April 27, 2010  8:07 PM

Business continuity strategies not shaping up in cloud

Christina Torode Christina Torode Profile: Christina Torode

I’ve been talking to business continuity and cloud experts over the past few days to find out if large companies are revamping their business continuity strategies as a result of the cloud.

For the most part, the answer was no. Enterprises are not rushing to get rid of hot, cold or primary sites, despite how much it costs to maintain them, to replace them with a site in the cloud.

The undertaking is potentially enormous, just in the planning stages, to make sure your architecture can even be replicated in a cloud environment, they said.

It is not inconceivable that large companies’ business continuity strategies will shift to the cloud, even as a means of housing their primary data center. The cost benefits could be equally, well, enormous, in terms of closing the physical building housing the data center. The cost of maintaining the data center’s power and cooling systems also goes away, along with hardware upgrades and the IT staff that maintains the data center.

Dave Linthicum, an independent consultant, said his clients’ future plans could involve a reverse data center model in which their primary data center would live in the cloud and the secondary site would be maintained on their own premises, or even on yet another cloud provider’s premises.

Still, we’re talking distant future here. Backing up applications in the cloud is a no-brainer, experts said, but backing up an entire infrastructure is not. It’s just too hard to replicate such an environment down to specific configurations within a cloud environment.

Does your business continuity strategy involve the cloud, or are there too many unknowns? Email me at

April 26, 2010  5:31 PM

CIO weekly wrap-up: Sony floppy disks going the way of the dinosaur?

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

It’s the end of an era — or is it? Sony has announced that it will stop manufacturing floppy disks in Japan. Point: USB drives. However, the company did sell more than 12 million Sony floppy disks in 2009, so maybe we shouldn’t be tossing them in our time capsules just yet.

You’ve undoubtedly heard about the Apple engineer who misplaced the prototype of the next version of the iPhone, which landed in Gizmodo’s lap. On our sister blog, CIO symmetry, read about how the lost iPhone is a lesson in chain of custody and data loss prevention.

While you’re reading these, also be sure to check out the latest stories:

Getting users to buy into a business intelligence strategy — Marketing savvy is but one skill CIOs need to sell a business intelligence strategy to the business. What else do you need to know?

Gartner’s take on emerging business intelligence technology – Who doesn’t love a good list? This one points to tools that could finally bring BI usage into the mainstream.

CIOs weigh use of social media against security concerns — CIOs are trying to balance the business use of social media with their concerns about security, as policies and security tools fail to keep pace with the adoption of social media.

April 23, 2010  2:11 PM

Antivirus software update goes rogue, corporate email security scares

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Wednesday was a busy — read: frustrating — day for many organizations using McAfee Inc.’s antivirus software or Google Inc.’s Gmail. Problems with the two popular services raised concerns about the potential downsides of automatic antivirus software updates, and could cause some CIOs to reassess their corporate email security policies.

I learned about these problems through my network. On Wednesday at 2:30 p.m., a friend in New Hampshire returned my email from that morning, apologized for the delay and explained, “Apparently there was an update for McAfee that went out and was thought to be a virus. It caused all of the computers here to shut down. We couldn’t do anything from about 11 a.m. until just now. The IT people who came around to fix it said it was a McAfee issue and that it affected all users globally.”

That turned out to be a pretty accurate explanation, as CNN reported that a buggy McAfee antivirus update “turned the software’s formidable defenses against malicious software inward, prompting it to attack a vital component of Microsoft Windows.” In addition to my friend’s business, the University of Michigan’s medical school and the Lexington, Ky., police were affected, some jails canceled visitations, and Rhode Island hospitals turned away non-trauma patients at emergency rooms and delayed some elective surgeries.

The Wednesday damage wasn’t done, however. That evening, an editor friend of mine tweeted,”#gmail is being hacked. anyone else receiving e-mails from friends with links and weird subject lines?” Sure enough, later on that night, I received a spammy-looking email from a friend’s Gmail address, which I quickly deleted.

(Aren’t I lucky to have such a Web-savvy group of friends to pass this information along quickly?)

The cause hasn’t been determined, but Google is wondering whether hackers are accessing user accounts via a bug in Gmail’s mobile interface. And this comes on the heels of reports that the attackers who breached Google’s system last year gained access to computer code for the software that authenticates users of Gmail, Google Calendar and other online programs.

If this is April Fools’ Day coming three weeks late, it’s not too funny. These are two very different cases, but they both funnel down to the sorts of issues CIOs contend with daily: antivirus software updates and corporate email security. It’s especially disconcerting for enterprises that have moved their email into the cloud with Gmail, where hacks like this one could border on disastrous.

Was your organization affected by either the McAfee antivirus software update problems or the Gmail hack? Is it corporate email security scares like this one that prevent you from pursuing cloud email in the first place?

April 22, 2010  9:33 PM

IT exec gets muzzled on use of social media, security

Linda Tucci Linda Tucci Profile: Linda Tucci

For my story today on how CIOs are balancing the use of social media at their companies and security concerns (with great difficulty, BTW), I discovered something that all of you probably know. The business is touuuchy about talking about its use of social media, especially when coupled with the word security.

As I mention in the article, a number of CIOs I contacted for the story declined to be interviewed. A couple said their organizations were not into social media, or they were too new to the whole phenomenon to speak knowledgably about useful security tools. Fair enough. More startling was what happened to an IT executive I contacted whose HR and marketing departments are using social media. He used gateway security software from Websense as one line of defense and could talk about why he liked it.

Not so fast.

In the space of a few hours, my five innocuous questions got vetted up and down the executive ranks, from the head of communications to the head of marketing and over to the CIO. The communications department sounded the alarm, arguing that really “very few of our employees have access to social media sites.” That fiction fact, “coupled with the fact that our own practices and policies are still in the early stages of development,” made the interview request problematic, according to the marketing executive. “I think these would be very difficult questions to navigate.

“And I certainly would avoid Q.5 ….” he said. Moreover he was “not really sure how much information on this topic we want to share externally at this point in time.” Even an industry trade story could get read by “consumer reporters and bloggers,” and thus out to “other media.” An hour later, yet another higher-up sent out the official kibosh: “We do not wish to participate in this interview.”

To be fair, this organization was not the only business to nix the request. (Motorola was not interested, either.) And I understand that CIOs and CISOs may have to avoid publicity when it comes to security measures. But social media? For business purposes? Who knew.

Here, by the way, is the notorious Q5. (OK, it is a little out there.)

5. Even with education programs, there will always be employees who, through maliciousness or laziness, pose a security threat to the business. Whose job is it to police these people? And are CIOs/CISOs and other technically trained people equipped (or should be expected) to deal with the human dimension in security?

April 20, 2010  7:07 PM

Gartner’s take on emerging business intelligence technology

Christina Torode Christina Torode Profile: Christina Torode

The most tangible success measure of business intelligence technology is usage — and mainstream BI just isn’t there, and won’t be for some time, according to Gartner analyst Kurt Schlegel. The pronouncement came during a presentation at the 2010 Gartner Business Intelligence Summit in Las Vegas last week.

He’s predicting that this will change, however, given a boost by nine technologies that he believes will put BI usage on the same mainstream usage trajectory as that of the Internet.

Before 1993, few people used the Web, but technologies such as broadband, Web browsers and search engines changed all that. These technologies gave people ubiquitous access to information. Then Web 2.0 technologies came along, turning Web surfers into content creators, he said.

Schlegel believes emerging business intelligence technologies such as columnar databases, interactive visualization and scenario modeling, among others, will allow users to follow a similar adoption path for BI.

Here’s a rundown of the nine technologies Schlegel predicts will kick-start mainstream BI usage:

In-memory analytics: DakotaCare, a small managed health care network provider in Sioux Falls, S.D., was able to compress 140 million records with hundreds of columns of data on every claim paid since 2001 into a QlikView server. The server was on an x64 dual-core Xeon processor with 12 GB RAM.

“That is not a huge amount of memory,” he said. In-memory analytics are offered by niche players such as QlikTech International AB, as well as big BI vendors such as SAP.

Columnar databases: This lets you store data by columns, rather than rows. A columnar-based approach for data storage is better for data analysis, and, in turn BI, because it’s well-suited for complex queries of large amounts of data. Vertica Systems, Sybase Inc. and ParAccel Inc. are a few vendors in this space.

Cloud services: As BI evolves, companies will start to tap data from outside sources. He predicts that a group of SaaS providers will aggregate and offer data analytic services to fill this need in the cloud.

Interactive visualization tools: Many vendors such as Tableau Software, Tibco Software Inc. (with Spotfire) and Advizor Solutions Inc. display multidimensional data on a 2-D screen. Today, users don’t have to just look at static pie charts, but interact with them by drilling down into individual pie wedges. On top of that, users can interact with a variety of reports or heat maps and geographic maps. “These are tools that require no training — you don’t have to be brainiac number crunchers to use them,” he said.

BI integrated search: The concept: putting a search engine interface on a BI platform and being able to do ad hoc queries seems simple enough. This would really bring BI to the masses, but there aren’t many companies using this technology in production yet. Schlegel likes the idea of using the Internet as an index that spits back query results, but … “I don’t have any warm fuzzies about this technology yet. I just don’t have the [customer] references for this technology.”

Mobile BI applications: “The ubiquity of [mobile devices] makes me believe that this has got to happen.” He thinks there will be a huge explosion of analytic applications to the iPhone. For now, the most users can expect are static reports.

Data mashups: Let’s just say this is coming if Microsoft has anything to say about it. Microsoft PowerPivot for Excel comes out next month and will give users a free tool to download up to 100 million rows of data from different sources. Microsoft aside, users are going to grab hold of the ability to mash up data sources to create their own content. The best bet is to create sandboxes, or isolated areas, in which users can play and not prohibit the use of such tools, he said.

Scenario modeling: Is great for what-if scenarios: What if we moved sales to another region? What if there is an economic recession? Companies have to rely heavily on IT to go in and create alternate scenarios, but with scenario modeling, more business users can create their own what-if scenarios. Toyota is a classic example of why what-if scenario analysis is needed, he said, given its recent product quality issues.

Analytical master data management: IT typically tells the business what dimensions are being measured across a company and how they are being measured. In the future, Schlegel believes, users will be able to create their own data modeling environments and measures, submit those measures to an approval process and not have to rely on IT to make changes. Some tools that are starting to enable this capability include Oracle Hyperion Data Relationship Management and IBM Cognos Business Viewpoint.

This is a lot to take in, when many companies already have several BI tools in place and are looking to consolidate. Many are also grappling with how to get BI in the hands of everyday workers, although several of these technologies seek to address this dilemma.

Email me at to let me know what technologies are on your radar.

April 19, 2010  5:26 PM

CIO weekly wrap-up: Cloud computing strategy, Gartner on BI and more

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

I’m watching the Boston Marathon with one eye this afternoon, and catching up on the latest tech news with the other:

A keyboard on your hand sounds like sci-fi, but a former Microsoft Research intern has developed a working prototype called Skinput that does just that.

Next up in microblogging: Adding Twitter annotations. Will this change the way you Tweet?

Also check out the most recent stories from, dealing with identity management in cloud computing, the newest BI strategy approaches, cloud computing strategy and social media risks and benefits:

Identity management in cloud computing courts enterprise trust — Identity management in the cloud is a hot button: Enterprises are concerned about its security, but are attracted by the cost savings and management efficiencies it presents.

Gartner Business Intelligence Summit: New tech vs. old-school strategy — Gartner Business Intelligence Summit attendees are focused on establishing a BI strategy, recouping investments in existing BI tools and looking into emerging technologies.

Crafting a cloud computing strategy that covers cost and compliance — Our CIO columnist consults his peers about a cloud computing strategy that addresses cost, compliance and security concerns. Does cloud computing fit into his business needs?

Monitoring the benefits of social media, and the risks — Are there benefits to using social media in business? Of course, but it’s up to CIOs to understand the risks and help their company rethink its social media policies.

April 16, 2010  3:13 PM

Don’t be a horror story! Why social media policies matter to the CIO

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Although social media technologies aren’t generally a focus for, two stories this week highlighted some reasons why CIOs need to establish strong social media policies to monitor their staff’s Facebook, Twitter and other social media usage — or face the consequences.

You’re probably well aware of the benefits of social media in the workplace. They can function as excellent recruiting tools for HR, serve as user-friendly collaboration platforms for staff and boost a company’s customer outreach (McDonald’s, for instance, hired its first social-media chief this week.).

But CIOs must also consider social media’s pitfalls, especially if they haven’t drafted social media policies to guide their staff. According to Senior News Writer, Linda Tucci, IT consulting firm Burton Group Inc. pointed to these risks associated with compromised social media accounts in the workplace:

  • Malware, phishing and spoofing
  • Impersonation and blackmail from malicious outsiders
  • Denial of service, security failures
  • Jurisdictional issues over privacy and compliance from social media platform operators

Meanwhile, over on our sister site, News Writer Jessica Scarpati zeroed in on compliance concerns. According to the survey “Usage Trends, End User Attitudes and IT Impact from FaceTime Communications Inc., a unified communications security and compliance vendor, when asked if they could reproduce social network communications if required by an attorney, 65% of IT managers said they could not.

And although 77% of enterprises said they archive emails, only a fraction (19%) logs communications via social networks; 13% reported archiving tweets, the survey found.

The story also cites several good examples of social media gone wild in the workplace, as well as the fallout. Perhaps most shocking? Two nurses were fired from a Wisconsin hospital last year following allegations they had taken pictures of a patient’s X-ray — which showed an object lodged in his rectum — with their cell phone cameras. One nurse was accused of posting the photo to her personal Facebook page (she later deleted it).

Now, tell me whether you’ve seen the phrase “lodged in his rectum” in any other IT story you’ve read this week. (Actually, please don’t tell me, as I’m not sure I’d want to know the details.)

Do you have your own social media horror story to share? Or has your company established social media policies to clamp down on security and compliance concerns?

April 16, 2010  2:09 PM

CIO careers: Seeking legal experts

Christina Torode Christina Torode Profile: Christina Torode

Of all the conversations I had with attendees this week at the Gartner Business Intelligence Summit in Las Vegas, it was actually one with Gartner analyst Debra Logan about CIO careers that surprised me the most. Logan is finding that more enterprises are hiring CIOs with legal expertise. Some are even hiring lawyers as their CIOs.

One big oil company that she advises hired a lawyer as its CIO because it views information as a risk, and in turn wanted someone who understood the risks involved in data management.

Apparently the role of the CIO, particularly those in heavily regulated industries, truly is becoming one of an information manager, as opposed to a keeper of technology, she said. As such, enterprises want a CIO who understands the legal ramifications of information dissemination and one who can establish policies and controls that will help avoid lawsuits.

There are several factors driving some enterprise to hire legal experts as CIOs, and, granted, this is coming from Logan’s view as an e-discovery expert. But for one, regulatory agencies are much more active now in changing and enforcing the rules of e-discovery.

“This is really causing legal people to ask ‘Just what is in that 27 terabytes of information? What’s going to come back to haunt us?’” she said, adding that a recent conversation with a lawyer informed her of a new set of changes coming down the pike from the Federal Rules of Civic Procedure on e-discovery.

As a result, enterprises want to start producing data far before a subpoena or a case is brought against them — the number of lawsuits has risen during the recession, because, unfortunately, it’s a way to make money, she said.

She’s not saying that the future CIO role is all about legalities. It’s more that CIOs should view themselves as information guardians, and managing information entails the ability to manage risk.

Although, it doesn’t hurt if you do take a legal course or two. Gartner, after all, recently sent one of its analysts to a course called Legal IT at the John Marshall Law School.

Read more on what attendees at the Gartner BI Summit had to say about their BI direction and technologies on their radar. BI coverage in coming weeks will touch on developing a BI strategy, emerging BI technologies and how Gartner rates the capabilities of the big BI vendors: IBM, Oracle, SAP and Microsoft.

April 12, 2010  4:08 PM

CIO weekly wrap-up: Tweetie app acquired, iPad clones and cloud news

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Twitter exploded over the weekend with reports that the microblogging platform had acquired Atebits, the maker of the Tweetie app for the iPhone and Mac, leading other Twitter app developers to freak out over the implications. Meanwhile, word on the streets is that Google is looking to build an iPad clone – another clash of the titans that will continue to entertain long after the film leaves theaters.

At, we’re welcoming a new features writer, Laura Smith, into the fold, and we’re so lucky to have her! Check out her pieces on cloud computing interoperability and security, as well as Senior News Writer Linda Tucci’s piece on the CIO role in an M&A:

Cloud interoperability standards aim for vendor independence — Standards groups are developing cloud interoperability, portability and security standards in an attempt to ease the switch from one cloud provider to another.

Cloud security best practices foster rapid deployments — CIOs are developing their own cloud security best practices, such as auditing, risk assessment and contractual obligations, while the cloud industry plays catch-up.

Role of CIO in mergers and acquisitions in focus as M&A activity rises — With mergers and acquisitions expected to rise in 2010, the role of the CIO is increasingly important. In M&A activity, what separates successful from unsuccessful CIOs?

April 9, 2010  2:36 PM

Computer hardware upgrades and iPhone OS 4: When software spurs buying

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

As an iPhone 3G owner, I was very excited to hear about the Apple iPhone’s newest operating system, the iPhone OS 4 software upgrade, planned for deployment this summer. Actually, I’ve never felt that my iPhone was lacking because I couldn’t run simultaneous applications, but I must admit I’ve been impressed by friends’ smartphones that provide sports scores, let users write e-mails and cook a five-course brunch — all at once.

My anticipation quickly dissipated when I learned that many iPhone OS 4 features — including, most notably, multitasking — wouldn’t filter down to the 3G (nor to the original iPhone and iPod Touch versions that preceded it). Yes, I might still have access to application folders (so I won’t need five full screens of apps) and the upgraded e-mail functions, but no multitasking for me. I immediately started to consider whether the software update would make it worth my while to trade up to a snazzy new iPhone this summer, 3GS or otherwise. TBD. Let’s see if my tax refund materializes.

It dawned on me that this is what enterprise CIOs must debate when it comes to computer hardware upgrades, and I expect the issue to be particularly pertinent in 2010. A recent Morgan Stanley survey of 150 CIOs found that technology budgets will be up 3.2% in 2010, a 1.5% increase from January, when the same survey was done. Computer hardware upgrades lead the spending spike, with a planned 4.1% increase, followed by a 3.7% increase in software spending.

I suspect a lot of this jump represents delayed demand. Many enterprises held off on computer hardware upgrades last year, when the recession was in its deepest doldrums, as they hunkered down and did more with less. Why buy new desktops when the old ones would do?

But while hunkering down and holding the line might have worked in 2009, it likely won’t fly in 2010, when companies are under increasing pressure to not only survive, but to show increasing revenues as well. So, what happens if a new software or delivery model is the key to building your revenue, but you don’t have the hardware to support it?

I’m guessing a simple tax refund won’t be enough to buy all those new desktops or laptops in your organization. What’s your strategy for computer hardware upgrades in 2010?

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: