May 21, 2008

Forrester's Views on Web 2.0 Security

Dr. Chenxi Wang, a Principal Analyst at Forrester, presented a session on Web 2.0 Security Strategies. Here are some highlights from her session:

Web 2.0 is moving into Enterprises, whether you like it or not. She calls this the “consumerization” of enterprises. This is one of the most significant trends in enterprise computing today. All of the existing business software vendors are eyeing this market.

Web 2.0 applications bypass traditional controls that enterprise IT has in place for business data and processes, which introduces an additional need to mitigate external threats. However, Wang advises against blocking 100% of Web 2.0 content in organizations in order to avoid employee backlash.

If you’re developing your own Web 2.0 applications or services, security must still be considered. Web 2.0 apps are more difficult to secure than traditional apps.

Information security considerations

  • Content governance: much Web 2.0 content is unstructured. Content moves freely between the web, email, IM, P2P, FTP, RSS. This moves outside normal security tools.
  • Data security and control
  • Identity management
  • Archiving and retention
  • Compliance
  • Privacy and Intellectual Property: IP is owned by the web 2.0 site. Businesses should understand IP ramifications of using Web 2.0 sites. For example, content posted to Facebook is owned by Facebook and not the author.


Procter & Gamble's IT Organization

I just wrapped up this morning's last keynote at Forrester's IT Forum. Marta Foster discussed the transformation of Procter & Gamble's IT organization at her keynote entitled "Bringing IT from the Back Office to the Boardroom."

Procter & Gamble was founded in 1837 with headquarters in Cincinnati and $76.5 Billion annual sales. P&G has 23 billion-dollar brands. Between 1985 and 1999, P&G expanded from a US-focused company to and international company, entering 55 new markets and increasing operations to 86 countries.

During these 15 years, P&G expanded IT capabilities around the world, resulting in duplication and inefficiency. In 1999, P&G underwent a major re-organization to address some of the inefficiencies from the period of growth. P&G created global business units (e.g., Laundry) with global P&L, market development organizations, and Global Business Services.

At the time, most of the business leaders considered IT to be a cost, but the IT group wanted to become an innovation agent for the company. At a company level, P&G commits to 4%-6% annual growth to its shareholders. IT wanted to find ways to contribute to this top-line growth.

P&G’s Approach

  • Unite IT and core Business Services. Current Global Business Services consists of 8500 employees, of which 4000 are IT.
  • Drive shared services across Business services.
  • Shift thinking from “technologies” to “solutions.”
  • Change the back office to become a business driver.

P&G organization: Global Business Units, Market Development Organization, Global Business Services, Corporate Functions. IT was renamed to Information & Decision Solutions (IDS) to reinforce the change in mission and vision.

Three structural drivers: global organization (3 data centers), think holistically across business processes, orgs, and technologies), grow the partnerships. (HP, IBM, Jones Land LaSalle for facilities). Narrowed down from dozens of partners to 11 global partners.

Three core strategies for how they work

  • Run as a business: changed approach from being a cost center (focused only on cost reduction) to (cost, service levels, value creation, service management, “total user experience”) aligned to P&G approach (P/L, market share, sales volume, brand management, consumer benefits).
  • New IT strategy aligned to business needs: virtualization (replace physical product mock-ups with virtual reality applications), personalization, and real-time decision-making. (decision cockpits that can be personalized by employees – 20,000 cockpits now, growing to 35,000. Goal is for employee not in manufacturing to have their own cockpit – about 70,000 in total.). Virtual Solutions are now used on 79% of all P&G initiatives. Personalization: pampers.com began as support for one site. 49 countries, 26 million visitors/year.
  • Measure for success. For every service, measure client satisfaction, service levels, user sensing, employee survey, scorecards, top-to-top connections with a 10-point scale for each category. Over past 3-4 years, $600M cost savings to date, 16% increase in user satisfaction, client sat at 8.7 (highest ever).

The IDS (IT) team has adopted a “Flow to Work” Design that attempts to breakdown traditional organizational "silos." People are encouraged to work across the organization and take a top-level business view on projects instead of focusing on their functional area or place on the org chart.

The acquisition of Gillette demonstrated some of the recent changes. P&G integrated Gillette and achieved all synergies in 15 months, whereas previous acquisitions of that size have taken 3 years. Marta’s org has 2000 people. Normally, people are on 2-year assignments. With 1/3 of organization, she’s trying to change so that folks have 6-month assignments.

Lessons learned

  • Maintain top-to-bottom focus on mission
  • Top management support is essential.
  • Communicate, communicate, communicate.
  • Commercialization is critical. All new technologies must find a home/purpose in delivering a product to market.
  • New models need new skills and capabilities.

P&G's green initiatives

  • Reduction of daily paper printing, focus on reducing consumption in facilities.
  • P&G has started measuring and reporting on carbon footprint for the company.
  • P&G is also involved in green initiatives with key customers (Walmart, Target) with a focus on the reduction of product packaging.
  • Reduction in travel: P&G is Cisco’s largest installation of tele-presence rooms. Global travel budgets reduced by 15%, IDS reduced travel by 40%, used a portion of the travel savings to fund video conferencing.
Now, I'm off to lunch. Late this afternoon, I'll be back on-line to blog about the afternoon sessions.

Forrester IT Forum - Day 2

Welcome back to the Forrester IT Forum in Las Vegas. I started my day at 7am on a conference call with folks back in the office to discuss one of our key customers. After getting caught up on my e-mail, I was back at the Venetian for the day's sessions and analyst meetings-- the first one with Evelyn Hubbert, Senior Analyst at Forrester. Jay Fry, Evelyn, and I had a very productive chat about data center automation, ITIL, process automation, and the current state of tools. I'm now finishing up a keynote session by Marta Foster from Proctor & Gamble. (Stay tuned for that post.)

On a side note, today was a more balmy day in Las Vegas. Yesterday, the high was a blistering 104 degrees (yes, but it was a dry heat!). Today, I was greeted by cool breezes and 76-degree weather, with an expected high of 86.

May 20, 2008

Simon Yates Talks about IT Infrastructure and Operations at the Forrester IT Forum

The clock has almost struck 12 (literally) on the first day of the Forrester IT Forum, but Vegas is still hoppin'. After a long day of sessions and 1-1's with Galen Schreck and Simon Yates, Jay and I decided to have some nice Venetian cuisine at one of the cafe-style restaurants in the faux Piazzo St. Marco at the Venetian Hotel. (I've been to the real Piazzo in Venice, and let's just say the replica is "close, but no cigar." Okay, maybe not even close, but there was one pigeon in the Venetian's replica.)

Earlier in the afternoon, I attended a session by Simon Yates, a Forrester VP analyst. The session was entitled "IT Infrastructure and Operations: The Road Ahead."

Yates covered many different topics during his session.

Success imperatives for IT that he is seeing from Forrester's clients (mostly large enterprises):

  • Stay ahead of next-generation data center technologies.
  • Consolidate IT for cost, efficiency, and simplification. Yates seeing a lot of interest in consolidation from their clients—very high demand over a short period of time (6 months).
  • Deliver always-on, always-available infrastructure within an ever-tightening budgetary envelope. One interesting quote: “Every year is a recession in IT operations.”
  • Enable user productivity through mobility.
  • Automated and simplify IT processes. ITIL, Forrester is developing research around IT management and automation.
  • Maintain and optimize core IT systems.

Technology change

  • Virtualization everywhere: servers, storage, networks, and clients. Improving server manageability and server flexibility is the number one reason for virtualization (41% consider very important and 46% consider important). Reducing hardware costs is the next reason (43% very important, 39% important) CIO's are “talking about virtualization at cocktail parties like it’s their favorite martini.”
  • Next-generation data center technologies could fundamentally. Change the economics of IT. Cloud computing has burst onto the scene. This could have a profound impact on how people build data centers.
  • Mobility requirements are driving investments in infrastructure to support a changing workplace.

Gaps in the virtualization portfolio

  • Management tools: need management that is common across silos. Most management tools from the “Big Four” are designed for physical things.
  • Sercurity tools can’t see into or protect virtual instances.
  • Licensing: still a black art that gets even more complicated. MSFT licensing is even more complicated in a virtualized environment.
  • Organization challenges: ownership and responsibility as virtualization bridges traditional functional domains (e.g., storage management).

Cloud computing is on the horizon. Yates urged attendees to get ready for the onslaught of cloud-computing products and initiatives from systems vendors. Most enterprises are not ready, and most cloud-computing providers are not ready yet either.

Organizational change

  • 87% of CIO’s plan to restructure IT operations, and 60% have already started. Basically looking at traditional silos, such as storage, and looking at realigning to business imperatives and changing technologies.
  • Consolidation of everything- data centers, storage, applications, and IT staff. Automation will drive the consolidation of IT staff.
  • New requirements drive IT ops professions to develop new business and technology skills. CEO’s and CIO’s want to invest in the personnel they have.

Changes that will happen in IT:

  • Distributed authority will give way to centralized oversight. Instead of many mini-CIO’s, control will be centralized under the CIO.
  • Bottom-up projects will be replaced by top-down initiatives from the CIO.
  • Tech silos will be broken down and replaced by tech interdependency. There’s a push for IT service management instead of functional silos. There will be ITIL projects in the coming 6 months.
  • Technology specialists will transform into personnel with cross-technology skills. These individuals will be required to “see beyond their silos” and understand how IT affects (and can improve) the business.
  • Traditional tech metrics will give way to business-centered metrics. IT performance will be measured at a business level.

IT skills requirements are changing: technical versatility, business knowledge, interpersonal skills.

Process change

  • IT departments are shifting from the management of things to the automation of process and services.
  • Increasing interest in ITIL and increasing adoption in tools for automation. After consolidating hardware, companies are turning to ITIL (to consolidate process after they’ve consolidated everything physical.
Well, that wraps up day 1 at the Forrester IT Forum. And if you're still wondering, there were no cookies during the afternoon break between sessions. There was a selection of fresh fruit and granola bars. So, no cookie for me, but I did have gelato after dinner. So good things do come to those who wait! Check back on Wednesday for updates on day 2. Ciao.

Cloud Computing at the Forrester IT Forum

I'm posting this blog entry during the afternoon break at the Forrester IT Forum. Okay, so I'm probably missing out on some chocolate chip cookies, but I really don't need them anyway. The third keynote I attended this morning was from Rick Lechner, VP Enterprise Systems at IBM. His talk was entitled "The New Enterprise Data Center: Enabling Business Innovation." As with any vendor talk, it was part annecdotal and part product pitch.

Here are some highlights from his keynote.
IBM sees three business drivers that are impacting IT today:
  1. The changing face of globalization (transformation from exporting to multi-nationals to truly distributed global enterprise).
  2. The rising tide of information (more devices, need for real-time analytics).
  3. New business models that are evolving as new technology arrives (B2B, B2C, new uses of the Internet, rise of social networking).
IBM has developed and deployed a cloud that is used internally by Researchers. From an internal portal, Researchers request a set of compute resources, they’re provisioned in minutes, and then provided to the Researchers. When done, the resources are returned to the cloud. (As an aside, one of our Cassatt customers is developing such an internal cloud using Cassatt Active Response and our programmatic interfaces.)

Lechner spoke about several cloud-computing efforts in industry, academia, and government:
  • Google, Univ of Washington, and 6 other universities are working on how to design apps for the cloud.
  • Vietnam has deployed some clouds to foster collaboration between the government and university.
  • China has deployed some clouds to provide compute resources to software start-ups.
Well, I'm done posting for now. I'm off to find that chocolate chip cookie now...

Bobby Cameron's Keynote at the Forrester IT Forum

This morning, Bobby Cameron, a VP analyst at Forrester, delivered a keynoted entitled “Don’t Wait to Innovate." During the keynote, I found myself sitting next to 3 guys who should have been at a pub instead of at the keynote. Despite a gentle warning, they continued to e-mail pictures to each other and play with some of the show give-aways.

Well, here are some highlights from Bobby's talk:
  • Business model innovation is a top priority, but most companies invest in new product/service invention.
  • IT leaders miss innovation by focusing on cost & quality.
  • On-going investments vs game-changing ideas: there is an “innovation continuum” in between the 2 extremes. Companies find it more difficult to fund projects in the middle.
  • P&G sources new products from “innovation networks.” Half of inventions are sourced from outside of the firm. They have identified individuals who play different roles in the process: Financiers (fund the projects), Transformers, Brokers (coordination of the network), Inventors.
  • P &G has a website for their partners and customers. With 53 people, they generated $3Billion in new revenue from products invented outside of P&G.O
  • Cameron suggests that companies should have dedicated funds for innovative projects that are separate from “business as usual” projects. Verizon has a separate fund of $2-3 Million/year for innovation.
  • Cameron discussed some companies that have created innovation pipelines. Idea generation is everywhere, running on its own funding, governed by innovation team. Iterative/agile delivery to develop an early prototype before commercialization. This pipeline for innovative projects runs parallel to the regular process.
  • Take tactical steps now: People – build an innovation culture. (IT: senior managers spend 2 weeks / year out in the Field / business) Process: have a portfolio management process in place. Review the portfolio to show funded/unfunded. Technology – use tools to capture ideas from employees & outside, make the portfolio visible.
  • Technologists must know the cost to the business. At Fidelity, IT knows about the cost of each trade. IT asks “how do I knock $0.25 off the cost of a trade?”

Mike Gilpin and Eric Brown's Keynote on Business Innovation

Mike Gilpin and Eric Brown, both Forrester VP analysts, delivered the first keynote entitled: “Setting the Stage: Your Role in Business Innovation." A few interesting highlights:
  • Increasing innovation remains one of top 3 goals for most CEO’s. today. (survey of 1400 CEO’s by Forrester)
  • Singapore has created a Biopolis (technology park) that houses 2000 scientists in 2 million square feet of R&D space.
  • Kimberley Clark has created a 3-D usability lab for shopping and understanding buyer behavior. This virtual “lab” is located in Wisconsin and consists of three walls with projected displays. As shoppers walk with a shopping cart, the displays change. Kimberly Clark tracks the subject's retina to see where people are focusing. The goal is to try out new packaging, products, marketing, etc. in a virtual environment and see how people respond to new products before they appear physically on shelves.


Greetings from Forrester's IT Forum 2008

This morning, I hopped a short flight from San Francisco to Las Vegas to attend Forrester's IT Forum 2008. Jay Fry and I are here to talk with analysts about the new Active Response 5.1 product launch (read more about it). During the day, I'll post my notes from the various keynotes. So check back over the next few days for more details.

May 13, 2008

M & A's Back, and in a Big (HP) Way

Today, HP announced that it will purchase EDS for $13.9 billion, and in the process HP will have a professional services arm that can go head-to-head with IBM Global Services. With HP's recent purchases of Opsware, HP's returned to the software business. With the upcoming purchase of EDS, HP will have complete portfolio of hardware, software, and services to compete with Big Blue.

A long, long time ago, in a state far, far away, I was an EDS employee in Plano, Texas. I was a Research Systems Engineer back then, developing an in-house CASE tool that was used to generate form-driven DB applications. That was 1991, shortly after Ross Perot had departed, and Dick Brown was CEO. EDS had "relaxed" its dress code back then: double-breasted suits were allowed, and striped shirts were also acceptable. The employee manual did stipulate that the stripes could be no wider than 1/4", and shoes with metal buckles were still verboten. Employees had to wear their suit jacket whenever they travelled to another floor, another building on campus, or the cafeteria. And you had to wear a tie 24x7, even at midnight in the office. (But you could loosen our ties then.)

I'd imagine that EDS has relaxed its dress code since the 90's, but it's corporate culture is vastly different from the "HP Way." It will be interesting to see how this merger pans out.