September 14, 2009  4:15 PM

CIO weekly wrap-up: Swine flu preparedness, business continuity, ITIL

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

I just returned from an amazing week in Costa Rica and have the tan (really, the sunburn) to prove it. Maybe surfing at the sunniest time of day wasn’t the smartest move? Anyway, I’m re-discovering how difficult it is to get back into the swing of things at work post-vacation, so this lineup of our latest work is as much for my benefit as it is for yours!

Over the past two weeks, has examined ITIL project leadership, swine flu preparedness, business continuity, IT disaster recovery outsourcing, IT strategies in a bad economy and more. Please check out the pieces linked below and let us know what you think!

Effective ITIL project leadership: Plan-Do-Check-Act – Successful ITIL project leaders are using the Plan-Do-Check-Act cycle to ensure their teams stay motivated, follow the same processes and contribute innovative ideas.

Uniting ITSM, PPM process methodologies yields IT management benefits – ITSM and PPM are typically separate disciplines, but integrating them can increase visibility, help with budgeting and more. Learn more about this dynamic duo.

Tips for business continuity and contingency planning for swine flu – IT business continuity plans for swine flu outbreaks focus on people and remote access issues. Here are experts’ tips on what to include.

IT disaster recovery outsourcing: A planning guide for enterprise CIOs – Planning for IT disaster recovery outsourcing requires CIOs to assess their DR needs, make the case for funding and select technologies. Learn more in our latest CIO briefing.

Talking swine flu and Conficker with the CIO of the CDC – In this Q&A, the CIO at the Centers for Disease Control and Prevention (CDC) discusses how preparations for H1N1 and other human viruses compare with the computer variety and more.

Tips from the CDC’s CIO on H1N1 flu preparedness – Get a CIO checklist for H1N1.

CIO advice: IT strategies in a bad economy – CIOs should consider re-evaluating their IT strategies in this economy. Get advice on addressing ROI, innovating and achieving project success in this podcast.

Swine flu preparedness: Business continuity during an H1N1 outbreak – Swine flu preparedness will top enterprise CIO agendas this fall as offices create business continuity plans in case of widespread absenteeism. Learn more in this H1N1 flu guide.

Health care security, HIPAA compliance on deck for CIOs in Obama era – HIPAA enforcement has long been lax, but that’s changing with stiffer HIPAA security and privacy rules and incentives to move to electronic health records.

September 11, 2009  2:18 PM

Looking for low-cost business processes? Check out GE WorkOut and FTD

Karen Guglielmo Karen Guglielmo Profile: Karen Guglielmo

Some companies are developing their own business process methodologies — such as GE WorkOut and fast track decision making (FTD) — to cost-effectively streamline processes and address the rapid changes in the market. But why? Aren’t the proven Six Sigmas, Lean and other business process methodologies of the world doing the job?

IBM’s 2009 Global CIO Study, released this week, revealed that more than half of the 25,000 CIOs surveyed said they plan to implement low-cost business processes this coming year. I started to wonder which low-cost business processes they were talking about and why they were suddenly on the rise. I did some research and came across two business process methodologies that could be considered “low-cost” — the GE Workout business process and fast track decision making.

The GE WorkOut business process isn’t new. GE developed it in the late 1980s as a way to help its own organizations and others become more lean, efficient and responsive to changes in the market. The GE WorkOut process works by bringing together a cross-functional team to solve a business challenge in 90 days. Taking on an issue identified by senior leadership, the team creates a plan with actionable items that must be implemented within the 90 days.

Companies using the GE WorkOut process — including L.L. Bean, Frito-Lay, IBM and Metropolitan Life Insurance — are doing so to streamline and simplify processes, eliminate non-value-added work and speed up the decision making process, according to C.A. Schifman and Co., a training and consulting firm. The process also allows companies to break down silos and improve employee morale.

The fast track decision making approach, meanwhile, is a rapid problem-solving method developed by the North Shore-LIJ Health System in 2002. The organization developed the process to deal with change and allow the right people to make decisions based on their areas of expertise. The LIJ was continuously struggling with change issues from corporate initiatives such as merging 18 individual hospitals into one health care system. The FTD process works by allowing teams of people closest to the process in need of improvement to develop and implement appropriate solutions. The process includes team involvement and in-meeting decision authority.

These two methodologies sound a little like “light” Six Sigma and Lean to me. They allow companies to build their own process methodologies at a low cost and customize them to their own business culture. So if you’re looking to use a low-cost framework and find Lean and Six Sigma intimidating or expensive, these two might work better for you.

September 3, 2009  8:02 PM

Gmail outage raises issue of control

Christina Torode Christina Torode Profile: Christina Torode

While talking to an IT director about Google’s Gmail outage yesterday, I realized that it wasn’t so much the outage itself that bothered him (his organization does not use Gmail), but the sense of not being in control of a cloud computing environment.

Billy Rials, IT director for Rankin County in Mississippi, wants his throat to be the only one that public officials come after when something goes wrong.

He’s responsible for the IT that runs seven cities and knows his data center environments inside and out. He said the environment is no utopia, but he believes they are getting closer every day by adding more and more virtualization technologies for servers and desktops.

“What do I say when an official calls me and ask what’s wrong: ‘I don’t know, something is going on with the cloud provider’?” he said. “It should be my responsibility, and bringing someone in from the outside … I have no control or the authority that I think I should have.”

Then there’s the fear factor of other people you don’t know having access to the infrastructure that runs your stuff. At least in your own data center you know that Joe was the last one to work on server X, so if something goes wrong you ask Joe.

There’s a sense that your environment gets lost in the cloud. At shows I’ve heard people asking how they can find their data, servers, you name it, in a cloud computing environment.

These are people who are trying to keep track of virtual machines in their own environment. The thought of the complexities added by trying to track down what’s going on with an application on a virtual machine in someone else’s environment is a road they don’t want to go down.

There are those fully embracing cloud computing, of course. They consider it to be no different from the risks they faced with outsourcing or colocation. The ROI or cost savings is worth the risk of an occasional outage, and even giving up a little control. And after all, how often do your email servers go down within your own four walls?

Let us know what you think — email me at

August 31, 2009  2:50 PM

CIO weekly wrap-up: IT disaster recovery value, technologies, budgets

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Good morning! delved deep into IT disaster recovery this past week, looking into strategies for making the case for the value of disaster recovery, how technologies are changing IT disaster recovery outsourcing and how the recession is squeezing IT disaster recovery budgets. We also included part 2 of our look at IT outsourcing around the globe, focusing this time on the pros and cons of IT outsourcing in Latin and South America. Please review the stories below and let us know what you think!

Seven tips to make the value case for disaster recovery – How do you make the case in your company to invest in disaster recovery? Here are seven tips from leading providers that tell you how.

Technology is changing IT disaster recovery outsourcing – New technologies such as virtualization, disk backup and cloud are radically changing IT disaster recovery services.

Recession squeezing IT disaster recovery budgets – The recession is forcing CIOs to focus on risk assessments, processes and business resiliency to trim IT disaster recovery services. The result, say providers, is better decisions.

IT outsourcing pros and cons for Latin, South America – IT outsourcing pros and cons for Latin and South America range from time zone alignment and geographic proximity to a lack of vendors and language barriers. Learn more in this story (and also check out our story on the pros and cons of IT outsourcing in Asia).

August 28, 2009  3:42 PM

IT and business alignment: Wrong choice of words?

Karen Guglielmo Karen Guglielmo Profile: Karen Guglielmo

If there’s one thing we’ve learned in IT over the past few years, it’s that if you say that something will help with “IT and business alignment,” you’re pretty much guaranteed it’ll get some attention. And IT and business alignment continues to top CIO agendas as a priority year after year. So WHY would anyone question the meaning of such a harmonious and universal phrase?

That’s just what David Ratcliffe, president of Pink Elephant consulting, did in a blog posting this week. According to Radcliffe, IT and business alignment is not where it’s at anymore. Instead, it’s about IT and business integration.

Ratcliffe explains that, “if IT is ‘aligned’ with the business that means it’s separate and is trying to line up. IT is not a separate entity from the business, it’s PART of the business.”

I understand Ratcliffe’s’s point. IT does need to become an integral part of the business. And maybe it is time to update the “IT and business alignment” term and mindset. But alignment is still where it’s at. Now it’s a matter of what specifically needs to be aligned. 

Up until now, IT and business alignment was mainly about governance. Companies were setting up formal internal structures for IT and the business to effectively work together toward common goals.

But alignment today should be more about processes and metrics. IT still needs to align with the business on common goals, but it also needs to align on the types of processes and metrics it uses. The IT organization needs to start using metrics that show how technology is positively affecting the business.

The same goes for processes. There are business processes and service delivery processes. Both are run separately but have the same goal of improving the business. By using similar metrics and processes, IT and the business can better communicate and reach common goals.

In the end, alignment is still king. It’s just a matter of taking alignment to the next level.

August 28, 2009  2:43 PM

IT services outsourcing: Do you have an ‘India-plus-one’ strategy?

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

For quite awhile, many U.S. companies have focused their IT services outsourcing strategies on India due to its market share, low cost of labor and robust vendor market. But now, some companies are seeking the best of both worlds: Traditional IT services offshoring coupled with a nearshore location.

My piece this week on IT services outsourcing in Latin and South America focused in on three of the larger countries in those regions in this industry: Mexico, Brazil and Argentina. For those who might have missed it, part 1 in this series dealt with IT services outsourcing in Asia.

As I investigate these locations, what I’m hearing is that many U.S.-based companies are seeking an “India-plus-one” strategy, whereby they supplement offshore operations in India (or perhaps China, another IT services outsourcing leader) with a vendor in a nearshore location, allowing them to derive the advantages of time zone alignment, geographic proximity, and any other perks that the particular offshore locations offers. To ensure that they don’t get left behind, some Indian IT services outsourcing companies have opened their own facilities in nearshore locations to complement their Indian operations.

For instance, I had a conversation this week with Paul Madarasz, general manager of the eastern region business unit at Aliso Viejo, Calif.-based IT services firm UST Global. Although the company has a lot of IT services operations based in India, Madarasz said the company is opening an IT services delivery center in Chile, outside of the capital of Santiago, that will focus on UST’s “bread and butter”: Application development, support and maintenance.

“We chose Chile for a lot of different reasons,” Madarasz said. “A lot of our clients would love to see an ‘India-plus-one’ strategy. They feel they’re fairly well saturated in India and would like another location.”

Other pluses include the Chilean government’s commitment to the IT sector and an educational system to support it, favorable immigration laws for bringing workers in and out of the country, and a communications infrastructure that would be robust enough to handle a high-intensity operation.
“We felt the business climate there was probably the best for us to be in,” Madarasz said.

So what are your thoughts on an “India-plus-one” strategy? Are you considering IT services outsourcing in different locations than in past years? And what parts of the world are you interested in reading about to guide your IT services outsourcing strategy?

August 24, 2009  2:23 PM

CIO weekly wrap-up: Pros and cons of outsourcing, ITIL framework, PPM

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Good morning! This past week, looked into the pros and cons of outsourcing in several countries in Asia, put out our latest FAQ on the ITIL framework and put your project and portfolio management (PPM) knowledge to the test. Click on the links below to learn more!

Pros and cons of IT outsourcing in popular Asian countries — The benefits and challenges of IT outsourcing in India, China, the Philippines and Vietnam range from pricing to intellectual property barriers. Learn more in this story.

Understanding the ITIL framework — The ITIL framework is a globally accepted standard for improving IT service quality. This FAQ reviews the ITIL definition, training options and costs and ITIL-compatible tools.

Project and portfolio management quiz for enterprise CIOs — Project and portfolio management (PPM) creates visibility and helps CIOs direct spending and resources toward the proper goals. Read these stories on PPM and take our related quiz.

August 21, 2009  2:17 PM

Swine flu — not hurricanes — leads disaster recovery agenda

Linda Tucci Linda Tucci Profile: Linda Tucci

Hurricane Bill is barreling over the Atlantic threatening to flood data centers and new, potentially destructive computer viruses are always popping up, but, surprisingly, a real virus — swine flu — is taking shape as the biggest storm cloud on the horizon for disaster recovery specialists. In conversations with the major disaster recovery providers this week concern about the H1N1 influenza virus was running high. The big question is whether companies were sufficiently prepared for an outbreak among employees. For many companies, particularly smaller workplaces, even issues such as whether the company has the right to send a sick worker home can be confusing.

“The larger enterprise companies are beginning to take the H1N1 pandemic seriously and beginning to think about what they are going to do if 40% of their workforce gets sick this winter,” said Bob Boyd, CEO of Agility Recovery Solutions Inc., the Charlotte, N.C.-based provider that brings its ReadySuite trailers on-site in the event of a disaster or for testing purposes. “We are seeing a fairly significant increase in interest from those larger companies to have technology on schedule with us, so that if they sent 100 people home, we could ship them laptops, so they could work from home.”

Indeed, of the 41 recoveries Agility has done this year, seven have been for customer responses to the pandemic. One was in Montreal and the rest were in the U.S.

“In the seven cases we’ve done so far, their pandemic plans said that if an employee is diagnosed with H1N1 virus, the company takes the 100 people that employee is closest to, whether in the adjacent cubicles or by contact in meetings, and all those people go home for up to two weeks, because the incubation is thought to be about 10 days,” he said.

Companies like Agility can supply laptops loaded with the technology employees need to do their jobs along with any equipment, like headsets.

Agility is planning a series of webinars in September with avian flu expert John Lange to help its smaller member companies get ready for the expected upswing in swine flu cases this year. The emphasis will be on what companies can begin to do to protect their employees from the swine flu virus and how to handle cases, as they come up. Large companies with effective HR departments are typically well-prepared to deal with medical issues.

“You get to a small medium-sized company, that guy doesn’t even know if he has the legal right to send that worker home. They need help on how do they talk about H1N1 with their staff and encourage good practices,” Boyd said. He said Agility is spending a lot of time talking to customers about cross-training employees, so that more than one person knows how to perform a critical business function. “If they are right, a lot of people are going to be out sick.”

August 20, 2009  3:29 PM

Failure to track virtualization licensing terms can cost you

Christina Torode Christina Torode Profile: Christina Torode

An unnamed client of Forrester Research received a bill for $1 million from a software vendor for violating licensing terms. The problem was that the company was running its software in a virtual environment on any number of servers in its data center, versus only the servers it had originally licensed the technology for.

This isn’t the first time I’ve heard of virtualization licensing terms being violated. A systems integrator told me that a customer had to pay Microsoft $300,000 after an audit of an application virtualization project. Apparently, the company was using Symantec’s Norton Ghost disk-cloning technology to create ghost images of four different desktop models. The company had licenses for four images, but they were being used by 800 users.

So how are vendors counting licenses under the virtualization model, and how can you avoid violating virtualization licensing terms?

Duncan Jones, a licensing expert and analyst with Forrester Research, gives some background in a recent report on counting virtual licenses:

For decades, many software vendors have licensed their products by hardware-based metrics such as server, processor, or device. The definitions they have used in their license agreements assume a permanent assignment of software to physical assets. The licenses are like labels that the operations manager can attach to a piece of hardware to say “this device is licensed to run Product A.” But the lawyers who wrote these agreements never envisioned today’s virtualized data centers. Increasingly, applications now run in software-controlled bubbles, called virtual machines (VMs), which usually cannot be permanently associated with the physical resources supporting them. This makes it hard for software vendor managers to ensure that their organization has sufficient license capacity — one can’t affix a license sticker on a virtual machine. If they’re not careful, these sourcing and vendor management teams may find themselves facing a large unexpected bill after a software audit.

Jones offers a few steps you can take to avoid violating virtualization licensing terms. These include:

  • Choosing to license products based on named users rather than processors;
  • Working with your vendor to retrofit your software licenses for a virtual environment;
  • And, simply favoring vendors with more enlightened licensing policies.

Burton Group’s Chris Wolf believes it is time for those serious about virtualization to get a third-party licensing management tool. IBM offers such tools, as does ManageSoft.

ManageSoft, for example, allows you to audit the software you have in a virtual infrastructure and maintains an online database that will validate compliance for the applications and operating systems running in a virtual environment.

License compliance is no joke, as those who’ve been fined can attest. The onus is on you to figure out what you need and work with your vendors on the terms you need.

Let us know what you think. Email me at

August 17, 2009  3:48 PM

CIO weekly wrap-up: Private cloud, NAC guide, Lean IT, virtualization

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Good morning! Last week, delved into private clouds, network access control in the enterprise, Lean thinking for IT and virtualization strategies. To learn more about any of these areas, check out the stories linked below.

Wary of public cloud, CIO builds private cloud and transition plan – CIOs reluctant to put cloud pilots into production are investing in private clouds with moves they can then take to the public cloud later. Read this story to learn how InterContinental Hotels Group managed the pilot.

Network access control: Security advice for enterprise CIOs – Network access control (NAC) is a method of improving the security of a proprietary network by restricting network resources to endpoint devices. But it’s not a one-size-fits-all solution. Read this guide and pick the best form of NAC for you.

Lean thinking for IT – Lean thinking is the process of incorporating Lean principles into an enterprise for better operational efficiency – and who doesn’t want that? This FAQ shows how Lean thinking works and how IT is benefiting from this improvement methodology.

Enterprises fill client virtualization gaps as client hypervisors bake – Learn how enterprises are mixing and matching virtualization technologies for the desktop as they await bare-metal client hypervisors from VMware and others.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: