CIO Symmetry


March 1, 2011  7:09 PM

What would an Internet kill switch really mean?

Scot Petersen Scot Petersen Profile: Scot Petersen

The Internet shutdown in Eqypt last month raised questions regarding whether the U.S. would be able to do the same with a so-called Internet kill switch bill.

This is not the first time such a bill has been discussed. The Rockefeller-Snowe bill last year contained a kill-switch option before it was pulled out.

Fears are circulating that this ability would be used to censor the Internet or take away access to the public. But the Protecting Cyberspace as a National Asset Act (S.3480) is expressly about being able to thwart a cyberattack on what is deemed critical infrastructure.

I’m suspicious of that, really, despite the efforts of the bill’s sponsors to sort out myth from reality. And I seriously doubt the ability to be able to selectively shut down certain parts of the Internet without grinding the U.S. economy to a halt.

However, the shutdown concept should be considered, especially from the IT perspective, rather than the purely political. Attacks are getting more and more sophisticated and are able to target systems that where once thought to be immune from cyberattacks, like manufacturing production systems. So beyond the government thinking about the concept of a kill switch, U.S. businesses should also be thinking in terms of their own critical infrastructure and treat security as a business continuity issue.

February 24, 2011  5:38 AM

Food for thought: Cloud computing technology minimizes human touch

4Laura Laura Smith Profile: 4Laura

The topic of innovation made for choice dinner conversation last week when President Barack Obama met with a dozen titans of the IT industry at a private home in Silicon Valley, Calif. White House Press Secretary Jay Carney said Obama wanted to know how lessons learned by the technology industry — a bright spot in the U.S. economy — can be applied to other U.S. industries as well.

It’s an interesting time to ask the question, given the shifting terra firma of the IT world. Convergence is the word of the day, from both technology and business points of view. Consider that, in the last month, global telcos have gobbled up cloud computing technology and content providers (Verizon Communications Inc./Terremark Worldwide Inc.; Comcast Corp./NBC Universal Inc.) to deliver digital content as well as cloud services. Meanwhile, traditional IT vendors of various cloud computing parts are forming alliances faster than you can say virtualization. Cisco Systems Inc., VMware Inc. and EMC Corp., for example, offer the Vblock converged virtual architecture, a “cloud in a box” solution for midmarket companies that seek the scalability and measured service of a cloud while maintaining control over private data.

Ever since the first PC was networked three decades ago, business computing has been on a rollercoaster: The dot-com buildout and ensuing bust; a cost-cutting wave of virtualization; the consumer-led influx of social networks and smartphones; and, now, cloud computing technology, with its associated risks.

In January, Federal CIO Vivek Kundra lit a fire under the National Institutes of Standards and Technology to accelerate the adoption of security and interoperability standards. Identity management remains a hurdle in this race, so the government has also announced initiatives toward a “trusted identity ecosphere.”

Let’s hope someone at the presidential dinner asked the “elephant in the room” question: If everything moves to the cloud, and the cloud is an automated environment, what will become of all the people who work in the IT industry?

“Yes, cloud computing will cause you to lose your job,” predicted Greg Shields, senior partner and principal technologist at Concentrated Technology LLC, an IT education and strategic consulting practice in Denver, Colo. “Any industry is going to get simpler when we figure out how to automate.”

But when one door closes, another one opens. Perhaps legions of IT staffers will become independent cloud brokers, transitioning to a growing small business/home office market as more people work remotely to reduce their carbon footprints. Maybe IT executives will dive into vertical markets to reinvent themselves, as Dell Inc. is attempting to do with its cloud in a box for health care.

What’s on your plate? Send me an email.


February 22, 2011  7:47 PM

Get cloud computing security in line with enterprise practices

Scot Petersen Scot Petersen Profile: Scot Petersen

You have been reading a lot about cloud computing on SearchCIO.com and SearchCIO-Midmarket.com lately. With good reason: The cloud is the latest game-changer in corporate IT. Sure, there’s the associated hype, but the reality is most CIOs we talk to are taking the cloud seriously.

That is, seriously in terms of how to streamline IT and business operations, but also seriously in terms of the one aspect of cloud computing that gives IT pros pause: security.

At a recent conference I attended for health care CIOs, attendees said that cloud computing security was really their only concern.

The advice from panelists there was that the day will come when we feel as secure about having our personal health information online as we are about having our financial information and accounts online.

This is not a good answer, though, for the question, “How are we going to get there?”

Whatever is the best cloud computing security strategy is already going to be the best security strategy for your own on-site data center: Nonstop diligence, up-to-date technology and monitoring services, and a culture of security in the organization from top to bottom.

Most organizations cannot claim absolute security for their own systems, and until they do, they should worry about cloud initiatives. So start including cloud security in your overall plan to get it in sync with the rest of your operations.


February 17, 2011  5:57 PM

Application retirement: Saying goodbye isn’t so easy

Christina Torode Christina Torode Profile: Christina Torode

There are forces moving organizations down a path toward application retirement but, for some, it might be easier to keep a legacy application rather than put a more modern spin on it.

The arguments for application modernization are many: Increasingly mobile workforces want access to back-end systems without having to call on IT; new generations of workers prefer Web-based interfaces; and the money previously spent on maintaining legacy applications can be put to better use elsewhere.

Technology and services options abound to make the move easier. Applications can be retired and moved to a Software as a Service (SaaS) provider, removing the need to support and maintain the software. There are companies that specialize just in migrating data out of older systems into a new ERP suite, and there are vendors that will do a code audit, removing wasteful code and using the “good code” to build a new application.

But for each of these steps, there are months of up-front preparation. The first step is choosing which applications stay and which can go. Skill sets must also be evaluated to figure out which modernization path is the best fit— for example, does your staff need to learn a new programming language if a service-oriented architecture (SOA) is you application retirement path? You will also need to factor in and plan for business disruptions.

You could also choose to not modernize the back-end system and instead build a new front-end. In this case, it may be simpler to leave the back-end alone and enable a larger set of users to meet changing business needs with a friendlier interface.

Or is this a Band-Aid?

Let us know what about your application retirement plans; email Christina Torode, News Director.


February 15, 2011  3:14 PM

Pros and cons of disaster recovery in the cloud

Christina Torode Christina Torode Profile: Christina Torode

Disaster recovery in the cloud is manna from heaven for some IT executives.

There’s no grappling over IT dollars for DR for a given project. The cost of DR is simply slipped in as part of the monthly subscription fee, whether the service is for a hosted application or hosted infrastructure.

Not too shabby. And, as far as cloud proponents are concerned, the providers are going to make sure that disaster recovery is a priority because their business models and reputations are built up (or ruined) if they don’t get DR right.

That’s a pretty big incentive for cloud providers, so it makes sense that their DR capabilities are going to be better than their customer’s.

That’s one way of looking at it. Another is that disaster recovery in the cloud could hurt — rather than help — your DR plans.

Some IT executives are ground-shipping their data to their cloud provider because they don’t want their data on a public network. They’re also afraid that, once the cloud provider has their data, they may lose access to it for a variety of reasons: the cloud provider’s employees could mishandle the data, or the company could experience a service disruption or even go out of business. Cloud provider outages do not exactly make a case for disaster recovery in the cloud.

According to a blog post on ReadWrite Cloud on the Top 5 cloud outages, “Mark Williams, a cloud computing consultant based out of the United Kingdom, found 23 reports of cloud computing failure in 2010. Google had 12 outages. Amazon had five. He reported that Microsoft had four outages. Salesforce.com had two.”

Laura Smith, features writer for SearchCIO.com, recently wrote about the top 10 public cloud risks, and while security was number one, availability made the list, too.

“It’s all about quality, not about low-cost services anymore,” Lalitendu Panda, global CIO of D&M Holdings Inc., pointed out in Smith’s story. “Interruption of service is an issue; we have had a couple of situations. It’s not like having your own [infrastructure] that you can modify. You have no control over what else is running on the cloud that could degrade performance.”

If the company can afford to lose access to an application, it would seem that disaster recovery in the cloud is a moot point. As cloud providers push to accommodate more mission-critical applications, enterprises will inevitably lose access at some point.

But that happens anyway in some organizations. So maybe we should just call it a draw.


February 10, 2011  9:43 PM

Effects of the Egypt Internet shutdown

Scot Petersen Scot Petersen Profile: Scot Petersen

It’s a sign of how dependent our lives have become on the Internet, or more accurately, of “being connected.” News of Egypt cutting off Internet and cellular service for five days this week shocked the world, with fears that news of the revolution would disappear down a black hole or, worse, prevent the protesters from communicating with one another.

But guess what? News did not disappear. Information and video still showed up on Al Jazeera and CNN and other outlets, and such ancient technologies as fax, dial-up modem and ham radio served as alternatives for the unplugged. The Egypt Internet shutdown did not appear to slow down the protesters. The oldest form of communication — word of mouth — may work faster on a local level than anything in our digital world.

It seems as if wired Americans in particular were the most derailed by the shutdown because they were no longer able to get news from Egypt via their preferred channels of Twitter and Facebook. And Frank Rich makes a lot of sense when he argues that we are affected by “the default assumption that the Egyptian uprising … must be powered by the twin American-born phenomena of Twitter and Facebook.”

There are still serious questions about how effective social networking tools can be in these situations. I wrote last year about how the revolution will not be Tweeted. This week, another Middle East hotspot, Syria, opened up Facebook and YouTube after a three-year ban. But really, what better means is there to keep an eye on dissent?


February 8, 2011  3:59 PM

Software tools can be basis for successful ITIL strategy

Scot Petersen Scot Petersen Profile: Scot Petersen

The IT Infrastructure Library (ITIL) can be a useful tool — for those who have ventured into it. Just 40% of 169 IT managers at midmarket firms surveyed by SearchCIO-Midmarket.com last year are using ITIL best practices for IT service management, although 57% are planning or investigating the framework.

Of those who are using ITIL, two-thirds say their ITIL strategy has lived up to expectations. The problem is getting started, training staff and getting buy-in from upper management to implement the practices.

Probably the easiest method to get ITIL into your organization is through software tools that have ITIL processes embedded into them.

Jennifer Gianfrancesco, director of IT at Pittsburgh’s Magee-Women’s Research Institute and a certified ITIL practitioner, threw out the old Excel-based help desk system she inherited three years ago and brought in Cherwell Software Inc.’s Cherwell Service Management.

Her staff uses it for asset intelligence, configuration management, incident reporting and software management, among other services. The key, however, she says, is that the tool enables you to apply ITIL where you need it, and doesn’t require you to go for everything. Like ITIL itself, the software enables “a method. It doesn’t tell you how to implement.”

If you are looking for some advice on ITIL strategy and picking ITIL tools, check out contributor Jonathan Hassell’s column on must-have ITIL tool features.


February 3, 2011  7:35 PM

Is there an iPhone business app for that?

Christina Torode Christina Torode Profile: Christina Torode

I’ve had an iPhone 4 for a few months now and I haven’t even begun to tap all the things I can do, and I’m nowhere near taking advantage of all the iPhone business apps.

I know this because the salesperson over at the Apple store gave me a funny look when I asked him to check if I had a defective battery. ‘Gee, you haven’t downloaded much. I have 3,000 songs on my iPhone and…hmmm you’re on an older version of the OS. Do you sync your phone up with your computer to get the latest updates? Have you checked out the App store? There are apps that you can use for work too, and you can make your own apps.’

What I’ve discovered so far is songs that I haven’t heard for years, Angry Birds (yes the game is as addictive as everyone says) and that you can scratch your iPhone screen (despite the car key test the Apple store employees show you before you buy one). All it takes is walking away from your phone for a few minutes while a puppy intent on eating your iPhone bumper is in the room.

As for business applications, I have it synced up with my work email account and I downloaded a scanner application to input receipts in my company’s travel and expense system. That’s it. It’s pitiful I know, but I have been checking out other iPhone business apps lately.

If I were a salesperson I could track leads and view invoices, and if I were a sys admin I could remotely update desktops. Actually, there are a lot of useful iPhone apps for IT admins like Rove Virtual Machine Manager and NiceTrace.There’s also apps that let you view financial reports and see how well a marketing campaign is doing.

And in this economy, who couldn’t use a few good networking apps. On the retail side I think it’s pretty cool that credit card transactions can now be swiped on the iPhone, even if I’m switching topics here to hardware advancements.

I know I’m glossing over a lot of other applications, but what I’m looking for is iPhone business apps that appeal to a more general audience, and what is more general than the use of Microsoft Office. I haven’t tried these out yet so this is by no means a plug, but according to their Website, DataViz makes Documents to Go, an application that lets you view and edit word documents and sync mail and documents with your Exchange Server. QuickOffice also has a suite of applications, one of which lets you create and edit Office files on your iPhone.

I’m not the only one on the look out for useful, general purpose mobile business apps. A lot of IT executives are putting mobile application development at the top of their priority list. The consensus at a Society for Information Management panel at the annual SIM conference this past October was that the developer community isn’t making many useful business applications, but instead ones that appeal to younger consumers. And this group of consumers find business applications “boring.”

“We, as enterprise architects of our organizations, have to understand that feature sets are going to be driven by consumer demand, not by what we in the business would like to see,” said panelist Chuck Musciano, vice president and CIO of construction material supplier Martin Marietta Materials Inc., at the time.

If this is true, then it will be up to internal IT departments to come up with ways to connect apps that the business needs to mobile devices, as is the case already at many Midmarket companies.

Let us know what you think about this blog post; email Christina Torode, News Director.


February 1, 2011  6:05 PM

IT innovation is just a matter of time

Scot Petersen Scot Petersen Profile: Scot Petersen

Innovation is a popular topic among IT professionals and media. It’s also one of the more misunderstood concepts. If you ask 10 CIOs what IT innovation means to them or to their companies, you will get 10 different answers. You will get some original thought on it; you will also get some useful nugget that someone borrowed from someone else.

This ambiguity is one reason why we have started to talk more directly to CIOs about IT innovation, with the CIO Innovators: Profiles in IT and Business Leadership. Not innovation in an abstract sense, but really, what role did innovation play in the execution of a successful IT project? Was the original idea born out of innovative thinking, or did innovative methods enable the project to get off the ground or clear significant hurdles along the way?

What we are seeing is that what’s more important than the random innovative thought or impulse is being able to create a culture of innovation in which out-of-the-box thinking can thrive. More to the point, to create a culture in which innovation is part of everything you do.

An example of this is from Steven John, CIO of H.B. Fuller, who explained that an innovative environment is a function of time. You have to allot time to people to develop ideas, and you have to have enough foresight into the goals of an organization that you can start planning how to get there early — early enough that you can still bat multiple ideas around rather than have to stick to one because there isn’t time to think of an alternative.

John also said that in order to free up time to think in an innovative way, you have to make sure that no one is wasting their time or others’ in day-to-day activities and that no one is duplicating tasks. “If you are doing something that someone else can do, then things that only you can do are not getting done,” he said.

Make that a resolution for 2011: Eliminate wasted time. That may not be “innovative” in itself, but it could put you on the right track.


January 25, 2011  3:17 PM

IT salary survey numbers may obscure still struggling economy

Scot Petersen Scot Petersen Profile: Scot Petersen

Reader Jim Dries offered me another point of view on the SearchCIO.com salary and careers survey, which was completed late last year.

In our 2010 IT salary survey, all signs point to increased salaries for most levels of IT managers and above in most industries and companies, large and small. The numbers were higher than 2009 and also pointed to a better 2011 for most involved in the profession.

However, our IT salary survey numbers may overlook one area that Dries says should be taken into consideration: “My … interpretation of the higher IT salaries is that it has less to do with the rising economy and more to do with a leaner staff being paid more to stay and do more with less,” he said in an email.

He’s right in the sense that IT managers, directors and executives have been learning to do more with less for several years now. And certainly the total numbers of IT personnel have dwindled, so we should consider the number of jobs lost to the increased efficiencies that IT is building into its systems, as well as lost to outsourcing outright.

“These are the type of actions businesses are taking and evidenced by industry information. Less can be said of the evidence for a ‘recovering economy,’” he wrote.

And despite the “recovering economy,” unemployment is still high, and in fact has increased several percentage points since the 2008 meltdown officially ended in June 2009.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: