Not too long ago, IT departments faced the challenge of integrating a new consumer device into the corporate infrastructure; this was the iPad which took the fancy of every CXO and techno-affiliate with its cool factor. It did not matter that the tablet was another appendage to do everything that the earlier devices did well enough while ensuring that the information assets of the company stayed protected from nefarious elements. The tablet toting executive would simply declare: “I want it; security is for you to go [and] figure [out].”
The starting point though, was the iPhone, which was contained to some extent. The tablet was something different; it was a wave that swept away all opposition. Developers mushroomed all over, creating applications to do everything that mattered, and some that did not. IT had no clue what kind of vulnerabilities these apps created or introduced on the device. Faith in mankind was one of the strategies promoted by many to allow the devices to connect.
Compliance vs. convenience
In another part of the world, employees went up in arms against the corporate-issued compute devices—laptops and desktops—citing their home computers’ superiority over the standardized and locked corporate devices. Thus started a trend that is gaining momentum now: BYOD or Bring Your Own Device. BYOD frees up financial resources for companies, it can even free up the support costs if the employee fends for herself. And there are no hassles of managing the refresh.
But what about information on the device? Confidentiality or sensitivity of information, especially when the employee leaves?
Now extend the same to the mobile, which is a lot more like a consumable, gets changed every year on an average (and in some cases, even faster). With the category evolving, this multi-polar, multi-version world of IOS, Android, Symbian, Blackberry, and Windows has brought in unique challenges that are getting out of hand for CIOs.
In a world where every corporate employee expects all kinds of information on her fingertips (read, mobile device), the security framework looks worse than a coarse sieve.
Mobile device security
Mobile device security is an evolving subject; vulnerabilities on the mobile are being discovered every day and they are attaining critical proportions with multiple applications vying for users’ attention. In a 24X7 world, the definition of acceptable risk has changed. CIOs are expected to create visibility of the potential compromises and keep the critical information assets secure at all times. The change in the security stance, thus, creates new challenges and opportunities, requiring higher agility to respond.
Abstraction of applications and information layers from the device is one of the strategies that helps and many frameworks are emerging in this space. The only thing that a CIO can do is to keep abreast of these developments and experiment before business forces change.
It’s expected that the dependence on the big computer (including laptops) will dramatically reduce in another couple of years. The CXO will carry a few devices—personal, corporate, and function-specific—and all these devices will require management and access to corporate information assets.
Start preparing now!
A CEO, in a heated debate, asks a question to one of the CXOs; the poor phone tapping guy has no clue what the discussion is all about. Confused in his reality, he blurts the words out that are on his top of the mind recall about his interaction with his girlfriend. Everyone on the table smirks, but the CEO accepts whatever nonsense comes out.
“Go ahead, mix your worlds,” proudly says an advertisement by a mobile service provider, justifying the jumbling up of internet social media world and the workplace.
Disappearance of personal space, time
Ever since the time of portable computers to the current paradigm of everything on the handheld device, be it mobile, tablet or the laptop, work transgressed the boundaries of what was earlier a 9 to 5 or whatever hours people worked. The dividing line between what was referred to as work and life has disappeared.
It is normal to expect a response to a mail 24X7 and many obliged. In an interconnected world, with business being conducted across time zones, this became a way of life. Umpteen cases have reflected the damage this phenomena causes to friends, family, and the individual.
As we grew up through school, there was a sense of relief that there will be no homework when we start attending a job in an enterprise. The irony of the situation is that work has expanded to fill all the time beyond the cubicle or cabin reaching the bedroom, thus permeating every nook and corner of life, threatening to follow like the shadow.
A state of imbalance
So a debate on work-life balance is an exercise in intellectual stimulation; the reality for most executives is that balance is a utopian state never to be reached, with the swing all the way towards work. So if work activities are standard fare, why not allow the life to creep into the workplace?
Why do organizations abhor the thought of employees occasionally checking personal email or posting a few updates on social or micro-blog sites but expect them to work on the presentation or spread sheet while traveling or in their homes? Security is one of the justifications and then corporate data travels all over the world. Consultants will tout productivity loss due to distractions not recognizing the gains in after office hours.
This is more so now with the IT function with networks, ERP systems, messaging and collaboration, you name it, is buzzing with activity through the day and night. Downtime, what’s that? And then, the scheduled downtime shifts again and again until the breakpoint is imminent. CIOs struggle to retain teams engaged in keeping these aspects running. Weekends, holidays, vacations belong to an era gone by; the executive is now chained on a Wi-Fi, GPRS, or 3G network which cannot be unshackled.
Role of IT policies
IT and work policies straightjacket the behavior on premise and often off premises too when using corporate assets like the laptop, smartphone or others. We all accept using these as a way of life. Progressive organizations have taken a lenient view of some digression; as of date, they are the exceptions. I believe that productivity will be higher when knowledge workers have the flexibility to escape a few times. Unfortunately, there are no empirical data or solutions to validate this. Contradictory claims make such decisions difficult while burnouts continue. Incidences of fatality are getting younger with stress induced by work pressures and lifestyles that may get promotions, but what is a promotion worth when you are dead?
I don’t know what can help alleviate the issue; unless life is allowed to creep into the work hours.
P.S. I wrote this past the midnight hour on Saturday.
If you have looked for an app on Apple’s App Store, I am sure you have faced a Google search kind of frustration with hundreds of applications purporting to do the same stuff, one better than the other, or many times just a ‘me too’. So some of us end up downloading more than one to try and then decide which one is better; many a time we don’t end up discarding the others. Check around with friends who would have downloaded, say, an ‘Alarm Clock’, and it is quite likely you will find that their app is different. You may be tempted to download that one too, just to try!
The problem of plenty
I met a CIO who was showing his angst on the fact that there were more than a dozen applications within his enterprise for travel approvals. While some were a result of ‘forgotten’ acquisition synergies, the others were created by Shadow IT for departments to address short term need. These sustained themselves even after the corporate version was deployed. And now to top it all, almost all of them had mobile versions for different mobile devices thereby multiplying the number of micro-apps that were floating around.
The resulting collection of travel approval micro-apps exceeded a number that crossed the tipping point for the CIO. There was an uneasy silence on the table as she described the chaos and now the support expectations when some of them failed to work with the clamp down or rationalization of applications. Sympathetic nods followed as new governance processes were discussed and general agreement that the actions taken were fair.
Most of the micro-apps on the App Store are written by enthusiasts and programmers wanting to showcase their prowess. They test the waters with free apps, and then add features and a tiny charge. Some start-up companies too indulged in similar bunch of apps on the store getting a few hits and lots of misses. How did this suddenly become an industry with 10 billion downloads in such a short span? Because you can!
Challenges for the CIO
The simplicity and ability to create such apps is, I guess, one of the reasons that contributed to this explosion. Consumerization of the hand held device has given rise to the opportunity that had to be capitalized upon. The slowdown/ recession encouraged the blurring of the lines between work and life, while everyone wallowed in the need to stay connected 24X7. The pressure is now on the CIO to stay ahead of the game and deploy even more processes that can be accessed on the mobile. Even if you have already formulated a mobility strategy, review it frequently to stay on top of the situation.
But what about the increasing number of micro-apps that are being downloaded, sanctioned or otherwise? No one knows what kind of vulnerabilities they create; what will they lead to in the future? Are they the future support nightmare? Only time will tell; until then, tread cautiously, create the micro-apps required, test the ones you may want to endorse from the store, and pray!
An intense debate was on, on how we ensure team alignment across the different organizational units that form a work group within an enterprise. As the discussion moved towards pinning responsibility (read blame) when things go wrong, there was a palpable sense of unease across the group; specifically the team that manages the vendor relationships and is expected to deliver and monitor the service.
The discussion had started when one of the stakeholders had raised the issue of inter-dependency across other teams and his ability to influence how the team is rated during the review and appraisal. It is true that all of us are no longer islands with any connection to others. We use services from within and outside and similarly provide it directly or indirectly to internal and external customers. The work, subdivided into interrelated tasks, when performed in unison, leads to a positive outcome (in most cases).
Stop the blame game
Adversarial attitude is the outcome when we are not satisfied with the result or our perception of the effort put in by others. The conventional solution is to create service level agreements (SLAs) and cross-linked KRAs (key result areas).
Review meetings are often heated while everyone trying to pin the ‘blame’ on the other. Such meetings are rarely productive and highlight the gap resulting in the ‘you’ versus ‘us’ stance.
Even this meeting, as cited above, was headed for a showdown that would have been messy for everyone with skeletons tumbling out of the proverbial closet. An eye opener remark from one of the participants got everyone hushed and staring at the person who uttered those words: “But aren’t we all on the same side of the table?”
Could anyone have disagreed to such a profound insight? Being speechless, everyone exchanged glances, feeling generally uncomfortable, without acknowledging the cause.
Work towards a common objective
The acknowledgment of the fact that we all are working towards the same objective is a starting point not just for any collaborative endeavor, but for teams within the organization. Everyone contributes and brings a skill to the table that matters, even if in a small way. When we are in a challenged situation, we know that the best recovery strategy is to help the other overcome the challenge and not berate the lack of skill or achievement.
Great teamwork is always a result of shared goal and common objective; the acknowledgment of complementary skills within the team provides a framework that nurtures healthy collaboration and focus on what matters, i.e. the result, without compromising the quality of team spirit. Keeping this as the foundation of review helps ensure better outcomes. It is indeed difficult to sustain such a mindset when one is at the receiving end.
The hierarchical leader of the team, the CIO in this case, has to play the role of setting expectations and resolve confrontations and conflict which will always be there. The matrix organizations of today are necessary; we have to learn to live in the rain.
I recently had a discussion with one of the respected global company that specializes in providing consulting around outsourcing and managing service level agreements (SLAs). My friend on the other side of the phone passionately tried to convince me why it is important to create SLAs that can tie down every aspect of the service that the outsourced service provider will deliver now or in the future. He cited many examples of how his company helped many customers ‘win’.
In another setting, a debate was set off between CIOs on how they ensure that their service providers deliver what they promise consistently that meets the promise to the business. For more than a year, one of them has been unsuccessfully trying to get a bunch of vendors to come to the table for a discussion on creating effective SLAs. Not that the vendors are shy of the subject but collectively at the same table with multiple CIOs is not a viable proposition.
Why SLAs fail
Service levels matter to everyone, the customer, the provider and the end consumer of the customer; I do not believe that deficiency of service is due to willful behavior or mal-intent. The exception to this may be in monopolistic scenarios where no incentive exists. When it is relatively easy to switch services or move business to competition, efforts are indeed put in by the provider, the end results may however not be aligned to expectations.
The reasons why SLAs fail could be many, ranging from ambiguous definition of service, staff involved in execution not being aware of quality of service expected, lack of skills on the ground, unrealistic expectations, or force majeure conditions, to name a few. Irrespective of the reasons, when things do go wrong, contracts come out of the closet again to review the penalties that can be levied or avoided depending on the frame of reference.
My belief is that ‘if-then’ motivation will not deliver world class service; i.e. if SLA is met you get paid, if you better the SLA, you collect a bonus, whereas if the SLA is breached, there is a penalty.
Placing the business impact first
SLAs are typically calculated on statistical data which fails to recognize business impact when the service is deficient. Creating complex SLAs that factor in all types of exception conditions makes it readable and enforceable only by lawyers and not CIOs.
An SLA should illustrate the intent of partnership between the two (or more) parties. Incremental innovation or improvements are expected as much as occasional failures that could be for any of the reasons listed above. Both parties need to work together towards ensuring that they understand the root causes and work towards prevention of repeated adverse impact.
Unfortunately, such behavior is rarely seen and everyone invests significant resources towards the scripting of a document that covers all bases. End result is that the parties involved split hairs with irrational discussions thereby leaving the spirit of partnership aside. Most successful relationships are based on simple few page documents that capture the intent with the managements investing time in frequent reviews not just when things go wrong, but when they are working too.
Over the years it has been a difficult journey on this path, but it has been worth the effort. The big companies (customer as well as provider) have however yet to learn.
I had the privileged invite to judge ICT vendors; from a respected enterprise that gives away awards every year. This was their first attempt to form a jury to decide the awards. Earlier years the awards were decided based on size, growth, market share, and in some cases new innovations added during the previous year.
The number of award categories had grown over the years from a handful to more than double score. Thus multiple juries consisting of senior CIOs were appointed and the task was split.
Absence of customer-inputs
We got started with the understanding of categories we were to judge and the time allocated for discussions of each award. Everyone agreed and we jumped onto the first category. The nominated and shortlisted names were not a surprise.
But as we started to scratch the surface, the question came up “where is the customer dimension? How can we assess the relative merits of performance without the voice of customer?” It was evident and confirmed that over the years there was no thought given to this aspect in deciding the winner. The sound logic stated that size and/or growth demonstrate customer confidence.
The jury did not bite that. Sometimes size is a function of regulatory play, incumbency factor or better marketing machinery. Progressing through the categories, the debates took many hues; at times the shortlisted vendors were not perceived to be market leaders or worthy of an award.
In some the selection criteria of the nominations made it appear that the award was pre-decided; the deliberations had the jury wondering if these were sponsored awards being played out to gain respectability.
Truth Vs. marketing babble
Not too long ago a CIO had used social media to highlight the farce behind one of the industry awards for CIOs. In the world of scams, anything is possible. Over lunch the discussion did veer to this doubt. We were animatedly appeased by the organizers that such was not the case. They acknowledged the shortfall in data and that some criteria needed amends.
CIOs listening to vendor pitches and presentations tend to believe awards cited by the vendor. They purportedly validate the technology, solution, or service as it is assumed that experts indeed evaluated objectively across formal KPIs that matter. A few dazzling awards may appear alien but are rarely challenged. If an exotic niche publication conferred the award, so be it. Micro-segmentation works to serve a purpose. Ho hum!
Importance of being prudent
Sticking to what matters to the business is always a good starting point while selecting any vendor. The other important factors include, and not limited to, cultural alignment, success in solving similar problems, industry/ domain focus, long-term development strategy, apart from size, growth, and the awards they have accumulated.
If you are an early adopter of technology, seek safeguard that shares the risk/ reward. For others, nothing works better than peer reference, i.e. talking to existing customers.
Back to the awards, we the jury were aghast at the invisible customer angle. The high point of the day spent was a category that was denied an award in the context presented and one that got away was a lone nomination to a category that at best had a start-up as a challenger.
So next time a vendor puts up a slide or gives you a brochure with glitzy photos of awards, acknowledge them, but do remember to exercise your right to references with or without the help from the vendor.
“Apple announces iPad 2 with better, faster, newer ….. Bargains available on earlier version.”
“When software vendors continue to create new versions of every solution, there is pressure on us to stay with current versions; how do we manage such a paradigm with budget constraints?”
The first is news that everyone saw and reacted to depending on their reference point with the much coveted tablet computer that is a must have on many lists. Some queued up to get the new device last weekend, while others decided to capitalize on the available bargains on the earlier version. Few competing tablet manufacturers wondered on how they can keep pace.
The second was a question from an SME (small and medium enterprise) CEO to a panel of big enterprise CIOs in a seminar organized by one of the large office automation, unified communication, and collaboration solution vendor for the mid-market customers. Majority of the audience nodded to the question as if they all faced the same predicament and did not know how to resolve the situation.
There appears to be an inherent desire amongst us to crave the latest version of gadgets or software similar to the desires to keep up with the latest trends in fashion that vanity demands. The technology vanity also permeates organizations; after all the same individuals pride themselves flaunting the latest must have phone, music player, and camera, whatever.
Organizations can ill afford such a race and the break point has a direct correlation to the profitability of the enterprise and the contributions of the IT function. The enamoured CEO and CIO will also cite examples of how and why it matters and the benefit thereof to the business, customers, and off course themselves.
When this is weighed against the basic rules of conducting prudent business with rationale investments filtered using good governance rules, the decision shifts to what matters. Every organization has a set of rules for financial investments; these measure the results and provide a framework that applies in most cases to every decision. However, IT sometimes escapes this rigor with justifications ranging from necessity for security to lack of support on older versions, fear of obsolescence and many in between. In absence of tools to validate or ignorance, and the incessant push from the vendors, the SME customer faces devil’s choice.
Irrespective of size and compulsions driven by technology vanity, vendor threats, competitive scares, boardroom chatter, or peer pressure, the rules of good investment decisions should always stay in the forefront. My answer to the question from the CEO was, “We still think like the SME we were in the past. Every investment has to answer the following questions: Does it help the customer, employee, or shareholders? Does it create a new capability we require to differentiate? Is it required by law? If none applies, then the investment is not undertaken.
But then the thirst for the latest is irrational. We have become participants to a mega race to acquire the next. There is no justifying the next version of laptop with the latest processor, nor any rationale for the next zillion megapixel camera. Why do we need the latest version of communicator or the micro-app on our phone? I think the simple answer is because it is there!
Every leader at some time seeks to engage the team in thematic exercises that are personified as offsite or outbound programs. Most of these are facilitated by external trainers who engage the team in field or classroom exercises. Typically such events spread over 1-3 days in out of city resorts where the external environment entices the participants while they struggle with the agenda and expectations. Almost everyone looks forward to such a sojourn from day-to-day work.
Over the years I have attended and conducted over a dozen such programs with teams―large and small―across organization layers. All of them were great experiences and opened up a new line of thought, provoking some action or reaction with me as well as other participants. Many companies conduct these annually by department or sometimes horizontally taking layers of management for team building, bonding and improvement of cross-functional dynamics.
In the last outbound program one of the participants posed a question to the moderator, how can we ensure that the learning from this program stay with us and bring about positive change? The volatility of learning defies expectation and evaporates by the time everyone reports back to their workplaces. Nonetheless this does not deter teams, companies and trainers world over from conducting such programs. The moderator promised to revisit the question before close of the program.
CIOs probably manage the most diverse teams with skills and competencies that are specialized in their own right. Be it infrastructure which can be subdivided into network, servers, data centers, or core application stacks that require technical, functional and architectural expertise; all of this and more form a typical IT team. Each professional equipped with ‘professional arrogance’ believes s/he is unique and better than the other. For the enterprise to function cohesively, these teams have to work in tandem like the machinery in a shop floor lest production come to a standstill.
The siloed nature of teams creates friction as well as competitive spirit that require the CIO to balance internal expectations with the expectations of the business leaders and customers. Outbound and offsite meetings thus serve an important purpose of breaking the ice, bringing together the teams even if for a short while, and provide a platform for exploration of themes that bring success to the team. It is foolhardy to expect everyone to create the same level of benefit for themselves; if some of them find their change agent, the event has served a purpose. It’s analogous to a classroom where all the students listen to the same teacher but hear differently.
Coming back to the moderator of the last outbound, in the final session, he said, “I am sure you liked parts of the program, participation level was great. I had nothing to give to all of you; it’s for you to decide what you want to take back.” Well said indeed, because no one can ensure what you take away from any program, discussion or stuff that you read; it’s a choice the participant makes based on his/her presence, participation (or lack of it), fiddling with the phone, or side talk.
On another note, Zig Ziglar said, “People often say that motivation doesn’t last. Well, neither does bathing―that’s why we recommend it daily.”
It was a packed house listening to a panel discussion between two CIOs, a CEO, a vendor and an academician. After almost an hour of discussion on various aspects of business intelligence challenges and opportunities, the session end requested final words on what they would like to see from vendors in the future? Leaving aside the Oscar-ian twist on being good to customers, better decision making and paying more attention to talent, the crowd applauded unanimously to the CIOs’ wish list. The CIO representing a ‘mature’ user of solutions from the sponsor BI vendor, made a passionate appeal:
Has anyone in the audience attended a training program on how to use Facebook, or any other website or messaging system? If no, then why do we require everyone even with above average intelligence in the corporate world to be provided training on usage of internal systems? What makes these systems so complex that they cannot be used without hand-holding?
I wish that we can all evolve to a level of BI/DW tools such that any user within the enterprise can start using transactional data to convert to information that can assist informed decision making. Anyone who can use a spreadsheet should be able to extract the insights hidden within the sea of information. They should be able to intuitively understand what is expected from them to get to the next step with no prompting or help (online or otherwise). I am talking about Intuitive Analytics, a term coined by me a while back to refer to analytics that is intuitive in its interface; intuitive to the user the way s/he is able to open the browser on the PC, Smartphone or tablet and start the journey of discovery on the Internet.
In recent times there have been multiple initiatives around improvement of how information is presented to the consumers. Evolution from rows and columns to dashboards, drill-downs, pivots, multi-dimensional analytics has evolved; the evolution of mathematical models as well as technological advances on speed of crunching data have pushed the boundaries across enterprise data warehouse projects. Over the last three years, DW/BI has consistently been in the top 3 technology and business priorities.
The experiences are, however, inconsistent in their delivery of business value. Some of the barriers include data quality, data model deficiencies, bad ETLs to name a few. The biggest deterrent, however, has been the complex user experience which has seen lesser evolution as compared to the technological advances. All tools with no notable exception provide the basic building blocks to create the DW/BI foundation and analytical layer, standard templates. The internal IT teams and implementation partners have yet to breakout from the mold to provide a rich, consistent, and meaningful capability to the end consumer of information.
I believe that this is an opportunity for one and all, CIO, DW Architects, vendors, implementation partners, to take up this challenge on making BI as easy as getting on any social media site and get started. If you have already crossed this bridge, do write back, but the applause on the floor to my comments, makes me believe that the journey is still more like an uncharted expedition.
Recent months have seen quite a few CIOs retiring; many of them started their careers a really long time back, growing from technical beginnings and successfully transitioning from the role of EDP Manager to a CIO over more than last 3 decades. The next few years will see many more ready to handover to the next generation of younger aspirants. The subject of succession planning suddenly comes to fore raising questions where the transition had some impact on the organization. We discussed that some time back in “Succession Planning for the CIO”.
So what do retiring CIOs do ? Do they just fade away from the limelight gradually or in a jiffy just like that as if someone pulled the plug and in an instant from the next day there is a blackout? Or there are opportunities they can pursue to continue adding value to enterprises, younger CIOs, academia, may be consulting? Probably all of this and a lot more; what are the options a CIO can pursue after putting in 30+ years into the industry ? Should we just let go of the rich experience?
Almost 8 years back, I met a retiring CIO from within the CIOs I knew, a few months before his D-day. The conversation naturally veered towards plans post retirement. His face lit up as he talked about his plans post retirement from the 9-6 grind as he described his passion and involvement in a NGO close to his home town to contribute to the education of the underprivileged. There was obviously a clear vision of the future and that had nothing to do with his current role in a large Pharma company.
Beginning of last year, I came across a surprise New Year message from a CIO who had disappeared from the scene quietly and no one had a clue where he might me. He was running a small consulting organization focusing on specific technology and domain thus working with a few customers providing them with the insights gained from his experience. It became evident that he had planned for this day and was satisfied with the continued usefulness and revenue it generated.
Then there are many who pursued academic interests joining institutes as full or part time faculty; some decided to become freelancers on specific subjects like ITIL, COBIT, etc, which require experienced hands to bring out the context for the students by relating instances and anecdotes from experience.
Retirement is another phase of life which requires planning and preparation; you cannot stumble upon these opportunities after reaching the milestone which says “Stop”. It’s almost like a new job; except, in this case, there is no formal job (there are exceptions where CIOs have continued as consultants in the same company or joined other enterprises); but the accountability is to self first and then to the task.
The ranks of the new age CIO are raring to go with new skill sets for the new era of computing with a fabric of social media and clouds linking these across the ecosystem internally and externally. They are ready to challenge the grey hair with less technology, more business, and say what matters, effectively. If you are contemplating retirement in the next 5 years, if you have not yet started, get started now!