I was on vacation when the news hit that customers of T-Mobile’s cloud-serviced Sidekick phones had likely lost their data due to a failure of the storage service provided by a company recently acquired by Microsoft, ironically named Danger. So, rather than following the story in real time, I found myself reading the historical account of the incident on Thursday. My reading of this was interrupted by another calamitous story, also related to clouds– a small boy whisked up 10,000 feet in the air by a helium balloon and carried in horrifying swoops across the Colorado skies. When the balloon landed gently some two hours later, the boy was not there and feared lost. Both stories, as it turns out, were much less horrifying than originally imagined.
“Balloon boy” was hiding in his family’s attic. The Sidekick data was not lost either; it was hiding somewhere as well. Yesterday Microsoft announced that it had recovered most, if not all, of the customer data.
Despite the good news, we’re seeing evidence now of storm clouds when it comes to cloud storage. The Sidekick data failure was attributed to a storage area network (SAN) upgrade gone awry. In this case, there appears to have been a difference of opinion about whether a backup was necessary in order to go forward with the SAN upgrade. According to sources of blogger Daniel Eran Dilger, instead of doing a backup that would have taken six days, Microsoft management is said to have decided to curtail the process two days into it. What then ensued is not yet clear, but the implication is that an Oracle system responded to some abnormality in the SAN upgrade that caused the data’s “disappearance.”
Whatever the cause, this scenario highlights the enormous complexity of cloud storage and the inherent risks involved with such a new data-handling approach. Indeed, another recent cloud mishap, in which a hacker was sending spam through an Amazon email server, elicited another calamitous response: Amazon EC2 subscribers had their email put on a spam blacklist by Spamhaus because of this one bad apple.
It’s not surprising these technology glitches are happening, given the newness and complexity of cloud computing. But I think what all three cases show — from the overblown police and media reaction to the image of an airborne balloon, to the software response to a SAN upgrade gone wrong, to Spamhaus’ Draconian solution to deal with a single hacker, is that we’re inexperienced. We don’t yet have enough understanding to deal with these unusual events in a calibrated — not exaggerated — way. The heart of the matter is that, in each case, there may have been an overreaction to an unexpected, but as it turned out not particularly serious, problem.
With all new things, there is a learning curve. Single hackers will be dealt with in a different way in the future. Microsoft will never do an upgrade without backing up first. As for “balloon boy,” it’s likely some adults will look in the attic before calling out the National Guard. And if the balloon incident was staged, a family conspiracy? Well, there are those who believe the Sidekick data wipeout was insider sabotage.
I’m a huge Boston sports fan, so forgive me for moving a bit more slowly than usual this morning. Yesterday’s “Black Sunday” (as it’s already being dubbed) really knocked me — and much of New England, I’d wager — for a loop. At least we have an excellent Celtics season to look forward to….
I’m diving into my SearchCIO.com wrap-up to chase away the blues. As always, read the stories linked below and contact us with any thoughts!
Email archiving solutions and strategies for enterprise CIOs – As an email scandal in the Boston mayor’s office is currently demonstrating, effective email archiving solutions and strategies are an important part of a CIO’s job, as e-discovery, litigation and compliance regulations require detailed email policies.
Disaster recovery is dead; long live continuous business operations – IT disaster recovery is dead, according to the head of the Disaster Recovery Institute International. Here’s how DR is becoming synonymous with business continuity.
ITIL case study: ITIL best practices at two financial services firms – When Barclays Global Investors and Wachovia invested in ITIL, they saw improved efficiencies and huge cost savings. Read their stories here and feel free to share your own ITIL experiences below.
CIOs should look to Generation X, not Generation Y, to be the early adopters of new and social technologies within their organization. Contrary to what you’d think, Generation X workers (roughly those ages 28 to 48) read blogs, participate in discussion forums and wikis and listen to podcasts at work more than Generation Y.
These were just some of the results from Forrester’s Workforce Technographics Survey, released yesterday at their Business Technology Forum in Chicago.
The survey showed that although 59% of the Gen Y (18- to 29-year-old) professionals use social technologies at home, only 14% use them in the workplace. Social media is not as much a generational thing as most people think, according to Ted Schadler, vice president and principal analyst at Forrester.
“Generation X is just better at problem solving and using their experience and authority,” said Schadler, the lead author of the report. “And using social technology to solve a business problem should be the first priority.”
The report surveyed 2,000 information workers — any type of employee who uses a computer or connected device to do his or her job — from companies with 100 or more employees.
One other point that came through was that users were not as advanced in terms of social technologies as we think. Only one in four workers uses instant messaging or Web conferencing, and one in 10 has and uses a smartphone.
So, what does all this information mean to the CIO? This type of quantitative assessment gives CIOs and IT professionals the tools to make better investment decisions. CIOs should apply these findings to benchmark their own technology adoption and satisfaction and develop a measurable strategy for adopting new technology that users want and use, and that will add the most value to the business.
I just returned from Forrester Research Inc.’s Services & Sourcing Forum in Chicago. Newsflash: Chicago is a windy city! Another newsflash: The road to creating and managing IT outsourcing contracts is a long and winding one – especially when business users start procuring their own services, such as applications via Software as a Service, or SaaS.
When my colleague Christina Torode covered the Burton Group’s Catalyst conference this summer, the buzz among IT executives was that business users were purchasing SaaS services without running these agreements by IT first. As Torode reported:
“Business users tired of waiting for IT to provision a new application or service are tapping cloud providers and bypassing IT along the way, much as they have for many Software as a Service applications over the past few years. And cloud providers are not calling on the IT department, but rather going to department heads to pitch their wares.”
But if this trend makes it harder for IT outsourcing contract professionals to oversee the company’s IT assets as a whole, there is also a flip side: When business users procure their own software, it doesn’t come out of the IT budget.
During a breakout session on SaaS services and cloud computing outsourcing contracts, Forrester senior analyst Liz Herbert said that she’s heard that some IT outsourcing contract professionals would actually prefer that individual departments continue purchasing their own SaaS services for this reason. In this economy, with all budgets and spending being scrutinized so closely, why make it look like IT is doing the spending if these other departments are willing to foot the bill?
To be fair, I noticed some snickers from the IT contracting professionals in the room upon hearing Herbert’s comment, so perhaps it’s not a common point of view but I thought it worthy of mention nonetheless. Certainly, it speaks to the need for governance in IT outsourcing contracts on an enterprise-wide level – a subject I’ll be delving into in the coming week.
Has your IT organization surrendered oversight of SaaS services contracts procured by the business, or do you still intend to oversee all these IT outsourcing contracts throughout your organization?
In a few hours, I’ll be bound for Chicago to learn more about IT services and sourcing, but don’t think I would leave you without your weekly wrap-up of CIO content! Check out the latest pieces to run on SearchCIO.com by clicking the links below:
CIO management mistakes that can harm CIO careers, cause IT failures – Are you an effective CIO or senior IT leader, or are you poised for failure because you’ve made one of these mistakes? Here are eight things you might need to change before it’s too late.
Do you have the qualities of a good leader? Test your leadership IQ – The qualities of a good leader transcend industry, organization and circumstance. Do you know what it takes to be a good leader in IT? Take our quiz and find out.
Maturing an ITIL strategy beyond incident, problem, change management – Some ITIL implementations stall once IT gets incident, problem and change management under control. Here’s what ITIL practitioners advise to keep driving benefits and maturity.
ITSM and ITIL best practices for process improvement – ITSM and ITIL processes continue to gain traction in enterprises as CIOs seek to cut costs and increase efficiencies through business process improvement. Learn more in this guide, our latest CIO briefing.
There are a lot more than eight ways to torpedo a CIO career, judging from the response to my piece this week, “CIO management mistakes that can harm CIO careers, cause IT failures,” a compilation of eight common CIO missteps. Fred Held, former CIO at Mattel and Bercor and IBM executive briefing consultant, offered two more:
- Don’t be clueless how the organization works. Since the systems that are under the CIO process the transactions of the organization, you have the best opportunity to be the focal point on how the organization works. This is a huge asset that most CIO don’t get.
- Don’t be reactive, be proactive. Learn influence management techniques to initiate projects that both make the company more competitive and secondly, save money. These can be very short-term, inexpensive projects that give the company even the tiniest of a competitive edge to huge systems that take years. There is nothing that a sales force and top management and the marketing team love to do more than brag about some superb system for the customers.
Enterprise architect and CTO of ObjectWatch, Roger Sessions, weighed in with his top two:
- Failure to speak the language of the business. CIOs who talk techno-babble are rapidly ignored by the business.
- Failure to understand the need to control complexity. Complexity is the single biggest reason for IT failures. Control it, or it eats you for lunch!
Sessions lit up the blogosphere this week with his post, “Cost of IT Failure,” pegging the total cost of worldwide IT failures at $6.2 trillion.
To get to the cost of IT failure for any one country, Sessions came up with a factor that can then be multiplied by a country’s GDP. He derived the factor .089, by multiplying the amount of money spent on IT hardware, software and services by the fraction of IT projects at risk, by the failure rate of at risk projects, and by indirect costs associated with the failure.
IT failure hurts — countries, careers, CIOs. Avoiding career-damaging mistakes keeps CIOs from getting fired so they’re around long enough to create sustainable business value. Hopefully, our tips will make that true for more of you.
Lately, I’ve been contemplating the questions CIOs should ask as they formulate or revisit their IT outsourcing strategy. The analysts at McKinsey & Co. must be reading my mind (or perhaps I’m reading theirs?), because their blog this week includes a post about how organizations can make IT outsourcing strategy decisions based on business requirements. This is pertinent even to those organizations already outsourcing IT functions, as business needs can change, particularly in this economic climate.
According to McKinsey, the four questions to ask when considering or revisiting an IT outsourcing strategy are:
1. From which areas is the business looking to derive value from IT enablement?
2. What capabilities are required to deliver that value?
3. What are the expectations for IT in creating those capabilities?
4. In meeting those expectations, how can resources be procured in a way that meets our cost, timing and skills requirements?
I’d add a few more questions to that list, since we’ve found that organizations are seeking to outsource functions that will allow them to globalize, operate more efficiently and, of course, save money:
1. Will the cost savings provided by IT outsourcing cover the risks and management overhead of doing so?
2. Are we interested in consolidating or broadening the number of vendors with whom we outsource?
3. How will we measure success in IT outsourcing? What are the baseline results against which we’ll measure our IT outsourcing activities to determine whether we are saving money, increasing customer satisfaction, globalizing the business or whatever business goal we hope to reach?
I’m planning to attend Forrester Inc.’s Services & Sourcing Forum in Chicago next week, and will share more insights soon. Anybody else going? Look me up via email or Twitter — I’m @rlebeaux.
Good morning! Last week on SearchCIO.com, we surfed the Google Wave, examined the email retention policy (or lack thereof) that’s caused such consternation in Boston, explained how to complement your ITIL framework with other process methodologies, and presented some data recovery solutions for CIOs. Read the stories linked below and feel free to share your comments!
Google Wave: A sea change for business collaboration, communication? – Businesses are getting caught up in the Google Wave, contemplating how such mashup collaboration technologies stand to change the way they operate internally and do business.
Miscues abounded in Boston email retention policy, practices – Boston CIO Bill Oates talks about measures taken to tune an email retention policy after disconnects between user practice and system capability set off a political firestorm the week before the city’s mayoral primary. (Also see our initial story on the email scandal.)
Complementing your ITIL framework with other process methodologies — ITIL can be more effective when used with other process methodologies, like Six Sigma, PPM and ISO 20000. In this story, learn how to leverage mixed process methodologies and increase efficiencies in your company.
Data recovery solutions must address a range of concerns – In this piece, our expert describes how to do a reality check to ensure that your disaster recovery strategy and data recovery solution pay off in the long run.
SIM’s annual survey is out, and perennial CIO issues — IT security and business continuity/disaster recovery — have plummeted on the lists of both CIO management and technology priorities. What’s going on? I asked Jerry Luftman, executive director of graduate information systems and programs at Stevens Institute of Technology and SIM vice president for academic affairs, emeritus.
“This is a special year, given the economic conundrum,” Luftman said. “If you take a look at the top CIO management concerns, the first two are business productivity and cost reduction and the second is pervasive business IT alignment.”
During typical economic doldrums, IT cost reduction has topped the list of CIO management concerns. This year it is No. 5 — evidence, says Luftman, that CIOs are spending more time working with the business on leveraging IT to cut overall costs than on slashing IT budgets.
Is it possible that IT is no longer viewed as the profligate offspring of the corporate family but — gasp! — fiscally shrewd? A cost fixer? Certainly, CIOs feel compelled to step in, according to the SIM survey.
If CIOs are not concerned about cutting IT costs (already down to the bone, many CIOs have been telling us), they are also not blowing any dough on IT hardware and software.
As for security — scary as it is — CIOs have clearly put it on the backburner of CIO management and technology concerns. Antivirus protection, the No. 1 technology investment in 2008, has dropped off the list.
“When you look at IT budget allocation, the thing that has taken the biggest hit is IT infrastructure stuff, the hardware and software, and security is right there,” Luftman says.
Moreover, security, the only technology to make last year’s list of top CIO management concerns, is no longer on the headache list. Disaster recovery and continuity planning, the No. 3 technology investment in 2008, fell to No. 6.
Seems it’s not prudent to try to sell insurance for something bad that might happen when the business is struggling to survive what is happening — a very real economic disaster.
Emotional fatigue, or SOP
The question, says Luftman, is if the decline of security and antivirus protection as a top priority represents a “continuous change.” “Will it come back again when the economy turns around and we need to refocus our interest on infrastructure stuff?”
And his view? “Security was hot last year. Over time, as we either help address it or we emotionally feel that we have done as much as we can do, it will go away from the top list. The question is, how much time will it take to drop off the radar, or become accepted as standard operating procedure, is hard to tell.”
We’ll be delving into the results over the coming days for more insights. Meantime, here are the 2009 rankings:
2009 IT Management Concerns
- Business productivity and cost reduction
- IT and business alignment
- Business agility and speed to market
- Business process re-engineering
- IT cost reduction
- IT reliability and efficiency
- IT strategic planning
- Revenue-generating IT innovations
- Security and privacy
- CIO leadership role
Top Six Applications and Technology Investments
On the following list, priority No. 4 jumped out at us as a newbie on the list. Customer corporate portals give customers direct access to the information they seek without going through an intermediary. Luftman explains the reason behind the jump: “These are things that can help improve business productivity and reduce costs, the No.1 CIO management concern.”
- Business intelligence
- Server virtualization
- ERP systems
- Customer corporate portals
- Enterprise application integration
- Continuity planning/disaster recovery
Running large data centers is expensive and getting worse. No one knows that more than Google and Yahoo. At a panel on green data centers at MIT’s Emerging Technologies Conference this week, Yahoo’s senior director of data center engineering and operations, Scott Noteboom, described how Yahoo has grown its server plant by 12 times since 2005. Google’s head of data center research and development, Chris Malone, explained that Google has had to come up with its own server designs to accommodate the ultra-high densities of their data centers. Both have a maniacal focus on improving data center energy efficiency.
Yet both firms are doing things that ordinary enterprises can learn from:
1. Reconsider your business continuity plan. Yahoo is eliminating UPSes and backup generators. Instead, they are architecting each data center as a backup to the others. That eliminates UPSes as a significant power loss. They’ve had to install software that restarts servers in a controlled fashion after power resumes, however. Google took a different tack: eliminating larger UPSes in favor of small battery backups on each server motherboard. Either way, both data center approaches yield significantly greater energy efficiency.
2. Consider the weather when you site a data center. Yahoo is no longer building raised-floor data centers. By locating in more moderate climes, they’re able to utilize prebuilt warehouse-type buildings that use extensive ground-level air intake of cooler ambient air and roof-level exhaust of hot air.
3. Raise the temperature and humidity. Modern servers can run warmer and moister than you might think. A lot of conventional wisdom about server environments stems from the mainframe days, when you didn’t want punch cards wilting.
4. The big win in facilities power reduction in the data center is in cooling. Malone points out that typical chiller systems are only 60% efficient; Google has gotten to 90% by switching to evaporative cooling. Focusing on electrical transmission issues is good but yields much less improvement.
Google and Yahoo make extensive use of virtualization to improve capacity utilization and reduce the overall load. Noteboom and Malone stressed that senior IT managers need to make these issues part of the discussion with system architects, project managers and developers. All too often, those folks start from the premise of buying a certain kind of server for a certain kind of app, rather than asking how existing capacity could be deployed to meet that need.
And the result of all those efforts at Google and Yahoo? Dramatic improvements in power efficiency. The typical metric for this is power utilization efficiency, which means the ratio of total power consumed by the data center to total power consumed by just the servers themselves. Most contemporary data centers are in the 2.0-2.5 range – for every watt of power that a server uses to compute, they burn more than a watt in transmission loss, battery loss and cooling. Google is at 1.19 and Yahoo is targeting 1.03 in its next-gen data centers. In other words, if you’re typical, you’re spending twice what they are on power per server.