Generally in life, in order to make money, one has to work. In almost every situation, working involves some type of information. Interestingly, not everyone understands that in order to work well, the information employees use needs to be managed and secured as effectively as possible. When everything is said and done, if information isn't facilitated, people don't make as much money and companies don't reach their full potential. The Harvard Business Review recently did a survey of top business executives worldwide. The results clearly show a disconnect between what leaders believe and what they do in terms of their information.
According to that survey, 85 percent of executives say information is a critical strategic asset. At the same time, only 36 percent say their organisations are in a good position to use information in growing their businesses. In addition, 54 percent of the CEOs surveyed said information is a key asset, but only 21 percent strongly agree that investing in IT is critical to the growth of their business.
Another startling contrast is illustrated by 64 percent of CEOs responding that one of the most important things they can do to close the gap between where their business is today and where they want to be in the future is to improve processes relating to the flow of information, yet only 29 percent said integrating data through IT is strategically important.
For some reason, organisations aren't seeing the critical relationship between IT and success. IT is the means whereby information is handled. Why aren't organisations seeing this? Part of it could be technology fatigue -- executives struggle to maximise the technology they already have. While businesses say that focusing on existing technology and information is a priority for them, the study found that 67 percent of the surveyed executives struggle to make the best use of the information they already have.
Part of the disconnect could also stem from the dramatically changing IT landscape. Fortunately, technology trends like virtualization, cloud computing and mobility are becoming more of a priority for organisations and consumers. The result is that companies are now being forced to think more carefully about how they secure and manage the large amount of information they handle.
Reorganising IT to fix this is often a foreboding task. It's likely that some organisations are simply unwilling to invest the effort required to break down silos and set up new processes in order to fully take advantage of their information and infrastructure. How can executives be sure it's worth it?
The truth of the matter is that organisations don't need to invest in an entirely new IT infrastructure to close this gap. They will, however, need to shift their thinking to ensure they are focused on information management, security and overall strategic investments.
Eliminating Information Islands
Today, most companies are not organised around information, but around infrastructure. They focus on servers, storage and applications, when those are actually means for handling information. This results in information islands -- an inability to secure and manage information consistently. Such islands lead to duplication, inefficiency and an inability to use information for competitive advantage.
Every organisation is capable of eliminating such islands. The following steps will enable companies to better manage information, and ensure it is easily available for recovery and discovery. First, companies need to back up information, archive it for the long term and stop data loss. Next, deduplicate closer to information sources to eliminate redundancy. Third, reduce storage and risk by deleting everything, not keeping it, forever, and finally, deliver a compliance- and litigation-ready information infrastructure.
These actions will help organisations reduce storage costs and move away from information islands to an information management strategy that is architecture- and infrastructure-agnostic, while also managing the massive amount of unstructured data.
Additionally, from an information delivery standpoint, properly adopting models such as virtualization and cloud computing will be important. For virtualization, ensuring that there is one backup solution to protect both physical and virtual servers is key to streamlining. Information is also being moved to the cloud. It's important for organisations to adopt cloud-ready storage infrastructure so they are ready and set to accelerate the benefits of the virtualization and cloud computing models.
Security is Still Not Sufficient
Over the next few years, one of the greatest challenges organisations will face is balancing increased openness with greater security to extract maximum value from their information -- all while managing it at a rapidly growing pace. This requires companies to address security best practices, such as being fully compliant, diverting security breaches and avoiding company/customer data theft.
While it's puzzling that companies don't always adequately secure their information, four main points can be identified as reasons for laxity:
1. IT policies that are not enforced leave businesses exposed to broken processes that hinder protection. Businesses can address this vulnerability by prioritizing risks and enforcing strong IT policies that span across their various locations.
2. Poorly protected information leaves organisations vulnerable to security breaches and data loss because they do not know where their information assets are at any given time or who has access to this information. Businesses need to take a more content-aware approach to protecting information so they know where sensitive data resides, who is accessing it and how it is entering or leaving the company.
3. Businesses with poorly managed systems are vulnerable to security breaches and attacks because they cannot efficiently manage their IT infrastructure through its lifecycle. This can be addressed by leveraging various toolsets that provide integrated capabilities for managing security.
4. Infrastructures that are not protected lead to increased vulnerability because they do not have the visibility across the infrastructure that is required to identify gaps for protection and offer recommendations for remediation. Businesses can address this with integrated security technologies that provide insight into their infrastructure, proactive protection across the entire environment and rapid response to emerging attacks.
In general, organisations need to employ a policy-driven and well-protected IT strategy that focuses on securing and managing their information, not their infrastructure. This is especially important as the proliferation of mobile devices and use of information thereon continues to grow.
Investing Strategically -- Making IT the Key to Success
According to the Harvard Business Review study, a large gap exists between the third highest-scoring threat -- the inability to leverage technological innovation to drive new business and greater efficiency -- and the effectiveness with which companies are acting. While budget constraints may be a factor, it can also be a result of organisations' desire to make better use of the tools they already have. This points to the importance of making wise and strategic technological investments.
Recession-hit companies often choose IT for deep budget cuts. They put off strategic programs and upgrades to existing systems in order to save money. The high level of demand for IT services coming out of the recession will make it difficult for even companies in good financial standing to focus on new projects, even if they have high potential for payback.
Importantly, the silos within organisations must come down. Only 44 percent of companies currently have a cross-functional governance structure for making decisions about IT investments. This has to change. CEOs must pay attention to what CIOs are saying about the lack of alignment between business and IT priorities. Given how deeply IT is involved with all aspects of business, CEOs also need to make sure the alignment between business and IT is a focus for the entire executive team.
In order to make sure information is making the greatest possible contribution to the bottom line, organisations need to address some important informational challenges. Companies are increasing the rate at which they gather and create new information, so they need to assess the following:
• Information Growth, Management and Delivery -- The amount of information an organisation produces and collects continues to grow. Protecting this information through the efficient and effective management of security and storage technologies such as virtualization and the cloud will be key to their success. Also, the ability to back up and recover information is crucial, as is categorizing what information is most important.
• Information Risk -- organisations need to take an information-centric approach to IT security, enabling them to understand where their important information assets are and control who has access to them.
The disconnect between organisations' value of information and their unwillingness to do what is necessary to utilize and secure that information needs to be reconciled. Overcoming that disconnect will allow companies to eliminate customer problems and develop a more effective IT operation. Boiled down, IT should facilitate the company with its information. If the organisation's people can maximize its information, then IT is on track. Technology changes and businesses evolve, so CIOs need to keep their focus on the information, and the core tasks of managing and securing that information. That way, IT won't be a headache, it'll be an enabler.
To comment on this article, please email the editor.
Follow CIO on
Sign up to receive CIO newsletters.
Click here to subscribe to CIO.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.