Apr 182011

I am pleased to announce that Kristin Burnham, CIO.com Web 2.0 Advisor, will be our special guest at our CIO Roundtable on May 18 at Noon. Kristin is well versed on all things Facebook and we look forward to a lively discussion with our CIO Executive Series members.

Facebook is on every CIOs mind, but many are unfamiliar with its implications for business – good and bad. Kristin has written quite extensively about Facebook and please read some of her recent articles.

10 Must-Have Facebook Apps and Add-Ons
Are you a Facebook user and a music- or movie-buff? Can’t wait for an official “Dislike” button? Or always looking to identify connections who’ve “unfriended” you? If so, download these 10 must-have Facebook apps and add-ons.
Read More »

Facebook Bible: Everything You Need to Know About Facebook Our Facebook guide delivers expert analysis on the latest Facebook developments, helpful tips, tricks and how-tos, and the latest updates on privacy, Facebook apps and more.
Read More »

Facebook Questions: 4 Warnings Before You Start
Facebook started rolling out the updated Questions platform to all users yesterday. But before you try it, consider some privacy, search and online reputation issues.
Read More »

Facebook Quick Tip: Enable Encryption to Avoid New Privacy Glitch
Some Facebook traffic this week took a misguided trip from AT&T servers through China and South Korea, exposing some user data. To protect yourself against such glitches, here’s how to enable Facebook’s HTTPS feature.
Read More »

Apr 082011

My meetings with CIO Executive Series members continued this week and yielded more interesting findings.  I wanted to share them with you.

CIO Questions on Email Security
I had an interesting conversation with a CIO this week that had just bought 4 physical servers for essentially an Exchange 2010 upgrade projects. Overall he has 100 users in 1 location. Why did he buy 4 physical servers? What about virtual systems? This was certainly one of my questions, but he was very concerned about security and HIPAA concerns for his organization. Having spent so much time in the compliance and security area, HIPAA is just another part of the same coin so we started discussing the elements of Exchange and security which was his main concern. The security design we discussed related to the Exchange upgrade were the following.

  1. Websense Questions.   He has two Websense servers. 1) URL management and 2) Email security related to SPAM, AV, Malware, etc.
    His primary concern with to offer User Self Service Spam Management. He also wants to segment and allow some people to manage their own email and others not
  2. Sonicwall SSL VPN.
    Goal – For remote users wants TSE, Citrix, OWA proxy, integrated with AD, Text based 2 factor auth
  3. AD security check and AD health check
  4. HIPAA contextual scanning of messages
  5. Encryption and key management system

CIO Cloud Email – Politics and Finances
A CIO in the Group had his chief tech call me to get a quote on Cloud Email. Overall 500 users and north of 10 locations. Unbeknownst to the chief tech, I had already discussed the possibility of looking at Cloud Email in conjunction with the planned upgrade to Exchange 2010 over lunch several weeks ago. I knew this request was going to come across the bow. The chief tech was very nice and said to me that he didn’t want me to spend much time on the quote because he didn’t think they would do it anyway and all he wanted was some quick numbers. I kindly said that there is really nothing quick about Cloud Email and that he really needed to run for the hills with any provider that treats it as a commodity transaction. The planning required for Cloud is just as intensive and in some cases more so than On-prem even though vendors want you to believe otherwise. The bigger story here is that I am not really convinced that Cloud email for this long time friend and client is a good fit since his IT org is very very lean and he swears that email management is no big deal and hardly takes and management cycles from his team. What I have told him is that Cloud Email pricing has changed a bunch since the last time he looked at it 3 years ago…in a Southward direction. As a part of doing due diligence, on migrating to Exchange 2010 it is a no brainer to look at 3 options, but also to pay attention to politics, financial realities as well listed below.

On-premise traditional Exchange 2010 Upgrade

  • Off-prem Cloud Email (multi-tenant) Total and Partial Outsourcing Options
  • Off-prem Cloud Email (single-tenant) – Partial Outsourcing

In summary, politics plays a big issue with cloud. I have seen it already play out with a 1200 seat rollout that has made me a firm believer with a CIO that I thought would be one of the last to consider it. Politics is an issue since IT staff will think that their job may be in jeopardy. Exchange drags a massive eco system of other systems with it, but at the end of the day it is still a plumbing system and it doesn’t help a company make money. I believe that Cloud email will not replace jobs but allow lean teams to focus on apps that support the business directly. In addition, the financial realities are significant since the Cap Ex versus Op Ex realities are real.

Cloud Email and the VoIP Killer
In a meeting with a member of the CIOES Group this week we discussed his goal of moving email to the cloud. I love having these discussions because it opens up a Pandora’Box of possibilities and rarely results in a black and white inflection points unless you discuss VoIp. There is nothing that can kill a move to Email Cloud quicker than integrated VoIP Systems. I shared with him that I have a 29 question form for Cloud vendors I use when I have clients considering a move to the Cloud. I shared with him that it helps me to broker the best deals for my clients. If you have VoIP, the Vendor must answer the following key questions so you can understand how routing between the phone system and the email system happens.
         a.   Will they support a 3rd party foreign connector from the customer premise to the hosted environment?
         b.   Will they allow outlook forms to be loaded into the organizational forms folders?
         c.   Will they allow Exchange admin rights for the connector install?
         d.   Will they allow Send as/Receive as rights on the exchange server/information store?

Craftsmen Versus Operational Plumbers
I had a wondrous conversation with a CIO yesterday. It reminded me of a blog that I wrote  a year ago on craftsmanship. The CIO I met with recently relocated to the Washington, DC area. They had also worked in New York City and also a southern state. He said each area has a certain regional feel and shared with me his observations. In New York City he said people were only concerned with your ability to deliver. In the southern state, the most important thing was the relationship. In DC, he commented that it is who you know or how well you are connected. What frustrated him was meeting a CIO randomly in the food line of a restaurant and asking the fellow CIO if he knew of any recruiters that he could call since he is new in town. The other CIO said he wouldn’t share the name of the recruiter. Crazy isn’t it that the CIO wouldn’t share this information. He was afraid that giving him the name of the recruiter he used he would diminish the pool of talent available to his own organization. Amazing.

What I loved about meeting this man was the organizational culture that he is creating. He told me he currently has 20 open positions that need to be filled. He said, “Our corporate culture values high quality relationships. Deep corporate values focused on Collaboration, Craftmanship and People who want sky above them, love what they do, and want a feeling of empowerment.” It reminds me that when you lead with values you immediately differentiate yourself.

How many of you can relate to his pains? ….a summary of which is below.

  • He wants a valuable Local CIO Network.  
  • He needs a local Recruiter. 
  • He needs Cloud Application Deployment Options in the USA.  
  • He needs and valuation of Staffing Needs  (W2 positions, Cloud Application, MSP, local project VAR)
         o    What do you need to get to the next level?
         o    What structure do you need?
         o    Assessment of people
         o    Review core business that needs Craftmen versus Operational Plumbing
  •  Network Managementt – Needs Sys Ops staff, shorthanded, doesn’t have a NOC. Comprehensive Monitoring, Reporting and Forensics (Security and network alerting)
                   • Apps
                   • Database
                   • O/S
                   • Network Device
  • Security – Architecture, Design, selection and placement of products to handle: IDP, packet inspection, reporting, forensics, etc. No packets, IDP, Sys monitoring.
Apr 062011

During the last few months, I have been meeting with many CIOs from our group and also with my RedZone clients.  I want to share with you what I am hearing from these IT executives.

Infrastructure – What I am learning is that people are settled with their infrastructure investment, but are thirsting to learn ways to manage virtual infrastructure more efficiently.  They don’t want to get caught underutilizing the hardware investments that they are making.  The VDI word comes up more and more.  With the added layer of application virtualization being the project, most CIOs are curious how to get into.

 Citrix Garbage Talk – I sat in on an amazing display of a vendor not listening to a CIO’s request for his team to observe a demo of Citrix XenApp (formerly Citrix WinFrame Server, Citrix MetaFrame Server and Citrix Presentation Server).

We had to listen to a sales tech give a demo of XenDesktop, since apparently Citrix is trying to get everyone to believe that Citrix XenDesktop is the same thing as Citrix XenApp.  As a CIO, you should be looking for this moving forward since Citrix again is saying that they are hypervisor agnostic to Microsoft and VMWare and want to own the VDI market of delivering applications.

I love the shifts going on with VDI. It allows one to be incredibly creative with delivering applications, but it can be quite confusing and misleading when reading the marketing material from VMicrosoftware, Citrix, Microsoft, and Add-on Third parties.

Microsoft Windows Server 2008 R2  –  I am hearing it is great and works so much better for Terminal Services.  In fact, listening to my own techs, R2 is more of a re-write than a version release.  When it comes to application virtualization, pay attention to R2 since older apps may have a difficult time working and you will need to virtualize the app to get it to work on R2.

Cool Product – I learned from CIOES member about a company called Ericom that makes an add on product called Blaze.  Apparently, Blaze makes RDP and VDI blazing fast.  Look at this product to drop the cost of deploying VDI.   I am now testing it if for my company RedZone and it looks incredibly promising.  I will keep you posted!

PCI Security – More and more of the private company CIOs I am meeting with who didn’t have to concern themselves with PCI are now having to pay attention.   Next generation UTM firewalls from companies like SonicWALL are helping companies with distributed offices deal with granular inspection and management for PCI controls.

Risk and Reward – There seems to be a theme running across the group from the meetings that I have been having.  There always seems to be a willingness to do what others are not doing or to try things that others are not trying.  I had an interesting discussion with a CIO who said he would rather go with new technology that yields quick and large ROI.  He said, “Yes, I may have an issue deploying the solution, but I always have integrators to bail me out.  Even if I have to spend more to integrate the technology, I will make this up from the savings in maintenance alone in year two to five years.”

He is not afraid of taking a risk because, in his opinion, the financial benefits his company will experience far outweigh the risks.

DR and BCP – With our group members who don’t have an auditor or compliance concern, DR and BCP planning continues to be woeful at best. For the most part, IT is expected to guess and take on the problem regardless if the business is involved or not in creating and testing a Business Continuity Plan.  The only consistency I have been able to observe is that if you are regulated in some fashion, you may have been able to find funding for Business Continuity Planning.  This news may encourage some of you who are frustrated with the lack of understanding of what is required for a business to properly fund a BCP and IT DR initiative.  Cloud Backups and Cloud Email continue to be a good option for CIOs who do not have business funding or cultural support for a full BCP implementation.

Cloud Email and Backups – There is a continued interest in cloud computing and there are some very good options to consider.   The CIOs I have talked with are actively looking at moving specific applications into the cloud.  I have talked with several CIOs about Exchange 2010 migration.    Just this simple decision to upgrade to Exchange 2010 drags with it an entire eco-system of systems.  I have been able to find really good options that work for SMB companies with 10-10,000 users.  A CIO can get price quotes from a cloud broker and pretty rapidly get their hands around the costs.

  1. Consulting upgrade of Exchange
  2. Cost for Internal Staff to do the upgrade
  3. Public Cloud Exchange outsourcing
  4. Private Cloud Exchange outsourcing

I also ran into a CIO who was using a neat product to backup his laptops into the cloud separate from his corporate backups.  They have a ton of laptops and I thought this was such a great idea!

IP Phones in the Cloud – There is a cool player called Thinking Phones that I learned about from one of the group members with a few thousand users. It is a cloud based phone solution. I have seen in our group more of these type of deployments fail versus work out due to primarily a lack of an understanding of how to manage bandwidth on the carrier side and on the company/customer side; so jitter/delay issues become a big finger pointing match which results in the CIO pulling the phones back in house.  This company though holds some promise since Thinking Phones seems to have a good bandwidth control story all the way down to the switch port at the customer facility.  Additionally, in my discussions with the member CIO, he talked extensively about the possibility for needing to add in bandwidth control and is going to watch this very closely as the phone systems are deployed.  For those of you interested, Riverbed and Blue Coat continue to have the best products.  I personally like the Bluecoat and have worked with it extensively for 12 years.

I want to hear your thoughts. Agree?  Email me or tweet me.