Information Age: News, analysis & insight for IT & business leaders

Mass delusion

It was interesting to read in the 'Effective IT Summit' supplement to April's Information Age the view put forward that IT is bringing itself successfully into line with the business agenda. If the industry as a whole holds this view then I would suggest that it is being self-delusional. There may well be pockets of best practice out there in this respect, however, I would suggest that in general the industry still has a long, long way to go before it can genuinely lay claim to being in step with the business agenda.

At least part of the problem in resolving this issue is down to that old chestnut of the IT community being good at managing processes and poor at dealing with people. This means we invariably end up putting in place processes and procedures that we then expect to take the entire burden of delivering a business-focused IT strategy, while at the same time neglecting the not insignificant matter of maintaining a dialogue with people, thereby building relationships and giving ourselves the opportunity to find out what really matters to the business, beyond the official announcements.

Just as significantly, unless IT staff are prepared to spend a reasonable period of time working in an operational environment, perhaps on secondment, then I do not believe they will ever truly develop the depth of understanding they require to make the connection between IT and the business agenda. This means not only understanding the nuts and bolts of the business, but also appreciating the different culture that is usually found within the operational areas of a business.

Colin Wood
IT projects manager Institute of Chartered Accountants in England and Wales

Speaking in tongues

Your recent set of articles looking at industry jargon 'In the vernacular' (Information Age April 2005) has produced great interest within Lucent. In particular, the latest piece on 'IP multimedia system' (IMS) resonates strongly with our view; that we need to look at this technology from the viewpoint of the user.

IMS will impact the ordinary man or woman by making available services that the user can blend with his/her lifestyle by using the immense possibilities for personalisation. In short, IMS is a set of technologies that makes the task of service creation and delivery easier for the operator. It does this by abstracting the complexities of the network from the applications infrastructure, and introducing technologies to handle the customer relationship in a holistic manner. In other words, your service provider will be able to see you as Joan Smith, who happens to have a work phone, two home phones and a DSL line, or a ten-year-old who likes to rip music to his iPod - rather than as a mere set of numbers. It will enable the phone company to behave more like a service retailer than an old-style post and telegraphs operation.

At the heart of IMS lies another acronym, SIP (session initiation protocol), which fundamentally alters the dynamics between Joan Smith and the phone company. What SIP will do is to let Joan control her relationship with the phone company, rather than the other way around. She can add services, drop services, create a personal profile or change her settings - by pressing buttons on her handheld or on the web - without having to play a waiting game with a customer service representative sitting somewhere in a call centre.

Moreover, IMS will remove the barriers that exist today between the home or office desk phone and the mobile phone, by offering users the opportunity to make intelligent choices as to how and when they can be reached. For example, you may choose to use your home phone outside the confines of your house where it becomes a mobile phone during a call, or you may choose to set clear preferences as to who can reach you on what number at what time, on the web or PDA, using a facility provided to you by your operator.

We believe this technology will change the way we live and work, and we are very supportive of your efforts to peel away the jargon and focus on what any technology does for Joan Smith - or for you and me.

Ravi Rajagopalan
Director Technology & Solutions, Europe Lucent Technologies

White list

I read April's reader survey on security issues, 'Policing IT', with great interest.

What concerns me most is the thought that organisations are becoming needlessly embroiled in the hype cycle that is inevitably generated as vendor after vendor jumps on the information security bandwagon. They would do well to take a step back from the current reactive approach of the antivirus vendors, among others, as it serves only to perpetuate these vendors' own business model of updates and patches.

This dated blacklisting approach is unnecessary and not at all useful for an organisation that is looking for peace of mind that its computers have been secured well into the future.

The speed of propagation of viruses and the sophistication and ever-expanding nature of malware means that any security solution that attempts to block rogue software once it is already in circulation is ultimately doomed to failure.

The logical approach would be based on a pro-active measure - white listing or 'default deny'. This method can be applied to both hardware and software to ensure that only the code that has been expressly allowed to run on the enterprise network can do so, with every other application physically barred.

Spyware, the most recent scare story, should be considered just another piece of code, and it can just as easily be eliminated from the enterprise environment, as can Trojans and viruses.

White-listing is a far more versatile technique for software control and administration that allows companies to nip security problems in the bud and assures them that they do not have to be constantly on the look-out for the next security scare story. It also enables them to prepare for the long-term and avoid going down an expensive blind alley.

Dennis Szerszen
Vice president SecureWave

Third-party diplomacy

Recent research from IT industry advisor Gartner states that four out of five outsourcing deals will be renegotiated during the lifetime of the contract, because many deals have been too focused on cutting costs.

While outsourcing promises to bring flexibility and focus, when it comes to the contract, the fundamental measure is financial. The reason is easy to understand: costs are relatively transparent and readily definable. But when they dominate the deal they sidestep the issue of alignment from the start.

Contracts can be signed in a rush, and with little or no independent advice. This is all well and good for outsourcing providers: they are specialist not only in the services they deliver but in contract negotiation too. But does this not mean that clients are disadvantaged? Indeed, it is estimated that over 70% of clients involved in outsourcing relationships lack any kind of formal plan for managing long-term relationships with their services vendors.

Outsourcing exacerbates contractual misalignments further because the arrangement extends over long periods.

The bottom line is that outsourcing demands on-going renegotiation, and contracts, in particular, need to be managed and maintained as much as any other commercial asset.

Alex Blues
Director Orbys Consulting

The test of failure

It was interesting to read your recent article on IT failures, 'When IT all goes wrong', Information Age May 2005). The article underlined the fact that far too often in our industry, people go in all guns blazing with IT projects and forget to consider the wider implications of the work they are undertaking. As your article demonstrates, this has led to IT hampering, rather than aiding, organisations.

Hopefully, by reading your article many people will start to realise that the key to success is careful planning and testing. Far too often people carry out systems upgrades and fail to test whether the upgrade has created any problems in other areas of the system. This appears to be what happened in a number of the cases the article highlighted. It is vital to thoroughly test systems to mitigate the risk of businesses being paralysed due to IT problems.

However, it is not just about testing. Capacity planning is also vital. The [online] problems the Inland Revenue faced [in the closing days for 2004 tax returns] surely could have been avoided if extra server and system capacity was available. Obviously there is a cost implication here, but you have to think about the big picture; extra infrastructure investment could save you thousands in the long run. And, to be honest, in an age where we now have 'on-demand' computing, organisations should have the ability to increase and decrease capacity, and thus costs, to cope with the peaks and troughs in demand for their IT services.

Organisations need to sit up and take note; they most look to reduce the risk of failure by careful planning and testing, otherwise IT's reputation will continue to deteriorate.

Martin Davies
Principal consultant Morse

Staying power

Your article on OpenVMS ('Rumours of the death of VMS' Information Age May 2005) should probably be required reading for all C-level executives, including Bill Gates.

As a 22+ year VMS professional, I can attest to the enduring stability and security of the platform. The industry has not seen a platform as impenetrable as OpenVMS since the days of 'The Cuckoo's Egg'.

Unfortunately, there is a great deal of confusion surrounding the concept of 'industry standards' these days. That phrase once referred to standards and conventions that were co-ordinated by a central organisation and negotiated industry-wide.

Today, and all too often, the phrase 'industry standard' has become equated with 'de facto standard' - commonly used, but not specified by any recognised standards body or bodies.

So long as OpenVMS remains a non-player on the IA-32 and x86-64 stages, it will forever be relegated to the 'also ran' and 'my grand-daddy's operating system' categories.

Your article may do for OpenVMS what HP refuses to do: publicise its 'crown jewel'.

David J. Dachtera
Tech analyst, IS Northwestern Memorial Hospital

Not fade away

I just wanted to say thanks for the excellent article 'Rumours of the death of VMS'.

It is all true. I have been working as a system manager for about 12 years now (all of them in VMS) and before that I worked for Digital Equipment as a field engineer.

As far as VMS's record for uptime is concerned, my company had about two or three hours of downtime all year last year - and that was due to Vax system parts getting harder to come by.

I would like to know how 'upper level managers' can justify the cost of a Windows environment. We have over 60 Vax and Alpha machines worldwide and our current support staff of four maintains all these machines. Let's see that in a Windows or Unix environment!

Scott Heyer
VMS system manager Abbott Labs

A labour of love

Thanks for the kind words on our operating system [VMS].

Supporting this product [at Hewlett-Packard] sometimes feels like a continual public re-education campaign. Sites that move away from VMS in favour of Unix call us and write to us to say how much they miss us, miss the uptime and miss the ease of configuration that they used to have.

Name supplied
Hewlett-Packard