five jewels of it deployments

Five enterprises have leveraged the power of innovative IT to boost revenues, enhance agility, and drive out inefficiency. | PAGE 25

Technology for Growth and Governance

CT

O

FO

RU

MVolum

e 06 | Issue 21

June | 21 | 2011 | 50Volume 06 | Issue 21

SE

CU

RIT

Y-ST

UP

ID IS

AS

ST

UP

ID D

OE

S | T

EC

H F

UE

LE

D T

RA

NS

FO

RM

AT

ION

| FIV

E T

IPS

FO

R N

EW

TIM

ES

A 9.9 Media Publication

A QUESTION OF ANSWERS

Explaining Business Benefits of VC PAGE 14

I BELIEVE

Do What It Takes to Build CredibilityPAGE 04

BEST OF BREED

Debunking the Top 5 SLA MythsPAGE 18

Common IVR Boosts RevenuePAGE 04

Digging out Inefficiencies

PAGE 34

Intelligence on the GoPAGE 32

Pay-By-Wire Turbo Charged

PAGE 28

Making it EasyPAGE 26

editorialRahul Neel MaNi | [email protected]

1 21 JUNE 2011 cto forumThe Chief

TeChnologyoffiCer forum

Explaining Business Benefits of VCPolycom intends to change the mindset of corporates in the way they look at videoconferencing. The company is enabling them to look beyond the traditional applications of the technology.

14editor’s pick

vation project. The operations must go on normally while the new infrastructure comes up simultaneously. A lot of things came in the way but nothing deterred the conviction to do faster and better.

Besides the usual sections, we added more to CTo forum in past two years. The first South Asia Cio Summit was organ-ised in 2010 and second one during this year. Another feather in the cap was CSo forum – an exclusive effort for the Chief (information) Security officers.

Personally for me, these were ecstatic moments. Branching out into new areas was a wel-come change and it gave me great opportunities to interact with the Cios (from South Asian region) and a large pool of CSos from india. The experi-ments produced good results.

Time flies. now it is time for

it was nearly two years ago (precisely in September

2009) when i got the mandate to lead ‘CTo forum’. i was cau-tiously ecstatic. Why cautiously? There were various problems to overcome, numerous hurdles to cross. But as i have a habit of saying ‘yes’ to challenges (almost every), i accepted this as well. my biggest test was to live up to the expectations the universe had of me. And frankly, i was little or not pre-pared. initially, like many oth-

ers, i stumbled upon a few of those hurdles. There were times when my performance stooped down to an unacceptable level. i realised it wasn’t easy.

But with time, effort and unequivocal support, the jour-ney began. right from manag-ing a small but volatile team to managing the image of the brand CTo forum, everything needed proper attention and that too in least time. in fact ‘time’ was the only thing i didn’t have. it was like an airport reno-

me to bid adieu to a rich, strong community platform. When i look back at those two years, i find myself standing amidst a momentous past. All of this became a reality with tremen-dous support and guidance from both the community and men-tors internally. your faith in me gave me the required impetus to not only overcome those chal-lenges but to find a path to walk. But the habit of accepting chal-lenges was no less important.

more than anything else, i seek your pardon for my ignorance, mistakes, errors and blunders.

lastly, i sincerely appeal to you to continue your support for CTo forum to help us serve you better.

A habit difficult to give up! A tenure marked

by accepting challenges and measuring up to them.

2 21 june 2011 cto forum The Chief


june 11

Cover Story

25 | Five Jewels of IT Deployment Five enterprises have leveraged the power of innovative IT to boost revenues, enhance agility, and drive out inefficiency.

CopyrIghT, All rights reserved: reproduction in whole or in part without written permission from Nine Dot Nine Interactive pvt Ltd. is prohibited. printed and published by Kanak ghosh for Nine Dot Nine Interactive pvt Ltd, C/o Kakson house, plot printed at Silverpoint press pvt. Ltd. D- 107, MIDC, TTC Industrial Area, Nerul, Navi Mumbai- 400706

ColumnS04 | I belIeve: Do What It takes to buIlD CreDIbIlIty everything else will fall into place once stakeholders find that the Cio and his team know what they are talking about. By RatnakaR nemani

64 | vIeW poInt: FIve tIps For neW tImes leaving the economic crisis behind, companies are focusing back on growth. By Ronald kunneman

FeatureS58 | teCh For GovernanCeseCurIty-stupID Is as stupID Does With so much being spent on security, why are these companies failing? By J. oquendo

Please Recycle This Magazine And Remove Inserts Before

Recycling

Co

ve

r D

eSi

gn

by

a

nil

VK

co nte nt s theCtoForum.Com

25

3 07 june 2011 cto forumThe Chief


Managing Director: Dr Pramath Raj SinhaPrinter & Publisher: Kanak Ghosh

Publishing Director: Anuradha Das Mathur

EditorialEditor-in-chief: Rahul Neel Mani

Executive Editor: Yashvendra SinghSenior Editor: Harichandan Arakali Assistant Editor: Varun Aggarwal

dEsignSr. Creative Director: Jayan K Narayanan

Art Director: Binesh Sreedharan Associate Art Director: Anil VK

Sr. Visualiser: PC Anoop Sr. Designers: Prasanth TR, Anil T, Joffy Jose

Anoop Verma, NV Baiju, Vinod Shinde & Chander Dange Designers: Sristi Maurya, Suneesh K, Shigil N & Charu Dwivedi

Chief Photographer: Subhojit Paul Photographer: Jiten Gandhi

advisory PanElAnil Garg, CIO, Dabur

David Briskman, CIO, RanbaxyMani Mulki, CIO, Pidilite

Manish Gupta, Director, Enterprise Solutions AMEA, PepsiCo India Foods & Beverages, PepsiCo

Raghu Raman, CEO, National Intelligence Grid, Govt. of IndiaS R Mallela, Former CTO, AFL

Santrupt Misra, Director, Aditya Birla GroupSushil Prakash, Country Head, Emerging Technology-Business

Innovation Group, Tata TeleServicesVijay Sethi, VP-IS, Hero Honda Vishal Salvi, CSO, HDFC Bank

Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay

Vijay Mehra, CIO, Cairns Energy

salEs & MarkEtingNational Manager-Events and Special Projects:

Mahantesh Godi (09880436623)Product Manager: Rachit Kinger (9818860797)

GM South: Vinodh K (09740714817)Senior Manager Sales (South):

Ashish Kumar SinghGM North: Lalit Arun (09582262959)

GM West: Sachin Mhashilkar (09920348755) Kolkata: Jayanta Bhattacharya (09331829284)

Production & logisticsSr. GM. Operations: Shivshankar M Hiremath

Production Executive: Vilas MhatreLogistics: MP Singh, Mohd. Ansari,

Shashi Shekhar Singh

oFFicE addrEssPublished, Printed and Owned by Nine Dot Nine Interactive Pvt

Ltd. Published and printed on their behalf by Kanak Ghosh. Published at Bunglow No. 725, Sector - 1, Shirvane, Nerul

Navi Mumbai - 400706. Printed at Silver Point Press Pvt Ltd., A-403, TTC Ind. Area, Near Anthony Motors, Mahape,

Navi Mumbai-400701, District Thane.Editor: Anuradha Das Mathur

For any customer queries and assistance please contact [email protected]

This issue of CTO FORUM includes 12 pages of CSO Forum free with the magazine

www.thectoforum.com

43 | next horIzons: teCh FueleD transFormatIonA look at technology trends that are transforming business. By daniel BuRRus

regularS

01 | eDItorIal08 | enterprIse

rounD-up

advertisers’ index

IBM IFC SCHNEIDER 05,07SyMaNtEC 11GooGlE 13CHECK PoINt 17CISCo 21MICRoSoFt aDvERtoRIal 23JUNIPER aDvERtoRIal 52-53RIvERBED IBCEMC BC

this index is provided as an additional service.the publisher does not assume

any liabilities for errors or omissions.

54 | no holDs barreD: rahul aGarWal, exeC- DIreCtor, lenovo InDIa provides insights into programmes designed to gain market traction.

54

a queStion oF anSwerS

14 | Explaining Business Benefits of VC randy Maestre, global head and Senior Director, Industry Solutions at polycom talks about how he plans to change the mindset of corporates in the way they look at VC.

43

14

I BelIeve

4 21 JUNE 2011 cto forum The Chief


currentchallenge

Bringing the entire company’s it systems onto one erp platform and taking it live on schedule.

mantras that i follow here, as well as in my personal development that i urge my team to consider:

Work for a cause and not for applause; live life to express, not to impress; Strive not to make your presence noticed; and Just make your absence felt.

in an organisation, as with people, these tenets help us acquire the sin-gle most important attribute needed to achieve anything worthwhile, and that is credibility, for without cred-ibility, no stakeholder will trust us to deliver. for instance, recently, the president, operations at our com-pany was unconvinced that we could replicate everything he was looking for on the erP applications that we were deploying and that he should therefore jettison the home-grown program for that particular set of processes. it took us three months to win him over, but win him over we did, by continuing to keep his in-house programme running to his satisfaction, while we built the same processes on the erP platform.

in another instance, when a pro-duction system stopped working in another town, we got the engineer to drive through the night to bring it to us, so we could fix the machine and send it back. it was up and running the following day itself, well ahead of close of business.

Personal credibility is about show-ing people that we respect their time and value their trust: i’ve almost never been late to office. in the very few instances that i was late even by 10 minutes, i’ve worked for the day and still sent a leave application to my boss. finally, credibility also requires a certain amount of fear-lessness: most people try to impress their bosses. instead, speak your mind and your heart. initially this might create a rift but eventually a good boss will come to value your forthrightness and ideas.

I’m a fInance professional by choice of training and an iT professional by chance, with the zeal to excel further through learning from my more technologically learned colleagues. What i bring to the table is my ability to bring business insight to a technology project. There are some

Do What It Takes to Build Credibilityeverything else will fall into place once stakeholders find that the cIO and his team know what they are talking about.

The auThor BrIngs close to two decades of experience in finance, marketing, HR

and IT to his job as CIO of Himatsingka Seide, a niche, high-end textile company.

By raTnakar nemanI CIO-Himatsingka Seide Ltd, Bangalore.

ph

ot

o b

y S

ur

eS

h v

an

ga

pa

lly

30%

30%* off your industrial plant’s energy bill is just the beginningImagine what we could do for the rest of your enterprise

Buildings Intelligent integration of security, power, lighting, electrical distribution, fire safety, HVAC, IT, and telecommunications across the enterprise allows for reduced training, operating, maintenance, and energy costs.

Data centres From the rack to the row to the room to the building, energy use and availability of these interconnected environments are closely monitored and adjusted in real time.

Industrial plantsOpen standard protocols allow for system-wide management of automated processes with minimized downtime, increased throughput, and maximized energy efficiency.

Active Energy Management Architecture from Power Plant to Plug™

Managing the complex operating environment of industrial plants is no small task. With mounting energy costs and increased environmental regulations, maintaining throughput, minimizing downtime, and hitting your efficiency targets are more challenging than ever. Schneider Electric™ has the solution: EcoStruxure™ energy management architecture for maximized operating performance and productivity with new levels of energy efficiency. Today the industrial plant floor, tomorrow the entire enterprise.

Energy savings for the plant floor and beyondToday, only EcoStruxure architecture can deliver up to 30% energy savings to your industrial plant, and beyond... to the data centres and buildings of your entire enterprise. Saving up to 30% of an industrial plant’s energy is a great beginning, and thanks to EcoStruxure energy management architecture, the savings don’t have to end there.

Learn about saving energy from the experts! Download this white paper, a `8295 value, for FREE and register to win an iPad!

Visit www.SEreply.com Key Code 90701t Call 1800 180 1707 or 1800 103 0011

*EcoStruxure architecture reduces energy consumption by up to 30%.©2011 Schneider Electric. All Rights Reserved. Schneider Electric, EcoStruxure, and Active Energy Management Architecture from Power Plant to Plug are trademarks owned by Schneider Electric Industries SAS or its affiliated companies. All other trademarks are the property of their respective owners. Schneider Electric India Pvt Ltd, 9th Floor, DLF Building No. 10, Tower C, DLF Cyber City, Phase 2, Gurgaon – 122002 • 998-2759_IN

™

CTO Forum Magazine_0621_90701t.indd 1 2011-6-9 15:47:53

LETTERS

WRITE TO US: The CTOForum values your feedback. We want to know what you think about the magazine and how

to make it a better read for you. Our endeavour continues to be work in progress and your comments will go a long way in making it the preferred publication of the CIO Community.

Send your comments, compliments, complaints or questions about the magazine to [email protected]

WhaT aRE ThE aTTRIbUTES Of a gOOd CTO? WhaT aRE ThE pREREqUISITES fOR a CTO ROLE ?

I see the CTO's role as that of a technology leader bridging the gap between the commercial requirements of the enterprise and the technology support of those requirements. An effective CTO should be able to guide the efficient implementation of IT strategy of the business.RIChaRd WaRd, Head of Technical, WIN Plc

IT Needs a ‘Value ParadIgm’

“With IT acquiring an increasingly central and strategic role, the CIO finds himself tasked with integrating IT governance into enterprise governance.”To read the full story go to: http://www.thectoforum.com/content/it-needs-a-%E2%80%98value-paradigm%E2%80%99

CTOf Connect Kartik Shahani, Country Manager, RSA, The Security Div of EMC, India & SAARC talks about the state of GRC solutions in India and how organisa-tions need to look at them as a business enabler in a conver-sation with Varun Aggarwal. http://www.thectofo-rum.com/content/grc-not-a-tool-a-business-enabler

OpiniOn

Baiju Gujarathi Vice President, rePro india Ltd.

CTOforum LinkedIn groupJoin close to 700 CIOs on the CTO Forum LinkedIn group

for latest news and hot enterprise technology discussions.

Share your thoughts, participate in discussions and win

prizes for the most valuable contribution. You can join The

CTOForum group at:

www.linkedin.com/

groups?mostpopular=&gid=2580450

Some of the hot discussions on the group are:The Cloud is all air and no substance

Do you think cloud is going to die a quick death of SOA

or is it going to make big headway into the enterprise? Is

it old wine in a new bottle? What does it lack in making a

convincing case?

Its real and all about today and tomorrow.

However, you have to bring it back to a realistic service

that gives tangible benefits.

There are a great deal of 'cowboy' stories and not many

who really understand it.

—Ronald Kunneman, Director at Digitra

The new face of IT is experienced in our personal exposure.

33 07 JUNE 2011 CTO FORUMTHE CHIEF

TECHNOLOGYOFFICER FORUM

Building the

Next Gen CIOs

Building the

Next Gen CIOs

Bridging the talent gap and putting a

smooth succession plan are imperative for a corporate to sustain optimal performance. The onus of ensuring

this lies on the CIO.

Not having a plan for succession could well spell hara-kiri for a corporate. In the eventuality of a CIO leaving the company, not having a worthy successor could lead to a disruption in the corporate’s functioning. The onus of shaping this smooth leadership transition lies on the CIO. Putting in place a plan for succession

involves two critical components – hiring and grooming. 'Catch them young', as they say. Hiring the right talent, which can then be moulded for a specific role, is the first crucial step. The CIO would also have to identify and monitor the right talent (his potential successor) from the company's human resource pool and invest resources to groom him for the future role of a CIO. While the exercise may demand time and resources from a CIO, it is mutually beneficial. Enabling his team members to take up responsibilities and preparing them to get into his shoes will also provide him an opportunity to move to a higher level in the organisation.

INSIDE34 | Getting Hired

36 | Grooming the Next CIO

38 | Lateral Hiring

39 | Prepping Next-gen IT Leaders

40 | 3 Steps to Smooth SuccessionIL

LUS

TR

AT

ION

S B

Y A

NIL

T

By Yashvendra Singh & Varun Aggarwal

SU CCE S S I O N PL A N N I N G COVE R S TORYCOVE R S TORY X X X X X X X M E

32 07 JUNE 2011 CTO FORUM THE CHIEF

TECHNOLOGYOFFICER FORUM

Technology for Growth and Governance

CT

O

FO

RU

M

Volume 06 | Issue 20

June | 07 | 2011 | 50Volume 06 | Issue 20

TH

E C

LO

UD

HA

S C

RA

SH

ED

BU

T.. | IDE

NT

IFY

ING

INF

OR

MA

TIO

N T

HA

T R

EA

LLY

MA

TT

ER

S | S

EC

UR

ITY

AN

D D

UE

DIL

IGE

NC

E

A 9.9 Media Publication

Bridging the talent gap and puttinga smooth succession plan areimperative for a corporate to

sustain optimal performance.The onus of ensuring thislies on the CIO.

BUILDING THE

CIOS

NEXTGENNEXTHORIZONSSEE THETECHTSUNAMIBEFORETHE IMPACTPAGE 43

BUILDING ABETTERMOUSETRAPPAGE 23

BEST OFBREED

SRM CANHELP BUILD

NO HOLDSBARRED

REVENUE MODELSPAGE 48

6 21 june 2011 cto forum The Chief


©2011 Schneider Electric. All Rights Reserved. Schneider Electric, APC, and InfraStruxure are trademarks owned by Schneider Electric Industries SAS or its affiliated companies.email: [email protected] • 132 Fairgrounds Road, West Kingston, RI 02892 USA • 998-3811_IN

Introducing Next Generation InfraStruxureWhether your company just doubled its sales or staff, you need to make sure that its data centre can support such business growth—not hinder it. All too often, though, businesses feel constrained by the capabilities of their information technology (IT) and supporting infrastructure. Is there enough rack space to handle more servers? Can power capacity accommodate larger IT loads? Today, APC by Schneider Electric™ eliminates these hurdles with its proven high-performance, scalable, and complete data centre architecture solution: InfraStruxure™. InfraStruxure data centres mean business!We say that InfraStruxure data centres mean business. But what does that mean to you? The answer is simple. A data centre means business when it is always available, 24/7/365, and performs at the highest level at all times, is able to grow at the breakneck speed of business, continues to achieve greater and greater energy efficiency—from planning through operations, and is able to grow with the business itself. What’s more, InfraStruxure is an integrated solution that can be designed to your exact requirements at the start, while still being able to adapt to your company’s changing business needs in the future. The triple promise of InfraStruxure deploymentInfraStruxure fulfils our triple promise of superior quality, which ensures highest availability; speed, which ensures easy and quick alignment of IT to business needs; and cost savings based on energy efficiency. What better way to ‘mean business’ than to enable quality, speed, and cost savings—simultaneously?

IT is complex enough! Need an easy_to_operate data centre solution_ from concept to deployment!

Business & IT is growing! Need more power & cooling on the fly for 10 new servers today!

At last, your data centre can grow with your business!Only InfraStruxure delivers the triple promise of 24/7/365 availability, speed, and efficiency-driven cost savings

Must stay open 24/ 7! Need redundant data centre power & cooling that fits my budget!

InfraStruxure data centres mean business! Availability: 24/7/365 uptime is made possible through best-in-class critical power with ’snap-in’ modular power distribution units, close-coupled cooling, and proactive monitoring software. Speed: Deployment is fast and simple because all system components are designed to work together ‘out of the box’ and the system can grow at breakneck business speed. Efficiency: True energy efficiency and savings are achieved via advanced designs, including three-stage inverters in UPS units and variable speed fans in cooling units.

Manageability: InfraStruxure Management Software Portfolio enables you to see and manage capacity and redundancy levels of cooling, power, and rack space for optimal data centre health.

Agility: Flexibility comes from enclosures with any-IT vendor compatibility and whole system scalability for both power and cooling.

Years

Business growth

Data centre scaling

Plan your data centre growth simply and effectively! Download White Paper #143, ‘Data Centre Projects: Growth Model’, today for guidance.Visit www.apc.com/promo Key Code 90573t Call 1800-4254-877/272

Data Centre Projects: Growth Model

Contents 1

2

7

7

9

10

> Executive summary

CTO Forum Magazine_0621_90573t.indd 1 11-6-8 下午3:10



Enterprise

Round-up

FEATURE InsIdE

Multi-factor Authentication

a Must Pg 10

Mobile subscribers opt for MNP in India—Source: TRAI

RIL Plans Entry into Broadband Space starts conceptualising products and services for mobile broadband services.FoR nEaRly a year india’s largest corporate entity reliance industries limited has been sitting on a pan-india spectrum for Broadband Wireless Access. now the company has stated that they have started conceptualising the products and ser-vices in mobile broadband that will be offered to users. on the occasion of the 37th Agm, mukesh Ambani, the Chairman and mD of the company, said, “The services would be in the domain of edu-cation, healthcare, entertainment, financial services and government-citizen interfaces. Broadband and broadband-enabled digital services are the next big

leap forward in the digital transformation of our knowledge economy.”

“our digital services business seeks to embrace our society’s diverse needs and aspirations by building flexibility, intelligence and extensibility into the core of our infrastructure.” said Ambani.

ril aims to usher in the 4g revolution in the country. The company has forged several strategic relations with a host of leading global technology players, service providers, infrastructure provid-ers, application developers, device manufacturers and others.

dATA BRIEFIng

85.4lakh

Illu

st

ra

tIo

n B

Y B

Ine

sh

sr

ee

dh

ar

an

E nt E r pr i s E ro u n d - u p



Spanish police have arrested three men, suspected of being members of the notorious Anonymous online protest group. According to spanish Police, the men operated a cell of Anonymous, directing internet attacks against websites belonging to the governments of Egypt, Chile, Iran, and Libya.

QUICk ByTE on sECURITy

It's Playbook Vs iPad now! Black-berry's latest launch of Playbook tablet in India is aimed directly at the iPad.BlackBERRy PlayBook is set to hit shelves in india later this month. Prior to its official arrival, you can now book the gadget at Tradus.in. The website provides an option of booking three versions of BlackBerry PlayBook with 16gB, 32gB and 64gB of storage capacity.

The website has listed the BlackBerry PlayBook 16gB at a price tag of rs27,990 inclusive of all taxes and promises delivery within 5-7 working days. The 32gB and 64gB PlayBooks are available at price of rs 32,990 and rs 37,990 respec-tively. explaining more about the PlayBook offer, rahul Sethi- President of the e-commerce division at Tradus.in explains, “lately, gadgets have been ruling the consumer space and we are glad to bridge the gap between our customers & their gizmo needs, by offering this sensation from Blackberry. With over 10 tablets already pre-booked on Tradus.in, we are very confident that the demand of this tab-let will only continue to rise”.

The pricing of PlayBook puts the gadget in direct competition with Apple's iPad 2 that starts at a price point of rs 29,500. Talking about the features, PlayBook has a 3mP 1080p hD front facing camera and 5 mP 1080p hD rear-facing camera.

Ericsson reached an agreement with Providence Equity Partners, LLC and Warburg Pincus to acquire 100 percent of the shares of Telcordia, a global leader in the development of mobile, broadband and enterprise communications software and services, for USD 1.15 billion. Speaking on the occasion, Hans Vestberg, President and CEO, Ericsson said:

“The importance of operations and business support systems will continue to grow as more and more devices are connected, services become mobile and new business models for mobile broadband are introduced.”

They SaId IT

haNS VeSTBeRG

—Hans Vestberg,

President and CEO,

Ericsson

Illu

st

ra

tIo

n B

Y B

Ine

sh

sr

ee

dh

ar

an

Illu

st

ra

tIo

n B

Y p

ho

to

s.c

om




“Multi-factor Authentication a Must” An interview with karen kiffney, senior Manager, Product Marketing, RsA.With thE increasing data and identity thefts emerging in the past few months, how can RSA AMX enable organisations to build better security?rSA Authentication manager express pro-vides proven, multi-factor authentication optimized for small to mid-size organiza-tions. The use of multi-factor authentication is a critical component of an overall security strategy to protect against today’s increas-ingly sophisticated threat landscape.

In your experience, where do you think organisations go wrong when it comes to identity management? What steps do you suggest for improvement?organisations should consider three factors when considering an identity management solution: cost, convenience and security. it is critical that organisations select a solu-tion that meets the unique requirements of the sensitivity of information to protect, the profile of users and financial consider-

ations. understanding the requirements and selecting a solution with the right bal-ance of cost, convenience and security is an important first step in building a successful identity management solution. What are your views on the scope for multi-factor authentication? How practical are these for SMBs (Small and Medium Businesses)?in today’s evolving and increasingly sophisticated threat landscape, multi-factor authentication is an important security layer for organisations of any size. With the introduction of rSA Authentication manager express, it is now easier and less costly for smaller organizations to procure and manage a multi-factor authentication solution. The iT management and end-user convenience benefits of this seamless multi-factor authentication solution com-bined with an affordable price point, make it an optimal solution for small and mid-size organisations. What are your views on the use of a secu-rity appliance vs. a security software?many organisations choose to implement security solutions in an appliance form-factor because of the ease of procurement, set-up and deployment. Specifically, pur-chasing a security solution on an appli-ance, removes the requirement to purchase separate software and manage an operat-ing System. The deployment of a security solution on an appliance is also simplified with straightforward set-up processes that makes it easier for smaller organizations with limited iT resources to deploy a solu-tion. in addition, security solutions on appliance hardware are usually designed to scale to support larger organizations, pro-viding the same ease of deployment and management benefits. How can multi-factor authentication play a role in building trust in the cloud?multi-factor authentication plays a key role in authenticating to cloud-based solutions. using federation, organisations can federate trusted identities to cloud-based applica-tions. Also, multi-factor authentication on a hosted platform plays a key role in cloud trust solutions.

gLoBAL TRACkER Semiconductor Equipment spending

so

ur

ce

: G

ar

tn

er

Worldwide semiconductor capital equipment spending is on track to reach $44.8 billion in 2011, a 10.2 percent increase from 2010 spending of $40.6 billion.

$44.8 billion

Symantec Endpoint Protection 12

Next-generation reputation-based technology

The fastest, most effectiveendpoint protection anywhere

Built for virtual environments

It takes just seconds for today’s polymorphic malware to mutate into millions of threats, but now it has met its match. Introducing Symantec Endpoint Protection 12—simply the fastest, most effective reputation-based protection ever created.* Improve the security of your information, devices, and employees.

* Sources: PassMark Software, “Enterprise Endpoint Protection Performance Benchmarks,” February 2011. AV-Test GmbH, “Remediation Testing Report” and “Real World Testing Report,” February 2011. Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

Copyright © 2011 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. VeriSign is a registered trademark of VeriSign, Inc.




Global Mobile advertising Revenue to Reach $3.3 Bn in 2011 aPaC to remain leading market.

M-PayMeNTS

paymate has come up with an

innovative app for Interbank

mobile payment service (Imps).

this app will be powering the

mobile-based fund transfers of

three nationalised banks - syn-

dicate bank, lakshmi Vilas and

south Indian bank in India. If the

user has not been able to down-

load the app for any reason, he can

still transfer funds using the sms

method. the sms based solu-

tion would enable even users with

basic handsets to transfer funds.

according to a research done by

Informate mobile Intelligence,

paymate is the fifth most popular

mobile payment app in India.

It was in november 2010

that the Imps facility was first

launched under the national pay-

ment corporation of India (npcI).

the idea was to provide electronic

fund transfer service, which cus-

tomers could conveniently access

by using their mobile phones.

according to the guidelines of

reserve Bank of India, the maxi-

mum amount that can be paid

through mobile phones is rs

50,000. But that limit should suf-

fice as must users are expected

to use mobile system for small

remittances or online purchases

only. less than 20 percent of

urban subscribers are smart-

phone users, hence the need

has been felt for a system that

can enable fund transfer through

basic phones also.

WoRldWidE mobile advertising

revenue is forecast to reach $3.3

billion in 2011, more than double

the $1.6 billion generated in 2010,

according to Gartner, Inc. World-

wide revenue will reach $20.6 billion

by 2015, but not all types of mobile

advertising will generate the same

opportunity. search and maps will

iBM has announced new high-performance-computing cloud offerings to help users tackle advanced scientific and technical computing workloads like analytics, simulations for product development, climate research and life sciences.

from its experience in the hPC arena, iBm said many organisations operate with separate pools of high-performance-computing systems. however, iBm’s new hPC cloud offerings will enable users to link computing resources across their organi-sations into a single, high-performance private

IBM announces New hPC Cloud Offerings new technology for high-performance-computing clouds.

FACT TICkER

deliver the highest revenue, while

video/audio ads will see the fastest

growth through 2015.

"mobile advertising is now

recognised as an opportunity for

brands, advertisers and publishers

to engage consumers in a targeted

and contextual manner, improving

returns," said stephanie Baghdas-

sarian, research director at Gartner.

"For that reason, mobile advertising

budgets are set to increase tremen-

dously across the various categories

and regions, growing from 0.5 per-

cent of the total advertising budget

in 2010 to over 4 percent in 2015."

"as the adoption of smart-

phones and media tablets extends

to more consumers, the audience

for mobile advertising will increase

and become easier to segment and

target, driving the growth of mobile

advertising spend for brands and

advertisers," said andrew Frank,

research vice president at Gartner.

cloud while providing system administrators the flexibility to set priorities based on business or technical needs, the company said.

And for cloud computing to be cost-efficient for scientific use, clouds must be optimised for scien-tific applications, according to a paper written by the lawrence Berkeley lab as part of its magellan Project. According to Big Blue, iBm is currently the only major vendor to offer a private cloud solu-tion tuned for hPC users.

By knitting disparate systems together into one centralised resource, clients can gain easier access to more computing that can be used to support their most important business priorities, iBm said. for example, instead of segmenting computing resources by department, life sciences organisations can now pool systems from across the organisation and devote them as needed to their most pressing, intensive projects like drug discovery or analysis of massive amounts of genomic data without the need to seek outside resources, the company said.

The new hPC cloud offerings from iBm com-plement the iBm SmartCloud—an enterprise-class secure cloud platform specifically created to meet the demands of businesses—by extending iBm's experience and success with cloud-comput-ing projects to technical users.

iBm officials said high-performance computing has the potential to spur innovative solutions to the challenges facing the global auto industry and the American manufacturing sector, according to a case study from the Council on Competitive-ness. The Council found that hPC and computer-aided engineering is helping ford motor Com-pany lead innovation in the industry, optimising product development, creating high quality prod-ucts and improving time-to-market.Il

lus

tr

at

Ion

BY

ph

ot

os

.co

m

A Q u e s t i o n o f An swe rs PE RSO N ' S N A M E



Looking Beyond Traditional Applications: Polycom is developing new applications for corpoartes to realise its potential.



R A N dy M A E S t RE A Q u e s t i o n o f An swe rs

RAndy MAesTRe | Global Director, Polycom

expLAining

Polycom intends to change the mindset of corporates in the way they look at videoconferencing. In a freewheeling conversation with Rahul Neel Mani, Randy Maestre, Global Head and Senior Director, Industry Solutions at Polycom talks about how he plans to achieve it.

How is the global video conferencing (VC) market

shaping up?The market is growing tremen-dously. According to a Wainhouse research, the size of the market will be $5 billion in the next couple of years, and this would be around video conferencing (VC) specifically. meanwhile, forester says it could well be a $14.5 billion industry in the next few years. Some industry estimates even suggest VC could be a 35 billion industry. A lot of this

growth, however, is on the back of traditional applications.

What value proposition does video conferencing

bring to businesses?Different industries face different issues. for instance, the energy sector wants to reduce downtime. every 1 percent savings in downtime saves 10 million dollars. So, for every minute that i can save, there is an impact on the bottom line. in retail, hospitality and even finance, it is

all about customer satisfaction. in healthcare it is about saving lives. in the government, it is about improv-ing judicial applications, emergency response or citizen-centric services. The important challenge in the manufacturing sector is to reducing the time to market. Through the use of VC, corporates can address all these issues. According to various studies, Polycom is reducing time to market for companies by as much as 24 percent. So, we are not just talk-ing about reducing travel costs. We

Business Benefits of VC



A Q u e s t i o n o f An swe rs R A N dy M A E S t RE

need to help people understand how technology can be used in day-to-day operations. yes they are saving 30 percent on travel. But they are also saving 27 percent on downtime costs; 24 percent on training and sales related costs, and 20 percent on reducing recruitment time.

But corporates don’t still view video conferencing as a

replacement to travel.yes, it is true. During the recent volcano eruption in europe, the use of VC increased 180 percent in some cases. however, as the volcanoic activity subsided, people again got back on the plane and VC usage dropped. People are therefore using this as a second option, not the first option. We want to change this and help people understand the true business reasons of using this tech-nology. for this change to happen, however, we would have to look at alternatives. for instance, we need to make people aware of applica-tions such as mobile video, telemed-icine, and customer service related applications (such as kiosk type of applications). We need to look beyond traditional applications and opportunities. So, just looking at reducing travel time through VC is akin to not looking at the bigger pic-ture. We realise VC could be a part of a much larger solution. We are working with vendors such as hP and iBm to promote these applica-tions. There are other routes to mar-ket by working with telemedicine and distance learning associations. These are all vehicles we can use for promoting these applications.

Developing applications is one thing but you need to

have the bandwidth to support them. The cost of bandwidth is still too high in India.The cost of bandwidth has not come down. We realise that and india is looking at a national broadband ini-tiative. But there are solutions that we have developed that can over-

company takes to bring automobile to the market. We then determine where we have the opportunity to shrink time. There was a lot of poten-tial for collaboration on the design front. Another example coule be of a designer bag manufacturing com-pany. The designers can show their CAD drawings. They walk through and do real time modifications to the design instead of wasting cycles. Another important aspect is the reduction of downtime in manufac-turing. in a typical manufacturing environment, there are supervisors seated above overlooking the manu-facturing floor. Through the use of mobile VC solutions, they now have eyes and ears on the manufacturing floor to assist with remote repairs, remote inspections and other pro-cesses such as training new employ-ees and manufacturing groups.

Which verticals could see rapid deployment of VC?

The two industries where VC applica-tions are becoming more apparent by the day are healthcare and telemedi-cine. There is also a huge potential in the education, energy and govern-ment verticals.

come these issues. Through these solutions, high definition can be provided even with low bandwidth. A lot of networks are also on public networks. We have technologies such as last packet recovery that optimises video conferencing in these non opti-mised public type of networks.

How does Polycom expand beyond horizontal

applications and look at applications in enterprise?There is a need to look beyond com-ponents. So in healthcare, we need to look as to how do we integrate into the pax imaging system? in hospital-ity, we have to look at integrating into a Crm solution. how do we enhance a traditional manufacturing application with remote inspection and repair? This is where video can be viewed horizontally and also has a vertical element.

So, how do you cut down the time to market for a

manufacturing customer?let me give you an example of an automobile manufacturer. The first step towards this exercise is to look at each of the processes an automobile

“We have developed

solutions that can provide

high definition even with low

bandwidth.”

presently, the

growth in the

VC market is

happening on the

back of traditional

applications.

There is a need

to make people

aware of newer

applications of

VC.

Verticals such

as education,

healthcare,

energy and

government offer

huge potential for

VC adoption.

thIngs I BelIeve In

18 21 June 2011 cto forum The Chief


Best of

BreedHow To Achieve a Culture of Innovation in IT Pg 20

To Disclose or not to Disclose... Pg 24

FeATures InsIDe

it ranks as one of the most common and impactful outsourcing mistakes of the past decade -- too many service level agree-ments (SlAs), designed around the wrong business outcomes, and exceedingly

focused on financial remuneration rather than operational remedies.

Whether due to a rush to get an rfP out the door and quickly ink a major deal or underes-timating the effort required to design relevant service levels, companies often fail to appropriately link their SlAs to meaningful business results. instead, they often blanket the outsourcing con-

tract with too many SlAs, based on what “feels important.”

They also rationalise that setting service level targets beyond what is actually needed -- and often at unreasonable levels (e.g., 100 percent) -- will accelerate the realisation of best-in-class

performance, despite any inefficiencies and con-straints with existing processes and technology.

in fact, this inevitably results in higher fees to ensure performance compliance and to cover the provider’s risk as well as a reasonable probability that, even when SlAs are met, the desired business outcomes are not accomplished. This is because the service levels are diluted with carve-outs based on the actual scope within the provider’s control.

While conventional wisdom suggests more is better -- e.g., 15 SlAs are better than 10, 20 per-

debunking the top 5 sLA MythsMore sLAs are not better, better sLAs are. By Steve Martin DaviD BorowSki

Illu

st

ra

tIo

n b

y s

hIg

Il n

“Avoid multiple SLAs that measure different aspects of the same symptom.”

19 21 June 2011 cto forumThe Chief


s e rv i ce l e ve l ag re e m e n t s B E S t o f Br E E D

cent provider fees at risk is better than 15 percent, 99.99 percent processing accuracy is better than 99 percent, etc. -- the problem with the “more is better” approach is that “more” results in higher costs, dilution of provider focus, and a misalignment between the provider’s incentives and the company’s desired business outcomes.

What follows are five myths about SlAs and why companies pursuing business pro-cess or iT outsourcing arrangements need to realise that more isn’t necessarily better. Better is better.

Myth No. 1: The more SLAs the better overall protection and performance realised - This is true in theory, but not in practice. ideally, SlAs should be collectively exhaustive but mutually exclusive. Companies should ensure that key business imperatives are addressed by the SlAs so that the provider cannot fail to meet the cus-tomer’s expectations without failing to meet at least one of the SlAs.

Companies should also avoid mul-tiple SlAs that measure different aspects of the same symptom, e.g., mean time to respond to service failures and mean time to resolve service failures. This helps reduce the number of SlAs, avoids a provider padding its price to protect against “double jeopardy” situations, and prevents misleading performance reporting.

Additionally, if providers are responsible for adhering to too many SlAs, the perfor-mance credits associated with a particular service failure may become inconsequen-tial and therefore provide no performance incentive to the provider (i.e., experiencing a service failure may actually be more cost effective than providing an effective and appropriately resourced solution).

While the “right” number of SlAs gener-ally depends on the scope of services being performed, as a guideline, companies should generally target 6 to 10 credit bearing SlAs for each major outsourced domain.

Myth No. 2: Increasing the provider’s fees at risk creates more incentive for them to perform - it would seem to reason that having a provider put 20 to 25 percent of their fees at risk for failure to meet SlAs would result in a sharper focus on meeting

service levels than putting only 10 percent to 15 percent at risk. This is not the case. Service level credits do not provide equitable compensation for service failures and that shouldn't’t be their intent.

Performance credit amounts should be calibrated to cause some impact to provider margins, but targeting excessive credits will almost certainly result in the provider rais-ing its prices to account for the increased resources required to “guarantee” perfor-mance targets are met and the increased financial risk of failure.

Customary financial consequences for failure to meet SlAs depend on the service, but most outsourcing transactions have 10

percent to 15 percent of total fees at risk, with “cap averaging” over all SlAs and for longer periods (i.e., yearly vs. monthly).

Myth No. 3: More stringent SLAs translate into higher provider performance and, thus, better results - Better availability, faster turn-around times, and 100 percent accuracy will only guarantee one result: higher costs.

Service levels should target the level of service that the company really needs and no more. While compelling providers to commit to service quality metrics in excess of what is actually required by the business might cre-ate the perception of better performance and higher value, it inevitably leads to higher costs, particularly for labor intensive processes and their associated metrics (e.g., requirement to complete all, as opposed to only the most criti-cal/material gl account reconciliations within three days of the end of the month).

many companies look to outsourcing as an opportunity to accelerate the achieve-ment of best-in-class performance, but fail to recognise that the transition from current performance levels to benchmark levels often requires some level of process optimi-sation. The existing organisation and pro-

cesses may not be mature enough to achieve such levels right out of the gate.

Companies should determine whether setting targets in excess of required perfor-mance creates any business benefit. if not, don’t require the provider to deliver, and moreover, price, to a gold-plated standard. if there is a meaningful benefit to more stringent performance targets, the contract may need to be constructed with provisions that allow the provider to achieve such per-formance over time, with locked in, planned performance target increases.

Myth No. 4: Hitting the provider with heavy financial penalties is the only real way

to get their attention - financial credits do provide an incentive for providers to meet performance targets, lest they suffer mar-gin erosion or even the possibility of being financially upside-down on a deal. That said, as described above, providers have become quite sophisticated in their ability to manage the fees at risk vs. price dynamic, and while certainly not eager to provide credits, accept that some level of financial loss for failure to meet SlAs is acceptable or even likely.

There are several other methods, however, that are equally, if not more effective, in creat-ing incentive for the providers to perform. one is requiring the provider’s executives to meet in person with the company’s execu-tives when performance failure thresholds are hit -- and contractually commit to meet-ing each month until the service levels are consistently met.

Another approach is to require the provider to engage and pay for a third party to assess the causes of the failures and to develop a plan that the provider must follow to remedi-ate the problems. other non-credit bearing remedies/incentives include linking contract renewal and extension options to provider per-formance, requiring replacement of provider

Companies should determine whether setting targets in excess of required performance creates any business benefit.



B E S t o f Br E E D s e rv i ce l e ve l ag re e m e n t s

key personnel (at the provider’s cost), and stipulating that the provider perform root cause analysis and produce perfor-mance improvement plans to address deficient performance.

Myth No. 5: It is critical to hold providers accountable for the entire end to end process - ideally, it would seem desirable to hold outsource providers accountable for meeting metrics for a perfor-mance goal related to an end to end business process cycle, e.g., days sales outstanding (DSo) within the order-to-cash cycle. howev-er, more often than not, the provider does not have control over the entire business process.

in the case of DSo, the outsource provider may only have responsibility for portions of order-to-cash (e.g., cash applications, credit reviews), and not for example, order genera-tion or invoicing. excessively broad SlAs also

lead to the provider building in broader carve-outs; often times neutralising the applicability of the performance level altogether.

A good rule of thumb is to hold a provider accountable for the timeliness and accuracy of the dimensions of the process that are within its control. for example, in an accounts payable process, an outsource provider can be held accountable for

the accurate data transcription from an invoice to the erP system or the percentage of invoices entered and either successfully matched or properly routed to the client for resolution within a specified period of time.

While it’s perfectly reasonable to set aggressive performance goals and credit structures for your outsourcing provider, companies should resist the temptation to impose unnecessarily rigid SlAs that drive costs up and result in other unintended con-

How to Achieve a Culture of Innovation in ItFor IT to be a part of the business, it’s important the entire IT team knows the business inside out. By Marilyn weinStein

every Cio knows his or her organisation’s business, inside and out. But what about the rest of your iT team? in order to make a strong case that iT is “part of the business,” it’s important that the entire iT organisation knows the business inside and out. if you’re nodding

your head in agreement, but aren’t sure how to establish this model, follow these four guidelines and you'll be well on your way.

1 teach your team your business. While the importance of ensuring that your team understands your business may seem obvi-ous, it’s not commonly practiced across iT organisations. instead, this knowledge is generally shared among the business team (prod-uct, sales, accounting and finance roles) and relayed to the Cio

sequences without adding commensurate business value.

Companies should invest the time and resources necessary to ensure that the SlA framework and individual SlA metrics are designed to hold the provider accountable and motivate them to perform, rather than inspire them to figure out how to offset the credits through other creative means.

—Steve Martin is a partner and David Borowski is

a senior associate at Pace Harmon, a third-party

outsourcing advisory services firm providing

guidance on complex outsourcing and strategic

sourcing transactions, process optimisation, and

supplier program management.

—This article has been reprinted with permission

from CIO Update. @ http://www.cioupdate.com.

To see more articles regarding IT management

best practices, please visit www.cioupdate.com.

95%e-commerce

sites will

have a tablet

or e-reader

presence by 2014.

alone. however, it is equally important that the network support team has insight into the company’s supply chain, understands the pricing factors, knows the customers, and is aware of other key fac-tors driving the business.

2 Connect with the business. make sure your iT organisation not only understands the business, but feels connected to it. There’s no denying that the level of passion and innovation that team mem-bers bring to their jobs will increase if they feel connected to the overarching business strategy and objectives. Consider how orders travel across the company. Does the iT team understand how this happens? if not, they should. Business processes should be under-stood by your entire iT team. even better, encourage them to read



B E S t o f Br E E D i n n ovat i o n

and understand your company’s 10k to truly understand how iT is a business driver. Try holding simple training sessions on business elements and operations, and then quiz your team afterward. make it part of each team member’s mBo that he can competently explain the business drivers and speak to the company’s financials.

3 develop trusted relationships within your organisation. Assuming that the concept of ingraining iT into the business repre-sents a cultural shift for your company, keep in mind that charging headfirst without establishing relationships with the business team can do more harm than good. it requires hard work and persistence to gain the trust of business leaders. make this a priority as you work to ensure that iT is seen as an integral part of the business. Similarly, your Ceo and all of his or her underlings must whole-heartedly believe in the value of employee innovation and they must commit to hearing iT’s ideas. When such conversations do happen, avoid "iT speak" and focus, instead, on discussing goals and barri-ers in general business terms. Be prepared to listen in on business strategy discussions and offer insights and suggestions in business vernacular that address critical corporate needs.

4 Consider the risks. What are the career risks associated with stepping forward and putting yourself “out there” to the larger busi-ness team? The biggest risks of this approach are largely internal to the iT team – not to the company at large. To avoid any detrimental effects from seeking iT innovation, it’s imperative that you have a strong iT leadership team in place below you while you dedicate

time to gaining support from the business side. if your own iT leadership team isn’t fully up to the task, you run the risk of being labeled an absentee Cio who is out of touch with the day-to-day iT operations. Consider this is a worst-case scenario. As long as you stay in touch with your iT team, instilling confidence in your leaders and staying abreast of iT initiatives, you will continue to reap rewards and build more credibility with the rest of the C-Suite.

once you’ve put yourself out there with the rest of the business, and sold and executed on your ideas for innovation, it’s time to really drill down and instill a lasting culture of innovation within your iT organisation.

Business innovation will organically gen-erate as the whole team becomes engaged in the business. When your iT employees understand supply chain issues, for exam-ple, they’ll automatically begin thinking of other supply chain avenues. And, when they learn about a competitor’s new prod-uct, they will instinctively begin thinking of new product innovations for your company. however, the equation does not stop there.

While innovation may start with educa-tion, nothing will happen unless a contin-

ued focus and desire to maintain a culture of innovation exists. here are three tips to help drive a lasting culture of innovation.

1.Put your commitment where your mouth is. Don’t fall back on your commitment to innovation. formalise ideation in a meaning-ful way that works for you and your team, and consider having quarterly full-day white boarding sessions, creating contests, and forming committees to keep the energy going. 2.Exercise bragging rights. long after any potential monetary awards and recognition ceremonies are over, the innovation itself will carry on as business is improved. Brag on behalf of team-mates who initiated the change. highlight successes to hr, and have them published in your iT or company-wide bulletins. 3.Track your team’s success. Did your SAn team come up with a unique way to store data, which went on to be a leading product for the business? Track numbers, and talk about them often with your business executives. Keep in mind that one of the best ways to kill innovation is to fail

to implement the great ideas your team has generated. once there is executive-level support, start designing programs that foster inno-vation – and put those ideas into play. And then continue to do so. innovation breeds success, and vice versa. —Marilyn Weinstein is CEO and founder of Vivo, a Silicon Valley-based IT

staffing and consulting firm that specialises in successfully aligning the busi-

ness and technical needs of IT with the expectations and cost requirements

of the CFO.

—This opinion was first published in CIO Insight. For more such stories

please visit www.cioinsight.com.

Keep in mind that one of the best ways to kill innovation is to fail to implement the great ideas your team has generated.

Illu

st

ra

tIo

n b

y M

an

jIt

h p

b

The productivity IT space today is filled with claims for ‘faster’, ‘top-priority’, ‘instant’ etc. But how real are the requirements for business today? Productivity is essentially about people, how fast they can access information and connect with each other. Consider how our workplace is changing – collaborating with international partners, coordinating across branches, managing remote workers, etc. Consumers have cellphones, social communities, chat etc, providing instant access to information. Yet, at the workplace, employees wait for meetings, getting approvals and even finding the right people. Increasingly, companies want to bridge this gap and bring capabilities that employees use in their homes and on the move, into the office. This sounds ambitious. How can Microsoft Office 365, your new service, bring these benefits? With Office 365, Microsoft’s leading communications and collaboration solutions are integrated with the familiar Microsoft Office applications (Word, Excel, PowerPoint, Outlook, OneNote) are now available as a service. Now, businesses of all sizes can provide their employees with enterprise-class email, chat, web-conferencing, document management and collaboration to improve business productivity. With Exchange Online, users access their email, calendars and contacts from any device. Lync Online allows real-time communication with IM, video calls,

online meetings. Early adopters are already seeing significant benefits like reduced travel expenses and operational costs. GlaxoSmithKline expects a 30% reduction in operational costs.

Is Office 365 a new version of Office 2010, which released last year? No – Office 365 is a set of cloud-based productivity services. It offers customers Microsoft Office 2010, the world’s leading productivity software, as a subscription-based service rather than software that is purchased. Eliminating software and maintenance. Users just login, communicate and share from PC, browser and phones.

What is the learning curve for end-users in working using the cloud? Can you give us some examples? Office 365 is easy for users to adapt to because accessing these services is similar to the way their on-premise versions work. A familiar experience will enable them to quickly migrate and benefit from these services. For instance, Office Web Apps helps users view, edit and modify Word documents and PowerPoint slide, using the same Ribbon interface and look-and-feel of the applications installed on your desktop. Ingersoll Rand, was initially cautious about how many people would embrace a new tool, until they found that 80% of their users wanted to be on a ‘Microsoft-type platform’ and were already using one at home.

Most enterprises already have applications for email and communication. What does this mean for these existing investments? Microsoft’s approach to the cloud is unique. By allowing businesses to move

to the cloud on their terms and use their existing on-premise Microsoft solutions, seamless interoperatability with the equivalent cloud services is possible. If a business has a Microsoft Exchange implementation on-premise, they can continue to use it, while adding capacity for new users in the cloud, using Office 365. The same is true for end-user applications or devices – whether it’s Microsoft Office on desktops or smartphones. Take Godrej Industries where senior managers use Windows Mobile smartphones; other users can access email on their phones like Nokia, Blackberry etc. and sales personnel check for updates with Outlook Web Access from cyber cafes. The result: Their organizational efficiency improved by 30 percent.

Lastly, is it cost-effective to deploy this enterprise-grade service for all employees? Absolutely. Today, everybody from a factory worker to a CEO stands to gain with access to the right information. To ensure cost efficiencies, we have a range of Office 365 plans to address different usage scenarios. For instance, we noticed that in some businesses not every employee can have a dedicated PC, and may therefore not have access to email or the intranet – it’s not cost-effective. Workers on a plant or working on an assembly line are a good example. With the Office 365 “Kiosk” plan, you can now enable a basic email service for as low as INR 100 per user. The pay-for-use subscription model gives businesses the ability to bring business productivity services to more employees, and also gives them elastic capacity to scale up or down as the business requirements evolve.

How Real is Real-Time?

As phrases like ‘personal efficiency’ and ‘consumerization of IT’ enter the enterprise, CTOs are increasingly looking at ways for IT to keep pace with business. In

an exclusive interview with CTO Forum, we asked Mr. Sanjay Manchanda, Director – Microsoft Business Division hard-hitting questions to get clarity on real-time business productivity.

www.cloudpower.in

THE MOST COMPREHENSIVE SOLUTIONS FOR THE CLOUD. ON EARTH.

CloudPower



B E S t o f Br E E D s e cu r i t y

to disclose or not to disclose...To Disclose or nOT to Disclose… That is the question. By anDrew Baker

every time a software vendor experiences a vulnerability or releases patches for a serious security issue, the debate about full Disclosure or responsible

Disclosure gains a little more steam.Just how much information should a

vendor disclose about the nature of the vul-nerability that it has identified, and how that vulnerability can be exploited?

many vendors take the position that to disclose details about the information puts their customers at risk, as the bad guys can make better use of the details to exploit the vulnerability.

on the other hand, many security profes-sionals point out that the bad guys are going to reverse engineer the patch anyway and are still in a better place to figure out how to use it in the absence of any other information.

meanwhile, the vendor’s customers typically lack the time and the skill to analyse the provided patch to the same degree, and without any useful disclosure statements, they are left with no way to properly evaluate the threat that the vul-nerability poses to their infrastructure, and thus no real options to mitigate the risks to their business.

Back in march of this year, rSA suffered a breach in which they lost significant data related to the implementation of their SecuriD two-factor authentication tokens. Their disclosure statements from that time until now have been notable for how weak, flimsy and generally useless they have been in discussing what actually happened and what exposure this created for users of their SecuriD solution.

The recent attacks on lockheed martin and northrop grumman – both directly

facilitated by information obtained via the rSA breach – makes it widely apparent that rSA did not do its customers jus-tice with its original disclosures.

even if we are willing to assume that rSA had additional conversa-tions with sensitive customers like those in the defense industry, it is hard to argue that the infor-mation provided was all that use-ful, given that, at the time of this writing, attacks were successfully made against at least three (3) contractors in that space.

To me, this begs the following question: Does RSA fully understand what they have lost, and how it could be used?yes, the issue of disclosure is a sensitive one, and it is important not to feed more bad guys with more information that will allow them to have greater success against the rest of us, but it is abundantly clear that two months of saying essentially nothing is at least just as bad as saying too much, if not worse.

it is still very amazing to me that so many organisations have poor or useless security practices – even those organisations whose business models are very dependent upon good security.

Appropriate disclosure should include not only what is said, but when it is said, by what means it is communicated, and who it is communicated to.

There should be an increasing level of information disclosed as enough time has been given for organisations to implement

the initial patches or workarounds, so that the full risk of the threat can be evaluated on a per organisation basis.

Disclosure is very much a necessary part of a good security program, and it is clear-ly lacking by even the most recognised security firms.

What you don’t know can hurt you very much, if someone else already knows it…

—This article is printed with prior permission from

www.infosecisland.com. For more features and

opinions on information security and risk manage-

ment, please refer to Infosec Island.

Illu

st

ra

tIo

n b

y p

ho

to

s.c

oM



There are IT deploymenTs and then there are those iT deployments that are innovative, weed out inefficiencies within the organisation making it

more agile, and add to an enterprise’s bottom line. The CTo forum magazine has been, over the years, featuring case studies of such iT deployments. for this issue, however, we decided

to select the best from the rest. After sifting through case studies that appeared during the last one year in the magazine, we short-listed five of them to be featured in this issue. Among those featured include a bank that has leveraged iT to come up with speedier and

more accurate domestic payments; a coal mining company that has cut down inefficiencies plaguing it, thereby enhancing its decision -making process and turning agile; and a telco that has implemented the first of its kind single iVr architecture to boost revenues and optimise

its core network resources. happy reading.

I T D e ploym e n T coVE r S torY

Five enterprises have leveraged the power of innovative IT to boost revenues,enhance agility, and drive out inefficiency.

Common ivr Boosts revenuePage 36

Digging out inefficiencies

Page 34

intelligence on the GoPage 32

Pay-By-Wire Turbo Charged

Page 28

Making it EasyPage 26

coVE r S torY I T D e ploym e n T



reliance life Insurance Company limited (rlICl), a unit of Anil Dhirubhai Ambani group, was looking for a rapid, efficient and cost effective Customer relationship management (Crm) solution to sustain customer satisfaction levels and improve

service quality. The existing Crm solution was not up to the mark and had many limitations.

firstly, the Crm application was managed by a service provider, and was not directly integrated with other applications within the company. Due to this segregation, service request resolutions often used to take more than a day to be addressed.

Secondly, any addition and/or modification of service categories in the Crm application took a couple of weeks and were carried out by the service provider with an additional cost of rs 30,000 per category.

finally, the service request resolution and the updates that were required to be filled back in the Crm application by the functional team took a couple of days which resulted in a longer resolution time.

“This resulted in customer grievances and affected customer satis-faction levels,” says C mohan, Chief Technology officer, rliCl.

mohan wanted a solution that could handle surge in volumes, provide flexibility and scalability without degrading service quality benchmarks set by the organisation.

making it easyThe iT team decided to replace the outsourced Crm systems with an enhanced in-house Crm system which had the capability to draw agility from Service oriented Architecture (SoA) framework and Business Process management (BPm) solution to integrate all the core insurance applications through an enterprise Service Bus.

The team implemented a flexible, scalable, automated and secured Crm solution which was integrated with the core applications, leveraging SoA service. The new system was called easy Crm.

With the deployment of this solution the company gradually improved its capability of managing customer complaints, request

makingIT easy

CASE STuDY | rLiCL

RLICL needed a rapid, efficient and cost effective Customer Relationship Management (CRM) solution to sustain customer satisfaction levels and improve service quality. By AshwAni MishrA

COMPANY DASHBOARD

COMPANY reliance Life insurance Company

Limited | EStABliSHED 2001 | ASSOCiAtE Of

reliance Capital Ltd. | SERviCES Life insurance

Plans, retirement Plans, Protection Plans etc.




X X X X X X coVE r S torY

iVr, SmS and email the company was able to convert 1,27,090 leads generated through these channels to customers. Total value of this lead to cash conversion amounted to rs.22 crore for finan-cial year 2009-2010. encouraged by this lead to cash conversion potential the company has now set a target of rs. 100 crore for this financial year.

and enquiry and lead management capa-bility for out-bound calling. The Crm solution was also integrated with the auto-mated iVr system for complaint/query logging and resolutions.

By in-sourcing the Crm solution and its integration with the core business applica-tions through SoA, rliCl moved from a centralised to a decentralised complaint/enquiry process.

“With the solution in place, service requests could be raised not only at the contact centre, but also at the branches as the processes were transparent and available to the right users within the organisation,” says mohan.

reaping benefitsThe integration of various functions in the organisation using BPm, provided a seamless workflow and service request automation in the service category. This built agility in the process with wider ser-vice delivery capabilities and eliminated multistage processing of requests and complaints by transforming it into a single step process. This also helped the company to address complaint resolution at the first instance and build multiple customer touch-points like the portal, the iVr, email and SmS along with the regular voice calls and branch walk-ins.

“All our processes were engineered as per customer demands and not what we desired,” says mohan.

The company not only managed to increase customer satisfaction levels but also lowered its operating costs. it reduced

“With the solution in place, service requests could be raised at the branches also.”— C mohanCTo, Reliance Life Insurance Company Limited

the number of BPo staff to 200 from 300 plus and retained all of its customer service executives in the 1250 plus branches. in the back office department, the number of staff came down to 20 from 100 and they still managed to handle call volumes of 75,000 per month with complete call resolution.

in terms of overall business, with solutions like SoA, BPm and iVr, rliCl was able to handle 100 percent growth in call volumes (transactions) and 45 percent increase in customer base with reduced manpower and reduced operating costs.

The cost per call per month was brought down to rs. 37 after implementation of easy Crm from rs. 94 before implementation. This translated into a yearly productivity increase by 150 percent and the savings for last financial year totalled to about rs. 4.86 crore. According to company estimates, taking a 20 percent year-on-year increase in call volumes, the overall saving over next three years would be around rs. 8.39 crore.

With availability of multiple touch points like call centre, portal, ph

ot

o b

y J

ite

n G

an

dh

i




ramakrishnan, head - Core Banking at ing Vysya. "As india rap-idly modernises and cheque-based transactions yield to nefT and rTgS, our transformational initiative will position us well," he said.

What became an iT-led business transformation actually started off in a small way as an infrastructure capacity augmentation exer-cise at the planning stage, ramakrishnan said. "We took it to the next level of business transformation and operational excellence."

In the not-so-distant future, no one will use cheques. reserve Bank of india's efforts, to make the rTgS and nefT processes as common as cheques are today, are paying off, and increas-ingly, banks are offering their customers innovative payment services that are faster, cheaper and safer for all concerned.

There are still many processes that require manual intervention that can be eliminated to make payments even more faster, cheaper and safer, as a project at ing Vysya Bank demonstrates. everyday, as customers initiate payments via the real-Time gross Settlement and/or the national electronic fund Transfer routes, an army of bank employees is needed across the nation to manually match all the req-uisite information against their banks' databases to ensure that the money changes the right hands. At ing Vysya, an important step in this process is now automated.

an opportunity"our research leads us to believe that we are now the fastest domes-tic electronics payments processor in the country," said Dharmaraj

Through innovation and some serious coding, ING Vysya Bank has made domestic payments via the RTGS-NEFT route speedier and more accurate. In a tighter regulatory regime, such IT-led business innovations are boosting the bank's ability to make money from information. By hArichAndAn ArAkAli

pay-By-Wire

TurboCharged

CASE STuDY | iNG vysya BaNk

COMPANY DASHBOARD

COMPANY iNG vysya Bank | HEADquARtER

Bangalore | MD AND CEO shailendra Bhandari |

OPERAtiONS iNG vysya Bank Ltd., is an entity

formed with the coming together of erstwhile,

vysya Bank Ltd, a premier bank in the indian

Private sector and a global financial powerhouse,

iNG of Dutch origin, during Oct 2002.




By developing innovative payment services at ING Vysya Bank, aniruddha paul and dharmaraj ramakrishnan, are offering their customers a satisfying banking experience.

ph

ot

o b

y s

Ra

dh

ak

Ris

hn

a




money From InformationThe big picture is part of the evolving landscape in the payment scenario, and what is it that various banks and financial institutions can do to innovate with the rapid changes happening in the indusry today. "This is characterised by the decline of float-based income," said Aniruddha Paul, head, iT Change Delivery, ramakrishnan's boss and an enthusiastic champion of various 'change-the-bank' ini-tiatives that would put ing Vysya on par with larger competitors for lucrative corporate customers. "The chances of making money out of money are declining and the only way you can make money is by leveraging information," Paul likes to say.

The decline of cheques and other such instruments and the inexorable shift towards electronic payments both in retail banking and with corporate customers is setting the agenda. "Against this background what we find is a sharply increasing numbers electronic transactions in the domestic market with tightening regimes from rBi on the kind of fees that we can charge to the customer," Paul said. for instance three years back there was a much looser regime on the fees that a bank could charge a customer. now the rBi has clearly laid down the maximum that a bank can charge and there's not much flexibility there, he said.

What ing Vysya is doing then is "building a whole range of payment products and surrounding information systems which

can extract, glean, tweak, massage information related to the customer and provide value add to our corpo-rate customers primarily, who are the beneficiaries of these kind of insights and also to various custom-ers," he said.

payments programmeThe automation of the payee-name validation must be seen in this con-text. “This was a part of a bigger pro-gramme that aimed improving oper-ational efficiencies,” said Dheepak rajoo, a project manager with the bank’s Programme management division who helped manage the two phases of the clutch of projects that eventually led to the successful implementation of the automation.

“We had a payments flavour to it, with the nefT rTgS, it had an eCS component, an offline clearing process related to cheque processing, a cheque truncation process -- all of this, we pulled together as a pay-ments programme.”

The nefT rTgS had two phases -- first replicating the nefT rTgS payment platform within the core banking operation. This was “pri-mary because there were pain points

The Benefitsspeed: Customer gets instant credit for the wire

transfer as and when it is received by inG. this will

enable the customer to have ready access to the

funds.

saFeTy: Customers accounts are credited only

after payee names are validated and anti-money

laundering (aML) checks done on-the-fly in a

straight-through processing (stp) mode.

superIor CusTomer servICe: no more

anxious waiting hours and queries to the bank on

the status of the funds transferred.

CosT BeneFITs: there has been a 40 per

cent reduction in actual Fte (full-time employee)

cost and a 75 per cent reduction from projected

Fte costs if this initiative hadn’t been planned

and executed.

revenue ImpaCT: inG Vysya is position-

ing itself as a significant player in the payments

processing space. this initiative goes a long way in

underpinning our credentials.

meTrICs: handles 2,00,000 transactions/month

and an 84-100 per cent year-on-year growth rate

outward remittance processing time cut down by

50 per cent (10 minutes to 5 minutes)

inward remittance processing time cut down by 80

100 per cent (from 1 hour to nearly instantaneous

for 70 per cent cases that go through stp)

at 100 per cent growth rates in business volumes,

the operations staff would have increased from 9

Fte to 20; it has now been resized to just 5 Fte

straight-through processing ensures customers

get instant credit of the wire transfer as and when it

is received by inG Vysya.

error-free processing due to stp and implemen-

tation of maker-checker concept for high value

transactions.

improved availability of systems across the branch

network and online channels.

parTICular aTTenTIon Was paId To:

system re-architecture and automation. this was

a mammoth analysis, programming and testing

effort. payment processors are the most sensitive

areas of operations and inG Vysya had to design

fail-safe systems that would work flawlessly from day

one. in particular, the fuzzy logic algorithms had to

be suitable for indian conditions and indian names.

since payee-name validation was at the heart of stp,

they had to get this absolutely right.

in 2008 the bank took stock of its payment platforms even as it saw that the rBi’s persistent efforts to move from cheque-based payments to rTgS/nefT would soon start getting traction in the market. While this would benefit individuals with small and large transactions alike, the true impact of what ramakrishnan and his colleagues eventually developed would be seen in the corporate sector, making the bank 'easy To Deal With' as ing's motto goes.

on the one hand, the bank felt the need to re-architect its domes-tic electronics payment infrastructure and on the other "we also sensed an opportunity to put together a world-class solution that would offer the best of services to our customers," ramakrishnan said. What the iT team also did was to de-link volume growth from payment-operations-related fTe growth.

The objective was to build the fastest domestic wire transfer facil-ity in the indian banking industry.

As banking products and services get commoditised, speed and excellence of service channels become key differentiators, ramak-rishnan said in a background note on the project. india is rapidly modernising and banking payment services are switching from physical cheques to wire transfer. "By building the fastest domestic wire transfer facility in india, ing Vysya now has the ability to dif-ferentiate itself to both retail and corporate customers and be their preferred payment processor," he said.




around processing a finite number of transactions alone, which meant that the business capability itself could be hampered to some extent.” Then they thought “why don't we scrap the payment infrastructure, which wasn't scalable and migrate it into our core banking.” This meant creating the functionalities of an external processing engine withing the core banking, which “enhanced our capabilities to process transactions and to scale up,” rajoo said.

That was the first phase of the project. This also meant that the capabilities had to be extended to about 480 odd branches pan india. The core banking front end was an extension of the same platform, called Profile for Windows. “The challenge was to be able to migrate the functionality by building it from scratch into the platform.”

automated validation“Phase 2 was the more innovative” part of the project, ramakrish-nan said, building the ability for payee-name validation. on inward processes, it was about building processes that would match the name, check the accounts, look for restrictions, match off amounts and execute real-time credit. The result could be that validated cus-tomers would get near ‘instant liquidity.’

Typically these projects are what the bank’s iT folks call 'ops and iT Transformation’ projects. This also meant the project was done across geographies, with people working from Portugal and Poland, and therefore people speaking different languages. This meant that for instance, “we had to use a lot of visual and pictorial aids to get our ideas across with a brilliant programmer from Poland” who had some difficulty with english, rajoo said.

one of the things they did, was to migrate a payment processing engine that was natively built, called P-Connect. “We mirrored the same functionalities into our core banking system.” To be able to build all the native capability of a legacy software back into the core banking was the objective. “now we've retired that platform,” he said.

“The external engine had performance issues around scalability, and transaction processing times were extremely high,” rajoo said.

“At one point we had daily monitoring at the Cio level, what was the time for break-fix, what was the downtime, how much time was lost because of the performance issues and so on.”

At the time we were thinking about the concept of a payments pro-gramme that had multiple projects -- we had a programme level proj-ect governance. That helped to always have a dip-stick every month, with the Cio, the Coo and everyone else and validated the idea that 'the replacement was the right way to go' and the decision to move this in to the core banking made sense.nefT meant the transaction has to be real-time. That meant that the bank has to keep ramping up its backend as the transaction volume increased, to be able to settle customer transactions the same day. for instance, even if a transfer is initiated at 4 p.m. when the cut off is 5 p.m. the transfer still has to be made the same day. The more the vol-ume the more the number of people required at the backend.

“We automated it,” ramakrishnan said. “We built an algorithm, which matches off the spelling as well as the way the name sounds.” The algorithm matches off the spelling and gives it a percentage value and also matches off the sound and gives it a value. The operations team can configure the rules that determine the degree of matching for which a straight-through process can be allowed, he said.

Bedrock of Future Innovation“This particular innovation that we have done, which is building from a domestic electronic payments system would be the bedrock of further innovation that we have to do,” Paul said.

“With our systems, not only do you make the core payment faster but the surrounding systems kick in to get the information about the payment and automatically post it to the corporate erP systems in an straight-through process,” Paul said.

Such innovations, along with others such as offering greater secu-rity for a payment, are helping ing Vysya Bank go after lucrative large corporate customers who were hitherto more the domain of large multinational banks, he said.

“The chances of making money out of money are declining and the only way you can make money is by leveraging information.” —aniruddha paulHead, IT Change Delivery, ING Vysya Bank.




on The GoLife Technologies deployed Mobile Business Intelligence to empower its sales force with valuable data on the go. By rAhul neel MAni

With revenues at $3.6 billion, life Technologies, a global biotech tools company providing cutting edge systems, consumables, and services for sci-entific researchers across the world, had a clear roadmap of empowering its field sales force with

timely and intelligent customer insights to sell more and better. for this, the company required a business intelligence solution that

supports a variety of smartphone devices including the Blackberry and the iPhone - enabling its sales personnel to take timely decisions short-ening the decision making cycle. As a result, the company thought of deploying iBm-Cognos for Blackberry devices and ‘roambi’ a data visu-alisation application from mellmo inc. for the iPhones.

The Challenge for life Technologies, it was quite a challenge to support the field

sales force with adequate data that could help them reduce the decision support cycle and increase productivity at the same time. “To make this a reality, it was essential to have an automated and responsive system which can help the sales representative in accessing critical customer information on the go,” says manoj Prasad, Vice President enterprise Architecture, global Applications and Testing, life Technologies.

Both the executive management team and the field sales force required daily sales reports that could give the status of sales, planning and forecasting. There was also a need felt to provide inventory reports so that the sales force can make realistic promises to their customers.

But this wasn’t so easy. There were a bunch of barriers to be overcome before moving further. one, there wasn’t a single technology platform/application that could push data to all types of smart phones and mobile devices. And in life Technologies, there were nearly 2,500 Blackberry users and 800 iPhone users. The second biggest challenge was to inte-grate the two with the data warehouse. “We did not have the luxury of time to wait for such an application to develop,” Prasad says. “mobile Bi was the strategic priority for our department in 2010.” life Technologies' goal was to roll out mobile applications that would allow its field sales

Intelligenceforce to deep dive into the data on the cutting-edge tools it was develop-ing, to take to the researchers who needed those tools.

The solution Anticipating the frustrations that would spew from the non-avail-ability of an app, Prasad's technology and application development teams didn’t wait for one.

“We knew enterprises like us had already started going mobile,” he said, spurred on by improvements in the ability of smart-phones to display graphical information and the emergence of intui-tive graphical interfaces that can better handle Bi visualisations.

in their quest to overcome the bottlenecks of the technologies available and the inherent inability of those technologies to work on the popular smartphones, Prasad and his architecture team looked for different options to get data from SAP Business objects and iBm Cognos Bi systems onto employees' Blackberries and iPhones – the two most popular devices used in life Technologies.

“At this point, we were really at the crossroads. on the one hand, we were committed to deploying a mobile Bi solution in the stipu-lated timeframe and on the other, there was no one single vendor/technology that could work seamlessly on the different devices used by the employees,” says Prasad.

CASE STuDY | LifE TEChNOLOGiEs

COMPANY DASHBOARD

COMPANY Life Technologies | HEADquARtER

California, Us | CHAiRMAN AND CEO Gregory

T. Lucier | OPERAtiONS a global biotech

tools company dedicated to improving the

human condition. its systems, consumables

and services enable researchers to accelerate

scientific exploration, driving to discoveries and

developments that make life even better.




competitors. now our sales force reaches out to the customers well informed and in time,” says Prasad.

Today, even the service engineers have all the required data to service the equipment efficiently.The mobile Bi provided between 30-60 minutes of saving per sales representative per day. “There are nearly 1000 sales representatives in life Technologies. This adds to 1,000 hours of saving. These 1,000 hours can be used for selling more products,” says Prasad.

Prasad’s team is already working on applications for other parts of the company, such as a global warehouse report, and has set up a mobile development architecture team to devise an entire mobile strategy for life Technologies, with a particular emphasis on Bi. (This case study was done through a telephonic conversation.)

After much evaluation, the team came up with a unique propo-sition. They selected mellmo inc. roambi, a data-visualisation application that takes Bi data from various available sources and makes it iPhone friendly.

unfortunately, roambi doesn’t support the Blackberry. iBm Cognos V8.4 was used to push data to Blackberry users. Prasad then asked his team to use roambi to develop two reports - sales quotas and daily sales reports - that are important to company’s sales force. As a pilot, a test version of daily sales reports taken from life Technologies' Cognos data warehouse was rolled out to nearly 50 sales professionals who used iPhones. “This worked well. But there was another problem now. A majority of our users have Blackberry and roambi doesn't work on it. So we planned to use the mobile version of Cognos to deliver similar reports to the Blackberry users,” says Prasad.

"After having tested the applications multiple times in various environments, i showed it to the Cio and a few customers. They all got very excited."

The outcomeBefore this deployment, the sales force didn’t have the right data on time to service their customers. The customers weren’t very satisfied with the quality of service delivered to them. “how can you expect the sales force to sell more when the customers are not happy with the ser-vices provided to them today,” questions Prasad.

The deployment wasn’t easy but after going through the rigour, the company has certainly experienced a sea change in the produc-tivity and efficiency of its sales force. “We have an edge over our

“The mobile BI provided between 30-60 minutes of saving per sales representative per day. The mobile BI provided between 30-60 minutes of saving per sales representative per day ”—manoj prasadVice President Enterprise Architecture, Life Technologies.




For Singareni Collieries, the challenge was to streamline operations at multiple locations for enhanced decision making and business consolidation. By VArun AggArwAl

diggingoutInefficiencies

CASE STuDY | sCCL

By deploying erp, m. sathyanarayana has enabled Singareni to have better control over its processes.




ability of essential equipment and made it easier to meet production targets,” Sathyanarayana opined.

“We have reduced the overall cycle time for sales order pro-cessing from months to days, cut the time for settling advance payments made against sales orders, and increased customer satisfaction,” adds n. V. rajasekher, superintendent engineer for marketing and movement at SCCl.

There has also been a significant decrease in the time needed to close annual accounts. Singareni is the first coal company in india to use an SAP solution–supported balance sheet in the first year the new software was implemented.

The company can now manage and control spending at the enter-prise level. The new software, which supports 300 to 400 items related to material requirements planning, has significantly reduced the purchase requisition cycle.

increased integration has also facilitated better procurement policies, encouraged collaboration with suppliers, and significantly reduced stock-outs at plant locations. in addition, paper consump-tion related to the accounting process has dropped significantly.

“The four SAP modules we’ve added are like the first floor of a building that will help us build many floors in the future,” says m. Sathyanarayana, erP project manager at SCCl.

“Today, SCCl is a truly integrated enterprise. We hope to leverage other functionalities and develop a robust business intelligence plat-form that will further enhance decision making.” J. V. Dattatreyulu, Director of operations, Singareni Collieries Company limited

next stepAfter reaping the fruits of a successful erP implementation, SCCl is planning to implement SAP’s man maintenance module which is very useful for the coal mining industry. “We are also planning for certain hrm and Crm modules within the next six months or so,” Sathyanarayana.

For a coal company in india which has an order book much bigger than its production capacity, timely deliv-ery is the key to success. Singareni Collieries Company limited (SCCl) currently operates 13 opencast and 42 underground mines in four districts. The $1.4 billion

company is one of the largest coal mining companies in india. While the company has iT set-up in all its branches, the challenge

for SCCl was to integrate and streamline operations at multiple locations for enhanced decision making and business consolidation. With either manual or disintegrated systems, there was no central management of information leading to frequent delays in delivery causing financial losses in terms of loss of opportunity.

Integrating diverse systemsWhile thinking of deploying an erP to solve the problem might sound easy, the bigger hurdle that lay ahead of the com-pany was its own 70,000 employees who feared delays in pay-ments with the new system. The change management process had to be kicked in before any formal rollout could take place. however, this wasn’t the only challenge that had to be dealt with. “our distributed iT architecture had made this difficult,” says m. Sathyanarayana, erP project manager at SCCl. manual inte-gration of processes for purchasing, sales and distribution, finance, stores, and payroll resulted in duplicated data entry and paper-based processing that wasted time and caused errors.

To handle these challenges, SCCl chose financial, controlling, materials management, quality management, payroll, and sales and distribution software in the SAP erP application. Key to this choice were strong SAP references from comparable enterprises in india.

one of the first public sector companies in india to undertake a large-scale, enterprise resource planning (erP) implementation, SCCl rented the hardware it needed early in the implementation rather than trying to purchase it. This minimized procurement delays that are typical in public sector installations. iT employees were thoroughly trained on SAP technologies and now maintain the software with little external support. Development of certain applica-tions prior to implementing SAP erP facilitated data migration.

The BenefitsWith SAP erP in place, information is more visible throughout the enterprise and available in real time. This, plus an alert framework within the application, has significantly improved decision making. integrated materials management has given SCCl better control over stock and inventory. “Timely provisioning of spare parts and other items for maintenance, repair, and operations has increased the avail-

Key oBjeCTIves oF The projeCT

provide integrated view of operations at various locations

support real-time data capture and processing for

supply-chain functions

improve inventory visibility

Reduce paperwork and manual processing

streamline payroll process for transferred employees

Reduce it maintenance and other costs

Key perFormanCe IndICaTor ImpaCT

time to process sales orders – reduced by 50%

days to close annual accounts – reduced by 50%

time to settle advance payments – reduced by 40%

duration of purchase requisition cycle – reduced by 98%

time to generate coal bills – reduced by 95%

Unmanaged spend – reduced by 55%

COMPANY DASHBOARD

COMPANY singareni Collieries Company Ltd |

iNDuStRY Mining | REvENuE $1.423 billion

| EMPlOYEES 70,000 | HEADquARtERS

hyderabad, india

project highlights




in the hyper-competitive mobile phone services market in india, new entrants, such as Videocon have to find innovative ways to attract and retain customers. Technology will play a major role across the operations from making it very easy for customers to get the information that they need, to monitoring and tracking trends to react quickly to opportunities.

As a more recent entrant into the market, VTl chose to out-source many of its requirements to get its show off the ground quickly. in the mobile phone business, the customer contact centre is central to ensuring both customer care and value added service are delivered well.

single Ivr platform“nowhere in the country is a wireless services provider using a com-mon iVr with both the customer care calls and the value added services calls running on the same platform,” Satyarthi says. This is something unique, he says.

The advantage is “on one side, we are actually catering for the call centre, which is a cost centre for us, while on the other, a revenue generating application is running on the same platform.”

With a simple idea of using a common platform for both Customer Care and Voice Value Added Services (VAS), Videocon Telecommunications Ltd.’s Ajay Satyarthi implemented the first of its kind, state-of-the-art single IVR architecture to minimise cost and to optimise Core Network resources. By hArichAndAn ArAkAli

not every idea that a Cio comes up with has to be a technology-intensive and complex in implementa-tion, to be called an innovation and perhaps more importantly also help boost revenues. Ajay Satyarthi, Senior general manager - iT at Videocon Telecom-

munications ltd. (VTl), part of telecommunication division of $4 billion Videocon group, showed this, when he tweaked some exist-ing, proven architectures to achieve superior results.

VTl is licensed to offer pan-india gSm mobile services across the nation, covering 22 circles (regions as geographically desig-nated by the nation's telecommunications regulator).

Common Ivr

Boostsrevenue

CASE STuDY | viDEOCON

COMPANY DASHBOARD

COMPANY videocon Telecommunications

Limited | BuSiNESS GsM mobile services in 22

circles | liNEAgE Part of $4 billion videocon

Group with interests in household Consumer

Goods, Oil & Gas, retail, Telecom, DTh and the

Power sector | BRAND EquitY rated among

india’s Top 15 Business houses, listed among

the 100 Emerging Giants of the World in a Boston

Consulting Group study and rated in the Top 15

'buzziest brands’ in india by agencyfaqs in 2010.




“nowhere in the country is a wireless services provider using a common Ivr with both the customer care calls and the value added services calls running on the same platform.”— ajay satyarthiSenior General Manager - IT, Videocon Telecommunications

“other operators have either the one or the other, but not the both sets of calls running on the same technology and on the same plat-form” he says.

dynamic allocation“What happens is that we build a common iVr platform and instead of terming it a contact centre iVr or VAS iVr, we call it a unified iVr platform,” Satyarthi explained. At the heart of this model is the dynamic allocation of ports to both the applications: What this means is that if for instance the contact centre is receiving a lot of calls at a particular time and the VAS is relatively free, the ports of the VAS iVr will get dynami-cally allocated to the contact centre application and vice versa.

Similarly, the VAS iVr will pick up ports from the customer con-tact centre side and therefore generate more revenue.

This not only ensures that congestions are eased on both applica-tions, ensuring customers' calls aren't dropped, but also improves the contact centre's revenue-generating capability by dynamically boosting the call-handling capacity at the VAS iVr end. With few or no calls

operators are struggling to do a consolidation migration to these kinds of platforms, Satyarthi says.

When Satyarthi was building the architecture for the VAS and the contact centre, having joined VTl from an incumbent com-petitor, he decided to pick up all the existing problems faced by various operators and ensured that his architecture eliminated all of them.

for instance, there was a problem of publishing multiple numbers for multiple VAS. At the operator's end, reconciliation and manage-ment of the iVrs, their port capacities and other operational issues – he decided to identify all the problems and resolve them first.

At one point, it was difficult to convince the VAS providers that they can work on standards based platforms

“Today, neither my music-on-demand nor my CrBT VAS provider has its own iVr,” Satyarthi said. “They use our platform and we've exposed VXml 2.0 and 2.1 APis to these partners, so they just bring in their application.

They connect to the centralized iVr platform, the responsibility of

dropped, customer satisfaction is high as well.on the VAS iVr too, all the services are run

on the same single iVr platform. in the tradi-tional set up, each VAS, be it music on demand, caller back ring tone or a voice portal or a full-track song, each service would have its own iVr – that's the standard process.

“What we've done is to build a common iVr to capture caller’s choice no matter which VAS a customer is interested in,” Satyarthi said. This is simply done by prompting the cus-tomer to select a choice by pressing a number, which would then route the caller to that par-ticular service

eliminating problemsAs of today this hasn't been done elsewhere.


rating, charging, reconciliation lies with VTl instead of them as was the case in a traditional setup..

Better dealsobviously this means that we've got better revenue sharing model from the VAS partners. in the conventional system, they would have had to invest in the software and the hardware for the iVr to provide VAS, which they have avoided with VTl, Satyarthi said.

The unified platform also meant that Satyarthi was able to negoti-ate more attractive contracts with his system integrator Wipro and the technology provider Avaya, he said.

“We have played on the volumes, by consolidating the calls of both the VAS and the contact centre.” in a traditional setup, about 60 percent of the calls are from the customer care end of the platform while the rest are usually from the VAS side.

So in the conventional set up, one would have negotiated for the volumes – in terms of minutes handled by the contact centre out-sourced service provider – of the customer care calls separately and the VAS volumes separately.

What VTl did was to negotiate rates based on the combined vol-umes, reducing its costs of handling all the calls.

set to exceed TargetsVTl set itself an initial set of targets that included getting 25 mil-lion customers in the first phase of implementations. The rate at

which the mobile phone services provider is adding customers today, “we will probably far exceed that,” Satyarthi said.

he wanted a cost optimized solution and knew what the problems were and what the available solutions were. VTl initially started with a centralized model with the option of decentralization if needed. Today they run out of one data centre in Chennai, with a clear idea of what volumes the existing model can handle and at what point they will have to start decentralization.

The initial target was that the iT must support VTl's business and yet have a cost model that was sustainable over the next 10 years.

“The way we've done our contracts with our partners, we're managing them on SlAs and KPis,” Satyarthi said. “There is an agreement with the Sis that says the system has to be available for a certain percent of the time and reliability has to ensure for a cer-tain percent of the time”, he said.

With mobile number portability being implemented in india, “our systems were mnP compliant from the word go,” he said. “We don't work on number series or circle specific numbers. Today it is intra-circle and tomorrow it will be inter-circle. We will be faster in these areas, as our systems were architected in such a way,” he said.

While VTl didn’t participate in the 3g spectrum auctions, the company’s iT enterprise is geared up to support multiple options to expand vertically as well as horizontally in the coming months and years, he said.

advts.indd 56 12/22/2009 3:02:47 PM

NEXTHORIZONS Features InsIde



What You should Know about social Media Pg 47

Wireless security, an urgent area of Focus Pg 50

Illu

st

ra

tIo

n b

y s

hIg

Il n

for many people, change is difficult and transformation even more so. According to the new oxford American Dic-tionary, "change" means “to

make something different,” while "trans-form" means “to make a thorough or dra-matic change.” it is a difference of degree, i admit, but that degree is so extreme that it becomes a qualitative difference.

Changing means continuing to do essen-tially the same thing, only introducing some variation in degree. Build it a little bigger, smaller, faster, higher, longer. increase the marketing budget. Add a few staff to the department. Come up with a new slogan. But today’s business problems cannot be fixed by changing, nor can organisations or industries survive simply by changing. embracing change is no longer enough: We need to transform.

Transformation means doing something utterly and radically different. it means nano-fusion; it means using algae as a fuel source; and reimagining gm on the Dell model. in the early 1990s, Barnes & noble superstores changed how we shop for books. By the mid-1990s, Amazon was transforming how we shopped for books, which then transformed how we shop for everything.

in the '90s, we were always telling our-selves to “think outside the box.” it’s a neat image, evoking creativity and unconventional

a Look at technology trends that are transforming business. By Daniel Burrus

Tech Fueled Transformation



N E X t H or I Zo N s T e ch T r a n s f o r m aT i o n

thinking as a way to arrive at ingenious new paths and solutions. But it’s a slogan whose time has come and gone. here’s the problem with "thinking outside the box:" we all know that no matter how creative we get during the weekend seminar, come monday morning we’re going to have to crawl back into the box again and deal with our current reality.

The problem isn’t that we need new ways to simply step outside the box -- we need to completely transform the box itself.

in fact, whatever your box is -- your job, company, career, situation -- it is going to transform whether you like it or not. There is no field or profession, no business or organisation, that is not going to transform dramatically and fundamentally over the years ahead.

in fact, we’re standing on the foothills of an enormous mountain of change -- only most people can’t see it. from most people’s vantage point, it’s easy to assume that the biggest changes have already happened: the internet has already turned the world upside-down and changed everything. But that’s hindsight, not foresight. The prolif-eration of the internet throughout the last decade is nothing but prologue, not the unfolding story itself. it was not the trans-formation it was only the foundation that laid the groundwork for the transformations to follow; the overwhelming majority of which are still ahead of us.

We are at the dawn of an era of technol-ogy-driven transformation that will make the changes we have experienced over the past 25 years seem tame, mild, and slow. We have crossed the threshold into a time of transformation. And that is the context of this flash foresight trigger: expect radi-cal transformation.

in the past, it was important to change. now it’s no longer enough to change. in fact, as i tell my clients, to change is to fail. We need to transform.

Our intelligent futureProduct intelligence is perhaps the most vivid example of seeing how dramatically technology is going to transform everything in the years to come. The cost of intelligence is falling fast; even faster than the cost of energy is

rising. What’s more, it will continue fall-ing for years to come. Can we really say this with certainty? yes, because it’s a hard trend. it is a direct result of the increase in processing power, storage, and bandwidth, three digital accelerators that are now push-ing us forward faster.

At the same time, while the cost of intel-ligence continues to fall, the intelligence of intelligence (that is, the increasing sophisti-cation and capabilities of embedded product intelligence) continues to rise in a classic hockey-stick arc that is approaching vertical. What we think of today as “smart concrete” will be at the dumb end of the scale ten years from now and the smart end of the scale will be staggering compared to what’s possible today.

in the future, we’ll bring intelligence to everything that uses any kind of energy. Smart houses that know your habits and schedules as well as the changing cost of electricity in real time, minute by minute. your house will know exactly how to adjust your climate, lighting, and other power-con-suming features in the most economical and optimal-performance ways. Smart cars that know when to use which fuel, according to the terrain, locale, and type of driving you’re doing. intelligence will drive our multi-fuel future, so that our tools know when to use

different fuels and how to use them for optimum efficiency and productivity.

These are just brief examples of how product intelligence will transform our world. from energy to agriculture to health-care, our world will be trans-formed as the curve of digital technology’s advancement goes vertical. We could choose any one of a thousand other areas,

since this metamorphic wave will leave nothing untouched. But no discussion of the coming transformation would be com-plete without a tour of the environment in which we have come to spend more and more of our time: The internet.

Welcome to Web 3.0To date, the world wide web has gone through two basic iterations: The first generation, lasting through the end of the nineties, presented the Web as a flat, one-dimensional way of displaying information that could be accessed by keyword searches. Basically, it was humans interacting with computers. This would soon change.

The Web’s second iteration, Web 2.0, has been characterised by the user-to-user dimension of content sharing. Peer-to-peer (P2P) networking was the application used by napster to offer music file sharing to the masses. Since then we have seen enthu-siastic amateurs from around the world work together to classify and post massive amounts of new content on the collective encyclopedia project Wikipedia.

idea-sharing tools (blogs and Twitter), personality-sharing sites (mySpace and faceBook), photo-sharing sites (flickr), and video-sharing sites (youTube) are all examples of the content-sharing nature of Web 2.0, which has given rise to the concept of social networking.

Thanks to the underlying technology of Xml, which allows machines to talk to other machines over the Web, applications as well as individuals can also share data with each other. for example, the connect-ing of corporate or personal location-based data to google maps.

Web 2.0 created an entirely new experi-ence from Web 1.0 but that’s all behind us now. Web 2.0 is already old news.

53%of cios are

expecTing an

increased

budgeT To work

wiTh This year.

In the future, we’ll bring intelligence to everything that uses any kind of energy. Smart houses that know your habits and schedules as well as the changing cost of electricity in real time.



T e ch T r a n s f o r m aT i o n N E X t H or I Zo N s

The hallmark of Web 3.0 is that it is an immersive environment. in this new inter-net construct, you won’t use the Web, you will enter the Web. Where the essence of the early internet experience was information search and retrieval, and Web 2.0 was all about interaction and communication, the prime thrust of Web 3.0 will be immersion and multidimensional experience.

Today, we talk about going onto the Web to look for information. in the future that language will change. instead, we will speak about going into the Web to learn and interact.

Since 2000, i have been giving small demonstrations of an early prototype 3D Web browser in my keynote talks, showing audiences what it would be like to step into an inner-spatial, immersive environment to shop and get customer service.

As you click on this site, you have the sen-sation of stepping into a room where you are surrounded by content of different types on all sides. Turn to the right, and there on the wall is your live newsroom -- Cnn, uSA Today, The new york Times, The Wall Street Journal, nPr, BBC, whatever your favorite news sites and sources are, there they are, all open simultaneously. now look to your left, and there are the most current projects you’re working on. look behind you: itin-eraries for your next trip, your banking and investment information, whatever informa-tion you like to have nearby.

The applications of such an experience will be transformational, not only in and of themselves, but also as combined with their real-world counterparts.

right now, let’s say you and i attend a big trade show on the latest technologies for your industry, whatever it may be. All the biggest suppliers from around the world are there, showing off their latest, great-est new stuff. even though we’re there for several days, dawn to dusk, there’s no way we can get to all those booths and see all those displays. i’ve been to trade shows that feature entire city blocks’ worth of the latest technologies. how do you take it all in? it’s impossible. So let’s make it possible.

When the conference is over, everyone packs up and goes home. What if instead, we just cloned the entire event to 3D virtual? The CAD (computer-aided design) drawings of the building already on file can instantly recreate the entire conference center in 3D

form, needing only graphic artists to get the colors right, let the vendors add their virtual products, and "Presto!" you have your fully immersive trade show.

now, when we go home, everything is still there: it’s never over! you can click on any and every booth and connect to a real salesperson via video conferencing anytime you like. And by the way, the vendors are still paying a fee, albeit a fraction of the in-person cost. now, instead of having a three-day conference, you have a twelve-month conference.

Because of runaway multiplication of the three digital accelerators -- processing power, bandwidth, and storage -- over the next several years we will see this kind of dimensional experience come to the Web for the general user.

Web 4.0: Ultraintelligent electronic agents if Web 3.0 is the future, then what’s beyond that? Web 4.0, of course; a further iteration of the online experience that will transform how we do everything. The essence of Web 4.0 is this: instead of our having to go search-ing for what we want, it will come to us.

Advances in artificial intelligence have

created a type of intelligent search that tailors itself to the individual user, learning our parameters and preferences to make our searches automatically more relevant and useful to each of us individually. Soon we will be using a powerful new tool to do a good deal of our Web-based work for us, thanks to an emerging technology called ultraintelligent electronic agents.

Because they reside on the internet, you can access your e-agents from anywhere, regardless of where you are or what device you are using. only you will have access to your personal e-agent. you will use two forms of biometric identification, like your voice and face, or your voice and fingerprint, to identify yourself.

you will be able to select various types of plug-in agent functionality. for example, your financial planner may offer an agent plug-in module to help you manage your money. your travel agent, if you still have one, might offer a plug-in giving you highly customized and unique travel advice. your trainer from the gym might offer a virtual trainer plug-in to be with you on the road. The list of possible plug-ins is endless.

you will most likely have one main

The hallmark of Web 3.0 is that it is an immersive environment. In this new Internet construct, you won’t use the Web, you will enter the Web.

Illu

st

ra

tIo

n b

y p

ho

to

s.c

om



N E X t H or I Zo N s T e ch T r a n s f o r m aT i o n

e-agent you interface with most often, but you will have others that help you both at home and at work. organisational e-agents will execute tasks on behalf of a business process. Personal e-agents will carry out tasks on behalf of one user. in time, busi-nesses and individuals will delegate basic responsibilities to a customised collection of highly intelligent e-agents.

your e-agent will use neural network tech-nology to learn more about you every time you use it. This is the function, for example, that allows Amazon to build a profile of your preferences by keeping track of your searches and purchases, and how it is able to make personally relevant recommenda-tions. The more time you spend on Ama-zon, the better it gets to know you and the better its recommendations become.

your ultraintelligent e-agents will take this functionality to a whole new level. imagine sitting down in front of your television, turning it on and, since it is connected to the Web, your e-agent pops up and asks what you are in the mood to watch. let’s say you want an adventure movie that you have never seen before. The e-agent will suggest a particular movie (set in the future because your past adventure movie selections were also set in the future). if possible, it will suggest a movie that has your favorite actors and director, and a plot that has twists and turns the way you like it best. or, if you want something fresh and different, a complete change from your usual choices, then your e-agent can fill that bill just as easily.

for many, the e-agent will become a friend, listening to and helping to solve minor problems, responding sympathetical-ly, and suggesting helpful resources. They will be great “listeners” and will respond only when a response is needed and with the kind of response you have found most helpful over time.

Think of your e-agent as a personal con-cierge desk. Wherever you might benefit from a human agent, mentor, or coach, you will begin to find electronic versions that will serve as virtual assistants of those human advisors, helping you stay on track. And since the Web will go with you wirelessly wherever you go, your e-agent will always be there when you want or need help.

As we transform into a vastly more high-tech society, we will see our world become

more human, not less. There is a simple reason for this, and it goes to a crucial flash foresight principle that governs how all this digital transformation will actually play out in the real world: the both/and principle.

Think both/andexecutives, managers, and the business

and popular press all tend to make the same false assumption about the future of tech-nological change. every time a new product category is introduced, they assume that the older category will soon vanish.

But that’s not the way it works. The hot-test new breakthrough technologies do not necessarily replace older ones. instead they often coexist with them, side by side. Why? Because the old technology has its own unique profile of functional strengths, which the new technology never fully replaces. in the case of paper, it’s inexpensive, portable,

tence of the old. But that’s not the reality. This is not to say that volume and market

share for the older technology will always remain unchanged. obviously there will be additional slices taken out of the pie, some smaller, some larger. But the both/and inte-gration of new-tech and old-tech combinations has an amazing way of enlarging the pie itself. grasping the secret of both/and integration can unleash dramatic new levels of resources, capacities, wealth, and capabilities.

returning to our discussion of Web 4.0 and the world of ultra-intelligent e-agents, the both/and principle tells us that no mat-ter how sophisticated and useful e-agents become, they will never replace live interac-tion with another person. Those businesses that most skillfully integrate electronic agents with real-time live help will be the ones that ultimately thrive and dominate their markets.

Actually, you have probably already seen this play out on a simpler platform: the infamous touch-tone “help” menu: “To review your account, press 1; to change or update your account, press 2 …” We have all at some point had the infuriating experi-ence of trying to get something fairly simple done over the phone, only to find ourselves in a seemingly endless loop of menu choices, none of which quite get us where we want to go.

The companies who learned to adapt this new technology and integrate it seamlessly with exceptionally good live-operator cus-tomer service, and make that choice easily and transparently available at any time dur-ing the experience, are the ones who excel, survive, and thrive.

The future is not automated help; it is automated help and live help. The future is not digital, fiber optic, automated, self-serve, and youth-focused. it’s digital and analog, fiber optic and copper, automated and manual, self-serve and full-serve, youth and elders.

The faster things change, the more we will live in a both/and world, and one flash foresight key to surviving, succeeding, and thriving in that world is to continually seek ways to integrate the freshly old with the emerging new.

The new Golden Rule of businessThe old golden rule in business was to find

foldable, you can erase on it. Best of all, it doesn’t disappear if the computer goes down. Digital obviously has its powerful strengths, as well. Both are here to stay.

We tend to greet innovation with an either/or assumption, but this is not an either/or world but a both/and world; a world of paper and paperless, online and in-person, digital and analog, old media and new media.

either/or thinking assumes a zero-sum game, in which the pie is of fixed size and emerging technologies, and/or emerging markets, must necessarily threaten the exis-

The hottest new breakthrough technologies do not necessarily replace older ones. Instead they often coexist with them, side by side.



T e ch T r a n s f o r m aT i o n N E X t H or I Zo N s

out what your customers wanted, and give it to them. “Do unto others as they want to be done to.” Today, if you ask your cus-tomers what they want and you give it to them, you’re missing a huge opportunity, because their answers will never give you more than a fraction of your potential.

our capabilities are changing far too rapidly for this old rule to be useful. Customers today don’t know what they want, because the things they most want are things they don’t yet know are possible. Customers did not know they wanted an iPod, iPhone or iPad until Apple gave it to them.

Therefore, the new golden rule in busi-

ness is this: give your custom-ers the ability to do what they can’t currently do but would want to if they only knew it was possible.

To survive and thrive, look into your customers’ visible future, look at their hard trends, at what you’re certain about regarding their future. See what problems they are going to have and solve them before they happen, so that

by the time they’re just starting to experience the problem, you already have the solution.

And if you don’t? Then it’s over, because this technology-driven transformation will not wait, pause, or stand aside while you think about it. There are two critical truths

about business in this new era that you cannot afford to ignore; we might call them corollaries to the golden rule:

if it can be done, it will be done. if you don’t do it, someone else will.

no matter what your business or occupa-tion, transformation is coming. And the only way to survive it is to expect it … and transform.

—Daniel Burrus is considered one of the world’s

leading technology forecasters and business

strategists, and is the founder and CEO of Burrus

Research.

—This article has been reprinted with permission

from CIO Update. @ http://www.cioupdate.com.

To see more articles regarding IT management

best practices, please visit www.cioupdate.com.

What You Should Know About Social Mediathe intersection of social media and the law looks a lot like a street corner where the traffic signal has just stopped working. By Diana McKenzie & Marty Farrant

right now, the intersection of social media and the law looks a lot like a street corner where the traffic signal has just stopped working: Things are moving much too fast and you know there's bound to be an accident or two. one of the few things we can say with any

certainty is that the state of the law of social media will be vastly dif-ferent 12 months from now.

With millions of people continuing to share online gigabytes-worth of what was once relatively private information, no business can be completely safe from the unintended and often harmful consequences of all that information being released into the wild.

Today's Cio is frequently seen as the first and last line of defense against those consequences. you are assumed to be experts on how to deal with issues that spring from the use of social networking because, well, "it's one of those computer things."

So, we've prepared a short list of just a few of the types of legal issues that accompany the proliferation of social networking.

Implementing a social media policymany Cios long ago shut the facebook nation safely outside the gates of their corporate firewalls -- if for no other reason than to increase productivity. however, with the proliferation of mobility, such a lock-out is now unlikely to stop any of your workers from accessing the sites via their wireless devices without your knowledge.

your company should implement a social media policy that sets ground rules about what kind of information employees are not permitted to publicly post via social media. in addition, your organi-sation should obtain an employee's acknowledgment, in writing, of the policy.

That leads to the million-dollar question: What kinds of social media activity can be prohibited? This is one of the areas where the state of the law is most in flux. employers who wrongfully terminate an employee over an internet post can run afoul of state off-duty conduct laws. There are also federal statutes, such as anti-retaliation or discrimination under Title Vii, protected "concerted activity" under the national labor relations Act (which applies even in non-

10.2%expecTed

growTh in

enTerprise

applicaTion

sofTware in 2011.



N E X t H or I Zo N s so ci a l m e d i a

union workplaces), and the whistleblower provisions of the Sarbanes-oxley Act.

here are two informal ways of determining whether an employee should be fired or disciplined for social media activities:

1. if your company has a social media policy prohibiting certain postings, and the employee's postings nonetheless cast the company, its management or its customers in a negative light. 2. if the company's trade secrets and strategy are being discussed anywhere outside the secure confines of your enterprise.

Social media's impact on hiring decisionsSome of you may have used social media to find out more about a prospective job candidate. however, it's important to use social media judiciously in making hiring decisions. Be aware that when conducting your due diligence on a potential hire via internet searches and social media sites, informa-tion that wouldn't be fair game in an interview (age, medical conditions, race, religion, sexual orientation, etc.), is often plainly available about the candidate on the internet. Such information can be the basis for a discrimination claim if that candidate isn't offered a job.

An unscrupulous job seeker may even intentionally put this information on the internet knowing that a company which refuses to hire him or her will have difficulty "proving the negative" -- that it never saw the information and therefore didn't use it as a basis for its hiring decision.

e-Discovery presents a minefield of social media issues for the enterprise.

first, if your company maintains its own facebook, Twitter, or other social media account as a marketing tool, it should be considered just as susceptible to discovery requests and litigation holds as your email server. State-ments your company makes to the public, as well as the pub-lic's feedback to you, are ripe for mining by plaintiffs' attorneys.

for example, if the Twitter page for your company's latest product is covered with user comments discussing how that product has a ten-dency to send folks to the er, it's likely those posts will fit the broad scope of a discovery request. even if you don't own or manage the servers on which these "marketing" accounts are hosted, your com-pany should retain records of everything posted in such accounts.

Because litigants can directly subpoena social media companies to obtain these records, there's no tactical advantage in not retaining these records -- especially because doing so can allow your organisa-tion to moderate and monitor public feedback, and take proactive steps to correct potential liability issues early.

Conversely, the information posted on social media sites can also be a treasure trove for defense counsel because unsophisticated plaintiffs often write statements that are in direct opposition to the alleged facts of their claims. however, businesses should tread care-fully in attempting to gather this information, as obtaining access to an employee's or litigant's social media posts using tactics such as spyware or creating a false identity can lead to liability for invasion

of privacy or violations of the Stored Communications Act, Wiretap Act, or other state electronic monitoring statutes.

unfortunately, when someone in your organisation concocts one of these cloak-and-dagger schemes to conduct surveillance on an employee, they'll likely turn to your iT department's for help. The better practice is to let your company's attorneys subpoena the social media site and insist that opposing counsel place a litigation hold on the plaintiff's accounts to prevent any further editing of past posts.

These are but a few of the potential issues that social media pres-ents to today's Cio. As always, consult with your company's attor-neys, or a lawyer knowledgeable in information technology law, well before taking action in any of these areas. —Diana J.P. McKenzie is a partner and chair of the Information Technology

and Outsourcing Practice Group at Hunter Maclean. She can be reached

at [email protected]. Marty G. Farrant is an associate in

the Information Technology and Outsourcing Practice Group at Hunter

Maclean. He can be reached at [email protected].

—This opinion was first published in CIO Insight. For more such stories please visit www.cioinsight.com.

It's important to use social media judiciously in making hiring decisions.

Illu

st

ra

tIo

n b

y s

hIg

Il n

Þ Inbound Response ManagementPriya Sharma, 1800 209 3062

022 - 67083830, [email protected]

Virtualization is critical for companies to be able to adapt and grow quickly – but it also opens up new areas for security issues. Our security solutions are the first to work seamlessly – from the cloud to the data center all the way to the mobile device – to give visibility, enforcement and scale in every area. It’s the only way for your business to move forward without losing ground anywhere. IT’S TIME TO BUILD A NEW NETWORK.

juniper.net/security

©2011 JUNIPER NETWORKS, INC.

It’s tIme for a

JN_IN_9dot9_FP_V1.0.indd 5 6/27/2011 4:27:24 PM



N E X t H or I Zo N s mo b i l e s e cu r i T y

Wireless Security, an Urgent Area of FocusWireless security is fast emerging an area of focus for CIOs, says alpna doshi, CIO of reliance Communications. By HaricHanDan araKali.

What in your view are the top wireless mobile security challenges for the service providers?

As we are ushering users deep into 3g and 4g, a few things are happening. There is rapid developments of new, heterogeneous and more capable technologies that are coming to the market. The volume of all kinds of on-line traffic is shooting up due to the available bandwidth of the medium – voice, data, plethora of applications – from entertainment, social network to commer-cial and critical enterprise apps. The com-puting power & ‘smartness’ of the devices and their applications at the end devices are following moore’s law. in this background, the security challenges are threefold. Privacy or confidentiality of data and informa-tion: because of the heterogeneous ecosys-tems of mobile operators, iSPs, application vendors and smarter mobile devices, it will be a challenge to ensure privacy of the infor-mation flowing around us. End-to-end security against increasing capabili-ties of the cyber criminals to launch devastating attacks of various forms and depths: The vari-ety and abilities to cause damage are enor-mous – DoS, DDoS, malwares, Trojans etc., With increased level of on-line con-nectivity to corporate and social networks, online mobile commerce with the multi-tasking mobile devices, the personal and official domains are merging and hence this makes the new generation of mobile world

“As we embrace cloud computing and the era of virtualisation, mobile security is definitely one of our topmost priorities.”

a juicy target for cyber criminals. The regulatory compliance to curb cyber terror-ism and criminal activities: it is a challenge for the service providers to ensure consistent level of compliance since the ecosystem as earlier said comprises heterogeneous and multiple stakeholders.

How are you tackling these challenges in your organisation?We believe that in today’s continuously changing threat landscape, we need to have a ‘layered approach’ in security or what we call ‘defense in depth’. So, we have balanced focus across technology, processes and most

ph

ot

o b

y J

Ite

n g

an

dh

I



mo b i l e s e cu r i T y N E X t H or I Zo N s

importantly, we continuously spread aware-ness among our customers and users. We are putting in place best practices and the capability to pro-actively diagnose and stop these intrusions or attacks or criminal activi-ties, or, in case of ‘zero day attacks’, restrict or mitigate the damage to the minimal.

There is increasing talk of 'open' devices, 'open' applications and 'open' networks? What is your view on this? How are these devices, applications, networks evolving and affecting your business?The demand for open devices and open application is bound to grow in the near future. network neutrality, scalability, band-width utilisation, uniform customer experi-ence will be important factors for consid-eration. ubiquity of devices and remote accesses to network will pose challenges in authentication mechanisms. A plethora of these open devices come from various manufacturers and every platform has its strengths and weaknesses. There are third party mobile device management platforms to manage different devices. So, it will always be a challenge to ensure consistent security environment across these devices, which in turn becomes a challenge for the service providers. With the proliferation of mobile networks to the remotest corners it is not practical to restrict customers’ choice to a specific or closed set of devices.On your list of priorities, where would you rank mobile security?Since we are an iSP and mobile opera-tor both, it is extremely important for us to ensure that our customers are safe and secure when they use our services, from entertainment, virtual reality, or mobile banking to enterprise apps or video confer-encing. We always endeavour to provide a consistent quality of service (QoS) and secu-rity of data or information or experience. As we embrace cloud computing and the era of virtualisation, mobile security is definitely one of our topmost priorities.

Would you expect that individual users will increasingly be forced to take measures with their smartphones similar to computers, such as using antivirus software, for instance?Considering the sheer size of the market and diversity of devices and environment,

it is difficult to force users to take measures on a regular basis.

hence, the onus would be on the manu-facturers, service providers, iSPs and the application providers to come together and ensure that they do their bit to secure the total experience. Whether it is mobile policy, automated patching of vulnerability, encryp-tion, remote wiping facility or authentica-tion mechanism etc.

Also, as we said earlier, all the measures will fail if the end user is oblivious to the threats that his habits of handling these intelligent devices may cause. hence, it is paramount that the user awareness pro-grammes are conducted regularly at various levels, right from the governmental agen-cies to each of the ecosystem partners to make the users aware of the threats, symp-toms and measures that they should take to avoid such pitfalls and becoming easy victims of frauds.

Today the popularity, usage and avail-ability of devices or applications may not be very high and hence we may not notice or report significant cyber crime activities on these devices. But the growth curve is going up very furiously and it is bound to hit us if we do not start awareness pro-grammes from now.

How can service providers help ensure that their customers get the most out of

their devices, applications and services without falling prey to malicious attacks?There are several facets in the entire chain namely, Device Security, Content Security, Device management, identity & Access, Policies, Processes and user awareness. As explained earlier, everyone in the eco-system needs to come together and ensure that they follow secure practices and stan-dards so that the products and services are secure. mechanisms need to be in place at various layers of the oSi framework to make the data and information secure whether they are at rest or in motion. Standards like iSo 27001, fiPS-140-2 Certifications to be enforced to ensure consistency and assurance across. user awareness should be spread out through direct or indirect campaigns, through websites, seminars, banks, enterprises so that the common users know about the various ploys adopted by cyber criminals for malicious activities and frauds, what do they do when device gets lost, where do they go, how to check whether their devices are secure or not. even the police force need to be educated, adequately equipped cyber-crime cells should be made available in every police station so that issue can be addressed and resolved. Then only, the users will feel confident about mobile secu-rity and usage will increase and envelope every aspects of our daily lives.

MAlWARE. though mobile malware for ios is still rare, malware for android has been

making the rounds. Zeus variants targeting blackberry, symbian, and Windows mobile have

also been

spotted in the wild. given that android is now the top-selling smartphone platform,

antimalware for mobile devices will be an essential security function.

SpYWARE ANd pRIvAcY bREAcHES. today, how a third-party app accesses and

handles private mobile data, such as unique phone Id, geolocation info, and phone

number, is not always transparent to the user. a recent study by researchers from duke

university and pennsylvania

state university found that two-thirds of the 30 common android apps they studied expose

private mobile data, and half of them sent location data to third-party advertisement servers

without requiring implicit or explicit user consent.

dATA lEAKS. mobile devices, when used to store corporate data, are another avenue

where data leaks can occur. For instance, data leakage through device theft is a distinct

possibility. employee misuse may also lead to data exposure. prevention options include

device- or file-level encryption, virtual desktops, and the use of data leak prevention (dlp)

clients on the device.

— Source: Forrester Research Inc.

Going Mobile: Threats to consider

or customizing their phones, and the user was mainly limited to the

applications that were originally installed on their phone. While this

is good from a security perspective, users are accustomed to the

openness of the computer world and aren't satisfied with the limited

nature of closed devices. Many mobile users get frustrated when

going from an open computer device to having to use a closed

mobile device. Therefore, the trend in the mobile industry is towards

opening up the phone. Many of the smart phones are run on open

software such as Android, Symbian, or Windows Mobile.

These operating systems provide much more user flexibility in terms

of loading applications and customizing the phone.

In addition to opening up mobile devices, mobile carriers are also

opening up their networks. Today's smart phones are able to access

the open mobile network. Aside from being able to support some

plug-ins, smart phones are able to access far greater amount of

content and number of applications. This allows mobile users to

access websites that they were not able to access in the

walled garden model.

Along with the added flexibility of open devices and networks comes

more potential harm. Installing a virus and other malware is much

easier in these open machines and networks, as a mobile user can

unknowingly download and install a virus assuming that it is a

legitimate application. This can lead to stolen personal information

MORE OPEN NETWORKS

Thought Paper|Mobile Security

A combination of the proliferation of increasingly powerful and versatile smartphones, and more open networks and applications will soon

make the wireless environment an attractive proposition for malicious hackers. For service providers, the time to act is now.

Mobile security is moving up the list of priorities for wireless

service providers as they face increasing competitive

pressure to open up their networks. Customers, using open

devices that run thousands of data applications are clamouring for

more, and are increasingly comfortable

with mobile commerce..

With the availability of 3G and WiFi, today’s smartphones – some

with processors more powerful than those in netbooks – are a

powerful window to the Internet, and therefore, offer fraudsters the

same potential to exploit DDoS programs and botnets.

Before 3G networks, there wasn't too much trouble a mobile user

could get into. The primary activity was simply placing and receiving

voice calls. Mobile data was somewhat limited to

the mobile operator's walled garden and also the relatively slow

data speeds. While the subscriber could browse news stories and

even download some content such as ringtones, all of the content

was primarily kept under the mobile operator's control, thus

limiting the exposure to security threats. However, as the mobile

network and devices both become more open, the risk of security

attacks will increase

As previously stated, traditional mobile devices were closed devices.

Users were not able to do much in terms of loading new applications

EVOLVING DEVICES, OPEN NETWORKS

including credit card numbers and more. As more and more mobile

users migrate to smartphones and open themselves up to security

threats in the process, mobile carriers need to find ways to protect

them from harmful attacks.

There have already been many known cases of viruses found in

smartphones. There have been viruses that attack the Safari Web

browser of the iPhone that have caused problems for users. Viruses

exploiting vulnerabilities in applications such as the Safari Web

browser can cause a denial of service (DoS) attack. Mobile users

simply browse to a website that contains the malicious virus script

and the virus is triggered, eating up memory in your iPhone and

causing it to crash. This is just one example of how open devices

running on open networks can easily (and unknowingly) download

a virus to render a mobile device useless. While these cases are not

significant today, they do show that hackers are starting to take

notice of the mobile industry and their attacks will only get more

complex and damaging over time.

The new open devices are driving new applications that mobile users

can download and subsequently run on a mobile device. This is

familiar to the computer world but it is a relatively new

phenomenon in the mobile world. As the number of smart devices

increases, so too does the number of available applications. One

example is the Apple iPhone. The iPhone has dramatically changed

the mobile market by making available an unprecedented number

of applications that are available to download and install on the

iPhone. In just 9 months, iPhone users have downloaded over one

billion applications. This is only the beginning of the application

market and depicts the exploding demand for mobile users to be

able to customize and run applications in a mobile environment.

The wave of new applications can cause alarm in a couple different

areas. For one thing, while most mobile applications are still offered

in a controlled environment, it's only a matter of time before hackers

figure out a way to penetrate this market. With billions and billions

of downloads occurring and thousands of applications, it's a big

market that will eventually attract hackers. Secondly, many

THE NEW WAVE OF APPLICATIONS

application developers charge a fee for their applications. This is

driving a very large number of financial transactions over the

network. According to Gartner, Inc., the mobile payment industry will

experience steady growth, as the number of mobile payment users

worldwide will total 73.4 million in 2009, up 70.4% from 2008 when

there were 43.1 million users. In addition, Gartner predicts that the

number of mobile payment users will reach more than 190 million

in 2012, representing more than 3% of total mobile users worldwide

and attaining a level at which it will be considered mainstream.

Mobile commerce and mobile payments provide a significant

opportunity for security hackers. As the number of mobile users

conduct mobile commerce and become comfortable doing so, the

number of potential targets will outweigh the wireline side. This will

likely entice security hackers to focus attention on the mobile

industry and target smart devices for financial gain. Knowing that

hackers tend to go where the money is, this is certainly an area

about which mobile carriers need to be concerned from a security

perspective. If mobile users do not feel it is safe to purchase new

applications, this lack of trust will have a dramatic effect on the

growth of the mobile carrier's business.

As the mobile network evolves from 3G to high broadband speeds

such as Long Term Evolution (LTE), mobile devices and the trend for

applications will continue to increase. Broadband speeds will fuel

this phenomenon and make security an even bigger challenge.

One very interesting statistic that is bound to get the hacker's

attention is the sheer size of the mobile market. The number of

mobile devices hit 4 billion in 2008. By 2015, mobile numbers will

outnumber fixed lines by a 9:1 ratio. A large percentage of these

mobile devices are not smart phones and perform basic functionality

within walled gardens. However, this will change as smart phones

become more affordable and mobile network speeds increase to

support even more applications such as streaming video. As this

transformation occurs, mobile security will be increasingly

critical, and it is something that mobile carriers need to

start preparing for now.

ACT NOW

- Dhananjay Ganjoo Country Lead, Service Provider

Juniper Networks

N O H O LDS BARR E D PE RSO N ' S N A M E

54 21 JUNE 2011 ctO fORum The Chief


Tapping LEs: By incorporating a 'stock and sell' model, Lenovo is looking at increasing its share in the large enterprise segment.

55 21 JUNE 2011 ctO fORumThe Chief


R A h u l AgA RwA l N O H O LDS BARR E D

How has Lenovo’s growth and positioning in the enterprise

segment been in the last one year? lenovo ranked no 1 in the enter-prise segment with an outstanding 21.8 percent (iDC india PC market Tracker report for Q4 Cy2010) mar-ket share in Q4 Cy2010. To establish this leadership, we have effectively implemented our ‘Protect and Attack Strategy’. We aggressively focused on acquiring new customers in educa-tion, le (large enterrpise) and govt and retaining the existing Vle (Very large enterprise) customer base. We also aim at strengthening our enterprise space with the compel-ling range of ‘Think’ products which addresses enterprises in all seg-ments. our market share rose by 7.8 percent as compared to Q1 Cy10. growth has been tremendous in the last four quarters and lenovo has emerged as a leader in Vles with a 33.7 percent market share.

Since inception, ‘Think’ has been a top quality brand for the segment that values durability and TCo. To address the price sensitive market, we also have the ThinkPad l420. And with the ThinkPad X and T series catering to high-end enter-prises, we have a notebook for every need and budget.

What are the top three trends in Enterprise PC buying from

a global and Indian perspective – and how is Lenovo capitalising on these trends? in the october 2010 report, gartner states that by 2012, all large enter-prises will have a dynamic cloud sourcing team. This team would be responsible for cloud sourcing deci-sions and management. in line with gartner’s prediction, we feel cloud computing is fast gaining impor-tance. in fact, lenovo is the first in the industry to provide a secure cloud

ready access to our clients, delivering an enhanced experience to its users.

Approximately 428.7 million units of mobile communication devices have been sold in Q1 this year, according to the may 2011 report by gartner. There’s a 19 percent increase year-on-year. We believe mobility is soon gaining traction and enterprises prefer a mobile work-force. lenovo has rolled out a series of ultraportable, high performance notebooks (ThinkPad X201 are ThinkPad X220) which are the best fit for such mobile professionals.

forrester's 2011 Tech industry Pre-dictions reveal that with the increased use of mobile devices, their security would also be a prime concern. Com-panies will then need to simplify their approach towards a secure mobile application. lenovo’s ThinkVantage Technology ensures a secure and safe user interface, enabling our devices to be high security PCs.

Lenovo is trying to make further inroads into the large enterprise segment. In conversation with Yashvendra Singh, Rahul Agarwal, Executive Director-Commercial Businesses, Lenovo India, provides insights into programmes he has specifically designed for gaining traction in this segment.

LEnovo aims aT 25-30% businEss

from LEs

DoSSier

Company:Lenovo Group.

EstablishEd:

1984

REvEnuE:

$16.6 billion in 2010

pRoduCts:

Computer Systems,

Peripherals and

Software.

EmployEEs:

22205

56 21 JUNE 2011 ctO fORum The Chief


N O H O LDS BARR E D R A h u l AgA RwA l

How is Lenovo widening the market for the Think brand and

its adopters? lenovo’s aim has always been to design and deliver notebooks which are reliable, robust and easy-to-use. The ‘Think’ brand strengthens this belief and aims at deliver-ing an end-to-end range of ThinkPads to its users. ThinkPad l420, one of the latest from lenovo’s stable, is a power-packed entry- level ThinkPad for enterprise customers. The ThinkPad X series comprises ultraport-able ThinkPads to address the high-end enterprise use. lenovo has made tremen-dous strides with its X series notebooks, the latest of which include ThinkPad X220 and ThinkPad X1. ThinkPad X220 combines durability, performance and portability in its 12 inch frame. it provides powerful per-formance with its second generation intel processors and a slim battery case with upto 23 hours of battery life. ThinkPad X1, on the other hand, is the slimmest ThinkPad ever. With a measurably higher performance, ThinkPad X1 synergises innovation with the latest technology.

‘Think’ has also ventured into the SmB segment with its latest ThinkPad edge series, the edge 420S which personifies both style and performance. The edge e420s is a premium notebook with smart performance and splendid features. it is powered by intel’s 2nd generation proces-sors for greater efficiency and lenovo enhanced experience 2.0 for faster boot up.

What are the special programmes for your top 300 customers across

Very Large Enterprises, Global market, mid-market, and Education segments? We offer special programmes for our Top 50 and Top 300 customers in the Vle segment. While the Top 50 is managed by a dedicated Program manager from lenovo, programmes for Top 300 custom-ers are reviewed weekly. Special benefits include efficiently managing Dead on Arrival (DoA), customer satisfaction issues, monitoring service turnaround time and providing stand-by/Demo units. A special marketing program liaising with the Ser-vices and global Supply Chain (gSC) is developed to ensure effective execution of such programs. for the Top 300 customers,

we aim at increasing the customer’s wallet share, aiding them in increasing mind-share and providing them a share in our inside sales. global Accounts contribute a good proportion of our revenue. it is driven by dedicated representatives for face-to-face interaction and engagement. We ensure that the delivery is on time and we effec-tively manage their turnaround time. most of the global accounts fall under the Top 50 customers for Vles so they get similar benefits too. for the les, we have redesigned our iSr structure and drive it through face-to-face representatives. We have a ‘Think large’ model for facilitating better services to the large enterprises. it basically ensures that the service and turnaround time is reduced by stocking products across 10-15 locations in india. education is one of our prime focus areas, especially in Q1 and Q2, when admissions are on rise. We have a “Cam-pus Calling” program and we divide the customers into Top 35 and rest of the uni-verse (rou) for better manageability. The eDms, presentation and other engagement tools are direct for Top 35. for the rou, we map business partners and get their feedback to monitor services. giveaways are one of the common means to make our

education segment clients feel good about choosing ‘ThinkPads’.

Tell me more about how Lenovo is leveraging the fast-growing Large

Enterprise segment through the ‘stock and sell’ model for better serviceability and turnaround time? large enterprises constitutes of 500-1000 employees. We have approximately 10 per-cent share in les and we surely want to increase it. We have incorporated a ‘Think large’ Stock and Sell model, whereby we have appointed two distributors: reding-ton and iris who are the drivers behind this model. These distributors help us stock our products in 12-15 locations across india. This helps us to reduce the waiting time for the les who expect quick delivery. We follow a good Better Best (gBB) policy, whereby the products are stocked as per their configuration and replenished on need basis.

We aim at driving 25-30 percent of our businesses from les through the Stock and Sell model and hence we are capi-talising strongly on it. We have recently increased the distributors for convenience of our partners in terms of credit and stock availability.

“for large enterprises we have ensured

the service and turnaround

time is reduced by stocking

products across 10-15

locations in india.”



With so much being spent on security - Firewalls, Intrusion Detection Systems, Intrusion 'Prevention' Systems, Intru-sion 'Tolerance' Systems, Data Loss Prevention, and the list goes on, why are these companies failing? By J. OquendO

POINTS5

At the cost

of millions of

dollars spent

post-compromise,

companies rush off

to apply band-aids

where sutures are

needed.

most security professionAls do

not care about the

real world of risk.

most of the existing attacks are

not "coming through

the front door."

the cost of implementing

extrusion detection

and extrusion

monitoring come far

less than the cost of

a compromise.

security will get back to business as

usually as opposed

to actually defending

anything.

t E cH f or G oVE r NAN cE s e cu r i t yIl

lus

tr

at

Ion

BY

BIn

es

h s

re

ed

ha

ra

n

Security-Stupid iS AS Stupid doeS



These views come at a highly expensive cost, and it should come as no surprise that many companies will continuously and gratuitously benefit from those views. The reason i believe this is, is because companies just don't get it. At the cost of millions of dollars spent post-compromise, companies rush off to apply band-aids where sutures are needed.

Anyone with a connection to the inter-net who has viewed any form of news site in recent weeks have come to know their names: rSA, Sony, nintendo, l3, northrop and the list goes on and on. Where do these companies go wrong? With so much already being spent on security - firewalls, intrusion Detection Systems, intrusion 'Prevention' Systems, *Certified Security Professionals*, standards, guidelines, and the list goes on - where and why are these companies failing?

The answer if you ask me, most compa-nies and or security professionals quite sim-ply do not care about the real world of risk. it is much simpler and economically viable in their minds to pass the buck by simply making sure they "followed the rules."

This means, they tend to establish a "base-line" for a security model usually based on guidelines such as niST and others. We must bear in mind however, "By definition, follow-ing a guideline is never mandatory...".

in a "tangible" world where a product is purchased, a buyer physically touches a product, whenever that product has an issue, companies responsible usually issue recalls. This was the case with Toyota whose cars were recalled because they were faulty. on the internet however, there is little recourse for companies who are compromised.

usually a small portion of those disaffected will mumble and groan and continue to use that product. This is definitely the case of companies like Citibank who was compro-mised recently and Bank of America who continuously gets compromised quite often.

unfortunately there is no immediate cure for security woes; however, there are real world mechanisms to minimise even reduce the risk to numbers not even mentioned in most guidelines and or certification books. The problem with these cures are, too many security managers truly don't care to imple-ment them. it seems to be "wasted dollars" for security managers since they cannot measure rois on voodoo metrics.

you know those voodoo metrics well, they are usually cleverly scrawled across every security management level certification you could find: Ale = Sle x Aro or roSi = r - Ale, where Ale = (r-e) + T. Too many security charlatans have flooded the security arena with this nonsense for too long.

Can we state that Citi, BofA, l3 and others never used these metrics? if they state that they did not, they would be hurting their repu-tation. We can infer that the outcome of these metrics are useless.

So how do does the security industry change this backwards approach to secu-rity while keeping costs low, and security measures high? Simple: Take a different approach to security as a whole.

in a recent case, a judge ruled that a bank was not responsible for fraudulent transfers made from an account. in this case, both the bank and the customer lose; the bank loses a customer, the customer loses their money.Case closed. however, imagine if the bank had a validate policy in place where any transaction over n amount of dollars needed to be validated over the phone? extrusion prevention. Custom-ers would have likely been noti-fied, and no transaction would have been allowed; bank wins, customer wins. The cost for something like this is far less than the cost associated with

higher insurance premiums for the bank, loss of customer confidence and so on.

What they fail to see is that most of the exist-ing attacks are not "coming through the front door." many are client side attacks where an attacker is leveraging a machine already inside of a network in order to burrow out a trusted network where the attacker can then control that machine. how do you defend against this? it is just as simple as defending from the other side of the "wall." you build mecha-nisms to inspect what is leaving your network. Disgustingly simple isn't it?

Ask any security manager or C-level why they won't apply this and you are likely to be bombarded with a hodge-podge of voodoo metrics: Sle = ef x AV x CTm or roi = Ale - (( Ale - (Ale - Ale2)) + T ) in other words, covering one's ass is far more impor-tant than actually getting the job done right. Those responsible for this mess are usually those who have never been "in the trenches" so they don't understand "paper security" versus "real world" security.

The cost of implementing extrusion detec-tion and extrusion monitoring come far less than the cost of a compromise. That statement is mere common sense and i should not have to create any crafty metric or algorithm to prove this fact. Do you think i could have accomplished extrusion pre-vention, Siem and so on at Sony for say $17 million for Sony? yes, in fact, pricewise i could have likely come in under the $5 mil-lion mark, 300 percent lower than the cost of a compromise with greater roi or roSi at the end of the day.

So when will security managers get a clue and do the right thing? my guess is they will not. it is likelier that they will continue to fol-low the herd and paint fuzzy pie charts filled with wondrous metrics that yield little at the end of the day. Companies will still get com-

promised, few will grumble and moan and security will get back to business as usually as opposed to actually defending anything. —J Oquendo is Senior Security Archi-

tect/Engineer at E-Fensive Security

Strategies

—This article is printed with prior per-

mission from www.infosecisland.com.

For more features and opinions on

information security and risk manage-

ment, please refer to Infosec Island.

Companies in the news for security breaches are now benefiting from their newly found hindsight via way of a lack of security point of view.

s e cu r i t y t E cH f or G oVE r NAN cE

9%expected

growth in

enterprise

infrastructure

software in 2011.



t E cH f or G oVE r NAN cE clo u d

mr. Karnes and eichenberger kicked off the discussion with a high-level overview of what the “Cloud” actually encompass-es. Cloud services are on-demand and are self-service oriented.

They have broad network access (accessible from nearly everywhere). resources can be pooled, including staff with cer-tain expertise as well as comput-ing and storage capabilities.

The Cloud has “rapid elasticity” meaning the services can be quick-ly scaled to meet a sudden demand then dialed back down after the

peak demand has passed. finally, it is a measured service (you pay for only what you use).

The panelists were queried as to why their respective compa-nies first pursued their cloud strategy. ms. Burroughs stated that mondial did not pursue cloud for return on investment (roi) purposes, but to meet growing demand for their services in an environment where the iT staff was overworked or lacked requisite expertise on certain technologies.

The Cloud route provided mondial with the ability to scale to meet high demand and then reduce their footprint after a peak period had passed. Also a cloud strategy allowed mondial access to iT skills they did not possess in-house.

finally the cloud route gave mondial the ability to test the feasibil-ity of new service offerings such as Computer Telephone integration (CTi) without a large upfront capital investment.

mr. mcBride stated that roi was a driving factor in Tredegar’s deci-sion to pursue a cloud strategy. A part of that roi analysis was the issue of hiring additional iT staff with the requisite experience. That additional cost to was deemed prohibitive to Tredegar leadership, which lead to the embracing of the moving systems to the cloud.

mark eichenberger then stated that in consulting with clients for

Plying the stormy cloud sea toward real-ity has been a chal-lenge for business

and iT folks alike. Buffeted by gales of white

papers, webinars and sales-speak we cling grimly to the wheel of our organisation as we attempt to find a gleaming beacon of true direction in the tempest-tossed marketplace.

it doesn’t help that the captain had to be tied to the mast after listening to too many slick mar-keting campaigns.

in an attempt to cut through the hype and educate myself outside the vendor sales pitches, i attended the latest AiTP meeting on Cloud Computing. local richmond, Vir-ginia companies, with an international presence, were gathered to discuss their usage of the cloud as well as their rationale for choos-ing that solution.

Also, two vendors were on hand to give their perspective on cur-rent and future use of cloud computing.

The panel consisted of Chris Burroughs,VP iT infrastructure Services at mondial Assistance. ms. Burroughs has worked with the cloud model since the Application Service Provider (ASP) days. Another panelist was mark A. eichenberger, office 356 Specialist from microsoft Corporation.

mr. eichenberger provides a variety of cloud solutions (Private, hybrid, Public) to his customers. The next panelist was Chet loveland, Chief information Security officer for meadWestvaco. mr. loveland’s organisation currently has near 18,000 users using Corporate gmail.

Chuck mcBride, Sr. global infrastructure manager of Tredegar film Products was on hand to discuss his firm’s early cloud adop-tion strategy. The final panelist was Jason Karnes, Cloud Architect at Vmware. mr. Karnes works within the vCloud Datacenter.

Evaluating the Cloud-Based Services OptionA strategy to consider is to always keep a local copy of your data. By Mike Meikle

ph

ot

o B

Y p

ho

to

s.c

om



clo u d t E cH f or G oVE r NAN cE

CIO’s Survival Guide, Part 1: The MergerThere are four key M&A strategies every CIO should know that will help him come out on top. By Matt POdOwitz

microsoft’s cloud solution, roi plays an important role. however the flexibility and speed of cloud solu-tions allows an organization to accomplish merger and Acquisition (m&A) activity far quicker (from months to weeks).

Also, organisations do not have to go through a full capital procurement process for a cloud service, which means quicker time to market for new cus-tomer solutions.

VmWare’s Jason Karnes validated mr. mcBrides point that hardware, software and staff are key areas of cost savings. however for a True Cost of ownership (TCo) organisations should factor in risk mitigation and cost avoidance savings.

for example, a cloud computing solution solves capacity plan-ning concerns since the service can be scaled up and down to meet demand. Also, data stored in the Cloud is a way to meet disaster recovery, business continuity and redundancy goals.

i’ll break in here and mention that the recent google Blogger fias-co adds a caveat to mr. Karnes assertion about Disaster recovery and Business Continuity. When Blogger died in the Cloud, there was no way for users to access their data for four days.

A strategy to consider is to always keep a local copy of your data. if google Apps one day decides to die because of “data corruption” you do not want to be stuck without access to important documents. i would say the potential for an incident like this is moderately high since google has already had a similar situation with gmail.

The next question was concerned with the difference between

Public, Private and hybrid Clouds. To provide some perspective, a Public Cloud is where organisations/users share computing power and space with others (multi-tenant).

however the applications or data are only accessible to authorised users/organisations even though the applications and the data resides on the same stor-age. A Private Cloud is designed and operated just for a specific organisation or user. There is no sharing of resources amongst multiple organisations.

finally, a hybrid Cloud is a mix of Public and Private cloud infrastructure. These clouds are separate but use the same standards and technology, allowing the data to

be portable. The primary reason behind the hybrid cloud model is to reduce the risk of relying on a single cloud (single point of failure).

Chuck mcBride stated that a large number of people already have experience with Public Clouds (gmail, office 365, yahoo). Chris Burroughs stated that mondial pursues a Public and Private cloud strategy for multiple services. Currently the organization uses Cloud platforms for data backup, customer service applications and some managed security services.

i’ll stop here and in Part Two of the series i will cover information security, best practices, risk and vendor management for Cloud Computing. Please leave your thoughts below in the comments and stay tuned! —This article is published with prior permission from www.infosec Island.com.

For more features and opinions on information security and risk management,

please refer to Infosec Island.

20%of enterprises to

adopt systematic

workload

reprovisioning

by 2016.

The m&A volume is expected to rise by 30 percent or more in 2011, and may increase even more in 2012 as the financial and

lending environment returns to something resembling its pre-downturn state.

This “merger mania” is fueled in part by a heady combination of available capital and a

target rich environment comprised of com-panies that remain vulnerable even as the economy recovers. The opportunity to snap up a struggling competitor, jump start a geo-graphic expansion by acquiring a local player, or move upstream or downstream in the value chain may hard to resist for even the most conservatively managed of companies.

At the same time, the recognition that iT is pivotal to many of the financial syner-gies and other benefits used to justify these transactions is on the rise -- based on a com-bination of recently published research and horror stories of mergers that went awry when iT wasn’t able to make expected con-tributions to the effort to realise those ben-



t E cH f or G oVE r NAN cE m a n ag e m e n t

efits. With this increased recognition comes increased pressure on Cios to contribute before and after the transaction closes to make the merger successful.

mergers represent a tremendous oppor-tunity for Cios to shine, regardless of whether or not they expect to remain in place after a merger is completed. how-ever, because the stakes are so high, Cios can easily find themselves in a no-win situ-ation that can haunt them for the remain-der of their careers.

four key strategies, implemented well, can improve a Cio’s odds of coming out on top:

Recognise that there is no “merger of equals" - many merger are portrayed this way to assuage egos and keep key talent from fleeing before the transaction is com-pleted. in reality, it is a myth.

every merger will have a dominant player, the majority of whose culture, personnel, process and infrastructure are likely to sur-vive the transaction. Cios employed by the dominant player will be held accountable for a portion of the success of the transac-tion, and stand to gain tremendously (finan-cially and otherwise) for helping make the merger successful.

Cios employed by the company being merged probably are on their way out, but can significantly enhance their exit pack-age and future employability by remaining in place for as much of the integration as possible. Cios that don’t understand which position they are in, or buy into the “merger of equals” myth, are at much greater risk of losing out. Some Cios may simply be able to ask, but it often takes some detective work to determine which company is the dominant one as it isn’t always the largest.

find out as much as possible about the other party in the merger and what the com-panies are claiming as the reasons for the merger. Also look at how both companies have handled mergers in the past. it should become evident pretty quickly which com-pany is being merged into the other.

Get involved early, whether officially or not - The earlier Cios get involved in a merger, the more likely they are to be able to maximise their contribution and so increase the potential of benefitting per-sonally and professionally.

The best time for a Cio to get involved is during due diligence, which takes place after the companies agree they both are interested in a merger but before the deal actually is signed. Cios who don’t get involved until after the deal has been signed, or worse, until after the deal closes will have little abil-ity to influence the terms of the deal and to set expectations for what they and their iT departments can contribute.

Cios who determine that a merger transac-tion is in the works without their knowledge or involvement may want to make a case to having a seat at the table, whether by present-ing case studies or research to support their involvement, or simply leveraging their rela-tionship with executives and other business leaders within the company. Where that isn’t possible, Cios should do as much detective work as possible to gain an unofficial under-standing of the players in the transaction (the other company and any private equity firms or other capital sources involved), the ratio-nale for the merger (why the companies are interested in the transaction) and the specific synergies or benefits expected to result (for example, cost savings or increased sales).

The Cio’s goal (whichever company they work for) should be to have a hand in the due diligence and post-merger integration planning that (optimally) begins even before the deal is signed whether officially and openly or unofficially as a shadow advisor to some of those who are involved.

Relate everything IT to the rationale and expected benefits of the merger - Psycho-logically and practically, a merger becomes the primary focus of executives from the moment due diligence begins until the transaction is scrapped (which sometimes happens) or the integration is completed. Whichever position a Cio is in, that Cio’s ability to protect their own interests, budgets and teams and ultimately come out of the merger on top is contingent on their ability to demonstrate how they and their departments will contribute to the success of the merger.

for each element of the rationale and each benefit that is being used to justify the merger, the Cio should determine which elements of the iT function (people, process and technology) can influence the realisa-tion of that outcome and how. A simple

CIOs that don’t

understand which

position they are in, or buy into

the “merger of equals” myth, are at much

greater risk of losing

out.

Illu

st

ra

tIo

n B

Y p

ho

to

s.c

om



m a n ag e m e n t t E cH f or G oVE r NAN cE

two-column matrix (with rationale or benefit on the left and the applicable iT elements on the right) can become a roadmap for discussions with the business to obtain or protect budgets, with employees to secure their temporary or ongoing commitment and to identify those people or bits of technology that can be let go in the name of short-term cost savings.

The more iT (whether people, processor technology) can demonstrate that contri-bution in terms of the rationale or ben-efits used to justify the merger, the more likely the more the Cio will be able to influence the merger and its iT outcomes.

Be ready to let go of the past and focus on the future - mergers are to business as tumultuous and life-changing event as a marriage is to individuals. once two compa-nies have walked down the proverbial aisle, both will be irrevocably changed and equally incapable of maintaining the status quo that existed before the merger.

Cios who work for the acquiring com-

pany and believe they are like-ly to remain in role should be prepared to abandon projects, eliminate technologies and give up people that may not make sense after the merger, and fight for the resources they will need to make the merger successful both short- and long-term.

Conversely, Cios whose companies are being merged or who otherwise don’t expect to remain in role should concentrate on maximising their importance to the success of the merger and thus their ability to negotiate favorable terms (for example, stay-bonuses) on behalf of themselves and their people.

Cios who focus instead on “keeping things the same” are less able to contribute value to the merger and so may find them-selves at increased risk of losing their bud-gets and people and potentially their own positions faster or less profitably than might otherwise be the case.

Head in the sandThe one strategy universally to be avoided is “blissful ignorance,” whether of how mergers really work, or of the potential for their company to be involved in a merger. The more Cios can learn about the merger process before they are involved in one the better positioned they will be to imple-ment these strategies when the time comes.

Where Cios once had little opportunity to influence their own fate in mergers, in the post-downturn economy Cios can position themselves to be heroes. —Matt Podowitz is a strategic management consul-

tant. He is a Certified Management Consultant and

Certified in the Governance of Enterprise Information

Technology. Matt can be reached via his personal

business blog, ITValueChallenge.com.

— This article has been reprinted with permission

from CIO Update @ http://www.cioupdate.com.To

see more articles regarding IT management best

practices, please visit www.cioupdate.com.

20%higher return on

assets received

by strongly

governed

organisations.

VIEWPOINT



AbOuT ThE AuThOr: Ronald Kunneman

is Founder and

Owner of an

innovative Internet

company, Digitra.

It provides Internet

access, wireless

and multimedia

services.

Kunneman is

also involved in a

broad-spectrum of

business tasks and

responsibilities.

AfTEr yEArs of cutbacks; it is now time for innovation.

The Cio is the key stakeholder and must be the initiator in the new times. here are five important tips to better fulfill that role.

After two years of continuous bud-get cuts, we now find that the focus is shifting. more companies are focus-ing back on growth and innovation.

Business innovation, new product launches and new markets develop-ment – all would require iT. This gives Cios a great opportunity to play a greater role in his/her organi-sation. They can now develop new strategies and determine the direc-tion for the company to take.

not all Cios think these develop-ments as opportunities. Certainly not as the Ceo constantly moving target during the match. however, the question is what to do in order to excel as a Cio? With thanks to Christine hodgson we have five tips to always keep in mind.Understand your business and your customers: understand how your business (apart from the competition) is vital to you. This distinction can be anywhere in it: customer service, reli-

and operations to team members. That will allow you to free up a signif-icant portion of your time and make plans for the future. Also, use this time to ‘see the future’ and reevaluate your strategy and mission in order to transform your business.Carry-out IT issues to the organisa-tion: After two decades of iT centrali-sation, times are turning. managers are more concerned with do-it-your-self projects. Since your team have better grip on new developments, use managers to support them and explain the pros and cons. Carry out the developments but use your organisation to ‘spread the word’. Do not underestimate your know-how: We generally discount the knowledge that exists within our own iT organisation. you and your team are aware of the processes and inter-nal and external information flows within the company. All this ensures that you know better than anyone else. you can use those insights and advice your Ceo what can be done for the company to be more efficient. These tips will help you improve the performance of your business as well as the iT organisation.

ability, innovative new products. Whatever it is, the Cio must under-

stand these key values. he/she must also understand who the customers are and what channels they use. And what are the implications for iT?

if you are sure you understand the business, you can count on more commitment from the major stake-holders within the organisation. Recognise your active role in cor-porate strategy and mission: Ceos expect more than just a Cio’s role from you. They want you to think business goals and play a proactive role in shaping the future of the organisation. So work with your Ceo instead for him. Create proper con-nections between corporate strategy and mission and your own set for iT. Divide your time between innova-tions and operations: Cios often get bogged down with daily operational jobs. But those who wish to have an influence and make a difference must put time and effort in innovation. Companies have to change rapidly to be ahead of industry changes and to be active in the marketplace. And none of it can happen without iT.

you can delegate routine activities

Five Tips for New Times Leaving the economic crisis behind,

companies are focusing back on growth.

Ronald Kunneman | [email protected]

Illu

st

ra

tIo

n B

y M

an

jIt

h p

B

Run applications up to 50x faster.

© 2011 Riverbed Technology. All rights reserved.

What IT performance can be.With WAN optimization solutions from Riverbed®, you can increase application performance up to 50 times faster over the WAN, delivering LAN-like performance just about anywhere — from remote offices to the data center to the cloud. Learn more at riverbed.com/50x

M.Tech contact details:Tel: 080 40977238Email: [email protected]

Riverbed contact details:Email: [email protected]

five jewels of it deployments

Documents

brand cto forum

fact time

time flies

cso forum

new timesa

new areas

new infrastructure

exclusive effort