from email to collaboration

initially i had titled this post as “email and its imminent demise” but then maybe it is incorrect to say “imminent demise”, rather i think it will slowly move into the background and slowly treated as legacy application if it fails to evolve and incorporates the new web 2.0 technologies that ppl are toying for enterprise use..

email has come a long way since it was invented in early 1970’s. people have used emails to  send simple messages to each other/group, use it as means of sharing documents (much to the plight of the email administrators), use calendaring features for appointments and scheduling meetings. on looking closely at how an email is typically used in an organization, i have noticed that along with the above mentioned functions,  emails are also used as means to store files (hey dude, can u email me that presentation that you took for a xxx client the other day, i may use it in future),  approvals for certain business transactions (e.g approval to buy a new server sent by CIO to IT Manager etc), keep a record of certain communication (he said, i said etc) to basically CYA (covery your a**) in case things go bad..however, along with email came its nuances, maintaining uptodate address book, spam, compliance issues etc. but we are all dealing/living with it.

as time goes by, in the world outside the boundaries of an enterprise, people are adopting techniques that harness the power of technology to reach out to each other, either as part of social networking phenomenon or to work together/collaborate. with the power of the internet coming to the mobile device, the speed at which this adoption is taking place is awesome. now, people dont need to access their emails to know what their friends/peers are doing or what is the latest buzz etc. applications like facebook and twitter have already proven the usefulness of technology outside the enterprise walls..it is only a matter of time when they are adopted within the enterprise also. already there is a lot of talk about web 2.0 adoption within the enterprise by many analysts. email too needs to evolve if it has to stay alive in this fast changing scenario. already there are surveys which shows that more and more people are using facebook/myspace/twitter etc over email to reach out/keep in touch.

in my opinion, organizations will start looking for a better collaboration platform which can increase the effectiveness, efficiency & productivity by harnessing the same technologies that are used by millions outside the enterprise boundaries. realizing this need, some email services have now integrated instant messaging/chat services with archiving features on the messaging platform. . how many times have you noticed that when ur having an email exchange with someone, u end up taking the remaining conversation to the chat as it is faster and more effective. i think the collaboration tools like instant messaging will  evolve and bring convergence of channels of communications viz chat, voice, video along with email and other forms of collaboration technologies like document management systems etc. the other day i wanted to reach out to a group within my company to work on platform migration. instead of sending emails to numerous people and then getting redirected from one group to another, i just sent an update on yammer and got a reply within 2 hours from someone located on the other side of the world.. it was awesome and saved me numerous emails and days in waiting for a favorable response.

there will be initial resistance from many to move from legacy to new forms of collaboration. there will be compliance & security concerns. but like the case with any new technology, it will find its own steady state adoption rate. only that, given the way web 2.0 is evolving,  this rate might be accelerated by few notches.

already there is a lot of noise that google wave has generated on the internet. maybe microsoft solution around corporate instant messaging – OCS will also evolve to bring in convergence of existing communication & collaboration tools with the new web 2.0 toys.

my take is that few years from now, email might just end up as a legacy platform required to retrieve old email data and corporates will use a newer and more efficient form of collaboration technologies.

utility computing

in the past few months, i have experienced a lot of customers now asking for utility based it services. with it budgets under pressure, there is a lot of stress on not only reducing it costs but also to get into a – pay as u go kind of arrangement.

this can either be subscription based (like a newspaper) where one subscribes to a \”unit\” of it service and pays for the same irrespective of the usage. or it can be like cell phone plans where you pay for the amount of minutes use. in the parleys it, this would mean paying for it services consumed.

i will try to put my thoughts on this subject and my experience with customers on the post in the coming months. interesting times ahead!!!

Microblogs & Crisis Communication

i got introduced to facebook and hence twitter recently. while exploring these toys, i could not help but wonder if they could be used in more controlled environment and for specific activities.

i read in few forums on how organizations were toying with different ways to use the web 2.0 tools like blogs, networking sites etc. there were few which touched upon the topic of microblogs and their pros and cons within an enterprise. one of the uses that came to my mind was the use of these during a crisis/incident.

one of the important aspects of crisis management is to open and maintain a reliable communication channel between the first/emergency responders/participants of crisis management teams. the ability of the team to coordinate, communcate effectively with each other in a timely fashion can also be crucial in determining the adequacy, speed and effectiveness of the response.  During a crisis, organizations also need to communicate effectively with all of their employees, many of whom may be dispersed around the world. apart from the first responders/crisis management teams, the employees are also required to be updated on the situation. communicating with employees during such a disruption is vital to invoking the business continuity plans, ensuring key processes are maintained and that all staff are aware of the event status. however it is not feasible for a the crisis management eams to receive hundreds of phone calls from employees trying to get an update or seek direction.

initially organizations relied on conferencing technology to enable crisis management team to quickly and efficiently bring together the management team to implement the business continuity plan. this is where the web 2.0 toys like twitter and the likes of it can play a crucial role. these tools can be used to keep status update messages to the entire team and if required to the employees with minimal effort. on exploring further, i realized that unlike twitter, another tool going by the name of “yammer” (for more information on yammer try – www.yammer.com) can be used effectivelt in a controlled environment. it uses the corporate email id to register users, allows flexibility to create orgnzation structure (one level up and below along with peers) and create groups. the only drawback so far is its support of limited number of telco providers thus restricting its use across the enterprise spread across different geo’s.

while twitter is good to keep in touch with friends and family members, tools like yammer are evolving to bring the advantages of these new & budding technologies to an enterprise at fraction of cost.

Defining Continuous Data Protection – II

in October this year (2008) i had written about the way  Continuous Data Protection was being defined by some vendors to promote their portfolio of  backup and recovery solutions( https://inthepassing.wordpress.com/2008/10/18/defining-continuous-data-protection/). in the post i had stressed about evolving a more holistic definition of ‘data protection’ and developing a framework to facilitate the same rather than use the definitions and concepts forwarded by the different OEMs and solution vendors.

I recently came across a blog post from Stephanie Balaouras  from Forrester (http://blogs.forrester.com/srm/2008/12/the-numerous-me.html) which more or less agrees with my approach. the post highlights how the term “Data Protection” is being interpreted byIT Operations teams and IT Security professionals and the need to look at the term from both, security and recoverability point of view.

Defining Transformation & Innovation at IT Infrastructure Layer

in this post, i present my thoughts on how to define a ‘transformation’ at an IT infrastructure layer by differentiating between an innovative solution and a transformation solution.

for the past few months, ‘transformation’ is the new buzz word for both, the customers looking for IT servcies and for the IT service providers. since there is no industry standard or a globally accepted definition of what constitutes a transformation solution, this term is used as per one’s convinience.  each customer that i have come across (ranging from fortune 500 to fortune 50) have their own way of defining a transformation initiative. each rfp for IT outsourcing now requires the service providers to present ‘transformation projects and approaches’.

in the recent past, many IT infrastructure management rfp’s are also requiring the IT infrastructure service providers to put on their thinking hats and present a “transformation roadmap” as part of the rfp response. customers are looking at solutions that can change the nature of IT infrastructure services. in my opinion, the problem of defining transformation gets even more tough as you go down the layers of IT. at a business process automation layer, it is much easier to define transformation than at the IT infrastrucutre layer.

so how do we define transformation at the lowest layer in the IT landscape – the IT infrastructure layer. for that we need to explore:-

1.  who consumes the IT infrastructure and associated services,
2. is there a standard taxonomy of the terms – innovtaion & transformation with respect to IT that can also be extended to IT infrastructure layer
3.  apply that taxonomy to classify the projects into transformation & innovation based on how they impact the consumers of IT infrastructure & associated services.

1. identify who consumes the IT infrastructure services

looking from a consumer and provider point of view, i would like to start by defining the consumer of IT infrastructure services. these services are typically consumed directly or indirectly by the following entities:-

• enterprise customers – in come cases the enterprise end customers consume the IT infrastructure services directly or indirectly by using business automation services/applications hosted on IT infrastructure (e.g amazon customers interact with online applications to buy/sell goods, which is hosted on the IT infrastructure).
• enterprise application teams (use servers & operating systems provided and managed by IT Infrastructure services to host applications which typically automate or address business processes requirements)
• enterprise IT customers – use network services to connect (and make use of services like DNS, DHCP, email etc) for the transfer of information etc

2. defining transformation & innovation

what is transformation and how it can be different from innovation? well going by the  very basic definition, these two terms can be explained as:-

• innovation –  a new way of doing something; the goal of innovation is positive change, to make someone or something better.
• transformation – the process of a major change in form, nature, or function; the goal of transformation is to change the very form/nature (caterpillar to butterfly)

 it is important to notice that innovation can be related to : “a postive change”, to “new way” of doing something and not necessarily doing something new. whereas, transformation: is addressed towards the very core of a form and initiaties and leads to the change in the form.

when the same definition is applied to IT infrastructure, innovation and transformation can be termed as:

innovation – new solutions to IT issues. and in that sense, transformation can be termed as-  solution addressing to change the very nature of consumption of IT services.

3. examples of innovation & transformation

using the concept of IT infrastructure consumers and the definitions of innovation vs transformation, i have tried to list down few solutions that  i think can be termed as innovation and which can evolve as transformation.

innovation – new way of doing traditional things; new solution to IT problems.

• server consolitaion, virtualization – solves IT problems of under utilization of IT assets and hence are “innovative solutions”
• email infrastructure consolidation by upgrading from Ms Exchange 2003 to 2007  – solves IT problems of email infrastructure consolidation

transformation – change the form; change the way IT infrastructure services are consumed by its consumers.

• building enterprise private infrstructure cloud by using virtualization along with softwares like cassatt – changes the way IT Infrastructure services will be consumed by enterprise IT application teams who are direct consumers of the services.
• unified messaging solution – integration MsExchange 2007 with unified messaging solution will change the way enterprise IT users will use collaboration solutions like email, instant messaging and voice/telco services.

any thoughts/feedback?

Maturity Assessment of IT Environment

recently, i was roped in an exercise t0 ‘develop a maturity assessment framework for an enterprise IT landscape’.

the objective of this exercise is to develop a framework that can be used to gauge the maturity assessment of IT environment of any enterprise and define the ideal “end” goal/state over a period of ‘x’ years. the enterprise IT teams can also use it to drive budget allocation for their IT projects enabling them to move ahead on the maturity curve.

 the scope of the exercise includes developing a assessment framework comprising the following areas:-

1. IT processes
2. IT operations
3. Shared services for IT/Cross Functional Services
4. Technology Towers:-

• Unix
• Wintel
• Mainframes
• Storage
• Networks

after looking at the charter & scope of this exercise and  having engaged in initial discussions with the other team members involved in this exericise, i have my opinion on the possibility to develop a framework that will be acceptable to the customer IT management  and business heads especially to allocate budgets for IT spend.

in the next few posts, i will post my thoughts and opinion on this subject.

Redefining AAA – Anybody, Anywhere, Anytime

i came across an article where the discussion was on how to enable any person access the required information at anytime and independant of the device from which the information is accessed or for that matter, the geography (office/home etc).

it was a nice read and it brought to my mind that perhaps its time to realign the AAA as it is known in the security circles (AAA typically stands for – Authentication, Authorization and Accounting).

now this also has implications for enterprise IT. almost anyone can buy a powerful smartphone with capability to browse internet even while in the office networks, able to use the smart phones as modems to connect to internet, ability to access corporate emails and documents on the smartphones, participate in blogs and social networking sites and share ideas.

the standards way IT typically approaches the topic of access and authorization is to be restrictive and stop the users from brining in phones or not allowing the users to access corporate emails over mobile devices (and allow only a selective bunch of employees to do so). however i am not sure if it would be productive and IT will be looked as hindering the productivity and effeciency of the business users.

there was also an article on similar lines – http://mikeschaffner.typepad.com/michael_schaffner/2008/10/the-un-marketin.html which touches on the aspects of relaxing the controls and enabling users to use IT in a manner they can enhance their productivity & effeciency.

in my opinion, time has come for IT to move from providing traditional restrictive, controlled environments to provide an AAA (Anybody, Anywhere and Anytime) environment to business users while ensuring they are able to manage the IT risk in an optimum manner.

“Anybody should be able to view the information they are entitled to, use the information in a manner they are authorized to, from Anywhere they desire and at Anytime they want”

this will require a combination of few topic on which i have written about before (and probably few more), namely:-

• Continuous Data Protection – https://inthepassing.wordpress.com/2008/10/18/defining-continuous-data-protection/ : this consists of Information Classification, Data Loss Prevention (host and network), Encryption and Monitoring framework
• De-perimeterization – https://inthepassing.wordpress.com/2008/08/27/redefine-the-it-perimeter/: this consists of NAC, IPSec/SSL VPN, Endpoint Security, Identity Management solutions and robust monitorin framework.

with the redefined IT-Perimeter and redefined continuous data protection, IT teams can extend the same experience of accessing the required informaiton with necessary controls and rules from anywhere just as they would experience it in the corporate network. at the same time, it will allow them to access the necessary infromation based on their roles and authorization. it will also ensure that the data is protected without being too restrictive thus allowing the end users to extend and enjoy their IT experience.

Consumption Management

in one of the earlier posts (https://inthepassing.wordpress.com/2008/08/28/discussion-with-bu-head-consumption-management/) i had written about IT department working closely with business units and help them in managing the consumption of IT services they had subscribed for.

i recently came an example of an IT department of a retail organization which was working closely with one of the business units to enable them to track consumption of email services and providing assistance for service consumption optimization. an example of their service catalog along with consumption management measures is provided in the snapshot below:-

Service Catalog

 

the snapshot below shows how enabling the business unit to optimize the consumption of email services also lead to lowering of TCO for the IT deparment for providing an enterprise wide email services.

 

email-consumption-management

 

Alternate Approach to End User / Desktop Computing

does an enterprise derive any strategic enablement from end user computing strategy or can it be considered as an commodity?

well..when I talk to IT teams, they do not seem to have a clear answer to the above question. on being asked, what is their end user computing strategy, most of them listed one or more of the following points as their core strategy initiatives for next few years:-

• os upgrades (e.g. in 2008 we will move to Ms Vista etc)
• hardware upgrades and technology refreshs (e.g. we will phase out dell model xxx to dell model yyy by 2008 and desktops will be refreshed every 3 years etc)
• new productivity suite rollout (e.g. Office 2007 by end of 2008)
• in some cases, have handheld devices under enterprise support and allow the handhelds to be used to access enterprise information and applications

however when we discussed the topic of end user computing requirements with the business, they had a different prespective.

• thought most of them would like to have the most fancy OS and producivity suite, when asked about deriving any strategic benefits from them, most agreed that there was none.
• they are not worried about the os version or the ms office version etc.
• for business, it can be considered a commodity item as long as it “enables the work to be done”.

if that is the case, maybe it is time for a radical change in the end user computing strategy. some of the points that probably need to be incorporated into the strategy are:-

1. be on the extreme lag side when it comes to adoption of end user computing/desktop computing technology – (i have also written about the same in my post “If IT is not adding strategic value, Commoditize IT – I”. IT along with business need to evaluate the business benefits of rolling out new technologies and whether it will impact the  bottomline of the business or not.

• usually IT will cite instances of increase in productivity as a case for new technology rollout. more often than not, the cases of productivity increase cannot be correlated to increase either in competetive edge or strategic enablement for an enterprise.
• maybe it is best that instead of rushing to migrate to latest version of OS and upgrading the underlying hardware to accomodate rollout of new technologies (e.g vista rollout warrants upgrading the memory and cpu at the desktops), one takes a backseat for such adoption. it will ensure:-
• insulate business from risk due to new technologies and compatibility issues
• a relaxed approach to adopt new technology will also ensure the computing requirements for rollout will become readily available at much lower costs. just as moore’s law describes the trend in increase in computing power, there is also a similar trend in decrease of computing power with time.

2. explore and exploit opportunities to move enduser productivity applications to hosted providers or “in the cloud” – when google released google docs,  a hosted service to create store and share presentation, spreadsheets, documents etc, it was looked as a good alternative only for retail users and SME’s who, now dont have to bear the cost of microsoft OS and Office licenses and yet can avail nearly all the features present in Microsoft suite.

• google released the google docs for enterprise but it had low adoption as security was a major issue with all the docs being store on the google server farms.
• integration with google gears have now enabled browsers like IE and Chrome to allow users to work on these documents in an offline mode. the docs can now be stored in local computer also addressing many security concerns especially those related to compliance issues.
• in due course of time many applications like enterprise productivity suites ( e.g word, powerpoint excel) will be mature, stable and ready to be moved either on a demand based model or in the cloud with providers like google stepping up their enterprise application services.

Now with google chrome making it debut, it has forced a lot of people to sit up and take notice (if not now, they would be force to reckon its presence in due course of time). though it is not aimed at business users, i don’t see how long will the IT teams be able to ignore it. looking at google’s track record of stepping of its innovation to ensure mass acceptance of its solutions, i am sure there will be geeks at google already thinking about making chrome apt for business use also.

3. explore and exploit opportunities to move collaboration suites to low cost hosted providers or “in the cloud” – collaboration solutions like emails which once were considered as strategic enablers for an enterprise have now corroded value base as almost all the enterprise have solutions in place (hence neither it is a scarce resource anymore nor any of the enterprises are using the same as more innovatively than others to gain competetive edge)

• the point of owning the email solution in-house vs using a hosted provider or moving it “in the cloud”  needs a detailed analysis from business point of view rather than a technical viewpoint.
• it can be argued that most hosted providers and “in the cloud” services provider will not have customzed sla’s that the business enjoys with in-house ownership of the solution. it is true. but at the same time, IT needs to go back to business and evaluate the actual impact of relaxed sla’s that a hosted provider can provide on business bottomline.
• in most cases, the business will live with these relaxed sla’s as reduction in prices of alternate mode of communication/services and technology advancements allow business resiliency in case of an outage. (or is it?)

in my opinion, it is time to seriously explore moving to a cheaper OS (like customized linux etc). integrate solutions like google’s chrome and hosted productivity and email solution to lower the TCO of end user /desktop computing especially when it does not act as strategic enabler for an enterprise.

in my executive discussions, i have started to bring this topic up for discussion. in my future posts on this topic and under executive discussions, i will share what is their opinion on this subject. maybe they wud agree with my viewpoint or maybe i will stand corrected 🙂 but then, thats the whole point of sharing my viewpoint!

If IT is not adding strategic value, Commoditize IT – II

at a more tactical level, I tend to agree that if not all, but certainly some of the components that make up IT landscape of an enterprise can be categorized as a commodity. i also think that this catagorization may be dynamic. i.e a resource that is strategic today may end up being a commodity tomorrow.

a few years ago, network connectivity made collaboration with business partners possible, it was a strategic IT component that very few companies had or exploited to gain advantage over their business partners. for some, the cost of provisioning the connectivity was prohibitive enough to prevent them from leveraging for business enhancement. therefore for some companies, network connectivity was a strategic resource at that point in time.

over a period of years, the cost of connecting to business partners has come down drastically and today, cost is hardly a barrier to an enterprise. hence network connectivity and partner collaboration is no longer a strategic resource. it can now be treated as a commodity.

similarly is the case with erp. at one point, enterprise developed elaborate business processes and used IT to enable them. hence for the companies that successfuly implemented erp, it proved to be a strategic differentiator. however with SAP and other vendors quickly moving into this space and now offering “erp in a box” type of solutions, it is hardly a strategic resource that can significantly impact the business bottomline.

 once a resource becomes commodity, an enterprise can look towards moving quickly to ensure the total cost of owership for an enterprise is as low as possible within the acceptable risk and associated parameters.

for an example take a case of an enterprise for which email was a source of strategic or tactical differentiator a few years ago. but over a period of time, email may no longer be a source of differentiator or strategic value to the enterprise. hence the enterprise, instead of owning the hardware, software and operational cost can look towards hosted email providers / “in the cloud” email solution from google etc.

 similarly the logic can be extended for an enterprise end user computing services etc. if an enterprise does not see a strategic value in these resources (say desktops, Operating Systems, office productivity software etc) it can adopt the following as part of its enterprise desktop computing strategy:-

• be a laggard when it comes to adoption of new version of operating systems and office productivity solutions for the desktops
• insulate the enterprise from technology risk by being two to three versions below than the latest ones
• save hardware costs associated with upgrading the existing desktops to rollout newer versions
• save on pilots and associated deployment effort for new versions.

over a period of time, the associated hardware costs will be low, technology risks known and learning from experience of other customers made available and hence adoption to newer versions would be cheaper, easier and less riskier.

If IT is not adding strategic value, Commoditize IT – I

at this point, some random thoughts on the topic are:-

enterprise IT landscape consists of servers, desktops, operating systems, applications, telecom etc. enterprise have elaborate process to procure these components, deploy and operate them, support them and finally discard them.

at each step, there is associated cost which the enterprise has to bear in order to leverage IT to enable or automate its business processes.

can these IT environment components be examined through some kind of lens and analyzed for their strategic value to the enterprise or those which enable an enterprise to have an edge over its rivals by having or doing something which others can’t or haven’t?

components which do not add or enable strategic value to the enterprise, is it possible for an enterprise to classify and treat them as them as ‘commodity’ items? by classifying items as commodity, can IT then bring the cost of procurement, deploy and operate, manage and retire these items just as in the case of commodity items like for example – electricity etc?

before jumping the gun, some points that would need to be thought through are:-

What makes a resource truly strategic?

1. is it scarcity?
2. is it “how” you use the resource even though it may be available in abundance? 

at the first glance, the second point makes sense. a resource maybe available in abundance but if you dont use it to enable a strategic business process, it might end up being of no use to an enterprise.

before going on further, i would also like to state that  in my opinion, its the business processes that define what underlying IT resource is viewed as strategic to an enterprise. however, there may be components in the IT layers which still can be classified as a “commodity”  even though the process they support might be strategic to the business.

take a case of a business process like supply chain which is very strategic to a manufacturing origanization. the supply chain application may be IT enabled by an application hosted on a unix platform. while the supply chain as a business process can be of strategic value to the business, the tasks of ensuring the unix server is up and running and managing the unix server etc can be treated as a commodity tasks/items.

more on this in next few posts….

Aligining IT – 1

recently there were couple of articles on how best to align IT and should it be a profit center or a cost center?

i came across an article in itbusinessedge website – http://www.itbusinessedge.com/blogs/tve/?p=373 on how Bausch & Lomb has aligned IT with its customers.

that article set me thinking – can IT be aligned to both, internal and external customers? and if so, will both the alignments have same effectiveness measurement parameters?

basically the question that cropped up was – how practical is it to have IT service both, internal and external customers effectively.

as IT service organizations are undergoing a change from being cost centers to profit centers, hence is it possible to have a model where the nuances of being a cost/profit center does not impact IT teams to service enterprise customers?

can IT be both, a cost center and an investment center at the same time??

the figure below alignig-IT captures my thought in brief (i am a firm beliver that a picture is worth thousand words and basically i am too lazy to type too ;-))

basically split the IT function into multiple centers. an ‘innovation center‘ and a ‘transformation center‘. from accounting point of view, initially i thought of ‘profit center’ and a cost center’ as the two possible accounting models around which IT could be structured.

(I borrow the definition of innovation from a good article on innovation in the context of IT in reuters; highly recommended – http://www.reuters.com/article/pressRelease/idUS192234+07-Apr-2008+BW20080407 )

now, if you explore the definition of the two accounting terms – profit & cost centers, it provides very interesting viewpoints:-

profit center definition from wikipedia – Profit Centers are parts of a Corporation that directly add to its Profit (http://en.wikipedia.org/wiki/Profit_center).

cost center definition from wikipedia – Cost centres are divisions that add to the cost of the organization, but only indirectly add to the profit of the company (http://en.wikipedia.org/wiki/Cost_centre).

Profit Center – The profit center is no brainer. enough articles are there about setting up of a IT as a service provider to the IT users and having service catalog and charge back mechanisms to make it into a ‘profit center’.

for internal users/employees of an enterprise, it makes sense for some organizations to structure their IT as ‘innovation center’ on the lines of a ‘profit center’ for accounting purposes. by being an internal service provider and with a good service catalog and charge back mechanism, IT can effectively demonstrate its efficiency & profit relative to other business units.

also being an innovation center, all new initiatives can then be structured to reduce cost, improve the efficiency and possibly address business problems thus bringing the alignment of IT closer to business

Cost Center – however, if IT is aligned to customer services organization and treated as a cost center, it will have to live with the usual negatives associated with cost centers, namely – cost cutting initiatives under revenue or budget pressure. also, investments in new technologies are difficult to sell to senior management due to lack of quantifiable means (at times) to measure direct or indirect impact to profits.

ALternative – IT as Investment Center – so, what about treating the part of IT which is aligned to customer services or ‘operations’ as an ‘transformation center’ with accounting principles of an ‘investment center’?

by making that part of IT which is aligned to customer services, an organization can ensure that all the transformation initiatives are centric around enterprise customers and customer services. usually, transformation requires investment and this alignment will ensure – ‘make houte couture dress for the one who pays the bill’ (bad analogy? maybe but i couldn’t come up with something witty at this hour :P)

but, why realign?

most of the customer facing or interactions that an enterprise have now depend heavily into IT. hence to expect the customer services organization to improve the customer experience without giving them direct control over the associated IT dependancies make them handicapped and less effective in either process or operational improvement. Hence it makes some sense to align that part of IT, which is directly responsible for running & supporting business processes critical for customer services. also by making it as investment center, it can ensure that it is not handicapped with traditional drawbacks associater with cost centers & profit centers.

One IT – 4

I will try to walk through a possible scenario for the working of One IT using a case that i worked in recently. to be fair, at that point in time, I didn’t have much clarity on One IT so didn’t apply the framework while responding to the customer requirement.

as an after thought I am trying to see if this concept of One IT would be of any benefit to the customer…be open to critique the same ;-). i can’t state the exact details of the customer due to confidentiality reasons but will try my best to walk the reader through the case.

the environment

the organization (lets say xyz) was manufacturer of IT hardware. there was a corporate office with corporate IT and applications.

the organization had numerous (5 or so) operating companies each with their own IT teams and localized applications. each organization had similar business units (about 8 in each)

between the 5 operating companies, they had 3 vendors for end user laptops & desktops.

the total number of users is around 25,000 user s. the users were required to access the local applications as well as the few corporate applications like SAP and eMail.

Challenge – the users in the organization used to travel across the operating companies and it was a challenge to provide IT support and streamline their experience in using IT services.

One IT approach

identity framework – as i mentioned, identity will be the cornerstone of the One IT framework, hence for this case also, it would have to start with the identity framework.

the possible approach was to have a virtual directory based identity management solution ( i wont go into the debate of virtual directory over meta directory based IDM solutions. the objective is to have an  identity management solution to start with). the virtual directory based solution ensured that there was a seamless way of managing identity of users both for corporate and local operating company based applications based on the roles of the employees. we are still not talking about the access rights yet, just the identity part.

the identity repository ensured that we have a list of attributes that can now be manipulated to associate the IT experience for the employees. attributes that defined the type of user, the role of the user, the parent operating company, type of hardware allocated, SLA category etc can all be now linked with the identity of the employee.

this data is also made available to the IT helpdesk so that when the IT user calls the IT helpdesk, the helpdesk analyst is clear about the response time that this user has been committed and works accordingly.

user categorization – along with identifying and cleaning up the roles of  the employee in the organization (a prelude to setting up identity and access management framework), the IT users can also be categorized based on their IT usage into one of the three categories:-

• Power IT users
• Medium IT users
• Average IT users

hardware allocation strategy – based on this categorization, the hardware allocation strategy can also formulated to ensure that right computing resources were allocated for the right type of IT usage and not on designation of the employee. hence the user who is a power IT user in operating company A and operating company B have same type of computing resources (like ram, hard disk, cpu etc) allocated to them but yes of-course, the brands of the laptops/desktops will depend on their vendor management strategy.

seamless provisioning of user into  IT environment – using the identity framework, the provisioning of either a new user or managing an existing user in his lifecycle in an enterprise. using the IdM framework, the moment a user joins the organization, a process can trigger provisioning his identity in the IdM framework and hence into the corporate and local applications based on his role as defined by HR. also the moment the role of the user is defined and approved by the manager, necessary access right will also be allocated to the users digital identity. the manager can also define or change the “type of user” which triggers a workflow to provision the right computing resources to the employee along with utility and application packages which are defined by the “role” attribute in the identity structure.

if you extend the identity framework to admin department, they can also ensure that the necessary workspace is allocated to the user hence not having to chase multiple departments for rudimentary things 😉

utility software and application packages – based on the type of hardware and the models of laptop/desktop, necessary os images with utility software packs can be developed for each operating company.

Depending upon the number of business units and unique application requirement for each role, necessary application packages can also be then developed and rolled out.

The advantage would be that in case a user moves from one role to another role which requires additional application access etc, only the application package will be required to be installed.

helpdesk alignment- helpdesk is another important player in ensuring a seamless IT experience as it is usually the first line of interface a user has with the IT team. in the above scenario, the helpdesk needs to be realigned to respond to the user issues based on the SLA committed to the user.

now what happens if an IT user from one operating company is visiting another operating company and faces an IT issue – say application issue or a hardware issue. The user calls the IT helpdesk and reports the problem. the helpdesk looks up the profile of the user in the Identity store and becomes aware of the role of the users, type of user, hardware allocated and application access rights, base operating company to which the user belongs, and more important committed SLA response. based on these attributes, the helpdesk & IT support team can then start to respond to the issue

but then, what happens when the IT support teams are not consolidated into one IT support team?

in that case, the helpdesk/IT support team of operating company where the user is visiting, has an internal OLA with the helpdesk/IT support team of another operating company. in case the IT support team of the visiting operating company is not able to solve the issue within the necessary time (cause it is a hardware specific issue or parent operating company’s local application issue etc), the call is then shifted to the IT support team of the parent operating company to which the user belongs without the knowledge or action by the user.

in case any hands and feet are required to solve the issue, the visiting operating company’s IT team provides the same and works under the guidance of whichever IT support team is working on the case.

service catalog – the service catalog will the be established based on IT services offered to the employees based on their role of user type. the service catalog will not be a flat structure but will have SLA and response time along with type of user etc.

i guess i will leave the post on topic of One IT open as it will continue to evolve as other than making One IT seamless for IT users, it may touch upon internal nuances of IT like configuration management etc……

One IT – 3

Service Catalog

so how do users subscribe to IT services. in many discussions that i have had with customers, there is a desire to have a standard menu like you have in restaurants where the users can opt for the services along with the SLA associated with the IT services and clearly see how much they or their business unit needs to spend to get those services. i am sure most of you have heard the concept of service catalog so i wont get into the details. Maybe at a later day I will ponder over the topic of service catalogs.

now most of the service catalogs in an enterprise are either flat (discuss various types of IT servcies) or centric around the role of the user.

in my opinion, the service catalogs can also be modified to include the attribute for the ‘type of the user’ in them so that the services can now also be subscribed and tracked not only by the role the person plays but also the intensity of the usage of IT resources.

a sample service catalog aligned with ‘user type’ categories can be developed on the following lines:-

redefined service-catalog

More thoughts to follow…(yawn!!!!!)

Utility Software Standardization

usually in an enterprise there are multiple os images that exist and the number of os images is usually tightly linked to the number of different end user hardware.

so in the context of the enterprise as mentioned in my previous post (One IT – 1), usually one can find os images for IBM laptops and for Dell each. at times, some organizations even have os images associated with the specific models of the hardware. hence you have enterprises which have a one os image for IBM T42 series and another for IBM T43 series of laptops.

under One IT, there can be an OS image with utility software bundled into it.

• utility software can be defined as that minimum set of software solutions (like winzip, msoffice) and settings (default screen-saver etc) that will be used by all the employees of an organization irrespective of their designations and user type.
• Since the hardware standardization is based on the category of type users across business units, in the enterprise i am using for reference, in all possibility, there will only be three images that will exist for each geo (3 for na and 3 for emea).

Role	NA	EMEA
Power User	OS_Image_1	OS_Image_4
High User	OS_Image_2	OS_Image_4
Average User	OS_Image_3	OS_Image_6

Applications packages

based on the roles that exist in the enterprise, necessary application packs can be created. these are bundles of applications that a person of specific role would use in their day to day work in an enterprise. depending how diverse the enterprise application landscape is, there might be a requirement to have application packages for each business unit.

this, however does not deal with the rights within each application. i will touch upon that in the next section.

• if there are 10 roles in a business unit, there can exist 3 sets of applications packs.
• this is with an assumption that each individual role does not require a separate application pack. only the rights within an application will change as role changes. for e.g – at a junior level a person may access SAP for entering invoice details but at a senior level, the same person may access SAP for approving them with different set of rights.
• hence for an enterprise with 10 business units, and with 3 application packs per unit, there will be a total of 30 application packs.
• depending upon the role attribute associated with the identity of the user, the necessary application pack can then be installed on the desktop/laptop of the user using a service request process.
• in the context of the enterprise i discussed in my previous post One IT – 1, it would mean having same set of application packages for NA and EMEA  for each business unit as shown in table below.

Role	Business Unit 1
	NA	EMEA
Level 1 to Level 4	Application_pack_1	Application_pack_1
Level 5 to Level 8	Application_pack_2	Application_pack_2
Level 9 to Level 10	Application_pack_3	Application_pack_3
Role	Business Unit 2
	NA		EMEA
Level 1 to Level 3	Application_pack_4		Application_pack_4
Level 4 to Level 7	Application_pack_5		Application_pack_5
Level 8 to Level 10	Application_pack_5		Application_pack_6

Access Rights

depending upon the role of the user as defined in the enterprise hr directory, necessary attributes will be associated with the user identity to define the kind of rights the user has in the enterprise applications. enough has been written on the subject of IAM or IDM so i wont elaborate on the topic.

however, the access rights management will be closely coupled with the identity framework mentioned in One IT – 2.

the role of a user in a business unit will define the rights the person has on the business unit level and corporate level applications. these rights will be tightly coupled with the users identity in the enterprise directory services to ensure the user has access to the same privileges irrespective from which part of the enterprise the user tries to access the application..

yawn!! more next time

One IT – 2

digital identity – core of One IT framework

in my opinion, this will be the core of the One IT transition. The entire experience that a user of IT experiences can be built around the digital identity and associated set of attributes.

The attributes that can be associated with the users digital identity can drive the entire spectrum of IT experience like – SLA to IT issues etc that has been committed to a user based on either his role in the organization of the type of IT user the employee is.

we can associate attributes which can define various experience parameters like:

• name – John doe
• business unit – sales
• role of user – sales director
• category of user – power usage
• location – NA
• attributes for access rights in enterprise applications (closely associate with attribute for the role) – Reviewer for SFA
• etc etc

The figure below attempts to capture my thoughts on the relationship between a digital identity and the IT experience:-

identity to one-IT relationship

allocation of computing resources

i have seen that many enterprise provides  hardware/software and services based on the designation of a user/employee in an organization. most of the times it has little semblance to the way these users use IT infrastructure and services. i have seen managers who work on word/excel majority of their time have high end computing resources on their laptops than compared to the users who work on enterprise applications that are resource hungry.

it is usually observed that as you go up the ladder, the intensity of IT usage reduces in computing power but increases in the way flexibility of IT services is required for work.

there are other ways which, in my opinion, can also be used to allocate computing resources to the  users. instead of designation of the employee becoming the key criteria in defining the allocation of IT resources, we can identify the way a user makes use of IT, the criteria for the same and also have necessary SLA and services associated with such categorization.

a way of categorizing the user population on the way they use IT is given below:-

Type	Associated Identity Attribute (Type)
Executives	Platinum
Power Usage Employees	Gold
Medium Usage Employees	Silver
Average Usage Employees	Bronze

i have still kept executives as anyone with a ‘c’ at the start of the designations will always need to be treated above the rest of the pack ;-). (i have used power, medium for lack of creativity on my part but i hope the message is clear)

hardware standardization

starting from the basic infrastructure, most of the enterprises usually have standard hardware vendors when it comes to end user hardware like desktops/laptops. depending upon the enterprise vendor management strategy, i have seen that usually they have standardized on one vendor for each geo (one for NA and another for EMEA). for sake of discussion, presume it is IBM for NA and Dell for EMEA…

Geography	NA	EMEA
Hardware Vendor	IBM	Dell

• i suggest categorizing of the users depending upon their nature of work for allocation of the necessary hardware to facilitate their work.
• what i have observed in our customer interactions is that, the laptop/desktop hardware/models are allocated based on designations. hence one can find the sleek, high memory/processor laptops in hands of executives who work mostly on office software which can be a waste of computing resources 😉
• so, instead of designations, an enterprise could identify a mechanism to categorize their users based on the nature of the work. for e.g – power users, office users and low end users or something as mentioned in the previous section.
• hence across all business units across all geo’s all the users will fall under one of these pre-defined categories.
• associate the identity of the user (login name etc) with the attribute which declares what type of user the person belongs to.
• standardize the type of hardware provided to each category of users depending upon an user category attribute.
• hence in the enterprise that i am using for this discussion, there will be three categories (four if you still treat executive management as another category different from the rest ;-)) of users irrespective of geo and business unit.

	NA	EMEA
User Category Type	Hardware	Hardware
Power Usage Employees	IBM Laptop Model ZZZ	DELL Laptop Model AAA
Medium Usage Employees	IBM Laptop Model XXX	DELL Laptop Model BBB
Average Usage Employee	IBM Desktop Model YYY	DELL Desktop Model CCC

SLA for IT issues

usually in an enterprise, the users are categorized based on their designations or roles they are trusted with in an enterprise and the whole SLA around response and resolution time to an IT issues of a user is sometimes linked with the band or slab the users falls in. of-course IT team also respond based on classification of the problem severity (high, medium and low etc)

another way of defining response time can be based on the type of user (as discussed in previous section) or the application (SAP etc will evoke a higher response time than internet access etc)

SLA matrix – Role to User Type

sometimes, it also will make sense to have higher SLA for IT issues which is based on the business cycle of the enterprise. for example, for in retail vertical it will make sense to have more strict SLA and change freeze in billing or supply chain applications during holiday periods (thanksgiving, christmas etc)

more….next time…!

One IT – 1

i was in discussion which revolved around – how IT can enhance the experience for the customers of  IT

a lot of ideas were put on the desk and discussed. So here are my thoughts on the subject.

i call it OneIT or One-IT, or whatever you may want to call it :-). It is a transition which the IT organization of an enterprise needs to make to ensure consistency and predictability  of IT services for the users.

the following are the areas that can possibly be included in this transition:-

• ability of an IT user to request for a set of IT services with guaranteed availability & response time (aka service catalog)
• ensuring that an IT user to experiences the same response & resolution time for IT issues irrespective of the location the user connects to the IT environment within the enterprise and guaranteed in the service catalog
• ensuring consistent application response time for IT applications the user has subscribed or requested for.
• single interface to see the charges a user is paying (or a department /business unit) is paying for the IT services subscribed for.
• making IT experience independent of the geo the user is in. it is consistent and defined across the enterprise. IT services and SLA can be based on predefined criteria like – user categories, hardware type but the message is – it has to be consistent.

in my opinion, it starts with first identifying the ‘customers’ of IT. In any organization, there can be direct customer and indirect customers. more often than not, the direct customers are the employees of the enterprise itself. Indirect customers tend to be the enterprise customers. (however, in some cases IT impacts the enterprise customers directly also)

for the sake of the discussion, we will focus on the enterprise IT users for the time being. so, how does one enhance the experience of IT users?

Looking from a very high level, it will involve standardization of technologies and processes, evolving global delivery model and making much of IT seamless to the users. nothing new huh! I have heard these terms so many times on proposals and discussions but in most cases, it ends there.

seamlessIT or seamless-IT, (ha! another term coined for lack of a better word) should mean making IT smooth and seamless to a user by not exposing the user to the internals or nuances of IT organization. a user need not chase a systems administrator for one thing and then a networking team for another blah blah.

Let us take an example of a simple enterprise with the following characteristics for the sake of discussion:-

• presence in three geo’s or continents (NA, EMEA, ASPAC)
• having geo aligned business units each
• having about 20,000 IT users spread across the threeo geo’s.
• geo specific IT helpdesks where users call for IT related problems.
• enterprise applications to which access is required by the users.

the same model can probably be extended to enterprise with different structures also.

i will try to pen down my thoughts on this subject and how an enterprise can move to ‘One IT’ framework in the next few posts…(yawn!!!)..maybe not today though!

Return on Investment – Identity & Access Management Case Study

This post is a short analysis of a successful Identity & Access Management strategy adopted by a 10 billion dollar organization having more than 25,000 users and over 25 manufacturing facilities.
In 2005, the organization had 25 people team performing what is called helpdesk and “GAM function” GAM stands for Global Account Management. Out of the team of 25, 8 people were dedicated to issues related to account creation, management, password resets, access management etc.
During the discussions with the CIO and VP – IT, it was already decided that IT functions that did not add direct strategic value to the business, would be commoditized. Hence it made sense for the IT to classify such functions and not be on the aggressive or on the leading edge of technology for such functions. GAM was classified as one such function. The business, in-spite of some complaints about efficiency, was not ready to pay for initiatives that could bring in further improvement of services.

Some of the tasks being performed under the GAM category consist of:-

• User account management including provisioning and de-provisioning on various IT assets including applications and infrastructure
• User password management including reset of passwords, unlocking accounts locked due to bad username/password attempts.
• Managing access of users in various applications
• Generating reports of users with access to critical applications covered under audit scope for compliance & regulatory requirements like SOX etc.
• Helpdesk services – answering calls from users related to IT issues etc and providing first level of support

In order to reduce cost of operations, the organization explored various options including:-

• Outsourcing to an IT services provider
• Off-shoring to low cost geography
• Automation using Identity and Access Management solutions

Outsourcing the GAM function to an “on-site” IT services provider (who would perform the same activities from their facility) would not have yielded them the benefits the organization was looking for. The IT teams also deliberated between the two options:-

1. Automation first and off-shoring the task of maintenance
2. Off-shoring first, realizing cost savings and funding automation initiative

Also, various Identity and Access Management solutions were evaluated for the technical capabilities and financials. It was also desired that any such solution needs to be self funding and should not require additional funds from the management. However in 2005, all solutions proved to be too costly.
Hence the organization decided to follow a two phased strategy:-

1. Off-shore GAM activities till the cost of automated Identity and an Access Management solution was affordable.
2. Once the Identity and Access Management solution became affordable, the team would then analyze the solutions available and engage with the right vendor and system integrator for implementing the same.

Also, off-shoring business case provided an immediate cost savings. A back of the envelope calculation is shown:-

Towards the end of 2007, the team relooked at the available automation solutions and started negotiation with leading vendors of Identity and Access Management Solutions. Key observations were:-

1. The Identity and Access Management market had undergone a lot of consolidation and players had strengthened their propositions by making the right acquisitions and partnerships.
2. The prices of solutions in the market had come down drastically and the vendors were ready to give good discounts.
3. Good system integrators were available with good exposure to similar implementations thus reducing the risk of technology for the organization.

The team was able to negotiate over 60% discount with a leading provider of Identity and Access Management solution and asked the vendor to recommend an apt system integrator for the rollout. The rough analysis for the business case that was calculated now for automation is given below:-

Discussion with BU Head – Consumption Management

i met a head of a business unit of a leading semiconductor manufacturing firm. during the course of discussions, it was only natural to end up talking about how his team uses the services that their IT provides to them.

one of the things that came out was the need for the business units to manage the consumption of IT services in a controlled manner.

businesses will have never ending demand for IT services. using demand management processes, the IT units have developed a way to manage these demands. use of portfolio management initiatives have helped IT in ensuring managing the demand and the supply side of IT. at the same time service catalogs provide a ‘menu’ of services the IT offers to the business.

what about helping business manage the consumption of IT services?

taking a leaf out of the way retail industry tracks the consumption data and use it for demand forecasting, similarly IT can also track consumption trends to improve its services and innovate to provide services that are actually more valued by the business users.

one rudimentary way is to track subscription to various IT services listed in the service catalog. based on the most popular subscription and combining it with the IT capacity management system will enable IT to have some handle to forcast the demand both, from IT services and from resource point of view. one can probably perform demand modelling also by using the consumption data.

tracking the consumption data will also depend on the metrics employed to track the usage. for e.g – for email, some of the most popular metrics used is number of mailboxes categorized by size. in some cases, it might make sense to move away from pay per use models just like the broadband internet access services have evolved from pay per use to bandwidth based packages.

for the business units, IT can enable them to track the IT service consumption by having transparency in the metrics and measurement data. just like service catalog enables the business units to subscribe to services, a real time (or near real time) or a scheduled report on SLA’s, service utilization metrics etc will also help the business units track and control the IT expenditure.

i might come back on this topic again sometime in near future…right now..time to catch my flight!