Login

Click here to get to the Research Community

Experton Group News

Microsoft Earnings Flat

First Vista Service Pack to go out; Oracle Security Issues Highlighted

Risk Management Advances

The Best Service Is No Service

Apple’s Chip Acquisition and new Blade Technologies for Web 2.0 Computing

Wireless Interconnection Charge Problems, Wireless Handsets Companies Turn a Profit

Handhelds Technologies and Nokia, RIM Concerns

Monthly Research Update

Security Talk turns towards Business Alignment and Innovation

Executives attending the RSA Security Conference shifted their focus from last year’s emphasis on the need for industry consolidation to the need for security professionals to help increase innovation as well as delivering better business value. These thoughts were corroborated by a recent security survey which showed that 80 percent of business and security executives had been reluctant to take up some opportunities for innovation due to concerns of security. One of the keynote presenters said that security professionals should shift their focus from eliciting fear and citing worst case scenarios to helping show how new technology in security can augment new products and services. To this end, RSA Security, Inc. has created a Security for Business Innovation Council. Its goal is to help facilitate discussions between security personnel on increasing their business relevance.

Firstly Experton Group believes security threats will increase in frequency, number of vectors they pursue, and the layers of IT infrastructure that are affected. IT executives should implement proactive security education programs, such that security awareness and prevention is built into the entire IT infrastructure and application development lifecycle.

Secondly Experton Group believes security threats will become more sophisticated, and these future attacks will likely have an increasingly significant business impact. While individual security products continue to improve, security personnel must work more closely with business executives to make sure security policies are aligned with business risk, and metrics are developed to better measure the business value of security policies and technology. Security investments should also leverage and support business changes and innovations versus just focusing on fear.

To top

Internet / Intranet Best Practice

A website is the company's face to the public, its employees, existing and potential customers, and partners. To undertake the creation or re-creation of the website, executives (both the users and IT) should clearly understand the corporate mission, business objectives, and those who comprise the audience. In addition, corporate Websites should be aligned with the goals and objectives of upper management as well as the needs and requirements of those who will use it.

What are the relevant best practices?

Staff – Both user and IT must have strong project management skills. No matter how the various phases of the project are resourced, the enterprise must maintain the project management role.
Communication – As in any enterprise-wide initiative, there has to be clear, concise and constant communication. Project management 101 recommends that periodic meetings be held with both the delivering resources as well as the Steering Committee.
Cost-Benefit Analysis – should be conducted to determine how the various phases will be resourced.
Needs Analyses – as a part of the user requirements part of the project, a needs analysis should be performed.
The following questions should be answered:
1. What will be/should be the goal of Website?
2. What problem(s) is it trying to solve?
3. Does the project have endorsement from upper management?
4. What are the available resources for such a project?
5. Is the goal consistent with the resources that are available for such a project?
6. Has/will a project manager, who is accountable to upper management, been assigned?
7. If users from other lines of business are asked to work on the project, do they understand their responsibilities, the timeline, and prioritization of the project vis-à-vis their other duties?
8. If an outsourcer or service provider is to be used, have they been carefully vetted?
9. Have SLAs been agreed upon and put in place?
Clearly Delineated Goals and Objectives - For example, investment in a corporate website could help a company increase profit, reduce costs, better service customers, provide better communications, increase efficiency, become more competitive in the marketplace, attract more customers, eliminate redundancy, support a long-term strategy, etc.
Task Force – The Steering Committee should create a small, but permanent, user task force to periodically review complaints about navigability, prolonged response times, and queries or problems that are not acknowledged. The task force should determine the validity of complaints and create an action plan to resolve the issues.

The Bottom Line: The creation of a successful corporate Website, whether it is an Internet site, an intranet, and/or an extranet, begins with one or more predefined and clearly expressed and understand goals that are aligned with the corporate vision. A strategy for implementation that is consistent with a pre-formulated budget, understanding of existing talent and resources, clear delineation of roles and responsibilities, excellent project management and tracking, and communication skills are also imperative.

Click here if you are interested in free reading of this research note.

To top

Keys & Risks to Outsourcing Legacy Applications

Many companies today are wrestling with the expenses and risks of running legacy applications. These old applications usually were not designed to address the exposures that exist now, and upgrading them can be viewed as a poor use of valuable company resources. Yet, the applications may not be easily retired until a replacement solution is in place. Hence, executives may desire to turn the entire application maintenance and operations over to a third party. While this may be a reasonable alternative, IT executives need to uncover the implications of such actions, such as the full disclosure of costs and risks, find ways to mitigate them, and include all key concerns, expenses, service levels, support functions in the contracts.

Two critical areas that IT executives must address are the transition phase to the outsourcer and the termination phase. Most outsourcers expect the user to be responsible for the data extraction, cleansing, and loading onto the new databases. While this is called out, what is not explained is the size of the effort, which executives tend to underestimate and under staff. This can end up causing greater incurred costs, as the project is delayed at user expense or the outsourcer ends up providing added resources to address the shortfall. Similarly, the termination phase may result in added vendor charges when the outsourcer assists in shutting down their operation and turning the application back. IT executives should carefully comb through these two phases to understand all the major tasks, who has what responsibility, and how these efforts are costed out.

There are a number of major functions that end up the responsibility of the outsourcer that need to be fully delineated. Executives tend to focus on the application maintenance and operations but equally important are the help desk, network, security, and technical support elements. IT executives must ensure the service received from the outsourcer meets user expectations, reduces IT risks, and satisfies corporate business requirements.

Experton Group believes use of legacy application outsourcing can be an effective way to handle legacy applications that IT does not want to deal with any longer. It allows the company to keep a cost contained while freeing up resources for new revenue generating activities. However, the move can be fraught with obstacles, requiring IT executives to scrutinize every component of the offering so that risks are minimized. IT executives also need to be sure that all key parameters – governance, pricing, SLAs, and terms and conditions – are in the contract exactly as agreed to in other documents or in conversations.

To top

Corporate Social Responsibility

Corporations have achieved various levels of success with devising new corporate social responsibility reporting programs to demonstrate commitments to improving their enterprises' environmental impacts. Proper reporting requires an examination and discussion of key elements including employee safety, manufacturing activities, raw materials usage, and supply chain due diligence and performance. Many companies have now created director or C-level positions of responsibility for social responsibility, and Experton Group believes top-level responsibility is an essential element for elevating oversight and performance to the grade necessary for enterprises to achieve the actions needed to demonstrate class leadership. Increasingly, businesses of all kinds – whether they are in the manufacturing sector or not – are being judged on their commitment to reducing their environmental footprint and acting as responsible citizens. Such criteria are becoming an integral component of determining which vendors and business partners are selected. Experton Group clients have inquired about how they can identify and improve upon the correct metrics for evaluation, as well as how to best organize and present findings and improvements.

Experton Group believes corporate social responsibility programs should be regimented in their approach and follow a prescribed and formally announced policy and methodology for determining past, present, and future positioning. Governance and accountability is paramount to making the programs work, as is the oversight and responsibility of a C-level executive that can execute global policies and implement requirements for measurement, management, metrics, and improvement levels. Work with NGOs and regulatory bodies will be required to ensure that corporate messaging and requirements are reflected in the media and legislation.

However, it is imperative that the enterprise itself take full responsibility for managing and forcing environmental advancements that outpace what is required by law. IT and business executives should ensure that the entire value chain – business partners, employees, suppliers, and other relevant stakeholders – understand the corporation's plans for environmental achievement and use NGOs and other channels to get proper messaging presented. Adherence must be a corporate mandate and integrated into all corporate development and examination processes using a proven and repeatable methodology capable of measurement and reporting.

To top

Experton Group is the leading fully integrated research, advisory and consulting company for mid-sized and large organizations, maximizing the business value of their ICT investments through innovative, neutral and independent expert advice.

Experton Group offers consulting services, market surveys, conferences, seminars and publications related to information and communications technology issues.

Our consulting portfolio includes technology, business processes, management and business co operations, investments and mergers.