationship management and
influence. The bottom line is: If you’re
right, then this is a serious challenge.
And I can’t be a success if we can’t
turn this around.”
Chief Legal Counsel: “I was interested
in your response about reputational
risk. As I recall, you mentioned
background investigations. But we
don’t do them here, and I’d be curious
why you think we should.”
Me: “Let’s start with the recent
workplace violence case. Your local
newspaper uncovered the information
that the guy you fired for assaulting
his supervisor had a long record of
assaults, domestic violence, firings and
substance abuse. That was easily and
legally obtainable pre-employment
information, and you didn’t even ask
your job applicants for information that
could be verified for such purposes.
At my last two employers, one in five
of all applicants had some material
discrepancies in their personal history
statements. In other words, they lied.
Should you hire liars coming through
the door? How would that look on the
upper-right-hand corner of The Wall
Street Journal? I’m an unabashed fan
of background investigations at the
very least, for everyone in a ‘risky’
job. We can discuss that definition if
you like.”
HR: “I’ve got to wonder if we aren’t
better off not knowing what we don’t
really need to know.”
Me: “The thing you’ve got to consider,
with all the ethics issues before the
public and regulators these days, is if
the bar is being raised by your board
and shareholders. Should you know
about the integrity of your key people?
Would there have been a different
result if you had had a criminal history
on this violent employee?”
The human resources guy’s body
language speaks volumes. I sense
I’ve peeled off a scab and started
the bleeding anew. “This smacks
of the goon squad approach I spoke
of earlier,” he says. “Rather than
addressing the culture and crisis in
confidence, you’d propose we crank
the hostility up a notch or two?”
EVP (while checking his watch and
waving off the HR guy): “Uh, how
would you propose to add value to
this organization?”
Me: “This recruitment process tells me
that you’re thinking seriously about
security’s place in the health of this
company. You are raising the bar. I will
add value when I measurably help this
team address where that bar needs to be
to proactively manage the risks we know
and those we have yet to identify.”
It’s clear we’re done at this point.
And as I’m saying my good-byes, I
notice that the HR leader has already
ducked out. I play it all back on the
way home and decide I’ve either
blown it big time or, if not, I will have
to get ready for some fireworks if I
take the position.
I can’t wait to get home and
convince the wife that this would be
a good thing to do. CIO
This column is written anonymously by a real CSO.
Send feedback on this column to [email protected]
Undercover Officer AnOnymOUs
The human resources guy’s body language speaks volumes. I sense I’ve peeled off a scab and started the bleeding anew. “This smacks of the goon squad approach I spoke of earlier,” he says.
VOl/7 | ISSUE/073 0 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Anonimous_colunm_May2012.indd 6 5/11/2012 3:36:26 PM
Who is a CIO? In the eyes of most people, he oversees a company’s IT department, orders computer equipment, and even builds IT roadmaps. But let me dispel that myth for you.
Today’s CIO is more than just a designation that’s centered around technology. Obviously, CIOs still have technical jobs but now, as technology has become essential to businesses, they have become key partakers of the business.
Clearly, the focus of CIOs has shifted from operational excellence— which was in the spotlight for 15 years—to adaptability.
One area that needs change is the idea—nurtured by IT leaders—that CIOs need to stick to one industry. It’s an idea that’s likely to get diminutive. Historically and today, in the eyes of the business, the role of a CIO has always been treated as being fungible between industries; they’re not concerned what industry CIOs are from.
Even within one company, CIOs will have to move between functions if they want to contribute as much as they can. But CIOs need to remember that it’s one thing to understand a business’ process and another thing to understand business. It takes time to understand the ethos and the DNA of a corporation. But it takes even more time to comprehend business. And for this, they will need to learn multiple languages; business jargon to speak with business colleagues and SOA to speak to their IT peers.
Not many of my colleagues want to hear about these changes that are expected of them, especially in the context of their careers. But, these changes are required if the CIO role is to evolve.
Going PlacesUntil a while ago, CIOs identified themselves with order takers. To this day, I joke with my colleagues that one has to be better
Three Keys to Tomorrow For the CIo role to move forward CIos need to do three things: Make business their main focus, embrace change, and institutionalize innovation. That’s going to be easier said than done.
Ill
US
Tr
aT
Ion
by
PH
oT
oS
.Co
M
Pravir Vohra CIO ROle
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 3 1Vol/7 | ISSUE/07
Coloumn_Pravir.indd 27 5/11/2012 4:14:50 PM
than a waiter at a fancy restaurant. I would advise all CIOs to treat legacy support functions as only a small part of their core responsibilities. Everything else they do should be focused on business. In fact, I find it impossible to understand how we CIOs can detach ourselves from business. Because, whether we like it or not, the line between technology and business is going to get blurred, it’s already happening.
This is my advice because, at the end of the day, if our colleagues in business don’t see value in the CIO’s role, we will evolve more slowly—if at all. Shrugging and saying “that’s not my problem” is definitely not the attitude we should take. We will all be under pressure to morph.
I have always viewed CIOs as midwives. Knowing the domain that one services and the technology to support it, makes the CIO the best person to deliver to the business. But CIOs usually don’t know what the market is doing—and that’s extremely critical for the evolution of the role.
One of the reasons CIOs aren’t as business-savvy is because they don’t communicate very well with the business and we have e-mail to thank for that. The importance of the medium of communication between business and IT is extremely under-rated. As a result, simple words become extremely complex. Even our use of cell phones demonstrates how little importance we give to the communication medium. Today, despite our increased focus on communication, we have staccato, one-word conversations over mobile phones.
What happened to across-the-table meetings? What happened to face-time with customers? (To read how your global peers have benefited from meeting cutomers turn to page XX) These will improve the adversarial relationship between technologists and the business.
Finally, if CIOs want to be more business-oriented, they need to improve their partnership skills. CIOs have created technology like a big black box. We extract power out of it and it makes us feel indispensable—but it doesn’t buy us trust. We’re not liked if we deliver a product which business doesn’t understand.
I strongly encourage CIOs to step out of the narrow confines of 0’s and 1’s, get real and get involved in negotiations, conversations and getting results.
Adapting to ChangeThere are two types of changes CIOs of the future need to get used to. First, the ability to adapt at an individual level, and second, the ability to bring about large changes successfully.
Let’s take the second type of change first. The fear of change among enterprise users is irrational and has roots in our belief in certainties. We are animals of habit, which is why changing culture is the most difficult.
We have managed large changes because IT absorbed much of the changes. And that’s why I believe that there’s only one way for IT to bring large changes to the enterprise: Absorb the sea of difference that changes bring and let users enjoy the benefits.
That said, those who are the most inimical of changes in technology are technology drivers. I've noticed that the biggest fight to a new idea comes from within technology. Any change that threatens IT’s coveted position or authority is met with resistance. That brings us to the first type of change; the one at the individual level. Let’s take a look at company acquisitions as an example. We believe that an acquisition will vaporize all our old relationships; that we will need to build new ones all over again. But is that true?
The fact is technology is going to occupy less of a CIO’s time and aligning it with organizational agendas will become a
priority. But to bring about this change CIOs must develop the ability to consume, absorb and digest immense amount of change. Only then can they become catalysts of change
Institutionalizing InnovationNew ideas bring new ways of working but that doesn’t mean CIOs should stop innovating. They still need to infuse innovation in their organizations.
Questions like “should the CIO have a place on the table?” or “are CIOs important enough?” have been asked too many times in the past five years. Let me tell you this: You won’t get a place at the table simply because you carry a C-level tag but because somebody believes you deserve it. CIOs will have to add more to their charter than operational excellence; they need to drive innovation.
But today, as technology leaders, we are so compliance-oriented that we tend to ignore the art of business. People untouched by bureaucracy are open to possibilities while we are used to thinking within constraints. We need to bring in younger people in the thought process, be more tolerant of failure, and allow fresh ideas.
Do not fight change, adapt to it. CIO
This column is based on excerpts from an address during the CIO Money Matters Symposium in February 2012Pravir Vohra is group cTO, IcIcI Bank. Send feedback on this column to [email protected]
CIOs have created technology like a big black box. We extract power out of it and it makes us feel indispensable—but it doesn’t buy us trust.
Pravir Vohra CIO ROle
Vol/7 | ISSUE/073 2 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Coloumn_Pravir.indd 28 5/11/2012 4:14:50 PM
RISE OF BAIT”ALIGNING IT WITH YOUR BUSINESS GOALS
BUSINESSALIGNED IT HCL TECHNOLOGIES INDIA
Shareholder Values
Business Values
Increased Scalability
Increased Competitive Advantage
Improved Margins
Improved End user Experience
Robust Governance
Reduced Capital Expenditure
CIOCIO 2
TOWARDS HIGHER GOALS AND BROADER HORIZONSAjay Kumar Meher, Sr. VP-IT & New Media, Sony Entertainment India, speaks about how organizations can achieve business-IT alignment and make use of emerging technologies to stay ahead of competition.
HCL TECHNOLOGIESCUSTOM SOLUTIONS GROUP
AJAY KUMAR MEHERSr. VP - IT & New Media Sony Entertainment India
An industry veteran of close to 18 years, Meher has extensive experience in application deployment and process automation. In his current role, he heads the IT, New Media and Post Production for Sony Entertainment Television.
According to you, what will be the top IT trends in 2012?IT is one of the enablers of business growth today. Automating business processes and making them robust and fl exible are, now, on top of the priorities list of CIOs. These priorities are interdependent because one cannot automate business processes if they are not fl exible.
On that note, any SOA-driven IT initiative that helps business, business process manage-ment tools (BPM) and business intelligence (BI) are some of the top trends today. These have been discussed by the management and IT for quite a few years now, but business processes have still not achieved the kind of fl exibility required to drive growth.
What are some of the new technologies that are shaping the entertainment industry?Since we are in the broadcasting industry, the emerging technologies we see revolve around digitalization of content and distribution. Dis-tribution seems to be a lucrative option in the broadcasting vertical because it ensures re-duction in undercount of subscribers which otherwise leads to revenue loss. However, this new business opportunity comes with its own challenges as well. Digitaliizing the con-tent, making the distribution process smooth
and ensuring security are some critical areas that have to be given careful attention to.
On the other hand, other trends that are increasingly gaining reception in this vertical are developing high defi nition (HD) content and delivering the same in different new media platforms such as tablets and Internet-enabled devices. These aspects are becoming more critical and increasing competition day by day.
How does a CIO achieve alignment of IT with business goals?IT can neither be on the sidelines nor come up with its own strategies that don’t deliver business growth. Every IT strategy has to be aligned with the business strategy in the fi rst place. Particularly in our organization, several business-critical initiatives, such as launch of new HD channels and content re-purposing with respect to syndication of new media platforms, are taking place currently. What matters now is the speed at which these services are delivered. This is not just an IT challenge, but a business-oriented challenge as well.
Therefore, IT goals and business goals have to complement each other in order to maximize revenue. Organizations have to take steps such as increasing their effi ciency in order to achieve this. Also, the same steps are helping us ensure growth. Some of the strategies have already been fruitful for us and some are starting to show their impact on business.
Can you share some examples of IT engagements aligned with business goals?One of the projects which is almost on the verge of completion is our broadcast manage-ment system. This project is automating the business process of ad-spot management, right from identifying advertising deals to fulfi ment of ad-spots and invoicing them. This system creates the playlist on the basis of the best order to place the ads and is also inte-
grated with the playout automation module which plays the content automatically.
Another project we are working on right now, in collaboration with HCL Technologies, is building a platform which can repurpose the content from our digital asset management system and publish it on a different new media platform effectively. We are also building a con-tent management solution system (CMS) and a video portal with enhanced capabilities. These two projects would certainly add business value for the organization.
How has your journey with HCL Technol-ogies been, particularly in terms of driving core business benefi ts for your company?We have been working with HCL Technologies on the aforementioned projects. These proj-ects involve a great deal of integration with different points of the new media platform. One is the digital asset management and an-other is content delivery network (CDN). Next comes the ad-serving network, followed by the broadcast management system. We are working hand-in-hand with HCL Technolo-gies on these business-critical initiatives.
With respect to the business benefi ts, the new media platform is expected to increase revenue, and HCL Technologies is bringing the core en-gine along with the publishing platform for this project. Our journey with HCL Technologies has been smooth because we are working together to fulfi ll some business-critical requirements, and they have understood this well.
This Interview is brought to you by IDG Custom Solutions Group in association with
RAISING THE BAR FOR PERFORMANCE MANAGEMENT HCL Technologies’ ability to feel the pulse of verticals is its greatest strength while advising clients.
EXECUTIVE VIEWPOINT
HCL TECHNOLOGIESCUSTOM SOLUTIONS GROUP
PRADEEP BINDALPresident, Asia Pacifi c, Middle East & Africa HCL Technologies
Pradeep heads the Asia Pacifi c, Middle East and Africa business for HCL Technologies, which has a vision to provide “Business Aligned IT Services”. Pradeep is associated with HCL since 19 years and has been a key member of HCL’s transformational journey.
The role of an Indian CIO has changed in the last couple of years. What is your take on that?In the wake of ever-changing business environment, organizations world over are increasingly adopting technologies to optimize resources for exploring newer business opportunities This has led to a new set of expectations from CIOs. They are now powerful business decision infl uencers who harness the power of technology to enable market re-alignment, enable faster time-to-market and foray into new markets and channels.
For instance, a CIO of an insurance com-pany would be interested in exploiting the power of mobile technology to create a near real-time claims processing appli-cation or using a product confi gurator to reduce time-to-market for a new product launch and thus achieve competitive ad-vantage. Similarly, a CIO of a pharmaceutical com-pany would be keen to deploy quality manage-ment solutions that help detect and track defects based on batch number or use forecasting and business planning appli-cations that help reduce expiry losses.
We see many Indian CIOs playing a key role in their organization’s growth, as part of business KRAs introduced in their work mandate.
Do you see CIOs being involved in strategic decisions and boardroom discussions?Absolutely yes! From ‘back offi ce contributors’ to ‘board room infl uencers’, CIOs across the world have travelled a long journey over the years. They now have an important place in boardroom meetings as they can align IT with business goals and help grow
the organization. Business intelligence, performance management, mobility, risk and compliance, and cost optimization are some key boardroom themes which are driven by CIOs.
What will be the key mandate for CIOs in 2012 – 2013 from CEOs and CFOs?In many verticals, Indian organizations are growing at a faster rate than their western peers. CEOs of such robust companies are faced with the daunting challenge of main-taining and accelerating this growth rate over the coming years. CIOs are the change agents in this growth story, bringing tech-nology closer to business.
The mandate to a new-age CIO varies from one industry to another. For example, CIOs in the banking industry may have a KRA to get a 360 degree view of the customer to
facilitate cross-sell/up-sell of new services, while a CIO in the retail industry may have a mandate to achieve better demand planning so as to increase customer satisfaction. A manufacturing industry CIO may be asked to implement a robust manufacturing execution
system, while a media industry CIO may be asked to facilitate growth in digital business by implementing a SOA (Service Oriented Architecture)-enabled back offi ce. However, the common theme across industries is “how can technology usher better customer services and optimized operations?”
How is HCL Technologies placed to help Indian CIOs achieve these tasks?HCL Technologies has been a pioneer in providing business-aligned IT solutions to
more than 200 clients in India. To quote some real life examples, we are catering to a leading insurance company, providing them a single and centralized view across 50 million policies and helping them understand their customers better. As another example, we have a leading media house as our client where we have been able to optimize IT run-cost through strategic cost and performance management.
Two major differentiating factors helping us to serve Indian clients have been our ver-tical focus and ability to understand industry problems. These have helped us in address-ing the business needs of Indian CIOs – to serve end users in an effi cient manner by using business-IT alignment and optimizing IT operations for better productivity.
“CIOs are the change agents in this growth story,
bringing technology closer to business.”
This Interview is brought to you by IDG Custom Solutions Group in association with
I don’t believe that monetary benefits
are a great way to motivate or retain
employees, or improve employee
productivity and satisfaction.
Various studies and research
reports indicate that conferring big monetary
rewards kill the zeal to think out-of-the-box.
People become extremely focused on what
they are supposed to do, and do it diligently
because there is a monetary reward attached
to it. Somewhere in the middle of all this, they
lose their determination to attain something
more meaningful and fulfilling.
Providing monetary benefits is an easier
route to take but like most shortcuts, it’s not
very effective. Yes, investing in sustainable
reward and recognition strategies requires
significant time and effort, not to mention the
urge to go the extra mile. But overall, creating
a challenging and satisfying job environment
would go a long way in retaining staff—far
beyond the realms of monetary benefits.
Also, there will always be someone in the
market—most likely a competitor—who can
poach an important resource by offering
a bigger, fatter, pay check. Money, unlike
intangibles, is not available in free-flowing
abundance. One cannot give a salary increase
of 20-30 percent to their employees every
year. There is a limit to that. Organizations
need to look beyond that and find new ways
of constantly challenging their staff.
That said, I think rewarding employees
with monetary benefits might work in one-
off cases when a CIO knows that an employee
is going through financial trouble and needs
assistance. But the motive there would be to
make the employee feel that he is valued and
his boss is not oblivious to his problems.
I believe the ideal way to retain talent in a
team and keep their enthusiasm levels high
is to help them recognize their strengths and
expand their horizons by providing exposure
to new roles and responsibilities.
Alternative Views StAff mAnAgement
“Providing monetary benefits is an easier route to take but like most shortcuts, it’s not very effective.”
Tarun Pandey, VP-IT, Aditya Birla Financial Services
Is Money the Best Way to Drive Employees?Is dangling money in front of your staff the best way to increase productivity and retain employees? Two CIOs debate.
VOl/7 | ISSUE/073 6 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Alternative_Views_May2012.indd 34 5/11/2012 3:35:27 PM
Whether you accept
it or not, it’s a
fact that money
makes the world
go round.
That statement is even more true when
you’re talking about the lower level or
the mid-tier of an organization. Perhaps,
as one moves up the ranks, things like
job satisfaction and the need for a more
challenging job environment starts
kicking in. But their position also leaves
them with more time to worry about
personal growth than pending bills.
I’m not commenting about the global
scenario here; I’m talking about India,
where the mid-tier—that’s a majority of
young employees—is constantly exposed
to a capitalist consumer market. Also,
the idea that having a lot of money and
that a good designation determines a
person’s value in society has been drilled
into the mindset of mid-tier employees.
People talk about nurturing talent and
challenging employees, but the fact that
most youngsters in this country still aim
for the IIMs and IITs show that a high-
paying job is largely the crux. One often
comes across news stories which report
the record packages that IIM students have
bagged. But how many of those stories talk
about the job profile or how well matched it
is to an individual’s abilities?
Let’s take a small example. At
HeroMotoCorp, I take every initiative
to keep my employees motivated.
This includes sending them to collect
awards on the organization’s behalf.
Now, that itself is an elating experience
for them. This is coupled with constant
recognition for a job well done. But
consider this: After giving them a star
rating of 5 on 5 for their performance,
if I declare that my team members
will receive a certificate—instead of
salary hikes—it wouldn’t be a pleasant
situation to deal with.
Having said that, I also agree that only
monetary benefits are not going to keep
the wheels turning. There needs to be
a fine balance between both monetary
rewards and recognition. But to rubbish
the idea that employees don’t leave a job
for money would be too impractical a
statement to make. CIO
As told to Debarati Roy
Debarati Roy is correspondent. Send feedback on
this story to [email protected]
Alternative Views StAff mAnAgement
“to rubbish the idea that employees don’t leave a job for money would be too impractical a statement to make.”
Vijay Sethi, VP & CIO, Hero MotoCorp
TRANSFORMING BUSINESSTHROUGH JUDICIOUSAPPLICATION OF IT
To follow business transformation in action, visit www.cio.in/transformers
IN THIS ISSUE
An IDG Custom Solutions Initiative
The role of CIOs are not confined to managing IT anymore opines Subhakanta Satpathy of Axis Bank.
126 |SURVIVAL OF THE FITTEST
121 | CLEARING CHEQUES ON THE CLOUDYes Bank embraces a hosted solution to implement Cheque Truncation Services (CTS).
Alternative_Views_May2012.indd 35 5/11/2012 3:35:29 PM
C A S E S T U D Y
This feature is brought to you by IDG Custom Solutions Group in association with
UST Global is a leading provider of end-to-end IT services and solutions for top 1000 companies globally. The company has a client-centric Global Engagement Model that combines local, senior, on-site resources with the cost, scale, and quality advantages of off-shore operations.
ENABLING INNOVATION BY SIMPLIFYING ITTo stay innovative, UST Global realized that it needed to quickly adapt to changing demands, and the one way to do so was to spend less time on infrastructure maintenance and more time on business innovation. “We did not want complex technologies with complicated processes that required retraining our IT staff. We wanted a technology that simply works in our dynamic infrastructure, be it physical or virtual,” says Rinosh Jacob Kurian, Enterprise Architect, (IT Applications), UST Global.
To keep up with this growth, UST Global was looking to improve the efficiency of their data center environments. Its data centers were under constant fiscal pressure, and it was important that the service provider make more efficient use of IT resources, streamline and automate operational tasks and leverage their existing investments. According to Kurian, “We were looking to get more out of the resources we had, enable better usage rates, and run our data center with greater efficiency.”
However, this was not a simple task for UST Global, as all its data centers were already running on full capacity and were facing power and cooling challenges. Also, UST Global had its own campus build out which restricted expanding its existing capacity. Hence the company was looking to optimize its IT resources using virtualization and add an additional capacity of 1000 virtual servers, while ensuring that the energy footprint is reduced or at least remain the same.
CHOOSING THE RIGHT SOLUTIONWith powerful processors, large memory footprints and big I/O pipes, Dell’s 12th Generation PowerEdge servers along with Dell Compellent storage was the ideal solution for UST Global.
The solution not only included a comprehensive approach to driving energy efficiency across the data center but also maximized virtualization density, offering 300 percent more virtual machines in the same physical space.
GETTING IT RIGHTThe power efficiency features included advancements in Dell’s ‘Fresh Air Initiative’, energy smart design and the OpenManage Power Center, which resulted in significant power savings at the data centre for the service provider. “In fact, the average power usage is just 12 W per VM (6 for compute and 6 for storage),” says Kurian.
Streamlining and automating operational tasks have also become extremely hassle free with the Dell Remote Access Controller (iDRAC7) with Lifecycle Controller 2.0. This helps UST Global simplify the lifecycle of deploying, updating, monitoring, and maintaining PowerEdge servers. “Dell seems to have got it right with the new agent free iDRAC technology offered with Dell 12G servers, which helps us eliminating
time consuming management tasks and streamlines the way we manage our systems, there by maximizing efficiency,” says Kurian
By using the Fluid Data Architecture storage technology, UST Global is able to access the information it needs in a flash, and gain valuable insights from the huge amount of data. New innovations in PCIe solid state disks, data accelerators and scalable internal storage has provided significant improvements in the ERP, Business Intelligence and database performance for the service provider. “We think of the PowerEdge 12th generation servers as systems designed by us, and engineered by Dell,” concludes Kurian.
This feature is brought to you by IDG Custom Solutions Group
technology, UST Global is able to access the information it needs in a flash, and gain valuable insights from the huge amount of data. New innovations in PCIe solid state disks, data accelerators and scalable internal storage has provided significant improvements in the ERP, Business Intelligence and database performance for the service provider. “We think of the PowerEdge 12th generation servers as systems designed by us, and engineered by Dell,” concludes Kurian.
“ We think of the PowerEdge 12th generation servers as systems designed
by us, and engineered by Dell.”
Dell’s PowerEdge 12th generation servers help UST Global get optimal energy effi ciency and maximize virtualization density.Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal Dell’s PowerEdge 12th generation servers help UST Global get optimal
UST Global Gets More Power and Better Data Center Management
RINOSH JACOB KURIANEnterprise Architect, (IT Applications),
UST Global
The Challenge: All Data Centers maxed out on Power & Cooling Own Campus Build out prevents existing capacity expansion Optimize by virtualizing to add capacity of 1000 virtual servers Keep energy footprint same or lower
The Solution: Dell energy efficient Blade Servers Dell Compellent Storage for optimal Power Capacity Performance Dell consulting services
The Success: Capacity Built out to 1000 servers High performance VMs (ERP virtualized) Average power usage 12 W per VM (6 for compute & 6 for storage)
DATA CENTER CONSOLIDATION
DELLCUSTOM SOLUTIONS GROUP
Disaster Recovery Customer Needs Business Continuity Virtualization Cost Optimization Career Big Data Analytics Users Strategies Tactics Management Staffers Staffers Business Intelligence Cost Cost ROI ROI Opex Opex Capex Capex Back Back Up Cloud Computing Cloud Computing SLAs SLAs E-mail E-mail Applications Applications ERP ERP TCO TCO CRM CRM Vendors Vendors Cost Imperative Niche products Advice CFO CEO Economy Slowdown P&L Forecasting Sales Products Hardware Bottom Line Change Man-
agement IaaS Supply Chain Customer Experience Training Incentives Business Acumen Enterprise In-memory Relationships PaaS PaaS Long Term Goals Business-IT Alignment CISO Stakeholders Social Media Mobiles
BYOD VDI Integration Consumerization of IT Best Practices Policy Governance Cloud DR
Outage Security Manageabil-ity Storage Semantic Data Models Hadoop Business Conti-nuity Virtualization Users Strategies ROI
Opex Capex ERP TCO CRM CEO Economy Hardware Bot-
tom Line Customer ExperienceTraining Relation-ships PaaS Stakeholders Social Media Consumerization of IT
Best Practices Applications Store OS OS Use Cases Cloud Broker Erasure Codes Semantic Data Modelsery Customer Needs Business Continuity Virtualization Cost Optimization Career Big Data Analytics Users Strategies Tactics Management Staffers Business Intelligence Cost ROI Opex Capex Back Up Cloud
Computing SLAs E-mail Applications CRM Vendors Cost Imperative Slowdown P&L Forecasting Products Hardware Bottom Line Change Management IaaS Supply Chain Customer Experience Training Incentives Business
Acumen Enterprise In-memory Long Term GoalsBusiness-IT Alignment CISO Stakeholders Social Media BYOD VDI Integration Consumerization of IT Best Practices Policy Governance Tablets Tablets Applications Store Outage Security
Security Operations Use Cases Manageability Storage Drive Infrastructure Erasure Codes Semantic Data Models Hadoop Competi-
tion Disaster Recovery Customer Needs Customer Needs Business Continuity Virtualization Cost Optimization Career Big Data Analytics Users Strategies Tactics
Management Staffers Staffers Business Intelligence Cost Cost ROI ROI Opex Opex Capex Capex Back Back Up Cloud Computing SLAs SLAs E-mail E-mail Applications Applications ERP ERP TCO TCO CRM CRM Vendors Vendors
Vol/7 | ISSUE/07 Capex Vol/7 | ISSUE/07 Capex 4 0 Cost Optimization
4 0 Cost Optimization
Management4 0Management m a y 1 5 , 2 0 1 2 Cost Optimization
m a y 1 5 , 2 0 1 2 Cost Optimization
Management m a y 1 5 , 2 0 1 2 Management Staffers m a y 1 5 , 2 0 1 2 Staffers |
Cost Optimization |
Cost Optimization Staffers
|
Staffers REAL CIO WORLD Cost Optimization
REAL CIO WORLD Cost Optimization
Staffers REAL CIO WORLD Staffers Business IntelligenceREAL CIO WORLDBusiness Intelligence
125 BYOD
125 BYOD VDI
125 VDI Integration
125 Integration Consumerization of IT
125 Consumerization of IT Best Practices
125 Best Practices Policy
125 Policy
Governance
125 Governance
125 Tablets
125 Tablets
125 Survey
125 Survey
125 MDM
125 MDM
125 Applications Store
125 Applications Store
125 OS
125 OS
125 Cloud DR
125 Cloud DR
Outage Security
125 Outage Security
125 Security
125 Security
125 Operations
125 Operations Operations
125 Operations
125 Use Cases
125 Use Cases Use Cases
125 Use Cases
125 Cloud Broker
125 Cloud Broker Cloud Broker
125 Cloud Broker
125 Manageabil
125 Manageabil Manageabil
125 Manageabil
Storage
125 Storage
125 Drive
125 Drive
125 Infrastructure
125 Infrastructure
125 Erasure Codes
125 Erasure Codes
125 Semantic Data Models
125 Semantic Data Models
Hadoop 125 Hadoop 125 Competition125 Competition125 Disaster Recovery125 Disaster Recovery125 Customer Needs 125 Customer Needs 125 Business Conti125 Business Conti Virtualization 125 Virtualization 125 Cost Optimization 125 Cost Optimization 125 Career 125 Career 125 Big Data 125 Big Data 125 Analytics125 Analytics125 Users 125 Users
Strategies 125 Strategies 125 Tactics 125 Tactics 125 Management125 Management125 Staffers 125 Staffers 125 Business Intelligence 125 Business Intelligence 125 Cost 125 Cost 125 Capex 125 Capex 125 Back Up 125 Back Up 125 Cloud Computing125 Cloud Computing125 SLAs 125 SLAs SLAs 125 SLAs 125 E-mail 125 E-mail 125 Applications 125 Applications Applications 125 Applications CRM 125 CRM 125 Vendors 125 Vendors 125 Cost Imperative 125 Cost Imperative Cost Imperative 125 Cost Imperative 125 Niche products 125 Niche products 125 Advice 125 Advice 125 CFO125 CFO
Economy 125 Economy 125 Slowdown 125 Slowdown 125 P&L 125 P&L 125 Forecasting125 Forecasting125 Sales 125 Sales 125 Products 125 Products 125 Hardware 125 Hardware tom Line 125 tom Line 125 Change Management 125 Change Management 125 IaaS 125 IaaS 125 Supply Chain 125 Supply Chain 125 Customer Experience125 Customer ExperienceTraining 125 Training 125 Incentives 125 Incentives 125 Business Acumen125 Business Acumen125 Enterprise125 Enterprise125 In-memory 125 In-memory 125 Relation125 Relation
PaaS 125 PaaS 125 Long Term 125 Long Term 125 Goals125 Goals125 Business-IT Alignment 125 Business-IT Alignment 125 CISO125 CISO125 Stakeholders 125 Stakeholders Social Media 125 Social Media 125 Mobiles125 Mobiles125 BYOD 125 BYOD 125 VDI 125 VDI 125 Integration125 Integration125 Consumerization of IT 125 Consumerization of IT
Best Practices 125 Best Practices 125 Policy 125 Policy 125 Governance125 Governance 125 125 Tablets 125 Tablets 125 Survey 125 Survey 125 MDM 125 MDM 125 Applications 125 Applications OS 125 OS 125 Cloud DR 125 Cloud DR 125 Outage Security125 Outage Security125 Security 125 Security 125 Operations 125 Operations 125 Use Cases 125 Use Cases
Cloud Broker 125 Cloud Broker 125 Manageability 125 Manageability Manageability 125 Manageability 125 Storage 125 Storage Storage 125 Storage 125 Drive 125 Drive Drive 125 Drive 125 Infrastructure125 Infrastructure125 Erasure Codes 125 Erasure Codes Erasure Codes 125 Erasure Codes
the125th
issuespecial
Customer Needs Career Big Data
Staffers Business Intelligence Computing SLAs Imperative Niche products Forecasting
Supply Chain Acumen EnterpriseBusiness-IT Alignment
Integration Tablets Survey Survey
Security Operations Infrastructure
125 Manageability 125 Manageability 125 Storage 125 Storage
Business ContinuityAnalytics
Business Intelligence SLAs E-mail Applications
Niche products Advice Sales Products
Supply Chain Customer ExperienceEnterprise In-memory
Business-IT Alignment CISOIntegration Consumerization of IT Consumerization of IT
Survey MDM MDM Applications Store Applications Store Operations Use Cases
Infrastructure Erasure Codes
Niche products Forecasting Sales
Supply Chain Enterprise
Business-IT Alignment Integration
Survey Operations
Cost ROI Applications Advice CFO
Hardware Bottom Line Customer Experience
In-memory Relationships Stakeholders
Consumerization of IT Applications Store
Cloud Broker Erasure Codes Semantic Data Models
Business Intelligence Applications
Niche products Advice Products Hardware
Customer Experience In-memory
CISO Stakeholders Consumerization of IT
Applications Store Use Cases
Erasure Codes
Opex Capex ERP TCO CRM CEO Economy
Bottom Line Training
Relationships PaaS Stakeholders Social Media
Consumerization of IT Best Practices Policy Policy OS OS Cloud DR Cloud DR
Cloud Broker Manageability Semantic Data Models
Applications ERP CFO CEO
Bottom Line Customer ExperienceCustomer Experience
Relationships Stakeholders
Consumerization of IT Best Practices Best Practices Applications Store
Cloud Broker Semantic Data Models
Capex Back Up Back Up CRM Vendors
Economy Slowdown Change Management Incentives Business
Long Term Goals Social Media Mobiles BYOD
Policy Governance Cloud DR Outage Security
Manageability Storage Hadoop Competi
CRM Economy
Bottom Line Change Management Training Incentives
PaaS Social Media
Best Practices Policy Cloud DR
Manageability Semantic Data Models
Erasure Codes Hadoop Competition Competition Disaster Recov-
Business Continuity Virtualization Cost Optimiza-
125 Storage 125 Storage Drive 125 Drive Infrastructure125 Infrastructure Erasure Codes 125 Erasure Codes Hadoop
125 Hadoop Competition
125 Competition Competition
125 Competition Disaster Recov
125 Disaster Recov
Cloud Broker Semantic Data Models Hadoop ery Customer Needs Business Continuity
125 Cloud Broker 125 Cloud Broker Manageability 125 Manageability Semantic Data Models125
Semantic Data Models Hadoop 125
Hadoop Cloud Broker Semantic Data Models
Customer Needs
125 Cloud Broker 125 Cloud Broker Semantic Data Models125
Semantic Data Models Hadoop 125 Manageability 125 Manageability Storage 125 Storage
Hadoop 125
Hadoop Business Continuity
oSemantic Data ModelsoSemantic Data Modelsne hundred and twenty-five ideas from India’s leading CI Hadoop ne hundred and twenty-five ideas from India’s leading CI Hadoop ne hundred and twenty-five ideas from India’s leading CI Competition ne hundred and twenty-five ideas from India’s leading CI Competition Competition ne hundred and twenty-five ideas from India’s leading CI Competition ne hundred and twenty-five ideas from India’s leading CI Competitionne hundred and twenty-five ideas from India’s leading CI Competition Competitionne hundred and twenty-five ideas from India’s leading CI Competitionne hundred and twenty-five ideas from India’s leading CIDisaster Recovne hundred and twenty-five ideas from India’s leading CIDisaster RecovBusiness Continuity
ne hundred and twenty-five ideas from India’s leading CIBusiness Continuity Virtualization
ne hundred and twenty-five ideas from India’s leading CI Virtualization Cost Optimiza
ne hundred and twenty-five ideas from India’s leading CI Cost Optimiza
ne hundred and twenty-five ideas from India’s leading CISemantic Data Modelsne hundred and twenty-five ideas from India’s leading CISemantic Data Modelsne hundred and twenty-five ideas from India’s leading CI Hadoop ne hundred and twenty-five ideas from India’s leading CI Hadoop Hadoop ne hundred and twenty-five ideas from India’s leading CI Hadoop Customer Needs
ne hundred and twenty-five ideas from India’s leading CI Customer Needs Business Continuity
ne hundred and twenty-five ideas from India’s leading CIBusiness Continuity
ne hundred and twenty-five ideas from India’s leading CI Hadoop ne hundred and twenty-five ideas from India’s leading CI Hadoop Business Continuity
ne hundred and twenty-five ideas from India’s leading CIBusiness Continuity
oDisaster RecovoDisaster Recovs and Disaster Recovs and Disaster Recov how to run IT and your life.
Coverstory_BIG_IDEA_Set1.indd 30Coverstory_BIG_IDEA_Set1.indd 30 5/11/2012 6:12:12 PM5/11/2012 6:12:12 PM5/11/2012 6:12:12 PM5/11/2012 6:12:12 PM5/11/2012 6:12:12 PM5/11/2012 6:12:12 PM5/11/2012 6:12:12 PM5/11/2012 6:12:12 PM5/11/2012 6:12:12 PM5/11/2012 6:12:12 PM
Virtualization Tactics
Back Vendors
Slowdown Change Man-
Incentives Long Term
Mobiles Policy
Cloud DR Manageabil-
Semantic Data Models Business Conti-
Users ROI ERP CEO Bot-
Customer ExperienceRelation-
Stakeholders Consumerization of IT
Applications Use Cases
Erasure Codes
Cost OptimizaManagement
Cloud Cost
P&L Change Management
Business Goals
BYOD Governance
Outage Security Drive
Competi- Virtualization
Tactics Back
Vendors
It’s easy to sum up the CIO role in three words:
Business, leadership, technology. Like on our masthead. But
that’s like defining Leonardo Da Vinci as a man—completely
true but not wholly accurate.
Why? Because those three words open up a galaxy of other
descriptors (some not as nice as others). And in the last few
years, that galaxy has expanded ever more. Master of analytics,
king of cloud computing, safe keeper of information, interpreter
of big data, and the list, which doesn’t account for the business
and technology challenges that face CIOs, goes on.
That is why in this special issue—one that celebrates the
anniversary of our 125th edition—we put together the 125 ideas
we—and many of the leading lights of both enterprise IT and
India Inc—think are important ways to run IT, your department
and your life, going forward. It isn’t a complete list; that would
be too ambitious. But it covers many of the most imperative
issues in a CIO’s life today.
The CIO role, as one of the features in this issue points out,
has come a long way, very fast. Along the road—and even now—
the Indian CIO has constantly redefined the benchmarks he is
measured against, pushing always to bring forth the benefits
of technology and cast IT as an integral part of the business.
By any standards, it’s been an impressive, if steep, journey. But
as technology marches on and new business needs fill the air,
CIOs must push on. We hope that this issue will help.
Erasure Codes Disaster Recov-
Cost Optimiza-
42
48
58
54
64
What’s Driving analytics?
Getting Storage Big Data Ready
Cloud DR: Sending mixed Signals
Easy Integration with the Cloud
Consumer Tech Takes Over
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 4 1Vol/7 | ISSUE/07
Cover StoryCover Story
70
78
92
88
96
Customers F2F
Nabbing Insider Crime
Virtualization on Double Duty
Keeping IT Up
Beyond the CIO
CEos on how to run IT and your life.
5/11/2012 6:12:12 PM5/11/2012 6:12:12 PM
By David F. Carr
organizations are drowning in data and struggling to make sense of it. Still, many of the cost and performance trends in advanced analytics mean companies can ask more complicated questions than ever before and deliver more useful information to help run their businesses.
In interviews, CIOs consistently identified five IT trends that are having an impact on how they deliver analytics: The rise of big data, technologies for faster processing, declining costs for IT commodities, proliferating mobile devices and social media.
CIos share the five IT trends that are transforming how their companies process data
Reader ROI:Different trends driving the use of analytical tools
Real-life use cases of analytics
The benefits of analytics
Vol/7 | ISSUE/074 2 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Advances in analytic technologies and business intelligence are allowing CIOs to go big, go fast, go deep, go intelligence are allowing CIOs to go big, go fast, go deep, go intelligencecheap and go mobile with business data.
Current trends center as much on tackling analytics challenges as they do on taking advantage of opportunities for new business insights. For example, technologies for managing and analyzing large, diverse data sets are arriving just as many
What’s Driving
“Getting customers to help co-create our offerings is the future of competition. Big data capability can turn this vision into a reality.”
—Avinash Jhangiani, Head-IT & Digital, BIG Cinemas
the125th
issue
Big Data Disaster Recovery Analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk management Virtualization Business
special
Coverstory_BIG_IDEA_Set1.indd 32Coverstory_BIG_IDEA_Set1.indd 32Coverstory_BIG_IDEA_Set1.indd 32
Big DataBig data refers to very large data sets, particularly those not neatly organized to fit into a traditional data warehouse. Web crawler data, social media feeds and server logs, as well as data from supply chain, industrial, environmental and surveillance sensors all make corporate data more complex than it used to be.
Although not every company needs techniques and technologies for handling large, unstructured data sets, Verisk Analytics CIO Perry Rotella thinks all CIOs should be looking at big data analytics tools. Verisk, helps financial firms assess risk and works with insurance companies to identify fraud in claims data.
Technology leaders should adopt the attitude that more data is better and embrace overwhelming quantities of it, says
five IT trends that are transforming how their companies process data to gain valuable business intelligence.
Rotella, whose business involves “looking for patterns and correlations between things that you don’t know up front.”
Big data is an “explosive” trend, says Cynthia Nustad, CIO of HMS, a firm that helps contain healthcare costs for Medicare and Medicaid programs, and private businesses. Its clients include health and human services programs in over 40 US states and over 130 Medicaid managed care plans. HMS helped its clients recover $1.8 billion (about Rs 9,000 crore) in 2010 and save billions more by preventing erroneous payments. “We’re getting and tracking so much material, both structured and unstructured data, and you don’t always know what you’re looking for in it,” Nustad says.
One of the most talked about big data technologies is Hadoop, an Open-source distributed data processing platform
originally created for tasks such as compiling Web search indexes. It’s one of several so-called “NoSQL” technologies (others include CouchDB and MongoDB) that have emerged to organize web-scale data in novel ways.
Hadoop is capable of processing petabytes of data by assigning subsets of that data to hundreds or thousands of servers, each of which reports back its results to be collated by a master job scheduler. Hadoop can either be used to prepare data for analysis or as an analytic tool in its own right. Organizations that don’t have thousands of spare servers to play with can also purchase on-demand access to Hadoop instances from cloud vendors such as Amazon.
Nustad says HMS is exploring the use of NoSQL technologies, although not for
“Decreasing technology costs is making it more affordable to store and analyze higher volumes of data than before.” —Nat Malupillai, Director Technology, Target Corporation
“In a fast-paced business like ours, in-memory can be very helpful because it enables us to analyze transactional data coming from various sources quickly.” —Sandeep Phanasgaonkar, CTO, Reliance Capital
Big Data Disaster Recovery Analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk management Virtualization Business
The Trends•Bigdata•Fasterinfrastructure•Fallingcosts•Mobility•Socialmedia
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 4 3Vol/7 | ISSUE/07
Analytics?
Cover StoryCover Story
Coverstory_BIG_IDEA_Set1.indd 33Coverstory_BIG_IDEA_Set1.indd 33Coverstory_BIG_IDEA_Set1.indd 33Coverstory_BIG_IDEA_Set1.indd 33Coverstory_BIG_IDEA_Set1.indd 33Coverstory_BIG_IDEA_Set1.indd 33Coverstory_BIG_IDEA_Set1.indd 33Coverstory_BIG_IDEA_Set1.indd 33Coverstory_BIG_IDEA_Set1.indd 33Coverstory_BIG_IDEA_Set1.indd 33 5/11/2012 6:12:17 PM5/11/2012 6:12:17 PM
its massive Medicare and Medicaid claims databases. These contain structured data and can be handled with traditional data warehousing techniques, and it makes little sense to depart from traditional relational database management when tackling problems for which relational technology is the tried and true solution, she says. However, Nustad can see Hadoop playing a role in fraud and waste analytics, perhaps analyzing records of patient visits that might be reported in a variety of formats.
Among the CIOs interviewed for this story, those who had practical experience with Hadoop, including Rotella and Shopzilla CIO Jody Mulkey, are at companies that provide data services as part of their business.
“We’re using Hadoop for what we used to use the data warehouse for,” Mulkey says, and, more importantly, to pursue “really interesting analytics that we could never do before.” For example, as a comparison shopping site, Shopzilla accumulates terabytes of data every day. “Before, we would have to sample data and partition data; it was so much work just to deal with the volume of data,” he says. With Hadoop, Shopzilla is able to analyze the raw data and skip the in-between steps.
Good Samaritan Hospital, a community hospital in Southwest Indiana, is at the other end of the spectrum. “We don’t have what I would classify as big data,” says CIO Chuck Christian. Nevertheless, regulatory requirements are causing him to store whole new categories of data such as electronic
across Florida. “That’s a potential solution to a very real problem we have now,” he says.
Business Analytics Get FasterBig data technologies are one element of a larger trend toward faster analytics, says University of Kentucky CIO Vince Kellen. “What we really want is advanced analytics on a hell of a lot of data,” Kellen says. How much data one has is less critical than how efficiently it can be analyzed, “because you want it fast.”
The capacity of today’s computers to process much more data in memory allows for faster results than when searching through data on disk—even if you’re crunching only gigabytes of it.
Although databases have, for decades, improved performance with caching of frequently accessed data, now it’s become more practical to load entire large datasets into the memory of a server or cluster of servers, with disks used only as a backup. Because retrieving data from spinning magnetic disks is partly a mechanical process, it is orders of magnitude slower than processing in memory.
Rotella says he can now “run analytics in seconds that would take us overnight five years ago.” His firm does predictive analytics on large data sets, which often involves running a query, looking for patterns, and making adjustments before running the next query. Query execution time makes a big difference in how quickly an analysis progresses. “Before, the run times would take longer than the model building, but now it takes longer to build the model than to run it,” he says.
Columnular database servers, which invert the traditional row-and-column organization of relational databases, address another category of performance requirements. Instead of reading entire records and pulling out selected columns, a query can access only the columns of interest—dramatically improving performance for applications that group or measure a few key columns.
medical records in great quantities. Doubtless there is great potential to glean healthcare quality information from the data, he says, but that will probably happen through regional or national healthcare associations rather than his individual hospital. It’s unlikely he’ll invest in exotic new technologies himself.
John Ternent, CIO at Island One Resorts, says that whether his analytic challenges are driven by big data “depends on how capital your B and D are.” But he’s seriously considering using Hadoop instances in the cloud as an economical way of running complex mortgage portfolio analytics for the company, which manages eight timeshare resort properties
“Telecom has become very personalized. The information from social media brings us closer to our customers.”
—Manoj Nigam, VP, CS-IT, Vodafone
Of Indian CIOs plan to implement
CIOs plan to implement
CIOs plan to
analytical tools implement
analytical tools implement
in 2012.analytical tools
in 2012.analytical tools
SoUrCE: StatE of thE IndIan CIo
32 percent
the125th
issuespecial
Vol/7 | ISSUE/074 4 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Coverstory_BIG_IDEA_Set1.indd 34Coverstory_BIG_IDEA_Set1.indd 34Coverstory_BIG_IDEA_Set1.indd 34
ph
ot
og
ra
ph
S b
y r
oh
It g
Up
ta
, Im
ag
ES
an
d d
r l
oh
Ia
Ternent warns that the performance benefits of a columnar database come only with the right application and query design. “You have to ask it the right question the right way for it to make a difference,” he says. Meanwhile, he says, columnar databases only really make sense for applications that must handle over 500 gigabytes of data. “You have to get a certain scale of data before columnar makes sense because it relies on a certain level of repetition” to achieve efficiencies.”
To improve analytics performance, hardware matters, too. Allan Hackney, CIO at the insurance and financial services giant John Hancock, is adding GPU chips—the same graphical processors found in gaming systems—to his arsenal. “The math that goes into visualizations is very similar to the math that goes into statistical analysis,” he says, and graphics processors can perform calculations hundreds of times faster than conventional PC and server processors. “Our analytic people love this stuff.”
Technology Costs LessAlong with increases in computing capacity, analytics are benefiting from falling prices for memory and storage, along with Open Source software that provides an alternative to commercial products and puts competitive pressure on pricing.
Ternent is an Open-source evangelist. Prior to joining Island One, he was vice president of engineering for Pentaho, an Open-source business intelligence company, and worked as a consultant focusing on BI and Open Source. “To me, Open Source levels the playing field,” he says, because a mid-sized company such as Island One can use R, an Open-source application, instead of SAS for statistical analysis.
Once, Open-source tools were available only for basic reporting, he says, but now they offer the most advanced predictive analytics. “There is now an Open-source player across just about the entire continuum, which means there’s tooling
available to whoever has the gumption to go and get it.”
HMS’ Nustad sees the changing economics of computing altering some basic architectural choices. For example, one of the traditional reasons for building data warehouses was to bring the data together on servers with the computing horsepower to process it. When computing power was scarcer than it is today, it was important to offload analytic workloads from operational systems to avoid
degrading the performance of everyday workloads. Now, that’s not always the right choice, Nustad says.
“With hardware and storage so cheap today, you can afford to juice up those operational systems to handle a BI layer,” she says. By factoring out all the steps of moving, reformatting and loading data into the warehouse, analytics built directly on an operational application can often provide more immediate answers. Hackney observes, however, that although
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 4 5Vol/7 | ISSUE/07
Thomson Reuters’ Social BI Playthomson reuters has made a major upgrade to its market feeds by adding
analysis of content from social media sites. the machine readable news
service now delivers traders with analytics from 50,000 news sites and four
million social networks, in a format promised to be digestible and to highlight
the key information.
analytics include sentiment, relevance and novelty indicators that capture
market opinion, for algorithmic trading systems as well as risk management and
human decision support processes. thomson reuters said the development
would help traders to be better informed as they shape their strategies.
data can be aggregated at the stock, sector, market, and country levels to
track sentiment on desired parameters. It can also be filtered to hone in on
specific information sources, with tools spotting trends and anomalies.
the new function will mine the “expansive wealth of social media and blog
content”, thomson reuters said, delivering “digestible analytics on selected
companies and market segments”.
the news analytics software is available as a separate system—or within
Elektron, thomson reuters’ vast data and trading infrastructure. the new
system uses information from supplier moreover technologies, an aggregator
of global news and social media.
financial markets had seen a “dramatic rise in the volume and influence
of industry blogs, social-networking and commentary websites”, thomson
reuters said.
Some 35 percent of quantitative trading firms are using machine
readable newsfeeds, up from just two percent three years ago, according to
aite group research.
“Investment firms are embracing new data, tools and techniques to help
make sense of the massive amounts of unstructured data available on the
Internet,” said rich brown, head of quantitative and event driven trading
solutions, at thomson reuters. “When properly analyzed and understood, this
data can complement a firm’s trading and investment strategies and give it a
competitive edge.”
—by leo King
Cover Story
Coverstory_BIG_IDEA_Set1.indd 35 5/11/2012 6:12:19 PM
the price performance trends are helpful for managing costs, potential savings are often erased by increased demands for capacity. “It’s like running in place,” he says. While Hancock’s per unit cost for storage dropped by 2 to 3 percent this year, consumption was up 20 percent.
Everyone’s MobileLike nearly every other application, BI is going mobile. For Nustad, mobile BI is a priority because, like everybody, Nustad herself wants access to reports on whether her organization is meeting its service level agreements “served up on my iPad when I’m very mobile and not at my desk.” She also wants to deliver mobile access to data for her firm’s customers, to help them monitor and manage healthcare expenses. It’s “a customer delight feature that was not demanded five years ago, but is demanded today,” she says.
For CIOs, addressing this trend has more to do with creating user interfaces for smartphones, tablets and touch screens than it is about sophisticated analytic capabilities. Maybe for that reason, Kellen dismisses it as fairly easy to address. “To me, that’s kind of trivial,” he says.
Rotella doesn’t think it’s that simple. “Mobile computing affects everyone,” he says. “The number of people working off of iPads and other mobile devices is exploding. That trend will accelerate and change how we interact with our computing resources in an enterprise.” For example, Verisk has developed products to give claims adjusters access to analytics in the field, so they can run replacement cost estimates. That’s a way to “leverage our analytics and put it at the fingertips of the people that need it,” he says.
What makes this challenging is how much more quickly technology changes, Rotella says. “Two years ago, we didn’t have iPads. Now everyone is running around with iPads.” With multiple device operating systems in play, “we’re trying to understand how to best leverage our development so we’re not writing these things three, four, five times over,” he says.
Cover Story Cloud Computing
the125th
issuespecial
Of Indian CIOs say that they
aren’t interested in big data.
SoUrCE: StatE of thE IndIan CIo 2011
51 percent
University of Kentucky’s Kellen believes he needs to pay attention to them. “My job is to identify these technologies, see what the match is for the organization in terms of competitiveness, and start educating the right people,” he says.
The university has the same interest in monitoring sentiment about its brand as any other business, but Kellen says he may also identify opportunities to develop applications specific to school concerns such as student retention. For example, monitoring student posts on social media could help faculty and administrators learn earlier when students are having academic trouble, much as Dell does when its support organization detects people tweeting about broken laptops, Kellen says. IT developers should also be looking for ways to build alerts generated by social media analytics into applications for responding to those events, he says.
“We don’t have the know-how, nor the tools, go out and mine massive quantities of social media postings,” says Hackney. “But once you have the data, you need to be able to have enough information about events happening in the company to be able to correlate them.” While Hancock’s efforts in this area are “nascent,” according to Hackney, he envisions a role for IT in correlating the data provided by a social analytics service with corporate data. For example, if the social media data shows comments about the company in the Midwest are becoming more negative, he would want to see if the company has made price or policy changes in that region that might explain the trend.
Finding such correlations could make a big difference in getting company leaders to believe in the return on investment of social media, Hackney says. “In my industry, everybody’s an actuary, everyone’s looking for the numbers—they don’t take anything on belief.” CIO
David F. Carr is a freelance writer based in Florida. Send
feedback on this feature to [email protected]
Vol/7 | ISSUE/074 6 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
On the other hand, the requirement to create native applications for each mobile platform may be fading now that the browsers in phones and tablets are more capable, says Island One’s Ternent. “I’m not sure I’d invest in a customized mobile device application if I can just skin a web-based application for a mobile device.”
Social Media in the MixWith the explosion of Facebook, Twitter and other social media, more companies want to analyze the data these sites generate. New analytics applications have emerged to support statistical techniques such as natural language processing, sentiment analysis, and network analysis that aren’t part of the typical BI toolkit.
Because they’re new, many social media analytics tools are available as services. One prominent example is Radian6, a software-as-a-service product purchased by Salesforce.com. Radian6 presents a dashboard of brand mentions-tagged positive, negative, or neutral-based on Twitter feeds, public Facebook posts, posts and comments on blogs and discussion board conversations. When purchased by the marketing and customer service departments who use them, such tools may not require heavy IT involvement. Still,
Coverstory_BIG_IDEA_Set1.indd 36 5/11/2012 6:12:19 PM
How Do You Keep IT Staff Continually Inspired to Excel?
the125th
issuespecial
“Creating healthy competition within the team is a way of inspiring team members to excel. I give a similar task to more than two people and let them know others are chasing something similar.” P. Lamba, VP & Head-IT, Ballarpur Industries
“We organize training every six months. We run global exchange programs and send staff to our locations in Hong Kong, Dubai, Belgium, and China.” Satyanarayan B., CIO & VP, Dimexon Diamonds
“We give monetary incentives, send employees for training, and expose them to learning opportunities. The last is based on their capability to handle different projects apart from their regular jobs, which keeps them motivated and gives them a break.”Satish Kotian, Head-IT, Dewan Housing Finance Corporation
“I employ three basic HR processes: Learning and development, reward and recognition, and engagement. We have mandatory certification annually, recognizing the best IT implementations, and weekly knowledge-sharing programs.” Subhasish Saha, CTO, Apeejay Surrendra Group
“We provide sponsorship for management development programs conducted by premier institutes. I also nominate them
for seminars and training meant for technology upgradation.”S. Raghuna Reddy, SVP-IT, UTI Mutual Fund
“We run talent identification programs and entrust staffers with new responsibilities if they show expertise in other areas. We nominate people to our global exchange program.” M. Suresh, Director-ADM Group, Hyundai Autoever SystemsAutoever Systems
“I employ three basic HR processes: Learning and development, reward and recognition, and engagement.We have mandatory certification annually, recognizing the best IT implementations, and weekly knowledge-sharing programs.” Subhasish Saha,
“We give monetary incentives, send employees for training, and expose them to learning opportunities. is based on their capability to handle different projects motivated and gives them a break.”Satish Kotian,
We provide sponsorship for management development programs conducted by premier institutes. I also nominate them
for seminars and training meant for technology upgradation.” SVP-IT, UTI Mutual Fund
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 4 7Vol/7 | ISSUE/07
Voices_BIG_IDEA.indd 35Voices_BIG_IDEA.indd 35Voices_BIG_IDEA.indd 35 5/11/2012 4:10:53 PM5/11/2012 4:10:53 PM5/11/2012 4:10:53 PM
By Thor Olavsrud
Shutterfly is an online photo site that differentiates itself by allowing users to store an unlimited number of images that are kept at the original resolution, never downscaled. It also says it never deletes a photo.
“Our image archive is north of 30 petabytes of data,” says Neil Day, Shutterfly senior vice president and chief technology officer. He adds, “Our storage pool grows faster than our customer base. When we acquire a customer, the first thing they do is upload a bunch of photos to us. And then when they fall in love with us, the first thing they do is upload a bunch of additional photos.”
online photo site Shutterfly—which manages more than 30 petabytes of data
Reader ROI:Why managing the petabyte-scale data stores is different from traditional large-scale data infrastructures.
How to prepare
Everyone is talking about big data analytics and associated business intelligence marvels these days, but before organizations will be able to leverage the data, they’ll have to figure out how to store it. Managing larger data stores—at the petabyte scale and larger—is fundamentally different from managing traditional large-scale data sets. Just ask Shutterfly.
Getting Storage
“CIOs should pick one business problem. Then build a proof point with marketing, or customer service. Build a roadmap so that you know when or not to stop.” —Dr. Jai Menon, Group CIO and Group Director-Innovation & IT, Bharti Enterprises
`
the125th
issuespecial
Vol/7 | ISSUE/074 8 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Big Data Disaster Recovery analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk management Virtualization Business
Coverstory_BIG_IDEA_Set1.indd 38Coverstory_BIG_IDEA_Set1.indd 38Coverstory_BIG_IDEA_Set1.indd 38
To get an idea of the scale we’re talking about, one petabyte is equivalent to 1 thousand terabytes or 1 million gigabytes. The archive of the first 20 years of observations by NASA’s Hubble Space Telescope comes to a bit more than 45 terabytes of data, and one terabyte of compressed audio recorded at 128 kB/s would contain about 17,000 hours of audio.
Petabyte-Scale Infrastructure Is Different“Petabyte-scale infrastructures are just an entirely different ballgame,” Day says. “They’re very difficult to build and maintain. The administrative load on a petabyte or multi-petabyte infrastructure is just a night and day difference from the traditional large-scale data sets. It’s
—which manages more than 30 petabytes of data—shares its strategy for taming its big data beast.
The Size of Big Data•Onepetabyteisequalto1
thousand terabytes. The archive of the first 20 years of observations by NaSa’s Hubble Space Telescope comes to a bit more than 45 terabytes of data.
Storage Big Data Readylike the difference between dealing with the data on your laptop and the data on a RAID array.”
When Day joined Shutterfly in 2009, storage had already become one of the company’s biggest buckets of expense, and it was growing at a rapid clip—not just in terms of raw capacity, but in terms of staffing.
“Every n petabytes of additional storage meant we needed another storage administrator to support that physical and logical infrastructure,” Day says. With such massive data stores, he says, “things break much more frequently. Anyone who’s managing a really large archive is dealing with hardware failures on an ongoing basis. The fundamental problem that everyone is trying to solve is, knowing that a fraction of your drives are going to
fail in any given interval, how do you make sure your data remains available and the performance doesn’t degrade?”
Scaling RAID Is ProblematicThe standard answer to failover is replication, usually in the form of RAID arrays. But at massive scales, RAID can create more problems than it solves, Day says. In a traditional RAID data storage scheme, copies of each piece of data are mirrored and stored on the various disks of the array, ensuring integrity and availability. But that means a single piece of data stored and mirrored can inflate to require more than five times its size in storage. As the drives used in RAID arrays get larger—3 terabyte drives are very attractive from a density and power consumption perspective—the time it
“Big data helps us keep a competitive edge. As customer data grows there’ll be a significant shift in product usage that’s why big data solutions are important.” —Alpna Doshi, CIO, Reliance Communication
“Hadoop and social media can play a big role in analyzing unstructured data. The CIO needs to consolidate disparate data sets and use BI tools to derive business insights.” —Daya Prakash, CIO, LG Electronics
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 4 9Vol/7 | ISSUE/07
Cover StoryCover StoryBig Data Disaster Recovery analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk management Virtualization Business
Coverstory_BIG_IDEA_Set1.indd 39Coverstory_BIG_IDEA_Set1.indd 39Coverstory_BIG_IDEA_Set1.indd 39Coverstory_BIG_IDEA_Set1.indd 39Coverstory_BIG_IDEA_Set1.indd 39Coverstory_BIG_IDEA_Set1.indd 39Coverstory_BIG_IDEA_Set1.indd 39Coverstory_BIG_IDEA_Set1.indd 39Coverstory_BIG_IDEA_Set1.indd 39Coverstory_BIG_IDEA_Set1.indd 39 5/11/2012 6:12:25 PM5/11/2012 6:12:25 PM
takes to get a replacement for a failed drive back to full parity becomes longer and longer.
“We didn’t actually have operational issues with RAID,” Day says. “What we were seeing was that as drive sizes became larger and larger, the time to get back to a fully redundant system when we had any component failure was going up. Generating parity is proportional to the size of the data set that you’re generating it for. What we were seeing as we started using 1-terabyte and 2-terabyte drives in our infrastructure was that the time to get back to full redundancy was getting quite long. The trend wasn’t heading in the right direction.”
Reliability and availability is mission-critical for Shutterfly, suggesting the need for enterprise-class storage. But its rapidly inflating storage costs were making commodity systems much more attractive, Day says. As Day and his team investigated the potential technical solutions to getting Shutterfly’s storage costs under control, they got interested in a technology called erasure codes.
Next-Generation Storage With Erasure CodesReed-Solomon erasure codes were originally used as forward error correction (FEC) codes for sending data over an unreliable channel, like data transmissions from deep space probes. The technology is also used with CDs and DVDs to handle impairments on the disc,
users to store chunks, or slices as it calls them, in geographically separate places, like multiple datacenters.
Each slice is mathematically useless on its own, making it private and secure. Because the information dispersal technology uses only a single instance of data with minimal expansion to ensure data integrity and availability, rather than multiple copies as with RAID, Cleversafe says, companies can save up to 90 percent of their storage costs.
“When you go to put it back together, you don’t have to have every single piece,” says Russ Kennedy, vice president of product strategy, marketing and customer solutions for Cleversafe. “The number of pieces you generate, we call that the width. We call the minimum number you need to put it back together the threshold. The difference between the number of pieces you create and the minimum number required to put it back together is what determines its reliability. Simultaneously, you can lose nodes and drives, and you can still get the data back in its original form. The highest amount of reliability you can get with RAID is dual parity. You can lose two drives. That’s it. With our solution, you can lose up to six.”
Erasure codes are also a software-based technology, meaning it can be used with commodity hardware, bringing down the cost of scaling even more.
Building Next-Generation Storage Infrastructure“Having identified the right technology, we went and looked at a number of different vendors who were providing solutions in that space,” Day says. “We looked at building it ourselves. But we felt that if we could find a company that was a pretty close match to our requirements, with a system that was reasonably proven, that would be a much better approach for us.”
Shutterfly brought four vendors to its lab for evaluation and built prototypes of the storage device it wanted for its datacenter. Day says he was looking for
like dust and scratches. But several storage vendors have begun incorporating erasure codes into their solutions. Using erasure codes, a piece of data can be broken up into multiple chunks, each of them useless on their own, and then dispersed to different disk drives or servers. At any time, the data can be fully reassembled with a fraction of the chunks, even if multiple chunks have been lost due to drive failures. In other words, you don’t need to create multiple copies of data; a single instance can ensure data integrity and availability.
One of the early vendors of an erasure code-based solution is Cleversafe, which has added location information to create what it calls dispersal coding, allowing
“Semantic data models would play a role in some functions. It would definitely help marketing but not finance.” —Rajeev Batra, CIO, Sistema Shyam Teleservices
Of Indian CIOs say they will
implement big say they will
implement big say they will
data in one year.implement big
data in one year.implement big
SoUrCE: StatE of thE IndIan CIo 2011
20 percent
the125th
issuespecial
Vol/7 | ISSUE/075 0 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Coverstory_BIG_IDEA_Set1.indd 40Coverstory_BIG_IDEA_Set1.indd 40Coverstory_BIG_IDEA_Set1.indd 40
An Interview Question You Like to Ask Staffers When You are Recruiting
the125th
issuespecial
“Can you give me one example of an initiative you’ve taken which has introduced substantial business benefits? It’s one of the criteria to judge whether a candidate’s knowledge of business-IT alignment is good.”Zoeb Adenwala, CIO Global, Essel ProPack
“How do you plan to meet organizational goals? And what are your short-term and long-term aspirations? A candidate should be able to visualize what he’s capable of based on industry requirements when he joins an organization.”Muralidhara H.S., Head SAP-Center of Excellence, TTK Prestige
“What is your real motivation for change? And what do you expect to be doing in the next two years? The reason should be genuine, otherwise the candidate could be a misfit and the business would waste time and money.”Sanjay Saraswat, CIO-Carrier Business, Reliance Globalcom
“What is your people philosophy?’ I believe IT management is all about managing people. It requires empathy, respect, fairness, and assertiveness. That’s why people philosophy matters so much in a candidate.” Jagdish Belwal, CIO, Tata Motors
“What do you find interesting about this job? This gives a very clear perspective
about the candidate’s inclination and keenness for the job. This means that the interviewee has done research about the company as well as the job.”Rajat Sharma, President-IT, Atul
“I’d ask for his professional expectations. From an organization’s view what needs to be understood are his real reasons for looking out for a change.” Subhodip Bandyopadhyay, Director Organization Systems and Supply Chain, Carrefour India
an initiative you’ve taken which has introduced substantial business benefits? It’s one of the criteria to judge whether a candidate’s knowledge of business-IT alignment is good.”
requires empathy, respect, fairness, and
That’s why people philosophy matters so much in a
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 5 1Vol/7 | ISSUE/07
Voices_BIG_IDEA.indd 37Voices_BIG_IDEA.indd 37Voices_BIG_IDEA.indd 37Voices_BIG_IDEA.indd 37 5/11/2012 4:10:58 PM5/11/2012 4:10:58 PM5/11/2012 4:10:58 PM
Moment of Truth: One Thing You’d Like From Your Technology Provider
the125th
issuespecial
“I want them to take the initiative to understand my business’ needs and challenges and then offer me solutions—rather than bringing me whiz-bang technology and trying to fit my requirements into the product’s specs.”Hitesh Arora, Director & Head-IT, Max New York Life Insurance
“If service providers take a ‘partner approach’ rather than a transactional one, and adopt a mid- to long-term view of their products, support and pricing strategies, it would bring in a salutary change the the procurement process!”Francis Rajan, VP-ICT, BIAL
“Vendors need to understand that global templates that have worked wonders across the world might not fit my business. I’d like them to figure out how to make global practices palatable to my business realties.”Manan Chhatrapati, CTO, Hungama Digital Media Entertainment
“The ability to influence the delivery mechanism and deliver quicker than what was committed. A partner that can understand and collaborate with me to achieve results with fast turnaround is more likely to win my appreciation.”Ranendra Datta, VP-IT, SABMiller India
“Partners need to create more awareness about their complete portfolio, rather than pushing products which are the latest launches.”G. R. Pillai, CIO, Super Religare Laboratories
“Vendors will explain how other companies have benefited from their solutions. But they don’t share challenges. If only vendors could be straightforward, it would save us a lot of trouble during implementation and increase our trust in them.”Atul Luthra, CIO, ABC Consultants
Vol/7 | ISSUE/075 2 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
take a ‘partner
and adopt a mid- to long-term view of their products, support and pricing strategies, it would bring in a salutary change the the
performance, availability, fault tolerance and manageability.
“We have a staff that does nothing but manage our image archive,” he explains. “One of the big concerns in 2010 was the growth we were seeing in our image archive. We were going to have to grow our staff relative to the growth of our image archive, and that wasn’t very attractive.”
Day says the company he chose as the best fit for Shutterfly was mostly based on that company’s willingness to work with Shutterfly to tailor its solution to Shutterfly’s needs. The two companies started going through a series of progressive proofs of concept, including load and performance tests in Shutterfly’s lab. After Shutterfly was comfortable with the operational and performance characteristics, it placed a parallel storage infrastructure in production, directing a copy of all Shutterfly’s traffic to it.
“Every image coming in the door was written to our legacy infrastructure and the partners infrastructure,” Day says. “We ran it for six months, including holidays.”
The holidays are the peak season for Shutterfly, when many of its customers create photo books.
Shutterfly brought the vendor’s storage solution into full production for its image archive in 2011 and has been using it as the primary image repository ever since.
The TCO of Erasure Code-based Storage“It’s fundamentally a software solution, allowing us to deploy on very, very cost-effective hardware,” Day says. “That changes the whole picture from a total cost of ownership perspective for us. We have more flexibility dealing with hardware vendors and can guarantee that we’re getting the best possible price on the drives and the infrastructure that supports them.”
Administering the storage pool has also been greatly simplified, Day says.
“We can basically just add another brick of storage and it automatically gets added to whichever pool we designate it for,” he says. “Previously, we had to do some fairly interesting administrative gymnastics whenever we added additional storage.”
Also, now, when a drive fails or goes offline, Shutterfly’s storage infrastructure is able to mark it as unavailable and route data around it while recovering data on that drive transparently. Instead of an “all hands on deck” situation when a drive or a shelf fails, Day says his team can now simply note the failure and replace the affected infrastructure on a scheduled maintenance schedule.
“It’s allowed us to not grow [our staff] as quickly as we were previously,” he says. “We still do grow, but at a much slower rate than we did with the previous generation of gear. The daily maintenance workload has declined. Administrators get to spend more time on interesting proactive projects. Their workloads have shifted to what I would call additive work. It’s good from a growth perspective and a job content perspective.”
Store It and Insight Will ComeWhile Shutterfly is an Internet company that deals with volumes of data that dwarf what most enterprises today have to deal with, companies across the board are storing ever-increasing amounts of data.
“Our archive size in five years is going to look pretty pedestrian, though we’ll
still be orders of magnitude larger than the average” he says. “One of the things that’s really interesting right now is in the last four or five years you’ve seen a bunch of applications and technologies enter the marketplace that make it possible to deal with very large datasets. Those are really exciting because they allow companies to gain deeper insights into their business by actually looking at the fine-grained data.”
“That’s a positive move in the industry,” Day says. “We’re just at the very early stages of that coming into play. Another factor that’s pretty interesting is that as businesses do more with real-time customer interactions, with online, with mobile, they’re also generating just massive amounts of data. It’s now possible to analyze that data for really impactful business insights. But all of that depends on the ability to store massive amounts of data and do it reliably.” CIO
Thor Olavsrud is a senior writer for CIO.com. Send
feedback on this feature to [email protected]
Today, when a drive fails or goes offline, Shutterfly’s storage infrastructure can mark it as unavailable and route data around it while recovering data on that drive. Instead of an “all hands on deck” situation when a drive or a shelf fails, Day says his team can now simply note the failure and replace the affected infrastructure on a scheduled maintenance schedule.
Cover Story
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 5 3Vol/7 | ISSUE/07
Coverstory_BIG_IDEA_Set1.indd 43 5/11/2012 6:12:26 PM
Vol/7 | ISSUE/07
5 4 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
By Jeff Vance Actually, there’s a third thing. For many organizations, even today, DR means doing the bare minimum, crossing your fingers and hoping for the best.
The cloud is changing all of that. On one hand, it is democratizing DR, making it affordable for even SMBs to sign up for DR services. On the other, the disruption is causing confusion, often giving companies a false sense of security and luring them into bad decisions.
An SMB can take advantage of such free or cheap services as Dropbox, Box or SkyDrive, and many can confidently (and not incorrectly) say that this is a sufficient DR plan. In fact, what most organizations don’t realize is that part of their DR plan are the evolving habits of knowledge workers, mirroring what many SMBs are doing for DR.
As knowledge workers become ever more mobile and rely on a growing array of mobile devices, they constantly move critical information out of corporate data stores and into their personal, cloud-based storage simply to make that data accessible from anywhere on any device.
There are problems with this approach, obviously, but it means that if a disaster strikes, your sales team will likely have a customer list it can access. Public relations pros will have key press contacts at their fingertips, and developers will simply access their latest projects in the cloud, where they probably already had been.
Reader ROI:The importance of thinking cloud DR through
The connection between recovery and replication
Why cloud DR is just one leg of your strategy
Cloud computing is slowly upending the disaster recovery (DR) market. Only a few years ago, disaster recovery meant one of two things: For large organizations, it necessitated huge capital investments; for the mid-market it meant backing up only the most important data to tape and shuffling it off to a secure location.
“Our DR is hosted on the Amazon cloud. But our business suffered for 8-12 hours due to outage. So we decided to spread our data locations across continents. So, if servers in the US go down, we can move operations to Singapore.” —Animesh Singh, VP-Operatrions, BrickRed Technologies
the125th
issuespecial
When it comes to DR, the cloud is a mixed bag. here’s how it has both lowered
Cloud DR: Sending Mixed
Big Data Disaster Recovery analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk management Virtualization Business
5/11/2012 6:12:27 PM5/11/2012 6:12:27 PM5/11/2012 6:12:27 PM5/11/2012 6:12:27 PM5/11/2012 6:12:27 PM5/11/2012 6:12:27 PM5/11/2012 6:12:27 PM5/11/2012 6:12:27 PM5/11/2012 6:12:27 PM5/11/2012 6:12:27 PM
What should be obvious to you by now is that even if you are wary of the cloud for DR purposes, you are already deeply entangled in cloud-based DR through your tech-savvy employees.
The Danger in Laissez-Faire DRBefore you breathe a sigh of relief, thinking you’re more DR-ready than you’d previously imagined, remember that this laissez-faire DR may work out when you’re hit by run-of-the-mill outages, such as a brief power blackout, but if a real disaster hits, you could still be in deep trouble.
“When I lived in Florida, my organization had to rebound after a hurricane. We learned quickly about the things we hadn’t planned for but should have,” says Daniel Neufeld, vice president of information systems for long-term care provider Leisureworld Senior Care.
Neufeld’s organization originally felt lucky that it was no longer tied to the corporate PBX for voice. “We thought we’d just move over to our mobile phones, but that plan didn’t work out for long,” he says. They hadn’t realized that many cellular towers don’t have battery backup.
And let’s not forget that all of this employee-driven, de facto DR butts up against another looming issue: Data loss. Sure, having critical data stored in Dropbox may save CIOs when a disaster
DR, the cloud is a mixed bag. the entry barriers for dr and given businesses a dangerous sense of false security.
Best Practices•Rememberthatinacloud
outage, you are more responsible than your provider.
•UseWANoptimizationtoovercome the bandwidth obstacle.
•Createaquestionbanktofindout whether your DR takes care of all your issues.
hits, but it could just as easily get a CIO fired if that Dropbox account gets hacked or a key sales manager quits after having poached all the data he needs in order to take his accounts with him to his new job.
A more pervasive and dangerous laissez-faire DR mistake is simply believing that your cloud provider will handle data backup and recovery for you. “When Amazon had downtime, customers were up in arms,” says Jon Beck, senior vice president of worldwide channels and alliances for OpSource, a provider of enterprise cloud and managed hosting services. “There’s not a service provider on the planet that won’t have an outage someday. What was interesting about the Amazon outage is how many big-name customers didn’t have a disaster recovery plan in place to either move data to other availability zones or to other providers.”
Don’t blame your cloud provider. Blame yourself.
The Cloud Marries DR to Data ReplicationThe problem with DR plans that involve moving data to other zones or providers is that the public Internet isn’t built for shifting huge chunks of data around on a moment’s notice. If mission-critical data still resides in on-premises servers, most small- to mid-sized organizations don’t have the bandwidth in place for real DR,
nor do they have the budget available if they wanted to add it.
Both OpSource and Leisureworld overcame the bandwidth obstacle through WAN optimization, with OpSource using the cloud-based WAN optimization service from Aryaka and Leisureworld using Riverbed’s Steelhead appliances.
Interestingly enough, neither OpSource nor Leisureworld was thinking about DR when it deployed WAN optimization.
“A couple of our customers [including SaaS companies Xactly and Accept Software] started using Aryaka to replicate data from our East Coast to West Coast datacenters,” Beck says. “One of the great things about the cloud, with its elasticity and flexibility, is that you don’t need to have separate conversations with vendors about data replication and disaster recovery. Those discussions get merged. You’re no longer forced to have assets at one end sitting idle waiting for a disaster to happen. You can be using additional capacity for data replication between two sites, but in the event of a disaster, you can spin up compute assets in the secondary site on demand.”
Neufeld of Leisureworld Senior Care had a similar experience. He deployed appliances to overcome bandwidth limitations and replicate data from nursing and retirement homes back to the home office. Each home only has a cable modem
Mixed Signalscare of all your issues.
Signalscare of all your issues.
Mixed Signals
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 5 5Vol/7 | ISSUE/07
Cover StoryCover StoryBig Data Disaster Recovery analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk management Virtualization Business
Coverstory_BIG_IDEA_Set1.indd 45Coverstory_BIG_IDEA_Set1.indd 45 5/11/2012 6:12:28 PM5/11/2012 6:12:28 PM
natural gas line. Any of these events could disrupt power or force nearby businesses out of their buildings. Stouffer noted that most businesses are underinsured for disaster recovery—something the cloud will certainly not help you with—and even those with DR plans in place may forget to scrutinize the fine print.
What happens if you need to install new servers for an on-premises system? Will you be able to get the gear in a day or two? If not, can your business afford to be down for however long it takes? Many businesses will fail if they are offline for three or four days. Equipment providers offer quick-ship agreements that you have to sign up for ahead of time. Has your organization signed up for one? If not, does it have a third-party provider in mind that can deliver gear quickly?
Even if you are in the cloud and don’t have to rebuild your own servers, have you thought through what a disaster really means?
“All the cloud provider does is keep the servers running,” Stouffer sags. “It doesn’t provide you with office space in an unaffected nearby town. It doesn’t give you directions to that office. Most providers fail over from disk to disk. Do you want tape as part of the disaster recovery solution? Is your data being replicated to a different region? After [Hurricane] Katrina, we know how important that is.”
In other words, the good news is that the cloud has made DR affordable for business of all sizes. The bad news is that cloud-based DR just scratches the surface, and many organizations, whether consciously or not, are doing little more than scratching the DR surface. CIO
Jeff Vance is a Los angeles-based freelance writer who
focuses on next-generation technology trends. Send
feedback on this feature to [email protected]
or DSL connection. Once the appliances were in place, Neufeld was able to deploy the virtual backup solution from Veeam. “Without WAN optimization, we wouldn’t have had the bandwidth for this,” he says.
What the Cloud Does— and Does Not Do—for DRThe cloud is putting DR in reach of even the smallest organizations. SMBs may not have the time or IT savvy to sketch out a full-blown DR plan, but they can certainly sign up for cloud-based backup and recovery solutions. For the mid-market, more involved DR is also in reach, often augmented by WAN optimization and a variety of cloud-based services.
The short list of benefits that come from moving DR into the cloud includes lower TCO, the ability to consume DR as a service, the ability to get DR as an add-on to data replication and the fact that DR is dovetailing with mobility.
If you’re a small organization that doesn’t have to pass compliance audits every year, simply signing up for a cloud-based backup and DR service may well be sufficient for you. However, if your organization is larger and regulated, you’ll need to put a lot more thought behind those DR plans, and many large organizations still haven’t done this.
Consider this scenario: The vacant lot next to your building has been sold, and a construction crew has moved in to start building a new office tower. This has nothing to do with your DR plans, right?
Wrong.“If there’s a construction site near
you, or especially if there’s construction in your building, we recommend to our clients that they get a rider on their insurance policy in the event that they’re displaced as a result of the work being done,” says Ginnie Stouffer, a master certified business continuity professional with IDC Partners, a business continuity firm in King of Prussia, Pennsylvania.
Construction workers could spark a fire, cut a buried power line or break through a
“Over two years I’ve seen a sea change in the Indian DR solution arena—probably due to cloud adoption. Yet, DR in most Indian companies still depend on on-premise infrastructure. —Deepak Madan, aVP & Head-IT, mantri Group
“We have project sites across India. All our business critical apps are hosted over a private cloud. A public cloud provider can’t guarantee less than two-hour downtime unlike an on-premise DR.” —L. Prasad, Head- IT, Kivar Environ
“When I was with Airtel, its customer support was outsourced. The Mumbai floods took our call center down. But thanks to our cloud-hosted DR site, we were able to resume BPO operations in two hours.” —Selvam K., Group CIO, S Tel
Vol/7 | ISSUE/075 6 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
the125th
issuespecial
Coverstory_BIG_IDEA_Set1.indd 46Coverstory_BIG_IDEA_Set1.indd 46Coverstory_BIG_IDEA_Set1.indd 46
By Robert L. Mitchell
Best of all, the data integration project, which cost less than $1,000 (about Rs 50,000) to get off the ground, required no in-house investment in integration tools or staff resources.
Instead, cloud-services provider Liaison Technologies performed the integration work and then set up—and currently manages—the connections through its cloud-based service.
Two years ago, a project like this would have been handled as just another point-to-point EDI integration.
CIos say integration with existing systems is a big worry about going cloud. —and saved millions.
Reader ROI:Benefits of working with a cloud-based integration partner
Rise of the cloud broker
The impact of this trend on monolithic systems
Just two weeks after Mohawk Fine Papers made the decision to sell its products on Amazon.com, things were decision to sell its products on Amazon.com, things were decision to selllooking good for the company: Integration work was complete, connections to its ERP system had lit up and sales were rolling in. “Amazon generated tens of thousands of dollars in revenue immediately,” says Paul Stamas, vice president of IT at the $300 million (about Rs 1,500 crore), 725-employee manufacturer of premium papers.
Easy Integration With
“The biggest service a third party cloud integrator provides is the ease of manageability of different public clouds. Since cloud services are pay-per-use, a cloud integrator regulates the use of the service.” —Ajay Kumar Meher, Sr. VP-IT & New media, multi Screen media
the125th
issuespecial
Vol/7 | ISSUE/075 8 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Big Data Disaster Recovery analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk management Virtualization Business
Coverstory_BIG_IDEA_Set1.indd 48Coverstory_BIG_IDEA_Set1.indd 48Coverstory_BIG_IDEA_Set1.indd 48
But the Amazon deal and the 100-plus other business-to-business connections that Mohawk has set up through Liaison over the past 18 months represent the culmination of Stamas’ vision to create what he calls a “service-oriented architecture in the cloud.”
The model has allowed Mohawk to quickly and inexpensively set up new business relationships without worrying about the technical details, thereby producing new revenue opportunities and millions of dollars in cost savings.
“SOA was the answer because it works based on the concept of loosely-coupled services, and geography doesn’t matter,” Stamas says. He briefly considered building an SOA in house, but “my head was spinning at the costs and complexity,” he says.
integration with existing systems fine papers used cloud-based integration partner—and saved millions.
Benefits of Working with Cloud Integrators•Itlowersin-houseinvestment
in integration tools or staff resources.
•Itshrinksturnaroundtime.•Itcutsthenumberofprojects
you put on the backburner.
Integration With the CloudSo, early in 2010, he began working with Liaison on his idea. Since then, the services that Liaison provides have moved beyond straightforward provisioning and management of B2B data mapping and EDI connections. Liaison now handles all connections, whether they’re between on-premises applications, from on-site systems to the cloud or cloud-to-cloud.
Recent projects include a process by which another cloud service provider, StrikeIron, provides up-to-date currency exchange rates to Mohawk’s on-premises ERP system at the time of invoice for international orders. Another inserts freight costs into each customer order on Mohawk’s website by way of cloud-based transportation logistics service broker Mercurygate. And a Web service created by Liaison checks Mohawk’s websites and
its ERP system to ensure that items are in stock and relays availability information to customers before they place their orders.
“We have over 30,000 of these checks a month and they happen in real time, synchronously, in two to three seconds,” Stamas says.
Liaison serves as the intermediary for every type of transaction, performing the necessary integration and data management work with Mohawk’s customers, suppliers and other business partners. The vendor also presents the connections as services for Mohawk to use as it wants, and offers a business activity-monitoring tool that keeps tabs on service levels from end to end.
“With Liaison, all types of data integration flow through the same service-oriented infrastructure, all [data] payloads
“A cloud solution provider should not only suggest the right architecture and solution, but also offer validation of the services available.” —Charan Padmaraju, CTO and Co-founder, redBus.in
“I turned to a cloud integrator to take care of my needs for integration, security, and SLAs in the cloud. We were entering a new platform and we needed the required expertise. “ —Mehriar Patel, CTO & Head–IT, Globus Stores
Benefits of Working with Cloud Integrators•It
•It•It
With the Cloud
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 5 9Vol/7 | ISSUE/07
Cover StoryCover StoryBig Data Disaster Recovery analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk management Virtualization Business
Coverstory_BIG_IDEA_Set1.indd 49Coverstory_BIG_IDEA_Set1.indd 49Coverstory_BIG_IDEA_Set1.indd 49Coverstory_BIG_IDEA_Set1.indd 49Coverstory_BIG_IDEA_Set1.indd 49Coverstory_BIG_IDEA_Set1.indd 49Coverstory_BIG_IDEA_Set1.indd 49Coverstory_BIG_IDEA_Set1.indd 49Coverstory_BIG_IDEA_Set1.indd 49Coverstory_BIG_IDEA_Set1.indd 49 5/11/2012 6:12:39 PM5/11/2012 6:12:39 PM
are defined as services, all interactions are managed via Web services, and all integrations use a publish-or-subscribe model” in which services are either provided or consumed, Stamas explains. “They have the tools and platforms, the enterprise service bus, messaging bus and service registry—all of the components of a service-oriented infrastructure. It’s a foundation on which we build our own unique integrations.”
The Rise of the Cloud BrokerLiaison is on the leading edge of an industrywide trend in which traditional providers of managed B2B services are becoming what Gartner analyst Benoit Lheureux calls a cloud services broker, or CSBs. In addition to offering data integration and customization services, CSBs provide an aggregation point for all types of business partner interactions.
The differentiator for Liaison is that it has the in-house expertise necessary to perform integrations quickly, and it can draw upon thousands of integrations it has already built, Lheureux says. Competing vendors are starting to move in that direction as well.
Gartner estimates that by outsourcing to a CSB, small and midsize businesses can save 20 percent to 30 percent over what it would cost to do the integration work internally. But there’s more to it than saving money, says Lheureux, explaining that such spending is now an operational expense rather than a capital expense.
but Mohawk uses a services-based model. Integration workloads are managed by two Web services: One at Mohawk and one at Liaison.
Because Mohawk’s IT organization has been abstracted away from the technical aspects of creating and maintaining all the different types of connections, Stamas says his group can focus on working with the business to develop new business models and connections with new business partners—and that’s good for IT.
Tony Hunter’s job is to pursue those business models. As Mohawk’s IT manager and business process architect, he helps to identify opportunities for the business and presents Liaison with the specifications. Right now, for example, he’s working on connecting Mohawk’s e-commerce website to a cloud-based service that provides real-time information on freight costs. Mohawk currently offers UPS and FedEx options on its website, but those aren’t the best-priced services for some customers. For instance, “less than truckload” (LTL) freight tends to be less expensive than UPS or FedEx for orders over 150 lbs.
“We are losing order opportunities because of [not offering] a freight cost,” says Steve Giangiordano, Mohawk’s manager of accounting services. So Hunter created a specification for a Web service that pulls LTL freight charges from Mercurygate’s cloud-based freight brokerage service and presents the data in the customer’s order on Mohawk’s website. “They hit a function key and they know right away what the LTL rate is. It’s amazing,” Hunter says. “Once we have that in place, the problem will go away.”
Mercurygate is a CSB like Liaison, but it provides freight data in the cloud, and on demand, rather than integration services.
Using a CSB has also improved security, Stamas says, because everything flows through a single point by way of a VPN connection. “Inside the cloud, they have all of the data security precautions you’d expect from a PCI standards-compliant datacenter,” he says, adding
This setup could work for large companies, too. “If you’re good at B2B and have the economies of scale, it’s not about savings. It’s about what are your required internal core competencies?” he says.
Since 2008, many CIOs in large businesses have been asked to scale up their B2B efforts but lack the capital or head count to do it. “A lot of them don’t even know that they have an option to outsource,” Lheureux says.
Mohawk’s SOA ModelB2B integration traditionally has used a messaging approach to synchronize data,
“When we rolled out our cloud across the globe, we faced many challenges. A cloud consultant who can work with diversified and geographically dispersed set up is a definite advantage. “ —Manoj Sharma, VP, IT, Jones Lang La Salle
Of Indian CIOs say that integration is CIOs say that integration is CIOs say that
among their integration is among their
integration is
top-three among their
top-three among their
public cloud top-three
public cloud top-three
challenges.challenges.public cloud challenges.
public cloud
SoUrCE: CIo CloUd CompUtIng SUrVEy 2012
49 percent
the125th
issuespecial
Vol/7 | ISSUE/076 0 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Coverstory_BIG_IDEA_Set1.indd 50Coverstory_BIG_IDEA_Set1.indd 50Coverstory_BIG_IDEA_Set1.indd 50
What Has Been Your Biggest Achievement This Year?
the125th
issuespecial
“I’ve enabled the delivery of business change initiatives. I’ve ensured these initiatives are sustained for at least five years to make tangible impacts.”Sriram Krishnan, Exec. VP-IT, ING Life Insurance
“We faced a totally unexpected digital media attack last year and management was concerned about the proliferation of negative news over digital media. We then pawned the entire fiasco and worked towards gaining trust back within a month using social media tools.”Jayakumar M., Head-IT, Eastern Condiments
“The widespread acceptance of a shared services model for IT in our new group, that’s spread worldwide. We’re now working on the transformation process for other groups.”Rajesh Mohan, Joint President-Information Technology and Systems, Binani Industries
“I’ve steered SAP acceptance through the company’s end users. Their increasing dependency on SAP standard reports reduced dependency on erroneous Z reports. We now have accurately defined KPIs/KRAs and measure them periodically.”
V.J. Rao, CIO, Viraj Steel
“We’ve achieved immense scalability and reliability in a very little time. Today, SMS Gupshup is the largest SMS-based communication platform in India and handles over 3 billion SMSes a month.” Vishwanathan Ramachandran, CTO, SMS Gupshup
delivery of business change initiatives. I’ve ensured these initiatives are sustained for at least five years to make tangible impacts.”
Exec. VP-IT,
reports reduced dependency on erroneous Z reports. We now have
CIO, Viraj Steel
“We enabled cross-platform integration. This allows groups to interact seamlessly regardless of location, moving projects faster, boosting growth, and cutting costs.” Arvind Saksena, Sr. VP Support & Services, Consilium Software
widespread acceptance of a shared services model We’re
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 6 1Vol/7 | ISSUE/07
Voices_BIG_IDEA.indd 41Voices_BIG_IDEA.indd 41Voices_BIG_IDEA.indd 41 5/11/2012 4:11:04 PM5/11/2012 4:11:04 PM5/11/2012 4:11:04 PM
In Your Role as an IT Leader, What Has Been Your Greatest Learning Till Date?
the125th
issuespecial
“CIOs need to perform a fine balancing act and work among different sets of people. I have learnt to focus on the interplay between managing IT processes and the need to lead people.”Guruprasad Murty, VP-IT & IS, Microland
“Cricketers change strategy when the game changes its pitch. It isn’t different for CIOs. I’ve learnt that delivering means helping business sell a product while adapting to technology changes.” Sanjeev Saxena, Head-IT, IFB Global
“Aligning IT to business during an economic downturn was a great learning. I’ve learnt that business measures value with two parameters: Increase in revenue and a reduction in cost.” Vijay Mahajan, VP-Center of Excellence & Infrastructure Projects, Corporate IT, Mahindra Shubhlabh
“Threats and vulnerabilities are getting extremely dynamic and complex. I’ve learnt that ensuring robust security posture needs an integrated focus on people, processes and technology. This runs against a siloed approach.”Sunil Varkey, Head Information Security, Aditya Birla
“Amid regular upheavals, and in a competitive market like today, user expectations haven’t diminished. I am still learning to
manage expectations without compromising quality.”Subramanian Chittur, Head-Systems, Metro Cash & Carry
“Long business projects are like big waves and have long-lasting benefits whereas short projects are like small tides which promise incremental benefits. Don’t lose sight of the tide in search of waves!”Muthu Kumar, GM-IT, Moser Baer
“Aligning IT to business during an economic downturn was a great learning. measures value with two parameters: Increase in revenue and a reduction in cost.” Vijay Mahajan, Corporate IT, Mahindra Shubhlabh
“Cricketers change strategy when the game changes its pitch. It isn’t different for CIOs. that delivering means helping business sell a product
VP-Center of Excellence & Infrastructure Projects,
“Amid regular upheavals, and in a competitive market like today, I am still learning to
manage expectations without compromising quality.” Head-Systems, Metro Cash & Carry
“Threats and vulnerabilities are getting extremely dynamic and complex.security posture needs an integrated focus on people, processes and technology. This runs against a siloed approach.”Sunil Varkey,
Vol/7 | ISSUE/076 2 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
that Liaison supports the AS2 communications standard, as required by Mohawk’s bank. “Going through a single point gives you an extraordinary benefit in securing transactions. The alternative is anarchy—people doing this through Web browsers, coming in through Port 80 and poking holes in your firewalls.”
The benefits of hosting a service-oriented architecture in the cloud don’t come without risks, and Stamas does have two concerns. One is vendor lock-in. “If Liaison drops out of site or becomes too big, what happens to our intellectual property and the integrations we count on? It’s a real concern,” he says.
Another is whether the cloud service provider can keep up service levels as Mohawk’s transaction volumes and customer base grow. While Mohawk has service-level agreements, he says, “the technical details of their underlying infrastructure are hidden from me.”
Can Liaison scale effectively? “If we’re twice as big in a year, can they handle the volume? I don’t know,” he admits.
Liaison CTO Bruce Chen says his company has 50 percent more capacity on hand than its customers need and has a distributed, service-based architecture that scales rapidly. But Gartner’s Lheureux says the technology that keeps data flowing is just one part of the business. Growing the professional services and managed services that make up the bulk of the company’s revenue means scaling up people, methodology and expertise. “The cost is not in the mapping tools or processors in the cloud. It’s in the people,” Lheureux says.
As a hedge, Mohawk retains a copy of all of its translations and mappings. The information is managed using Liaison’s Contivo technology, a tool designed for high-end mapping and best practices.
The intellectual property that Mohawk receives from Liaison is better than
what it might receive from other service providers because Contivo makes it easy to re-deploy or re-purpose data maps in different technology infrastructures, Lheureux says. Nonetheless, porting to a new platform would be painful. “You can’t just pick it up and drop it on another platform,” he says.
But for Mohawk, the benefits outweigh those risks. The low cost per integration and the rapid turnaround have given the company the agility to create new business relationships and build business processes on a trial basis. Mohawk can do all this without worrying about the investment of time, money and other resources required to do the integration work.
And because its costs are lower, Mohawk can tackle smaller projects that it wouldn’t have considered before. Stamas points to the StrikeIron integration as an example. “It is a small little Web service,” he says, noting that in the future there may be hundreds—or thousands—of such initiatives.
End of Big IT Architectures?Stamas sees this as the beginning of the end for monolithic enterprise applications. “They’re beginning to break apart into pieces. Rather than monolithic systems like SAP and Oracle, an ecosystem of cloud services will be interoperating with other workflows and processes that can be anywhere,” he says.
For example, Stamas explains, “our ERP is the system of record for financials, but
much of the functionality resides outside the system.” Orders entered via websites and CRM, expense management and HR systems are handled in the cloud, and advanced capabilities such as planning, scheduling, transportation, supply chain, asset management, manufacturing execution and warehouse management are performed outside the ERP software. Today, 60 percent of Mohawk’s IT portfolio resides outside the ERP system, up from 10 percent five years ago. “I see this rate accelerating,” says Stamas.
In such a setup, “your ERP system may call Web services at StrikeIron for a currency conversion, and UPS or FedEx for a freight rate,” he says. “Then it may check inventory for an item at a customer or supplier” or ping other sites to perform credit checks, calculate sales tax, approve a credit card payment and more.
As the financial bar has been lowered and turnaround times shortened for executing on such integrations, the number of projects at Mohawk has increased.
“We can bring in a third-party manufacturer or logistics provider at the drop of a hat. That’s what’s fueling revenue generation,” Stamas says. “If it costs us $1,000 to try something, why not try it? If it doesn’t work, we just throw it away.” CIO
Send feedback on this feature to [email protected]
Gartner estimates that by outsourcing to a cloud services broker, small and midsize businesses can save 20 percent to 30 percent over what it would cost to do the integration work internally. But there’s more to it than saving money, says analyst Benoit Lheureux, explaining that such spending is now an operational expense rather than a capital expense.
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 6 3Vol/7 | ISSUE/07
Cover Story
Coverstory_BIG_IDEA_Set1.indd 53 5/11/2012 6:12:40 PM
By Bob ViolinoMany of the fears regularly expressed by some technology and business executives—often related to information security in the mobile environment—can be effectively addressed through technology and policy.
A recent survey by the consultancy Avanade found that 60 percent of the companies surveyed are adapting their IT infrastructure to accommodate employee’s personal devices, rather than restricting use of such devices. Also, 91 percent of the executives say their IT department has the staff and resources needed to manage the use of consumer technologies. In that environment, resistance really is futile.
As your organization moves to consumer-based technologies such as tablets and smartphones, cloud services, a mix of PCs and Macs, and social networking, here are six critical practices to help create the right environment to make both IT and the business happy.
Step 1: Create a Culture That Welcomes Consumer TechHow can your organization ensure it gets the most out of consumerization and users have the freedom they need while at the same time maintaining appropriate control?
Perhaps the first move the organization needs to make is adjust its cultural orientation and attitudes from one of zero tolerance on consumer technologies to one of intellectual curiosity and business
Reader ROI:Best practices to create the right consumer tech environment
How to balance freedom and governance
Why security isn’t that big a deal
If your IT department is resisting the “consumerization” trend, it’s in the minority.Recent research shows that most enterprises are proactively addressing this trend and the new relationship between IT and users that often accompanies a consumer IT strategy. What do they know that you don’t?
“Employees believe that even if the device is theirs, IT should lend its support. Framing a policy that strikes a balance between employee freedom and corporate security is one of the toughest challenges.” —Jayantha Prabhu, Group CTO, Essar Group
the125th
issuespecial
many forward-looking businesses are accepting, even embracing, consumer technology.
Consumer Tech
Vol/7 | ISSUE/076 4 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Big Data Disaster Recovery analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk management Virtualization Business
5/11/2012 6:12:41 PM5/11/2012 6:12:41 PM
Cover StoryCover Story
opportunity, says Frank Petersmark, former CIO of Amerisure and now a CIO advocate at the consulting firm X by 2.
Instead of automatically frowning on, say, employees bringing their own devices to work, you might think about how best to leverage this for better customer service, improved profitability, or increased productivity, Petersmark says. An organization’s ingrained culture is probably one of the biggest inhibitors to effectively and sensibly leveraging the opportunities presented by technology consumerization.
Part of the cultural change is getting IT out of the mind-set that only technology people can make technology choices.
For example, the IT team at the Austin Convention Center in Texas had a hard time accepting that consumer products such as iPads would be suitable for use in its business environment, says Joe Gonzales, IT services manager. “In our organization, there is this perception that if a product didn’t get ordered from our Dell Premier page, then it’s not good enough to use in the enterprise.”
First, the center had to get to a way of thinking that the objective is to give employees productivity tools, and it doesn’t matter if these tools are considered business IT or consumer IT. Now, it uses iPads to deliver service-order information to its employees on the shop floor, and about 50 employees are using their own smartphones to access e-mail and calendar information.
accepting, even embracing, consumer technology. are you? here are six steps that will help you get there.
Step 2: Focus on Policy-based GovernanceThis may seem obvious, but it’s usually a big gap for companies to bridge: Develop policies to govern how consumer technologies can be used in the workplace, and deploy an asset management strategy for company-owned objects such as PCs and mobile devices.
Yes, consumer IT is largely about giving people freedom to choose devices and applications. But without a cohesive policy
in place, anarchy can result. “The majority of IT departments feel powerless when it comes to consumerization or any aspect of bring-your-own-device,” says Barb Rembiesa, CEO of the International Association of IT Asset Managers (IAITAM). But governing policies, strong processes, and proactive guidelines will give organizations the ability to move into a consumer IT environment while bringing value instead of adding risk and cost.
Also, think about deploying IT asset management systems to control risk and ensure financial return of company-owned technology goods. After all, you own them because you have an explicit expected benefit or payback, or a specific security need that moved you to mandate that tool.
Your standard technology deployment process may not fit the management of consumer technologies. For example, the Austin Convention Center found that its IT-initiated approach of adding a mobile device to a Windows domain and adding user profiles didn’t address the casual nature of BYOD usage. The IT department had to start from scratch and determine how it was going to manage equipment, yet still comply with the City of Austin’s IT security policies and procedures under which it operated.
In the end, the center wrote a new deployment policy that centered around educating users on the do’s and don’ts of device usage, Gonzales says. This is also how
Consumer Takes Over
Of Indian CIOs say bring your
own device will say bring your
own device will say bring your
be a buzzword in 2012.
SoUrCE: StatE of thE IndIan CIo 2011
43 percent
Best Practices•Createaculturethatwelcomes
consumer tech.•Focusonpolicy-based
governance.•ImplementMDM.•Tapintoyouremployeesfor
app ideas.•Getoversecurityskittishness
around ByOD•Buildanappstorethatappeals
to users
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 6 5Vol/7 | ISSUE/07
Big Data Disaster Recovery analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk management Virtualization Business
5/11/2012 6:12:45 PM5/11/2012 6:12:45 PM
In addition, MDM software allows for multiple profiles, so the company can have one profile for employee-owned devices and other profiles for corporate-owned devices, which it uses in its warehouse and fabrication facilities. Other organizations implement multiple profiles to vary permissions and privileges based on users’ roles.
Step 4: Tap Into Your Employees for App IdeasFor application development and deployment and the kinds of apps employees are allowed to use, many organizations are trying to catch up with the consumer marketplace, says X by 2 consultant Petersmark.
Most new employees enter an organization with a more capable set of productivity and networking tools, not just devices, than supplied by their new employer, Petersmark says. It’s problematic at best and catastrophic at worst from a talent recruiting and retention perspective “if the best and the brightest decide that their new employer’s infrastructure and application portfolio is far inferior to what they already have in their pockets,” he says.
Forward-thinking companies are trying to embrace those in their organization who tend to push the boundaries on the consumerization front. Rather than considering those people to be troublemakers, Petersmark advocates that you bring them into the planning and deployment process and ask them why they use the devices, services, and apps that they do, how they use them, what benefits they derive, and so on.
Consider creating a small team of the more cutting-edge employees and ask them to help re-create some of the core application functions the company uses in the form of more consumer-friendly technologies, Petersmark says.
Step 5: Get Over Security Skittishness Around BYODMost organizations historically denied network and data access to anything that was not company-issued. But that doesn’t
the center goes about segmenting company data and personal data on devices: By educating users not to mix the two.
IT also took responsibility for the initial setup of devices, so it could control app deployment on them.
Step 3: Implement MDM Mobile device management (MDM) software secures, monitors, and supports mobile devices. Typical functionality includes app distribution, configuration and enforcement of access controls, and—for higher security environments—imposing usage requirements, such as disabling the camera or limiting Wi-Fi access to specified access points. Such software—and the policies they execute—apply to both company- and employee-owned devices.
Consider the experience of furnishings company Holly Hunt’s iPad trial, where a few sales staffers used Apple iPads on visits to client sites. During the pilot, the company discovered there was no way for IT to manage the updates of iPad apps without going through an iTunes account. That meant it had to have a corporate iTunes account for each device issued and users had to periodically send their device in for the company to update with the PCs running that iTunes instance.
This was an operational nightmare, says Neil Goodrich, director of business analytics and technology at Holly Hunt. Instead, the company decided to shift to a BYOD model for the sales rollout, eliminating the concern about IT needing to keep devices current. Users took that responsibility, aided by iOS’s application alert system.
Holly Hunt also deployed MDM software, so it can blacklist certain apps. It can also remotely wipe data and deny network access to devices that do not adhere to policies.
This strategy gave the company what it wanted with its mobile strategy: Users can self-update their personal devices and get the full utility from the one device for both their personal and work need, and Holly Hunt can protect itself against risks such as lost or stolen devices.
“An enterprise app store is a wonderful idea. It’s a great way to enhance productivity by providing employees with quick and easy tools to carry.” —Gopal Rangaraj, VP-IT, Reliance Life Sciences
“The market is flooded with various devices and OSes. Securing these end-point devices is extremely complicated and cumbersome. Investing in VDI ensures end- to-end security.” —Prashanta Ghoshal, Director-IT Solutions & Services, Geometric
“BYOD is inevitable. It’s only a question of time before it becomes the norm. A future looking CIO should start considering this as part of his IT strategy.” —Sebastian Joseph, President–Technology & Fm, mudra Group
Vol/7 | ISSUE/076 6 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
the125th
issuespecial
Coverstory_BIG_IDEA_Set1.indd 56Coverstory_BIG_IDEA_Set1.indd 56Coverstory_BIG_IDEA_Set1.indd 56
What Advice Would You Give Your CFO to Tackle the Current Economic Reality?
the125th
issuespecial
“Leverage IT’s ability to reduce complexity through creative automation by implementing innovative processes thus reducing long-term opex.”Rajesh R. Nair, VP-Business Continuity, Credit Suisse India
“Outsource accounts payables, receivables, bank reco. etcetera. Use technology to place people in small towns at reduced cost (salary and office rentals), eliminate paper and use workflows.”Venkat Iyer, CIO, Wockhardt
“We must encourage initiatives that have a high probability of generating value. And while investing in any initiative, we must maintain a long-term rather than a short-term view to ensure we protect our investments for the future.”Vikram Idnani, Head- IT, Trent
“Continue to have a strong focus on operational processes and methods to manage business-IT flexibility. Adopt technology changes. Explore acquisitions to enable organic growth.”Milind Nene, CIO, Astarc Group
“Foster a culture of innovation, have a long term vision for IT investments and technology deployments, have a savvy
contract management system, and build an outsourcing strategy that will variablize
your costs.”Harnath Babu, VP-IT, Aviva Life Insurance
“Use—and treat —IT investments to make predictions. Bring in process discipline in the organization so that the results are minutely accurate for decision making.”Anil Nadkarni, CTO, Thermax
Leverage IT’s ability to reduce complexity through creative
innovative processes thus reducing
technology Explore
acquisitions to enable organic
CIO, Astarc Group
“We must encourage initiatives that have a high probability of generating value. And while investing in any initiative, must maintain a long-term rather than a short-term view investments for the future.”Vikram Idnani,
—IT investments to
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 6 7Vol/7 | ISSUE/07
Voices_BIG_IDEA.indd 45Voices_BIG_IDEA.indd 45Voices_BIG_IDEA.indd 45 5/11/2012 4:11:14 PM5/11/2012 4:11:14 PM5/11/2012 4:11:14 PM
A.M. Naik Chairman & MD, Larsen & Toubro
“A CIO ought to be a visionary,
passionate about business, and a
driver of change. Nothing less will ever do.”
the125th
issuespecial
Vol/7 | ISSUE/076 8 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 30VFTT_May 2012.indd 30 5/11/2012 3:43:08 PM5/11/2012 3:43:08 PM
ph
ot
og
ra
ph
S b
y r
oh
It g
Up
ta
, Im
ag
ES
an
d d
r l
oh
Ia
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 6 9Vol/7 | ISSUE/07
Cover Story
work in a consumerization context. Thus, companies are increasingly creating secure access points via virtualization or cloud services that allow employees to safely access company resources with their own devices.
If done correctly, this tactic can yield several benefits, Petersmark says, including allowing staffers to be more productive and even more innovative by permitting some flexibility in how, when, and from where they are allowed to engage the company’s resources.
Still, security remains one of the biggest concerns among IT executives when it comes to consumer technology in the workplace. Although some of the fear is fueled by vendors and analyst reports seeking to sell security tools, some of the worries are legitimate. But with tools for encryption and access control, you should be able to safely provide access to some enterprise data and applications to trusted users.
The adoption of a virtualization strategy addresses many of the challenges of consumerization of IT, says Paul Martine, CIO of Citrix Systems, a virtualization technology provider. By hosting all applications, virtual desktops, and data in the datacenter, you can deliver these services to any consumer devices in a controlled and secure fashion, Martine says.
However, many virtual desktops are designed for use on Windows PCs and Macs, and they don’t work well in a mobile environment. The issue is not just screen size, but lack of support for touch and other native user interface methods, as well as back-end applications that don’t reformat themselves
to the current context, says Ryan McCune, senior innovation director at Avanade. He notes that Citrix and others now offer APIs to help developers make their back-end apps mobile-savvy, so they can adapt to the device being used.
Cloud services that are designed to deliver apps and data securely over a network can also help address security concerns. But few cloud services yet work well with mobile devices; Google Docs and Microsoft Office 365 being prime examples of such PC-oriented services. And many apps make it easy to use cloud storage services—such as Appe’s iCloud, Box.net, Dropbox, and Microsoft SkyDrive—that IT can’t manage. However, more options are emerging to make consumer-class cloud storage more palatable to IT.
Step 6: Build An App Store That Appeals to UsersPeople who use mobile devices such as iPhones, Galaxys, and Droids are accustomed to going to app stores to easily download what they need for their devices.
For its own employees, Avanade is developing several enterprise-wide mobile applications, including some that will connect employee mobile devices into the company’s social computing capabilities such as employee profile pages, microblogging sites, video and media sharing, search, communities, and blogs.
The majority of enterprise applications are not optimized for mobile devices, and many users opt for work-arounds to access them,
says Chris Miller, Avanade’s CIO. “We can take lessons from the consumer app store model and apply that to meet the specific needs of the business environment,” Miller says. On the commercial software front, both SAP and Oracle have invested in creating mobile clients to access their ERP and CRM systems, in recognition of the increasing endpoint diversity among users.
An enterprise app store should provide employees with a central portal to request an application across any number of devices—from laptops and desktops to tablets and smartphones, Miller says. From a management perspective, it should also have built-in approval processes and workflows to manage costs and make sure the right people and teams are getting access to the tools they need.
And, says Avanade’s McCune, enterprise app stores need to acknowledge the commercial apps available to users and steer them to preferred apps by adding links to the Apple App Store, Google Android Market, Microsoft Windows Store, and so on.
Consumerization is Unstoppable, But That’s OKThe consumer IT trend seems unstoppable, given the proliferation of tablets and smartphones, cloud tools, social tools, and mobile apps in the workplace. That doesn’t necessarily have to be a bad thing for technology executives.
Rather than looking at this development as another drain on IT’s time and resources, organizations can embrace the opportunity to give workers new levels of productivity and flexibility, with the ability to work from virtually anywhere using the tools of their choosing.
If you understand your organization’s risk tolerance then approach consumerization not as a threat but as a different way of managing, you can come up with an effective strategy that accounts for risk but also enables employees—and, in turn, enables your business. The returns can be substantial. CIO
Send feedback to [email protected]
When it comes to consumer tech, it’s problematic at best and catastrophic at worst from a talent recruiting and retention perspective if the best and the brightest decide that their new employer’s infrastructure and app portfolio is inferior to what they already have in their pockets.
Coverstory_BIG_IDEA_Set1.indd 59 5/11/2012 6:12:50 PM
By Kim S. Nash
CIOs who don’t look outside the office and mingle with the people who pay money for the company’s products and services miss the chance to get ahead—of customer complaints, of competitors, and in their own careers. A CIO who knows how to interpret customer behavior can come up with ideas for new products and fixes for systems that don’t quite work the way customers expect. CIOs with experience on the front lines of the business may even be able to help shore up relations with customers being courted by competitors or spot new business opportunities.
“The magical stuff with IT is great applications that run the business better. That can’t happen when IT stays in a corner,” says Wayne Shurts, CIO of Supervalu, a $37.5 billion (about Rs 187,500 crore) chain of grocery stores that include Albertson’s, Jewel-Osco, Shaw’s and others.
CIOs who get out of the office and talk face-to-face with customers can bring back ideas for new products and better systems.
Reader ROI:How meeting end customers can help CIOs and their organizations
Different ways to get Different ways to get customer input
The customer is always right, but how would you know? Few CIOs truly understand what external customers want and why they act the way they do. Running IT can all too easily keep CIOs internally focused, making sure fellow employees have the technology they need to do their jobs. That’s important work, but it’s not strategic.
Know Your Customer •Gomeetrealconsumers•Getyourstafftomeetthem•BefriendtheCIOofyour
customer’s company•StudyconsumertrendandBIdata•Sitonsalescalls
Customers Customers F2F
“Social media and customer tweets play a large role in sourcing information about customers. Such feedback is definitely better than data based on customer feedback forms.” —Dhiraj Trivedi, AVP-Revenue Management & Electronic Distribution, Royal Orchid Hotels
VOl/7 | ISSUE/077 0 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
BigData Disaster Recovery Analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk Management Virtualization Business
the125th
issuespecial
the125th
issuespecial
Adi B. Godrej Chairman,
Godrej Group
“Sales for the sake of sales, is nothing more than vanity.
Increased sales to make increased
profit is what the goal should
always be.”
REAL CIO WORLD | M a y 1 5 , 2 0 1 2 7 1Vol/7 | ISSUE/07
VFTT_May 2012.indd 33 5/11/2012 3:43:10 PM
Most CIOs don’t do much customer outreach, according to our latest State of the CIO research (US version). Just nine percent of CIOs surveyed said they spend time studying market trends and customer needs to identify commercial opportunities—the same as last year and a drop of three percentage points from 2010. According to the Indian version of the State of the CIO, Indian CIOs spend 12 State of the CIO, Indian CIOs spend 12 State of the CIOpercent of their time with external business partners and customers.
Not understanding customers can lead to poor decisions, says Bruce Temkin, managing partner of the Temkin Group, a customer-experience research and consulting firm. As senior executives, CIOs are involved in critical corporate decisions about mergers and acquisitions, divestitures, investments and business strategy. But those who hibernate, focused on IT operations only, may lack the customer-related information needed to do the job well, Temkin says. “More CEOs are looking for their staff to be better aware of customers,” he says.
The US survey shows that CIOs expect that paying attention to customers will become a bigger part of their job. Twenty-seven percent said they want to be doing this kind of work in three to five years.
What it’ll take to get there is dedication. Many CIOs bring back tidbits from informal encounters with customers outside the office. “I heard from my neighbor that our bank’s branch in town could really use a Spanish-speaking teller...” That’s helpful, but limited. To be most valuable, collecting customer intelligence must be a sustained and focused effort that permeates not just the IT group but the whole company, says Michael Capone,
about studying customers, this is a chance to uncover how IT can make practical changes to advance the company’s competitive position and generate new business.
For example, when Starbucks CIO Stephen Gillett was hired in 2009, he worked as a barista for a week. Starbucks has since pushed hard to get customers to use mobile technology to speed up checkout as Starbucks battles back from a rough recession.
At Supervalu, top executives see understanding the customer as paramount in turning around the company, which lost $1.5 billion (about Rs 7,500 crore) last year. “It’s real easy, especially in IT, to get lost in what you’re doing and lose sight of the mission,” Shurts says. “We are a grocery retailer that serves customers. We have to bring customers in.”
Craig Herkert, Supervalu’s president and CEO and Shurts’ boss, started a Not-So-Undercover Boss program in 2011. All senior executives must work on the front lines twice a year to understand employees’ jobs and customers’ behavior. In December, Shurts worked at a full-service bakery at a Cub Foods. He ruined a few cakes, he says, but gained fresh insight on how people shop.
“When I go to a store, I’m not looking only at IT. The customer doesn’t think of the store as a technology experience,” he says. “I’m looking for ways to improve the overall experience, whether that includes IT or not.”
He asked people about grocery prices, how they liked the new vegetables, and how they shop. Do you print coupons from the Web? Can you find everything you want?
Customers love the store locator on Cub Foods’ website, he says, but want some help
CIO of Automatic Data Processing (ADP), a $9.9 billion (about Rs 49,500 crore) human resources and payroll provider.
Capone tries to spend at least 20 percent of his time with customers and prospects, which helps erase the line some enterprises draw between IT and the rest of the company. He doesn’t wait for the business to devise strategy for IT to enable, he says. Instead, his customer knowledge informs strategy decisions. “We help envision what’s possible with technology.”
Progressive CIOs offer five ways to get close to customers.
Venture Into the WildA time-honored way of connecting with customers is to work in stores and offices with front-line employees. For CIOs serious
the125th
issuespecial
The amount of time Indian
CIOs spend with business
CIOs spend with business
CIOs spend
and customers.SOUrCE: StatE Of thE IndIan CIO
12 percent
“Based on customer feedback, we realized that we were perceived as an expensive store. We abide by international standards for food sales but this was sending wrong signal to customers. They felt that our stores were too clean leading to a general perception that we were expensive. Also, we realized that the first thing customers came across at the store entrance was the international food section. We then used our planogramming tool to move the section towards the end of the store.”
— Veneeth Purushothaman, Head-Technology, HyperCity Retail
VOl/7 | ISSUE/077 2 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
Coverstory_BIG_IDEA_Set2.indd 32Coverstory_BIG_IDEA_Set2.indd 32Coverstory_BIG_IDEA_Set2.indd 32
Ajai Chowdhry Founder, HCL &
Chairman, HCL Infosystems
“There is no future without
risk, that’s when the best
innovations happen. Risk
taking can’t be restricted to the
top management.”
the125th
issuespecial
REAL CIO WORLD | M a y 1 5 , 2 0 1 2 7 3Vol/7 | ISSUE/07
VFTT_May 2012.indd 35 5/11/2012 3:43:10 PM
Ajit Balakrishnan Chairman & CEO,
Rediff.com
“It’s not the person who does something first who succeeds. A window of opportunity
remains open for four or five years.”
the125th
issuespecial
Vol/7 | ISSUE/077 4 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 36VFTT_May 2012.indd 36 5/11/2012 3:43:11 PM5/11/2012 3:43:11 PM
ph
Ot
Og
ra
ph
S b
y r
Oh
It g
Up
ta
, Im
ag
ES
an
d d
r l
Oh
Ia
once they wheel their carts inside. A few conversations that day solidified an idea the IT group had been contemplating: A mobile application that tells shoppers where to find products within a given store. Shurts is researching such a tool, with features such as suggested navigation routes based on a customer’s electronic shopping list.
Robert Juliano, CIO of Brandywine Realty Trust, approaches his job with one goal: Lease
more space. The $573 million (about Rs 2,865 crore) real estate company rents commercial and residential buildings, and Juliano thinks of that as his first priority, he says.
As he and his staff walk Brandywine’s buildings regularly with on-site engineers, they learn what kinds of questions tenants ask, and what kinds of problems arise. He says he then ponders what he or his IT group can do to smooth things out for both tenants and staff. For example, although Brandywine rents to big companies, such as Northrop Grumman and Wells Fargo, many tenants are small and midsize companies that Juliano goes out of his way to help. In one common scenario, a small customer may be
configuring an office and run into problems with their own telecom or network providers reworking installations for them, he says.
“Even though it’s not our problem to fix, I have access to vendors that they might not have,” he says. Sharing IT expertise can lead to stronger, long-term customer relationships. But he wouldn’t know about some of those situations if he didn’t visit company properties, he says. “They’re not
paying us directly, but it’s another way we can help serve our customers.”
Cultivate CIO BuddiesStriking up relationships with the CIOs of your big customers provides intelligence about the customer’s business while you spread the word about your company’s products and services. For example, Jeff Hutchinson, CIO of Maple Leaf Foods, a $5 billion (about Rs 25,000 crore) consumer packaged-goods company, eats lunch often with the CIO of his company’s biggest customer. And Anuj Dhanda, CIO of PNC Financial Services Group, a $3.1 billion (about Rs 15,500 crore) financial services
firm, seeks out CIOs at industry events and meetings of professional groups. By talking informally with the CIO of a local insurance company, Dhanda got additional insights into how the bank should work on a payment clearinghouse system designed for healthcare companies, he says. The insurance CIO talked about some business intelligence features he’d like in such a system.
Capone, ADP’s CIO, routinely meets with customer CIOs when he travels to major cities. At a lunch meeting in Atlanta last year with three fellow IT leaders, Capone discovered that they didn’t know about ADP’s new mobile applications that let people access their benefits statements from smartphones and tablets. Capone took out his iPad, had another CIO sign in to his company’s ADP-administered HR system, and demonstrated the features that those CIOs could activate for their employees.
When he got back to the office, at a gathering of IT and marketing managers, Capone shared the story that led to the development of a new publicity campaign for the free mobile apps. “We’d done media, but somehow we had not pushed our story out,” he says. Within a few weeks, ADP customers signed up tens of thousands of users, he adds. That lunchtime CIO meeting proved fruitful. “There’s a lot of opportunity out there.”
Get Your Staff OutAt Supervalu, CEO Herkert’s enthusiasm for customer contact inspired CIO Shurts to create his Business Immersion program in early 2011. Every year, all 1,200 members of his IT staff are required to work for at least one day, and often several days, at stores
Strike up relationships with the CIOs of your big customers. Anuj Dhanda, CIO of PNC Financial Services, seeks out CIOs at industry events. By talking informally with the CIO of an insurance company, Dhanda figured out how the bank should work on a payment clearinghouse system designed for healthcare companies.
Cover StoryCover Story
“A standard complaint from our distributors was that our claim settlement took too long—over six months. They wanted to get rid of the process of filling settlement forms. So when one of our sales managers came up with the idea of implementing a system to capture data through mobile phones—via SMS or a Java applet— and generate claim sheet automatically. Today, the settlement process takes only seven days.”
—Arup Choudhury, CIO, Eveready Industries
REAL CIO WORLD | M A y 1 5 , 2 0 1 2 7 5VOl/7 | ISSUE/07
Coverstory_BIG_IDEA_Set2.indd 35Coverstory_BIG_IDEA_Set2.indd 35 5/11/2012 6:15:43 PM5/11/2012 6:15:43 PM5/11/2012 6:15:43 PM5/11/2012 6:15:43 PM5/11/2012 6:15:43 PM
and distribution centers. Similarly, Capone’s Know Your Business program kicks in soon after someone joins IT. He or she spends time listening to customer support calls, going on sales pitches and working on technology implementations at customer offices.
Such programs offer participants customer input in many different forms, Shurts says. “This re-grounds IT.”
Temkin agrees. “A well-informed CIO is good. One with a well-informed staff is better.”
Job rotations aren’t new, but the idea is frequently pushed aside as a luxury that ever-leaner staffs can’t afford. But rotations can create stronger, more creative IT leaders, according to research released last year by the CIO Executive Council.
At PNC, Dhanda at first gave his staff a quota of hours to spend in the field, a heavy-handed approach that deterred people, he says. Now he doesn’t dictate time, but explains to them in a matter-of-fact manner that they are expected to know the details of how customers interact with the bank. “This is part of your job and how you will succeed,” he tells them.
Sometimes mid-level IT employees who interact with customers can bridge gaps that develop between how technologists imagine a customer uses a system and what a customer actually does.
Sanmina-SCI, a $6.6 billion (about Rs 33,000 crore) company that makes medical devices, military equipment and other electronics, created an IT team that works directly with external customers. These customers have outsourced the manufacturing of their products, or parts of their products, to Sanmina-SCI, explains CIO Manesh Patel.
“When they were building everything themselves, they had the systems to manage the process within their four walls,” he says. “Now some of the data has moved to us, and the two of us have created this divide.”
Patel chose people from his IT group who are customer-savvy and good with business processes to work closely with clients to make sure each party has access to the right data. If a medical device company wants to analyze product trends but some of the needed data resides at Sanmina-SCI, Patel’s team might write code to extract the data for the customer, he says. Sanmina-SCI sometimes charges for this work but mostly sees it as a way to strengthen bonds.
“In 2003, I worked at a pharma company where the sales team worked with doctors to educate them about our products and explain to them why it’s important for doctors to remember a few brand names. In most cases they were inattentive. So we created an engagement model with presentations which went down very well with the customers. This was in 2003. Today, this is the new way of doing business for almost every company in that industry.” —Arun Gupta, FormerCCA&GroupCTO,ShoppersStop
Brandywine’s Juliano motivates his staff to think like customers by tying incentive pay to how well projects “reduce friction” between the company and its customers by, say, improving a business process. “I’m not incentivizing my guys on throughput in the datacenter. That doesn’t move the ball forward.”
Study the DataGet deeply immersed in market research about your customers and industry. Broad consumer trends should inform your internal IT capabilities and the products and services your company provides. IT professionals can educate themselves using the BI and analytics tools they supply to marketing and finance. Javier Polit, CIO of Coca-Cola’s Bottling Investments Group, studies detailed demographic and psychographic data about Coke drinkers so he can supply effective analytics tools to Coke’s marketing and distribution people.
The ways consumer technology proliferates will affect your company’s products and services. At ADP, for example, Capone keeps tabs on national surveys and buying data about smartphone usage. Are Android phones surging? Do iPads have any real competition? His thinking: The people who buy those devices will want to bring them to work. Since ADP does business with the majority of the Fortune 500, its HR and payroll products will have to support consumer devices. He also watches consumer sentiments about privacy and monitors what’s happening with legislation in states, at the federal level and in other countries. ADP, which handles terabytes of personal data, wants to “stay conservative” on privacy issues, he says.
the125th
issuespecial
Of Indian CIOs say calling
on customers will solidify
IT’s bond with will solidify
IT’s bond with will solidify
business in 2012.
SOUrCE: StatE Of thE IndIan CIO
70 percent
VOl/7 | ISSUE/077 6 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
Coverstory_BIG_IDEA_Set2.indd 36Coverstory_BIG_IDEA_Set2.indd 36 5/11/2012 6:15:44 PM5/11/2012 6:15:44 PM
Beyond the Dog and Pony ShowEspecially in industries where technology is the product, like financial services, CIOs are often asked to join the sales team to pitch to prospective customers. IT leaders typically explain in these meetings how the technology works and answer questions about privacy and security, for example, or compliance with government regulations.
But there’s another advantage to sitting in on these sales calls. Questions from potential customers may reveal a competitive advantage IT can build into corporate products, says Dhanda at PNC. He goes on several sales calls per year and urges other CIOs to try it. Sales situations are rife with useful information. If you simply smile and deliver a rote PowerPoint presentation about the IT wizardry inside the company to try to close a deal, you leave behind valuable nuggets, he says. Instead, listen closely. During a meeting with a large federal agency a few years ago, senior executives peppered the PNC team with questions about data warehousing. Dhanda’s ears perked up as he realized they were preparing to expand their applications and revealing just what they had in mind. With this early tip, PNC later won a contract to build a large data warehouse for the agency.
Some CIOs go further than sitting in on sales pitches. Clive Selley, CIO of the $12.5 billion (Rs 62,500 crore) BT Group, spent a “most stressful” day as a real salesman.
Last year, Selley, who is also CEO of the company’s IT group, went with four of the telecommunication company’s CIOs, the CFO, and four other executives to a call center where they received training about BT products, then donned headsets and took calls. Customers—happy and unhappy—and curious prospects called all day, schooling Selley on BT’s strengths and shortcomings.
“It feels very different when you’re the guy on the hot seat trying to match their needs with our products,” he says. “That’s a very powerful way of learning about what customers care about and, very importantly, how, in their minds, our products stack up against competitors’.”
He found that BT’s call center applications didn’t always provide enough information to agents trying to make a sale. Callers asked about tariffs for various regions and how channel packages compared with those from competitors, Selley says. “Customers really drill you.” He returned to his office with a list of tweaks for his developers—such as more detailed information to serve to agents earlier in the sales process—that are due to be implemented early this year.
He also brought back an insight about a potential new feature. One woman asked Selley to set up phone service for her elderly mother in another town. She wanted to pay for the basic service every month while her mom would cover the calls. This would require BT to parse its costs and issue two bills to two addresses. “That kind of billing arrangement, we don’t support. But there was a real customer there with a real need,” he says.
The caller bought services that day, under a regular billing plan. But the conversation got Selley thinking. “Maybe in a Western world with an aging population, more customers will want that billing arrangement.”
He passed along all executive feedback from the day to BT’s consumer group for consideration.
An Unfiltered ViewGetting out of the office to mix with real customers can teach executives a lot. But CIOs in particular should guard against taking too narrow an approach to the experience, Temkin advises. Technology leaders sometimes see the world through engineering eyes, he says. What new thing can I build to make this better? But customer interactions include sensory components such as accessibility and emotions. By asking broad questions of the customer in front of you, you learn more. How can we make this easier for you? How do you feel about what you’re doing?
At Brandywine, CIO Juliano tries to keep the big issues in mind when he’s out with customers. “The farther [you get] from the field, the more filtered information you get. But on the front line you get an unfiltered view of the world, not theories.” CIO
KimS.Nashissenioreditor.Sendfeedbackonthisfeature
Shadowing Your Customer
Cover StoryCover Story
ADP fixes confusing software by tracking the customer’s every move.
many CIOs would like to have the luxury of peeking over the shoulders of customers
as they use the company’s products. payroll processor automatic data processing
(adp) gets a similar experience by using tealeaf, software that records the actions tealeaf, software that records the actions t
of people using adp’s software. When customers call the adp support line to report
a problem, agents can pull up tealeaf and see what went wrong by retracing the tealeaf and see what went wrong by retracing the t
customer’s keystrokes.
With these recordings, nothing gets lost in translation after a customer call
because CIO michael Capone and his staff can spot exactly what kind of problems
tripped up the customer—for example, a task requiring too many steps to complete.
“We can get the story directly from our client,” he says, and then update the software.
Capone says It frequently makes changes to t frequently makes changes to t adp’s products based on watching
customers’ actions. for example, in one of for example, in one of f adp’s systems, customers were
submitting the same reports repeatedly. Using tealeaf, Itealeaf, It t could see that users were t could see that users were t
clicking the submit button over and over again; there wasn’t a clear indication that
the report had been successfully submitted.
the solution: Capone and his staff improved the screen’s text and grayed out the
submit button to indicate that the task was complete.
—Lauren Brousell
REAL CIO WORLD | M A y 1 5 , 2 0 1 2 7 7VOl/7 | ISSUE/07
5/11/2012 6:15:44 PM5/11/2012 6:15:44 PM
By Kim S. Nash
She knew which database to query to download the information to her work laptop, and from there she e-mailed it to a personal account. Sometimes, she loaded a USB flash drive with material. Li, a Chinese national, then put the information up for sale through a pharmaceutical company that she partially owned, whose parent is based in China.
Sanofi helped investigators from the FBI and the US attorney in New Jersey to prosecute Li. In January, she pleaded guilty to theft of trade secrets and is due to be sentenced this month. She faces up to 10 years in jail and a hefty fine.
Reader ROI:Why CIOs should market security
Newwaystoapproachinsider crime
How CIOs can influence an ethical culture
Yuan Li knew what she wanted and how to get it. For 32 months, starting in October 2008, the 29-year-old research chemist at Sanofi-Aventis downloaded trade secrets from the pharmaceutical firm. Li had worked for Sanofi, which makes the allergy pill Allegra and sleeping pill Ambien, for more than two years when she started to steal data. Her target: Five chemical compounds that the company had kept secret for possible use in future drugs.
“Key staff indicators, staffing trends, the numbers behind India’s least-stressed IT deparments, and the retention strategy that works best (clue: it is not the most popular method). All in this survey.
the125th
issuespecial
“Key staff indicators, staffing trends, the numbers behind India’s least-stressed IT deparments, and the retention strategy that works best (clue: it is not the most popular method). All in this survey.
CIOs rarely discover the internal security threats that can ruin companies,
“Convenience is often followed by risk and the need to mitigate it. Opening up platforms like BYOD and social media increases the risks of insider threat.” —Sujoy Brahmachari, Head-ITInfrastructure&CISO,HeroMotoCorp
NabbingInsider
VOl/7 | ISSUE/077 8 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
BigData Disaster Recovery Analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk Management Virtualization Business
5/11/2012 6:15:46 PM5/11/2012 6:15:46 PM5/11/2012 6:15:46 PM
Sanofi declines to be interviewed about the tech and policies it uses to detect and prevent corporate crime, including Li’s long-term theft. “The measures we had in place actually contributed to the successful outcome of this particular case, and we are continuously looking for ways to improve security,” a spokesman said in an e-mailed statement. (For more on security, turn to page 16)
Experts say this is a textbook example of insider crime and, perhaps, of IT failure. Just as no one knows what goes on inside someone’s marriage, outsiders can’t say with certainty what goes into someone else’s IT strategy. Sanofi could have done everything right and still been victimized. That happens.
But too often in cases of insider crime, basic technology safeguards are ignored or missing. CIOs can’t be proud to learn
internal security threats that can ruin companies, even though it frequently involves It systems. t systems. t here’s what needs to change.
Best Practices•Checkandrecheckyourbasicsecuritypractices.
•Involveeverybodyfromthe board, CEO to legal and audit in your securityframe.
•Marketthedo’sanddont’s in ways that appealtousers.
that of 11 methods of detection identified in 1,843 recent fraud cases studied by the Association of Certified Fraud Examiners (ACFE), IT controls came in dead last. They are the least likely means of identifying wrongdoing, responsible for just 0.8 percent of cases, the ACFE says. It’s more common to find out by accident (8 percent), from the police (2 percent) or even by confession from the perpetrator (1 percent). Tip-offs are by far the most common way authorities discover corporate crime, at 40 percent. Those findings have been consistent for a decade.
There are many reasons that IT falls down on the job. For one thing, most corporate systems aren’t designed from the outset with fraud surveillance in mind. Plus, throwing a lot of money and people at fraud prevention doesn’t get senior executives excited. Conventional wisdom has it that
the tighter the controls, the less efficient the company. Company leaders therefore decide to accept some financial loss through crime as a cost of doing business.
And to their detriment, companies often split the task of fraud-fighting among siloed groups. Internal audit does one thing; compliance does another. IT supports the silos, but there’s no coherent, companywide plan, says Paul McCormack, an investigator and executive vice president at Connectics, a fraud-prevention consultancy.
Choosing a combination of technologies and policies to thwart the darker parts of human nature requires a continuous risk-benefit calculation. CIOs can change the equation with new thinking and new technology, starting by promoting the notion that fraud prevention is everyone’s business, says Marshall Romney, a professor of information systems at Brigham Young University who has studied corporate fraud for three decades. For CIOs, that means spreading the word that detection and prevention don’t have to make a company less agile.
And anti-fraud efforts are far more effective if major IT systems are configured with surveillance and analysis capabilities from the start. Advances in big data analytics, meanwhile, let CIOs create systems to sift through billions of transactions, customer interactions and employee activities to spot
“Senior management should be made to understand that they cannot be exempted from the security policies of the company. Tighter controls at the top would encourage adherence of rules throughout the organization.” —Manish Dave, CISO,EssarGroup
Insider Crime
REAL CIO WORLD | M A y 1 5 , 2 0 1 2 7 9VOl/7 | ISSUE/07
BigData Disaster Recovery Analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk Management Virtualization Business
Best Practices•Check
•Involvethe board, CEO to legal and audit in your security
•Marketdont’s in ways that appealCrime
Cover StoryCover Story
Coverstory_BIG_IDEA_Set2.indd 39Coverstory_BIG_IDEA_Set2.indd 39Coverstory_BIG_IDEA_Set2.indd 39
the buds of corporate crime before it blooms. Specialized vendors such as FICO, Fiserv and NICE Actimize use neural networks and scenario matching to detect financial crimes, a $3 billion (about Rs 15,000 crore) software market expected to grow 8 percent per year through 2015, according to research company IDC.
To make the best use of such tools, CIOs must elevate the discussion of fraud fighting, pouring much more detailed information into the risk-benefit analysis, Romney says. Involve all departments—especially operations, audit and legal—to consider factors such as economic conditions, business outlook and the cost of the programs in hard dollars, he advises. Make informed decisions about the loss of business agility that security technology can bring. Realize that what works in one industry won’t in another. And that each CIO must deal with his company’s proclivities.
“This is a high-level conversation that has to go all the way to the board and CEO,” Romney says. CIOs who balance these variables can stop, prevent and maybe even predict insider crime, saving serious money and avoiding immeasurable damage to the company. But first they must reform some outmoded approaches.
Billions Lost, Poof, GoneHumans think up all sorts of crime, from stashing office supplies in a briefcase to hiding money under layers of complex computerized investment transactions. “If you operate as a company, you will have
procedures and processes to check. The regulations encode good base-covering practices and serve as a proxy for good behavior. Lawmakers had an appetite for reform after colossal crimes at Enron, HealthSouth and other companies outraged the public, especially employees of those companies whose salaries and pensions were swindled away.
But 10 years on, we have a new crop of corporate miscreants at whom to rage. Investor Bernie Madoff now serving 150 years in jail, confessed in 2009 to a Ponzi scheme that defrauded customers of perhaps $50 billion (about Rs 2,50,000 crore) or more. Last September, investment bank UBS blamed a $2 billion (about Rs 10,000 crore) loss on a rogue trader who was charged with fraud and false accounting. The trader pleaded not guilty and is scheduled for trial this September.
Maxim Healthcare Services recently admitted to $61 million (Rs 305 crore) in Medicaid fraud and agreed to pay a fine of $150 million (about Rs 750 crore) to the federal government and 42 states. Afterward, the company replaced all its senior executives, including the CIO.
Sarbanes-Oxley may have curbed some would-be criminals, but companies over-rely on auditors to detect crime, McCormack says. But CIOs can make a dent by aiming technology and policy tools at common kinds of insider threats, he says.
Of all the types of internal fraud, theft of assets—office supplies, computer equipment and so on—is the least costly but still significant, according to ACFE research. Losses in the average case amount to $135,000 (about Rs 67 lakh), the ACFE says. Corruption schemes, such as bid rigging and kickbacks, cost $250,000 (about Rs 125 lakh) on average. Financial statement fraud does the most damage, with each case responsible for $4 million (about Rs 20 crore) in losses on average.
Technology can help, but CIOs should not hand off the job to project managers doing piecemeal work, says Frank Wander, a former CIO at Guardian Life Insurance,
fraud,” says McCormack, who has worked on cases at Delta Air Lines, Ernst and Young, PricewaterhouseCoopers and SunTrust Banks. “I’ve yet to meet any C-level person who says, ‘I’m so proud that we have 500 people preventing fraud.’ It’s not what people want to put out there as a badge of honor. It’s a necessary evil.”
The Sarbanes-Oxely Act, enacted in 2002, was supposed to stop a lot of big crime by giving internal and external auditors new and more detailed safeguards,
“Traditional security methods were not designed to check insider threats. CIOs should lay emphasis on actively monitoring every move within the organization.” —Pramod Reddy, VP-IT&CISO,AppLabs
Of Indian CIOs say an
employee CIOs say an
employee CIOs say an
or a former employee
or a former employee
employee has been the source
employee has been the source
employee has
of a crime.of a crime.SOUrCE: IndIan InfOrmatIOn
SECUrIty SUrVEy
76 percent
VOl/7 | ISSUE/078 0 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
the125th
issuespecial
Coverstory_BIG_IDEA_Set2.indd 40Coverstory_BIG_IDEA_Set2.indd 40Coverstory_BIG_IDEA_Set2.indd 40
the125th
issuespecial
“We don’t get overly obsessed with IT or RoI or platforms or
technologies. Obviously we want the best, but everything
must serve the customer.”
Anand Mahindra Vice Chairman & MD, Mahindra & Mahindra
REAL CIO WORLD | M a y 1 5 , 2 0 1 2 8 1Vol/7 | ISSUE/07
VFTT_May 2012.indd 39VFTT_May 2012.indd 39 5/11/2012 3:43:11 PM5/11/2012 3:43:11 PM
Ashwin Dani Vice Chairman &
Managing Director, asian Paints
“We put faith in technology
ages before our competitors. Our organization has
maintained a clear advantage because we kept innovating with technology.”
the125th
issuespecial
Vol/7 | ISSUE/078 2 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 40 5/11/2012 3:43:11 PM
ph
Ot
Og
ra
ph
S b
y r
Oh
It g
Up
ta
, Im
ag
ES
an
d d
r l
Oh
Ia
The Harry Fox Agency and the Prudential Institutional Division. Instead, make fraud detection and prevention an organizational mandate exemplified by the ethical, upright behavior of top executives, Wander says. “People do what you do. That’s how the world really works.”
Tone at the TopIf people get the idea that senior leaders don’t pay attention to wrongdoing—or worse, take liberties themselves—they will go along, says Jim Anderson, a management consultant at Blue Elephant Consulting. Ethics, Anderson says, is nothing more than daily decision-making in big and small situations. Rarely does anyone face a “burning building” quandary where there’s no doubt as to the right answer.
“If you’re sitting in your cube and some strange guys with sunglasses show up with metal suitcases full of $20 bills, you’d say no,” he says. “But what happens instead is that ethical decisions sneak in around the corners of our average day.”
Maybe an employee is late with a project and downloads data to bring home to work over the weekend, Anderson says. The employee knows he shouldn’t because the information is confidential, but he figures he’s breaking the rules for the right reasons. Months later, maybe the job is going sour, so he takes data to be able to defend himself in a poor performance review. Each time, no one says anything about his actions. Maybe they’re not looking at network logs; maybe they don’t care.
Then things get hostile between the employee and the company, and he takes the work he’s done, intending to quit and find work at a competitor. “It’s a snowball,” Anderson says. “It’s the first ethical lapse that will cause all the problems down the road.”
Wander, who recently founded the consultancy IT Excellence Institute, agrees. “Companies that have trouble don’t have the right tone at the top,” he says, adding that CIOs can influence culture in many ways.
For example, at the quarterly town hall meetings Wander held with Guardian’s IT staff, he regularly focused on security issues and safeguarding company data. “Every individual knew it was a divisional priority,” he says. A CISO worked alongside Wander, not reporting to him, to spread understanding of the issues across departments. Companies that separate the roles this way also balance responsibility for the protection of corporate assets, he says. If too much falls to the IT group, other departments may get lax or get the idea that ethics isn’t part of their job. “Address [anti-fraud efforts] in people’s reviews so they understand they are responsible.”A neighborhood watch mentality at work
helps cut criminal activity, says Carl Tidwell, CIO of the American Type Culture Collection (ATCC), a non-profit research center that supplies micro-organisms and other materials to life sciences researchers. Tidwell says he tries to educate employees about warning signs, such as people struggling with finances or living beyond their means. That’s evidence that humans can see but computers can’t, such as the former controller of a Pittsburgh car dealership who enjoyed a mink coat, 10 cars, four homes, gold bullion and a $32,500 (Rs 16.2 lakh) lunch catered by Food Network star Ina Garten. Over six years, the controller falsified accounting records, transferring $10 million (about Rs 50 crore) from the dealership to her personal bank accounts in 800 transactions. She pleaded guilty in January to wire fraud and is due to be sentenced in May. The dealership did not respond to requests for comment.
Even when companies insert IT controls into their business processes, they too frequently fail to monitor them, says Matt Lynch, a fraud investigator who has worked at Altria Group, a cigarette company, and Palmetto GBA, which administers benefits for Medicaid and Medicare. Real live human beings from IT, audit, legal or other groups should be assigned to look at transactions randomly, he says. Often a business that’s making money doesn’t bother with too much introspection, he says. Or executives don’t want to think crime happens at their place. “They think, ‘These are people I work with and I trust,’” he says. “I’m sorry, but a lot of people trusted Bernie Madoff. Fraud is just a fact.”
Instilling outright fear, however, works against you because employees become
Often a business that’s making money doesn’t bother with too much introspection. Or executives don’t want to think crime happens at their place. They think, ‘These are people I work with and I trust,’. But a lot of people trusted Bernie Madoff.
Cover Story
Of Indian CIOs say they
don’t know the source of a crime. SOUrCE: IndIan InfOrmatIOn
SECUrIty SUrVEy
28 percent
REAL CIO WORLD | M A y 1 5 , 2 0 1 2 8 3VOl/7 | ISSUE/07
Coverstory_BIG_IDEA_Set2.indd 43 5/11/2012 6:15:50 PM
secretive and suspicious of each other, inhibiting collaboration and stalling productivity, says investigator McCormack. A little trepidation, however, can be helpful. Show employees how serious you are, he advises. Write policies that explain what people can and can’t do with company data and other material. Create anti-fraud training and give programs at least twice per year. Have employees sign confidentiality agreements, he suggests. “Establish a tone and set of expectations as soon as people walk in the door so they know what the company does to stop fraud and that they will be caught,” he says.
The most damaging thing leaders do is keep quiet when something goes wrong, he says. Routinely monitor the movement of large or sensitive data sets around the network and spot-check where they’re going. “All it takes is examining a couple of those transactions and then talking to people about it. Word gets around.”
Technology to Close HolesWord also travels when an organization leaves itself vulnerable by skimping on basic IT controls. Some people will take advantage of what you didn’t do, Tidwell says. He remembers well what happened at a former company. He suggested to the CEO that IT block computer ports, so employees couldn’t use portable drives, and monitor e-mail for large data transfers. “I was told, ‘No, we trust our employees,’” Tidwell recalls. Soon after, a researcher quit, walking away with $300,000 to $400,000 (about Rs 1.5 to 2
provide data to authorized users on thin clients. There will be no USB ports on the client hardware, and employees will be able to share secured data. Productivity won’t be hampered, he says, and senior leaders won’t look heavy-handed.
As employees themselves bring new technology to work, especially smartphones and tablets, detailed and constant education can help mitigate the risks that come with
these new devices, says Stephen Laster, CIO of Harvard Business School.
For example, his IT group creates artistic informational posters to hang in common areas where personnel gather. Recent posters focused on three ways to secure a smartphone: Use a password, enable location detection so you can find a lost device, and enable remote wiping of its data. Those measures help protect a company’s information should the device be lost or stolen. “Training is episodic. You need a continuous, engaging marketing campaign,” Laster says.
At Graham Group, a construction company, CIO Kim Johnson has tried to set up systems so that e-mailing large chunks of data to each other isn’t the normal way to work. The company recently began developing a collaboration and workflow system from SAP, in part to eliminate the need for executives to sign off on major contracts via paper or e-mail. The system also helps employees work together on sensitive projects without having to send files to each other. “Fraud prevention is built in during the design of IT systems,” Johnson says.
“We regularly create reports based on possible threats that the company could have been vulnerable to and how we mitigated them. Keeping top management informed about emerging threats helps.” —Ashish Chandra Mishra,CISO,TescoHSC
crore) worth of intellectual property that he had sent to a personal e-mail account—a delivery method similar to the one the researcher at Sanofi used. This researcher, however, got a job at a competitor and started work using the stolen information.
The rival notified Tidwell’s company. “They packed up everything, including his computer, and sent it to us,” he says. “The CEO was apologetic [to me] afterwards. He
dodged a bullet because the competitor was an ethical company.”
CIOs can use IT to reinforce and extend policies and behavior that promote an ethical culture. Wander’s philosophy is one of minimum access. “You want people to have the least privilege to get done what they have to get done,” he says.
A CIO’s hands are tied if a CEO thinks IT controls are intrusive. But new technologies can obviate the need to outlaw some practices, Tidwell says. At ATCC, he is exploring virtualization, which means flash drives won’t be an issue, as central servers
The most damaging thing leaders do is keep quiet when something goes wrong. But word gets around. And word also travels when an organization leaves itself vulnerable by skimping on basic IT controls. Some people will take advantage of what you didn’t do.
VOl/7 | ISSUE/078 4 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
the125th
issuespecial
the125th
issuespecial
“The combination of excellence in operations and strong execution of strategy is critical to achieving any
organization’s vision.”
Azim H. Premji Chairman,
Wipro
REAL CIO WORLD | M a y 1 5 , 2 0 1 2 8 5Vol/7 | ISSUE/07
VFTT_May 2012.indd 43VFTT_May 2012.indd 43 5/11/2012 3:43:12 PM5/11/2012 3:43:12 PM
the125th
issuespecial
“CIOs must definitely prepare the organization for the possible
downsides of a technological deployment—to avoid being made the sacrificial horses.”
B.S. Nagesh Customer Care associate
& Vice Chairman, Shoppers Stop
Vol/7 | ISSUE/078 6 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 44VFTT_May 2012.indd 44 5/11/2012 3:43:12 PM5/11/2012 3:43:12 PM
Graham Group is also installing SAP financial applications this year. As soon as the idea germinated to buy and customize the software, Johnson requested that a key person from the internal controls committee participate in the design and configuration. He and the CEO wanted to weave anti-fraud measures into the software beyond what comes stock from SAP, he says. Top leaders considering these measures before setting up new technology and business processes reflects a more enlightened approach to fighting corporate crime, Johnson says. “We don’t want to be one of those bad crime stories in the media.”
Next: Predictive MonitoringFor Romney, the IT professor, there are no small corporate crimes, just big ones discovered early. “Once I perpetrate a fraud and get away with it, do I do it just once and stop? No. Human greed is such that if I can take a little, why not take more?” he says. Criminals start by stealing small amounts over periods of time. Then they take larger amounts more frequently. Many times, they get caught.
The next question for CIOs, he says, is, how can we figure out what the really smart criminals are doing?
Beyond detection and prevention lies the possibility of prediction. Credit-card holders know that fraud monitoring systems at banks alert customer service agents to unusual transactions. A rush of purchases of high-end electronics or airline tickets can trigger a call to the credit-card holder to make sure these items are legitimate. Sometimes, a card will be suspended pending confirmation from the customer.
Healthcare organizations are also beginning to use big data techniques to uncover suspicious activity, with good results. HMS Holdings, which coordinates benefits and looks for ethical problems for government agencies and commercial healthcare plans, helped recover $2 billion (about Rs 10,000 crore) in costs related to fraud, waste and abuse in 2011, says CIO Cynthia Nustad.
HMS analysts and investigators comb petabytes of data in queries of billions of rows, she says. They use advanced queries and analysis, and will soon be leveraging data visualization—using pictures and maps of query results—to identify potential fraud faster. “If we can make it interesting and artful, then the number of questions you can answer more quickly is very significant.”
Of course, people tend to think that ruinous fraud won’t happen to them. That’s probably what executives at Barings Bank, a 233-year-old institution, thought before it collapsed in 1995 after a rogue trader lost a billion and tried to cover it up. And MF Global, a now-bankrupt brokerage, is under investigation for alleged bookkeeping
Would You Speak Up? A consultant says IT leaders may not feel comfortable reporting early signsoffraud.
Why don’t CIOs turn in more insider criminals? no one suggests that CIOs
routinely cover up corporate crime, but management pressures may inhibit CIOs
from acting on their suspicions early in a fraud scheme.
It’s rare to happen upon a digital smoking gun that incontrovertibly proves
a corporate crime. It’s later, during a formal investigation, once auditors know
what they’re looking for, that the obviously damning evidence is uncovered. Early
on, though, a CIO might notice something amiss. perhaps a network activity
log shows unusual patterns or some entries in the general ledger look off. CIOs
may hesitate to step forward, feeling they don’t know enough about the intimate
workings of finance, says Jim anderson, a management consultant at blue
Elephant Consulting.
“they think, ‘I’m probably wrong. I probably just don’t understand it,’” anderson
says. he adds that such self-doubt may be more common in CIOs who report to
CfOs.
also, bringing up vague concerns could mar the relationship between the CIO
and whomever he tells; and certainly whomever he accuses, anderson says.
to avoid that, the CIO might sweep aside his ideas and assume, like so many
professionals do, that internal and external auditors will catch anything untoward.
finally, many companies lack a clear process for reporting suspected
wrongdoing. It may seem obvious that someone should go to a manager or the
human resources department, even the CEO. but without a well-known policy
for how to handle the situation, some employees—even CIOs—will do nothing,
anderson says. If someone is busy with everyday work and unsure of himself
already, he says, “the issue just dies.”
—K.S.N
Cover Story
problems. Trustees estimate that up to $1.2 billion is missing.
Watching giant companies go down at the hands of insider criminals has provided an education to CIOs willing to learn, says Johnson, Graham Group CIO. “Ten years ago, I’d have said, ‘This is not my area.’ But now it’s very important for me to be involved,” he says. “It’s another way we’re measured: Not just how efficient IT makes a process, but how controlled the process is.” CIO
REAL CIO WORLD | M A y 1 5 , 2 0 1 2 8 7VOl/7 | ISSUE/07
Coverstory_BIG_IDEA_Set2.indd 47 5/11/2012 6:15:51 PM
By Robert L. Scheier
That’s because the global electronics distributor weaves its disaster recovery requirements into its broader business objectives and its service-level agreements (SLA) with its 15,000 users. Since 2010, the IT shop has been cutting costs and meeting its service and disaster recovery commitments by using a hybrid cloud made up of its own virtualized hardware at colocation facilities in Chicago, Frankfurt and Singapore.
And rather than paying for dedicated recovery hardware that sits around waiting for a disaster, it uses virtualization to shift workloads from a failed server to one running a less critical workload. “We’re always using that architecture for something,” says Leone. (For more on virtualization, turn to page 145).
More and more IT shops are using technologies such as virtualization and replication to make disaster recovery just another service, sometimes using the same servers, network and storage that run order entry, e-mail, application development or other services. This merges what historically were disaster recovery and business continuity efforts, protecting the business against not only rare disasters, but also human error or equipment failures.
Some store only data (and perhaps templates for virtual machines) off-site, creating (and paying for) the physical hardware to run them only when needed. “We can recover at our remote site much, much faster by just being able to fire up the system images of the VMs,” says Justin Bell, systems administrator at Strand Associates, an engineering firm. Even if the server infrastructure at that site is less robust than the one at the primary site, “we
Reader ROI:How cost sensitivity is driving the use of virtualization for disaster recovery
Why servers dedicated to disaster recovery may go out of style
What to watch out for in cloud-based DR
At Ingram Micro, executive president and CIO Mario Leone doesn’t think about how much he will spend on disaster recovery.
“Any DR strategy should be based on the value of data you are planning to secure. We realized that SAP and e-mail are business critical so we decided to have a DR for this.” —Mukund Prasad, Director-GroupHR,BusinessTransformation&GroupCIO,WelspunGroup
the125th
issuespecial
here’s how virtualization and replication technologies protect data from disaster
VOl/7 | ISSUE/078 8 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
BigData Disaster Recovery Analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk Management Virtualization Business
Virtualization on
5/11/2012 6:15:52 PM5/11/2012 6:15:52 PM5/11/2012 6:15:52 PM5/11/2012 6:15:52 PM5/11/2012 6:15:52 PM5/11/2012 6:15:52 PM5/11/2012 6:15:52 PM5/11/2012 6:15:52 PM5/11/2012 6:15:52 PM5/11/2012 6:15:52 PM
could run in limited capacity, on much less hardware, until we got things back up at our primary site.”
Other organizations have done away with dedicated disaster recovery systems. They shift production work to test or development servers during outages and defer work that’s less critical.
More Demands, More RiskThese changes are driven by ongoing pressure to cut costs while maintaining continual uptime, and by the flexibility provided by server, storage and network virtualization. Meanwhile, a recent spate of natural disasters, along with stricter regulatory requirements, has made disaster recovery the No. 1 subject of client inquiries at research firm Gartner, says analyst John Morency.
However, Forrester reports that enterprise disaster recovery/business continuity budgets are stuck at 6 percent of total IT capital and operating budgets and that concerns such as “consolidation, BI and virtualization” are given higher priority when it comes to spending.
Meanwhile, the list of critical services that need protection keeps growing, with communication tools such as voice over IP and e-mail gaining ‘critical’ status alongside traditional business applications like order entry and ERP. Finally, it’s necessary to ensure uptime not only after
virtualization and replication technologies protect data from disaster, while keeping business services humming.
localized failures, and many companies need the ability to quickly recover just one file rather than an entire system.
By separating virtual servers, networks and storage capacity from physical hardware, virtualization gives users many more choices in disaster recovery strategies. “When you recover a [virtual machine], it doesn’t matter where we put it,” says Kurtis Berger, IT manager at Provider Advantage NW, a healthcare
software and services company. “At each of our datacenters, all of our VM servers are pretty much the same. [Almost] any old box will handle the prescribed load, and it’ll be good enough to recover some VMs onto.”
Disaster recovery is also being transformed by fast, easy-to-use replication software that copies data between primary and recovery sites in near real time. One such offering allows users to sync data among servers and establish failover protection in about 20 minutes, says Joseph Pedano, senior vice president for data engineering at Evolve IP, a provider of cloud-based IT services.
Martin Mazor, Ingram Micro’s director of global information assurance, wouldn’t discuss which products he uses, but he says replication allows his company to recover systems much more quickly than the full day it would take to ship tape offsite. Ingram Micro has also invested in tools that provide a single performance dashboard for all of its worldwide operations, and it has offered employees training in areas such as operational management and the handling of incidents and problems.
Evolve IP uses virtualization technology, and Pedano says backup and recovery tools now feature improved integration, making it easier to replicate and restore not just servers, but also their associated databases and security systems.
Of IT budgets go to disaster Of IT budgets go to disaster Of IT budgets
recovery/go to disaster
recovery/go to disaster
business recovery/business recovery/
continuity.SOUrCE: fOrrEStEr rESEarCh
6 percent
More Efficient DR•Forgetdedicatedrecoveryhardware,
use virtualization to shift workloads from a failed server to one running a less criticalworkload.
•Employeasy-to-usereplicationsoftwareto copy data between primary and recoverysitesinnearreal-time.
•Turntothecloud.
REAL CIO WORLD | M A y 1 5 , 2 0 1 2 8 9VOl/7 | ISSUE/07
BigData Disaster Recovery Analytics Cloud Computing IT Consumerization Customer Focus Enterprise Risk Management Virtualization Business
More Efficient DR•Forget
•Employ
•Turn
could run in limited capacity, on much less
protect data from disaster, while keeping business services humming.
major disasters, but also in the event of
on Double Duty, while keeping business services humming.
Double Duty, while keeping business services humming.
Double Dutyprotect data from disaster
Double Dutyprotect data from disaster
Double Dutyprotect data from disaster
Double Dutyprotect data from disaster, while keeping business services humming.
Double Duty, while keeping business services humming.
Cover StoryCover Story
Coverstory_BIG_IDEA_Set2.indd 49Coverstory_BIG_IDEA_Set2.indd 49 5/11/2012 6:15:55 PM5/11/2012 6:15:55 PM5/11/2012 6:15:55 PM
Another application is designed to automatically check all critical infrastructure components, such as the file system and virtualization components, and identify vulnerabilities that could cause downtime and data loss. It looks for vulnerabilities using a database of ‘signatures’ similar to the ones anti-virus tools use to identify malware. The database is updated by the vendor’s researchers and its users.
Making It PayOften, the only way to get funding for disaster recovery systems is to demonstrate that they deliver more than just insurance, or that they can even pay for themselves. For example, Strand uses an appliance to replicate about 50TB of data and 25
To successfully restore a business service such as e-mail or order entry, IT must recover the application server as well as associated components (such as an Active Directory server that contains user information or a database that holds inventory records), and it must do so in the proper order. Taking these dependencies into account is a major area of focus for vendors.
Recent enhancements to backup products combine more granular backup and recovery of VMs with the ability to account for dependencies among VMs. The enhancements, found in products for businesses of all sizes, also make it easier to use multiple public or private cloud backup services, and to convert a physical server at a production site to a virtual server at a recovery site.
virtual servers between its remote offices and headquarters. This is not only easier and less expensive than using a colocation facility, but the higher bandwidth required for the replication also makes it easier for employees to videoconference and share complex engineering documents.
That bandwidth also allows Strand to “take snapshots every hour on the hour, so we can facilitate a file restore in about three to five minutes,” says Bell. Given the expense the company would incur if an engineer had to repeat several hours of work, the ability to take snapshots helps justify the cost of disaster recovery even without a disaster, he says.
Cloud Disaster Recovery? Not So FastSome providers say cloud-based disaster recovery will bring the benefit of true disaster recovery, rather than just backup, to small and midsize businesses that until now couldn’t afford it.
Pat O’Day, co-founder and CTO of Bluelock, a provider of public cloud virtual datacenters, says customers are increasingly satisfied with cloud security. Many security experts say even public cloud environments in which multiple customers share hardware can be made secure with the proper processes.
But a fall 2011 Forrester Research survey showed that only 11 percent of large enterprises and 9 percent of small to midsize businesses had adopted recovery as a service, with 35 percent of large enterprises and 41 percent of SMBs saying they were interested in it but had no plans.
“Today, virtual backup and DR strategies are critical. Enterprises should put their data in virtualized file systems or on network storage to secure them.” —Sharat M. Airani, Chief-IT (Systems&Security),ForbesMarshall
Recovery in the Cloud Three things to think about before choosing a cloud-based data recovery service
1. Start with applications that already perform well in virtual or private cloud
environments but don’t support your most critical systems. this gives you time
to try different approaches and vendors.
2.be realistic about Slas, and know that most cloud providers won’t take
responsibility for your losses if you can’t recover after a failure.
3.Understand the interdependencies among the applications and services you
host in the cloud and those you host in a traditional datacenter so you properly
test recovery.
—Source: Forrester Research
VOl/7 | ISSUE/079 0 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
the125th
issuespecial
Coverstory_BIG_IDEA_Set2.indd 50Coverstory_BIG_IDEA_Set2.indd 50Coverstory_BIG_IDEA_Set2.indd 50
ph
Ot
Og
ra
ph
S b
y r
Oh
It g
Up
ta
, Im
ag
ES
an
d d
r l
Oh
Ia
Cover StoryCover Story
Berger says cloud providers only promise “not to go into your servers” when he questions them about security. “To me, that’s not enough,” he says, adding that the disaster recovery prices he’s hearing—$500 per month (about Rs 25,000) per server—are “more than I can justify.” He instead backs up approximately 60 VMs at two datacenters. The facilities are only a half-hour apart, so this setup would not meet some definitions of a disaster recovery system, but he says it covers most of his needs because the applications aren’t mission-critical.
However, some CIOs downplay resistance to cloud-based disaster recovery, saying that smaller companies can host their entire infrastructures in the cloud, and thus get some level of disaster recovery simply by keeping applications and data off-site.
Smaller companies that do choose the cloud don’t do it for the savings, they say, but because “it’s just so much simpler to have a system you set up and forget.”
While midsize organizations have some incentive to consider disaster recovery in the cloud, few of them use the cloud for mission-critical systems that require true disaster recovery—and what they get in the cloud is closer to dedicated hosting (with the customer’s data and systems running on separate hardware) rather than a multi-tenant, elastic, pay-as-you-go public cloud.
Most large organizations are big enough to provide disaster recovery themselves, CIOs say, and even if they weren’t, “there’s no good solution” for protecting sensitive applications in the cloud.
Cloud disaster recovery is also not suited for applications that rely on older platforms that most cloud providers don’t offer, or large databases that don’t perform well in the cloud, says Morency. Users also need to watch for the hidden costs of software licenses some cloud vendors charge for software sitting unused on remote VMs or disaster recovery systems, he says.
Both Gartner and Forrester also warn that most cloud disaster recovery providers will refund only a portion of a customer’s fee if disaster recovery falls short—nowhere near enough to make up for the potential revenue loss that such an event could cause.
“Security for DR in a virtual environment should be grounds up. With bolt-on security, it’s hard to customize and keep pace with change.” —Md. Jawed Ahmed, GroupIT Head, OmniActive Health Technologies
“DR on the cloud is a reality today. But identifying what you should take on the cloud and what you should keep within your premises is key.” —Sanjay Kukreja, Principal-TechnologyServices,eClerx
The cost of the bandwidth required to quickly recover an organization’s VMs and data from the cloud is often an unwelcome surprise, says Alan Arnold, executive vice president and CTO at Vision Solution Management, which provides high-availability and disaster recovery software and services. Some customers and providers opt to physically ship portable hard drives via overnight courier, says Arnold, recalling that one user joked that “FedEx is still the largest-bandwidth network out there.”
With IT so central to the business and budgets so tight, it’s essential to get input from top business managers to assess which applications deserve the highest levels
of protection. Ingram Micro, for example, conducted a business impact analysis that put various applications in different tiers, with voice, e-mail, ERP and ordering among the top priorities. The company thought of it “just like an insurance policy,” says Mazor. “It helped us think of how much insurance we’re going to buy.” CIO
Strand Associates, an engineering firm, uses an appliance to replicate about 50TB of data and 25 virtual servers between its HQ and remote offices. This is not only cheaper than using a colocation facility, but the higher bandwidth required for the replication also makes it easier for employees to videoconference and share complex engineering documents.
REAL CIO WORLD | M A y 1 5 , 2 0 1 2 9 1VOl/7 | ISSUE/07
Coverstory_BIG_IDEA_Set2.indd 51Coverstory_BIG_IDEA_Set2.indd 51Coverstory_BIG_IDEA_Set2.indd 51Coverstory_BIG_IDEA_Set2.indd 51Coverstory_BIG_IDEA_Set2.indd 51Coverstory_BIG_IDEA_Set2.indd 51Coverstory_BIG_IDEA_Set2.indd 51Coverstory_BIG_IDEA_Set2.indd 51 5/11/2012 6:16:00 PM5/11/2012 6:16:00 PM
By Bob Violino
But recent technology developments and trends, most notably server and desktop virtualization, cloud computing, the emergence of mobile devices in the workforce and social networks, are having an impact on how enterprises handle IT business continuity planning and testing. Much of the impact is for the better, experts say, but these trends can also create new challenges for IT, information security and risk management executives.
Here’s a look at how these tech megatrends are affecting IT business continuity specifically.
VirtualizationVirtualization is making business continuity planning easier for IT executives and their organizations, if for no other reason than it’s helping to reduce the number of IT assets, says George Muller, vice president, sales planning, supply chain & IT at Imperial Sugar Co, Sugar Land, Texas, one of
how It business t business tcontinuity is challenged by four tech megatrends: Social, mobile, virtualization and cloud.
Reader ROI:TechtrendsthatofferBCopportunities
The tradeoffs CIOs must The tradeoffs CIOs must be aware of
How to prepare How to prepare
In IT, failure is not an option. Not surprisingly, companies have made it a high priority to develop and implement reliable business continuity plans to ensure that IT services are always available to internal users and outside customers.
Best Practices •KnowthatVDIhasabiggerimpactonBCPthanservervirtualizationasitenablesstafftoworkfromanywhere.
•Rememberthatmobilesintheworkforce provide more flexibility for workforcerecoveryoptions.
“We manage some of our clients’ social media accounts. But, since it’s all cloud based—when doing our BCP—we also need to plan for Internet failures like the one caused by a fire at Airtel.” —Rohan Deshpande, CTO, Ogilvy & Mather
VOl/7 | ISSUE/079 2 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
Cloud Computing IT Consumerization Customer Focus Enterprise Risk Management Virtualization Business Continuity CIO Career
the125th
issuespecial
Keeping Keeping ITUpUp
Cloud Computing IT Consumerization IT Consumerization Customer Focus Customer Focus Enterprise Risk Management Enterprise Risk Management Virtualization Virtualization
Keeping
Coverstory_BIG_IDEA_Set2.indd 52Coverstory_BIG_IDEA_Set2.indd 52Coverstory_BIG_IDEA_Set2.indd 52
the US’s largest processors and marketers of refined sugar.
“For those of us who have been in the IT world for a few years, we’ve seen the transition from the old large mainframes to client server to Web-based applications to cloud based computing,” Muller says. “During that time the proliferation of PCs and servers has been wild.”
With so many devices to maintain and keep running, particularly physical servers in the datacenter, ensuring systems uptime had become a much greater challenge, Muller says. “With virtualization, we’ve now been able to reduce that footprint [of servers], which means when we are planning for business continuity now we’ve got fewer devices to worry about.”
Server virtualization has allowed communications and compliance technology services provider Walz Group in California, to greatly reduce its planned outages, and largely eliminate unplanned downtime, says Bart Falzarano, CISO.
Using server virtualization, the company can manage, support and secure its applications more effectively, Falzarano says. Walz has been able to achieve higher virtualization efficiencies (a higher number of virtual machines to hypervisor host) using newer infrastructure technology.
The company is then able to leverage workload mobility capabilities locally that allow it to quickly switch VMs and apps between different physical resource pools of compute, memory and storage.
“For maintenances, upgrades, firmware updates, critical patches, etcetera, Walz simply moves the applications away from the area being impacted by the maintenance activity,” Falzarano says. “Once the maintenance activity, testing and quality control checks are complete, [we] may move the application back to that region or area.”
Virtualization has actually had a bigger impact on disaster recovery than on business continuity, says John Morency, research vice president at research firm Gartner, although one area where there’s been an effect on continuity is work area recovery.
“But what more organizations are doing now is having people work at home or at Starbucks or the library or wherever,” he says. “The use of desktop virtualization technologies, in conjunction with secure tunneling, is enabling organizations to implement broader and more distributed work area recovery.”
Some businesses and functions, such as branch banks and customer service call centers, continue to use work area recovery services, Morency says. But a growing number of Gartner clients are leveraging virtualization to enable people to work offsite when needed, as an alternative to work area recovery.
Rachel Dines, senior analyst, infrastructure and operations, at Forrester Research, says desktop or client virtualization is having a bigger impact on business continuity than server virtualization.
“Client virtualization is making workforce recovery [possible] for many companies that cannot rely on employees working from home with laptops,” Dines says.
For example, at companies with highly sensitive information—such as financial services and insurance firms or government agencies—where employees are not issued laptops to prevent data leaks, client virtualization enables the rapid deployment of client images to disparate hardware at workforce recovery sites, Dines says.
In addition, organizations can deploy client virtual machines over the Internet and allow employees to access them via personal computers at home. “Either way, users are able to use the same environment that they are accustomed to on a daily basis, which means they will be more productive during the outage,” Dines says.
Cloud ComputingMany of Gartner’s clients are increasingly using software-as-a-service (SaaS) to support business processes, Morency says.
“With the use of SaaS for client-facing applications and even internal customer support applications there’s a much improved means of continued availability, even in the presence of minor or major disruptions,” Morency says. “You have a set of applications delivered from the cloud.”
But this also imposes additional responsibilities on IT as far as being able to broker those services or provide additional problem management triage when necessary, Morency adds.
Walz Group operates a private cloud and uses cloud management tools that Falzarano says are a key to the company’s business continuity initiatives. One such product the company is using provides a design architecture with combined networking, computing and storage infrastructure.
Every Walz application has a template associated with it, Falzarano says. These templates are checked into an “environments catalog”, and are centrally managed by cloud management software. Using the software and the templates within an environment catalog, the IT team at Walz can maintain business continuity effectively, Falzarano says.
The consumption of resources (for example, CPU, memory, storage, bandwidth) for these environments are displayed via dashboard, alerting and reporting metrics, and detailed trending such as daily, weekly, monthly and quarterly consumption helps with planning, determining and provisioning the capacity needed for business continuity and disaster recovery purposes.
Of CIOs say BCP drives
their security spend.
SOUrCE: IndIan InfOrmatIOn
SECUrIty SUrVEy
58 percent
Cover Story
REAL CIO WORLD | M A y 1 5 , 2 0 1 2 9 3VOl/7 | ISSUE/07
Cloud Computing IT Consumerization Customer Focus Enterprise Risk Management Virtualization Business Continuity CIO Career
Coverstory_BIG_IDEA_Set2.indd 53 5/11/2012 6:16:04 PM
“Putting e-mail on the cloud is easy since it’s a standard app. But running a customized SAP on the cloud—from a BC perspective—is a different challenge. You need the right vendor with proper SLAs. —Anil Khopkar, VP(MIS)&CIO, BajajAuto
Using the cloud management tool Walz can set up defined policies for scaling out additional applications, and this allows it to maintain business continuity through a more automated, on-demand type of provisioning, Falzarano says.
The software also allows Walz to provision to its private cloud or to a service provider’s private cloud. For example, if Walz is using 80 percent of the internal private cloud and suddenly sees a demand for a new application and wants to rapidly spin up development systems, it might choose to provision these development systems to a service provider’s private cloud instead of provisioning systems to the remaining 20 percent on its private cloud, so that it can maintain some growth reservation. The same type of model can also be used for business continuity, Falzarano says.
Imperial Sugar operates a hybrid cloud environment, with about 95 percent of its applications running on a private cloud in its datacenter and the remainder accessed via a SaaS model. The private cloud is provided by a network service provider and the SaaS software is delivered by software vendors on a hosted basis, Muller says.
Because the cloud environment is maintained by service providers and software vendors, the onus falls on them to ensure continuity, and that can be a benefit as well as a risk, Muller says.
“When I have a third party hosting the environment for me I look to them as part of the service-level agreement to have the resources—the people and hardware and infrastructure in place—so that they can guarantee me if the hardware has a problem
at one location they’ve got another location at one location they’ve got another location that will bring up my apps in a manner that is seamless to our internal users,” Muller says. “That’s sort of their problem, as long as I’ve got a strong service-level agreement in place with them.”
On the other hand, even with a service-level agreement holding the service provider responsible there are no guarantees that service will not at some point be interrupted, Muller says.
Not everyone sees cloud computing as influencing business continuity. “As of today, I don’t see a huge impact,” Dines says. “However, I do expect this to become a significant complicating factor in the future. As more organizations outsource more services to the cloud, it will become the job of the business continuity manager to audit the recovery plans of many different suppliers.”
In addition, Dines says, during a failure or testing, recovery will need to be coordinated across many different sites run by different vendors. “Longer-term, cloud will make business continuity much more complicated,” she says.
Mobile DevicesThe proliferation of mobile devices in the workforce is a benefit for business continuity strategies because it gives more flexibility for workforce recovery options, Dines says.
“As compared to the days when employees only had desktops and laptops, the ability to remain productive without access to a computer via tablets and smartphones is a significant advantage,” she says. “Additionally, it means that employees should be easier to communicate with during a disaster.”
Business continuity planning software vendors are putting more emphasis on ensuring that the software and information needed for business continuity can be accessible via mobile devices, Morency says. This includes information such as the current status of recovery, the locations to which employees should be going, what applications and services they can access and where they connect to get the latest emergency updates.
“This is not only for telecommuters but for the workforce in general and the mobile sales folks who need ways to access the information that is most relevant to them, and be able to access this through the device of their choice,” Morency says.
Enterprises “cannot depend on corporate headquarters or the datacenter always being
Of CIOs include BCP in their security
policies.their security
policies.their security
SOUrCE: IndIan InfOrmatIOn
SECUrIty SUrVEy
81 percent
VOl/7 | ISSUE/079 4 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
the125th
issuespecial
Coverstory_BIG_IDEA_Set2.indd 54Coverstory_BIG_IDEA_Set2.indd 54Coverstory_BIG_IDEA_Set2.indd 54
ph
Ot
Og
ra
ph
S b
y r
Oh
It g
Up
ta
, Im
ag
ES
an
d d
r l
Oh
Ia
Cover StoryCover Story
“Virtualization made it easy for us to prepare a BCP solution as it It reduced both capex and power and cooling requirements.” —Pertisth Mankotia, Head-IT,SheelaFoam
“We have evolved a BCP in such a way that we focus more on different platforms. The MDM strategy has been standardized on the basis of OS versions irrespective of the device one wishes to use.” —Vilakshan Jhaku, Sr.VP&CIO,BPTP
REAL CIO WORLD | M A y 1 5 , 2 0 1 2 9 5VOl/7 | ISSUE/07
available following a disruptive event,” Morency says. “They have to ensure that critical plan content is always available [including to mobile users] regardless of what happened.”
Many Imperial Sugar employees use smartphones, tablets and other devices for work, Muller says, and these devices would likely prove useful from a business continuity perspective because workers
would be able to use them to conduct business transactions and communicate with co-workers and customers from multiple remote locations.
The key issue is ensuring that these devices continue to have access to the software and services that allow them to function optimally for applications such as messaging and collaboration. “If I’ve got a Blackberry Enterprise Server I just need to make sure that it’s something I can bring up at a remote business continuity or disaster recovery site” if needed, Muller says.
The proliferation of mobile devices makes it easier for people to stay connected, “and certainly makes it easier to connect in a
business recovery situation,” Muller says. “A wireless PC can do the same thing, but a mobile device is smaller and easier to carry around and it costs less. You can do just about anything on a mobile device that you can do on a PC.”
Social NetworksA Forrester report published in July 2011, entitled “It’s Time to Include Social Technology in
Your Crisis Communication Strategy,” notes that while many risk professionals subscribe to automated communication services for reliable mass notification, “the widespread adoption of mobile devices and easy Internet access support the case for using social technologies like Twitter, Facebook, and Skype as critical components of your response plan.”
As companies look for rapid, effective communication approaches with key stakeholders in crisis communications, they should strongly consider leveraging social technologies, the report says.
Another report, “The Do’s and Don’ts of Using Social Media in Business Continuity
Management,” released by Gartner in January 2012, notes that social media “holds the promise of transforming enterprise business continuity management, especially crisis/incident management and communications practices.”
Social media is used by more than 80 percent of the world’s population, Gartner says, and enterprises can’t afford to ignore it as a crisis communications tool. But effective use of a new communications channel requires planning and practice, and attempting to leverage social media for the first time during a crisis can cause more harm than good, the firm says.
Among the key recommended steps are to determine which social platforms are already used by employees, customers and other stakeholders and use those platforms in crisis/incident management efforts; and use social media not only to communicate during a disaster, but to gather information and gain the support of outside resources that can help ensure ongoing business resilience. Business continuity management professionals should immediately begin assessing social media’s opportunities—and risks, the Gartner reports says.
“Social networks are both a blessing and a curse” for business continuity, Dines says. “They have the benefit of being an additional communication channel to get in touch with employees during a [business disruption]. However, they can be a headache for crisis communications and PR as they try to control potential damages to reputation and the propagation of rumors.” CIO
Sendfeedbackonthis [email protected]
Social media is used by over 80 percent of the world’s population, Gartner says, and enterprises can’t afford to ignore it as a crisis communications tool. But effective use of a new communications channel requires planning and practice.
Coverstory_BIG_IDEA_Set2.indd 55Coverstory_BIG_IDEA_Set2.indd 55Coverstory_BIG_IDEA_Set2.indd 55Coverstory_BIG_IDEA_Set2.indd 55Coverstory_BIG_IDEA_Set2.indd 55Coverstory_BIG_IDEA_Set2.indd 55Coverstory_BIG_IDEA_Set2.indd 55Coverstory_BIG_IDEA_Set2.indd 55Coverstory_BIG_IDEA_Set2.indd 55Coverstory_BIG_IDEA_Set2.indd 55 5/11/2012 6:16:07 PM5/11/2012 6:16:07 PM
VOl/7 | ISSUE/079 6 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
By Varsha Chidambaram But noses pressed flat against the corporate ceiling, a growing number of CIOs are choosing to reframe the argument: They are only at the end of their careers if they remain CIOs. But can they be more than CIOs? What challenges they will face if they become CEOs or COOs? And aren’t some of the qualities that are inherent to being CIO diametrically opposite of those you need for the top job?
A Quick Over the ShoulderThe CIO title made a modest entry into India Inc during the 90s. But if the title was new, the role wasn’t. “In those days they were called EDP managers or IS managers,” remembers N. Kailasnathan, an erstwhile CIO, and currently the EVP and COO of Titan’s Precision Engineering Division. Kailasnathan belongs to what’s being called the first generation of Indian CIOs. Most of this generation started out as programmers or coders, like Kailasnathan himself.
“Those were the days before SAP,” jokes Kailasnathan, referring to how, back in the day, all applications were homegrown and a lot more programming went into the IT function. “Our capabilities were tested on how well we were able to develop and support applications. There was no standard. You knew processes because you developed the application.”
In those days, the technology playing field was also very limited, a fact that cast a shadow on IT’s reputation. “I remember in 2000s, the only WAN link available was a point-to-point circuit. Look at
Reader ROI:What a CIO can bring to the CEO table
The challenges of moving beyond CIO
How to get ready
What do you do when you get to the top of the enterprise technology heap?If your answer is a French shrug, you are not alone. It’s a question that’s gaining burning status as the CIO role in India hits its stride and gains growing maturity.
“The CIO must first transform himself into a business CIO.” —Swaranjit Soni, Independent Consultant
the125th
issuespecial
Beyondthe as the CIO role cements its place in India Inc,
Cloud Computing IT Consumerization Customer Focus Enterprise Risk Management Virtualization BusinessContinuity CIO Career
the CIOthe choice we have now,” says Sanjiv Dalal, former CTO at Firstsource and current MD and CEO of Anunta Tech, a wholly-owned subsidiary of Firstsource. Dalal says that the lack of technology choices then led to CIOs being perceived as “status quoits”.
That changed very quickly. Technology disruptions ensured that. In the last decade new technology, and technology delivery mechanism like outsourcing have freed up CIO bandwidth, allowing them to create solutions that address business needs—and maturing the role in the process. “Technology has undergone a dramatic change, making so much more available today,” says Dalal.
From there, the CIO role really took off. Forward-looking IT leaders turned their departments from cost center to profit centers, from support functions to business enablers, from controllers to drivers of innovation.
And then, at the top of their game, some of them left it all to do other things.
Why Change Tack?CIOs who have moved beyond the CIO role say they were motivated to do so by different things. For some it was natural progression of their roles within their companies, for others it was the ambition to build something of their own. But a common theme runs across their stories: They didn’t move because they felt that their Career Is Over.
role cements its place in India Inc, CIOs need to ask: What’s next?
What Else You Can Be:•COO•CEO•Consultant
“Don’t look for a shift because you’re bored,” says Chinar Deshpande, formerly the CIO at Future Group before he became the CEO of Criti. Like many CIOs, Deshpande was an engineer and computer science student, which prompted him to join IT. However, after a few years in the US and an MBA later, he changed his career path (For another CIO who switched roles, turn to page 152).
“My experience in large enterprises like Hindustan Unilever and Pantaloons gave me the opportunity to lead global projects and try out new business ideas. And working closely with a leader like Kishore Biyani, fuelled the spirit of entrepreneurship in me,” says Deshpande. “I wanted to start something of my own.”
Another common characteristic among CIOs who have moved beyond the IT role is that they did a lot more than handle IT while being CIOs, making their shift to other roles less of a challenge.
Take the example of Swaranjit Soni, former CIO of Indian Oil Corporation and currently an independent consultant. “As CIO, I headed a large team of about 400 dedicated professionals from IT, operations, finance, logistics and HR. This required not only IT proficiency but total business operations insight.”
Kailasnathan is another example of CIOs who did more than IT. During his years as Titan’s CIO, he was invited to join
the board, no mean feat for a CIO even today. While heading IT, Kailasnathan also led numerous initiatives outside IT. He got into business excellence, knowledge management, ethics, social responsibility, and even corporate communications. His big break outside IT, he says, came from the top.
“I moved when my boss asked me to. He felt I could do much more outside IT,” he says.
Don’t Move Without…Whatever be the move, a CIO must ensure all possible impediments are cleared before he can make the plunge. One of those is lining up a suitable successor.
It helped that Kailasnathan had groomed a next-in-line that could take over his IT role. “I could move on thanks to a good deputy. If you want to move first make sure you have accomplished everything and more as a CIO. But also make sure you have someone you can trust to hand over the ropes to,” says Kailasnathan.
Dalal was familiar with both sides of IT having co-founded his own software company years earlier. So when the opportunity came to lead Anunta, he grabbed the chance with both hands. But it wouldn’t have been as easy without a robust IT team that could fill up the void his move would create.
REAL CIO WORLD | M A y 1 5 , 2 0 1 2 9 7VOl/7 | ISSUE/07
Cover StoryCover StoryCloud Computing IT Consumerization Customer Focus Enterprise Risk Management Virtualization BusinessContinuity CIO Career
5/11/2012 6:16:09 PM5/11/2012 6:16:09 PM
Kailasnathan moved on to an operational role, for instance, he brought process excellence with him. “As a CIO, you have great knowledge of processes. I was able to bring process efficiency into our operations,” he says.
A CIO’s analytical ability also makes them excellent consultants. “People must understand that devices are dumb and they have to be defined precisely. This skill of process engineering and the ability to define precisely, to the smallest detail, can be applied to any field making the CIO adept at many functions,” says Dalal.
Then there is the ability to push the benefits of IT beyond what ordinary CEOs can. “Being an IT guy at heart, I have been able to introduce IT solutions and process automation with more ease. I’m now a customer to IT, but I get preferential treatment since IT guys know me well,” says Kailasnathan.
That’s another common theme among CIOs who go beyond the role: A buried fondness for technology. “I miss the thrill of technology, of staying in touch with all that’s new and emerging. In business, everything is holistic and less technical,” concludes Kailasnathan.
You can take the CIO out of IT, but you can’t take technology out of a CIO. CIO
VarshaChidambaram issenior correspondent.Send
feedback on this feature to varsha_chidambaran@
idgindia.com
“I have been blessed by an old team at Firstsource that has been with me since I joined. Hence transitioning was a fairly straightforward job,” explains Dalal.
Then there are the skills you need to master. The good news is that you don’t need to be born with these skills, you can acquire them. “The CIO must first transform himself into a business CIO,” says Soni.
Dalal who is a self-confessed techie says he picked business skills as he floated up the corporate hierarchy. “My roots are in technology. But along the way I’ve acquired reasonable experience in finance, HR, business strategy,” he says.
While some like Kailasnathan grow within an organization, some need to look out for friends who support their career and push them into new territory. “Networking is essential. When you’re looking for a change, you’ll need people who have faith in you,” says Deshpande, who got his CEO break through a well-wisher.
Finally, CIOs taking on new roles need to be ready to unlearn, advices Kailasnathan. “You have to lose the tech orientation you acquired over the years. You need to develop a flair for dealing with the external world, dealing with financial numbers, costs and balance sheets. You have to produce month-on-month results,” he says.
What about learned behavior—like minimizing risk—that comes with the CIO territory? Does that make it tricky to take on a CEO’s role, which demands a high risk threshold? “Absolutely not,” says Dalal. “I don’t think CIOs are averse to taking risks. The innovations happening in the tech space is changing the typical CIO profile. A lot of CIOs today are willing to look at alternative technologies and experiment.”
What a CIO Brings to the Big Boy’s TableAlthough there is much for an aspiring CIO to learn, there are also a number of skills they posses that give them an edge their c-suite peers don’t have. When
“If you want to move first ensure you’ve accomplished everything and more as a CIO. Then make sure you have someone you can trust to hand over the ropes to.” —N. Kailasnathan, EVP and COO, Precision Engineering Division, Titan
“I don’t think CIOs are averse to taking risks. The innovations happening in the tech space are changing the typical CIO profile.” —Sanjiv Dalal, MD and CEO, Anunta Tech
“Working closely with a leader like Kishore Biyani, fuelled the spirit of entrepreneurship in me. I wanted to start something of my own.” —Chinar Deshpande, CEO, Criti
VOl/7 | ISSUE/079 8 M A y 1 5 , 2 0 1 2 | REAL CIO WORLD
the125th
issuespecial
Coverstory_BIG_IDEA_Set2.indd 58Coverstory_BIG_IDEA_Set2.indd 58Coverstory_BIG_IDEA_Set2.indd 58
Get the latest news, white papers, in-depth
analysis, best practices, perspectives and
case studies about Virtualization, including
server, storage, desktop, applications, OS and
network virtualization, management, security
and more.
EverythingVirtualization
Under One Roof
VirtualizationZone
Get In the Zone Today!Log on to www.cio.in/zone/virtualization
Bhaskar Bhat Managing Director,
Titan Industries
“You can outsource
something like payroll, but
business-driven creative solutions will only emerge when things are done in-house.”
the125th
issuespecial
Vol/7 | ISSUE/071 0 0 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 46VFTT_May 2012.indd 46 5/11/2012 3:43:13 PM5/11/2012 3:43:13 PM
EvEnt By
hostEd By
proud presenter of cio100
keYNote SeSSioNCIO is proud to announce Airtel’s continued association with CIO100 2012 for the 6th
consecutive year as the presenter of the Keynote Session.Bringing you the best of thought leaders, industry experts and speakers, the keynote
session is a defi ning moment of the CIO100 proceedings.
www.cio100.in/keynote-session
Harsh Mariwala Chairman & MD, Marico Industries
“We see the CIO as a shrewd
business leader and then a technology
expert. That’s why the function
is rightfully a business enabler.”
the125th
issuespecial
Vol/7 | ISSUE/071 0 2 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 48VFTT_May 2012.indd 48 5/11/2012 3:43:14 PM5/11/2012 3:43:14 PM
proud presenter of cio100
iNForMAtioN MASterMiNDspEcial awards
In today’s information age, IT departments need to store, manage, protect and analyze their most valuable asset—information—in a more agile, trusted and cost-effi cient way.
The Information Mastermind Awards, recognize IT leaders who handle the rising information management challenges of business, exceptionally.
www.cio100.in/information-mastermind
EvEnt By
hostEd By
the125th
issuespecial
“Incomplete communication, inappropriate ownership and
inadequate business understanding have to be the three biggest reasons
why IT projects fail.”
K.V. Kamath Non-executive Chairman
of the Board of Directors,
Infosys and ICICI Bank
Vol/7 | ISSUE/071 0 4 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 50VFTT_May 2012.indd 50 5/11/2012 3:43:14 PM5/11/2012 3:43:14 PM
EvEnt By
hostEd By
proud presenter of cio100
iNFrAStrUCtUrespEcial awards
A sound and scalable IT infrastructure is the key to building successful businesses. The Infrastructure Special Awards felicitate those extraordinary IT frameworks that have
propelled their businesses to the next level.
www.cio100.in/infrastructure
Kiran Mazumdar Shaw
Chairman & MD, Biocon
“There should never ever be finite goals.
One set of goals must result in the next set of
goals. Always.”
the125th
issuespecial
Vol/7 | ISSUE/071 0 6 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 52VFTT_May 2012.indd 52 5/11/2012 3:43:14 PM5/11/2012 3:43:14 PM
EvEnt By
hostEd By
proud presenter of cio100
iNNoVAtioN ArCHiteCtspEcial awards
In today’s competitive environment, innovation is the only criterion for business success. The Innovation Architect Awards honor path-breaking innovations in IT
implementations that give their businesses the winning edge.
www.cio100.in/innovation-architect
the125th
issuespecial
“With technology, looking at the short-term is not wise.
To witness its impact on business, look at the medium
and long term.”
Kishore Biyani Founder & Group CEO,
Future Group
Vol/7 | ISSUE/071 0 8 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 54VFTT_May 2012.indd 54 5/11/2012 3:43:15 PM5/11/2012 3:43:15 PM
EvEnt By
hostEd By
proud presenter of cio100
SeCUritY SUPreMospEcial awards
Today, business information is the most critical asset for any organization. The CIO100 Security Supremo Awards will recognize those IT initiatives that deliver the most robust security for modern threats and protect businesses from potential harm.
www.cio100.in/security-supremo
Lakshmi Narayanan Vice Chairman,
Cognizant Technology Solutions
“Focus on customers and deliver
an enhanced experience to
them. Delivering against the
norm is just not good enough.”
the125th
issuespecial
Vol/7 | ISSUE/071 1 0 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 56VFTT_May 2012.indd 56 5/11/2012 3:43:15 PM5/11/2012 3:43:15 PM
EvEnt By
hostEd By
proud presenter of cio100
greeN CrUSADerspEcial awards
Breakthroughs in technology need not harm the environment. The need of the hour is sustainable green computing that is energy-effi cient and reduces carbon footprint. The
Green Crusader Awards reward such eco-friendly IT initiatives.
www.cio100.in/green-crusader
Marten Pieters MD & CEO,
Vodafone India
“Maintaining standards
while growing inorganically is like changing
the engines on a plane mid-air, but it’s the only way
to profit and customer delight.”
the125th
issuespecial
Vol/7 | ISSUE/071 1 2 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 58VFTT_May 2012.indd 58 5/11/2012 3:43:16 PM5/11/2012 3:43:16 PM
EvEnt By
hostEd By
proud presenter of cio100
eFFiCieNt eNterPriSespEcial awards
For IT departments, living up to business’ expectations is par for the course. But delivering technology solutions that help them do and achieve more is the key to
success. The Effi cient Enterprise Awards honor those IT leaders that have surpassed their IT goals.
www.cio100.in/efficient-enterprise
the125th
issuespecial
“Being an early-adopter brings with it the possibility of failure.
But if you’re not a pioneer it’s difficult to see what lies ahead.”
N.R. Narayana Murthy
Chairman Emeritus, Infosys
Vol/7 | ISSUE/071 1 4 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 60VFTT_May 2012.indd 60 5/11/2012 3:43:16 PM5/11/2012 3:43:16 PM
EvEnt By
hostEd By
proud presenter of cio100
NetworkiNg PioNeerspEcial awards
Networks form the backbone of businesses around the world, and the enormous requirement to scale, as businesses grow, is the IT department’s biggest challenge.
The Networking Pioneering Awards recognize initiatives that have created efficient networking frameworks that address the issues of scalability and growth.
www.cio100.in/networking-pioneer
R.S. Sodhi MD, amul
“Competition is always good for growth. Never
turn away from a fight, it will teach
you a lot and will make you
more efficient.”
the125th
issuespecial
Vol/7 | ISSUE/071 1 6 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 62VFTT_May 2012.indd 62 5/11/2012 3:43:17 PM5/11/2012 3:43:17 PM
EvEnt By
hostEd By
proud presenter of cio100
HALL oF FAMeWhen success repeats itself, it refl ects the highest level of achievement. The 4th edition of Hall of Fame will felicitate those mavericks who have won the CIO100 Awards four
times in recent years.
www.cio100.in/hall-of-fame
The Organization: Carzonrent has the numbers stacked on its side. The Delhi-based firm, which drove into the car rental business in 2000, operates over 6,000 cabs ferrying 2,000 passengers everyday, and has raced ahead to become India’s largest car rental company. To fortify its position, it is adding 23,500 cars to its fleet, over three years, at an investment of Rs 2,000 crore.The Business Case: But its expansion plans needed more support from the company’s revenue management system, whose inefficiencies
resulted in revenue leakages. The company, which offers multiple payment options including cash, credit, direct payment and float (advance payment from corporate clients), sees, on average, 53,000 transactions a month. But due to its revenue management system, around 1.4 percent—about 735—transactions went missing, leading to direct losses.
“Due to erroneous processes a significant number of transactions were going unnoticed,” says Rajesh Munjal, VP-business operations, EasyCabs. “This happened for various reasons including if a chauffeur failed to submit a bill to the backend, if there was a time lapse in the submission of bills to a customer, or if a company was unable to collect bills from its branches punctually.”
Also its set-up failed to meet customer needs. “Some customers demanded post-journey payment, cash payment and customized MIS—along with supporting documents—to suit their ERPs. With the manual system we were incapable of meeting these needs,” he says. The Project: The only way forward was a robust revenue management system which could track every transaction from end-to-end, across various modes of payment and various customers. (Carzonrent offers chauffer-driven cars, self-driven cars, a limousine service, and an operating-lease service,
apart from its cab service, EasyCabs).
But this required an organizational push. So, Munjal rounded up multiple stakeholders. “I constituted a team of people from finance, collection, operations and IT. Over five months we carried out a gap analysis of the manual system and drafted a project blueprint,” he says.
Based on the team’s inputs, the IT team built an automated revenue management system on a .Net platform. Today, Carzonrent’s revenue management system is an online, real-time mechanism that tracks every transaction and ensures that each is closed, revenue is booked, and payment is received.The Benefits: The project, which cost Rs 2 lakh, delivered ROI swiftly. By plugging revenue leakages, it saves the company Rs 1.6 crore a year. The automated system cut manpower needs at central and branch locations from 26 to 13 saving Rs 23 lakh a year. Perhaps more importantly, the solution enhanced customer satisfaction and put Carzonrent miles ahead of its competition. “We are the only company in the industry with an automated revenue management system. Now, we are streets ahead of our rivals,” says Munjal. CIO
Sneha Jha is senior correspondent.
Send feedback on this feature to
Rajesh Munjal, VP-Business Operations, EasyCabs, saves his company Rs 1.6 crore a year by ensuring every transaction is captured.
casefilesCarzonrent * By Sneha Jha
Carzonrent puts in place a
robust revenue management
system after it loses track of 1.4 percent of its transactions.
Vol/7 | ISSUE/071 1 8 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Case Files.indd 56 5/11/2012 3:37:45 PM
the125th
issuespecial
“IT evolution is interesting. What was subject to an
ROI test 10 years ago is now a pre-condition for any
business strategy.”
R. Seshasayee Executive Vice Chairman,
ashok Leyland
REAL CIO WORLD | M a y 1 5 , 2 0 1 2 1 1 9Vol/7 | ISSUE/07
VFTT_May 2012.indd 65VFTT_May 2012.indd 65 5/11/2012 3:43:18 PM5/11/2012 3:43:18 PM
By using a system that
allows Flipkart’s engineers to
launch multiple versions of its website in real time, IT drives a new level of
innovation.
The Organization: Despite a slow start, e-commerce in India has grown by 70 percent year-on-year, according to the Internet and Mobile Association of India. Leading the pack of e-retailers is Flipkart. The brain child of ex-Amazon employees Flipkart has today become one of the most trusted avenues for e-commerce in India. The Business case: In 2010, thanks to the new-found confidence of the Indian online shopper, Flipkart’s numbers peaked.
But for Amod Malviya, VP engineering, Flipkart, that came with a caveat. “We had to be careful to not let our rapid growth kill the innovative spirit of the company,” he says. That’s a valid fear. In the business of innovation, complacency holds no ground.
Malviya knew he would have to empower users with new tools to innovate and stay ahead of the pack. But creating a new process wasn’t the solution.
“Processes force people to do things in a certain way, killing their creativity. If you remove the bureaucratic headache, people are encouraged to think freely," says Malviya.
While he admits that this approach opens new doors to risk, he knows that it also encourages a fearless culture of innovation—a must-have in the e-commerce business.The Project: With that goal in mind, Malviya implemented a framework. The framework has two components: One measures the performance of the website through various defined metrics. The second, more interesting one, uses an A/B framework (used to test the success of web marketing campaigns), allows multiple versions of the site to be live simultaneously. This helps the company conduct live experiments by siphoning off a small portion of the traffic and studying the results.
Both components work in tandem. The metrics tool is a dashboard that measures the website’s performance on various parameters. For example, if the transaction rate falls below a certain limit, systems are immediately alerted.
With the A/B component, Flipkart’s engineers can also rapidly implement their ideas. “When someone proposes a new idea, a lot of precious time is spent debating what-if scenarios.
Now, we can implement an idea, while mitigating its risks.”
For example, whenever an engineer wants to change the design of the homepage, the A/B framework redirects 10 percent of Flipkart’s traffic to the new design. They can evaluate the impact of the change with the metrics collection tool. If it leads to a dip in sales, they can immediately roll it back, and less than 10 percent of traffic is impacted.
“We started streaming metrics on large screens on the engineering floor so that engineers could track performance in real time—
unlike most websites that review their performance only once in a week or a month,” says Malviya.
This has been a huge hit with business users who can now float new products and toy with business ideas. The Benefits: Since the introduction of the tool in mid-2010, the company today sells more than 20 categories of products, clocking in sales of Rs 75 crore a month. In fact, in the last eight quarters, the company has doubled its revenue every quarter. CIO
Send feedback on this feature to
casefilesFlipkart * By VarSha ChidamBaram
Amod Malviya, VP engineering,
Flipkart, introduced a framework that
helped Flipkart doubled its revenue
every quarter.
Vol/7 | ISSUE/071 2 0 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Ph
oT
o B
y S
rIV
aT
Sa
Sh
an
dIl
ya
Case Files.indd 58 5/11/2012 3:37:46 PM
TRANSFORMING BUSINESS THROUGH JUDICIOUS APPLICATION OF IT
AN IDG CUSTOM SOLUTIONS INITIATIVE IN ASSOCIATION WITH
Satya Mishra, talks about how embracing cloud services and exploring non - linear business models can be a game changer for Indian banks.
INTERVIEW
PLUS
Battling ineffi cient manual systems, Maharashtra Gramin Bank was fi nding it hard to control
leakages and service its customers. But C-Edge’s core banking solution turned the bank around
and gave it’s customers an edge—in just 77 days.
TRANSFORMERS CASE STUDY TATA CONSULTANCY SERVICESCUSTOM SOLUTIONS GROUPTRANSFORMERS CASE STUDY TATA CONSULTANCY SERVICESCUSTOM SOLUTIONS GROUP
CompanyMaharashtra Gramin Bank
IndustryBFSI
OfferingProvides banking services in rural Maharashtra
Battling ineffi cient manual systems, Maharashtra Gramin Bank was fi nding it hard to control leakages and service its customers. But C-Edge’s core banking solution
turned the bank around and gave it’s customers an edge—in just 77 days.
ural banking in India poses a formidable challenge, requiring extraordinary logistical planning for what might be routine for an urban bank.
In 2008 and 2009, three small Regional Rural Banks (RRBs) in rural Maharashtra were amalgamated to form a single, stronger RRB named Maharashtra Gramin Bank (MGB), operating in 16 districts across Maharashtra with headquarters in Nanded. This larger fi nancial institution took up the task of improving the quality of banking services provided to its customers across all of its constituent banks. However, even the expanded Maharashtra Gramin Bank lacked the fi nancial resources to embark on a comprehensive technology build-out in the face of daunting implementation challenges.
Battling ineffi cient manual systems, Maharashtra Gramin Bank was fi nding it hard to control leakages and service its customers. But C-Edge’s core banking solution
BANKING ON THE RURAL EDGE
TRANSFORMERS CASE STUDY TATA CONSULTANCY SERVICESCUSTOM SOLUTIONS GROUPTRANSFORMERS CASE STUDY TATA CONSULTANCY SERVICESCUSTOM SOLUTIONS GROUP
According to Philip D’ Silva, chairman, Maharashtra Gramin Bank, rural banks require the same technology infrastructure as urban banks. Yet a rural bank’s footprint calls for higher costs for implementation and operations. Also, a rural bank’s customer base consists of people that have fewer fi nancial resources compared to their urban counterparts. As a result, rural banks cannot boast — or afford — sophisticated technology. “Remote rural areas are diffi cult to reach. They lack adequate transportation and communication facilities. Also, during the monsoon, floods can cut off access entirely. Other concerns include language barriers and lower literacy rates compared to urban areas,” D’ Silva said.
As a result, customer service at rural bank branches tends to be both expensive and traditional despite the national mandate for greater coverage of the banking network. “Our rural branch relied on manual operational systems and manual ledger systems, making it diffi cult for branch managers to compile accurate fi nancial information. In turn, branch offi cers were unable to supply adequate reports to regulatory authorities or to control leakage of income and expenditures. Furthermore, these manual systems did not distinguish between the bank’s best customers and defaulters —which affected customer service,” added D’ Silva.
Need for ChangeAccording to Ashok B. Shrigondekar, general manager (IT), Maharashtra Gramin Bank, “The bank needed to gain access to powerful core banking technology without committing to high, multi-year capital expenditures on computer hardware, computer software, database management systems, datacenters, disaster recovery centers, networking, and other equipment. It was also not possible for the bank to hire the phalanx of IT professionals required to maintain and upgrade these systems, let alone keep pace with rapid technological developments. Moreover, the bank lacked the resources to implement a layer of vendor management in order to source technology from multiple providers.”
“The desired approach was to fi nd a single vendor, ideally an established corporate entity with an established core banking solution, capable of placing MGB in the mainstream of Indian banking. The bank needed a low-cost core banking solution with no incremental expenses, that doesn’t compromise customer service. It also
needed to be reliable and provide easy access to regulators and risk managers in order to enable audits yet having a full complement of services for customers, high reliability for branch managers, and easy access to audits and reports for regulators and risk managers,” said D’ Silva.
So, after evaluating several solution providers, MGB selected C-Edge Technologies, a TCS subsidiary and a joint venture with State Bank of India.
The C-Edge AdvantageC-Edge combines IT services, business processes and core banking technology in a single, turnkey solution. Instead of having to invest in IT hardware, C-Edge customers share the cost of datacenters and disaster recovery centers, made available through a single, reliable, and technologically-advanced point of contact for all supplies and services.
“With C-Edge, MGB only needed to invest in branch-level hardware, peripherals and LAN technology, with the remaining investments shouldered by C-Edge and made available on a per-branch, per-month basis regardless of number of transactions and accounts,” says Shrigondekar.
The bank’s low infrastructure costs were fi xed up-front for a period of fi ve years, conferring the advantages of advance planning and cer-tainty of expenses. Technol-ogy changes in response to regulatory requirements are also covered by the arrange-ment, which gives the bank the ability to respond to new regulations at zero cost.
Governed by a rigorous service-level agreement, C-Edge guarantees uptime for all banking applications
77 DAYS was all it took to
go live with CBS to be implemented
across Maharashtra Gramin Bank
PHILIP D’ SILVAChairman, Maharashtra Gramin Bank
The CBS has enabled the
rural population to be the customer of the bank rather than be the customer of the branch.”PHILIP D’ SILVA, Chairman, Maharashtra Gramin Bank
Need for ChangeAccording to Ashok B. Shrigondekar, general manager (IT), Maharashtra Gramin Bank, “The bank needed to gain access to powerful core banking technology without committing to high, multi-year capital expenditures on computer hardware, computer software, database management systems, datacenters, disaster recovery centers, networking, and other equipment. It was also not possible for the bank to hire the phalanx of IT professionals required to maintain and upgrade these systems, let alone keep pace with rapid technological developments. Moreover, the bank lacked the resources to implement a layer of
BANKING ON THE RURAL EDGE
TRANSFORMERS CASE STUDY TATA CONSULTANCY SERVICESCUSTOM SOLUTIONS GROUPTRANSFORMERS CASE STUDY TATA CONSULTANCY SERVICESCUSTOM SOLUTIONS GROUP
and services. It also performs a comprehensive range of routine daily and periodic operations, including fi nancial reporting and regulatory reporting. Instead of managing the complexities of technology and operations in a difficult environment, the employees of MGB can now focus on the business of banking.
As part of the agreement, MGB sought to support rural employment and to ensure that customers could receive multi-channel services in local languages. To achieve these ends, a local help was established to ensure quality, local-language services, using traditional, face-to-face banking as one of the primary points of customer contact. C-Edge also offers 24/7 remote support for all of its banking clients, enabling bank customers and employees to obtain answers to complex queries through any customer channel.
Selecting the Right TeamWith 335 live branches, implementing CBS in MGB was no easy task. However, the team comprising staff from MGB, Bank of Maharashtra and C-Edge were up to the task. The team was so committed that the fi rst branch went live with a pilot program on 14th December 2010.
C-Edge selected a project manager with managerial and supervisory experience, and implemented rigorous, field-tested project management techniques for project planning, change control, risk management, reporting, and frequent reviews by C-Edge senior management.
To avoid delays, the process to establish business requirements was created before the
commencement of the project, and the data migration strategy was fi nalized before the start of coding. Guided by extensive experience in project management, C-Edge tracked milestones throughout the deployment to ensure prompt and timely delivery.
The management team of MGB with the support of IT team of Bank of Maharashtra (Sponsor bank) also played a critical role in the success of
the project. The bank’s business head monitored the overall status of the project, ensured the availability of suffi cient resources, and tracked budgets, while the bank’s head of operations led a cross-functional team consisting of both business and technical staff, whose contributions to the project established their credentials for future banking initiatives.
The branch managers were responsible for meeting the goals of the conversion schedule, including end-user training, “train-the-trainer” programs, and in some cases, basic technology skills. End-user involvement was an important component, as their inputs were provided during the requirement, acceptance, training, migration and implementation phases.
77-Day DeploymentThe tasks of data extraction and data mapping were performed by specialists in legacy systems migration. To move from manual bookkeeping methods, C-Edge employed professional data entry operators on-site, working with intelligent data entry systems that offered guidance, instructions, and data validation in order to prevent incomplete source data from being entered into the system. From there, experienced consultants at the regional or head offi ces performed data mapping between legacy data stores and TCS BaNCS. Finally, the cleaned-up, reformatted data was physically installed at each branch on the designated migration date.
The bank also provided coordinators and program managers to act as liaisons between the branches and the bank’s headquarters, and their contributions were essential to the success of the deployment. “We had to use professional logistics services to counter the lack of transportation facilities. We also needed translators to address local language issues, and training programs and meetings with staff unions to build awareness of the benefi ts of the deployment to the bank, its employees, and its customers,” says Shrigondekar. While most of the challenges were expected and the deployment team
The CBS has facilitated operational effi ciency of bank by improved housekeeping & preventing income seepages.”SHARADCHANDRA CHITALEChief General Manager, Maharashatra Gramin bank
16 DISTRICTS across remote
Maharashtra are covered by 335
branches of Maharashtra Gramin Bank
TRANSFORMERS CASE STUDY TATA CONSULTANCY SERVICESCUSTOM SOLUTIONS GROUPTRANSFORMERS CASE STUDY TATA CONSULTANCY SERVICESCUSTOM SOLUTIONS GROUP
had a plan of action in place to meet these challenges, the actual implementation resulted in the arrival of some unexpected visitors—monkeys.
At the branches, C-Edge had installed network equipment capable of meeting the rugged requirements of rural areas. Since the major infrastructure challenges revolved around ensuring uninterrupted power supply and establishing long-distance communications, concrete platforms had to be built to setup solar power modules, generators, and batteries along with satellite antennas and other network infrastructure. These became a favorite spot for the monkeys and they wreaked havoc with the communication and power systems. “We had to protect this equipment and hence cages were built around them,” laughs Shrigondekar.
Drawing upon strong contributions from all participants, the C-Edge implementation of TCS BaNCS across 335 branches of Maharashtra Gramin Bank was completed on 1st March 2011— in just 77 days after the migration of its fi rst branch.
Post-implementation Technology Environment“At the headquarters, the management now has a total view of its entire business with centralized consolidation of data and reports. New products can be quickly customized and launched, and the business has no constraints on scalability,” notes D’Silva.
Now that branch staff has been relieved from manual reconciliations and bookkeeping, data quality has improved immensely, yielding stronger risk management and asset management practices. In turn, this gives management the fl exibility to adjust interest rates, account policies, and exposure to various sectors based on market intelligence and branch-level data.
Stronger control over data also gives regulators better information on faster timeframes, leading to greater understanding and trust. Instead of having to send several reminders to remote branches, regulatory offi ces have easy access to data and reports, better monitoring of funds, and the ability to automate the processing of uniform, standardized data. Helping the regulator also helps the bank through lower costs of communication, photocopying and couriers.
At the branches, bank employees can gain a single view of customer relationships across multiple products, and have the ability to suggest the most appropriate complementary products for a given customer. For the fi rst time, they can focus on the business without getting bogged down in the technology, engaging in marketing of bank products rather than routine chores. Thanks to these changes, customers have now started to come back to the bank, especially in the semi-urban areas, as they are enjoying the same level of
service and selection offered by larger institutions, including multiple delivery channels and access to national-level payment systems. “The CBS has enabled the rural population to be the customer of the bank rather than be the customer of the branch,” summed up D’Silva.
What Next?The prestigious Asian Banker IT Implementation Awards jointly recognized MGB and C Edge for successfully implementing the CBS project, and was awarded best ASP programme in 2012. The bank has been a pioneer in assisting SHG- bank linkage programme and was awarded for best performance by NABARD under SHG – bank linkage programme in 2012 in Maharashtra.
With MGB entering the mainstream of the Indian banking sector, the roadmap includes extending banking facilities within its area of operation, expanding fi nancial inclusion for the unbanked rural centers, and widening the range of products offered. Also in the pipeline are enabling alternate delivery channels such as ATM debit cards, internet and mobile banking. NABARD has selected MGB for implementation of Aadhar enabled payments on Pilot basis. “We plan to expand our branch network to unbanked rural centers in newly allotted districts under financial inclusion and around seventy new branches are scheduled to be opened by March 2013. In addition to above we propose to introduce Rupay cards (interoperable) to our customers so that they can withdraw cash from any ATM,” concludes D’ Silva.
Through these efforts, and with the power of TCS BaNCS and the value proposition of C-EDGE, Maharashtra Gramin Bank will be able to make substantive progress on the decades-long national project of promoting regional rural banking.
With C-Edge, Maharashtra
Gramin Bank only needed to invest in branch-level hardware, peripherals and LAN technology.”ASHOK B. SHRIGONDEKAR, General Manager (IT), Maharashtra Gramin Bank
TRANSFORMERS INTERVIEW
Satya Mishra, Head of Business Solutions, TCS India
Satya Mishra talks about how embracing
cloud services and exploring non - linear business models can
be a game changer for Indian banks.
cloud services and exploring non - linear business models can
be a game changer for Indian banks.
Satya Mishra talks about how embracing
CLOUDCLOUDCLOUDCLOUDCLOUDCLOUDBANKING
CLOUDCLOUDCLOUDCLOUDCLOUDCLOUDBANKINGBANKINGBANKING
ON THE
TATA CONSULTANCY SERVICESCustom solutions Group
What are the emerging business models that will help banks deal with a rapidly changing market
place and customer needs in the coming decade?
Cloud computing and mobility are the hottest technology and business topics today. There have been three main
drivers of cloud adoption among banks so far: a preference for operating expense over capital expense; speed to solution; and flexible, scalable access to specialized resources — be they technology, software, or people. The cloud infrastructure enables a customer to receive services remotely. This gives small and medium firms access to the same kind of technology that is enjoyed by large enterprises.
Most banks are looking for ways to generate value from this new architecture and this has resulted in increased demand for mobile banking and other mobility-based capabilities. Cloud infrastructures can be a pillar of any serious mobility strategy, as banks look to move beyond baseline mobility capabilities to more sophisticated applications.Mobility encourages alternate solutions such as financial inclusion, and door step banking among others. TCS has made significant investment in these solutions and we have seen a lot of traction in the market place.
How can enterprises drive operational efficiencies with a service outcome-based business model rath-
er than an effort-based one?
Traditionally, enterprises have looked to build their IT infrastructure and had invested time, resources and
money to design the solution from scratch. This trend was replaced by a product-based approach where enterprises began to opt for pre-packaged software for applications such as ERP. While they did not build the software entirely, they would still have to customize it.
Now, enterprises are looking at using the cloud platform to opt for specific services and solutions without having to worry about where the application is hosted. Enterprises can now choose the services that they require from a catalogue, and pay for only the selected services. The delivery mechanism would be taken care of by the vendor.
How can businesses leverage established market positions and levels of trust to explore nonlinear
growth models?
A linear business model is when a company pays for what it consumes, in terms of effort required and units
consumed. There are several limitations in this model and it restricts how quickly a business can grow, since the vendor is focused on giving the customer more volumes rather than the required solution. Non-linear models linking client expenses to business outcomes or usage instead of headcount and effort spent are becoming common. Vendors are able to provide this by effectively utilizing technology and using solutions that is not based on individual resources, but rather deployed as a service. Non-linear models result in higher revenue productivity per
employee and thus, improved margins for companies. As billing is no longer based on effort and revenues are linked with productivity, thereby ensuring vendors share productivity gains with clients, it is a win-win situation for both the parties. TCS has invested heavily in the non linear platforms and iON platform for small and medium businesses and C-Edge platform for banks are excellent examples for this.
What are C-Edge’s current initiatives to facilitate non-linear growth among Indian companies?
C-Edge was set up to provide core banking services on the cloud on a pay-per-use basis. Unlike other applications
on the cloud such as e-mail, offering core banking solutions requires overcoming complex challenges such as enabling efficient business, security and IT processes. C-Edge has successfully established the model to offer core banking solution on the cloud, making it the market leader in this segment. This has enabled small and medium banks along with RRBs to integrate all their branches and have a single view of the bank for effective management and control. It combines IT services, networking and core banking application infrastructure in a bundle which helps them to run their bank efficiently and in a cost-effective manner. If not for a cloud hosted solution, the banks could not afford this solution due to the effort, internal skills and cost required to build this solution.
Today, there is an urgent need for innovation on multiple fronts – across products, services, deliv-
ery models, pricing and branding. How can C-Edge help enterprises achieve this?
Implementing core banking is the first step. Once the system is in place, the bank can use it to provide
multiple offerings and identify new business niches, develop customized services, implement innovative strategies and capture new market opportunities. Customer Relationship Management, use of data analytics (business intelligence), and alternate delivery channels such as mobile and internet banking will play a crucial role in driving innovation. C-Edge is working with its customers to help implement the IT systems and processes to address these needs while leveraging on the Cloud infrastructure in place. Our next step is to help the banks move beyond core banking and provide more value to their customers.
Transformers is brought to you by IDG Custom Solutions Group in association with
What's your plan of action to beat the slowdown?
ActionPlan
Private PracticeMurali Krishna K., InfosysPage 130
CitrixVirtual Workspace to Real ProfitPage134
The Art of Sharing Tarun Pandey, Aditya Birla Financial ServicesPage 130
CanonThe New Mantra for PrintingPage 135
Time for InnovationL.R. Natrajan, TitanPage 133
The Road to SuccessBert Cherian, Meta ResultsPage 133
What's the most over-used yet the most ignored word in the corporate world?Plan. Few have good ones and almost nobody wants to push theirs.
In tough times, that wont do. If there's anything that can help businesses keep their heads above the water, it's a plan—a plan that's executed. A plan to rise above dropping numbers, a plan to get ahead of the competition, and if nothing else, a desperate plan to stay in business.
Whatever your plan is this is probably the best time to test it. Slowdowns provide a solid ground for innovation, for leaning on cost-effective, yet cutting edge solutions, and for building more effective teams.
All it calls for is a strategy and a willingness to execute it. That was the message of this edition of the CIO Leadership Summit. Indian CIOs and experts came together to share experiences and insights on what it takes to create and execute a plan. Here's what you missed.
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 1 2 9Vol/7 | ISSUE/07
Leadership Coverage.indd 111Leadership Coverage.indd 111Leadership Coverage.indd 111Leadership Coverage.indd 111Leadership Coverage.indd 111Leadership Coverage.indd 111
Vol/7 | ISSUE/071 3 0 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
The CIO Leadership Summit had peer-to-peer sessions where CIOs shared their experience and best practices of implementing new technologies. CXOs and consultants came together to share their insights on innovation and self-management.
How I Did ItThe Tactics of Strategy:
Private PracticeNarrating the company’s journey to the private cloud, Murali Krishna K., senior VP and group head CCD, Infosys, shared the need, the opportunities and the challenges of private cloud implementations.
“Our customers expected innovative solutions with speedy, quality service. But it was expensive to deliver,” he said. That’s when he turned to the cloud, he said. In the company's private cloud environment, each cloud cluster is custom-made for a different business need or user profile. To enrich user experience, Krishna said he built a portal which was integrated with the company’s asset and project management systems. As a result, for example, server allocation reduced from two days to 30 minutes, he said. Today, his IT staff spends negligible time on task allocation and employees enjoy faster services.
Murali Krishna K., Senior VP & Group Head CCD, Infosys
The Art of Sharing Tarun Pandey, VP-IT, Aditya Birla Financial Services, provided Indian CIOs with best practices on how to harness the potential of an efficient shared services model.“To start with, CIOs should identify the common functions and processes across business entities and see if they can improve them,” said Pandey. He said that working in silos wasn’t the way forward and that CIOs should integrate all the elements of an organization into one single unit.
For Pandey, migrating to a common e-mail platform was one such initiative. “With an effective shared services strategy, we were able to integrate different products to support collaboration technology along with effective e-mail messaging,” said Pandey.
Tarun Pandey, VP-IT, Aditya Birla Financial Services
peer-to-peer
Leadership Coverage.indd 112Leadership Coverage.indd 112Leadership Coverage.indd 112Leadership Coverage.indd 112Leadership Coverage.indd 112 5/11/2012 4:43:46 PM5/11/2012 4:43:46 PM
Raman Roy Chairman & MD,
Quatrro BPO Solutions
“Challenge assumptions,
generate alternatives,
spur change and find new entry points. That’s
how you outpace competition.”
the125th
issuespecial
REAL CIO WORLD | M a y 1 5 , 2 0 1 2 1 3 1Vol/7 | ISSUE/07
VFTT_May 2012.indd 67VFTT_May 2012.indd 67 5/11/2012 3:43:18 PM5/11/2012 3:43:18 PM
the125th
issuespecial
“Economic slowdowns create great opportunities. Persistently
pursuing our business goals helped us sharpen our focus and
identify new growth areas.”
Rana Kapoor Founder, MD & CEO,
yES Bank
Vol/7 | ISSUE/071 3 2 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 68VFTT_May 2012.indd 68 5/11/2012 3:43:18 PM5/11/2012 3:43:18 PM
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 1 3 3Vol/7 | ISSUE/07
Time for InnovationIn his presentation, L.R. Natrajan, COO, Titan Industries, shared the strategic value of innovation with Indian CIOs. He narrated the innovation story of Titan and went on to explain how the company instituted a culture of innovation.
Titan follows a bottom-up approach. “At Titan the task of the senior management is not limited to finding answers to business questions. Their task is to come up with questions that they need to answer. If you come up with new questions and strive to find answers then that’s the trigger point of innovation,” Natrajan said.
Titan engages all its managers to formulate its five-year strategy. It has a structured process to involve the bottom of the pyramid in their strategic decision making. “Our vision, mission and values are co-created with our 2,500 employees. We encourage our employees to innovate and co-create value,” he said.
L.R. Natrajan, COO, Titan Industries
The Road to SuccessBert Cherian, business transformation consultant and CEO, Meta Results, in his presentation, emphasized on the importance of team building, instilling confidence and motivating oneself and others.
Cherian said the secret to achieve this lies in the PERMA concept coined by Martin Seligman, a renowned psychologist. PERMA stresses on the factors that contribute to a sense of achievement in human beings. The P in PERMA stands for 'pleasure', and this, Cherian said, is derived when people step out of their routine and indulge in things that make them happy. E stands for 'engagement'. Cherian said people should participate in activities that are enjoyable, yet challenging.
R is for building 'relationships' with your colleagues to inculcate team spirit. M stands for ‘meaning’: The drive to achieve something big. And A stands for ‘accomplishments’ the feeling of content because people have managed to realize tangible goals, Cherian said.
Bert Cherian,Business Transformation Consultant
& CEO, Meta Results
expert Speak
“At Titan, the task of the senior management is not limited to finding answers to business questions. Their task is to come up with questions that they need to answer. If you come up with new questions and strive to find answers then that’s the trigger point of innovation."
"Today’s organizations are not designed to produce teams that celebrate a sense of achievement and contentment. But managers who can create a holistic process to do that are bound to be successful.”
Leadership Coverage.indd 115Leadership Coverage.indd 115Leadership Coverage.indd 115 5/11/2012 4:43:51 PM5/11/2012 4:43:51 PM
V irtualization technology has evolved greatly over the years that today almost every part of the IT infrastructure is
coming up with the ‘virtual’ tag attached to it. However, even though many organizations have realized several business benefits through virtualization, most of them have not been able to get the hundred per cent out of it.
The versatility of virtualization enables it to cater to the diverse needs of diverse organizations. In fact, virtualization is capable of benefiting even niche areas, in India, such as research. Gopal Rangaraj, VP-IT, Reliance Life Sciences, illustrated this point when he said, “BYOD and collaboration are slowly gaining pace in medical institutions. The most important requirements in research are RoI and protection of intellectual property (IP). Availability of data is important as well. Virtualization looks promising in fulfilling these needs.”
While what has been said above holds true for the scientific community, the BFSI vertical can leverage virtualization’s potential for a completely different need. Madhavan Kandadai, CTO, IndusInd Bank, spoke about his experience in the industry. He said, “The greatest pain point we faced was the
geographical spread of our branches. We were also dissatisfied with the services our partners provided. Later, we started analyzing problems pertaining to software, hardware and printing. We are now looking to exploit the potential of virtualization and thin clients.”
In a discussion hosted by Citrix, which was a part of the recent CIO Leadership Summit, CIOs discussed strategies that would help them get the best out of virtualization technology.
Virtual Workspace to Real ProfitVirtual Workspace to Real Profit
One challenge that is common to almost all IT decision-makers is convincing the all IT decision-makers is convincing the management to adopt a certain technology. management to adopt a certain technology. However, ultimately, the onus is always on CIOs However, ultimately, the onus is always on CIOs when it comes to justifying the investment. when it comes to justifying the investment. Srinivasan, CIO, Sundaram Fasteners, put Srinivasan, CIO, Sundaram Fasteners, put this point across fluently when he said, “It is this point across fluently when he said, “It is never difficult to convince the management to never difficult to convince the management to implement technology that directly impacts, implement technology that directly impacts, but one has to put in a lot of effort to convince them to adopt a technology which they consider ‘fancy’.” It is thus in the CIOs’ hands to take the necessary steps to make it possible.
An interesting observation pertaining to virtualization in terms of cost savings is that IT decision-makers continuously miss on certain factors while calculating the RoI. Seemant Chaudhry, Director – Enterprise, Citrix Systems, educated IT heads on how they can achieve this. “Most CIOs fail to include factors such as electricity savings while making an RoI assessment. Truth is that a thin client consumes only one-seventh of energy that a PC consumes. CIOs can justify investment in virtualization and show real profits by keeping in mind such minute aspects," he said.
End-point heterogeneity is one of the greatest
challenges organizations face today. Citrix’s VDI technology
helps overcome this.”SEEmAnT ChAuDhRy
Desktop Transformation Evangelist Citrix Systems India
Leadership Summit I CIo Discussions CitrixCustom solutions Group
This roundtable is brought to you by IDG Custom Solutions Group
in association with
Vol/7 | ISSUE/071 3 4 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Prashant Veer SinghCiO, Bharti infratel
Murali Krishna KSr. VP & Head, infosys
M
The new mantra for Printing
Leadership Summit I CIo Discussions
In India, 57 large companies have opted
for the managed service solution and have expressed
satisfaction.”
K BhASKhAR, Sr. Director - Office Imaging Solution Division
CanOnCustom solutions Group
Ranganathan Ramani VP - it infrastructure, Vodafone india
Yatendra Kumar Head - it, Gokaldas Exports
Leadership Summit I CIo Discussions CitrixCustom solutions Group
M anaged services model for printing has the potential to reduce costs, but some businesses are slow to
transition on account of the existing number of legacy printers. This was one of the chief observations during the debate on the suitability of a managed services model for the printing needs of an organization during a round table session titled "Business Transformer: Is a services approach viable?"
"Around the world, almost 80 percent of companies have gone for the managed services model, while in India it is only around 35 percent. We are trying to understand why," K Bhaskhar, Senior Director, Office Imaging Solution Division, Canon India said. The round table was moderated by Gunjan Trivedi, Executive Editor, CIO magazine and Bhaskhar.
Vilakshan Jhanku, CIO & Senior VP, BPTP said that they had adopted a managed services model since the last four years. "When we transitioned to Canon, the additional monitoring mechanism helped induce a change. The number of prints was halved and we saved paper costs by around 50 percent," he said.
Tarun Pandey, VP – IT, Aditya Birla Financial Services, mentioned how banks and other organizations are trying to educate customers on the need to cut down on prints to help save the environment. This has also
CIOs debate on how the managed service model is revolutionizing the printing process.
The New Mantra for PrintingThe new mantra for Printing
Leadership Summit I CIo Discussions
helped banks save on costs. Other CIOs agreed that education and awareness on reducing prints has brought about noticeable results. Ram Gollapudi, GM- IT operations, Tata Teleservices mentioned how their custom-built printers have screen displays indicating the cost of print in terms of water used and number of trees consumed. "This has brought about a reduction of prints by nearly 60 percent," he said.
On the topic of billing for measuring print-related expenses, K R Bhat, GM-DIT, NABARD mentioned that, in their case, toners were purchased by another department, so the expenses on toner were only available on a quarterly basis. The separation of print, such as toner purchases, from other IT expenses, was often mentioned as hindering visibility into the combined IT costs.
Bhaskhar noted that it would serve businesses to go for a replacement policy, where they could opt for new printers models as the cost of printing was often three times less as compared to printers of old models. “In India, 57 large companies have opted for the solution and have expressed satisfaction,” he said.
helped banks save on costs. Other CIOs agreed that education and awareness on reducing prints has brought about noticeable results. Ram Gollapudi, GM- IT operations, Tata Teleservices mentioned how their custom-built printers have screen displays indicating the cost of print in terms of water used and number of trees consumed. "This has brought about a reduction of prints by
In India, 57 large companies have opted
for the managed service solution and have expressed
satisfaction.”
K BhASKhAR, Sr. Director - Office Imaging Solution Division
CanOnCustom solutions Group
This roundtable is brought to you by IDG Custom Solutions Group
in association with
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 1 3 5Vol/7 | ISSUE/07
Ranganathan Ramani VP - it infrastructure, Vodafone india
Yatendra Kumar Head - it, Gokaldas Exports
The Green IT Enterprise Survey and Awards was initiated by CIO Magazine in 2009 as a quest to understand the green IT initiatives of Indian enterprises and to identify
companies that are reducing the energy consumption of their IT equipment, and using technology to conserve energy, lower carbon emissions, and implement smarter and more effi cient IT infrastructure and practices.
In this third edition, we aim to throw light on the growth, over the last four years, of green energy practices in India. There is a signifi cant increase in awareness among not just IT leaders, but also among business heads about the importance of eco-friendly practices and a stronger focus to have an effective and more effi cient IT infrastructure.
Top Level Support
Power Audits Gain Popularity
91%
71%
of CxOs explicitly support green IT initiatives.
Of Indian CIOs say they’ve had a datacenter power consumption audit, a 10 percent
increase from 2009.
GOING GREEN
2011: 46% 2012: 47%
Recycled Products Preferred
96%Of Indian organizations say that energy effi ciency is a deciding factor in purchase decisions.
Focus on Energy Efficient IT
More CIOs Take to Outsourcing of Datacenter Management
A growing number of Indian CIOs are imbibing greener practices, matching the board-level importance that corporate social responsibility has achieved.
Top Three Verticals Adopting Energy-Efficient Practices
ManufacturingBFSIIT/ITES
There’s been a 11 percent increase in the number of Indian organizations that prefer to buy recycled products since 2009.
61% 67% 73%
2009 2011 2012
2011: 44% 2012: 50%Plan to Outsource
Have Outsourced
Virtualization Gains
Alternate Energy Heats Up*
favor purchas-ing recycled products
The number of Indian companies using alternate energy has almost doubled since 2009.
71%
15% 18%
There's been a steady increase in the adoption of virtualization. This trend could be an indicator of an increased desire to use cloud-based services among Indian organizations.
2009
2010
2012
82%87%
25%
2009 2011 2012
An average of
85% of Indian companies say that
they have managed to reduce IT energy cost by at least
5%every year.
78% of Indian companies have managed to avoid building new datacenters by using a
combination of efficient IT strategies including virtualization
and consolidation.
Hardware RefreshThe number of CIOs replacing servers over three-years-old with energy- efficient models is increasing.
63%
2009 2011
67%
2012
69%
Presented by:
*Refers to solar and wind energy
Survey Methodology:Data for this survey was collated from surveys done in 2009, 2011 and 2012, adding to over 650 responses between. All companies surveyed were medium to large enterprises. The sample set represented a cross section of Indian enterprises with 22 percent from manufacturing, 19 percent from BFSI, a little over 13 percent from IT and ITES, 6 percent from the auto sector and another 6 percent from telecom companies, while the rest represented miscellaneous verticals.
The Green IT awards, organized by CIO and APC by Schneider Electric, honor the exemplary efforts of those who have
succeeded in reducing their organization’s carbon footprint and ensuring a greener environment.
TOP 15 GREEN IT ENTERPRISES
Presented by:
The Green IT Study and Awards presented by CIO magazine and APC by Schneider Electric, hon-ors exceptional work in building
smart, energy effi cient enterprises. In its third edition in India, the award has evoked great aspiration going by the huge number of entries that we received this year.
Three-hundred-fi fty-fi ve participants fi lled out the nomination form for the Green IT Study & Awards. To win this year, com-panies and their IT leaders had to dem-onstrate that they were able to reduce the energy consumed by their IT equipment and that they used technology to conserve energy and lower carbon emissions.
CIO magazine and APC by Schneider Electric honored the winners at the CIO
Leadership Summit that took place in Bangalore recently. This year we not only recognized the Top 10 Green IT Enterpris-es but also honored fi ve companies from the midsize segment (revenues between Rs 500 and 999 crore).Judging methodology: Different ques-tions in the survey were associated with unique weightages, based on the signifi cance of the parameter. Conse-quent tabulation and comparison of the responses helped us determine the winners. Also, a good deal of thought and effort was invested into fi nding out whether certain technologies that were touted to be game-changers in improv-ing green IT had actually brought about a transformation.
Most organizations continue to follow several tried-and-tested methods to en-sure lower a carbon footprint. Some of these initiatives include promoting pa-perless offi ces, using video conference and other collaboration technologies, installing intelligent energy management systems and purchasing energy-effi cient systems. The initiatives the winners took were not restricted to just IT practices, but included the overall infrastructure of their organizations.
A majority of the winners were united in the opinion that ensuring green IT is not a one-time effort and that a sustained push is key if any of these initiatives are to be fruitful in the long run. Vijay Sethi, CIO and VP, Hero MotoCorp, refl ected this
opinion when he said, “It is not today that we embarked on a green IT journey. Our organization is highly eco-conscious and has been pursuing green IT is a part of our working principles.”
Similarly, smart ways of managing the datacenter and the use of virtualiza-tion are gaining traction among many organizations. The winners said that they are focused on further shrinking the carbon footprints of their datacen-ters. Arup Choudhury, CIO, Eveready Industries, spoke about how his orga-nization’s green IT plans are predomi-nantly directed towards datacenter improvement. He said, “We plan on fur-ther reducing the power consumption of our datacenter and getting our DR
site completely green. Another idea is to implement a modular datacenter.”
Finally, CIOs are not treading only on the well-beaten path in their attempt to be more green. Their experience and expertise is helping them explore innovative ideas to en-sure greener IT infrastructure. For example, Madhavan Kandadai, CTO of IndusInd Bank, said, “Nearly 25 percent of our ATMs are powered by solar energy now. We are trying to utilize solar energy wherever possible.”
There is increased awareness about the need to enable green IT among organizations today. Selecting only 15 winners was a tough choice, and going forward, there is defi nitely going to be more competition as CIOs actively pioneer the cause of being environment-friendly.
WINNERS: LARGE ENTERPRISES
VENKATESH NATARAJANAshok Leyland
PRASHANT VEER SINGHBharti Infratel
VIJAY SETHIHero MotoCorp
DEVESHWAR DAYAL MATHURHSBC
MADHAVAN KANDADAIIndusInd Bank
MURALI KRISHNA K.Infosys
V.V.R. BABUITC
ALPNA J. DOSHIReliance Communications
ASHISH PACHORYTata Teleservices
RANGANATHAN RAMANIVodafone India
ASHISH AGARWALApollo Munich Health Insurance
RAMNATH IYERCRISIL
ARUP CHOUDHURYEveready Industries India
GOPAL RANGARAJReliance Life Sciences
RAVI SHARMAWatson Pharma
WINNERS: MID-SIZED ENTERPRISES
the125th
issuespecial
“Proactive investment increases the velocity of decision-making when a business opportunity
presents itself. Chance will favor the prepared.”
S. Ramadorai Vice Chairman,
Tata Consultancy Services
Vol/7 | ISSUE/071 4 0 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 70VFTT_May 2012.indd 70 5/11/2012 3:43:20 PM5/11/2012 3:43:20 PM
A Single Pane of GlassIT MAnAgEMEnT | Virtualization cuts hardware, power and real estate costs by combining multiple servers, networks and storage arrays into virtual pools. But for users like Pat O'Day, CTO at hosting and managed services provider BlueLock, managing those resource pools means wrestling with multiple applications.
"There's a backup console, the SAN has a console, anti-virus has a console—everything has its own console," says O'Day. Buying all of those apps and training staffers to use them is costly and makes it hard to tune a virtualized environment to meet changing needs.
Rich Phillips wishes he could instantly create a virtual machine and provide everything it needs, such as load balancers, firewalls and database connections, and then automatically register it with his configuration management database. But the tools he's seen that are designed to do that are either too expensive or "not fully baked," says Phillips, principal network engineer at Apollo Group, which provides IT services to the University of Phoenix and other schools.
Hurdles to the Single ConsoleNo vendor currently provides a "single pane of glass" for virtualization management. And to use a product like that, some organizations would have to combine and retrain separate teams that now manage servers, networks and storage. Moreover, customers who have invested in
IT wants fewer, more
comprehensive virtualization
management tools. But for
now, specialized vendors tackle
different challenges.
technologyessential A CLOSER LOOK AT viRTuALizATiOn
Ima
gE
By
ph
oT
oS
.co
m
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 1 4 1Vol/7 | ISSUE/07
By RoBeRt L. ScheieR
Essential_Tech.indd 81 5/11/2012 4:35:59 PM
Vol/7 | ISSUE/071 4 2 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
ESSEnTIal technology
management frameworks from bigger companies would be reluctant to replace them with new systems.
Many specialized vendors realize this and now offer plug-ins that feed data to higher-level management tools. Some of these products work either on their own or as part of a broader platform. Quest's Cloud Automation Platform, for example, integrates with existing management tools to provide cloud-based management of IT services.
Apollo uses NetScout Systems’s nGenius Performance Manager, Service Delivery Manager, InfiniStream Console, 9900 Probes and Virtual Agents to monitor the performance of its network. Phillips says he wishes they could also monitor and troubleshoot the servers and storage arrays that can slow application performance.
Vendors are working to develop tools that enable users to manage entire systems through a single console—or a ‘single pane of glass’—but for now, users must choose among products that manage only parts of their environments or focus on specific problems, such as security, backup or the sprawl of unused virtual machines.
Life-cycle ManagementEven if obsolete or unneeded VMs aren't powered up, they take up expensive disk space. If they are running, they use computing cycles and network bandwidth and can cause performance or security problems.
Life-cycle management systems find unused VMs by tracking the resources they're using or their scheduled expiration dates. They may also support templates that control the amounts of CPU, memory, storage and network bandwidth available to different types of VMs; the backup or fail-over policies associated with them; or their life spans.
Ted Waller, Internet operations engineer at Cvent, a vendor of online event management software, says he uses V-Commander virtual machine management software from Embotics because with it, he can ask users to set expiration dates for the VMs they request. Like many other tools, V-Commander can also send warning e-mails to owners of VMs that are due to expire, among other capabilities.
Administrators can control VM sprawl by making users pay for the virtual resources they use (chargeback) or showing them the costs of the assets they use (showback). Showback systems are easier to implement than chargeback systems; they also help internal IT shops prove that they can match the prices of outside providers.
Security and ComplianceAs virtualization becomes more common, security and regulatory compliance become more critical. But dealing with those concerns isn't easy, because traffic flowing among VMs within a host is harder to track than traffic among physical servers passing over the corporate network, says Ken Owens, technology vice president for security and
virtualization at Savvis, a managed services and hosting provider.
Some data might have to be encrypted, or it might only be allowed to run on network segments with certain security configurations. Waller would like to tweak his network configurations using V-Commander rather than VMware, whose access controls he calls "clunky." Owens says Savvis chose Vtrust security software from Reflex Systems because it blocks threats and can monitor traffic within a virtualized environment and ensure that VMs have the proper security configurations.
VMware's vShield products provide a single framework to secure virtual servers, networks, data and endpoints, and its vCloud Director creates ‘virtual datacenters’ that keep customers data and apps separate. That's vital for vendors that need to protect customer data in multi-tenant environments.
HyTrust's Appliance provides automated administrative access control, "hardens" the hypervisors that manage VMs, and ensures that VMs are configured correctly. Enterasys Network's Data Center Manager identifies VMs by their MAC (media access control) addresses when they enter the network and applies the appropriate security policies.
Products that identify VMs that ‘drift’ from desired states include CA Virtual Configuration, BMC BladeLogic Server Automation Suite and VMware vCenter Configuration Manager.
Integrated ManagementSince virtualization makes it possible to pool servers, storage and networks, it's becoming increasingly important to manage those components as an interrelated unit.
Storage is one area where some users would like better visibility. Waller, for one, says he has "no way to know if a VM is out of control or eating up more space than it should." O'Day says he would like to trigger space-saving de-duplication for an application right from the VMware management console, instead of logging into the SAN console to understand which logical unit numbers (LUN) or volumes support those apps.
Vendors are developing tools that manage entire systems through a single console but for now, users must choose among products that manage only parts of their environments.
36% the average amount that indian enterprise servers are virtualized.
SoUrcE: IndIan cloUd compUTIng SUrVEy
Essential_Tech.indd 82 5/11/2012 4:35:59 PM
Sam Ghosh Group CEO,
Reliance Capital
“A key lesson learned from the
last slowdown was the need to take a variable cost approach
closely linked to the top-line.”
the125th
issuespecial
REAL CIO WORLD | M a y 1 5 , 2 0 1 2 1 4 3Vol/7 | ISSUE/07
VFTT_May 2012.indd 73VFTT_May 2012.indd 73 5/11/2012 3:43:21 PM5/11/2012 3:43:21 PM
Sanjeev Bikhchandani
Founder & Executive Vice-Chairman,
InfoEdge
“Our core strategy is to launch
in uncharted areas and take
on unsolved problems. That’s the only way to
stay sharp.”
the125th
issuespecial
Vol/7 | ISSUE/071 4 4 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 74VFTT_May 2012.indd 74 5/11/2012 3:43:22 PM5/11/2012 3:43:22 PM
performance management myths
performance management has become
the key element in maximizing any
virtualization initiative, but many myths
have emerged that, left unchecked, can
stall an entire virtualization initiative. here
are three:
Separate tools are OK in a virtualized infrastructureReality: Understanding the causality of
performance issues is critical. To do so
IT requires integrated insight in a single
system—for example, insight into all
objects' interactions with other objects
that may be causing the problem.
Virtualization is a dynamic infrastructure,
and IT needs to monitor dynamic shifts
as they occur to see correlation between
objects and interactions.
ROI for performance management is impossible to determine in virtualizationReality: Effective performance
management gives IT a way to maximize the full roI of their virtualization initiatives
by reducing problem resolution time and
extending their virtual footprint to include
loB apps. Both enhance virtualization's
value to organizations and give IT the ability
to easily communicate the long-term value
of the technology beyond capex savings.
Performance management doesn't have to be liveReality: To ensure performance of a
virtualized infrastructure, you must deal
with information associated with a huge
number of objects in a live and continuous
fashion. Without live, interactionally
focused performance management
you only have partial picture of what's
happening in your infrastructure. Second-
by-second insight allows IT to see what
set of interactions caused a particular
performance shift.
— nathanael Iversen
ESSEnTIal technology
Thin provisioning is another concern. Its purpose is to reduce storage costs by promising applications more space than is available on arrays, but it can crash multiple applications if a host with many virtual machines runs out of space on a thin-provisioned volume without warning. Embotics, among other vendors, provides some storage visibility by monitoring available space and suggesting where to allocate storage for new VMs.
Quest Software's vFoglight Storage and vOptimizer Pro provide performance and capacity management for storage in virtual environments, and vOptimizer Pro can automatically resize virtual machines to decrease storage requirements.
Vendors with roots in network management use network traffic data to aid management. When Enterasys' Data Center Manager identifies servers as they join the network, it reconfigures the network for sufficient bandwidth. Network management appliances from Infoblox are designed to identify new VMs when they request IP addresses and then trigger the provisioning of resources such as firewalls, load balancers and switches for those VMs.
Abiquo, a vendor of open-source management software, claims to offer "single pane of glass" management with a system that features policy-based controls of logical units made up of physical and virtual computing, network and storage resources.
Capacity ManagementMonitoring utilization trends and using predictive modeling to determine when to add capacity helps make wise virtualization investments. VMware's vCenter CapacityIQ provides visibility into servers and storage and (to a lesser extent) into the network; it also does predictive modeling.
BMC's ProactiveNet Virtual Performance Management does both capacity and performance management. Technology that BMC acquired from Neptuny will let customers use business metrics to determine investments in virtual infrastructure. Embotics provides real-time capacity and performance management, and VKernel Capacity Analyzer predicts bottlenecks and
their sources, and offers capacity planning and management.
Virtualization is worth little if users can't reconfigure resources to tune performance. For example, they might want to move VMs among physical hosts or devote more storage to a VM.
VMware recently purchased Integrien, whose technology analyzes data from the VMware vCenter management platform and other tools to warn of problems. Hyper9's virtualization management software, recently acquired by SolarWinds, identifies possible bottlenecks that might arise when VMs contend for memory and CPU cycles.
Quest's vFoglight highlights performance problems, provides detailed performance information, and issues alerts with recommended solutions. It also has the ability to automate fixes and allows users to see several virtual centers from a single interface.
NetScout uses deep packet inspection and analysis of network traffic to recommend ways to fix (and prevent) performance problems and integrates with the management tools that perform the fixes. VMTurbo's virtual appliances automate operations such as workload balancing and capacity management.
Abiquo claims that its system can manage virtual resources, using business policies based on security and compliance needs, energy costs, utilization and load balancing. Xangati's Xangati Management Dashboard offers real-time performance monitoring and provides in-depth information to uncover bottlenecks.
Disaster RecoveryVMware claims that its snapshot capabilities make it easy to capture the data and settings in a primary site and replicate it to a disaster recovery environment, while its vCenter Site Recovery Manager automates key backup and recovery processes.
But replicating LUNs in a virtualized environment requires labeling the affected LUNs and adding the remote site name to their descriptions. "And then you have to tell VMware to only put those VMs and those apps" on the disaster recovery site, says O'Day. "All I want to say is, 'This application wants to have a copy of itself over in Salt Lake City and another copy in Indianapolis.' "
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 1 4 5Vol/7 | ISSUE/07
Essential_Tech.indd 85 5/11/2012 4:35:59 PM
ESSEnTIal technology
Products designed to tackle disaster recovery include CA ARCserve Backup, which can perform backup, fail-over and other functions from physical-to-virtual, physical-to-physical and virtual-to-virtual environments. Actifio Inc. claims that its VMware SRM tool offers a simple, low-cost way to replicate virtual machines by using commodity storage. Veeam Software's Backup and Replication 4.0 combines backup and replication, native support for thin-provisioned disks and hot mirroring of active production environments.
Hewlett-Packard says that its Data Protector software supports all top server virtualization platforms, backs up both physical and virtual machines from multiple vendors through one interface, and provides eight methods of data protection. Symantec NetBackup 7 and Backup Exec support virtual environments. Symantec's recently announced ApplicationHA is designed to enable customers to set up high-availability VM clusters. CommVault's Simpana 9 provides automatic, policy-based backups of VM data and a single console to manage backup of physical and virtual servers.
Quest's vRanger is designed to speed full, incremental and differential VMware backup and replication and reduce storage needs. Its vReplicator is built to replace virtual machine images across networks to speed disaster recovery. And its vConverter converts physical systems into virtual images, and vice versa.
Virtualization provides almost infinite ways to combine computing, network and storage resources. Finding a single tool to handle every management need is a pipe dream, at least for now. Focus instead on identifying your most critical virtualization needs and finding the products that address them. CIO
Scheier is a veteran technology writer. Send feedback on
this feature to [email protected]
energy |datacenter managers are well versed in distributing power efficiently to
physical servers. But the proliferation of virtualization, with multiple Vms and apps running
on a single piece of hardware, has made this task a lot more complicated.
That's why a duke University researcher has partnered with microsoft researchers to
design a system that monitors the power needs of individual Vms and distribute power
based on application priorities. currently, IT shops use tools to over-subscribe power
distribution, provisioning less power to applications than they could theoretically use,
figuring that applications typically won't hit their peak power load. But while that method
works out well on physical servers, it falls short with Vms, says harold lim of duke.
It's easy to cap the power to a whole server, but hard to cap the power of individual Vms
and differentiate between applications. What's needed is an application-aware power
distribution system that has visibility into the Vm layer, he says.
lim, along with aman Kansal and Jie liu of microsoft research, designed a virtualized
power shifting (VpS) system that budgets power with these considerations in mind.
VpS dynamically shifts power among various distributed components to efficiently
utilize the total available power budget, as workloads and power availability vary," they write.
"power is distributed among application components in the correct proportions to achieve
the best performance. The system respects application boundaries and differentiates
performance based on priorities."
The system, they say, is more granular than existing technologies both in terms of
examining individual Vms and providing customization in the method of power distribution.
one challenge is making sure that throttling one set of applications doesn't affect another.
"In contrast to existing techniques that use only one power control knob, typically
frequency scaling, VpS uses multiple power control knobs and selects the optimal
combinations of power settings to optimize performance within the available power
budget," the researchers write.
— Jon Brodkin
Power at the VM Level
On the Cutting edge
Ima
gE
By
ph
oT
oS
.co
m
Vol/7 | ISSUE/071 4 6 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Essential_Tech.indd 86 5/11/2012 4:36:00 PM
Subhash Chandra Chairman,
Essel Group
“No organization can succeed if the
understanding of technology and its decisions are
left to technology decision-
makers alone.”
the125th
issuespecial
REAL CIO WORLD | M a y 1 5 , 2 0 1 2 1 4 7Vol/7 | ISSUE/07
VFTT_May 2012.indd 77 5/11/2012 3:43:23 PM
Subroto Bagchi Chairman, MindTree
“The factors that create emotional
infrastructure are most difficult
to replicate yet yield sustainable
competitive advantage and
value creation.”
the125th
issuespecial
Vol/7 | ISSUE/071 4 8 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
VFTT_May 2012.indd 78VFTT_May 2012.indd 78 5/11/2012 3:43:23 PM5/11/2012 3:43:23 PM
MObILE vIRTuALIzATIOn | New ideas in IT go through a long distillation process. Someone invents the idea, vendors talk about new product concepts, analysts weigh in on the value. Soon a new category of hardware or software materializes, but rarely in a fully formed state. With mobile virtualization, the pedigree is sound: Most organizations use some form of server virtualization.
Now, IT executives are faced with a new form of virtualization that takes place on smartphones. The idea is to run two instances of an OS on the same phone. That way, employees (and IT) can relegate personal apps and services to one OS and business
services to a more secure OS. There are two distinct approaches:
Type 1 runs at the root hardware level and requires participation from the OEM phone maker, while Type 2 virtualization runs as a secure app on any device.
As analyst Chris Hazelton with The 451 Group notes, there are pros and cons to each approach. Root level virtualization is more
secure, he says, and means trusted access to root-level services such as Bluetooth connectivity or firmware changes. The downside is that this root level access often requires permission and co-operation from phone vendors like Samsung and Motorola.
"This involves longer sales cycles, meaning limited device reach, and many layers of people to go through," he says.
Meanwhile, mobile virtualization software that runs as an app can mean easier deployment to more devices in a shorter timeframe. Type 2 virtualization is inherently less secure, he says, because the software does not work at the hardware layer. And, Type 2 may run slower than native apps.
Mobile Virtualization Meets the ChallengeEither approach will address a fundamental problem within many organizations: The dreaded BYOD conundrum. The reality of IT is that employees will bring their favored device into work, tap into company resources, and can compromise your security infrastructure. In fact, IDC estimates that 55 percent of all smartphones used in business will be employee owned by 2015. Mobile virtualization provides a way to meet this challenge head on, and even fully resolve it.
"Enterprise data can be kept separate from consumer applications and potential mobile malware," says Hazelton. "Any data within the virtualized environment is encrypted, preventing outside apps from accessing or interacting with corporate data and apps. IT can mandate a password on the corporate side of the device, letting users avoid password protection for consumer apps. If the employee leaves or the device is lost or stolen, IT can wipe just the enterprise data.”
"The idea of mobile virtualization is to create a partition between enterprise and consumer apps and data," adds Stacey Crook, a mobile enterprise analyst at IDC. "Once device virtualization is applied, the device can run two OS's that are completely separate from each other. Companies will
time for Mobile Virtualization?Virtualization is a reality in most datacenters these days, but now it executives are looking at mobile virtualization as a result of the ByoD culture. By john BRAnDon
The idea of mobile virtualization is to create a partition between enterprise and consumer apps and data. companies will be interested in doing this to protect their corporate data.
ESSEnTIal technologyIm
ag
E B
y p
ho
To
S.c
om
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 1 4 9Vol/7 | ISSUE/07
Essential_Tech.indd 89 5/11/2012 4:36:02 PM
ESSEnTIal technology
be interested in doing this to protect their sensitive corporate data."
As it stands, three companies: Enterproid, VMware and Red Bend Software—offer competing products in this market. Each has found a niche for the enterprise, and offers unique features geared for particular needs.
Enterproid Divide Enterproid (not available in India) offers the most straightforward approach. On an Android phone, the employee clicks one app and taps in a password to start a secure business instance of the OS. On the management side, IT can control which apps are installed, set policies and remotely swipe the business instance. Yet, IT also cannot touch the personal data of the employee or control app installs.
Andy Zmolek, the director of solutions engineering at Enterproid, says one differentiator between Divide and the VMWare Horizon Model hypervisor approach, which also runs as an app, is that Divide does not require any cooperation with the phone OEM. The install does not require
a low-level driver and uses the standard Android procedures for installing an app. Zmolek says other unique features include the ability for IT admins to send apps to the business instance based on employee role, control policies such as allowing copy-paste between instances, and using 256-bit encryption for data.
Zmolek says the Type 2 hypervisor for Divide allows more flexibility in deployment compared to a root-level hypervisor. "If you force the device OEM to do virtualization you will only have a few devices and it will take more time to bootstrap devices," he says.
VMware Horizon Mobile Virtualization VMware offers a hybrid approach to mobile virtualization. Its Horizon Mobile Virtualization, is not just a sandbox emulator that runs as an app, but instead offers some of the root-level benefits of a Type 1 hypervisor like Red Bend without requiring root-level access from the phone OEM. There is an app, but it is more baked into the OS than a virtual machine app like Enterproid Divide.
Horizon Mobile addresses the trend in IT where more employees are using personal devices at work. Hoofar Razavi, a VMware product manager, says there are too many restrictions put in place for the personal use of smartphone in the enterprise. Yet, the product also makes it safe for employees to conduct "transactional" activities in a secure mode. For example, employees can use their personal device to check Facebook status, but they can switch to the business instance to create expense reports or answer business-sensitive e-mails. This combination is more fluid to daily work. "Mobile devices might be
the only touchpoint employees use to interact with the enterprise," he says.
Interestingly, VMware has offered both Type 1 and Type 2 hypervisors for mobile virtualization. The company started out using only hardware-level virtualization. He says most smartphones are only on the market for about 9-12 months, but it takes about two years for OEMS to develop the phones. That means, hardware-level virtualization will always be running behind the market.
Razavi says the Type 2 hypervisor is well-suited to the current BYOD climate because the apps run as fast as a native hypervisor,
ESSEnTIal technology
Security code for Virtual mobileWith a US department of defense contract
in hand, open Kernel labs is working
with lg to develop a secure version of the
prada android phone for the department's
workers. Employees who have the phones
will be able to access government data using
secure apps, according to oK labs.
The dod can decide to let users switch
between a personal section of the phone
and a work section or simply load the secure
apps onto the phones.
oK labs is working on securing other
devices including tablets and devices
running other mobile platforms in addition
to android. The goal is to allow government
workers to carry one phone. Some workers
use two phones: one sanctioned by their
employer for security reasons and another
that the user chooses based on personal
preferences.
For the oK labs technology to work,
oEms must build software into the phones
before they are shipped and then apps must
be made compatible with the technology.
The result is a secure app running in a virtual
machine that can't be accessed by malware
that might be loaded onto the phone.
The company couldn't say what the
phones would cost but estimates they will
sell for 10 percent to 20 percent above the
wholesale price.
Subsequent phone models shouldn't
take quite as long to produce, particularly
for an enterprise that doesn't have quite
as arduous a process as the dod has for
introducing a new device, nerup said.
Virtualization on mobile phones has been
a hot topic recently. oK labs, Vmware and
red Bend are among companies virtualizing
mobile phones so that the most security-
conscious employees can use popular
consumer phones for work applications.
—nancy gohring
mobile virtualization can help reduce some complexity with Uc. IT can seamlessly merge one device into the enterprise as their business and personal phone become one.
Vol/7 | ISSUE/071 5 0 m a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Essential_Tech.indd 90 5/11/2012 4:36:02 PM
logical partition a new virtualization technique lets users
create two separate android "spaces" on
their smartphone, one for personal use
and a kind of walled garden for work use.
The beta software is from cellrox.
Using cellrox Jade, this work "persona"
can be fully secured and managed
for enterprise data, applications and
networks. yet the owner of a personal
device with Jade installed, still has
complete freedom to configure it as he
wants, with his personal choice of apps,
social media and all the rest.
It consists of an on-device client and
server software that's either loaded behind
the firewall or hosted by a provider is aimed
squarely at enterprise IT groups, struggling
to secure the mobile explosion.
The private and personal "spaces" are
color-coded: Blue for the workspace and
red or orange for the personal space. Jade
installs as a bar at the top of the phone's
screen, showing the space you're active
in, and reducing the other space to a color-
coded mini-tab on the bar. Just touching
the bar will switch the user from one
persona to the other, with no observable
impact on performance.
This "lightweight virtualization" technology was overseen by Jason nieh,
associate professor of computer science
at columbia's School of Engineering and
applied Science. The columbia University
researchers created a virtualization
layer not between the oS and underlying
hardware, but between two software
elements: The oS kernel and the UI that
runs above it.
"We can use the same kernel, the oS
core, and then create different containers
[for the UI space] above that," Eifferman
says. "We can even run more than two
instances. In the future, you'll have on your
smartphone a work persona and one for
your private life."
—John cox
the virtual instances can take advantage of new improvements in processor architecture faster, and Type 2 can support new business apps that arise.
Red Bend Software vLogix Mobile The main advantage to choosing Red Bend vLogix (not available in India) for mobile virtualization, a Type 1 hypervisor, has to do with speed and control. Lori Sylvia, a Red Bend vice president, says the company has worked closely with several device makers and semiconductor companies to make the product a native, hardware-layer component. Native, driver-level hypervisor provides better performance, better security and tighter integration. That ways next-gen enterprises devices will be ready for deployment.
One example of this is the new ARM A-15 Cortex processor currently in development. The processor supports native level mobile virtualization. With this chip, IT can create a secure enterprise domain for the phone that is used to deploy mobile OS for business. IT becomes like a service provider for the business platform, choosing the exact drivers, firmware, apps, and security. Red Bend is already familiar with this deployment model, since they provide the framework for many over-the-air firmware updates used by most major smartphone companies.
For personal data and apps, the employee then relies on the standard mobile carrier. When a notification appears related to the business instance, the employee can return to a home screen and access that platform. To visualize the difference between Type 1 and Type 2 hypervisors: The change from one platform to another might occur at the actual phone lock screen, as opposed to switching apps. This provides more hardware-level security and faster performance.
IT User Acceptance One of the challenges with mobile virtualization has to do with user acceptance. When an employee beings an iPhone into work, the last thing he or she expects is to have to hand the device over to IT for gatekeeping measures. Fortunately, as Hazelton noted,
ESSEnTIal technology
these employees will be more likely to go along with new mobile virtualization policies if they see the value in their job.
For example, mobile virtualization can help reduce some complexity with unified communication. IT can seamlessly "merge" one device into the enterprise as their business and personal phone become one. Employees will also benefit from more streamlined security: Anytime they surf the Web, snap a picture, or chat over instant messaging, they won't have an IT hawk looking over their shoulder.
Yet, Hazelton says, when they do engage in business activities—such as sharing a secure financial report—they can use the approved business apps and an OS instance that is governed by IT. There's also no need for a complex password on the device when an employee wants to check the news. Employees are also free to download any app on their phone as long as they do so in the personal virtual OS.
A major hurdle to widespread adoption: Most of the mobile virtualization software work only with Android phones today. That leaves the most popular phone in the world out of the loop: The iPhone. Hazelton says few organizations have standardized on only Android phones.
You Still Need Policies In the end, mobile virtualization does address some critical trends in the enterprise. The one caveat is that, mobile virtualization does not fully address rogue employee activity. There is a clear separation between personal and business activities, and IT can control which apps are approved for business use, but employees can still send personal e-mails that contain business data. They can still nap photos of financial records with their phone and transmit them over Yahoo Mail.
Hazelton advises companies to still go to the root causes of security breaches and develop clear mobile policies. Virtualization can help, but it is not a fool-proof answer to the BYOD problem. CIO
Send feedback on this feature to [email protected]
REAL CIO WORLD | m a y 1 5 , 2 0 1 2 1 5 1Vol/7 | ISSUE/07
ESSEnTIal technology
Essential_Tech.indd 91 5/11/2012 4:36:02 PM
MD India Operations at consultancy firm CGN & Associates, has spent 20 years
doing different things and doing
things differently.
Learn to Let Go
nurtured that passion for years before my first job showed me that, at that time, India had limited scope for engineering design. Being able to let go of something that I had invested so much in—and do so with the assertion that whatever I had learnt would be a knowledge trove for the rest of my life—was a huge learning.
A lot of unhappiness in this
Know Your Potential
ourselves. I remember when I was trying to start my own company, I needed to talk to people and do sales. The idea gave me cold feet. I wasn’t confident what people’s reaction would be and whether they would even be bothered to listen to me. So I kept putting it off until a friend pushed me. I made a few calls and after some meeting I realized how much I enjoyed meeting people. I love listening to their problems and trying to figure out a solution for them.
Treasure Lies BelowThe way companies have been built today, its easy to choose if you want to build bureaucracy or not. For example, Britannia has a pretty flat hierarchal structure. The entire company has less than 300 managers, which makes it relatively easy to communicate down the line. If you want to create the best teams, you need to create a robust way of communications that permeates to the lowest level. Because, it’s the absolute hands-on, nut-and-bolt guys that really matter. It’s extremely important that they are involved in what a CIO is trying to do, and have a say in what’s the best way to do it. Believe me, their experience with day-to-day issues means they can sometimes provide better ideas than senior boys.
Take RisksOver a career spanning 22 years, I have tried my hands at everything I wanted to do. I started by wanting to be a design engineer, moved to IT, have dabbled with consulting and have been a CIO. The ability to make transitions has contributed a lot to my life. I keep telling myself that I’m going to live this life once. Therefore, I chose to do as much as I can instead of brooding over choices that I made or didn’t make.
Believe I don’t see why most senior people are so flustered about how people are performing. We paint a scarier picture of things than they generally are. I like to believe that people are not as bad as we make them to be. I don’t believe people are lazy. I believe that people don’t hate their work. They might hate policies, they might hate their bosses, but they don’t hate their work. Most people come to work believing that they want to do a good job. If we can open ourselves to that idea, we will come across teams that can create magic together and individuals whose growth is commendable. We just need to help them do their jobs better. CIO
Alagu Balaraman has been an engineer
at L&T, associate director at PwC, exec
VP (IT & Corp. Development) at Godfrey
Phillips India, and VP & Process Architect
at Britannia Industries. Send feedback to
* d e b a r at i r o y
VOl/7 | ISSUE/071 5 2 M a y 1 5 , 2 0 1 2 | REAL CIO WORLD
Learned
Alagu Balaraman, former CIO and
current partner and MD India Operations
Learn to Let GoAs a youngster, the biggest thing in my life was engineering design. Designs fascinated me and I nurtured that passion for years
Know Your Potential Underestimating our potential is the worst thing we can do to ourselves. I remember when I was trying to start my own company,
t h e v o i c e o f e x p e r i e n c e * a s t o l d t o d e b a r at i r o y
Things I've Things I've Things I've Things I've LearnedLearned5world comes from people’s unwillingness to let go—especially when people are trying to grow in an organization. They want to take up new roles but are held back by investments they’ve made to execute their current responsibilities. I keep telling people that when they are trying to reach the top of the ladder, they have to put one foot up—and simultaneously lift the other foot up off the ground.
their problems and trying to figure out a solution for them.
Treasure Lies BelowThe way companies have been built today, its easy to choose if you want to build bureaucracy or not. For example, Britannia has a pretty flat hierarchal structure. The entire company has less than 300 managers, which makes it relatively easy to communicate down the line. If you want to create the best teams, you need to create a robust way of communications that permeates to the lowest level. Because, it’s the absolute hands-on, nut-and-bolt guys that really matter. It’s extremely important that they are involved in what a CIO is trying to do, and have a say in what’s the best way to do it. Believe me, their experience with day-to-day issues means they can sometimes provide better ideas than senior boys.
5/11/2012 3:32:23 PM5/11/2012 3:32:23 PM5/11/2012 3:32:23 PM
