CIO Symmetry

July 11, 2014  8:21 PM

Startup Hopper’s chief data scientist puts Spark in travel industry

Fran Sales Fran Sales Profile: Fran Sales
Apache, Big Data, Big Data analytics, CIO, Cloud Computing, Cloud Disaster Recovery, Data protection, Data Science, Information governance, Information security, IT hiring, IT talent, MapReduce, Mobile information management, Spark, Startup

Come one, come all, and take a gander at the inaugural video for our new series Startup Spotlight! SearchCIO features writer Kristen Lee gives us a peek inside the Cambridge, Massachusetts, offices of Hopper, a startup lauded by the press for its flight-search tools that allow customers to travel more cheaply. Lee speaks with chief data scientist Patrick Surry about the big data technology his team uses and how Hopper has garnered such creative IT talent.

Senior news writer Nicole Laskowski also picked Surry’s brain on the technology Hopper’s innovative business model runs on, particularly the relatively new Apache Spark, a large-scale, in-memory processing engine his team is currently experimenting with. Read about how Spark is helping Surry address the latency issues inherent in MapReduce, and why some experts have dubbed Spark the next big thing.

It might be time for CIOs to take another page from those Silicon Valley startups know-it-alls. On Searchlight, I cover how, in the race to snag top tech talent, startups and tech giants alike — from Dropbox to Facebook — are widening their hiring net to teens and tweens. Find out why high-tech employers are overlooking traditional resume credentials in today’s digital age, and why you should jump on the bandwagon.

In other SearchCIO matters…

As big data continues to get bigger, infrastructure bottlenecks increase and businesses are often forced to sacrifice insightful big data, such as highly personalized search results, for information that’s just good enough — or “fast data,” as Scott Jarr, co-founder of in-memory database provider VoltDB, refers to the business problem. In this week’s Data Mill, Laskowski details why a legacy, one-size-fits-all approach can no longer handle big data.

Over at TotalCIO, Lee kicks off her month-long investigation into the economics of cloud computing. In her first blog post of the series, Lee recounts her conversation with David Linthicum, senior vice president of cloud migration services provider Cloud Technology Partners, about how CIOs should work with their business colleagues to identify their “value drivers” for the cloud.

The latest installment of our CIO Briefings series is out! Check out the Essential Guide to get advice and resources from CIOs and disaster recovery (DR) experts alike on how to ensure your organization can continue to run efficiently should a data breach, natural catastrophe, human error or equipment failure occur — as well as how to prevent these disasters from happening again.

To dig deeper into disaster recovery, click through our slideshow on the topic, where we highlight top tweet responses to the question “What is the No. 1 pitfall to avoid when doing a disaster recovery test?” See what advice SearchCIO’s Twitter followers and DR tweet jam expert Paul Kirvan suggested for better disaster planning and recovery.

We also continue our recaps of the #CIOchat on DR, focusing on participants’ two cents on question, “How important is it to perform cloud-based disaster recovery tests?” Discover the perks and risks of cloud-based DR, and find out why CIOs should approach cloud with the assumption that it will fail.

In another installment of our coverage of the MIT Sloan CIO Symposium, SearchCompliance site editor Ben Cole sat down with Patrick Gilmore, CTO at Markley Group, a data center services provider based in Boston, to talk about what skills he looks for when rounding out his IT team. Watch this SearchCIO video to find out why security is squarely in Gilmore’s radar, and why he’s on the lookout for security experts who think offensively.

And on SearchCompliance…

Laws and regulations are constantly changing, and threats are constantly evolving, making it hard for organizations to ensure their IT policies and procedures remain compliant. Compliance expert and contributor Jeffrey Jenkins lists three steps IT and the business must take to develop a focused compliance scope.

Some things never change: A leading pain point for CISOs is how hard-pressed they are to articulate security threats to the rest of the C-suite. As contributor Richard Stiennon points out, perhaps it’s time for IT security officers to educate the business using network visibility to get a “visceral reaction.”

Keeping corporate and personal data separate on both employee- and corporate-owned devices while making sure that information is managed with the appropriate governance policies continues to be a struggle for organizations. In this Ask the Expert, Derek Gascon, executive director at the Compliance, Governance and Oversight Council, offers tips on how businesses can address these mobile information governance issues with the right processes and data management and security tools.

On the IT Compliance Advisor blog, we round up the latest news from around the Web, with data privacy and security once again taking the limelight. See the Obama administration and Microsoft’s take on users’ data protection rights and how consumer data risks are driving GRC job growth.

That’s all for the news we’ve got for the week! Stay tuned for next week’s Symmetry roundup; meanwhile, stay abreast of our stories during the week by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

July 3, 2014  7:34 PM

Prepare for IoT security, and how to develop a SaaS risk strategy

Fran Sales Fran Sales Profile: Fran Sales
BYOD, CIO, Cloud Security, cybersecurity, FCC, Forrester, Internet of Things, Net Neutrality, Risk strategies, SaaS, SaaS applications, SaaS security, Sarbanes-Oxley Act, SMB

The Internet of Things provides consumers with many conveniences, but as ASIP CTO Andy Thurai and IBM VP of product management Michael Curry cautioned CIOs at MassTLC’s recent IoT conference, its massive attack surface and the lack of security standards also mean that breaches to these connected devices are inevitable. Features writer Kristen Lee lists four key elements of IoT security, according to Curry, to help CIOs prepare for these attacks.

But our IoT coverage isn’t all doom and gloom! At the MongoDB event in New York City, Amazon CTO Werner Vogels waxed enthusiastic about the widespread impact of IoT. In this week’s Data Mill, senior news writer Nicole Laskowski lays out Vogels’ standout examples of IoT forays in the fields of science, retail, sports and more.

In other SearchCIO matters…

CIOs walk a tightrope when it comes to managing SaaS apps. On the one hand, losing track of the business’ use of cloud apps could put their organization at greater risk of a security breach; at the other extreme, cracking down on shadow app use, even for security purposes, could restrict employee efficiency and productivity. In part one of her feature, executive editor Linda Tucci lays out how CIOs should begin developing a balanced SaaS risk strategy. In part two, she gets tips from French Caldwell, governance, risk and compliance expert at Gartner, on how to create a top-down SaaS governance policy.

Recently, Laskowski ran into Massachusetts Congressman Joe Kennedy at the offices of CyberArk, an information security company, and discovered that cyberattacks are a growing concern at the Capitol. If it can happen to Target and eBay, then it can happen to smaller players, Kennedy explained. In her CIO Matters column, Laskowski details why Washington’s answer to cyberwar shouldn’t be about mandates and regulatory compliance.

There’s no shortage of SearchCIO coverage on the ubiquity of BYOD in enterprises, but how many corporate employees actually use their own devices for work? Well, if we’re talking tablets, just the few at the very top, according to Forrester. In this week’s Searchlight, associate editor Emily McLaughlin explains what could be behind the research’s findings; plus, get her take on Facebook’s recent psychological experiment and Google Glass’ more nefarious uses.

Deepak Tiwari, analytics head for Google’s consumer operations division, has learned many lessons and discovered the value of failing fast ever since he began at the company three years ago. Here on the CIO Symmetry blog, Laskowski outlines Tiwari’s top takeaways for enterprises and small businesses alike from his presentation at the recent Useful Business Analytics Summit.

In SearchCIO’s latest tweet jam, disaster recovery expert Paul Kirvan and other participants emphasized the importance not only of having a comprehensive DR plan, but also of frequently testing these plans to ensure that they can work in the event of a real disaster. Check out this #CIOchat recap for more on how to best implement a DR plan test schedule.

And on SearchCompliance…

The Federal Communications Commission’s proposal to amend Open Internet rules and allow ISPs to charge content providers a fee for prioritized delivery has drawn much criticism from various parties, including consumer advocacy groups, technology companies and even talk-show host John Oliver. In SearchCompliance’s latest installment of its FAQ series, find out if ISPs truly could control performance quality and speeds should the U.S. government enforce the net neutrality proposal. And in a recap from the latest #GRCchat, see tweet jam participants’ predictions on the impact of the proposal’s usage-based pricing structure on small and medium-sized businesses (SMBs).

U.S. companies have the not-so-easy task of complying with a wide variety of regulations; large financial institutions, for instance, must adhere to the Sarbanes Oxley Act (SOX), the Gramm-Leach-Bliley Act, the Payment Card Industry Data Security Standard and a host of other laws. In this SearchCompliance tip, contributor Judith Myerson focuses on four steps toward meeting SOX’s data compliance mandates.

And that’s all for the week’s news, folks! Watch out for another Symmetry roundup next week; in the meantime, keep track of our stories during the week by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

June 30, 2014  3:52 PM

An analytics team how-to for small business, from Google

Nicole Laskowski Nicole Laskowski Profile: Nicole Laskowski
Analytics, CIO, Data scientist, Google, IT centralization

Experimentation has become trendy. The test-and-learn philosophy — a variation on the fail fast approach — has been embraced by companies for building products or adding new features to a website. CIOs should also be incorporating the same approach in how they structure IT teams, hire new employees and even work with the business. That was the big takeaway from Deepak Tiwari’s short presentation at the recent Useful Business Analytics Summit.

As the head of strategic analytics and insights for Google’s consumer operations division, Tiwari has lived through his share of trials, errors and successes. Three years ago when he joined Google, he oversaw a team of two. Today, he’s leading 30-plus employees to provide support for and user insights in to Google consumer products. Here are five “lessons learned” he shared with attendees.

Remain independent. Arguments have been made for a decentralized approach to analytics, but for Tiwari and his team, centralization is crucial. While they serve and support the lines of business, they don’t report to them.

The buffer ensures a consistency across the organization rather than having to bend to the different dynamics of each business group. “Even if you’re a small analytics team, that’s how you’ll succeed and make your mark,” Tiwari said. “Make sure you remain independent in some way shape or form.”

Build a solid team culture. Tiwari’s “hire the best people” and “pay them well” are two obvious pieces of advice, but it’s important to remember that “best people” is subjective. A good fit at Google could be a bad fit at a non-Google company. And, while “salary matters,” Tiwari said, “that’s not the only thing that will keep them there.” Music to a small businesses’ ears, no doubt.

Tiwari made three additional suggestions: Hire slowly and take time to find the right people, give incoming employees interesting business problems to solve and build a solid team culture. Tiwari said his team “loves hanging out,” frequently grabbing lunch and dinner together. While that’s easy to do at Google (hello, free food), it’s also a possibility for smaller businesses to plan group down time.

Hire philosophers. Tiwari encourages businesses to avoid getting caught up in a data scientist game of hide and seek. The reality is, there is no simple method for finding the elusive data scientist or even a consistent job description to refer to.

In other words, “there is no secret sauce,” Tiwari said. That might mean thinking about the role of a data scientist as a team of people rather than a single individual or expanding your search to include candidates who don’t call themselves data scientists.

That’s good news for small businesses, which may not have the money to hire someone with a data scientist title. Instead, find people who are “hungry to look for patterns or hungry to do this kind work,” he said. Those qualities don’t begin and end with engineering, programming or computer science.

“You’re almost hiring philosophers,” he said. “And a philosopher, you can find in anybody.”

Find places to automate. As the team goes on to solve bigger — and harder — problems, the tediousness of, say, churning out reports can present a hurdle. One solution? Find ways to automate, Tiwari said.

Attribution modeling is an example. Businesses use this to pinpoint what events contributed to a certain outcome, such as a sale. So if revenue went up by 10% instead of the predicted 9%, “somebody would have to go and do an analysis,” Tiwari said. The good news? “If you have the data structure in place, if you have the data in place, attribution can be achieved with the click of a button,” he said. That frees up the team for exploring the data. “If you’re going to hire good people,” he said. “Make sure they’re not spending a lot of time on reporting – that they’re doing more insightful and strategic work.”

Not everyone needs to code. It’s also worth thinking about where to implement self-service technology so that it can, as Tiwari put it, “give power back to the people.”

He and his team are doing just that by “building experimentation platforms so even someone who is not very technical, someone, maybe, who is writing content, can actually go in and look at the impact of their content,” he said.

That kind of a project might be out of a small business’ scope, but figuring out ways to open up data and build processes the business can operate without IT can be a time saver. As, Tiwari pointed out, “not everyone has to learn how to code in Python.”

June 27, 2014  4:48 PM

The dawn of the chief marketing technologist; cloud ERP to the rescue

Fran Sales Fran Sales Profile: Fran Sales
Big Data, C-level, CIO, Cloud Computing, Cloud ERP, Customers, Data Analytics, Data brokering, Data privacy, Data Science, Data scientist, Disaster Recovery, Enterprise Resource Planning, Governance, Internet of Things, IT governanace, Marketing, Mobility, SaaS, Transparency

Marketing and brand awareness today sure aren’t what they looked like in the age of Mad Men, associate editor Emily McLaughlin writes in this week’s Searchlight. Marketing to today’s digital consumers requires the bridging of marketing and IT, resulting in the rise of the chief marketing technologist (CMT), an exec with both technical and marketing know-how.

The buzz around sensor data, commonly known as the Internet of Things (IoT), continues to snowball, and deservedly so; compelling use cases abounded at MassTLC‘s recent Value of Things conference about sensor data’s instrumental value in such arenas as urban planning, medical procedures – and even wine-making. But as senior news writer Nicole Laskowski writes in the Data Mill, the hype around IoT will be just that if companies don’t also keep the basics in mind.

Another field in which data analytics is making a splash: education. At the Useful Business Analytics Summit in Boston earlier this month, Alfred Essa, vice president of analytics and R&D at McGraw-Hill Education, detailed how he and his team leverage data science to tackle education’s leading challenges and get closer to their customers in the process.

In another installment of SearchCIO’s video coverage from the recent MIT Sloan CIO Symposium, , managing editor Rachel Lebeaux spoke with Houghton Mifflin Harcourt CIO Brook Colangelo about how he meets the demands of both internal and external customers, and how communicating IT’s value to the business factors into that strategy.

Elsewhere on SearchCIO…

Hailed by industry professionals and drawing investors’ attention, fast-growing craft brewery startups Golden Road Brewing and Avery Brewing Co. looked to be on the fast track, but poorly managed back-end processes and lack of insight into profit margins were holding them back. Luckily, SAP offered a solution in the form of its customized cloud ERP software OBeer. Contributor Christina Parizo explains how the startups’ phased-in implementations of the cloud solution eased inventory management, forecasting and more.

Disaster doesn’t mean what it used to: On top of natural catastrophes like hurricanes, we now have to deal with man-made disruptions such as cyberbreaches. Plus, newer technologies like virtualization, cloud and mobile mean more DR options to choose from. Take our disaster recovery quiz to make sure your business’ DR plan has what it takes to tackle this complex landscape.

On the CIO Symmetry blog, get my two cents on how the developments in mobility and the ubiquity of bring your own device (BYOD) can help round out small and medium-sized businesses’ (SMBs) DR strategy. Despite the risks associated with BYOD, mobile-based DR tools have proven useful in emergency situations and could ultimately bolster SMBs’ DR/BC response when larger disasters strike.

Moving applications and processes to a SaaS model offers CIOs and their teams plenty of opportunities, including business process efficiencies and reduced operational costs. According to expert contributor Harvey Koeppel, IT should treat SaaS governance holistically, taking into account business process support, in order to better align with the business.

It’s been a while since CTO and expert contributor Niel Nickolaisen has had to use an office phone or interoffice mail to communicate and collaborate with his colleagues. Email came along and changed his life; now, social networking is driving the pace of change even faster. Read Nickolaisen’s tip on why it’s time for IT to embrace social networking tools and reap their potential business benefits.

Moving on to SearchCompliance…

The heated debate around the Federal Communications Commission’s recent proposal to lift current net neutrality rules shows no signs of dying down, if SearchCompliance’s recently hosted #GRCchat on the topic is any indication. Editors and tweet jammers alike sounded off on the true implications of passing that proposal on Internet service providers, content providers and consumers.

Companies’ increased handling of and rapid transactions around big data today is making manual segregation of duties (SoD) increasingly fraught with human error and other complications — not good news when mandates such as the Sarbanes Oxley Act (SOX) have made SoD a compliance requirement for many organizations. Site editor Ben Cole interviewed Michael Rasmussen, chief pundit at GRC 20/20 Research LLC, to talk about how automating SoD can help with these challenges.

We’ve also rounded up the top data privacy news from around the Web and discovered a common thread: Consumers are growing ever more wary of companies’ use of their data, and they’re insisting on more privacy. The lesson for companies and data brokers: gain your customers’ trust and increase transparency in your data dealings.

That sums up for this week’s news! Tune in to our Symmetry wrap-up again next week; in the meantime, keep up with our stories during the week by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

June 25, 2014  3:42 PM

Mobile disaster recovery could play a starring role in SMB strategies

Fran Sales Fran Sales Profile: Fran Sales
BYOD, CIO, Data Leakage, Disaster Recovery, Disaster recovery planning, Mobile, Mobile devices

It’s hard enough for enterprises to make sure their disaster recovery (DR) and business continuity (BC) plans are up to the task of meeting all kinds of disasters — not only natural catastrophes, but also those revolving around man-made errors and crises. Disaster nowadays doesn’t just mean “a catastrophe that bring down data centers”: As data becomes more valuable to the business (“data is the new currency!”), its loss, whether in the form of breaches or misplaced devices, becomes another calamity with which large companies must deal.

But small businesses might have it even tougher. They must maintain similar recovery and continuity capabilities, often while drawing on a more-limited pool of resources. And, to make matters more complex, bring your own device (BYOD), which is now commonplace in smaller businesses, probably means more DR-planning headaches when it comes to backing up and securing data on personal devices, not to mention the greater risk of corporate data leakage.

In AT&T’s 2013 business continuity survey of 500 IT executives, 64% responded that they have incorporated wireless network capabilities into their BC plans, while at the same time, 84% reported concern about the potential threats that face mobile networks and devices.

Luckily, new and less-expensive capabilities and services grounded mobility are ripe for the picking to help facilitate companies’ DR/BC planning. Yes, I said mobility — despite the risks associated with BYOD, mobility-based DR/BC products have proven useful in emergency situations and disasters and in ensuring business processes can go on.

For starters, many corporate users already do some work using smart devices, whether company-provided ones (which Nemertes Research predicted 70% of employees carried in 2012) or their own, in order to access or download corporate data, for collaboration or social networking efforts, or other productivity purposes. They also do work on their devices either at the office or remotely. I can attest to this firsthand: Many has been the time that my Internet was down, or I needed to contact my team if I was going to be late to the office, or I was on the train and needed to get in last-minute urgent edits (!). Thankfully, my work email is linked to my smartphone and hasn’t failed me yet.

If, like me, my fellow employees and many others in small- to medium-sized businesses (SMBs) already use their mobile devices for everyday tasks like downloading documents, it makes sense that mobility could foreseeably play a key role in business continuity when greater disasters strike, such as snowstorms and hurricanes. And perhaps, since these same employees are already adept at and comfortable with being productive on their devices in both the personal and business spheres, the learning curve in terms of applying mobile connectivity and productivity in the DR arena won’t be a very steep one. It could mean that they’ll play a more active role in your company’s overall DR plan, whether that means backing up their own devices’ data or being proactive in collaboration and social networking if the office goes out of service, for instance. That could, in turn, make a noticeable difference in how quickly business processes can get back up and running.

A note of caution, however: Any company with a deeply mobile workforce should already have a formal mobility policy in place, and if it plans to use mobile devices as DR tools, such a policy is doubly necessary. Planning for incorporating mobile into your DR plan should start with establishing a mobile security strategy, whether in the form of mobile device management, desktop virtualization, restricted data access, cointainerization or other forms of data monitoring and protection. Plus, adding these devices to the roster of machines that can access your company’s network means the corporate data on these devices must be backed up as well. This can seem a bane to CIOs who don’t want another layer of complexity in their management, so if you’re IT leader seeking to avail your SMB of mobile DR’s perks, make sure you’ve done your homework.

As more of our smartphones and tablets gain access to company networks and mission-critical data, it’s now more of a priority to make sure the servers that support those mobile management applications are also covered in your overarching DR strategy, which should also include redundancy, remote office sites and other layers. Mobility can be an incredibly useful, flexible and cost-effective tool to add to your DR/BC arsenal, especially if you’re a small business, and while you shouldn’t treat it as a one-stop shop, it can bring you one step closer to covering all your DR bases.

June 20, 2014  5:17 PM

A CIO’s hiring strategy predicated on ‘Einsteins’ and ‘Edisons’

Fran Sales Fran Sales Profile: Fran Sales
Big Data, Business Continuity, CIO, cybersecurity, Disaster Recovery, IT leadership, ITSM, Mission Statements, Mobile information management, PCI DSS, Startup

SearchCIO this week continued its video coverage of notable CIOs from the recent MIT Sloan CIO Symposium. Senior news writer Nicole Laskowski caught up with Dieter Haban, CIO at Daimler Trucks North America and a CIO Leadership Award finalist, to talk about how his postdoctoral work influenced his current leadership style, and how he’s learned not to look for particular IT skills when building a team. Watch these video excerpts to see why Haban has made the decision to invest in “Einsteins” and “Edisons.”

In other event news, features writer Kristen Lee swung by the Boston TechJam meetup last week, which teemed with local entrepreneurs, startups, leading tech companies, academics, venture capitalists and many others. The event is an effort by Boston’s tech groups and companies to promote Boston’s “innovation economy,” and comprised a startup pitch competition — and food trucks and beer! Lee’s blog post on TotalCIO shares some must-read advice for startup success.

In other SearchCIO matters…

Save the #CIOChat date: Is your organization ready for when inevitable disaster strikes? With information security a paramount concern for businesses, it’s time for CIOs to push disaster recovery (DR) and business continuity (BC) planning higher up the priority list. On June 25 at 3 p.m. EDT, join us and DR authority Paul Kirvan to discuss how to craft an effective DR/BC plan.

SearchCIO’s e-handbook on IT service management (ITSM) is out! If you’re struggling to manage IT services while keeping up with cloud, mobile and self-service IT, never fear: We’ve got recent stories and advice on innovative service management, how to make ITSM fun and the benefits of revamping your ITSM processes.

As high-profile data breach victims Target and Neiman Marcus move to add CISOs, it’s clear that CIOs and their C-level brethren should think beyond the financial hit of cybercrime. In this week’s Searchlight, associate site editor Emily McLaughlin details how the ever-burgeoning field of data theft is also costing these execs their job, and why they can’t afford to take a wait-and-see approach to security.

Michael Alton, one of Intel’s applied data scientists, says that the problem with big data is “relationships”: The more data businesses collect, the more data points they have to analyze, challenging CIOs to figure out how it all fits together. In Data Mill, Laskowski reports how Intel is using application programming interfaces to connect distributed computing systems to data science tools to make updating newer technologies more seamless.

As employees increasingly use their own devices to store enterprise data, the pressure is on for IT departments to prevent spyware from infiltrating them. In this Ask The Expert, application security expert Michael Cobb offers advice on choosing the best mobile device management product, creating an enterprise store, selecting mobile devices that offer container or workspace capabilities, and more.

It’s not only important to craft mission statements that clearly describe your organization’s purpose — it’s also necessary to continuously update them to reflect its current and long-term goals. Check out our collection of free IT mission statement examples from around the Web to ensure that you and your senior staff are communicating clear goals throughout your company.

Onto SearchCompliance happenings…

The U.S. Securities and Exchange Commission (SEC) recently published a risk alert that reveals its plans to assess the cybersecurity preparedness of more than 50 registered broker-dealers and investment advisers. Expert Jeffrey Ritter’s tip explains how the SEC’s initiative shows its strengthening stance toward regulating the private sector’s information systems and ensuring that their security strategies are adequate — and why your business should take heed.

Organizations that deal with financial data know the importance of making sure they comply with Payment Card Industry Data Security Standard (PCI DSS) requirements. But is passing the yearly PCI DSS audits all it takes? Nope, says Airlines Reporting Corporation’s security exec Rich Licato. While meeting compliance obligations is necessary, organizations must shift their corporate culture to one that targets overall operational risk reduction. Licato details how CISOs are in the prime spot to drive that conversation.

As bring your own device (BYOD) and mobility integrate into companies’ environments, information governance and compliance officers must employ a strong mobility management strategy to tackle the complex risks they pose. From sidestepping mobile security traps to developing a tough encryption policy, check out our top five tips to help bolster your mobile information governance strategy.

That’s it for our news this week! Check in with us again at next week’s Symmetry wrap-up; stay tuned in the meantime by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

June 17, 2014  6:03 PM

Boston TechJam: Beer, live music, and tips on how to be a successful startup

Kristen Lee Kristen Lee Profile: Kristen Lee

The Boston TechJam, now in its second year, is an effort by the city’s tech companies and industry groups to promote the local “innovation economy.” And the boosterism was certainly front and center, including on the event’s website. Would-be attendees were told that “Massachusetts has the world’s greatest concentration of entrepreneurs, emerging and leading tech companies, top-tier academic institutions and students, world-class venture capitalists, incubators, and an eco-system of supporting service providers.” For good measure, the online notice proclaimed, “There is no better place on earth to launch and scale innovative ideas that tackle the toughest challenges.”

No better place on earth may be overstating the case, for sure, (Hello, Silicon Valley!) but the mood was upbeat enough inside Faneuil Hall, the 1742 meeting hall that’s now a popular tourist stop on the city’s 2.5 mile Freedom Trail. When I arrived, the first of six startup companies was trying to convince a panel of judges why it deserved to win this year’s pitch competition. (Prizes included a personal training with boxer/entrepreneur George Foreman III.)

As it turned out, the very first startup to go — Sharalike, a Cambridge-based mobile app that allows users to design slideshows — would end up with the prize, beating out what seemed to me the hands-down winner: Time Out, a mobile app that detects concussions designed by five high school girls from the nearby City of Winchester. (You’ll be hearing more about their software app on our Small Business IT page.)

In between the pitches, some of Boston’s most successful entrepreneurs took the stage to give advice about lessons learned while they struggled to get their companies off the ground.

Here are five tips for startup success that these entrepreneurs passed on to the audience of techies:

1) Have a business plan: “You have to think really hard about what you’re going to accomplish.”

Of course, you say. But having a rigorous business plan is easier said than done, said Rich Doyle co-founder of Boston-based Harpoon Brewery, best known for its India Pale Ale.  “Part of that is forecasting: you have to think really hard about what you’re going to accomplish and hold yourself to those standards or else you’ll never achieve them and you’ll never have a benchmark to know where you should be.” Doyle, who co-founded Harpoon Brewery in 1986 and was an instrumental player in the growth of the American microbrewery industry, wrote his business plan for the Harpoon Brewery during his second year at Harvard Business School after recognizing there was an unmet demand for European style beers.

While it is important to come up with a business plan, it is just as important to acknowledge that most business plans fail, said Donna Levin, co-founder and vice president of operations at, whose mission is to help connect families and caregivers. She said she wished she had known this when starting out as an entrepreneur.

“Don’t be discouraged if it looks like your plan that you worked so hard on doesn’t make it the first time,” Levin advised the crowd. It is important for startups to have a plan a, b, c, and d.

2) Assemble the right team:Happy cows make great cheese.”

By right team, serial entrepreneur Suzie Kim Riley, means people who will stand by you through thick and thin.

“You go from the highest highs to the lowest lows and sometimes they can all happen within one hour,” said Riley, founder and CEO of Aquto, a mobile ad platform. “And I would say that the key is not losing hope and having a strong team around you.”

All five of the entrepreneurs who offered tips talked about the importance of a strong team and why startups, in particular, need to create a culture that empowers their employees and makes them want to stick around.

“Happy cows make great cheese,” Brian Kalma, design chief at Blade, a venture capital firm and tech development studio, said. “So the lesson that you learn from that is basically that culture is king. It is arguably more important to hire for culture and hire the right people than it is to hire for talent and for the specific role that you need at that time.”

And Kalma added that “employees stick around when you build a culture that works for everyone.”

So how do you make sure you hire the right people who will positively influence your company’s culture and help you be successful?

Levin suggests trying the “elevator test.” Basically, when considering hiring someone, ask yourself if you could be stuck in an elevator with that person for three or four hours without wanting to kill yourself.

“And if the answer is ‘I would kill myself’ then they probably shouldn’t be on the team,” Levin said.

3) Communicate with your team: “Transparency is key.”

“Communication matters,” Doyle said. He was seconded by Andy Miller, chief innovation architect at Constant Contact, a company that helps its clients with marketing campaigns. Miller encouraged leaders of startups to share the good and the bad with their employees, if they want to build trust and loyalty. “I truly believe that transparency is key,” he said.

4) Be realistic: “Make a ‘to-not-do’ list.”

It can be difficult to admit you’re not good at something; especially when that means relinquishing control over part of your business to someone more capable than you.

“What are you good at? And how is that likely to mesh with the stages of your business? Are you good at getting something off the ground? Or maybe you aren’t really good at managing people,” Doyle said. “Understanding where you are and what your talents are in the life-cycle of business is really important to know.”

Levin said she wished someone had helped her realize sooner that sometimes, “there comes a point in time when you have to recognize that it’s time to bring in a specialist. And sometimes this means you have to give up the stuff that you really love doing.”

Doyle also suggests making a “to-not-do” list, emphasizing that it’s important to eliminate projects that aren’t worth your time. On Doyle’s “to-not-do” list? Getting rid of things that aren’t creative.

5) Know why you’re starting this company: “It’s that passion that’s going to keep you going.”

The reason is different for everyone. Some do it for money, some do it to be their own boss, some do it because they’re passionate about their idea, etc.

“For me, I always started my companies because I came up with an idea and I felt like if I see somebody else doing this I will die. I just would hate that feeling knowing that it was my idea but somebody else is doing it,” said Riley. “It’s that passion that’s going to keep you going.”

Let us know what you think about the story; email Kristen Lee, features writer, or find her on Twitter @Kristen_Lee_34

June 13, 2014  6:09 PM

CIOs’ origin stories and hurdles; lessons from Tweetdeck’s XSS blunder

Fran Sales Fran Sales Profile: Fran Sales
Big Data, Big Data analytics, CIO, IT Strategy, Net Neutrality, XSS attack

Hear, hear, our new slideshow is here! SearchCIO asked top CIOs at last month’s MIT Sloan CIO Symposium: “What was your biggest IT challenge of the past year?” The responses from leading IT execs hailing from Verizon, Fidelity Investments, Cancer Treatment Centers of America and more might surprise you. See how today’s CIOs are tackling digitization, new regulations, evolving customer expectations and more.

We also continued our video series on outstanding CIOs and IT leaders from the symposium. First up: Fidelity Investments CTO Stephen Neff, one of the symposium’s CIO Leadership Award finalists. Executive editor Linda Tucci caught up with Neff to discuss his eventful career trajectory, which began right after he graduated with a math degree from Rutgers and led to various leadership roles in financial services.

We also continued Kristin Darby’s story from last week. The Cancer Treatment Centers of America CIO is no stranger to the demands of both internal and external customers and how they impact strategic priorities. The former accountant told associate editor Emily McLaughlin how she balances those two customer bases and always prioritizes around the patient. And in a third video interview, Darby discusses how digital care has already benefited healthcare organizations and patients, and what barriers must still be overcome.

More on SearchCIO…

In Searchlight, McLaughlin tackles the security implications of the recent Tweetdeck hack and what they mean for other companies’ preparedness plans. The inadvertent hack, which exposed a longstanding XSS flaw in the Twitter application, should remind CIOs that unforeseen IT issues are inevitable, and it’s important to be prepared.

In the latest Data Mill, senior news writer Nicole Laskowski reports on the outlook of the text analytics market, which at first glance appears to be waning. Not so, according to consultant Seth Grimes. Text analytics actually continues to mature under different monikers (such as natural language processing) and is being integrated with other types of data analytics, he says. Plus, learn how data as a service providers are making a name for themselves and how CIO priorities vary by region.

On TotalCIO, features writer Kristen Lee talks about the rising number of companies discovering the value of IT to the business. The numbers don’t lie: the latest U.S. Bureau of Labor Statistics report show full-time hiring is on the rise and part-time positions declining; many of these new hires have both business and IT acumen. The lesson for CIOs: It’s important to be able to know how to manage change.

And on SearchCompliance…

With cyberthreats lurking around every corner, cybersecurity is no longer just the responsibility of IT and security teams. Because a strong security strategy gives the business competitive edge, the business side now has greater stake in technology decisions; thus, it’s more important than ever that audit and security departments align. In this tip, expert Ed Moyle details how audit officers and their security counterparts can take advantage of the other sides’ expertise for mutual strategic benefit.

It’s time for another #GRCchat tweet jam, this time on the zealously debated topic of net neutrality. The Federal Communications Commission’s proposed Open Internet guidelines that allow for Internet service “fast lanes,” should they go through, will surely impact not only organizations’ service performance and innovation projects, but also their information governance. Have thoughts on the proposal? Join the tweet jam Thursday, June 19, 2014 at 12 p.m. EDT and sound off with SearchCompliance editors, experts and contributors.

Thanks for tuning in! Watch out for more news in next week’s Symmetry wrap-up; ’til then, keep up to date on our news and tips by following us on @SearchCIO, @SearchCIOSMB and @ITCompliance.

June 6, 2014  5:57 PM

The journey to becoming a CIO, and what is small data, really?

Fran Sales Fran Sales Profile: Fran Sales
Apple, Big Data, Big Data analytics, CIO, CIO leadership, Cloud accounting, Customer analytics, Data analysis, Data security standards, FTC, Information governance, IT leadership, ITSM, Rogue IT, social media analytics

On SearchCIO, we’re kicking off a series of video interviews from last month’s MIT Sloan CIO Symposium profiling how some notable CIOs got their start.

First up is AT&T CIO and MIT Sloan CIO Leadership Award winner Thaddeus Arroyo, who attributes his lofty rise in IT and becoming a CIO to a “divergent” professional journey that included lateral moves which allowed him to become the well-rounded leader he is today. Arroyo chatted with SearchCIO executive editor Linda Tucci about the benefits of seizing the “least comfortable” career opportunities.

For Dell global CIO Andi Karaboutis, working in the business in various roles and essentially becoming a customer of IT provided her with the “best IT training.” Senior news writer Nicole Laskowski sat down with the CIO Leadership Award finalist to discuss how her stint in the business equipped her with the tools to view IT from a business perspective.

Kristen Darby’s path to CIO for Cancer Treatment Centers of America  started out in her family’s automation and lighting-design business, where she discovered a talent for software development. She pursued accounting before finally rediscovering IT and the benefits it can bring to  healthcare. Check out her interview with assistant editor Emily McLaughlin in which she recounts her IT journey.

And there are more of these videos to come — stay tuned to SearchCIO!

More on SearchCIO…

Come one, come all, and check out our Essential Guide on crafting an enterprise cloud blueprint. In the latest installment in our CIO Briefings series,  get guidance on deciding between public, private and hybrid cloud models; navigating among various as-a-service offerings; choosing from among a plethora of cloud vendors; creating an integration plan; and more.

In Searchlight, McLaughlin ties the value of CIOs developing skills that pertain to various areas of IT to news from Apple’s Worldwide Developers Conference earlier this week. A key takeaway from the conference was Apple’s reveal of its programming language Swift, which lets users create their own apps after they’ve mastered the syntax. The company’s goal, according to the head of Apple’s Developer Tools department, is to make programming fun — and cultivate a generation of future programmers and IT leaders!

Now that big data is part of the IT lexicon, one data expert thinks CIOs should also be paying attention to small data. How exactly are they different, and is small data sometimes better? The answer isn’t as clear-cut as you might think. In this Q&A, Laskowski sits down with Kirk Borne, a George Mason University professor and expert on all things big data, to discuss exactly what small data is.

The words customer analytics usually have people thinking social media, or maybe even just Twitter. But one social media contrarian isn’t buying it — your customer service department might already have the goods, he says. In advance of next week’s Useful Business Analytics Summit in Boston, Laskowski caught up with moderator and customer analytics expert Tom H.C. Anderson to talk about why social media data isn’t always the way to go.

Is your enterprise ready to take advantage of infonomics — in other words, treat your corporate data as an economic asset? In our June CIO Decisions e-zine, we tackled that question and more, including how Dell’s CIO turned her IT team into a business partner; whether more data trumps clean data; and how to cautiously deploy disruptive technologies when taking humans into account. And in the latest CIO Citings, managing editor Rachel Lebeaux gathered some meaty quotes from the last issue. Get insight from various IT leaders and experts on the prevalence of next-generation mobility, big data analytics in more in today’s enterprises.

Our new features writer Kristen Lee is on a roll! On the TotalCIO blog, she writes about the impact of shadow IT on the likelihood of data breaches; according to a recently released study, the probability is three times higher. Get the details and see how you can prevent costly breaches from occurring.

How are new technologies impacting your IT service management (ITSM) strategies? We decided to take that question to the Twittersphere. We also asked tweet jammers for advice on how to account for the resulting technology skills gap. Plus, participants dished on their top sources of stress when crafting ITSM strategies around new technologies, as well as best practices for problem management. In these recaps, see what tweet jam and ITSM expert Jerry Luftman and other #CIOChat participants had to say about revamping current ITSM processes as enterprises digitize.

And on SearchCompliance…

Managing digital records today means facing the ever-increasing costs of business analysis, regulatory compliance and a host of other concerns. Expert contributor Jeffrey Ritter points out that while it’s tempting to jettison traditional records management techniques in companies’ quest to eagerly adopt new technology, there are some tried-and-true information governance strategies they should cling to.

The Federal Trade Commission is taking a more proactive role in protecting consumer data in response to businesses’ widespread data collection and sharing. In the most recent installment of SearchCompliance’s IT Compliance FAQ series, contributor Caron Carlson addresses common questions surrounding how the FTC has focused on the activity of data brokers and other businesses to improve data security and privacy.

That’s all we’ve got for this week! Watch out for more updates in next week’s Symmetry roundup; before then, keep on top of our news and tips by following us on @SearchCIO, @SearchCIOSMB and @ITCompliance.

May 30, 2014  5:21 PM

Big data market in flux; Apple and Google confront diversity in IT

Fran Sales Fran Sales Profile: Fran Sales
Apple, Big Data, CFO, CIO, cybersecurity, Google, Information security, IT outsourcing, IT talent, Risk management

Kicking off this week is SearchCIO senior news writer Nicole Laskowski’s Data Mill, where she addresses a looming question on everyone’s minds during the MIT Sloan CIO Symposium’s big data panel: Is the big data market converging? Learn why the answer isn’t as simple as you might think; plus, find out how Apache Spark competes with MapReduce, what the future could hold for Google’s driverless car, and how digitization is changing competition within — and across — verticals.

Switching gears, Laskowski writes about how the impact of high-profile data breaches (a la Target) has changed the equation in risk management conversation. At Boston’s 2014 CFO Technology Conference, CFOs and other attendees posed questions to security experts on matters ranging from data breaches, passwords, Software as a Service applications and more.

Elsewhere on SearchCIO…

Apple’s buyout of Dr. Dre’s Beats Electronics and Google’s diversity report monopolized tech news this week. In Searchlight, associate editor Emily McLaughlin highlights an important reality behind these headlines: diversity in IT, in more ways than one. Apple’s purchase might seem a blunder at first blush but, as CEO Tim Cook explained, it’s Beats’ people and their creativity that his company is after. And the harsh reality Google’s report illuminated about the lack of diversity in its workforce (already true in many tech firms) has triggered calls to action for greater transparency and turning to untapped talent sources.

What exactly is “fog computing?” features writer Kristen Lee asks in a TotalCIO blog post. Cisco argues it’s synonymous with Internet of Things (IoT), while others, like Forrester’s James Staten, thinks it’s all hype: “What they call fog we already call mobile and IoT.” But regardless of the name, edge computing is a notion CIOs should consider as more and more devices (like jet engines!) become part of IoT and data continues to balloon.

If there’s one thing we learned at last week’s MIT conference, it’s all about the customer, and a small jeweler business is taking this to heart with its social media strategy. Contributor Christine Parizo recounts how Wixon Jewelers uses social media monitoring and engagement to manage its online reputation and ensure its customers are happy.

How can global sourcing give your company a competitive advantage? Next week’s World BPO/ITO Forum might provide the answer. Editorial director Christina Torode previews the show and its focus on innovative sourcing strategies in an interview with speaker Vishal Ahluwalia.

On that sourcing note, if you’re thinking of taking advantage of cloud and are looking to brush up on the facts, look no further than SearchCIO’s quiz. Review our recent coverage and get some guidance on just what moving some or all your apps or infrastructure to the cloud might mean for your IT staff, business operations, service delivery and bottom line.

We’ve covered aplenty how a strong security strategy can give enterprises a competitive edge, but how exactly can a small business with limited resources leverage security as an asset? Executive editor Linda Tucci talks to Robert Jimenez, IT specialist at Scooterbug, about how he invested in cloud-based security to do just that.

Your turn: If you’re unsure whether your security program can go head to head with today’s breed of cybercrime, have we got a tool for you! Check out SearchCIO’s cybersecurity quiz to review our recent stories and get up to speed on why a strong cybersecurity strategy is valuable to your business and your customers.

Heading over to SearchCompliance…

Today’s digital market, in which consumers and machines are increasingly connected, “data is the new currency,” aptly put by Dell CIO Andi Karaboutis. This means data breaches are a dime a dozen. From MIT’s symposium, associate editor Fran Sales covers panelists’ take on how CIOs and compliance officers should face their fears and take a proactive risk management approach.

One of the fundamental tools IT should utilize to deal with data- and intelligence-driven threats: systems logging. From the RSA 2014 Conference earlier this year, SearchCompliance caught up with Tenable Network Security’s Marcus J. Ranum to discuss what the CSO calls the most important tool in security and why it’s a key element in building a strong, analytics-driven security strategy.

And that’s a wrap! Stay tuned for next week’s Symmetry roundup; before then, get your fix of news and tips by following us on @SearchCIO, @SearchCIOSMB and @ITCompliance.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: