Page 1

Alert_DEC2011.indd 18

11/16/2011 6:41:46 PM

From The Editor

The Earth is round. Water flows downhill. Change is constant. Humans

No Small Change Process orientation isn’t enough to ensure buy-in from your team.

resist change. Relax, this isn’t an exercise in logic. It’s a limited exploration into what happens when people stick to their beliefs, even when the facts no longer support them. Take for instance the First World War, a conflict that mashed together 20th century technology with military tactics of the 19th century and led to a carnage of a unimaginable scale. Curiously, the largest number of casualties during the War were caused by the simple combination of machine guns and barbed wire. While the Germans adopted the machine gun early on, the British were less enthusiastic, reportedly considering it too ‘unsporting’ a weapon. The latter also persisted with massed infantry assaults of the kind that they’d used against muskets and cavalry. The result: Allied infantry in the thousands going down in a withering hail of bullets. But though the Germans were the first to embrace modern military doctrine, even they hadn’t thought everything through. During the war’s first year, none of the nations involved Change management is provided their armies with steel helmets. So, a tough act. But not soldiers went into battle wearing cloth or mastering it can doom leather caps that offered no protection from projects to failure. weapons and helped dramatically increase the number of lethal head wounds. Trench fighting in World War I was so intense that about 10 percent of the fighting soldiers were killed (compare this with 4.5 percent killed during the Second World War). In fact, the total proportion of troops who became casualties (either killed or wounded) was 56 percent! All this because generals chose to go with military doctrine of another age and simply threw people in the way of the problem without evolving their strategy. It’s another matter that the Allied forces finally got their collective acts together and ground the Central powers down. Change isn’t easy. This issue’s cover story ‘The New Science of Change’ (Page 24) delves into cognitive science to help understand why people and organizations resist change and how you can inspire others to change. Why? In the words of Charles Darwin: “It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.” How do you deal with managing change? Write in and let me know your thoughts.

Vijay Ramachandran, Editor

Vol/1 | ISSUE/24

Content,Editorial,Colophone.indd3 3

REAL CIO WORLD | n o ve m B E R 1 , 2 0 0 6

10/31/2006 10:29:23 AM

content novemBeR 1 2006‑ | ‑vol/1‑ | ‑issue/24

Change Management

Executive Expectations


VIEW FROm ThE TOp | 34 BPO services provider TransWorks recently acquired a Canadian company seven times its size. Atul Kunwar, CEO of the Aditya Birla Group company, says now is the time to use IT to get their arms around the new alliance.

P hoto by Sr IVatSa Sh an dIlya

Nothing is more frustrating than trying to get people to alter the way they do things. New research reveals why it’s so hard and suggests strategies to make it easier.

CoVEr: ImagIng by bIn ESh SrE Edharan


Feature by Christopher Koch with harichandan Arakali, Rahul neel mani and Sunil Shah

Interview by Gunjan Trivedi

Executive Coach ThE ROAD LESS TRAVELED | 22 It is a sign of good leadership when a CIO takes a different path from that of his competitors. Column by mike hugos

e-Commerce hOW TO puT ThE mOnEy WhERE ThE mOuSE IS | 38 With a flexible IT infrastructure and attention to customer convenience, E-Trade is modeling the future of Web-based banking. Feature by Susannah patton 

N o V E m B E R 1 , 2 0 0 6 | REAL CIO WORLD

Vol/1 | ISSUE/24

more »

10/31/2006 10:29:26 AM


(cont.) departments Trendlines | 13 Retail | Checkout Counters on Wheels Management | IT Managers Told to Think Young Mobile | Assault and Batteries Security | 10 Security Trends Book Review | Are Customers the Best Innovators? Staff Management | Play Together, Stay Together By the Numbers | Mobile Mayhem Energy | Chilling Data Center Costs

Essential Technology | 53 Knowledge Management | The Protocol Supremacy

By Ben Worthen Security | Passwords Don’t Cut it Anymore.

By Sarah Scalet

From the Editor | 3 No Small Change? | Process orientation isn’t

enough to ensure buy-in from your team. By Vijay Ramachandran

Inbox | 12

NOW ONLINE For more opinions, features, analyses and updates, log on to our companion website and discover content designed to help you and your organization deploy IT strategically. Go to


Govern Digital municipalities |  44 Karnataka’s third tier of governance — urban local bodies — have an ITpowered financial management system that promises hard numbers in the now. The financial transparency will open more doors for municipal loans.

2 0

Feature by Kunal N. Talgeri

upgrading the state machinery |  50 The near-term future of West Bengal’s nascent e-governance is in the hands of Dr. Debesh Das, minister-in-charge of IT for the government. In this interview, CIO finds a man who as a professor of computer science and engineering at Jadavpur University, understands the significance of egovernance, and is leverging this knowledge to push projects in the state. Interview by Balaji Narasimhan 

n o ve m B E R 1 , 2 0 0 6 | REAL CIO WORLD

Content,Editorial,Colophone.indd8 8

10/31/2006 10:29:37 AM


Manage ment

President N. Bringi Dev

COO Louis D’Mello Editorial Editor Vijay Ramachandran

Bureau Head-North Rahul Neel Mani

Assistant Editor Harichandan Arakali

Special Correspondent Balaji Narasimhan

Senior Correspondent Gunjan Trivedi Chief COPY EDITOR Kunal N. Talgeri

COPY EDITOR Sunil Shah www.C IO.IN

Anil Nadkarni

Advertiser Index





Head IT, Thomas Cook, Arindam Bose Head IT, LG Electronics India, Arun Gupta Director – Philips Global Infrastructure Services Arvind Tawde VP & CIO, Mahindra & Mahindra, Ashish Kumar Chauhan Advisor, Reliance Industries Ltd,




11, 14 & 15





Editorial Director-Online R. Giridhar D esign & Production

Creative Director Jayan K Narayanan

Designers Binesh Sreedharan

Vikas Kapoor Anil V.K. Jinan K. Vijayan Unnikrishnan A.V. Sasi Bhaskar Vishwanath Vanjire Sani Mani Girish A.V. MM Shanith Anil T

M. D. Agarwal Chief Manager – IT, BPCL, Mani Mulki VP - IS, Godrej Consumer Products Ltd,



Manish Choksi VP - IT, Asian Paints, Neel Ratan Executive Director – Business Solutions, Pricewaterhouse Coopers, Rajesh Uppal General Manager – IT, Maruti Udyog,

PC Anoop

Photography Srivatsa Shandilya

Prof. R.T.Krishnan

Production T.K. Karunakaran

Professor, IIM-Bangalore,

T.K. Jayadeep Marketing and Sales

General Manager, Sales Naveen Chand Singh brand Manager Alok Anand Marketing Siddharth Singh Bangalore Mahantesh Godi Santosh Malleswara Ashish Kumar Delhi Nitin Walia; Aveek Bhose; Neeraj Puri; Anandram B Mumbai Rupesh Sreedharan Nagesh Pai; Swatantra Tiwari Japan Tomoko Fujikawa USA Larry Arthur; Jo Ben-Atar

Singapore Michael Mullaney UK Shane Hannam

S. B. Patankar Director - IS, Bombay Stock Exchange, S. Gopalakrishnan COO & Head Technology, Infosys Technologies

s_gopalakrishnan S. R. Balasubramanian Sr. VP, ISG Novasoft, sr_balasubra Prof. S Sadagopan Director, IIIT - Bangalore. Sanjay Sharma Corporate Head Technology Officer, IDBI, Dr. Sridhar Mitta Managing Director & CTO, e4e Labs,

All rights reserved. No part of this publication may be reproduced by any means without prior written permission from the publisher. Address requests for customized reprints to IDG Media Private Limited, 10th Floor, Vayudooth Chambers, 15–16, Mahatma Gandhi Road, Bangalore 560 001, India. IDG Media Private Limited is an IDG (International Data Group) company.

Former VP - Technologies, Wipro Spectramind

Printed and Published by N Bringi Dev on behalf of IDG Media Private Limited, 10th Floor, Vayudooth Chambers, 15–16, Mahatma Gandhi Road, Bangalore 560 001, India. Editor: Vijay Ramachandran. Printed at Rajhans Enterprises, No. 134, 4th Main Road, Industrial Town, Rajajinagar, Bangalore 560 044, India

CTO, Shopper’s Stop Ltd,

Sunil Gujral Unni Krishnan T.M

V. Balakrishnan CIO, Polaris Software Ltd.,


n o ve m B E R 1 , 2 0 0 6 | REAL CIO WORLD

Content,Editorial,Colophone.indd10 10

Vol/1 | ISSUE/24

10/31/2006 10:29:37 AM

reader feedback

complex IT deployments by the largest of Indian organizations, and hence the title ‘The Giant 100’. Please note that the theme for the CIO 100 Awards will change each year to reflect what we believe to be most compelling and important for business at that point. We should be calling for nominations for next year’s CIO 100 Awards in March 2007. The awards shall be presented in early September 2007. — Editor

Collector's Piece, Indeed at the outset, thank you for coming out with the CIO 100 collector’s edition. I just finished reading it, and would like to extend my sincere appreciation for holding such an event (The CIO 100 Symposium and Awards Ceremony) successfully with elegance and style. The collection itself is a real treasure for a bookworm like me. Thanks again for your invitation to attend this premium event as a special invitee. S. P. Ary AryA AVP Corporate (Systems) Lakshmi Precision Screws

It was great to read the CIO issue showcasing the CIO 100 Award winners. I would have loved to have my organization’s name featuring in the list, and will give it a shot next time. What is the procedure? Do you call for nominations? Please do let me know. rAvIkIrAn MAnkIkAr

vertical Horizon v Your cover story on service-oriented architecture (The Truth About SOA, August 1, 2006) was a good article. It delved sufficiently on forthcoming issues relating to SOA that are still relatively new in our country. CIOs can read and apply these learnings. Overall, I am happy that, as a fortnightly, CIO covers the burning issues of IT in India. It gives me a peek into the working of IT organizations from a technology leader’s point of view, with insights into the company and even the industry, in general. Experience has clearly shown that IT implementations vary across verticals and so do challenges — and solutions before the respective CIOs. Maybe, the magazine must look into these unique issues of the IT department, how companies from each vertical tracks complaints, or eventually manage to generate revenue for their IT department.

“IT implementations vary across verticals and so do challenges — and their solutions” Also, I must say that CIO Live is a wonderful online feature, and such innovative features should be welcome. If the podcasts are better publicized or announced, it would contribute immensely to a greater number of CIOs being aware of this exclusive feature. n. nAt nAtA tArAj CIO, Aztecsoft

as a well-presented magazine focusing on the niche segment of technology leaders, CIO helps chief information officers keep abreast of the latest trends in their profession and share their knowledge and experiences with other CIO community members. It helps CIOs remain at the cutting edge of their profession. I particularly liked the article on open source software in the March 15 special issue of CIO as it was very informative and covered the subject from various angles. vASudev AvAdHAnI Senior Advisor Open Country Technologies (India)

DGM-credit & IT Shamrao Vithal Co-Operative Bank

What Do You Think?

The CIO 100 Awards aim to identify and honor 100 organizations based in India that distinguish themselves in their use of technology. For instance, this year, we chose to seek out the largest, most

We welcome your feedback on our articles, apart from your thoughts and suggestions. Write in to Letters may be edited for length or clarity.


Inbox.indd 12

n O V e M B e R 1 , 2 0 0 6 | REAL CIO WORLD

editor@c Vol/1 | ISSUE/24






Checkout Counters on Wheels What's the most used four-wheeler after the car? The shopping cart, according to National Geographic. HyperCITY, a hypermarket from the group that owns Shopper's Stop, is now trying to make its shopping carts as functional as, well, a car! The store’s shopping carts are mounted with handy bar-coding scanners using iScan, so that customers can scan a product and bill it themselves as they pick it up off shelves. The project, which started as pilot for select customers, was recently opened to all HyperCITY customers. It aims to significantly reduce the time customers spend at checkout queues by taking the patience-consuming billing process to the shopping cart. “Our aim was to implement such technology that will revolutionize the customer shopping experience,” says Unni Krishnan T.M., CTO of Shopper’s Stop. iScan is being used in India’s retail environment for the first time. It is Microsoft-based and its technology was developed by Shopper’s Stop’s in-house IT team with applications solutions provider Scan InfoTech and a US-based wireless and mobile computing vendor, Symbol Technologies. The scanners have one of the smallest barcode scan heads (1x1 inch) in use in the retail environment. “The use of such technologies will not be confined only to the stores. They are already being deployed at various distribution centers for inventory count and management,” says the Shopper’s Stop CTO. —By Gunjan Trivedi

Illustrat Ion by PC anoo P

R e ta i l

IT Managers Told to Think Young youth matters more than ever in It, especially as the Web becomes more interactive and heads in directions where baby boomer It managers may be ill-equipped to lead, according to Gartner analysts. teenagers and young adults are ahead of their elders t in adopting collaborative technologies like wikis and video sharing. the analysts say, companies needed to be clued in to the ‘consumerization of It’ — a point driven home when Google acquired you y tube. t Dennis Giokas, Cto at Canada Health Infoway in Montreal, agrees that more collaborative tools are needed. but he doesn't see them being led by cultural changes that young people introduce. For Giokas, the new approaches being touted

Illust ratIon by an I l t


Vol/1 | I ssu E/24

Trendlines.indd 13

raise the age-old problem of change management. “there will always be resistance to change, especially if people don’t see a business benefit,” he says. t terry Epp, a senior development manager at bank of Montreal, says the consumerization of It is already prevalent in financial services apps like online banking and trading. still, he doesn't entirely agree with Gartner’s take on age issues within It. While he agrees that companies need to tap into the ‘up-and-coming demographic’, he says companies also need to understand why people in other age groups aren’t using new services. However, Gartner analyst thomas bittman says there’s more at play than the development of new technologies. “this is not just about technology,” he says. “It’s about cultural change. although this is probably discriminatory, there is a different attitude at different ages based on what technology can provide.” — by Patrick thibodeau REAL CIO WORLD | n o v e m B e R 1 , 2 0 0 6


11/2/2006 12:36:17 PM

In a keynote speech at the recent Hack in the box security Conference, bruce schneier, Cto of security services provider Counterpane Internet security, identified 10 trends affecting information security today. secuRity

Assault and Batteries The recall of nearly six million notebook PC batteries by Dell and Apple in August, and more than 500,000 by Lenovo and 830,000 by Toshiba in September due to fire risk has caused many people to look twice at their laptop batteries. The US Consumer Product Safety Commission called the initial Dell recall the largest consumer electronics recall in history. Sony Energy Tech, which manufactured all the batteries in question, accepts some responsibility and says it will help pay for the recall, which could cost the company up to Rs 1,125 crore. But the root cause of the problem remains unclear. Sony points to tiny metallic particles present inside the batteries after manufacturing. If those particles punctured a cell wall, they could cause a short circuit and thus a fire, the company says. “You try to eliminate that in the manufacturing process, but to eliminate them 100 percent is very difficult,” says Rick Clancy, a spokesman for Sony. The troubles prompted the IPC, a trade association representing component makers, to begin work in September on a new industry standard for lithium ion battery production and quality control. Dell, Hewlett-Packard and Lenovo, among others, are helping craft the standard. The recalls have prompted calls for a better alternative to lithium ion, which may be available in a few years. Panasonic and Casio continue to research fuel cell technology. Fuel cells can typically keep a PC running for several hours on a small squirt of methanol. Earlier this year, Casio demonstrated a fuel cell for notebook PCs, early versions of which, the company said, would ship in 2007. Casio claims the prototype could work about four times longer than a comparably sized lithium ion battery. Many laptop makers are pursuing the technology, but it remains too immature for commercialization. Also, the airline industry has yet to approve fuel cells for use aboard planes. — By Martyn Williams MOBile


n o v e m B e R 1 , 2 0 0 6 | REAL CIO WORLD


Information is more valuable than ever. For example, when Internet retailer went belly-up, the company’s database of customers “was the only asset of value they had,” he said.


networks are critical infrastructure. the Internet was not designed to serve as critical infrastructure. “It just sort of happened,” schneier said, noting that these systems haven’t stopped moving to the Internet.


users don't always control information about themselves. For example, Internet service providers control records of website that users visit and the emails they exchange. some mobile operators keep a copy of users’ phone books on their servers.


Hacking is increasingly a criminal profession, driven by profit. Extortion related to denial of service attacks and phishing are two examples of criminal attacks.


“as systems get more complex, they get less secure,” schneier said, calling the Internet “the most complex machine ever built.” advances in security technology have not kept pace with complexity, he said.

6 7 8 9

new vulnerabilities are discovered faster than vendors can patch them. and vulnerabilities in embedded systems can't be patched.

Worms are getting more sophisticated. they contain vulnerability assessment tools, and scan corporate defenses for weaknesses. End points are the weakest link. “Good authentication doesn’t matter if remote computers aren’t trustworthy,” schneier said.

“Increasingly, we’re seeing security that protects against the user,” said schneier, citing DrM (digital rights management) software as an example. In one case, sony installed DrM without users’ permission, causing damage to the user’s computer. “rules and regulation around this is going to be a big b attleground,” he said.


regulations will drive security audits. some, like the sarbanesoxley act, will be the driving force behind security audits. — by sumner lemon

Vol/1 | I ssuE/24


10 Security Trends


Could Customers Be Your Best Innovators?

BOOK R E V IE W Many dotcom-era business plans based on ‘virtual community’ crashed and burned. But some companies today have discovered that online communities for customers not only provide business value but also become a critical component of their customer relations, R&D and marketing efforts. That’s one key piece of consultant Patricia Seybold’s new book, Outside Innovation, which posits that companies need to engage

Outside Innovation: How Your Customers Will Co-Design Your Company's Future Patricia Seybold HarperCollins, Rs 1,215

customers in more innovative ways to help redesign products, improve processes and test business models. The author of and The Customer Revolution goes into great detail — using dozens of case studies from heavyweights such as Staples and Kraft, and lesser-knowns such as Koko Fitness — to get executives to wake up to her main point: the traditional company-customer relationship (“We develop products for our

IT That Plays Together Stays Together Don’t tell the US Department of the Treasury, but Bahman Koohestani, the CIO of Orbitz, has created his own currency. He calls his cash Bahman Bucks, and the roughly 300 members of his IT department based at Orbitz’s Chicago


Vol/1 | I SSUE/24

Trendlines.indd 17

customers”) has flipped, and those who ignore this reality do so at their own peril. This line of thinking requires a level of openness simply not found in many enterprises today — a faith that customers’ passion for your products and services will translate into revolutionary product developments and efficiency for you. In a sense, it’s R&D on the cheap. Seybold’s examples are noteworthy for their innovations and financial returns.

Of course, companies can’t handpick customers, especially ones who want to strut their stuff for the company, so it’ll take a lot of work to vet the good from the bad, hammer out the relationship details and find suitable rewards for customers’ efforts. Much more work, it seems, than many firms are willing to put forth, Seybold says.

— By Thomas Wailgum

headquarters use it at a restaurant across the street from their office, and soon will use it for IT group outings to concerts and sporting events. Koohestani created the currency, which managers distribute to staff before a social event, to encourage members of his IT department to hang out after work. “The business that plays together works better together,” he says. Indeed, “socializing outside of work may help resolve conflicts and build trust,” says Thomas Harvey, author of Building Teams, Building People. The teams that play together also stay together. Koohestani says Orbitz’s IT turnover is low, partly because employees don’t want to leave their co-worker friends. He notes that the social activities he sponsors, which typically cost Orbitz between Rs 72,000 and Rs 90,000 per event, have also helped him recruit new talent. “It is significantly cheaper for us to increase our productivity and do something about retention than recruit new people [due to turnover],” says Koohestani. “The type of work we do and the competitive market we’re in requires an extra level of connectedness you don’t get from coming to work every day and punching out at the end of a shift.” — By Meridith Levinson REAL CIO WORLD | n o v e m B E R 1 , 2 0 0 6

Illustrat ion by an il t

Look t o your customers to help redesign products, improve processes and test business models.


11/2/2006 12:36:22 PM


CIOs struggle to centralize device control. devices like PDAs and Web-enabled cell phones continues to rise, but CIOs’ control of them does not, according to a recent survey of 319 companies by The Yankee Group. The current lack of control hampers device management, obscures enterprise-wide usage trends and inflates cost per device, analysts say. CIOs will continue to struggle to centralize purchasing and management, but this is a battle you want to keep fighting, says Yankee Group analyst Nathan Dyer. CIOs need to lay the foundation for how more devices and greater integration will be handled in an overall mobile strategy, Dyer says. The Yankee survey found that 40 percent of today’s workforce is mobile, defined as spending at least 20 percent of their time away from the primary work space. Almost half of mobile workers use multiple devices. Twenty-seven percent use smart cell phones, 68 percent use traditional or dual-mode cell phones, 48 percent use PDAs, and 89 percent use notebook PCs.

T h e u s e o f mob i l e

Many of those devices are outside the CIO’s purview. “Notebooks have been under IT control for years now,” says Dyer. However, just 38 percent of the mobile workforce has company-issued mobile devices other than notebooks. Companies would like to boost that figure to 58 percent within three years, the survey stated. Today, many companies still have limited control over, or even visibility into, just who has mobile devices and how they use them. Since many users choose their own devices and expense the service costs, IT does not get to negotiate discounts, gather peak usage data or control security. The survey also investigated barriers to deploying mobile data services such as mobile e-mail, CRM and asset-tracking applications. Top concerns include: data and network security, complexity of integrating different applications and data sources, and device management.

Most Wanted: More Control, Better Security Most Phones, PDAs Are Outside IT’s Domain Cell phone and PDA use is widespread, but CIOs purchase and control less than half these devices. 95% of mobile workforce uses cell phones 48% of mobile workforce uses PDAs 38% have company-issued phones or PDAs

Big Worries About Mobile Data Services Top security and management concerns for deploying apps like mobile e-mail or mobile CRM. 42% Data security 37% Corporate network security 36% Complexity of integration 32% Device management issues 30% Staffing and support costs 28% Lack of internal management expertise


Trendlines.indd 18

n o v e m B E R 1 , 2 0 0 6 | REAL CIO WORLD

Best Practices


Survey mobile device use. Find out who’s using what devices in your company and how they are bought. This data will help you craft a comprehensive policy to cover purchasing and usage guidelines, device disposal and incident reporting.


Mobile Mayhem


Create a forwardlooking strategy. Most companies still craft mobile device purchasing rules to address a specific set of workers’ needs or a specific business application, says Nathan Dyer, a Yankee Group analyst. Look beyond voice and determine what technologies it will take to support Web application integration.


Consider outsourcing mobile device management. Vendors such as AT&T, Mindwireless, Movero, Sprint and Traq Wireless on the voice side, and EDS, Hewlett-Packard, IBM and Sprint on the hybrid voice and data side, can provide analytics, support services, strategies for reusing devices, and the ability to remotely ‘kill’ stolen or lost devices.

Vol/1 | I SSUE/24

11/2/2006 12:36:23 PM

Vol/1 | I ssu E/24

Read more of such web exclusive features at



Abnash Singh, Group CIO of Mphasis on Business Savvy CIOs








Podcast of CIO Live series Arvind Saksena, CIO of Air Deccan, on ‘Outsourcing of IT Security’



First Phishing, Now Vishing Now that identity thieves have almost perfected phishing, they’ve moved on to ‘vishing’: scammers are using voiceover-IP (VoIP) telephone numbers to trick people into revealing credit card and bank information

N Nataraj, CIO of AztecSoft on What CIOs should do about cost cutting?


— By Diann Daniel



IMaGInG by anIl t

e n e R g y As the price of running a data center continues to rise, researchers investigate novel ways to cut two of the top costs: administrative and energy expenses. Carnegie Mellon University created the Data Center Observatory to find techniques to trim the bills for both. Human costs (such as staffing, troubleshooting and maintenance) represent the largest ticket item, says Greg Ganger, professor at Carnegie Mellon and director of the Parallel Data Center, one of the university groups working on the observatory effort. Also, cooling costs add up quickly: in its lifetime, a data center can cost four to seven times more than the equipment’s original price tag, Ganger says. In one part of the research, the observatory’s servers will be cooled with a new kind of system from American Power Conversion (APC), a major corporate partner for the project. Unlike a traditional cooling approach, where you’d cool the entire area where servers reside, APC’s system sections off large parts of the room with special plastic walls so that only the immediate area near the hot side of servers (where they vent out) needs cooling. In order to reduce data center staffing expenses, the observatory will study exactly how data center employees spend their time — an area that’s not well understood today, Ganger says. Researchers will use the information to develop algorithms to automate more tasks. The observatory’s researchers will also try to automate hardware troubleshooting, to save employees time. But this development job will be tough, says Granger, who characterizes it as a “long-range challenge.” It’s a hard problem to solve because of the sheer number of components and settings in a data center that can malfunction. Plus, computers aren’t inherently intuitive or creative about searching for sources of trouble, he says.


Download more web exclusive podcasts from

Columns Visibility for the Board With the business under scrutiny by regulators, CIOs must create digital dashboards that lend a view of the key performance indicators. Gifts that Keep on Giving Give away software tools to key customers and suppliers and save everyone time and money. Read more of such web exclusive columns at

Log In Now!


Michael Schrage 


Process Pantomime When form substitutes for substance, you have an IT leadership problem.


his column is about strategic frustration: mine, not yours. It stems from complaints IT leaders and managers make over lunch, in workshops and conferences. They need their problems solved — now! — and want to vent. So I listen, ask questions and pay close attention to what they say and how they say it. They’re not happy. On occasion, I make suggestions. More often than not, their most eloquent response is a dismissive shrug. “We do that already,” they say. Intriguingly, they don’t say, “We tried that and it doesn’t work,” or “Yeah, we have trouble doing that well,” or “We never thought about it quite that way”; they claim they’re already doing it. That’s odd. If they were really doing it, they wouldn’t have the problem they’re complaining about. But let’s take people at their word. Since you’re doing what I suggest already, why do you think the process isn’t working? The answers I hear invariably sound fake. The truth — which always comes out — is, they don’t really ‘do that already’. They’ve ever done ‘that’ in any meaningful way. My IT complainers aren’t being serious. This is my great frustration. Of course, my frustration reflects their strategic failure, which is the pathology of the perfunctory process. That is, IT literally goes through the motions without doing the work. The organization is living a process pantomime that may lead to a box being ticked but no meaningful work being done. I’ve lost track of the number of times an e-mail, conversation or onsite visit reveals that IT isn’t doing anything remotely near what its leadership says it’s doing. On the contrary, time, money, talent and credibility are being squandered.


n o v e m B E R 1 , 2 0 0 6 | REAL CIO WORLD

Coloumn - Process Pantomime.ind20 20

Vol/1 | ISSUE/24

10/31/2006 10:05:52 AM

Michael Schrage


Empty Gestures A classic example: a financial services firm asked me to examine why its Indian outsourcer did such an awful job of responding to requirements change orders. This was a Rs 900-crore-plus outsourcing deal for a self-described mission-critical app for a Fortune 200 firm. The project was already late and well past the point of no return on busting the budget. The team presented its case. I reviewed the requests and saw the kinds of questions and code coming back. My simple suggestion: change orders should go out with a three-paragraph brief explaining the technical rationale, the business rationale and the likely testing schema for the change. The team leader looked at me. “We do that already,” he said. Great. Show me. He sent me a dozen sample change requests. The explanatory briefs for each one of them were unintelligible. They were filled with jargon, acronyms and references to previous change orders. The idea that someone for whom English is a second language would understand the brief defies belief. I politely point this out. The unfazed team leader says, “Yeah, that’s why we have the telecons: to make sure they understand the changes we’ve sent them.” He thinks that’s healthy. I ask if any notes are taken at these intercontinental phone meetings. “Not necessary,” he says. “[The outsourcers] send an e-mail afterwards confirming that they understand the change order.” He’s serious. Worse yet, this change order ‘process management’ template for the outsourcer was also supposed to be IT’s system documentation platform. The truth was that this team had a change order process in name only. The reality was a multimillion-dollar mess, facilitated by a senior leadership that treated ‘we do that already’ as a sign of good management rather than a warning of a corrupt process.

sometimes guarantee unhealthy processes. But my experience has me looking at the leadership. This was brutally reinforced at a software development workshop for senior IT executives. I had chosen Tesco, the wellmanaged, surprisingly profitable British supermarket company, as a healthy model for managing software innovation within the enterprise. Tesco’s IT shop has three inviolable rules for rolling out an IT innovation: it has to be better for customers, cheaper for Tesco and simpler for employees. The third criterion — simpler for employees — was the requirement that killed more than half of IT’s innovation

If you catch yourself saying, “We do that already” to sincerely offered advice, you’ve got a bigger problem than the ones you’ve been talking about .

Empty Suits The central issue here has nothing to do with advice-resistant clients and everything to do with pantomime cultures of perfunctory processes. The process checklist has become the dominant process quality metric. The quality of outcomes and results has been subordinated to the ability to point to a document confirming, ‘we do that already’. The process has become a lie. This is not a process failure but a leadership failure. Why? Because, by definition, healthy processes consistently produce healthy outcomes. When those outcomes are unsatisfactory, integrity demands we rigorously re-examine the process to see if it’s become sick or outdated. To say, ‘we do that already’ is to deny the reality of and accountability for process sickness. Denying both reality and accountability is a failure of character. Failures of character are leadership failures. Yes, incompetent people

Vol/1 | ISSUE/24

Coloumn - Process Pantomime.ind21 21

initiatives. To my astonishment, most of the IT executives dismissed that insight. Simpler for employees? We do that already. They then complained about the internal resistance they faced when they tried to be innovative. So I asked who ‘owned’ simpler for employees in their organizations. The answer: every single we-do-that-already IT executive except one admitted that no one in his shop owned that issue. The exception? A CIO who said he had delegated ‘simpler’ to a human factors consultant. Internal resistance to innovation had been outsourced to an external consultant. That’s not delegation; it’s abdication without accountability. It’s unserious. The phrase ‘we do that already’ uttered in tones of tired contempt is correlated with unseriousness. Only someone who knows he’s not really at risk would say something so provably false. If you know you’re going to get reprimanded or punished for perfunctory performance, you’re smart enough to keep a low profile and your mouth shut. You might even be clever enough to acknowledge that there are some things we don’t do as well as we’d like. But having the arrogance to claim you do something when you emphatically don’t is tempting fate beyond endurance. So here’s a simple suggestion: Whenever you’re seriously complaining to someone about a serious IT issue, listen to yourself. If you catch yourself saying, “We do that already” to sincerely offered advice, you’ve got a bigger problem than the one you’ve been describing. You might want to pay particular attention to any direct reports who respond to your suggestions that way. That phrase means your process is either sick or nonexistent. Fix it. CIO Michael Schrage is codirector of the MIT Media Lab’s eMarkets Initiative. Send feedback on this column to

REAL CIO WORLD | n o v e m B E R 1 , 2 0 0 6


10/31/2006 10:05:52 AM

Mike Hugos 


The Road LessTraveled It’s a sign of good IT leadership when a CIO takes a different path from his competitors.


t times, a leader must be a bit of a contrarian. A confident, knowledgeable CIO sees past strong prevailing opinions in IT circles to identify other ways her company can use technology — or not use it — to stand out from the crowd. It’s the CIO’s job to find new ways to use IT to advance the fortunes of her organization. But this obligation can also put you on the horns of a dilemma. You may find that both your business colleagues and your own IT staff are reluctant to reject the wisdom of the crowd. Things are complicated enough, they say; why make it worse by doing something different? Yet, sometimes trying something different is exactly what needs to be done. These days, the fast pace of change causes many tried-and-true ideas to lose their effectiveness. CIOs don’t necessarily have to blaze new paths on their own, but they do need to keep a sharp watch for companies that succeed with new approaches to technology. Leadership means being quick to recognize a good idea — wherever it comes from — and being quick to act on it. The ability to try new approaches and capitalize on emerging opportunities is a vital part of succeeding as a CIO.

Get Away from the Crowd Consider, for example, the popular notion that consolidating a company’s operations to run on an all-inclusive ERP system is the best way to be efficient and profitable. If I am to believe the advertisements I see in airports from Chicago to Frankfurt, just about every company will soon be running such a system. The contrarian leader ought to wonder whether it’s wise for her company to follow the 22

n o v e m B E R 1 , 2 0 0 6 | REAL CIO WORLD

Coloumn - The Road Less Travele22 22

Vo l/1 | ISSUE/24

10/31/2006 10:08:58 AM

Mike Hugos


crowd and spend millions on ERP when there may be other IT investments that have bigger payoffs. The last company I worked for had two large competitors. One of their biggest challenges (as well as our biggest challenge) was to integrate respective business units, so that they could collaborate to service our national accounts. We all had to face the fact that our organizations were composed of many different units using different ERP systems to run their internal operations. Our competitors followed the conventional wisdom. One company spent more than Rs 675 crore trying to standardize on a single ERP system. The other spent crores of rupees (what it cost then) to build a proprietary Web order entry and product catalog system — another popular idea at the time. Although the CEO and CFO backed my recommendation not to invest more in ERP, there was a lot of pressure on me to deploy one of those proprietary order entry and catalog systems. The consultants who were facilitating our strategic planning process pushed hard for us to hire them to build it. But I thought that if we followed their advice, we would spend most of our money on a plan that, at best, would give us only the same capabilities our competition had. I saw a different and much less expensive way to integrate our business units and provide an online ordering capability. Taking this alternative path would make money available to develop other systems that would provide us with capabilities our competitors didn’t have and thereby provide a competitive advantage. My contrarian instincts were backed by a deep understanding of my company’s business and my knowledge of IT. My expertise gave me confidence in my convictions when I presented my ideas to the board of directors. I showed them how to get what the company needed faster and for a lot less money than if we took the conventional path offered by the consultants. The board was swayed and approved my plans.

reports as needed, showing their purchases by product, supplier and location over any time period from one day to two years. That made us stand out from our competitors. Later, we added a business process management (BPM) system to monitor data transactions flowing through our systems, so that we could catch mistakes our customers made when entering their orders. Our customer service people could define the types of errors they wanted to categorize (for instance, whether cups were ordered without lids). If the BPM system identified an error, we were able to contact the customer and correct the mistake.

Having a healthy skepticism of trends and a commitment to considering alternative routes is central to CIOs’ — and their organizations’ — success.

The Rewards of Taking a Different Path We left our business units’ different ERP systems in place, and built a simple Internet-based data-transport system that enabled these applications to exchange documents such as purchase orders, invoices and advance shipping notices. The data-transport system provided the connectivity we needed between ERP systems. Then I signed on with a hosted Web order entry and catalog system, which we used on a pay-asyou-go basis. These approaches saved crores of rupees. We took some of the savings and invested in an enterprise data warehouse and a business intelligence system. Once these were deployed, our customers could go to our website and generate

Vol/1 | ISSUE/24

Coloumn - The Road Less Travele23 23

These decisions produced a couple of very favorable results. The first was that my company was more profitable for several years simply because we didn’t squander our hard-earned cash on expensive IT projects. The second result was that these systems enabled us to be more responsive to the unique needs of our customers. We offered suites of supply-chain services to go along with the products we sold. Our business intelligence system enabled customers to better manage their own planning, budgeting and spending on the products they bought from us. And, our business process management system enabled us to maintain consistently high service levels. We charged slightly higher prices for our products and still won new business because customers wanted the services that our competitors couldn’t provide. The lesson is this: whatever company or industry we work in, whether we’re in the public or private sector, as CIOs we’re all pursuing the same fundamental goal: to use technology to make money and make our organizations more competitive. There will often be many paths to achieving that goal. As technology leaders, it’s our responsibility to determine which one is best. Having a healthy skepticism of trends and a commitment to considering alternative routes is central to our — and our organizations’ — success. CIO

Mike Hugos is a partner in AgiLinks, a software company specializing in agile supply chains. He is the former CIO of Network Services and the author of Essentials of Supply

Chain Management. Send feedback on this column to

REAL CIO WORLD | n o v e m B E R 1 , 2 0 0 6


10/31/2006 10:08:58 AM


Cover Story | Change Management

New Scienceof The

C hange BY C h r i sto p h e r Ko C h

Nothing is more frustrating than trying to get people to alter the way they do things. New research reveals why it’s so hard and suggests strategies to make it easier. Kevin Sparks has been trying to get his staff to change the way it monitors and supports the data center for the past year. But he hasn’t been getting anywhere. Not that he’s getting resistance. At least not overtly. His staffers at Blue Cross and Blue Shield of Kansas City agree that installing automated monitoring software, along with a centralized control room and a set of standard processes for responding to problems, would be more efficient than the way they deal with things now — mostly through ad hoc heroism.

Vol/1 | ISSUE/24

Reader ROI:

Why the brain experiences change as pain How to change that perception to pleasure Management Management strategies to help people accept change

REAL CIO WORLD | n o v e m B e R 1 , 2 0 0 6


Cover Story | Change Management “Logic always prevails and everyone will agree — at the intellectual level — that we need to change things,” says Sparks, who is vice president and CIO. But then he finds himself surrounded by empty chairs at meetings while the people who should be there are off fighting the latest fire. “I tell them I need them at the meetings and if we changed things they’d have the time to be there. But things always break down when we talk about taking monitoring out of their hands [through automation],” Sparks points out. To help his staff accept the new processes, Sparks says he’s taken layoffs off the table, even though the proposed automation and process efficiencies could reduce the need for bodies. The change is part of a larger effort to implement the IT Infrastructure Library (ITIL) process framework to improve overall productivity. “I don’t want fewer people; I want the ones I have to do more things,” he rues, sighing with frustration. In other words, Sparks’s staff doesn’t seem to have any logical reason for resisting the changes. But before you dismiss

them as a bunch of inflexible, fearful losers, know this: They are you and you are they.

A Universal Truth Maybe your resistance to change manifests itself in a different way or in a different setting — a refusal to throw away that old slide rule, for example, or to look while the nurse draws your blood, or to dance at weddings. We all refuse to change our ways for reasons that are often hard to articulate. Until, that is, you begin looking at it from a scientific perspective. In the past few years, improvements in brain analysis technology have allowed researchers to track the energy of a thought, coursing through the brain in much the same way that they can track blood flowing through the circulatory system. Watching different areas of the brain light up in response to specific thoughts has brought a new understanding to the corporeal mechanics of psychology in general and to our response to change in particular. These advances are bringing a much-needed hard foundation of

Pedaling Uphill How Vikram Saxena, GM-IT of Hero Cycles, got stakeholders on two projects to ride on a tandem cycle with him. Vikram Saxena hardly comes across as the type to railroad anyone, which is tough when you want to introduce changes as GM-IT of an organization as large as Hero Cycles, the flagship company of the Rs 12,000-crore Hero Group. Take for example the time when Hero Cycles had to make a decision to buy more storage. From a plant that once produced only 25 cycles a day in the late 1950s, Hero plants today roll out a cycle every nine seconds. This incredible output, which got the company into the Guinness World Records, recently reflected in the company’s burgeoning need for data storage: 780 GB. It became critical to make a decision. The tatkal fix was to buy storage. At Rs 1 crore, it was an expensive fix and Saxena knew that it would still leave the organization high and dry when it came to performance. The smart thing to do was archive its oracle-based database, says Saxena who is also advising CIo for the Hero group. “I told them that rather than grow vertically, let’s grow horizontally.”


Cover Story.indd 26

n o v e m B e R 1 , 2 0 0 6 | REAL CIO WORLD

However, the solution would potentially set both his management and his own team against him. It wasn’t the quick, let’s-buystorage-and-be-done-with-it solution that management was looking for. Archiving meant endless hours of pressure on his staff. Saxena stuck out his neck. “It needed to be done. That was it.” It was doubly difficult because the archiving work could only be done after everyone had left – from 8 PM to 4 AM. Saxena led by example. “For three-anda-half months, I was almost always at the office, including on Sundays.” The project was completed in record time — about 8 weeks, a testimony to Saxena’s influence on his people. It removed performance bottlenecks and cost the company Rs 27 lakh, compared to the Rs 1 crore that buying storage would have meant. Saxena rewarded his staff. Many received increases and some were promoted — a change management dead-end. While Saxena realizes that his rewards aren’t a repeatable solution, he says it worked for

him on this occasion because most of the staff were relatively new. He says that it also helped that “we technical people work on the same wavelength. We realize the need to put in many hours.” Saxena wishes that the company’s vendors and dealers, and he, would be on the same wavelength. They aren’t, but that isn’t stopping him from introducing changes to the company’s supply and delivery chain. Hero Cycles has 50 percent of the Indian cycle market. And in order to stay there, the company has over 10,000 dealers who sell its cycles. It also needs to ensure an unbroken supply of parts from its vendors, a number Saxena won’t specify. He has read the literature on the efficiency that bringing upstream and downstream partners into a chain can fetch. “But, given the sort of people dealers are, many of them aren’t ready to get on the Internet. They still believe in paper invoices,” he says. The solution to convincing them, he knew, was to take baby steps. He would

Vol/1 | ISSUE/24

10/31/2006 10:13:27 AM

science to a leadership challenge that to CIOs has long seemed hopelessly soft and poorly defined: change management. Pictures don’t (usually) lie, and the pictures of the brain show that our responses to change are predictable and universal. From a neurological perspective, we all respond to change in the same way: we try to avoid it. But understanding the brain’s chemistry and mechanics has led to insights that can help CIOs ameliorate the pain of change and improve people’s abilities to adapt to new ways of doing things.

Why Change is Painful Change hurts. Not the boo-hoo, woe-is-me kind of hurt that executives tend to dismiss as an affliction of the weak and sentimental, but actual physical and psychological discomfort. And the brain pictures prove it. Change lights up an area of the brain, the prefrontal cortex, which is like RAM memory in a PC. The prefrontal cortex is

fast and agile, able to hold multiple threads of logic at once to enable quick calculations. But like RAM, the prefrontal cortex’s capacity is finite: it can deal comfortably with only a handful of concepts before bumping up against limits. That bump generates a palpable sense of discomfort and produces fatigue and even anger. That’s because the prefrontal cortex is tightly linked to the primitive emotional center of the brain, the amygdala, which controls our fight-or-flight response. The prefrontal cortex crashes easily because it burns lots of fuel of the high-octane variety: glucose, or blood sugar, which is metabolically expensive for the body to produce. Given the high energy cost of running the prefrontal cortex, the brain prefers to run off its hard drive, known as

start with the vendors, who had a stake in the efficiency of Hero Cycles’ business. If he could convince them of digitizing the paperwork for one part of the system, he’d have made headway. Some vendors, like one company that supplied Hero Cycles with carriers, visited Hero Cycle’s plant several times in a day. The handover process with its paperwork, quality and quantity checks took too long. “Creating an efficient system at the goods receiving end was in their interest, too. The less we detain their vehicles, the more business they can do,” he says. Resistance within Hero Cycles, he knew, could also lead to the project’s failure. He appealed to the stakeholders on a logical plane. “I spoke to people at the gate. I told them that creating a process would ensure that even if someone is sick, work doesn’t stop.” Saxena emphasizes on the need to choose the right members for the pilot. “I looked at four vendor companies, at the business we were giving them, and the size of their businesses.” Managing the change, if done badly, could lead to one of the four bailing out — giving ammunition to the skeptics. Saxena’s prudence and groundwork paid off. The first step, of getting 10,000 dealers and all of Hero Cycles’s vendors on the same page, was a success. Although quality and quantity checks still need to be done manually, plenty of documentation time is saved. Plus, vendors on the pilot must be able to track their invoices online as and when Hero Cycle’s accounts department will make payments — something that could be vital for many small players that need to rotate money quickly, or shut down. “If you are going to change things,” Saxena says “you better be technically sound and believe in yourself and your ideas.”

— Sunil Shah

Vol/1 | ISSUE/24

Cover Story.indd 27


Cover Story | Change Management

— Vikram Saxena Gm-IT, Hero Cycles

REAL CIO WORLD | n o v e m B e R 1 , 2 0 0 6


Cover Story | Change Management the basal ganglia, which has a much larger storage capacity and sips, not gulps, fuel. This is the part of the brain that stores the hardwired memories and habits that dominate our daily lives. “Most of the time the basal ganglia are more or less running the show,” says Jeffrey M. Schwartz, research psychiatrist at the School of Medicine at the University of California in Los Angeles. “It controls habit-based behavior that we don’t have to think about doing.” Like, for instance, many aspects of our jobs.

Our responses to change are predictable and universal. From a neurological perspective, we all respond to change in the same way: we avoid it The interplay between the basal ganglia and the prefrontal cortex helps explain the resistance of Sparks’s staff to his proposed changes. Even though fire fighting takes more time and effort, the overall approach is familiar, and the outcome (one way or another, the problem always gets fixed) is comfortingly predictable. Doing the fire fighting the way Sparks’s staff has always done it draws upon the basal ganglia and burns less fuel than making a change and involving the prefrontal cortex. But resistance to change is not ineluctable. The prefrontal cortex has its limitations, but it is also capable of insight and self-control. It’s what makes us human — the ability to be aware of our habitual impulses and do something about them. “The prefrontal cortex is extremely influential in our behavior, but it does not have to be completely determinative,” says Schwartz. “We can make decisions about how much we want to be influenced by our animal biology.”

Carrot and Stick: The Flaw Unfortunately, traditional change management tactics are based more in animal training than in human psychology. Leaders promise bonuses and promotions to those who go along with the change (the carrot) and punish those who don’t with less important work and the potential loss of their jobs (the stick). Though no conclusive research has been done yet, surveys have shown that people’s primary motivation in the workplace is neither money nor advancement but 28

Cover Story.indd 28

n o v e m B E R 1 , 2 0 0 6 | REAL CIO WORLD

rather a personal interest in their jobs, a good environment and fulfilling relationships with colleagues. The effects of bonuses, promotions and reprimands, though real and measurable, are all temporary. “The carrot-and-stick approach works at the system-wide level — offering cash bonuses to the sales department to increase the number of customers in Latin America will get you more customers there, for example — but at a personal level it doesn’t work,” says David Rock, founder and CEO of Results Coaching Systems, a consultancy. “Our personal motivations are too complex, and you can only offer so many raises.” The traditional command-and-control style of management doesn’t lead to permanent changes in behavior either. Ordering people to change and then telling them how to do it fires the prefrontal cortex’s hair-trigger connection to the amygdala. “The more you try to convince people that you’re right and they’re wrong, the more they push back,” says Rock. Even well-meaning advice quickly raises warning flags in the prefrontal cortex that it is soon to become overloaded and exhausted. And just as quickly it begins to defend itself. “Our brains are so complex that it’s rare for us to be able to see any situation in exactly the same way,” says Rock. “So when we get advice from people, we’re always finding ways that the advice doesn’t match up with our own experience or expectations.”

Not your Change; Their Change The way to get past the prefrontal cortex’s defenses is to help people come to their own resolution regarding the concepts causing their prefrontal cortex to bristle. These moments of resolution or insight — call them epiphanies — appear to be as soothing to the prefrontal cortex as the unfamiliar is threatening. Just look at a person’s face during one of these moments and you can see that something positive is happening — though scientists aren’t exactly sure what it is yet. “There isn’t conclusive evidence, [but] I think it’s reasonable to conclude that the brain has some kind of reward mechanism related to insight,” says Schwartz. Brain scans show a tremendous amount of activity during moments of insight, with the brain busy building many new and complex connections. The insights don’t have to be life-changing to have a pleasurable effect, either. “The simple insight of figuring out the answer to 12 across in the crossword puzzle is enough to give a little feeling of positive reinforcement,” says Schwartz. But because our brains are so complex and so individualistic, generating epiphanies in many people in a systematic way is difficult. Patience is critical, says Rock. “You have to paint a broad picture of change and resist the urge to fill in all the gaps for people,” he says. “They have to fill them in on their own. If you get too detailed, it prevents people from making the connections on their own.”

Vol/1 | ISSUE/24

10/31/2006 10:13:33 AM

Leaving holes in any plan is especially hard for CIOs who tend to be ambitious and process-oriented — meaning they have thought out all the details involved in a strategy or systems change and believe they know all the steps needed to get there. And, in general, they’re bursting with the need to tell everyone how exactly to do it. “When I put out change proposals, it’s obvious to me why we should be changing, so when people resist I tend to get more aggressive in trying to convince them,” says Matt Miszewski, CIO of the state of Wisconsin. “But we lose people in that situation. The more we try to explain things, the more dug in they get.” Doing the thinking for employees takes their brains out of the action. And when disengaged, they will not invest the energy necessary to make the new (and, to the brain, pleasurable) connections required to change behaviors. Worse, in that situation, they may instead focus their energy on the negative, fearful signals broadcast by the amygdala — deepening and reinforcing their resistance to change. “Wherever we focus our brain’s attention, that’s where we’re making and reinforcing connections,” says Schwartz. “If our attention is focused on negative things, those are the connections that will be made and strengthened.”

How Questions Provide Answers: A Case Studied In trying to focus people’s attention on personal insight and changing their behavior, Rock uses the same technique that psychoanalysts have used since the profession began: he asks questions. “When you ask someone questions, you are getting them to focus on an idea,” he says. “When you pay more attention to something, you make more connections in the brain.” Rock also says that asking questions gets people to voice their ideas. And according to the brain scans, voicing ideas creates more activity and connectivity in the brain than hearing an idea spoken by someone else. “The best way to get people

Change Management Rules Though we’ve heard these nostrums over and over, scientific research proves that they work.


Stay on message. The brain needs repetition to move a concept from the prefrontal cortex, which handles unfamiliar concepts, to the basal ganglia, where habits are stored. For new concepts to become hardwired, those pathways have to be reinforced continually.


Keep it simple. The prefrontal cortex can entertain only a handful of concepts at once. Therefore, complex projects need to be refined to one or two goals that businesspeople can easily understand to avoid psychological and physical distress, which leads to anger.


Expect fear. When the decision-making part of the brain becomes overwhelmed, it sends out signals to an area of the brain, the amygdala, that controls the fight-or-flight response. This generates feelings of fear, anger and sadness. Budget for these emotions.

4 5

Let them own the change. Generates the moment of personal insight when people feel they personally have come to terms with an issue.

Lead by not leading. The prefrontal cortex is always on high alert, looking for signals that all is not right. Ordering people around, or painting pictures of the world that don’t line up with people’s own realities or goals can produce distracting, fearful sensations.

6 7

Show, don’t tell. Learning what to do elicits pleasurable sensations; being told what to do causes the brain to produce fearful, angry messages.

Provide experience. People resist change because they can’t imagine what it will be like to fill a role different from the one they know. Allowing people to experience epiphanies in a new role in a controlled, safe way can help everyone adapt.


Focus on the big picture. Even though our brains all share some basic, high-level wiring, our life experiences make each of us unique. Therefore, there is no way to paint a detailed picture of a complex project or change that will look the same to everyone.

9 10

Seek compliance before commitment. Clarify what people need to do, then step aside, allowing them to discover the benefits of the new processes for themselves. Make it a personally relevant story. Well-told stories are powerful. But they need to speak to the personal interests of the people affected by the change. — C.K.

Vol/1 | ISSUE/24

Cover Story.indd 29

10/31/2006 10:13:34 AM

Cover Story | Change Management to change is to lay out the objective in basic terms and then ask them how they would go about getting there,” Rock says. Richard Toole approached the question of offshoring — one of the most emotional change issues in IT today — in just this way. Toole, who is CIO for PharMerica, a pharmacy services company, says that when he joined the company two years ago, he had a mandate to reduce costs and improve the productivity of his application development staff. Outsourcing and offshoring were obvious solutions, but rather than mandate them from the beginning, he had a series of meetings with his staff in which he outlined the business goals and discussed options for achieving them. “We asked them what suggestions they had,” he recalls. “Every one of them came up with outsourcing as

some component of their plan — even some who were opposed to it. You could say we were being manipulative, but we weren’t because even though the cost issue was pushing us towards outsourcing, it wasn’t a final decision at that point.” In the end, most of the staff found the decision to offshore some of PharMerica’s development to be more acceptable because they had had input into the decision from the beginning.

The Joy of Repetition Once people have had that initial insight or epiphany that change is necessary, they need to repeat the experience in order to reinforce it and to experience the potential pleasure that can be derived from it. The complex brain connections that are formed during the epiphany phase need to be supported to begin the process of hard-wiring the basal ganglia. Indeed, when Wisconsin’s Miszewski has been successful in getting agencies to accept change — server consolidation and centralization, for example — it has been because of highly repetitive lobbying.

Elevating Transformation For a company where change is the 'bone marrow' of operations, Otis Elevators India makes it a practice to look for inside men to get collective buy-in.

— V. Subramaniam CIo, otis elevators India


Cover Story.indd 30

n o v e m B e R 1 , 2 0 0 6 | REAL CIO WORLD

“Convert non-believers to successfully manage change”. More often than not, change is a painful choice. And with a CIo’s role not only confined to implementing information systems for business efficiency but also to initiate change whenever and wherever it is required, the occasion for change is plentiful. “In today’s cut-throat competitive scenario, where every bit of the supply chain compels you to change business strategies, there is an environment of adopting change with pessimism,” says V. Subramaniam, CIo of otis Elevators India. The current times, he says, are seeing technology changing very fast and it’s making users change at that pace. While it’s true, he concedes, that technology provides a business edge, there’s also no let-up for the IT team. Subramaniam cites the quick changes to user applications or upgrades that occur

Vol/1 | ISSUE/24

10/31/2006 10:13:40 AM

Cover Story | Change Management “That’s why politicians repeat the same message 10 times,” he explains. “The epiphany is the catalyst and stimulus, but it’s not the whole deal,” says Michael Wakefield, senior enterprise associate at the Center for Creative Leadership, a consultancy. “You have pathways in place, and they’re simply too strong to be changed in a single moment. You need to be able to integrate it into the psychological behavior for it to become part of a new pattern.” Rock says reminding people of their insights and continually asking them about the actions they decided to take as a result will help the process along. If they haven’t taken any action, ask them when they plan to. It’s also important to know that there are always going to be people who are simply incapable of changing their behavior in a particular situation for reasons that are too complex and personal for CIOs to resolve. CIOs are not psychotherapists, and they don’t need to be. Change experts and CIOs offer a remarkably consistent picture of the types of reaction to change and the percentages of people who fall into each category. Roughly 20 percent to 30 percent of employees are change gluttons — often ambitious, they see change as a path to happiness and success. Another 20

at regular intervals because business needs new functionalities. “But users need to adopt these changes if we are to avoid business disruption,” says Subramaniam. Otis, in India, is a high-growth company and, internally, change management is termed ‘bone marrow’. To counteract disruption in business, Subramaniam came up with a standard change management practice. “The first step to successful change management is to identify people who are in favor of the change and those who aren’t,” he says. Those who volunteer to embrace change, he says, are made change agents. And those who don’t accept change are put under training, consultations and counseling to help them understand the importance of transformation. “It isn’t easy, but not impossible,” says Subramaniam. “If change management is practiced with a top-down, ‘order-cracking’

Vol/1 | ISSUE/24

Cover Story.indd 31

percent to 30 percent cannot view change as anything other than a threat to their jobs (and they may be right) and will resist at all costs. Finally, about 50 percent to 70 percent are skeptics — they may see some logic in the case for change but aren’t convinced it will benefit them personally. “It’s the 50 to 70 percent you need to focus on,” says Rock.

Not your Motivation, Theirs One of the biggest mistakes leaders like CIOs make in trying to win over the skeptical middle is assuming that everyone is motivated by ambition — as many CIOs are. But many people, especially IT professionals, are motivated as much or more by the work they do (the craft of software development, for example) as they are by the opportunity to move up in the hierarchy. “There are a lot of people who don’t want to be king or queen,” says Wakefield. “That’s difficult for people to reveal because they fear their bosses will start to question their courage and commitment.” If these people don’t see an opportunity to maintain their allegiance to the work they love as part of a change, they won’t see the benefit of going along. They will remain skeptical or, worse, move into the camp of active resisters.

approach, it will be painful because people then perceive it as a threat. In today’s scenario, the best form of change management is to secure buyin internally for change that you want to bring in.” He cites the example of how outsourcing non-core functions to an outside agency calls for a fundamental change in the way organizations work. With more mundane work going out, he says, people can be re-allocated to do core business functions. “Initially, most people think they will lose their jobs, but really, that isn’t true. Outsourcing non-core areas only brings business efficiency and we should focus on that positive aspect of change,” says Subramaniam. It’s the word ‘management’ where CIOs play a critical role. “In Otis, every new, organization-wide IT project is dealt as a change management incident. JDE-ERP is the most recent of those projects. As a CIO, I had to play

the crucial role of an agent of change to convince the entire workforce that the project would bring a 360degree transformation to both the company and its employees. If I can convert more than half in my first attempt, I see change management working. The other half will follow,” he says from experience. “You can’t command the human brain and its working, but you can certainly change how it views something. And that distinguishes a CIO from the crowd,” says Subramaniam.

—Rahul Neel Mani

REAL CIO WORLD | n o v e m B E R 1 , 2 0 0 6


10/31/2006 10:13:41 AM

Cover Story | Change Management One of the best ways to bring the skeptics around is through learning. At the New York State Workers’ Compensation Board, a change readiness survey of employees at the beginning of an effort to shift compensation cases from paper folders to electronic files found that employees’ number-one demand was for training. “They wanted reassurance that we weren’t going to ask them to do something new without giving them the support they needed to do it,” says Nancy Mulholland, who is deputy executive director and CIO of the board. Information sessions, Q&As, training courses and coaching all provide ways for people to get those epiphanies without feeling as if something is being forced on them. “Learning is the antidote to change resistance,” says Wakefield. “Learning lets you reframe the change from being something bad for you to something that can have value for you.”

The learning environment has to be one in which employees will not be reprimanded or embarrassed for revealing their discomfort with the new way. “You have to give people the sense that feeling uncomfortable is a normal part of change, and address their concerns about losing face because of their lack of confidence and competence,” says Wakefield. One of the ways to do that is to put people together who share a similar status in the organization and are facing a similar change so they can see that they’re not alone — a species of corporate support group. When groups are too threatening, individual coaching can help.

The Hard Edge Change management is time-consuming and hard to quantify for process-oriented CIOs. But avoiding the

The IT Services View Lakshman Badiga, CIO of Wipro Limited, has 50,000 internal customers who service endcustomers in sectors such as manufacturing, telecom and finance. Being in the business of bringing change, he has a vantage point on change management practices. Catch a large computer services exporter at a time of a 'total systems change' and you’ll catch an organization tackling mind-boggling complexity. That lakshman Badiga, CIo of Wipro, is looking at such a situation wouldn’t be apparent from the company’s better-than-expected recent quarterly results. Wipro’s customers in manufacturing, telecom and finance among other industries rely on it for everything from plain maintenance to high-end R&d. Getting superior service through all the change in their businesses depends, in part, on Badiga’s internal IT team delivering superior service to 50,000 software engineers. The diversified group companies they work for bring in over 90 per cent of Wipro’s profits “When a CIo’s customers are technologists themselves, helping them tackle change has its own challenges,” says Badiga. It also brings opportunities to indirectly help end customers (enterprises) make smarter deals. “[Wipro’s clients] get to exploit our experience in dealing with


Cover Story.indd 32

n o v e m B e R 1 , 2 0 0 6 | REAL CIO WORLD

such things as scale and the deployment of new technology, he says. Being a large enterprise itself, many of Wipro’s clients swap notes with its vendor to find ways around challenges they face. The CIo of one enterprise, for example, cited a staffing issue. “He asked us how we did it.’” says Badiga. “We [told him we] hire around 1,000 to 1,500 people a month. And our recruitment system allows something like 4 lakh active resumes, online.” Using the system, Wipro’s recruiters get access to resumes wherever they are in the world, says Badiga, recalling the workings of the system, its processes and best practices that he shared with the CIo. Half a decade ago, Wipro was 5,000to 6,000-strong. Today there are 50,000 in the company. Badiga’s department provided scalability to the company while simultaneously ensuring that Wipro’s customers enjoyed a consistent feel when they interact with Wipro. It is the sort of achievement that prompts CIos of enterprises who work with Wipro to ask

whether they should follow Wipro’s lead, says Badiga. Wipro is glad to share its change management experiences. Part of how it is able to help enterprises is what the company calls ‘Wipro on Wipro’. The CIo organization and business units try out new technologies on themselves. If it works well, Wipro’s clients get to exploit their experience. They can see live examples of new technologies being put to use.

Outsourcing Challenges This philosophy of trying out new medicine first on themselves is also about practicing what Wipro preaches to its customers — outsourcing. Badiga says Wipro’s entire IT management infrastructure is outsourced, albeit to “internal vendors.” He says, “We probably have the leanest IT infrastructure management team.” As outsourcers, Wipro has documented that various stages (and their problems) of a process where change management is required. They have identified three periods: at the start, midway and at the stage when

Vol/1 | ISSUE/24

10/31/2006 10:13:41 AM

Cover Story | Change Management challenge leads to failure. “Anybody can stick Rs 9 lakh in someone’s face to get them to finish a job, but it’s the people who can inspire others to follow them that are the most successful in the long run,” says PharMerica’s Toole. “The soft stuff is important.” But inspiring others to change isn’t a matter of charisma or charm, say the experts. It’s finding a way to spark those epiphanies. Sparks’s latest tactic for engaging his staff ’s prefrontal cortexes was to bring in an outside consultant to discuss the ITIL program and to field concerns. “We had an outstanding instructor, and she was able to address many of the questions people had,” recalls Sparks. “I could begin to see the lights come on in

some of the [skeptics]. After a long meeting, one of my people stood up and said, ‘You know, we should have started working on this [automated monitoring] six months ago.’ CIO

Executive editor of CIO-US can be contacted at

a re-look is required at the business level. At the start, client CIos often feel a loss of control. Midway, the flexibility expected from systems begins to diminish because, usually over a period of three years, systems start becoming less efficient as business demands build up. At the final stage, when a company is almost full circle, it is trying to figure out what needs to be done next, similar to the time before implementing the original project.

IT and Business In helping Wipro employees to meet their customers’ expectations through all these stages, Wipro’s — and Badiga’s — biggest challenge is “creating the move towards business,” he says. Getting IT and business to go hand-in-hand is the biggest change management factor, he adds. Today, if Wipro is going through the third stage of evaluating and re-creating its systems, “about 60 per cent of the effort has to come from the business users,” Badiga says. That’s a huge shift from what business specialists were used to earlier, he says. Tactically, getting buy-in is easier if you can also get the business guys to understand technology rather than get the tech guys to understand business, says Badiga. Their involvement in the process of creating a solution is vital to get buy-in. Meeting them halfway, the CIo organization is trying to use a combination of software-as-a-service and SoA to figure out how they can introduce business frameworks into the technologies they build, he says. The important question to ask is: what do we do to motivate these two groups, the technologists and the business people, to together take us to the goal of making our systems more business-oriented? The question answers much of the answer.

—Harichandan Arakali

Vol/1 | ISSUE/24

Cover Story.indd 33

— Lakshman Badiga CIo, Wipro

REAL CIO WORLD | n o v e m B e R 1 , 2 0 0 6


Challenges of

Real Time By GUNJAN TRIVEDI Piggybacking on its parentage, BPO services provider TransWorks showed courage recently in acquiring a Canadian company that is seven times its size and equal to itself in workforce. Atul Kunwar, CEO of the Aditya Birla Group company, strongly feels that now is the time for TransWorks to ride on IT to derive synergized value from such an alliance.

CIO: With the Minacs deal, TransWorks now has a global footprint and is India's second largest BPO services provider. What is IT's role today?

View from the top is a series of interviews with CEOs and other C-level executives about the role of IT in their companies and what they expect from their CIOs.


n o ve m B E R 1 , 2 0 0 6 | REAL CIO WORLD

View from the Top.indd 34

Atul Kunwar: IT is very crucial for BPO or IT/ITES organizations. Fundamentally, it is key that we integrate with our customer’s systems. This is the starting point of delivering any service. After taking over Minacs, the key thing was to get visibility of the entire enterprise using a single framework. Since Minacs has multiple sites, its strategy has been based per site. One of the things we are doing right now is integrating all the sites and systems, so that we can have comprehensive visibility of what’s happening at each site, not just from a financial perspective, but also data, operational, customer satisfaction and

legal compliance perspectives. So, we rely heavily on IT to enable such visibility.

Post acquisition, has it been difficult to cope with the dramatic changes in IT infrastructure? Yes — and no. One of the elements we focused on as we built our systems was an openness needed to enable seamless integration. Again, it comes from a BPO/ ITES framework where every time you get a new customer, you need to integrate into their systems, for knowledge, precedence and a lot of other information. The same applied to Minacs. For similar kinds of companies — who have had a similar approach to system integration — it was quite simple to start building it across the enterprise. There was never any resistance or debate. What changed dramatically after the acquisition was scale. The systems were

Imagin g by an il t

Atul Kunwar, CEO of TransWorks, sheds some light on the dynamic environment in which CIOs need to continually develop infrastructure for business to stand on.

Vol/1 | ISSUE/24

10/31/2006 11:01:26 AM

View from the Top

Atul Kunwar expects IT to: Integrate multiple sites, systems and processes Lend visibility to the entire enterprise Create differentiation for business

Vol/1 | ISSUE/16

View from the Top.indd 35

REAL CIO WORLD | J U LY 1 , 2 0 0 6


10/31/2006 11:01:29 AM

View from the Top

already in place. The question was how to go about integrating them. No one particular system was imposed on any entity. We integrated the systems and platforms to enable seamless flow of information. It was more of an enterprise application integration approach as opposed to the implementation of systems and applications.

M&As on such a scale bring difficulties in integrating IT. What is your experience? One of the things we initially did was to change our approach towards internetworking the US and India. Instead of looking at E1 bandwidth approach of interlinking individual entities, we are now moving into a country-specific, carrier-class framework. Naturally, with this, there are a lot of other possibilities because now there is a huge amount of bandwidth, which can be used effectively in having a different view of the entire enterprise. Apart from bringing in changes in specific approaches, we are prepared to adopt a more mature, proven platform wherever required to bring the entire enterprise on a common platform. One of the examples is our CRM framework. Minacs, in managing prospects, has a good application built on Siebel. Our CRM application is a more offthe-shelf product called Act. We were in the process of customizing the Act app further. With the M&A, perspective matters. Both the organizations need to be integrated seamlessly to have our sales force think and address the deals similarly. So, we took the decision to migrate to the proven platform of Minacs. For the sales force, the impact of the migration was not huge because we were at a stage of acquiring licenses and mapping resources to the applications. Our decision to adopt Minacs’ Siebel-based CRM app had been taken early, and we have been able to effectively and quickly migrate our sales force to the new platform. Initially, this decision did not go down too well with the workforce, as they were 36

n o v e m B E R 1 , 2 0 0 6 | REAL CIO WORLD

View from the Top.indd 36

“The CIO's role is no longer about addressing situations; it is about thinking ahead and challenging business people.” — Atul Kunwar

uncomfortable migrating to something that was not developed in-house or locally. The credit of managing the change goes to the leadership at the IT infrastructure level. We have people who rose above these issues and decided to roll out systems and platforms for the overall benefit of the enterprise.

In an industry dogged by attrition, how do you tackle staffing and other HR challenges? Staffing and HR has two perspectives at TransWorks: IT and business. Managing lifecycle of end-to-end implementations, not merely projects, is something that has attracted IT professionals to the organization. And now, we've added global scale to the mix. The IT team at TransWorks is definitely quite excited. With the Minacs acquisition,

the scale of operations has changed. As scale changes, you get an entirely new range of projects to work on. It is easy to see real value for IT professionals here. One of the elements that will become prominent, as we go forward, is the fact that the people working at TransWorks are not just implementing key things but contributing significantly to organizational transformation. The same applies with Minacs. They have always wanted to take up a number of offshore projects. Since going offshore all by itself was expensive, it restricted itself to doing fairly limited offshore projects. With this acquisition, the whole paradigm has changed as business synergy grows. While we were strong in particular verticals and horizontals earlier, we now are capable of acquiring new lines of businesses and do things at a completely different scale and level. This is quite exciting for our workforce, which helps us keep attrition rates in check. The IT team here has realized that we need to build infrastructure that is increasingly capable of scaling up and being integrated.

How are you using IT vis-àvis HR? With IT, we are trying to automate various recruitment processes and hence eliminate a number of time-taking secondary processes. Our objective is to reduce hiring time — right from the time a candidate walks in with his resume to when he knows whether he's selected or not. The entire process will now take no more than three hours, compared to a day or two earlier. And now that their profiles are on the database, the systems are being extended to track employee lifecycle within the organization to help HR with a detailed view of the workforce and to manage it effectively. Another area where IT is synergizing with a HR-related function is quality and process management. One of the initiatives we recently undertook was to present relevant information to an associate in real time. This helps associates know exactly how

Vol/1 | ISSUE/24

10/31/2006 11:01:30 AM

View from the Top

they are performing. For example, say there is a certain number of transactions that an associate needs to do in a day. We compute the minimum number of transactions to be processed if he has to achieve his daily target. Now, the number of transactions an associate has processed — and the number he should have — is available in real-time to him, his team leader, the floor manager and others. This makes it possible for the right personnel to review problems as they occur.

Which technology platforms do you depend on the most? Has the Minacs acquisition brought new technologies or ITES facilities? With Minacs, we now have 18 facilities globally. From the platform perspective, we were on PeopleSoft to handle HR, financials, etcetera. Minacs was on the Lawson platform. Since there is no point wasting resources in replicating or re-deploying platforms, we are integrating PeopleSoft and Lawson. Moreover, as outsourcers, a multiple platform experience is an advantage. Hence, we are building integration capabilities rather than migrating onto a newer platform. On the CRM front, Minacs brings Siebel expertise to the table. This kind of a multi-platform experience and expertise will help us offer different solutions to our customers and enable us to provide seamless architecture to run different applications and deliver services from anywhere to anywhere.

Your clients are based abroad. What compliancerelated issues do you face? And what mechanisms have you put in place? From a compliance perspective, there are a lot of frameworks and regulations we have to adhere to. We have COPC certification addressing operational compliance. We are ISO 9001 and BS7799 certified as well. Moreover, we get certified specifics for many

Vol/1 | ISSUE/24

View from the Top.indd 37

of our customer’s perspectives. SNAPSHOT from the start, we will sit down For instance, we are certified with the customers to define in SOX, GLB of US and the business continuity plans. TransWorks Data Protection Act of UK Recently, a huge hurricane Turnover (2006): Rs 1,363.5 crore* compliance. hit major parts of Southeast To ensure that the Asia, including the Philippines. Total Employees > 10,000 (post organization is adhering to We took on a huge load on acquisition) governance and compliance our Bangalore site for some Number of guidelines, we have a chief customers because work there Facilities information security officer came to a standstill for six 18 (CSO), who directly reports days. These are the kinds of IT Staff to me. The CSO ensures business continuity plans we 320 independent and regular are working on with our key CIO testing of DR and BCP customers. It entails defining N. Gajapathy capabilities. The new challenge and prioritizing the processes *combines TransWorks’ is to deliver this business that are critical. and Minacs’ turnover of Rs continuity across geographies 166.5 crore and Rs 1,197 crore respectively and develop our capabilities How do you see the to ensure seamless business CIO evolving in the continuity across our facilities ITES vertical? situated on different continents. One thing that works in our favor is that we It’s oft-stated that a CIO’s role is a strategic have an internal audit function as part of our one. I believe that strategy is just a part of parent company — the Aditya Birla Group. his role. To me, it is more of a differentiating This function focuses on corporate governance role. For companies like ours whose from the shareholders’ perspective. We work business revolves around what we do with with the group’s internal audit company data and how we manage it, we can create constantly and at multiple levels to ensure differentiation if we have good systems, our compliance to corporate governance processes and the ability to execute. guidelines. Compliance is an investment we Everything we do is in real time. Naturally, will continue to make. real-time information, real-time actionable intelligence and real-time decision-taking are what we expect from our IT systems. What steps is TransWorks A CIO’s role is contributory, where he taking to strengthen provides infrastructure for the business to its disaster recovery stand on and continue to better it. CIOs need and business continuity to track the net benefit of what they create. capabilities? For example, for our HR systems, bringing We increasingly encourage our customers to hiring time down from two days to three spread out processes across multiple locations. hours produces a noticeable change and In some cases, we spread work across the world. creates huge value. The CIO's role is no more We have customers whose processes are being about addressing situations; it is more about handled out of centers in India and Canada. thinking ahead and challenging people from If the location at Canada is hit by snowstorms a business perspective. CIO and people can’t come, work continues from centers in India. This is the next stage we are working on. It’ll happen with all customers who work beyond a particular site and whose Senior correspondent Gunjan Trivedi can be reached at processes are beyond a certain criticality. Right REAL CIO WORLD | n o v e m B E R 1 , 2 0 0 6


10/31/2006 11:01:35 AM

How to Put the

Money Where the

Mouse Is


With a flexible i.t .t .t t.. infraStructure, a Streamlined buSineSS organization and attention to cuStomer convenience, e-t - rade iS modeling the -t future of Web-baSed banking.


And E-Trade is giving brick-and-mortar banks a run uppose you’re sitting on a little cash. Should for their money. According to a June 2006 study by the you put some in a CD? Sock it away in a Pew Internet and American Life Project, 43 percent of money market account? Now imagine you Internet users, or about 63 million American adults, can visit your bank’s website to figure it out. now bank online. And a survey released early this year Using an online tool, you can move the money by IT consultancy Keane found that financial institutions around and examine how your earned interest and rates consider customer satisfaction with online services key to will change, depending on where you put it. Colored bar their revenue growth through cross-selling of products to charts representing the amount of interest earned in a existing account holders. Yet, many banks offer little more year shift up and down depending on your choices. When than rudimentary services such as the ability to check an you decide on the right mix, you can open a new account account balance or pay bills electronically. with a few key strokes. “Very few banks don’t realize at this point that online One might assume every bank would offer such a tool, but banking is big business,” says Matt Poepsel, VP of few provide customers with anything close. The application application management at online benchmarking company described above, called the ‘intelligent cash optimizer’, was Gomez. “But many banks are still finding their way.” introduced last year by E-Trade Financial. This online Banks need to offer more online information and advice brokerage was given up for dead after the dotcom bust, but that is tailored to the individual account holder, as well as resurrected itself by sharply cutting costs and embarking more sophisticated, easy-to-use online tools, say experts. on a diversification plan that included acquiring a WebHowever, Keane found 49 percent of banks surveyed only bank and linking it with its core trading operations. considered their technology platforms to E-Trade’s net interest income, a significant be the primary obstacles to improving their portion of which derives from its banking Reader ROI: online customer experience. operations, accounted for 51 percent of its The challenges facing “At some level, E-Trade shouldn’t exist,” revenue in 2005. Analysts say the company’s online banking says the company’s CIO, Greg Framke. “If success derives in no small part from its Why E-Trade has big firms had embraced the Internet as a customer-friendly services. The company succeeded as a Web-based bank. channel, we wouldn’t have had a chance.” reported earnings of Rs 7,650 crore in 2005.

vol/1 | I ssu E/24

Il lustrat Ion by an Il vk



real cio World | n o v e m B e R 1 , 2 0 0 6


e-commerce Instead, industry experts point to E-Trade as a model for how banks should run their online operations and prepare to serve the emerging generation of customers raised on the Internet. The problem for most traditional banks is that they have grown up as a group of autonomous silos, with loan departments working separately from brokerage and cash divisions. Many have also built their branch, call center and Internet divisions as separate units and are now struggling to provide service and sales across all channels. CIOs at these banks have a tough time integrating their back-end systems, notes Rusty Wiley, global banking industry leader for IBM’s business consulting services. “The way banks have built their channels independently has created an inconsistent user experience from the Internet to the call center and the branch.”

Some major banks, including Wells Fargo, Bank of America and Wachovia, are well on their way to integrating systems and offering sophisticated online tools (see Big Banks That Get the Web). But “E-Trade takes it to the next level,” says Brad Strothkamp, a senior analyst with Forrester Research. “They leave no stone unturned and [they] sweat the details when it comes to integrating their offerings and providing more functionality.” Here’s how they’ve done it.

The Right Business Model

E-Trade’s first online business model was a bust. After the stock market crash of 2000, the Internet broker’s stock price plunged from more than Rs 2,700 at its peak to less than Rs 135 in 2002, while the company lost a total of Rs 1,926 crore. Among its problems, E-Trade had a bloated staff and lacked financial discipline, as did many dotcoms. But when Mitchell Caplan, now E-Trade’s CEO, joined the company in 2000 as its chief banking officer, he was convinced that despite the gloomy mood among Internet companies, E-Trade had a future as an online bank. In 1989, Caplan had founded Telebank, a savings and loan that had no physical branches. Telebank offered banking products and services via a toll-free call center, and later went online. E-Trade bought Telebank, and the move was seen in the marketplace as an early attempt to offer brokerage and banking services on one site. With the subsequent crash, however, enthusiasm among investors for such online integration quickly faded. Caplan persisted, however, and his bet seems to have paid off. Banking helped E-Trade return to profitability. The company now boasts 748,950 bank accounts — seven times the number of accounts it acquired from Telebank. As a bank, E-Trade is still relatively small. (Wells Fargo, in contrast, has 7.9 million active online consumer customers, who account for 59 percent of its consumer checking accounts.) But Caplan and Framke attribute E-Trade’s success in a competitive marketplace to the company’s use of open-source technology (for example, Linux on Intel servers, serving webpages with Apache and its supplement, Tomcat) and its early adoption of a services-based approach to software d eve l o p m e nt . When E-Trade built its technology infrastructure, says Framke, service-oriented architecture was a “promising “If big firms had embraced building block” for providing the Internet as a channel, we transaction processing. It wouldn't have had a chance,” suited E-Trade’s business says E-Trade CIO Greg Framke. model — which emphasized convenience for customers — because it allows the c o mp a ny, by reusing


Feature.indd 40

n o v e m B E R 1 , 2 0 0 6 | REAL CIO WORLD

Vol/1 | I SSUE/24

10/31/2006 10:33:22 AM

e-commerce software services, to provide the same experience to account holders whether they are checking a balance or applying for a loan. “There was something compelling between what we wanted to provide our customers and this emerging technology,” Framke says.

total integration At the core of E-Trade’s technology strategy is a simple idea: that it should be easy and appealing for customers to open accounts with E-Trade, and once they do, it should be easy for them to manage these accounts without having to log in to multiple systems. “It shouldn’t matter where you are or what kinds of accounts or products you have,” says Caplan. “You want the [online] experience to be the same. That kind of service requires integrated systems.” This is a goal that many banks are striving for right now, but E-Trade is well on its way to achieving it. For example, the company provides customers with a single sign-on for accessing all their accounts during a banking session. In early 2005, E-Trade launched a tool that allows customers to get a single view of their cash and investments on one screen, called E-Trade Complete. Conceptually, it’s similar to an online dashboard, and it’s possible because E-Trade uses Web services to knit together customer data from multiple back-office systems enabling the systems that support checking accounts and investment accounts to use the same customer information. Building on the E-Trade Complete function, the company introduced the Intelligent Cash Optimizer later in 2005, followed by similar tools to help customers find loans and fine-tune their investment strategies. All of these tools reflect E-Trade’s focus on integrating services to create a smoother customer experience. For example, the company re-purposed a feature that allowed customers to transfer money in and out of cash or checking accounts in order to enable QuickTransfer, which allows transfers in and out of any other account too. “The key is to bring together everything to allow customers to navigate between different types of products and see for themselves if they want to save more money or make more interest on their cash,” Framke says. Traditional banks, on the other hand, “are bogged down by legacy systems,” observes Framke, who has also worked for investment banks Morgan Stanley and Deutsche Bank. The older banks have separate systems for processing loans, managing cash and purchasing investments, and online customers often have to toggle between applications in order to conduct transactions. Experts agree that the type

of application and data integration that allows customers access to different products from a single interface will help other banks develop their online offerings. Most large banks are working on this problem, but integrating multiple applications and merging customer information into one database is not an easy task. “Getting the holistic view of a customer’s assets, liabilities and balances is not easy when you have silos,” says Peter Nikonovich, managing director at BearingPoint.

banish bureaucracy Most banks got started with a single purpose. They were either retail banks, commercial banks, mortgage companies or credit card providers. Then, as the economy evolved and the banks grew, they added new lines of business. Each line of business, or unit, would build its own systems — thus

e E

xpertS agree that applicationS and data integration that alloW people acceSS to variouS productS from one interface Will help bankS develop their online offeringS.

vol/1 | I ssu E/24

banking became an industry in which most large firms were a collection of separate silos. Add to that history the recent wave of bank mergers, and most large financial firms are working not only with a complicated set of systems and databases that don’t talk to each other, but with business units that don’t collaborate. By contrast, E-Trade — perhaps because it began as an online-only bank and is relatively new — has been able to more easily integrate its lines of business just as it has integrated its IT applications. Unlike traditional banks, E-Trade does not have a separate Internet division and, says Framke, there are no barriers between the company’s trading, lending and cash management operations. “All retail technology is done in the same organization,” says Framke. “There is no distinguishing between brokerage, lending or cash.” With fewer layers of bureaucracy to wade through, E-Trade executives can make quick decisions about getting new services up and running. For example, in 2004, Framke gathered with Caplan and other top ETrade executives to present a plan for using multi-factor authentication to identify customers. At the time, the use of at least two types of authentication — generally something a person knows, such as a password, and something they have, like a hardware token — was emerging as a real cio World | n o v e m B e R 1 , 2 0 0 6


e-commerce safeguard against identity theft. Framke knew customers were concerned about online security, and he wanted his company to respond to these worries. After Framke’s presentation, the group decided on the spot to move forward with the plan, which involved giving tokens from security vendor RSA to E-Trade customers in addition to a user name and password. That type of nimble decision making is typical at E-Trade, where in contrast to practices at most large banks, Framke oversees all Internet technology and plays an important role in executive decision making. That contrasts with some larger financial companies, in which the Internet division is far removed from top management and which, experts say, accounts in part for the lack of progress deploying multifactor authentication by the industry as a whole. Having separate channels “makes it easier to deal with customers from a line of business perspective,” says Carter

e E

bank. According to Rob Shenk, senior VP of retail strategy at E-Trade, customers adopted QuickTransfer because it provided a more efficient way than traditional wire or check requests to transfer funds. “It’s also a statement to the customer that our products are not ‘roach motels’, where your cash is trapped within one financial institution,” Shenk says. According to an equity research report on E-Trade issued earlier this year by Keefe, Bruyette & Woods, “it appears E-Trade customers are choosing to place more cash with the company rather than their traditional bank as some of the largest contributors of net inflows are Bank of America, Chase, Citibank and Wachovia.” Shenk says this information is proof that customers and their cash are drawn to the easy-to-use and effective functions such as QuickTransfer. Adds Framke, “Our bet has been that if we give our customer the functionality to see what they are making and to move their money around as they see fit, we will bring more money in.” He adds, however, that it’s also important not to overwhelm the customer with too many options. “You need to walk the line between offering sophisticated functionality but not too much,” he adds. For example, he notes, E-Trade would rather offer fewer, highly effective functions like QuickTransfer than a wider variety of more run-of-the-mill ones. Framke cites E-Trade’s move to offer token-based multi-factor authentication as another such key function. When the company introduced the RSA tokens in March 2005, it was the first financial company in the United States to offer multi-factor authentication to US-based customers (the technology is now strongly recommended by banking regulators). E-Trade customers who choose the service use a token that displays a new six-digit number every minute. The number acts as an extra, onetime password that matches with an identical number generated at the same time at E-Trade’s offices. Framke won’t specify how many customers have opted to use the security tokens, but says E-Trade is pleased with the adoption. “If people feel secure, they tend to keep more money with us,” he says. E-Trade did not provide data to back up this claim, but Internet performance monitoring company Keynote Systems says that in its most recent survey of prospective customers of online brokerages, E-Trade was ranked as a top performer in privacy and security.

- rade Wa -t W S the firSt financial company in the u.S. to offer token-baSed, multi-factor authentication — a technology that banking regulatorS noW Strongly recommend. Hansen, senior VP of user centered design at Wachovia’s e-commerce division. “The challenge is: how do we come up with the best customer-centered recommendation in the online channel and avoid the impulse to do what’s best for the line of business?”

listen to customers The challenge for banks, then, is to do what customers want, even if it seems counterintuitive. The more tools and functions that are available to customers in a straightforward way, the more money they’ll bring to the bank. That’s the lesson E-Trade learned after it introduced QuickTransfer, a function that allows customers to transfer funds free of charge between accounts within E-Trade or outside the bank. “We were early in the industry to open our door,” says Framke, noting that there was some initial concern that customers would use the transfer function to take money out of E-Trade. However, the opposite occurred. According to company data from the first quarter of 2005, 750,000 customers initiated QuickTransfer and for every Rs 90 transferred to outside accounts, Rs 135 came back to the 42

n o v e m B e R 1 , 2 0 0 6 | real cio World

keep moving While E-Trade’s success reflects an increasing acceptance of online banking, traditional banks and their branches aren’t going away yet, or maybe ever. Some customers

vol/1 | I ssuE/24


Big Banks that Get the Web though they move slowly, some traditional banks are making progress online. big, traditional banks aren’t all online laggards. In fact, it was Wells Fargo, which had revenue of rs 180,000 crore in 2005, that opened the first online banking site in 1995. since then, as top banks have worked to improve their online offerings, Wells Fargo has been among the leaders, boasting a steady increase in the number of its active online customers. Most recently, they have rolled out a free online tool called My spending report that lets customers review and analyze their spending patterns. Wells Fargo and top competitors are making progress in providing online customers with sophisticated functions, analysts say, but are still not quite at the level of online only banks such as E-trade trade when it comes t to pure site integration. For example, says Forrester research analyst brad

strothkamp, traditional banks have still not integrated their public and private sites. this means that when an existing customer is logged on to a banking session, he’ll usually have to log out in order to open another account or apply for a loan. not so at E-trade. t trade. leading banks are working to improve channel integration, however. For example, Wachovia is working on an initiative to create a single channel for retail customers that will integrate online, branches and call centers. “all the big banks are trying to figure out how to pull transaction and customer information from legacy systems,” says rusty Wiley, global banking industry leader for IbM’s business consulting services. to create My spending report, Wells t Fargo deployed a data warehouse

prefer talking with a real person face-to-face when making important financial decisions. Dotcom banks such as Wingspan failed because the majority of customers aren’t yet willing to make the leap to doing everything online. Still other customers are concerned that their financial information may not remain secure from hackers or phishing attacks. These factors present a challenge to E-Trade. In acknowledgement of the advantages that brick-andmortar banks still have, E-Trade has opened 20 financial centers and plans to add up to 15 more. The company doesn’t want to turn itself into a brick-and-mortar bank, but rather to offer some face-to-face advice to regular online customers at the sites, which will be located in areas where most customers are located, says Framke. Going forward, E-Trade will have to keep its eye on its competitors — both online and traditional banks — in order to stay ahead. The online brokerages “are telling us [banking is] extremely competitive and they need to use their websites to draw people in,” says Lance Jones,

vol/1 | I ssu E/24

from t teradata to store its customer information, then used it to create reports based on that information. a similar tool, business spending report, does the same for small businesses. Jim smith, EvP of the Internet Channel & Products group at Wells Fargo, says the 3 million customers that have used My spending report reflect demand from online banking customers for analytical tools and other functions beyond basic transactions. the next steps include providing information to customers on their wireless devices. “our story is, pick the channel you want and we’ll be there with an experience that will be highly convenient for you,” says smith.

— s.P.

an analyst at Keynote Systems. Looking ahead, Framke acknowledges that the competition is likely to remain stiff. “The challenge remains deploying technology that is easy to use yet produces meaningful results for the customer and the company,” he says. Framke also has his eye on new Internet technologies such as application composites, or mashups, which are applications created by combining multiple services. And even though E-Trade is beefing up its physical presence, the company knows it will remain an online leader only if it can continue to come up with tools, such as the Intelligent Cash Optimizer and QuickTransfer, that are effective, easy to use and ahead of the pack. Says Framke: “We have to be ahead of the technology curve as new Web services technologies emerge, and use them in a way that is unique to us.” cio

Send feedback on this feature to

real cio World | n o v e m B e R 1 , 2 0 0 6


Mu n

Govern Main.indd 44

10/31/2006 10:44:19 AM

Public Finance

u nicipalities B y K u n a l N . Ta l g e r i

An IT-powered financial management system in Karnataka promises information on municipalities in hard numbers, as and when transactions occur. It’s already working in at least 50 urban local bodies.

Vol/1 | I SSUE/24

Govern Main.indd 45

REAL CIO WORLD | n o v e m B E R 1 , 2 0 0 6

Il lustrat io n by MM Shanit h


itizen participation in governance has seldom been richer in inspiration on the legislation or policy front — be it the Right to Information Act unveiled last year or the 74th Constitutional amendment, which in 1992 formally recognized urban local bodies as a third tier of the governance system in India. However, as credit rating agency ICRA pointed out in an April 2005 study of state government finances, “the poor quality of reporting (of public finance data) remains an impediment to analysis.” This impacts a state’s ability to raise external funds for development. The ICRA paper notes how account figures are available only after a year. Which means analysis can only be based on revised estimates of revenue and expenditure. Juxtapose this scenario against a two-month-old implementation across 63 urban local bodies (ULBs) in Karnataka: the Nirmala Nagara program’s eGov Financial Management System. For starters, the online solution enables revenue and expenditure entries to be captured in real time at the point of creation. This ensures the immediate availability of data at all administrative levels — head office, zonal offices and departmental offices — across the state. Time is everything, as is access. This financial management system, which is integrated into the website of each ULB, will soon enable administrators to provide citizens with reports summarizing key financial indicators of the 63 urban local bodies. It supports a double-entry, accrual basis accounting system with the ability to prepare balance sheets and income & expenditure accounts for their operations. In the accrualbasis system, income is realized in the accounting period Reader ROI: in which it is earned, regardless of when the cash from Implications of accrual-based these fees and donations are received. Even expenses are accounting in municipalities recorded as they are owed, instead of when they are paid. Why skilled IT staff is critical to such a project In the cash-basis accounting system, however, revenues 45

10/31/2006 10:44:26 AM

Photo by sr IVatsa s ha ndIlya

Public Finance are recognized only when cash is received and deposited. Similarly, expenses are recorded in the accounting period when bills are paid. Says M.N. Vidyashankar, IT secretary of Karnataka, “The accrual-basis accounting in urban local bodies is the only way forward. The sooner we adopt it the better, because we need to keep track of projected liabilities. Such an accounting system contributes to the setting of more realistic targets.” Apart from the automated numerical computation in the financial management system, accounting of transactions occurs in keeping with preconfigured rules and guidelines of the National Municipal Accounting Manual, says a municipality official. All this has several implications for government and citizens. But does such a mechanism respond to citizens’ demand for public finance-related information?

Tracing Demand The state of Karnataka has 212 ULBs, which includes corporations, city municipal councils and town municipal councils. The Nirmala Nagara project seeks to empower each of these by 2009, and its first phase began across 63

ULBs in August this year. It entailed putting in place an integrated financial management system among other implementations such as property tax information system with GIS. (This allows authorities to monitor, using maps, properties that arenot paying property tax.) In government circles, such an investment in IT — even in phases — has its cynics who question its need. For the Nirmala Nagara project, the answers came from the citizens themselves, as the pilot demonstrated. This phase commenced in July 2005, involving seven ULBs, including Mysore, Bijapur and Raichur. The module, a public grievance and redressal system, yielded 60,000 complaints in 10 months. The response gave the Directorate of Municipal Administration (DMA), which oversees the functioning of ULBs, greater confidence in implementing the financial management system. Recalls Nilaya Mitash, a former DMA director who was involved in the implementation then, “We began to develop a draft accounting manual, in 2004, which later became the Karnataka Municipal Accounting Manual (KMAM). The system now produces all the statutory reports specified in the KMAM.” The latter was developed based on the National Municipal Accounting Manual, recommendations of the Comptroller & Auditor General of India task force and the Institute of Chartered Accounts of India.

“The sooner we adopt accrual-basis accounting, the better. It enables setting up realistic targets.” — M.N. Vidyashankar, IT secretary, Karnataka


Govern Main.indd 46

n o v e m B e R 1 , 2 0 0 6 | REAL CIO WORLD

How It Works The data relating to income and expenditure hosted in the eGov system are broadly divided under enterprise, general and water supply funds. So, an accountant in a municipality begins by choosing the fund, under which the transaction (and the entry thereof) needs to be made. For a payment to be recorded in the system, the accountant must prepare the procurement order in the name of the party. This order demands details such as name of the contractor selected (after the tender and bidding process), work order, voucher number, date of voucher, etcetera. Only after this can the accountant raise a bill to the extent of the amount stated in the procurement order. The financial management system does not accept a bill whose information varies from that of the procurement order. Further, based on the nature of revenue or expenditure, each

Vol/1 | I ssuE/24

Public Finance MIS reports: budget variance reports, works details (particulars of contractor-wise bill and payment) In another two months, these details should be available to citizens of the 63 municipalities SNAPSHOT eGov that feature in the first phase. When the project Financial attains fruition across the state, every local body and its citizens will have access to information BUDGET OUTLAY: Rs 8 crore (Phase 1 regarding cash flows and how it is being used. computerization) The value of disclosure of financial deployMENT: information is best summed up in an Asian 63 ULBs* Development Bank (ADB) report, released STAFF: in May this year, on the Karnataka Urban > 50 IT personnel Infrastructure Development Project that had Structurally, the municipalities are > 50 accountants kicked off a decade ago. “Participating towns consolidated into clusters, each of which has a HEAD AUTHORITY: need to be fully engaged and consulted during government-appointed nodal consultant. This B.P. Kaniram, loan formulation, including discussions official is responsible for policy formulation, Director, DMA on the details of capital and operating-andsoftware customization and training templates, *urban local bodies maintenance costs and the impact on their apart from vendor eGovernments Foundation budgets, revenues, taxes and tariffs,” states that looks into software development, the ADB in its postmortem of the project. customization, data migration and software Further, post Budget 2005, the National Urban Renewal training. The biggest challenge in the project has in fact Mission (NURM) requires state governments to introduce been quality of the IT staff. Towards this end, most of the 63 reforms in urban local bodies to improve the efficiency ULBs now have an IT specialist each to handle the project at and delivery of services. With a Rs 5,500-crore outlay a technical level. “The ULBs also have field-level consultants, for urban centers, the mission stresses on public-private who have been ensuring a smooth transition to the IT setup,” partnerships (PPP) and e-governance. “The NURM and says Mitash. citizens’ pressure from either side have been instrumental Skilled staff was required on the accounting front too. in municipalities adopting such reforms,” says Krishna Initially, the senior accountants were sourced from the Rupanagunta, COO of eGovernments Foundation, which state accounts department. The ULBs have now recruited designed the integrated financial management system. graduates with accountancy background, who will be The need to bring in reforms and the cited benefits to groomed over time for roles in senior positions. citizens apart, implementations like the eGov Financial The other challenge was on account of connectivity. Management System has huge implications for state Though 42 ULBs are powered by broadband, at least governments when it comes to raising funds for infrastructure 15 municipalities still grapple with connectivity issues. projects, particularly market-related borrowings. They are yet to apply the financial management solution Most infrastructure loans to municipalities are issued in the true sense. “The DMA is in constant touch with based on its credit rating. The rating in turn can only be BSNL to try and improve connectivity in such areas. It is a derived based on complete and accurate financial indicators continuous process,” says Mitash, who is now the deputy like balance sheets of the municipalities. Currently, even commissioner of Chickmagalur City Municipal Council. data on city-level income is not readily available in India. Most of these areas currently run on dial-up, he adds. In its next phase, the financial management system will From an administrative viewpoint, the DMA ensures be integrated with ward works and inventory management, the functioning of municipalities on the eGov Financial which are being developed. Another 79 ULBs will also Management Platform. In effect, its director can compare become part of the financial management network across the financial reports of several ULBs on his computer the state. Once implemented, the integrated solution has screen and ascertain performance. “We have a weekly the potential to host information on any infrastructure ranking system, whereby a municipality’s rating is project at every stage. Contractors, for instance, will then relative to factors such as number of vouchers and works even be able to bid for portions or phases of a project. And completed,” says Mitash. taxpayers can be in the know about public spends. The financial indicators that ULBs have access to are: It promises to be another small step in the journey Statutory reports: balance sheets, income/ towards better financial discipline. CIO expenditure with schedules Accounting reports: day book, journal book, cash book, bank book, trial balance Chief copy editor Kunal N. Talgeri can be reached at transaction has standardized codification that helps in making comparisons across municipalities, or for the purpose of getting an aggregate figure across the state. For example, the municipalities of Mahadevapura, Davanagere and R.R. Nagar generate the highest revenue in Karnataka; details down to the latest rupee in their coffers are available in the trial balance of the municipality concerned. This widens the scope for data mining and generating municipality-wise information.

Window of Opportunity

Vol/1 | I SSUE/24

Govern Main.indd 47

REAL CIO WORLD | n o v e m B E R 1 , 2 0 0 6


10/31/2006 10:44:34 AM

Dr. Debesh Das, minister-in-charge of IT, West Bengal, says that e-governance can help improve the quality of life of the people of the state.

Upgrading the State By Balaji NarasimhaN

Interview.indd 50


10/31/2006 10:51:36 AM

Interview | Dr. Debesh Das

CIO: With rising investor-interest in West Bengal, what are the recent e-governance initiatives in the state? Dr. Debesh Das: We are starting work in e-governance now. We have selected 14 departments out of 54 in our state. Some of the selected departments include transport, health, education, land reforms and panchayats, among others. A state-level steering committee has also been formed, with the CM as the chairman and I as the working chairman. You plan to equip all gram panchayats with PCs and provide farmers e-information about price movements of agri-products. What is the status of this project?

Actually, we are trying to do it in one district first, so that this can act as a pilot for other parts of the state. The place we have selected is Burdwan. In this place, we will reach every gram panchayat and provide them with PCs along with connectivity. In 2007, we plan to connect every block with the state headquarters. This will ensure proper flow of information across the state. We have also given an edistrict proposal to the Central Government for two districts, namely Bankura and Jalpaiguri. We are still awaiting clearance for this proposal from the Center, and once this comes, we will go ahead with it. I think that this project will be done in 2008.

Most of our e-governance initiatives are at a nascent stage. In some departments, we have done very good work, especially in areas like the management of land records.

There are doubts about whether e-governance does actually improve the quality of life. I believe it can have a huge impact. One place where it can help is in administration. Second, we have the Right to Information Act, which is better facilitated by e-governance. Third, people can interact more easily with the government thanks to e-governance. Can you give us examples of how this is happening?

Let’s consider something like registration and the issuance of birth certificates. People can go to a kiosk and get the job

Photo by Sr IvatSa Sh an dIlya

How do you believe e-gov can improve quality of life in West Bengal?


Only 15 percent of e-gov projects are believed to succeed in India. What is the status in West Bengal? What is the most common reason for failure?

Interview.indd 51

In my view, you must go in for open source for e-governance. There are several reasons why I believe that operating systems like Linux and other open source initiatives are good for e-governance. One reason is obviously because open source products are less expensive. But a bigger reason why I endorse open source for egovernance projects is localization. Not everybody is comfortable with English, and we are therefore very keen on giving the people of West Bengal access to information in Bengali. Because of the customization that is possible with open source, this will be easier.

Dr. Debesh Das, minister-in-charge of IT for the government of West Bengal, doesn’t come across as the average politician. Formerly a professor with the computer science and engineering department of Jadavpur University, Das understands the significance of technology, and is using this knowledge to push e-governance in the state.

We feel that this will be of great help to the people of Kolkata in various areas like health, death and birth certificates, for the application of trade licences, and others. Everything will become much easier. Our ultimate vision is that everybody in West Bengal should feel that the government is trying to help him or her by reaching out to them. In short, we want accessibility to be enhanced.

vol/1 | ISSUE/24

What is your take on open source software and egovernance? Do you think that environments like Linux will deliver better ROI?

ImagIn g by an Il t

The chief minister of West Bengal recently inaugurated e-governance in the Kolkata Municipal Corporation. What benefits do you see from this move?

With some of our newer e-governance projects, we are just starting the work. And since not much has been done in West Bengal till now, it is still too early to say whether the project will succeed or not.

REAL CIO WORLD | n o v e m B e R 1 , 2 0 0 6


Open source is excellent for e-governance

because it helps us to customize our solutions and give people access to

information in Bengali.

done quickly, instead of doing it the manual way, which takes longer. It is also great for agriculture — if the farmer can know the price of his crop, then it will be very much easier for him. If somebody is applying over the Internet for something like tenders, then again, e-governance is of tremendous use.

and government employees in particular. I don’t think that there is any resistance to computerization now. The only problem is that people are not habituated to using computers. This apart, people understand that computers form a crucial part of the machinery required for running the state.

How do you believe e-governance reduces corruption?

So, if people are interested in IT but not habituated, what sort of training investments is the government making?

Obviously, e-governance reduces corruption considerably. In the birth certificate module I just cited, if somebody can apply through a kiosk, he doesn’t need to bribe anybody to get the job done. Similarly, when more e-governance projects go online, corruption will be brought down. Also, if the Right to Information Act is properly implemented, corruption in the government will definitely come down because the system itself becomes more transparent. Before becoming the IT minister, you were a professor of computer science. How much has that helped you in the process of enhancing e-governance in West Bengal?

My prior experience with IT has been of great help to me in getting investments. One reason is because I understand the language that the people in the IT sector speak. When I interact with top officials, I understand the quality of the companies they represent. If a small company comes, which doesn’t have too much money, I’m able to determine if the company can still show some sort of entrepreneurial skills. With reference to e-governance, I understand what the people of the state need, and how IT can make their lives better. For instance, based on my knowledge, I understand why open source software is so crucial for e-governance projects.

I plan to train all the people in my department shortly. We have a policy for training all government employees of the state vis-à-vis IT usage. While we have not set any specific deadline for this task, we are quite confident that we can do this within one or two years. We have already given some training to a few people, but we need to give them more rigorous training. What happens when large projects like the Tata’s Rs 1-lakh car project come to West Bengal? Will this not put a strain on the official machinery and call for a greater thrust on e-governance? How do you plan to handle huge projects like this?

Naturally, a huge project in West Bengal will place a strain on the machinery of the state. But investments help the state, and we plan to ensure that our e-governance initiatives are also expanded to ensure that governance doesn’t suffer. You also have to remember that when a huge project comes our way, it helps the people of the state by providing them with employment and better quality of life. Along with this, our e-governance plans will also make the lives of these people more meaningful. CIO

While you believe that IT can help improve work culture, are government employees buying this argument? Is there any resistance to IT?

Actually, there has been a lot of change in West Bengal recently with respect to the mindsets of the people in general 52

Interview.indd 52

n o v e m B e R 1 , 2 0 0 6 | REAL CIO WORLD

Special correspondent Balaji narasimhan can be reached at

vol/1 | ISSUE/24

10/31/2006 10:51:48 AM


technology The Internet’s new communication technology, IPv6, is coming — whether CIOs are ready or not. But being ready could save you millions and reduce security risks.

VOl/1 | ISSUE/24

Essentisl Tec With Pagination.in53 53

From InceptIon to ImplementatIon — I.t. that matters

The Protocol Supremacy BY BEN WORTHEN KNOWLEDGE MANAGEMENT | In June 2003, John Stenbit, then CIO of the Department of Defense (DoD), announced that the department would move to Internet Protocol version 6 (IPv6), a next-generation Internet communication technology, by 2008. The only trouble was, hardly anyone in the government — or anywhere else — knew what he was talking about. IPv6 is the international standard chosen by the Internet Engineering Task Force to replace the current protocol, IPv4 (version 5 never made it out of the gate). It is more secure and can extend Internet connectivity to a nearly infinite number of devices, while at the same time reducing network management costs by as much as a third. Stenbit’s announcement was designed to give an IPv6 ecosystem a chance to develop gradually within the DoD. “Moving to IPv6 takes a long time,” says Stenbit, who retired from the DoD in 2004. “Within the DoD procurement system, big bucks are bet on [systems] that come out five years later. If the people who are working on those systems REAL CIO WORLD | n o v E m B E R 1 , 2 0 0 6


essential technology

don’t know what IP version we will be using [in the future], then they will just build them with today’s protocol and we will lose the ability to move forward.” To date, however, few US companies have followed in the DoD’s footsteps. Nor, for that matter, have the past three years brought an increase in IPv6 awareness. A recent CIO Executive Council poll on IPv6 adoption had only two responses, and neither of those CIOs was using IPv6. In a sense, that is understandable; the current version of the Internet works just fine and, to date there hasn’t been a lot of pressure to move. But that’s about to change.

Last-Mover Disadvantage Outside the United States, the transition to IPv6 is well under way. China, Japan and Korea have all made moving to IPv6 a national priority, as has the European Union. China, in particular, is building a new Internet based entirely on IPv6 that it hopes will allow it to become the world’s leader in all things Internet.

software front, Microsoft’s upcoming Vista operating system will have IPv6 as its default protocol, and Windows Vista has several collaborative features that work with IPv6. Finally, the major telecom companies are quietly upgrading their networks to carry IPv6 traffic; keeping themselves in the running (they hope) for a General Services Administration telecommunications contract valued at Rs 90,000 crore over the next 10 years that requires carriers to have IPv6-capable networks.

Not If but When “The war over whether we should or shouldn’t we move to IPv6 is over,” says Tom Patterson, CEO of the IPv6 consultancy Command Information. “It is a matter of when.” But CIOs can’t afford to just sit back and wait for the new Internet to come swoop them up. They need to actively plan upgrades of everything on their network to IPv6-capable versions if they wish to avoid the complexity, security risks and extra cost of maintaining two protocols over the long haul. Every router, laptop, application

The good news: there is no deadline. CIOs have time to plan and invest at a gradual pace to avoid the extra costs and risks of a sudden switchover. In the United States, many of the hurdles that have stood in the way of IPv6 adoption are about to disappear, thanks in large part to the DoD’s move and a subsequent rule requiring federal agencies to transition their networks to IPv6 by 2008. Advances in hardware, software and telecommunications have guaranteed that the transition will happen in the United States as well; with or without the cooperation of CIOs. For example, many network equipment makers, led by Cisco and Juniper, have been selling routers and switches that are IPv6 compatible for several years. On the 54

n o v e m B E R 1 , 2 0 0 6 | REAL CIO WORLD

Essentisl Tec With Pagination.in54 54

and anything else connected to the Internet will continue to work side-by-side with the old, but in a much more efficient manner. The critical question is whether to work the transition into your normal technology refresh cycle, or wait and absorb a massive one-time hit when competitive pressure forces you to move to IPv6. The good news is that there is no Y2K-like deadline, which means CIOs have time to develop a plan and invest at a gradual pace to avoid the extra costs and risks of a sudden switchover. “If you don’t prepare correctly you will create headaches that you don’t need to have,” says Yanick Pouffary, a technology

director of the North American IPv6 Task Force and fellow with the IPv6 Forum. Good planning starts with viewing IPv6 as more than a tactical issue. “Don’t just look at this as a hardware refresh,” says John McManus, acting CIO of NASA and the co-chairman of the federal CIO Council’s IPv6 Working Group. Upgrading to IPv6, he says, will help you reduce network costs and complexity, and facilitate new services that are limited only by your imagination. And while McManus says that “there are 100,000 things that can go wrong if you don’t do this right,” actually doing it right is surprisingly simple. And if you start now, it doesn’t have to be prohibitively expensive. What follows is a six-step guide to help CIOs upgrade to IPv6 with the minimal possible expense and the greatest possible benefit.

Step One Don’t Miss the IPv6 Boat The Internet protocol is the Internet’s version of a postal envelope, containing information such as the destination and return addresses, and details about a package’s contents. The current standard, IPv4, was developed in 1976, back when the Internet was inhabited by a small group of government researchers and academics and the prospect of using up the protocol’s total of 4.3 billion addresses seemed wildly improbable. IPv4 also didn’t have any security or mobility features. IPv6 was intended to fix these shortcomings. It uses a larger-capacity addressing scheme allowing a nearly infinite number of devices to have their own addresses. It also has built-in security and the ability to automatically configure itself onto a network, easing mobility and general network management. As such, it could enable anything from sensor networks that detect meteorological events to refrigerators that e-mail grocery lists to their owners’ cell phones. That’s the short version. In reality, it is impossible to learn everything you need to know about IPv6 from a single article. CIOs need to find out if there is anyone on their staff who knows anything about IPv6.

Vo l/1 | ISSUE/24

10/31/2006 10:25:06 AM

essential technology

If you’re lucky there might be. But don’t count on it. That means appointing an IPv6 champion who will be accountable, says Lisa Schlosser, CIO of the Department of Housing and Urban Development (HUD). “This person should have an executive sponsor and report to the CIO.”

StepTwo Develop a Business Case Every company in every industry should be able to think of some way that IPv6 can help its business. At the DoD, for example, Stenbit wanted to build a global information grid; a virtual map of communications, processing and storage from which users can pull the data they need to do their job, a vision that continues after his retirement. Most CIOs will find solutions to more ordinary challenges. At HUD, for example, housing inspections after disasters like Hurricane Katrina could be done more easily (with more IP addresses available) by inspectors carrying mobile devices instead of typing field reports into computers back at the office. “More addresses will let us extend our network,” says Schlosser. When you increase your addresses, you can collect this information in real-time.” For a construction company like Bechtel, IPv6 unleashes any number of possibilities that could come from combining IT systems with other systems like security cameras and air-conditioning units. For example, sensor networks made of small, wireless, IP-enabled devices can add new capabilities to the current facility management systems. If Bechtel builds a factory in a hot climate that will be open only 12 hours a day, the sensors can collect real-time climate and temperature information that can be combined with real-time electricity price information to help the company decide when it is most cost-effective to turn on the air-conditioning. IPv6 can also reduce the cost and complexity of managing IT. In an IPv6 economic assessment released earlier this year, the National Institute of Standards and Technology (NIST) estimated that the new protocol would facilitate a move to voice 56

n o v e m B E R 1 , 2 0 0 6 | REAL CIO WORLD

Essentisl Tec With Pagination.in56 56

Training Your IPv6 Champions According to the federal CIO Council’s IPv6 transition guide (find a link to the full report at www.cio. gov/documents/IPv6_Transition_Guidance.doc), there are four kinds of training that a company’s IPv6 champion needs: Business — IPv6 workshops and conferences provide participants with general information on the technology, identify vendors that support IPv6, help them understand the business drivers behind the transition and introduce them to services or products enabled by IPv6. Architecture — This covers everything from auto-configuration to routing, multicasting and principles for connecting to the IPv6 Internet. This area will have the greatest impact on the development of successful IPv6 integration plans. Operations — Companies need to train their staff on how to support the IPv6 environment. The bulk of operational training should focus on supporting IPv6 applications (for example, IPv6enabled e-mail and Web servers). Operational training will often be hardware- or software-specific, generally produced by, or for, a particular vendor’s product. Technology — Extra specialized training will be needed to address other technological topics, in which IPv6 plays an important role, such as mobility and security. — B.W.

over IP, which could result in a 20 percent decrease in communications spending for the average company. Furthermore, NIST estimated that IPv6 would save IT departments about 30 percent of their overall IT spend by eliminating the need for network address translation devices and associated practices that companies use to allow IPv4 to extend Internet access to the devices on their internal networks. IPv6 also allows for end-to-end security (more on this in Step 6), which would allow companies to phase out perimeter security tools like firewalls. IPv6 will also save CIOs and their staffs time, because it has the ability to auto-configure itself, which essentially makes an IPv6-capable device; a desktop, a security camera or an IP telephone; plug and play regardless of geography, with obvious advantages for the military and companies like Bechtel, cutting the time it takes to set up an on-location network. Today, Bechtel engineers have to reterminate the voice and data network every time someone moves a trailer, says Fred Wettling, a fellow in Bechtel’s technology group. That goes away with IPv6. Within a corporation, IPv6 can facilitate better collaboration. Each IPv6 computer is able to act as its own server, meaning that users

can connect to one another directly. One application that already takes advantage of this is Windows Vista, which allows IPv6 users to work inside the same Word document, spreadsheet or PowerPoint presentation regardless of physical proximity and without going through a Web host.

StepThree Inventory Your Network The next step is to find out what exactly is on your network and determine what is already IPv6 compliant or can be upgraded to the protocol. These devices aren’t limited to routers and switches but include security tools like firewalls, laptops and even printers. “Organizations deploy hundreds of printers and thousands of desktops but don’t maintain a strong accounting of them,” says Vic Berger, lead technologist for the government practice at the consultancy CDW. McManus, NASA’s acting CIO, says he broke it into two separate tasks, first taking inventory of devices that communicate with the outside world, like routers and firewalls, and doing the internal-facing devices on LANs such as laptops later. He says, it helps make the task more manageable and uses network discovery tools as much as possible.

Vo l/1 | ISSUE/24

10/31/2006 10:25:07 AM

essential technology

As you identify each device, you need to determine whether it is IPv6-ready, if it can be upgraded to IPv6 or if it needs to be replaced. “There is no IPv6 seal of approval,” says Patterson, so you may end up reading manuals, calling vendors or checking websites to find out. McManus stresses that a full inventory is not an overnight project. “Even with automation it took us three months.” And that was just the external network. It’s also important to get your vendors’ IPv6 transition plans. “You can’t build your transition plan without knowing your partners’ plans,” says McManus. Those plans may not be well formed yet, warns Wettling. “We are sharing our experiences with our partners,” he says. “We are working with them hand-in-glove. We learned from what they have done, and

Wettling has identified what he calls gateway points during development; places in the cycle where a programmer hands off his source code to a quality assurance person, for example. Each of these people is now responsible for making sure that the application is IPv6 capable before it moves to the next stage of production.

Step Five Make IPv6 Part of the Refresh Cycle There’s no telling just how expensive upgrading to IPv6 will be. NIST estimated that a midsize company with eight routers and 150 switches and four firewalls would spend just under Rs 9 crore to upgrade its network. But that doesn’t include laptops, printers and software charges. A Government Accountability Office audit released at the

Upgrading to IPv6 can be expensive, but much of the cost can be absorbed as part of the normal technology refresh cycle. they learn from what we are doing.” If the vendor isn’t willing to work with you on a transition plan, find a new vendor.

Step Four Rethink Legacy Systems and Practices You can’t always expect outside help in making the transition to IPv6, however. You will need to come up with your own plan to transition older technologies such as mainframes, which are no longer supported, and to upgrade software developed in-house. CIOs at companies that do a lot of inhouse development will need to ensure that every developer builds with IPv6 in mind. For example, Microsoft has a development utility that lets programmers check an application’s source code for places that currently have IPv4 commands. At Bechtel,

Vol/1 | ISSUE/24

Essentisl Tec With Pagination.in57 57

end of June found that government agencies anticipated spending just under Rs. 4.5 crore to more than Rs 90 crore on their upgrades. That’s a hit. But much of the cost can be absorbed as part of the normal technology refresh cycle, says David Powner, director of IT management issues for the GAO. (Provided CIOs come up with a master inventory list and corresponding plan.) Buying the right products at the right time minimizes the extra costs associated with moving to IPv6. “We have our plan down to the single piece of equipment level. We know all the way out to 2010 what we are upgrading and when,” says Schlosser. Network managers will have to be trained on how to use the new technology, and CIOs will have to establish labs to test the new capabilities and see firsthand how IPv6 works. Bechtel has four such labs running over 200 IPv6 machines today. It

gives the company a chance to understand how the IPv6 environment operates before exposing anything to the outside.

Step Six Assess Your Security Posture IPv6 shifts the traditional security paradigm for IT from protecting the perimeter with firewalls and intrusion detection to protecting individual devices and applications directly. Eventually this will make security much easier, since CIOs will be able to limit access to their company’s data to approved devices as well as approved users. But, in the short term, it also presents a challenge. Most current network monitoring systems can’t detect IPv6 traffic. And given that network equipment makers have been selling IPv6-capable equipment for years, most companies are probably running some IPv6 that they don’t know about. That means that a hacker with an IPv6 connection could get on your network and theoretically move around undetected. The best defense is to turn off the IPv6 capability in your products until you are ready to offer or consume IPv6 services. Schlosser says part of her job is to monitor HUD’s network to make sure that no one is turning on IPv6 too early.

Flip the Switch Carefully Just when exactly CIOs should turn on IPv6 functionality depends on both the company and the marketplace. (Bechtel anticipates running IPv6 before the 2008 government deadline.) But that doesn’t mean you can afford to wait before starting to upgrade. “Companies need to understand that this is coming,” says Wettling. “It is inevitable.” Right now, says Wettling, education and awareness is the single biggest challenge. “It is easy to buy these products now for no additional cost,” he says. “It is beyond me why you would buy products that don’t have IPv6.” CIO

Send feedback on this feature to

REAL CIO WORLD | n o v e m B E R 1 , 2 0 0 6


10/31/2006 10:25:07 AM


essential technology

Passwords Don’t Cut it Anymore. Let's face it: passwords aren't good enough. Fortunately, there are new tricks that are harder to beat. By Sarah Scalet

| The security community has been saying it for years, yet single-factor authentication — user name and password — is still the Internet’s calling card. Whatever you're doing online, a user name and password is all you need. And it’s simply not good enough. Whatever we’ve done to educate the public about spoofed e-mails and websites is failing. Recently, a report from the Pew Internet &


whatchamacallits. But far more exciting is the prospect of building the same kind of fraud protection used by credit card companies into online banking and other e-commerce apps. Consider this. A relative recently had her credit card stolen. She found out when her credit card company called to ask if she was trying to take out a large cash advance at a casino in Las Vegas. It wasn’t typical behavior and the credit card company blocked the

and answering three security questions of their choice. Then, when they log on to BOA's site, they’ll see the image and phrase. If they don’t, they’ll know something is wrong. And if someone tries to access an account from an unknown computer, an additional questions pops up. It’s sort of like flagging a sudden cash advance in LA by calling the customer. This is new; Tubin refers to it loosely as ‘risk-based authentication’. The idea is to

The idea is to look at the IP address, OS and clock setting of regular customers' computers.This creates a sort of digital fingerprint that includes the computer’s geo-location. American Life Project said that of 2,001 adult Internet users polled recently, only 29 percent said they had a good idea of what phishing is. Fifty-five percent weren’t really sure, and a 15 percent had never heard the term. We could blame technical descriptions. But, phishers are asking for user names and passwords and people are giving them. And if they don't, criminals will just start taking them, by using malware, pharming or something else. Which is another way of saying that passwords are dead — or they ought to be. George Tubin, a senior analyst at the Tower Group, believes that we should start assuming that a user name and password are going to be compromised. I agree. Two-factor authentication is the ready fix — biometrics and keyfobs and other 58

ET-Pundit.indd 58

n o v e m B ER 1 , 2 0 0 6 | REAL CIO WORLD

transaction. We need to move this kind of fraud protection to the online banking world. And there’s incentive: while credit card companies can pass on a great deal of the cost of fraud to merchants, last year the banking industry ate most of the estimated Rs 630 crore in direct losses caused by phishing. This is the rare case where technology, not education and awareness, needs to be the backbone of an effective approach. Vendors are just starting to create a whole category of nifty software that will, with little customer worry, protect their accounts much better than user name and password ever could. It’s the kind of program that the Bank of America (BOA) just announced. With SiteKey, online banking customers will have the option of picking an image and phrase

look at the IP address, OS and clock setting of the computer where a customer generally accesses his online accounts. This creates a sort of digital fingerprint that includes the computer’s geo-location. This information can be incredibly powerful in fighting fraud if matched with anti-fraud systems that monitor typical behavior. A log-in attempt from an unusual location, for instance, calls for an extra level of authentication. The problem with passwords is that they make logging on a yes/no operation. With these new techniques, the log-on process gets reincarnated as a yes, no or maybe operation. It won’t solve all our problems, but it may just keep us in the game. CIO Send feedback on this column to

Vol /1 | ISSU E/24

10/31/2006 10:31:15 AM

November 1 2006  
November 1 2006  

Technology, Business, Leadership