5 Issues Challenging Every CIO
Filed in archive CIO by steve on September 24, 2005
Today's enterprise world, technology heads are faced with increasing pressure to comply with government regulations while securing their enterprises to the utmost degree and, of course, achieving efficiencies and cost savings.
VAR Business spoke to five enterprise CIOs about how they approach certain key areas:
- Security
- Service-oriented architectures (SOAs)
- Outsourcing
- Storage
- Regulatory compliance.
Keeping Security ShipShape:More than ever, enterprises are concerned with the security of their IT infrastructures. At Royal caribbean
International, the world's second-largest cruise line, maintaining the integrity of its operating systems, customer data and financial records are absolute necessities in keeping its 19 luxury liners steaming."Security is a little more impactful in our industry," says Mike Sutten, the Miami-based company's CIO. As with all publicly traded enterprises, Royal Caribbean is subject to myriad regulations, such as Sarbanes-Oxley, and industry standards, such as the VISA Cardholder Security Program.Starwood Checks Into SoA:Starwood Hotels owns and operates more than 700 hotels in 82 countries, including the Sheraton, Westin and W hotel chains, and has about 120,000 employees. The hospitality enterprise is currently in the midst of a major transformation away from its IBM mainframe to a distributed, Java-based J2EE environment, taking its legacy application base to Java running on Linux, Unix and Hewlett-Packard servers. The ultimate goal is to implement an SOA, "which will allow Starwood's applications to talk to each other better and make communicating with partners easier as well," Tom Conophy, CTO Starwood says.
Automaker's Outsourcing Options:GM's outsourcing dilemma has been the subject of speculation for years. The world's largest automobile manufacturer's 10-year contract with former subsidiary EDS expires next June. Long before then, GM will have to choose between renewing its contract, giving the work to another major systems integrator or even divvying up the contract among several partners. For its part, GM is not commenting.
But its decision in late July to award Sun Microsystems with the largest-ever contract for an enterprisewide Java deployment suggests that the struggling automaker wants to have the option of leveraging various outsourcers. Sun's Java Enterprise System coupled with Solaris 10 will be the basis of GM's plans to build a SOA by which Java components will be shared across different parts of GM's worldwide infrastructure, supply chain and partners.
"It gives us some modularization and some flexibility and decoupling in some places in our architecture," says Fred Killeen, GM's director of IT systems development and acting COO. "We're just trying to be careful and understand how you manage [service-level agreement] performance with a service-oriented architecture, and how to do that across multiple outsourcers, potentially."
Storing All Those Grains Of Sand:Pacific Sunwear, a 1,000-store nationwide clothing retailer, is trying to keep its IT infrastructure on pace with its rapidly growing enterprise.
"It has always been one of our challenges from a technology standpoint, keeping up with the growth of the business from all aspects--capacity, speed, capabilities and functionality," says Ron Ehlers, vice president of information services. "The requirements to run a 100-store business are quite different from running a 500-store business or a 1,000-store business."
With a growing business comes an exponential growth in data and file servers. "It's like rabbits--you go from one to five to 20, and all of a sudden you're at 50 servers," Ehlers says.
Those file servers are vital for Pacific Sunwear's business, handling store polling for the exchange of sales and financial data between stores and corporate offices and applications, e-mail and hosting the company's Web site. But Ehlers found that managing storage and the resulting backup policies around his file servers was growing increasingly difficult.
Taking Stock In Compliance:As the nation's oldest trading center, the Philadelphia Stock Exchange has a long history of risk management, corporate governance and regulatory compliance. Since 1983, Bernie Donnelly has overseen the exchange's compliance and auditing efforts, ensuring that the organization not only meets regulatory requirements, but also minimizes risks to stakeholders and traders.
"We've always been of the mind that the regulators and auditors are a third eye, a quality-control check," says Donnelly, vice president of quality assurance. "As long as they have insight into what you do for a living, they can be a benefit."
But enterprises like the Philadelphia Stock Exchange are under more regulatory pressure than ever. Sarbanes-Oxley is driving huge compliance investments for publicly traded companies. But other regulations and industry standards abound. The European Basel II accord and the U.S. Gramm-Leach-Bliley Act are pushing greater IT controls in financial services. HIPAA, California's Security Breach Information Act (commonly known as SB 1386) and the European Union Privacy Directive are requiring greater protection of personal data. And the VISA Cardholder Security Program holds the promise of improving the security and integrity of e-commerce and retail exchanges.
Prashanth Rai
Tag(s):CIO,Outsourcing,Security.
But its decision in late July to award Sun Microsystems with the largest-ever contract for an enterprisewide Java deployment suggests that the struggling automaker wants to have the option of leveraging various outsourcers. Sun's Java Enterprise System coupled with Solaris 10 will be the basis of GM's plans to build a SOA by which Java components will be shared across different parts of GM's worldwide infrastructure, supply chain and partners.
"It gives us some modularization and some flexibility and decoupling in some places in our architecture," says Fred Killeen, GM's director of IT systems development and acting COO. "We're just trying to be careful and understand how you manage [service-level agreement] performance with a service-oriented architecture, and how to do that across multiple outsourcers, potentially."
Storing All Those Grains Of Sand:Pacific Sunwear, a 1,000-store nationwide clothing retailer, is trying to keep its IT infrastructure on pace with its rapidly growing enterprise.
"It has always been one of our challenges from a technology standpoint, keeping up with the growth of the business from all aspects--capacity, speed, capabilities and functionality," says Ron Ehlers, vice president of information services. "The requirements to run a 100-store business are quite different from running a 500-store business or a 1,000-store business."
With a growing business comes an exponential growth in data and file servers. "It's like rabbits--you go from one to five to 20, and all of a sudden you're at 50 servers," Ehlers says.
Those file servers are vital for Pacific Sunwear's business, handling store polling for the exchange of sales and financial data between stores and corporate offices and applications, e-mail and hosting the company's Web site. But Ehlers found that managing storage and the resulting backup policies around his file servers was growing increasingly difficult.
Taking Stock In Compliance:As the nation's oldest trading center, the Philadelphia Stock Exchange has a long history of risk management, corporate governance and regulatory compliance. Since 1983, Bernie Donnelly has overseen the exchange's compliance and auditing efforts, ensuring that the organization not only meets regulatory requirements, but also minimizes risks to stakeholders and traders.
"We've always been of the mind that the regulators and auditors are a third eye, a quality-control check," says Donnelly, vice president of quality assurance. "As long as they have insight into what you do for a living, they can be a benefit."
But enterprises like the Philadelphia Stock Exchange are under more regulatory pressure than ever. Sarbanes-Oxley is driving huge compliance investments for publicly traded companies. But other regulations and industry standards abound. The European Basel II accord and the U.S. Gramm-Leach-Bliley Act are pushing greater IT controls in financial services. HIPAA, California's Security Breach Information Act (commonly known as SB 1386) and the European Union Privacy Directive are requiring greater protection of personal data. And the VISA Cardholder Security Program holds the promise of improving the security and integrity of e-commerce and retail exchanges.
Prashanth Rai
Tag(s):CIO,Outsourcing,Security.
Permalink: 5 Issues Challenging Every CIO
Tags:
CIO Challenges
Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/9683
