Category Archives: IT Service Management

My Data Security Preoccupation

Recent projects have drawn me into the esoteric, frequently scary world of information security. It’s probably just a coincidence; then again, sometimes a theme will capture the popular imagination and become a broader preoccupation. Certainly, high-profile data breaches at CareFirst, Anthem Inc., Target, Neiman Marcus, JPMorgan Chase, Experian, eBay, Home Depot and other household name enterprises have set certain industries on edge; 2015 is likely to see new data security regulations in the US and in Europe.

chillonI’ve co-authored a study of CIO and CISO attitudes toward data security in Denmark (with client Trellis), where the prevailing business culture has viewed security as a distant concern and responded passively and reactively — at least up to now. New EU security regulations are likely to shake this culture out of its complacency this year as executives contemplate negative publicity, fines and sanctions in the event of a significant breach.

Complacency is one reason companies drag their feet in assessing and dealing with data vulnerabilities. Another, apparently, is the worry that it might be better not to know in advance about gaps in one’s security, because that advance knowledge itself could be discoverable and could be used against the enterprise in the event of a lawsuit. I recently ghost-wrote a blog post about a federal court ruling that could offer a way out of this dilemma, however: The retailer Genesco recently was able to avoid turning over data from its security consultants after its stores were hit with a cyberattack, because it had hired its consultants through its law firm, and therefore their work product was protected by attorney-client privilege. The ruling suggests a litigation defense strategy others could adopt.

The magazine SupportWorld has asked me for an article on security issues arising from Social Engineering — a pernicious breed of hacks that exploit weaknesses not in IT infrastructures but in the character of the humans who use them, especially our frail tendency to want to be helpful, cooperative and compliant. I’m working on the piece now, and I would like to invite your help.

Has your organization been hit by a social engineering exploit? Ever had the experience yourself? How did it happen, and what did you do about it? Your experience could be very helpful to colleagues and peers in other enterprises, and I invite you to share them with me and my audience. Contact me here to share your story — experiences don’t have to be attributed to you or your company to have value. Thanks in advance.

Leave a comment

Filed under IT Service Management, legal

Convergence: One Year’s Meme

Peter Dorfman Creative Solutions celebrated its first birthday on December 1. It’s a good time to stop and reflect on what I’ve learned from a year as a freelance content creator.

I leverage not only my original training as a journalist but three decades of experience in marketing, implementing and writing about technology. So it’s hardly surprising that most of my content marketing initiatives have been technology-related. It is intriguing, however, to see the way disparate projects with disconnected clients tie back to a common idea, as though companies operating in distinct market segments all are inspired by the same dominant meme.

conferenceIf that’s the case, this year’s meme has been the erosion of the wall between the world of corporate Chief Information Officers and the businesses they serve. The distinction between the rationale for the business and the IT assets that enable the company to execute that strategy is disappearing, as markets, marketing channels and the products sold through those channels all become increasingly digitalized.

“It’s impossible to live in this society and not be inundated with technology,” Barry Libenson, CIO of the West Coast grocery retail chain Safeway, told me in an interview. “That’s the reality, even for a large brick-and-mortar operation like ours.”

A Seat at the Table

I spoke to Libenson in connection with an article for the magazine SupportWorld, published by the customer support professional organization HDI (“Come Together: Business and IT Executives See Their Roads Converging,”November/December 2014). He was describing the preoccupation with the digitalization of virtually every important business process. People of a certain age remember when enterprises could be run by executives who never touched computer keyboards and had admins filter and print out their emails. Such a thing is inconceivable now. For a CIO like Libenson, the result has been that he now has a seat at the table where business strategy is developed, and technology is no longer just an enabling tool but is a core part of that strategy.

My background in IT Service Management (ITIL) and my nodding acquaintance with the software development discipline have led to a series of content projects related to this convergence recently: White papers and two eBooks focused on Agile or Lean development strategies intended speed up the process by which pragmatic business challenges are translated to enterprise software.

Developers have argued for decades that the traditional process by which software is designed, built, tested and deployed is too slow and too disconnected from the needs of the business to be practical. Now, agile development methods by which software is rolled out in small, rapidly developed increments are ubiquitous. It would be unthinkable to develop new mobile apps by anything other than agile methodologies with constant feedback from the business. This is not a fad; it’s simply that these software tools are essential competitive weapons, and that change in competitive markets is so rapid today that there is no way conventional development methods could keep up.

More to the point, however, it is no longer feasible for the business to call a meeting with IT, draw up a set of requirements, and tell the developers to come back in six months with a finished application, expecting it to reflect an understanding of the original business problem. The new reality is that Marketing, Finance, Operations and other business functions must adopt technology developers as trusted partners, invest in bringing the techies up to speed on what the business actually does for a living, and allocate business people’s time to development projects as fully involved product “owners.”

Esoteric But Practical Concerns

Business people also must develop an appreciation for some seemingly esoteric factors that can impact the timing – indeed, the feasibility – of critical development projects. A series of writing projects for Nlyte Software provided an object lesson with respect to the data centers that serve the infrastructure needs of enterprises.

The data center is a huge black box to most line of business executives. They think of it as a remote installation stuffed with expensive hardware that houses their applications. Beyond that, the executives rarely give the data center a thought until some capacity issue becomes a reason why they can’t have some IT enhancement, or can’t get it in the current fiscal quarter. Nlyte markets software that provides advance warning when data center resource issues have the potential to become bottlenecks for business system enhancements.

While IT people are the immediate consumers of the data Nlyte’s tools produce, business people need to develop an appreciation for processes like Configuration Management and Change Management, so that they at least know enough to anticipate that issues like data center capacity could get in the way of a critical business initiative.

The convergence of the business and technology currents in enterprises is a halting, imperfect process. But it is irreversible and it is not just driven by millennials – it is captivating executives at the peak of their experience and their command of enterprise strategy. It seems likely to be an important continuing theme in 2015 content projects.

Is mission convergence a theme behind the products or services you sell into enterprises? Contact Peter Dorfman for help articulating that point to technical and business audiences.

Leave a comment

Filed under content marketing, IT Service Management

Upheaval in the service desk space

Help Desk Software is Now a Free Download

The wheels turn slowly in the enterprise software business. For all the talk among the industry pundits about accelerating technological change, it always feels as though the end user community is at least two years behind whatever fanciful curve the analysts are scratching out on corporate whiteboards. But markets simplify – they move toward entropy – until some event gives the whole lethargic field a much-needed kick in the pants.

The IT Service Management segment received just such a kick on March 5, when one of its maverick vendors, ManageEngine, announced it was cutting the price of its base platform – the help desk package called ServiceDesk Plus, used by 60,000 customers worldwide – to zero dollars. Current customers will pay nothing for maintenance or upgrades from here on. The software is a free download to everyone else.

ManageEngine ServiceDesk PlusThe help desk is the broad base of the IT Service Management pyramid. It is the face of IT to the end users. The development of an ITSM practice in any organization starts there, and adoption of all the other service management processes and tools assumes the existence of an organized, software-enabled service desk.

The thing is, this has been true for decades. Whatever has evolved in the IT infrastructure itself, and in all the more advanced ITSM processes and technologies that have made organizations’ system architectures supportable from one generation to the next, the help desk has been the bedrock and has remained virtually unchanged.

The software that supports the service desk has reached an evolutionary stasis. There is plenty of demand; ManageEngine, a division of Pleasanton, CA based Zoho Corp., says its sales are in “nine figures” (US$), and ServiceDesk Plus has been a core contributor to that figure. But help desk software is now a commodity, offering no obvious opportunity for innovation to create a gap for a new entrant to fill.

The interesting opportunities are in applications that enlarge the ITSM footprint, extending outward from the help desk. And therein lies the potentially disruptive aspect of this move on ManageEngine’s part.

Larger, more established companies like BMC Software, HP, IBM and CA have dominated the generally mature ITSM space, sharing it with a handful of upstarts such as ServiceNow and ManageEngine. The market has come a long way since the 1990s, when I was a direct participant; there were multiple dozens of barely-distinguishable help desk software offerings then, and consolidation had scarcely begun.

My experience then was as a marketer of Knowledge Management software to the ITSM space. The KM tool segment was a relative infant, overcrowded with start-up vendors focused on Problem Management which, like other ITSM processes, was grounded in the help desk and the higher level engineering functions to whom the help desk escalates incidents.

All of us in the KM segment had exuberant expectations for adoption of problem resolution tools, which promised higher first call resolution rates, faster help desk agent training and the like. It took much longer than most of us expected for KM applications to catch on. An important reason was that organizations were working their way through the process of help desk tool adoption, which was a huge, six- or seven-figure investment for a lot of companies. We understood that only when our prospects were out the other side of that decision process would they then get around to KM.

A lot of KM proponents underestimated the complexity of that decision. Knowledge bases were supposed to be everywhere by 2004 or 2005. It is only recently that problem management has really matured as an application for KM.

In that context, ManageEngine’s decision to give away ServiceDesk Plus makes a great deal of sense. The real opportunity for ITSM vendors is higher up the infrastructure food chain:

  • Network Performance tools
  • Service and Application Monitoring
  • Security
  • Desktop Management and Deployment
  • Capacity Management

and other, higher-risk, higher-value ITSM processes. But all of these services are provided through tools that stem from the base platform rooted in the help desk. And each of these additional software components is an additional line item in a budget whose basic unit is a service desk “seat.”

All of ITSM shares the basic market problem we had in KM tools: Each help desk agent already represented a sunk cost for automation. How much benefit must you be able to prove in hard dollar terms before the CIO begins to squawk about how much your license adds to the cost per agent? What is the maximum acceptable cost per seat – especially for what is generally regarded (let’s face it) as a low-prestige, often outsourced job?

While there are fewer choices among ITSM platform vendors these days, the market is still highly competitive, and even for the highest-margin components of the suite, for the vendor, much depends on successfully establishing a beachhead in the service desk. For ManageEngine, the decision to cut the cost of the base help desk tool out of the equation seems fairly straightforward.

The company will still need to prove that its high-end components are functionally competitive with those of the market’s leviathans, but the gamble seems logical. We’ll know soon enough.

1 Comment

Filed under IT Service Management, knowledge management