VitAL : Inspiration for the modern business
vital Inspiration for the modern business Volume 4 : Issue 3 : January / February 2011
The human factor Cyber-crime targets the individual Volume 4 : Issue 3 : January/February 2011
Striking a balance getting the work/life equation right
entrepreneurial it unleashing your business potential fEATurE fOCuS: CONTrOLLINg ThE COMpLEXITy: 22-25
Cherwell. The service desk solution that sets you free to deliver service excellence The complete Service Management solution EMISE PR
Set yourself free of that legacy system, contact us today on 01793 858181 or visit www.cherwellsoftware.com
c ho r u o y It s’
No matter how hard you try, do your legacy systems just keep holding you back? Cherwell is the service desk solution that can really improve your performance and productivity. Offering true enterprise capability, it is easy to deploy, simple to manage and delivers ITIL best practice straight ‘out-of-the-box’. Built on a .NET framework with Web 2.0 technology, it is more powerful, customisable, scalable and cost effective than other comparable solutions. Our unique CBAT platform empowers customers to customise, configure and develop the system without the need for programming resources. Cherwell offers the solution that will help you to truly deliver service excellence.
Innovative Technology Built on Yesterday’s Values
you’re hired! Leader A
s a magazine we have long beaten the drum for IT becoming more business-focussed. Indeed, many of our columnists and contributors have backed this stance up with reasoned arguments about how it is the only way for IT to take its rightful place as a crucial part of the business that adds value and in fact without which there would be no business in the first place! But does this transition from being the awkward, often nerdy, needy black sheep of the family into the valued, trusted king-pin of the business that we have been witnessing lately require IT staff to have an entrepreneurial outlook? My initial reaction is that it certainly can’t do any harm, but is it necessary? The idea of a typical entrepreneur conjures up images ranging from Richard Branson, Alan sugar and the various ‘Dragons’ in their ‘Den’ (why Dragons I wonder?) to Del Trotter heading out with some hooky gear from his lockup in the trademark Robin Reliant van. It’s not an image that necessarily resonates with the cliché of the cerebral, highly technical boffins of the IT world. should we pay too much attention to clichés though? Perhaps not. In IT terms, having a highly developed sense of what the latest technology, be it cloud, virtualisation, unified communications or any of a host of everevolving and advancing hardware and software solutions – not to mention the increasing role played by mobile technology – can do to reduce cost and add value to a business. It is increasingly the former – cost reduction, especially cost reduction without any large capital investment - that is lighting-up the CFOs in organisations around the world. Arguably it is an entrepreneurial mindset that is best able to link these requirements to the technology that can actually deliver them. with no lesser a personage than the PM David Cameron himself going on record earlier this month to promise “the most dynamic and entrepreneurial decade in our history”, perhaps it is time for the IT entrepreneurs to make their presence felt. For more on this most topical of subjects check out the cover story on page 10 of this issue where Richard Grafton, partner at Andrum Consulting, explores how IT teams can unleash their ‘inner Branson’ and become more business focused and entrepreneurial. Until next time...
Matt Bailey, Editor
If you have any thoughts, feedback, or suggestions on how we can improve VitAL Magazine, please feel free to email me firstname.lastname@example.org
January / February 2011 : VitAL 1
Manage IT Complexity and Increase Efficiency
Discover how ASG’s solutions can enhance your existing IT investments by providing enterprise-wide visibility into your IT infrastructure and applications. Get the insight and understanding you need to enable continual improvement, efficiency, and maturity; while containing costs.
For details, visit www.asg.com/mediacenter/ or call +44 (0) 1727 736300 FLEXIBILITY Flexibility •
VISIBILITY Visibility •
vital Inspiration for the modern business
vital Inspiration for the modern business Volume 4 : Issue 3 : January / February 2011
Contents 6 News ThE VitAL COVEr STOry
10 so you want to become more entrepreneurial? rIChArd grAfTON It’s never been more important to have a business focus. Richard Grafton, partner at Andrum Consulting, explores how IT teams can unleash their ‘inner Branson’ and become more business focused and entrepreneurial.
The human factor Cyber-crime targets the individual
Striking a balance getting the work/life equation right
entrepreneurial it unleashing your business potential
VitAL SIgNS – LIfE IN A wOrLd wITh IT
fEATurE fOCuS: CONTrOLLINg ThE COMpLEXITy: 22-25
13 rover the old dog buries bones editor Matthew Bailey email@example.com Tel: +44 (0)203 056 4599 To advertise contact: Grant Farrell firstname.lastname@example.org Tel: +44 (0)203 056 4598 Production & Design Toni Barrington email@example.com Dean Cook firstname.lastname@example.org editorial & Advertising enquiries Tel: Fax: email: web:
+44 (0) 870 863 6930 +44 (0) 870 085 8837 email@example.com www.vital-mag.net
Printed by Pensord, Tram Road, Pontllanfraith, Blackwood. nP12 2yA © 2010 31 Media Limited. All rights reserved. VitAL Magazine is edited, designed, and published by 31 Media Limited. no part of VitAL Magazine may be reproduced, transmitted, stored electronically, distributed, or copied, in whole or part without the prior written consent of the publisher. A reprint service is available. Opinions expressed in this journal do not necessarily reflect those of the editor or VitAL Magazine or its publisher, 31 Media Limited. Issn 1755-6465 Published by:
STEVE whITE This issue Steve White is concerned with the knowledge management chasm.
14 Personalisation: it’s all about me rOBIN TApp A key point in successfully planning and implementing desktop virtualisation is to recognise that it is personal: both to individual users and to each unique business. Robin Tapp shares recent research findings on what to consider when going over to virtual desktops.
18 itil still on the agenda despite budget constraints MATT fIShEr uK organisations are still looking to ramp up software audits, licence management and ITIl adoption in the face of the tighter economic constraints according to Matt Fisher.
22 Controlling the complexity MATT BAILEy Imagine being able to control the whole IT estate – in all its complexity with a single tool. Matt Bailey talks to Asg’s Tony Perri about the capabilities of its eAMs solution and a milestone metadata management project at eBay.
26 Vendor-neutral network security MIChAEL MArkuLEC Trusted Computer group member Michael Markulec makes the case for a vendor-neutral network access control solution.
VitAL Magazine, Proud to be the UKCMG’s Official Publication ITIL® is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.s. Patent and Trademark Office.
SuBSCrIBINg TO VitAL MAgAZINE VitAL Magazine is published six times per year for directors, department heads, and managers who are looking to improve the impact that IT implementation has on their customers and business. For a free annual subscription to VitAL Magazine please visit: www.vital-mag.net/subscribe January / February 2011 : VitAL 3
Contents VitAL drIVE – IT hITS ThE fAIrwAy
30 is your organisation ready for a cyber fight?
47 beware of viewers with access to email
IAIN ChIdgEy As a new decade dawns and the ongoing war against a range of cyber threats hots up, Iain Chidgey says it’s time to man the trenches.
34 Modernising legacy applications MArk hAyNIE When it comes to modernising legacy applications there may well be a lot to be said for some of the old-school approaches still out there. CoBol in the cloud isn’t pie in the sky, according to Mark Haynie.
VitAL EyES ON
35 Champagne broadband on a lemonade budget? JONAThAN wESTLAkE have you noticed the flurry of noise about the uK’s broadband infrastructure future and investment plans? In the current climate of spending cuts and general unrest the contrast is marked. Jonathan Westlake reports.
gErAINT LEwIS even angry viewers with an email account can influence the outcome of prestigious golf tournaments according to PgA IT manager Geraint Lewis.
48 stupid web tricks dAVE whALEN everyone and their aunty has a flashy web site these days, but us-based web designer, developer and ‘software entomologist’ Dave Whalen has a few problems with some of them... Beware, may contain sarcasm.
50 the human factor gIrI SIVANESEN With attacks by hackers on businesses increasingly being committed with a similar modus operandi to corporate espionage carried out by foreign states and state-sponsored attackers and targeting individuals, Giri Sivanesen says it’s time to employ some counter-espionage.
54 special delivery MATT BAILEy In the last two issues, Rosemary Gurney has looked at the transition from ITIl v2 to v3 and why service management is crucial to the modern IT business. In the final part of her series she looks at how and what ITIl actually delivers.
36 a three point plan for more cost effective it service management pATrICk BOLgEr The recession gives IT managers the perfect opportunity to improve the perception and standing of IT. Patrick Bolger shares his three-point plan for using IT service Management to deliver quick wins that support the business in today’s challenging economic times.
38 and a helpy new year!
56 leading the fight against climate change
NOEL BruTON It’s the time of year to set your goals and make those resolutions according to noel Bruton.
40 lurking latent crocodiles
wAyNE ShArpE has the world cooled on the subject of global warming? With the global economy in turmoil, many are starting to think so. Wayne Sharpe reports on the status of global carbon trading.
58 Power management for all MArk MCgINN The news that PC power Management is now available for small and medium businesses via cloud computing will finally see sMes able to reduce their carbon footprint by powering down automatically according to Mark McGinn.
STEVE whITE Will the relaxing of change freezes, usually introduced during a holiday or peak period, bring out lurking latent crocodiles in your IT infrastructure? Steve White gives practical advice on how IT gazelles can avoid a potentially nasty end in the mouth of a lurking latent croc.
44 striking a work life balance ShAuN ThOMSON senior IT businessmen and women should be prepared to work long and sometimes erratic hours, and maintaining a tolerable, let alone healthy work/life balance, can be taxing but it’s not impossible according to Shaun Thomson. www.vital-mag.net
64 secret of my success Andrew Byrom, support services manager, ICT services at leeds City Council has worked in IT since leaving school, 22 years ago. here he tells us the secret of his success in the public sector and beyond. January / February 2011 : VitAL 5
Cost cutting will be the biggest influence on IT decisions in 2011 T
he results of a survey of IT professionals in the public sector has highlighted that the trend toward cloud and virtualisation technologies will be driven by increasing need for efficiency and cost cutting. Cloud-hosted applications and services are now being widely considered across public sector organisations, with 57 percent of respondents evaluating these approaches. The economic climate is one of the drivers behind these results, with 66 percent of respondents stating the biggest influence on their IT decision making over the next year will be the need to increase efficiency and reduce costs. Only 22 per cent have actually deployed cloud technologies. Virtualisation solutions have proved to be popular with public sector organisations with 67 percent of respondents deploying server virtualisation to reduce their IT costs and consolidate physical hardware. Other virtualisation technologies are also
being looked at: a further 28 percent of respondents are deploying application or desktop virtualisation, and a combined 49 percent are evaluating these technologies. Responding to the survey, Guy Beaudin, public sector business development director at Insight commented: “Based on this survey, the downturn is having a maintained effect on many organisations and their approach to
IT spending. Organisations are considering their approach to how they source their IT requirements more carefully, and approaches based on cloud-hosted applications or shared services models are being implemented to meet the challenges of reduced budgets. The report by Philip Green into public sector procurement shows that how services and IT assets are bought can vary wildly depending on the approach taken. From this survey, the process of looking at procurement methods is already well underway within public sector IT functions.” The impact of reduced or static IT budgets is also being seen in how future IT projects are being planned. When asked, ‘How are you likely to approach your IT projects over the next 12-18 months?’ 40 percent of respondents stated they will be undertaking bite-sized projects that deliver value quickly, and 20 percent said they will hold to any new investment, and instead focus on optimising their existing infrastructure instead.
CEOs embrace the cloud for enterprise communications
survey conducted by Interactive Intelligence revealed that UK c-level executives recognise the advantages of moving their business communications applications to the cloud – with 64 percent having already deployed or looking to implement a cloud-based solution within the next five years. This innovation has been recognised most in the manufacturing and retail, distribution and transport sectors with 76 percent of respondents. The survey reinforces the prediction made earlier in the year by analyst firm Gartner that 20 percent of businesses will own no IT assets by 2012. One of the key trends driving this is the increase in cloud-enabled services signifying a major shift throughout the IT industry. The CEOs taking part in the research said that one of the biggest benefits of cloud-based communications would be the speed of adding new functionality
and features without disruption to the business. Cost savings are still high on the agenda as 52 percent of those surveyed said the biggest advantage of cloud computing would be the drop in capital equipment expense and the reduction in internal IT department resources. Richard Snow, vice president and head of contact centre research at Ventana Research, commented: “Companies are right to recognise the advantages of moving systems to the cloud which are reduced up-front costs, faster implementation and increased flexibility. However, if you take a look at the bigger picture, it’s all about innovation. With these types of cloud-based solutions, companies can actually innovate in the way they communicate with the outside world and to their customers, creating a whole new way of conducting business.” Dave Paulding, regional sales director UK, ME & Africa at Interactive Intelligence, added:
6 VitAL : January / February 2010
“The message is clear, adoption rates will continue to rise as the benefits of cloud-based communications or as we like to call it, Communications-as-aService (CaaS) become more obvious to business leaders. CaaS is the fastest growing part of our business and we think we are seeing this acceleration because people have realised the benefits of moving other computing and software to the cloud, so the next logical step is to consider their business communications systems.” Findings from the survey suggest that security issues and lack of control are the biggest barriers for CEOs to migrate internal applications and services to public
clouds, particularly in the financial services sector with 68 percent of respondents within this industry concerned about privacy issues. “There are some distinct ways of mitigating security risks,” says Paulding. “At Interactive Intelligence, everything is housed in a 24x7 monitored data centre and we provide an option to allow voice traffic and voice recordings to remain inside a customer’s own network and firewall. In addition, each customer is supplied with an isolated environment where their software is running on a virtual machine. This approach to cloudbased communications provides the control, security and flexibility of a premise-based solution,” concludes Paulding.
Business at risk from self-appointed IT experts
n independent study commissioned by Informatica Corporation has shed light on the increasing rise of UK business employees taking on the roll of ‘IT do it yourself’ expert’ in a bid to accelerate access to company data that they need to do their jobs. The digital universe continues to grow year on year, according to a recent IDC report, which notes a growth of 62 percent in 2009 alone. Frustrated employees are taking matters into their own hands by making use of online applications and cloud computing services to manage the information they need more efficiently. As a result, IT departments are drowning under a tidal wave of data as new applications and software flood into the company infrastructure. If this is not addressed, then as businesses plan for 2011 the tug of war over who owns what will see business-critical information overlooked and opportunities to generate additional revenue missed. A surprising 39 percent of sales and marketing professionals cited a sluggish response from IT to their data requests as the main reason for buying their own
software. As a result, business employees are increasingly taking matters into their own hands to manage the data they need, leaving IT departments out in the cold. Employees are by-passing IT departments to become ‘IT experts’ in their own right, using the online tools available to them to achieve quicker access to the information that they need. “The rise of new models such as cloud computing will create a headache for IT departments if they are not integrated in an overall IT strategy. Business users now think it should take hours not weeks to implement new technologies. When they perceive IT to be behind the curve, they’re going off under their own steam and purchasing software without realising the implications this has on their company. In 2011, without closer alignment between IT and the business, IT will only fragment further creating blind spots that pose serious security, regulatory and financial risks,” said Mark Seager, vice president technology EMEA, Informatica. Highlighting the considerable friction between IT departments and business employees, the research found that over half of IT managers believe that control over
company databases should reside with the IT department. By contrast, 56 percent of business users believe ownership should fall directly with employees. These conflicting opinions result in a fragmentation of company data. As the matter of ownership reveals a disconnect, so too does the way they prioritise management of the data, with 76 percent of business users valuing accuracy in contrast to 57 percent of IT managers who believe speed of access to data is most important. “Despite ongoing industry discussion around the huge challenge that businesses face today to house more and more data effectively, this research reveals that many businesses have some way to go to fully align business and IT. In order to effectively bridge this gulf, a process of education is required, to ensure that all members of an organisation are working to the same priorities when it comes to managing such a valuable business asset,” said Seager. “In order for businesses to continue to drive efficiencies and remain competitive in 2011, the issue of business and IT alignment has to be resolved.”
Organisations struggle to cope with IT complexity
he rising complexity of combining physical, virtual and cloud environments is making it increasingly hard for UK IT directors to deliver operational effectiveness according to new research by Novell. Consequently, 90 percent of UK IT directors believe they need a more automated, policy-driven approach to workload management in order to be more operationally effective and efficient. The challenge facing UK IT directors is expected to increase further over the next twelve months as a fifth of organisations are expected to introduce public cloud into their existing IT environments. According to Novell, IT directors are struggling to securely build, manage and measure their physical, virtual and private cloud infrastructures already and the introduction of public cloud will only exacerbate the problem. The research reveals that 50 percent of respondents are finding it hard to measure and manage their IT infrastructures, while over a third cannot build workloads or recognise incident patterns. With over three quarters (78 percent) of respondents claiming that their physical, virtual and cloud infrastructure adds complexity in delivering www.vital-mag.net
operational effectiveness, it is no surprise that 93 percent believe it is important or critical to integrate software appliances, virtualisation, workloads and identity management to more effectively manage these increasingly complex infrastructures. To address these challenges, organisations must put more intelligence into their computing resources according to Novell. As a result, IT decision makers should consider adopting an intelligent workload management (IWM) approach to their IT environment. With IWM, enterprises will be able to develop a flexible and agile IT infrastructure, make the most of cost-effective virtualisation and cloud computing technologies, maintain control and security across all computing environments, and provide a high performing computing experience for all end users. Bob Tarzey, analyst and director, Quocirca commented, “Computing infrastructure today needs to be versatile to adapt to changeable business requirements. However, if that versatility is poorly managed, costs can be driven up through misuse of capacity, risk introduced through inadequate security and value lost through sub-optimal performance of workloads. This is especially true as public cloud infrastructure is increasingly used to supplement internal resources. Intelligent workload management tools help resolve these problems.” According to the research, in the next 12 months 88 percent of corporate IT infrastructures will include virtual machines, 44 percent will have private cloud services and 19 percent will have public cloud services. However, the manufacturing industry is a cloud computing laggard compared with other sectors. Just 36 percent will have private cloud services (compared with the average of 44 percent) and only eight percent will have public cloud services (compared with the average of 19 percent) as part of their corporate IT infrastructures in the next year. January / February 2011 : VitAL 7
ITIL adoption remains a priority despite budget restrictions A
third of organisations are now looking to adopt ITIL, despite ongoing budget constraints according to a survey of 258 enterprises from government, health, retail and financial services in the UK and the US. Enterprises, which rely heavily on their IT Asset Management, are still struggling to invest in better management of software and hardware assets. Nearly two thirds of respondents (62 percent) cited budget constraints as the main barrier to this investment, despite the alleged end of the recession. Almost a third (31 percent) held up existing embedded asset management, while one in four (23 percent) pinpointed resource constraints as a barrier. However, despite the obvious obstacles that still stand in the way of IT departments’ development, enterprises are still committed to evolving their infrastructures. A third of all surveyed have said they are now looking to adopt ITIL. In the UK, this figure rises to over half (52 percent). This demonstrates that
organisations are looking to ramp up their own software audits and license management – both of which are key to achieving ITIL. Matt Fisher, director at the research’s sponsor, FrontRange Solutions, said: “Despite the worst of the recession being allegedly behind us, it isn’t too surprising to see companies not suddenly pour substantial investment into their IT function. However, it is encouraging to see businesses across the globe are looking to safeguard their IT assets with their drive towards ITIL. These organisations should be further encouraged by the recent SIRB research which revealed that they can save as much as 20 percent of their current software spend by investing in software asset management. Naturally this doesn’t eliminate all up-front investment, but it does strengthen the business case for making a short-term investment to deliver equally fast returns.” When asked more details about their IT asset management strategies, 70 percent highlighted
Cloud, collaboration and consolidation to be the key features of 2011
he IT landscape is evolving and expanding at an exponential rate. At the start of the New Year and with looking forward into a new decade, Sean McCarry, country manager UK at Novell, outlines his technology predictions that will affect the IT world in 2011, stating that cloud computing, collaboration and consolidation to be the key features of 2011. “In 2011 there will be three key trends affecting the UK technology industry,” claims McCarry. “Firstly, the face of software will change substantially, with the migration to the cloud quickly moving from hype to business and investment reality. This new service delivery platform will give birth to an entirely new ecosystem and the opportunity to be an industry leader of the future is there for the taking. “Secondly, as social collaboration tools enter the enterprise, there will be a growing need for organisations to deploy these solutions effectively and securely. When selecting these new technologies organisations must 8 VitAL : January / February 2010
make sure they go for solutions that will deliver measurable business benefit. “Thirdly, we will see an increase in the uptake of Linux and open source solutions as customers consolidate distributed workloads, reduce downtime, condense data centre complexity and increase operating flexibility. Following the cautious spending of 2010, one of the key trends for 2011 will be ‘less is more’. Those playing in the IT industry will be keen to consolidate their investments, focus and support requirements. It will, therefore, be vital for organisations to understand how cost, complexity and confidence influence these decisions.”
visibility and control of IT assets as the main benefit, suggesting that businesses need to be able to call on all information from within their IT assets and demonstrate compliance, should they face any kind of audit. Over half of businesses also cite how an IT asset management strategy can improve utilisation of assets (57 percent) and reduce software and hardware costs (54 percent). The organisations were also asked about responsibility for hardware asset tracking in their organisation. Nearly one in five (18 percent) confirmed that this fell to the network manager and not the CTO or IT Director. Matt Fisher concluded: “We were quite surprised by this result. IT is the backbone of global enterprises, meaning that hardware asset tracking should be a senior responsibility. The risks of getting it wrong are sufficiently high enough to mean that it definitively should not be delegated too far.” (see p18 for the full story)
ICO imposes first fines for DPA breaches
he Information Commissioner’s Office (ICO) has imposed the first financial penalties since gaining increased powers to fine organisations up to £500,000 for breaches of the Data Protection Act. Hertfordshire County Council has been fined £100,000 for breaching the Act twice in two weeks for faxing the details of a child abuse and then a child protection case to the wrong recipients. In the first incident, the council had to seek a court injunction to prevent a member of the public from disclosing details of the case. A4e, a private company with 3,100 employees that helps unemployed people to retrain, has been fined £60,000 for losing a laptop containing the unencrypted details of 24,000 people. The records included names, income level, post codes, dates of birth and criminal record checks. Ed Macnair, CEO of Overtis, a provider of user activity management software commented, “At first glance this looks like the ICO has real teeth. However, in the case of the stolen laptop, the penalty is less than £3 for each lost record. When you consider the fact that A4e is a £145 million company, the breach has had a higher impact on the 24,000 individuals whose confidential information has been lost. “Similarly, this council had clearly not learned from the first devastating security breach and continued to use the same insecure channel for sharing highly sensitive information. The technology is there to prevent information from being stored in unencrypted format and to tightly control the faxing, sending and printing of confidential information. Let’s hope that the ICO’s action encourages other organizations to urgently review their policies and procedures”. www.vital-mag.net
to a new level
of Service Management Believe the hype. The much anticipated ITSM Enterprise and Service Catalog solutions have arrived, but there is much more to come. Launching soon is a revolutionary service management solution to be showcased at this year’s SDITS on the 19 & 20 April 2011. Don’t just take our word for it, ITSM Enterprise and many more inspiring products will be at the show, come and see for yourself… Can’t wait…visit www.frontrange.com/stepup2SM
step up to… FrontRange Solutions, Benyon House, Newbury Business Park, Newbury, Berkshire RG14 2PZ Tel: 01635 516700. Twitter: frontrangesols
TO FIND OUT MORE GO TO
OR VISIT US AT SERVICE DESK & IT SUPPORT SHOW
So you want to become more entrepreneurial? It’s never been more important to have a business focus. Richard Grafton Grafton, partner at Andrum Consulting, explores how IT teams can unleash their ‘inner Branson’ and become more business focused and entrepreneurial.
10 VitAL : January / February 2011
T teams often unfairly get a lot of bad press. We have certainly come across a wide range of IT team structures and abilities in the organisations we have dealt with over the years. The good ones make themselves an integral part of the business and its longterm future. On the other hand we probably all know IT teams who are out on a limb, and have little engagement with the rest of the business. So what it is that sets the best ones apart? There’s been a great deal written about building effective teams and I don’t intend to go into any detail here other than as a reminder that without the following your team will probably struggle to deliver: • A clear unity of purpose and direction and leadership with a focus on how to get the job done; • Clear and demanding goals; • Decisions that result from healthy discussion, disagreement and constructive criticism but ultimately broad consensus; • A working atmosphere based on everyone pulling their weight, being accountable to each other and participating in a free and open way; • An understanding of each team member’s strengths and working style and a mutually agreed approach to working together. However, I want to get beyond this to how you can develop your team into a more business-like unit that demonstrates some entrepreneurial flair. First off, what do we actually mean by being more entrepreneurial?
Entrepreneurial, how? There are various definitions of ‘entrepreneurial’ but we like to think of it as ‘undertaking an enterprise while accepting the risks and responsibility for the outcome’. We work with a wide range of entrepreneurs and entrepreneurial businesses and in many ways this definition can apply as much to an IT team within an enterprise as it can to someone starting their own business. It’s the risk and responsibility thing that’s the common thread. Now some would argue that being entrepreneurial is what they do every day in their job but for IT teams that’s not necessarily always the case. And whether you believe entrepreneurs are born or made (and the debate rages on with little consensus) the truth is there are some traits you are born www.vital-mag.net
with and there are some things you can learn. So, can you just flick a switch and suddenly turn yourself into the next Richard Branson? Well, probably not but perhaps if we look at the typical business skills and entrepreneurial traits we come across, you can certainly decide what you already have and what you and your team need to develop.
Business skills Be clear about your entrepreneurial objectives as a team – what’s the driving force behind wanting to be more involved with the business and what practical activities can you put in place to make that happen? Understand the whole picture – where does the IT team fit into the rest of the organisation and what do those other functions actually do? Why not arrange to shadow people in other departments and arrange for them to shadow you back. Get heard – seek representation in relevant meetings – not meetings for the sake of it but those where longer term strategy is being discussed where you can contribute positively and make your presence felt. Learn new skills – it’s not just about going to business school (though this can be very useful) but also about learning from other people with hands on experience. Who do you know who could give you half an hour of their time to act as your mentor? Really understand the numbers – you don’t need to be a qualified accountant but you do need to develop a good eye for the business numbers and the key things to measure and control. A good IT team has the technical expertise to deliver against any functional requirements but a great one will understand how what it does impacts the profitability of the business and will look at ways to improve margins.
Entrepreneurial traits As well as brushing up and expanding your business skills it’s useful to take a look at some of the behavioural traits that successful entrepreneurs display and to consider which ones are relevant to you and your team. It’s true we can’t really change who we are but it is possible to adapt your behaviour to the needs of your role and the organisation. Learn to think on your feet: you don’t have to be the smartest person in the business but you
There are various definitions of ‘entrepreneurial’ but we like to think of it as ‘undertaking an enterprise while accepting the risks and responsibility for the outcome’. We work with a wide range of entrepreneurs and entrepreneurial businesses and in many ways this definition can apply as much to an IT team within an enterprise as it can to someone starting their own business. It’s the risk and responsibility thing that’s the common thread.
January / February 2011 : VitAL 11
do need to be able to make quick decisions under pressure. objective decision making – many successful entrepreneurs may seem to shoot from the hip with their ideas but behind the scenes they make sure they remain objective when it comes to making decisions. yes you have to take calculated risks but successful entrepreneurs are not gamblers and they base their decisions on hard evidence as well as intuition and experience. Passion: a much overused word but quite simply if you don’t love (not just like) what you do then you won’t find the energy and drive to sell that idea to others and to carry it through when the going gets tough. Creativity: whether you consider yourself a creative person or not, entrepreneurs are always looking for new opportunities and new ways to do things. That takes an open mind and an inquisitive approach plus it takes the right environment to get creative, so sometimes a change of location can work wonders or even some outside facilitation. Finding opportunities is about challenging the norm and looking for alternatives. Asking the right questions and probing until you get the right answer is a key part of that approach. Positive attitude: it can be hard work selling your idea and overcoming barriers but it is essential if you want to engage with other parts of the business. successful entrepreneurs bring a positive attitude with them into every situation, generally built on an innate self confidence and self belief. Juggle the creative mindset and the technical mindset: the bad news is you need to be able to do both, often at the same time, and it can be hard to deal with this internal struggle. One way is to try to keep creative meetings separate from technical meetings. avoid procrastination: develop an appetite for action and it will infect those around you, not just in your team. ever been in a meeting where it ends with ‘we really must do something about that’? The entrepreneurial spirit makes sure that actions are agreed and people are accountable. be a self starter: yes most of us need and benefit from some direction – at the very least to affirm our motivation and make sure we are heading towards the right goals. But increasingly people need to drive themselves and never more so than when trying to push new initiatives through an organisation. trial and error: entrepreneurs try lots of things 12 VitAL : January / February 2011
and learn by their mistakes. It still hurts to fail but those lessons form the foundations of the next opportunity. There’s an argument that IT development work usually involves an element of trial and error but overall if your first initiative hasn’t worked don’t be put off. Learn the lessons, show everyone you have and move on to your next project. break old habits: don’t just look at ways of challenging how other people do things – remember to challenge yourself too. And to challenge the way your team operates – ask yourself whether the way your team is working needs an overhaul. on a personal level, make the effort to learn more about yourself: maybe start using a coach or mentor to get objective feedback (your friends and family usually won’t give it to you!). Personality assessments can also help to give you further insight (and into the other members of your team). be authentic: much has been written about the idea of authenticity but being true to yourself and understanding what makes you tick is a key aspect of effective teams. Making your authenticity relevant to the needs of your enterprise or organisation is another matter. entrepreneurial people understand this and also have the judgement to know when not wear their heart on their sleeve and how not to let their ego overtake their authenticity –– a tricky balance! And know what you are good at: be honest with yourself, and build a team around you that complements your capabilities. Ask yourself and people who know you well – what are you the ‘go to’ person for in your team and organisation.
risk and responsibility The rewards can be great, but becoming more entrepreneurial as a team involves more risk and more responsibility, and only you can decide how much of that you want to take on. And as a final thought remember none of this can happen if the organisation itself isn’t prepared for IT to change. ‘Does the IT function have board representation?’ ‘How much does it feature in the overall business strategy?’ your answers to these questions will show whether your company is truly serious about having a more business-focused IT department or whether, like so many of Lord sugar’s wannabees, it can’t walk the talk! VitAL www.andrum.co.uk www.vital-mag.net
Vital signs: LIFe In THe wORLD wITH IT
Rover the old dog buries bones There’s an argument that IT development Steve White is concerned with the knowledge management chasm...
work usually involves an element of trial and error but overall if your first initiative hasn’t worked don’t be put off. Learn the lessons, show everyone you have and move on to your next project.
noWledge eXPloITATIon matters to a support organisation, because as a business you’ve paid for it to be generated, and reuse and utilisation falls directly to the bottom line. so the strategic direction is clear. The implementation problems fall short of the strategy in a number of ways. Many attempts I’ve seen to get senior engineers to share their knowledge seem to stumble – sure they might write knowledge articles under duress, but some make it hard for anyone to find their article (in one client the senior engineers added codes to the text so they could find their own articles and no one else could – they hit their ‘write knowledge articles’ target, and gleefully buried the data). Junior engineers seem to be more willing to share their knowledge – I wonder if there is a cultural information sharing gap? For senior engineers, knowledge is power. They grew up in a ZX80, Commodore PeT, VAX, Rediffusion world where the secret code to bootstrap the computer was entered by switches and loaded byte by byte into memory. when more advanced computers were switched on they offered a blinking green square, effectively asking ‘what?’ and they needed to be instructed on what to do. The repetitive and logical complexity of computing naturally attracted certain personality preferences, and in Jungian terms, the ‘sensing Thinkers’ (mostly men) built the computing world in their image, and did not write it down. The junior engineers of today opened their eyes on a technology world where computers booted themselves into a user interface, and offered things to do straight away. windows and the applications didn’t work as expected, so they turned to the Internet and found the answers through knowledge reuse. They have directly benefitted from knowledge management.
There is a difference in the way these two groups relate to the technology. I’m 43 and I regret that I don’t have a computer that I can give my kids and say ‘I want to be able to shoot down a horizontally travelling dash with a vertically travelling caret by firing with the space bar the end of next week, oh, and you only have 1K to do it in. you’re smart, think of programming as playing a video game, you can figure it out’. what’s the offspring learning by destroying electronic lego? There is a difference in the stock of people now supporting technology – they are no longer all sensing thinkers. Growing up with the Internet, forums, search engines, IT that is frustratingly fragile and lovely applications that don’t quite work as expected has changed the computing audience. The support organisation of today has communication preferences from across the Jungian landscape, users of community knowledge who are willing to contribute to the pool of knowledge, just because it’s the way it’s done. what is to be done about the old dogs? The knowledge in their heads makes them valuable, we need them to continue to crest the bleeding edge of diagnostic techniques, proactive problem management and get them to write their knowledge down. Perhaps a first step might be to help them understand how the world has changed at a deeper level than ‘write more knowledge’. VitAL
January / February 2011 : VitAL 13
Personalisation: Itâ€™s all about me virtualisation offers the opportunity to reduce costs and improve flexibility for businesses of all sizes. A key point in successfully planning and implementing desktop virtualisation is to recognise that it is personal: both to individual users and to each unique business. Robin Tapp of Molten Technologies shares recent research findings and their view on considerations when going over to virtual desktops.
14 VitAL : January / February 2011
esktop virtualisation has attracted a lot of attention from businesses that are flush with success from their server virtualisation projects. These organisations are looking to achieve lower management costs and greater agility around providing desktop services to their users. This is rarely straightforward: while the technology exists to provide a virtual desktop to a user, how this is built and what it delivers remains challenging (and rewarding) to get right. However, the demand within businesses for greater agility means that desktop virtualisation continues to be high on the agenda. Recent research we conducted showed that the biggest influence on end user computing strategy within organisations is this quest for business agility, along with providing tighter security and the need for cost control.
Unique users In order to meet these requirements, virtual desktops are a key part of the consideration set in an end user computing strategy. Our research and experience highlighted a number of considerations to make any virtual desktop project a success. Firstly, desktop virtualisation is not straightforward. Within each unique organisation there are many unique users, all of whom will have requirements that change and evolve over time. This needs a different mindset to server virtualisation. The process of going virtual with your desktops takes longer and is more complex than virtualising servers. Secondly, the method for how desktops are used within the organisation is changing. Business value is increasingly derived from the talent and unique functions that an organisation has at its disposal. A smart fitfor-purpose desktop virtualisation strategy www.vital-mag.net
is an opportunity to provide your key people assets with greater flexibility in how they can be productive, resulting in better business agility. Rather than thinking about how to make everyone the same to fit a technology solution, the aim should be to support how people can work at their best first, and then fit the delivery of services to them using the technology available. This is an opportunity to create a user-driven and business logic driven solution.
The demand within businesses for greater agility means that desktop virtualisation continues to be high
Different strokes for different folks
on the agenda. Recent
In the research we carried out, there were real differences in the prioritisation of desktop strategy drivers by organisational size and industry. This led us to some conclusions that aren’t rocket science – but are useful to consider. Larger businesses were found to be focusing on increasing their business agility. Smaller companies are concentrating on the people and resource factors around the desktop, such as working flexibility and managing upgrades. This difference in priorities reflects both how far along the IT curve the companies were, but also the levels of IT skills that currently exist within those companies. Effectively it was the age-old ‘grass is greener’ perspective, with each business looking for a solution to strengthen perceived organisational weaknesses. For smaller companies, they see the solidity and robustness of big company IT strategies as something to aspire to; on the other hand, IT professionals within large organisations are often only responsible for small areas of the whole stack, which makes it difficult for them to effect real change. When IT decision makers from different industries rated their desktop strategy
research we conducted showed that the biggest influence on end user computing strategy within organisations is this quest for business agility, along with providing tighter security and the need for cost control.
January / February 2011 : VitAL 15
influences, the need for increased agility outranked the need to rationalise costs for finance organisations, with 52 percent of those companies in that market ranking this as their first priority. This was a difference to the other industries covered â€“ for example, cost reduction was the major driver for manufacturers. when asked what support organisations are looking for in a desktop virtualisation partner their priorities were again driven by the frameworks they use in their business. For example, manufacturing gave a higher priority to cost and the clarity of the design for the solution. This was as expected, as companies in the manufacturing sector have tended to focus on cost reduction strategies first and foremost as part of their wider business strategies. By contrast, for the finance sector, the main requirement was for understanding
of their specific business needs, and how technology could be applied to meet these goals. This ties in with the development of IT within finance companies as they are looking to exploit technology to support competitive advantage.
the personal touch while the management of desktops may not be the biggest part of an overall IT function, it affects every single person using a computer in the business. while the CIO may think of desktops as hundreds or thousands of beige boxes that have to be managed, each individual user will see their own PC as an extension of their work environment and unique to them. The desktop is effectively the pointy end where both IT and the business-users meet. It is not just about business needs â€“ it is personal too.
Over the years, there has been much talk about the integration of business and IT. For example, our research found that 96 percent of respondents believed IT needed to be more business savvy. we have found desktop virtualisation can be a catalyst for this shift in thinking within an organisation. This can be uncomfortable as it may be new territory for both the IT and business sides, but also represents a great opportunity to consider how to best deliver cost savings, increased security and agility from both perspectives.
Changing the delivery model for the desktop The next step for companies is not only to think about general IT requirements, but also the delivery mechanism for how these needs are met. we are already seeing a transition within pioneering IT organisations towards the development of IT-as-a-service environments.
Rather than thinking about how to make everyone the same to fit a technology solution, the aim should be to support how people can work at their best first, and then fit the delivery of services to them using the technology available. This is an opportunity to create a user-driven and business logic driven solution.
16 VitAL : January / February 2011
At the desktop, the delivery of services to the end user is a prime example of how new IT models can be adopted to reduce costs and improve user experience. Virtual desktop computing models are enabling IT organisations to move away from the static PC model, giving enterprises the ability to run their end-user computing environments in a much more dynamic and cost effective way. The Desktops of a Service (DaaS) model is based on the cloud computing principle of taking away the pain of managing hardware and back-end infrastructure, as well as the upfront cost. The desktop is a more complex asset than a single application or server environment, so many businesses choose to keep the management of their desktop assets separate from this underlying infrastructure. Whereas desktop virtualisation is based on the ownership of the infrastructure required to deliver a desktop service, DaaS hands that
infrastructure over to a service provider who then provides this as a service to the customer. At the same time, the business retains the management of its security, applications, user settings and data. This split of responsibilities gives the customer the ability to reduce their management overheads, but it also lets them keep control of the desktop and the user experience. This approach fits enterprise IT requirements, while still delivering the benefits of cloud to the organisation. We believe in DaaS because for many users it is a fit-for-purpose solution with huge flexibility to evolve as the business and users need it in the future. Based on the research that we have carried out, DaaS is part of the wider shift in IT strategy that is seeing greater focus on how IT can provide business differentiation and agility through different delivery models, now and in the future. VitAL www.molten-group.com
We are already seeing a transition within pioneering IT organisations towards the development of IT-as-a-service environments.
January / February 2011 : VitAL 17
ITIL still on the agenda despite budget constraints uK organisations are still looking to ramp up software audits and licence management, according to Matt Fisher, director at Frontrange solutions.
18 VitAL : January / February 2011
espite rumours that the worst of the recession is now behind us, many would still expect organisations to remain hesitant over substantial investment in their IT function. However, it seems that research suggests otherwise. The reality is that enterprises are actually looking beyond the obvious obstacles of costs and resources, to show a stronger commitment to evolving their infrastructures. A recent survey polled over 250 enterprises in the UK and the US and revealed a third of all respondents are now looking to adopt ITIL, despite ongoing budget constraints. In the UK, specifically, this figure rises to over half (52 percent), demonstrating a clear desire to evolve IT management maturity and deliver greater value back to the business. But despite this enthusiasm, many organisations are still struggling in related areas of IT operations, such as IT Asset Management. Nearly two thirds of respondents (62 percent) cite budget constraints as the main barrier to this investment, while almost a third (31 percent) blamed existing embedded legacy asset management systems, and one in four (23 percent) pinpointed resource constraints. However, there is encouraging news from research published by the Software Industry Research Board (SIRB), which highlighted that as much as 20 percent of an organisation’s current software spend can be saved by investing in software asset management (SAM) – a major component of IT Asset Management and ITIL. While this naturally doesn’t eliminate all up-front investment, it does strengthen the business case for making a short-term investment to deliver equally fast returns.
The benefits of asset management The study also reinforced the perceived added benefits of SAM. 70 percent of respondents highlighted visibility and control of IT assets www.vital-mag.net
as crucial to ensuring organisations are able to call on all information from within their IT assets and demonstrate compliance, should they face any kind of audit. In addition, over half of businesses questioned cite how an IT asset management strategy can improve utilisation of assets (57 percent) and reduce software and hardware costs (54 percent). While these savings can be significant in their own right, the true value of SAM and ITSM as part of an ITIL strategy can be much broader. The simple fact is that automating many labour-intensive tasks enables IT teams to stop worrying about tracking current assets and instead devote more of their time to proactive IT initiatives that drive a tangible benefit to the end users within the organisation. From a service desk point of view, for example, having a complete component-bycomponent breakdown and software audit of every PC on the network can reduce average help desk call times by 40 percent and on-site engineer visits by 80 percent. While software license compliance has become something of a hot topic, the research found that only a third of respondents saw it as a main benefit to implementing an IT asset management strategy. However, despite this response, it should be noted that companies must not become complacent and let compliance slide during the current fragile economy as the associated fines can be significant. It is difficult to financially recognise ‘cost avoidance’ but it is nonetheless very important.
A recent survey polled over 250 enterprises in the UK and the US and revealed a third of all respondents are now looking to adopt ITIL, despite ongoing budget constraints. In the UK, specifically, this figure rises to over half (52 percent), demonstrating a clear desire to evolve IT management maturity and deliver greater value back to the business.
A startling outcome of the findings revolved around where the responsibility lies for asset management within their respective organisations – nearly one in five (18 percent) confirmed that this fell to the network manager and not the CTO or IT Director. A surprising result, seeing as IT is the backbone of global enterprises. It suggests that asset tracking should be a senior responsibility. The risks of January / February 2011 : VitAL 19
getting it wrong are sufficiently high enough to mean that it definitively should not be delegated too far. This is also echoed in this yearâ€™s UK software Asset Management Maturity report from IDC , which suggested that licence gathering is an important area to address for senior management rather than other IT roles. These findings revealed that 34 percent of those that actually knew their organisationâ€™s status said they were not gathering software licences for reuse when disposing of hardware assets â€“ highlighting the opportunity for organisations to save considerable resources by running regular software licence audits. But as we look forward to the next 12 months, the study actually highlighted that for many organisations, process management and standardising software and upgrades are being considered as key areas to address. This is driven by the fact that many firms will be upgrading to windows 7 in the next year and will therefore need full visibility of current assets to ensure migration is performed quickly and efficiently. IT managers will need to have the tools in place to ascertain what hardware needs memory upgrades. In addition, the ability to use automation as a method to test and deploy the new operating system will also ensure for a cost effective roll-out.
initiatives for 2011
while it is promising to hear organisations are taking ITsM seriously and are realising the advantages of adopting an ITIL approach, it is equally important to ensure that the basics of IT asset management are not neglected.
The research is perhaps a good indicator of some of the key IT initiatives for 2011. while it is promising to hear organisations are taking ITsM seriously and are realising the advantages of adopting an ITIL approach, it is equally important to ensure that the basics of IT asset management are not neglected. Additionally, the research has highlighted the risk of software licence management and ITsM strategy being delegated too far down the enterprise. Both of these are crucial components to a cost-effective and efficient IT department and therefore should be managed accordingly. VitAL www.frontrange.com 20 VitAL : January / February 2011
Desktop Management Software for the Modern IT Support Team
Web-based Incident Management
Remote Access & Desktop Management
With over 20 years experience and a global install base approaching 9,000,000 systems, NetSupport products have a proven reputation in the Service Management industry. Web-based and ITIL compliant, NetSupport ServiceDesk provides your IT support team with the tools needed to pro-actively manage the Incidents, Problems and Change Requests that may be impacting on the availability of your business critical systems.
As the complexity and diversity of systems has evolved, remote control tools have also had to evolve to ensure that a single technology solution can manage and negotiate a wide range of platforms and environments. NetSupport Manager provides a single operator console that delivers a unified approach to the connectivity and management of multi-platform computers, including MAC, Linux and Mobile, across LAN, WAN or the Internet.
Easily integrated into your existing IT Infrastructure, NetSupport ServiceDesk’s intuitive interface and streamlined workflow processes ensure your support team are focused on resolving issues and managing customer expectations. Real-time status reports gauge the effectiveness of how support requests are being managed while your customers can search online for answers before logging a support request as well as check and review the status of their reported incidents.
All of the key elements you would expect from a leading remote control solution are catered for - screen control and recording, the ability to interact with keyboard and mouse, transfer files, log activity to a central point, chat, message and instant request help. What sets NetSupport Manager apart is its ease of use. Real-time visual thumbnails of all connected computers, with the option to dynamically group by platform and operating system, ensures an operator, from a single viewpoint, is able to identify all activity across the environment and pinpoint where assistance is needed.
IT Asset Management
Sometimes you can’t wait for someone to read their emails or check the intranet and sometimes you just need to get your message out there in a hurry!
Providing you with the tools needed to manage the TCO of your IT Assets, NetSupport DNA is a modular solution that delivers best-ofbreed Hardware & Software Inventory and License Management - vital information if purchasing decisions are to be made from an entirely informed position.
NetSupport Notify removes the barriers associated with traditional forms of communication by enabling administrators and technical support teams to deliver attention-grabbing alerts and notifications direct to all or selected desktops across your network within seconds. Whether it’s general news, IT announcements or even security alerts, NetSupport Notify ensures your message can’t get lost in a busy inbox, saved for later or ignored. With its notification gateway component, a single message can be delivered to staff across many sites or locations in a single action, with full delivery/ receipt logging and reporting. Messages can be fully branded to fit with your corporate identity and can include an audible alert for added impact.
Including Application and Internet Metering, Software Distribution and an eco-friendly Energy Monitor component, NetSupport DNA also provides an integrated communication gateway allowing secure interaction with your assets, anywhere, over the internet without the need for a VPN or changes to your existing network or firewall configuration.
For more information and to download a free 30-day trial visit: www.netsupportsoftware.com
Feature sponsored by:
Controlling the complexity Imagine being able to control the whole IT estate – in all its every increasing complexity – using a single visual management suite. This is what Asg is offering with its enterprise Automation Management suite (eAMs) solution. vitAl editor Matt Bailey spoke to Asg vP marketing and communications Tony Perri about the capabilities of eAMs and a milestone metadata management project at eBay.
n ThIs era of ever-increasing complexity, with cloud and private cloud layers now being overlaid onto the traditional IT estate, the concept of a single automated control system for an organisation’s entire suite of IT software and hardware is a powerful idea. According to naples, Florida, UsA-based AsG’s VP marketing and communications, Tony Perri, the company’s enterprise Automation Management suite (eAMs) solutions offer a practical approach to managing the ever-increasing complexity in today’s IT environments. “In a nutshell, we help customers with their IT complexity, and provide a visualisation tool for managing the end-user experience. After all, you can’t manage what you can’t see.” As companies add new platforms, technologies, applications, and people to support delivery of IT and business services, complexity continues to grow. This complexity has led to challenges in accessing the appropriate real-time information to make critical business decisions. Likewise, deployment of new services while trying to proactively manage the quality of existing services can be a challenge. “Our eAMs solutions provide a foundation technology
22 VitAL : January / February 2011
that automates access to critical enterprise information; leveraging data from any automation tool, data store, or application to provide better decision support, avoid costly outages, manage risk, and manage the health of IT and business services,” says Perri.
a visual representation of the it estate If that sounds like a silver bullet solution, the real value is added in the detail: “eAMs is not a typical automation solution,” says Perri. “It concerns the management of information from assets across the IT estate. It extracts this information, stores it and displays it as a visual representation in a dashboard format. It provides a detailed visual representation of your IT environment allowing the user to radically improve the delivery of service to employees and customers. For instance, it allows the IT staff to see when application performance and availability is affected (red, yellow, green indicators) and all the dependencies of that asset to take corrective action before a failure occurs. The result is a proactive approach to service delivery. .” Using the system, a bank’s IT service team, for example, can ensure that when www.vital-mag.net
Feature sponsored by:
staff turn on their PCs, they do exactly what they are meant to according to the service levels agreed. And beyond the company’s own personnel, when a customer uses an ATM or the bank’s online services from their home PC, the system is telling the IT services team the status of the ATM and whether the online service is available and delivering to the agreed-upon service level.
a complex environment “we now have an extremely complex global IT environment with people relying on each other and on their hardware and software systems as never before to deliver their services,” says Perri. “you need some central control system to get an overview and really make sense of this environment. we provide an architecture with connectors. we add a foundation technology that can link to existing or new tools and systems. And even if we don’t have an existing interface, we can create field developed adapters within a day or two which will integrate these tools into our foundation technology.” eAMs provides dashboard views down to switch or point solution asset level where you can click and get detailed status information. you can click on any assets – if it’s a server for example, you can see what service it delivers and which other assets it interacts with, repairing malfunctioning units or re-allocating resources before a failure occurs. “AsG has more than 70 offices worldwide, and our own CIO manages AsG’s complex IT and business environment with a custombuilt eAMs solution that leverages information from both AsG and third-party products,” adds Perri. “By providing a real-time view of how IT is supporting our critical business and IT services, our CIO proactively takes action on issues before they become critical, conducts impact analysis to determine other services that could be affected, and avoids costly outages that could impact the business.”
Metadata management AsG also is an industry leader in metadata management. The core strength of AsG’s offering here is that it preserves the integrity of knowledge assets and promotes software component and object reuse. For mainframe or distributed environments, these AsG solutions simplify metadata utilisation for data warehousing, development www.vital-mag.net
processes, systems, networks, and Business service Management. AsG employed its AsG-Rochade metadata management solution – which it describes as the world’s leading metadata repository – at its client eBay. Rochade is a scalable, strategic, enabling technology that manages information about data and systems across the enterprise. It uncovers complex relationships between information technology assets, facilitating what-if impact/risk analysis and increasing the productivity of business and IT.
Case study: ebay eBay is one of the biggest names in the IT world. At eBay, there are effectively two IT delivery organisations. The corporation has a traditional IT organisation responsible for backoffice transactional management and financial analysis, as well as shareholder reporting, human resources and so on. In addition, a second IT organisation is responsible for the delivery of computing and data resources to support the technology-driven business units. As such, there are two levels of innovation in all areas of the eBay IT organisation. This case study is concerned with the metadata programme initiated in the customer-facing, business delivery unit IT organisation. In the first three quarters of 2009, eBay’s data architecture and modelling team received 600 plus change requests and requests for 14 additional subject areas, resulting in 646 new database tables in the enterprise data warehouse. The eA team determined that a metadata and model management initiative which creates central design repositories and documents critical decisions was one key to assuring a rapid response to continuously updated business needs. As an organisation, eBay exhibited mature IT capabilities in application development, database design and management, web services architectures and the deployment of service-oriented infrastructure. The speed of deployment considerations and the relative independence of the business delivery IT organisation combined to create a fragmented approach to metadata management. As a result, eBay teams were able to accomplish standardised design and delivery approaches using the time-honoured method of manual efforts, team meetings and the personal skills and tenacity of the eA team.
“In a nutshell, we help customers with their IT complexity, and provide a visualisation tool for managing the end-user experience. After all, you can’t manage what you can’t see.”
January / February 2011 : VitAL 23
Feature sponsored by:
“By providing a realtime view of how IT is supporting our critical business and IT services, our CIO proactively takes action on issues before senior management and the eA team were already seeing delays in some deliveries of application functionality to the business units, and further anticipated growing maintenance issues as long as central design standards remained absent. The eA team, along with senior business unit leaders, determined that a principle first step to remedying their immediate needs and mitigating future risks was the initiation of an enterprise metadata project intended to standardise the early design efforts on subsequent projects. eBay’s primary goal was to introduce a metadata management approach to data warehousing and business intelligence (BI) efforts. while the business case was understood, no quantifiable metrics existed to create a justification for deploying a more complete metadata management approach. As a result, members of eBay’s eA team presented the case for their proposed solution to the senior business unit managers, who then assisted in the joint development of the approach. eBay had the advantage of senior business unit managers also being accomplished IT technologists. with the business value anticipated to be high, but as yet unquantified, eA managers determined their overall goals and developed a solution architecture. The eA team at eBay realised that the enterprise data warehouse was the logical 24 VitAL : January / February 2011
focal point of an enterprise metadata project. The warehouse represented the highest concentration of various data domains in the organisation, and one of the highest reuse cases of information assets. Additionally, by focusing on only the data warehouse and the connected BI systems, eBay’s eA team was able to control the overall delivery scope and keep the initial effort appropriately sized. simultaneously, a second team was heavily engaged in the development of data and application processing services under an enterprise services-oriented architecture initiative. while the two teams pursued their metadata efforts separately, a similar solution was designed for both data models and services metadata.
results: eBay deployed a mature metadata/model management process using a tool-enabled flow which linked sybase PowerDesigner with AsG-Rochade. In the new process, all the steps and tasks took place within the tool solution as it was deployed. Modelling exercises have been reduced to hours from days and even weeks. Prior to the metadata project and the resulting metadata management programme, developers in the business units reported that modelling efforts were greatly reduced. Development teams had to identify various documents and models, validating their accuracy,
they become critical, conducts impact analysis to determine other services that could be affected, and avoids costly outages that could impact the business.”
Feature sponsored by:
with its eAMs and metadata management capabilities, AsG now has the ability to provide both a visualisation solution to help manage service delivery and updating the information and then effectively creating a new set of documentation. estimated savings are approximately 25 to 50 percent of absolute savings in effort. Indirectly, eliminating churn in the workflow between tasks and team members was reduced by the enhanced documentation, reducing the modelling and verification process elapsed time on each project by almost 80 percent and allowing eBay to avoid longer change delivery or having to hire additional staff.
lessons learned: Do not confuse tools with methodology. early in the effort, eBay determined that some tools were inadequate to the task and halted efforts. It revisited other contending tools and made the decision to change its metadata repository tool. Initially, the depth of the Rochade tool was confused with requiring an extensive methodology – when in fact metadata management is an extensive methodology. Tools selection is complementary in that it must support methodology and approach – but when tools begin to limit the scope, it is most likely the wrong tool. Leverage vendors’ knowledge of their tools sets and their practice areas. During the project, eBay, sybase and AsG completed an integration of the two vendor toolsets. In the implementation, services were developed which updated the www.vital-mag.net
Rochade repositories with models maintained under PowerDesigner when the check in/out is used in PowerDesigner, without any further import/export needed to update the metadata in Rochade. This was critical because other design tools historically do not have good integration with metadata management tools, and this leads to reluctance from designers and users to maintain the metadata. soft benefits converted to hard metrics after delivery. Many organisations never revisit the soft benefits. Gartner maintains that there is no such thing as a “soft benefit” for metadata. nearly all benefits can be monetised in some way, such as in this case, wherein eBay determined benefits to delivery times and overall staffing commitments.
metadata management to support the integrity of customer data and its governance.
tackling the complexity with its eAMs and metadata management capabilities, AsG now has the ability to provide both a visualisation solution to help manage service delivery and metadata management to support the integrity of customer data and its governance. with the prominence of the cloud growing and threatening to add further layers of functionality to the IT estate, any organisation that is contemplating this complexity with trepidation should assess what these technologies can do to liberate their beleaguered IT teams. VitAL www.asg.com January / February 2011 : VitAL 25
Vendor-neutral network security Michael Markulec Markulec, chief operating officer of lumeta and a member of the Trusted Computing group makes the case for a vendor-neutral network access control solution.
26 VitAL : January / February 2011
etwork access control (NAC) solutions are often deployed with the goal of providing guest access on the network in a way that allows visitors and contractors access to network resources while helping to mitigate the risk these unmanaged devices pose to the security of the network. Further, NAC has been hailed as a way to ensure that all devices currently under management are compliant with network security policy. As the concept of NAC and the technologies used to drive it have matured, security has increasingly been built into the fabric of the network. In fact, many industry researchers and thought leaders, point to the future of NAC being in the form of embedded security.
As this movement continues, there are two major challenges that organisations face as they look to embed security into the network. The first is that the value of proprietary NAC solutions, which saw higher initial adoption, will become questionable because of the changing and heterogeneous nature of networks today. The second challenge in highly dynamic networks is to ensure that NAC policy decisions are being made on the most comprehensive information available.
As the concept of NAC
The problem of single vendor approaches
increasingly been built
Embedded security as a concept defies the proprietary model, as networks are heterogeneous and require security solutions that will offer open architecture and standard interfaces to support components from a variety of vendors. This is particularly true at the large enterprise level, where it is easy to see that although today when a NAC solution is deployed, all devices may be of a certain type. As the business changes, say through an acquisition, it may become necessary to manage security across multiple vendors. In this environment is it clear that a proprietary NAC solution, relying on assessments through proprietary protocols, could not possibly be making decisions based on all of the best available information? A NAC solution that supports an open architecture is then able to assess the new sets of devices, regardless of the vendor or protocols used.
and the technologies used to drive it have matured, security has
into the fabric of the network. In fact, many industry researchers and thought leaders, point to the future of NAC being in the form of embedded security.
Dynamic active access control assessments There is an additional distinction to be made between pre-admission and post-admission NAC solutions, both of which have potential shortcomings. When considering preadmission NAC for instance, today you can have devices that come onto the network in January / February 2011 : VitAL 27
a clean state, but after a user opens a PDF that contains a Trojan, the device suddenly changes state. A strictly pre-admission solution would fall short in this instance. Conversely, post-admission nAC solutions analyse behaviours of users on the network, recognising changes and quarantining or disconnecting the suspect devices. Fully comprehensive network access security, enabled by intelligent policy decisions and dynamic security enforcement, will function on a hybrid model assessing the state of a device prior to its admission, and further actively probing the state of that device while it is connected. In order for organisations to respond in real-time to changes in security posture, or to maintain compliance and ensure continuous network service availability, they require indepth network and security awareness and coordinated defences among deployed networking and security solutions. To support a standardised, dynamic data exchange among a variety of applications, the Trusted Computing Group (TCG), a nonprofit, open industry standards group with members from all aspects of computing and networking, defined an open architecture that enables access control and enforcement of policies for endpoint security. As part of the TnC architecture, the group has developed IF-MAP, a standard interface between the Metadata Access Point and other elements of the TnC architecture. The IF-MAP open standard provides a common language for nAC, dynamic endpoint security, and automated network policy assessment. It allows data on network devices, policies, status, and behaviour to be shared in real28 VitAL : January / February 2011
time. This protocol can be embedded into products and is available free from the TCG.
As the number of IP-
knowing whatâ€™s on the network
connected devices on
when it comes to network security, knowing whatâ€™s on the network and ensuring that only devices which are known, managed and clean are allowed to connect, are critical parts of any security plan. Consider the scenario of a user who tethers her brand-new Blackberry to her laptop, which is connected to the corporate network. Potentially, this user could be connected to another network via her Blackberry and thus would have created a back-door that could be used for infiltration. Unfortunately, most of the nAC solutions on the market are vendor-specific. As the number of IP-connected devices on the network continues to grow exponentially, a vendor-neutral, standards-based nAC solution will become the only comprehensive and sustainable way to embed security and automate policy decision-making. By the time most organisations are considering adopting nAC, they have already invested a significant amount in security tools. Vendor-neutral nAC approaches allow for organisations to further leverage the investments that have already been made, driving more value from the security function. Further, moving toward a nAC solution which bases policy decisions on communications from a host of security tools greatly improves the quality of the basis of that decision making, giving organisations confidence to fully automate those processes, reducing man-hours spent on remediation and log analysis. VitAL www.trustedcomputinggroup.org
the network continues to grow exponentially, a vendor-neutral, standards-based nAC solution will become the only comprehensive and sustainable way to embed security and automate policy decision-making.
Introducing APMG-International’s Change Analyst qualification
Developed in response to market demand for practical, focused qualifications
■ Gain an understanding of the wider implications of Change within ITIL® service delivery, giving you the knowledge and confidence to authorize change initiatives.
■ Learn how to assess the potential benefits, risks, impacts, and costs of proposed changes and get advice on how to get approval to proceed with such changes.
■ Get credits towards your ITIL V3 Expert Qualification.
■ Gain practical knowledge based on industry good practice.
This course and examination is available only through our network of Accredited Training Organisations
This course and examination is available only through our network of Accredited Training Organisations
www.apmg-uk.com www.apmg-international.com Tel: 01494 452 450 Tel: 01494 452 450
Is your organisation ready for a cyber fight? As the ongoing war against a range of cyber threats hots up, Iain Chidgey, general manager, eMeA, Arcsight says itâ€™s time to man the trenches.
30 VitAL : January / February 2011
CCordIng To a recent report by PwC entitled “The Information security Breaches survey,” uK businesses have seen a sharp rise in IT security breaches in the past two years. In fact, despite increased spending on IT security defences, the number of companies attacked has risen from 72 percent in 2008 to 92 percent of large-sized respondents reporting a security incident in the last year, and the cost to business of these attacks has increased by more than that. Arcsight recently commissioned the Ponemon Institute to undertake a study on the cost of cybercrime, which found that the median annualised cost for the 45 Us organisations who participated was $3.8 million per organisation per year, ranging from $1 million to nearly $52 million per year per company. The Ponemon study also found that the most costly cyber crimes were those caused by web attacks, malicious code and malicious insiders, which account for more than 90 percent of all cyber crime costs per organisation on an annual basis. One conclusion you can draw from these survey results is that the traditional approach to IT security is becoming less effective over time. while businesses continue to focus on perimeter and end-point security measures to keep the bad guys out, cyber criminals are changing the game though new types of malware combined with social engineering and insider help.
Malware Advanced malware such as the recent Conficker worm (http://en.wikipedia.org/ wiki/Conficker) use a variety of techniques to penetrate perimeter defences and, once inside, to remain undetected. Disabling autoupdates, re-patching operating systems and applications to re-open vulnerabilities, Dns blocking and shutting down anti-malware applications are just some of the capabilities of these latest generation cyber-threats. Point defence solutions have proven to be ineffective in the early detection of these types of attacks as their view is a narrow one. www.vital-mag.net
Fraudsters are also using sophisticated phishing schemes to steal personal and business information electronically. These attacks might be in the form of an email which looks like it comes from someone you trust, a website that looks legitimate but is not, or though social network interaction such as chat rooms. They could also use this collected information in social engineering schemes targeting company employees and call centres to get others to assist in the fraud process. while education can help here, a focus on ‘putting the customer first’ provides opportunities for compromise where people are involved. Insider threat remains a priority as users with security privileges can bypass many of the controls that are currently in place. This generation of cyber threat is sometimes referred to as Advanced Persistent Threat (APT). The people behind it are no longer geeks working from their bedrooms. They are well organised, well funded and often backed by organised crime and nation-states, and judging by surveys like the ones mentioned above, they are currently winning. so how can we go about defending our organisations?
second perimeter First of all, I’m not implying that existing IT security defences are obsolete. Traditional approaches to security are still required to deal with the majority of attacks but on their own they are no longer sufficient. The corporate mindset should move from a focus on fortifying the defences to a realisation that breaches have occurred and will continue to occur in the future. A second perimeter capability is needed to detect and remediate ever-changing attack vectors, and the answer does not lie solely in technology but with smart technology tied to an enterprise wide-approach to threat detection and remediation. From a technology perspective we need a more holistic view of what is going on in our IT network. In military circles, they call this ‘situational awareness’ and it is a key element in detecting today’s more sophisticated attacks. Many security products focus on one element of the overall picture, whether
One conclusion you can draw from these survey results is that the traditional approach to IT security is becoming less effective over time. while businesses continue to focus on perimeter and endpoint security measures to keep the bad guys out, cyber criminals are changing the game though new types of malware combined with social engineering and insider help.
January / February 2011 : VitAL 31
that is monitoring specific types of hardware assets such as network devices or desktops, specific applications such as mail, or specific information stores such as a customer database. Malicious code that operates in subtle ways across these channels can often remain undetected. It’s only by seeing the overall pattern of behaviour that suspicious patterns emerge. Two key elements involved in detecting these patterns are: event collection/ consolidation and correlation. Event collection may sound like an impossible task but event logs are generated by many IT components today and the technology needed to capture and consolidate those logs has become increasingly commonplace over the past few years. The events recorded in logs provide ‘CCTV’ footage of what is happening across the organisation, and if properly monitored, can alert an enterprise to a cyber threat and risk before it’s too late. Whether it is malware, malicious system users, or contractors, a trail of digital fingerprints is left behind that, if properly analysed, will alert an enterprise to cyber threats and risks before it is too late. Logs continuously paint a picture of what is happening across the network, but businesses need to see that picture to both protect and enable their businesses. Log Management solutions provide the information foundation through the capture, consolidation and centralisation of such log and event information.
Analysis Building on top of this foundation, it is essential to analyse these events across the different channels, which can be done using smart tools to uncover patterns of nefarious activity from the fingerprints contained in the log events. Smart tools can also reduce the volume of security events to a manageable, actionable number and present these to security operations in a prioritised way based on the situational awareness of the assets and business processes involved. A key capability in these tools is correlation – in fact, their analysis ability is directly dependent on the sophistication of their correlation. Correlation can be described as the ability to access, analyse and relate different attributes of events from multiple sources to bring something to the attention of an analyst that would have otherwise gone unnoticed. 32 VitAL : January / February 2011
Correlation introduces a much higher level of efficiency and effectiveness into the security workflow. Given the volume of events being generated in even a modest sized system, it is not practical for analysts to do this work by manual or semi automated means – big data problems require an automated approach. In addition to data volume, we also need to deal with the diverse nature of the data being collected. Using correlation and filtering, smart tools can assimilate millions of events and highlight the handful that represent serious threats requiring immediate attention. This takes us on to the people and processes needed to analyse the intelligence gathered and to respond appropriately.
Operations centre At the heart of a second perimeter defence should be the Security Operations Centre (SOC). While not a new concept, it is the place where tools and dedicated expertise come together to tackle cyber threats over the long term. It needs good people, processes and technology to be effective. On the people side, the requirement is for a multi-disciplined team who together can provide the timely analysis and remediation to protect the availability and integrity of corporate assets. Advanced SOC procedures and best practice implementations exist today, but need wider adoption in both the public and private sectors. Smart tools complete the picture by consolidating logs and other event information from across the enterprise and reducing the volume of security events to a manageable and actionable number that is prioritised based on the situational awareness of the assets and business processes involved. Successful SOC implementations require support from the highest levels of the organisation and an ongoing commitment from a funding perspective. Like any IT project, they face stiff competition from other IT projects where the return on investment is more easily understood, and it may take the fall-out from an internal breach to galvanise thinking and commitment to a SOC implementation. If the PwC and Ponemon research tells us anything, it is that business as usual is no longer a viable strategy when it comes to IT security. VitAL www. arcsight.com
From a technology perspective we need a more holistic view of what is going on in our IT network. In military circles, they call this ‘situational awareness’ and it is a key element in detecting today’s more sophisticated attacks.
supporting your ITSM journey Value
Chaos The journey of service improvement can take the IT organisation from the reactive and technologycentric focus characterised by the ‘chaotic’ helpdesk, to a vision of business-centred services that demonstrate IT value. Supportworks provides the foundation to transform your service organisation, from chaos to value. The Supportworks platform offers a simple upgrade path from basic helpdesk, through your first ‘Bite-Size’ steps in ITIL adoption, to mature ITSM processes that deliver what the business needs. With its unique ‘Human Touch’ features, Supportworks places the customer at the heart of IT Service Management, delivering increased service quality and improved customer satisfaction. Register for the new white paper “Chaos to Value: the IT Service Management Journey” (Part 1: Chaos to Service Focus) www.hornbill.com/journey
“Our SLA rates consistently reach 94%; of the fixes we carry out, 80% of the time we are faster than the published SLA target. Now we receive many ‘thank-yous’ from the business!” Service Desk Manager, Comet Group plc
Tel. +44 (0) 20 8582 8282 | Email firstname.lastname@example.org | www.hornbill.com
Modernising legacy applications When it comes to modernising legacy applications, CoBol in the cloud isn’t pie in the sky, according to Micro Focus CTo of cloud computing, Mark Haynie.
ndersTAndABly, MosT people involved in IT are excited by the prospect of cloud computing, and the roI and efficiencies that it will offer IT departments and business units. Amid this hype, however, little consideration appears yet to have been given to how the cloud will affect the core legacy applications which still run the vast majority of the world’s large organisations. In many cases, these systems have become integral parts of the businesses they represent, having grown with them over the course of a number of decades and become uniquely adapted to their individual needs. The prospect of losing this unique business logic is not an attractive one, but in their current state these applications will not bring CIOs the benefits (such as a shift from capital to operational expenditure) which are promised by the cloud. The solution which many organisations will look to over the coming years, therefore, is migrating these important applications to cloud platforms such as Amazon eC2 or Microsoft Azure. Thankfully, migrating to the cloud does not have to be difficult and this process can be executed without compromising application performance. Here are three initial tips for CIOs and IT workers as they plan to migrate their legacy applications to the cloud.
apps everywhere: where to begin? Today’s IT professionals are managing increasingly complex environments, often containing several different applications running on all sorts of platforms. Before modernising legacy applications and moving them to the cloud, it is important to prioritise 34 VitAL : January / February 2011
which ones urgently need to be modernised and which you would like to be updated. In order to do this, all applications should be charted by the highest business value and highest cost, and then compared to which have the highest impact and best business cases. The applications that are of the utmost importance in terms of value and impact, but also carry a high cost are the ones that should migrate to the cloud first. IT should leverage the Capex to Opex advantages of cloud – the “computing as a utility” data model. Interdepartmental charge-back of computing resources used in timesharing systems for decades is not unlike the cloud pay-as-yougo model. As this charting commences, it is important to remember that the IT department should work with the business to ensure that the technology and app roadmap are on a par with the business and product plans.
Today’s IT professionals
leverage application portfolio management tools
applications and moving
Technically a legacy application is one that could have been written as recently as yesterday – anything from an order processing system through to a PowerPoint application. Most large organisations will be home to a vast number of applications, built up over a period of decades, to such an extent that understanding exactly which systems are continuing to add value to the business and which are redundant is far from straightforward. Application Portfolio Management (APM) tools give CIOs an insight into all of their existing systems, showing cost, performance and other factors which can aid the decisionmaking process. Analysing the entire portfolio will show which applications are
are managing increasingly complex environments, often containing several different applications running on all sorts of platforms. Before modernising legacy
them to the cloud, it is important to prioritise which ones urgently need to be modernised and which you would like to be updated.
Vital eyes on
Champagne broadband on a lemonade budget? have you noticed the flurry of noise about the uK’s broadband infrastructure future and investment plans? In the current climate of spending cuts and general unrest the contrast is marked. Jonathan Westlake reports.
vital to the business, and should therefore be modernised, and which can either be delayed or, in some cases, retired altogether.
bygone applications are not gone Contrary to popular belief, 20-year-old business IT applications written in older languages such as COBOL are in fact perfectly-suited to running in the cloud. At the time these applications were written they supported thousands of users, and on mainframes of the day that were as powerful as today’s smart phones in terms of processing power and memory. The critical success factor for these apps was making sure that they and their frameworks can easily support multi-tenant and multi-user capabilities. scaling of users and transactions has simply multiplied a hundred fold in the time since they were written. That same notion of supporting large amounts of users on less powerful platforms translates to the cloud. The key is to get the platform to support all of those same APIs so applications can move seamlessly into the cloud. with budgets still at a premium, IT departments can ill afford to spend on shiny new technology when they have fully functional applications already at their fingertips. In the current climate, modernising existing IT systems onto cloud platforms, where businesses can then take advantage of more efficient cost structures, makes perfect sense. As adoption increases in the coming years, migration will have an increasingly prominent role to play in taking businesscritical applications to their new home in the cloud. VitAL www.microfocus.com
T Is now commonly accepted worldwide that broadband can be considered as a utility and is just as important as other utility functions. so the subject of broadband matters for the future health of the uK economy and impacts both home user and business alike. The noise all started with the publication of the UK Ofcom 2010 report. The annual international communications report concluded that a tiny percentage (less than one percent) of UK households had super fast broadband. Broadband take up has improved in the UK in recent years but the report focused on super fast broadband which is acknowledged as being download speeds of up to 40 megabits per second with BT’s Infinity and Virgin Media fibre optic offerings as good examples. In november we also witnessed the launch of a new internet satellite for europe (Hylas). The first satellite dedicated to delivering broadband services to europe by filling so-called ‘notspots’ which are usually remote locations such as rural villages where it is currently not possible to get a fast internet connection The issue of rural connection is of particular interest in my home patch of the north staffordshire moorlands and rather encouragingly the UK Government issued an announcement in early December of plans for every community in the UK to gain access to super-fast broadband by 2015. It seems that better internet provision is seen as a way to improve the prosperity (jobs) of the rural areas by attracting digital/ knowledge economy businesses to locate to rural locations.
2015 is an ambitious aim particularly as the rollout is planned to be provided by the private sector to two thirds of the UK and the other third to be delivered in mainly rural areas by local communities. The aim to have a champagne broadband service that is the envy of europe is noble but will the budget and co-ordination of broadband as a utility be enough? The UK government will trial super-fast broadband in the Highlands, north yorkshire, Cumbria and Herefordshire, as announced in its recent spending Review. For other areas public funds will be available to build a ‘digital hub’ into a fibre optic internet connection. The process of how to access funds to build a digital hub and the scope of the hub will no doubt follow... I await with interest! As cloud computing moves apace there is a reliance on connection and hence the broadband future not only affects the home user but businesses in general looking to exploit the UK cloud via the broadband utility. Let us hope the planned co-ordination of private and public sector can provide a coherent infrastructure across the UK to equate expectation with reality. The notion of self-initiating rural digital hubs will test the ‘big society’ philosophy of the Government with broadband being perceived as a need for the common good rather than for vested interest. VitAL useful references: http://stakeholders.ofcom.org.uk/ market-data-research/market-data/ communications-market-reports/cmr10/ international/ http://www.bis.gov.uk/assets/biscore/ business-sectors/docs/b/10-1320britains-superfast-broadband-future.pdf January / February 2011 : VitAL 35
A three point plan for more cost effective IT service management The recession gives IT managers the perfect opportunity to improve the perception and standing of IT within their organisation by finding areas where costs can be reduced and efficiencies gained. here, Patrick Bolger Bolger, chief evangelist at hornbill shares his three-point plan for using IT service Management to deliver quick wins that support the business in today’s challenging economic times.
s AusTerITy measures continue to bite many organisations, the pressure on management to reduce spend is greater than ever before. simply cutting costs in IT is relatively easy, if little consideration is given to customer satisfaction and quality of service. however, the key to managing in a crisis is not to over-compensate by indiscriminately cutting spend, but to keep in mind the tradeoff of potentially dropping customer service levels, which in turn affects the bottom line. whether you are in the private or public sector, cost will be a key driver for your business. The following plan will support you to improve the efficiency of IT in your organisation and help you through the tough times:
1. take a proactive approach to developing a cost containment strategy IT needs to take a proactive approach to optimising the cost of IT: promoting ideas that can be considered, proposing changes to executive management and putting plans into practice through a cost containment strategy. Reducing operational costs should be top priority with care taken not to impact customer service. This is supported by industry research which suggests that 83 percent of organisations are looking to reduce the cost of their support with 82 percent (research conducted by the service Desk Institute, March 2009) still obliged to maintain the same service levels. Projects focusing on server virtualisation, data centre consolidation and application portfolio rationalisation work well as part of a 36 VitAL : January / February 2011
long-term IT strategy, but require substantial financial investment, introduce risk to the infrastructure, and may negatively impact customers in the short term. Projects that can demonstrate immediate wins are more likely to capture management attention.
2. embrace cost optimisation strategies by: eliminating waste within the it estate: If IT is to deliver a strategy for cost optimisation across the business, it should first look at its own estate to identify any areas where costsavings can be made. In most cases, it should be easy to reduce the cost of IT by at least ten percent without having a negative impact on the business. reassessing it projects against their contribution to business objectives: By managing the portfolio of IT projects and performing benefit, risk and impact analysis, it may be possible to park or cancel projects that do not align with immediate business priorities. Resources may then be focused on those projects that deliver the most business benefit. analysing hardware and software assets for usage: IT asset acquisition and support can account for as much as 20 to 30 percent of total IT spending so even small savings derived from IT asset management can yield large savings. Reviewing the number of laptops, desktop printers and Blackberry devices issued to staff can significantly reduce the cost of acquisition, administration and ongoing support. Before disposing of assets, organisations should consider the remaining value
as a criterion for scheduling equipment replacement. By doing so, they can expect a three to five percent reduction in total cost of ownership (TCO) during the life of the asset. For an organisation with 2,000 desktops, with an average desktop TCO of £2,500 per annum; a five percent reduction in desktop TCO offers savings of £250,000 per annum! standardising desktop products: when loose IT policy allows staff to deviate from a standard desktop build, this often leads to failed upgrades and under-performance of standard applications. In addition, hours are wasted on rebuilding machines and recovering data, exposing the organisation to increased risk from unlicensed software and malicious programs. Agree standard desktop products with line-of-business managers to avoid such headaches. automating software distribution: Automated software distribution greatly simplifies the update process for IT, reduces the burden on support and makes it transparent for the customer. The faster changes are applied, or updates installed in a consistent manner, the happier the customer will be.
3. increase it service Management effectiveness without adding headcount by: demonstrating business value through quick wins: An organisation’s typical span of attention is around six months. If an improvement programme does not demonstrate business value within this sixmonth window, it is likely to fade and die. To capture the attention of executive management www.vital-mag.net
and secure their on-going support, it is vital to demonstrate ‘quick wins’ early on. Standardising service offerings and making them repeatable: Customisation is expensive. If IT is expected to constantly tailor services according to the desires of individual members of staff, it will be difficult to control the cost of procuring, configuring and supporting those services. By offering IT as a series of standard services, outlined in a Service Catalogue, the business is able to select the most appropriate service for each area and see clearly the associated costs. By standardising services in this way, IT can deliver the best service tailored to each business division while containing costs. Automating processes and repetitive tasks: For years, IT administrators have been creating scripts to enable the batch handling of tasks. Service Management vendors have now taken this concept further by introducing ‘Run Book Automation’ tools that automate the execution of tasks across the infrastructure. Simple tasks such as rebooting and testing a server and recovery from low disk space conditions can be automated, with hours shaved off the time taken to complete the process. Making effective use of Knowledge Management: Documenting knowledge and publishing it to service desk staff and (where relevant) to customers, can significantly reduce the volume of repeat enquiries. By implementing a Knowledge Base facility available via self service, Sharp Electronics reduced the volume of enquiries by 33 percent and managed to deliver a better service with 25 percent fewer staff. Introducing a customer SelfService portal: Self service can significantly increase service desk efficiency and reduce the cost of call handling. ID Business Solutions (IDBS) created a customer self service portal in June 2008. Since that time, the portal has been populated with 1,100 articles and 50 new items are added every month. More importantly, IDBS has managed to service a 30 percent increase in support calls following new product releases www.vital-mag.net
without additional headcount. Previously, it would have had to employ at least two extra full time support technicians to handle the same volume of calls. Within six months, the self service system paid for itself. Looking for opportunities to share services: Shared Services is a term often associated with government and other public services, but it can be applied as a cost-reduction or even revenue-generating measure in almost any context. If a service desk application can be shared across different divisions, yet is flexible enough to cater for the requirements of specialist teams, it can deliver true economies of scale. CSD (Customer Service Direct Ltd), a public private partnership between BT, Suffolk County Council and Mid-Suffolk District Council, offers shared ICT and HR services. Northumbria University is another good example of effective shared services, where Out of Hours support is shared by 28 universities. This is managed by Northumbria on behalf of NorMAN (North Eastern Metropolitan Area Network) and would not be viable for an individual institution, given the relatively small number of students requiring help outside core business hours and at weekends. The revenue generated funds the service management costs. Consolidating service desks: When you consider the cost of software licenses, hardware platforms, databases, administrative overhead, maintenance and training, there is a very strong business case for standardising on a single technology to address replication of effort and reduce cost across the business. Greggs the Bakers adopted this approach, saved £160,000 in the first year and provided a better service to the end customers at the same time. Cutting costs is a major directive, but with some research and due consideration of others’ successes and planning, it can be achieved without compromising the ultimate aim of any service department – to improve customer satisfaction. VitAL www.hornbill.com/journey
Shared Services is a term often associated with government and other public services, but it can be applied as a cost-reduction or even revenue-generating measure in almost any context. If a service desk application can be shared across different divisions, yet is flexible enough to cater for the requirements of specialist teams, it can deliver true economies of scale.
January / February 2011 : VitAL 37
And a Helpy New Year! Noel Bruton Bruton* says it’s time to set your goals and make those new year’s resolutions.
T Is traditional at this time of year to set goals and declare personal resolutions. The fact that it is a tradition is an opportunity in itself; people are expecting one another to renew their objectives, minds are open to the idea. you can exploit this opportunity by updating your objectives now, striking while the iron is hot. do it now and you will impress with your initiative and gain supporters. By February, it will be business as usual. Would it not be better that the usual businesses were one associated with your new goals? To that end, I would like to share with you the results of a brainstorming session, yielding ten resolutions for the User support manager. you could adopt these as your own. If so repeat after me: “Being responsible for User support in this organisation, I resolve, in 2011, to:” 1. Make change anticipation a part of the support routine: In my training seminars, I always ask the question ‘has your support department changed recently?’ Most people answer in the affirmative. But those who 38 VitAL : January / February 2011
brought that change about within the support department are invariably in the minority. In my experience, most support desks change because of a senior decision or initiative. But change is a constant. we are constantly hit by new technologies, shifting user demography or new staff adjusting the team’s skills and personality profile. IT support should anticipate changes for itself and adjust itself accordingly, without waiting for the instructions of, for example, seniors managers who may never have worked in frontline support and may not really understand it. start a change anticipation committee from within your own staff. It will make your department more dynamic, involve your staff more closely in your decisions and give them a break from the repetitive routine, as well as causing them to exercise their minds, not just their automatic experience. 2. Continually assess staff competencies and skills: Continually measuring the match of your staff’s abilities to the demands placed upon them is the key to growing your people and keeping the Helpdesk relevant to what the
customers need it to be able to do. My favourite technique for this is a matrix, knowledge areas on one axis, your team members on the other, and in each cell, a number from one to five denoting an individual’s level of skill with that product. It shows that to get the right knowledge in place, you don’t need a raft of experts, but enough knowledge to meet the demand. It also shows on whom you are relying too much (i.e. who are your sPOFs or ‘single Points Of Failure), who may be underutilised (or worse, getting left behind) and whom you need to develop. 3. test launch at least two new services: Go and find a couple of user departments who need and can commercially justify a higher or lower level of service than the norm, or a unique service no other department needs. Tailor a service especially for them. Delegate the responsibility for the quality and delivery of that service to a member of your team. you will get yourself a deserved reputation for understanding user needs and introduce some variety into the Helpdesk workload. www.vital-mag.net
4. Reconsider Support Department structure: Does your structure allow for easy delegation? Do the various sections of your department have clear objectives and responsibilities? Do you suffer from technical favouritism’, where a certain minority of your staff tend to have a much higher workload than the others? Does the support manager lack a pretender for his or her throne? Do you or any of your team leaders have more than eight direct reports? Is there a problem with morale, unclear leadership, output not being monitored, staff going missing? Then look at your internal structure; it could be that your department’s very organisation is hampering your success. 5. Increase management concentration on staff motivation and productivity: The role of a manager is to produce results through the orchestration of the efforts of others. If you are one of those unfortunate managers who is expected to be technician as well, then delegate more of your technical work – you have more important things to do. Somebody needs to be looking at the function, inputs, processes and outputs of the department as a whole. Find out what motivates your people and deliver it. Discover what impedes them and eradicate it. Learn what enablers your team needs and provide them. Measure your people’s productivity and feed their success back to them. 6. Republish your service catalogue: Communicate with them. Remind them of how much you do for them. The publication of a service catalogue shows everybody, users and managers, that you are in control of the service, you know what needs to be done and how to do it. The service catalogue will also show your staff the big picture of what the department is supposed to deliver, and they will thus have more of an opportunity to take responsibility for that commitment. If you can’t republish the entire catalogue, publish a feature about one of your services to advertise its existence and advise how it can be invoked. 7. Manage client expectations: The only reason a client ever complains is when their expectations have not been met. But where did their expectations come from? Users are not IT support experts; they do not know what other, higher priority work you had to do when you let them down. They measure you only on the fact that you let them down, not on the invisibly large picture of your overall success. Give them a clear message about the service they can expect from you, when they will get a response, what that response will look like. And do this not just for every service, not for www.vital-mag.net
every problem, but for every single contact you have with them. Experience shows that effort expended on expectation management yields far more success than effort expended on service management. You’ll have more impact on expectations by setting them on a job-by-job basis than just by including them in the Service Level Agreement. 8. Get senior management involved: Why does IT support? Because it is cheaper to have your department there than not to. There is a commercial imperative to everything you do. Find that commercial imperative and advise your senior managers how you serve it. And that is not simply a matter of telling them how many problems you solved today - that is meaningless in itself. What managers want to know is how that benefited to commercial or administrative effort, better still how much money you saved the company as a result. 9. Take control: Look at your staff. Which would you prefer, an employee who waits for you to take a decision and then does as he is told, or an employee who understands his job, understands the overall objectives, can see opportunities and threats and deals with them unaided from his own initiative? Now transfer that image to your boss. Which do you think he or she prefers? And which are you? Increase your accepted profile as a leader, innovator, visionary and a fair judge. It will do your career a power of good, as well as increasing the respect you have from your staff and peers. 10. Increase job-variety: Don’t let your staff stagnate; the risks are too high that one day a new challenge will come and your staff have neither the perspective, skills, nor confidence to deal with it. The challenge will then be dealt with elsewhere, and you and your department will thus become that bit less relevant, less useful and less involved than they were before. Challenge your staff constantly. Give them projects, time for measured self-education, involvement in business as well as in technology. I can almost guarantee that if you are not putting the variety into their work, they will do so anyway. Give them the opportunity to liven up their day in a governed way, so that they have a better time of it but you also have more control over your resources. *Noel Bruton is a UK-based consultant and trainer specialising in IT support, who since 1991 has offered a range of services to organisations looking to improve services to users and job satisfaction for support staff. He is the author of numerous books on the topic. VitAL www.noelbruton.com
Continually measuring the match of your staff’s abilities to the demands placed upon them is the key to growing your people and keeping the Helpdesk relevant to what the customers need it to be able to do.
January / February 2011 : VitAL 39
Lurking latent crocodiles Will the relaxing of change freezes, usually introduced during a holiday or peak period, bring out lurking latent crocodiles in your IT infrastructure? steve White, senior consultant at experts in IT process improvement, Kepner-Tregoe, gives practical advice on how IT gazelles can avoid a potentially nasty end.
40 VitAL : January / February 2011
hat keeps a gazelle awake at night? It might be the thought of the lurking latent crocodiles that inhabit the rivers and waterholes of business, waiting to pounce on the herd without warning. For a gazelle, being in the middle of the herd – rather than on its exposed flanks – is critical to survival. In our world, we recognise the effect of this survival instinct when a company releases a new operating system. The early adopters will load it and play with it, but few will immediately use it as a core business tool. The clever gazelles wait until the waters have been tested first. Clever gazelles also know to keep up and not become stragglers – or suffer the consequences.
Four classic ways IT accidentally finds itself on the edge of the herd Analysis by Kepner-Tregoe of the most commonly occurring errors IT departments make that expose themselves to crocodiles are: 1. By forging ahead without clear risk management: • Loading newly released and untested code onto production equipment; • Installing and commissioning untested, just released hardware into a production environment; • Loading production workload onto untested configurations; • Emergency change controls during ‘shotgun’ style troubleshooting. 2. By getting behind by not changing current systems: • Using core business software which is no longer supported; • Using hardware in production that is unsupported. 3. By configuring exotic solutions: • System integrating hardware and software to make the system a one of a kind; • Changing core code to make the system unique. 4. By configuring exotic loads or profiles: • Overworking the system beyond its capabilities; • Extreme tuning of software and firmware parameters for a given application; • Reaching a saturation point where the system moves from linear flow to turbulence. www.vital-mag.net
Pest control – ensuring you stay ahead of the competition Just being in the middle of the herd – doing the same sort of things that other companies are doing, using standard configurations and standard software, keeping it up to date and within performance tolerances – is still no guarantee of survival. The very worst IT incidents we see as Kepner-Tregoe consultants are a combination of a number of latent, visible and undiagnosed problems and poorly completed changes which have conspired to cause a ‘miracle’. Usually miracles are considered an amazing or wonderful occurrence. I speculate that to bring together the undiagnosed problems in just such a way as to cause a catastrophic failure can also be miraculous, just in a bad way. Let me take the example of a Fortune 500 global company who use IT systems like everyone else does: to receive orders, plan manufacturing, schedule deliveries and issue invoices on current hardware and very popular software. The IT department temporarily lost the ability to know what to manufacture, ship and invoice for about three weeks. The incident did not reach the media as it was handled well and the company continues to thrive. However, during those three weeks the crocodiles were right in the middle of the gazelles and had acted in uncoordinated ‘concert’ to bring the core business IT systems down.
Just being in the middle of the herd – doing the same sort of things that other companies are doing, using standard configurations and standard software, keeping it up to date and within performance tolerances – is still no guarantee of survival.
January / February 2011 : VitAL 41
The higher the number of undiagnosed IT problems you have, the higher the opportunity for one, or two or many to interact in some interesting way, with an innocent change, to bring your system down. .
42 VitAL : January / February 2011
Can we predict the likelihood of the latent lurking crocodiles taking your business out? If you were a gazelle walking in the middle of the river, surrounded by other gazelles, some out front, some lagging behind, some near the left bank of the river and some near the right, would you prefer to be walking up a river with a lot of Crocodiles or a very few? Pest control – to reduce the number of crocodiles would simply reduce the number of opportunities for them to mindlessly conspire to hurt you. Where do we find these crocodiles, in your undiagnosed backlog of IT problems? The higher the number of undiagnosed IT problems you have, the higher the opportunity for one, or two or many to interact in some interesting way, with an innocent change, to bring your system down. Companies, where the root causes for IT problems are generally found, have a mathematically better chance of IT survival than those with large numbers of undiagnosed problems: problems that are both lurking (you know about them – they are in a queue somewhere, or they are in a mass of uncontrolled changes or hiding in poor housekeeping) and latent (not affecting production at the moment).
Random problems Let me be specific about the kinds of problems that can randomly come together to cause prolonged IT outages. Let us say that you were making a change to the number of products your infrastructure was planning to process because you bought another company and needed to integrate their product lines.
You worked with the suppliers to specify the hardware and software that was required, and a project plan was created to implement the change–change management was on board, all was good. What you did not know is that buried deep in your backlog of undiagnosed problems were four faults with the production system, none of which were causing production problems and so were not in the minds of the support staff: 1. A slow database queue processing job for the past six months; 2. Slow logical input/output to your shared data storage device on other systems not obviously related to this one – a problem logged with another part of the infrastructure organisation several weeks ago; 3. A firmware upgrade to the data storage interconnect that did not apply correctly some weeks ago; 4. Database monitoring tools that for the past year had occasionally stopped recording. These problems had been logged, and they were awaiting some action by either the supplier or your staff. You then add the software upgrade and the required hardware to improve the performance of the system to give you some processing overhead. This change works (from their change management point of view) perfectly; the system resumes production but no one checks the performance overhead that the application of the change was expected to produce. This is a very big crocodile. You then add the increased load to the system one factory at a time (just to make sure that each step is good). Some two weeks after beginning this process a ‘tipping point’ is reached, and the system flips from ‘free flow’ to turbulence – from taking 20 hours to process one day’s worth of work to 60 hours per day. The business managers begin screaming that the business is dying. You have to sever many factories from the batch jobs and rescheduled production runs from every day to once a week. Some depots have to guess from experience what customers are likely to want to order from previous orders and the business is only maintained by heroic actions from huge numbers of staff who are running the business without your systems.
Returning to the previous configuration is only possible if the business is prepared to lose two weeks’ worth of invoices. The decision is made to forge forward using the new configuration, and during that process the latent lurking crocodiles are discovered. Not all of the Crocodiles were immediately malicious – the database monitoring tool had simply stopped two weeks before, and so the problem solving effort was extended by the lack of that information. Lurking latent crocodiles are out there, waiting, unobserved, to come together into a single event that has the potential to be catastrophic.
How you can ensure survival? Clearly there are lessons to be learned from other people’s mistakes. Staying in the middle of the IT crowd is a strategic IT decision for you and your customers to make: either stay safe or live an ‘interesting’ life. At Kepner-Tregoe we find that the most commonly occurring contributors to IT issues and failures is the lack of a proven, systematic approach to how employees analyse, record and resolve IT issues in a given company. Employees often employ individual techniques, leading to a lack of consistency and success in issue resolution and the recording of incidents. This leads to the repetition of mistakes and a significant loss of time and effort for businesses – lining your business with the crocodiles. We consult with clients to employ and embed a sequence of proven KepnerTregoe processes across their IT workforce to consistently: 1. Perform an analysis of the current state; 2. Calculate anticipated savings in terms of time and money; 3. Identify leverage points; 4. Complete a structured and well–managed implementation of good quality case handling processes. Not only do they have a better support organisation, with more effective work processes and more highly motivated engineers, but they also sleep more soundly at night, knowing that there are fewer lurking crocodiles waiting to pounce without warning. VitAL
Case Study When a computer technician reformatted a disk drive at the Alaska Department of Revenue while performing routine maintenance work, a small miracle of the bad sort occurred. The technician accidentally deleted applicant information for an oil-funded account — one of Alaska residents’ biggest perks — and mistakenly reformatted the backup drive, as well. There was still hope, until the department discovered its third line of defence, backup tapes, were unreadable. Had the backup tapes worked, there would be no story – in this case there is no mention of whether they had known and unsolved problems with the backup system – but have you checked that you can restore your data? This failure cost them $200,000 in additional costs and unknown reputational damage.
About the author Steve White is a regular columnist for VitAL and a specialist consultant in KT ResolveSM, a systematic approach to achieving step-change improve¬ments in the quality, speed, and cost of technical support operations and other client-facing organisations. He collaborates with client and Kepner-Tregoe (KT) internal teams to develop improvement programmes that combine process improvement, skill development, and performance management to achieve rapid, targeted results and lasting value. Before joining KT, he was global programme manager at Sun Microsystems where he managed the implementation of KT Resolve in the global software and hardware support operations. Under Steve’s leadership, the Resolve Programme for third- and fourth-line support successfully reduced the MTTR for poorly defined escalations from 32 days to 6 days and, when expanded to second-line support, positioned Sun to reduce customer wait time by 1,200 years per year. Steve worked in software and hardware support at Sun for 17 years. He became a certified KT Programme Leader in 1996, and was among the first to institution¬alise KT rational thinking skills into the support function. He studied computer system maintenance before joining Sun Microsystems as a field engineer.
January / February 2011 : VitAL 43
44 VitAL : January / February 2011
Striking a work life balance senior IT businessmen and women should be prepared to work long and sometimes erratic hours, and maintaining a tolerable, let alone healthy work/life balance, can be taxing but it’s not impossible according to Shaun Thomson, Ceo of sandler Training.
Any IT managers find it increasingly difficult to shut the door on the office and can’t tease apart their personal life from their working one. I work with a number of IT business professionals witnessing firsthand just how often their heavy workloads can cause many of them to lose sight of family commitments and neglect their social lives. Having a good balance between your professional life and private life will increase your motivation, job satisfaction, and productivity. effective planning will help to make the most of each working day and enable you to have time for friends, family and so forth. you should set compelling targets for every aspect of both your work and personal life ranging from holidays to personal wealth. Having these aims in place will ensure that every hour of your time becomes focused.
time management Time management is the simplest of solutions to the modern day problem of work/life balance. It has a real impact on sales and growth. It costs nothing to implement and is dependant on just one thing; yourself. Good time management can create the personal freedom to let you enjoy your IT career. By effectively organising your time and working proactively to achieve your goals, day by day you will be more successful and you will have more time to enjoy it. However, not everyone works well with a strictly formulaic method of time management. IT managers need to find the best method of time management that works for them. some people are good at multi-tasking, while others like the time-blocking method. yet, choosing the right method of time management is not just a matter of personal www.vital-mag.net
preference. It is vitally important that the way you manage your time is compatible with the type of business you are in and whether or not you are dependent on other people. For example if you work alone as a freelance IT consultant it may be possible to start work at midday and work through till 10pm. However if you have to be in contact with clients who work in a traditional office, then you will have to be available nine to five, regardless of commitments outside of work and personal preference. It’s also tempting to work reactively, because the natural reflex is the courteous one. when someone emails or calls, we reply immediately, without considering whether this is a productive action. effectively structuring your time to achieve business goals can make your career in IT succeed and also allow you the free time to have a life outside of work. Being a successful IT manager shouldn’t just be about making money, it should also be about having the free time to enjoy the money you make. Getting the right work/life balance will help both you and the IT business you work for or run be more successful. so here are some top tips to help you achieve and improve your very own work / life balance: 1. what does work/life balance mean to you? ‘work/life balance’ is a very personal thing. To be able to achieve a work/life balance you first need to understand what it means to you. Does it mean not working at weekends? Or does it mean leaving the office before 3pm to pick up the children from school? 2. evaluate how ‘balanced’ you are. Inevitably, achieving a better work/life balance means making sustainable changes in your life. Unless you are aware of where (or how) January / February 2011 : VitAL 45
Having a good balance between your professional life and private life will increase your motivation, job satisfaction, and productivity. effective planning will help to make the most of each working day and enable you to have time for friends, family and so forth.
46 VitAL : January / February 2011
your life is not in balance, you wouldn’t be able to make the changes. 3. what is stopping you? There is no point in setting goals and putting in place action plans to achieve your ideal work/ life balance if you don’t know what is stopping you from achieving your ideal work/life balance. For example, it may be as simple as you switching off your work mobile phone when you leave the office, so you can’t be disturbed by work calls in the evening or at weekends. 4. if it’s not working, change it. Typically the first three months in a new role sets the pattern of how and when you are going to work. It may sound a little melodramatic, but often the only way of improving your work/life balance is to change your job or working environment. For example, 12 plus working hours are quite common in big city IT companies. If you have a long commute into the office, have you considered working from home one or two days a week? Home working, by making you slightly less accessible, can help you be more productive during the working day. Another option is to think about compressing your hours, so that you can minimise your overall commuting time. 5. work with a coach. A coach will help to keep you to your good intentions. They will also help you improve your self-awareness to understand what is getting in the way of you achieving the work/life balance you crave – and then help you put together simple actions to achieve your goals. Having somebody providing an outside viewpoint on both your IT career and home life can be very powerful, and make you more focused. 6. set goals, then tell everybody. The more visible your goals, and the more you tell people about them, the more likely you are to achieve your goals. Remember to word your work-life balance goals in terms of the actions you have decided upon to achieve your output. For example, “leave the office by 5.30pm, at least three times a week.” 7. Prioritise and delegate. As the saying goes, Rome wasn’t built in a day. Prioritising your to-do list will help you get the important tasks done and prevent you working long hours. It goes without saying that effective delegation will help you work less hours in the day. 8. Just say no. Do you find that you always want to be helpful, and find it difficult to say no to people? you may find that by getting better at saying no to
people, you may find that you have less to get through at work and at home. 9. Plan your leisure time. Great work life balance is not all about working fewer hours, it’s also about what you do with your time outside of work. Make sure that you plan-in activities which help you recharge your batteries, de-stress and relax. 10. break down big goals into small goals. Again, Rome was definitely not built in a day. when setting yourself a goal it can be tempting to try and achieve it immediately. Try and resist this temptation and break the goal into smaller pieces and milestones and set realistic timescales for the milestones. As a business owner or manager, you are generally responsible for driving the pace of your business. Therefore, if you’re finding that the pace of the business is too much, slow things down. 11. ask your clients for deadlines. Many of us assume that a client wants something done immediately, when there may actually be a reasonable lead time for the work to be completed. Always ask your client by when they need the work completed. 12. Have an ‘end of day’ routine. If you set up an ‘end-of-day’ routine, it can help your brain mentally switch off from work at the end of the day. you may find it useful to write yourself out a ‘to-do’ list for the next day. 13. turn off your work gadgets! emails, BlackBerrys, iphones etc can all interrupt your non-work time, and then suck you into doing work on your weekend or during your family holidays. set the expectation with co-workers that you don’t check your emails or answer your mobile phone in the evenings or weekend. 14. block it out! Block out times in your diary for when you are unavailable, particularly if your diary is open to all to access, make sure you block out the times when you are unavailable for work. Psychologically, it also makes it harder for you to book stuff in these times. 15. Plan evening activities which take you away from work. One owner of an IT company I know had activities planned for every evening, which meant that he couldn’t work late into the evening. This approach may not work for you, but how about promising to do bath time with your children once or twice a week? VitAL www.sandler.com www.vital-mag.net
Vital driVe: IT HITs THe FAIRwAy
Great work life balance
Beware of viewers with access to email
is not all about working
even angry viewers with an email account can influence the outcome of prestigious golf tournaments according to PgA IT manager Geraint Lewis
fewer hours, it’s also about what you do with your time outside of work. Make sure that you plan-in activities which help you recharge your batteries, de-stress and relax.
olF hAs lead the way with the use of television information technology to help with the refereeing of the game, at the recent ryder Cup Matches in Wales, one of the officials was required to sit in the production offices of sky Tv and watch the action from all the matches out on the course in case the Tv cameras picked up anything that was missed by the players or officials out on the course. At the 2010 Us Open, Dustin Johnson bogeyed the final hole to apparently tie for the lead, but after further review of the TV pictures of his shot it was decided that on the final hole, he had ‘grounded his club’ in a bunker, which is a contravention of Rule 13.4 of the Rules of Golf (so my colleagues in the Tournament Department tell me). He was given a two-stroke penalty and finished out of the playoff. An even more extreme example of the use of TV occurred at the safeway Classic event on the LPGA tour in America. Juli Inkster was disqualified for violating Rule www.vital-mag.net
14.3 of the United states Golf Association’s ‘Rules of Golf’ which bars the use of practice devices during rounds. The UsGA’s “Decisions on the Rules of Golf” specifically addresses weighted head covers and “donuts” used to make clubs heavier to help players get loose. Their use is barred during rounds. Inkster used the donut while waiting to hit her tee shot on the par-5 10th hole, which had backed up as players waited in the fairway to attempt to hit the green in two shots. Inkster gave the Golf Channel an interview on the tee, then slid the donut on her 9-iron to get loose, and footage of her practice swings was show on the Golf Channel. A viewer saw it and e-mailed tournament officials, who forwarded the e-mail to the LPGA rules staff. Can you imagine the equivalent if FIFA followed Golf’s hi tech example? Twenty million english Football fans, emailing in to say that Lampard’s shot had crossed the line and it should be a goal. They still wouldn’t have lifted the world cup mind! VitAL January / February 2011 : VitAL 47
Stupid web tricks everyone and their aunty has a flashy web site these days, but us-based web designer, developer and ‘software entomologist’ Dave Whalen has a few problems with some of them... Beware, may contain sarcasm.
There is nothing I like better than an entire screen of nothing but text. The web is just an electronic book. Just to make sure it all fits on a single screen, use a really small font! It’s OK, I wear bifocals.
48 VitAL : January / February 2011
green and use hot pink text (after all, they are your favourite colours). How about lime green text on a white background? even better, use a black background with navy blue text, or vice-versa, who needs to read it anyway? And why limit yourself to only four or five colours? Most monitors now support over 16 million! Try to use as many as you can. If you don’t burn my retinas, you’re not really trying. 3. sound: so I’m sitting at my computer, with my new Jimmy Buffett CD in the CD player (or MP3) and I go to your site and I’m immediately hit with the electronic version of yMCA you have playing on your web site at the same time. If you really want to make me happy don’t give me a way to turn it off! 4. animated gifs: when I taught web development at the local college, I used to always tell my students that I never gave F grades – if they wanted them, they would have to earn them! One sure way to earn one was to put anything on the page that moved. Animated GIFs and marquees were always sure bets. even better – use a lot of them! 5. large graphic files: I have nothing better to do than to wait for that 8 x 10, eleventy-jillion pixel picture of your cat to load. Like animated GIFs, use lots of them. Then I’ll have time to run for another Landshark Lager! Keep in mind that I have to go to from Denver to Las Vegas (or Key west) to get one. 6. text, text, and more text: There is nothing I like better than an entire screen of nothing but text. The web is just an electronic book. Just to make sure it all fits on a single screen, use a really small font! It’s OK, I wear bifocals. 7. Changing layouts: make sure every page has a different layout! Keep me on my toes and keep moving stuff around, like buttons and links, so I really have to look for them. It’s like “where’s wally”. Fun for everyone! no two pages should ever look alike. www.vital-mag.net
8. Background images: If the text on your site isn’t hard enough to read, you can always display it on top of a picture. 9. Fade ins/outs: Who would want pages to be displayed immediately when you can slowly fade them in and out. Of course you must chain them together so not only do I have to wait for the next page to be displayed, I also have to wait for the current page to disappear. 10. HTML leaks: Everyone loves broken HTML. No page is complete unless “font>” is displayed somewhere on the page. Never view or test your pages. 11. Last updated: Always include a ‘Last Updated’ date on your site, but never change it. Who wants current information? 12. Counters: Everyone cares how many visitors came to your site – be sure to waste plenty of space telling them. 13. Flash: Like frames, Flash is always a good idea. Bonus – not only will it require you to buy really expensive software to create it, it typically requires a user to download a plug-in for their browser to see it. To make the experience extra special, there is usually no message telling them that they need to download the plug-in – they just get a blank page (actually, there is, but you have to program it into the page and who has time for that). 14. Awards: Most don’t mean anything, and nobody really cares. If you really want one, www.vital-mag.net
I can design one for you. I have a ‘This Site is Complete Cr*p’ award. But like F grades, if you really want it you’re going to have to earn it! 15. Empty drop-down boxes/selection lists: Options? Who needs options? Also – be sure to include some type of instructions as one of the options. Something like “...Please Select an Item...” is always good. Don’t forget to allow me to actually select it. Here’s a neat developer trick – make the boxes change width with each selection and blow out the entire page. Or make the width so small I can’t read the options. 16. Ads: Sure, Geocities is free – or is it? Everyone loves ads and pop-ups. I always wondered what those pop-up blockers did. The more browser windows I can have open the better! Where do I sign up? 17. Cursor tails: Sometimes I can’t find my cursor on the page. (If you have followed any of the above, I probably can’t). Please help me by attaching some nonsense text or a graphic to my cursor that will follow it all over the screen. Or change the cursor to something else so it’s really hard to lose! 18. Broken links/graphics: gives any site that extra special something. That red ‘X’ icon is much more appealing than any picture you could possibly have – and it downloads so much faster. Give me a valid link and I may leave your site and that would be bad! Oh, and of course, never, ever use the ALT attribute. Keep me guessing. VitAL January / February 2011 : VitAL 49
The human factor With attacks by hackers on businesses increasingly being committed with a similar modus operandi to corporate espionage carried out by foreign states and state sponsored attackers and targeting individuals, Giri Sivanesen, senior security consultant at Pentura says itâ€™s time to employ some counter-espionage.
50 VitAL : January / February 2011
As the capabilities of security technology improve, hackers are now targeting individuals to get at the electronic information they want – this raises an intriguing mix of problems and issues for today’s corporate security managers.
eople will always be the weakest link in the battle to protect corporate information and data from attackers. Attacks by hackers on businesses are increasingly being committed with a similar modus operandi to corporate espionage carried out by foreign states and state sponsored attackers. As the capabilities of security technology improve, hackers are now targeting individuals to get at the electronic information they want – this raises an intriguing mix of problems and issues for today’s corporate security managers.
Who’s a target? In many ways, the most valuable and effective attack vector is a person; people have characteristics that can make them particularly vulnerable and useful to those who want to carry out attacks. Insider knowledge and access can increase the impact of an attack significantly even where the role of the attack vector is only one of facilitation, for example, a cyber attack. Human sources such as disgruntled employees or low wage, temporary staff – who perhaps have less loyalty to their employer – may be more easily convinced to obtain confidential documents as part of elaborate attacks that they may not be fully aware of.
How it’s done for espionage The cultivation of human sources begins with a planned acquaintance with the target, which the adversary will try to make appear as normal and unpremeditated as possible. www.vital-mag.net
There have been espionage cases in the past where cultivation and recruitment of the target has taken place over a matter of weeks, months and in some cases, years. Through any means necessary, the target will be cultivated and prepared for their role as an agent of espionage There have been other cases where the process has been much quicker; ‘cyber recruitment’, can be almost instantaneous. In some instances the targets might not even be aware that they have been exploited and may become an ‘unconscious’ agent for an attacker. This process takes time, meticulous planning and skill but once ready to assume the role, the human source can provide a rich and versatile source of information and intelligence whether they are ‘conscious’ or ‘unconscious’ of their role. A typical example would be: “You are attending an industry conference overseas as a key member of the research team for a large technology company. During the trip you meet an old colleague that you know personally and hold in high regard. At the conference, your colleague introduces you to a friend who shares similar technology interests and is very flattering with respect to your published work. Over the duration of the event, you get to know him well and he is keen to learn more about your technology research at work.” Question: How can you tell a normal business introduction from premeditated espionage? For espionage an introduction to the target is often sought through someone with direct access to the target – an access January / February 2011 : VitAL 51
Clear and concise security policies that are accurately aligned to an organisation’s security risks should underpin all efforts to effectively manage against insider threats and attacks to exploit an organisation’s personnel. Together, with a strong organisational security culture, thorough background checks and after care, organisations can develop an effective risk management programme to counter insider and other types of adversarial attacks.
agent – such as the mutual friend cited in the example above. It is far more likely that the target in this example would trust a friend of a colleague more than a complete stranger.
why it works The motivation of people who abuse their access to provide confidential information to business competitors and criminals is complex and varied. But there are indications that the growing trend of fraud and insider vulnerabilities vilifies the threat for human targeting and cultivation. As a method of attack this area is growing. In a downward market, when employment prospects may be uncertain or rewards less substantial, the risk from insiders being involved in an attack increases if personal income may be under threat. employees are far more likely to accept cash bribes or gifts as part of a cultivation process.
how to avoid it employment vetting is arguably the most common way that organisations try to mitigate against insider threats. A detailed employment screening and psychometric profile may help to identify personality traits that suggest an employee is susceptible to cultivation. But in the majority of cases, vetting activities are limited to only basic security checks; conditions 52 VitAL : January / February 2011
for a new employment contract rather than an ongoing requisite for employment and these are often concentrated on more senior positions or higher wage earners who are therefore less likely to be interested in taking cash bribes than perhaps support, temp or even cleaning staff. Aside from vetting, many organisations choose to instate segregation of duty controls that require two or more employees to complete a business task. while this may increase the administrative burden, these types of controls can make it significantly harder for an attacker, by requiring the complicity of two or potentially three people. whistle blowing procedures are also commonly used in large organisations to detect insider threats.
Conclusion Clear and concise security policies that are accurately aligned to an organisation’s security risks should underpin all efforts to effectively manage against insider threats and attacks to exploit an organisation’s personnel. Together, with a strong organisational security culture, thorough background checks and after care, organisations can develop an effective risk management programme to counter insider and other types of adversarial attacks. VitAL www.pentura.com www.vital-mag.net
Special delivery In the last two issues, Rosemary Gurney has looked at the transition from ITIl v2 to v3 and why service management is crucial to the modern IT business. In the final part of her series she looks at how and what ITIl actually delivers.
hAT ITIl delivers is a framework of coherent processes and best practise activities which allow organisations to deliver quality IT services. Clearly, these will vary depending on the market and the industry the company operates in and whether it is a service supplier or a service user - ITIl can be a key component in either. view ITIl as a toolkit. If you do decide to pick up the kit decide which tools you will use and consider other frameworks and methodologies such as CoBIT or six sigma. you will almost certainly end up blending ITIl with these other ‘tools’. And be warned, it’s not a two-minute job. Quick wins are available but if you’re new to it and starting out on the journey, there has to be a sense of commitment to put it in place and an understanding of exactly what you want to get out of it. It can take a good two years to create a working service culture.
the vision It is imperative that an organisation has a clear idea of where it wants to be and where it expects ITIL to take it. Organisations need to have the vision of where they see themselves after a given period of time, otherwise it’s like trying to complete a jigsaw puzzle without ever seeing the picture. Only by knowing where you 54 VitAL : January / February 2011
want to go can you find out how to get there. Obviously, what it is that you want to gain will dictate your approach and just where you start. some organisations want to sell ‘ITIL products’ or services while others use ITIL from to verify their current operation. staff development, cost savings and improving customer service are all valid reasons for investing in the service management best practice in ITIL. you need to really understand and quantify these objectives if you want ITIL to help deliver them. set your objectives based on results and outcomes not just delivering process documents. The next stage is it to sell the concept to the people that are going to implement it; you need buy-in. Ideally you need an organisation-wide sponsor at board level to champion support for IT service delivery. A major challenge is in knowing where you are on the ‘change road’ before starting out. This will help you determine how big the gap is between where you are now and where you need to be. There are a number of ways to ascertain this. Consultants will certainly be able to help you, and there are self-assessment tools which will do the job too. Most organisations will use a consultancy which takes them through the processes and gives a score based on a capability maturity www.vital-mag.net
model from the Carnegie Melon. From there you get a result, but there is potential for this result to be confusing or misleading. When you look at the result, unless you understand the maturity model, it is not easy to know whether the score is good enough. Avoid the pitfall of just chasing better maturity scores, it may not solve your problems. The company will need to make a decision about which component to work on based on where its score is on a 0-5 scale balanced with customer satisfaction, business need and budget. ITIL then offers us the ‘four Ps’ of service design – People, Process, Products and Partner. These are used in any implementation to make sure you cover all the bases in implementing services. Each area must receive attention to ensure consistent services can be delivered.
The four Ps People: The people part is crucial. Ensuring that all stakeholders are communicated to, educated, have clear responsibilities and understand fully “What’s in it for me” cannot be ignored at any cost. Products: Never let the toolsets lead your process implementation. Your business will not appreciate bending its process to fit your toolset. Tools can automate many of the repetitive service management activities if used properly. Before you even think about them, talk to other users, do research and read reviews of the toolsets. There are some very good cost savings to be had by buying the right product at the right time, but it’s crucial to know what you are trying to do. Modular products are often the best option to match your increasing maturity through a phased implementation. Processes: Making processes simple and easy to understand delivers great benefits. You may choose to design your process at a higher level of maturity than you implement in a first stage. This phased approach to process implementation makes great sense by helping you realise quick wins even before a process is fully embedded. Partners: It is often more cost-effective to have a short-term external partner if you don’t have the right skills internally. If it’s a one-off activity there is no sense in training staff to do it, you might as well use the skills that are out there to get going rather than flounder. Where external guidance is used, be absolutely sure that you have a clear definition of the results you expect. It is often better to pay external consultants based primarily on results not just output on www.vital-mag.net
the basis that ITIL process documents are far easier to produce than implement.
How will ITIL deliver? If you want to gear your implementation to cost savings it can be done, but it almost always does this as a by-product of the change process anyway, and if this is your only reason for implementing ITIL, then there may be better tools and systems for you to use. If you have underlying issues with the way your staff are working then ITIL will not help. Indeed, it may cause more problems. Always keep in mind the issue you are trying to resolve. There may be other things to do before introducing service management change. ITIL is about people, communications and culture. If you have issues in those areas you may need to sort them out before you go down this route. If these three are not right or you’ve got the wrong people or lack a service culture, these issues will need to be addressed before starting. Dedicated project management time is crucial. It may not be a full time role in small organisations and please avoid the temptation to mix the ITIL subject matter role with that of the project manager. In addition to any boardlevel sponsor, someone needs to champion the project on a day-to-day basis. They will call in the other people as a when required. Make sure you have the commitments and the resources you need. There have been too many half hearted projects that failed to take off; you need to keep the initial enthusiasm going with a series of quick wins but also achievable medium- and long-term objectives otherwise people will lose interest.
Business enabler Over the three articles I have tried to frame the reasons for, challenges of and benefits accrued from adopting ITIL in your service organisation. I have argued that ITIL is never an easy option and there may well be other more appropriate routes to the destination you’re seeking. ITIL is only one part of the picture, albeit a very important part. Businesses rely totally on their IT systems, they are used like a utility as fundamental as gas, water or electricity. In addition, IT has to act as an enabler so the business can fully realise the opportunity that technology affords them and Service Management is a key method for IT services professionals to focus on business delivery rather than the technology. VitAL www.globalknowledge.co.uk
It is imperative that an organisation has a clear idea of where it wants to be and where it expects ITIL to take it. Organisations need to have the vision of where they see themselves after a given period of time, otherwise it’s like trying to complete a jigsaw puzzle without ever seeing the picture. Only by knowing where you want to go can you find out how to get there. Obviously, what it is that you want to gain will dictate your approach and just where you start.
January / February 2011 : VitAL 55
Leading the fight against climate change Has the world cooled on the subject of global warming? With the global economy in turmoil, many are starting to think so. Wayne Sharpe, founder and CEO of Carbon Trade Exchange reports on the status of global carbon trading.
hicago Climate Exchange (CCX) which opened to huge fan fare in 2004, has announced that it will soon cease trading carbon; the very reason for its inception. The US-based operation was only open to US businesses, implying that Carbon trading in North America has ceased. Alarmingly, this major news story, like the Exchange itself, has disappeared with a whimper. The story has either gone unreported or has been used by the American right, notably Fox News, to condemn the green movement and gleefully rejoice in the demise of the only US effort at carbon trading. Perhaps, most worrying is the rhetoric being used to describe the failings of the Exchange. Irresponsible and regressive reporting on the very real and potentially catastrophic threat of global climate change is now describing rigorous scientific data as “pseudo-science” and harmful pollutants have become “socalled greenhouse gases” despite irrevocable scientific evidence ruling to the contrary supported by the UN and an EPA.
Going cool on global warming With the US economy in trouble and hopes of a quick recovery now a distant memory, US commentators claim the downfall of CCX reflects that the world has cooled on the subject of global warming when faced with pertinent economic threats. While some big business (notably major emitters of green house gasses) and the US media undoubtedly have little appetite for costly cap and trade and increased legislation, particularly, after the US mid-term election results, there is an alternative 56 VitAL : January / February 2011
A Carbon constrained economy is upon us, and the naysayers are risking the future of our planet. Perhaps its time for the global media to take their responsibilities seriously and match the energy and commitment of business leaders in the face of political stagnation. The livelihoods, perhaps the very lives of our children and grandchildren may depend on it.
approach to carbon reduction, which is proving more successful. Major global companies such as Walmart, HSBC and News Corp are voluntarily reducing and/or offsetting their emissions and encouraging or even forcing that process down their supply chain. Carbon Trade Exchange is a global carbon exchange which promotes a positive business message. Carbon limitations through cap and trade and legislation have proven unsuccessful because they are perceived as anti-business, inflame insidious climate change-denial and act as a stick with which to beat businesses when they are already down.
Voluntary carbon trading Carbon Trade Exchange provides a new business model for carbon trading attuned to the chastened economic times. It is a global carbon credit trading exchange that enables carbon buyers and sellers from around the world to trade voluntary carbon standards in an extremely efficient, end-to-end electronic process. Carbon Trade Exchange is the world’s first web-based electronic platform for spot trading Voluntary Carbon Credits (VERs) and will soon facilitate trading of international offset credits (Certified Emissions Reductions or CERs). Unlike the failed Chicago Climate Exchange which carried out in-house assessment, verification, issuance, registry and trading of their own standard of carbon credits, Carbon Trade Exchange is truly independent. VERs are verified by reputable, independent third party standards, such as Voluntary Carbon Standard and Gold Standard, who verify projects www.vital-mag.net
environmental and operational credibility, and issue credits. These standards have been independently asserted to be equivalent to the UN’s Clean Development Mechanism (CDM) to ensure environmental credibility throughout the process. Global financial service Giant Markluit acts as an independent registry to ensure validity of credits issued and ownership. Companies of all sizes want to reduce and offset their Carbon ‘footprint’, but there has previously been a veil over the process, price and origination of VER credits. Carbon Trade Exchange ensures carbon offsetting is accessible and affordable for businesses and organisations of every size. It recognises that carbon reductions should not impede business, but be used to gain a competitive advantage and a differentiated product. It makes carbon neutrality viable for any business that wants to improve its efficiency and neutralise its environmental impact. It does so by measuring and quantifying each client’s emissions output, and offsetting it through investment in green energy and environmental projects, to reduce greenhouse gases and promote green business and community projects across the world at the same time.
Furthering the fight against climate change The Carbon Trade Exchange platform has shown that tackling climate change should not be the preserve of big business when small and medium sized enterprises account for an estimated 70 percent of global GDP. For the fight against climate change to be successful,
opting-in must be made as attractive and accessible for as many as possible, because the world’s current economic problems will pale in to insignificance if urgent action on climate change is not taken now. It seems global players and opinion formers agree, as shown by the massive growth in the Carbon Disclosure Project, which says “Some 3,000 organisations in some 60 countries around the world now measure and disclose their greenhouse gas emissions and climate change strategies through CDP, in order that they can set reduction targets and make performance improvements” and “act on behalf of 534 institutional investors, holding $64 trillion in assets under management and some 60 purchasing organisations such as Cadbury, PepsiCo and Walmart.” Some very smart people on this planet and in business are seeing the scientific evidence and taking action, as I chose to do by forming Carbon Trade Exchange. The opportunity to address this challenge is now or never and business can and will take the lead as with any revolution, whether it’s the Industrial Revolution, Internet Revolution and now the Carbon Revolution.” A Carbon constrained economy is upon us, and the naysayers are risking the future of our planet. Perhaps its time for the global media to take their responsibilities seriously and match the energy and commitment of business leaders in the face of political stagnation. The livelihoods, perhaps the very lives of our children and grandchildren may depend on it. VitAL www.carbontradexchange.com January / February 2011 : VitAL 57
Power management for all PC power Management is now available for small and medium business via cloud computing. Mark McGinn of verismic reports.
58 VitAL : January / February 2011
hen it comes to ever-present resources such as utilities and petrol, human nature is to minimise spend when payment is our own responsibility. However, the same person who unplugs all their appliances at home will leave the office without shutting down their PC. The chances are the majority of their colleagues will do the same because they do not pay for power themselves. Although this issue is more glaringly obvious in a huge office – you only have to see the ghostly night-time glow of empty offices – the problem, and the unnecessary spend, is just as pressing for smaller firms. PC power management solutions are changing this situation – giving the control back to companies, not leaving the size of the utility bills and the carbon footprints at the mercy of employees. www.vital-mag.net
However, the cost and carbon efficiencies netted by larger firms from using PC power management technology have historically eluded small businesses despite the fact that they have the same drivers for needing the solution as any other sized company. They have been marginalised by the lack of economies of scale, hardware spend traditionally required to reap the benefits, and vendor apathy. With smaller IT budgets, and a more pressing need to justify return on investment for every purchase, the initial investment required to harness the solutions in terms of hardware, infrastructure and manpower has put them off. Relying on the ‘last one to leave, turn off the power’ rule is still rife, and often a small firm simply doesn’t feel technically able to take back the control of its PCs due to resource and budget limitations. To solve these inherent barriers to deployment for SMBs, PC power management solutions need to evolve to address the heart of the issue – that sometimes, it doesn’t matter how a solution works, only that it does work, and works too well to ignore. For PC power management, that issue has been overcome by offering cost and carbon savings by using cloud computing to deliver the solution. Now, a smaller company can use a hosted version of Power Management software which requires no onsite hardware, no investment in further infrastructure, and a dashboard approach for management and monitoring of savings. Small businesses see efficiencies almost immediately, deployment is instant, and the day they begin using the cloud-based solution they can begin powering down unused systems, setting automatic shut downs, still running software upgrades and patches by waking
Relying on the ‘last one to leave, turn off the power’ rule is still rife, and often a small firm simply doesn’t feel technically able to take back the control of its PCs due to resource and budget limitations.
January / February 2011 : VitAL 59
However, a debate about PC power management as a standalone solution is creeping into the frame. People are beginning to ask, ”why is investing now worthwhile, when surely it’ll shortly become a standard feature on any new desktop or laptop?“.
whenever required, and reducing power levels on server systems. Verismic Power Manager software provides a saving of up to £60 per PC per year, to all business sizes, and this can be seen via the dashboard and used to justify alternative IT or business spend around the company.
Cloud solution The fact that it is cloud-based is vital to small businesses, as this removes administrative complexities that are undesirable to buyers in this bracket. By the Verismic software agents acting as its own administrative and delivery infrastructure for actions that require communication inside the LAN, the solution is transparent – like the workings of wireless internet or CRM – to customers that care more about the end result and the ease of use it brings to them than how it works. This means that the solution is highly and sensitively developed, paying close attention to the issues that are associated with cloud-based delivery models such as security and reliability, so that they never become a concern for the user. However, a debate about PC power management as a standalone solution is creeping into the frame. People are beginning to ask, ”why is investing now worthwhile, when surely it’ll shortly become a standard feature on any new desktop or laptop?“. While software vendors and hardware manufacturers have undertaken significant steps in optimising power usage and power savings, the reality of embedding a professional and intelligent power management system into the overall technology stack is a considerable 60 VitAL : January / February 2011
way off. This is not due to any limitations of the operating system or the hardware, but primarily due to the knowledge required to accurately leverage these capabilities. PC power management software can be compared to the engine management system of a car, intelligently changing the efficiency characteristics to match the conditions and the driving style while allowing the driver to take advantage of the performance when needed. Without management intelligence, the built-in OS and hardware capabilities mean nothing due to the detrimental impact their inflexibility would have to the business.
A step in the right direction Whether or not you are large or small organisation, the need to adopt a power management strategy are the same – cost, carbon reduction, and the ability to demonstrate success. In fact cost savings are likely to be far higher for SMBs because they will be paying higher rates on the cost of their electricity, and with power costs set to rise, this situation is not likely to improve. In the UK, upwards of 70 percent of businesses are SMBs. If, as a nation, we are to come together and meet our carbon reduction commitment under the Kyoto agreement, we need to move PC power management technology out of the privy of the large organisation and make it available to SMBs. Cloud power management is an important step in the right direction toward providing ‘power management for all’. VitAL www.verismic.com www.vital-mag.net
vital focus groups Helping you overcome obstacles
28th June 2011 ●
One Day Event ● 120 Decision Makers ● 15 Thought Leading Debate Sessions Peer-to-Peer Networking ● Exhibition ● Cutting Edge Content
For more information
Powerful multi-protocol testing software
Contact Grant Farrell on +44 (0) 203 056 4598 Email: email@example.com Can you predict the future? Website: www.vitalfocusgroups.com Forecast tests the performance, reliability and scalability of IT systems. Combine with Facilita’s outstanding professional services and expert support and the future is no longer guesswork. visit Facilita at:
Guoman Tower Hotel. London
Plaisterers Hall, London
Facilita Software Development Limited. Tel: +44 (0)1260 298 109 | email: firstname.lastname@example.org | www.facilita.com
Ares, Odyssey Business Park, West End Road, Ruislip, HA4 6QD T: 020 8582 8282 F: 020 8582 8288 W: www.hornbill.com C: email@example.com E: firstname.lastname@example.org Hornbill develops and markets ‘Supportworks’, applications for IT Service Management (ITSM) and business helpdesks. Hornbill’s ITSM & service desk software with a ‘Human Touch’, enables its customers to provide excellent service while benefiting from consolidation on a single technology platform.
Delegate House, 30A Hart Street, Henley-on-Thames, Oxon, RG9 2AL T: +44 (0) 1491 635340 F: +44 (0) 1491 579835 W: www.infravision.com C: Nigel Todd E: email@example.com BMC Software’s #1 partner for Service Desk Express and the Alignability Process Model, delivering rapid implementation of proven ITIL aligned processes, procedures, work instructions and tool settings, and transformation to service-led approach in only 12 weeks!
Atlantic House, Imperial Way, Reading. RG2 0TD T: + 44 (0) 118 903 6824 F: + 44 (0) 118 903 6282 W: www.pinkelephant.com C: Frances Fenn E: firstname.lastname@example.org Acknowledged worldwide as niche, independent, IT Service Management Education and Consulting providers. Having trained more people than any other company in ITIL related subjects since 1987, we have contributed to all 3 versions of the ITIL books.
62 VitAL : January / February 2011
Cedar House, Riverside Business Village, Swindon Road, Malmesbury, Wiltshire, SN16 9RS T: + 44 (0) 1666 828 600 F: + 44 (0) 1666 826 103 W: www.iccm.co.uk C: Kate Springer E: email@example.com One of the overriding directives of ICCM Solutions is the simplification of complexity in Service Management environments. ICCM provides a global client base with sophisticated ITIL aligned Service Management Solutions built on Business Process Management (BPM) Architecture, from Metastorm BPM®.
60 Lombard Street, London EC3V 9EA
T: +44 (0) 207 464 8883 F: +44 (0) 207 464 8888 W: www.icore-ltd.com E: firstname.lastname@example.org C: Greg Lake iCore is the largest specialist IT Service Management Consultancy in the UK. ICore has a long & impressive track record in delivering & embedding pragmatic IT service management, solutions, relying on the deep, real world experience of our mature & determined consultancy team.
NetSupport Software Ltd
Quayside House, Thames Side, Windsor, Berkshire, SL4 1QN T: +44 (0) 1753 856716 F: +44 (0) 1753 854929 W: www.kepner-tregoe.com C: Steve White E: email@example.com Kepner-Tregoe provides consulting and training services to organizations worldwide. We collaborate with clients to implement their strategies by embedding problem-solving, decision-making, and project execution methods through individual and team skill development and process improvement. Clients build competitive advantage by using our systematic processes to achieve rapid, targeted results and create lasting value.
Towngate East, Market Deeping, Peterborough, PE6 8NE T: +44 (0) 1778 382270 F: +44 (0) 1778 382280 W: www.netsupportsoftware.co.uk C: Colette Reed E: firstname.lastname@example.org NetSupport provides a range of complementary Remote Support and Service Management solutions that help organisations deliver a productive and cost effective IT support service. Products include multi-platform Remote Control solution NetSupport Manager, IT Asset Management suite NetSupport DNA and web based ITIL Service Management tool NetSupport ServiceDesk.
ZOHO Corp, 4900 Hopyard Rd, Suite 310, Pleasanton, CA – 94588, USA
T: 925-924-9500 F: 925-924-9600 W: www.manageengine.com E: email@example.com C: Gerald A. Raja ManageEngine ServiceDesk Plus is highly customizable, smart and flexible Help Desk Software used by more than 10,000 IT managers worldwide in 23 different languages. It helps you to implement ITIL best practices on the go and restore your IT services on-time. ManageEngine has a suite of software products in Enterprise IT management space like Network monitoring, Desktop Management, Applications, Logs, AD management, et al.
Panama House, 14 The High Street, Lasswade, EH18 1ND T: + 44 (0) 131 461 3333 F: + 44 (0) 131 663 8934 W: www.g2g3.com C: David Arrowsmith E: firstname.lastname@example.org G2G3 is the leading provider of communication tools, gaming solutions and simulations that propel enterprise IT and business alignment. Headquartered in the UK, G2G3 has a strong global network of partners supporting the Americas, Europe and Asia-Pacific. www.vital-mag.net
dENNIS AdAMS ASSOCIATES
Tel: +44 (0)845 055 8935 www.dennisadams.co.uk email@example.com Dennis Adams Associates IT Management Consultants enable clients to: ●
Build high performing IT Management teams Implement effective IT strategy Create empowering IT Processes and Procedures establish Production supportable Technology Roadmaps Be visibly Accountable to the Business
Eagle house, Lynchborough road, passﬁelds , hants gu30 7SB
Sword house, Totteridge road, high wycombe, Buckinghamshire, uk
T: f: w: E: C:
T: f: w: C: E:
+44 (0) 207 419 5174 +44 (0) 870 138 3824 www.sitehelpdesk.com firstname.lastname@example.org Bryan Taylor
sitehelpdesk.com will take you to the forefront of service delivery with a suite of products designed to provide you with low cost web browser based action tracking and self-help, making your services instantly available 24 by 7.
Lime kiln house, Lime kiln, wooton Bassett, wiltshire, SN4 7hf
unipress Software – London
T: + 44 (0) 1793 858181 w: www.cherwellsoftware.com/contact
2 Sheraton Street
Cherwell service Management delivers ITIL v3 best practice ‘out-of-the-box’ including: Incident, Problem, Change, CMDB, sLA, Knowledge, selfservice and is PinkVeRIFy certified. Our unique CBAT development platform empowers users to fully customise screens, workflow processes and develop additional business applications. The Cherwell solution is available via a standard license model or ‘On Demand’ saas service.
T: f: w: E:
unipress Software Ltd London, w1f 8Bh + 44 (0) 8450 646566 + 44 (0) 8450 636261 unipress.co.uk email@example.com
web Help Desk is a 100% web-based helpdesk solution which provides a low cost of ownership, ultimate portability and simple implementation. A totally cross-platform solution, web Help Desk has a diverse feature-set that will allow you to fulfil any submitted request more efficiently and effectively.
IT SErVICE MANAgEMENT fOruM
+ 44 (0) 1494 452 450 + 44 (0) 1494 459559 www.apmg-uk.com Nicola Mckinney firstname.lastname@example.org
As an accredited ITIl® examination Institute, APMg offers our training organizations a range of benefits to help them demonstrate the quality and professionalism of their services. Call us to find out how your business could benefit from our accreditation services.
Three Tuns house, 109 Borough high Street, London, SE1 1NL T: f: w: C: E:
+44 (0) 870 863 6930 +44 (0) 870 085 8837 www.testmagazine.co.uk grant farrell email@example.com
the european software tester is a publication designed specifically for individuals and organisations aligned with software testing. with independent, practical, and insightful editorial T.e.s.T aims to inspire its readers and provide its advertisers with a clearly defined route to market.
dukes Court, duke Street, woking, Surrey gu22 7Ad
. 150 wharfedale road, winnersh Triangle, wokingham, Berkshire. rg41 5rg
e-warehouse Ltd, hampden house, hampden house, Monument park, Chalgrove,Oxfordshire , OX44 7rw
T: +44 (0) 1483 744444 f: +44 (0) 1483 744401 w: www.landesk.com C: Sarah Lewis E: firstname.lastname@example.org Avocent delivers IT operations management solutions that reduce operating costs, simplify management and increase the availability of critical IT environments 24/7 via integrated, centralized software. This includes systems Management, security Management, Data Centre Management and IT service Management.
T: f: w: C: E:
T: 0845 299 7539 f: 08717143802 w: www.oxygenservicedesk.com c: Victoria Eggleton e: email@example.com
0118 918 6503 0118 969 9749 www.itsmf.co.uk Ben Clacy firstname.lastname@example.org
The itsMF is the only internationally recognised and independent organisation whose sole focus is on the on-going development and promotion of IT service Management ’best practice‘, standards and qualifications. The forum has 14,000 UK members and official itsMF chapters in 44 countries
oxygen service desk is a process automation engine that simply interprets your pre-defined business processes and then mobilises the actual process, pushing work tasks to people and to systems, streamlining how the processes run across your entire department or organisation.
January / February 2011 : VitAL 63
seCReTs OF My sUCCess
Andrew Byrom support services manager, ICT Services, Leeds City Council
VitAL: name, company and job title please? Married? Kids? Andrew Byrom: Andrew Byrom, support services manager, ICT services, Leeds City Council. I have been married to Pam for 20 years, I have two children; Robert 18 and sophie 17. Robert’s just started off on his career in IT as a Microsoft apprentice and has just been employed by an IT company in north Leeds. My daughter is a talented artist and plans to study fine art at university after her A levels. VitAL: what got you started in IT? AB: I have worked in IT since leaving school, 22 years and counting. My background was in mainframe environment (ICL, IBM, Bull) workings shifts until 2003, when I passed a novell exam and was successful in being appointed into a job working permanent days. I was always interested in IT and it was a natural move for me to develop my career in that direction. VitAL: was there any one person or organisation that was your inspiration? AB: More recently, Adrian Fegan who was the head of service delivery at Leeds City Council was a huge inspiration and influence in my career development. Adrian recently moved back to Australia after being in the UK for six years. Over the six years I worked with Adrian I developed tremendously and I attribute a large part of that to the challenges and opportunities that Adrian passed my way. VitAL: what was your first IT job, what was your first major IT triumph? AB: My first IT job was working for the Burton Group as an IT assistant in their IT Production team. I spent 18 months working in the print room churning out vast quantities of print reports which were sent to the head office in London on a courier each morning at 3am. How times have changed.
64 VitAL : January / February 2011
VitAL: Did you ever make any embarrassing mistakes? what did you learn from them? AB: I think anyone working in IT has made mistakes at some point. The key thing is to own up immediately and ensure you learn from it. I think the biggest mistake I made was accidentally opening a door on a tape reader two hours into a batch run, which obviously had to be restarted and put us back two hours, which eventually led to online system being unavailable at the correct time for the business. VitAL: what do you like best about your job? AB: In my current role I love the scope of things I am working on, I manage a team of around 80 staff covering service Delivery and it is extremely fast paced. At Leeds City Council we are ambitious in what we are trying to achieve and ICT sits at the heart of this. Therefore I am heavily involved in key strategic projects and programmes which will transform services and drive efficiencies in the business. I have gone through all the ITIL certification, up to ITIL expert level and enjoy adapting the ITIL methodology to the work place. VitAL: what is your biggest ambition? AB: Obviously health and happiness for my family and friends has to come above any work ambition. However, my work ambition is to constantly learn, develop and adapt to the new challenges that are presented. I am a firm believe in personal development being a journey not a destination. VitAL: what are your hobbies or interests? AB: IOutside of work I am a huge music fan and attend several gigs a month, and usually try to get to a major festival each summer (Glastonbury 2010 was incredible!). I play guitar, unfortunately no longer in a band as I don’t have the time, which I find relaxing. I love
At Leeds City Council we are ambitious in what we are trying to achieve and ICT sits at the heart of this. Therefore I am heavily involved in key strategic projects and programmes which will transform services and drive efﬁciencies in the business. my real ale and try and attend beer festivals in the yorkshire region. I enjoy most sports, particularly both codes of rugby, and support Hull FC (the rugby league team). VitAL: what is the secret of your success? AB: Honesty, integrity, hard work, dedication and common sense. VitAL: Andrew Byrom, thank you very much.
Subscribe FREE to the most VitAL source of information / August 2010 Volume 3 : Issue 6 : July
IT delivers for Britain
s How to do more with les r cto se blic in the pu
Inspiration for the modern business Volume 4 : Issue 1 : September / October 2010
Rediscovering the value of IT
e Greening the enterpris en gre Strategies for going
Shifting the focus on to business benefits
Punching above your weight
The consumerisation of IT
Using the cloud for rapid growth The changing face of IT in the workplace Volume 4 : Issue 2 : November/Decem ber 2010
6 : July/August 2010 Volume 3 : Issue
partner Selecting the right cloud
Volume 4 : Issue 2 : November / December 2010
Closing the gap between business & IT
Dave Ramsden says it’s time to add more value
Reaching cloud nine
Inspira tion for the moder n busine ss
W F M VIE itS E E PR AG E -P NC 16 RE E NF CO
mod ern busin ess Inspi ratio n for the
vital vital VitAL : Inspiration for the modern business
for the modern business VitAL : Inspiration
16 -p In ag si e V de itA : LD ige st
The need for speed Does faster broadband mean faster applications?
Securing the IT estate
VISIT VITAL ONLINE AT: WWW.VITAL-MAG.NET
THIS ISSUE: CLOUD
FEATURE FOCUS: SOFTWARE AS A CHOICE
– THE RISE OF SaaS: 28-31
News, Views, Strategy, Management, Case Studies and Opinion Pieces
vital Inspiration for the modern business
www.vital-mag.net/subscribe 31 Media will keep you up to date with our own products and offers including VitAL Magazine. If you do not wish to receive this information please write to the Circulation Manager at the address given. Please tick here ■ if you do not wish to receive relevant business information from other carefully selected companies.
The January-February 2011 issue of VitAL Magazine