November 4, 2011  1:20 PM

How does the relationship between the CFO and CIO actually work?

Linda Tucci Linda Tucci Profile: Linda Tucci

I don’t know many CIOs for whom the company’s CFO does not loom large. People responsible for what is often the business’s single largest capital expense don’t fly under the radar of the CFO, no matter whom they report to. But how does the relationship between CIO and CFO actually work?

When the CFO and the CIO get together, they both bring something to the table, but what is each one’s role in that meeting? How do the goals of the CFO for technology investments differ from those of the CIO? Do they value the value of IT to the business in the same way? And, if they do, does the CFO then loom less large? Who gets the final say on an IT investment? How do they relate?

That’s a mystery and CFO magazine hope to get the bottom of in an upcoming survey of CIOs and CFOs. Feel free to send me questions that might illuminate, preferably with multiple-choice answers.

One thing I already know is that the CIO-CFO relationship tends to be fraught. I was reminded of that at a recent dinner gathering of CIOs. Sparks flew when the reporting question was put to the table. There was some name-calling (eek!). Bean counters. Number crunchers. One MBA’d CIO claimed that most CFOs came up through the accounting ranks and knew less about business goals than CIOs. Glorified accountants! If the ambition is to make IT strategic to the business, CIOs need to answer to the CEO, period: That’s what the table more or less concurred, echoing what’s become the standard view.

The outcry was a nice setup for Faisal Hoque, the speaker that evening, there to talk about his management theories about how to get the business and IT to work together. He spells it out in a new book, The Power of Convergence. (Hint: the CFO can’t be the enemy.) I’m going to read it as soon as my editorial director lets me borrow his copy.

In the meantime, I heard what just may be the most interesting paradigm for the future of IT-business relationships from one of the guests, the CIO of a prominent architectural firm. She’s come to think of IT-business projects as serial movie productions: intense, immense collaborations among IT, the firm and its scores of partners — with the CIO as director! And the CFO’s role? Why, producer, of course. (So, who would be the assistant director?)

I’d like to hear about your relationship with your CFO. You can reach me at

October 31, 2011  9:07 PM

A cloud computing strategy requires a good offense and defense

Karen Goulart Karen Goulart Profile: Karen Goulart

A discussion among the CIOs at the recent Massachusetts Technology Leadership Council (MassTLC) summit on cloud computing strategies got me thinking about Eleanor Roosevelt. No, really.

Surely you’ve seen it on bumper stickers or tacked to a classroom wall — that ubiquitous inspirational utterance: “No one can make you feel inferior without your consent.”

At an event generously populated by cloud service vendors encouraging each other to ignore the CIO and sell to the business, what several CIOs said would have done the former first lady proud. According to the event’s preprinted agenda, the CIOs were there to chat about using Platform as a Service, or PaaS. Instead, they wound up championing the place of the CIO in the cloud and across enterprise IT.

In essence, they weren’t about to let the cloud services vendors make them feel inferior. Inspiring bons mots not your thing? How about a football analogy? These CIOs proved vendors can’t achieve a successful end run around your IT department if you’ve set up a strong defense. And better still, if you’ve put up enough offense to be ahead of their game already.

As with any winning franchise, staying ahead requires strong leadership and teamwork. Take Tom McLain, CIO at Old Mutual (US) Holdings Inc. His cloud computing strategy is focused on creating strong relationships with the company’s head of compliance and head of legal. As leaders, they set the ground rules for vendor interaction that are so necessary in their highly regulated industry.

There will always be “renegades” — the workers in the business who go off and find their own cloud solutions. But even in less strictly regulated spaces, there are ways to remain in control. One way is to play along with them. Larry Bolick, CIO at Boston-based Aquent LLC, noted that early adopters can actually be integral team players. Identifying those who are eager to get their hands on the latest app can be hugely important to your cloud computing strategy going forward. Bolick did this with a Skype pilot program years ago.

“Fast-forward to today, and those folks are out in the Google space trying all kinds of things,” Bolick said. Knowing they have support behind their exploration makes them less likely to sneak in their own solutions. If they discover something of potential value, he said, they bring it to him.

Another important thing to note about these CIOs: To them, “going cloud” wasn’t and isn’t drudgery, a chore or some sort of panic move. (OK, maybe there was a little panic there; the looming recession was a potent prod for many CIOs to adopt cloud services.) Rather, it was seen as a challenge, a problem to solve. And lo and behold, once it got rolling, they began enjoying the process.

This wasn’t simply creating and implementing solutions to save time and money. In fact, the act of going to the cloud was in and of itself an opportunity to be innovative. As a result, these CIOs are left with more time and tools to, yup, be innovative — and perhaps feel a wee bit superior.

October 27, 2011  9:04 PM

A CIO’s time is expensive; not every vendor relationship deserves it

Linda Tucci Linda Tucci Profile: Linda Tucci

An average 13.5% of your IT organization’s time is spent on vendor management and procurement. That’s based on Gartner Inc.’s recent polling of more than 1,300 organizations. It’s an activity, Gartner suggests, that takes too big a chunk of your staff’s time for you not to manage it strategically. And guess what? No matter how much of your time is devoted to managing the vendor relationship, it’s too much.

“Your time is very expensive. Your employees need that time. Your executives need that time — and vendors are consuming that time,” Gartner analyst William Snyder said. “Time is squandered.”

And it’s squandered on a relationship where data shows that the other party — your vendor — often has the upper hand. An average 50% of your vendors have key cards for access to your data center, according to Gartner’s research. Having a key card allows unfettered access to your staff, which means that these vendors almost certainly know more about your staff than you do, Snyder said. They have free rein to sell to your staff. “The key card is access into a sales goldmine,” he said.

As a way of regaining control of their environments, some CIOs have revoked all vendor key cards until they can determine which vendors need or deserve that access — a step Gartner does not necessarily recommend taking. What Gartner terms the dissymmetry in information in the vendor relationship, however, must be closed, or CIOs will be at a disadvantage in any dispute with vendors. Moreover, many vendors come into any disagreement knowing that switching vendors comes with risks and is not worth the hassle.

These cautions came up in a session at last week’s Gartner Symposium/ITxpo that was billed as a CIO guide to managing vendors. The session laid out the common mistakes CIOs make in managing vendor relationships, and offered what seemed to me a lot of practical advice for improving those relationships, for example, by:

  • Using lightweight crowdsourcing to develop a more objective view of the vendor. Rather than rely on one manager’s opinion, find 10 staff members who deal with the vendor, and poll them regularly over a period of time to develop a vendor scorecard.
  • Dealing with the vendors on their turf, not yours. You need to know as much about your vendors as they know about your organization. That means staying on top of how their companies are doing in the marketplace, changes in the executive ranks, and financial analyst ratings.

I’ll be looking at some of these mistakes and pointers in more depth in coming weeks, but here’s some food for thought in the meantime. Snyder’s big takeaway is that CIOs should not — repeat not — meet with all their vendors. It’s important that you meet with the vendors that make a difference to your organization. The CIO role carries weight. Use it effectively, he urged. “If you don’t use it selectively, what ends up happening is, you don’t have gravitas,” he added. “Reserve the power that is embedded in your role.”

Seems like wise advice.

Let us know what you think about this blog post; email Linda Tucci, Senior News Writer.

October 25, 2011  8:31 PM

Customer crowdsourcing a growing trend for product design?

Christina Torode Christina Torode Profile: Christina Torode

I recently heard an interesting twist on crowdsourcing. It wasn’t about the marketing group combing social media sites for new promotional ideas, or businesses having online contests to gather new product ideas from consumers. It was about CIOs and their business peers gathering with customers to come up with new products and services.

Called customer crowdsourcing by some, the idea is to get customers involved in the product and services design process. Now, this is nothing new for software vendors. Customers are often involved in the development and patch cycles, especially in these days of frequent Software as a Service release cycles. What I haven’t heard of as much, until recently, is a push by businesses outside the technology area to involve customers in product design and conceptualization. Talk about having the inside scoop! These customers are being treated almost as extensions of the product maker’s workforce.

Harvey Koeppel, executive director of the Center for CIO Leadership in New York, brought the subject up recently during a call with The center taps its 2,100 members to conduct research on the latest permutations of the CIO role and technology trends. He said that customer crowdsourcing is a “hot topic” among his members, and one that we will surely be hearing more about from CIOs.

So I asked the very next CIO I talked to, Frank Wander, CIO of Guardian Life Insurance Company of America. And sure enough, Frank said that Guardian was hip to crowdsourcing — actually for some time now. While the company is not using a crowdsourcing platform or system to collect data, he told me that gathering input from customers has been part of Guardian’s product development process for years.

“Through sales, we’re always hearing what the customers are asking for,” and those ideas are incorporated in the development process, he said.

I’m wondering just how involved customers are becoming in the product design process — outside of software development. There are crowdsourcing vendors that will connect you with thousands of potential customers online for new ideas. But will we soon see a crop of crowdsourcing platforms that automate the collection of your own customers’ ideas?

It’s already interesting to watch the effects that the consumerization of IT is having on the way technology is now delivered to employees. Perhaps customer crowdsourcing will fundamentally change the way companies develop new products. If anything, it’s another opportunity for CIOs to foster and automate such a process, and directly contribute to the company’s bottom line.

Let us know what you think about this blog post; email Christina Torode, News Director.

October 21, 2011  2:35 PM

Technology priorities of CEOs not lining up with those of CIOs

Christina Torode Christina Torode Profile: Christina Torode

The technology priorities of CEOs and those of CIOs differ greatly as those executives move into 2012. That difference is largely due to uncertainties surrounding the economy, a talent deficit, and fluctuating pricing for goods and services. Such was the buzz this week at the Gartner Symposium/ITxpo in Orlando.

Cloud computing, social media and mobility are top of mind for many CIOs, but CEOs are more concerned with traditional IT investments — think ERP and customer relationship management (CRM) — according to a Gartner survey of 220 CEOs employed by large organizations around the world.

“Mobile, social, cloud, and the nexus [of the three] — CEOs in midsized to large global companies don’t understand those words,” said Mark Raskino, Gartner Fellow in the research firm’s executive leadership and innovation group. “They do not volunteer terms like [cloud or social], and they do not understand how such concepts transform the fortune of their company.”

What these business executives do understand is that ERP helps them run the business and CRM helps them win new customers, Raskino said. In fact, anything related to customer wins is the top priority of the CEOs surveyed.

Another discrepancy in terms of priorities? Talent. CIOs are not very concerned about a talent deficit, while CEOs list it as a top concern. “Even though it may not be a top concern for you, it is for your business leaders and you need to be aware of that,” Raskino warned CIOs. CEOs are concerned that too much talent is tied up in a few midrange experts who do most of the work. They would like to see this talent spread out more across the employee base, and technology is one way of making that happen, he said.

The good news is that boards of directors’ expectations of IT are rising, and they are putting that focus on the CEO, who will need to work hand-in-hand with the CIO to figure out how technology will provide a competitive advantage.

“Board members are not saying, we need more social and mobile; but they do have a sense that IT is what helped us become more productive following past recessions in the ’80s, ’90s and 2001,” Raskino said.

Here’s a rundown of CEO top technology priorities for 2012:

  • ERP.
  • CRM.
  • Specific business-line applications.
  • E-commerce expansion.
  • General IT modernization.
  • IT infrastructure improvements.
  • Business mobility as it relates to major platforms.
  • Business intelligence.
  • Supply chain management.
  • Security.

Yet another discrepancy? Business intelligence often ranks among CIOs’ top priorities in Gartner surveys, but BI technology was much farther down on the list of CEOs’ priorities.

In the end, CIOs need to help CEOs recognize the need for such newer technology concepts as the cloud, mobility, grid computing and business process reengineering, Raskino said. IT executives have to do this because they are the ones who will make it possible for their businesses to increase productivity, create growth and help solve our economic problems.

October 21, 2011  12:30 PM

Spying on top-secret documents through the camera in a company iPad

Linda Tucci Linda Tucci Profile: Linda Tucci

I have information about a company iPad and a security risk that you should know about. It came from a man in a military uniform at the Gartner Symposium/ITxpo that wrapped up in Orlando this week.

Now, it’s rare for me to hear something at an industry conference that makes me freeze in my seat, hold my breath and hope to hell no one notices I’m taking notes. But that was the case at this conference’s CIO Town Hall on mobility, where the audience was encouraged to talk about issues related to mobile computing.

For talk they did — about the financial costs associated with “bring your own device” versus company-owned mobile devices, for example. About disaster recovery for mobile devices. About the relative merits and shortcomings of the mobile device management vendors out there. (P.S.: Just because your name is Good doesn’t necessarily mean everybody thinks you are.) Whether virtualizing desktops is the answer to making mobility work in the enterprise. Whether it is the CIO’s job to give employees the device they want.

Click on the links and you’ll see that these are issues we’ve tackled on this year, as mobile computing is reshaping — at warp speed, it sometimes seems — how IT provisions and supports the technology employees use to do their jobs. But let me tell you, it was edifying to hear first-hand, nuanced accounts from CIOs across many industries about these topics and other problems we haven’t even considered — it was eye-opening, actually. People were not afraid to raise a problem and say they didn’t know how they were going to fix it. When Gartner Inc. says it’s early days for mobile computing, it’s right. The CIOs’ concerns revealed how few standards and best practices currently exist for managing the growing portfolio of consumer devices that are taking over enterprise computing. My promise is to keep tackling these problems one by one, in as much depth as possible.

Now, about the man in the uniform. I was too far away to see a nametag. I wouldn’t give his name anyway, given what came out of his mouth. Let’s go to the tape: The new chief of staff for a branch of the military came in with an iPad and wanted to use it. And so, the security folks for this military service decided to show him how unsecure it was. They hacked his iPad and were able to see a classified document on his desk through its camera. That woke him up, the man in the uniform said. He passed it along as a useful bit of intel for CIOs for when their CEOs demanded iPads.

On another note, I had a birthday yesterday, one of those ones that husbands can’t ignore, so my spouse dutifully stepped up. Guess what I got? Fortunately (or unfortunately for my career as a news reporter), I don’t have any secret documents on my desk.

October 14, 2011  3:10 PM

Fear of vendor lock-in is legitimate cloud concern — don’t be bullied

Linda Tucci Linda Tucci Profile: Linda Tucci

Although security and compliance are the risks IT professionals point to first when they’re asked why they have bypassed cloud computing, bigger issues loom. Vendor lock-in and interoperability are what you really should be worrying about, according to cloud users and cloud providers at a cloud computing summit in Burlington, Mass., yesterday that was put on by the Mass Technology Leadership Council.

“This is a big issue in cloud. I would caution everybody in this room, as a potential Internet service provider or as a consumer, not to get caught in this trap, because what is going on here is that everybody is creating their own standard for what the cloud stack looks like,” said Michael Skok, general partner at North Bridge Venture Partners in San Mateo, Calif., referring to findings from interviews with some 400 high-level IT professionals and IT vendors. His prediction?

“I think you will see efforts like the OpenStack initiative become more popular, or you’ll see de facto standards coming from players like Amazon. But you’ve got to watch for this, because it is not going to be easy to navigate as we work towards these standards that are emerging.”

Now, it just so happens that North Bridge Venture Partners is an investor in two successful young cloud-based computing companies that have bent over backwards to make the issue of vendor lock-in and interoperability moot. One is Acquia, the commercial open source software vendor for the Drupal open source Web development platform. Drupal is used by some of the biggest and busiest websites in the world, among them the White House and the Al-Jazeera network. Acquia’s cloud infrastructure and services help these users manage, monitor and scale their Drupal platforms. The other company, Demandware, is an e-commerce software technology company whose customers include Lands’ End, New Balance and Barney’s. Demandware provides a Software-as-a-Service/Platform-as-a-Service offering that lets retailers control “everything about their Web and mobile presence,” CEO Tom Eberling said.

‘Open SaaS’

To address fears over vendor lock-in, Acquia, for example, offers something its coined “open SaaS,” said Chris Brookins, vice president of engineering and product management. “It’s not just about being able to get access to your data — which there has been a lot of talk about, with Facebook and Google — but it is also about the freedom and ability to leave our SaaS at anytime. You can take not only your code that powers the site, but the database; all your files; and effectively, if you feel too constrained by the SaaS, you can leave and host it yourself, hopefully on our PaaS,” he said.

A risk? Sure, Brookins said, when I caught up with him after the panel. But one that has paid off handsomely: “What we have found it that by eliminating that barrier to adoption — that fear that I might be locked in forever — we’ve had significant growth.” The company hosts 60,000 sites and enjoys 100% year-over-year growth. It also apparently offers a product that’s hard to refuse: Metrics show that even when customers leave, they are back in about a month.

“Our value proposition is: how do we effectively run their sites, scale their sites and add features at a pace that they couldn’t possibly do themselves for them –and, in way that they have the upside value but they don’t have any of the fear,” Brookins said.

October 11, 2011  11:56 PM

Five reasons enterprises are adopting Agile practices

Christina Torode Christina Torode Profile: Christina Torode

I’ve been talking to CIOs about Agile practices and why they decided either to do away with traditional project management methods like waterfall, or combine Agile with lean methodologies.

What their answers came down to was that employee and customer expectations are changing and that in turn, the business has to change. Customers have come to expect Web-based services, and they want them now. That means that IT has to swap out older systems and business processes quickly. Employees don’t want to wait four years — or even four months — for new features and fixes to be rolled out. It’s about giving the business a competitive advantage through faster IT deployments.

If that isn’t enough to convince you, Alex Adamopoulos, CEO at New York-based Agile consultancy Emergn, whose clients include British Airways, British Telecom and Standard Life, has five more reasons for adopting Agile practices:

  1. To stop project paralysis: Agile translates into faster feedback and faster delivery. That means that IT delivers projects that keep up with the pace of the market and customer expectations.
  2. To accommodate change: Plan for change with Agile, instead of protecting the process and focusing on mitigating the risk of inevitable change.
  3. To make room for innovation: Agile allows for employee creativity and better idea management, which is often stymied by heavier processes.
  4. To improve the work environment: Agile enables companies to invest in their people and to “up-skill” them. As a result, Agile leads to happier, more productive employees who in turn feel more passion and ownership towards their work.
  5. To give the businesses transparency and control: Agile lets businesses identify where the greatest value exists in the organization’s portfolio of projects. Thus, Agile improves overall quality in delivering any type of project in the organization (IT or business related).

Let us know what you think about this blog post; email Christina Torode, News Director

October 7, 2011  1:50 PM

Kraft Foods foretells how we will work in the digital age

Linda Tucci Linda Tucci Profile: Linda Tucci

I’m used to working from anyplace and (sigh) anytime. Getting to work usually involves guzzling coffee rather than driving my gas-guzzler to the office. But I am employed by a publishing company that was born in the digital age and produces content for online consumption. When a business the size and maturity of Kraft Foods ($49 billion in revenue, 108 years old, operations in 75 countries) decides that it’s in the company’s best interest to untether its employees with mobile devices and virtual communities, how we work in the digital age is no longer about some future state of knowledge workers. It’s mainstream.

If you have any doubts, this maker of real things (Oreos, Oscar Meyer hot dogs, Trident and Tang) is trying to turn this digital state of working into a commodity with its own internal brand name and slogan — as you’ll read about in my story next week on Roberta Cadieux, director for information systems service delivery at Kraft, recounts the IT department’s efforts to harness the mobile gadgets and ubiquitous networks that employees increasingly take for granted into a coherent IT-business strategy — and the difficulty of selling the strategy (as opposed to the gadgets) to employees.

The transformation of how work gets done at Kraft extends to its physical offices, where “open innovative spaces” are replacing traditional cubicles and offices. The rank and file no longer are assigned desks. Employees can work from wherever when they are in the office. Wall-huggers — people who have worked at Kraft for years and feel they’ve earned the right to a corner office — have been given glassed-in rooms — fishbowls — but the occupants are increasingly “being challenged why they need them,” Cadieux said. Persuading people to change how they work has been hard, she added — so much so that she said she would like to go into the change management field.

One of the aspects of Cadieux’s job that does not get much play in my upcoming piece is her involvement with Kraft’s facilities people. She told me she worked hand-in-glove with Steelcase, the office furniture giant, to design the space, even walking into the office on Fridays to see how many people were there (usually almost half empty). As Cadieux was telling me about working with office designers, it occurred to me that one interesting spin-off is that IT will play a bigger role in the design of not only the IT architecture but also the physical space that employees inhabit.

October 5, 2011  5:49 PM

Cloud security concerns will be passé, Gartner analyst says

Karen Goulart Karen Goulart Profile: Karen Goulart

Neil MacDonald wants you to stop worrying and love cloud service providers.

This Gartner Fellow is putting in a tall order. Look at any survey of CIOs and IT professionals regarding cloud computing, from its buzzy emergence up until, oh, this morning, and you’ll find that cloud security concerns sometimes outweigh all other cloud concerns combined.

For one, in a recent CompTIA survey of 500 IT and business professionals and 400 IT firms in the United States, 65% of respondents said that security is the area of cloud computing most in need of clarity.

To these folks, MacDonald says, Get a grip — or better yet, let go.

The big cloud service providers think differently about information security — and that’s a good thing, MacDonald told a virtual audience of CIOs and other IT folks during a recent Gartner webinar on cloud security. When it comes to information security, anything you can do, cloud can do better. Or soon will, he said. How exactly are cloud service providers better than you at information security? According to him, here are the new and improved ways big-name cloud service providers like Google, Microsoft and think about security:

  • They assume machines will fail, so they focus on resilience. “That’s their focus, it’s a delivery of an outcome independent of failure of the individual elements,” MacDonald said. “And that is quite a change in mind-set from traditional IT operations and IT security, where we try not to have any breaches or any failures.”
  • Their security is baked in, not tacked on. Be it the shift from mainframe to distributed computing or from PCs to networks, security has always been an afterthought on the part of the provider and the user — until now.
  • They have shifted to software-based, automated security controls. Most security issues can be traced back to human error, but automation eliminates the possibility while freeing up security professionals to focus on “the higher priority” of creating security policy.
  • They take more responsibility than many of your other vendors for delivering outcomes. If you’ve never looked at the end-user licensing agreement for, say, Microsoft Exchange, here’s the short version: Install at your own risk; it might work, it might not. The online service-level agreement looks a little different: It promises 99% uptime or you get a 25% credit.
  • They force users to think about outcomes. Fixating on “the bottom of the stack” — hardware, networks — is more about the illusion of control than real security. The focus should be on the top of the stack.
  • Their offerings tear down IT silos. Network, storage, server and desktop can organize around security, retaining each group’s skill sets and enhancing agility.
  • They employ better people and deploy higher quality controls. Does your on-site data center have palm readers or retina scanners at its entrances? Didn’t think so.
  • They embrace change. Most IT folks hate change, especially in the form of patches and updates. Cloud service providers embrace it.
  • They view security as an adaptive service. Rather than a set of silo products, it is delivered as an on-demand set of services.

The thing is, though, not every cloud service provider is Google or Microsoft. Not every data center is going to be built on its own island. It’s vital to ask probing questions and create a strong RFI or RFP. Chief among your inquiries, MacDonald suggested, should be not just how your data is protected and how it is segmented between fellow cloud-dwellers, but also who has access to it. (Will you trust your cloud administrator?) A lot of innovation is happening with data encryption in the cloud, he said, that might allow you to hold the keys to your information instead of an unknown admin. Don’t be satisfied with answers alone; ask to see the evidence. And while they probably won’t tell you, it wouldn’t hurt to ask, “Where is that island, exactly?”

Being that this was an online chat, there was no way to gauge audience reaction, so I’m wondering what you think. Does the idea that cloud service providers are approaching security in a different way change your thoughts about cloud computing? I’d like to hear your thoughts.

Let us know what you think about this blog post; email Karen Goulart, Features Writer.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: