What The Spice Girls can teach IT

Thought that may get your attention! – don’t worry this is not about how to sing, dance or write catchy pop tunes (fill in your own Spice Girls related joke)

As much fun as I’m sure that would be, that’s sadly not the point of this post.

This was triggered by more mundane business matters, so how on earth are the Spice Girls and IT related, let me explain;

Recently I met with a local manufacturing business, big organisation, part of a just in time production environment, supplying component parts to an extremely successful company, great meeting I hear you say…and indeed it was, apart from it reminded me of something else;

I’m sure we’ve all heard that story about asking for directions – which ends up something along the lines of the answer been

Well if I was you, I wouldn’t start from here!

Why? well during our meeting the IT chaps discussed their requirements and how the production process is run by a single application that is delivered via their enterprise system architecture. Sounds great doesn’t it, what could possible go wrong?

The enterprise system as you can imagine was critical to their everyday business, in fact so critical, if they had a failure then every minute they would be liable to a penalty.

Understandably the point of our meeting was how as a business do they protect themselves from that risk, their idea was support contracts and stringent maintenance with robust service level agreements.

That was of course where the problem starts, and this is where the Spice Girls help!.

Everything that we’d discussed about what they did and what they NEEDED as a business, painted a picture in my mind of the kind of infrastructure I’d expect to see, I’d expect resilience, no single points of failure, robust high availability.

However we were then introduced to the setup that their parent companies technical folk had deployed for them and although the infrastructure was not poor or shabby in any way, it of course lacked all of the components I’d expect to see to meet the needs of the business. In fact in the event of a major component or environment failure, they would be hitting penalty clause after penalty clause, because there would be no quick recovery from failures of certain parts of the infrastructure and that’s why the sage like advice of Scary, Ginger, Baby, Sporty and Posh is important to us… what advice is that I hear you shout?

If we think back to the poetic majesty of the Spice Girls first hit “Wannabee”, remember that deep meaningful chorus?

I’ll tell you what I want, what I really really want

Within that chorus lies the secret to a good IT solution, the disconnect in our example was the business knew exactly what it wanted, what it really really wanted, it needed resilience, high availability, quick recovery, however either the technical architects didn’t listen, or they didn’t shout loud enough, because what they got, was not anywhere near what they needed.

I share this story, because it is an issue that IT has suffered from for a very long time, technical solutions dictating business process and strategy. For me one of the most obvious examples of this is data backup, for year’s business strategy around data protection and backup has been nightly backups to offsite media (tape, external drives) which meant that the recovery plan for a business was not set by the needs and goals of that organisation but by the technology, either the technology available or that understood by the architect.

It was never driven by how it should be, which is a discussion around business need, How quickly do we need our systems back? how much data are we prepared to lose? commonly known as recovery time and recovery point objectives. Which has led to many an implemented solution not meeting the goals of the business.

The reality for the business in the earlier example was that the current architecture, dictated for them, was not capable of meeting fundamental requirements.

How does this happen?

One of the big challenges people from a technical background have and I definitely include myself in this, is we love to talk about technology, tell everyone how clever it is and the wonderful things it does and normally we’re not bothered whether you’re technical or not…we want to share that enthusiasm and that’s where the problem starts.

So let’s set ourselves a challenge, a challenge for both technical and non technical people, to ensure that whether we are consuming IT to solve a problem, or we are architecting a solution for someone, that we make sure we are getting the solution right for everyone;

Understand the big picture

If you’re technical, that challenge is to listen, make sure you know not only the potentially narrow problem you are presented with, but take time to understand more about the business you are trying to help, because sometimes understanding the big picture means you can solve more than just one problem.

channel The Spice Girls

If you’re not technical then your challenge is different, when you are considering technology in your business, firstly, take it seriously, understand technology can provide massive benefit to your organisation and it’s not just an unnecessary cost. Be prepared to share what you are trying to achieve as a business, if a technical architect is asking you those questions, please don’t see them as an intrusion, see them as an opportunity for you to get the very best solution for your business and lastly remember to channel the Spice Girls, don’t be afraid to tell them what you want, what you really really want…to achieve from your technology investment.

The mobile working challenge

multitasking-mobile-devices-557x362

I’ve done some work recently for a couple of relatively small businesses who work in very different sectors but both have very similar problems around managing their mobile workforce.

I won’t go into the specifics of the challenges for them because that’s not that important, but what did strike me was how big a challenge mobile working is for businesses of all sizes and I thought the experiences of a couple of smaller companies where worth sharing, we can all get wowed by the problems of our biggest clients, for example one we work with has over 20,000 ipads in one division – wow we all say, but actually the problem of managing that estate is no different to the mobile challenges that businesses with a handful of devices have, it’s really just scale that’s the issue and for most of us, we work in those much smaller businesses.

why the problem?

It’s a good starting point, why indeed is mobility such a problem? It’s because technology is now so pervasive, lets face it, we are all increasingly demanding of our technology, we want access to information from business email, to holiday snaps and social networks across a myriad of devices at a time that suites us.

But it’s not all consumer fun and Angry Birds, this mobile world is changing the way we do business, we expect access to key and critical data when we are mobile, be it travelling, at a client, or at home, we are all demanding that access on our range of gadgets.

That’s presenting a challenge to businesses and their IT teams, because even if it doesn’t give us competitive edge, you don’t want to be the business that looks like its stuck in the past, not able to interact in the modern world.

what’s the problem?

OK, so why does the need for mobility give us a problem? – Really it’s the challenge it presents to our data, the technology world has much changed, the idea that our data, our intellectual property, the things that define our businesses, sits comfortably cocooned in our lovely secure data centre, only accessed from our secure and controlled desktop machines, is as we’ve discussed, dead, as a business it’s very rare to be able to operate in that way today, we at least want to be able to access our email and our calendars when we are out an about.

And there’s the problem, the minute we place access to our data, or more likely the data itself, on those mobile devices  we’ve introduced a huge problem, how on earth do we control and secure that data both in transit and at rest on our range of gadgets and gizmos, be they corporate devices or owned by the user themselves.

what to do?

So if the above stuff is part of the problem, what on earth do we do about it?

Well the challenge of mobility is a biggy, no doubt;

  • How do we get applications and data to our devices?
  • How do we protect the data once its there?
  • How do we secure the data on the devices?
  • How do we manage our wide range of things?

no data on the device

I suppose the obvious start for many organisations is, don’t let the data sit on those devices at all and just deliver your mobility solution across the wire, with no data ever held in place, from the traditional idea of session based remote desktops, to apps that just front end access to an application, there’s a huge range of ways of providing mobile access to our corporate data.

There are of course challenges with any of these types of technology, making it usable for the users (why VPN technology often fails so miserably) and the obvious challenge of quality of connection, without that, the idea of mobility falls right down.

Because of the challenges of connectivity (come on you’ve all tried to work on the train!) the need to have data in place on our mobile devices is pretty much a requirement for the serious mobile worker and that was certainly the case for the two businesses I’ve been working with.

And that gets to the crux of their challenge,

what do we need to do to ensure our data is protected and secure?

So we presented some advice on some areas they should consider and I thought it maybe useful to share;

protect the data on the device

Obvious I suppose, but what do we mean by protect the data?

In this case it is about ensuring that the data held by the company is the definitive version of the data, to ensure that all had access to data as and when needed and of course that data could be recovered in the event of loss or failure of the device.

The problem was that the current technology in use in these organisations broke one of the great rules of technology, it made it too difficult,

technology really has to be the path of least resistance for the users

in the end users where not making sure that their data was synchronised back to the central systems, because it was just way to difficult, putting that data at risk.

What we needed was a solution that could centralise backup, so when connected to the Internet the data would synchronise automatically without to much user thought.

Of course there are a range of technologies out there for doing this, in this case however we looked at some very impressive stuff from Druva (www.druva.com) ticked the boxes for protecting the data on the devices and the choice to deploy on-premise or from the cloud provided the ideal solution for what we needed.

secure the data on the device

How’s this different from protecting the data? In this case or at least in my mind, protecting data is all about ensuring we have a copy of the data and can access it even if we lose the device, securing it, is about what happens when we lose a device, how do we ensure that our data is not accessed by anyone who shouldn’t be getting to it, remember that data is potentially critical to our business operations, or even provide access into our very systems.

One of the key things you should always be looking at when using mobile devices from laptops to smartphones is encryption, of course encryption is now provided as pretty much standard from Windows 8 on your laptop, through to smartphones and tablets all of the major operating system providers are providing encryption to their devices, some by default, some need turning on but its there and you should be using it.

What was stopping our customers using it then? Complexity was the challenge, so again we looked at how to simplify that, we came across a neat solution from WinMagic (www.winmagic.com) which gave us a neat management overlay for managing the encryption capability of Windows, IOS an Android via the one interface.

Of course encryption is only one tool in the arsenal, but it’s there, it’s free (the management we used is purely optional) and really should be on, but twin this with obvious stuff like password control and remote wipe capabilities to ensure you fully secure those devices from the inevitability of loss.

summary

I appreciate that we’ve only focussed on two key of mobile security here, but that was what the customer examples here demanded, of course the bigger the mobile estate, the bigger the need for increased and more scalable controls, solutions like Airwatch and MobileIron come into play to provide full mobile device management, but in the case of these relatively small customers, using some inbuilt technology with a couple of 3rd party, relatively low cost additions provided a good solid level of security to these customers mobile estates and allowed there mobile workers to operate more effectively while ensuring the business kept control of their data.

If you are looking at mobile device strategy, maybe the four points we mentioned earlier will give you a starting point;

  • How do we get applications and data to our devices?
  • How do we protect the data once its there?
  • How do we secure the data on the devices?
  • How do we manage our wide range of things?

Hope these examples help some of you.

No business like cloud business

Well after what would seem a career as an IT event reviewer/blogger I thought a change of direction was in order with some more strategic tech type BLOGS to cover some of the areas of question and concern I get challenged with while I’m out and about visiting our wide range of customers. I thought first up would be the thing that seems to top the topic list for most of my meetings, of course that’sCloudComputing and the question that comes with that topic….

Are Cloud Services Right For Me?

That’s a great question and probably a good starting point, however the only thing I normally warn people of at this stage is, don’t get to stuck on the technology, “cloud” has been a significant IT trend over the last few years and it has been a real disruptive technology, but the reason it has is not because people have chosen Microsoft this, Google that, Salesforce, Dropbox or anything else, what has made it disruptive is it has allowed businesses to develop new  business models, new ways to do business, new ways to innovate and and allows business to operate more effectively because of it. Non of that happens because they chose a particuarly technology however, it’s because the businesses understood what they needed cloud services to deliver.

What things should you be looking at then if you want to consider Cloud in your business?

Below are some examples of questions and queries that we get asked  by people considering cloud solutions and some of the tips we give;

Understand the Problem you think you are solving…

Probably covered this already, but just to be clear, understand the problem you are solving, this is not a technology conversation. Do you need more efficiency, need to cope with fast growth, need to have a more effective way to deal with geographically spread employees, need a way to collaborate, need to use services on demand, want operational cost IT rather than capital expenditure? all businesses problems that cloud can help with, but start there, not at the service level.

Are cloud services appropriate for what you do?

In many cases they are, but like any technical service, cloud or otherwise, its important that you do that bit of due diligence, before you take all your services to the cloud have you considered if the services and processes you use in your business can sit in the cloud? We do a lot of work with manufacturing companies, for many of those they have services that need to speak to local machinery and systems, sticking them in the cloud is probably not going to be something that they are going to be able to do without a complete redesign of application, process or even hardware.

Can I put my data in the cloud?

Depending on your industry this is a very important question, now in pretty much all cases, including some of those industries that think they can’t, peoples data is pretty safe in the cloud with the big providers, If you are using a Microsoft service for example, they do a lot of work with many of the regulatory authorities to ensure that their services work within the framework of industry regulation. However that’s not always the case, remember that phrase “due diligence”

How do I pick a cloud provider?

Now I know we said don’t worry to much about technology, but at some point, when you’ve decided that cloud does solve a problem and that it’s right for you, in the end you do need to pick a cloud service provider. So this is a slightly more difficult to give a generic answer because it does depend on your need. What are some of the things that people should consider;

  • Is the service appropriate?
  • Do I need a generic public solution such as office365 or are my needs more bespoke?
  • Do I need a point solution? Something that just addresses a single problem
  • Is the provider financially sound, do they have a track record of service delivery?
  • Are they going to be around for years to come?
  • Do they have a support model that fits?
  • Where is the data going to be stored, does that meet my data sovereignty needs?

These are just some of the areas we look at with potential cloud customers, it’s that due diligence stuff again!

Type of service you want

Of course understand the kind of service you want, cloud service isn’t limited to taking a broad solution like Office365 or Gmail, the services can be very bespoke, solutions like Azure deliver compute power in the cloud. Custom vendors will supply Infrastructure as a Service solutions that allow you to take your infrastructure, put it in the cloud, but its your infrastructure running on your private setup. And of course the near future in my opinion, is the Hybrid deployments, using cloud services alongside your on premise solution, from simple stuff like hybrid exchange in 365, through to more complex initiatives such as NetApp private storage for hyperscalar providers where your data stays in your control but you get to use public compute power to deliver your IT systems.

Get Help

Yes, I would say that wouldn’t I, but get help, ask for advice. Get help in deciding if its for you, advice on how you get to a cloud platform from where you currently are, understand how you manage and secure your data in the cloud, lots of things that someone with experience can help you do. For me, cloud services have a role to play in pretty much any infrastructure, the flexibility and speed of deployment cloud solutions can bring is in asset in pretty much any business, not for everyone though. I’ve spoken with two companies just this last week who won’t consider cloud in their business, logic is flawed in both cases, but in the end whether you want to move your business to the cloud is a big a part of the equation as anything else. Hope this gives you some food for thought and some questions to ask yourself when looking at a cloud strategy in your business, because if you don’t have a cloud strategy for your business, you really should get one!

Challenges for todays CIO’s

imageFor anyone who’s taken the time to read some of my posts, you would’ve seen up to now they’ve focussed on our series of IFB2014 events which have included some great strategic views of the development of technology particularly that which is used in the enterprise, we’ve heard great stuff from IBM, Microsoft and NetApp as organisations that provide real leadership to the industry.

But what about the guys who’s challenge it is to not only evaluate that kind of thinking and technology but more importantly see how that actually works in the real world and hope it addresses real business problems, not just the ones that the endless streams of analysts tell us are the problems we should all be fixing.

For our last IFB event, up stepped those very individuals, the senior IT people from some of the regions biggest and best known names, Novartis, Stobarts, Jaguar Land Rover and Merseyside Fire and Rescue Service as they shared some of the key challenges that face their organisations and how they are dealing with them.

A few things struck me from our four speakers;

  • Although they where from very different organisations ranging from 1000 users to 150000, from manufacturing to emergency services, the IT challenges they faced had a lot in common.
  • Interesting how the challenges they had reflected so closely the challenges that our Tech industry leaders had covered in our previous events.

What were their key challenges and how do they compare to the issues you see in your organisations on a day to day basis?

This post looks to keep you a taste of that, I’ve not quoted any of our presenters by name or aligned the thoughts to specific companies, as that’s not particularly important, hopefully though the following gives an idea of the

image

Security

I think it was fair to say very high on the agenda of most of the speakers was the issue of security.

My first question when discussing  security is, what do you mean when you say security, it’s a wide ranging topic, it covers everything from locks on your server racks, to highly organised criminals stealing your data for gain of some sort or other.

Why’s it such a headache? because the impact of a security breach can be huge, one of our speakers pointed out the key pain points for them;

▪Harmed commercial interests and strategy

▪Loss of reputation

▪Regulatory investigations and fines to non-compliance

▪Reduced shareholder value

Where did the risks come from? i thought this graphic one of our presenters used summed it up quite nicely.image

Today’s attacks are multi-level and multi-channel by default.

According to the most current UK government research, 87% of small firms in the UK experienced a cyber security breach last year, and 93% of large firms were also targeted. Some incidents caused more than £1 million in damages.

What are IT organisations doing to protect their business? It’s certainly a huge focus area interestingly though a huge part of dealing with the issue wasn’t technical but more practical steps and staff awareness, making sure that staff understood the risks, having security at the forefront of peoples minds as they went about their business. Of course complimenting that with strong technical solutions was important, be they for data protection, mobility, governance, rights management, protecting the business from the perimeter of your network and beyond.

One interesting thought that they shared, was at what point do you stop as one of the presenters pointed out.

Balance the need to protect the business while not hindering their ability to transact business

Important to remember another key message throughout our events, IT can no longer be seen as a cost centre and alongside that certainly not an inhibitor to an organisation meeting its goals.

Security as all speakers stated was a huge issue and one, way too big for a sensible sized BLOG post, I have a separate piece in the pipeline based on some work with resilient Liverpool that we have recently carried out here at Gardners.

Knowledge

This was an interesting theme amongst our speakers, with slightly different takes on it, there was no doubt of the importance of Analytics. “BIG DATA” is certainly an IT industry buzzword right now  and the ability to mine data from many sources was a key point for our speakers and interestingly this is becoming easier for business of all sizes with a growth “analytics as a service” models to deal with specific data analysis tasks.

For one of our speakers, it wasn’t really about “Big Data” it was actually the opposite, more about “Little Data” picking on tactical business intelligence solutions, providing a practical starting point, easier to implement with much shorter return on investment. Solutions designed to fight the proliferation of spreadsheets and people creating little silos of knowledge, where more time was spent putting data into the latest 40Mb spreadsheet than was spent analysing its contents or even considering how many versions of business “truth” where out there!

An interesting take on the knowledge discussion also came out and it is certainly an issue I see in many businesses on my travels. When an organisation has old, complex, bespoke solutions that have operated untouched for many years, this presents a very difficult problem, as an organisation supports ageing and fragmented infrastructure, ability to meet changing needs due to limited capacity, diminishes greatly.

Lack of knowledge on older applications results in extended service interruptions as recovery is slower

But maybe more critical than this and remembering that IT can no longer just be a cost centre

Lack of knowledge also hinders our ability to introduce functional enhancements in support of  business growth.

which leads nicely into the final two key points our speakers shared with our delegates.

Agility

It’s possibly been the favourite topic of all of our industry speakers throughout  the events and actually, it is something that all businesses discuss whenever I meet with them to talk about future technology deployment, whether they realise it or not.

Our speakers where no different, working in organisations that have to respond to pressures and challenges from all areas, be that budget pressure, pressure from competition, pressure internally, changing markets, the need to innovate, the need to react quickly to changing conditions, all of these areas drive the needs of business to develop an agile technology infrastructure, which not only delivers core services, but of course ensures IT is assisting in the revenue activities of the organisation.

Here’s some agility based quotes from our speakers;

“As our company changes from a local to a global mind set…people need to think global, enterprise and scalable for IT solutions..the IT organisation has to be flexible and agile to support the fast growing business”

“As an organisation that changes via acquisition and sale on a regular basis, the ability to meet the needs of this rapid change is critical…”

“Competitive advantage and speed to market is critical in our business and the challenge is… what “change the game” business opportunities can IT enable..what new and emerging technologies support these opportunities…how do we execute IT transformation to reach this”

“in a background of ever increasing budget pressures we have to look at how IT can help us deliver the very best service in these challenging conditions”

Although as we looked at agility i did like this quote;

CIO Strategy –  Knowing What to Change, When to Change it and What to Leave Alone

Our final area of agreement between our speakers was of course

Cloud

Contractually obliged as IT folk are to mention cloud at every given opportunity our senior IT team didn’t let us down. We finished the session with a short panel debate and the very last question to them was;

“What do you see as the next big challenge for you as strategic IT heads in your organisations and the biggest challenge you’ll have to deal with?”

Cloud was actually the answer they all gave, there is no doubt that cloud services, be them private, public or more likely hybrid deployments of cloud solutions, are top of the list of many a technology strategist, but actually they should be high on the agenda of anyone who is looking at the future direction of their business.

The agreed wisdom was that cloud solutions where not going away anytime soon and the flexibility and of course agility that cloud based services deliver is key to supporting the overall strategic goals of their organisations. But that came with challenges, how to find the right provider, how to manage the security and compliance of placing your business systems outside of your control, how to deal with what will have to be a hybrid solution as all of the organisations felt they where a very long way from cloud only solutions.

Cloud services are indeed a key component of any strategic planning in any organisation big or small and of course if you don’t have a cloud strategy, you really should.

Our speakers gave a real insight into the challenges that a senior IT head in an organisation of any size has to face and deal with on a daily basis, I think what each of our speakers did show was it was essential in their jobs, that they understood not only the technology industry but also ,and maybe more importantly, they thoroughly understand the needs of their organisation, so that IT could enable the business to achieve its goals.

It is that challenge that not only everyone who attended the event but also all those I get to speak with regularly should set themselves, make sure you understand the objectives of your business and take the time to learn about what the technology industry is trying to do to meet those challenges and provide solutions and innovations to business in the fast changing world in which we all operate.

Hopefully these little (so OK not so little) BLOG reviews of our IFB2014 events has given you a flavour of the business challenges that IT face and what the technology industry is trying to do to meet them.

The big question for me though is, now the events are over, what on earth do i BLOG about now! Any Suggestions?

If these post raises any questions, please feel free to contact me and if you haven’t already, please have a read back through our IBM, Microsoft and NetApp events to see what those very influential technology leaders are doing to address our CIO’s challenges.