2016: Is this the Year to “Go Digital?”

When an industrial giant like GE starts to move all your health data into the cloud using their new Predix cloud offering, you sit up and take notice. It’s clear that “digital” has gone well beyond Facebook and Google+. What does this mean for the enterprise?

The consumerization of IT means many of us have been acting and interacting in more digitally sophisticated ways at home and in our social circles than we do at work. In fact, in some cases, enterprise computing has lagged behind personal computing when it comes to the digital revolution. No doubt the scale of any decision to “go digital” is fed by considerable investment apprehension. Many large enterprises believe they can’t possibly act quickly enough to keep up with the steady march of new innovations emerging in the marketplace. This hesitation often translates into lots of talk about technology with little action. Especially when decisions about technology involve a radical change to a company’s way of doing business.

Instead of asking “What are digital technologies?” and “What does digital transformation mean?,” enterprises need to be asking “How can we use advances in technology to create sustainable and market-disrupting value?” Making sense of the dizzying rate of technological change is a matter of looking at it through your own, familiar and trusted business perspective.

In a new white paper, Avoiding the Siren Song of Technology: Focusing your Digital Strategy on Business Outcomes, I explore the ways leading enterprises are taking advantage of emerging technologies and as-a-service solutions to build a “digital fabric” to connect with and influence their customers, employees, partners and providers. By building a digital fabric, organizations can create new digital value in four distinct areas:

  • Digital customer experience
  • Digital products and services
  • Digital supply chain and manufacturing
  • Digital enablement and productivity

Enterprises should only invest in the opportunities that are right for them and on which they can capitalize over the long term. Understanding both the industry and the enterprise-specific market potential of these areas will help individual companies identify the initiatives that lead to the most promising solutions for their unique business objectives. Those that have been successful at traversing this new ground have been so, at least in part, because they have built healthy relationships with partners that bring market insight or help to build capabilities that are designed specifically for their sustained growth.

Read the new white paper or contact me directly to discuss further.

A digital reboot

It is almost two years since I last posted anything on this blog.

A lot happened in these two years. Remember in 2014 when every business conversation was all about Facebook, social and the social enterprise? And before that it was all about having a mobile presence and platform? And then it was all about big data?

2015 brought all these buzzwords together and to the ground. Suddenly we had the technology to carry out these ideas and conversations on how to use these technologies turned into mainstream. It was not just about outsourcing any longer. Nor was it just about technology & IT supporting business – it was much more now.

It was about leapfrogging transformation using the possibilities of technology.

Technology moved in 2015 from the back office to the enterprise front office. Enterprises are more interested in following technology trends in the Silicon Valley than they are in following best practices in the Outsourcing Capitals of Asia. Also the questions they ask themselves have changed – while operational excellence is still important, there is a limit to how much you can grow a business by cost cutting.

Technology can now drive revenues if you leverage it, or can bring down your current business model like a house of cards if you ignore it. And it is not about the individual technologies themselves, it is about how you can orchestrate this along with old & new business process to create new businesses & customers you never thought possible.


And when you are right in the midst of this storm as a consultant, you realise very quickly that what started out as a “digital transformation” is actually a business transformation.

Client conversations are very different today – they are all about how to steer and manage this change. Business Transformation using Technology can be intimidating – triggering more resistance than action.

Multiple topics that I had blogged about have now taken on a new meaning in this situation.  And almost every question that I had asked myself or explored 2 years ago just got challenged. There are new topics to explore.

It is time to reboot my blog.

photo credit: 8 via photopin (license)

Are you ready to deliver your newly signed IT contract?

As this new business year begins, I want to start with a post that sets the note for my study topic in the first quarter of 2014. It is the demand for continuity in every sense – after signing an IT contract – a topic often ignored: SERVICE TRANSITION.

Service Transition has nuances that go beyond what is prescribed in ITIL. Discussing and negotiating large IT contracts requires more effort than one actually thinks it should entail. This often leads to the result that people are singled out for 5-6 months to design and close the contract. On the IT buyers side, this is usually treated as a project with definite goals. The providers put together what is generally known as the pursuit team (with sales, technology experts and solution architects).

The solutioning and contracting process is an effort intensive task and involves the above teams sitting together for 5-6 months – meeting every day and having very detailed discussions on how to set up future operations. Depending on how such discussions go and the amount of value each side finds in the other, these teams either grow apart or get closer to one another. The presence of an advisory party helps to bring balance into the contract in both situations. I have been on all sides of this table – and it has been a 360 degree learning experience. It is amazing how your current viewpoint can affect the way you interpret a situation.

After the contract is signed, the IT buyer team is relieved on having completed the “contracting project”, and the Pursuit team celebrates having won the contract. What both teams often neglect to do is getting their individual organizations ready for the contract.

After seeing many initiatives go through the trough of despair after signing the contract, here is my thought-jogger list:

If you are buying IT services…

Have you thought of:
a) Does your team know the scope of services of the contract?
b) How should your team reorganize themselves to face the new provider – what are the touch points?
c) What are the new roles and responsibilities on your side of the contract? Have you designated a Service Transition Manager?
d) Who should perform the above roles? Are they equipped for these roles (skill & experience)? Are they enabled to perform these roles (time and authority)?

If you are the Provider

Have you thought of:
a) How do you transfer the knowledge gathered during the contract into the delivery organization?
b) How do you ramp up to get the people who you need on the ground asap?
c) How do you continue the relationship that you have just painstakingly built over the last months with new members entering the picture?
d) What should you set up to manage the contract that you have negotiated?
e) How can you transfer the good relationship and rapport that you have built up with your new client to the future delivery team?

Ideally you don’t want to bring in the Delivery organizations on both sides into play only after the contract is signed.

Such discussions and decisions should happen long before. There is great benefit in bringing these parts of the organization earlier into the picture as periphery teams. The core teams should involve the periphery teams gradually into the discussion in the later stages of the contract. This should go through the stages: BRIEF THEM ON SOLUTION, INVOLVE THEM IN THE DISCUSSION, INVOLVE IN DECISION MAKING. Both sides should perform a contract readiness check based on questions such as the above.

I will be spending the first quarter of 2014 exploring the multiple facets of this situation. Stay tuned.

photo credit: qwrrty via photopin cc

How to discuss assumptions in proposals to your benefit

The ubiquitous Assumptions section

Each IT proposal has a section towards the end – just before the financials and pricing, there is a small section with a list of assumptions on which this proposal is based on. And when it comes to the discussion table, both providers and IT buyers fumble with how to deal with this section. From a provider’s perspective, this is their way of setting down the boundary conditions of the solution. It is their way of offering a solution that is based on certain parameters which if fulfilled will enable them to deliver the solution they have designed.

Should you remove Assumptions?

Well, yes – but not without a discussion.

From the other side of the table, assumptions look scary. All you see are hidden data points and conditions which can suddenly increase the price if this is not either discussed away or controlled. And the result is predictable: Often contract negotiators try to remove all the assumptions so that it comes down to a contract sans assumptions. I am not advocating making contracts with assumptions. But should you seek to remove blindly? That would be wasting a hidden opportunity to have an in-depth discussion that benefits both parties. But how do you start this discussion?

Question mark

Divide and Focus

First segregate the assumptions. There are multiple types of assumptions – there are those that have material impact on the solution since they drive the entire effort of the provider, and those that simply lay down the financial conditions on which the price is based (e.g. handling of lodging and travel costs). Focus on the ones that shape the solution or refine the problem definition.

Don’t insist on removing assumptions without understanding the impact – because the only way the provider can remove assumptions is to price it into their solution.
Discuss each of them using the following questions:

  • What is the basis of this assumption? How does this impact operations?
  • What happens if this assumption is proven wrong?
  • What happens if a value increases or decreases?
  • Who can control this value? what are the means of controlling these values?
  • What can either of the two sides do to control these values?

Have this discussion dispassionately without first assigning responsibility – after this find out which party can control this risk best – this will give you the optimum balance between responsibility split and price.

Can Assumptions help you?

  • Often assumptions can lead you to finding a solution to your problem.
  • If you release a list of goals that you want to achieve and ask for a solution – you will get a solution that is driven by assumptions.
  • Such assumptions are not a nuisance – use them wisely to bring more refinement into the definition of the problem, or the enrichment of the solution depending on which side of the table you are sitting on. More on this topic in this article on Request for Solutions.
  • A smart provider should also think of using assumptions to coach the IT buyer – but they should not do this by talking down to the IT buyer
  • A smart provider should coach the IT buyer into what should be added to the problem, what they have potentially missed, what they should be demanding in addition. Believe me, IT buyers value this coaching as it shows them that you are thinking for them.
  • Use this discussion to find out where the buyer want to draw the line to split the responsibility.

Assumptions work both ways

IT buyers should not stop at only discussing assumptions that the provider has raised. They should create a list of assumptions of their own as the solutioning dialog progresses. Use these questions as a kick-start:

  • What are you taking for granted?
  • What are you being promised? How can you verify this for yourself?
  • What assets are you relying on? What are these assets performing that will be useful to you?
  • How can you check and measure that this is actually the case?

Now use these assumptions to drive due diligence on both sides. Giving each party the possibility to check the assumptions will go a long way in avoiding any conflict situations after the contract is signed.

In summary

Often the actual persons that are available during the contract phase on both sides (the deal team on both sides) leave after the contract is signed, and this is then handed over to the delivery team on both sides. Discussing the assumptions on both sides, and documenting the results of the same by baking it into the problem definition or into the solution will bring the required rigor into the contract.

The parties on both sides that are forced to live the contract over the next five years will thank you for it.

photo credit: Marco Bellucci via photopin cct

Will data growth overwhelm your data sensitivity policy?

Most conversations with End User Computing service providers noticeably center around service catalogs and service levels. In the heat of the discussion, there is one topic that sometimes gets neglected – Media Sanitization i.e. how is erasure of data dealt with after media is recycled.

And while firms are focusing on immediate insight coming from constantly growing information stores, Media Sanitization grows in importance.

Sometimes such a conversation ends with the realization that the guideline for data erasure and media sanitization has not been fully thought through. This goes beyond decisions about what happens to the data on laptops, phones and other devices after their time is up. What about the application data residing in your data centre? If you have a BYOD approach, this gets even more complex. Think of the implications if you have an in-house mobile application that accesses a CRM solution installed on the iPhones of your employees.



Media sanitization as a topic cannot be delegated to the infrastructure provider management. You need a holistic approach towards data erasure. The journey starts much earlier – the concept for data erasure should play an important role in your storage, labelling and media reuse strategy.


The Levels of Data Removal

Richard Kissel from NIST makes the case for three types of data removal – this is directly related to the Types of Sensitive Information you might identify for your organization:
a) Clear – where you erase the data on the device, but a tool like Unerase can easily recover this deleted data,
b) Purge – where you use much stronger cryptography (logical) or even physical means to remove data so that it cannot be recovered even by using state-of-the-art laboratory techniques. But the media can be reused and handed over internally to other employees or even externally via a shared device pool.
c) Destroy – where you not only purge the data, you also destroy the media storage device permanently so that it can no longer save data or be read. This is potentially your option for highly sensitve data.

Design data storage for Erasure

  • The best way to setup the framework for clean data removal is to label data when it is created.
  • Create a Data Sensitivity Classification Matrix.
  • The nature of the data should guide multiple decisions: How data is handled, where is it stored, on what devices and in what ways is it made available, and ending with how it is expunged.
  • Based on what data the media has been carrying, you also need a policy on whether this storage medium gets reused, recycled or even in extreme cases destroyed permanently.

Make it easy to decide

  • Setup easy to understand guidelines for criteria for labelling data and categorizing the security level. Draw inspiration from the Guidelines for Media Sanitization from NIST.
  • Ensure that your operations and processes can identify and carry out the necessary steps – based on whether it should be cleared, purged or destroyed after the storage media reaches the end of its lifecycle or exchanges hands?
  • Go beyond the devices that you control – look into your BYOD approach to decide what services you will make available.

Verify and leave an Audit Trail

  • If you are in a conversation with your data storage provider, guide your provider so that he understands your purging processes, what actions are required and what triggers these actions. Build this into the Statement of Work; it is not enough to add an Addendum in the contract with your data security guidelines.
  • Your erasure methodologies should leave a paper trail that documents all the actions as per the erasure guidelines.
  • An additional spot check periodically by an auditing department will additionally ensure that such erasure guidelines are being kept.

In a world with constantly increasing data being created and stored in myriad storage mediums, media sanitization is critical and unfortunately neglected. Early actions that you can take now to fix such potential leaks will go a long way in ensuring that your data sensitivity needs are covered.

Have you taken care of your Media Sanitization requirements?


photo credit: inf3ktion via photopin cc

How to run your IT like a business using Service Levels

There is growing interest in running IT like a business. Internal IT departments are competing against alternative services (a.k.a. Shadow IT) and are under pressure from growing expectations due to what the industry calls consumerization of IT. IT leaders across organizations are stepping up their act to go from an internal operations to fill the shoes of an IT department that is increasingly becoming part of the overall business.

In this new world, an internal IT department is being forced to cast away its traditional mode of operation, and compete and position itself in this new IT marketplace.

The new role of IT

Positioned between the Business and the Service Providers, IT has the opportunity to carve out a new role for itself – based on an orchestration of internal and external IT services. In doing so, it should be careful not to turn into “just an administrative interface”.  It should rather leverage its position.

Using Service Levels to run IT like a business

Using Service Levels to run IT like a business

IT should now focus on:

Creating Value: The new IT thinks differently – it does not necessarily think “profit” but it thinks business. It seeks to understand the intricacies of the business, and then analyses how IT forms a part of the business delivery chain. In doing so, IT shows the business how its service offerings are relevant. IT tracks technology trends and translates these trends into a concrete service offering that makes sense for business. In doing so, it takes make vs. buy decisions. It chooses to procure commodity services, or even partner with innovative providers for co-creation. The role it always retains is “driving the business relevance of IT”.

Integrating Services: IT goes from operating traditional technology silos to a service integration and orchestration. It converts rigid capital costs into flexible operating costs.. It decides how the regulatory compliance laws and guidelines of the business are translated into its IT hosting strategy (internal and external). In doing so, it translates its understanding of how IT intermeshes with business into a modularization of its service landscape. It fills the nooks and cracks in between the services it procures (esp. external providers) to offer a smooth integration.

Optimizing Operations: IT differentiates between core tasks where it is crucial that IT plays a leading role and commodity tasks and services that can be procured. It shifts its attention from solving incidents and tickets to enterprise strategy. It focuses on measuring the impact of its service integration instead of performing the individual commodity services.

IT should go now step beyond just doing the above – the charm lies in being able to demonstrate it quantitatively. This is where Service Levels come in.

Can Service Levels help in positioning?

The art of designing service levels lies in the context of the interface that you are managing – whether this is an interface towards your service providers, or towards your end client.

Start the Value Conversation towards your End Client / Business through a Service Level discussion by following these three steps:

1. First help your client understand the service you offer in terms of Service Levels.
2. Then, together design Service Level Objectives that aid their decision-making,
3. And finally, aid them in fixing service level targets that they can afford.

More about these three steps in “Three Steps to Demonstrate the Value of your IT service“.

Design your service orchestration layer and manage your service provider interfaces by asking very different questions. Irrespective of whether you are measuring service levels with your provider, or setting operating level agreements with adjacent departments, the questions that you should ask are:
a) Can you use these measures to control and manage your delivery landscape?
b) Can the levels that you have set for yourself be attained?
c) Are you able to measure these service levels properly?

More about these three questions in “Are you using the right measures to control your operation?“.

After a detailed appraisal of your operations and strategy using the above, concrete Service Levels will help you as an internal IT department to compete and differentiate yourself in this new IT market place.

Are you facing pressure to demonstrate the value of your IT services internally? Are you facing the constant threat of “Shadow IT”? Have you ever thought of using Service Levels to position yourself?

Wordpress SEO Plugin by Wordpress SEO Plugin