CIO Symmetry


February 22, 2011  7:47 PM

Get cloud computing security in line with enterprise practices

Scot Petersen Scot Petersen Profile: Scot Petersen

You have been reading a lot about cloud computing on SearchCIO.com and SearchCIO-Midmarket.com lately. With good reason: The cloud is the latest game-changer in corporate IT. Sure, there’s the associated hype, but the reality is most CIOs we talk to are taking the cloud seriously.

That is, seriously in terms of how to streamline IT and business operations, but also seriously in terms of the one aspect of cloud computing that gives IT pros pause: security.

At a recent conference I attended for health care CIOs, attendees said that cloud computing security was really their only concern.

The advice from panelists there was that the day will come when we feel as secure about having our personal health information online as we are about having our financial information and accounts online.

This is not a good answer, though, for the question, “How are we going to get there?”

Whatever is the best cloud computing security strategy is already going to be the best security strategy for your own on-site data center: Nonstop diligence, up-to-date technology and monitoring services, and a culture of security in the organization from top to bottom.

Most organizations cannot claim absolute security for their own systems, and until they do, they should worry about cloud initiatives. So start including cloud security in your overall plan to get it in sync with the rest of your operations.

February 17, 2011  5:57 PM

Application retirement: Saying goodbye isn’t so easy

Christina Torode Christina Torode Profile: Christina Torode

There are forces moving organizations down a path toward application retirement but, for some, it might be easier to keep a legacy application rather than put a more modern spin on it.

The arguments for application modernization are many: Increasingly mobile workforces want access to back-end systems without having to call on IT; new generations of workers prefer Web-based interfaces; and the money previously spent on maintaining legacy applications can be put to better use elsewhere.

Technology and services options abound to make the move easier. Applications can be retired and moved to a Software as a Service (SaaS) provider, removing the need to support and maintain the software. There are companies that specialize just in migrating data out of older systems into a new ERP suite, and there are vendors that will do a code audit, removing wasteful code and using the “good code” to build a new application.

But for each of these steps, there are months of up-front preparation. The first step is choosing which applications stay and which can go. Skill sets must also be evaluated to figure out which modernization path is the best fit— for example, does your staff need to learn a new programming language if a service-oriented architecture (SOA) is you application retirement path? You will also need to factor in and plan for business disruptions.

You could also choose to not modernize the back-end system and instead build a new front-end. In this case, it may be simpler to leave the back-end alone and enable a larger set of users to meet changing business needs with a friendlier interface.

Or is this a Band-Aid?

Let us know what about your application retirement plans; email Christina Torode, News Director.


February 15, 2011  3:14 PM

Pros and cons of disaster recovery in the cloud

Christina Torode Christina Torode Profile: Christina Torode

Disaster recovery in the cloud is manna from heaven for some IT executives.

There’s no grappling over IT dollars for DR for a given project. The cost of DR is simply slipped in as part of the monthly subscription fee, whether the service is for a hosted application or hosted infrastructure.

Not too shabby. And, as far as cloud proponents are concerned, the providers are going to make sure that disaster recovery is a priority because their business models and reputations are built up (or ruined) if they don’t get DR right.

That’s a pretty big incentive for cloud providers, so it makes sense that their DR capabilities are going to be better than their customer’s.

That’s one way of looking at it. Another is that disaster recovery in the cloud could hurt — rather than help — your DR plans.

Some IT executives are ground-shipping their data to their cloud provider because they don’t want their data on a public network. They’re also afraid that, once the cloud provider has their data, they may lose access to it for a variety of reasons: the cloud provider’s employees could mishandle the data, or the company could experience a service disruption or even go out of business. Cloud provider outages do not exactly make a case for disaster recovery in the cloud.

According to a blog post on ReadWrite Cloud on the Top 5 cloud outages, “Mark Williams, a cloud computing consultant based out of the United Kingdom, found 23 reports of cloud computing failure in 2010. Google had 12 outages. Amazon had five. He reported that Microsoft had four outages. Salesforce.com had two.”

Laura Smith, features writer for SearchCIO.com, recently wrote about the top 10 public cloud risks, and while security was number one, availability made the list, too.

“It’s all about quality, not about low-cost services anymore,” Lalitendu Panda, global CIO of D&M Holdings Inc., pointed out in Smith’s story. “Interruption of service is an issue; we have had a couple of situations. It’s not like having your own [infrastructure] that you can modify. You have no control over what else is running on the cloud that could degrade performance.”

If the company can afford to lose access to an application, it would seem that disaster recovery in the cloud is a moot point. As cloud providers push to accommodate more mission-critical applications, enterprises will inevitably lose access at some point.

But that happens anyway in some organizations. So maybe we should just call it a draw.


February 10, 2011  9:43 PM

Effects of the Egypt Internet shutdown

Scot Petersen Scot Petersen Profile: Scot Petersen

It’s a sign of how dependent our lives have become on the Internet, or more accurately, of “being connected.” News of Egypt cutting off Internet and cellular service for five days this week shocked the world, with fears that news of the revolution would disappear down a black hole or, worse, prevent the protesters from communicating with one another.

But guess what? News did not disappear. Information and video still showed up on Al Jazeera and CNN and other outlets, and such ancient technologies as fax, dial-up modem and ham radio served as alternatives for the unplugged. The Egypt Internet shutdown did not appear to slow down the protesters. The oldest form of communication — word of mouth — may work faster on a local level than anything in our digital world.

It seems as if wired Americans in particular were the most derailed by the shutdown because they were no longer able to get news from Egypt via their preferred channels of Twitter and Facebook. And Frank Rich makes a lot of sense when he argues that we are affected by “the default assumption that the Egyptian uprising … must be powered by the twin American-born phenomena of Twitter and Facebook.”

There are still serious questions about how effective social networking tools can be in these situations. I wrote last year about how the revolution will not be Tweeted. This week, another Middle East hotspot, Syria, opened up Facebook and YouTube after a three-year ban. But really, what better means is there to keep an eye on dissent?


February 8, 2011  3:59 PM

Software tools can be basis for successful ITIL strategy

Scot Petersen Scot Petersen Profile: Scot Petersen

The IT Infrastructure Library (ITIL) can be a useful tool — for those who have ventured into it. Just 40% of 169 IT managers at midmarket firms surveyed by SearchCIO-Midmarket.com last year are using ITIL best practices for IT service management, although 57% are planning or investigating the framework.

Of those who are using ITIL, two-thirds say their ITIL strategy has lived up to expectations. The problem is getting started, training staff and getting buy-in from upper management to implement the practices.

Probably the easiest method to get ITIL into your organization is through software tools that have ITIL processes embedded into them.

Jennifer Gianfrancesco, director of IT at Pittsburgh’s Magee-Women’s Research Institute and a certified ITIL practitioner, threw out the old Excel-based help desk system she inherited three years ago and brought in Cherwell Software Inc.’s Cherwell Service Management.

Her staff uses it for asset intelligence, configuration management, incident reporting and software management, among other services. The key, however, she says, is that the tool enables you to apply ITIL where you need it, and doesn’t require you to go for everything. Like ITIL itself, the software enables “a method. It doesn’t tell you how to implement.”

If you are looking for some advice on ITIL strategy and picking ITIL tools, check out contributor Jonathan Hassell’s column on must-have ITIL tool features.


February 3, 2011  7:35 PM

Is there an iPhone business app for that?

Christina Torode Christina Torode Profile: Christina Torode

I’ve had an iPhone 4 for a few months now and I haven’t even begun to tap all the things I can do, and I’m nowhere near taking advantage of all the iPhone business apps.

I know this because the salesperson over at the Apple store gave me a funny look when I asked him to check if I had a defective battery. ‘Gee, you haven’t downloaded much. I have 3,000 songs on my iPhone and…hmmm you’re on an older version of the OS. Do you sync your phone up with your computer to get the latest updates? Have you checked out the App store? There are apps that you can use for work too, and you can make your own apps.’

What I’ve discovered so far is songs that I haven’t heard for years, Angry Birds (yes the game is as addictive as everyone says) and that you can scratch your iPhone screen (despite the car key test the Apple store employees show you before you buy one). All it takes is walking away from your phone for a few minutes while a puppy intent on eating your iPhone bumper is in the room.

As for business applications, I have it synced up with my work email account and I downloaded a scanner application to input receipts in my company’s travel and expense system. That’s it. It’s pitiful I know, but I have been checking out other iPhone business apps lately.

If I were a salesperson I could track leads and view invoices, and if I were a sys admin I could remotely update desktops. Actually, there are a lot of useful iPhone apps for IT admins like Rove Virtual Machine Manager and NiceTrace.There’s also apps that let you view financial reports and see how well a marketing campaign is doing.

And in this economy, who couldn’t use a few good networking apps. On the retail side I think it’s pretty cool that credit card transactions can now be swiped on the iPhone, even if I’m switching topics here to hardware advancements.

I know I’m glossing over a lot of other applications, but what I’m looking for is iPhone business apps that appeal to a more general audience, and what is more general than the use of Microsoft Office. I haven’t tried these out yet so this is by no means a plug, but according to their Website, DataViz makes Documents to Go, an application that lets you view and edit word documents and sync mail and documents with your Exchange Server. QuickOffice also has a suite of applications, one of which lets you create and edit Office files on your iPhone.

I’m not the only one on the look out for useful, general purpose mobile business apps. A lot of IT executives are putting mobile application development at the top of their priority list. The consensus at a Society for Information Management panel at the annual SIM conference this past October was that the developer community isn’t making many useful business applications, but instead ones that appeal to younger consumers. And this group of consumers find business applications “boring.”

“We, as enterprise architects of our organizations, have to understand that feature sets are going to be driven by consumer demand, not by what we in the business would like to see,” said panelist Chuck Musciano, vice president and CIO of construction material supplier Martin Marietta Materials Inc., at the time.

If this is true, then it will be up to internal IT departments to come up with ways to connect apps that the business needs to mobile devices, as is the case already at many Midmarket companies.

Let us know what you think about this blog post; email Christina Torode, News Director.


February 1, 2011  6:05 PM

IT innovation is just a matter of time

Scot Petersen Scot Petersen Profile: Scot Petersen

Innovation is a popular topic among IT professionals and media. It’s also one of the more misunderstood concepts. If you ask 10 CIOs what IT innovation means to them or to their companies, you will get 10 different answers. You will get some original thought on it; you will also get some useful nugget that someone borrowed from someone else.

This ambiguity is one reason why we have started to talk more directly to CIOs about IT innovation, with the CIO Innovators: Profiles in IT and Business Leadership. Not innovation in an abstract sense, but really, what role did innovation play in the execution of a successful IT project? Was the original idea born out of innovative thinking, or did innovative methods enable the project to get off the ground or clear significant hurdles along the way?

What we are seeing is that what’s more important than the random innovative thought or impulse is being able to create a culture of innovation in which out-of-the-box thinking can thrive. More to the point, to create a culture in which innovation is part of everything you do.

An example of this is from Steven John, CIO of H.B. Fuller, who explained that an innovative environment is a function of time. You have to allot time to people to develop ideas, and you have to have enough foresight into the goals of an organization that you can start planning how to get there early — early enough that you can still bat multiple ideas around rather than have to stick to one because there isn’t time to think of an alternative.

John also said that in order to free up time to think in an innovative way, you have to make sure that no one is wasting their time or others’ in day-to-day activities and that no one is duplicating tasks. “If you are doing something that someone else can do, then things that only you can do are not getting done,” he said.

Make that a resolution for 2011: Eliminate wasted time. That may not be “innovative” in itself, but it could put you on the right track.


January 25, 2011  3:17 PM

IT salary survey numbers may obscure still struggling economy

Scot Petersen Scot Petersen Profile: Scot Petersen

Reader Jim Dries offered me another point of view on the SearchCIO.com salary and careers survey, which was completed late last year.

In our 2010 IT salary survey, all signs point to increased salaries for most levels of IT managers and above in most industries and companies, large and small. The numbers were higher than 2009 and also pointed to a better 2011 for most involved in the profession.

However, our IT salary survey numbers may overlook one area that Dries says should be taken into consideration: “My … interpretation of the higher IT salaries is that it has less to do with the rising economy and more to do with a leaner staff being paid more to stay and do more with less,” he said in an email.

He’s right in the sense that IT managers, directors and executives have been learning to do more with less for several years now. And certainly the total numbers of IT personnel have dwindled, so we should consider the number of jobs lost to the increased efficiencies that IT is building into its systems, as well as lost to outsourcing outright.

“These are the type of actions businesses are taking and evidenced by industry information. Less can be said of the evidence for a ‘recovering economy,’” he wrote.

And despite the “recovering economy,” unemployment is still high, and in fact has increased several percentage points since the 2008 meltdown officially ended in June 2009.


January 21, 2011  3:15 PM

Get started on XP migration to Windows 7 by 2012

Christina Torode Christina Torode Profile: Christina Torode

I remember talking to an IT manager about his XP migration plans to Vista, and he said that he was going to hold on to XP come hell or high water. Mainstream support for XP had ended and extended support for the OS will end in April 2014, but it didn’t matter to him. He was determined to make it work.

These days, an XP migration to Windows 7 feels inevitable. Vista just didn’t cut it, but Windows 7 is promising to take away the things that aggravated you about Vista, and has features that make your life easier. With Windows 7, you get improved management, security and reliability features: AppLocker, BitLocker, BranchCache and an improved user interface, just to name a few features.

You also get tools that Microsoft has developed to address some of the application compatibility problems, tools like Shims that target specific compatibility problems with applications when moving from XP to Windows 7.

Gartner estimates that it will take 12 to 18 months to plan your migration: gathering information about applications and hardware, testing and remediation and piloting, while some software vendors will stop supporting Windows XP in 2012.

Between the potential lack of support for XP on the part of some software and hardware vendors by 2012 and the end of extended XP support in 2014, Gartner analyst Stephen Kleynhans said time is running out. “It’s like we are test crash dummies heading for a wall,” he said during a recent webcast on migrating to Windows 7.

But I’d like to hear from you about your XP migration plans. Does the 2014 end to extended support make a difference to your plans, and how long do you think your XP migration will take?

ctorode@techtarget.com.


January 13, 2011  9:11 PM

IT salaries creeping up in 2011, mood mostly positive

Christina Torode Christina Torode Profile: Christina Torode

The average IT salary in 2010 for senior IT executives, mid-level IT executives and IT managers was $121,797, according to our annual CIO Salary and Careers Survey, taken in November.

This is a $10,000-plus drop from the average IT salaries of the 952 senior, mid-level and IT manager professionals we polled in 2009 (when the average was $132,203). But this is not an apples-to-apples comparison as, year over year, the respondents to the survey are not the same individuals, and the number of respondents within each IT job category also changes.

Disclaimer aside, the 921 respondents to our most recent survey are making less money than the respondents to our survey in 2009 but, on a brighter note, this year’s group of respondents did see salary increases.

When asked about their IT salaries in 2010 compared to 2009, mid-level IT directors said they saw the biggest bump, a 4.3% increase from an average salary of $116,976 in 2009 to $121,979 in 2010. Senior IT executives saw an average increase of 1.7% ($145,899 in 2009, versus $148,380 in 2010). IT managers’ raises were miniscule in comparison, only .3% ($94,744 in 2009 and $95,032 in 2010).

So it would seem that mid-level IT management is not a bad place to be. But senior-level IT executives are expecting the biggest pay raise as we move into 2011 — a 5.3% increase.

Mid-level IT executives, meanwhile, predict a 4.5% pay raise in 2011, and IT managers a 4.1% increase.

Broken out by industry, senior IT executives’ IT salaries in the financial services sector increased by 15.2% in 2010 to $152,437 compared to 2009, and these executives expect a 4.4% pay hike in 2011. On the other end of the spectrum, IT salaries for senior IT executives in health care saw their pay drop by 7.3% to an average $142,686 in 2010.

The government sector was not a good place to be as far as IT salaries for mid-level IT managers. Compared to 2009, their salaries dropped by 7.3% in 2010 to $109,278.

Mood by industry

Despite seeing the biggest drops in salaries, IT professionals in health care and government sectors are not the most pessimistic. Granted, when you start to break the numbers down by industry, the stats become a bit more anecdotal due to their smaller sample sizes in comparison to overall respondents. Of the 100 IT professionals in the health care sector asked about the mood in their organization, 38% were pessimistic, 30% optimistic and 32% neutral. Of the 88 government sector respondents, 42% were pessimistic, 32% optimistic and 26% neutral.

The 22 IT folks in the entertainment sector that answered our question about the mood in their organization were the most pessimistic: 64%.

But overall, 72% of senior IT executives, 65% of mid-level IT directors and 61% of IT managers rate the mood at their organizations as neutral or optimistic as SearchCIO-Midmarket.com Senior News Writer Linda Tucci points out in her story on how IT salaries vary by industry.

Another optimistic sign? IT budgets are expected to grow by about 2.8% this year, according to 2,300 respondents from around the world (excluding China) to TechTarget’s 2011 IT Priorities Survey.

Anecdotally, IT professionals I’ve been talking to lately are on the hunt to hire: One data center manager is looking for several virtualization experts (a hot commodity) and a small consulting firm just hired a new expert.

The conversations I’ve had during the year also gradually turned from a lead focus on cost cutting to prioritizing projects that have been put off. This doesn’t necessarily mean that controlling costs isn’t still paramount, but it is yet another sign that the outlook for 2011 is looking a little rosier.

What’s your outlook? Email me at Christina Torode, News Director.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: