Migrating to the cloud is a big decision with a lot of moving parts. One of the most crucial pieces is the often-dreaded cloud contract. In this two-part feature, learn best practices for negotiating a cloud contract and explore the importance of CIO peer review in contract negotiations.
IBM seeks to bring cognitive computing to the masses with the new Cognitive Business Solutions group. Will it succeed? In this week’s Searchlight, site editor Fran Sales details IBM’s initiative and explores the CIO angle. Also in Searchlight: Apple splits with VMware and Dell considers buying EMC.
What are big data’s biggest ethical challenges? At a recent Harvard University event, academics and IT professionals discussed big data ethics and why CIOs need to get involved.
Quiet time isn’t just for kids. At the recent Strata + Hadoop World conference, IT professionals discussed why more quiet time leads to a more creative mind. Also in Data Mill, meet the #HowOldRobot and find out how IoT is influencing the Tour de France.
Before diving into IoT projects, there are some things CIOs need to know. In the latest issue of our CIO Decisions e-zine, discover the must-know aspects of IoT that all CIOs should know before getting started on their next big enterprise IoT project.
Over on the TotalCIO blog, find out how knowledgeable security experts can help keep your company breach-proof. Then, features writer Jason Sparapani explores whether CIOs are ready for a future filled with hybrid cloud.
On SearchCompliance, corporate customers play a bigger role in cloud data loss prevention than you thought, according to security expert Jeff Jenkins. Find out why. Then, check out the latest handbook on cloud risk management to learn governance strategies to protect digital assets.
Please follow @SearchCIO, @SearchCIOSMB and @ITCompliance for our new stories throughout the week.
Running a focus group is not unlike gathering requirements for an IT project: Both rely on collecting qualitative information to tap into the customer’s perspective. As IT professionals know, what business users say they want and claim they do often differs from what they really need or actually do. Focus groups also fail to tell the whole story, as Farrah Bostic, founder of The Difference Engine in Brooklyn, pointed out during her talk at Strata + Hadoop World in New York City.
Bostic doesn’t consider the focus group a broken tool; it’s more like it’s become a crutch. Instead, businesses should look beyond the focus group — or any one tool — to collect qualitative research. “One of the problems I see is that we use one tool, and often not the right tool, to figure out what we’re going to do next as opposed to using all of the tools at our disposal,” Bostic said.
Several years ago, in a study Bostic did with a food marketer, she asked customers to talk about how they put together their grocery lists and how they did their grocery shopping and then asked them to record the process with a video camera.
One customer said she didn’t need to make a list, and that it was all, “up here.” That turned out not to be true, based on the video evidence, which showed her opening every cabinet and both refrigerators to find out what she was running low on and then jotting down a list of what she needed.
Even more telling? Only 50% of what the customer included on her list ended up in her grocery cart, and the other 50% was swapped out on the fly for something that looked better, for something new she decided to try or with an “artifact” gathered by her children, Bostic said. “What happens is that you encounter reality,” she said. “She placed a bet on what she was going to buy … and was right about 50% of the things she bought.”
The big takeaway for Bostic in this study was how the combination of having the customer describe the process and observing the process revealed what the customer valued, what the customer believed about herself and how those values and beliefs played out in “real” life. “If we just had focus groups, we would have just heard her tell us she doesn’t make lists,” Bostic said. “And that would have been an incomplete picture of her life.”
For IT professionals who often find themselves frustrated by the standard requirements gathering process, job shadowing might be a useful tool. Rather than just rely on business users to tell you what they think they need, watch how they work and derive or at least modify requirements based on their actions. As the late great Yogi Berra said, “You can observe a lot by just watching.”
The uniqueness of fingerprints, retinas and the other biological features that biometric authentication relies on is the security tool’s greatest asset. But in light of the theft of 5.6 million fingerprints in the recent Office of Personnel Management breach, this immutability is also the technology’s greatest challenge. In Searchlight, assistant editor Brian Holak gets security experts’ take on the future of biometric authentication, and their thoughts on what CIOs can learn from the hack.
Implementing a hybrid cloud architecture is rife with challenges. Not only does it involve integrating disparate systems and keeping them secure, but also requires alignment among multiple departments and a thorough understanding of the technology — or risk suffering the legal consequences. From Hybrid Cloud Summit, features writer Jason Sparapani details advice from cloud experts and practitioners on hybrid cloud mistakes to watch out for.
IT outsourcing deals are like snowflakes: No two are alike. But when they fail, the reason they do so is the result of an error in one of three areas: outsourcing strategy, contracts and post-deal governance. In a three-part tip, Andy Sealock, managing director at outsourcing advisory firm Pace Harmon, guides CIOs through those three failure points.
Looking to go down the road to starting a big data analytics platform? There’s no easy prescription for CIOs, according to experts at a panel discussion at the recent Big Data Innovation Summit in Boston. Senior news writer Nicole Laskowski lays out practical advice from experts about how to adapt IT to digital business.
Moving to the cloud promises many benefits, including lower hardware costs, improved application scalability and performance, and more. But planning for and executing a cloud migration is complex. In our latest Essential Guide, we explore these challenges and offer best practices to help CIOs make the leap.
CIOs well know that in order for their organization to succeed in today’s competitive landscape, they need a well-defined strategic IT plan. Crafting one isn’t simple, however — which is why we’ve created a CIO checklist to help you make sure your plan has what it needs for your company to succeed. Find out more and download the checklist here.
Over on Compliance…
Digital evidence, such as the evidence from Google’s computer systems that was allowed in a recent U.S. criminal case, is being increasingly used in court cases. In this Q&A, information governance expert Jeffrey Ritter lays out details of the aforementioned case and discusses the impact this trend could have on the future of corporate data governance.
The number of financial regulations companies must adhere to, both domestically and worldwide, have reached peak numbers — and it will only continue to increase. As a result, financial services firms and their compliance teams report experiencing “regulatory fatigue,” particularly from tracking and managing these rapidly escalating regulatory requirements, according to a survey of these firms by Thomson Reuters. Dig deeper into the findings in this feature.
On the blogs…
The work that goes into hybrid cloud is complicated enough without taking vendor hype into account. On the CIO Symmetry blog, find out why cloud experts advise organizations to stop trying to control vendor hype — and instead to manage it. Then, pin down what the term hybrid cloud really means from the many definitions floating around. Elsewhere in the blog, find out why SMBs’ IT spending on software and services, particularly around cloud, are forecasted to increase through 2019.
On the Total CIO blog, Laskowski describes the concept of “choice architecture” and gets tips from an expert on how IT leaders can become choice architects. Plus, Laskowski details the steps UPS took to transform from an analog to a digital business. Elsewhere on the blog, executive editor Linda Tucci investigates the gulf Gartner says is widening between digital business “front-runners” and those only in the digital planning phase. Plus, security experts share how companies should include data protection into their innovation lifecycle.
And on IT Compliance Advisor, we summarize the latest GRC news, including Fitbit’s announcement that its wearables are now HIPAA-compliant, CFOs’ belief that earnings misrepresentation is rampant in their industry, and more.
Quick — define hybrid cloud. OK, I will: It’s a computing environment that relies on both a private cloud and public cloud services and can swap data between the two. Or is it? Maybe it’s a data center, private cloud and public cloud. Or data center, private cloud, public cloud and an assortment of managed services?
It turns out there a few definitions floating around, so the recent Hybrid Cloud Summit in Cambridge, Mass., set out to offer some perspective on it all. Judith Hurwitz, president of consulting company Hurwitz & Associates, co-wrote the book on the subject — or one of them, Hybrid Cloud for Dummies — so she kicked things off. Here’s her definition:
An environment that transforms traditional IT with a combination of on-premises, public and/or managed cloud services.
By “transforming IT,” Hurwitz meant injecting the old notion of providing applications and services and managing and securing them with a more flexible architecture that can grow and adapt as the business grows and adapts to the market.
“A hybrid transforms traditional IT with a combination of ‘I’m doing some stuff on premises, but I want it to be fluid and I want it to be self-service. And I need a public cloud because I need really cheap resources really fast,'” Hurwitz said. “‘And then I need a very specialized service. I might need security as a service because I don’t trust the security either on my public, private or even my own data center.'”
A composition of two or more distinct cloud infrastructures (private, community or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).
That’s a bit more detail, but Wise-Martinez is OK with it — and so are most cloud experts, for most part anyway.
Others might not be. According to a study by market research outfit IDC, 38% of IT professionals define hybrid cloud as a mix of public cloud services and dedicated IT assets — plus virtualization and private cloud; 23% say it’s a combination of two or more “distinct cloud infrastructures”; 11% a subscription to multiple cloud services for different needs; and another 11% say it’s a data center that supports hypervisors from multiple vendors.
NIST would mostly approve of hybrid as a combo of cloud infrastructures, but they’d certainly think the first 11% was too broad and the second maybe even a bit loopy.
“Depending on your perspective and what seat you’re sitting in, specifically in IT, you’re really going to be thinking about it differently,” Wise-Martinez said. So much for consensus.
Small and medium-sized businesses (SMBs) are spending more on software and IT services, and these investments will continue to rise through 2019, according to IDC’s Worldwide Small and Medium-Sized Business Forecast. One main reason for this projected increase, wrote report author Raymond Boggs, is that SMBs are looking to new business resources such as alternative technology to help gain competitive advantage.
“Increasing investment in technology is an appealing way for firms to expand their capabilities without necessarily increasing their head count,” Boggs wrote.
IDC forecasted that total SMB IT spending will increase 4.4% year over year, from $560.3 billion last year to $694.5 billion in 2019. Drilling down, software spending will see the greatest increase, growing 6.8% annually through 2019; IT services will grow 4.7% annually, and telecom equipment takes third place at 4.4%.
This increased spending on software and services is in keeping with SMBs placing greater emphasis on solutions, particularly related to cloud and mobility, according to Boggs.
Meanwhile, spending on PCs and peripherals, systems, and storage, will grow at a slower rate, less than 3.5% annually. However, Boggs noted that in both categories, “the transitions to mobility and new technology approaches will still provide attractive growth opportunities.”
Compass Intelligence analyst Stephanie Atkinson agreed that SMBs are looking to more sophisticated solutions, particularly in the cloud, as they struggle to maintain expertise in-house in the midst of rapid technology change.
“The SMB sector continues to look for simplification opportunities when buying technology and telecom services, and cloud-based services provide just that,” she wrote in a blog post. One driver is that many cloud-based services, such as backup, collaboration and storage solutions, offer flat-rate billing or a recurring monthly fee.
“SMBs are often faced with managing cash flow on a week-to-week basis, and having a planned and fixed budget for IT/telecom services is highly preferred,” Atkinson wrote.
According to Compass Intelligence research, the cloud computing and services market is currently experiencing a 40% compound annual growth rate, and will continue to do so through 2016, at which point the market will hit $50 billion (see chart).
Hybrid cloud, which blends public and private cloud platforms, involves lots of arduous integration work — so preparation and governance work need to be carefully and deliberately executed. That’s a tall order when you have vendors beating down your door.
So how do you control the vendor hype?
That was the question directed at a panel of experts at the recent Hybrid Cloud Summit in Cambridge, Mass.
“Unfortunately it’s very hard to control the hype,” said panelist Judith Hurwitz. “Because part of the hype is that the technology industry is very ADD. You’ve got to go on to the next exciting thing.”
Hurwitz isn’t a medical doctor, so her diagnosis of attention deficit hyperactivity disorder shouldn’t be taken literally. But the president of consulting company Hurwitz & Associates and author of many books on IT was making an important point: Vendors know IT people covet the latest gadget, and they exploit that. They’ve got products to sell, after all.
But therein lies the problem. Buying into that hype can cause organizations looking for a competitive edge to flub an installation — possibly go over budget or even scrap it.
Get rid of the vendors, then. The age-old, tongue-in-cheek suggestion was made by attendee David von Vistauxx, senior security analyst at cloud software company Virtustream. It was met with spirited laughter from the audience, which had taken in five hours of PowerPoint presentations and discussions on the finer points of hybrid cloud computing.
Alas, it’s no joke — you can’t remove vendors from the picture, said David Linthicum, a consultant at Cloud Technology Partners and another prominent IT author. For one thing, they have all the money, which helps drive innovation in the industry.
“You’ve just got to learn how to listen to vendors, how they spin things and what they say,” said Linthicum, who sat next to Hurwitz on the panel. “Judith and I have been in the business a long time, so we can get beyond the BS that they spin to us and get right down to the essence of what it is.”
Hurwitz’s advice for CIOs and IT is to educate people about the new technologies grabbing headlines and let them know what the limitations are today.
“You can look at almost anything that has emerged as hype over the last 10 years and see where its roots are,” she said. Help them tell the difference: “‘This is the piece that’s solid and old; this is the piece that is emerging. It would be good to experiment with this, get some experience, but we’re going to have to wait until it matures.'”
Pamela Wise-Martinez, chief cloud and enterprise data architect at Pension Benefit Guaranty Corp., the U.S. government agency that protects pensions, described the customer-vendor dynamic this way: a partnership. The question is, how well can it work? Sometimes, she said, it all depends on the contract and service-level agreements.
“You have to find ways to build a more collaborative approach and be partners, because we all have a stake,” she said. “I’m trying to win the people I’m servicing, and the vendors trying to win with more business — so if you partner you can all win.”
Are you practicing DataOps at your company? In this week’s Data Mill column, senior news writer Nicole Laskowski explores the emergence of DataOps and outlines three steps to building an Agile analytics program.
The Internet of Things (IoT) is changing the way companies do business, but it’s also sounding both new and familiar alarms over data privacy and security. In this new photo story, SearchCIO followers detail their top IoT privacy and security concerns and how to deal with them.
In this week’s Searchlight, features writer Jason Sparapani reports from the Hybrid Cloud Summit on the significance of hybrid cloud environments to IT and business.
Speaking of data security, our most recent handbook attempts to answer the following question: In a breach-a-minute era, how can we achieve data security? SearchCIO expert Harvey Koeppel chimes in by outlining a cybersecurity checklist for IT leaders to follow, and CTO Niel Nickolaisen offers three security processes that can help mitigate human error.
Over on the Total CIO blog, Laskowski discusses startups that are building products and services for aging adults, and site editor Fran Sales explores what HP must do to stay relevant post-layoffs. On the CIO Symmetry blog, Sparapani discusses modern practices for measuring ROI for cloud investments.
Cloud services are growing in popularity, but businesses must be careful to protect against constantly evolving data risk. In this tip, SearchCompliance expert David Loshin gives advice on mitigating cloud computing risk.
Finally, what are your 2016 IT budget expectations? Join SearchCIO’s #CIOChat Wednesday, Sept. 30, at 3 p.m. EST, to discuss 2016 IT budgeting and the rise of business technology spending. See you there!
Measuring ROI for cloud investments isn’t what it used to be.
As more companies consider moving their IT operations to the cloud, they’ve stopped thinking solely about saving on capital expenses and more about making the business more nimble, and ultimately, competitive, said Brett Gillett of Softchoice, a software reseller based in Toronto.
“Customers even over the last couple of years have become more cloud savvy and realized that there are opportunities for cost savings,” said Gillett, who consults with companies that want to move to the cloud and builds and manages deployments. “But it really comes down to really speeding up your business, your time to market and your being able to deploy infrastructure for your clients.”
In the past, businesses were more interested in one-to-one price comparisons: examining what it costs to run an application on premises versus running it in the cloud. If the analysis showed the cloud would return cost savings, that’s where they’d head.
“That’s the way the conversations used to be,” he said. “What the conversations are like now is, ‘Well, here’s our budget, this is what we’re spending and we think we can do it for that or less, but if it’s a little more than what we’re currently spending and it allows us to get to market a lot faster, we’re still OK with that.’ ”
Human costs hard to quantify
Businesses still want to know what storage and compute hours will cost in the cloud, of course. But pricing models today make that relatively easy to do, Gillett said. What isn’t easy is comparing those costs to what they’re spending on premises. For example, it’s hard to estimate what Gillett calls the human costs — the people businesses rely on to manage and maintain their physical infrastructure.
“Do they really, really know how much time their technical folks are spending managing that database environment?” he asked. “Do they know how much time in their on-premises database their administrators are spending to maintain that? In most cases they probably don’t, so it’s very hard for them to understand what it’s actually costing them to maintain that.”
Another question: What happens to those employees once the move to the cloud is made?
“Those bodies may not need to exist in a public cloud environment because you’re offloading that to the provider; they’re going to manage the facility, they’re going to manage the physical network,” Gillett said.
Giving those admins higher-value tasks like data analysis is a classic benefit of cloud computing — making better use of expensive resources. But it’s harder for businesses to articulate what the savings would be.
See into internal services, see ROI
Businesses today are also interested in moving up the “value chain of cloud,” Gillett said. He meant going from straight infrastructure in the cloud to platform services like managed databases. They cost more, but the advantage is businesses can offload tasks that don’t differentiate them from their competitors.
“Everybody patches software,” he said, to cite an example. “Everybody installs software, so why not offload that to a cloud provider so you focus on the data that’s in that database, managing that data rather than managing the infrastructure that it sits on.”
But factoring in such moves muddies the cloud calculations even more.
“As soon as you try to calculate the value or how much you’re spending to patch or update your databases, that’s a much harder thing,” he said.
Businesses that are solidly grounded in ITIL, the protocol for delivering and supporting IT services, will have an easier time proving ROI for cloud investments, Gillett said. If businesses have visibility into say, how many help desk incidents they’re managing and how much that’s costing them, they can more easily make on-premises-to-cloud cost analyses.
“They really need to have a very structured system where they’re recording all of the work they’re actually doing, whether it’s change records, incidents or problems,” he said. “Without that it would be very hard to know how much time you’re actually spending maintaining those environments.”
Thinking about starting an IoT initiative at your organization? Before you do, there are some things you should know. In this feature by senior news writer Nicole Laskowski, read up on IoT basics and get expert advice from CIOs on how to proceed with your IoT strategy.
HP just cut 30,000 jobs in preparation for the upcoming launch of its newly separate enterprise services business. What do the cuts mean for the tech giant and can HP Enterprise meet the needs of CIOs? In this week’s Searchlight, site editor Fran Sales explores these questions and talks to expert CIOs to get their take. Also in Searchlight: Salesforce’s “Internet of Things Cloud” service and GE’s plan to aggregate its software, IT and industrial security capabilities into one digital unit.
Don’t fear cloud services management. In this two-part story, Gartner analyst Mindy Cancila breaks down do’s and don’ts when managing the cloud. In part one, she details the importance of monitoring the cost of cloud-based services in avoiding unnecessary surprises. In part two, she explores ways CIOs can evolve traditional management procedures to fit their cloud needs.
Business differentiation is more important to big data frameworks than you think. Laskowski explains why you should be focusing departmental efforts on what differentiates the business and rely on vendor partners to do the rest.
The age of traditional, all-knowing management approaches is coming to an end, according to SearchCIO expert Joseph Flahiff. Instead, managers’ new role involves “supportive leadership” to allow the whole team to flourish in today’s work environment.
Computers and devices are increasingly becoming key witnesses in court cases, which means information governance processes need to be kept in check to produce reliable digital evidence. SearchCompliance expert Jeffrey Ritter shares advice on how to ensure the computer is a dependable witness by developing a solid governance strategy.
On the TotalCIO blog, Laskowski runs through five steps to get your enterprise IoT initiative started. Plus, over on the IT Compliance Advisor blog, site editor Fran Sales runs down the latest GRC news, including the court ruling that Dodd-Frank protects internal whistleblowers and the Commodity Futures Trading Commission’s plan to control high-frequency trading risks.
As if you needed even more convincing that Apple was serious about breaking into the enterprise, here’s further proof: Its business-centric iPad Pro is bigger, lasts longer and performs faster than its predecessor (and comes with a stylus, to boot). Could this be the device that gives Apple the edge over its competitors in the enterprise? On Searchlight, assistant site editor Brian Holak turned to industry experts and CIOs to get their answer – which was both yes and no.
No matter how fortified you think your organization is to cyberthreats, it’s probably still extremely vulnerable. One reason for this, according to analyst Steve Wilson and IT security leaders, is that we’ve become reliant on process and audits instead of directly addressing the underlying problem: “brittle” IT systems. Writer Mary K. Pratt consulted cybersecurity experts to get their advice on how to re-engineer these inadequately protected IT systems and take advantage of next-generation security tools.
In the age of the customer, companies large and small are turning to business process management (BPM) principles, or value disciplines, to improve their customer-facing processes. In this video, BPM expert Ken Lewis lays out how a company’s choice of value discipline affects its IT systems and points toward a future that integrates systems of record with systems of engagement.
Speaking of today’s customer-centric business environment, many CIOs are stuck in the past, when internal operations reigned supreme. This attitude could be career-ending, as Forrester analyst Bobby Cameron put it. Now, the buyer holds the power, and CIOs must focus on technology that serves them. Cameron shared with features writer Jason Sparapani his list of five predicaments that CIOs should steer clear of – lest they put their careers at risk.
When Apple and Cisco announced last week that they were teaming up to “optimize” enterprise networks for iOS devices, industry experts were lukewarm on the deal, mainly because of the lack of details. However, CIOs on Twitter were more enthused about its possibilities for enterprise. On the Total CIO blog, see why some CIOs see the alliance as a big step forward.
“Geobytes” and “brontobytes” have now replaced terabytes as commonly used measurements for the amount of data produced each year, making big data governance an increasingly tall order for the modern companies that generate and store them. In this SearchCompliance tip, expert Jeffrey Ritter offers five strategies for how to make governance an easier process.