Lessons Learned From The Recent British Airways Outage

Naveen  Chhabra

Like many others, we are trying to wrap our heads around the recent British Airways outage, an event so far-reaching and arguably avoidable that it’s difficult to believe such a thing can happen — yet it did. While our aim is not to criticize BA, this event provides some good lessons for everyone. It’s a reminder that bad things can happen, even to a good organization. You need to be aware of the risks to your own technology and business and defend against them before they harm your business and your customers.

As a rough estimate, BA will suffer direct losses of US$20 million to $25 million (75,000 passengers at an average revenue per passenger of about $300).[i] Three days of missed bookings amount to a potential additional $105 million loss, to say nothing of the reputational damage and other indirect losses. It might take the airline a few quarters to recover fully. Public memory is short, and the beleaguered traveler is forgiving, but a three-day no-show is extreme. BA execs will get to the root-cause analysis soon, but the event (and historical failures at airlines in general) provides a bonanza of lessons for execs everywhere who want to better equip their organizations to handle such exigencies.

Here’s what you should do:

Read more

Reflections From HPE Discover 2017

Eveline Oehrlich

From June 4 to 6, 2017, Hewlett-Packard Enterprise hosted an analyst summit in hot Las Vegas as part of its HPE Discover 2017 event. After a five-year journey of splitting, spin-merging, and getting smaller, CEO Meg Whitman and her staff took stage announcing their strategy and innovations to 9,000 attendees ranging from partners and customers from all over the world. This calls for some reflections about HPE’s journey, its past achievements, and its current focus areas and will help us understand where HPE is heading in the future.

I have been following HPE for almost 11 years and had a chance to meet Meg Whitman in September 2016 in Boston right after the company acquired SGI. I have seen HP split into HPE and HP Inc., creating two powerhouses and then again spin-merge its services teams into CSC (now DXC) and HPE Software into Micro Focus, which should be finalized by September 1, 2017. Meg has created four new companies out of one giant company, with each focused and poised to innovate, add value, and deliver outcomes to its installed base and new customers. In the past 12 months, HPE grew both organically and inorganically via good (and attractively priced) acquisitions such as Aruba Networks, 3Par, SGI, Nimble Storage, CloudCruiser, and Niara — all purposeful and aligned with two of its key strategies, supported by the 25,000-strong PointNext service organization.

HPE is clearly focused on all verticals and large enterprises of the world that face challenges in transforming towards a digital business all at different speeds. The spin-merging of HP Enterprise Services into what Meg calls its “cousin” DXC allows it to be even more partner-open, and the new GM Ana Pinczuk is eager to march her PointNext organization along HPE’s solutions as well as create additional competitive advantage with new service offerings.

Read more

Ringing Down The Curtain On Change Management Theater

Charles Betz
Change Management is a hot topic lately on my social media channels. Like my friend Jon Hall, I also am a long time veteran of the classic Change Advisory Board (CAB) process. It almost seems medieval: a weekly or bi-weekly meeting of all-powerful IT leaders and senior engineers, holding court like royalty of old, hearing the supplications of the assembled peasants seeking various favors. I’ve heard the terms “security theater” and “governance theater” applied to unthinking and ritualistic practices in the GRC (governance, risk, and compliance) space. The CAB spectacle, at its worst, is just another form of IT theater, and it’s time to ring that curtain down.
 
As a process symbolizing traditional IT service management and the ITIL framework, it’s under increasing pressure to modernize in response to Agile and DevOps trends. However, change management emerged for a reason and I think it’s prudent to look at what, at its best, the practice actually does and why so many companies have used it for so long. 
 
Read more

Automation For The Better Good - Security

Chris Gardner

Automation gets a bad rep these days, what with public fear that robots will take over jobs (an invalid assumption – we will be working side by side with them).

However, if you asked the most diehard Luddites if they were ready willing to give up the following:

  • Depositing a check using a mobile app
  • Ordering products on Amazon to receive the next day
  • Accepting a jury duty request online

...they would probably hesitate.

What these tasks have in common (in addition to relying on automation): a critical dependence on security. When you deposit that check, you trust that the image is encrypted. When you accept that jury duty request, you have faith that your PII (personally identifiable information) is being protected.

In a world where infrastructure-as-code scales quickly and massively scales, it is crucial to bake in security at every level of the stack. This means leveraging automation tools such as configuration management and application release automation, as well as applying Zero Trust principles all the way down to the bare metal.

In a new report, Joseph Blankenship and I dig into the particulars of this endeavor, as well as the organizational implications. In the end, you want I&O professionals to be policy enablers, not policy executors – automation helps get us there.

Dear IT Operations: It’s Time To Get Serious About Security

Milan Hanson

Okay, I’ll apologize right away to the IT ops teams that are already security-savvy. Hats off to you. But I suspect there are still a few that leave security to the CISO’s team.

On Friday, May 12, 2017, evil forces launched a ransomware pandemic, like a defibrillator blasting security into the heart of IT operations. What protected some systems? It wasn’t an esoteric fancy-pants security tool that made some organizations safe; it was simple e-hygiene: Keep your operating systems current. Whose job is that? IT operations’. Had the victims kept up with OS versions and patches, they wouldn’t have been working over the weekend to claw back from disaster. What’s the path to quick restoration? Having a safe offline backup. Whose job is that? IT operations’. The WannaCry ransomware outbreak is a brutal reminder that IT operations plays a critical role (or not!) in protecting the business from villains.

While headlines get everyone’s attention, there’s another non-news reason for IT operations to step up its security role, and that’s profit. In this age of the customer, the businesses that gain market share and disrupt industries are exceptionally agile; they deliver the features that users want as fast as they want them. DevOps arose from that new reality: to make IT operations as quick and nimble as developers are. In the process (and I would argue that this should be essential to the process), operations people learned a lot more about development, and developers learned a lot more about operations. The infamous “wall” between dev and ops is crumbling, and customers, the business, and shareholders are happier for it.

Read more

DevOps Has Reached “Escape Velocity”, CIO’s Need To Get Onboard!

Robert Stroud

In an era where velocity and agility are driving technology management organizations over simple cost reduction, every business must constantly evolve to drive business differentiation. Leveraging practices such as Lean and Agile, smaller changes, automated pipelines and product centric teams, DevOps is transitioning from unicorns and small projects to company-wide initiatives. Companies such as WalmartING and JetBlue to name a few are leveraging DevOps to drive their business transformations and are reaping the benefits or accelerated velocity across the organization. DevOps is a powerful approach available to the CIO to drive velocity and agility, supporting the innovation required to drive business transformation.

 

Unlocking the value requires cultural change

To unlock the promise of DevOps, CIOs must lead and support a cultural change within their technology management organization. As any leader knows, changing institutionalized behavior is the toughest of all management challenges and CIOs are understandably skeptical of new trends.  Despite this, CIOs must recognize when a trend becomes an imperative for survival. DevOps has become this imperative, and CIOs must engender a culture of collaboration and learning and enable their people with the right tools to drive holistic life-cycle automation.  

 

Lean processes are critical to success

Read more

DevOps, Invest For Velocity And Quality!

Robert Stroud

Delivering exceptional customer experiences and product for your business take speed and flexibility. More than ever before, speed and flexibility are required from every part of your organization, business and IT alike. DevOps provides your business leaders, enterprise architects, developers and I&O leaders a philosophy to achieve, not only the velocity that customers desire but also drive innovation and enforces quality. One example is ING. The company is undergoing a major digital transformation in which DevOps is a primary driver supporting their transformation. ING CIO Ron van Kemenade has initiated DevOps as the vehicle to aggressively support ING’s evolving customer needs. At ING, technology is the beating heart of the bank.[i]

DevOps requires a transition from technical silos to product centered teams

Effective DevOps will require the tearing down of the technology based silos within an organization.  Instead, teams need to focus on the products (or service) delivered and be empowered to own the complete lifecycle.  Key performance metrics such as such as availability, the number of features added are used to measure the speed and quality of how these product centered teams work.  In some organizations, the team may even own support of the designed and delivered services.  This integrated product team is a fusion of developers, infrastructure & operations, quality assurance, and release managers into a single team that works on the entire pipeline, from commit to deployment. Existing centers of excellence such as DBA’s or security teams will remain and support the DevOps team; in some cases, they might even be allocated to the team for a particular duration. [ii]

Deconstruct silos of automation and replace with full pipeline automation

Read more

Check Out The New Forrester Wave™ Of Leading DRaaS Providers

Naveen  Chhabra

I am pleased to announce that the new Forrester Wave™: Disaster-Recovery-as-a-Service Providers, Q2 2017 for infrastructure and operations professionals is now live! This Wave evaluation uncovered a market in which four providers — Sungard Availability Services, Bluelock, IBM, and iland — all emerged as Leaders, although their strengths differ. Another five providers — HPE Enterprise Services (now DXC Technology), Recovery Point, Plan B, Daisy, and TierPoint — are Strong Performers. NTT Communications is a Contender.

To evaluate these vendors, we developed a comprehensive set of criteria in three high-level buckets: current offering, strategy, and market presence. The criteria and their weightings are based on past research and user inquiries. In addition to typical user demands, this Forrester Wave™ evaluation also has a few thought-provoking criteria such as the provider’s capability to deliver security services, real-time views through a readiness score, automated change management, and orchestration-led enterprise application recovery.

Read more

A One-Year I&O Transformation

Milan Hanson

Back when I worked in I&O we weren’t very popular. Not personally, mind you, but as a team. Why? Because we seldom satisfied user requests quickly, and sometimes not at all.  We were the defenders of stability, resistant to change.  Just maintaining the technology every day - “keeping the lights on” - took a lot of manual effort.  We chased down a lot of defects, and then we struggled to get fixes created and put into production. Sometimes the fix created a worse problem. It wasn’t a lot of fun, the pressure was grueling, and one by one we moved on to other jobs.

So today when I tell clients about transforming I&O from an under-appreciated cost center to a respected strategic advisor, I understand their skepticism. What does it take? For starters:

  • You have to change the monitoring and analytics technology.
  • You have to change the attitudes of the people within I&O.
  • You have to change the perception of I&O across the organization.

Those are not small changes, and cultural changes move especially slowly. Or do they?

The I&O team at Dixons Carphone, a UK technology retailer, transformed in a year. Yes, one year. With a motto of “say yes more,” Dixons Carphone I&O went all-in on customer focus and agile operations:

  • Rather than using a lengthy RFP process, monitoring technology proven effective in one business unit was extended across the organization.
  • Rather than focusing on technology health, the focus was shifted to customer experience.
  • Rather than focusing solely on the needs of consumer customers, attention was also given to the needs of internal users, line-of-business managers, and executives.
Read more

A Spring Break Conversation Topic With Your College Kid

Eveline Oehrlich

I don’t know about you, but this spring break is different in my family. My daughter, who has almost finished her first year at a liberal-arts college, came back for spring break with the big question “Mom, what major should I choose?” Of course, as an analyst in technology and — not to brag, but as a professional who has had many roles in IT (programmer, systems administrator, and computer and information systems analyst — my first initial thought was to suggest that she look into computer information systems or computer science. She has the ability; she is an excellent STEM student. So I told her that I would do some research and get back to her.

Here is what I found: According to the United States Bureau Of Labor Statistics, the employment of computer and information technology occupations is projected to grow 12% from 2014 to 2024, which is faster than the average (8%) for all occupations. I quickly put together a table summarizing the majority of professions and found the following:

  • The highest-growth jobs in computer and information technology are in designing solutions and systems helping organizations to operate more efficiently and effectively (computer systems analysts), with a 21% growth rate.
  • The second-highest growth is in jobs to address specific topics, such as information security analyst (18%), computer support specialist (12%), and software developer (17%).
  • Medium growth rates are in jobs that design, build, and support specific technologies, such as computer network architects (9%) and computer systems administrators (8%).
  • Programming jobs, including computer programmers, are declining (–8%); hardware engineering jobs are growing slowly (3%).
Read more