A while back I wrote a blog just mentioning
devops, and what a sensible idea it seemed – certainly the word ‘devops’ hit
some bells and I got 3 times my normal hits in the first day. At the beginning
of this year (2012 in case you got here late) I wrote a blog inspired by a
discussion with a TOGAF fan; I felt we in parts of the IT world need to talk to
our neighbours a lot more.
I was reminded of these by seeing several
devops write-ups recently (separate articles in itSMF UK and US
magazines in the same month). Both are encouraging and make the unavoidable
point: what devops suggests as a matter of principle is clearly something to
be supported like the proverbial apple pie. It is just so obvious, it has to be right - why would
you not use the people who built and know a new piece of software (or anything
else for that matter) to get it in place and working, and as first point of
call should anything not work as expected?
Both articles argue that ITSM people should embrace
the ideas rather than rush to defend their empires. Devops is not the only
example, but it seems to me that what we might be faced with is set of
driven from disparate firm foundations in our vast ocean of IT
In fact the commonality between the
approaches is massive, especially once you get past a temptation to overly
rigorous application. It amazes me that the same IT people who would never
dream of reading the instructions before using their new technology toys insist
on applying every word of best practice.
If you want an example of how ITIL®
overlaps the base devops concept look at section 6.7, page 236 of Stuart
Rance’s Service Transition book in ITIL 2011.
The point I really wanted to make is that
we need to get above the point of origin and see identification, creation
delivery and operation of service as the real goal and the subject of some
integrated guidance. Everything we have so far shows its origins.
- ITIL comes from operations, for all its gallant attempts to
preach service strategy it is not really getting to the people who
should be doing so because they originate from other parts of IT/business
- Devops is coming from the development community and so
reflects their take on life. Things
like OSLC that will help smooth some of the boundaries are also being
pitched – so far – from the development side
- All of the stuff that I see is coming out of parts of IT, when
to me IT is only a part (albeit a big and important part most times).
I started my career helping organisations
establish and improve services, I got sidetracked into IT and oft-times I miss
that bigger image. I still find it hard to think only of IT aspects and
solutions, but I find I am often talking with people – suppliers and customers
– who are content to be restricted to IT aspects.
In the short term I think what we need is
more selling of the neighbour’s ideas. I want to see devops being evangelised
by someone from the ITSM community, and we need the converse too. Otherwise it
can feel like the recommendations for apple pie are coming exclusively from the
apple marketing board; doesn’t mean they are wrong but they can less than convincing, especially to a cynical audience or to one that has something they feel they must defend. Maybe I have stumbled onto my
subject for next year’s conferences – anyone interested in inviting me?
As I began to read through the press release about IBM's new initiatives to help Managed Service Providers (MSP's)
in the cloud space, it suddenly struck me - this is a great opportunity for ALL parties involved.
For MSP's, IBM is providing a bundle of services and support in the way of marketing skills, technical expertise and financing options. On the marketing side, MSP's will have the ability to better target their customers and generate demand for their services through IBM education that includes topics such as developing effective marketing plans and exploiting the burgeoning social media space. Additionally, MSP's can sell IBM SmartCloud services under their own brand names. On the technical side, MSP's will have access to four new "Centers of Excellence" (located in China, Japan, Germany; and New York City) where they can collaborate with IBM technical experts to build their cloud services, and connect with other IBM ISV's. In terms of funding their efforts, IBM announced a financing offer
which includes 12-month, 0% loans for IBM Systems, Storage and Software, and allows MSP's to defer payments for up to 90 days.
For end-users in the SMB space who often lack the necessary IT skills, this is a great opportunity to leverage local technology providers and take advantage of a cost effective "pay-as-you-go" model that cloud computing affords them. In addition, end-users will have the confidence of knowing that the services provided were built on an IBM platform.
Finally, for IBM, this is a great opportunity to expand its cloud ecosystem, and leverage the growing population of MSP's, who are continuing to gain traction in the cloud computing space for SMB's.
Here's the link where MSP's can go to sign up
I went to an itSMF UK
meeting last week. I haven’t managed to get to our local meeting for a while
and I found I was being introduced to new members as someone who has been
around ‘since the beginning of ITL’.
Now that kind of thing, apart from making
me feel old (which is, admittedly, a fair enough feeling at my age) also made
me look back and think on where we (the ITIL community) have come from and
where we are now.
The first thing that occurs to me in
thinking back to the early days of ITIL is that we now find ourselves in a
place that none of us imagined we would. Don’t get me wrong, the original
inventors and drivers of the
ITIL idea were not short on confidence or vision, nor in seeing the benefits
that documenting this aspect of best practice would bring. But I suspect that
world domination of this industry sector by the word ‘ITIL’ was beyond even
their best possible visions.
The key to the expansion of ITIL was that
it quickly became about more than just the books. The ITIL advertising leaflets
produced in the mid 90s coined the term ‘ITIL philosophy’ to represent this
scope of ITIL. I suppose I should confess that I invented that phrase
and also the diagram that went with it – a version from about 1997 is shown
here. The accompanying words suggested that, even back then, less than 1% of
‘ITIL-related sales’ were about the actual ITIL books, and the rest were
The fact that I couldn’t even hazard a
guess at what that percentage might be today indicates a few, pretty
- When I was writing those things in 1996-1998, I felt I could
pretty much ‘take-in’ what was going on related to ITIL, and even know
most of the people developing and delivering new ideas. Nowadays no-one
can honestly claim to be able to do that.
- What is ‘ITIL-related’ has become a much more debatable
concept. Whatever its faults might have been (and there were many) ITIL
was just about alone in its market space. The initiatives kicked-off by
ITIL have spawned fellow travellers, such as COBIT, ISO20000 and others.
The fact that I could easily start a long running – and probably vitriolic
– debate on
the social media pages by asserting which are and which are not ITIL
derived, ITIL alternatives etc indicates that this is now a loosely
bounded region. That makes any assessment of its scale, scope and success
Some other things have changed too.
Nowadays the maturity of the ITIL ideas
means most players are focused on market share rather than growing the sector
itself. That means more competition than there used to be. Nonetheless there
are still lots of examples of that collaboration still easily found. Probably
the best example is the ‘Back2ITSM’ facebook group – a place where free advice,
constructive debate and openly shared thoughts are still the norm.
The itSMF was born in 1991, and played –
probably – the major coordinating role is promoting the idea, importance and
approaches of service management. Like ITIL, itSMF predates the term ‘service management’,
having started as the ITIMF. Even here we have seen a lot more competition
during the last third of its lifetime: both competition from other community
organisations and also considerable internal competition. I hope itSMF will
evolve form this to carry on delivering benefit to its members. I am a bit too
frightened to work out what percentage of my time has been given to itSMF over
the last 17 years – or at least frightened what my employers over that period
might think. But that commitment does make me wish hard for its future health.
So, looking back should makes us appreciate
where we are now – nostalgia can be deceptive for usually the past wasn’t
better; because progress is exactly that – going forward and getting more. And
wherever ITIL is now, IT Service management has come a wondrous way in the last
20 years. Global technology changes have made a difference to that journey;
we’ve seen personal computing and the internet make all but unbelievable levels
of change. We may well see Cloud do the same; personally I think cloud might do
that by freeing us from some of the technical baggage and letting us see and
address real service management issues, without the obfuscation of technology
issues or the opportunity to hide behind them any more.
We’ve seen a move from books being the
go-to source of wisdom when ITIL started to an amazing range of information
sources. Nowadays your typical service management will expect their influences
to come via social media, electronically delivered white papers and the like.
Interestingly, in many cases, they would also expect them to come for free, and
that throws a real challenge on the thought leadership business. If ITIL 4 ever
happens I think it will be a radically different entity from versions1-3.
Where I want to see ITSM going is towards
SM. IT is now so pervasive that it is everywhere, which to me means that ITSM
cannot be a subsection of overall SM anymore because it logically applies to
everything, since all services now depend on IT. Nevertheless, IT has treated
SM well, and – after some effort –has taken it seriously. I hope those lessons
will work their way into broader adoption and we will see an improved – and
critically an integrated – approach to service management across enterprises
because of that. I am driven to optimism in this (not my natural state you
understand so it is noteworthy) by the fact that, alongside this blog, I am
involved just in this same month in a webinar and an article for IBM’s SMIA
series on the idea that IT is now spreading its ideas – and delivering its
technology and specifically its evolved software solutions – to the broader
I wonder what we will be saying in another
20 years looking back – maybe ITIL will survive another 20 years, maybe not,
but I am certain service management will progress and improve.
I recently discovered ANOTHER great resource for IBM Business Partners. The IBM "Ready To Execute" initiative, which was originally launched internally to improve the quality of our marketing campaigns and drive higher quality leads, has been extended to Business Partners. In a nutshell, Ready to Execute is a web-based model that provides the foundation and all the elements for launching an effective marketing campaign, including multi-touch e-mails, telemarketing scripts, digital strategies, and compelling offers.
As I began researching all the specifics of the program for our Business Partners, I stumbled upon a blog post
from one of my colleagues in Software Group, Jacqi Levy, who has done a fabulous job of summarizing the benefits of the program, as well as providing a great overview on how Business Partners can get started on launching a campaign. Nicely done, Jacqi!
Today we trust computers – literally and
unconsciously with our very lives. I was reflecting on this level of trust when
I got £50 of cash out from my local ATM and declined the offer of a receipt.
Seems I now have total faith the computer systems will ‘get it right’. I’ve
come a long way from keeping all my own cheque books to cross check against
later bank statements.
Now, combining that faith with a little
healthy British cynicism, and triggered by watching the Olympics tennis finals on
TV, a mischievous but irresistible thought came to my mind.
It used to be that when a ball hit the
ground near the line we relied on the human eye to say whether it was ‘in’ or
‘out’. That caused disagreements and discussion – and - in tennis often -
sulking, swearing and the full range of petulant behaviour.
Nowadays that is all replaced by
referencing the technology. When there is doubt – or one of the players
questions a call - then we simply ask the computers. What we get then is a neat
little picture representing the appropriate lines on the court and a blob
showing where the ball had hit. So, problem solved: disappointment still for
one player but, so it seems, total acceptance that the computer is right. After
all it is an expensive system working away inside a very expensive box – must
be right, mustn’t it. Or to put it another way ‘computer says in’, who would
But what occurred to me is this. All we can
actually see is some boxes around the court, and a stylised display with a blob
on it. That could be delivered by one person with a tablet showing the court
lines and them touching the screen where they think it landed. Very cheap and
still solves all the arguments because – naturally – everyone trusts technology
Now – of course, and before anyone calls
their lawyers – I am not suggesting for the merest moment that there is the
slightest possibility of such a thing happening. But it’s fun to think it might
be possible. There is little public awareness of what accuracy the system – and
here I presume it does really exist – works to. If you dig around on the web
you can find out (the answer by the way for tennis is 3.6mm). You also find out
there is some very minor grumbling and questioning going on. But that seem at
geek level – in everyday use the audience stands instantly convinced.
So, thinking it through there are a couple
of interesting consequences to real IT life:
- Once you realise that trust depends on quality of presentation
at least as much as on accuracy, should you focus more on that? Certainly
you have to take presentation seriously, because the corollary is that if you
deliver perfection but don’t make it look good, then no-one will believe
it even though you are right.
- Whose responsibility is it to check – and is it even possible? I
suspect this discussion will take us into the territory of ‘governance’. But
even before we get there it implies that User Acceptance Testing needs to
do more than look at things. Of course yours does, doesn’t it?
I guess my big issue is to wonder how
comfortable we are – as the deliverers of the technological solutions for our
customers – and especially our users - to have such blind faith. Of course,
people being the irrational things they undoubtedly are, that blind faith in
the detail is often accompanied by a cynical disregard for overall competence –
think faith in ATMs and on-line bank account figures with the apparent level of
trust in the banking industry as a whole.
As a little codicil to the story, I registered
with anew doctor yesterday – the nurse asked me questions, took blood pressure
etc and loaded all the data she collected into a computer. The system was
clearly ancient, with a display synthesising what you typically got on a DOS3.0
system. First thought: ‘OMG why are they using such old software, that can’t be
good? Second thought: ‘They’ve obviously been using it for years, so they
really understand it, have ironed out all the bugs and it does what they need. It
ain’t broke so they aren’t fixing it’. But my instinctive reaction of suspicion
of it for not being pretty was there and I had to consciously correct myself.
Would you as a service provider prefer more
questioning of what you package up and present to your customers and users, or
are you happy to have that faith? My own view is that the more blind faith they
have in you, the more the retribution will hurt if things do go wrong. Or
perhaps that’s just me being cynical again?
I’ve had a recent burst of situations where things just seem to be difficult for no obvious reason, and maybe that has made me even more cynical than usual - yes, it is, just about, possible. My first assumption – of course – is that these are yet more examples of bad service management. Each is one more case of services not being matched to customer requirements, but then maybe a sneaking suspicion creeps in: are they really deliberately designed to deliver what the real customer wants, rather than the apparent one (or user as ITIL might call them).
Of course we have all experienced this to some extent: the complaints department that is very hard to contact, with a premium rate phone number and an interminable set of IVR choices before you can get anywhere near a real person – all costing you £1.75 a minute to listen to. Typically we give up in disgust just after we have spent more on the phone call than we spent on the product we are trying to complain about. While the first thought is that the supplier hasn’t thought through how they need to be contactable, second thought makes you realise that they don't want people being able to complain easily. And if you have an angry customer who is unlikely to buy more from you, then you might as well make what money you can out of them calling you to complain and tell you they won’t buy any more. So maybe this is actually clever design – to meet the primary customer’s requirement?
Sometimes you just aren’t sure – I was also watching someone applying for a visa – for a well known country in North America. It reminded me very much of the classic customer complaints system I just outlined. Rather confusing instructions, no web-based option to book an appointment – only telephone at £1.23 per minute (plus ‘network extras’ whatever they might be), and then surprise, surprise a computerised voice – talking slowly - offers you some options. Appointments are issued, it seems ‘en block’ and you are warned you must queue outside, whatever the weather. Oh, and no mobile phones or any other electrical items can be taken into the building, and, no, there is no facility to leave them anywhere safe while you go in.
So, is this bad service build, or is it carefully designed to reduce the number of applicants? After all, the people who need visa are – by and large – from less affluent countries, and won’t spend that much when they get there. Could be the whole service was carefully designed to discourage.
Now I suspect the real truth is a perfectly justifiable need for security and a sensible imperative to reduce costs. But it does perhaps make you realise that it is oh so easy to get sidetracked and judge things only by what are actually the second level measures and deliverables, rather than being sure we tie everything back to our organisation’s overall visions and objectives.
It is not always as easy as it sounds – especially in large companies where day-to-day operations can be a long way from corporate targets. For example, focusing on selling widgets that work, continue to work and get fixed quickly should they fail means that you probably just focus on ensuring your direct customers are happy widgetters. Yet if the profit margin on widgets is low, the market difficult and competitive and your widgets do tend to break more often than other manufacturers’…well then the best contribution to your corporate objective of maximising shareholder return is, quite correctly, to get out of supplying widgets altogether. Even if that means abandoning your long time faithful widget customers, well, if you have got your overall prime objective right, then abandoning them is right for the company.
We see the same thing with internal services, is that travel booking service there to make it easier for you to spend the company money on travel, or is it there to make sure you only go through with it if you really need to go? If reducing costs is what the owners of that service want, then ease of use is a bad thing.
Secretly though, I suspect a lot of bad service really is just that. But – it can be a fun game to play next time you get bad service. Is it really bad, or is it targeted to drive you away because that’s what they want? Is it hard to buy something because of incompetence or because the profit margin is too low?
Next time you get awful service, maybe it is worth congratulating the service provider about their commitment to higher objectives, maybe even ask them if they would be so kind as to tell you the corporate objectives they are rigorously pursuing; so you can write to their CEO and congratulate them too on how well their staff strives to reduce unhelpful customer satisfaction. Or then again, they may not be so pleased to hear from you after all, and just leave you with an expensive IVR system to listen to.
In my quest to identify valuable resources for IBM Business Partners, I came across another excellent one.
The "2012 Co-Marketing Guide for IBM Business Partners"
is an online, user-friendly guide that looks and reads like a small spiral notebook. The color coded tabs make it extremely easy to navigate through the topics which include co-marketing programs, assets, incentives, sales plays, and solutions. The guide has dozens of hotlinks which point to PartnerWorld web pages, and is also a great conduit to funnel users to the new "Co-Marketing Center"
where they can create and design their own customized "Ready to Execute" campaigns.
As a staunch advocate of content consolidation and "one-stop-shop" repositories, I highly recommend this new resource
, and would encourage you to view the many other resources that are available on the PartnerWorld SMB web page.
How would you feel, as manager in your
company’s IT department, when the marketing people specified, commissioned and
developed an IT application for their needs?
I was driven to ask this question by several ‘customer surveys’ that I have seen come out of the IT departments. An extract from my very favourite is shown here, which while it demonstrates admirable self-confidence it is perhaps not the perfect basis for objective assessment.
It just seems strange to me that an
industry built entirely upon providing specialist expertise to allow others to
deliver their jobs doesn't always feel the need to get specialist advice
Now, personally, I do believe I know at
least as much about building, delivering and analysing surveys as I do about
technology application. But that is mostly because I know so little about
technology. In both situations I would always welcome expert advice if I need
to get something right.
Even IT listens to the CFO’s people when it
comes to costs and accounting, yet many have potential access to significant
expertise in their marketing people that goes untapped.
This feels important to me simply because
of the all the bad surveying we still see. I suspect that availability of free
services like Survey Monkey leads us to build and do surveys without any real
planning, and without thinking through how we might analyse and use the results
when we have them. Basically a good example of reducing the ‘Plan-Do-Check-Act’
cycle down to ‘Do’ - speedy and economic but not usually very effective.
As for the confusion and the wrong results
taken from unrepresentative samples …
For simple, but telling, examples think
about how many ‘customer survey’ results you have seen where in fact it is only
users who have been addressed. It is an important thing, user satisfaction, but
it isn’t customer satisfaction and we need to find out both and act accordingly
on what we find. For example if you have 100% perfect user satisfaction, then
the odds are your customers will think they are spending too much. And you will
frequently see a mix of customers and users asked questions that are not really
targeted at all, just asked because they can. This is often based on the –
misplaced – belief that the more people you ask, then the more accurate the
answer, ignoring the whole ‘sample selection process’.
Take a classic ITSM example, where a
support unit routinely sends questionnaires to those who have made use of the
service desk. This, of course, gives you a satisfaction result amongst those
who have had sufficient problems to make them phone for help. Might you expect
a rather lower score from these people than the ones who have been working
quite happily without the need for support.
We know we need to care more and more about
understanding what our customers – and users and other stakeholders – want and
need. We also need to understand it is not always an easy task to find that
out. There is a whole professional specialism out there that delivers this
service – as service providers ourselves, proud of our professional expertise,
should we recognise that more – and take some better advice before we ‘knock
something up to measure satisfaction?
Maybe you do consult with your internal
experts if you have them, or maybe you buy in expertise. It would be good to
hear if you do.
People seem to like a thing to be right or
wrong. Yet the older I get the more it seems to me that very few things are
totally right, and that there is rarely only one right answer to real
I was driven to these thoughts by a really good
posting on Back2ITSM from Stephen Mann about Spiderman and the Avengers. He was
concerned with things that change over time and the danger of being out of date
and therefore no longer correct. You
should read that posting – in fact if you are interested in service management
you should get already be looking at this facebook group – very much the place
Anyway, I am not going to repeat Stephen’s
words here – rather I want to follow a tangential aspect of right and wrong
that his posting triggered in my mind.
It’s just that I don’t think that right is
always an appropriate idea, and I think too many people in service management
think there is a right answer to every question. Actually, truth be told, if I
risk making it way too clear that I am a grumpy old man, then I think there is
far too much expectation of there being a right answer in most aspects of
I don’t know if commitment to that concept of
‘one right way’ is something that we are born with or something we teach our
children. I suspect the latter; certainly it is there at an early age. I recall discussions with my girls about
nursery rhymes. Several versions are around – different recordings,
publications etc inevitably with slightly different words in them. All of my
girls wanted to know which one was the ‘right’ version – certain in their own
minds that one of them must be right, and the others therefore wrong.
The more data and information we ‘enjoy access
to’, then the less chance there is of any one set being ‘right’. I have even heard as an explanation that we
now live in a scientific age – that older attitudes to life were less precise.
And yet I was taught – as a science student – that a solution is right for its
context not necessarily in an absolute sense. I recall one electronics lesson
that has always stuck in my mind and served my in very good stead in my working
life, across a whole range of service management – especially in measurement.
It hinged on the lecturer going through the
week’s assignment which involved working out the effective resistance of several
configurations of components. We had all
(and I mean all, from the clever geeks, to the lazy ones like me) worked it out
using the given resistances of each element in a frighteningly complicated
configuration, and come up with a precise effective value for the combination.
The lecturer drew it on the board, then proceeded to wipe out most elements as ‘not significant’
– left about three components and did the calculation in seconds. We all screamed ‘cheat’! He laughed, reminded
us that the stated resistance of the components is given as ±10%, so there was no point in taking
seriously anything that wouldn’t affect the answer by more than a few percent.
I spoke with the lecturer afterwards and he
admitted they did the same exercise every year to get that very point across.
The right answer is one that fits the circumstances, be that imprecise measures,
limited time, lack of profile with management or whatever situation you
establish you are in.
That lesson about being right enough for the
job is one we are losing with modern technology giving us an answer to
ridiculous precision from input that is
often little more than a guess.
That principle of knowing what is needed before
you deliver is – of course – far more universally true than just being about
measurement. But it is easily forgotten in an age that often delivers more
answers than questions.
For most of last week I was attending and –
I hope – contributing to itSMF’s international publishing meeting. This was
held in Warsaw
in beautiful spring weather, while
was being blasted by wind and rain. That was nice but nowhere the most
important or most pleasurable thing that the week had to offer.
Now, first a little background, just in case
there is anyone who does not know what the itSMF is. The letters stand for IT
Service Management Forum – and that sums it up quite well: a place for those
interested in ITSM to talk, learn, teach, compare and discuss. Part of that communication
naturally involves publication – and our group focuses on that – from reviewing
others’ books through translation and dissemination to encouraging authoring
and publishing books. Crucial to its attitudes and success, itSMF is a
non-profit organisation, owned by its members.
OK, as you may imagine it is – as well as serious
working meeting – a chance to catch up with friends and colleagues of the ITSM
global village. And the active ITSM community really is like a village, except
that it spread across some 50 countries – we have all the relationships that
you would expect: friends, enemies and lots in between.
All of us have our day jobs, many of us
working for cut-throat competitors but that all gets set aside and we settle
back into our ‘all in this together’ mode. One of things that I came back from Warsaw thinking about was
that different set of attitudes we have while focused on itSMF business. Some
of that rests upon the different nature of not for profit organisations – at least
compared to the more usual owned by shareholder companies. It is hard sometimes
to make the switch, but a good lesson for anyone in the service management business
to realise the differences that do exist. Probably the best description I know
is this one: ‘Commercial companies need to do things to in order to make money;
not-for-profit organisations need to make money in order to do things’.
That makes the non-profit member owned
organisations a lot like government – and like governments today we are strapped
for cash. These are hard times and no-one has much in the way of spare money.
But we still strive to fight against what would be a sensible approach for an
organisation focused on shareholder value. We still need to deliver what the ‘right
things’. From our publishing perspective it would be tempting to look only at
safe books – rearranging established best practice into easier, shorter or
simpler reads. Instead though, everyone at our meeting sees that we need a
focus on innovation and stretching our industry.
Of course we need to be financially successful
with enough of our projects, and we have work to do on building a firm base to
take ourselves – and our industry – forwards. But I am proud that the books we
have already managed to publish contain real industry innovations and new
perspectives – both on service management as you would expect but also into wider
topics such as organisational change.
So, I came back feeling the need to write
down how much work people put in – for nothing – last week. I’m not claiming I did
that much, but lots of work was put in, and even more commitments made to keep
the momentum going and I felt that it was a few day’s work I was proud to have
been a part of and an effort worth recording
here. In some later blogs I might relate more about other aspects of the trip - like using budget airlines and the change in perspective of value that goes with that.
So – please go read about what we have
already managed (6 books published, quarterly magazine, whitepaper competition
etc.). You can find out about the books are – and read the magazines for free
by going to http://www.itsmfi.org/content/publications.
If that gets you interested in how you can get your ideas written up and out
there then get in touch. My portfolio responsibility is ‘Authoring’, so I would
love to hear from you. We are keen to find new authors, for whitepapers, books
or articles – and happy to offer any level of support you might need – from
final review through mentoring and even to co-authoring or ghost writing.
By my next blog, I will be back in successful
company mode, but it is good to remember that the commercial companies also
live in and benefit from the wider community. It is good to see that being
recognised through sponsorship and support. IBM sponsored the meeting last year - this time we had support from TSO and BTC. massive thanks to those companies. With more support next year we should have more people and achieve even more.
The final day of Infosec has now finished and what a fantastic event it has been. We had a total of NINE excellent sessions and many many great conversations with attendees wanting to know more about IBMs wide range of security solutions. We also made two new security product announcements at the show – for more details go to the press room on the IBM website here - http://ibm.co/Ii9Nfm
We had one session in the technical theatre today, given by Robert Freeman on IBM XFORCE cyber security threat landscape. The session was very well attended, with over ninety people in the room as well as it being live streamed into conference hall.
Robert began the talk by explaining the IBMs X-Force team mission, giving some great stats around the analysis they do. For more information on this and to download the report etc please see below.
Robert then explained how IBM viewed 2011 as the year of security breach. He gave examples of notable security breaches during the last twelve months, including some of the high profile ones we have all seen in the national press. These included SQL injection attacks against web servers, URL tampering, shell command injection attacks, SSH brute force activity, and phishing based malware distribution and click fraud - which is back up to where it was in early 2008.
As had been mentioned in other IBM sessions, Robert spoke about the decline seen in web app vulnerabilities - a decline of 8% from 2011 and the lowest it's been since 2005. He also talked about how there are now much better patching policies due to pressure from public at large and he predicted there will be continued investment in this.
Robert closed the session by talking about the security challenges emerging in the emerging areas of cloud and mobile. Smartphones and tablets are ever increasingly being brought into the workplace and attackers are finally warming to the opportunities these devices represent. Unfortunately 3rd party apps can lack secure permission coding etc leaving them vulnerable to attacks. He finished by talking about some of the high profile cloud breaches which are affecting known organisations and large amounts of customers. Good Cloud security requires cloud appropriate workloads, a flexible provider and effective due defence on part of the customer.
If anyone is ingesting in learning more about IBMs many security solutions, then please register for our Pulse Comes to You event in London on the 30th May here - http://ibm.co/JgmnZD
If you can't attend the event then follow me on @Rswindell or @IBMPulse, as I will be posting updates through out the day. I will also be blogging here both pre and post the event.
Please follow @IBMSecurity for more information specifically on our security events, news, collateral and more.
If you attended the event, I hope you enjoyed it as much as I did. See you next year!!
No trouble spotting the biggest news in
service management this week – with COBIT 5 available. I guess with both ITIL
and COBIT having released new versions over the last 12 months, that should
tell us something about the SM industry. Mostly, I think it tells us that as a
concept and topic to take seriously, service management is not going away any
But I suspect we might reading more in the
next few weeks of the ‘should I do ITIL or COBIT’ type of question. That’s a
shame, because it is still not a sensible question. Both ITIL and COBIT are
expanding their scope of course and that means more and more overlap, but I
can’t – admittedly after quick glance through only –see where any real
Of course COBIT is still a product of ISACA
and it builds upon a philosophy of control and governance. ITIL initially came from
a team set up to advise on approach rather than massive detail and that still
shows even in the 2011 version I think. And I do still believe any serious SM
profession would have both on their (electronic) bookshelf, the way a good cook
will have books by more than one cookery author on their kitchen bookshelf.
Analysing the content, requirements and
fine print can come later – and will open us up to all sorts of interpretation
and contextual adjustment. But some things hit you straight away. The core
COBIT product is available for free and takes up 685k of pdf file. The core
ITIL books cost around £300, weigh five kilos and/or take up 77.4MB of my hard
drive inside a fancy secure Adobe reader to make sure I don't pass them on to anyone
who hasn’t paid their £300. Now I know that there are lots more books around
the COBIT 5 core than give you more detail – and ISACA charges for those - but
still I must confess to liking the idea of free entry to the gig even if it
doesn’t get you that near the stage.
Putting a positive spin on the size
differential and the lack of real conflict, you can see that it shows how the
two products can be seen as complementary: COBIT’s distillation of what should
be done and structure with ITIL’s more wordy guidance.
And COBIT’s heritage shows through with several
pages on maturity assessment – great stuff for the ‘give me a number’ crew.
But maybe the most encouraging thing is the
differences that exist – the pretty clear realisation that frameworks aren’t competition
but different perspectives. Everyone in this business is really concentrating
on helping each other get better at delivering value to the customer. COBIT 5
will help so this is a good week.
Now all I need is a long flight somewhere to
give me peace and quiet to read it carefully.
Yesterday I was lucky enough to attend the UK launch of IBMs new
PureSystems & was involved in the Social Media taking place on the day. IBM
had announced the new system the day before, & a live webinar was held at
7pm GMT. This blog is slightly longer than my usual ones, but it was just such
an interesting day that I wanted to share all of my learning.
The UK launch event was extremely well attended, with every seat
in the auditorium filled. It was kicked off by Stephen Leonard, Chief Executive,
IBM UK, discussing the agenda for the morning & introducing the WW experts
that would be presenting a deeper dive of PureSystems later in the day.
Stephen spoke about the “New Era of Computing”, & the
emergence of a “number of phenomena” which are changing the world we live in.
Driving this change are the globalisation & digitalisation of the world.
This “digitalisation of the world gives us an opportunity to look at the
systems that make the world work in a different way”. Stephen continued to talk
about how, in computing terms, the traditional views of back & front office
tasks are no longer valid, & these two components are merging, it is now
difficult to see a real split.
He then talked about the shifting world of IT, & how it must be leveraged
to get the best business value. As IT
moves to the strategic centre of business the model must shift to smarter
computing, traditional models have to change, as they lack agility &
responsiveness. Smarter Computing means expertise have to be built into these
systems, not just into the individuals that run them, the systems need to be
able to predict what is going to occur.
Stephen then took the audience through two reports, one Forrester &
one IBM, both of which had some really interesting statistics. He summarised
the Forrester report by saying that the “realities of what businesses can
afford today, are far from what they require”. The IBM report did show though that only one
in five companies have broken the mould, & are using half of their budget
on IT innovation, meaning they can use advance technologies better than others,
& deploy new solutions & technologies a lot faster than others.
Stephen then introduced IBMs new breed of system, which HAD the
expertise built in, from 100000s of deployments all over world & coding
them into one system, meaning the system does it for you, so you can release
experts to the innovation of your IT. This is integrated by design, with all
the components tightly connection through engineering & NOT packaging. Finally,
the experience is simplified; expertise is consolidated into a single interface
& having only one number to call when you have an issue!
boxes were then unveiled by Tom Rosamilia (VP of Corporate Strategy) &
Marie Wieck (GM Application & Integration Middleware) to a rapturous
applause from the audience. Tom then took the audience through the first member
of the family – PureFlex – which is the base for PureApplications. He did a deeper dive into the components
Stephen had mentioned - about the built in expertise, the simplified experience
& the integration by design. Tom included some real client examples from a
bank, a manufacturing company, a retailer & a managed services company &
their forecasted savings, such as $2.6M savings in systems & OPEX costs,
$3.8M in software savings, 1 day or less to deploy new service which used to be
seven days & $2.8M lower IT costs.
Tom then took that audience through the anatomy of the new
systems, showing how it included one system for compute storage & systems
networking, a 4 chassis per rack scalable up to four racks, support for apps
across four operating environments & a secure start up for both physical &
virtual environments. Tom concluded his session included a demo of what he
termed a “four click deploy”.
Marie Wieck next took the audience through the other new member of the family –
the PureApplication System, & through how this new platform system is
“expert at optimally deploying & running apps in real time”. She talked
about how clients often struggle to “overcome barriers of time, cost &
risk”, & discussed the top causes for these project delays. Marie explained
to the audience how during the development of PureSystems, IBM wanted to look
at all aspects, including the management & the middleware, so clients can get
immediate benefit across the complete solution stack across the enterprise. Expertise
is built into the system, so best practice is capture from people who “deploy
the systems in complex environment & get them to scale”.
Marie went through a deeper dive of the three key components
mentioned by both Stephen & Tom, & how this was shown in the new
PureApplication system. This new systems will change buying patterns, you buy
it as if you would a piece of software, & can be up & running typically
within four hours (which was the target set to IBMs own development team). She
explained how the new system lets you capture your own expertise, add third
party apps of expertise & use IBM patterns of expertise throughout the
The panel session was led by Steven Leonard – & featured John
Schlesinger, Chief Enterprise Architect, Temenos, Philippe Forestier, Executive
Vice President, Global Affairs & Communities, Dassault Systems, Niall
Norton, CEO, Opennet, Simon Withers, Head of Product Development, SunGard &
George Thaw - Chief Operating Officer UKI – SAP. Each panel member introduced
themselves & gave their opinion on PureSystems & the difference it will
make to their business & customers. Niall even stating that this new system
was “the answer to our prayers”.
As part of the Social Media team, we were taking questions from
Twitter – from those in the room as well as watching on the live stream - for
the panel, using the #askstephen. We had several submitted & Stephen asked
two of these to the panel, who gave very extensive answers, which you can see
on the lives stream video recording now available (see link below).
After the main session, delegates were able to have one to one
meetings with IBM executives, giving them the opportunity to ask any questions &
give feedback on what they have heard & seen earlier on in the day.
This blog is simply my main take homes from the event. For much
more detail you should definitely watch the live stream video that was recorded
(it’s well worth an hour of your time) – please visit www.livestream.com/ibmuk or go to the new YouTube channel for various new videos – www.youtube.com/http://www.youtube.com/expertintegratedsys.
You can also follow @IBMPureSystems for worldwide updates on this
fantastic new offering from IBM. You can
read more blogs from the experts about Pure Systems here – http://expertintegratedsystemsblog.com/.
Please follow me on Twitter @RSwindell; to see updates from other
events I am involved in this year & beyond!
I was driving back from Heathrow on a recent Saturday – having gone there to collect a visitor. On the overhead information signs on the motorway was an illuminated warning sign. I had never seen this sign before, but immediately clear that this was warning me that there was an accident ahead. This exploration of graphics rather than words seems a very sensible step for a country that welcomes foreign visitors – and more so in the run up to the impending Olympics.
I have been (thanks to my work) to many countries. Some (like Brasil and Egypt) I would not dare to drive in, some (like China) I am not even allowed to drive in – but in many
I have rented cars and driven without significant mishap. But always when driving I am grateful for intuitive signage – and also very appreciative of the standard road signs across Europe. In fact it wasn’t till I got to Quebec and saw my first ‘Arête’ sign that I fully realised how much I had taken for granted the standardisation in road signs across the language range of Europe. (For those not familiar with European road signs – they say ‘Stop’ in all the EU countries, even France.)
The places I find it hardest to drive around are the ones that rely on long wordy description to convey messages to drivers. Now when this happens somewhere like Poland, I have no chance and just have to guess – or more often follow they guy in front and hope that they know what they are doing. But even in the US, where they seem committed to this kind of thing, where the language is similar to English, I find it very difficult to get the message quickly without being distracted. By the time I have read all the words I have often missed the chance to do what it was telling me.
The need for intuitive communication has been around for a long while – a great example of somewhere that has seen the need and met it well for many years is Amsterdam airport, as a transfer hub, it is specifically targeted at delivering services to the widest range of languages. Their use of intuitive graphics has been impressive for over 20 years. And of course it has to be because people transferring planes at Schipol do not have the opportunity to attend a training course on how to navigate the airport.
Nowadays that luxury of training people in how to use things is getting rarer and rarer – we have to be able to use things we have never seen before, most notably things appearing on our PCs when we use services over the internet. But also those PCs themselves and the services we use at work – I don't know the figure but it sure feels like there is much less user training than there used to be.
So – great to see the UK government getting on board with intuitive communication; surely as service managers we all need to think of how to get messages across to our customers and our users quickly and reliably. Oh, and cheaply too, your CFO will love the reduced need for training – and pretty soon are likely to be questioning the need for expensive training for something that doesn’t deliver immediate intuition.
We live – more and more – in a world where everything that matters can be done on line, where we see and hear better on screen than for real.
You can now take an active part in the world – and potentially run a successful business - without ever leaving your home, possibly without getting out of bed.
And even when we do turn up for real we spend a lot of our time watching things on a screen – be that the presenter or performer in a large hall or the action reply on the giant screens at a football match
You will have seen in the promotions and advertising, that the key presentations from IBM’s show-piece service management event – Pulse – running on 4-7 March in Las Vegas will be streamed live on the web to the warm and cosy comfort of your home.
Despite how easy and good the virtual feed of sessions, chat and information were, 7000 people did get out of their beds in 2011 to travel to Las Vegas and actually be at Pulse, just as thousands turn out weekly to watch football at the stadium when they might have had a better view of the action by staying at home. And even formula one motor racing gets sold out attendance when you can never hope to see much of the race in person compared to what the TV coverage offers.
It seems that there are still good reasons to actually be there – not to put down the value of connecting to the live web streams, but even in the 21st century, people learn from people. Pulse is a big and excellent example, but throughout our community we see conferences still being successful and drawing people together to share experiences in surroundings that the virtual world can’t quite match yet. As well as the formal sessions at conferences and events, the networking opportunities of being with others in similar circumstances delivers real benefits – comparing notes with our peers from across the world.
Technology is good – and joining conferences on line is way better than missing it altogether, but people-to-people still has a lot going for it. I’m looking forward to the combination – the atmosphere of really being there and mixing with everyone in the exhibition areas – and over a sociable beer or two at dinner. And of course the added value that streamed interviews and 'watch again on demand' that is available over the web.
This amalgam of real and virtual seems set to be the conference norm for a good few years still – 7000 people at pulse thought so last year, and thousands went to itSMF conferences around the world in 2011 too.
And Pulse is in Las Vegas of course – where could be more appropriate for the combination of real physical existence with technologically driven enhancement - a bit like Red Dwarf's famous 'better than life' game. J
Do you think virtuality will one day totally replace human gatherings? I guess eventually it might, but for now I intend to enjoy both at once and count myself lucky to be alive at the right time to do that.
You can find out all about Pulse – physical and virtual offerings at www.ibm.com/pulse.
See you there – for real, on line, facebook, twitter and more!