SEARCH

 

Potshots at cloud computing demonstrate necessary focus for enterprises

Posted At: August 24, 2010 4:24 PM | Posted By: David Rohde
Related Categories: Cloud Computing, Service Level Agreements, Security

I have good news about cloud computing: Everyone's criticizing it.

Here are just some of the headlines about cloud computing and virtualization that have appeared recently in my inbox from sources such as Network World, Webtorials and NoJitter:

-- Cloud computing: Reality vs. fiction

-- Virtualization: Not as simple as it sounds

-- Are your cloud services secure?

-- Cloud Computing: A Reality Check & Guide to Risk Mitigation

-- Businesses not sold on using public cloud for capacity

That's great stuff! No enterprise technology has ever prospered while it was being emptily hyped. Things only take off once the problems are aired.

One focus of all of this attention is obviously going to be security. (As it is with everything at first. It was a huge issue in the early days of MPLS because it was -- gulp! -- IP.) You'll see jumping-off points in one of the items above about cloud security to white papers, including from vendors like Cisco and Juniper. These papers often deal with the key issue of going beyond perimeters such as firewalls to the whole concept of borderless networks.

One issue, though, that tends not to get enough attention in any technology at first is the matter of Service Level Agreements. Sure, SLAs are often mentioned, and even headlined by vendors in their product announcements. But initial SLAs are often not measured correctly or meaningfully.

In new technology after new technology, we at TC2 and LB3 have seen repeated gaps and weaknesses in SLAs along similar lines. Classic problems include: 1) SLAs for service availability but not true network performance such as application response time; 2) vagueness in appropriate remedies; 3) overly broad definitions of maintenance windows that bump aside any SLA measurement; 4) requiring the customer to make its own notification of below-par performance to trigger the actual SLA measurement and any chance of enforcement.

Could you see these issues in such cloud computing arenas as "Software as a Service" and "Infrastructure as a Service"? We've begun discussing this at past editions of the CCMI Telecom Negotiation Conference, and it'll be a key focus at the upcoming meeting in San Diego.

SLAs as well as all of the issues referenced in these recent articles and e-newsletters are the necessary sort of discussion all enterprises must have as they explore cloud computing.

Trackbacks (0) | Send | del.icio.us | Digg It! | Linking Blogs | 33 Views

Negotiating around corporate mandates ... your own as well as your vendor's

Posted At: February 25, 2010 9:24 AM | Posted By: David Rohde
Related Categories: Security, Management, Leverage

How often has a carrier account manager conditioned a particular response to you around what he or she "can do" or "has to do" in light of corporate directives? Pretty often, I bet. Carriers find it convenient to tie the hands of their people in the field around various sourcing and operational requirements -- or at least let account teams give the impression that their hands are tied.

Keep that in mind the next time you're dealing with the mixed blessing of a corporate directive from your company. Obviously many telecom buyers are hearing demands from senior management for specific and immediate cost savings -- a double-edged sword that can lead to manipulation by carriers when these demands come out into the open. But you may also be dealing with a new set of additional mandates rooted in the pressure that companies feel to standardize the procurement function in today's economically stressed environment.

These mandates come under many names and cross the boundaries between sourcing and ongoing operations. You may have a "Supplier Governance" process that you have to instruct your carriers and equipment vendors to follow. There may be a set of "Procurement Compliance" procedures that you receive from higher-ups and must be satisfied. You may now even have a "Chief Procurement Officer" to deal with, to go along with the demands of CFOs and other top executives.

Even if you don't hear these terms in your company, you may be part of an over-arching IT organization with a steadily increasing diet of standard demands that alternately assist and hinder you in your job. Some companies even try to force standardized IT agreements onto the telecom process -- misunderstanding the unique structure of telecom agreements and making it more difficult to include critical, telecom-oriented terms and conditions.

Of course, IT organizations are also very concerned about data security, both in a generic sense and in terms of industry-specific mandates that derive from legislation in the healthcare, banking and other fields. But sometimes, generic IT requirements just impose an additional layer of bureaucracy and makework in the supplier-user relationship. These extra requirements can present a mixed message about priorities to your key suppliers when they overwhelm the process.

The key here is to harness these "facts of life" in today's environment to your advantage, instead of letting them control you. One way to harness them is to let suppliers know that both sides of the negotiation are operating under mandates, so their mandate isn't the only one that counts.

Take the issue of billing. Companies love to standardize terms for their accounts payable, and they often pressure their managers (such as you) to enforce them with all their vendors. Up to a point, that's a great help. Carriers need to be told not to require silly terms, such as 30 days to pay a bill after a "bill date" that they arbitrarily assign and may not represent actual delivery of the bill.

But telecom billing platforms do have notorious built-in legacies, and some enterprise-wide billing mandates can have the counterproductive effect of forcing a demand into RFPs that none of the bidding carriers will accept. That leaves you without an effective stick to meet your company's mandate. It's an example of what can happen when a mandate controls you rather than you utilizing it to your advantage (such as putting yourself in a position to negotiate the carrier rep away from his or her company's mandate).

The bottom line is that you can't wait until everyone's gathered around the negotiating table to start whining about what bureaucratic checkpoints you need to fulfill. Determining requirements up front in a competitive RFP (or other initial sourcing communication) helps settle what sort of mandates you will need to get from carriers even if they aren't core to the telecom process, and where you are willing and able to go to the mat for a particular requirement.

Do this work up front, and you'll be better prepared to "trade points" with carriers and their actual or perceived corporate requirements. In the end, it'll make it far easier for you to put the energy of the procurement on the core pricing, service levels, and key terms that you know you need for your network rather than let the process get overwhelmed and sidelined by other issues.

Trackbacks (0) | Send | del.icio.us | Digg It! | Linking Blogs | 244 Views

Cell phone donations show need for coordinated policy, technical and HR safeguards

Posted At: January 28, 2010 7:47 AM | Posted By: Kevin DiLallo
Related Categories: Security, Wireless, Management

The following is a guest post by LB3 partner Kevin DiLallo, whose practice includes a specialty in the negotiation of enterprise wireless service contracts.

Putting mobile devices with far more independent intelligence than the regular desk phone into the hands of thousands of employees has always carried the risk of unintended consequences. Society as a whole now practically considers cell phones and smartphones as traveling personal transaction machines, leading to increasing public discussion about using mobile devices for personal and civic purposes.

All of that is highlighted by the wireless industry's successful campaign to raise money for Haitian relief by allowing subscribers to send contribution pledges via text message. This phenomenon has raised over $22 million to date for the American Red Cross. But it's also put telecom managers who issue corporate-liable devices in a tough spot, as large numbers of holders of those devices have effectively pledged funds on the company's dime.

Yet this dilemma simply reflects two recurring issues in enterprise procurement of wireless devices: (1) whether to hold employees accountable for personal use of wireless devices; and (2) how best to employ technical solutions to curb unauthorized uses of those devices.

There are actually many reasons for a company to require employees to account for their personal use of company-subsidized wireless service and devices. One is the arcane, but still in force, IRS recordkeeping and reporting rules for company-issued cell phones. Another is to discourage personal use of company assets that could cut into the employee's normal work routine.

And of course, your company has a purely economic interest in preventing the diversion of corporate funds to unauthorized, personal uses while not appearing as uncaring to your employee base.

Going forward, it's probably easier to simply use technical measures to prevent such personal uses of company-issued mobile devices from the get-go, rather than leaving the door open for such use and then trying to recoup the cost of employees' personal use after the fact. For this reason, we often advise clients that an internal company policy regarding "acceptable use" of company-issued cell phones, while a good idea, is not self-enforcing, and needs to be backed up by technical safeguards.

For programs that allow subscribers to bill fees or donations through their monthly wireless bill -- i.e., using their cell phone like a credit card -- enterprise customers can prevent such costs from showing up on their bills in the future simply by asking their national account reps to block all texting to short codes from corporate-liable devices. Ordinary SMS messaging should be unaffected, but promotions accessed via short codes -- which often entail fees -- will be out of reach of corporate-liable subscribers, at least from the devices their employers subsidize.

But for right now, in the wake of the Haitian crisis, it might be helpful to coordinate with your human relations, public relations and/or corporate giving departments to craft a comprehensive message to employees about why messages are being blocked, and to state any position about both corporate and employee participation in humanitarian relief and alternative ways to contribute.

Short code SMS messages are just one example of the many uses of wireless technology that could increase enterprise subscribers' costs and distract employees from their day-to-day responsibilities. Other examples, all of which can be blocked upon request, are video and music downloads, voice calls to 900 numbers and directory assistance, ringtones, and wallpaper. And for security purposes, enterprises might also consider disabling the camera functions on devices equipped with cameras.

One thing's for sure: Your employees will be asked to reach for their cell phones many times in the future by forces outside your company's control. So this is an ideal time to be coordinating your wireless policies with technical safeguards and good, positive employee communications that acknowledge both their corporate obligations and desire to be good citizens. It's another example of the growing general management challenges of the corporate telecommunications function, and it's something we're continuing to follow closely.

Trackbacks (0) | Send | del.icio.us | Digg It! | Linking Blogs | 282 Views
About TC2  |  Our Services  |  TC2 Wisdom  |  TC2 in Action  |  Contact Us  |  Search  |  Home
© 2010 TechCaliber Consulting   All rights reserved.
Blog code provided by Ray Camden.