The number of niche data security software solutions providers is getting smaller, and so are the choices for IT managers.
HP’s announcement this week to acquire ArcSight is its second security acquisition in the last month and the latest in a wave of bigger technology and computer companies gobbling up smaller players in the data security software and services market. HP followed buying Fortify, which specializes in secure development and security testing, with ArcSight, which focuses on compliance and risk management.
Last month, Intel agreed to acquire McAfee while Symantec — already the leader in data security software and services — has bought up PGP, GuardianEdge and VeriSign’s authentication services business in the past month. IBM just came out with new software from its acquisition of Guardium last year.
On the one hand, this market consolidation by these IT leaders will enable more of a one-stop shop for security products, and likely better integration that will enable a holistic solution.
However, many midmarket firms and small businesses that use Fortify, ArcSight or Guardium products may not already be current HP or IBM customers, certainly not for security products, and will miss the ability to build the niche security solution that fits into their environments.
It’s surprising that it has taken so many years for large IT and computer vendors to see the value of security. But now that it has, it could mean more challenges and less opportunity for midmarket security buyers.
Social media, it seems, is on everyone’s mind these days. How do I use it as a business tool? Should I allow employees to use social media tools for business purposes?
Its uses are varied, but it is clear, as far as emerging technology is concerned, that social media has entered the mainstream of corporate adoption. This comes from a survey of 100 companies that were asked where 58 emerging technologies stood on their adoption agenda. The survey was conducted by the Corporate Executive Board (CEB), a consulting firm whose members include some 200,000 business leaders (its IT practice caters to about 2,500 CIOs).
In fact, the mainstream adoption curve for social media started in 2009, as it did for data deduplication, Software as a Service, tablet PCs, 64-bit computing and RSS.
What’s interesting is that these technologies are being adopted because the perception is that they pose minimal risk to an organization. Low risk is determined by the following factors: marketplace maturity, available management tools, scalability, architecture integration, support skills and security, according to CEB’s Information Technology Practice.
Because of the same factors, emerging technologies — such s Cloud Infrastructure as a Service (with mainstream adoption slated for 2012), WiMax, virtual worlds and Linux on the desktop (the latter three not on the adoption agenda of these companies yet) — are considered high risk.
It’s interesting that social media is considered such a low-risk technology, given that many CIOs say their business is still trying to figure out what to do with it and what effect it would have on their security and compliance practices.
The risks are legion, depending on whom you talk to, ranging from malware, phishing and spoofing, to impersonation and blackmail from malicious outsiders.
On the flip side, conservative companies like mutual fund provider Vanguard are taking the social media leap of faith. According to SearchCIO Senior Writer Linda Tucci, Vanguard has staked a claim with a Facebook page, LinkedIn presence, a Twitter account and its own channel on YouTube.
Still, it may be some time before social media truly reaches mainstream adoption status as a business tool, at least beyond its prevalent use for marketing and brand awareness.
Let us know what you think about this blog post; email Christina Torode, News Director.
It’s funny the places where you can gain some insight about business services management.
Last week, I spent two hours waiting at my local Massachusetts Registry of Motor Vehicles to exchange a green-lettered license plate for a red one (I couldn’t pass inspection without it).
This particular RMV is located in a big mall north of Boston. The place was packed on that afternoon and spilling out into the mall corridor, with people just milling around, waiting their turn. When you come in you get a ticket with a number that includes your approximate wait time. But me, and many other paranoids there, didn’t want to risk walking over to the Best Buy or the food court for fear of some freak occurrence that would skip a bunch of numbers and pass me by.
The waiting throng discussed some better options. “Why can’t we do this online?” someone asked, stating the most obvious solution. But another said, “They should have those beepers like they do at Panera [right around the corner in the mall], and buzz you when your number is close.”
A simple but brilliant solution. But she didn’t even see all the benefits of a service that could not only improve customer relations, but also drive commerce in the mall. A closer partnership with the mall could even enable the project to be subsidized, so as not to spend any more taxpayer dollars, a shortage of which has exacerbated the very situation we were in.
Once my number came up and I got to the service agent, it took her no more than two minutes to fetch me a new plate and print out a new registration. The situation recalled a story we did with another commonwealth of Massachusetts tie, “How CIOs are tackling IT business services creation,” in which Ed Bell, a former interim CIO for the state House and Senate, discussed how he sought to help his customers, the legislators and their staffs.
“I sat in the clerks’ offices, sat on the House and Senate session floors and watched what they did and how they did it,” he said. “From that vantage point you can take that information and do a better job communicating with constituents as well, who really are the ones we serve. It was a good education for them, and for me. From a business product standpoint and a customer standpoint, we need to engage with customers to see how we can improve their environments.”
This enlightened approach has not filtered through all of the corridors of the State House. But it’s a lesson for all managers, technology or otherwise: Get out from behind your desk to understand how your business really runs.
A while back, I checked in with a few IT managers about their mobile application development plans. I was wondering if business intelligence applications were making their way on to their users’ iPhones.
The answer was, sort of. Basic reports were available, but it was proving too hard to make the information their users really wanted from their business intelligence systems work on mobile devices.
What they wanted was the ability to develop custom reports for users, but the design of iPhones doesn’t allow for local agents — it’s totally proprietary. Still, one IT shop is making a go of it anyway, with plans to take data from its SQL Servers, proprietary applications and a variety of other sources across the organization, and deliver the information on the iPhone.
This project was considered a “major” undertaking, but mobile application development for the iPhone and other smartphones could get a lot easier … in about five years.
That’s when Gartner analyst David Mitchell Smith believes the “mobile Web” will take off. HTML5 already makes it possible to bring desktop application capabilities to the browser. (Most popular mobile browsers have already adopted parts of the HTML5 specification). And, he said, you can’t discount other developments like:
- An emergence of stable Web app stores (this is further out).
- The rollout of 4G connectivity.
HTML5, the next-generation HTML standard, will allow for offline capabilities and video, and offer drag-and-drop options. Here’s a tutorial on how to make an HTML5 IPhone app by blogger and Yahoo front-end engineer Alex Kessinger.
“[These advances] will start to bring more and more of the richness of native environments to the browser environment, similar to what Ajax did on the desktop,” Mitchell Smith said during a webinar this week on how the Web and cloud computing will drive IT strategies.
With smartphones becoming the primary communication and computing device for many, it is safe to say that mobile application development will become a priority for IT. At Ridley Inc., a holding company for animal feed and nutrition companies, salespeople are getting mobile access to the company’s ERP system. Access is gained over a virtual private network to a Citrix server farm, which in turn connects to an ERP application that’s viewed on a Web portal that the company’s development team built. It’s not a rich client experience, but it gets the job done.
The mobile workforce has become accustomed to the limitations of the mobile app experience, but that acceptance may not remain, and businesses may not be able to just get by, as more business apps must make their way into the mobile world.
What’s the goal of data retention? Depends on the data. Sometimes it’s a second or two, so saving it is irrelevant. Other times, as with electronic health records, birth certificate data needs to be kept on file for 20 years or more in most states.
But how about 1,000 years? That’s the goal of Chris Puttick, CIO of Oxford Archaeology Ltd., which provides archaeology services for construction firms in Europe that need to comply with planning regulations. His job depends on strategic planning around data management.
“Archaeological data is extracted in a one-off ’experiment‘ with our teams on-site, excavating before the new road/airport/tunnel is built over or through it,” he told SearchCIO-Midmarket.com Features Writer Laura Smith. “What is observed, measured and photographed can never be repeated, leaving the resulting data the only surviving record of an archaeological site that had survived thousands of years before the excavation, or like this site, a mere 1,000 years, so our records should aim to be retained for at least as long, or the money and effort spent on the excavation was wasted.”
The corollary here is that what is stored must be found, so data retention strategies and technologies are equally important. And as data — and the corresponding information — consume more and more of our resources, it’s important to make management part of corporate governance.
One solution might be Generally Accepted Recordkeeping Principles, or GARP (save “the world according to” jokes), developed by ARMA International, which include accountability, transparency, integrity, protection, compliance, availability, retention and disposition.
If you want to learn more, log on to our virtual seminar on information governance on Sept. 16.
We are smack dab in the middle of hurricane season, but SMBs should be keeping an eye on well-intentioned employees in addition to the local forecast.
Like the intern who was hired to perform daily data backups to tape drives and mail them to the SMB’s disaster recovery location — an off-site vault. An IT manager decided to check up on the intern’s work after the intern left — and found that the tape drives had no data on them … zilch.
The architect who told me about this chuckled, partly because an intern was used to perform such an important part of his company’s disaster recovery plan, but also because, well, it was just bad quality control on the part of IT.
I look back on the summer jobs I had while in college and remember an example of bad quality control. I worked for an advertising agency that had me (an English major) making copies of floppy disks — its strategy for daily data backups. Did I know the importance of these mysterious black squares? No. Did I do a few things wrong? Oh yeah.
For example, a guide on how to make duplicate copies of your floppy disks says:
- Don’t allow them to come into contact with heat, dust, magnetic fields or electrical appliances.
- Do not keep all of your backup disks together in one place.
- Do not continually use one disk, as disks do wear out! One high-density disk can store a lot of text-related documents, but it is best to make several copies of your work on separate disks.
- It is best to use Windows Explorer or My Computer in Windows to copy files to floppy disks rather than application software such as your word processing or spreadsheet programs.
I didn’t know any of this, and neither did the person in charge of me — we used the same disk over and over.
I know that most SMBs have better quality control for data backups in place than these scenarios, and the technology has come a long way: disk-based backup options are dizzying, and there’s new cloud-based backups popping up all the time. Then again, a recent study by Enterprise Strategy Group found that on-site disk and tape are still the backup approaches of choice at most businesses.
Moving into September, SMB backup options is a topic that several experts will tackle on SearchCIOMidmarket.com, including how one CIO is sticking with tape drives as his primary backup plan, and why he’s not keen on cloud-based backup options.
If you read Linda Tucci’s recent story on the efforts of Tasty Baking Co. to find a workable solution for trade promotion management, you may have been struck, as I was, about why TPM can be such a challenge.
After all, most of the biggest retailers in the world practice some sort of trade promotion management, either via vendor or home-grown solutions. Yet there seems to be a lack of effective software tools for optimizing retail partner relationships, as well as few standards to rally around.
TPM is not a new concept either, but even a top analyst covering the field, Gartner’s Dale Hagemeyer, has not found significant movement in the field since his most recent report, “Seven Key Considerations When Choosing a TPM Solution.”
Yet Tasty’s CIO, Chan Kang, is faced with real issues as he seeks to work TPM into his tightening budget. Though the company’s direct store delivery model produces quality data, “What we don’t do enough is measure the effectiveness of those promotions: how much lift, what is the baseline, the incremental profit — in other words, whether it was a good idea,” Kang said.
Kang is evaluating vendors, but even though industry groups like Trade Promotion Management Associates and the Vendor Compliance Federation are working to promote solutions for TPM, Tasty could be still confronted by vendor lock-in and integration issues with whatever solution it integrates.
Some observers are skeptical that TPM standards can be achieved, but this is one area that seems like a no-brainer for the Oracles and SAPs of the world to come together for the common good. Such cooperation could only help to increase the bottom line — for everybody.
I don’t know about you, but to me, ITIL (or IT Infrastructure Library) is a little overwhelming. I’m only looking at using the ITIL framework as an IT service catalog tool, and I get a little lost.
Under ITIL guidelines, an IT service catalog is a subset of service-level management, which is a subset of service delivery. Service delivery is the topic of only one of eight ITIL books on IT Service Management (ITSM) guidelines, and that’s just in ITIL v2. ITIL v3 has five other books that update some of v2, but also introduce new ITSM strategies.
SearchCIO-Midmarket.com and SearchCIO.com recently ran a survey asking our readers about their ITIL use. We haven’t pulled together all of the results yet, but here’s a preview: When we asked readers to choose up to three areas in which they would like to see improvements to ITIL, they said:
- 35.4% — ITIL should provide more information on how ITIL works with other
process-improvement methodologies, like Six Sigma and Lean.
- 31.1% — ITIL should offer more prescriptive advice vs. just guidance.
- 12.9% — ITIL should include more specific advice on transition from v2 to v3.
- 12.5% — ITIL needs to be clearer on the differences between v2 and v3.
- 8.1% — ITIL v3 is too complex.
So, it’s clear that people would like more guidance and less complexity, but anecdotally, a few IT shops and service providers I’ve talked to recently said that ITIL does just the opposite: It clears up some complexity.
When an IT service catalog is being put together, ITIL tells the business and IT what terminology to use, they say.
“ITIL gets people speaking the same language,” said Matt French, marketing director with Service-now, an ITSM Software as a Service provider. “It makes it clear what an incident or a request is, and helps an organization with [corporate] terminology [that is different across the company] use the same terminology.”
ITIL also helps IT set the right expectations for service delivery in terms of service levels and what is possible — and not possible — as far as services the business wants to see and what IT can realistically deliver. It does this by setting the scope of an IT service catalog project, including taking inventory of the skill sets IT has on hand (or not) to deliver a service, and helps organizations choose a set of standard services.
Any advice on how to use ITIL to reduce complexity, or how you have been able to simplify ITIL at your shop? I’d like to hear from you. Email me at firstname.lastname@example.org.
If the sagging economy has forced midsized companies to delay hiring more IT staff, maybe migrating to Windows 7 can move them off that dime.
In a recent report by IDC, an impressive number of midsized companies migrating to Windows 7 say they realized a full return on their investment in just seven months. The migration also helped significantly reduce the time help desks spend dealing with malware downtime and reboots by replacing Windows XP and Windows Vista.
One midsized company says the money saved in migrating to Windows 7 has allowed it to hire some much-needed developers.
“Windows 7 gave us more cash to work with because we could throw it on a couple of hundred older PCs, so we didn’t have to buy new ones. Those savings will let us hire a couple of young developers to work on some internal applications we need pushed out,” said Joe Harmon, an IT purchasing agent with a midsized regional health care provider in western New York state. “I was surprised. Microsoft usually costs me money with some of their licensing plans.”
Costs were down in three important labor categories analyzed in the report: IT labor hours per PC, per year for deployment (down 45%); IT labor hours per PC, per year for service desk support (down 65; and IT labor hours per PC, per year for PC and operating system support (down 55%). In the 14 categories where a set of common end-user activities relating to the operation of Windows 7 was measured, savings resulted in 43 hours of productivity per year, per user.
Like IT professionals at other midmarket companies, Harmon also migrated to Windows 7 because Microsoft’s technical support for Windows XP, which includes regular delivery of security patches, is ending. Harmon said the built-in security in Windows 7 is superior to that of Windows XP, so he won’t be as reliant on security patches.
It’s nice to hear that some financial relief has finally arrived for SMBs, given how the Great Recession has ravaged them.
Every once in a while I like to check out what Microsoft admins are downloading these days. I sometimes do a search on Google, but to get a feel for the work being done in Microsoft shops, I always return to the Microsoft Download Center.
It lists the top five free Microsoft downloads in general, with some of the usual suspects, XP and Office compatibility. This goes to show that shops are still holding onto the older Windows OS — and moving some people to newer versions of Office.
Here are the top five free Microsoft downloads and the company’s descriptions for them:
Microsoft Office Compatibility Pack for Word, Excel and PowerPoint File Formats. Open, edit and save documents, workbooks and presentations in the Open XML file formats, which were introduced to Microsoft Office Word, Excel and PowerPoint beginning with Office 2007 and continuing with Office 2010.
DirectX End-User Runtime. Provides updates to 9.0c and previous versions of DirectX — the core Windows technology that drives high-speed multimedia and games on the PC.
Update for Windows XP (KB932823). Resolves an issue in which a user is unable to use Windows Internet Explorer 7 to download files on a computer that is running Windows XP with IME enabled.
.NET Framework Version 2.0 Redistributable Package (x86). Installs the .NET Framework runtime and associated files required to run applications developed to target the .NET Framework v2.0.
Microsoft .NET Framework 4 (Web Installer). Downloads and installs the .NET Framework components required to run on the target machine architecture and OS. An Internet connection is required during the installation. .NET Framework 4 is required to run and develop applications to target the .NET Framework 4.
Digging further, specifically looking at server management tools, what surprised me was that four of the top five weren’t tools in the sense that they fixed system problems. One is a case study on how a business benchmarked its PHP applications on Windows Server 2008, and there are a couple of how-tos, one on an Office Communication Server deployment, another on European data compliance.
Here are the free server management tools that have been downloaded the most out of 4, 821 choices, and Microsoft’s descriptions:
Security Update for Windows Server 2008 RC0 for Itanium-based Systems (KB941644). A security issue has been identified in TCP/IP that could allow an attacker to compromise your Windows-based system and gain control over it.
Microsoft Windows Server 2000 Assessment Configuration Pack for European Union Data Protection Directive (EUDPD).
This configuration pack contains configuration items intended to help you establish and validate a desired configuration for your Windows 2000 servers in order to support your European Union Data Protection Directive compliance efforts.
Customer Solution Case Study: Windows Server 2008 Charts a Secure and Flexible Roadmap for Virtual Map.
Optimization at work in Microsoft. A presentation at an executive breakfast seminar, The Business Impact of Infrastructure Optimization, held Feb. 6, 2007.
So do these downloads sync up with what’s going on in your shop, or do you have a set of your own free tools that you can’t live without? I’d like to hear about it. Email me at email@example.com.