June 20, 2011 6:52 PM
Posted by: Arun Gupta
, engaging with the business
, role of the CIO
, vendor engagements
The other day I attended a congregation of CIOs with a dozen odd vendors sponsoring the event. It was a gathering of 100 odd CIOs who took time off on a Saturday to, amongst other things, patiently listen to the spiel. With representation across industries and a mix of senior and evolving leaders, the learning and networking potential was expected to be high. The investment of time from these leaders carving out a portion from their personal time was expected to yield reasonable value.
Now every sponsor vendor always seeks to disseminate information on their offerings and pitch their wares to every target segment. Traditionally this has taken the form of slide presentations that no one wants to hear. At times even the presenter is seen struggling to do justice to the content as s/he is not the creator of the slides, which, in many cases, are found to have lost their relevance. Futile attempts to change this model of engagement have left the participants numb as they grace such times with their physical presence but rarely with their minds.
Before embarking on the merits of doing business with their company, setting the context with the audience has always been seen as a good idea; and this is what they started off with. The first one off the ground started with data from respected research companies.
What is the business reality today? Not necessarily in order of priority, they are: expectations of growth, exploring new markets or products, driving operational efficiency, cost containment, IT lead innovation, and customer centricity. How do these impact the CIO? The CIO is expected to be a business leader shedding off the technologist skin; s/he should transform and work with other CXOs, overturn the iceberg of IT expense by reducing the operational expenses and by allocating higher amounts to new initiatives.
Slides titled “Changing Role of the CIO” advised the audience members about the need to “wake up and get going”. However, the best part was how their old offerings could now enable this shift!
Storage solutions, security service providers, system integrators offering RIMS, data center solutions, virtualization solutions, and even network solution providers found a way to connect the dots and make the CIOs appear like cretins and kids in school who needed to be reminded of how their performance will be measured. Best part was the repetition of content with the context lifted from the same reports.
We all know that CIOs are a patient lot and do not ruffle feathers easily. But when speaker after speaker repeated the cliché, the unrest in the room began to take the shape of a mutiny. Half way through the program, sparsely occupied seats greeted the incoming speakers; those present had no interest and thus engaged each other on the table in discussions, detached from the proceedings, in voices loud enough to send a clear message across. Over coffee, the vendors were chastised for their immature behavior with a clear message:
We know our reality better than you ever would; we transitioned to being business leaders a long time back; however you are still trying to sell to IT managers believing that the past is frozen. We did impact the expense-line and it was not about IT expenses only which is why you believe that we are not connected to the reality. Our CEOs and other CXOs do not look at us the same way they did a decade back; they partner with us, seek our advice and work together towards the common business objectives.
We are not enamored by hardware, software, new technology; we seek to solve real-life business problems, sometimes with help from technology. So, stop debating the changing role; it happened while you were busy trying to figure out why there is no traction any longer with the CIOs. It is you who needs to change to align to the new age CIO.
June 14, 2011 2:41 AM
Posted by: Arun Gupta
Last week I was in a conference of retailers discussing how IT can contribute to growth within their business and to the industry at large. The event had its usual bevy of IT vendors who had availed of speaking slots as well as many deciding to exhibit their products / solutions to target potential customers with their offerings. Attendance being large with representation across retailers, it was a great opportunity for the sponsors to engage.
Sloppy (and usual) vendor-pitches
Every marketing executive, when provided with the opportunity to deliver an address to a captive audience, attempts to put in everything that the company does, regardless whether it makes sense to the target audience. The result is that anyone listening is more confused than s/he was prior to sitting through the presentation. Charts and multiple boxes with bullet points are the norm. Animations and pictures add to the already crowded slides.
Deviation from the norm
But this was one conference that was crafted together by a panel of CIOs and vendor-representatives in conjunction with an industry body. The panel engaged with the sponsors through the planning process defining expectations and providing the suggested format of their participation in the event. Vendors presenting the traditional way using slides were expected to send their presentation to the committee of CIOs to validate the context aligned to the theme and to ensure that it made sense to the participants.
Thus, the agenda, the content headlines and the topics—de-jargonized by the CIOs with some catchy titles—were fairly relevant to the audience comprising a mix of business and IT representatives across the layers of management.
With a few exceptions, the changes to the pitch comprised slashing the number of slides to fewer than 20 and making them readable even by people sitting in the last row of the seminar hall. The clear message to everyone (read – presenters) was: What is the one big message you want to leave with the audience in your allotted 30 minutes? Can you engage and provoke thought rather than outline the menu of options your company has to offer? Given the task of reviewing three presentations each and ensuring that the changes are in line with expectations, the CIOs were a harried lot by the time they got into the conference. Few presenters still escaped censorship by either citing unavailability of global speaker-slides or by simply not responding.
Hits and misses
The end result? For those few who chose the case study route to communicate the benefits of their product(s) or service(s), the compliant presentations created a ‘wow’ (for everyone almost), and this was visible from the crowd outside their stalls.
But on the other hand, the vendors who ‘did their own thing’ found the audience twiddling with their smartphones, chatting to their neighbors, dozing off, or simply walking out midway. If I were to be a speaker, it would have been totally demoralizing for me.
In the day-end debrief one such vendor insisted that there is no other way to inform the audience of what his company has to offer. If the customer is not aware of the entire spectrum of offerings, how and why will s/he think about his company? According to him, when he puts across 10 points, a few will be remembered. He refused to believe that his speech was delivered but not received.
Some people don’t learn. (Sigh!)
June 7, 2011 3:47 AM
Posted by: Arun Gupta
Add new tag
, cloud and the CIO
, cloud models
, cloud outages
, cloud service providers
The beginning of the monsoon season in Mumbai inspired me to push the boundaries again in quest of the silver lining in the cloud. Recent events around outages and security across multiple global cloud pioneers poses doubts on the movement of even non-mission critical applications outside of the corporate data centers. We are not just talking about infrastructure or platform as a service, but everything that is the manifestation of the public cloud.
Evolution of cloud
Over the last couple of years, every offering saw two shifts: first it had to have a cloud flavor and second around social networking (that is another story). Some termed this new euphoria as bubble 2.0 tinted by valuations achieved in recent IPOs. So everyone justified how this time it is different and why it is sustainable. Many large and small enterprises found efficiencies, at least short term, in shifting field functions like sales and service and collaboration on the move to the cloud.
Leaving aside the debate between public, hybrid, and private clouds, the real issue is about the promise of the cloud, irrespective of the vendor, the type of cloud offering, or the engagement model. The big benefit that every type of cloud offered was savings, real quantifiable savings, or better, total cost of ownership. CFOs would agree that TCO is always a good measure for any financial model if all other dimensions remain unchanged.
Cloud service providers’ financial models are contingent on multiple customers adopting their base-solutions which give them the efficiency of scale and repeatability. As the number increases beyond a threshold, they start making money. Non-concurrency improves yields, but prices remain the same for customers. So the financial models attempted to capture some efficiency-based gains, making them look attractive to the prospects.
A few unanswered questions
Most discussions got off to a good start with worksheets providing easy decisions. The newness of the paradigm left some questions unanswered, but during the slowdown, these were brushed aside. Some of these were:
a) What happens if the SLA is not met?
b) Is my data as secure as it is in my current state?
c) Can I move off to another cloud if I don’t like something? How easy is the transition going to be?
d) As I upgrade the internal systems, how do I ensure that their integration with the external systems does not break?
e) What recourse do I have if the cloud service provider goes bust?
I will stop here, the list is a bit longer, but you get the point.
Business impact due to recent outages and security breaches for some of the smaller customers was significant. Some of them just had to wait and watch with no option. A few had spread the risk across, and thus, the impact was limited. The big enterprises shrugged and moved on. How does one balance the adverse business impact against the cost savings? To me this is a bad compromise as everything is subservient to business interest.
May 31, 2011 2:48 AM
Posted by: Arun Gupta
, information on demand
, mobile enterprise
, work anywhere
, work life balance
Earlier this month I was confronted by a peculiar but innocent question from a young professional: “Do CIOs take real vacations, I mean, real long vacations with friends and family, free from all the worries of workplace and fighting fires that keep them at work beyond the normal hours?”
I began to wonder about the question. The more I thought about it, the more it troubled me; I mean, vacations without my email, phone, laptop, no connectivity; that was eons ago.
Today every executive, irrespective of hierarchy, is consumed by the need to stay connected with the workplace. Downloaded information and alerts keep the buzz going 24X7. Approvals via phone, business intelligence on the fly, are the norm; one cannot ever claim: “I was not informed” or “I did not have access to information”. To add to the clutter, friends and partners want to stay connected using various social networks.
So what is the vacation about? Working on the road with interruptions on the phone, balancing the laptop in between site-seeing trips, late night responses to emails with long attachments, talking to a vendor while soaking into the natural beauty staring in the face? For most of us who travel across time zones, the first reflex is to reach out to the phone to see what came through while we caught up with the forty winks.
What does it take to sell the Ferrari and become a monk who has no links with what we call ‘work’, while immersing into ‘life’. Is that a possibility in the hyper-connected, fast paced activity-conundrum? We CIOs created this paradigm for our enterprises to which every corporate employee is a willing slave.
Imagine if we did not answer the phone (may make us appear rude), stopped responding to emails and had an active ‘Out of Office’ message, let team fight the fires that make up a regular day at work; would it make a stress free day? Nine out of 10 times, people would say, ‘yes’, but nine out of 10 times they will suffer higher stress levels, wondering about what is, indeed, happening.
So is there a way out? I would hazard to say, ‘yes’. And it requires excruciating will power to execute; go at it one hour at a time. That is like taking baby steps and setting a realistic target because stating that I will not look at that device called the phone for a week is unlikely to happen. Feeling awkward, I called many CIO friends who took vacations recently and asked them if they did what I have outlined above. No prizes for the result of the survey.
I think Bob Dylan had seen the future when he wrote in the year I was born: “The answer my friend…”
Guess what, next vacation I am going to try it. (It’s always the next one, isn’t it?)
May 24, 2011 11:28 AM
Posted by: Arun Gupta
CIO and outsourcing
, IT Outsourcing
, long-term contracts
, outsourcing governance
, short-term contracts
, strategic sourcing
Once upon a time, many moons back, the IT industry discovered multi-shore sourcing, I use this term to encompass all types of (out)sourcing initiatives, and with that came long-term contracts; 10 years was normal, and five years was seen as short-term. A lot of these that termed themselves as Strategic Sourcing also built in innovation, new technology, business process linked contracts with broad intent on changing market and business dynamics.
The fever spread across the globe and no markets or sectors remained untouched. Big or small, almost every company was expected to embrace this new wave. The euphoria within the enterprise as well as IT companies was such that companies that did not enter into such arrangements were seen as stakeholder-unfriendly or just plain dumb for not acquiring the obvious value.
As the years passed by, many companies reported rumblings of discomfort and missed expectations. Analysis appeared to indicate specific issues with companies and individuals for not putting in their best effort, safeguarding the model with zeal, lest the industry collapse with an unsustainable framework if there were indeed cracks in the carefully crafted contracts, service level agreements and reference architecture that represented the blueprint for the future. Business, profitability, political and other pressures forced reviews and scale down.
Downside of long term contracts
Prudent and rigorous reviews also exposed that long-term contracts had advantages of consistency and predictability, but lost on taking advantage of swings in the IT industry as well as did not bring in the level of efficiency or capitalization of quick market trends requiring agility that was possible with short-term relationships or with the ability to review and recast the terms of engagement, say, every alternate year. This was reflected in the drying up of the decade-long deeds and most engagements focused on a 3-5 year term. Maybe, ‘familiarity breeds complacence’ also took root; with both parties, in most cases, working hard to keep the marriage going.
There is no implication that these did not deliver to promise; some of them did and continue to do extremely well; some required significant investments in governance. Leaving aside labor arbitrage, the value captured did stretch the boundaries of discussion and measurement models.
Sustenance of outsourcing
New models now seem to be emerging with a focus on outcome-based payment schedules and collaborative investments in new technology exploration. But the basic framework has survived the troughs and waves of the economy and the resultant impact. The challenge of growth (manpower retention) has mutated the needs and solutions into new forms with service providers hungry to get back to growth of the past, but discarding the learning of unsustainable linear growth assumptions.
Outsourced contracts or strategic sourcing contracts will thus become expensive and non-tenable with linear growth not aligned to market/ business or the (in)ability to manage sudden shocks or black swans that keep coming back to surprise us. Periodic review of terms of engagement, even if they imply disruption, is the need of the hour; the IT industry, however, is not very excited.
May 17, 2011 3:18 AM
Posted by: Arun Gupta
IT governance and the CIO
, project challenges
, software evaluation
, Vendor sales targets
It was an interesting meeting of a few CIOs with the debate revolving around IT Governance. From all types of models being discussed, the common subject of woes shifted to business intelligence (BI). All the CIOs present had large investments in BI with varied degrees of success, some more than the others. Everyone acknowledged the presence of multiple tools and technologies with no single vendor possessing the ability to address the wide spectrum of needs. It was evident that their respective enterprises had reached a level of maturity in adoption of IT that would be the envy of many companies—large and small.
Later in the evening, as the discussion continued over drinks, with rising ‘spirits’, the voices became louder, the emotions hotter, and the language looser. It so transpired that all of them had a few common service providers and solution vendors; stories exchanged may stay in the room but the lessons may be shared.
Most companies have common groups created with IT and business participants to explore, evaluate, and decide on solutions. These heterogeneous groups are typically led by the CIO or a senior IT leader who orchestrates the process. The process is similar across companies, with one or more of the following steps involving RFI, RFP, Demo/POC, business case, budget approval, negotiation, and commencement of the project. A few vendors in their excitement sometimes try to take shortcuts which almost always result in unpleasantness for everyone.
But the more interesting phenomenon occurs when solutions don’t really meet the functionality requirements by a reasonable margin, but the sales person, in his desire to meet monthly/ quarterly—or whatever—sales target, pushes ahead with the desperation of a man clutching straws to save himself from drowning. Everything then seems possible with a tweak, a small code change, customization, bolt-on systems, or some to be released fix in the next version or patch.
Stick to best practices
The resulting tragedy of errors, omissions, round pegs in square holes and heartburn caused to the IT and business teams is imminently avoidable by following the process the way it should be, the urgency on the part of the sales person and his/ her manager ensuring that targets do not override good business practices. It is not okay to withhold information or bend the process to fit the tools, neither it is acceptable for the CIO to allow leeway in the due diligence process. Even with rigor practiced, it is probable that some critical elements may remain uncovered. The business and IT teams will have to manage such exceptions (not a rule).
The luxury of time always eludes us in such activities; many a time deferred decisions put pressure on delivery of milestones, thereby compromising quality or extended time lines and sliding targets to fix issues that could have been avoided with collaboration from both sides. Good practice is a result of everyone being on the same side of the table; a skillful CIO should and will recognize the body language when the problem is being twisted to fit the solution.
May 10, 2011 7:06 AM
Posted by: Arun Gupta
ERP vendor lock-in
, maintenance contracts
, patch management
, patching software
In a class of MBA students, a discussion around quality frameworks veered towards ERP-class systems and the large amount of effort it takes to keep them running. The number of patches released frequently as well as the overall administration keeps everyone busy and on their toes. Bug fixes, functionality enhancements, and then some more bug fixes are the norm. Comparatively the in-house or bespoke systems are relatively stable and the effort investment is around incremental functionality.
Is it because the development of custom solutions is carried out by IT companies with multiple quality certifications like CMMI and others; or just that the big software vendors providing so called ‘off-the-shelf’ solutions are struggling with factories of programmers that churn code trying to keep the innovation wheel running just to stay in the game. The resultant code is often bug ridden with usability that requires a Ph.D. and a large team to keep it from falling apart.
Despite paying anything between 15-30% of the initial acquisition cost and spending a bomb on implementation with process consultants attempting to fit business to solution to business, it is indeed a wonder that quality remains firmly in the backseat.
The story is no different across the industry. Vendors have started believing that it is their birthright to charge customers exorbitantly as Annual Maintenance Charges so that they can forever keep on downloading patches; they also get to call a helpdesk which will in most cases not solve the problem, which, to begin with, should not have been there. The twist in the story is that now AMC is also indexed to inflation which provides a creeping increase every year with no improvement in the service level.
Why is it that none of the big software vendors ever talk about quality certifications or Six Sigma levels of defects? Do they not believe in churning out quality solutions that will be the biggest differentiator for the customer rather than esoteric functionality that is rarely used; consider the fact that almost every enterprise uses between 5-50% of the functionality, I am sure that customers would gladly shift to solutions which are stable, work as designed and provide updates to functionality collaboratively.
There have been efforts from various CIO and industry groups to rein in the runaway costs of maintaining business as usual of which a large chunk goes towards the AMC and teams managing the big solutions. User Groups have failed to make a dent in the ever increasing charges; it does not matter how big or small you are, neither does it matter if the solution does not work as promised, you got to pay else support will be withdrawn and reinstatement of support is very expensive.
I wonder how many customers will pay for AMC if the solution worked perfectly out of the box and did not have any bugs or required any patches. Maybe, this is a ploy to create solutions that fail on quality tests so that vendors can charge you to just make the system work; after all it is a very large chunk of revenue for these companies. An interesting thought thus emerges, would the CIO pay more if s/he was assured that the software does not require any patches, bug fixes or support? I definitely would!
May 2, 2011 8:28 AM
Posted by: Arun Gupta
managing unstructured data
, networking sites
, online communities
, Social media and the CIO
, social media strategy
In the year 1996, when India just started opening up internet access to its citizens, I happened to join one of the first online CIO communities. It was a small group of about 100, with global representation, and it stayed that way for a long time. The community was promoted by an IT services company who mostly stayed off from influencing any discussion or attempt to sell. The moderators were professional and provoked thought from the community who responded with mirrored passion. With the dotcom boom, the community transferred ownership to an online giant with commercial interests; en mass the CIOs moved on and created their own community that continued to focus on learning.
Recent times have seen an explosion of online communities that are generic, specific, niche, community, profession, or domain based, and a lot of ‘me too’ with hopeful intent to provide many things to members. A few [of them] have become hot properties with stratospheric valuations and a large member-base. Corporates joined in to understand what the communities are saying about them or their competitors; some started targeted messaging with little success. Industries have mushroomed selling strategy, analytics, and a lot more from the mass of posts and unstructured data.
Consolidation is imminent
A shakeout has begun in this space, leaving the individual confused on the choices made; corporate entities are beginning to wonder how to generate revenue from all the investments made in the height of euphoria. Every intervention requires effort and resource commitment to bind the members. Whether you are an individual or an enterprise, how does one decide which community to join?
For individuals, the choice is largely made by following Connectors (Tipping Point, Malcolm Gladwell) within their groups or when friends invite them to join new communities with an expectation to stay in touch, to share knowledge, emotions, or happenings within their friends and family circles, and a lot more. As the numbers start stacking up over a period of time, the activity level falls off from most. The winning communities are the ones that offer a bit of something to everyone, freshness, content, features, etc.
Enterprises have followed the crowd and the hype around the communities with hope of understanding their customers, stakeholders, and influencers who potentially impact business outcomes, even if indirectly. ‘Crowd-sourcing’ and ‘networked innovation’ became the buzz words with significant investments pouring in. The few success stories added fuel to the fire. But a large amount of efforts has not yielded the desired outcome. Even though the starting point for most was Marketing or other functions with no ROI or business case, the online nature of such interactions put the CIO and IT in the middle of the discussion.
A reality check is needed
CIOs have struggled to moderate expectations and make sense of the noise. Combining these with the relatively clean, structured data remains a challenge, though multiple service providers and consultants tout the next level of competitive differentiation. These are early days where a lot of investment is a leap of faith or hit in the dark, until the haze lifts and clarity emerges, the worry for the enterprise is not to be left behind in the race to the unknown.
As for me, accepting every new invite that comes my way, I think, I will pass them for now and stick to a couple of them that offer me personal and professional connectivity. The direction for enterprise and peers remains: “keep a watch on the horizon, stay invested, but be focused on what matters.”
April 26, 2011 5:08 AM
Posted by: Arun Gupta
, CIO and agile security
, information security
, mobile explosion
, mobile security
Not too long ago, IT departments faced the challenge of integrating a new consumer device into the corporate infrastructure; this was the iPad which took the fancy of every CXO and techno-affiliate with its cool factor. It did not matter that the tablet was another appendage to do everything that the earlier devices did well enough while ensuring that the information assets of the company stayed protected from nefarious elements. The tablet toting executive would simply declare: “I want it; security is for you to go [and] figure [out].”
The starting point though, was the iPhone, which was contained to some extent. The tablet was something different; it was a wave that swept away all opposition. Developers mushroomed all over, creating applications to do everything that mattered, and some that did not. IT had no clue what kind of vulnerabilities these apps created or introduced on the device. Faith in mankind was one of the strategies promoted by many to allow the devices to connect.
Compliance vs. convenience
In another part of the world, employees went up in arms against the corporate-issued compute devices—laptops and desktops—citing their home computers’ superiority over the standardized and locked corporate devices. Thus started a trend that is gaining momentum now: BYOD or Bring Your Own Device. BYOD frees up financial resources for companies, it can even free up the support costs if the employee fends for herself. And there are no hassles of managing the refresh.
But what about information on the device? Confidentiality or sensitivity of information, especially when the employee leaves?
Now extend the same to the mobile, which is a lot more like a consumable, gets changed every year on an average (and in some cases, even faster). With the category evolving, this multi-polar, multi-version world of IOS, Android, Symbian, Blackberry, and Windows has brought in unique challenges that are getting out of hand for CIOs.
In a world where every corporate employee expects all kinds of information on her fingertips (read, mobile device), the security framework looks worse than a coarse sieve.
Mobile device security
Mobile device security is an evolving subject; vulnerabilities on the mobile are being discovered every day and they are attaining critical proportions with multiple applications vying for users’ attention. In a 24X7 world, the definition of acceptable risk has changed. CIOs are expected to create visibility of the potential compromises and keep the critical information assets secure at all times. The change in the security stance, thus, creates new challenges and opportunities, requiring higher agility to respond.
Abstraction of applications and information layers from the device is one of the strategies that helps and many frameworks are emerging in this space. The only thing that a CIO can do is to keep abreast of these developments and experiment before business forces change.
It’s expected that the dependence on the big computer (including laptops) will dramatically reduce in another couple of years. The CXO will carry a few devices—personal, corporate, and function-specific—and all these devices will require management and access to corporate information assets.
Start preparing now!