lateral thinking

24X7 CIO

CIOs are using their tech knowledge to conjure up innovations that directly help businesses boost revenue and bottom lines. Their CEOs are impressed | PAGE 32

thinkingLateral

S P I N E

Technology for Growth and Governance

CT

O

FO

RU

M

A 9.9 Media Publication

Volume 07 | Issue 06

November | 07 | 2011 | `50Volume 07 | Issue 06

AN

OP

EN

LE

TT

ER

TO

YO

UR

CE

O | L

EA

N P

RIN

CIP

LE

S A

ND

CO

MP

LIA

NC

E | TA

BL

ET

S R

UL

E T

EC

HN

OL

OG

Y T

RE

ND

S

Guide to Maximising

Training Investment

PAGE 18

BEST OF BREED

I BELIEVE

Look at Productivity,

Not CostPAGE 04

NEXT HORIZONS

Economics ofCloud

Computing Decoded

PAGE 42

QFABRIC™ IS HERE and with it comes incredible transformation in the economics, management

and performance of the data center network. All told, QFabric is up to 10X faster than the competition,

amounting to 85% lower latency; all while requiring 27% fewer devices, consuming 56% less power

and using 75% less floor space.* Start the transformation at juniper.net/qfabric

*PRODUCT COMPARISONS ARE BASED UPON PRODUCT INFORMATION THAT IS PUBLICLY AVAILABLE FOR CISCO’S NEXUS 7000 SERIES AND NEXUS 5000 SERIES PLATFORMS FOR A 6000 X 10GE PORT CONFIGURATION.

“You can virtualize your network, you can build one physical underlying network. The capacity is there, the tools are there…That’s the solution that Juniper’s putting forward.”

ANDREW BACH, SVP,NETWORK SERVICES, NYSE EURONEXT

Þ Inbound Response ManagementPriya Sharma, 1800 209 3062

022 - 67083830, [email protected]

JN_IN_9dot9_FP_V1.0.indd 8 10/24/2011 12:56:24 PM

editorial

1 07 november 2011 cto forumThe Chief

TeChnologyoffiCer forum

yashvendra singh | [email protected]

editor’s pick

Simplify Life The cue for CIOs looking to innovate is to seed the right idea that

makes life easy for all

32 Lateral Thinking CIOs are using their tech knowledge to conjure up innovations that directly help businesses boost revenue and bottom lines. Their CEOs are impressed

now this is what i call innovation! i recently

met a senior Cio at his office in gurgaon. What caught my attention was a large lCD at the reception, similar to the ones at the airport, displaying arrival and departure times. The Cio later explained it was a fleet management system. Deployed six months back, it had radi-cally transformed the way his enterprise managed internal (employees) and external (fleet vendor, in this case) customers.

you, as technology leaders, can scarcely overlook its importance today. With emerging markets adding more than a billion cus-tomers to the global economy, Ceos worldwide have turned their attention to our home turf. The inherent cost-advantage that we have could be short-lived. The only way forward is to innovate for competitive advan-tage in the short-term and sus-tained growth and viability in the long-term. one way to fuel innovation could be to find an idea seeded anywhere and giv-ing it an opportunity to expand. The Cio who deployed the fleet management system didn’t tell his team to focus on just the project and its deadline. he gave them the freedom to think beyond the project. ideas flew thick and fast, and the result was there for all to see.

They say in google, employ-

There was no more sticking paper sheets on walls, and no more endless waits. The gPS would track the exact location of the cab, and any delay intimated through SmS. By developing an app for iPad, they could imme-diately log in the details once the journey was completed. This saved the vendor the hassle of sending invoices. in essence, it made life easy for everyone.

We, at CTo forum, have over the years been staunch propo-nents of such innovative iT.

ees invest 80 percent of their time in day-to-day work and the remaining 20 percent time is spent in ‘thinking’ not necessar-ily related to their work – a great way to incubate innovation. i believe for india’s Cios these tough times are a blessing in dis-guise. The time is ripe to herald innovation in their enterprises, and in the process display busi-ness and leadership mettle.

This issue’s cover story is yet another small step on our part to strengthen the spirit of innova-tion, and our way of acknowl-edging technology leaders who have implemented innovative iT. let the ‘i’ in Cio stand for innovation. no idea is a bad idea and every idea deserves a chance – but the one that succeeds is clearly the ‘right one’!

2 07 november 2011 cto forum The Chief


novemBer 11

Cover Story

32 | Lateral Thinking CIOs are using their tech knowledge to conjure up innovations that directly help businesses boost revenue and bottom lines. Their CEOs are impressed

COpyrIghT, All rights reserved: reproduction in whole or in part without written permission from Nine Dot Nine Interactive pvt Ltd. is prohibited. printed and published by Kanak ghosh for Nine Dot Nine Interactive pvt Ltd, C/o Kakson house, plot printed at Silverpoint press pvt. Ltd. D- 107, MIDC, TTC Industrial Area, Nerul, Navi Mumbai- 400706

ColumnS04 | I belIeve: look at ProductIvIty, Not cost The C level should look at value and productivity rather than cost. By

Ashok sethi

56 | vIew PoINt: It leadershIP

Two Days with leading CiosBy ken oestreich

FeatureS50 | tech for GoverNaNceleaN PrINcIPles & comPlIaNceBy thomAs Fox

Please Recycle This Magazine And Remove Inserts Before

Recycling

Co

ve

r D

eSi

gn

by

Sh

igil

n

co nte nt S theCtoForum.Com

32

Managing Director: Dr Pramath Raj SinhaPrinter & Publisher: Kanak Ghosh

Publishing Director: Anuradha Das Mathur

EditorialExecutive Editor: Yashvendra SinghSenior Editor: Harichandan Arakali Assistant Editor: Varun AggarwalAssistant Editor: Ankush Sohoni

dEsignSr. Creative Director: Jayan K Narayanan

Art Director: Anil VK Associate Art Director: PC Anoop

Visualisers: Prasanth TR, Anil T & Shokeen SaifiSr Designers: Joffy Jose, NV Baiju

Chander Dange & Sristi MauryaDesigners: Suneesh K, Shigil N, Charu Dwivedi

Raj Verma, Prince Antony & Binu MPChief Photographer: Subhojit Paul

Photographer: Jiten Gandhi

advisory PanElAnil Garg, CIO, Dabur

David Briskman, CIO, RanbaxyMani Mulki, CIO, Pidilite

Manish Gupta, Director, Enterprise Solutions AMEA, PepsiCo India Foods & Beverages, PepsiCo

Raghu Raman, CEO, National Intelligence Grid, Govt. of IndiaS R Mallela, Former CTO, AFL

Santrupt Misra, Director, Aditya Birla GroupSushil Prakash, Country Head, Emerging Technology-Business

Innovation Group, Tata TeleServicesVijay Sethi, VP-IS, Hero Honda Vishal Salvi, CSO, HDFC Bank

Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay

Vijay Mehra, CIO, Cairns Energy

salEs & MarkEtingNational Manager-Events and Special Projects:

Mahantesh Godi (09880436623)Product Manager: Rachit Kinger (9818860797)

GM South: Vinodh K (09740714817)Senior Manager Sales (South):

Ashish Kumar SinghGM North: Lalit Arun (09582262959)

GM West: Sachin Mhashilkar (09920348755) Kolkata: Jayanta Bhattacharya (09331829284)

Production & logisticsSr. GM. Operations: Shivshankar M Hiremath

Manager Operations: Rakesh upadhyay Asst. Manager - Logistics: Vijay Menon Executive Logistics: Nilesh Shiravadekar

Production Executive: Vilas Mhatre Logistics: MP Singh & Mohd. Ansari

oFFicE addrEssPublished, Printed and Owned by Nine Dot Nine Interactive Pvt

Ltd. Published and printed on their behalf by Kanak Ghosh. Published at Bunglow No. 725, Sector - 1, Shirvane, NerulNavi Mumbai - 400706. Printed at Tara Art Printers Pvt ltd.

A-46-47, Sector-5, NOIDA (U.P.) 201301Editor: Anuradha Das Mathur

For any customer queries and assistance please contact [email protected]

www.thectoforum.com

42 | Next horIzoNs: ecoNomIcs of cloud decoded Proper deployment can provide significant savings By

kevin L JAckson

regularS01 | edItorIal08 | eNterPrIse

rouNd-uP

advertisers’ index

Juniper IFC, 17Schneider 5SAS 7CTRLs 12, 13Trend Micro IBCNokia BC

This index is provided as an additional service.The publisher does not assume

any liabilities for errors or omissions.

24 | best of breed:aN oPeN letter to your ceo Business needs to stand up and take some responsibility too, it's not just iT's aloneBy mArc J schiLLer

24

a queStion oF anSwerS

14 |“Connect Everything, Empower Everyone” Kevin Johnson, CEO, Juniper, shares his views on key technological disruptions in recent times in a candid discussion with pramath raj Sinha

42

14

I BelIeve

currentchallenge



To conTinuously benchmark The cosT of services inTernally againsT Those exTernally

A questIon that a Cio is often asked is: Are you able to convince your Ceo about the budget that you want? i believe, the need to convince the top management over the budgetary requirements arises when the top management lacks the knowledge and interest in what is happening in

the outside world. it boils down to how aware the top management is of the goings-on in the enterprise fir-mament and whether it too wants to be on the same journey or not. iT is a journey without an end. Today, i am on mac platform, tomorrow it could be any other, and you should be ready to support it. Cost is always a factor. But i would like to call it an investment rather than a cost. if the C level starts viewing iT as an invest-ment and looks at the roi and the value and productivity-gain taking place, i don’t think they will chal-lenge the investment.

We, therefore, don’t look at cut-ting capex. i think investments are required irrespective of where you are. There could be various models of operations. Capex can be converted to opex if you opt for different servic-es. for instance, if you opt for cloud, it becomes an opex, while you have to buy the hardware. The objective is service and we need to loook at the cost of that service, and if we are to buy that service from outside, what will be the cost of procuring it. So, as a Cio, i am always benchmarking to find out the cost of that service inter-nally. Can i get it at the same cost from outside with matching SlAs? if the answer is no, it means that ser-vice is not core to my business.

on the applications side, we are evaluating which SaaS models will work best for us. We are looking at our erP system once again — plat-form upgrades are coming in. on the technology side, i would say our primary focus is on security, which would go up to the mobile devices. As the whole concept of ByoD is catching up, mobile device manage-ment is becoming critical for us. Col-laboration was a big theme for us last year, and we would be expanding it in the next year.

People may say this is a cost, but i call it an investment.

By Ashok sethI, CIO, Sapient Indiathe Author leads Sapient’s IT Strategy and Enterprise Applications & Infrastructure

groups. He has over 20 years of consulting experience

Look at Productivity, Not Cost of Services For It to complement business, the c level should look at value and productivity rather than cost

©2011 Schneider Electric. All Rights Reserved. Schneider Electric, InfraStruxure, StruxureWare, and APC are trademarks owned by Schneider Electric Industries SAS or its affiliated companies. All other trademarks are property of their respective owners. • 998-4108_IN-GB Schneider Electric India Pvt Ltd, 9th Floor, DLF Building No. 10, Tower C, DLF Cyber City, Phase II, Gurgaon - 122 002, Haryana, India, Phone: +91 124 3940 400, Fax: +91 124 4222 036

Tap the business value of your data centre!Learn how in our management software white paper.Visit www.SEreply.com Key Code 98152t Toll Free 1800 4254 877/272

Tap in to the health of your data centre As an IT or data centre manager, you know that doing your job well means saving your company both time and money. Today, there finally is a way for you to be completely tapped in to the overall health of your data centre. StruxureWare™ for Data Centres gives you visibility across your entire data centre infrastructure so you can make informed decisions — not arbitrary ones — about your infrastructure. For example, you can plan proactively for needed capacity and streamline workflow management to improve your business agility and availability. In fact, now more than ever, infrastructure decisions are business decisions.

An always available, efficient data centre What’s more, StruxureWare for Data Centres communicates in real time with the leading virtualization platforms: VMware vSphere™ and Microsoft® System Centre Virtual Machine Manager. The software’s built-in automated response capabilities ensure that virtual loads always have healthy host environments. With your VMs on healthy hosts, you can focus on running your data centre more efficiently. The software also gives insight into PUE/DCiE trending over time, enabling you to make intelligent energy management decisions. With StruxureWare for Data Centres’ planning and reporting capabilities, who’s the company hero now? You are!

APC by Schneider Electric™ is the pioneer of modular data centre infrastructure and innovative cooling technology. Its products and solutions, including InfraStruxure™, are an integral part of the Schneider Electric™ IT portfolio.

The strategic bridge between your data centre and your business? You.

Now, make informed decisions about your infrastructure:

> Plan proactively for needed capacity.

> Blueprint data centre expansions and consolidations.

> Streamline workflow management of your IT physical infrastructure to improve your business agility and availability.

> Make changes knowing how they will affect your business.

> Visualize change/capacity scenarios to improve your bottom line.

> View your current and historic PUE/DCiE and energy costs of subsystems to make intelligent energy management decisions.

Only StruxureWare for Data Centres enables a healthy, business-driven data centre.

> Executive summary

How Data Center InfrastructureManagement Software ImprovesPlanning and Cuts Operational Costs

White Paper 107

CTO_Forum_Magazine_1107_98152t.indd 1 11-10-21 上午10:21



LETTERS

WRITE TO US: The CTOForum values your feedback. We want to know what you think about the magazine and how

to make it a better read for you. Our endeavour continues to be work in progress and your comments will go a long way in making it the preferred publication of the CIO Community.

Send your comments, compliments, complaints or questions about the magazine to [email protected]

ARE CTOS mORE InTERESTEd In SATISfyIng ThE CfO & BOARd RAThER ThAn ThE COnSUmER?

The CTO is aligned to the CFO and the Board in that order, the CTO will have to also be good at resume writing as he will not last too long. But then the question arises, is the CFO aligned to the Consumer? If he is not, then even he may be in hot water sooner or later.Arun GuptA, Group CIO, Shoppers' Stop

Stop living within the realmS of it

Technology plays a big part in developing our country. But how are we faring, you and me... the senior technocrats? To read the full story go to: http://www.thectoforum.com/content/stop-living-within-realms-it

CTOf Connect Rajat Mohanty, CEO Paladion shares his insights into phishing in India and Middle East in a conversation with Varun Aggarwalhttp://www.thecto-forum.com/content/india-new-focus-phishers

OpiniOn

C R NaRayNaNCIO, TulIp TeleCOm

CTOforum LinkedIn groupJoin over 900 CIOs on the CTO Forum LinkedIn group

for latest news and hot enterprise technology discussions.

Share your thoughts, participate in discussions and win

prizes for the most valuable contribution. You can join The

CTOForum group at:

www.linkedin.com/

groups?mostPopular=&gid=2580450

Some of the hot discussions on the group are:Open Source vs Proprietary SOfTWARE

Practically how many of you feel OpenSource Free

software are best solutions than any proprietor software's?

I would rather mention that, you call should depends on

the criticality of the application to serve the enterprise

business requirement, as opensource application can

have security breaches and lack of support in worst

come senario

—Vishal Anand Gupta, Interim CIO & Joint Project Director HiMS at The Calcutta Medical Research Institute

A CIO should just stick to the C and the O in the title



ANALYTICSDrive more value.

Par for the course won’t differentiate you. With SAS® Analytics, you can increase pro� ts, reduce risk, predict trends and continuously improve the way you work. Decide with con� dence.

Scan the QR code* with your mobile device to view a video or visit sas.com/india/golf for a free Harvard Business Review report.

SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies. © 2011 SAS Institute Inc. All rights reserved. S75378US.0611

*Requires reader app to be installed on your mobile device

For more information please contact [email protected].



Enterprise

Round-up

FEATURE InsIdE

HP Helps Businesses deliver on Cloud

Computing Pg 10

Growth in private sector data breaches

Mobile Devices Under Security Infrastructure Changing threat vectors require shift in enterprise security strategiesMcAfEE recently shared its vision for securing mobile devices in corporate environments. The three-pronged approach for protecting mobile devices, mobile data, and mobile applications, is designed to help businesses and consumers manage their devices securely, as the threat environment quickly evolves.

Attacks on smartphones are becoming more com-mon, and according to mcAfee labs, new malware targeting Android devices jumped 76 per cent in the last quarter. The need to secure mobile devices from attacks has never been more important. iT security operations that were once smooth-running have recently come

under intense pressure to adopt new technologies and fully support completely new platforms, operating sys-tems, and architectures. mcAfee is developing products and strategies to allow businesses to bring these con-sumer devices securely into the iT infrastructure.“mobile device adoption is exploding, and unfortunately, so are the threats targeting mobile platforms. We believe that the emerging mobile malware we are seeing today is just the beginning,” said John Dasher, Senior Direc-tor, mobile security for mcAfee. “it’s a whole new world, and a challenge for iT to craft security policies that make sense while updating their infrastructure.”

58%dATA BRIEFIng

illu

st

ra

tio

n b

y j

of

fy

jo

se

E nt E r pr i s E ro u n d - u p



According to the latest Kaspersky Labs report, since June 2011, a substantial decrease in the number of fake anti-virus programmes was observed. However, right now 10,000 daily attempts to infect users with Trojan-FakeAV are seen; back in June the figures were 50-60,000.

QUICK ByTE on FInAnCIAL

Top 10 Strategic Technologies for 2012 To impact organisations' long-term plans significantlyGARtnER defines a strategic technology as one with the potential for significant impact on the enterprise in the next three years. These technologies impact the organisation's long-term plans, programmes and initiatives. “These top 10 technologies will be strategic for most organisations, and iT leaders should use this list in their strategic planning process by reviewing the technolo-gies and how they fit into their expected needs,” said David Cearley, Vice President and gartner fellow. “organisations should start exploratory projects to look at promised candidate technology and kick off a search for combinations of information sources, includ-ing social sites and unstructured data that may be mined for insights,” said Carl Claunch, Vice President and distinguished analyst at gartner.The top 10 strategic technologies for 2012 include media Tablets and Beyond, mobile-Centric Applications and interfaces, Contextual and Social user expe-rience, internet of Things, App Stores and marketplaces, next-generation Analytics, Big Data, in-memory Computing, extreme low-energy Servers and finally, Cloud Computing.

Azim Premji Foundation (APF), run by the third rich-est Indian on his own money, is all set for a generous initiative. The foundation plans to start 1,300 schools across the country — two per district — which will be free, impart education in the local language and be affiliated to the state board.

— Azim Premji,Chairman, Wipro

—Kaspersky Labs

“Quality education is fundamental to our becoming a developed nation. And the final crucible of learning is the classroom”

They Said iT

aZiM PReMJi

illu

st

ra

tio

n b

y s

hig

il n




HP Helps Businesses Deliver on Cloud Computing Cloudsite, Hostworks and singTel select HP to win race to the cloudHp REcEntly announced that companies in the Asia-Pacific and Japan (APJ) region are turning to hP for data centre services and solutions as they outpace other regions in the race to cloud-based computing models.

globally, the market for cloud computing will grow from $40.7 bn in 2011 to more than $241 bn in 2020. APJ is a particularly dynamic region in terms of growth in this area, where, according to forrester research, organisations are forming comprehensive cloud strategies faster than in north Ameri-can and Western european markets.

many APJ organisations are still in the

early stages of deploying iT environments, and without the restrictions of legacy envi-ronments, they can move directly to service-based, cloud-computing models.

many hP clients, such as CloudSite, hostworks and SingTel, are rapidly trans-forming their businesses to offer cloud services to customers.

“APJ-based companies are increasing their competitive advantage on a worldwide scale by transforming their data centres and mov-ing to flexible cloud environments,” said Som Satsangi, Vice President, enterprise Servers, Storage and networking, hP india.

context-Aware technologies Will Affect $96 bn of Annual Consumer Spending Worldwide by 2015

The percentage of organisations in Asia-Pacific except Japan who view the cloud as directly relevant to their organisations recently almost doubled over a 12-month period. As part of this trend, newly built enterprise-class data centres will double from 2010 to 2014, requiring specialised expertise to ensure that they are cloud-ready.

in China there is limited data centre space available for hosting and managed services. Space that is available tends to experience power, cooling and reliability issues that put organisations at risk of service disruptions.

CloudSite is a data centre development company that plans to build five data centres in China to support clients locally and abroad. They turned to hP to design a state-of-the-art 38,000 sq mt facility for cloud computing that is modular, highly energy-efficient and can scale to meet vari-ous client needs.

“hP is the only company in China that has the expertise to deliver an end- to-end strategy for planning and building a data centre, while fast-tracking the project to help us meet our business goals,” said John Drossos, Chief executive officer, Cloudsite Development. “hP has proven to be a trust-ed advisor, working with us every step of the way to ensure that every resource counts and our facility exceeds our expectations.”

To reduce power usage and accommodate fluctuations in local power availability, the facility’s cooling system uses an indirect outside air economiser, as well as hot and cold aisle containment. each data centre floor houses iT space and an independent power and cooling infrastructure.

hostworks specialises in the provisioning of online, high-transaction websites, video streaming, complex web hosting and peak demand management for leading digital media companies and online transaction websites in Australia. hostworks requires the highest levels of performance and flex-ibility to deliver new services and 24x7 avail-ability, especially during peak times.

The company selected hP CloudSystem to build, package and provision cloud services through a unified catalogue. lever-aging an underlying hP Converged infra-structure, hostworks’ elastic Compute infrastructure rapidly scales up and down without impact to resources, enabling its customers to only pay for what they use.

gLoBAL TRACKER

Consumer Spending Worldwide

so

ur

ce

: ga

rt

ne

r

illu

st

ra

tio

n b

y s

hig

il n




iT Spending to Reach $2.7 Tn despite economic challenges,enterprises will continue to invest in iT

SMaRT CiTieS

ibM recently announced the

launch of ibM intelligent

operations centre for smarter

cities, a new solution designed

to help cities gain a holistic view

of information across city depart-

ments and agencies.

this development is signifi-

cant keeping in mind the current

landscape in india. ibM’s intel-

ligent operations centre, part of

the next big Wave technologies

offerings for india market, lever-

ages analytical insights to monitor

and manage city services through

one central point of command so

cities are better able to anticipate

problems, respond to crises, and

manage resources.

the ibM intelligent opera-

tions centre for smarter cities

will allow cities to use infor-

mation and analytics to make

smarter and more timely deci-

sions, helping local leaders

manage a spectrum of events,

both planned and unplanned,

such as deploying water main-

tenance crews to repair pumps

before they break, alerting fire

crews to broken fire hydrants at

an emergency scene, or antici-

pating traffic congestion and

preparing redirection scenarios.

the intelligent operations

centre is designed to optimise

the operational efficiencies of a

city and provide a unified view

of all city agencies including

energy, public safety, transpor-

tation, and water.

WoRldWidE enterprise it spend-

ing is projected to total $2.7 tn in

2012, a 3.9 per cent increase from

2011 spending of $2.6 tn, according

to gartner inc. While enterprise it

spending growth is slowing (from

the expected 5.9 per cent increase

in 2011), analysts said it’s impor-

tant to note that despite the global

economic challenges, enterprises will

GooGlE india has announced the launch of a nationwide initiative to help small medium enterprises (Smes) in india to get online with a free website, personalised domain and hosting. Called ‘india get your Business online,’ this initiative aims to break down the barriers that stop small enterprises from getting online — by offering a quick, easy and free tool to set up and host a website. google’s goal is to help 500,000 Smes in india to get online in next three years through this programme, working with web hosting provider hostgator. Small business owners in india can log on to www.indiag-

Google to Offer Free Websites to indian SMesTool powered by Hostgator

FACT TICKER

continue to invest in it.

Peter sondergaard, senior Vice

President at gartner and global head

of research said, “the days when

it was the passive observer of the

world are over. global politics and

the global economy are being shaped

by it”. “it is a primary driver of busi-

ness growth. for example, this year

350 companies will each invest more

than $1 bn in it. they are doing this

because it impacts their business

performance.”

sondergaard said two-thirds of

ceos believe it will make a greater

contribution to their industry in the

next 10 years than any prior decades.

“for the it leader to thrive in this

environment, it leaders must lead

from the front and re-imagine

it,” sondergaard said. “it leaders

must embrace the post-modern

business, a business driven by

customer relationships, fuelled by

the explosion in information, col-

laboration, and mobility.”

etonline.in and use the tool to get a get a free, easy-to-build website and web hosting for one year powered by hostgator. Businesses also get a customised domain .in name and free tools, training and resources to succeed online.

“google has always believed in the power of the internet to help small businesses thrive and to make people's lives easier by making informa-tion more accessible and useful. We recognise india as a high growth and high potential internet market in the world and we’re committed to play the role of a catalyst to bring the benefits of the internet economy to small and medium busi-nesses in india. We have received tremendous response to this initiative in other countries and we’re very excited to bring this initiative to india and empower local businesses as more and more indian users get online,” said nikesh Arora, SVP & Chief Business officer of google inc.

While india is home to an estimated eight mil-lion small and medium businesses, only about 400,000 have a website. The initiative is designed to bridge the information gap that exists online due to the lack of presence of local indian busi-nesses on the internet. Businesses often believe that getting online is too complex, costly and time-consuming; this perception prevents many Smes from taking the first step towards building an online presence. google india and hostgator plan to change that through this initiative.

‘india get your Business online’ programme is also supported by federation of micro, Small and medium enterprises (mSmes), popu-larly known as fiSme. fiSme, the non-profit organisation will work with google india to help SmBs get online through direct customer outreach and events.

illu

st

ra

tio

n b

y P

rin

ce

an

to

ny

A Q u e s t i o n o f An swe rs PE RSO N ' S N A M E



The role of a CIO is constantly changing with disruptive trends in the space of technology. Kevin Johnson, CEO, Juniper, shares his views on the key technological disruptions in recent times in a candid discussion with Pramath Raj Sinha

Social Media and the CIO: Johnson feels social media is important for enterprise collaboration



K E v i N J O h N SO N A Q u e s t i o n o f An swe r

What according to you are the key emerging trends in

information technology?The key trends in technology that are shaping business currently are mobile, social and cloud. Starting with mobile, we’re in an era where phones, tablets and mobile internet, etc., are being used by consumers and businesses to access informa-tion and data. While it was predicted that smartphones would catch on, it were the form factors mainly driven by Apple with touch capability and high-speed data connectivity and new range of applications that really unleashed the wave of consumer tech innovation.

This is creating some interesting opportunities and challenges for the Cios. first, it creates a new class of applications. in some way they are traditional business class applica-tions that people want to access on

these mobile devices, and in other cases, these are a new set of applica-tions that are used by the company to reach their customers or partners in different ways. Starbucks, for instance, has built a mobile payment application for loyalty card hold-ers wherein you just pull out your iPhone or Android device and pay using it, while keeping track of all your personal information.

While many Cios say they do not allow personal devices at work, stud-ies reveal, about 90 per cent employ-ees have carried their personal devic-es to work and over 80 per cent have used that to access corporate data. either Cios put up restrictions on such behaviour or look for a solution to allow this in a secure manner.

At Juniper, we did the latter.We changed our device policy and instead of Juniper paying for the device, we have the employees paying

for it. So they get to pick their device, but we have a solution that allows these devices to connect securely to the network. for this, we created a product called Junos Pulse that runs on most mobile platforms and allows secure connections to corporate data. if an employee loses the device. We can centrally wipe that device, we can also locate the lost device using gPS.

The social trend is making inroads into the business in two key ways. first, businesses are using social tools to reach their customers bet-ter, evangelise better and to stay connected to their opinions. Com-panies are thinking how to utilise and leverage the social — the fact that people are connected. The other place where the social is helping is by enabling employees to collaborate. for example, at Juniper we use Sales-force.com’s Chatter. Chatter is like a business version of facebook and

KevIn JOhnSOn | CEO, JunipEr

“Connect everything,Empower Everyone”



A Q u e s t i o n o f An swe rs K E v i N J O h N SO N

“The interesting thing about mobile, social and cloud is that it could not have happened without the network”

Trends like

mobile, social

and cloud

could not have

happened

without the

network

Cyber threat

is real and

the changing

technologies and

threat vectors are

evolving

Whatever market trends

there are today,

are creating

the most

complicated

situation for

the CIO

ThIngs I BelIeve In

allows employees to have a page that is within the company firewall. And it allows us, as a company, to put all the relevant content up there for the employees. it also allows employees from different geographies to gain from each others’ experience and col-laborate. it is different from email, as it works in the facebook manner.

Cloud — in many ways is just a buzzword and every technology com-pany in the world is putting up the term in some or the other product. But there are some fundamental drivers for cloud computing. in its simplest form it can be seen in the the infrastructure of the data centre — by centralising the storage and servers and by virtualising them for higher utilisation and then by auto-mating the data centre. There are significant economics to be derived by just doing that.

in addition to that, if you’re a mid-market firm and do not have the critical mass or scale to centralise, virtualise and automate your data centre, you will consider someone else to do it — a service provider or a SaaS-based application. There are also hybrid models for either disaster recovery or peak compute volumes. There is a lot more to unfold in terms of applications, to enable more advantage of cloud.

The three trends also accompany security

challenges for a CIO. What do you have to say about this?The interesting thing about mobile, social and cloud is that it could not have happened without the network. The fact is that the network is within the data centres and connects the data centres together for cloud com-puting, or is the network that enables the mobile internet, using which bil-lions of devices are connected. That’s what Juniper networks is focussed on — how to drive innovation that enables our vision called 'connect everything and empower everyone'.

We are, therefore, mindful of such trends. We are also conscious that

security becomes an important issue when you have everything connected, and the fact that these devices and technology are in many more hands around the world. Cyber threat is real and the changing technologies and threat vectors are evolving. Today, there is economics behind cyber-crime and well-funded entities are indulging in it.

Are you genuinely convinced about the economics of

cloud? Is India just behind the curve for cloud computing?if you do the mathematics behind the economics of virtualisation, cen-tralisation and automation, it is easy to prove that the economic benefits of this model are significant. if you then try to apply these economics to your iT operations, it is very difficult. our Co-founder, Pradeep has this principle — centralise whatever you can, but distribute only when you must. And it is mathematically prov-

en that when you distribute things, it costs more and centralisation costs less. That’s the principle on which we engineer our technology. So when you look at cloud in that way, it seems simple to justify the invest-ment. however, when the iT team says that we need to invest a few mil-lion dollars before we can save from this technology, it is a tough decision for the management.

Given the trends, CIOs have too many trade-offs to

worry about. Do you think life has become complicated for the CIO?Whatever market trends there are today, are creating the most compli-cated situation for the Cio. in my 30-year career, i’ve seen many sig-nificant technology evolutions and disruptions. you may say that they are accelerating, but they do build upon one another. So, while the number is much higher, they were still very significant even 20-30 years ago.



Best of

Breed

A solution like SharePoint provides a number of benefits for organisations, including real-time collaboration, decreased costs and improved opera-tional efficiency. however, as more

companies turn to this platform for business critical collaboration and document retention, they face pro-

Get set for e-discovery in sharePointOne of the most popular collaboration platforms, SharePoint adoption is set to accelerate in the months ahead By Tom mccaffrey

illu

st

ra

tio

n b

y p

c a

no

op

found challenges related to e-discovery demands.This is a significant concern since research shows

it is not a question of 'if' they will ever have to engage in e-discovery, but when. nevertheless, there are a series of policies and simple practices organisations can implement to ensure the e-discovery process is seamless and efficient. equally important, using

of Midsize CoMpanies Will Use ReCoveRy-as-a-seRviCe by 2014, Up fRoM one peR Cent today

30%Data Briefing

guide to Maximising training investment Pg 21

Strategic Value of PPM in enterprise Pg 22

an Open Letter to Your CeO Pg 24

featureS inSiDe



m a n ag e m e n t B E S t o f Br E E D

these same practices, companies can pre-serve, analyse, review and produce elec-tronic data in accordance with applicable obligations when requested to help avoid fines or sanctions.

one of the most important steps for an organisation to take in preparation for an e-discovery request is the creation and implementation of a policy to effectively organise and manage existing information thereby making it easier to search. it is important to build these guidelines around the content because SharePoint enables users and organisations to save an unneces-sary amount of data.

for example, if an organisation is coordi-nating with an archive or other information governance solution, it can decide what types of electronically stored information (eSi) can be kept and for how long. ulti-mately, though, not all of the content stored on the SharePoint server will be relevant for e-discovery. in that sense, SharePoint is similar to email — there are only certain items which are truly relevant.

retention Policiesimplementation of the corporate retention policies in SharePoint both help an organi-sation achieve regulatory compliance and is the next step in preparing for e-discovery. Assuming your organisation has docu-ment retention policies in place, a company should require SharePoint site adminis-trators to define the applicable retention categories in accordance with the policies for each site and folder. further, a company should set up the folder structure so that only one retention category applies to each folder and its future contents.

These sites and folders and their cor-responding retention categories should be documented both within the SharePoint site

and included in the organisation’s data map. The top level of the site should also define criteria that people can use to determine the appropriate folder for content they are adding to the site. for any office document or loose file, the creator can be sure their name is listed in the file properties instead of using a copy of someone else’s file or the corporate template.

ownershiponce the SharePoint site structure is estab-lished, next comes the task of determining who owns the data within the platform. identification of data ownership is impor-tant for e-discovery, since some of the data owners may ultimately become custodians in a matter or investigation.

Why does determining data ownership matter, you may ask? legal and iT are obligated to collect and produce relevant data for each custodian named in a mat-ter or investigation, often within a two to three week window. missing this deadline can result in fines and, potentially, loss of the case. it is much easier to find data if ownership structures are documented and in place. Knowing where to look can make the difference between missing a deadline or having the time to review data and deter-mine case strategy. Because SharePoint can function as a file-share, in which anyone can have access to a certain folder, the administrator can and should manage who can access what folders and where informa-tion is ultimately stored.

making that decision involves defining who the data owner is, and that can be a complicated process. in SharePoint, an owner needs to be assigned to every data element. Since many people use a given SharePoint site, some steps should be taken to identify ownership of the data.

often, the person with administrator rights to the site can be considered the owner.

too Many CooksWhat happens when you have a project team or department with many individu-als contributing content, making edits and viewing content? SharePoint tracks both who last viewed or last edited content, which is information that can be used to determine custodians for the data. or, all people with access rights to the content may be considered custodians. Wikis and blogs may be more straightforward than docu-ments, since there are typically primary and secondary or contributing authors which become the data custodians. The final and perhaps most important action a company can take when preparing for e-discovery involving information on SharePoint is to ensure that all metadata is preserved. failing to preserve metadata can result in fines and/or sanctions. But a fear of sanctions and fines should not be the only motivating factor for ensuring the preservation of an organisation’s metadata. metadata identifies who last accessed a file/sent a message, who created it, when it was created or accessed and who was on the dis-tribution list for a message.

This information, combined with the contents of a file or message determines who said what to whom and when, as well as who knew what and when they became aware of it. metadata can be preserved through a tool that makes forensic copies of the content. The most common enterprise tool for preserving content and metadata is an enterprise information archive. Archives use special connectors to link to email serv-ers and other application servers, such as SharePoint that copy and store both content and metadata. e-discovery tools built for col-lections also ensure both content and meta-data are copied and preserved exactly the way they were in the original location.

organisations can make discovery from SharePoint more efficient and reduce risk by establishing clear protocols for access-ing SharePoint sites and documenting the entire management process in terms of site structures, administrator access and employee access. This documentation must be kept current and should track whom had

one of the most important steps in preparation for e-discovery is the creation of a policy to effectively organise and manage information



B E S t o f Br E E D t r a i n i n g

Guide to Maximising training Investment for determining the business impact of training, it must be quantified in terms of value of investment

After 20 years of helping global organisations plan and deliver training and development, especially around project management and business analysis, i have found that there are some common failure points in the design, execution and application of

training. furthermore, eSi international conducted a web-based transfer of

learning survey in march 2011. This global study, Applying Training and Transferring learning in the Workplace: how to Turn hope into reality, asked more than 3,200 training-related managers and lead-ers at government agencies and commercial institutions if they had a system to ensure trainees apply learning improve actual employee performance and generate positive business impact. Drawing from

access to what sites and when.An organisation should also

work with its legal team to describe in advance how it will define custodians with respect to administrator, author or viewing access rights. legal and iT teams should work col-laboratively prior to investiga-tions and legal matters to deter-mine how collections from SharePoint will be conducted.

the ‘When’When the time comes to conduct Share-Point e-discovery, there are a number of third party tools that can help. Some tools allow organisations to crawl through an archive and extract specific information. Some have the ability to do a proximity search, so, for example, you can look for the word ‘discovery’ +/- any other specific words before or after it. more advanced discovery services provide the ability to search by con-cepts, instead of just keywords.

These systems take advantage of full text indexing of content and metadata and then apply advanced linguistic algorithms to identify relevant content. Some tools take this process a step further, allowing review attorneys to classify documents from within the review set which then trains the software to efficiently classify other documents accordingly. This

intelligent prioritisation is even more pow-erful in that it identifies gray content (mean-ing documents that may be either relevant or non-relevant) and presents it to a human for disposition, from which the learning process continues to refine itself.

SharePoint’s use is growing in popular-ity and the amount of data being created is growing exponentially, increasing the frequency of e-discovery requests from this platform. Since organisations are obligated to collect and produce data from SharePoint for litigation and investigations, they can

reduce the impact through proper planning, documentation and business processes.

Structure, administration, alignment to corporate retention policies and proactive methods for assigning data ownership can help organisations reduce the possibility of fines and sanctions and have the time they need to develop optimal case strategies.

Tom mcCaffrey, Director of Archiving for Kroll ontrack, is responsible for the overall business strategy and market evolution of the company's archiving and information management solutions. mcCaffrey works with his team to bring expert products and services to market that help clients manage large volumes of data, reduce the cost of responding to investigations, litigation and regulatory requirements, and defensibly respond to requests for electronically stored information (eSi).

—This article has been reprinted with permission

from CIO Update. To see more articles regard-

ing IT management best practices, please visit

www.cioupdate.com.

$6.3expected

Online music

revenues by the

end Of 2011

this research and my own practical experience, i’ve outlined ways that Cios can get the most out of training.

Make the case for change: Before you tell individuals to go to training explain why they are attending training, what should they expect and what the organisation expects. This is often the most neglected area that connects a training class to an iT strategy and, more importantly, a business strategy. Cios should put a strate-gic focus on employee development, and this means you need to implement change management in the following ways:

Articulate the as-is state and articulate the 'problem' at all levels within the organisation

Communicate the vision and reasons why a change in knowl-edge/skills/competencies is needed to support the company’s

bn



t r a i n i n g B E S t o f Br E E D

mising returns, increasing agility, minimising risk or improving performance), you have to show the current state by identifying various qualitative and quantitative metrics and establish success criteria. These metrics become your dashboard to show improvement over time and help you to communicate with various stakeholders.

Motivate your audience: motivating employees to pre-pare for, attend and then successfully apply learning is an inherent and critical part of the learning process. Accord-ing to the Transfer of learning Survey, only 20 per cent of survey respondents indicate that there is a financial reward or incentive to training. This shows that organi-sational incentives may be out of touch with today’s work-force, and Cios should re-examine their strategies for motivating a new, changing workforce.

if monetary rewards are out of the question, then con-sider offering 'moments' that instill pride and serve as an incentive for an employee, like a lunch with the Ceo. Also, the timing of recognition — perhaps during a company-wide meeting — is often more important than ‘what’ kind of recognition.

Solve the manager puzzle: managers clearly play an important role in ensuring that learning meets organi-sational objectives and is applied on the job. in fact, securing manager support was selected in the Transfer of learning survey as the number two most important strat-egy for the transfer of learning. managers must do more than simply endorse a training programme. managers should have clear responsibilities and provide tactical support every step of the way, including developing a plan for learning and its application on the job and ensuring post-instruction reinforcement.

Plan what happens after class: Preparing for train-ing is one thing, but what happens after training? it is discouraging to find that almost 60 per cent of those surveyed indicate that they do not have a systematic approach to preparing a trainee to transfer or apply learning on the job. rather they seem to rely on infor-mal feedback or guesswork. This lack of pre-training

planning casts further doubt on an application of learning meth-odology within organisations.

once training is over, the hard work begins. Cios should ensure that there are post-learning strategies and tactics to reinforce change and spark dedication to apply learning. Post-learning aids abound today, such as post course discussions with the manager/team leader, on-the-job aids, informal support such as social networks or online forums, or communities of practice such as peer groups/coaching. The trick is to organise and match up this array of post-training aids to meet a learner’s specific moment of need.

Communicate results of your measurement strategy: Showing the value of investment in training does not mean roi is out of the pic-ture. it just means that you can tie training to real, measurable busi-ness impact. To measure results, you need to define the business impact areas, which can be: increasing quality, increasing produc-tivity, increasing employee engagement, decreasing costs, increas-

growth/future strategy enact change management processes as part of skills develop-

ment along with associated interventions, coaching and perfor-mance support systems

Show your mind map and expected value: What is the framework for gathering requirements and managing your iT projects so that they align with business strategy? you may reply: “Ask my project management office (Pmo)”. however, Pmos rarely can articulate the value and business outcomes of training.

That’s where the Cio comes in. Cios need to think and act in a very methodical, comprehensive way, developing a plan that brings about change across people, processes and tools, where training is one very important factor in overall success.

Speak business, not IT: Clearly, Cios need to define value of a training intervention in the context of the overall business strategy. once the expected value is understood (often in four areas: maxi-

“Before you tell individuals to go to training explain why they are attending training and what they should expect from it”

illu

st

ra

tio

n b

y s

hig

il n



B E S t o f Br E E D m a n ag e m e n t

ing revenue, increasing customer satisfaction, decreasing cycle time, decreasing risk and increasing effective communication.

Then enact a measurement strategy. Course evaluations need to be completed by both the trainee and manager immediately post training and then 90 days out. After defining business impacts and developing tools and evaluations to measure specific results, Cios can review high-level output that helps prioritise training and development investments based on this data. Cios should be asking for the following data points:

how do learners rank various courses by perceived impact on the organisation?

Does training impact job performance? how does training impact the nine business impact areas

defined above? What do learners report when it comes to manager engage-

ment and support, or the availability of post-training resources?in any of the above examples, measurement output will show

a predictive impact, a validated impact 90 days post-training and

then data adjusted for bias/self-reporting.Training is more important than ever to maximise the work-

force, but determining the business impact of training must be quantified in terms of value of investment. increasing the value of your project management and business analysis training means Cios can and should develop a plan for building workforce compe-tencies based on the business strategy driving iT strategy.

raed haddad, SVP, global Delivery Services for training firm eSi international, has more than 25 years of multicultural, project management expertise across a range of industries, includ-ing health care, technology, government, telecom and financial services. haddad brings his insights to executive audiences world-wide in the areas of project management, talent management and performance improvement programme measurement.

—This article has been reprinted with permission from CIO Update.

To see more articles regarding IT management best practices, please visit

www.cioupdate.com.

strategic Value of PPM in enterpriseit provides information that links business needs with business technology activities By faisal Hoque

regardless of its size, one of the key components of strategic investment management in any organisation is portfolio and programme man-agement (PPm). PPm provides

enterprise-wide focus on defining, gathering, cat-egorising, analysing, and monitoring information on corporate assets and activity as they relate to technology implementation and management.

PPm offers top managers a centralised and bal-anced view of various business technology proj-ects and lays out the benefits and risks of each. in order to be effective, PPm is only realised by focussing on organisational structures, processes, information, and automation — in the process, bringing order to chaos.

if a business has any hope of transforming its technology management, it must first structure and organise all of the disparate pieces of informa-tion held by the organisation.

illu

st

ra

tio

n b

y s

hig

il n




it’s really no different than anyone trying to organise hundreds of photos on a hard drive, or clean out a basement. manage-ment must discover what it has, sort it into logical piles, and assess the value of the individual items against some larger goal.

Business technology portfolio manage-ment is essential. managers of financial assets, for example, would not presume to act without a full understanding of all their holdings. Portfolio management is widely applied in other management functions as well, including strategic planning and new product development. most business technology executives know of it, and many practice some form of it, but it has not often been granted the strategic role it deserves.

many companies don’t reap the full rewards because they see it only in financial terms, think of it as a software tool, or view it as a tactical approach for managing projects. At its best however, PPm takes all of a firm’s assets and activities into account. it is truly a more effective means of giving an entire company better information to develop strat-egies, manage risks, and execute plans.

PPm unites an organisation’s efforts at every level. it is a completely different way of seeing, assessing, and planning the busi-ness — somewhat analogous to financial portfolio management. for example, in finance, an investor identifies and catego-rises all assets to form a portfolio, which provides aggregated views of individual investments. The investor might see that the portfolio is weighted too heavily in one industry, has redundant exposure to one type of security, carries a certain level of risk, and promises a certain level of return.

The investor can set a strategy and construct a portfolio likely to achieve an appropriate balance of risk to return. in much the same way, business technology assets portfolios reveal what technology a company owns and what its various arms are trying to accomplish. management can

use a portfolio approach to decide which activities are more likely to support the enterprise business strategy.

The strategic role of PPm is nothing short of providing an enterprise (regard-less of size) with a tool for better aligning its technology spending with current and future business needs. PPm creates infor-mation and insight to help management make such decisions as:

Defining business improvement options and scenarios

Analysing implications and impacts of potential initiatives Setting target allocations for invest-ment categories

evaluating and making decisions on project requests

evaluating the health of business and technology assets Determining appropriate sequencing of major programmes managing risk mitigation across the enterprise

identifying and resolving critical project-related issuesThrough its centralised view of all tech-

nology projects, a good business technolo-gy portfolio will make it easy to ensure that investments are well balanced in terms of size, risk, and projected pay-off. used wisely, it will actually increase the value of technology by exposing projects that are redundant or risky while revealing how to shift funds from low-value investments to high-value strategic ones.

the Way It IsPPm improves the allocation of resources

and reduces project failures through cre-ation of a “single view of truth” about an enterprise’s operation. it generates a com-mon vocabulary and metrics. it permits a comprehensive set of decisions to be made before action is taken, identifying and resolving conflicts. it allows strategic

direction flowing down to meet suggested courses of action flowing up in a formal management process.

PPm is, in fact, continuous. Strategic planning informs portfolio managers, who reassess programmes and projects. infor-mation on the status of corporate assets, risks, and financial performance likewise influences subsequent strategic planning.

PPm provides information that links busi-ness needs with business technology activi-ties — enabling a converged viewpoint that is simply focussed on business outcomes, rather than advancing the interests of one group versus another.

PPm allows an organisation to get beyond the incomplete approach of computing the roi of individual projects.

With a portfolio viewpoint, the payback of a project can be evaluated within the context of many projects contributing to a goal. The merits of individual projects are not seen in isolation but in consideration of their con-tribution to business capabilities that enable a strategy. Through a PPm implementa-tion, no one group or project’s interest will advance at the expense of another.

— Faisal Hoque is the Founder and CEO of BTM

Corporation. A former senior executive at GE

and other multinationals, Faisal is an internation-

ally known entrepreneur and thought leader. He

has written six management books, established

a non-profit research think tank, The BTM

Institute, and become a leading authority on the

issue of effective interaction between business

and technology. His latest book, The Power of

Convergence (AMACOM, May 2001), is now

available.

— This article has been reprinted with permis-

sion from CIO Update. To see more articles

regarding IT management best practices, please

visit www.cioupdate.com.

“the strategic role of PPM is nothing short of providing an enterprise with a tool for better aligning its technology spending with needs”



B E S t o f Br E E D m a n ag e m e n t

An open Letter to Your CeoBusiness needs to stand up and take some responsibility too, it's not just it's alone By marc J scHiller

Dear mr/ms Ceo,i know that you often get pretty frustrated with

the iT group. i know you want your iT group to be successful. i especially know you want to get the greatest return on investment for every dollar

you are spending on information technology. That’s why i’m writ-ing this letter to you.

i want to help you dramatically increase the roi on every iT dol-lar you spend. no kidding. i’m talking about a 100x improvement in efficiency and efficacy. interested? i figured you would be.

Why You should Listen to Meyou’re likely wondering why you should listen to me, an author and consultant. After all, you have your own Cio with whom you can speak. Well, the fact of the matter is, we both know you don’t really listen to him — especially when it comes to hearing the hard messages. you’re tough, demanding, and don’t want to hear about problems. you want to hear about solutions. “make it happen”— that’s your motto.

To be fair, your Cio isn’t always that great at delivering the tough messages. But then again, can you blame him? you’re the boss. everyone wants to please you.

i’m an external consultant. i’ve got no axe to grind, no bonus on the line. it’s my job to “speak truth to power.” So here goes.

A Basic truthit’s easy to blame iT for everything technology-related that isn’t quite right. it’s especially tempting when it comes to delays or cost overruns on high-profile projects. That’s because a new sys-tem implementation acts as the perfect focal point for the many issues of the past. it’s as if all of the buried business and process issues of the past magically become an iT problem when a new system is implemented. it is this basic truth that sets the stage for everything i am about to share with you.

look, i know your iT group isn’t perfect. But you need to realise that the seeds of the problems you often face with large-scale iT projects were planted long ago. if you want to not only fix these problems, but turn your iT group into a

powerful force for innovation in the process, you need to make some changes in the business.

The good news is that the changes i’m talking about don’t cost a lot of money or require activities on the scale of a large system implementation. They are basic changes in mindset and attitude, combined with appropriate executive follow through.

Since i know you don’t have the time or interest in a philosophi-cal discussion of iT, i’m going to focus on the three really big and important things you can do to dramatically improve the perfor-mance and roi of iT at your company.

illu

st

ra

tio

n b

y j

of

fy

jo

se




Number 1: Get a grip on reality. i mean it. Stop expecting your internal iT shop, with its limited resources, to design and deploy systems that have a similar look and feel to what comes out of google and Apple. Those vendors have tens of thousands of pro-grammers and designers working day and night on their systems. it had better look great when they are done.

What’s more, not only do these companies have much greater resources than you do, they control the scope of what they deliver to the general public very tightly.

By contrast, your internal iT team has to deploy systems across a complex corporate environment. This involves not only the tech work but also the highly charged political work of integrating sys-tems with people and processes.

Another common departure from reality comes in the expecta-tion that high-impact corporate systems can be deployed quickly. forget about it. nothing important and valuable happens quickly. you may want things to happen quickly, and you may use your force of personality and position to get the iT team to agree to unrealistic deliverables and time frames, but that doesn’t mean it’s going to happen.Bottom line: Spare yourself, and your organisation, the pain of so-called failing projects. instead, really listen to what your iT leader-ship says is a realistic schedule and budget.

Number 2: Teach the business, first hand. The iT group wants to do a good job for the business. But in order for them to be suc-cessful, they have to understand the business. The problem is, no one ever teaches them about the business. (The quarterly town hall meeting is far from sufficient.)

The iT team (and just about every other group, by the way) needs the opportunity to learn about the various aspects of the business beyond their departmental focus. They need to understand the goals, objectives, plans, organisation, challenges, opportunities and more of the other departments and functions they serve. in short: they need to get inside their ‘customer’s’ mind.

To make this happen, create an on-going learning programme that teaches about the company’s strategy, operating model, competitive advantage, products, services, customers, distributors, competitors, logistics, manufacturing and so on.

make it a goal that no iT analyst in your company ever walk into a requirements gathering session with users and ask those painfully obvious questions like “what’s your role,” or “what exactly does your group do,” because there was no way for them to get that information on their own.

And don’t stop with classroom learning. That’s just the beginning. if you want the iT group to really “get it,” they need to walk in the shoes of their peers — or as close to that as possible. That means sending iT people out with sales reps and customer service agents. it requires having them work in the warehouse with the inventory managers, and getting them to crunch num-bers with the finance team.Bottom line: for the iT group to really “get the business” on a visceral level, they need to experience the business, firsthand. The Cio may be able to arrange for this on an

episodic basis, but only you can make this a permanent part of your company’s professional development programmes.

Number 3: Tie IT project metrics to senior business exec pay. That’s right, you heard me correctly. if you want those big iT/business proj-ects to work wonders in the business, tie the outcome metrics of the project to the pay of the senior executives the project is serving. it’s amazing to watch. i know because i have seen it.

When the senior executives have a direct and personal financial stake in the on-going success metrics of the system/business pro-cess — noT, i repeat, noT the on-time delivery date target of the system — the entire project rolls out differently.

All of a sudden there is not only interest and attention to the project, but a genuine engagement at all levels of the organisation. That’s because no senior executive wants to be out on his or her own. So, they quickly cascade those metrics and bonuses down their organisation to ensure that everyone is working together in order to achieve a common objective.

Bottom line: if you want your business people to really care about iT project success, put their money where your mouth is.

Is that everything?no, far from it. But it’s a great place to start. Besides, i know you have limited attention span.

if you are interested in learning more, drop me a note [email protected] and i’ll tell you about two addi-tional things you can do that will not only improve your roi from iT but will also boost the morale of the iT team.

Thanks for listening. i’ve got to get back to the iT guys now.

Sincerely,marc J Schiller

—This opinion was first published in CIO Insight. For more

stories please visit www.cioinsight.com.

“stop expecting your It shop, with its limited resources, to design and deploy systems that have a similar look and feel to what comes out of Google and Apple. those vendors have tens of thousands of programmers working”

$16bnwill be spent On

public clOud

services in 2011

in emea

Security Leadership Awards2011Recognising the best minds in Security Leadership & Innovation

In an attempt to recognise those individuals who have contributed and succeeded in pushing the boundaries when it comes to innovation in information security, CSO Forum, brings to you, the 1st Annual Security Leadership Awards.

Judged by our esteemed council, the Security Leadership Awards bring those individuals to the forefront who are constantly innovating and pushing the boundaries of security within the enterprise.

In an attempt to recognise those individuals who have contributed and succeeded in pushing the boundaries when it comes to innovation in information security, CSO Forum, brings to you, the 1st Annual Security Leadership Awards.

Judged by our esteemed council, the Security Leadership Awards bring those individuals to the forefront who are constantly innovating and pushing the boundaries of security within the enterprise.

December 2, 2011 ∞ Pune, India For details log ontohttp://www.thectoforum.com/csosummit2011

C

M

Y

CM

MY

CY

CMY

K

Highlights• Six Award categories

• Eminent jury members

• Transparent nomination process

• Awards ceremony on 2nd December, during the 4th Annual CSO Summit, 2-3 December, 2011 at Pune

Why participate• Get recognised as a star by leaders of the industry

• Join an exclusive club of achievers

• Learn from successful peers in an exclusive knowledge forum

• Share your and your company’s success stories

Award Categories1. Security Practitioner of the year2. Security Innovator of the year3. Security Project of the year4. Security Organisation of the year5. Promising star6. Security Visionary of the year

Who can apply?• CSO's and CISO's

• Heads of Information Security / Information Risk & Compliance and their team members of companies operating in India.

About the Security Leadership Awards

Security management is now recognised as a key business enabler.

Forward-thinking security leaders have made tremendous progress in driving tighter linkages between business excellence goals and security actions.

Their contributions need regular industry driven; peer-acknowledged awards to highlight the best successes; recognise the function and provide encouragement for future innovations in Security Management

The Security Leadership Awards is a dedicated platform to recognise such security executives; their teams and organisations for outstanding achievement in the areas of risk management, data asset protection, compliance, privacy, physical and network security.

Nominations open!To nominate yourself or your CISO/CSO logon to http://www.thectoforum.com/csosummit2011 or contact Vinay Vashistha at+91 9910234345 or email at [email protected]

C

M

Y

CM

MY

CY

CMY

K

B E S T O F BR E E D ca s e s t u dy

28 07 november 2011 cTO FORum The Chief


in the hyper-competitive world of financial ser-vices, tarnished by crises past and on-going, success is as much about demonstrating trans-parency and integrity, as about meeting customer expectations in terms of monetary gain. how can

technology help? here’s a simple story about a less com-plicated, but far-reaching implementation that tackled the challenges of customer retention and employee attrition, de-linking them to some extent. in the process, this proj-ect at Bajaj Capital ltd also boosted transparency inter-nally by bringing customer data analytics to every person in the company who needs to maintain relationships with clients for service and ongoing business.

Typically, in a large financial services group such as Bajaj Capital, the number of field sales personnel will be considerably large. This sales force will be the one that 'front-ends' the company's products and services from branches spread geographically across the country.

“our business is a retail-based business,” said Jijy oom-men, group Cio at the company, “so the customer base is so large that retaining existing customers and sustaining business with them is a challenge.” Keeping track of exist-ing customers, meeting their requirements, and serving new ones alongside, is a very serious exercise, keeping in view of large amounts of data and information that is con-stantly changing.

Capitalising on Analytics

Case study | Bajaj Capital ltd

Challenge: Jijy Oommen and her colleagues at Bajaj Capital Ltd, implemented a software programme that took three people less than 45 days to build. The application is now used across the company and has significantly boosted customer retention

in such a large customer base, running into perhaps several tens of thousands, “while we keep acquiring customers, we keep losing some of them, at the end of the day the challenge is to make that funnel narrower and narrower,” she said. Then, given that transactions involve money, customers over a period of time develop 'comfort-level' with specific relationship managers of the company. in a competitive business envi-ronment, when such employees leave, customers who trust them tend to follow. At the sales and customer rela-tionship management end, oommen said attrition levels in the industry can be as high as 30 - 40 percent.

Client Search engineoommen’s team has leveraged the huge customer data-base in the company's back-end database, including com-plete transaction histories, behavioral patterns and so on. “We developed a tool exclusively for the sales team in last year, called the ‘Client Search engine’ and the application is opened to the entire sales force of the organisation.” As the result, from their own locations, wherever they are, our sales people are able to do complete analysis of their customers’ profile and business with the company.

Consider a small branch, with a team of 10 people trying to serve about 10,000 customers. given the high

By HaricHandan arakali

29 07 november 2011 cTO FORumThe Chief


in 15 Seconds“With this as the context, you can imagine the difficulty in opening up analytical capabilities to the end-user of the iT systems,” oommen said. "What we've done is created a data repository using a custom-built eTl application at the back-end on high speed SAn and intel nehalem Class Processor based clustered blade servers”. “further, we have integrated an analytical engine with this data repository and linked it with the enterprise application with a single sign-on interface.” At very high speed, a matter seconds, the analytical engine taps the customer profile database and the transaction history and brings up information dynamically based on the queries set by the user. The queries can be varied over a set of as many as 20 parameters.“They get the data view in two to 15 seconds, depending on the size of the data,” oommen said.

This immediately benefited the users by giving them information on 'active' customers the period over which these customers have been active, or ‘inactive’ or even 'long-inactive' relationships. The search engine thus gave us a chance to re-vitalise various customer relationships. it also gives them the ability to prioritize which relationships

attrition levels across the industry, half the team could be new or in some cases, even the branch manager himself could be new to that branch. This is an important area where the Client Search engine makes a huge difference. it doesn't matter how new a person is to the company. Depending on the access rights, one can get the customer details at fingertips, in a matter of seconds.

With Bajaj Capital being in this business for close to half a century, the relationship management team can get information needed to reach out to a customer or help with a particular investment, be it a client who falls in the “new clients” category, who typically have a one to three-year relationship with the company or a client who started a few decades ago and continues to be loyal with the company. The search engine then also helps relationship managers recognize the customer loyalty, in the latter's case, and go the extra mile to help that long-standing customer. matters also become more complex with the transaction numbers being fairly high, with the customers' needs ranging from tax savings to one-off, ad-hoc investments that might be over and above other systematic investments, and even trading requirements.

COMPANY DASHBOARD

Company:bajaj Capital Ltd

EstablishEd:1964

Chairman:K K Bajaj

group CompaniEs:bajaj Capital Insurance Broking,

BHAC, ICOFP, Just

Trade

JiJy OOmmen, Group CIO, Bajaj Capital Ltd unravels the mystery of a simple software program that tackles attrition and customer retention

Ph

ot

os

by

su

bh

oji

t P

au

l

B E S T O F BR E E D ca s e s t u dy

to act on first depending on the revenue potential, portfolio size, activity level, etc.

“We took hardly 90 days to build the search and analytical engine with my col-leagues comprising of a project manager and two developers from the team of 40,” she said. The product was so convincing and friendly to the user community that the senior business executives themselves decided to champion the implementation.

One-page View"The application shows just one page,

with three different tabs, and a few col-umns. from the same screen itself, you

can view the complete transaction history of the customer, since inception, also" she said. Starting in february this year, the application has been made available at every branch office of the company.

“This project on the other hand, has been both cost efficient and time efficient. With a very little effort, it has given outstanding results. in the last few years, this would certainly top list the successful projects that gave us great satisfaction,” she said.

The benefits have been quite visible as well, oommen said, this year so far, in comparison with last year, in terms of customer retention and repeat business with existing customer

base, we have seen an improvement of 10 - 15 percent. given that acquiring new customers and boosting business from them is definitely higher, retaining customers pays off, the lon-ger the company is able to retain them.

finally, an important reason the project suc-ceeded was that “it was ideated with the group Ceo,” Anil Chopra, from the start, whom oommen considers her mentor. “Business doesn't have time to wait, right? Anything where they see quicker turnaround time, it certainly adds value for the business. it was probably one of the more satisfying ones for him as well, from an iT implementation per-spective,” she said.

“the appliCatiOn ShOwS yOu juSt One page, with three different radio buttons and a few columns. Just run it and from that screen itself, you can view the complete transaction history of a customer”

jijy OOmmen, Bajaj Capital Ltd

advts.indd 56 12/22/2009 3:02:47 PM

advts.indd 54 12/22/2009 2:54:15 PM

COVE R S TORY i n n ovat i o n

32 07 November 2011 CTO fORum The Chief


CIOs are using their tech knowledge to conjure up innovations that directly help businesses

boost revenue and bottom lines. Their CEOs are impressed

thinkingLateral

i n n ovat i o n COVE R S TORY

33 07 November 2011 CTO fORumThe Chief


From putting real-time data into the hands of front-line sales staff to beaming accurate radiology images to surgeons who might be away from the hospital, to build-

ing business models that profitably allow thousands of small-trans-action customers to send and receive money on their mobile phones, Cios in some of india’s corporations are quietly ushering in an inno-vation revolution.Be it responding to the economic environment of the day or consumerisation of iT, “The new Cio will not just supply technology but will be responsible for sourcing technology solutions and developing services for business,” said Khalid Kark, a Vice President at forrester research inc. “it will not matter who provides the technology — what is important is how these technology services get orchestrated to create value for the business,” Kark said.They are overhauling the mandate of the iT enterprise and shifting away from providing mere systems support to come up with business solutions based on their technology savvy. Their Ceos can’t have enough of it.

34 | Taking on the Innovation Mandate

37 | Real Innovations Real Impact

40 | Delivering Innovation

i n s i d e

ima

gin

g B

Y s

un

ee

sh

k



innovation — one of the most bandied about, abused, and cliched terms in business today, worldwide. yet, if one strips away the marketing and Pr gobbledegook, the word does mean something: even with the sim-

ple definition that an innovation is a novel application of known knowledge to generate tangible value.

in this context, by putting real-time data into the hands of front-line sales staff, to beaming accurate radiology images to sur-geons who might be away from the hospital, to building business models that profitably allow thousands of small-transaction cus-tomers to send and receive money on their mobile phones, Cios in some of india’s cor-porations are quietly ushering in an innova-tion revolution.

Be it responding to the economic environ-ment of the day or consumerisation of tech-nology, “The new Cio will not just supply technology but will be responsible for sourc-ing technology solutions and developing

InnovationMandateCIOs are no longer just the caretakers of your IT infrastructure. They have now donned the mantle of innovators and change makers By Harichandan Arakali

“What i'm looking for are productivity solutions that can be used from anywhere in the world.”vp aiyappan pillaiVP, Business Process Transformation, Tata Communications


Taking on the

ph

ot

o B

Y J

ite

n g

an

dh

i




minant of what the services man-aged by the Cio’s team should be like.

iT today has become an intrinsic part of most businesses. Business growth can be significantly aided by iT. Therefore, the involvement of the Cios is important and instead of seeing them as personnel that maintain iT infrastructure and systems, one

services for business,” said Khalid Kark, Vice President, forrester research inc. “it will not mat-ter who provides the technology. What is important is how these technology services get orches-trated to create value for the busi-ness,” Kark said in a report titled, The new Cio — embrace The empowered era or Step Aside.

Cios are overhauling the man-date of the iT enterprise and shift-ing away from providing mere systems support to come up with business solutions based on their technology savvy.

Custodians of Converged Services“i'm not looking to merely man-age infrastructure,” said VP Aiyappan Pillai, Vice President, Business Process Transformation, Tata Communications ltd. “What i'm looking for are productivity solutions that can be used from anywhere in the world.” What he is seeking is a converged con-nectivity model. This presupposes that the underlying infrastructure will be available just as much without anyone's intervention. What will be important is the accessibility to the applications, no matter where a user is and what the application is.

“Cios will be increasingly ques-tioning how a service is delivered. modern technology services need to reflect a certain intelligent and holistic approach”, said Baiju gujarathi, Vice President for iT governance at repro india ltd. The objective will be to keep the end-user experience in focus at all times, he said. The end-user experience will be a strong deter-

should view them as people who help bring technological solutions to business prob-lems, gujarathi said. eventually, no matter what technologies are adopted by the busi-ness, they will connect with the information system at some point, he said.

Cios are increasingly seeing themselves

as custodians of converged and business-enabling services, and their Ceos can’t have enough of it. “We are proud of our technol-ogy group,” Bajaj Capital’s Chopra summed up this sentiment, talking about his Cio and her team. Chopra’s enthusiasm for the data mining project reflects what top execu-

When Anil Chopra, Group CEO of Bajaj Capital Ltd, wanted to put near-real-time customer

information in the hands of his front-line sales staff, his CIO turned out to be the perfect person to turn to. Jijy Oommen, the CIO and her team took less than two months to build an application that gave a one-screen view of vital customer information (see our Best of Breed Case Study).

The easy-to-use application tackled two problems with one stroke — the need to enhance customer retention via superior service and the importance of empowering new employees in an industry with very high attrition rates.

?CTO Forum: When this project was still at the ideation stage, what were the attractions of doing something like this?Chopra: Data mining is the key to effective engagement with existing clients. Over the years, I have been conceptualising certain parameters and requesting our IT Team to apply those on our vast database of clients and share the results with me. Whenever I carried these reports and shared them with team members on the ground, they would exclaim “Wow Sir! Can't we get such useful reports and MIS regularly?”

These thoughts were haunting me for last few years, and one fine day I decided to throw this chal-lenge at our IT Team Head, Jijy Oommen. When I was articulating my expectations from the IT group, there was enthusiasm as well as impatience besides excitement in my voice. I was excited thinking about the reaction of sales team members when they would be equipped with this specially-designed cli-

ent search engine.

?CTO Forum: In general, what is the most impor-tant thing you expect from Jijy, or someone in her position — a business technology leader?Chopra: I expect Jijy or and the other team mem-bers to have clarity of thought process, clear under-standing of expectations and ability to deliver within a given time frame.

?CTO Forum: How does this project demonstrate that technology leaders in your group are delivering

on that expectation?Chopra: Execution of this project

from ideation to launch has increased our confidence in

our technology leaders and has given us an edge over our competitors.

Generally, there are time overruns in IT projects. However, this project was

executed and delivered ear-lier than promised and with

not many bugs. Hence, it was easy to launch the same in the sys-

tem as the architecture was so robust and user-friendly that team members learnt to use it like fish take to water.

What excited me and my front-line sales staff was not the technology that went into delivering the required information or the fact that it would give us an edge over competitors, but the elegance and the user-friendliness of the whole solution.

I am particularly happy about the project being delivered ahead of the promised deadline and that it was so intuitive that the end users, the sales and marketing personnel adapted to it quickly.

That’s what I call true innovation.

I Hear You Mr CeointervieW




tives increasingly see to be the role of the Cio. Chris Potts, award winning writer, cor-

porate strategist and mentor to Cios, in a paper titled The four generations of

Corporate Strategy for iT has said: “What matters most to execu-

tives is not how well people are exploiting iT, but how well the

enterprise is achieving its goals from all the investments it makes.”

Cios as agents of innovation are in a posi-tion to add serious value to two areas that Potts points out are interrelated: operations and investments in change. “These invest-ments are in two distinct but interrelated capabilities — operations, and investing in change — and iT is deeply integral to both of them,” he said.

“each demands a different leadership mindset, skills, and measures of success. There are tough creative tensions between them that cause a conflict of interest for anyone who is equally responsible for both,” he said.

Well, Cios are, and whenever they suc-ceed in harnessing that creative tension to deliver business value via an innovative solution, to be sure, support from the Ceo is a cinch.

The CIO's role is about to change drastically and significantly, said Khalid Kark, VP and Research Director at Forrester Researc Inc, in a

report, The New CIO — Embrace The Empowered Era Or Step Aside.CIOs who continue to manage technology and focus only on execu-

tion will not survive, Kark said. The ones who embrace this change and step up to enable the business, empower the employees, and encour-age innovation across the organisation will succeed in this role.

To succeed in this new empowered era, the CIO will need to move along the following five dimensions:

From alignment to convergence: CIOs who can only take orders, who can't speak the language of the business, who can't step out of the pro-verbial back office and into the front lines will not last long. Forrester data suggests that more than two-thirds of IT leaders wait for business leaders to finalise their strategy before IT formulates its own. This is a recipe for failure. To succeed, the CIO will have to converge with the business and not think of IT as a separate discipline.

From execution to innovation: Project execution and on-time deliv-ery are not goals but table stakes today. Having this focus will not be enough. You must drive innovation and boost business-partner rela-tionships. One way to do this is to reach out to business innovators and create zones that provide an environment for rapid innovation. Getting their input and providing services and advice will ensure that you are brought into the loop when new opportunities surface.

From technology supplier to services orchestrator: The traditional

role of the CIO has been to manage the technology needs of the organisation. The new CIO will not just supply technology but will be responsible for sourcing technology solutions and developing services for business. It will not matter who provides the technology — what is important is how these technology services get orchestrated.

From operations to business outcomes: A measure of a successful CIO used to be operational excellence. The primary task for the CIO was to ensure uptime and reduce cost by delivering services more efficiently. Today many CIOs are being measured on revenue growth, customer intimacy, and their contribution to innovation. This focus on business outcomes ensures the CIO is focussed on business priorities.

From rules to guardrails: IT often enforces rigid rules and convoluted governance processes. IT must evolve new governance approaches that empower the business with providing 'guardrails' and education, reserving strict technology control for only the most critical technology assets. This will be a radical change — from layered technology man-agement to new rules for ownership, accountability, and responsibility.

The empowered era brings not just a change in technology but a change in attitudes, behaviours, and technical competencies within organisations. The empowered CIO spends a majority of his/her time in engaging and empowering users and customers while delegating and outsourcing technology management and operations. CIOs that are not willing to make this shift will fail.

For Feedback: Mail to Khalid at [email protected]

Brave tHe wInds of CHange or lose tHe gaMe

“Cios will be questioning how a service is

delivered. modern technology services need

to reflect an intelligent and holistic approach”

Baiju gujarathiVP, IT Governance at Repro India Ltd.



X X X X X X COVE R S TORY

earlier this year, neena Pahuja, Cio at max healthcare hospitals, got a phone call from a well-know radiologist on staff at the group and what he

said surprised her: “hey, you saved a life today.” What had happened was that the radiologist was part of a pilot programme in which Pahuja and her team were testing out delivering radiology images to the experts’ smartphones. The images would be detailed enough for the doctors to actually make some observations and diagnoses there and then, quite literally saving lives.

innovation that’s Saving livesThe pilot, now expanding across the max healthcare chain, had at such an early stage demonstrated that it could dramatically slash the time required for such processes in comparison with the conventional way of doing it, where the doctor would have to be physically present.

The phone call was about a young patient who had been brought to the hospital fol-lowing an auto accident in the early hours of one morning. The radiologist, who wasn’t at the hospital, was still able to look up the

Real Innovations,

Real ImpactTechnology gyan is easy. Delivering it as ‘applied gyan’ on the ground isn’t. CIOs in sync with organisations’ big-picture mandate deliver innovations that make a difference By Harichandan Arakali

radiology images and spot an internal bleed-ing, and make various recommendations that helped save the patient’s life.

Pahuja is now orchestrating a much more ambitious deployment: “i am cur-rently supporting a radiology informa-tion System implementation,” she said, “where we bring in integrated radiol-ogy systems with ‘voice recognition’ for radiology reports together with pathways for tele-radiology.”

“We pick the best practices for productivity improvement from other industries and also from the hospitality industry”neena pahujaCIO, Max Healthcare

ph

ot

o B

Y s

uB

ho

Jit

pa

ul




“This system will ensure standards for reporting, audited second opinions in instances of complicated cases from across locations and also integration with complete patient records as part of an electronic health records system,” she said. The voice recognition additionally reduces the TAT (turn-around time) for reporting and also adds to better customer experience. The hospital chain would be formally launching the project soon, she said.

As Cio, she has to help ensure that in an industry dealing with the lives of people, appropriate care and quality checks are per-formed before rolling new process/technol-ogy. for improving services, “we also pick the best practices for productivity improve-ment from other industries and also from the hospitality industry,” Pahuja said.

She said her role had become the natural fulcrum of many of the projects that the hospital chain was rolling out, with the increased penetration of technology.

Business is the mandatePahuja’s ideas on Cios being roped in

increasingly to fulfill a business mandate via their knowledge of technology finds resonance with Kadab mukesh, Chief Busi-ness operations officer at Tata Sky ltd, one of india’s largest direct-to-home (DTh) satellite services. mukesh firmly believes that any innovation must first have a solid business case. once that happens, it is more a question of how and when that innovation is delivered. Kadab and his colleagues at Tata Consultancy Services ltd, decided to go the cloud way to launch a customer self-help portal that would help the DTh services provider manage capacity cost-effectively without dropping service quality.

“Keeping capacity idle indefinitely is expensive,” mukesh had said, when CTo forum first asked him about the portal in April. “in some areas, it’s cost-effective to raise capacity in-house while in others it isn’t. for example, raising capacity in call centres is hugely expensive. Traditionally, even in iT, raising capacity for self-service is expensive, he said.

The portal, launched on Amazon’s cloud infrastructure, made it relatively easy for Tata Sky to scale up some capacity and scale down as required. This portal, accessed via the DTh provider’s website, allows sub-

scribers to make payments, change their preferences and keep track of their pack-ages. “They use it a lot,” said Anil eipe, a Project Director at Tata Consultancy, who supervised the deployment of the portal.

“When i have around 200-300 concurrent users or sessions on a normal day, at the time of something like the cricket World Cup season, we saw that this would shoot up to 1,600-1,700 concurrent sessions.” This means at any given point in a day, as many as 1,700 subscribers would hit the portal at the same time. That such surges in usage are driven by broadcast events or pro-grammes, the ability to dynamically allocate capacity would make a big difference.

“What happened was that it came to a point where we needed agility in increasing the resources for a short duration,” eipe said. “We weren't keen to buy that hardware and keep as an idle investment. We were looking for a model that could give us this benefit both commercially and technologi-cally.” They found that model in the elastic Compute Cloud service offered by Amazon Web Services, an Amazon.com company. What Tata Sky did was to ensure seamless integration with the back-end that was still residing in the DTh provider’s own data centre.

innovation in Financial inclusionhelping people help themselves is dem-onstrated even more spectacularly when it comes to financial inclusion. “What can a Cio do to bring banking to the under-banked in india — at least at the level where people can only transact in a few tens of rupees or a couple of hundred rupees at a time. The answer as showed, is, ‘a lot’,” says umesh Jain, Cio, yes Bank.

in a three-way partnership with obopay inc, a mobile payments technology platform provider, and nokia oyJ, one of the largest makers of mobile phones in the world that has also invested in obopay, yes Bank is rolling out a mobile payment service that allows people to use their cell phones to make make purchases, pay bills and send money to one another.

yes Bank and obopay india introduced their mobile-phone-based service last year, initially with a prepaid instrument. This service established a platform that enabled transfer of money using the mobile phone

“in some areas, it’s cost-effective to raise capacity in-house while in others it isn’t.”

Kadab mukeshChief Business Operations Officer, Tata Sky

“a Cio can do a lot to bring

banking to the under-banked in

india”umesh JainCIO, Yes Bank

ph

ot

o B

Y

Jit

en

ga

nd

hi

ph

ot

o B

Y

s r

ad

ha

kr

ish

na




in a secure manner, according to a company statement. The bank had received the regu-latory approvals from the reserve Bank of india to act as the issuing Bank and the cus-todian of funds under these services. The prepaid mobile payments service was initi-ated as a pilot in Pune, and then extended to Chandigarh, mohali, Panchkula and nashik.

“everyone is gung ho about the mobile phone today,” Doraiswamy PP, execu-tive Vice President at yes Bank, told CTo forum in an interview in may. "The kind of reach that the mobile channel has can't be matched by even the internet or ATms or any other channel today," he said.

When the bank finalised its partnership with obopay in 2008-2009, it also decided that it will initially start with a prepaid instrument. how this works is as follows: With the bank according nokia the status of 'Banking Correspondent,‘nokia’s individual retail shops are enrolled as ‘agents’ that the people looking to use the mobile banking service with yes Bank can approach.

20,000 Transactions a month: With the prepaid service, which is not dissimilar to using a prepaid coupon to top-up the cellphone, customers would download obopay’s application on their cell phones, which would be activated once their reg-istration with the bank was successful. They would basically make a deposit with the nokia 'agents' and then get to use the mobile application to make payments. When they have exhausted a deposit, they can go back to an agent and make a fresh

deposit and start again. on customer request, they are also being issued ATm cards using which they can withdraw the money as well.

After the pilot launch in mid february 2010, by may the bank was hosting about 48,000 customers in Pune, Chandigarh, Panchkula, mohali and nashik and ramp-ing up services in these cities gradually, according to its statement. yes Bank by then already had customers make some 20,000 transactions a month, worth a total of about rs 17 lakh, giving an average 'ticket size' of rs 85 per transaction. Therein lies another unique advantage of the cellphones: Just as people in india are used to topping up their mobile-phone credits with coupons valued at as little as rs 25, yes Bank's successful exper-iment is allowing them to transact in amounts as small as rs 100.

Already, "We're work-ing on integrating our bank account transac-tion processes with the mobile platform," Doraiswamy had said.

“obopay's low-cost business model is built around an open, scalable technology platform and a rich and diverse partner ecosystem,” navi radjou, executive Director of the Centre for india and global Business at the Judge Business School, Cambridge university, said in a blog for the harvard Business review in october

2009.in a conversation with Carol realini, the

Ceo of obopay, radjou said, partnerships including the one between yes Bank and obopay “encourage a more frugal mindset among consumers, who embrace their ‘pay before’ spending paradigm (via prepaid mobile accounts) as opposed to the ruinous ‘pay after’ model (with credit cards) which fuelled the financial bubble” that led to the current recession.”

innovation that Says ‘Be Yourself’“Today, 22 per cent of employees say that they have used a non-iT-provisioned service over the web to perform their job function — not to update their facebook accounts, but to do real work,” has said Khalid Kark, of forrester research.

Sudhir Kumar reddy at mindTree ltd, a computer services provider based in Banga-lore, is one of the Cios who is proactive in combating this sentiment. he championed and launched a portal at mindTree, called The People hub that he expects will go way beyond the company’s existing intranet, and have much more far-reaching results for its employees. he hopes it will make working at the iT and product engineering services provider a lot more fun, in addition to mak-ing life more convenient and productive.

The benefits of this portal are that “i personally think it will enable, if not more, at least 15 minutes of productivity improve-ment per person per day at mindTree,” he said. reddy expects the portal will be very

people-friendly and that he can deliver whatever his business stakehold-ers want much more efficiently.

The beauty of this platform is that "every-thing is like a mini-app," which means that adding a new one would take more like a week for delivery rather

than months, he said. "it means i'm really giving business agility to the organisation," he said. This is something that is very close to reddy’s heart: “is it possible to let people be themselves and still get the best out of them? how do we create an environment that enables this?”

Sudhir Kumar reddy CIO, MindTree Ltd

“i personally think it will enable,

if not more, at least 15 minutes

of productivity improvement per person per day at

mindtree”

40k is the estimated

number of patents filed and owned

by IBM



InnovationDeliveringSuccessful Indian companies across verticals have evolved great innovation strategies. This is extremely relevant to today’s CIOs By Rishikesha T Krishnan


india: Increasingly an nnovation-driven market.

What’s common between Tata motors, Bajaj Auto, Biocon, Titan and Pantaloon? of course, they are all large and successful indian com-

panies. But, consider the following: Tata motors wasn’t even in the car busi-

ness 20 years ago. yet, today it is india’s third largest car manufacturer and well ahead of top brands like Toyota, honda and ford in terms of volumes. it has created robust product platforms around the indica, indigo, and nano brands, specifically designed for the indian market.

until 10 years ago, Bajaj Auto was an insignificant player in the motorcycle indus-try and still largely dependent on scooters and autorickshaws. Today, it is the second largest motorcycle company in the country and a strong leader in more powerful and stylish sports bikes. The root of Bajaj’s suc-cess was the development of the Pulsar, a bike that combined power, style and fuel

economy based on its DTSi technology. Biocon entered the biopharmaceutical

business in 1998. Today it is regarded as india’s leading biotech company. it is well ahead of other indian companies in the production of biosimilars, and may launch india’s first locally-developed novel biotech-based drug in the next few years. it has used product and process innovation to exploit its core capability in fermentation technology.

Titan’s turnover has shot up to the one billion dollar mark in the last few years rid-ing on the back of accelerated growth in the jewellery business. While its purity plank attracted customers, they also liked the designs the company has created to address the mass market.

Pantaloon (Kishore Biyani’s future group) is one of the country’s foremost multiformat retailers with a national footprint. The company has constantly experimented with new formats, based on a culturally-embedded and intuitive under-standing of the indian consumer.

What’s common among these five com-panies is that they have attained leadership positions thanks to their well developed and executed innovation strategies. While the importance of innovation in global markets remains clearly visible — Toyota’s success with the Prius and Apple’s cash balances of more than $75 bn based on the success of the ipod, iphone and ipad underline this once again — the emergence of innovation as a differentiator in the indian market is of relatively recent origin.

innovation will be even more important for indian companies and multinationals targeting indian and other emerging mar-kets in the years to come. While there may be a fortune at the bottom of the pyramid, to quote CK Prahalad’s evocative idea, get-ting to that treasure will need an ability to understand emerging customer needs well, design products and services to meet these needs, and to find processes and business models to deliver these products and ser-vices at an affordable cost.




What does this mean for iT infrastruc-ture? information Technology (iT) plays a role in today’s innovation scenario in mul-tiple ways:

ideas are the basic and most critical raw material for innovation. employees across levels and functions can be great sources of new ideas. iT systems that capture, process, catalogue and archive ideas make the inno-vation process more robust.

innovation is all about processing infor-mation in creative ways. understanding customer purchase and usage patterns depends on the generation and communica-tion of timely and accurate data from the point of sale.

Capturing data on the failure of past products or shortcomings in service delivery help identify areas for improvement, new product and service ideas as well as prevent the repetition of past mistakes. mining ser-vice records can be a great source of inputs.

Successful innovation is all about mixing and matching different ideas. Databases containing ideas generated in the past can often be re-used. So can components and parts from earlier products.

Product development is a complex exer-cise. A car or even a motorcycle has hun-dreds of parts. Changing the design of just one of these can have consequential impli-cations for the design and functioning of other parts. Product life Cycle management (Plm) solutions have emerged as important tools to manage this complexity over the life cycle of a product.

Very few innovation efforts are today undertaken by companies on their own. Tata motors has worked with a large network of vendors to redesign components to bring down the cost of the nano. Biocon’s innova-tion efforts involve col-laborations with large pharmaceutical compa-nies, many companies are keen to embrace a culture of open innova-tion, and iT provides the collaborative plat-forms for people within the company and outside the company to contribute to the company’s innovation activities. iBm has

tant role in facilitating innovation. Clearly, the information needs of innovation-driven companies are challenging due to their scope and complexity. But the bigger chal-lenge comes from the need to be flexible and adaptable. innovation is all about change, agility and responsiveness. This means that it is difficult to foresee how innovation will unfold in the future. The needs of innovation teams in companies are bound to evolve in different directions.

While the implications for technology point to flexible architectures based on an array of customisable plug-and-play tools, i see the biggest challenge not in the technology but in the ability of the Cio to understand the innovation strategy of the company and be proactive in providing the best technology support that the innovation programme needs. innovation efforts in companies will flourish or flounder depend-ing on how innovative their Cios are! Are Cios ready to take on this challenge?

(ed. note: This paper was first published in the CTo forum red Book 2011)

Rishikesha T Krishnan is a Professor of Corpo-

rate Strategy and Policy and the Jamuna Ragha-

van Chair Professor of Entrepreneurship at the

Indian Institute of Management, Bangalore. He

is the author of the book ‘From Jugaad to Sys-

temic Innovation. The Challenge for India.’

held web-based global innovation jams where it invites users from all over the world to share their ideas and co-create new solutions to problems.

Capturing the value of innovation depends on execution excellence. Without management of the supply chain — both at the front end and back end — innovation will result in piled up inventories, stock-outs, or the wrong product at the wrong place at the wrong time. iT support for logistics, supply chain management and inventory management become critical in an innovation-driven business strategy. for example, Titan creates hundreds of new watch models every year and has hundreds

of retail outlets across the country.

These are just some of the ways in which iT is involved in the innovation process. in addition, iT is increas-ingly involved in the core functionality itself. What does this mean for Cios? for Cios, the past was about erP, Crm, e-commerce, sup-ply chain management,

and security. The future is about providing the iT support to support innovation.

As we explained above, iT plays an impor-

“For Cios the past was about erp, Crm, e-commerce, supply chain management and security. the future is about providing it support to support innovation”rishikesha t KrishnanProf, Corporate Strategy & Policy IIM, Bangalore

70% global 2000

organisations will have at least one

gamified application by 2014



NEXTHORIZONS Feature InsIde

economics of Cloud Computing decoded Pg 44

ph

ot

o b

y p

ho

to

s.c

om

We know that, in a certain sense, tablets aren’t exactly 'emerg-ing'. Tablet PCs have been around for years,

even if we only mark the introduction of the microsoft Tablet PC platform as a starting point. But since the current definition of ‘tablet’ refers to the form factor, operating system approach and connectivity model of the iPad — and since, in our survey, we were able to make this distinction clear — we’re confident in being able to say that tablets represent one of the fastest-growing new technologies we’ve ever measured.

The Cio insight 2011 emerging Technol-ogy Adoption Trends Study was fielded from September 6 to october 7, 2011. A random selection from corporate parent Ziff Davis enterprise’s lists of readers and site visitors were invited by email to participate in the online study. The survey was completed by 382 respondents involved in new technology acquisition in organisations with 50 or more employees; each respondent was asked which of 41 emerging technologies their organisation is currently using, testing, or investigating, and what benefits they were expecting from this activity. The survey also

nine out of 10 organisations in north america are in some stage of adopting tablets for employee use By Guy Currier

Tablets Rule Technology Trend



ta b l e t s N E X t H or I Zo N S

asked about current use and experienced benefits of a smaller list of recently emer-gent but better-established technologies.

unified communications (uC) is also surging this year — at last. in our 2010 study, roughly one out of four organisa-tions with 50 or more employees showed no interest in uC. This year, that’s dropped to only about one in six. even more notable, the percentage of respondents who are actively testing or piloting uC rose from 18 per cent to 27 per cent. What’s interesting about this is that it clearly shows an accel-eration in adoption of uC, both in the num-ber of organisations using it and in the scale of their uC deployments.

The same can be said of iPv6 and location-based applications: current testing levels are historically high for both of these — though for completely different reasons, of course. iPv6 is a required evolution in the structure and functioning of the internet that has essentially been put off as long as it can be at this point. So organisations are, by necessity, looking to begin deployments. The interest in location-based applications, on the other hand, is really the result of a maturing in our capacity to understand how much more can be done (beyond just providing maps or cou-pons) with the knowledge of where a worker or customer is. The disparate reasons for their emergence notwithstanding, iPv6 and location-based applications are two technolo-gies that are likely to show accelerated adop-tion in the months and years to come.

not so for private clouds, however, even though it ranks no. 3 on our most-emergent list this year. it achieves this position because its adoption rate is strong, with roughly as many respondents testing (25%) as currently using (24%) private clouds. With private clouds, what we see is strong — but not accelerated — growth.

Predictive analytics, an extension of the wave of business intelligence adoption that’s been sweeping through the enterprise since mid-2010, is also a strong-but-steady emerging area. improved and increased data sources and 'mass-market' use of Bi reporting, such as from web analytics or marketing-automation applications, are creating a host of new opportunities for businesses. Wireless services branded as '4g', however, might represent a different situation. So far as high-speed wide-area

data communication goes, 4g is almost by definition the only game in town, as alter-natives such as WimAX (also touted as a 4g-calibre option) and regional or 'muni' Wifi have not caught on.

given the increasing focus of the enter-prise on mobile distribution of applications and data, clearly it’s been necessary to address wireless bandwidth. And in this, 4g excels. however, the availability, usability, and (especially) power issues associated with 4g might be giving organisations pause, not enough to take 4g off our list of most-emergent technologies for the second

established technologies we asked survey respondents about (those that are relatively new, but not new enough to call 'emerg-ing'). for example, you might not associate an application infrastructure technology such as service-oriented architecture (SoA) with business growth. But it seems that in the era of distributed computing, big data and mobile applications, the interoperability that SoA provides means opportunities for the initiatives running on them. more respondents cited this as promoting busi-ness growth than any other of the more-established technologies we asked about.

Cost savings are a particular benefit organisations have experienced from stor-age virtualisation, cloud-based storage, and desktop linux; but for storage virtualisation and linux at least, the benefit is definitely not business growth. neither is it business versatility, a benefit closely related to cost-savings. Business versatility has risen in importance recently as companies under-stand that the ability to react quickly to market conditions and opportunities is one of the chief protections they have against business risk. here is where smartphones, in particular, show promise.

After all, the reasons for technological progress are benefits-based. We didn’t jump on tablets because the iPad happened to have a particular feature set, any more than we jumped on virtualisation because Vmware’s eSX Server 3.0 had achieved a particular performance level. Both tablets and virtualisation had been around for years. What made these emergent was the swiftness of the market’s reaction.

So it’s not surprising to see that tablets are recognised as helping with all three major business goals today. This is what is mak-ing them such a hotly developing area of iT. This 'cure-all' image is driving uC and pri-vate clouds as well. But, inversely, you might find real benefits even from technologies that are considered niche (at least for now). Some examples include video VoiP if you seek more flexibility in your operations or service offerings, or user self-service if you want to manage iT costs. — Guy Currier is Senior Editor/Research for

CIO Insight.

— This opinion was first published in CIO

Insight. For more stories please visit www.

cioinsight.com.

year in a row, but enough to keep growth from accelerating, particularly as some reas-sess the return on their 4g investment.

in addition to exploring the market-based factors in the adoption of emerging technol-ogy, one of the key features of our emerg-ing Technology study year after year is the attention we pay to the business benefits that are driving interest in and deployments of the latest and greatest in iT. Whatever the economic conditions, your organisation is probably pursuing all three goals of profit-ability, versatility and growth — at least for different initiatives — and our survey can show you which new technologies are likely to be best for achieving each of these goals. This is especially true of the more-

“So it’s not surprising to see that tablets are recognised as

helping with all the three major business

goals today. This is what is making them such a hotly developing area

of IT. This ‘cure all’ image is driving UC and private clouds

as well”



N E X t H or I Zo N S clo u d e co n om i c s

Economics of Cloud Computing DecodedProper deployment of cloud can provide significant savings, better It services and reliability By Kevin L JaCKson

Cloud computing, as defined by the national institute of Stan-dards and Technology, is a model for enabling “… convenient,

on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

niST is implying the economies of scale that go with cloud computing when it refers to a pool of configurable computing resources.

Cloud computing is often referred to as a tech-nology. however, it is actually a significant shift in the business and economic models for provi-sioning and consuming information technology (iT) that can lead to a significant cost savings. This cost savings can only be realised through the use of significant pooling of these “configu-rable computing resources” or resource pooling.

According to niST, this capability is an essential characteristic of cloud computing. resource pooling is the ability of a cloud to serve multiple customers using a multi-tenant model with different physical and virtual resources dynami-cally assigned and reassigned according to demand. Cloud computing economics depends on four customer popula-tion metrics. They are: 1 number of unique Customer Sets 2 Customer Set Duty Cycles3 relative Duty Cycle Displacement4 Customer Set load

These metrics drive the cloud provider’s ability to use the mini-mum amount of physical iT resources to service a maximum level

of iT resource demand. Properly balancing these factors across a well characterised user group can lead to approximately 30 per cent savings in iT resources, and enables the near real-time modification of the underlying physical infrastructure required for the delivery of the desired “illusion of infinite resources” synonymous with a cloud computing user’s experience. When implemented properly, the cloud computing economic model can drastically reduce the operations and maintenance cost of iT infrastructures. A 2009 Booz Allen hamilton (BAh) study conclud-ed that a cloud computing approach could save 50 to 67 per cent of the lifecycle cost for a 1,000-server deployment.

Another Deloitte study confirmed that cloud deployments

illu

st

ra

tio

n b

y p

rin

ce

an

to

ny

clo u d e co n om i c s N E X t H or I Zo N S

delivered greater investment returns with a shorter payback period when compared to the traditional on-premise delivery option. in considering cloud computing for the intel-ligence Community, security is an obvious concern. given the legal and operational concerns, classified information should always be processed in properly protected and certified iC private or community clouds. if a secure cloud model can be designed, eco-nomic savings can certainly be realised. When used to process unclassified information, shar-ing cloud computing resources can nominally provide the operational advantages of a private cloud with a cost closer to that of a public cloud due to the expected economies of scale from combined user communities. The federal government is currently deploying a federal commu-nity cloud. officially referred to as the general Services Administra-tion infrastructure as a Service Blanket Purchase Agreement (gSA iaaS BPA; item no. 4 in the White house Cio’s “25 Point imple-mentation Plan to reform federal information Technology manage-ment”), this government Wide Acquisition Contract (gWAC) vehi-cle is designed to implement a community cloud economic model to support the federal government.

The office of management and Budget (omB) expects this com-munity to provide approximately $20 bn in cloud computing servic-

es to a community made up of more than 25 agencies. using the BAh study as a guide, and assuming that community cloud economies mimic those expected from a hybrid cloud, transitioning iT services from an agency-owned iT infrastructure to the gSA iaaS plat-form should deliver benefit cost ratios of approximately 7:1. Cloud computing provides some strong benefits and economic incentives.

Selecting a public, private, hybrid or community cloud implementation will depend on a customer’s specific application, performance, security and compliance requirements. Proper deployment can provide signifi-

cant savings, better iT services and a higher level of reliability. lower Costs Cap-ex free Computing Deploy Projects faster, foster innovation Scale as needed lower maintenance Costs resiliency and redundancy

— This article is printed with prior permission from www.infosecisland.com.

For more features and opinions on information security and risk manage-

ment, please refer to Infosec Island.

30%savings on

it resources

through cloud

computing

economics



E VE N t r E Por t j u n i pe r

Consumerisation of IT and security in the network were the key areas of discussion during the event at New Delhi

Delegates interacting with Juniper representatives during the networking dinner

The Cio is today expected to be more than just a technol-ogy expert. it is expected that s/he will understand the complexities of the business

at hand and also the intricacies of various functions within the organisation, all the while crafting technology solutions for the enterprise. it is also expected that the solutions that the Cio builds today will stand up to whatever challenges the future throws up at the business.

To give crucial insights into these chal-lenges that the Cios are facing and how

Cios across the world are handling them, 9.9 media invited Kevin Johnson, Ceo of Juniper networks, for a highly interactive discussion held in new Delhi on Septem-ber 28, 2011. The discussion was moder-ated by Dr Pramath Sinha, founder and

managing Director, 9.9 media, who tried to clear the air around cloud com-puting asking Johnson if he was genuinely con-vinced about the econom-ics of cloud.

replying to this, Johnson said, “if you do the mathematics behind the economics of virtualisation, centralisation and automation, it is very easy to prove that the economic benefits of this model are signifi-cant. if you then try to apply these economics to your iT operations, it is very difficult.”

Kevin Johnson sharing his thoughts on the latest trends in the IT industry

CTO Forum hosted Juniper’s CEO, Kevin Johnson, to discuss the changing role of a CIO

The New Age CIOEvent



j u n i pe r E VE N t r E Por t

Sanjeev Prasad, CIO, Genpact putting up a question to Juniper's CEO, Kevin Johnson

Delegates interacting with each other post the discussion

Dr Pramath Raj Sinha, MD, 9.9 Media and Anuradha Das Mathur, Director, 9.9 Media, interacting with the delegates

Delegates paying close attention to Kevin Johnson as he talked about the changing IT landscape

he elucidated saying, “Centralise what-ever you can but distribute only when you must, is our core principle. And it is mathematically proven that when you distribute things, it costs more and cen-tralisation costs less. That’s the principle on which we engineer our technology. if you then apply to the compute and storage infrastructure, you centralise all the serv-ers and save the additional management cost across multiple data centres. if you virtualise the servers, utilisation goes up from 15-20 per cent to 70 per cent. When you further automate, you get higher mag-nitude of benefits.”

Johnson added, “So when you look at cloud that way, it seems simple to justify the investment. however, when the iT team says that we need to invest a few mil-lion dollars before we can save from this technology, it is a tough decision for the management to go for it. There is a dilem-ma that people have to think through.”

Apart from cloud, consumerisation is another big trend that is giving Cios sleepless nights. Showing his concern over consumerisation of iT, Sachin Jain, Cio, evalueserve, asked, “in an organisa-tion that deals with a lot of sensitive data, is it realistic to allow personal devices at the workplace as they could potentially lead to information leakage?”

Addressing Jain's concerns, Johnson replied, “There would always be certain data that you don't want to allow on per-sonal devices of your employees. howev-er, with the help of tools like Junos Pulse, you can access your desktops remotely using an SSl connection without storing anything on the personal device.”

Another concern that came to light dur-ing the discussion was around security. neena Pahuja, Cio, max heathcare, asked if Johnson believed network and security would ever merge into a box.

“We have security technology that runs on the network. We have many large ser-vice providers who are using our security technology to secure mobile networks.

in the uS, 90 per cent of mobile traffic is secured using our security technology,” Johnson told the audience.

“We think security on the client devices are also important because when we think about botnets, that malware code gets installed on a client device and hav-ing antimalware on that device can help secure the device. So, you need security

on the device, network, and also in the computer layer. We have a technology that provides security in the VmWare hypervi-sor. it provides security within VmWare across virtual machines. over the next 10 years, we’ll see more innovation in the ways we protect ourselves against threats. We need to simplify things for the cus-tomer,” he added.



“Approach CloudStep-by-Step”

HP is focussing big time on private cloud. Wolfgang Wittmer, Senior VP and Interim GM, Enterprise Servers,

Storage and Networking, HP, discusses with Yashvendra Singh

what cloud signifies for a CIO and his enterprise

As cloud slowly but surely permeates enterprises, how do you see the CIO’s role transforming?

in large companies, i don’t see Cios abolishing their data centres. even if a majority of items are outsourced, a Cio will play the role of the audi-tor and controller and will continue to have a budget. he will also do his best to reduce costs on external data centre. his other role would be mak-ing sure that the entire corporation has a cloud engagement plan. in the past, iT organisations provided 100 per cent of the services to a company. Tomorrow, businesses that are self-sufficient might go for cloud services from somewhere else without letting the iT department know. They can call it grey iT. i personally know customers whose seismic data link or sales force management is not managed through the iT department. likewise, if the business manager has enough funds, he can sign with

N o H o LDS BArr E D Wo l f ga n g Wi t tm e r



Wo l f ga n g Wi t tm e r N o H o LDS BArr E D

salesforce.com and the entire organi-sation is off iT department.

How informed are the CIOs about the evolution

of cloud? What is their maturity compared to different geographies?i see service providers, telecom and finance industries’ Cios much up-to-date. i don’t think every com-pany has a cloud plan. There are companies wherein some of the data centres and iT infrastructures are seven years old. i have not come across any Cio who said he has directly moved from a very old way of doing business to the cloud. There are several intermediary steps with the first being data cen-tre consolidation. Telecom opera-tors in india, for instance, do exact-ly the same thing these days. They consolidate, and once there is a consolidation from 25 data centres to three, the next level is virtualisa-tion; then they automate and the last step is the cloud. This is also how we advise large corporations to proceed with respect to cloud.

At what stage is India presently? Where does the

bigger market lie — public, private or hybrid cloud?for hP, it is the private cloud. our focus is the enterprise customer and commercial accounts and they all have ideas and plans to implement cloud to beef up their flexibility. how-ever, i would not underestimate the public cloud. But we also need to first define what is a public cloud. People ask if salesforce.com is a public cloud or not. i say yes, it is a public cloud. if you take all the service providers as cloud, then the public cloud may be bigger than private cloud.

CIOs spend 70 per cent of the budget on maintaining

the infrastructure, and only 30 per cent is left for new deployment. How does this ratio change by implementing cloud?

At first, implementing cloud would lead to an increase in cost. The 70 per cent might go up to 80 per cent before going down. So, where is this investment? As i mentioned before, companies need to undertake data centre consolidation and virtualisa-tion in their journey to cloud. you need to get hypervisors, you need to move into a larger data centre. once, this is done, there can be savings on the maintenance costs. you can trim your team that runs software updates, optimisation, system man-agement and virtualisation. We have seen system management manpower reduced from 1,200 to 11. We need less people. in india, it may not be too compelling right now, but labour may not remain cheap forever. What is equally important is cooling and energy conservation. So when people

job today and different job tomor-row. in a traditional data centre you may need to add or remove servers or recable. About 10 per cent of the servers break while being physically moved or for whatever reason. in cloud, there is no such removal or addition of servers.

Is the additional push on the cloud because of the

pressure that the PSG division has faced in the last six months or so? Is it a strategy to propel HP to the next level of growth?The hP strategy is definitely to push cloud solutions and deployments. The reason is because we have the most complete portfolio. We have networking, servers, storage, network management solutions and we also have the outsourcing option. Some of our competitors miss the storage and some servers. So, it is obviously the portfolio to address this market. Besides, this is an important market. Whatever reports you read, be it gartner or others, you find cloud is affecting the market very much.

Do you think cloud will see consolidation in the market

with just two-three players?further consolidation i don’t see hap-pening. it happened in the 70s and 80s. We are living in a consolidated industry with four-five big players. While the companies are big, the market is not growing. There are start-ups coming in, and there is opportunity for them to acquire start-ups, as we have done in the past.

When will cloud reach inflection point?

We do a lot of business. We do more business by selling individual products. i don’t want to give the impression that what we sell today is just cloud. We have servers, storage, networking products. When will the SlAs be defined so well that each and every Cio says, i have no risk? i think it will take more than two years for that to happen.

DoSSier

Company:HP

EstablishEd:1939

h EadquartErs:

Palo Alto, California,

US

divisions:

Hardware, Financing,

Services, Software

EmployEEs:

3,24,600

leave office by 6 pm, i may not need 300 servers up and running. With only 10 per cent of the people connected, i can use a technology through which servers are automati-cally shut down, thereby reducing energy costs. i have seen data centres consuming energy worth a million dollars a year, and one can buy a lot of servers and storage with that amount. The third element basically involves buying additional agility. for instance, how much does it cost for re-cabling the data centre? There are cases where you have a certain

“I have not come across any CIO who said he has

directly moved away from a

very old way of doing business to the cloud”



Compliance is not a one-time assessment. It is a continual cycle that requires maintenance on a regular basis By DaviD Sopata

POINTS5

Know who is in

Charge in Your

Organisation

Know Your Organisation and

Industry

Know Your Business Processes

Perform a Gap

Assessment

Create a Remediation Plan,

Remediate, Assess,

and Repeat

Methodology for Due Diligence

t E cH f or G oVE r NAN cE com pl i a n ceIl

lus

tr

at

Ion

BY

sh

IgIl

n



Depending on your environment and your experience with compliance, the hard-est part is knowing what applies within your organisation. if faced with an auditor, or even worse, a court room, you will have to show due diligence and due care.

As they used to say at the end of every gi Joe cartoon: “Knowing is half the bat-tle!” Due diligence is just that: knowing, researching, and understanding what reg-ulations apply within your organisation and how your organisation complies with them. Due care is the act of implementa-tion and remediation of issues found and showing that the proper controls are in place and are effective.

Please note that this is a high level methodology to compliance. Additional assessment and expertise may be required depending on the size of the organisation and what regulations were found to apply to the organisation.

1 Know Who is in Charge in

Your OrganisationWho within the organisation is normally in charge of compliance? Within more mature organisations, someone within the legal department generally holds the title Chief Compliance officer.

This person would be in charge of researching and identifying what compli-ance frameworks and regulations that would be required. internal auditors would be responsible for ensuring that the controls identified within the organisation are effec-tive and running.

even if you are a seasoned Compli-ance officer, rarely is it advisable to do it alone. reliance on others within the organisation, third parties, and manage-ment approval may need to be called

upon to ensure you are headed down the right path.

2 Know Your Organisation and IndustryThe second step to compliance is under-standing what your organisation does and what industry (ies) your organisation fits into. in many ways knowing this informa-tion can help in the first stage of gathering the different regulations or frameworks.

When working through the other steps, additional regulations and control frame-works may be uncovered so don’t panic if you do not find everything in the first stage. many online industry websites have a list of known regulations and possibly can provide some guidance on how they would apply within each organisation.

Some additional factors that may play into this include where your organisation does business. There are many local, State, fed-eral, and possibly internal regulations that an organisation would have to follow.

Another factor is how your organisation receives revenue. Does the organisation work on cash only, take credit cards, or have an e-commerce site? maybe your organisa-tion is a publicly traded company or a not-for-profit organisation. What type of con-tracts does your organisation currently have with its customers, service pro-viders, and other third parties? At this stage, it is essential to interview upper management to gather as much information and detail about the organisa-tion as possible.

3 Know Your Business ProcessesThe third step and the first step may seem redundant; however,

it is in the third step where we dig even deeper and perform business process map-ping to understand each process within each department. This helps to shed light on what systems and information are being used every day within the organisation.

This can be of the utmost importance in that it potentially can bring out even more regulations and compliance frameworks that maybe could not have been determined within the second step.

The business process mapping itself entails interviewing each line of business or department.

The objective is to understand what type of information is collected, stored, trans-mitted, and processed within the environ-ments. This is accomplished by following the flow of information from creation to destruction. not only must there be tracking of electronic information, but also of paper and other forms of media.

4 Perform a Gap AssessmentAfter all of the previous steps have been completed, it is then time to analyse and determine what compliance and regulation requirements truly apply within the organi-sation. This is where additional expertise and research would be needed to under-stand what specific data applies or needs to be protected by each regulation or com-pliance framework. What processes and systems would potentially need additional requirements and controls in place to become compliant?

This is where a detailed gap assessment for each regulation and control framework would take place. it is to ensure that each regulation applies within the organisa-tion, and to identify what additional con-trols would need to be put in place.

5 Create a Remediation Plan, Remediate, Assess, and RepeatAfter performing the gap assessment and understand-ing what controls apply and are missing, the due care por-tion of compliance has been completed. There is now a clear understanding of what is expected of the organisation. The organisation must create and implement a plan of reme-

If you are in charge of iT and/or security and you do not have that compliance and/or auditor twinkle in your eye, you might twinge each time someone says PCi, hiPAA, iSo, glBA, SoX, or any other regulation or evil acronym that might be thrown your way

com pl i a n ce t E cH f or G oVE r NAN cE

30%increase in the

number of newly

discovered

malware for

android



In the october 2011 issue of harvard Business review is an article, entitled 'lean Knowledge Work', where authors Bradley Staats and David

upton explore the issue of whether the lean knowledge principles derived from the Toyota Production System can be applied to knowledge work.

While there is no one definition of ‘lean’ it has generally included “numer-ous approaches to improving operations, all based upon the same principles; relentless attention to detail, commit-ment to data-driven experimentation and charging workers with the ongoing task of increasing efficiency and eliminating waste in their jobs.”

The authors began by noting that most people in the business world believe that ‘knowledge’ based work does not lend itself to lean principles. The reason for this is that knowledge-based work is not repetitive and cannot be repetitively defined.

The use of a knowledge-based decision-making calculus involves use of expertise and judgment, which as the authors put it, is

“locked inside the worker’s head.” however, the authors posit that much knowledge based “can be articulated”.

moreover, many knowledge-based activities have nothing to do with applying judgment but “can be streamlined to continually find and root out waste.”

t E cH f or G oVE r NAN cE com pl i a n ce

Lean Principles & ComplianceThe top priority of a compliance programme is to “document, document, document” By thomaS Fox

diation to start becoming fully compliant.This is the start of the due diligence por-

tion of the process, and it should be an ongoing process. The plan may include implementing technical controls such as encryption technologies or policies and procedures to ensure controls are defined, followed, and enforced.

more assessments may need to be done as well, such as a vulnerability assess-ment, penetration testing, and policy reviews. Additionally, a risk management

programme may need to be developed to ensure that different risks are identified, addressed, and remediated.

Compliance is not a one-time assessment. it is a continual cycle that requires mainte-nance on a regular basis. Just as regulations and compliance frameworks can change, so can the organisation.

Acquisitions, mergers, and new services or products may introduce new regulations within the organisation.

As with any regulation or compliance

framework, if it is not maintained it can fluctuate from compliance to non compli-ance even within a given day.

So the question is…Does your organisa-tion show due care and due diligence?

— This article is printed with prior permission

from www.infosecisland.com. For more features

and opinions on information security and risk

management, please refer to Infosec Island.

ph

ot

o B

Y p

ho

to

s.c

om



t E cH f or G oVE r NAN cE com pl i a n ce

from my own corporate experience, such knowledge should be captured in a Knowledge management (Km) system or the company risks losing such knowledge when senior employees retire or move on to other assignments.

under Km a base of knowledge should be available to a wide number of employees to draw upon and not be limited to being inside the head of a limited number of employees.

The authors draw upon six principles to make knowledge-based organisations lean. They are:1. Eliminate WasteThe authors point to several ‘wastes’ which are endemic to a knowl-edge-based organisation and can ‘eat up huge amounts of time.” These include printing documents, requesting information needed to make decisions, setting up meetings and other routine adminis-trative tasks. While recognising that most employees in corporate America today do not have any administrative support to handle such tasks, the authors suggest that employees not focus simply on eliminating large, obvious forms of waste but on small waste which they termed “nickels [of waste] that no one has bothered to pick up.”2. Specify the Workmy corporate experience in a legal department is that very little knowledge is written down. usually there is no attempt at anything resembling Km. however, the authors suggest that employees start with the repeatable parts of a process and codify them.

you do not have to specify everything, but certain parts of a pro-cess could be specified and made available for others to learn from or draw upon in future work or transaction.3. Specify How Workers Should Communicate with One AnotherThe authors note that in a knowledge-based system, ‘many prob-lems are too big or too complex for one person to tackle’ so that organisations may use teams to perform knowledge-based work.This can also be true in the compliance context where the Compli-ance Department may work with a legal Department, an internal Compliance Champion, or external third parties going through a vetting process or others.

When multiple parties are involved it is imperative that good com-munications be carried out throughout the entire process involved. The authors suggest three guidelines: (1) Define who should be communicating, how often and what should be communicated; (2) Create a shared understating of what is being communicated; and (3) resolve any dis-agreements with facts.4. Address Any Problems Which Arise QuicklyThe authors advocate that if a problem crops up, it should be resolved by the employee who created it. This is because that person usually has a quicker and more expeditious solution. if such a person cannot do so, a team member should work on it or at least participate in the resolution.

This would also hold true for the location where any problem arises. it should be resolved in that location. lastly, do not let problems fester and grow. They should be resolved as soon as possible as they arise.5. Plan for an Incremental JourneyThe authors suggest that you start small on your journey to lean; as you probably will not get it right the first time. further you should write down your lessons learned in the process so you will have a record of what worked and what did not work so that at least you will not have to redo that part of the process. moreover, the lean process implementation is not one set in stone. Be nimble and agile so that you can respond to opportunities to improve the process as they arise. Also remember that not every lean approach works for every knowl-edge-based task or system. lean focusses on the more repetitive work so spend your time and efforts there.6. Engage Your ManagersThe authors believe that lean principles result from ‘bottom up improvement’. however, middle managers should be engaged with their teams, both through education on its benefits and with support throughout the project. Additionally and not surprisingly, senior managers must be long term champions for any such change.

for employees to take innovation seriously, senior management must actively support the process.

Such a sea-change will require man-power investment, training and monetary investment all of which senior management must actively support. There must be a clear, long term commitment from such senior management to the project.

This article presents a new way for many in a Compliance or legal Department to think through the challenges of a compliance pro-gram, whether based on the foreign Corrupt Practices Act (fCPA), the uK Bribery Act or both.

i continually press that the top priority of a compliance pro-gramme is to “document, document, document” all the while understanding that a compliance programme is very much pro-cess driven. The lean approach can be used in many of the pro-

cess steps where documentation is the key.The discretion and expertise brought to bear in

compliance programmes can then be overlaid on this system. in today’s economic reality, this approach can help a corporate compliance department deliver a more robust, and economical compliance product.

— This article is printed with prior permission from www.infose-

cisland.com. For more features and opinions on information

security and risk management, please refer to Infosec Island.

‘Wastes’ that can “eat up huge amounts of time” include printing documents, requesting information

and other routine administrative tasks

40%data centres

to refresh or

subscribe to

third party

services in 2012



s e cu r i t y t E cH f or G oVE r NAN cE

MFP and Security Beyond ComplianceThe fun things that you can find on MPF devices and how it might affect compliance By DaviD Sopata

Printers, copiers, and fax machines have become more complex over the years. i find that this is largely due to a Dilbert comic strip char-

acter named 'The feature Creep' who would annoyingly want to cram more and more features into a new product line.

These devices are doing more than what they were intended to do while opening additional security risks. not only do these multi function printers (mfP) scan, copy, fax and print, but now they can send email, host web-based administrative pages, and even tell you when the ink is low.

one of the bigger risks that had been publicised in a CBS TV news broad-cast from a while back is the fact that these devices are storing these image files on onboard hard drives.

The news cast showcased some sensitive personal identifiable information (Pii) and even sensitive invest-ment reports of a high profile investment firm.

PCI does not say I need to pro-tect my printers, who cares!Compliance in many cases is one of the biggest drivers for security. Compliance may not exactly require you to secure your mfPs or other devices but it might be around the corner. here are some general

questions to ask when trying to understand the criticality of these systems and show some due diligence:

Are these devices accessible on the network? if so, how is ‘Administrative’ access controlled?

how long are the image files retained on these systems?

if the device was compromised could you actually capture sensitive data?

if a hard drive fails, does the replacement process follow the normal standard for securely destroying the disk?

What are some of the services enabled

on these devices? is there an administra-tive website, SnmP client, SmTP server? how about the accounts and passwords of the administrative websites, are they set to default accounts and passwords?

ideally if you had answered ‘no’, or ‘i don’t know’ to these questions more than likely some of the issues may need to be addressed.

My vendors made me do it!in many cases mfPs and other such devices are quickly configured and are plugged into a network. Vendors try to sell these devices with more features while the customer may not have considered the risks involved. one example of these features is the ability to send faxes or scanned documents through email. This sounds like a good economical feature however internal policy may state that anonymous emails are strictly forbid-den. now that disgruntled employee has a way to send threatening or harassing emails through the printer to that one person he/she does not like. Additionally in order to even securely wipe the internal hard drive on these devices it may require voiding war-ranties or service contracts if the only way to securely wipe the hard drive is by totally dismantling the device. Some vendors are currently taking a proactive approach in implementing security features, however, there really are no best practices currently developed for mfPs and other devices.— This article is printed with prior permission

from www.infosecisland.com. For more features

and opinions on information security and risk

management, please refer to Infosec Island.

Illu

st

ra

tIo

n B

Y s

hIg

Il n

VIEWPOINT



AbOuT ThE AuThOr: Ken Oestreich

is a marketing

and product

management

veteran in the

enterprise IT and

data centre space,

with a career

spanning start-ups

to established

vendors.

I’m WrITINg this at logan airport as i fly home after two days in Boston, attending emC’s iT leadership Council. Senior emC staff and iT leaders from some of the world’s largest and most respected compa-nies had attended the council.

What made it unique was the quality of interactions as well as the heady topics. emC’s leaders and practitioners interacted with leading customers on iT transformation, iT as a service, managing iT change, and cloud computing futures. But the conversations were rarely about technology, and did not touch on product at all. rather, they focussed on challenges facing iT today and its renewed role in supporting the busi-ness. it’s hard to summarise all of the themes from all of the sessions, but following are my personal take-aways and ‘high points’:IT transformation isn’t about tech-nology: Almost everyone was in agreement on this. The technology problems can be solved. But the real barriers to iT reinventing itself lie in the area of new operational and organisational models, evolving roles

culture: iT heroes used to embody all of the organisation’s tribal knowledge, and could parachute into a problem and solve it at any time of the day or night. But this SWAT culture has to make way for the ‘new guard’, consist-ing of iT staffs trained as generalists, who can work with increasing levels standardisation, automation and shared infrastructure. Marketing? In IT? As iT shifts to become an internal service provider that competes for business, it’s also faced with acting like a business unit, replete with marketing functions. Financial transparency is impor-tant: To compete, to forecast, and to model, iT has to know its per-unit costs, whether or not chargeback/showback is implemented. IT is having ‘new and unfamiliar’ conversations: iT is talking on busi-ness agility, inbound and outbound marketing skills, competing against consumer service, and/or brokering them among other things..

much debate was had over whether iT is going through a transformation or an evolution. my answer? evolu-tion takes an awfully long time.

and skills, and new financial models. often-heard was “my technology is ready. my people are not”.IT leader’s focus to support busi-ness agility: yes, iT agility and infra-structure agility were still points of conversation. But more important was providing business agility — the ability to help lines-of-business — be more productive, more profitable and more competitive. IT will compete for business: users are turning to external service and cloud providers because of pricing and/or convenience. Sometimes termed ‘shadow iT’, internal iT now has to think of itself as having to ‘win the business’ from lines-of-business. it has to reinvent itself as a competi-tive internal service provider (and/or service broker) to the business. Public cloud isn’t (always) the pana-cea: There were more than a few cus-tomers – mainly banks, government contractors and the like – for whom the public cloud is simply a non-starter, usually due to regulations and compliance needs. But private cloud remained appealing. IT must move away from a ‘hero’

IT LeadershipTwo Days with Leading CIOs

Ken Oestreich

illu

st

ra

tio

n b

y P

C a

no

oP

CLOUDH A V E A V I S I O N N O T C L O U D E D B Y F E A R

Welcome to CloudSec 2011 – The Cloud Security Event Of The Year

City: MumbaiDate: 24th November 2011Venue: ITC Grand Maratha

City: DelhiDate: 25th November 2011Venue: Le Meridien

Time: 9:00 am - 4.00 pm

Admission:FREE. Seats are limited.

HAVE A VISION NOT CLOUDED BY FEAR is an ancient Cherokee proverb that is timely and apt for organizations that are concerned about cloud security today. Cloud computing has arrived but it introduces transformational risks and threats that require new security strategies and solutions to manage these challenges. CloudSec 2011 has been specially designed for CXOs and senior managers with cloud security responsibilities.

WHO SHOULD ATTEND

A premier conference tailored for CXOs, Directors and Senior Managers with cloud security responsibilities.

Supported by: Powered by:

For Registration call: +91 99999 01218 Or visit: www.cloudsec.co.in

Event highlights include:

• Thought leadership and predictions on cloud security• VIP summit programme and networking lunch• Keynotes and panel discussion by global and regional security experts• Top threats to cloud computing today• Best practices and guidelines for cloud security• Free gifts and prizes to be won

lateral thinking

Documents

network services

fleet management system

tech knowledge

data center network

physical underlying

senior cio

external fleet vendor

picksimplify life