What technology can bring the greatest return? And which technology will be drained of your IT budget? IT investment strategy is very important, this article from seven IT projects CIO in 2007 to go into details which may be invested in too many areas where investment is too small.
According to the survey, IT spending growth in 2007, only 6.6%, hidden behind a large number of variables. Cost reduction measures and the daily tide of new and emerging technologies for many companies busy, and implementation of major changes throughout the enterprise. IT capital have become active this year, often from one project to another project. In this case, CIO how to allocate resources is crucial, you can not go into too much an aspect of the project for fear that other projects will affect the normal development.
This year, most of the CIO in support of the business may put too much into too little to promote the business. This is not surprising, but the full use of funds that were good at the company, it is possible that extra funding to accelerate the achievement of business objectives aimed at new projects to enhance IT on the total value of the entire company.
"InfoWorld" to the analysts, experts and CIO conducted a survey to understand the success or failure of projects related to the company in which to invest too much, which has invested too little. This seven aspects: SOA, regulatory compliance, security, virtualization technology, collaboration, networking and application development.
A budget to ensure SOA success
Over the past few years, as many companies strive to play the potential of Web services to enhance the value of existing IT 资源, the whole company are calling for a service-oriented architecture (SOA). However, most of the activities associated with the SOA is limited to the discussion, investigation, planning and small-scale projects.
As the early adopters have been from the proof of concept (POC) into the implementation phase of the deployment phase to a more reliable, SOA spending will occur in 2007, rose sharply. However, if the lack of insight and foresight, many companies too much money will be used to ensure the long-term success of SOA is not the side effects.
First of all, too much money will be used for speculation on again. The results will be found that many companies "blindly follow the trend" or "in accordance with the magazine approach to management", in fact, they should be sure to focus on my own needs. This means that the too much money for a variety of steering committee meetings and proof of concept, so that hindered the completion of practical work.
Worse, because many companies do not clarify their needs, they turn to vendors to provide "a package of SOA", the result too much of these funds used in the early stages. In other words, they do not know where to build the house ready, we bought the house.
Second, focusing on strategic consulting will be over in 2007 into another aspect. Strategy consultants often do not provide a detailed implementation plan, strategic planning is certainly important, but the real work started from the identification of needs, including semantics, processes and service levels to understand the whole enterprise. According to IDC survey, consulting expenses in 2007 will double to 5.5 billion.
If companies have more money for training, it may get better returns. SOA is a technology shift, but also a culture change, IT personnel required to be proficient in both. Without the right people, will bring high costs, high cost of more forced recruitment of new employees.
Third, the security will once again become a factor later in mind. Reduce security costs are excessive can not make up the losses may occur in the future. Security policy management is a concept, it is a set of technologies, both of which need to be concerned about. Distribution services is the charm of SOA, but this in cost savings, it would also cause many damage.
Finally, few companies will invest sufficient funds to pay serious attention to the emerging Web, in particular, software as a service (SaaS) and Web services to these markets. Many enterprise applications can be outsourced, or outsourced to a SaaS provider (through the Web to use), or treated as an abstract directly to a set of SOA services inside. Indeed, the use of emerging Web may bring the greatest return on investment.
2 full advantage of emerging collaboration solutions
Over the years, technology vendors for their own messaging software adds many features, hoping to provide a comprehensive platform to meet the requirements of each enterprise collaboration. Why not use new users an alternative to this form for its own budget and needs of the collaborative environment?
Most companies have to realize that if large companies abandoned the e-mail permit, you can save money, but in the arrangements for the meeting, the relevant calendar software, free / busy scheduling functionality is difficult to be compared. Calendar of distributed innovation and version control (CalDAV) to change the situation, the standard arrangement for the calendar function can be compatible. If you meet the CalDAV server and client machines are widely accepted by users, the cost for the permits would be reduced, and the staff can liberate, not to use email as a temporary alternative to a workflow approach.
OC Tanner company's IT director Kelly Phillips said, by the name of collaboration and intranet portal for the cost of most waste. Phillips said: "We invest in established intranet and found the lack of collaboration tools and rich content, this Intranet useless. Intranets are often reduced to within the last booklet software, with only phone book, self-help menu may also introduce sales or human resources to support some of the activities. To some extent, we've added more things, the intranet has become more useless. "Phillips suggested that investment in enterprise search solutions for the preparation of resources index, but not for a variety of content to provide a centralized place.
Despite the very fire blog speculation, but as a collaboration tool, it has not been fully utilized. Blog software also can replace most of the mailing list, this list tends to plug the Inbox, impede the efficient use of e-mail. The low priority messages to RSS news sources, and encourage the use of news sources readers, this can be a low cost way to increase productivity.
Knowledge management system may be too large in 2007, another part of the expenditure. Multi-channel contact center Sento's CIO Steve Fulling that, Wiki (a kind of collaborative writing tool for people) is worth trying another approach. Fulling said: "Wiki satisfy our requirements, but also the province out of funds for other more urgent projects."
However, the most important item to strengthen collaboration and tools may be irrelevant. Whether planning a conference call inappropriate, or no one more heap more click on the e-mail, if you assume that employees know how to use the tools you hair down, you lose efficiency. Proved, counselors, teachers and trainers to help staff played a key role in effective collaboration, do not invest too little in training.
3 weigh the cost of compliance
IT budgets in support of regulatory compliance that part of the large amount, and in some cases, they impede the implementation of more reliable and specific computer security protection measures. In other words, in order to comply with the law and put large sums of money, may well be the business at risk.
Security agencies in charge of Stephen Northcutt SANS Institute also think: "IT staff attached great importance to compliance, which is actually in response to the review, rather than responding to security. We are trying to meet a series of demands for censorship, but the end can not guarantee these requests also assessed for real safety. review the requirements and regulations are often too broad gaps and overlap. "
Most companies subject to several Department of industry regulations, which are described in the definition of safety regulations are too broad. A bank's IT director, said: "The first review of personnel that we have to use at least six characters in the password, another person said password at least 8 characters, but also complex. Youxie review of staff pay attention to Zhang Hu locking mechanism, but did some do not pay attention, but no one has asked to affect the overall security of your password and other factors. In fact, the law does not require the password to use the number of characters, but the password provided to ensure safety. "
Bon Secours Health Systems of the Information Security Officer Hodges said: "If we are faced with two conflicting or overlapping laws, will be to play safe, take the most conservative and safest way to meet the requirements of two laws and regulations." but always take the most conservative approach means that relatively large expenditure, but also from the perspective of the overall security is also not necessary. As the law is often the thunder, little rain, so CIO compliance projects in the investment necessary to figure out how to draw a line. After all, in order to comply with regulations from the safety of other practical items drawn a lot of money and effort, laying the seeds for the future.
4 on-demand network technologies are most meaningful to take
Gigabit, VoIP, and intrusion prevention system (IPS) of continuing concern, many companies plan to deploy in 2007. However, unless absolutely necessary, otherwise the investment in these areas may be too much.
VoIP is more like the small waves slap the infrastructure, rather than the manufacturers want the big swing. Generally occur with the situation, but if the company uses on-demand VoIP methods are taken, will benefit. High implementation costs, coupled with reliable performance has been installed in place of PBX, VoIP has become of these factors "have the opportunity to replace when replacement" of a class of techniques, such as office moved to a new building, or when to replace the existing PBX before switching to VoIP. In addition, many PBX vendors support their own systems to VoIP, so VoIP phones can integrate with traditional phone, branch or remote offices to facilitate the deployment, not even the network core have been taken out and replace approach.
Gigabit to the desktop as well. Although the company purchased a desktop with a Gigabit Ethernet system, yet their access to 10/100 Mbps switch. Now the fundamental demand for bandwidth is not high enough, no need to require every edge switch, and upgrade both the uplink.
IPS buy those companies in 2007 should remember: A lot of administrators are skeptical of such systems. Worse yet, such systems are often caused by problems than to solve the problem. Surge in the number of viruses and worms to use Windows, the company is no doubt quite a headache, but most of the IPS in the configuration and maintenance demanding solutions, not to mention their high cost, this can not help but make people question the return on investment . Most companies spend their level in the network core or edges to eliminate viruses and worms, not as good as the desktop and server level, eliminating viruses and worms.
Another hot spot is the bandwidth too much investment. Major ISP to provide the bandwidth there is still a serious gap between, in any case, the end-user bandwidth is not complaining about the inevitable outcome was expected, do not think you can let the user have no complaints.
5 server virtualization technology to reduce costs
In 2007, not using virtualization technology, companies will have to invest more funds for maintenance of data centers. Gradually increasing tension to the energy companies to use virtualization technology, CPU industry innovation and competitiveness as the technology matures and has proved to be: the server virtualization technology can greatly reduce energy consumption.
Use virtualization technology to reduce the second reason the cost of replacement hardware, especially in the present, many companies entered the server upgrade cycle in the procurement phase. IDC analyst Frank Gens said: "IT companies using server virtualization technology, hardware costs can be reduced 1 / 4 to 1 / 2." IDC forecasts, the new deployment of dedicated physical servers as virtual hosts will increase the number of 52% this year .
Companies will focus on more powerful, higher-cost servers, bundled with VMware, Virtual Iron and Virtuozzo and other platforms, these servers will exceed the growth rate of the original operating system bundled with the server. Low-end server is still an option, but compared with the medium-sized platform, will be increasingly out of favor. 8-way servers is expected to be a new life.
In terms of the license fee, VMware's prices are high above each socket, but competition will drive prices down in the fall of 2007. Virtual Iron has dropped the price of its enterprise products in each socket 499, thereby further reducing access barriers.
It is worth mentioning that all users will benefit from virtualization technology, not just large companies. Strong function, lower-cost server virtualization technology investment that is right, regardless of the implementation of large and small, such as Sun Galaxy x4200, Dell PowerEdge 2950 and HP ProLiant DL380 G5. In addition, there are many free products can be trials, such as high availability and dynamic load transfer, VMware Server is free to download, limited version of Virtual Iron as well. Although the lack of enterprise features free products may not provide the actual deployment of the necessary features, but they certainly proved this point: data center consolidation is ripe.
6 money to protect data, otherwise your peril
What say you to invest this year, lack of information that is protected.
A "Fortune" 100 companies CSO of anonymity said: "The issue of data encryption than most people are talking about much more complex. Data are everywhere, not recognition, mixed together. Staff carry personal mobile devices or home computer store the confidential information, in clear violation of company policy, but many people do not even know there is such a policy. I and many companies IT security leaders talked, they told me, to protect data is the biggest of its One of the challenges. No matter what kind of security solutions, there are the high cost of the shortcomings can not do everything. "
RSA enterprise solutions company Dennis Hoffman, vice president, also said: "Management recognizes the fact that IT 安全 a total cost of ownership model of mismanagement. A long time, people focus on infrastructure, in fact, should be put information on. most IT leaders do not know where their information, which simply can not manage. "
Merger is a global solution, but many companies do not have enough budget in this regard. Hoffman said: "We often talk about server consolidation, data consolidation, reduce data center and virtualization technology and management from the three data centers than the management of information from 23 data centers, the information much easier."
Patch management is that many companies may not have the budget in 2007 is another aspect. According to Symantec's experts, a vulnerability to the appropriate patch from the declared number of days an average of 31 days, while that from the vulnerabilities to malicious software released for an average of 3 days, so there is exposure interval of 28 days.
It should be a comprehensive patch management program, and implemented. According to security company Secunia recent tests show that a full 35% of the machine with the application of known vulnerabilities. Microsoft's Automatic Update seemed to work, but other programs also need to patch help. For example, Firefox browser, more than 30% of the time in which there is no patch; 50% of Adobe users running vulnerable versions.
Talking about protection of enterprise security, the most difficult thing is do not know what aspects. The house, "Fortune" 100 companies in the CSO, said: "Every year we strive to conduct a new risk assessment, to ensure that resources allocated to the necessary places."
7 Agile development and application of importance
Enterprises will invest too much money this year for the development of monolithic applications, this server-side development involves a formal demand, will take up dozens (even hundreds) designers, programmers and testers. If the use of scripting languages, Web services and SOA, to take advantage of existing assets, browser-based applications together, the situation of most enterprises will be better.
SOA is to promote hybrid technology and software development revolution, the two factors, people began to abandon the use of C + + write native code, no building line of C # and Java in many controlled code. Many companies will hire ASP.Net and JSP developers, but the companies were Javas cript, Perl, PHP and Ruby and other skill sets that may spend too little. If the combination of the logical framework and components package scripts recent popular applications software development team will be put into corporate IT departments faster, cheaper, more timely response team.
Front end, which means that AJAX-based user interface can help employees work more efficiently. In the background, SOA-based hybrid applications can eliminate a lot of manual labor, because it can achieve a reliable, solid-many integration, multi-step transaction can provide reliable performance, security and support. Unfortunately, many enterprises in the development of personnel training and the cost of employing enough.
Programming changes to the use of scripting languages, but also the formal requirements should be abandoned, and then change to the agile development process. We must have a master developer of agile development techniques, but also have solid project management skills.
2007 was also rejected by the traditional test mode - codes to be finished before quality assurance and safety verification. Nevertheless, many companies still a lot of time and money will be used the traditional test, and the patch to repair the defect through, because of insufficient funds for the development stage of each vulnerability and the strict functional testing. After the development of traditional verification test is still necessary, but if the whole design and coding process to the test steps can greatly reduce test and repair cycle, the development team can increase delivery speed.