Monday, May 30, 2011

Don't turn my problem into your solution

It was an interesting meeting of a few CIOs with the debate revolving around IT Governance. From all types of models being discussed, the common subject of woes shifted to Business Intelligence. All the CIOs present had large investments in BI with varied degrees of success, some more than the others. Everyone acknowledged the presence of multiple tools and technologies with no single vendor’s ability to address the wide spectrum of needs. It was evident that their respective enterprises had reached a level of maturity in adoption of IT that would be the envy of many larger and smaller companies.

Later in the evening, the discussion continued over drinks and with rising spirits, the voices also became louder, the emotions hotter and the language looser. It so transpired that all of them had a few common service providers and solution vendors; stories exchanged stayed in the room but the lessons can be shared.

Most companies have common groups created with IT and Business participants to explore evaluate and decide on solutions. These heterogeneous groups are typically lead by the CIO or another senior IT leader who orchestrates the process. The process is similar across companies, with one or more of the following steps involving RFI, RFP, Demo/POC, Business case and budget approval, negotiation and commencement of project. A few vendors in their excitement sometimes try to take shortcuts which almost always results in unpleasantness for everyone.

But the more interesting phenomena occurs when solutions don’t really meet the functionality requirements by a reasonable margin, but the sales person in their desire to meet monthly, quarterly or whatever sales target pushes ahead with a desperation of a man clutching straws to save himself from drowning. Everything seems possible with a tweak, small code change, customization, bolt-on systems or to be released in the next version or patch.

The resulting tragedy of errors, omissions, round pegs in square holes and heartburn caused to the IT and business teams is imminently avoidable by following the process the way it should be, the urgency on the part of the sales person and his/her manager ensuring that targets do not override good business practices. It is not okay to withhold information or bend the process to fit the tools, neither it is acceptable for the CIO to allow leeway in the due diligence process. Even with rigor practised it is probable that some critical elements may remain uncovered. The Business IT teams will have to manage such exceptions (not a rule).

The luxury of time always eludes us in such activities; many a times deferred decisions put pressure on delivery of milestones thereby compromising quality or extended timelines and sliding targets to fix issues that could have been avoided with collaboration from both sides. Good practice is a result of everyone being on the same side of the table; a skilful CIO should and will recognize the body language when the problem is being twisted to fit the solution.

Monday, May 23, 2011

Would you pay more for quality software ?

In a class of MBA students the discussion around quality frameworks veered towards ERP class systems and the large amounts of effort it takes to keep them running. The number of patches released frequently as well as the overall administration keeps everyone busy and on their toes. Bug fixes, functionality enhancements, and then some more bug fixes are the norm. Comparatively the in-house or bespoke systems are relatively stable and the effort investment is around incremental functionality.

Is it because the development of custom solutions is carried out by IT companies with multiple quality certifications like CMMi and others; or just that the big software vendors providing so called “off-the-shelf” solutions are struggling with factories of programmers that churn code trying to keep the innovation wheel running just to stay in the game. The resultant code is often bug ridden with usability that requires a PhD and a large team to keep it from falling apart.

Despite paying anything between 15-30% of the initial acquisition cost and spending a bomb on implementation with process consultants attempting to fit business to solution to business, it is indeed a wonder that quality remains firmly in the backseat. The story is no different across the industry which has started believing that it is their birth right to charge customers exorbitantly as Annual Maintenance Charges so that they can forever keep on downloading patches; they also get to call a helpdesk which will in most cases not solve the problem which to begin with should not have been there. The twist in the story is that now AMC is also indexed to inflation which provides a creeping increase every year with no improvement in the service level.

Why is it that none of the big software vendors ever talk about quality certifications or Six Sigma levels of defects ? Do they not believe in churning out quality solutions that will be the biggest differentiator for the customer rather than esoteric functionality that is rarely used; consider the fact that almost every enterprise uses between 5-50% of the functionality, I am sure that customers would gladly shift to solutions which are stable, work as designed and provide updates to functionality collaboratively.

There have been efforts from various CIO and industry groups to rein in the runaway costs of maintaining business as usual of which a large chunk goes towards the AMC and teams managing the big solutions. User Groups have failed to make a dent in the ever increasing charges; it does not matter how big or small you are, neither does it matter if the solution does not work as promised, you got to pay else support will be withdrawn and reinstatement of support is very expensive.

I wonder how many customers will pay AMC if the solution worked perfectly out of the box and did not have any bugs or required patches. Maybe this is a ploy to create solutions that fail on quality tests so that vendors can charge you to just make the system work; after all it is a very large chunk of revenue for these companies. An interesting thought thus emerges, would the CIO pay more if s/he was assured that the software does not require any patches, bug fixes or support ? I definitely would !

Tuesday, May 17, 2011

Effectiveness of Online Communities

In the year 1996 when India just started opening up internet access to its citizens, I happened to join one of the first online CIO communities. It was a small group of about 100 of us with global representation and stayed that way for a long time. The community was promoted by an IT services company who mostly stayed off from influencing any discussion or attempt to sell. The moderators were professional and provoked thought from the community who responded with mirrored passion. With the dotcom boom the community transferred ownership to an online giant with commercial interests; en mass the CIOs moved on and created own community that continued to focus on learning.

Recent times have seen an explosion of online communities that are generic, specific, niche, community, profession or domain based, and a lot of me too with hopefully intent to provide many things to their members. A few like have become hot properties with stratospheric valuations and member base larger than many countries. Corporates joined in to understand what the communities are saying about them or their competitors, some started targeted messaging with little success. Industries have mushroomed selling strategy, analytics and a lot more from the mass of posts and unstructured data.

Shakeout has begun in this space leaving the individual confused on the choices made; corporate entities are beginning to wonder how to generate revenue from all the investments made in the height of euphoria. Every intervention requires effort and resource commitment to bind the members. Whether you are an individual or an enterprise, how does one decide which community to join ?

For individuals the choice is largely made by following Connectors (Tipping Point, Malcolm Gladwell) within their groups or when friends invite them to join new communities with an expectation to stay in touch, share knowledge or emotions, happenings within their friends and family circle, and a lot more. As the numbers start stacking up over a period of time the activity level falls off from most. The winning communities are ones offering a bit of something to everyone, freshness, content, features, etc.

Enterprises have followed the crowd and the hype around the communities with hope of understanding their customers, stakeholders, influencers who potentially impact business outcomes even if indirectly. Crowdsourcing and networked innovation became the buzz with significant investments pouring in. The few success case studies added fuel to the fire. But the large numbers of efforts have not yielded the desired outcomes. Even though the start point for most was Marketing or other functions with no ROI or business case, the online nature of such interactions put the CIO and IT in the middle of the discussion.

CIOs have struggled to moderate expectations and make sense of the noise. Combining these with the relatively clean structured data remains a challenge though multiple service providers and consultants tout the next level of competitive differentiation. These are early days where a lot of investment is a leap of faith or hit in the dark, until the haze lifts and clarity emerges, the worry for the enterprise is not to be left behind in the race to the unknown.

As for me accepting every new invite that comes my way, I think I will pass for now at stick to the couple that offer me personal and professional connectivity. The direction for enterprise and peers remains “keep a watch on the horizon, stay invested but focused on what matters”.

Monday, May 09, 2011

BYOD Security Paranoia or Necessity

Not too long ago, IT departments faced the challenge of integrating a new consumer device into the corporate infrastructure; this was the iPad which took the fancy of every CXO and techno-affiliate with its cool factor. It did not matter that the tablet was another appendage to do everything that the earlier devices did well enough while ensuring that the information assets of the company stayed protected from nefarious elements. Said the tablet toting executive “I want it; security is for you to go figure”.

The starting point though was the iPhone, which was contained to some extent; the tablet was something different, a wave that swept away all opposition. Developers mushroomed all over creating applications to do everything that mattered and some that did not; IT had no clue what kind of vulnerabilities these created or introduced on the device. Faith in mankind was one of the strategies promoted by many to allow the devices to connect.

In another part of the world, employees went up in arms against the corporate issue compute devices, laptops, desktops, citing their home computers superiority over the standardized and locked devices. Thus the trend started that is now gaining momentum of BYOD, or Bring Your Own Device. It frees up financial resources, support too if the employee fends for herself, no hassles of managing refresh. But what about information on the device ? Confidentiality or sensitivity of information especially when the employee leaves ?

Now extend the same to the mobile, which is lot more like a consumable and gets changed on an average every year, in some cases earlier too. With the space evolving and a multi-polar world of IOS, Android, Symbian, Blackberry and Windows, that too with many versions, the challenges are unique and getting out of hand. In a world where every corporate employee expects all kinds of information on their fingertips (read mobile device), the security framework looks worse than a coarse sieve.

Mobile device security is an evolving subject; vulnerabilities on the mobile are being discovered every day and they are attaining critical proportions with multiple applications vying for attention. In a 24X7 world, the definition of acceptable risk has changed. CIOs are expected to create visibility of the potential compromises and keep the critical information assets secure at all times. The change in the security stance thus creates new challenges and opportunities requiring higher agility to respond. Abstraction of applications and information layers from the device is one of the strategies that helps and many frameworks are emerging in this space. Keep abreast of these developments and experiment before business forces change.

In another couple of years the expectation is that the dependence on the big computer (including laptops) will reduce dramatically; the CXO will carry a few devices (personal, corporate, function specific devices) and all will require management and access to corporate information assets. Start preparing now !

Monday, May 02, 2011

Work in Life in Work

A CEO in a heated debate asks a question to one of the CXOs; the poor phone tapping guy has no clue what the discussion was all about. Confused in his reality, he blurts the words that were top of the mind recall, the interaction he was having with his girlfriend. Everyone on the table smirks, but the CEO accepts whatever nonsense comes out. “Go ahead, mix your worlds” proudly says an advertisement for a mobile service justifying the jumbling up of internet social media world and the workplace.

Ever since the time of portable computers to the current paradigm of everything on the handheld device, be it mobile, tablet or the laptop, work transgressed the boundaries of what was earlier a 9X5 or whatever hours people worked, and the dividing line between what was referred to as work and life has disappeared. It is normal to expect a response to a mail 24X7 and many obliged. In an interconnected world with business being conducted across timezones, this became a way of life. Umpteen cases have reflected the damage this phenomena causes to friends, family and the individual.

As we grew up through school, there was a sense of relief that there will be no homework when we start attending a job in an enterprise. The irony of the situation is that work has expanded to fill all the time beyond the cubicle or cabin reaching the bedroom permeating every nook and corner of life, threatening to follow like the shadow.

So a debate on work life balance is an exercise in intellectual stimulation; reality for most executives is that balance is a utopian state never to be reached with the swing all the way towards work. So if work activities are standard fare, why not allow the life to creep into the workplace ? Why do organizations abhor the thought of employees occasionally checking personal email or posting a few updates on social or micro-blog sites but expect them to work on the presentation or spread sheet while traveling or in their homes ? Security is one of the justifications and then corporate data travels all over the world. Consultants will tout productivity loss due to distractions not recognizing the gains in after office hours.

This is more so now with the IT function with networks, ERP systems, messaging and collaboration, you name it is buzzing with activity through the day and night. Downtime ? What’s that ? And scheduled downtime shifts again and again until the breakpoint is imminent. CIOs struggle to retain teams engaged in keeping these running. Weekends, holidays, vacations belong to an era gone by; the executive is now chained on a WIFI, GPRS or 3G network which cannot be unshackled.

IT and work policies straightjacket the behaviour on premise and often off premises too when using corporate assets like the laptop, smartphone or others. We all accept these as a way of life. Progressive organizations have taken a lenient view of some digression, as of date they are the exception. I believe that productivity will be higher when knowledge workers have the flexibility to escape a few times. Unfortunately there are no empirical data or solutions to validate this. Contradictory claims make such decisions difficult while burnouts continue. Incidences of fatality are getting younger with stress induced by work pressures and lifestyles that may get promotions, but what is a promotion worth when you are dead ?

I don’t know what can help alleviate the issue; unless life is allowed to creep into the work hours.

P.S. I wrote this past the midnight hour on Saturday