It was a virtualization-heavy week for SearchCIO.com, as we covered VMware’s new cloud operating system, virtualization management tools and SOA governance, and tested our readers’ knowledge of virtualization and the private cloud. Check it all out below
Cloud computing initiatives show wide range as VMware touts cloud OS – VMware’s new cloud operating system, vSphere, brings new capabilities, though some big cloud projects will use Microsoft’s virtualization technology.
Virtualization management tools: Ready for prime time? – Virtualization management tools help enterprise CIOs address virtual server sprawl, workload balancing and other issues. Learn about costs and options in this podcast.
SOA governance: How and why to build it into your SOA initiative – Service-oriented architecture governance prevents duplication of services and wins business buy-in. Here’s how to start or improve your governance effort.
Virtualization and the private cloud: A quiz for enterprise CIOs – What do you know about virtualization and the private cloud? Take this quiz to find out.
It seems this Great Recession is pressuring some industry sectors more than others to turn to outsourcing.
While total value of large outsourcing contracts is down dramatically in the first quarter of the year, according to industry watchers, the number of contracts awarded by telecom, media, retail and the utilities, traditionally cool to outside help, is up at least 20% year over year.
Except for utilities, the sectors showing a 20% jump share another trait: All of them underperformed the Forbes Global 2,000 in growth of revenue and earnings and in market capitalization.
The data comes from TPI, a large global outsourcing advisory firm that tracks IT and business process outsourcing deals of $25 million or greater. Results from the first three months of the year show the total value of outsourcing contracts signed declined 22% from the same period a year ago to $19 billion, the lowest since the first quarter of 2001, when the air went out of the dot-com bubble. The number of contracts slipped to 141, 1.3% down from the same time a year ago. And the bulk of the contracts — 101 — were for IT work.
The utilities industry accounted for 30 of the 141 big deals signed over the past 12 months, compared with 23 contracts between 2007 and 2008. Highly regulated and influenced by unions, this is a sector that has traditionally avoided offshoring, according to TPI. But an aging workforce disproportionately hit by layoffs during the recession has depleted expertise, causing companies to look outside their four walls. The expense of compliance is also driving companies to cut costs on labor, even in the face of high demand for their products. “The industry has got to deal with the harsh reality of continued growth and demand for electricity, while the construction of the power plants to meet these new demands face increasing regulatory hurdles,” said TPI industry sector specialist Tom Lang.
The volume in retail, which also accounted for 30 contracts in first quarter, was up 40% from a year ago, although the total value of the awards dropped to its lowest level in five years, more evidence that the trend is to enact shorter contracts focused on fixing the problem at hand.
Telecom’s 99 contracts marked an all time high for that industry.
The underperforming media industry showed an uptick in both the number and value of contracts, consistent with the trend in that sector for the past five years. Most media outsourcing activity stems from the U.S., with about 60% of the transactions signed in the Americas. These are now increasingly coming not just from the top 25 global Forbes media companies, but also from smaller players.
“Companies of all sizes are aggressively seeking new ways to reduce costs and develop new revenue streams,” Lang said. “To make the most of their assets, they are also looking to leverage content across multiple platforms, which often requires the development of new software applications and other IT-driven innovations. But there is also a fair amount of BPO, largely focused on the financial processes.”
The media market is an exception on business process outsourcing (BPO). The market for big, transformational BPO work, hot during the boom-boom years, has shriveled, especially in the Americas, and it is unlikely to come close to any of the metrics of the past five years, TPI’s Peter Allen said. “The cost savings are generally longer in coming in BPO and require broader organizational change than we see in IT outsourcing, giving ITO the priority.”
This decade has seen a lot of consolidation among both software and hardware vendors. Sun bought StorageTek, Sun bought MySQL. Oracle bought Sun, Oracle bought BEA (one of many midsized middleware companies to be acquired). EMC bought VMware and about 40 other software companies. Symantec bought Veritas. Microsoft bought Great Plains. The list goes on, and that poses some challenges for CIOs looking to ensure continuity and keep your architectures fed in this environment.
Consolidation is, of course, nothing new. Fifteen years ago, you might have been a DEC VAX/Alpha shop running RDBMS and Informix, with all sorts of now extinct middleware.
But today’s context is different. We’ve long left behind “Nobody ever got fired for buying from IBM” for a much more uncertain and free-wheeling sourcing scene. CIOs have gradually imposed order on the situation through standards committees. At some companies, standard means things like Java, XML and 10 Gb Ethernet. At other companies, it means Dell, Microsoft and Cisco. At most, I suspect, software and architecture standards are a mix of protocols, open standards and vendors.
During this period of the rise of standards committees, CIOs have also had to confront a different problem: the dreaded “too many vendors” dilemma. “One is too few, three are too many” is conventional wisdom these days. Nice for hardware, not always possible for software.
The Sun acquisition could bring hope or despair into many CIOs’ lives, depending on how it plays out. Java, Solaris, SPARC boxes — these are significant building blocks for many shops. Some CIOs may cheer the continuing expansion of Oracle into some more niches in the upper end of computing; others may cringe at the thought.
But how many CIOs, I wonder, are rethinking the whole concept of “strategic vendor” in light of this deal and the sense that more are to come as the tech industry deals with the down economy? How are you seeing this? Are you looking for comprehensive vendors that can supply it all because they’re safe or for specialized vendors that each dominate a category (think EMC)? Or are you looking to commit to standards that are widely implemented by many vendors and to buy implementations that offer a good tradeoff between standard and “enhanced” features?
Another legitimate question posed by the dissolution of such a rock of many IT architectures as Sun is whether it’s time to apply new thinking to choosing strategic vendors — techniques like risk analysis or perhaps an even newer paradigm.
Legend has it that Wild Bill Hickok always sat in the back corner of the saloon so he could observe everyone who came and went. Good advice these days, although it didn’t quite work out for Wild Bill.
It’s Boston Marathon day here in my fair city, so I hope some of you will be watching! If you need to take a break, read up on our latest content from SearchCIO.com on revised portfolio and project management standards, SOA success stories and business process management, and IT and business alignment:
Revised project and portfolio management standards get critical review – The Project Management Institute’s revised standards for project and portfolio management aren’t complete, Gartner says. Find out why PMI disagrees.
SOA success stories involve business process management – SOA and Web services work great for application integration, but the real payoff comes when you rework business processes. Still, there are challenges.
The department previously known as IT – In Business/IT Fusion: How to move beyond alignment and transform IT in your organization, author Peter Hinssen suggests it’s time for change to the way we approach IT and business alignment: It’s time for fusion. Learn more in this chapter download.
MIT’s Kirsch Auditorium was standing room only last night for a forum on cloud computing, part of the university’s Innovation Series for entrepreneurs, investors and patent attorneys. But there was a liberal sprinkling of technology types as well in the audience, including some upper-level IT folks trying to get an early read on what cloud might offer them.
The forum’s avowed purpose was to give a sense of what’s real now in the cloud and so it focused on the Amazon Web Services ecosystem. Several speakers spoke of “hundreds” of providers of value-added layers to the basic Amazon services, much in the form of middleware. When you peel back the layers of the onion, in many cases what you are renting has a high open source content. If enterprises have been slow to widely deploy free or freeish open source software internally, will they be quick to pay for it in the cloud just because someone has done the initial heavy lifting of configuration?
Other vendors have more novel models. Take Allurent, for example. They’ve distilled down many of the more desired features of e-commerce websites into a set of modules that run in the Amazon cloud. They do some design customization, but seemingly a lot of the time-and-money uncertainty inherent in the handoff from graphic design to software design that plagues so many Web projects has already been boiled out of the designs.
There’s also an accompanying content management system that your marketing department can use to manage sales, promotions, etc. The pages are hosted on Amazon but appear as part of your site and integrate with your e-commerce back end. My point isn’t to do a commercial for Allurent, but to point out that the cloud model creates some new ways of doing things that may well be an improvement over current ways.
Next week, VMware will shine a spotlight on the private and private/public hybrid cloud notions. This conference was more about the platform and application services that you will likely find coalescing in the cloud in the near future. If cloud flops, it won’t be for a lack of choices.
Welcome back from the weekend! Start your week off right by reading the latest SearchCIO.com stories on the private cloud at Marian College, how to integrate server virtualization into the private cloud, disaster recovery strategy at MetLife and best practices for managing IT and the recession.
Private cloud replaces antiquated IT infrastructure for $300K per year — For the price of a SAN, Marian College is building a private cloud to create a flexible IT architecture and help transform the liberal arts school into a university.
Disaster recovery strategy shift reduces data loss, recovery time – Under pressure to improve RTO and minimize mainframe data loss, IT veterans at MetLife devised a strategy that put tape out to pasture.
Tips for integrating server virtualization in a private cloud – Integrating server virtualization technology in a private cloud can offer benefits including flexibility, cost savings and consolidation — if implemented and managed correctly.
Best practices for managing IT and the recession – IT and the recession will be inextricably linked for the months ahead. Here’s how to adjust your IT strategy and lead your IT organization while managing budgets, risk and more.
Bonk CISO Larry Whiteside on the head, and like Jason Bourne he will wake up thinking about security in 12 different languages.
“For me, security and risk management is a mind-set. When I go into a restaurant with my wife and kids, I automatically see where the exits are,” says Whiteside. And how the waitress handles the credit card. How far the credit card machine is to another table. The location of the security cameras, the station of the guard.
“I am always thinking about the security scenario, not to take advantage of it, but to be aware,” Whiteside says.
Whiteside is chief information security officer for Visiting Nurse Service of New York (VNSNY), the country’s largest not-for-profit home health care provider. Some 130,000 patient medical records and pieces of credit card data fall under VNSNY’s watch. The organization must comply with the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard and the Sarbanes-Oxley Act (SOX).
Whiteside practices what is called a risk management approach to security compliance. I interviewed him this week for a story I’m doing on the topic. While his organization has many regulatory obligations, “the way I approach compliance is through risk. We do not focus on just ensuring we are compliant,” Whiteside says, stating the first principle of risk-based management to information security.
“When I look at new applications or systems or architectures, I am looking at the risks to our business and the risk to our information. Those are the things that are important, not does it meet a line item associated with HIPAA and SOX,” Whiteside says.
A risk management mind-set is always looking for patterns — not items on a regulatory checklist — that pose a threat to the asset one is responsible for protecting. So when somebody comes to him with a security problem, even if he knows nothing about the particular system or application, he can formulate a set of questions.
Incidentally, most CISOs live in a security mind-set, he says, whether they’re hard-core techies or recruits from the business side. “The methodology they follow by day at work is the methodology they live outside of work,” he says. At conferences, when CISOs unwind afterward with a drink, they invariably play a Where’s Waldo? version of security gaffes, competing to see who can spot the most security lapses. “It’s kind of weird if you are outside the circle.”
The mind-set can have its limitations, as in “If you are a hammer, the whole world looks like a nail,” adage.
Indeed, when he is taken by surprise, it is typically by something that happens on the business side.
“You can’t believe that business would make that decision. You have that mind-set and forget people don’t think that way,” says Whiteside, who nonetheless never forgets what needs to happen next.
“But the fact is they went down that path, and you have to make it right. CISOs are support personnel. That is the reality. We are on the same side of the business as the help desk, and that is all we are. Until it can be determined how a CISO can make the company money, we will always be there to support.”
Happy Monday! Well, not so happy in Boston – we just learned that the Red Sox season opener has been postponed due to rain! At least there’s a little NCAA men’s basketball game to watch tonight.
Until then, find some time to take a peek at the latest content from SearchCIO.com on IT outsourcing contracts, a forecasted IT spending decline, architecture mistakes in disaster recovery planning and virtualization and the private cloud:
CIOs adjust terms of IT outsourcing contracts to get lower prices – Competition is getting fiercer for your outsourcing buck. As companies with IT outsourcing contracts look to take advantage of price drops, they’re finding renegotiations may include reduced service levels. In this story, Gartner and others weigh in.
Gartner’s revised IT spending forecast: Decline exceeds that of 2001 – (This story came out last Wednesday, and if only it could have been an April Fool’s joke.) Gartner has revised its 2009 IT spending forecast downward, with hardware purchases the hardest hit. What else is on the back burner?
Avoid these architecture mistakes in your disaster recovery planning – In building out a disaster recovery strategy, many IT executives make these common mistakes. Want to save yourself some trouble? Here’s how to work around potential problems.
Virtualization and the private cloud: A guide for enterprise CIOs – Our latest guide looks at the trends, best practices and critical criteria for building a true strategy around virtualization and the private cloud.
While writing my story this week on CIOs looking to renegotiate IT outsourcing contracts to take advantage of cost savings, I found the drop in pricing for application hosting services particularly interesting.
As my story said, analyst firm Gartner Inc. predicts that the cost of outsourcing IT infrastructure will decrease 5% to 20% during the next two years, both domestically and abroad (with particular pressure on Indian outsourcers thanks to, among other factors, the Satyam scandal). The potential average outsourcing price reductions in 2009/2010 broke down as follows:
IT infrastructure outsourcing services and the average outsourcing price reductions:
Data center services – 5% to 15%
Desktop/help desk services – 5% to 10%
Network services – 10% to 15%
Application hosting services – 10% to 20%
Why might application hosting decline more than other areas? Gartner’s Richard Matlus explained:
“We think the reason that percentage is a bit higher is because people are going to be looking at SaaS as a solution,” Matlus said. “We’ll see more of those access-ready services delivered.”
Matlus went on to say that enterprise organizations’ decision to invest more deeply in Software as a Service, as well as virtualization and automation, will drive the price of application hosting lower, as IT outsourcing companies scramble to retain customers — even if it means dropping their prices. This is an area in which we can expect to continue to see big growth in 2009 and 2010.
Are you a CIO or IT executive renegotiating an outsourcing contract? Or seeking change your approach to application hosting? I’d love to hear your story.
Welcome back from the weekend! Here are the latest stories from SearchCIO.com, dealing with the private cloud, identity and access management, and some very newsy security standards for compliance for federal funds.
Beyond server virtualization: The private cloud – Turning server virtualization and the cloud computing concept into a private cloud is more than semantics. Our expert details how it differs from a virtual server farm and more.
The challenges and benefits of a private cloud – A private cloud may leverage server virtualization to drive business flexibility, but many of its management challenges (both people and boxes) are as yet untested.
CIO turns to identity and access management to solve business problem – Growth and turnover made user provisioning a huge task for business owners and the IT organization at Brookdale Senior Living, before the company launched a major effort to classify users and deploy an identity and access management system.
Security standards to help manage compliance for those federal funds – The disbursement of federal funds will open up risks and come with stricter requirements — a CIO group offers a checklist that can help IT executives at any organization stay in compliance.