The Business-Technology Weave


September 15, 2010  6:19 AM

Business-Technology Convergence vs. a Business-Technology Weave



Posted by: David Scott
business planning, business-IT alignment, business-IT convergence, business-technology weave, IT planning, IT support, IT support to business

 

Ah, it’s so gratifying when thought leaders catch up to something you’ve known and espoused for 5 or more years.

There’s a very interesting, and quite good, article that I stumbled upon:  Living Up to Technology’s Promise.

The article is well worth reading and I enjoyed it.  However, I do take some issue with the idea of their “business-technology convergence” concept.  Business and technology have not converged – they have become interwoven:  There is a weave of business and technology. 

You may well ask:  Convergence…. Weave – what’s the difference?  The difference is both subtle and stark.  Convergence is a uniting and joining, but there’s an implication that if a convergence never happened, or if there was a disengagement, either side would survive – at worst, there’d be a missed opportunity for efficiencies and advance of mutual interests.

However, kick out a business’ technical enablements, and it might sustain 5% productivity – if you’re lucky.  (Note:  I’m speaking  of the kind of businesses that the article targets).  Therefore, there is a mutual survival at stake here:  Business and technology are woven together – and the sooner any business and allied technology element(s) understand this interwoven relationship, the better.

But the “convergence” article excited me.  I’ve read very little elsewhere that approaches an understanding regarding the  modern – and accelerating evolution of – empowerments and vulnerabilities in the business-technology relationship. 

Today I’d like to say:  Don’t converge:  Weave.  As but one recent example from this blog:  Security is every person’s business in the organization.  Every person is a stakeholder and must be a mini-security officer.  That is, they must view every action and activity through security’s prism.  Technology – the IT  department – must emplace the technical protections – and lead business; bringing awareness, updates, and education regarding proper activity, to the table.  That is weaving business’ awareness,  ownership, and appropriate doing, into technical and related business security.

Recognize that The BTW does not attempt to make Business and IT one unit, nor does it attempt to overlap discreet duties, talents, and highly specified jobs beyond a point of diminishing returns.  Rather, it weaves the common organizational appreciations for the main levers and liabilities, so that everyone brings the proper use, awareness and activity to the shared stakeholder elements. 

That is a weave, and that is how you will thwart threats to today’s example – security:  unauthorized access; data breach and theft; ID theft; exposures, impacts to business reputation, impacts to trust, and so on. 

If there’s enough interest in this subtle yet powerful difference between convergence and the Weave, we can examine it against other areas in the coming days; Budget comes immediately to mind.

September 15th:  On this day in 1904 Wilbur Wright makes his 1st airplane flight.

September 10, 2010  12:27 PM

Check Your Acceptable Use Policy – Is This Missing?



Posted by: David Scott
acceptable use, acceptable use policy, business policy, business security, computer security, inappropriate use, IT policy, IT security, unacceptable use

In reviewing some Acceptable Use policies, I’ve noticed the usual cautions about adherence to authorized access, the caveats about protecting your ID and password…  There are the usual admonitions guarding against the hogging of shared resources, being vigilant about malware and scams; to remain cognizant of IT warnings referencing same.

There is also a robust caution against using systems for illegal activity, political purposes, advertising (of personal interests), using unauthorized copyrighted material, etc.  The policies guard against degradation or harassment – doing many of these things not only runs afoul of the organization’s policies, but can also run against local, State and Federal law, depending on the specific nature of the activity. 

By the way, there are many fine AU templates on the web if you need help, and always remember that IT’s AU policy reflects and supports the organization’s established culture of openness and trust; it’s code of ethical and lawful behavior.  IT should not drive these things – they are larger to the organization – IT supports these things by making sure that technical empowerments are not misused, and that all parties understand acceptable and inappropriate use.  To that end, always look for reinforcing and leading policies, such as those maintained by HR, and reference them accordingly. 

However – many of these policies make little to no warning against using internal resources for posting and dissemination to outside entities such as blogs, boards, etc. (short of e-mail liabilities).  However, I’m not saying that’s likely to be the case with yours, but check:  Many of the policies I’ve been reviewing are remiss.

While it may be true that the organization cannot control an employee on his or her own time, and some postings made on personal time may not be actionable when in too gray an area (“my boss sucks,” for example), there is yet an avenue for monitoring in these regards.

Personal blogging, posting to social networks, comments to news articles, and information sent to various other user forums on the ‘net, should not be done on company time.  Further, even the blurry organizational actionability regarding the  “my boss sucks” comment to a Facebook page could quite well be actionable – particularly if found to have been posted on company time, with a company workstation and related internet access.  And for sure if employees are divulging inside information, hammering the organization’s reputation, or casting aspersions on specific co-workers or management, then it’s time for action.

Your Acceptable Use policy should address the use of company resources in posting and propagating unflattering, and even damaging, information to these arenas.

You want to ensure acceptable use, yet you must keep this in mind:  Your organization’s information technology resources are there primarily as business enablements and for business goals.  However, almost all organizations grant a certain amount of personal use.  Individual users, associated departments and supervisors are all responsible for exercising good judgment regarding the reasonableness and amount of personal use – so long as it comports with the Acceptable Use policy and all supporting policies.

September 10th:  On this day in 1966 The Beatles “Revolver” album goes to #1 and stays #1 for 6 weeks.

 

 


September 9, 2010  10:07 AM

Ready or Not – We’re Not Ready



Posted by: David Scott
business continuity, business readiness, business surety, classroom computers, computer lab, IT readiness, start of school

 

Greetings fellow business and IT travelers. 

Yesterday I opined on “open” data-resource environments.  A failing of common sense seems to be inspiring a slide of standards in the most critical areas, and in the face of extreme liabilities.  These liabilities include such things as data breach, identity theft, and unacceptable use avenues due to poor training and information:  ill-advised e-mails or postings to sites about co-workers, friends, families, and inside information regarding workplaces, etc.

It seems standards are out of fashion these days in certain environments.  Requiring adherence to the most common sense practices, and providing protection of systems and data, seems to run counter to having a convivial work environment, in some people’s minds.  Who wants to be a nudge and talk about standards?

Yesterday someone told me about a major university and its failings regarding start of the Fall quarter.  No names – but I’d like to state that it wasn’t Ohio University, Lakeland Community College, nor the Manhattan Institute of Hair Design and Follicle Massage.  Just to be clear.

This particular university had all summer to ensure that workstations were solid, systems and appropriate licensing in place, and that all computer labs and classroom resources were up to snuff.  Did they manage to have a solid position of surety regarding systems, access and performance?  Nah.  How the heck are you going to squeeze all of that into a single summer?

Among other things, there was a licensing problem due to newly installed software:  No one checked things prior to the start of the quarter. 

It’s one thing for a small company, with limited resources – or perhaps IT folks who are a little green – having a basic problem like this.  But universities and schools are supposed to be on some sort of edge given the fact that they’re educating the next generation of people.  Underlying that edge should be a solid foundation of “present” circumstances – some really solid technical enablements and supports in the form of documentation and best practices… common practices.  We’re not building rockets to the moon – we’re just ensuring that networks, systems, and services are solid.

I can’t divulge all of the details regarding the university’s troubles, lest I give away the identity.  But it’s troublesome that an institution of higher learning, which should have a proactive engagement with the present, and a prompt position for the streaming future, can’t manage a simple readiness posture for incoming students and resumption of full-scale business in supporting the Fall quarter.

Any thoughts out there?  What are you seeing and sensing?  Work and school environments are only going to get more robust and technically dependent.  The business-technology weave is going to eat the organization’s lunch, so to speak, if we don’t handle the care and feeding of these environments with the proper maintenance and progressions…

September 9th:  On this day in 1977 the first TRS-80 computer was sold.


September 8, 2010  5:58 AM

“Open” Data / Resource Environments



Posted by: David Scott
acceptable use, business security, business standards, computer lab, content management, content security, IT security, IT standards, open data

 

Lately I’ve stumbled into one of these “open” environments that are in fashion in some quarters.

 

Maybe you already know what I’m talking about… a zone whereby the (usually) business minds – that is, non-IT – decide that we can’t have too many rules or restrictions lest we inhibit imagination, the free exchange of ideas, collaboration, and some measure of resultant genius.

 

What does this mean in that particular world?  Well… anything goes.  Any sort of content or data is fair game for exchange, posting, sharing… any sort of access is granted, everybody come on in!  The water’s fine and… we trust that no one is going to pee in the pool.  It’s a wonderful world, after all…

 

This is entirely too liberal and it’s extraordinarily naïve.  I liken it to a workshop – the kind with hammers, saws, power tools:  Let your imagination run wild.  Talk to your peers.  Invite anyone in that you like… build anything that you want – but were going to qualify every activity and every person in here for the tools and materials at hand.

 

You want to use the bandsaw?  Fine – you can stand some training; here’s how.  We want to ensure no one cuts their hand off, or anyone else’s hand.  It would also be nice to know that the circular saw is properly maintained, lest a blade flies off and embeds itself into a wall… or my head.

 

Obviously to any sane person data and computing resources must involve similar safeguards, limits and maintenance.  Our tools (computers, infrastructure, systems) and materials (content, data), deserve our protection in the form of appropriate use, maintenance, and best planning and progressions.

 

Particularly in, dare I say it, liberal environments such as universities and schools, it is important to ground everyone in a few realities:  data and system breaches are on the rise; there are outside entities (and perhaps a few inside people) bent on intent to harm; and plain old human error needs to be minimized as much as possible through training and reinforcing Acceptable Use policies.

 

As I like to say, “Get on it!”

 

September 8th:  On this day in 1897 Jimmie Rodgers, the “Singing Brakeman,” was born.


September 5, 2010  11:58 AM

Successful Strategic Planning



Posted by: David Scott
business planning, business plans, business strategy, IT planning, IT plans, IT strategy, strategic planning, strategic plans, successful business planning, successful business plans, successful IT planning, successful IT plans

 

Given all the talk regarding Enterprise Resource Planning, and all manner of sub-planning (Disaster Recovery Planning, Change Management, Business Continuity Planning, and on and on…), we often seem to forget that planning must be strategic.

Check a thesaurus… something that is strategic is:  Planned; tactical; calculated; deliberate; premeditated; considered; intentional…

Too often, business and IT plans become reactive.  However, even strategic planning that starts out ahead of a curve, with foresight and collaboration, suddenly gets upended.  More than ever it is important to not only build plans that anticipate and lead changes, but to also put an underlying foundation to plans; a readiness posture for the whole of the organization so business and IT collaborate and succeed on a fluid basis… an ongoing “strategization.” 

Regardless how leading and “tight” your planning seems, be certain that the process is flexible enough to adapt to any changes in circumstances.  There is always the unforeseen and outside uncontrollables.  Resultant implementations of systems or policy will not always necessarily match the initial plan, and ability to efficiently adapt along the way is key.  Delivering to the larger objective is still the goal and the ultimate measure of success, regardless of how much prior strategy gets usurped – just be certain it was truly unavoidable.  (If you find all of your planning under a constant reality assault, you’d better get better planners into position).

In supporting this, stakeholders, planners and implementers – key strategy personnel – must communicate willingly, aggressively, and with full exposure.  Political impairments and battles must be swept away.  In any cases where change is embedded in other change (during what should be the constancy of a plan), things can become exponentially difficult quite quickly:  make certain to have meaningful milestones and measures along the way; when adjusting them, be as careful as you can be in making those adjustments.

Be certain that IT plans align with enterprise plans and expectations; ensure sanction and support – agreement – from all C-level executives and board or other oversights.  IT budget and plans must align and live within larger, organizational budgets, resources and plans.

Also, be sure to balance near-term, medium and long-range deliverables.  Hang your items not just on an IT timeline, but take those aforementioned organizational budget, resource and (possibly competing) plans into account.

September 5th:  On this day in 1774 the 1st Continental Congress assembles in Philadelphia.

 

 

 

 


September 2, 2010  12:21 PM

Funding Your IT Budget



Posted by: David Scott
budget reduction, cost efficiencies, cost efficiency, cost reduction, cost savings, cutting costs, cutting IT, Funding IT, reducing cost

These can be tough times for many organizations, and no one is immune:  Whether small, medium, or large business.  Of course, prudent fiscal management should always be desired, and in fashion anyway.

But in hard economic times some of us find ourselves tasked with sharpening our pencils with a razor, and looking very hard at areas we thought we’d never have to shave. 

Executives are focusing on budget and related potentials for cuts – and everyone down the line is going to be tasked with producing savings.  In these regards, once tasked, you’d better serve something up.

Quite naturally, you will shine like a star if you can boost efficiency and effectiveness while simultaneously realizing savings in cost.

The effective IT leader will examine all areas, and areas anew:  Cloud computing and its yield of scalable and on-demand resources can reduce cost; virtualization and its yield of most favorable utilization of infrastructure and its grant of very efficient management; examine Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) and benefits that may apply to your environment and organization.

Further, you should be seeking business enablements via online collaboration methods, such as shared work spaces and documents, and web and open source applications.  Also look to the increased efficiency granted to staff by use of portable devices such as smart phones, iPods, Blackberries, etc., especially as paired with social websites such as Facebook, LinkedIn, Twitter, and MySpace.  (Ensure robust acceptable use and security policies here).

Review your outsourced support, and be certain you are right sourcing.  Is there something you are struggling to handle internally that is better shifted outside?  Often this shift frees up IT staff to take over other areas that they are more suited to support – you may find that you can change the dynamic to your budget advantage. 

Things to keep in mind:  When examining cost reductions, also think cost efficiency:  Are there things IT can do to enhance revenue?  Are there technologies or methodologies that can be implemented to save costs in, for example, utilities?  Savings by granting an increase in operational effectiveness?

Is there an opportunity to coordinate the IT budget with other enterprise planning and budgeting in achieving economies of scale?

In all regards, in these trying times, the IT leader should be on constant review and alert for assists to the budget.

September 2nd:  On this day in 1944 during World War II, George H. W. Bush ejects from a burning plane.


September 1, 2010  12:39 PM

Organizational Dexterity: Managing Change with…



Posted by: David Scott
business adaptability, business agility, business imagination, change management, IT adaptability, IT agility, IT imagionation, IT responsiveness, organizational agility, organizational change, organizational responsiveness

…imagination, responsiveness, agility, and adaptability. 

Today, organizations face tremendous challenge in any given present moment:  They have critical business systems, critical content, information stored and information shared, assets and infrastructures, and even blended resources (organization-owned resources, and sanctioned “outside” enablements such as social networking sites and online research, for example).

When we add change as a necessary, sometimes even forced, element the challenge in corralling and managing the enterprise seems exponential. 

Staying ahead of requirements so as to imagine, anticipate, qualify and lead  change and solutions is ideal.  Alternatively, when something a bit forced comes along, either due to a lack of foresight or perhaps by virtue of new regulatory requirements, it’s important for the organization to respond quickly and with agility – in identifying what’s necessary to serve and solve, and in implementing that on behalf of business.

All of this requires a ready willingness and embrace on both business’ and IT’s part:  staff and leaders must be aware, receptive, and open.  Change can be, and should be, exciting.  When change is embraced as an ongoing requirement, leaders and staff drive change at the appropriate timings – as opposed to reacting to situations and conditions that drive the organization to change.  You should control change, not the other way around.

Business and IT leaders must instill an organizational culture where information is quickly shared – and here again, the IT leader needs to be involved in key business meetings and planning, so as to be aware, adaptable and responsive.  Too often, business decisions are made absent IT – and decisions in this technical vacuum are at odds with the best way to proceed in view of technical supports.  Often decisions can be weighted so as to be transparent to business when choosing a slightly altered solution or path – but with far more favorability to IT’s support and to the overall level of effort and budget.  Obviously, IT must be present in order to make a favorable influence when that’s called for.

The successful organization incorporates IT leadership as a strategic partner.  Just by virtue of IT’s change management bona fides, business can ensure change happens appropriately, through

 …imagination, responsiveness, agility, and adaptability. 

 September 1st:  On this day in 1661, the first yacht race was held, England’s King Charles vs. his brother, James.


August 31, 2010  12:24 PM

IT Leadership… and Business – Pt. II



Posted by: David Scott
business effectiveness, business leadership, business-IT alignment, cost effectiveness, cost reduction, IT budget, IT effectiveness, IT leadership, IT plans, IT-business alignment

IT leaders face decisions involving resource constraints. These frequently impact staffing: Both in terms of number of staff (who wouldn’t want at least a few more people?), and an increase in staff stress.

Discovery of new possibilities is paramount. New collaborations involving departments and personnel is a possibility. Use creativity to examine new products, new thinking, new disciplines – and embrace prudent change in delivering the venerable “business solution.”

Examine the entire expanse of the organization and its concerns when considering how technology might solve business’ challenges. Examine the economy’s impact to the organization, and adjust as possible and where necessary long-range technology initiatives and plans. Include too hiring, staffing, training & development, and capital budgets as well as projects.

The savvy IT leader will seek, and motivate others to seek, cost efficiencies. Leverage all resources that can be leveraged.

Be willing to listen to fresh ideas and encourage all to contribute.

August 31st: On this day in 1895, the first pro football game was held (Quarterback John Brallier was paid $10 and won, 12-0)


August 31, 2010  10:42 AM

IT Leadership… and Business



Posted by: David Scott
business effectiveness, business leadership, business-IT alignment, cost effectiveness, cost reduction, IT budget, IT effectiveness, IT leadership, IT plans, IT-business alignment

 

It’s important in these days of fiscal conservancy for IT leaders to participate in large decisions – that is, “business” decisions.  Particularly with the downturn in the economy, there is fresh opportunity for the IT leader to partner with senior business counterparts, to shine in examining business directions and goals, and in matching right-sized, cost-effective and successful ideas and solutions in support of robust and better business.

It helps if the IT department itself is firing on all cylinders, of course.  The IT leader must be fully successful in that realm, in partnering with the senior executive class elsewhere… in addition to boards and outside partners or authorities.

Aside from the obvious necessities of systemic requirements:  uptimes, performance, recoveries, solutions, etc., there is the necessary standardization (and therefore efficiency) of roles in IT (with appropriate overlap and backup), a ready handling of politics (oh yes), and the dealing with changing expectations for IT – often demands by business that are extreme and even unreasonable.  Perhaps handling the “unreasonable” with dispatch is key to ultimate success.

Once IT is successfully incorporated into the “business decision” realm, it is seen less as a pure cost center (and an ever growing one, at that), and more as part of the forward momentum, the drive, of solutions.  That is to say, solutions for better, and more profitable, business.

For the IT leader, and any person working in IT, consider your language when engaging your business counterparts:  Speak to them in their language, to their level of understanding.  When stretching their comprehension and knowledge, do it without breakage – and monitor that they’re “getting it.”

Build trust, show results, and bring ideas to the table for better business that exceeds the envelope of pure IT – be sure to illuminate the whole view – and be sure to understand it yourself! 

Stand, and deliver.

August 31st:  On this day in 1887, Thomas A. Edison patents the Kinetoscope (which produces moving pictures)


August 30, 2010  12:57 PM

Identity and Access Management



Posted by: David Scott
access security, business security, I/AM, identity and access management, identity management, IT security

Organizations, from small through medium businesses (SMB), to large global enterprises, must control access:  to systems, environments, resources, and data.  Access is limited to, and by, individuals and groups; this means that access is effectively denied as well – or had better be!

In addition to security concerns – that is, the controls and monitoring necessary to ensure data and resources are breached and corrupted, exposing individuals/the organization to harm – there exist legal and ethical reasons for protecting these things.

Naturally, Identity and Access Management (IAM) procedures and related policy is key and central to protection.  Enabling users to access data and resources securely, appropriately, and with full knowledge for appropriate use (often overlooked – training) isn’t just a goal of IAM – it is the whole of it.

Your organization must strive to remain within best practices regarding IAM – and in so doing, the IT leader, allied vendors, and savvy business leaders must stay abreast of emerging standards and vet them for incorporation to their environments and overall security policies and plans.

Of particular interest to me are robust credentialing systems that allow entrée to several, perhaps a dozen or more, discreet systems, whether those systems are within the physical control of the organization, or scattered amongst vendors and other allied agencies that have granted access to portions of their environment and assets. 

Gone are days of faith in a simple Single Sign-on, with breach of an ID and password granting access to all manner of allied systems.  The ultimate is an ID and password solution that forces security questions and answers, with subsequent splay of discreet (for each system) randomly generated IDs and passwords, with special keys, for transmission to systems with appropriate handshake – all transparent to the user.

If you’re examining security and IAM (and you should be):

-      How do you currently link physical and electronic identities?  Are you comfortable with your present authenticating system(s)?

 

-      What can you reasonably do to create stronger links between physical and electronic identities?

 

-      How do you verify other agency’s electronic identities?

 

-      Are your IAM products, processes and policies flexible; both in accommodating evolving roles and in general longevity for emerging and new best practices?

 

-      Where is the optimal balance of effort between managing strict IAM and simple utilization of commonly distributed, wide-access, resources?

 

-      What accommodation does your IAM strategies and policies need to make for single sign-on, etc.,  with externally hosted and cloud-based applications and resources?

August 30th:  On this day in 1797, Mary Wollstonecraft Shelley was born in London, England (author, Frankenstein) 


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: