September 3, 2009  8:02 PM

Gmail outage raises issue of control

Christina Torode Christina Torode Profile: Christina Torode

While talking to an IT director about Google’s Gmail outage yesterday, I realized that it wasn’t so much the outage itself that bothered him (his organization does not use Gmail), but the sense of not being in control of a cloud computing environment.

Billy Rials, IT director for Rankin County in Mississippi, wants his throat to be the only one that public officials come after when something goes wrong.

He’s responsible for the IT that runs seven cities and knows his data center environments inside and out. He said the environment is no utopia, but he believes they are getting closer every day by adding more and more virtualization technologies for servers and desktops.

“What do I say when an official calls me and ask what’s wrong: ‘I don’t know, something is going on with the cloud provider’?” he said. “It should be my responsibility, and bringing someone in from the outside … I have no control or the authority that I think I should have.”

Then there’s the fear factor of other people you don’t know having access to the infrastructure that runs your stuff. At least in your own data center you know that Joe was the last one to work on server X, so if something goes wrong you ask Joe.

There’s a sense that your environment gets lost in the cloud. At shows I’ve heard people asking how they can find their data, servers, you name it, in a cloud computing environment.

These are people who are trying to keep track of virtual machines in their own environment. The thought of the complexities added by trying to track down what’s going on with an application on a virtual machine in someone else’s environment is a road they don’t want to go down.

There are those fully embracing cloud computing, of course. They consider it to be no different from the risks they faced with outsourcing or colocation. The ROI or cost savings is worth the risk of an occasional outage, and even giving up a little control. And after all, how often do your email servers go down within your own four walls?

Let us know what you think — email me at

August 31, 2009  2:50 PM

CIO weekly wrap-up: IT disaster recovery value, technologies, budgets

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Good morning! delved deep into IT disaster recovery this past week, looking into strategies for making the case for the value of disaster recovery, how technologies are changing IT disaster recovery outsourcing and how the recession is squeezing IT disaster recovery budgets. We also included part 2 of our look at IT outsourcing around the globe, focusing this time on the pros and cons of IT outsourcing in Latin and South America. Please review the stories below and let us know what you think!

Seven tips to make the value case for disaster recovery – How do you make the case in your company to invest in disaster recovery? Here are seven tips from leading providers that tell you how.

Technology is changing IT disaster recovery outsourcing – New technologies such as virtualization, disk backup and cloud are radically changing IT disaster recovery services.

Recession squeezing IT disaster recovery budgets – The recession is forcing CIOs to focus on risk assessments, processes and business resiliency to trim IT disaster recovery services. The result, say providers, is better decisions.

IT outsourcing pros and cons for Latin, South America – IT outsourcing pros and cons for Latin and South America range from time zone alignment and geographic proximity to a lack of vendors and language barriers. Learn more in this story (and also check out our story on the pros and cons of IT outsourcing in Asia).

August 28, 2009  3:42 PM

IT and business alignment: Wrong choice of words?

Karen Guglielmo Karen Guglielmo Profile: Karen Guglielmo

If there’s one thing we’ve learned in IT over the past few years, it’s that if you say that something will help with “IT and business alignment,” you’re pretty much guaranteed it’ll get some attention. And IT and business alignment continues to top CIO agendas as a priority year after year. So WHY would anyone question the meaning of such a harmonious and universal phrase?

That’s just what David Ratcliffe, president of Pink Elephant consulting, did in a blog posting this week. According to Radcliffe, IT and business alignment is not where it’s at anymore. Instead, it’s about IT and business integration.

Ratcliffe explains that, “if IT is ‘aligned’ with the business that means it’s separate and is trying to line up. IT is not a separate entity from the business, it’s PART of the business.”

I understand Ratcliffe’s’s point. IT does need to become an integral part of the business. And maybe it is time to update the “IT and business alignment” term and mindset. But alignment is still where it’s at. Now it’s a matter of what specifically needs to be aligned. 

Up until now, IT and business alignment was mainly about governance. Companies were setting up formal internal structures for IT and the business to effectively work together toward common goals.

But alignment today should be more about processes and metrics. IT still needs to align with the business on common goals, but it also needs to align on the types of processes and metrics it uses. The IT organization needs to start using metrics that show how technology is positively affecting the business.

The same goes for processes. There are business processes and service delivery processes. Both are run separately but have the same goal of improving the business. By using similar metrics and processes, IT and the business can better communicate and reach common goals.

In the end, alignment is still king. It’s just a matter of taking alignment to the next level.

August 28, 2009  2:43 PM

IT services outsourcing: Do you have an ‘India-plus-one’ strategy?

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

For quite awhile, many U.S. companies have focused their IT services outsourcing strategies on India due to its market share, low cost of labor and robust vendor market. But now, some companies are seeking the best of both worlds: Traditional IT services offshoring coupled with a nearshore location.

My piece this week on IT services outsourcing in Latin and South America focused in on three of the larger countries in those regions in this industry: Mexico, Brazil and Argentina. For those who might have missed it, part 1 in this series dealt with IT services outsourcing in Asia.

As I investigate these locations, what I’m hearing is that many U.S.-based companies are seeking an “India-plus-one” strategy, whereby they supplement offshore operations in India (or perhaps China, another IT services outsourcing leader) with a vendor in a nearshore location, allowing them to derive the advantages of time zone alignment, geographic proximity, and any other perks that the particular offshore locations offers. To ensure that they don’t get left behind, some Indian IT services outsourcing companies have opened their own facilities in nearshore locations to complement their Indian operations.

For instance, I had a conversation this week with Paul Madarasz, general manager of the eastern region business unit at Aliso Viejo, Calif.-based IT services firm UST Global. Although the company has a lot of IT services operations based in India, Madarasz said the company is opening an IT services delivery center in Chile, outside of the capital of Santiago, that will focus on UST’s “bread and butter”: Application development, support and maintenance.

“We chose Chile for a lot of different reasons,” Madarasz said. “A lot of our clients would love to see an ‘India-plus-one’ strategy. They feel they’re fairly well saturated in India and would like another location.”

Other pluses include the Chilean government’s commitment to the IT sector and an educational system to support it, favorable immigration laws for bringing workers in and out of the country, and a communications infrastructure that would be robust enough to handle a high-intensity operation.
“We felt the business climate there was probably the best for us to be in,” Madarasz said.

So what are your thoughts on an “India-plus-one” strategy? Are you considering IT services outsourcing in different locations than in past years? And what parts of the world are you interested in reading about to guide your IT services outsourcing strategy?

August 24, 2009  2:23 PM

CIO weekly wrap-up: Pros and cons of outsourcing, ITIL framework, PPM

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Good morning! This past week, looked into the pros and cons of outsourcing in several countries in Asia, put out our latest FAQ on the ITIL framework and put your project and portfolio management (PPM) knowledge to the test. Click on the links below to learn more!

Pros and cons of IT outsourcing in popular Asian countries — The benefits and challenges of IT outsourcing in India, China, the Philippines and Vietnam range from pricing to intellectual property barriers. Learn more in this story.

Understanding the ITIL framework — The ITIL framework is a globally accepted standard for improving IT service quality. This FAQ reviews the ITIL definition, training options and costs and ITIL-compatible tools.

Project and portfolio management quiz for enterprise CIOs — Project and portfolio management (PPM) creates visibility and helps CIOs direct spending and resources toward the proper goals. Read these stories on PPM and take our related quiz.

August 21, 2009  2:17 PM

Swine flu — not hurricanes — leads disaster recovery agenda

Linda Tucci Linda Tucci Profile: Linda Tucci

Hurricane Bill is barreling over the Atlantic threatening to flood data centers and new, potentially destructive computer viruses are always popping up, but, surprisingly, a real virus — swine flu — is taking shape as the biggest storm cloud on the horizon for disaster recovery specialists. In conversations with the major disaster recovery providers this week concern about the H1N1 influenza virus was running high. The big question is whether companies were sufficiently prepared for an outbreak among employees. For many companies, particularly smaller workplaces, even issues such as whether the company has the right to send a sick worker home can be confusing.

“The larger enterprise companies are beginning to take the H1N1 pandemic seriously and beginning to think about what they are going to do if 40% of their workforce gets sick this winter,” said Bob Boyd, CEO of Agility Recovery Solutions Inc., the Charlotte, N.C.-based provider that brings its ReadySuite trailers on-site in the event of a disaster or for testing purposes. “We are seeing a fairly significant increase in interest from those larger companies to have technology on schedule with us, so that if they sent 100 people home, we could ship them laptops, so they could work from home.”

Indeed, of the 41 recoveries Agility has done this year, seven have been for customer responses to the pandemic. One was in Montreal and the rest were in the U.S.

“In the seven cases we’ve done so far, their pandemic plans said that if an employee is diagnosed with H1N1 virus, the company takes the 100 people that employee is closest to, whether in the adjacent cubicles or by contact in meetings, and all those people go home for up to two weeks, because the incubation is thought to be about 10 days,” he said.

Companies like Agility can supply laptops loaded with the technology employees need to do their jobs along with any equipment, like headsets.

Agility is planning a series of webinars in September with avian flu expert John Lange to help its smaller member companies get ready for the expected upswing in swine flu cases this year. The emphasis will be on what companies can begin to do to protect their employees from the swine flu virus and how to handle cases, as they come up. Large companies with effective HR departments are typically well-prepared to deal with medical issues.

“You get to a small medium-sized company, that guy doesn’t even know if he has the legal right to send that worker home. They need help on how do they talk about H1N1 with their staff and encourage good practices,” Boyd said. He said Agility is spending a lot of time talking to customers about cross-training employees, so that more than one person knows how to perform a critical business function. “If they are right, a lot of people are going to be out sick.”

August 20, 2009  3:29 PM

Failure to track virtualization licensing terms can cost you

Christina Torode Christina Torode Profile: Christina Torode

An unnamed client of Forrester Research received a bill for $1 million from a software vendor for violating licensing terms. The problem was that the company was running its software in a virtual environment on any number of servers in its data center, versus only the servers it had originally licensed the technology for.

This isn’t the first time I’ve heard of virtualization licensing terms being violated. A systems integrator told me that a customer had to pay Microsoft $300,000 after an audit of an application virtualization project. Apparently, the company was using Symantec’s Norton Ghost disk-cloning technology to create ghost images of four different desktop models. The company had licenses for four images, but they were being used by 800 users.

So how are vendors counting licenses under the virtualization model, and how can you avoid violating virtualization licensing terms?

Duncan Jones, a licensing expert and analyst with Forrester Research, gives some background in a recent report on counting virtual licenses:

For decades, many software vendors have licensed their products by hardware-based metrics such as server, processor, or device. The definitions they have used in their license agreements assume a permanent assignment of software to physical assets. The licenses are like labels that the operations manager can attach to a piece of hardware to say “this device is licensed to run Product A.” But the lawyers who wrote these agreements never envisioned today’s virtualized data centers. Increasingly, applications now run in software-controlled bubbles, called virtual machines (VMs), which usually cannot be permanently associated with the physical resources supporting them. This makes it hard for software vendor managers to ensure that their organization has sufficient license capacity — one can’t affix a license sticker on a virtual machine. If they’re not careful, these sourcing and vendor management teams may find themselves facing a large unexpected bill after a software audit.

Jones offers a few steps you can take to avoid violating virtualization licensing terms. These include:

  • Choosing to license products based on named users rather than processors;
  • Working with your vendor to retrofit your software licenses for a virtual environment;
  • And, simply favoring vendors with more enlightened licensing policies.

Burton Group’s Chris Wolf believes it is time for those serious about virtualization to get a third-party licensing management tool. IBM offers such tools, as does ManageSoft.

ManageSoft, for example, allows you to audit the software you have in a virtual infrastructure and maintains an online database that will validate compliance for the applications and operating systems running in a virtual environment.

License compliance is no joke, as those who’ve been fined can attest. The onus is on you to figure out what you need and work with your vendors on the terms you need.

Let us know what you think. Email me at

August 17, 2009  3:48 PM

CIO weekly wrap-up: Private cloud, NAC guide, Lean IT, virtualization

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Good morning! Last week, delved into private clouds, network access control in the enterprise, Lean thinking for IT and virtualization strategies. To learn more about any of these areas, check out the stories linked below.

Wary of public cloud, CIO builds private cloud and transition plan – CIOs reluctant to put cloud pilots into production are investing in private clouds with moves they can then take to the public cloud later. Read this story to learn how InterContinental Hotels Group managed the pilot.

Network access control: Security advice for enterprise CIOs – Network access control (NAC) is a method of improving the security of a proprietary network by restricting network resources to endpoint devices. But it’s not a one-size-fits-all solution. Read this guide and pick the best form of NAC for you.

Lean thinking for IT – Lean thinking is the process of incorporating Lean principles into an enterprise for better operational efficiency – and who doesn’t want that? This FAQ shows how Lean thinking works and how IT is benefiting from this improvement methodology.

Enterprises fill client virtualization gaps as client hypervisors bake – Learn how enterprises are mixing and matching virtualization technologies for the desktop as they await bare-metal client hypervisors from VMware and others.

August 13, 2009  6:42 PM

Outsourcing IT jobs: Do U.S. companies and workers stand a chance?

Rachel Lebeaux Rachel Lebeaux Profile: Rachel Lebeaux

Does outsourcing IT jobs mean that U.S. companies and employees can no longer compete on a global scale?

In researching my pieces from last week on the state of IT outsourcing in 2009 at both the enterprise and midmarket levels, I stumbled across an interesting note in a study by AMR Research Inc.:

“Surprisingly, barely a fifth of companies state that jobs moving outside the country is an important inhibitor to outsourcing, which doesn’t reflect the media spotlight. It appears that while many people can voice protectionist views, when it comes to driving cost from their corporate bottom lines, it’s a different story.”

I asked AMR’s Phil Fersht, a co-author of the study, about this during our interview, and he confirmed that executives often say one thing when it comes to outsourcing IT jobs, then do quite the opposite:

“When we’ve talked to executives, some of them have said, while they have to be shown to play ball and protect U.S. resources, they’ve got to offshore,” Fersht said. “The cost of running a business in the U.S. these days is so unattractive compared to other locations.”

On his outsourcing blog, in a post titled “Who’s looking out for the U.S. business these days?,” Fersht elaborated on this stance, pointing to several factors that he said weigh against multinational companies conducting business in the U.S.:

– The cost of living in business centers such as New York City and Chicago is sky-high more so than many countries’ business centers.

– Health care costs employers a great deal – and Fersht believes that President Barack Obama’s proposed health care reform will increase the tax burden on the U.S. business.

– Other western countries are more corporate friendly – according to Fersht, the cost of hiring qualified graduates in London is half that of New York.

These factors caused Fersht to pose the question: “Why even consider setting up a global business in the U.S. these days in this virtual environment?”

This is obviously a tricky issue, and I’m torn looking at both sides of it. Particularly in this economy, it’s more difficult than ever to watch IT outsourcing jobs migrate offshore because workers in Asia or South America will do the work for less. It’s an example of the free market and cost-cutting at its finest, but it leaves U.S.-based companies and IT workers at a severe disadvantage.

However, don’t people living in Asia or South America have just as much a right to earn a livable wage by putting their IT education and skills to work for them? As we’ve all heard by now, “the world is flat,” and globalization means that, just because a business if U.S.-based, it doesn’t mean U.S. workers are inherently more entitled to first dibs on sought-after IT jobs. It might free up U.S. workers to complete more value-added work, such as positions that require not only technical knowledge but business sense as well. And if U.S. companies are more profitable as a result, that is within their rights, as well.

What are your thoughts on protecting IT jobs in the U.S. vs. outsourcing IT jobs? Are the cost advantages of IT offshoring too big to ignore, or are you committed to preserving these IT jobs in America?

August 13, 2009  4:38 PM

Virtualization licensing terms: A call to arms

Christina Torode Christina Torode Profile: Christina Torode

Vendors are working on ways to create virtualization licensing terms better suited to multi-tenant environments, but there is clearly still a lot of confusion out there surrounding licensing terms for desktop virtualization.

Well, virtualization licensing in general, for that matter.

An IT person in charge of application management for a systems integrator told me that some of his customers can’t make heads or tails of how they should approach Microsoft if they want to do client virtualization.

Do they need two operating system licenses if two virtual machines run on one physical client? This question applies to the use of Microsoft’s server hypervisor Hyper-V as well, since many of the systems integrator’s customers are using Hyper-V to create virtual desktops. (My story on pricing out Windows Server 2008 for virtualization cost efficiency explains how many virtual machines, and in turn operating systems per physical device, you can get under Windows Server 2008 agreements.)

Experts presenting at the recent Burton Group Catalyst conference said time and again that it was up to companies of all sizes to push vendors to change their licensing terms to better suit virtualization and cloud models.

Chris Wolf, virtualization analyst with Burton Group, asked point blank: When do you cut loose vendors that refuse to get on board? Meaning ones that will not support your virtual infrastructure model with fair licensing terms.

And what is fair licensing to Wolf? Licensing that is based on virtual CPUs, managed instances or installed instances, and not licenses that tie to physical hardware or compute resources.

“You need to push vendors for licensing terms that are physical system-agnostic,” Wolf said.

Let us know what you think here, or email me at

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: