Just like a fruitcake is the holiday gift that no one wants, a license compliance audit is sure to be at the bottom of everyone’s wish list this holiday season (except for maybe the vendors). What do you do if you find this lump of coal in your stocking? How do you resolve the issue as quickly as possible? And no, re-gifting is not an option!
Business is all about placing bets and knowing if the odds are in your favor.
As I noted in my most recent Forrester report, business success depends on your company being able to visualize likely futures and take appropriate actions as soon as possible. You must be able to predict future scenarios well enough to prepare plans and deploy resources so that you can seize opportunities, neutralize threats, and mitigate risks.
Recent research undertaken by Forrester across Asia Pacific has indicated that while there is clearly a strong drive to improve the efficiency of IT systems, this will not often be through the implementation of process improvement systems, such as ITIL or CMM.
Major IT Management Themes In Asia Pacific
Source: Enterprise Global Technology Adoption Survey, Asia Pacific, Latin America, Middle East, And Africa, Q1 2009
So why has interest in these processes suddenly plummeted in Asia Pacific? While I have no strong evidence of the answer to the question, the many discussions I have had with IT leaders across the region leads me to believe that a number of factors have lead organizations to delay or put a stop to their ITIL process improvements and their broader ITSM initiatives.
Today, Google made its first public announcements about Chrome OS, a Linux-derived operating system that it positions as secure and easy to use. I listened in on the Web cast today, and had some initial impressions.
Overall, I am impressed. Google had the luxury to design an OS using a clean sheet of paper, and as a result produced an OS that has some very interesting security properties:
Cloud computing is the latest trend that has the industry abuzz. Everywhere you go, there are cloud services for every functionality imaginable. Many believe that cloud computing can deliver massive business and operational efficiencies. There is even a movement at the national level: Vivek Kundra, the country’s recently named federal CIO, is being tasked to push the adoption of cloud-based services across the federal IT landscape.
Cloud computing differs from traditional outsourcing because in the latter model, it is still very much standalone computing — either you take your server and put in someone else’s data center, or you have a MSP managing your devices. In many cases, you know exactly where your data/host is and what resources, if any, you share with others. Cloud computing decouples data from infrastructure and obscures low-level operational details, such as where your data is and how it’s replicated. Multitenancy, while it is rarely used in traditional IT outsourcing, is almost a given in cloud computing services. These differences give rise to a unique set of security and privacy issues that not only impact users’ risk management practices, but have also stimulated a fresh evaluation of legal issues in areas such as compliance, auditing, and eDiscovery.
I’ve had many conversations recently with IT security and compliance professionals about cloud security, and the universal concern seems to be that there is a lack of visibility and standards across cloud providers. Users of cloud services are therefore left to fend for themselves, especially in terms of understanding and addressing security risks associated with outsourcing to the cloud.
As people spend more time consuming information digitally at home and at work, reliance on paper continues to decrease. But how far are we across the Digital Divide? In 1975, George E. Pake, then head of Xerox Corp.’s Palo Alto Research Center, predicted that in 1995 his office would be completely different: “There will be a TV-display terminal with keyboard sitting on his desk. I’ll be able to call up documents from my files on the screen, or by pressing a button. I can get my mail or any messages. I don’t know how much hard copy I’ll want in this world.”
Recently, Forrester surveyed a number of CIOs to collect benchmark data on staffing ratios and spending. This is a new initiative within Forrester and one that is not yet complete. We did this for three reasons:
Benchmark questions (called inquiries at Forrester) on staffing have become relatively common. Examples are “Can you tell us the average share of IT Staff as a % of total staff by organization size” and “Would you have specific spending figures for IT infrastructure?”.
This kind of data in conjunction with other data and analysis can identify problem areas.
Staffing benchmark data along with spending and other data are objective measures of IT organizations.
Though our initial sample size is small a preliminary view of the data shows that:
In its complaint, the SEC alleges that, “Madoff and his lieutenant Frank DiPascali, Jr., routinely asked (Jerome) O'Hara and (George) Perez for their help in creating records that, among other things, combined actual positions and activity from... market-making and proprietary trading businesses with the fictional balances maintained in investor accounts.”
The SEC further alleges that O’Hara and Perez tried to cover their tracks by deleting hundreds of files, withdrew hundreds of thousands of dollars from their investments through the company, told Madoff they wanted to stop helping him, and then accepted larger salaries and substantial bonuses for their promise to keep quiet.
It will be interesting to watch this case unfold. I was hoping it would get into issues of whether the IT professionals were considered just uninvolved support staff or key participants in the scheme. Considering the evidence SEC claims to have, I don’t think we’ll hear those arguments in this case, but keep an eye out for how the defense comes together. Fraud prevention is a growing area of concern for government, health care, insurance, financial services, and other industries... which means we could be seeing more cases questioning the responsibility of IT to identify and/or prevent such issues.
Last week Informatica announced the release of Informatica 9, its data integration/data management platform that continues to evolve its flagship PowerCenter and PowerExchange data integration and access technologies into a much more comprehensive data management platform going well beyond the scope of traditional, batch-oriented ETL that remains Informatica’s bread and butter.
The three main themes Informatica has pitched for this release include: - Pervasive Data Quality - Business-IT Collaboration - SOA-based Data Services
While these themes and capabilities - reusability, SOA-compatibility, real-time, business engagement - are not necessarily new to the broader data integration or data quality software markets, few organizations have been effectively able to execute on them. For the purposes of this blog post, I’d like to focus a bit more on the DQ and business/IT collaboration parts of the announcement.