January 16, 2009  10:59 AM

Windows 7 migration: First thoughts

mschlack Mark Schlack Profile: mschlack

OK, there’s no getting around it. This year is going to be the Year of Reading Endless Speculation and Lightly Informed Commentary About Windows 7. Feature Bingo, Shipping Date Roulette – you’re undoubtedly familiar with the pattern and patter around Microsoft OS releases. I confess, I felt professionally obliged to fire the beta up, and in my next post I’ll give you a quick review – hopefully saving you or your staff from wasting hours of time with a Windows 7 migration. But for now, let’s talk about the big question: Which version of Windows — XP, Vista or Windows 7 — are you going to standardize on when? How many migrations do you want to make in the next year?

IT shops have been much more resistant to upgrading from XP than any other version of Windows I can recall. Vista just didn’t excite many people, and relatively few shops planned mass migrations. Count me among those who think Vista was largely Microsoft’s fear and paranoia response to the then-yet-unreleased but highly rumored Mac OS X and its accompanying update of the modern GUI. Aero, transparent windows, etc. – it was all about the consumer glitz factor. Microsoft was clearly worried that Joe Cool would tell his friends, “Windows is so 20th century. I’m going Mac.” As for businesses migrating to Vista, Microsoft seemed to take that for granted.

In interviews I participated in with head Windows dude Jim Allchin and other responsible parties in Redmond prior to the release, the mantra about why IT shops would love Vista was always “Security.” Namely, User Account Control and Network Access Protection (NAP). The first would protect against malicious code and the second against malicious people. The first was a nonstarter with end users and the second had to await Windows Server 2008. For all its potential to improve security, how many of you are willing to delegate your shrinking staffs to implement NAP? I’d be interested to hear from you on that.

So, in short, from most corporate perspectives, nothing much in Vista worth migrating for. Even for those who tend to upgrade when told to, a lot of old hardware wouldn’t work with Vista. And “upgrading” from XP was problematic, not only because of the hardware compatibility issue, but also because of Windows’ inability to nondestructively resize boot drives when necessary for upgrades, forcing complete re-installs. Not to mention some people found it noticeably slower.

So what’s Windows 7’s compelling new feature? Gee, there’s a new “Connect to a network projector” feature, but I’m just not that moved by it. I’m still looking – have you found any? On, Christina Torode reports that there are some nice-to-have Windows 7 features for business around security and networking, but I don’t know if I’d call them compelling.

As far as compulsion goes, Christina notes that many people are assuming they can run XP for years, but you may run into trouble with ISVs, or for that matter, peripheral vendors who won’t bother to write old drivers or driver install routines. The hardware incompatibility issue with Vista shouldn’t be as serious with Windows 7, since by the time it ships you probably will mostly have Win7-ready inventory. With some of the freak-out factors gone, it’ll just be mostly another migration.

It’s all so wearying somehow, this hype cycle of nonimproving improvements.

So what would be compelling? How about:

  1. Can we get a bare-metal hypervisor for the desktop? There’s been a lot of buzz about “native VHD support” but not much detail. I’ll be trying to figure out how close that comes to allowing you to create and distribute installs and upgrades as simple VHD files, which would be a killer differentiator. However, I suspect VMware or Citrix or somebody will actually beat them to it and go all the way to bare metal with their solution.

  2. Now that you have Windows Live SkySpaces, why don’t you figure out a way IT shops can rent space real cheap (or free with certain licenses) for end users to at least automatically back up their My Documents folders up there? Ninety-nine percent of IT shops do nothing about end-user backup, and really, how many end users save only important documents to the network? And so far, you can neither target Windows Live from the minimal backup app in Windows or copy more than a file at a time (you can’t copy an entire folder). Hey, Steve B. and the other paranoids up in Redmond, don’t you think that would help you in your self-proclaimed war with Google? I think at least it would help your corporate customers.

  3. Instead of adding new mini-games to each version, can you recognize that more and more office workers have to work in sound and video? Yes, copy Apple and give them some reasonable basic sound and video editor program. And that would also appeal to consumers, who still seem to be whom you worry about most.

  4. Lastly, can you finally put some of that 90% unused CPU capacity to work checking and healing the system? This has been on my list since 1995. What few efforts Microsoft has made in this arena seem pretty tokenistic to me.

OK, that’s my wish list. How about you? What would make you feel proud to recommend upgrading and ask for the budget for it? And absent that, how are you thinking about playing this? If upgraded to Vista, will you skip Win7? If you didn’t, how are you going to proceed going forward?

January 12, 2009  1:35 PM

CIO weekly wrap-up: 2009 IT trends, network access control, CPM and BI

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Post-holidays, we’re back in full swing here at Here are our latest stories and briefings:

  • Business intelligence (BI) strategies for enterprise CIOs — This month’s CIO Briefing includes news, resources and advice on how to create or update a strategic BI roadmap and make the right choices for your BI and data architecture, including whether you should consider an on-demand BI solution.

January 9, 2009  10:48 AM

Breaking down the silos inside IT and beyond

EditorAnne Anne McCrory Profile: EditorAnne

I just read an article about breaking down the silos in IT. This piece focused on the application development process and the fact that each group does its thing and then tosses the application over the wall to the next group, from developers to QA engineers to performance test engineers. The problem comes in if all this testing is performed on a “utopian network” on the LAN, so nobody sees how it will perform on a WAN. So when users experience problems due to latency or packet loss, they blame the networking guys.

This is classic siloed, need I say territorial, behavior. The irony is, everyone in IT bemoans the fact that so much of the enterprise functions in stovepipes that it’s a huge effort to lead projects that should be joint efforts across departments or functions. Departmental interests, power struggles and personalities get in the way of effective enterprise IT projects so they don’t get off the ground or the end result fails to meet expectations or isn’t strategic after all. In fact, IT could figure out how to break down silos by starting at  home.

It’s really not that hard. The next time you have a brainstorming session or launch a project, seek out representatives from across IT. Get their input throughout the process. Figure out what new processes you may need to create to consider their (and in the end, everyone’s) interests so that your outcome is solid and thoroughly represents the best you can do. If it’s an application you’re building, your project committee will include people from the user community; add an IT subcommittee with people from every part of IT that the application will eventually touch.

Inclusion is a management philosophy, and it gets conflict out on the table early on. Better to hash out your differences before spending the company’s money and then needing to spend more to patch something later on. Any eye-rolling or “but…”s around the room will turn into greater pride and less maintenance at the end.

January 5, 2009  12:42 PM

CIO weekly wrap-up: Security tools, tech gifts and enterprise apps

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Welcome back! I hope everybody had a merry holiday season. We here at took a bit of time off, as I hope you did, too. In case you missed anything, here are some of the pieces we’ve been working on, dealing with security tools, tech gifts and enterprise apps: 

  • Holiday gifts for the tech savvy — and not – Yes, technically the holidays are over – but now you might have a better chance of getting some of these presents — for the tech savvy and fearful alike – on sale!

December 23, 2008  3:44 PM

Tough choices ahead in 2009 for enterprise applications

mschlack Mark Schlack Profile: mschlack

CIOs will face a lot of tough choices with ERP and other enterprise-level application upgrades, SOA projects and BPM initiatives in the coming year. If you have to keep a lot of balls in the air most years, this year will be more like juggling flaming clubs while standing on a high wire.

In such a circus, sometimes you just want to put off tough choices. “Just get through it and move on” sounds pretty good, right? Well, the buck may only be worth 79 cents these days, but it still stops on your desk. I think CIOs are going to have to figure a few things out this year besides how to keep the lights on.

And application software is one of those things. SOA, SaaS, cloud, agile development, rich clients – where’s it all headed? The large application vendors, such as SAP, that dominate the major enterprise categories have been rolling out their own SOA-based architectures in upgrades, and the same is true on the dev tools side. It’s likely that you’ll have to make some kind of move in the direction of service-based software well before the Dow returns to 12,000 or risk waking up, like Rip Van Winkle, to a world that makes no sense to you at all.

It’s a confusing mess, and it’s easy to see you could wind up in endless sterile SOA debates about how many software angels can dance on the head of a framework and still have nothing workable. The key to deciphering it may well be to insist on thinking of services as automated business processes instead of abstract technical tasks. At least then you know there’s an intrinsic business value to what you produce. Of course, you really do have to build abstract technical services, too, but making that a focal point is more likely to lead to the dreaded “technology for technology’s sake” dead end.

Many of you are hearing from the CEO and CFO that they’d like IT to pick up the slack from reduced office and factory staffs. That sounds a lot like business process automation. IT has automated many business silos, and now it’s on to the really tough job of automating the transfer of information and decision making between those corporate departments and their disparate applications. Times are right, though, to finally get a mandate to rationalize a lot of redundancy across those different application silos now tightly in the grasp of business owners. If your governance projects don’t include that, don’t expect much in return. Hopefully you can do for software in the coming years what you’ve done with consolidation and virtualization for servers and floor space in the last few years.

Speaking of virtualization, that’s another area where standing still could mean getting left behind, but I’ll leave that for another post.

December 22, 2008  1:57 PM

CIO weekly wrap-up: Limit network access after layoffs, get DR funding

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

The holidays are upon us! But before you mentally check out for the week, take a peek at our latest stories from

  • File transfer solution improves business process – It’s always a good time to look at streamlining business process, but it becomes even more important when companies are looking to save money. At Christie’s auction house, a managed file transfer solution accomplishes both of these objectives, with strong ROI.

December 19, 2008  11:03 AM

IT/business alignment? Not so much, but there is a silver lining

Linda Tucci Linda Tucci Profile: Linda Tucci

How’s this for a year-end bummer? According to a survey from McKinsey & Co., IT is not living up to anybody’s expectations. The survey, titled “IT’s Unmet Potential,” found that CIOs, CTOs and non-IT executives all agree there is a disjunction “between their IT organizations’ current priorities and what IT could contribute.”

It seems the old IT/business alignment thing still needs aligning.

The silver lining, if you can call it that, is that this disjunction is actually a step forward. Instead of having IT and the business disagree about IT’s purpose, now at least both groups are on the same page.

Both CIOs and their non-IT executive peers have reached concordance on the idea that IT should play an important role “in developing and executing business strategies” by, for example, promoting innovation to “better enable companies to seize new opportunities.”

The bad news is that what’s on that page is not actually what is going on in these companies.

For example, only one quarter of the respondents believe that IT is currently “partnering with the business to develop new business capabilities.” Similarly, only one quarter believe that IT is “proactively engaging with business leaders on new ideas/enhancements to existing processes, systems.”

The other evidence for this disjunction between what is and what could be is the respondents’ answers to questions about current IT priorities versus ideal IT priorities for the next budget cycle.

For example, “reducing IT costs” and “ensuring compliance with regulations,” according to the survey, should ideally be half as important on the IT priority list as they currently are. On the other hand, the respondents said that in an ideal world,  IT’s role in “creating new products and service” should be almost double in priority.

For the new year, perhaps CIOs and their business peers can take heart in the idea that the first step in solving a problem is defining it.

The survey was conducted in October, after respondents “had time to absorb the implications of … the deteriorating economic environment,” said McKinsey authors; 548 executives responded, 49% of them identified as C-level executives.

December 17, 2008  5:36 PM

Disabling accounts after employee layoffs: A necessary evil

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Linda Tucci’s story on today on disabling accounts after employee layoffs and the security risks “orphaned” accounts can pose if not properly closed out was a timely one, of course. I’m actually sort of surprised we’re not seeing more stories about disabling employee accounts, considering November saw the loss of 533,000 jobs in the United States, and December layoffs might be just as bad – or worse.

If I may try to add some levity to the situation, the “orphaned accounts” story (particularly the line about one person who was still on the payroll six months after being terminated) reminded me of the first minute from this infamous clip from the film “Office Space.”

Now, I don’t think anybody would question that there are risks associated with leaving employee accounts open following layoffs. When you’re laying off IT folks, it’s even riskier, according to Tucci’s story, since these individuals “usually have the keys to the kingdom” and could wreak absolute havoc. Hmmmm, reminds me of a little IT hack incident earlier this year in San Francisco you may have heard about.

Unfortunately, I think the points touched upon in Tucci’s story might strike a cord with a lot of the people who read this blog – I know they struck me, both on a personal and professional level. It seems unnecessary to immediately disable the accounts of 99% of laid-off employees who wouldn’t dream of downloading sensitive company information. They might have downloaded a picture of a grandkid on their work computer, or may have even been in mid-email when their access disappeared. Yes, their computers belong to the company, but shouldn’t these employees have an opportunity – even if it’s brief and monitored by current staff – to recover those items? I believe so.

Precluding former employees’ access to their contacts and working documents with little or no warning could be bad for the business, too. Particularly if a company is laying off longtime employees who might have hundreds of contacts built up in Outlook, or have files that would be useful to others in their organization. If the employee is immediately locked out, then recovering and piecing through that business information is likely to be a lot more challenging for remaining co-workers.

And yet … I sure wouldn’t want to be the head of IT in a company that took a lackadaisical approach to disabling employee accounts after layoffs and was burned by one of the 1-percenters who caused problems in the system.

So for any of you with experience in layoffs: Have you gone with immediate system lockout, or ever considered a less drastic approach (for the reasons I cite above, or others)? Do desperate times call for Draconian measures, or is there room for a more personal touch?

December 15, 2008  11:41 AM

CIO weekly wrap-up: Launching a BI system, outsourcing, 2009 IT hiring

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

I hope everybody had a nice weekend! For those playing catch-up, here are the most recent stories from

  • Five questions to ask before launching a BI system — An economy in recession puts business intelligence (BI) on the top of the 2009 agenda. But CIOs will have to look at BI differently moving forward. Want five tips for getting it right? Read on.
  • Economic downturn will hurt IT hiring in 2009 – Unfortunately, you knew this news was probably coming. A new survey shows fewer jobs, the possibility of layoffs, a flattening of salaries and a rise in the number of qualified IT job applicants ahead.
  • Managing user adoption makes the most of a BI solution – A good case study for those looking to manage a BI solution adoption correctly: A user-friendly interface and superior architecture sold Meredith Corp. on a BI solution from MicroStrategy, but it was IT’s rigorous “managed adoption” process that ensured people used it.

December 10, 2008  5:16 PM

Cybersecurity initiatives require education, shared knowledge

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Cybersecurity initiatives aren’t about just you, the CIO, or your organization. And because of that, the solutions shouldn’t come solely from you, but from shared knowledge from all sectors.The same model applies to the U.S. government’s approach to cybersecurity initiatives. The Center for Strategic and International Studies’ Commission on Cybersecurity for the 44th Presidency, a panel formed in August 2007 “after the United States suffered a wave of damaging attacks in cyberspace,” recommends that incoming President Barack Obama should establish a new White House office and appoint a presidential assistant to oversee a “comprehensive national security strategy for cyberspace,” CNN is reporting.

As we noted last week, 2008 has been a very spammy year, with threats targeting social networking sites. The cybersecurity report takes the spectre of these threats even further, stating that cybersecurity is one of the major national security problems facing the U.S. and “all the tools of U.S. power” – diplomatic, intelligence, military and economic – are needed to deal with cybersecurity, CNN reports.

Some of the recommendations with regard to national cybersecurity should sound very familiar to enterprise CIOs charged with overseeing cybersecurity protocols in their organizations. For instance, the report recommends “requiring better authentication” of digital identities and limiting government purchasing to secure products and services. Research, training and education should also be expanded, the report says.

The lesson here? Your cybersecurity insights and experiences carry far beyond your individuals organizations’ walls. Share your cybersecurity stories and solutions with others. You can start by clicking the “comments” link below! 

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: