ALIGNING IT AND BUSINESS GOALS

Network World: Occasionally, asset management is mentioned in discussions of portfolio management, but by and large, it's an area that's overlooked in IT alignment discussions. Yet, knowing what you've bought, where you put it and whether the business actually needs it are key components of determining how IT contributes to business value. Asset management can help cut costs, negotiate better contracts and, as a bonus, it can assist in compliance. But there's a catch: Asset management isn't a one-time project, but an ongoing process that IT executives should cultivate as a core competency. (Free registration required)

Help Net Security: An incredible amount of corporate data is stored on PDAs, but the majority of PDA users report the data is unencrypted and one-third admit they don't even use passwords to protect the devices, according to a recent survey. That survey was conducted in the UK, and the results commissioned by a European security firm; a similar U.S. study released in June revealed similar results. PDA users are putting companies at risk and experts say organizations are ignoring it at their own peril. Here's a rundown of the survey's findings, which include information on how many users send and receive corporate e-mail, store client information and maintain a business diary on their PDAs. This is one area where IT clearly isn't getting its message across to the end users.

IT Manager's Journal: Business technology optimization is a technique many companies have found useful for creating alignment. One survey from the Yankee Group found that many users reported a 15 percent to 20 percent savings in application budgets. But is BTO an appropriate solution for all companies? A tech company CEO interviewed for this article argues that BTO is overkill for smaller firms, which may have only a few IT employees and consultants on staff. Instead, Lena L. West, founder and CEO of xynoMedia Technology, recommends smaller firms look at TechMapping as a less cumbersome means of achieving similar results. In addition to West's criticism, the piece looks at some of the other pros and cons with BTO. The overriding moral is that even if other companies are achieving impressive results with BTO, you should determine for yourself whether it would work for your company.

Sarbanes-Oxley as an IT-Business Alignment Driver
Ptak, Noel & Associates: This spunky piece points out that if anything proves IT matters, it's the struggle for compliance. The writer also notes the compliance process will be much easier for companies that have seriously undertaken IT/business alignment. That's great for those lucky few. But, the piece notes, many IT leaders have been cut out of compliance discussions, even though the CIO should be a key player. While that's frustrating, CIOs should use compliance as a stepping-stone to addressing broader strategic issues. In particular, the writer points out that Sarbox budgets can be used to implement "strategic configuration management process." Service level management, patch management, security management and other IT management issues can all help automate and resolve compliance issues.

Analyst: Structured Collaboration Key to Strategic Relationships
CIO Today: Companies are looking more at how collaborative technology can ease transactions between suppliers and other second-party business partners. The challenge for IT is to know which collaborative technologies are best suited for the situation. In this article, an AMR Research analyst outlines which technologies to use based on your firm's relationship to the other company. For instance, self-service portals are ideal solutions for suppliers who conduct simple, low-volume transactions, but those who do a high volume of simple transactions should have access to electronic data interchange (EDI) and an XML system. It's a short piece, but the insights are valuable for matching business needs with the right collaborative technology.

Running IT Like a Business
CIO Update: PAETEC Vice President of IT Bob Moore has a record that would make most CIOs salivate: He keeps IT headcount down at the New York-based competitive local exchange carrier while still supporting an annual growth rate of 2,500 percent — all on half the budget of PAETEC's competitors. And did we mention that both the CEO and the COO respect Moore as a strategic partner, particularly since the company was named number two on Deloitte & Touche's Fast 500 list. OK, so how does he do it? This article focuses on the role Mercury's IT Governance Center played in Moore's success. But don't focus too much on Mercury's role in Moore's achievements. We suspect his secret ingredient is not the solution, but how he viewed and implemented the solution. Moore realized that this governance solution could be used more broadly, as both a portfolio management system and a means of automating business processes. He also realized that enterprise-wide implementations give CIOs insight into all aspects of the business, and that, in turn, gives CIOs a strategic advantage over other executives.

Enough Managing, Begin Leading IT
BetterManagement.com: It's a common pitfall for executives to spend their time managing, not leading. This is especially so in IT, where CIOs deal with numerous legitimate business distractions, such as spam, a downed server, a virus infection or even the occasional query about how a laptop works. The problem is, if you're managing, no one's leading — and that's what you're being paid to do. If you're unclear on the distinction, this piece outlines the key traits found in effective technology leaders. Some may seem a bit fluffy — such as inspiring workers — but don't be quick to dismiss them. In this time of job uncertainty, inspiring workers can mean the difference between an effective, focused team and workers who spend their day sending out resumes via corporate e-mail. Leadership can also help with alignment. Think of it as the final key to successful alignment: You may be able to determine which technologies best match the business' needs, but it could all be irrelevant if you lack the leadership to convince business users of the benefits.

Question: What business issues should CIOs think through when dealing with spam?
Cahill: CIOs today are paying a lot of attention to the spam problem — it's a very visible problem for everyone in the company from the CEO all the way down. The first-generation approach to spam filtering or solving the spam problem has been, "Wow — I need to buy the best spam filtering right now or have the IT guys build a solution and I need to filter out as much of this junk as possible." I'm not saying that's a bad approach, but I think where the anti-spam community is evolving is that there is no one solution for spam. There never likely will be a single solution to spam. The solution to spam is a cocktail approach in that you use many different kinds of technology or many kinds of techniques to do two things: One, minimize the amount of bad stuff you let in, but number two and just as important, minimize the number of good stuff that you filter out. The CIO has to provide reliable e-mail systems that make sure e-mail gets out, but also has to make sure that business e-mail gets in, that new business, sales inquiries, get in. They need to say, "It's great that I'm going to address my spam problem, but at what cost and how can I minimize that cost?"

Question: What should CIOs consider if their company does business or marketing by e-mail?
Cahill: I would say the CIO today has really four issues to look at when he or she is considering his or her outbound e-mailing. Number one is the impact of the company's domain e-mailing practices on the e-mail reputation of the entire company. If there are poor practices going on in any part of the company's mailing stream, it can impact all of the mail sent out, so it's incumbent upon the CIO to enforce best practices within the entire company as it relates to outbound e-mail. The second related issue is that there's a morass of business processes and technical requirements in ISP and anti-spam relationships that are involved in navigating these waters of understanding what are the right things for me to do. When you do have problems, there are relationships with ISP blacklists that may be blocking your mail. We happen to provide an outsource service where people interact with those parties on behalf of the domain. A third area to think about on the outbound side is how does the CIO monitor on an ongoing basis that the company is in ongoing compliance with federal CAN-SPAM legislation, which puts certain requirements on commercial mail.

Question: Your company certifies legitimate business users so that ISPs and anti-spam filters won't block your clients' messages. But how can CIOs know which companies to trust in terms of certified e-mail?
Cahill: I would look at the track record of this company. Habeas has been in business two years and is doing nothing but this. We're not an anti-spam company; we don't sell software or hardware. Point number two I'd look at is the company these guys keep, their clients. Then look for the receivers that are supporting and recognizing these guys. Who else trusts these guys? Then I'd look at the standards — do they serve spammers? Habeas has very specific requirements: transactional mail, individual e-mail, one-to-one e-mail. Habeas won't touch opt-out mail. That's the law of the land, that's what Can-Spam describes, but we go way beyond that. Then, how does the company certify people to make sure that their practices are what they represent?

Only half
Nearly half of organizations with $200 million or more in revenues are wireless-enabled, but of that 50 percent, only half have a formal wireless network initiative. And that's just half-baked.
Source: The Alinean Report

4 years
Period over which the tech industry will experience "fairly modest" growth before another high-tech boom, according to Forrester Research.
Source: CIO Today

Motive Looks to Build Management into Apps
Network World Fusion: A new suite debuting this week may resolve applications problems before they become business problems. Motive will release Motive Profile, Motive Triage and Motive Resolution, a trio designed to introduce application management into the development process sooner than previously possible. Managers will be able to model how they'll manage applications. From an alignment perspective, this suite will also allow developers to model customer-specific information, which means IT can determine whether the software will meet the business users' needs. It could also help with compliance, since earlier management modeling can provide a heads-up if an application causes problems with business rules or performance. PeopleSoft already plans to license the solution to help clients determine how changes to PeopleSoft application impact the app's performance.

Offshoring Pays for CEOs
TechRepublic: Here's news that probably will make IT workers even more upset about outsourcing trends: CEOs at 50 firms that outsourced the most service jobs to overseas businesses enjoyed a compensation increase averaging 46 percent last year. That certainly beats the average CEO increase of 9 percent — and that number certainly beats the average increase for non-CEOs. From 2001 to 2003, these top outsourcing CEOs sent 200,000 jobs abroad while gaining $2.2 billion, according to the report, which was published by the Institute for Policy Studies and United for a Fair Economy. Both of those groups are interested in economic inequality issues. (Free registration required)

2004 Survey on Workplace E-Mail and IM Reveals Unmanaged Risks
ePolicy Institute: Enterprises are still surprisingly lax about monitoring and recording e-mails and instant messages, according to a just-released survey from the ePolicy Institute. Meanwhile, the risk that these messages will be subpoenaed for lawsuits or investigations has risen to 21 percent — that's more than one in five employers. Another interesting finding: While 60 percent of organizations monitor external e-mail, only 27 percent watch internal e-mails or instant messages, even though these are more likely to trigger lawsuits. The study notes that IM poses a very real and largely unmanaged risk, since the majority of workers using it are either sending or receiving information that could lead to legal action or viruses.

A Fresh Perspective on Application Performance
Enterprise Systems: Add quality assurance to the list of IT functions moving to outside providers. It seems there's a growing trend to hire external testers to identify application performance issues, particularly when the app was developed in-house and will be sold to clients. Experts say the complexity of software environments and the costs of addressing performance problems are driving the trend.

U.S. Government Agencies Aim for Software Assurance
Network World Fusion: It looks like there's going to be a push for federal government IT agencies to learn more about how and where software is developed. During a recent software assurance forum sponsored by the Departments of Defense and Homeland Security, a panel warned that, due to the fact that much software development is outsourced, government IT shops are buying or inheriting potential flaws and security risks. There'll be another forum in February. Watch this trend, as it could filter down to affect state and local governments and government suppliers.

AT&T Brings 3G to Dallas and San Diego
ExtremeTech: Here's something you can bet business executives will want you to watch: AT&T last week turned on its 3G wireless data and streaming video services network in Dallas and San Diego, making those cities the fifth and sixth to become "metropolitan hotspots." Earlier this year, the first 3G networks were turned on in San Francisco, Seattle, Phoenix and Detroit. The networks offer wireless data speeds that average between 220 and 320 Kbps.