The CIO HandbookEdition IV

www.hcltech.com|www.hclisd.com

Featuring research from

2

2Introduction: The 2012 TechnologyRoadmap

3Rethink Your Mobility Strategy

5Boost Your Security Network

7Evolve Your Data Center Strategy

9Adopt Industrialized, Low-Cost ITServices (ILCS)

11 Conclusion

12From the Gartner Files: Gartner’s TopPredictions for IT organizations andUsers, 2012 andBeyond – Control Slips Away

26About HCL

It is the best of times and the worst of times for CIOs and other IT professionals.

On the one hand, factors such as global delivery, industri-alization, Cloud Computing, Big Data, Social Media and Mobility are enabling enterprises to boost their efficiency and productivity. On the other, these trends are creating an IT landscape of unprecedented complexity and uncertainty.

As CIOs and business leaders try to navigate this unfamiliar terrain – while working to create a modern IT infrastructure architecture that can support intensified consumerization, technology disruption and voluminous Big Data – they may find themselves taking wrong turns or pursuing approaches that lead to dead ends.

That’s why we offer here a technology roadmap – one that highlights useful landmarks and identifies areas to steer clear of – that you can refer to as you explore today’s chal-lenging IT environment.

Source: HCL

Introduction: The 2012 Technology Roadmap

The CIO Handbook, Edition IV is published by HCL. Editorial supplied by HCL is independent of Gartner analysis. All Gartner research is © 2012 by Gartner, Inc. All rights reserved. All Gartner materials are used with Gartner’s permission. The use or publication of Gartner research does not indicate Gartner’s endorsement of HCL’s products and/or strategies. Reproduction or distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice. Although Gartner research may include a discussion of related legal issues, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner is a public company, and its shareholders may include firms and funds that have financial interests in entities covered in Gartner research. Gartner’s Board of Directors may include senior managers of these firms or funds. Gartner research is produced independently by its research organization without input or influence from these firms, funds or their managers. For further information on the independence and integrity of Gartner research, see “Guiding Principles on Independence and Objectivity” on its website, http://www.gartner.com/technology/about/ombudsman/omb_guide2.jsp.

3

Enterprise mobility is not a strange element to modern en-terprises. It has been in the limelight for quite some time and has been making enterprises (and the workforce)

more agile, efficient, and competitive. However, as a disruptive trend, mobility has its own setbacks. While on one hand, it em-powers the users, on the other, it jeopardizes enterprise security and takes away control (over users as well as costs) from the hands of enterprise IT.

Stemming challenges in the full swing are

• Mobile-device and operating-system fragmentation• Bring-your-own-device (BYOD) revolution and employee-

liable programs• Mobile data and applications explosion

Given these challenges, it is evident that organizations need a sophisticated mobile device management strategy to handle the mobile-device proliferation. A Mobile Device Management (MDM) strategy can help enterprises regulate the use of mobile devices by employees, regain control over users, and at the same time, ensure security of corporate data.

According to Gartner’s report Critical Capabilities for Mobile Device Management, “IT organizations are forced to create mobility programs to support corporate email and other ap-plications on consumer products, such as iPhone, iPad and

Rethink Your Mobility Strategy Legacy desktop and mobile strategies are likely to become obsolete, i.e., inadequate of handling the changing enterprise mobility landscape in 2012.

Android devices. Bring your own device and employee-liable programs are common, and we expect that 80% of organi-zations will have tablets by 2013. These deployments bring a range of new challenges, from security, compliance and man-agement, to cost and human capital management. Organiza-tions address these challenges by defining policies that regulate the usage of consumer and personal mobility for employees, and they need the appropriate tools to enforce policies, regu-late behaviors, contain costs and manage risks, across multiple device platforms.”1

However, charting out a mobile strategy requires a long-term vision.

Best Practices:

• Define the category of mobile devices and platform users that your IT can support.

• Redefine a mobile policy that enables new busines devices and mobile applications in the existing environment.

• Invest in an MDM solution that supports multiple platforms, enforces mobile policies, regulates behavior, mitigates risk, and controls cost.

Note: Enterprises are advised to turn to an IT service firm that has relevant expertise in mobile device management.

FIGURE 1MOBILITY MANAGEMENT BEYOND MDM

SOURCE: HCL

4

Success Cases:

A Fortune 500 Firm Turns to MDM for Security

A Fortune 500 U.S. beverages manufacturer with 19,000 employees and 200 distribution centers has implemented an effective MDM solution that secures all mobile devices and platforms. The customer implemented HCL Enterprise Mobility Services to see the desired results. The HCL MDM solution gives IT and users real-time intelligence and control over smart de-vice content, activity, and applications in order to secure data, reduce wireless cost, and improve user experience.

A Leading Electrical Retailer Optimizes its Business for Mobility

Europe’s largest electrical retailer and services company with operations in 26 countries is optimizing its business for mobility and mitigating business risk across corporate and employee-lia-ble devices. The customer is leveraging HCL’s Enterprise Mobil-ity Services — powered by MobileIron, a virtualized smart device management platform — that can address prime concern areas of enterprise mobility: mobile device security, enterprise mobility management and wireless expense management.

Source: HCL

1 Gartner Inc., Critical Capabilities for Mobile Device Management, G00213877, 29 July 2011

5

Boost Your Security Network To thwart the security threats and vulnerabilities that arise as your organization takes advantage of the ongoing trends in IT consumerization, virtualization, and Cloud Computing.

As enterprises continue to unleash the power of the latest technology trends such as ubiquitous data ac-cess, technology as a service, next-generation work-

force, social media, and IT consumerization, they are opening up their networks to new vulnerabilities and attacks — with maximum threats coming from the Web.

Information gathered from existing HCL customers suggests that enterprises are ill-equipped to cope up with the growing threat of cybercrime.

• Handheld devices pose the major security risks.• Compliance adherence (17%) and Cloud security (17%)

are two major high-priority security issues. • Other security challenges faced by the enterprises include

data protection (10%), virus/botnet attacks (13%), and proactive security alerting (9%).

Dealing with these newly found threats demands a paradigm shift in the security strategy. Enterprises need to evolve their security defenses and radically change the way IT is managed and secured. Highly constrained security budgets of enterprises could be a bottleneck, though.

Under economic pressure, enterprises can adopt man-aged security services to achieve high level of security and strike the perfect balance between security expertise and service innovation.

DDoS Prevention

FIGURE 2VERTICAL BREAKDOWN OF CUSTOMERS

SOURCE: HCL

FIGURE 3TOP SECURITY PRIORITY FOR 2012

Gartner’s MarketScope for Managed Security Services in Asia/Pacific states, “The continuing global economic turmoil has discouraged enterprises from capital investment in security in-frastructure and additional personnel costs for new security staff. Gartner does not anticipate strong growth in overall IT spending in client organizations in the next 18 months (see “Forecast Alert: IT Spending, Worldwide, 3Q10 Update”). This fiscal conservation has motivated a number of enter-prises to leverage MSS to support security improvements, continuing regulatory compliance and service expansion for business operations. Gartner expects that continuing uncer-tainties in the global economy will reinforce this trend, with the direct result of stronger growth in MSS client numbers and revenue.”1

Even though many services are part of the managed security service portfolio, we see the rush toward Cloud-based service offerings. Among Cloud-based security service offerings, we be-lieve Network Security, Identity as a Service (IDaaS), and Cloud-based Managed Authentication Services (MAS) will be much in demand. We also anticipate high adoption rates for Distributed Denial-of-service (DDoS) attack, Security Information and Event Management (SIEM), and log management, ensuring a proac-tive security framework.

However, the challenge at hand is to choose the right man-aged security services provider (MSSP) and devise an ideal security strategy.

6

Best Practices:

• First, define the scope of security services and the level-of-service expectations.

• Then, evaluate the prospective MSSPs based on the follow-ing parameters: adherence to local compliance laws, geo-graphic delivery capabilities, staff augmentation, device management, real-time monitoring, and security expertise.

• Finally, map the service delivery capabilities and security expertise of your managed security service provider and align them with your requirements and expectations. This will always result in a successfully managed security en-gagement.

Success Cases:

Asia’s Largest Exchange Firm Derives Enhanced Business Value with MSSA Singapore-based, large stock exchange turned to HCL for managed security services to reduce security risks that today’s

ever-changing threat environment posed. HCL’s balanced approach, proactive security stance, technophobic-to-techno-centric focus, and employed flexible delivery model helped the stock exchange develop an organization-wide IAM policy and process; design and re-architect the data center from a secu-rity standpoint, and address its (the exchange’s) business- and compliance-related requirements. This resulted in a 20-22% reduction in IT administration costs, a 45% fall in password reset efforts, and establish tamper-proof logs and audit trails.

A Communications Service Provider Optimizes its IT Security

A large South Africa-based telecom service provider optimized its IT security by moving to HCL’s collaborative value framework (spe-cifically designed by HCL for telecom service providers). Leveraging HCL’s existing robust service delivery framework, the telecom organ-ization scaled up the security services for its existing customer base, which brought in more revenues. This business model also reduced the operational challenges by using HCL’s large pool of certified resources and OEM partnerships with leading security vendors.

Source: HCL

1 Gartner Inc., MarketScope for Managed Security Services in Asia/Pacific, G00217190, 30 September 2011

7

Evolve Your Data Center Strategy To improve business responsiveness, lower costs and consolidate your data center.

As enterprises continue to face increased pressure from the global economy to reduce costs, they will be looking at data centers as the starting point for reducing costs

and complexity, and improve manageability. Companies from various industries have already discovered the merits of trans-forming their data centers and harnessing new technologies and innovations such as Cloud and Infrastructure Utility Ser-vices (IUS).

According to Gartner’s Magic Quadrant for Data Center Out-sourcing and IUS, North America, “In North America, increas-ing volumes of storage, high-density computing technologies versus rising energy costs and green concerns, and the need to consolidate for efficiency and security often show the physical limitations of existing data centers. At the same time, higher service requirements such as 24/7, continuous data replica-tion, fast delivery of new capabilities, high flexibility and low-cost delivery challenge the internal IT management capabilities of many organizations. As a result, increasing industrialization, consolidation and global delivery, and utility and cloud ap-proaches characterize the global and North American data center infrastructure outsourcing market.”1

Radical business and technical changes demand that CIOs and leaders overturn older practices; adopt new strategies and technologies for data center initiatives; and build a next-generation data center. Before CIOs embark on a data center project or devise a data center strategy for the future, they must gain some insights into the potentially disruptive and

revolutionary technologies of today — such as Cloud Comput-ing and next-stage virtualization. It will help enterprises consoli-date better and achieve superior business results.

The next-generation data center of the future must essentially have Cloud embedded in its architecture, besides Ethernet fab-rics, high-density multi-core server hardware, high-bandwidth networks, and virtualized servers and storage. A Cloud-ready data center infrastructure can both support new service models at the scale necessary to meet demand and operate at an efficiency level that ensures profitability and support full virtualization.

However, this will require CIOs to move to the next level of IT sourcing — source the best IT services from the available service providers operating in the market. The service providers must be evaluated on the basis of their ability to offer a dynamic and ready-to-deploy infrastructure, and the capability to cope up with IT complexity as the requirements from their business processes increase.

Enterprises must follow a phased methodology to devise a suc-cessful data center strategy. One of the HCL clients implement-ed a step-wise methodology that was cost-effective and ensured a healthy bottom-line. Data center infrastructure restructuring and service management fundamentally must be a part of data center transformation projects to ensure that organization’s data center can readily adapt to constantly changing service demands. Also, green initiatives are a must-have for the next-generation data center.

FIGURE 4BUILDING BLOCKS OF THE NEXT-GENERATION DATA CENTER

SOURCE: HCL

8

Leveraging its over three decades of experience in the IT ser-vices industry, HCL has devised a data center transformation methodology for its customers. It is a structured approach to build a future-ready data center infrastructure (see Figure 5).

Best Practices:

• Engage all stakeholders and apply appropriate cost modeling after analyzing latest data center technologies.

• To build an optimized data center strategy, evaluate your capacity needs, your budget constraints, and the capabili-ties you would like to have in your modern data center.

Success Case:

Old Mutual’s Data Center Strategy is Paying Off

Investment specialist firm Skandia, part of the Old Mutual Group, needed to upgrade an aging IT infrastructure, so in 2009 it began planning a transformation program to update two key data centers. The transformation addressed several problems, including limited space in the data centers; a leg-acy environment that constrained the reliability and growth of

one of the facilities; multiple server and storage technologies, operating system versions and standards that were complex and costly to deliver and support; and limited lifecycle management, leading to out-of-date technologies being maintained.

The project was conducted in three phases in partnership with HCL. In the first, completed in the first half of 2010, Old Mutual implemented structured cabling and resilient UPS. The second phase, completed in March 2011, involved core infrastructure components such as storage consolidation, server virtualization, network consolidation, backup and enhanced disaster recovery. The final phase, which is ongoing, involves the implementation of standards and tools such as monitoring, software and patch management, and database consolidation. Skandia says the transformation has resulted in 80% of non-production environ-ments being virtualized; 40% of production environments virtu-alized; and high-density usage of server infrastructure, reducing power, cooling and use of space in the data center.

In addition, 20% of servers have been upgraded, and Skandia now has the ability to provide seamless recovery of critical virtual hosts in its disaster recovery site. Another benefit is reduced data center complexity, with the move from three storage technologies to one.

Source: HCLFIGURE 5HCL’s DATA CENTER TRANSFORMATION METHODOLOGY

SOURCE: HCL

1 Gartner Inc., Magic Quadrant for Data Center Outsourcing and Infrastructure Utility Services, North America, G00213700, 20 July 2011

9

Adopt Industrialized, Low-Cost IT Services (ILCS) ILCS model is set to disrupt the existing IT services industry with its new service value proposition in 2012. Get ready to adapt!

Industrialized, Low-Cost IT services (ILCS) are the managed, multi-tenant, ready-to-use IT services (infrastructure, appli-cations or business processes), which gives organizations a

chance to introduce a transparent and predictable cost model. The service providers offering ILCS implement standardized but high-quality, automated, configurable and scalable services in the client environment and charge them on a monthly basis. Prices are expressed either as price per user per month or price per unit per month.

An ILCS model could result in potential savings of 50- 80% on the entry-level prices — against the 20-30% savings that or-ganizations have been achieving by leveraging the traditional offshore and outsourced IT services — without compromising service quality. ILCS are still embryonic. Yet, it is an emerging market force in the IT services industry. Organizations are slowly-yet-steadily embracing this alternative low-cost IT services/business model over the traditional IT services to reduce the cost of “running the business”. And we believe that this adoption will reach an all-time high in 2012 and beyond.

The emerging ILCS model will transform and disrupt the exist-ing IT services landscape by altering people’s common percep-tions of pricing and value of IT services.

Gartner’s Top Predictions for IT Organizations and Users, 2012 and Beyond: Control Slips reveals “Despite a limited direct mar-ket impact (~$20 billion by 2015), ILCS offerings will reset the ITO market price in the next five years. We expect to see market-ing messages like “We manage your SAP infrastructure for less than $10 per user per month. Why are you spending more?” to increasingly fuel CFOs’ and CEOs’ interest, further pushing IT spending as an operating expense externally delivered and no longer a capital expense internally managed.”1

Some of the common low-cost offerings that enterprises can readily take advantage of include: Cloud email (BPOS, IU4Ex-change, IU4Lotus etc.), Infrastructure Utility for SAP (IU4SAP), IaaS, SaaS and more such. IU4SAP represents one of the most important cases of ILCS for business-critical and core functions, while collaboration and messaging in the Cloud are the emerging.

“Figure 6 represents the overall trend toward ILCS. During the last decade the high cost of corporate IT ($1,000 to $2,000 per user per month) has fallen due to traditional outsourcing and offshoring. Now, thanks to new delivery models, industrialized services and Cloud Computing, we are seeing increasing num-bers of low-cost offerings in which the price of a specific unit or function (such as IU4SAP, e-mail and SaaS) is instead measured in a few dollars per user, or unit, per month.”2

FIGURE 6THE SHIFT TO HIGHER SAVINGS FROM INDUSTRIALIZED, LOW-COST IT SERVICES2

1 Gartner Inc., Gartner’s Top Predictions for IT Organizations and Users, 2012 and Beyond: Control Slips Away, G00226767, 23 November 2011

Source: Gartner (January 2011)*BPOS = Microsoft Business Productivity Online Suite; IU4SAP = Infrastructure Utility for SAP; pm = per month; pupm = per user per month;

Corporate ITOutsourced IT

-20%Offshored IT

-30%Small Fixed Server, Vendor $800 pm

Small Virtual Server, Vendor $400 pm

Salesforce.com$75

IU4SAP$10 to $20

pupm

Industrialized, Low-Cost IT-50% to -80%

SAP Infr. Client$20 to $30 pupm

BPOS/Gmail$2 pupm

LOW-COSTIT

HIGH-COSTIT

Costperunit

Time20102000

10

HCL is helping many of its clients reduce their operational costs through its standardized, high-quality, low-cost services. How-ever, a word of caution for all the organizations adopting ILCS will be: Be wary of the turbulence that ILCS model can cause.

Best Practices:

• Remember, not all corporate IT can be delivered through ILCS.

• Before embracing ILCS, first conduct an appropriate level of due diligence and risk analysis specific to your organi-zations’ risk profile and act accordingly.

• Become proficient at multi-sourcing, since adoption of ILCS increases the challenge of managing the co-existence within an ecosystem of different kinds of IT services delivered.

Success Cases:

A Manufacturing Industry Leader Turns to Cloud for Savings

A leading supplier of analog interface components for com-munication, industrial and consumer applications devised a Cloud strategy to reduce its IT spending and meet its organi-zational goal of building an agile IT organization. It leveraged HCL’s Cloud-based Collaboration and Messaging Services to migrate its messaging data and mailboxes to the Cloud envi-ronment. This resulted in $1.6 million annualized savings and significant improvement in collaboration among employees distributed across the globe.

Global Firms Migrate to Greater Flexibility and Lower Costs with HCL SAPoD

A leading pharmaceutical company in the US ($3.4 billion reve-nue) and a leading manufacturer in Denmark ($4.7 billion reve-nue) opted for HCL’s SAP-on-Demand (SAPoD), an efficient and secure Cloud ERP solution falling under the IU4SAP category, and reduced their infrastructure costs by 30%. SAPoD is HCL’s transformational service that provides customers a technology-aligned, reference-architecture based, ready-to-implement SAP solution. The solution is hardware vendor neutral and is flexible enough to adapt to new technology trends.

Global Leader in Sports, Fashion & Media Scales its IT costs with Standardized, Low-cost IT Services

A leading conglomerate, based out of U.S., put a cap on its burgeoning costs of operations by leveraging HCL’s SCALE Ser-vices — Standardized, Cost-optimized, Agile, Leveraged and Enhanced services. The customer is a leader in sports, fash-ion and media, and has been connecting brands and audi-ences through sponsorships, licensing media, and consulting with unparalleled client services for more than 50 years. It used the combination of HCL SCALE services, dedicated offshore & onsite resources and re-badged resources that resulted in 15% reduction in operational costs. Moreover, HCL successfully managed the disparate IT environments across the customer’s diverse business units and helped it [organization] achieve true business agility and scalability through its high-quality, stand-ardized low-cost offerings.

Source: HCL

2 Gartner Inc., Behind the Cloud: The Rise of Industrialized, Low-Cost IT Services, G00209857, 1 February 2011

11

Conclusion

In the preceding pages, we have attempted to chart the broad contours of the emerging IT landscape. Of course, more detailed maps will be needed as you explore particular regions – for example, mobility, security or cloud computing – of the new environ-ment. But this article hopefully provides a helpful overview and suggests some areas worthy of further exploration.

Source: HCL

12

From the Gartner Files: Gartner’s Top Predictions for IT Organizations and Users, 2012 and Beyond: Control Slips Away

These top predictions herald changes in control for IT organi-zations when budgets, technologies and costs become more fluid and distributed.

Overview

The continued trends toward consumerization and cloud com-puting highlight the movement of certain former IT responsibili-ties into the hands of others. As users take more control of the devices they will use, business managers are taking more con-trol of the budgets IT organizations have watched shift over the past few years. Loss of control echoes through several predic-tions in this report. This comes with the necessary result of more focus on certifications and a relentless attention to security in a changing world. As the world of IT moves forward, it is finding that it must coordinate activities in a much wider scope than it once controlled.

Key Findings

• ITbudgetsaremovingoutofthecontrolofITdepartments,which means IT must reach out to the business.

• CloudmodelsareforcingchangesontointernalITdepart-ments and onto traditional outsourcers, but security asser-tions and certifications for cloud providers are still lacking in completeness and availability.

• Mobiledevicescontinue tooutgrowPCsaspreferredpri-mary computing devices.

• The availability of large amounts of data will overwhelm most companies’ ability to understand that data.

Recommendations

• End-userorganizationsmustestablishadisciplineofrela-tionship management in their IT organizations to handle the influx of service providers.

• ITdepartmentsmustbecomecoordinators (orbrokers)ofIT-related activities (across their companies) that were not specified by the IT organization originally.

• Designofnewapplicationsmustleveragerichbrowserandmobile devices to support end-user demands for a move-ment from PCs to mobile devices.

• BudgetmanagementforITprojectsmustbeanactivitysharedacross multiple business units, which will control IT spending.

Strategic Planning AssumptionsBy 2015, low-cost cloud services will cannibalize up to 15% of top outsourcing players’ revenue.

In 2013, the investment bubble will burst for consumer social networks, and for enterprise social software companies in 2014.By 2016, at least 50% of enterprise email users will rely primarily on a browser, tablet or mobile client, instead of a desktop client.By 2015, mobile application development (AD) projects target-ing smartphones and tablets will outnumber native PC projects by a ratio of 4-to-1.By 2016, 40% of enterprises will make proof of independent se-curity testing a precondition for using any type of cloud service.At YE16, more than 50% of Global 1000 companies will have stored customer-sensitive data in the public cloud.By 2015, 35% of enterprise IT expenditures for most organiza-tions will be managed outside the IT department’s budget.By 2014, 20% of Asia-sourced finished goods and assemblies consumed in the U.S. will shift to the Americas.Through 2016, the financial impact of cybercrime will grow 10% per year, due to the continuing discovery of new vulner-abilities.By 2015, the prices for 80% of cloud services will include a global energy surcharge.Through 2015, more than 85% of Fortune 500 organizations will fail to effectively exploit big data for competitive advantage.

AnalysisWhat You Need to Know

Gartner’s top predictions for 2012 showcase the trends and events that will change the nature of business today and beyond. Selected from across our research areas as the most compelling and critical predictions, the trends and topics they address this year speak to the reduction of control IT has over the forces that affect it. The move-ment to cloud computing and mobile devices highlights the reduc-tion of control as consumers demand mobile devices increasingly over PCs. This leads to the natural desire to reduce gaps in security where possible, and to gain some certification of outcomes where it’s not. Lack of control is a difficult prospect for IT departments, which must now adapt or be swept aside.

In addition, IT budgets, while on a slight rise, are at risk as more of the money formerly allocated to IT projects begins to be directed through the hands of non-IT managers. This leads to increased speculation that trends such as outsourcing and cloud computing will not only grow, but will accelerate through the next five years. This growth will not come without risk or po-tential added costs. The price of generating cloud services for large numbers of consumers can lead to increased power and cooling costs for service providers that are likely to pass them on to consumers.

13

Let us not ignore the effect of cloud computing on outsourcers themselves. The phenomenon of cloud computing not only cuts into the activities of IT departments, but also into the revenue of outsourcers that must contend with commodity cloud services and cloud pricing. Even though the cloud revenue models are not all established as successful, they provide a rich field for speculation, and traditional outsourcers must respond to this movement just as IT organizations are doing. Alongside this is a bit of a countermovement that sees certain goods and servic-es moving back toward the Americas, rather than in continued movement to Asia. This, in combination with a cannibalization of some outsourcer revenue, may provide an opportunity for some businesses to gain more cost-effective services.

We will enter 2012 with an increase in the amount of information available to us, but with a shortage of the ability to understand it. Given the shifts in control of systems that IT organizations are facing, the loss of the ability to guarantee the consistency and effectiveness of data will leave many struggling to prevent their organizations from missing key opportunities or from using questionable information for strategic decisions. No regulatory help is on the near horizon, and this leaves each business to de-cide for itself how to handle the introduction of big data, the ad hoc collection and dissemination of data in social communities, and the proliferation of data across the cloud.

Any organization that wishes to excel in 2012 must establish in itself a significant discipline of coordinating distributed activi-ties. It must establish relationship management as a key skill, and train its people accordingly. The reason for this is that the lack of control can only be combated through coordinative ac-tivities. The IT organization of the future must coordinate those who have the money, those who deliver the services, those who secure the data and those consumers who demand to set their own pace for use of IT.

Selecting Predictions

The selection process included evaluating several criteria that define a top prediction. The issues examined included rele-vance, impact and audience appeal. More than 137 of the strongest predictions across all research areas were submitted for consideration this year.

Our top predictions are intended to compel readers to ac-tion and to position them to take advantage of the coming changes, not to be damaged by them. Clarity and conciseness are also essential characteristics of our top predictions; the av-erage reader of “The Wall Street Journal” should be able to

follow each prediction and its effect on areas of interest.

These top predictions are for general technology areas, rather than being specific to industries (see “Top Industry Predictions 2011: The Recession’s Aftermath Proves Challenging”). In reading these pre-dictions, it will become apparent that our top predictions are pulled directly from research that is topical and ongoing. They include im-plications and recommendations for organizations seeking change opportunities. IT professionals must examine these predictions for opportunities to increase their support for cost control, revenue gen-eration and business transformation initiatives.

Strategic Planning AssumptionsIT Services

Strategic Planning Assumption: By 2015, low-cost cloud services will cannibalize up to 15% of top outsourcing players’ revenue002E

Analysis By: Claudio Da Rold and Sandra Notardonato

Key Findings:

• Industrializedlow-costITservices(ILCS)sitatthecrossroadsbetween ITO (a $315 billion-plus market in 2011, up to almost $500 billion when considering business process out-sourcing [BPO]) and the rising cloud computing external service market (forecast to reach $150 billion by 2015, of which more than $60 billion represents services such as soft-ware as a service [SaaS], infrastructure utility services [IUS], infrastructure as a service [IaaS] and platform as a service [PaaS] that compete with traditional IT outsourcing [ITO]), and $56 billion represents business process services that compete with traditional BPO services.

• ILCSisanemergingmarketforcethatwillalterthecommonperceptions of pricing and of the value of IT services. In the next three to five years, this new model will reset the value proposition of IT.

• Low-costcloudserviceswillcausethecannibalizationofcur-rent and potential outsourcing revenue through two different effects: direct (e.g., substitution of services that would have been delivered in-house or through traditional outsourcing) and indirect (e.g., the reduction of the price at which tra-ditional outsourcing services are renewed, renegotiated or outsourced for the first time).

• In termsof thedirecteffectof ILCS,weare focusedon themarket size of ILCS as a segment of the broader IT service marketplace, and specifically the ITO market. Gartner be-lieves that ILCS can reach 2% of the $1 trillion~ IT service market in 2015, representing a $20 billion market. This is still

14

a relatively small size, compared with cloud services (20% of non-advertising-based services) and the ITO market.

• IntermsoftheindirectimpactofILCSonITO,wearefo-cused on the ongoing price reduction driven by the com-petition of low-priced services and the reset of what is perceived as the fair market price for specific IT services by business and IT buyers. In our assessment, the indirect impact is more than double the direct impact, due to the large ITO installed base, the effect of intense contract rene-gotiations at a faster velocity resulting from shorter contract terms, and the increased use of volume-based pricing for-mulas (price equals volume times the unit price).

• Asaproxytothisprediction,weturnedtotheIToffshoredelivery model (e.g., the low-cost IT skills model) and its cannibalizing effects on the traditional delivery of staff-based IT services. An analysis of the past 10 years shows the emergence of a group of India-based providers captur-ing revenue from clients and existing and traditional provid-ers (the direct effect, ~4.9% of market share in 2010). This created dramatic pricing pressure and the forced adoption of the global delivery model by traditional providers in or-der to remain competitive (the indirect effect is estimated to be roughly double the direct effect).

• Asanotherproxytothisprediction,inearly2009,Gartnerforecast a future reduction of ITO prices for the 2009 to 2011 time frame due to the macroeconomic environment and service industrialization. This reduction in price (more than 10% compound annual growth rate [CAGR] per year, with peaks at more than 20% per year on some specific service offering) did come to fruition, as forecast.

• WeforecastnowthatILCSisthemarketbenchmarkthatwillcause ITO unit price reductions to remain an ongoing trend for at least the next five years.

Market Implications:

• Despite a limited direct market impact (~$20 billion by2015), ILCS offerings will reset the ITO market price in the next five years. We expect to see marketing messages like “We manage your SAP infrastructure for less than $10 per user per month. Why are you spending more?” to increas-ingly fuel CFOs’ and CEOs’ interest, further pushing IT spending as an operating expense externally delivered and no longer a capital expense internally managed.

• This sortof externalbenchmark– regardlesswhether theadvertisement is entirely applicable or not – will accelerate the transition toward industrialized, cloud-based services, and will heavily impact the renewal of ITO contracts in the next five years. Clients will either migrate toward new pro-viders or ask their traditional outsourcers to deliver these services at the right service quality and price points.

• The lower IT prices will of course also create additional,new business (especially in the small or midsize business [SMB] segment) from clients that would not be in a posi-tion to outsource or buy these services before and within new service areas (IT/operational Technology [OT] con-vergence, ubiquitous IT appliances, mobility, etc.). Nev-ertheless, such traditional streams of outsourcing revenue will be cannibalized as cloud computing, industrialized services and low-cost business models are adopted.

• Similar towhathappenedwith theadoptionofoffshoredelivery, it will be incumbent upon vendors to invest in and adopt a new cloud-based, industrialized service strategy either directly or indirectly, internally or exter-nally. Additionally, it will be incumbent upon customers to align themselves with the service providers making those investments in order to ensure an IT strategy that is cost-competitive, and that has the potential to positively contrib-ute to cash flows.

• Service providers not active enough on these new servicemodels or trying to leverage the service industrialization only from a profitability perspective are likely to see their growth seriously limited, and are at risk of getting mar-ginalized by new entrants to the market or consolidated due to a decline in financial metrics. Again, using the offshore impact as a proxy for this statement, we have seen roughly 25% of the most meaningful players (by size and geography) in the market being acquired in last three years due to slower revenue growth and/or operat-ing margin underperformance. On a positive note, the risk of revenue cannibalization is offset by the potential to increase operating margins as investments achieve economies of scale.

• Buyersofservices(eitheralreadyoutsourcedorin-house)willoperate in a market where traditional outsourcing deal unit prices will decline. Although outsourcing contracts are typi-cally three to five years for an average term, we see multiple entry points for price renegotiation:• Annualdiscussions,basedonbest-practicebenchmark-

ing clauses.• Through renewals, extensions and renegotiations (most

organizations renegotiated their deals in 2009 to 2011).• Attheendofthetermthroughmarketbid,RFPortender.

In this case – almost by definition – the new deal is signed at a fair – often near to the lowest – market price.

• Withexitclausesthatallowtheclienttoleaveacontractand sign a new one.

• Despitethelong-termnatureofoutsourcingdeals,therealityis that the price can change over time, and will be influenced directly or indirectly by market prices.

• Importantly, macroeconomic trends will have a significantimpact on the outcome of this transformation. A reaccelera-

15

tion of global economic growth would reduce the negative effect of ILCS (due to higher general IT service market growth and the growth of IT service volumes), while a long-term stagnation or a double-dip would depress the IT service market growth in advanced economies, and would potentially accelerate the adoption of ILCS (see “Uncertainty and Low Prices Could Stall the Growth of the IT Services Market by 2013”).

• Assuming the continueddecline inmarketprices,we seethe adoption of industrialized services having a significant impact on client sourcing strategies. Buyers of services must be aware that the cultural change from made in-house IT services into industrialized, external services is not a small step, and a new culture of adapt to/adopt and outside/in must apply. Leveraging the ILCS wave is much more than a procurement ability to buy at the lowest price. It involves a business-driven sourcing strategy, the ability to manage a multisourced environment and to integrate industrialized services into end-to-end business processes.

• Allinall,Gartnerbelievesthattheprojected$1trillionITservice market is at the beginning of a phase of further dis-ruption, similar to the one low-cost airlines have brought in the transportation industry. There will be a near-term to midterm onslaught from innovators on the revenue/growth/margin of established businesses, causing the restructur-ing of the industry (consolidations, merger and acquisition [M&A], restructuring, failures, etc.). This will create disrup-tion, then new value for clients, with new demands and new services available at lower price points to/from emerging and advanced economies.

Recommendations:

CIOs, CFOs, business unit managers, sourcing heads, vendor managers must:• Take ILCS and service price trends into account when

refreshing your sourcing strategy, retendering your service deals or evaluating the in-house versus outsource IT trade-off.

• Understand what services you are buying and the value proposition of ILCS (that is, parity IT services and not differentiating business value services [DVBS]).

• Understand that the apparent low price and ease of useis not always real. An IT professional analysis of risk and advantages, retained cost and transition/integration invest-ment must be done. Despite low prices, the total cost of sourcing can be even higher than current costs.

• Exercise due diligence in selecting and managing vendorsand providers, and manage risks through disciplined sourcing

management and governance. Expect market turbulence and provider troubles in the planning period.

• Don’tsignoutsourcingdealsthataretoolonginterm(threeyears is the norm now), exclusive or broad in scope to limit your ability to leverage on new service offerings and declin-ing prices.

• Inaddition to traditionalbenchmarkapproaches,measurethe cost per unit, per month of your infrastructure and ap-plication delivery to prove your efficiency as a provider or broker of cloud services.

Social Networks

Strategic Planning Assumption: In 2013, the investment bub-ble will burst for consumer social networks, and for enterprise social software companies in 2014.

Analysis By: Michael Gartenberg and Matt Cain

Key Findings:

• Vendorsintheconsumersocialnetworkspacearecompet-ing with each other at a rate and pace that are unusually aggressive, even in the technology market. In an attempt to win new users and keep existing users engaged, new ser-vices, interfaces and partnerships are accelerating, with an emphasis on capturing the entirety of a consumer’s social experience. The net result is a large crop of vendors with overlapping features competing for a finite audience.

• In the enterprisemarket, we seemany small independentsocial networking vendors struggling to reach critical mass at a time when market consolidation is starting, and megaven-dors, such as Microsoft, IBM, Oracle, Google and VMware, have made substantial efforts to penetrate the enterprise so-cial networking market.

• Success breeds success in the consumer social ecosys-tem. The network effect – a network becomes more desir-able as the number of users grows – has been the key in driving social network growth, which makes it harder for new players to enter and compete against larger estab-lished players.

• Intheenterprisespace,megavendorsare,orwillbe,pro-viding social capabilities as horizontal platform services consumable by applications, making it difficult for small vendors to sell stand-alone products that provide simi-lar services. Google, for example, will add Google+ to Google Apps for Business, Microsoft added social net-working to SharePoint, and Oracle will provide social in-frastructure services to be used by its Fusion applications.

16

• The majority of social networking interactions through2013 will migrate to mobile devices from PCs, creating new opportunities for consumer social networks. Established social networking players may not lead in mobile acuity, but will be fast-followers, thereby removing a point of differen-tiation potentially available to new entrants.

• Intheenterprisespace,thesamedynamicexists,andmegav-endors, with significant investments in secure mobility services, will have a substantial advantage over smaller, stand-alone vendors struggling to keep pace with mobile developments.

• Thereisawidevarietyofbusinessmodelsforconsumerso-cial networks and services, but the majority will be advertis-ing-driven. The result is that a limited amount of advertising dollars will be available for new players in the market.

• Intheenterprisespace,megavendorsareinapositiontosubsidize social networking investments for years. Smaller, independent vendors have no such luxury.

• Futuregrowth in theconsumerandenterprise socialnet-working market will depend on how well current players can expand market share. Vendors that have the resources to challenge the status quo will likely be other large compa-nies looking to expand in the social space and not smaller startups, which lack the substantial capital to challenge the established players.

• Consumers and enterprise users are wary of changingand/or rebuilding social graphs. Data portability is limited, at best. Consequently, the longer a user participates in a social network, the more difficult it is to migrate to a new platform. This creates barriers to entry for new entrants.

Market Implications:

• SocialnetworkingisoneofthetopactivitiesontheInter-net. The overall number of users continues to rise, but the overall growth rate will slow over the next two years as the number of unaffiliated consumer declines. New entrants, therefore, will have a much smaller pool of consumers to target, making the staggering growth rates of established networks difficult to reproduce.

• Penetrationratesforsocialnetworkingintheenterprisearestill less than 15%, so there is substantial room for growth. But the delta between best-of-breed independent vendors and megavendors has diminished substantially over the past two years, and will continue to erode, making it difficult for organizations to justify an investment with a small supplier.

• The maturing of the market for consumer and enter-prise social networking will impact the amount of capital available for startups in the space. While substantial excitement will be raised by private firms going public (e.g., Facebook and Jive), we believe that valuations of smaller

independent vendors will diminish as recognition sets in that the opportunities for market differentiation and fast growth have eroded. These diminished valuations – reflected in the slowing of new investments – will curtail the fervor to fund new social networking. We expect this recognition of dimin-ished opportunities to take slightly longer be reached in the enterprise space, where the market dynamics are not as clear at present.

Recommendations:

For the consumer space:

• Existingconsumersocialnetworkingservicesmustincorpo-rate new, value-added features and services in an attempt to keep users engaged longer, and to prevent defections.

• Brands looking to engage with consumers via social net-works must take care in evaluating how their budgets will be spent, and the likely success of new entrants versus exist-ing players. While it will be easier to stand out on a newer service, that service will likely have fewer users and greater difficulty keeping them engaged.

• Partnersofconsumersocialnetworksandorganizationsthatdepend on social networks for their marketing, branding or sales platforms must use social analytics tools to monitor their customers’ reactions and use of social networks, and must be prepared to follow their customers if they begin to migrate to other social technologies and services, and to evaluate new entrants into the market.

• Newerandnichevendorsmustprovideadifferentiatedex-perience in order to capture new users. This can be through features and services not currently offered by dominant play-ers, or by targeting more niche demographics and markets.

• Newentrantsintothesocialnetworkingmarketmustmakeit easier for consumers to integrate existing social graphs into their services. Investors in new services must consider that consumers will not continue to recreate their social graphs repeatedly with each new service that emerges without ease and strong product differentiation.

For the enterprise space:

• Carefullyweighthebenefitsversusrisksofusingasmallsup-plier with a richer feature set against a large, incumbent sup-plier with emerging social networking ambitions.

• Understandthefinancialstatusofsmallerplayers,andwhatthe exit strategy is likely to be.

• Understand thepotentialbenefitsof integratingsocialnet-working over an existing vendor stack versus the benefit of a lightly coupled social networking service.

17

Social Software and Collaboration

Strategic Planning Assumption: By 2016, at least 50% of enterprise email users will rely primarily on a browser, tablet or mobile client, instead of a desktop client.

Analysis By: Matt Cain

Key Findings:

• Whiletheriseinpopularityofmobiledevicesandthegrow-ing comfort with browser use for enterprise applications preordains a richer mix of email clients and access mecha-nisms, we believe the pace of change over the next four years will be breathtaking.

• Most organizations routinely enable browser access toemail and calendars, but the vast majority of email read/writes are done with a traditional desktop client. The grow-ing parity between desktop clients and browser functionality, however, coupled with an IT group desire to reduce desktop complexity via the removal of the PC client, is rapidly accel-erating browser access to email. The growing popularity of Google Gmail – which is optimized for browser access – as an enterprise email supplier will accelerate email browser dependency, as will the uptake of HTML5, which will supply much-needed offline and drag-and-drop support. Micro-soft, too, is likely to release rich HTML5 browser support for Exchange over the next year or two.

• Migration away from local email archives/folders to verylarge, centralized mailboxes (particularly in the cloud) will decrease the need for a desktop email client, as will the use of Microsoft’s personal archive feature in Exchange 2010, which offers a server-side alternative to client-side archives. Research In Motion’s (RIM’s) intention to offer no-fee BlackBerry Enterprise Server services to Microsoft Office 365 cloud email customers (expected in 2Q12) may help Office 365 maintain its presence in the enterprise.

• Lifestylechangeswillalsoacceleratethetrend.Thereisagrow-ing expectation on the part of businesses that employees will be available during nonwork hours, and that location should not be a barrier to communication. Furthermore, users will no longer have a primary device for corporate collaboration, but will rely on a fleet of self- and business-provided devices with the expectation of a largely uniform user experience. We ex-pect Google and Apple to increase the sophistication of native Android and iOS email clients. Rapid and deep penetration of tablets – with Amazon’s forthcoming $200 Android-based Kin-dle Fire expected to be a fast-follower to the iPad – will increase demands for mobile email access.

• WeexpecttheimpendingWindows8(byYE12)fromMicro-soft to contribute to the trend. This OS will run on ARM pro-cessers (in addition to Intel processors), and will be touch-enabled for deployment on tablets, accelerating the uptake of Outlook running on tablets and smartphones. We also believe it is inevitable that Microsoft will release versions of Outlook running on Android and iOS devices sometime in the next year or two. Finally, the near-universal acceptance of the Exchange Active Sync protocol for mobile access to email – and the rise of rich mobile device management tools – facilitates the broad use of mobile devices for email ac-cess. However, users will still have access to a desktop client, in addition to mobile access mechanisms.

Market Implications:

• We expect mobile device manufacturers – Apple, Nokia,Samsung, LG, Motorola, etc. – to enter a new phase of com-petition to offer rich email clients to maintain rough parity and to establish competitive differential. Email system vendors – Microsoft, IBM, VMware and Google – are also likely to build mobile clients for diverse set of devices for the same reason.

• Market opportunities formobile devicemanagement plat-form vendors will soar. Increased pressure will be on those suppliers to accommodate an increasing portfolio of col-laboration services, including IM, Web conferencing, social networking and shared workspaces.

Recommendations:

Enterprises should:

• Developpoliciesgoverningtheuseofcorporate-andem-ployee-supplied devices, and should implement rich device management applications for controlling and securing re-mote access.

• Upgradeemailsystemstoversionsthatsupportrichbrowserand mobile device access to email services.

• Investigateopportunities toeliminatedesktopemail clientsto reduce PC complexity and eliminate local email archives.

• WorkwithHRresourcestooptimizelife/workbalancesandde-crease employee stress due to growing availability expectations.

• Ensure that the remote email access infrastructure has ahigh degree of redundancy at all points to ensure continu-ous availability.

• Plantoextendemailmobilitytoadjacentcollaborationser-vices such as IM, shared workspaces and social networking.

• Trainusersonbestpracticesforemailcommunicationsinamobile world (better, shorter subject lines, shorter messages, clear action requests, etc).

18

Strategic Planning Assumption: By 2015, mobile AD pro-jects targeting smartphones and tablets will outnumber native PC projects by a ratio of 4-to-1.

Mobile and Wireless Communications

Analysis By: William Clark

Key Findings:

• Smartphonesandtablets representover90%of thenet-newgrowth in device adoption for the coming four years, and in-creasing application platform capability across all classes of mobile phones is spurring a new frontier of innovation, particu-larly where mobile capabilities can be integrated with location, presence and social information to enhance usefulness.

• MobileADisrapidlymovingthroughitsadolescence,trig-gered by a broad increase in demand for all categories of mobile applications: business-to-consumer (B2C), busi-ness-to-employee (B2E) and B2B.

• Theverydefinitionofapplicationsischanging–manymobileapplications are mere shells (or hybrid) apps or applets – Web-technology-oriented, but wrapped in native device code.

Market Implications:

• Smartphonesandtablets representover90%of thenet-newgrowth in device adoption for the coming four years, and the increasing application platform capability across all classes of mobile phones is spurring a new frontier of innovation, particu-larly where mobile capabilities can be integrated with location, presence and social information to enhance usefulness.

• Webenablement,especiallywiththeadventofHTML5,isakey part of mobile application strategy, native or rich mo-bile AD demands are being triggered in all three areas:• In B2C, due to the marketing/advertising impact of

app stores, as well as the huge financial potential of targeted context-aware advertising and offers, most CMOs are demanding applications, which can add even greater value or opportunity if they are resident and provide stickiness to consumers. In addition, many media-rich or gaming applications require native mobile development. For consumer-facing enterprises, such as retailers and consumer packaged goods, mobile consumer application strategies cover Web, native and messaging (SMS/MMS) channels, and comprehensive strategies are linking these together.

• InB2E,bringyourowndevice(BYOD)ishavingamajorim-pact on user demand, especially in requests for supporting

applications on tablets – employees are accustomed to the app store provisioning model, and the consumerization of IT is raising expectations around mobile application experi-ence. Consumerization and the scale of the smartphone and media tablet market are also causing organizations to con-sider consumer-grade devices for things like field sales, field service, survey taking, analytics and inventory. In contrast, in B2E, many enterprise application vendors are moving toward portals that adapt, further reducing the number PC-targeted, client-side projects.

• B2Bmobileapplicationsareveryimportantformanyen-terprises, and present a unique challenge – B2E-type re-quirements for security and functionality that can exceed what Web/portals can achieve, but B2C-type require-ments, in that, in most cases, organizations cannot dictate the devices being used for mobile applications.

• Thefactthatthedefinitionofapplicationsischangingtoahybrid model of Web and native functions wrapped together lowers the barriers to creation. The bottom line is that inno-vation is moving to the edge for mobile devices; whereas, in 2011, Gartner estimates app development projects target-ing PCs to be on par with mobile development, future adop-tion (e.g., the installed base of smartphones and tables) will triple from 4Q10 to 1Q14, and will result in the vast major-ity of client-side applications being mobile only or mobile first for these devices – a ratio that Gartner estimates at four new mobile AD projects for each PC-oriented project.

Recommendations:

• AD organizations should perform a mobile-only, mobile-first, or legacy assessment of AD. Too many developers still assume that desktop applications are needed, or that legacy applications need to be moved forward.

• Virtualization(CitrixReceiverandWysePocketCloud)isbe-ing used to project PC applications to tablets today, and while the user experience is, in many cases poor, there are cases where this approach can be used to avoid further in-vestment in those projects.

• ComplementtacticalinvestmentsinmobileADtools(whichwill remain volatile through 2015) with an understanding of the trade-offs of six styles of mobile application architecture (thick, thin, rich, streaming, messaging and no client).

Cloud Security

Strategic Planning Assumption: By 2016, 40% of enterprises will make proof of independent security testing a precondition for using any type of cloud service.

19

Analysis By: Joseph Feiman

Key Findings:

• Cloudsystems,andtheinterfacesthroughwhichtheyservicetheir clients, can often be exploited by such attacks as SQL in-jection, cross-site scripting and cross-site request forgery, which could result in the loss of sensitive information, unauthorized asset transfer and system behaviors that endanger system users (individuals and enterprises, humans and equipment).

• Conventionshavenotyetbeendevelopedfortheappropri-ate level and form of security testing of cloud providers’ technologies, and expectations for provider transparency have not been well-established.

Market Implications:

• Cloudprovidersofallkinds–includingprovidersofappli-cation operations, data management, infrastructure man-agement and security – will become top targets for hackers from all over the world. This is because cloud providers store critical data from a large number of cloud clients, which, from the hackers’ viewpoint, is worth stealing, and run applications that are worth abusing. For this reason, while enterprises are evaluating the potential cloud benefits in terms of management simplicity, economies of scale and workforce optimization, it is equally critical that they care-fully evaluate cloud services for their ability to resist security threats and attacks.

• Enterpriseswillbeunable to testcloudproviders’systemsthemselves for a number of reasons. The applications the cloud provider uses to service its clients are its most valu-able intellectual property, and the provider will likely be reluctant to grant access to them for inspection purposes. Moreover, even when inspection is authorized by the cloud provider, most enterprises do not have the necessary skills or resources to conduct such security testing. For this rea-son, many enterprises will use cloud services brokerages as the inspecting agency.

• Vendorsofapplicationsecuritytestingtechnologies–bothstatic application security testing (SAST) and dynamic ap-plication security testing (DAST) – will play a critical role in the third-party independent testing and compliance veri-fication of outsourced, packaged and cloud applications. Most of these vendors have already begun to deliver their capabilities as services, offering them alongside their application security products. Some startup vendors have focused exclusively on security as a service and do not offer products at all. This is further advancing SAST and DAST vendors’ capability to test cloud providers’ systems.

• Gartner believes that inspectors’ certifications will even-tually – around 2016 – become a viable alternative or complement to third-party testing. This means that instead of requesting that a third-party security vendor conduct testing on the enterprise’s behalf, the enterprise will be satisfied with a cloud provider’s certificate stating that a reputable third-party security vendor has already tested its applications.

Recommendations:

• Demandassurancesfromcloudprovidersthattheirsoftwarehas been tested for security vulnerabilities. Security testing of cloud providers’ systems conducted by reputable independ-ent application security testing vendors is a preferred option. An alternative is security testing conducted by the cloud pro-vider itself.

• Acceptsecuritycertificatesissuedbytrustedsecurityvendorsifthey meet your industry’s and enterprise’s security standards.

• Seek cloud services brokerages that demonstrate a profi-ciency in security inspection, auditing and certification.

Content Management

Strategic Planning Assumption: At YE16, more than 50% of Global 1000 companies will have stored customer-sensitive data in the public cloud.

Analysis By: Gavin Tay

Key Findings:

• With thecurrentglobaleconomy facingongoing financialpressure, organizations are compelled to reduce operational costs and streamline their efficiency. Responding to this im-perative, it is estimated that more than 20% of organizations have already begun to selectively store their customer-sensi-tive data in a hybrid architecture that is a combined deploy-ment of their on-premises solutions with a private and/or public cloud provider in 2011.

• In 2010,more than 40%of data archiving deploymentsthat contained sensitive data were to the cloud. Many CIOs rank the improvement of their agility very high, but fear the trade-off in introducing greater risk, such as lapses in security, compliance, audit, availability, reputation or, im-portantly, custody of their critical data. Leaders of organiza-tions must realize that by going to a hybrid architecture, not only will they add significant complexity, but they will also continue to bear both the tangible and intangible costs of running multiple environments.

20

Market Implications:

• Asglobalorganizationscommenceaprogressivejourneytothe public cloud, their primary objectives to consistently de-light patriotic and new customers, as well as improve busi-ness performance, will continue to remain a priority. In so doing, organizations will reduce operational costs, gain ef-ficiency, increase business agility and attain regulatory com-pliance. This journey to the public cloud will take organiza-tions to the next level to fulfill these objectives; however, it will inevitably prove to be one with its fair set of challenges. They include:

• Organizationsoperatingincountriesthatrequiredataresi-dency, each with its distinct laws.

• Thedataprivacylawsofworldgovernments,forexample,intrusion of privacy by mining data of public clouds.

• Security risk and vulnerabilities (e.g., physical, network,software platform and auditing/governance policies) of the public cloud infrastructure will change as the cloud evolves.

• Lackofstandardsforinterclouddependencyorintegration.• Organizationswillrecognizetheneedtore-engineertheir

business processes and governance/data retention policies as they embark on the public cloud. The growth of organi-zational roles such as legal counsel, infrastructure planning engineers, and network and security specialists will be in much greater demand.

Recommendations:

For international information communication authorities:

• Governingbodiesfromallcountriesshouldcollaborateona mutually developed cloud standard and framework of operation, such as the Cloud Data Management Interface from SNIA.

• Harnesstheireffortsinbeinganadvocateforgreaterregu-lation in public clouds, and examine providing legal as-sistance, particularly smaller organizations that have pro-ceeded with initial adoption.

For organizations:

• Continuepilotsandactiveprojectsusingpubliccloudoffer-ings with less sensitive data before progressing to customer-sensitive data, such as finance/accounting, CRM, project management, supply chain management, HR, manufactur-ing, business partner management, etc.

• ITleadersshouldexaminethenuancesandriskofapubliccloud or, conversely, should prepare better in anticipation

of their adoption, for example, disaster recovery, high-avail-ability SLAs, authentication vulnerabilities, in-country regula-tions for data retention and application compatibility.

• Weighthetangibleandintangiblecostsofeachrisk.Exam-ples of questions to ask include:• Howmuchdoesitcosttomigratefromonepubliccloudpro-

vider to another (traces of intellectual property left behind)?• Howmuchmoneyand/orreputationwilltheorganization

suffer from downtime (unrecoverable data)?• Legalcounselsoforganizationsshouldassessthejurisdiction

of data ownership in the event of a liquidation or seizure, especially when operating on a global platform.

• Network and security specialists should conduct a walk-through of the vendor’s data center for compliance or audit checks as they would their organization’s infrastructure.

IT and Operational Technology

Strategic Planning Assumption: By 2015, 35% of enterprise IT expenditures for most organizations will be managed outside the IT department’s budget.

Analysis By: Brian Prentice

Key Findings:

• Most ITorganizationsareallocating80% theirbudgets to“keep the lights on” expenses. The other 20% of IT spending is for activities that grow and transform the business.

• Next-generationdigitalenterprisesarebeingdrivenbyanewwave of business managers and individual employees who no longer need technology to be contextualized for them by an IT department. These people are demanding control over the IT expenditure required to evolve the organization within the confines of their roles and responsibilities. Numerous ex-amples of this pressure exist today:

• Cloudcomputingisexpectedtogrowto20%ormoreofthetotal IT budget by 2013. Our research indicates there is al-ready significant non-IT involvement in decision making with finance, marketing, HR and other business, acting as key stakeholders between 25% to 30% of the time and funding computing services between 10% to 30% of the time.

• Global spending onmedia tablets is forecast to increaseat an annual average rate of 52% through 2015. That is set against a backdrop of weakening demand for traditional PCs in developed economies. These devices will have an increased impact on the enterprise, yet it is users who are driving both the purchases and, as a result, the platform sup-port decisions required by the IT organization.

21

• Aligning physical-equipment-oriented technology (opera-tional technology), developed, implemented and supported separately from the IT groups with traditional IT systems is surfacing as a general management concern. While an in-tegrated approach is required, IT organizations must ulti-mately recognize that line-of-business managers are in the best position to steer the practical application of building control systems, geological modeling tools, automated pro-duction and broadcasting equipment or warehouse auto-mation systems.

Market Implications:

• Aconstant refrain fromCIOshasbeen thedesire todrivegreater alignment between the IT organization and the rest of the business. Underlying this wish was the hope that the business would better understand the inherent potential of IT. That wish is rapidly coming true, but not necessarily in the way most in the IT profession would have imagined. Rather than seeking IT professionals help to apply established IT products within established IT practices, non-IT professionals are understanding the transformative potential of digitization and are applying these ideas in their own way.

• Themodernmarketingorganization isaperfectexample.As recently as 15 years ago, marketing was dominated by creative thinkers who obsessed over ephemeral brand messages, while taking great pride in a 5% response rate on direct mail campaigns. Today’s marketing profession is obsessed with gathering and analyzing information. They have an increasingly nuanced understanding of social me-dia borne from constant trial and error. They are driven by a direct and quantifiable impact on revenue. The modern marketing managers’ understanding of the role technology plays in achieving each of these results has eclipsed that of the average IT professional. This dynamic is playing out across departments – from supply chain managers to HR directors. Even individual employees are applying technol-ogy to improve personal productivity more rapidly than IT organizations can keep up with.

• As business managers and employees see the increasedvalue in IT and a diminishing value proposition from IT de-partments, the resulting dynamic will play out for the fund-ing processes. CIOs will see some of their current budget simply reallocated to other areas of the business. In other cases, IT projects will be redefined as business projects, with line-of-business managers in control. More organizations will find themselves exploring employee-funded devices. IT

spending will continue to increase, but CIOs will have dimin-ished control over it. A majority of organizations – between 50% and 60% – will see IT expenditures managed outside the IT department growing to 35% of total spending. By and large, this will not be offset by equivalent reductions in the IT department’s budget, as Gartner sees an ongoing increase in IT budgets of 1.5% to 2.5% over the next four years. How-ever, this extent of IT expenditure within the business is not universal. More conservative organizations – roughly one-quarter – will see a lower level of IT expenditure outside the IT department. This will more likely be 20% to 25%. The re-maining one-quarter, with highly conservative IT and non-IT professionals, will see little to no IT expenditure outside the IT department.

• Ultimately,CIOswillfindthemselvesfacedwithanexistentialquestion – are they ultimately being asked to do the same or more with less, or do they need to recast their organiza-tion’s value proposition in the context of a changed business landscape and funding assumptions.

Recommendations:

• CIOsshouldincreasetheirfocustowardconnectivetechnol-ogy – the enabling tools that tie business solutions together. Connective technologies include master data management, business intelligence (BI) and analytics, business process management (BPM) suites, composition technology, process and data integration, service-oriented architecture (SOA) governance technology, and identity and access manage-ment architectures.

• Putthe“I”backinIT.ManyITorganizationsareskewedto-ward technology when the emerging digital enterprise thrives on information. While individual lines of business will gener-ate and analyze large volumes of data, it is the IT organi-zation that is best positioned to act as the data caretaker. Central to achieving this outcome is to recognize that data is an asset in its own right – not a theoretical asset, but one that should ultimately be accounted for in the organization’s balance sheet.

Supply Chain

Strategic Planning Assumption: By 2014, 20% of Asia-sourced finished goods and assemblies consumed in the U.S. will shift to the Americas.

Analysis By: Michael Dominy

22

Key Findings:

• Political, environmental, economicand supply chain risksare causing many companies serving the U.S. market to shift sources of supply – whether they are toys, toothpaste, equipment subassemblies or commodity parts that go into finished products – from Asia to the Americas, including Latin America, Canada and the U.S. Except in cases where there is a unique manufacturing process or product intellec-tual property, most products are candidates to be relocated.

• NorthAmericanenterprisesunderestimatethetotalsupplychain costs of offshoring the supply network to Asia. Esca-lating oil prices globally and rising wages in many offshore markets, plus the hidden costs associated with offshore out-sourcing, erode the cost savings that didn’t account for criti-cal supply chain factors, such as inventory carrying costs, lead times, demand variability and product quality.

• Double-digiteconomicgrowthinmanyoffshoremarketsmeansa larger portion of output generated in those markets will be consumed within those markets instead of being exported to developed markets. Locating manufacturing or sourcing from suppliers that are closer to customer demand enables enter-prises to respond faster, thereby reducing risks, lead times and costs, including transportation and inventory carrying costs.

• Thereareexamplesofmanufacturersacrossindustriesandre-tailers shifting manufacturing or sourcing locations from China to the Americas. Manufacturers of products for which labor is a smaller percentage of total cost, or whose quality and intellec-tual property concerns are more pronounced, have been more inclined to move production back to the Americas.

Market Implications:

• Customer demand for service excellence and increasedproduct choice at competitive prices are driving brand own-ers to reassess the value delivered by their supply networks. Sacrificing lead time for reduced unit costs will be insuf-ficient to satisfy this customer requirement.

• Enterprisesmustanalyzetheirsupplychainnetworks.Theyneedcapabilities to perform supply chain segmentation and a more comprehensive cost-to-serve analysis that includes agility and risks, such as excess or obsolete inventory, quality problems and intellectual property theft, in addition to per-unit costs.

• Supplychainrealignmentswillbecomeapublicrelationschallenge. Decisions that involve repatriating operations will be lauded, while those that involve outsourcing will be criticized. Executives will need to develop a deeper un-derstanding of their supply chain network and the dynam-ics associated with orchestrating the flow of information, material and goods across internal and external facilities and operations.

• Thenetresultisthatenterpriseswillneedhelpassessing,rede-signing and transforming internally oriented supply chains into market-focused, demand-driven value networks. Supply chain service providers, including consulting and advisory firms, will need to deliver more sophisticated and comprehensive sup-ply chain assessments that can model various scenarios, and represent them in strategic and financial terms that chief ex-ecutives and boards of directors can understand.

• ThepersistentlyhighunemploymentrateintheU.S.willleadmore states to offer tax breaks to companies that set up local operations.

Factors that will cause the prediction to come true:

• Asian, and especiallyChina’s, policies regarding currencyvaluation and exchange rates do not change dramatically.

• Incentivesofferedbynationalandlocalgovernmentswithincountries in the Americas continue or expand.

• Fuelpricesincrease,withoilpricesreaching$100ormoreper barrel.

• ContinuedgeneraleconomicgrowthinAsiancountries,andChina specifically, will consume an increasing amount of ca-pacity and manufacturing output produced by China.

• Persistingconcernssurroundintellectualpropertyprotection.• ProductivitygainsintheAmericascontinuetooffsettheAsian

total cost advantage.• Theability to respondmorequickly todemand,especially

volatile demand, in American markets makes it necessary for enterprises to have shorter supply chains, with manufactur-ing plants being located closer to points of demand.

Factors that could cause the prediction to be false:

• SignificanteconomicpolicychangesbyChina.• Rapidrecoveryandensuing inflation in theU.S.Theresult

would drive up wages and other costs in the U.S.• Fallingfuelprices.• Another global recession similar to that of 2008

to 2009.• Amajor destabilizing event that disruptsMexico’s govern-

ment or business environment, or intensified challenges to law and order in Northern Mexico. Mexico is one of the most attractive nearshore manufacturing locations to supply North America, but continued problems with violent crime in and around these regions is of major concern.

Recommendations:

• Enterprises need to institute strong cross-functional planning processes that enable them to better understand demand and make conscious choices that balance the

23

trade-offs associated with the structure and operation of the supply network.

• Enterprisesshouldstartcatalogingtheircurrentuseofsup-pliers and outsourced manufacturers. Identify who is provid-ing what services, and where and long contractual obliga-tions run. Document key contractual terms and conditions, including when the contract is due to expire or renew. Un-derstanding and detailing all relationships will make it eas-ier to identify the opportunities and challenges associated with moving sourcing locations from Asia to the Americas.

• Enterprisesmustsegmenttheirsupplychaintypesandcon-duct a cost-to-serve analysis to understand how many sup-ply chains they have, and the performance of each. Doing so will enable enterprises to make better decisions regard-ing offshoring, nearshoring and “reshoring.” It will also help enterprises identify which initiatives are required to align in-ternal operational capabilities with each supply chain, and what capabilities to seek from external providers.

• Organizationsandsupplychainserviceprovidersneedtodevelop or enhance their network design, supply chain seg-mentation and cost-to-serve services. Analytical and mod-eling tools will need to replace spreadsheets and sample data. Outsourcing providers will need to form and foster relationships that enable them to present the right balance between services for low-cost operational excellence and services designed for flexibility and agility. As enterprises segment and better understand their supply chains, out-sourcing providers with both types of services will have an advantage over those only offering either operational excel-lence or agility.

Security and Risk

Strategic Planning Assumption: Through 2016, the financial impact of cybercrime will grow 10% per year, due to the con-tinuing discovery of new vulnerabilities.

Analysis By: John Pescatore

Key Findings:

• AsITdeliverymethodsmeetdemandfortheusecloudser-vices and employee-owned devices, new software vulner-abilities will be introduced, and innovative attack paths will be developed by financially motivated attackers.

• Theconsumerization trendwill cause continuingdisconnectsbetween the use of consumer-grade services and devices, and enterprise-oriented processes and governance approaches, enabling attacks against critical business and customer data

.

Market Implications:

• At every major change in the way IT gets delivered (go-ing from mainframe to client/server, client/server to Web, etc.), software development and IT operations management processes break, and new forms of vulnerabilities are intro-duced and exploited by attackers. In the 2011 to 2016 time frame, IT delivery is changing to add the use of cloud-based services and support the use of employee-owned laptops, smartphones and tablets.

• Atthesametime,cyberattackshavemovedfromsimplevan-dalism to targeted, financially motivated attacks that use so-phisticated techniques to evade detection and steal sensitive business and customer data. These methods are often used later by politically motivated attackers (such as Anonymous), as well as nation-launched attacks, often called advanced persistent threats. In 2011 alone, Sony had to publicly an-nounce security incidents that cost over $200 million, and RSA filed U.S. Securities and Exchange Commission (SEC) statements acknowledging direct costs of over $65 million. Other companies have seen all of their corporate emails published on the Internet, with enormous financial impact.

• Thecombinationofnewvulnerabilitiesandmore targetedattacks will lead to continued growth in bottom-line financial impact due to successful cyber attacks. Recognizing this, the SEC issued guidance detailing circumstances that will re-quire publicly traded companies to fully disclose the impact of security incidents.

Recommendations:

• Enterprisesneedtoensurethattheyareevolvingtheirsecu-rity defenses and processes to deal with changing vulner-abilities and changing attacks.

• Tomeetthedemandsofchangingdeliverymodelslikethecloud and the use of smartphones and mobile devices, en-terprises must make a radical change in how they manage and secure IT.

Cloud Computing and Sustainability

Strategic Planning Assumption: By 2015, the prices for 80% of cloud services will include a global energy surcharge.

Analysis By: Steve Prentice and Jorge Lopez

Key Findings:

• Astransactionvolumesatcloud-baseddatacentersgrow,so the hardware and software costs per transaction fall,

24

leaving operational costs, especially energy consumption, to increase as a component cost.

• Inthecurrentbusinessclimateofglobaleconomicvolatil-ity and ongoing political uncertainty in key oil producing regions, allied with rising pressure for governments to meet sustainability targets, a continuing upward pressure on en-ergy prices appears inevitable.

• Withakeycostcomponentoutsidetheircontrolandsubjectto short-term volatility and potentially large price increases over the long term, isolating this cost element and passing increases onto the user as a surcharge avoids potentially crippling cost increases, or substantial and recurring con-tractual renegotiation.

• The continuing focus on carbon emissions and sustaina-bility issues enables a visible and clear isolation of energy consumption, even for transactions undertaken outside the organization’s data centers, which is likely to be important for future carbon trading schemes.

Market Implications:

• With the increasing scale of cloud-oriented data centers,allied with growing transaction volumes and increased computing efficiency, the actual cost breakdown of a single transaction is steadily evolving. Hardware, software and fa-cility costs are all declining as a result of scale, Moore’s law and increasing volume. As a result, energy costs (both to power the hardware and to dissipate the resultant heat) are steadily increasing as a percentage of overall transaction costs. With electricity prices inexorably rising, driven by in-creasing fuel costs and greater sustainability concerns (and their associated costs), this situation will only get worse. It is exacerbated by ongoing volatility and unrest in leading oil-producing regions and ongoing financial turmoil in the global markets. As politicians are driven to deliver against previous promises of carbon emission reduction targets, but are squeezed by funding limitations and investor caution to invest heavily in renewable sources, prices are likely to rise even further as volatility continues for several years to come.

• Whilecloudoperatorscanmakestrategicdecisionsaboutlo-cations, tax subsidies are no long-term answer to managing costs, and investments in renewable-energy sources remain costly. Cloud operators, therefore, face a future in which an increasing element of their cost structure is externally influenced and controlled, highly volatile and under significant upward pressure due to sustainability issues. Some cloud data center operators already include an energy surcharge in their pric-ing package, and we believe this trend will rapidly escalate to

include the majority of operators – driven by competitive pres-sures and a “me too” approach. Linking this surcharge to global energy prices will help average the costs across different regions, and will allow an externally determined and clearly identified base index to be used to determine the surcharge. By visibly highlighting the energy component, they also highlight the sus-tainability issues surrounding carbon emissions that many cloud users have sought to conveniently avoid by moving transaction processing off their premises and systems. A visible energy sur-charge neatly transfers the onus (and carbon emissions) back to the user – which is likely to be a significant issue as carbon trading schemes emerge more strongly.

• In the long term, the surcharge could become a variablecomponent (capable of falling and increasing), although this seems unlikely given the global trends and the focus on long-term sustainability.

Recommendations:

• BusinessandITleadersandprocurementspecialistsmustex-pect to see energy costs isolated and included as a variable element in future cloud services contracts.

• Thisadditionaluncertainty representsan increasedbusinessrisk and price volatility that must be considered in the decision to move toward externally sourced cloud-based services.

Information Management

Strategic Planning Assumption: Through 2015, more than 85% of Fortune 500 organizations will fail to effectively exploit big data for competitive advantage.

Analysis By: Steve Prentice

Key Findings:

• Current trends in smartdevicesandgrowing Internetcon-nectivity are creating significant increases in the volume of data available, but the complexity, variety and velocity with which it is delivered combine to amplify the problem sub-stantially beyond the simple issues of volume implied by the popular term “big data.”

• Collectingandanalyzingdata is not enough– itmustbepresented in a timely fashion so that decisions are made as a direct consequence that have a material impact on the productivity, profitability or efficiency of the organization. Hence, technical and management capabilities both need to be established in order to progress from data to decision.

25

• Mostorganizationsareill-preparedtoaddressthetechnicaland management challenges posed by big data; as a direct result, few will be able to effectively exploit this trend for competitive advantage.

Market Implications:

• As the number and diversity of smart devices grows, sodoes the volume of data they generate. Increasing storage of data in the cloud and enhanced public access to this amplifies the issue. New types of data – location, time, state of sensors, for example, together with increased volumes of rich media – serve to further increase the avalanche of data facing organizations. Over this decade alone, data volumes across the Internet are expected to grow 300-fold as the number of Internet-connected devices grows rapidly.

• As a result, most organizations will face the challenge ofaddressing the issues of big data. It is unfortunate that this popular term focuses the attention on the volume of data alone. While volume is an issue, the complementary aspects of velocity (the speed with which data is being presented), variety (the broad range of data types being presented) and complexity (especially around the growing volume of unstruc-tured data from social networks and elsewhere) are equally challenging. Hence, big data is actually better thought of as a popular term for the extreme information management is-sues that arise when accessible data starts to overwhelm the existing information management infrastructure.

• Storage,processingpowerandbandwidthwillallbecomesignificant challenges for most enterprises, although the pain point will be felt at different levels of scale. Even where the enterprise infrastructure can collect, process and pre-sent incoming data in a usable and timely manner, there remains the cultural and organizational issues associated with management receiving the information, trusting the

information and making a decision in an appropriate time frame to effect a material change in outcome. Notwithstand-ing the demand by business leaders for better information with which to make fact-based decisions, at the heart of some of these challenges lies the erosion of the personal power and long-standing expertise by which decisions are normally made. These will at best delay and at worst prevent useful decisions from being made in many organizations.

• Thecombinationoftechnicalchallenges,culturalandorgani-zational challenges, and the relentless increase in accessible data available and being presented leads us to the conclusion that the majority of organizations will fail at one or more of these steps, effectively reducing their ability to gain a competi-tive advantage from big data through at least 2015.

Recommendations:

• CIOs and IT leaders should consider the technical issuessurrounding extreme information management (or big data), but should not be overwhelmed by the potential scale of the challenge. They should focus their attention on areas where improved utilization of specific data will deliver timely and trusted input to defined business decisions with a material impact and measurable business benefit.

• Businessleadersshouldconsidertheirmostvaluableandcriti-cal business processes, and should evaluate which additional data would deliver a material and measurable improvement in business outcome. They should actively engage with IT to ensure that the complete cycle from data to decision is en-acted to ensure an effective and a positive outcome.

Source: Gartner Research G00226767, Daryl Plummer, Peter Middleton, Matt Cain, William Clark, Claudio Da Rold, Michael Dominy,

Joseph Feiman, Michael Gartenberg, Jorge Lopez, Sandra Notardonato, John Pescatore, Brian Prentice, Steve Prentice, Gavin Tay,

23 November 2011

26

About HCL

Established in 1976 as an IT garage setup, HCL is a $6.2 billion leading global tech-nology and IT enterprise comprising two companies listed in India - HCL Technolo-gies and HCL Infosystems. HCL leverages its extensive global offshore infrastructure

and network of offices in 31 countries to provide holistic, multi-service delivery in key industry verticals including Financial Services, Manufacturing, Consumer Services, Public Services and Healthcare. HCL takes pride in its philosophy of ‘Employees First, Customers Second’ which empowers our 88,000 transformers to create a real value for the custom-ers. Since its inception into the global landscape after its IPO in 1999, HCL Technologies, a leading global IT services company, focuses on `transformational outsourcing’, under-lined by innovation and value creation, and offers integrated portfolio of services includ-ing infrastructure management, software-led IT solutions, engineering and R&D services and BPO. The company’s fastest growing line of business HCL Technologies Infrastructure Services Division, also known as HCL ISD, manages mission critical environments and handles over 3 million devices for over 1.7 million end users.