en Thu, 15 Nov 2007 11:11:17 -0600 The CIO Weblog http://www.cio-weblog.com/ Business and Technology Coverage of the Software Market Thu, 15 Nov 2007 11:11:17 -0600 Azyxxi: The big hospital information system with the funny name 30417142.jpg Microsoft announced today that Azyxxi, their big foray into the healthcare information market, has landed a significant coup: it will be adopted by the St. Joseph Health System, a large West Coast based community hospital network with sites in California, Texas, and New Mexico. This is the largest deployment of the recently acquired Azyxxi system to date and a signficant step forward for Microsoft in the as yet untapped healthcare information system market.

I haven't had an opportunity to look at the software personally yet but by all accounts it is an impressive step toward amalgamating, securely, all the various types of patient data generated in the healthcare environment. Other electronic charting systems I have worked with are impressively byzantine in implementation and cost and limited in their ability to integrate with other systems. The word on the street about Azyxxi is that it has few of these failings; like many Microsoft products (although it was developed independently at Washington Hospital Center by Medstar Health and acquired only a year ago) it integrates impressively with a variety of sources of information. Because it uses commodity hardware and software, and because it doesn't propose to replace every existing system it is going to integrate, the implementation costs can be substantially lower than for many specialized healthcare information systems. The same advantage accrues in lower operating costs and higher efficiency.

I'm personally pretty excited at Microsoft stepping into healthcare; whatever their other failings, I believe the company has the effect in markets of lowering costs and generally raising the standards of performance and ease of use. Up to this point, the norm in healthcare IT has been extraordinarily expensive, legacy applications from a handful of vendors who have exhibited limited innovation or integration. Whether Azyxxi is particularly successful on its own or not, I believe that it will force other vendors in that market to improve their own game, and thereby do us all a great service in one of the few areas where it really matters.
See article.

Enterprise Software http://www.cio-weblog.com/50226711/azyxxi_the_big_hospital_information_system_with_the_funny_name.php http://www.cio-weblog.com/50226711/azyxxi_the_big_hospital_information_system_with_the_funny_name.php
Wed, 14 Nov 2007 09:33:41 -0600 Vista deployments to begin in 2008 WinVista_v_Web.jpg It has been difficult, through all the marketing spin, to determine what has actually been happening in the enterprise with Windows Vista. Microsoft claims strong sales numbers and rosy outcomes, naysayers counter these, and I, personally, am not familiar with any large organization that has deployed a single copy of the operating system in production yet. It's hard to know what to believe.

Forrester now steps in with some numbers and a prognosis for Vista deployment: it's not here, but it's coming. In 2008, says analyst Benjamin Gray, one-third of enterprise IT departments will begin full-scale deployments of Vista. As Gray points out, such deployments are often multi-year affairs and it's not clear how many will actually be completed in 2008 or in fact how much progress will be made at all, despite the recent push from Microsoft to put out better deployment tools and get the all-important Service Pack 1 out the door.

All this together reflects a more or less prudent approach to upgrading and so probably shouldn't be too surprising. More interesting are the current figures for operating system deployments: Forrester puts it at 84% for Windows XP and 11% for Windows 2000. If my calculator is working properly then that leaves just 5% for "other" which would seem to have to include Linux, OS X, and Vista... while this doesn't contradict Microsoft's sales numbers directly, it certainly puts a damper on the idea that corporations have been dying to roll out Vista.
See article.

Enterprise Software http://www.cio-weblog.com/50226711/vista_deployments_to_begin_in_2008.php http://www.cio-weblog.com/50226711/vista_deployments_to_begin_in_2008.php
Tue, 13 Nov 2007 11:59:56 -0600 "Stick in the mud" IT? 9968848.jpg According to Marc Andreesen, "In general, there are two kinds of IT departments - call them "early adopters" and "stuck in the mud". "Early adopters" want to harness technology as a competitive edge and look for reasons to act. "Stuck in the mud" departments actively look for excuses to not act."

What ever happened to the tried and true Goldilocks version where there is also a "just right" option?

It's pretty clear from this interview in Information Week that Andreesen has felt a bit burned by some less than successful startup ventures, and if you take it personally, it's easy to start lumping your prospective customers into such broad, innacurate categories (it's also an easy way to lose business you might otherwise have gained).

It's also an interesting perspective for CIOs to study: this is how some, and perhaps many, tech startups view your departments today. If you happen to like what they offer, you're visionary; if not, you're only there to be circumvented by selling directly to users.

While there are definitely IT departments that resist change out of fear and simply for the sake of the status quo, there's little realization outside the field that many of them are simply discharging their stated duties of providing secure, stable infrastructure and service to run the business on. Every startup thinks they are bringing out something great and innovative, but the fact is that a lot of them ship regurgitated and poorly built junk, and it's wise, not "stuck," to be cautious with what they have to peddle. Personally, I view it as a warning sign when a company feels like it needs to bypass the IT department to make a sale... there may be a few who are legitimately concerned about the old fuddy duddy CIO, but I feel that there are more who don't have a strong enough technical case to pass muster selling to someone who knows enough to see through it.
See article.

CIO http://www.cio-weblog.com/50226711/stick_in_the_mud_it.php http://www.cio-weblog.com/50226711/stick_in_the_mud_it.php
Mon, 12 Nov 2007 22:30:45 -0600 HP digs further into consulting 32160410.jpg HP has been moving fast and strong into services and have continued the trend with today's acquisition of EYP Mission Critical Facilities, a consulting firm specializing in large data center design and operations support. Coming on the heels of last month's expansion of their SaaS offerings, one imagines that before long you will simply be able to turn your keys over to HP and take off on a long vacation while they provision, support, and run your business.

In fact, this may not be far from the vision that CEO Mark Hurd has for the company, as revealed today also during his keynote speech at Oracle's OpenWorld conference. Consolidation has clearly been on his mind, and the recent acquisitions presage more in the future, driven as he states by "...a push from an IT perspective to do more standardization and to have fewer suppliers," as well as a number of players with an excess of cash on hand.

While I am certainly one of those pushing from the IT perspective to have fewer suppliers and more standardization, you have to be careful how you go about it, and although I am sure acquisition such as EYP MCF are brilliant for HP's business, I am skeptical about their value to customers. I think the conflation of purveyors of advice with purveyors of service and equipment is dangerous and if anyone was expecting to get unbiased opinion out of EYP MCF about the gear to build out their data center with, that's probably gone by the wayside. Consolidation can be a boon when it results in better alignment and firmer standards; the danger is when the alignment locks you in to a vendor and the standards turn out to be proprietary.
See article.

Outsourcing http://www.cio-weblog.com/50226711/hp_digs_further_into_consulting.php http://www.cio-weblog.com/50226711/hp_digs_further_into_consulting.php
Mon, 12 Nov 2007 09:14:07 -0600 Windows Server 2008 pricing released Windows_Server_2008_v_web.jpg Microsoft has released pricing and other new information on their upcoming (February) release of Windows Server 2008.

The announcement states that prices across the board on the Server line will increase approximately one percent but the actual prices listed are, with the exception of the Web Server edition, identical to current Server 2003 prices, so it's not clear if they will be raised in the future or if there was a calculator malfunction in the marketing department (I guess marketing doesn't typically hire for math skills, anyway). Windows Web Server 2008 increases from $399 to $469 but also goes from 32-bit to 64-bit (all 2008 server products, with the exception of Itanium, will be available in 64-bit versions).

The pricing for the Hyper-V virtualization server was also announced at $28 MSRP. Also on the virtualization front, Microsoft announced a "Server Virtualization Validation Program" for non-Microsoft virtualization platforms... a smart move on Redmond's part, both in terms of making it easy to use their products in other environments and as a mechanism to rope in other virtualization software providers with Microsoft standards (using the omnipresent "We can't support you if you don't" argument) or deflect blame in the event of poor integration or performance. The first target platform for this program appears to be Xen running on Novell's Suse Linux, given the existing relationship between the companies.
See article.

Enterprise Software http://www.cio-weblog.com/50226711/windows_server_2008_pricing_released.php http://www.cio-weblog.com/50226711/windows_server_2008_pricing_released.php
Fri, 09 Nov 2007 18:42:14 -0600 Vista adoption slows WinVista.jpg Perhaps it was just my low expectations but I didn't ever really see Vista taking off quite as explosively as Microsoft and even some industry analysts seemed to think that it would. Nonetheless, impressive sales numbers were quoted and many organizations swore allegiance as it was released and it seemed like it might sweep the market much faster than I would have predicted.

According to Infoworld, however, I have been at least partially redeemed... Vista adoption is slowing in the enterprise, for all the predictable reasons: instability, incompatibility, lack of clear business value for the price.

I don't say this to hash on Microsoft, but rather the management in those organizations which signed off on the massive upgrade plans right out of the gate. What were you thinking? Haven't you learned yet to build all those caveats into your software deployment plans? Microsoft, whatever their other failings, is at least predictable... they release a new product, especially a major one with a checkered development history such as Vista, it's going to take them some time to polish it up to meet the marketing hype. And even the hype never promised some of the efficiencies and advantages that would really be necessary to make an upgrade off of Windows XP cost-effective.

I continue to hope that this sort of article will persuade CIOs and other managers to sit down and crunch the numbers before piling on the bandwagon.
See article.

Enterprise Software http://www.cio-weblog.com/50226711/vista_adoption_slows.php http://www.cio-weblog.com/50226711/vista_adoption_slows.php
Wed, 07 Nov 2007 23:10:16 -0600 Microsoft's ex-CIO: the mystery deepens 30461935.jpg I don't want to turn this into a gossip blog, but it's been a slow tech news day, and Seattle P-I blogger Todd Bishop has turned up another interesting detail regarding the perhaps-not-so-sudden ouster of Microsoft CIO Stuart Scott this week. It turns out that Scott's home has been on the market since September. Could be a coincidence, of course, but if not, it paints a slightly different picture than the unusual pronouncement would by itself tend to convey. Most organizations, even if they caught an executive in a particularly grievous breach of policy, would probably tend to take the easy way out if he or she already had one foot out the door. Why make a spectacle?
See article.

CIO http://www.cio-weblog.com/50226711/microsofts_excio_the_mystery_deepens.php http://www.cio-weblog.com/50226711/microsofts_excio_the_mystery_deepens.php
Wed, 07 Nov 2007 23:02:06 -0600 Red Hat makes Amazon largest Virtual Server provider... ever Image_Redhat_Logo.svg I'm actually just guessing about that. It's probably impossible to compare the newly announced capability to host Red Hat Enterprise Linux on Amazon's Elastic Computing Cloud service with existing, more conventionally provisioned virtual server providers. Still, when you think about the capacity of Amazon's backend, you have to imagine that it's capable of putting, say, Godaddy, on the floor in terms of sheer computational capacity.


See article.

Outsourcing http://www.cio-weblog.com/50226711/red_hat_makes_amazon_largest_virtual_server_provider_ever.php http://www.cio-weblog.com/50226711/red_hat_makes_amazon_largest_virtual_server_provider_ever.php
Wed, 07 Nov 2007 09:16:01 -0600 Amazon S3 makes European sites available amazon_logo.jpg Amazon announced the expansion of their Simple Storage Service product into European markets yesterday. Although the existing S3 service could, by it's very nature, be used by anyone from anywhere with an Internet connection, issues of latency and locality have made it less desirable for overseas users. Amazon has not yet completed all localization features and the addition of other basics such as the ability to pay in local currencies, but the primary functions of the service are available for use.

The storage rates for the European service is slightly higher than that of the US-based service, possibly reflecting lower volumes of spare capacity in Amazon's European operations or higher data center costs, so for bulk storage which has no significant requirement for low latency, the US S3 is probably still the way to go.
See article.

Data Storage http://www.cio-weblog.com/50226711/amazon_s3_makes_european_sites_available.php http://www.cio-weblog.com/50226711/amazon_s3_makes_european_sites_available.php
Tue, 06 Nov 2007 21:24:30 -0600 Microsoft CIO fired mslogo-1.jpg For "violating company policies" according to Todd Bishop at the Seattle P-I. That's a nice broad swath of possibilities that can cover everything from "we found kiddie porn on his computer" to "the boss just didn't like him much." Thus ends the tenure of Stuart Scott. So far, no one at Microsoft seems to be saying much, nor are those who actually know likely to do so... you don't generally "dismiss" someone at that level without some sort of acrimony.

In the interim, GM Shahla Aly and VP Alain Crozier (the CFO for Sales, Marketing, and Services... it wasn't very long ago that they pulled internal IT out of accounting's purview and now it looks like it may be back again!) will fill the role.

This doesn't have any real effect on customers, but it will be interesting, from the CIO's perspective, to see what Microsoft does with the role after all this talk in the industry over whether or not a CIO is necessary. Somewhere like Microsoft, steeped in technology, may need one less than the rest of us. We'll see what they do.
See article.

CIO http://www.cio-weblog.com/50226711/microsoft_cio_fired.php http://www.cio-weblog.com/50226711/microsoft_cio_fired.php
Mon, 05 Nov 2007 13:35:15 -0600 Simple corporate sabotage 39174870.jpg I don't want to get on too much of a kick writing about security related topics here, lest people think I am paranoid, but prompted by a recent story on Slashdot I found myself thinking about how much easier technology may be making it to sabotage corporate information systems.

The discussion is titled "Cell phone jamming on the rise" and was prompted by this recent Network World article. The article finds some favor with the idea, and after all, who among us hasn't wished at times for a convenient button to push to shut up the rude conversationalist in the theater, restaurant, or cube farm?

The technology for jamming cell phones is small, portable, and reliable, and indications are that it is becoming more and more widely available. As it happens, I currently have a consulting engagement at an organization which lives and dies by these things (and there are, quite literally, lives in the balance... a suitable amount of redundancy is built in to the system, but the inefficiencies can be costly). A few of these devices around the office, and it would shut the place down. Probably be quite costly to resolve, as well... I can't even imagine how long it would take to figure out what the problem was, and then locating them around the place would be a whole new nightmare.

So what would happen in your office? And what if it wasn't cell phones, but Bluetooth, or wifi? Wireless technologies have been adopted rapidly, but with none of the safeguards against flooding or jamming that wired networks have evolved over the years. If it hasn't happened already, I think this may be the next frontier for both pranksters and serious malcontents at the office... time to start thinking about what you might do about it now.
See article.

Security http://www.cio-weblog.com/50226711/simple_corporate_sabotage.php http://www.cio-weblog.com/50226711/simple_corporate_sabotage.php
Mon, 05 Nov 2007 05:05:39 -0600 What infowar might mean to you Chinaflag.jpg I don't think it rises quite to the level of sabre-rattling, but some of Chinese president Hu Jintao's recent pronouncements on China's defense policy as it relates to information technology got me thinking. In his report to the 17th Party Congress, Hu says:
To attain the strategic objective of building computerized armed forces and winning IT-based warfare, we will accelerate composite development of mechanization and computerization, carry out military training under IT-based conditions, modernize every aspect of logistics, intensify our efforts to train a new type of high-caliber military personnel in large numbers and change the mode of generating combat capabilities.
I get the feeling that something may have been lost in translation, or maybe it's just the universal sort of double-speak that politicians the world over are famous for; there aren't really many specifics in that. But it's no secret that China has been aggressively developing information warfare capabilities, as Western intelligence agencies have been reporting.
See article.

Security http://www.cio-weblog.com/50226711/what_infowar_might_mean_to_you.php http://www.cio-weblog.com/50226711/what_infowar_might_mean_to_you.php
Fri, 02 Nov 2007 13:50:24 -0600 iPhone goes International 0709iphone_front.jpg One of the many niggling little issues that militated against the iPhone's use as a full-on business-oriented tool had been the outrageous rates for international roaming use. No more, reports Ars Technica; AT&T is now rolling out international data plans.

There remains a whole separate discussion over exactly how well suited the iPhone is in the typical corporate IT setting. That it is being rapidly introduced into such settings is not debatable in the least... it's coming, and it's coming to an executive's pocket near you. The question is what it will take to support it, or what your alternatives might be for providing similar utility even without the customary Apple polish and glitz.
See article.

Networking http://www.cio-weblog.com/50226711/iphone_goes_international.php http://www.cio-weblog.com/50226711/iphone_goes_international.php
Thu, 01 Nov 2007 19:14:55 -0600 Managed Services 36229612.jpg No real commentary on it, but I thought I would point you to an interview posted at IT Business Edge with Jeff Jernigan of Instat, a communications market research firm that has been tracking the trend of managed services in the market. Managed services is one of those buzzwords that it seems like everyone must be embracing, but it's interesting to get some numbers attached to the trend: Jernigan says overall growth in the field is around 8%, which isn't shabby, but isn't quite the explosion one might assume from the way other analysts talk it up (including myself, I suppose).
See article.

Outsourcing http://www.cio-weblog.com/50226711/managed_services.php http://www.cio-weblog.com/50226711/managed_services.php
Wed, 31 Oct 2007 23:27:05 -0600 Breakin' the law 30906312.jpg In the "More Unsurprising News" category we have today's article from Help Net Security detailing a recently released study which found that 35% of employees have violated their corporate IT policies.

As one wag on Slashdot put it, "One-Third of Employees Admit to Violating Company IT Policies." In fact, although the methodology isn't detailed, one has to wonder how the surveyors even managed to find 1/3 of employees who knew what the policy was in the first place in order to know they had been violating it.

Most of the rest of the conversation at Slashdot revolves around the improbability of that number being anything other than extraordinarily low and the likelihood that most employees never even know what policies they might be violating. The survey further adds that fully 65% of employees have little concern that such violations might fuel significant security breaches in their corporate networks... supposing, I presume, that they see little connection between that and their own paychecks, and also assuming quite correctly that the whole thing is ITs problem to deal with.

Which brings us to the real question for CIOs, which is, why bother to have such policices if they are so broadly ignored? Is it just a CYA mentality, or the inevitable crush of paperwork and bureaucratic sludge that accumulates in any organization over time? Too many lawyers? What's the deal?

My own philosophy is that if you don't have an enforcement mechanism (a working one) then you may as well not have a policy. Otherwise you're just making a joke of yourself, pushing your policies into the same territory that jaywalking laws and speed limits occupy. And if something is important enough to your network security to have a policy for, then it's important enough to put a real system in place to enforce... not to simply leave it up to people who won't be the ones to pay the piper when something does happen.
See article.

Security http://www.cio-weblog.com/50226711/breakin_the_law.php http://www.cio-weblog.com/50226711/breakin_the_law.php
Wed, 31 Oct 2007 04:22:51 -0600 As CIOs ride off into the sunset... 30538793.jpg Dave Berlind finds himself with a few parting words to say before the theme music kicks in and the closing credits roll.

Dave is commenting on a rather brief debate that was kicked off, at least in part, here earlier this month when I commented on a Bob Evans story in Information Week detailing his difficulties identifying CIOs in major corporations. One of those corporations may well have been BT, where Dave's colleague Dan Farber quotes managing director JP Rangaswami as saying "that the CIO role could disappear within the decade because all senior managers and board members will have to be knowledgable about IT and that's almost a given for the YouTube generation."

This fits in nicely with my own thesis in the matter, but Dave questions whether or not the question is quite so simple, and I find myself agreeing with him as well. In particular, a link he provides to another article which I had missed on the wisdom of outsourcing the details, but retaining the authority struck a cord, because it's very similar to advice I often give existing clients: outsourcing makes sense, as long as you retain decision-making in-house. And that, if nothing is, is the role of CIO, isn't it? As Dave says, IT may become a commodity, but someone still has to be knowledgeable enough to make a good buy in a commodity market. He argues that smaller businesses, particularly, may require someone in that role for the foreseeable future.

These arguments aren't really at odds, and I am not sure that I agree that the size of the business will be the distinguishing factor in whether or not a specific organization retains or requires a CIO. The key point, really, is to ensure that you are retaining control of the decision making process in critical processes, and not simply engaging in a game of outsourcing the blame. I think the trend toward simplifying and modularizing IT services and equipment will continue to the point where most well-educated business managers in most businesses will be able to unhinge strategy from specific and detailed technical questions sufficiently to do without a dedicated CIO. But there will continue to be markets in which the bleeding edge of the technology will require someone with sufficient technical expertise to help make those decisions, and so the CIO will not die out entirely... but there's a lot of room out toward that sunset for the rest of us.
See article.

CIO http://www.cio-weblog.com/50226711/as_cios_ride_off_into_the_sunset.php http://www.cio-weblog.com/50226711/as_cios_ride_off_into_the_sunset.php
Tue, 30 Oct 2007 22:52:32 -0600 Microsoft SOA roadmap mscorporate_logo.jpg Microsoft today announced a new, amorphous project entitled "Oslo" which encompasses the corporation's "Software + Services" roadmap for the coming years. "Software + service," you may recall, is what passes for Service Oriented Architecture over on the corporate campus, and is distinguished from that broader industry category primarily in its focus on the continued use of proprietary applications and services rather than the more open-ended approach of "pure" SOA.

Oslo is oriented around five areas:
  • Server- Biztalk Server, of course, the "...core foundation for distributed and highly scalable SOA and BPM solutions."
  • Services- Biztalk Services, hand in hand with the above
  • Framework- The .NET framework
  • Tools- Visual Studio development software, for authoring the above
  • Repository- A common metadata repository across all of the above, plus links to Microsoft System Center
Now, the more cynical among us might simply see that as a list of existing products thrown together with a cool Nordic code-name to leverage assets that were already in development and which have no additional added value in the SOA department. I think, however, that there may be some real value to the initiative, and that it may provide a more realistic method of achieving SOA benefits in many organizations without the heartache that starting with more "pure" tools from scratch might entail.

This view is influenced somewhat by my subscription to Microsoft's more incremental approach to building SOA, which they are promoting as "real-world," but you could as easily attribute it to their encumbrance with existing proprietary product lines and fighting a rear-guard action to keep them in use as long as possible in the market. But it's worth remembering that many of their customers are similarly encumbered, for good or ill, and so the approach makes a lot of sense to them. I won't pretend I don't have mixed feelings about continuing to dig the pit deeper, particularly in light of other trends obvious in Redmond (licensing and forced upgrades being the most disturbing) but I may well find myself recommending Oslo or its ilk if all unfolds as promised.
See article.

SOA http://www.cio-weblog.com/50226711/microsoft_soa_roadmap.php http://www.cio-weblog.com/50226711/microsoft_soa_roadmap.php
Mon, 29 Oct 2007 21:38:11 -0600 The real reason Leopard isn't ready for the enterprise leopard_box.jpg In a word: support.

I went into this issue in more detail, and with earlier versions of Apple software, a few months ago. But the rash of blue screen (not a term traditionally associated with OS X... it's a dark day in Apple land when the least positive attributes of Windows start showing up in their beloved BSD-based OS) system lock-ups that have broken out as people attempt to upgrade to Leopard put me in mind of it again, and the fact that I hadn't addressed this most important issue in my post on Leopard's enterprise potential a few days ago, put me in mind of it again.

That previous post dealt specifically with SMBs but the issues affect enterprises as well, albeit to a lesser extent. Those issues are, in a nutshell, Apples horrendous response to these sorts of failures and the poorly structured support environment for both Apple hardware and software.

For example, read Dana Gardner's experiences with the upgrade.

PCs, and their various operating systems, whatever their drawbacks (or, in fact, probably exactly because of their drawbacks) have a well-developed eco-system of support, both offered by manufacturers and thousands of specialty businesses small and large. I can pitch a brick out my front door right this very second and cold-cock a halfway competent PC technician.

If I have an issue with my Mac which I can't self-resolve, however, I have Apple. And Apple aren't answering their calls just now. As far as third-party support, I suppose I could call the three or four local techs I know who are more than passingly familiar with OS X and Mac systems, but they'll be swamped already, and that leaves me shipping it off somewhere and without a laptop for a week.

This is real problem for corporate IT considering adopting Macs. Sure, the planning and testing are better in corporate IT environments and this particular problem probably hasn't come up. But if something does... well, as a counter-point, I had an HP server burn out its GPU this morning. Two hours later I had been in contact with HP support and had a commitment to replace the board or the server as required. If the client had a higher warranty level, it could have been taken care of next day. Apple simply doesn't have that sort of system available, even in the US, and can't offer that level of service even if they were so inclined... and it's not clear that they are.
See article.

Enterprise Software http://www.cio-weblog.com/50226711/the_real_reason_leopard_isnt_ready_for_the_enterprise.php http://www.cio-weblog.com/50226711/the_real_reason_leopard_isnt_ready_for_the_enterprise.php
Fri, 26 Oct 2007 17:16:03 -0600 Security lapses might cost you more than your reputation

At least if new developments in the TJX data breach case play out in favor of the plaintiffs.

Several banks are suing the company, which probably first came to your attention earlier this year as yet another in a long string of companies to lose valuable customer data, in hopes of recovering some of the losses they incurred for covering the clean up from the mess. As most card holders are aware, the card issuer is responsible for dealing with and absorbing the costs of lost or stolen cards as long as they are informed in a timely manner. But while the pain and difficulty of cleaning up your personal matters is generally incentive enough to keep track of your cards on an individual basis, apparently the resulting poor publicity has done little to persuade retailers—the other half of the exposure—to do likewise.

According to court documents published by Larry Dignan, the banks are alleging that TJX's neglect of security best practices was both known to the company and directly responsible for the breach... and since TJX, therefore, could have prevented the loss, it's time for them to pay up.

As Dignan notes, this case may provide significant precedent to encourage retailers to deal with card information more carefully... and that's a good thing.
See article.

Security http://www.cio-weblog.com/50226711/security_lapses_might_cost_you_more_than_your_reputation.php http://www.cio-weblog.com/50226711/security_lapses_might_cost_you_more_than_your_reputation.php
Fri, 26 Oct 2007 10:24:49 -0600 Firefighting IT
The latest is a pointer to a Government Computer News article on the IT infrastructure being used by FEMA and CalFire to deal with the tremendous information demands being created by the conflagrations in Southern California.

The video embedded above is another example of technology's impact on firefighting and how fire managers are using it to stay informed; it's a time lapse of still webcam shots from a National Science Foundation camera at a project which happened to be in the fire zone. Without having to put any spotters in harm's way, fire managers could get an excellent ground-level perspective on fire path and behavior in near real time. Specialized infrared cameras and satellite shots have been used for years to develop intelligence on wildfires, but we're starting to see how commodity products and general purpose communications applications are being quickly adapted to fill many of the same purposes at much lower cost.
See article.

General http://www.cio-weblog.com/50226711/firefighting_it.php http://www.cio-weblog.com/50226711/firefighting_it.php
Fri, 26 Oct 2007 09:00:50 -0600 Leopard shows its spots 30502600.jpg I'd have to search through the archives to be sure, but I doubt that Apple has ever been discussed much in this blog... there's always a faint whiff of amateurism in "professional" corporate IT circles when Macs are brought up. Oh, the marketing department may have a few of them, and there are probably one or two executives who have forced an exception to policy so they can carry around their sleek looking Apple notebooks, but on the whole most CIOs I'm familiar with don't consider Apple quite ready for prime time in the corporate world. And they're not wrong, certainly from the perspective that values traditional IT management approaches. While OS X has some very easy to use features for centralized management, it doesn't have nearly as comprehensive a set of tools for that task as any Windows administrator will have become accustomed to since NT 4.0 days.

This situation is not going to change overnight, but it may not need to in order for OS X to start becoming a more attractive option in corporate IT, because the nature of the terrain is changing as well. Many of the factors that militated for a tight, locked-down, centrally managed client infrastructure are, whether we recognize it or not, slipping away with the advent of SaaS and Web 2.0 solutions to business problems. And Apple may be trying to meet us halfway; as Network World reported earlier this year, there are a number of features in the new OS X release which seemed oriented primarily at the enterprise. Built-in OpenLDAP directory services, an iCal calendaring server, SAN and cluster technologies are all included in OS X server and a host of open source server software is supported out of the box. Moreover, the Vista transition that many corporations are being faced with in the coming year suddenly makes a transition to OS X look less intimidating... if you can get past the names and the marketing bluster, the actual disruption involved is remarkably similar.

There is always more to it than that, of course; even with SaaS there can be browser issues, and for those who haven't gone SaaS yet there are line of business application support issues, and then there are corporate support issues in general which Apple has yet to address. But nonetheless, OS X, with less restrictive licensing mechanisms, better UI (yes, I said it, and I'll fight you on it... it's just better than Windows, get over it), and more stability, is an option that it is time to give some serious consideration to in the enterprise.

Head on over to ComputerWorld for their week of Leopard and get familiar with the ground.
See article.

Enterprise Software http://www.cio-weblog.com/50226711/leopard_shows_its_spots.php http://www.cio-weblog.com/50226711/leopard_shows_its_spots.php
Thu, 25 Oct 2007 00:28:58 -0600 More on agility 36676879.jpg Prompted by some recent posts and the subsequent conversations over at Michael Krigsman's ZDnet Project Failures blog, I've dug in and written a lengthy treatise on consultants and incentives for failure in enterprise implementation projects on my blog Status.

I think that most of the observations made at Krigsman's blog, both in the articles and the comments, amount to fairly well-known but unspoken facts of the CIO/consulting relationship. The question I have, which I took a stab at addressing in the Status post, is why it is that we, as a profession, haven't come up with better approaches to addressing these issues?

The solution I am proposing (which I make no claim for as a universal or comprehensive solution, merely an approach with some potential) is the adoption of Agile development methodologies for managing these projects.

See article.

Management http://www.cio-weblog.com/50226711/more_on_agility.php http://www.cio-weblog.com/50226711/more_on_agility.php
Wed, 24 Oct 2007 12:17:34 -0600 Desktop virtualization for the masses citrix_logo_2color.jpg Citrix's recent acquisition of virtualization software company XenSource is finally bearing fruit for the company. Monday, the company announced the release of a new line of products titled "XenDesktop 2.0." This family of software consists of Citrix Desktop Server with XenServer, allowing mass hosting of virtual desktops in a transparent back-end datacenter.

As we've previously explored, desktop virtualization may be the coming thing, particularly in corporate environments. Citrix's product demonstrates a preview of how this may look, with highly efficient hardware utilization, easy management, and potentially some excellent trending information on application utilization and user behavior (cue Big Brother).

This packaging of service and potential goes some way beyond what current industry leader VMware is capable of offering, and well beyond what Microsoft has thus far announced for their own enterprise virtualization offering, Vista Enterprise Centralized Desktop (VECD). In fact, if you check out the VECD section on the "Flexible Desktop Computing" page, you find that they devote about as much space to discussing licensing as they do to the functionality of the product... in other words, a lot of "what you can do for us" instead of "what we can do for you" which should give you a pretty accurate preview of the joys of deploying such a system. VMware's Virtual Desktop Infrastructure (VDI) is considerably less burdened with licensing tripwires, but also is less capable than the end-to-end solution Citrix describes.

XenDesktop is scheduled to ship in early 2008; XenServer and other Citrix components are already available.

Dana Gardner has a typically insightful article up on the possibilities of this brave new world, which wanders off into flights of fancy toward the end which are a bit further afield than I might personally contemplate at this point, but which are thought-provoking and worth a solid read nonetheless. Regardless, as he points out in wrapping it up, the real takeaway from the Citrix announcement is that this all "...could happen much sooner than you think."
See article.

Enterprise Software http://www.cio-weblog.com/50226711/desktop_virtualization_for_the_masses.php http://www.cio-weblog.com/50226711/desktop_virtualization_for_the_masses.php
Wed, 24 Oct 2007 07:54:45 -0600 EC2-down the rabbit hole Amazon_WebServices.jpg As reported here last week Amazon's Elastic Computing Cloud (EC2) service is now out of beta and available for general use; now, a new service is out which begins the mind-bending journey of layering on-demand service on top of on-demand service.

Coupa intends to deploy an on-demand electronic procurement system on Monday, which relies not only on Amazon for computing power by way of EC2, but also for backend storage using the company's Simple Storage Service (S3).

Coupa has been using the EC2 beta for some time in proof-of-concept deployments and apparently has been pleased enough with it to count on it as a full-time backend for their mid-market aimed product.

There have been a number of other commercial services using Amazon successfully to provision on-demand services during the beta, but this seems to be an indication that the trend is accelerating and we're likely to see more and more business models based on leveraging virtual infrastructure that is not even operated by the company offering the service-utility computing finally coming to maturity.
See article.

SaaS http://www.cio-weblog.com/50226711/ec2down_the_rabbit_hole.php http://www.cio-weblog.com/50226711/ec2down_the_rabbit_hole.php
Mon, 22 Oct 2007 17:33:31 -0600 Microsoft decides against appeal in EU anti-trust case 24722466.jpg Microsoft announced today that it would not appeal the decision recently made against it in the European Union anti-trust case. After nearly ten years, the company has agreed to comply with decisions forcing it to lower royalty fees on interoperability information.

I had predicted that the company would appeal in the post I made originally dealing with their loss of the case, citing not the immediate damage of the decision as the major factor, but rather the precedent that the decision would set for regulators. I can only imagine that corporate counsel decided that the case was unwinnable, because indeed, EU Competition Commissioner Neelie Kroes, according to this Seattle Times article, seizes on that fact:

Kroes said the EU order set a precedent for Microsoft's future behavior for other areas - such as its Office software and its new Vista operating system.

If there was a reason for Microsoft to fight on this, it would be to protect those parts of the business from future regulation of this sort. If they didn't, considering what they stand to lose on their core revenue generating products, it must have been a real dog of a case. Kroes' intimations that future regulation is imminent only reinforces this.

Microsoft's extremely brief statement on the decision can be found here.
See article.

Events http://www.cio-weblog.com/50226711/microsoft_decides_against_appeal_in_eu_antitrust_case.php http://www.cio-weblog.com/50226711/microsoft_decides_against_appeal_in_eu_antitrust_case.php
Mon, 22 Oct 2007 02:27:28 -0600 Outsourcing the blame 16459942.jpg It's refreshing to read about IT issues from overseas from time to time, particularly when they are liberally peppered with bollocking and crikeys and codswallops, and so I give thanks to this article from the New Zealand Herald which comes by way of IT Business Edge, laying in to everything that is wrong with outsourcing today.

I think most of us can identify with Deborah Hill Cone and her encounter with various outsourced support centers and workers... although her experiences come in the context of moving house, no doubt most CIOs can come up with strikingly similar stories dealing with data centers and overseas support desks. And the thing that most frustrates Cone is also something we can identify with-there's no one there to take the blame when things fall through the cracks.

This is hardly confined to outsourcing, though. Any major corporation has essentially the same issue (or feature, depending on your point of view, I suppose) with multiple, vast departments which finger-point and fling the blame without any single point source of accountability anywhere in sight. Is dealing with outsourced technical support at the major PC manufacturer of your choice really any worse than getting bounced around between Bank of America's various commercial banking and credit operations, as happened to me recently? I thought a particularly fine touch was when, at the end of a long series of forwarded calls and "Press One For English" menu chains, the representative I talked to told me I could only get help by dialing a certain number... the one I had dialed originally that lead me to her.

There's no one to scream at in this situations, it's always laid off on someone else, somewhere else, and that's the genius of it... yell as you might, the person you are dealing with genuinely can't do a thing about the problem. Nor can the next, or the next that you talk to. The service, as a whole, doesn't really exist, it's all bits and pieces and never quite comes together.

For the CIO, what's to be done about this? The answer, of course, is a strong SLA and relationship with the place where you send the check. Because as in all business dealings, that's effectively where the power rests. If you can ensure ultimate responsibility-even as they probably seek to avoid it-in your vendor contact, then you retain some measure of power and, finally, have someone you can scream at who had better be able to do something about it.
See article.

Outsourcing http://www.cio-weblog.com/50226711/outsourcing_the_blame.php http://www.cio-weblog.com/50226711/outsourcing_the_blame.php
Sat, 20 Oct 2007 22:20:59 -0600 Show CEOs the money, says Gartner 30773362.jpg Gartner's IT Symposium in Orlando last week generated the usual amount of news and interest from that annual gathering and the last gasp has been summed up in this Baseline article, "CIOs Told to Make Conspicuous Contribution to Revenue." As Baseline points out, business alignment has always been the bread and butter of the choir at Gartner events, but this year it's gone a step further... apparently, you're going to have to start actually generating revenue to keep your seat at the table.

Actually that's not what the article says, but it must have sounded more catchy than "Gartner Says Same Thing They've Said Before." But that's the gist of it; align IT with the business. They've gotten a bit more specific this year-align IT with the revenue side of the business. Ah, gotcha. That must have been the bit we were forgetting previously.

I think the advice that you not only have to do your job, but to be seen to be doing your job, is rather timeless and hardly specific to IT. On the other hand, it's long been assumed on both sides of the table that what happens in the IT department is mysterious and inexplicable to laymen and a modicum of faith is required that they're doing what they in fact say they are doing.

Considering other recent trends which seem to minimize the role of the CIO in the organization this perhaps isn't so surprising. Then, too, Gartner needs to be taken with a grain of salt; like me, they have to come up with new ways to say the same things repeatedly to earn their keep, and if the real message is "stay relevant to the business" then perhaps the specificity of the delivery can be disregarded from time to time as less relevant hyperbole.
See article.

CIO http://www.cio-weblog.com/50226711/show_ceos_the_money_says_gartner.php http://www.cio-weblog.com/50226711/show_ceos_the_money_says_gartner.php
Fri, 19 Oct 2007 00:03:10 -0600 The Virtual Future vmware.jpg This topic has some direct bearing on another recent post, the one regarding the future of Microsoft, but it's really its own story, which Microsoft just happens to own a small piece of.

The topic is virtualization, and the impetus behind the post is this excellent article at Information World on the subject and the major players in the market. VMware, of course, gets top billing, and as per usual, Microsoft features somewhere in the background as the looming villain.

The article posits a future in which all our needs are met virtually, a bit like the 1950's vision of a flying car that could whisk Dad to work downtown in the morning, allow Mom to make a quick trip for groceries in the evening, and fly the whole family up-state for the weekend getaway. Given the power of today's hardware and the relative inefficiency of traditional operating system design and utilization, this paints a fairly attractive prospect for many CIOs and responsible corporate officers. Virtualizing a number of specialized server systems on a single piece of hardware presents, as we all know by now, considerable cost savings. But until recently, you were still losing performance in most virtualized environments due to the need to run a base OS with the virtualization software atop it-a sort of silver thread tying the virtualized utopia back to the dark and dreary real world.

See article.

Enterprise Software http://www.cio-weblog.com/50226711/the_virtual_future.php http://www.cio-weblog.com/50226711/the_virtual_future.php
Thu, 18 Oct 2007 04:47:03 -0600 Silverlight sparks anti-trust concerns 30755602.jpg Microsoft's Silverlight project, a browser-based Flash competitor, is apparently sparking some concern among the states which sued, and won, against the company based on anti-trust violations. Led by California, a number of those complainants have filed a motion requesting that the presiding judge extend the settlement reached in that case in 2002 for an additional five years, until 2012. Todd Bishop at the Seattle P-I has additional coverage and links to the court documents here.

Although in general I think we can agree that monopoly power is a dangerous thing and that Microsoft has unquestionably exercised that power illegally, there is a different debate over whether or not such tactics are truly to the detriment of the market, at least in the short term, and particularly with respect to corporate computing. As friends of mine at the company frequently lament, a lot of real cool, useful features are regularly either blocked or heavily questioned and delayed on account of their possible impact from the perspective of the anti-trust decree. The types of integration that competitors, and the states involved in the original suit, are concerned about, are often exactly the sorts of integration which make a CIO's life easier and more rewarding. Monopoly power means standardization, and standards have generally been good to IT departments.

For its part, Microsoft holds the advance of web-based applications up as evidence that they were never really quite the monopoly that they seemed, and certainly aren't one now. But Silverlight can be seen as an effort to extend the same sort of power that was long exercised at the desktop, to the web, as it develops as a venue for rich multimedia applications... all of which will have to run on something at the client side.

Nonetheless, it's debatable as to whether this is a good or bad thing for corporate IT. Choice is an advantage in the consumer mass market, particularly with web-based interoperability, and the decree makes sense in that light, but advantages to organizations, if any, would only come in the longer term after a suitable period of interplay in the marketplace. If your planning horizon extends beyond 2012, well, then you may be in good shape.
See article.

General http://www.cio-weblog.com/50226711/silverlight_sparks_antitrust_concerns.php http://www.cio-weblog.com/50226711/silverlight_sparks_antitrust_concerns.php
Wed, 17 Oct 2007 12:55:18 -0600 Amazon EC2 service out of beta Amazon_WebServices.jpg Amazon's EC2 virtual computing resource service has ended its beta phase and is now available to all developers, according to Dan Farber at ZDnet.

The service, particularly in combination with Amazon's companion S3 storage service, has been intriguing and has a considerable amount of theoretical promise, but hasn't really shown any overwhelming breakthrough utility just yet. But betas are for working out the kinks, not necessarily coming up with killer apps, and as Farber points out, given the overall direction of the market, the Amazon Web Services could well eclipse the rest of the business in terms of size and profit.

Of course, just out of beta doesn't necessarily mean stable and proven-this is still essentially a 1.0 product release, so it's worth waiting to see how early adopters fare. On the other hand, the availability, at reasonable rates, of such flexibility and power is certainly something to be considered for hosted application services.
See article.

SaaS http://www.cio-weblog.com/50226711/amazon_ec2_service_out_of_beta.php http://www.cio-weblog.com/50226711/amazon_ec2_service_out_of_beta.php
Wed, 17 Oct 2007 05:35:23 -0600 HP expands SaaS offerings 30446513.jpg Hewlett-Packard has announced plans to expand their Software as a Service offerings this week under their Business Technology Optimization umbrella. The BTO offering covers a variety of IT service management applications, from availability and performance monitoring to project and portfolio management.

This is part of a more general trend by vendors to branch out into services as well as providing hardware and software-beginning with managed deployment and consulting services and gradually expending into more outsourced offerings to take the rudimentary work of managing infrastructure out of the client's hands. HP has the jump on this; despite persistent rumors, Dell has yet to come out with anything comparable.

My favorite quote from the press release:
"The value of IT management software is not derived from its deployment," said Ray Paquet, managing vice president, Gartner. "Rather, the benefit comes from its use. Software-as-a-Service helps organizations quickly unlock the value to the business."

Of course, the value of IT management software can be in its deployment, but only if you're the vendor or consultant handling it. If you're a CIO, though, you might give HP a look so you can get to the "quickly unlocking value" part of the proposition.
See article.

SaaS http://www.cio-weblog.com/50226711/hp_expands_saas_offerings.php http://www.cio-weblog.com/50226711/hp_expands_saas_offerings.php
Tue, 16 Oct 2007 17:50:48 -0600 Behold, the humble business PC 10047106.jpg Ah, the venerable beige box-one beneath every desk in corporate America before manufacturers discovered the color "black" and got all trendy on us. But perhaps no longer, according to Gartner by way of this ComputerWorld article. Corporate America, it seems, is getting ready to turn its back on the beige box and turn PC procurement over to their individual employees.

With the transition to widespread utilization of web-based applications and virtual computer environments, the thinking is that a significant cost center in today's IT department, hardware and licensing procurement and support, can be effectively outsourced to one's own employees. They will be, after all, accessing all the important business applications through generic and secure portals; the hardware shouldn't matter and can be left to personal preference (and expense!).

But is this really a practical approach for most CIOs? Or is it applicable only in certain specialized environments, and not a general bromide for all enterprises?
See article.

CIO http://www.cio-weblog.com/50226711/behold_the_humble_business_pc.php http://www.cio-weblog.com/50226711/behold_the_humble_business_pc.php
Tue, 16 Oct 2007 12:03:31 -0600 Microsoft Launches Unified Communications roundtable.jpg In San Francisco this morning Microsoft has announced the release of their Unified Communications family of software and hardware. I'm about halfway through watching the keynote now, enjoying the usual uncomfortable wrestling that occurs whenever anyone tries to demo voice recognition technology, but on the whole it looks pretty good.

Unified communications (in general, not necessarily the specific Microsoft branding) have been ballyhooed for a few years now-phone systems that know where you are, wherever you are, when you are there, that e-mail your voice mails, or can voice-mail your e-mails, that allow a high degree of integration and collaboration between remotely connected workers in a variety of venues. And to some degree, we've been able to effect this reality with a variety of systems, some good, some bad.

But the stuff is starting to come out of the realm of speculative fiction and klunky mash-up systems and enter into the mainstream, and this release is another step in that direction. Once Microsoft starts pumping out solutions, then you know that corporate America is starting to get comfortable with it.

For the most part, however, this is an iterative step in collaboration and integration and unlikely to raise too many eyebrows. You've already been to do remote whiteboards, video conferencing, and collaborative document sharing. As with many Microsoft initiatives, this simply improves on and integrates those existing capabilities.

The only really interesting new feature is Roundtable, a 360 degree camera for video conferencing, which may seem like an obvious advance, but is a tremendously useful one in simplifying video conferencing (as anyone who has had to jockey for camera position in a group conference can tell you). This has been on the agenda for a while, but for around $3000, it will be one of the more affordable full-room video conferencing systems available.

Keynote is on the main UC website and for more info you can read the reviews linked in-line above. We'll have to wait and see what the real-world deployments look like; there will probably be some interesting deployment stories by second quarter of '08.
See article.

Integration Software http://www.cio-weblog.com/50226711/microsoft_launches_unified_communications.php http://www.cio-weblog.com/50226711/microsoft_launches_unified_communications.php
Tue, 16 Oct 2007 10:03:57 -0600 Suing your business partner not so odd after all 30899767.jpg Much of the speculation over the first Linux patent lawsuits filed last week against Red Hat and Novell revolved around whether or not Microsoft-famously vocal about its belief that its patents were being violated by the open source operating system-were somehow involved behind the scenes, even though the company bringing the suits had not been tied to them previously. And much of the response to the speculation has been, well, that's sort of crazy, because Microsoft just did a deal with Novell specifically to indemnify them against such actions.

Now, in your particularly dark conspiracy theory, that doesn't mean much of anything, and there is some logic that suggests it might be in Microsoft's long term interests to see Novell sued, but on the face of it, I think most people accept it's generally bad practice to start litigation against someone you are trying to make money with. In Microsoft's case this is probably less true-they aren't going to make much off the Novell deal itself, it's more the implications which they benefit from-but it turns out that Novell doesn't think this is so odd after all. I had no idea that their anti-trust suit against Microsoft was still proceeding.

Call me naive-I knew they had sued Microsoft, but I had assumed that in the course of their indemnification deal that this was one of the things that would also have been negotiated to a conclusion. I understand that it can be in both company's interests to pursue different venues for negotiation in separate business matters, but there is still some part of me that thinks this is just kinda crazy. And it certainly undermines my faith that these companies are not crazy enough to start suing their own customers-if you are going to take a business partner to court, maybe it's not such a stretch to start taking customers there as well.
See article.

General http://www.cio-weblog.com/50226711/suing_your_business_partner_not_so_odd_after_all.php http://www.cio-weblog.com/50226711/suing_your_business_partner_not_so_odd_after_all.php
Mon, 15 Oct 2007 22:59:08 -0600 Random Ballmerisms bio_steve.jpg It's Ballmer Gone Wild at the Gartner Symposium in Orlando this past week, it seems... in addition to the previously described dust-up with analyst Yvonne Genovese, we are getting word now of Steve dissing Google, and maybe just dissing everybody who dares compete in Microsoft's core competencies-or at least core competencies as Steve sees them. Then there is the whole FUD thing with respect to Linux patents, but I'll spare you my views on that one again.

Now, I don't want to be dissing on Steve just because he is dissing on others, because that just leads to a whole mess of circular logic, and it so happens that I agree with him in some respects-as I have said before, I don't think that Google is really competing (or even trying to do so) with Microsoft in the Office arena, and so it's hardly a surprise that their offerings don't look very similar to Microsoft's. And his observations about means of adapting Microsoft core competencies to the new order of web-based services may be astute, at least in the short-term... and they are certainly bright moves for the company to make in lieu of attempting to entirely reinvent itself from scratch to play in that market.

So for all the inflammation that Ballmer can work up among those who haven't had the Kool-Aid, in general I think the picture he paints is of a fairly nicely maturing organization which is starting to think about some real market-oriented strategy instead of simply trusting to brute marketing force and inertia. This is in stark contrast to some of my other recent appreciations of the company, so it may be time for a couple of steps back and a careful re-analysis-what do you think? Has Microsoft learned valuable lessons in more than just PR? Or is this a veil behind which business as usual will occur?
See article.

General http://www.cio-weblog.com/50226711/random_ballmerisms.php http://www.cio-weblog.com/50226711/random_ballmerisms.php
Mon, 15 Oct 2007 04:53:34 -0600 First Linux patent lawsuit has been filed 30899767.jpg The first patent-infringement lawsuit against Linux has been filed in Texas against Red Hat and Novell as of last week. The patent holder, IP Innovation LLC, appears to be a subsidiary of Acacia Technologies Group, a firm whose litigious proclivities have been well-documented.

Hard on the heels of Steve Ballmer's recently renewed campaign of veiled threats, it's hard for some people not to see a Microsoft hand in all this, and indeed Groklaw spends a significant amount of screen space delving into the potential conspiracy theory involving a Microsoft/Acacia connection. Except it turns out Acacia has sued Microsoft, too. But then this is business, and the whole friends/enemies thing doesn't really apply.

The patent itself, while quite technical, also seems quite obvious, not that anyone cares. It's a PARC legacy dealing with object-based user interfaces, but it was filed in '87, well after most of the important developments in graphical UI broke ground, and to my untrained eye it seems a predictable and even inevitable outgrowth of those basics. Which means it's a crappy patent; again, not that anyone cares. But what does it mean for Linux?
See article.

Enterprise Software http://www.cio-weblog.com/50226711/first_linux_patent_lawsuit_has_been_filed.php http://www.cio-weblog.com/50226711/first_linux_patent_lawsuit_has_been_filed.php
Fri, 12 Oct 2007 08:42:28 -0600 Storage for pennies 32336366.jpg Whatever happened to micro-payments, you have to wonder on reading this blog entry about the inability of Amazon's S3 service to charge certain credit card companies for particularly small transactions (in that case, 1 cent)?

Simple Storage Service's rate's are listed on this page. They're pretty reasonable, but you'd still have to work pretty hard to keep your utilization down to a cent, I think. Nonetheless, this presents a real issue moving forward, because if storage is cheap now, it will probably become even cheaper later, and at some point, the transaction fees may well eclipse the actual storage fees. But there really isn't any system in place that sufficiently lowers those costs to a point where you can pay a realistic chunk of the actual fees for such small-scale transactions.
See article.

Data Storage http://www.cio-weblog.com/50226711/storage_for_pennies.php http://www.cio-weblog.com/50226711/storage_for_pennies.php
Thu, 11 Oct 2007 05:19:00 -0600 Two steps back in CIO reporting structure 27363917.jpg Or so it would seem according to a new survey from the Society of Information Management, indicating that the number of CIOs reporting directly to the Chief Executive Officer has dropped precipitously from last year-down to 31% from 45% according to this Baseline Magazine article. For the most part, as you might expect, CIOs are reporting to CFOs.

This is particularly poor news if you happen to believe, as most of us seem to, that information technology management functions best when it is applied evenly through the organization and not dropped into the bottomless pit of the accounting department. But that is largely what is happening, just as we were starting to drag ourselves out into the sunshine of broader acceptance.

There's another aspect to this, however, which can also be seen in the survey-more CIOs are reporting now to COOs as well as CFOs. And if you also happen to believe-as fewer of you do-that the role of CIO is likely to become absorbed further into operations and to become less of a specialty department as IT itself becomes more utilitarian, then this can be seen as evidence that is in fact happening already.

I can't call a trend out of one year's data, but this is an interesting development to keep an eye on.
See article.

CIO http://www.cio-weblog.com/50226711/two_steps_back_in_cio_reporting_structure.php http://www.cio-weblog.com/50226711/two_steps_back_in_cio_reporting_structure.php
Wed, 10 Oct 2007 23:26:57 -0600 Google releases updated version of search appliance appliance.jpg Google reported today that they have released version 5 of their "Google in a box" enterprise search appliance. The new release adds support for Windows Integrated Authentication, secured crawling and serving of corporate files, and the addition of a number of new "connectors" which allow the appliance to extend search into various specialized databases and storage containers.

Although Google claims some moderately impressive growth numbers and that 10,000 companies are currently using the appliance, I have yet to run across one in the wild. I'd be interested in hearing more about their capabilities and field performance from anyone currently using one; they seem like a nifty solution of exactly the sort that I prefer (in a box!) but other than for web-facing integration, many companies don't seem sufficiently adapted to the "search as a file structure" concept to make good use of them.

See the press release here.
See article.

Data Storage http://www.cio-weblog.com/50226711/google_releases_updated_version_of_search_appliance.php http://www.cio-weblog.com/50226711/google_releases_updated_version_of_search_appliance.php
Wed, 10 Oct 2007 21:14:12 -0600 Just like Mom used to make 23064606.jpg If Mom had been an experienced former IBM consultant and current distinguished Vice President of Research at Gartner, that is. Gartner analyst Yvonne Genovese served up a warm helping of something to Steve Ballmer at Gartner's ITXpo symposium in Orlando today, according to ComputerWorld.

CW overplays the whole "mom" angle, but it's a scene that no doubt many regular Vista users would like to replay with Microsoft's CEO, perhaps with harsher language. Genovese took Ballmer to task over difficulties using new operating system (which her daughter apparently encouraged her to purchase), to which he apparently had no better response than "Users appreciate the value that we put into Vista."

Apparently not.
See article.

General http://www.cio-weblog.com/50226711/just_like_mom_used_to_make.php http://www.cio-weblog.com/50226711/just_like_mom_used_to_make.php
Wed, 10 Oct 2007 09:42:11 -0600 SLA stampede in web services market? Amazon_WebServices.jpg I wasn't aware of it when I posted yesterday, but apparently Amazon's new SLA for S3 followed on the heels of a similar offer from Nirvanix, and is due to be followed shortly by an even more aggressive offer from Flexiscale touting 99.95% uptime; this all from Nick Carr at Roughtype.

Not five nines, but getting there.
See article.

SaaS http://www.cio-weblog.com/50226711/sla_stampede_in_web_services_market.php http://www.cio-weblog.com/50226711/sla_stampede_in_web_services_market.php
Tue, 09 Oct 2007 12:20:10 -0600 Bang the FUD drum slowly 39198623.jpg Microsoft's Steve Ballmer is out on the warpath again, spreading Fear, Uncertainty, and Doubt about potential patent infringement issues in Linux. This time, he's targeting Red Hat specifically. But the undercurrent is the same as it has been in the past: if you use Linux, watch out! We may be coming for you with high-priced legal guns in the middle of the night!

It seemed like the message was getting toned down for a while there, but apparently something has got Ballmer running scared again; or perhaps it's a more low key approach, banging the drums slowly, trying to create a pervasive undercurrent of distrust in Linux, or heck, anything non-Microsoft in origin.

I've discussed this in the past, at greater length, on my blog here. Several things have changed since I wrote that; SCO bankrupted themselves trying to enforce such patents, there has been some evidence that Microsoft just might find it worthwhile to start suing customers, and Steve has rolled out some more specific numbers on the alleged infringement (implying-though hardly proving-that someone has actually sat down and identified actual infringements in open source software).

Nonetheless, I can't be bothered to take this too seriously. It's an annoying tactic that may have some effect among the poorly educated, but it's one that is likely to have little long-term effect as Ballmer keeps spewing accusations without evidence or action. If they actually file a lawsuit, then it will be time to talk mitigation.
See article.

General http://www.cio-weblog.com/50226711/bang_the_fud_drum_slowly.php http://www.cio-weblog.com/50226711/bang_the_fud_drum_slowly.php
Tue, 09 Oct 2007 09:19:38 -0600 Amazon offers SLA for S3 service Amazon_WebServices.jpg Amazon announced yesterday that, effective October 1st, they are offering a 99.9% uptime service level agreement for their Simple Storage Service (S3).

The full text of the SLA can be found here.

SLAs have been hard to come by in the free or cheap world of Web 2.0, where many service providers have come to make a buck, but where margins are not so generous yet as to make such devices easily affordable. Amazon certainly has the resources to stand behind it, and with this step, many corporations which might otherwise be leery of relying on over-the-wire storage service may be enticed to take the next step in outsourcing their commodity operations.

The 99.9% up-time guarantee might sound a little light to some; we're living in a world where IT has come to deliver the once-fabled "five nines" of reliability fairly consistently out of the box. I remember when 99.999% was the holy grail and only those who had massive budgets for redundant systems could get there. But today's hardware and software are more reliable and now if you aren't getting that sort of service in-house, then your operations team has a problem.

But this is the Internet, as much the frontier as your data center or server room was back in '98, and I don't think the lower figure is unreasonable considering the venture. It will improve, surely, as our infrastructure does around us.

Next up: when will EC2 come out of beta and will it get a similar SLA? And will other SaaS and online service providers jump on the bandwagon, or will Amazon be the lonely voice in the forest?
See article.

SaaS http://www.cio-weblog.com/50226711/amazon_offers_sla_for_s3_service.php http://www.cio-weblog.com/50226711/amazon_offers_sla_for_s3_service.php
Mon, 08 Oct 2007 20:32:48 -0600 Showdown at the "Press Zero for assistance" Corral 30420911.jpg Interesting piece up by Rob Enderle over at IT Business Edge titled "Battle for the Corporate Phone." Enderle looks at PBX convergence in the corporate market and gives some perspective on where it's been and where it might be heading considering who the major players are (apart, of course, from the omnipresent legacy PBX vendors hovering in the background).

Can't say I have given it enough consideration to comment yet, really, but I've been spending a fair amount of time looking at Microsoft's new small business VOIP solution so it has been on my mind. It's funny, Enderle mentions one of Microsoft's first phone endeavors (called, if I recall correctly, simply "Phone" in that infuriating way they have), a consumer oriented "smart" phone based on a Windows 95 host PC. He calls it "...probably the worst telephone I'd ever seen in my life" which I found amusing because I had a friend on that team at the time and had an opportunity to reminisce about it recently as I attempted to grill him about the new Microsoft phone solution. He didn't know anything about it-not unusual at Microsoft, since he's not on that team now-not a good sign, nonetheless. Especially since the team he is on is one of the ones you might expect would be "converging" as Enderle puts it.

At any rate, we had a good chuckle over the hapless Phone and I couldn't help but wonder, based on that experience, if the new Response Point system might not be headed for the same fate. Many of the same factors are present; sure, it sounds cool, but what's next? Microsoft hasn't been able to say much, and that may be a sign it hasn't been thought sufficiently through. The Unified Communications system, on the other hand, seems to have some weight behind it (and more importantly, were projects my friend had been familiarized with).

As long as the gasping old corporate PBX system falls under the CIO's purview, you should probably head over and see what Rob has to say about it and what your options may be in the near future.
See article.

Integration Software http://www.cio-weblog.com/50226711/showdown_at_the_press_zero_for_assistance_corral.php http://www.cio-weblog.com/50226711/showdown_at_the_press_zero_for_assistance_corral.php
Mon, 08 Oct 2007 09:27:31 -0600 SOA in a box 37741584.jpg It's been taken more or less as an article of faith that you can't get SOA in a box, and that the vendors who have been trying to package and offer it as such have been fishing for easy money from poorly educated clients who want everything to be easy; plug and play SOA, as it were. I have tended to subscribe to this theory myself, but Jack van Hoof points out that, as with many other services that were previously held to be in-house only, some vendors may be finding ways to truly and adequately offer SOA in a box.

I guess I have to say, point taken. I can't think of any theoretical reason, if you are already basically adapted to a single-vendor implementation, that you couldn't just take off-the-shelf SOA and make it work. That's a tenet I often preach to clients in other matters, after all-you are a not a unique and special butterfly, your business processes probably aren't a competitive advantage that you have to mold your information systems around (note: some of them are-but you'd better know the difference before you go mucking around with any of them) and so you can probably go off-the-shelf and save yourself time and money in the process. Custom development is expensive and fraught with risk. And yet I-and others-have been suggesting that it's the only route to viable SOA. Perhaps not.

I think Joel McKendrick gets to the heart of the issue in his post on the concept, however:

But vendor offerings are limited to tools and templates. Good SOA is ultimately the product of enlightened and savvy management, smart and well-trained people, and competitive drive. And that part will never come in a box.

Regardless of where you find the technical side of the solution, the organizational side is always more important and always comes from scratch.
See article.

SOA http://www.cio-weblog.com/50226711/soa_in_a_box.php http://www.cio-weblog.com/50226711/soa_in_a_box.php