As some one said, “A bank is a place where they lend you an umbrella in fair weather and ask for it back when it begins to rain.” It is funny, yet it is true. According to Ernst & Young and it’s 10 commandments for businesses this year, Enterprises should focus on its cash assets via cost reduction. Manage it well as it is the most precious asset that businesses hold. Ensure that even if your revenues are dropping, you have sufficient cash to meet your obligations. Secondly, pay attention to risk management as unidentified risk can lead to catastrophic results – shown by 2008. Try to ensure that effective risk management is tied directly to business priorities.

Hence the business case for many IT initiatives should essentially focus on cost reduction and risk management. Following are the areas that I believe should be focused upon –

• Secure Your Data: Hard times always generate an increase in security exposures. New Year is a good time to review your security — and remember to include a review of physical security of data and all hardware on which it resides, from servers to laptops to handheld devices. Perhaps the most ignored area by Enterprises is the test data management practices, most security leaks tend to originate from here.
• Rationalize Your Applications: Organizations tend to accumulate obsolete applications. This is an excellent time to conduct a review of all apps in the environment with an eye to consolidating the product portfolio, and establishing and enforcing corporate standards. This can save money on unneeded software licenses, hardware to run that software, and personnel to manage it.
• Manage Your Information Lifecycle: Enterprises should embrace data archiving to move older data to a lower, less-expensive storage tier, along with data purging, thus making production applications leaner and improving overall applications performance.
• Virtualize Your Environment: PC, server, and storage virtualization is growing in use and will be fostered by the tough economy as organizations make the most of the spare capacity they have in-house. Storage technology, server operating systems, and ITOM are among the segments that will benefit from virtualization. You will be better off starting with ILM before virtualizing, as ILM makes the infrastructure lean and makes the Virtualization projects less riskier and easier to implement.
• Institute Green Management Practices: Reducing power and cooling, minimizing printing and paper use, recycling, disposing of old equipment properly, and other Green operations methods can save money and have other business benefits while also decreasing environmental impact. Implementing ILM, Virtualization and Test Data Management can cut the servers & storage, this could be the first step to introducing Green IT to your data center.

Finally, we want to express our sincere appreciation to our customers, partners, and our employees, who have helped us make 2008 a great year, in spite of the tough economy. We wish them and their families the very best for 2009. This will be a happening year for Solix, as our technology rightly fits to the need of the hour for many enterprises.

The latest report by Gartner indicates that ILM market has established credibility and has reached its launch pad and is beginning to take off. We are happy to note that our market share had indeed doubled since the last Gartner report. The growth we are seeing since 2004 when Solix EDMS was initially launched, is quite spectacular. All signs indicate that the market is primed for the hockey stick growth.

• Best estimates are that all ILM vendors together have captured less than 1% of the worldwide market and databases are growing in number and size. The opportunity for all data management vendors, therefore, is huge and growing.
• Software vendors are stopping development of application-specific data management solutions as their customers are rejecting in favor of a strategy of having a single data management tool set that works across all applications, operating systems and databases across the Enterprise.

The economy, however, is having a major effect on this otherwise optimistic situation. While prospects are very interested in the ILM product and in theory have the budget to buy, often they are having problems getting that money released as companies are deferring their spending.

However, the new economy demands new strategies. We have been experimenting on around a new pay-as-you-go, pricing model designed to help prospects get our tools without having to fund the full licensing cost up front. The results are indeed encouraging. The disadvantage of this is that we only realize part of the income from each sale up front, with the rest coming in over the term of the agreement. While this hurts our immediate revenues, this can be very beneficial to prospects who are looking to acquire the solution but unable to because of tight economic conditions.

None of us know how bad the present recession will last. But it is comforting to realize that even in the worst worldwide depression of modern history, the Great Depression of the 1930s, companies that are innovative not only survived but prospered. Solix will now be the first vendor in ILM space to offer subscription based pricing. We can now say to organizations who need Enterprise data management tools but are having problems getting the budget allocated to buy the product outright, “Talk to us. We have the flexible pricing plan to help you.”

I am sure you are thinking, ‘What is this guy talking about? eDiscovery is not milk or fruit…. What is this organic eDiscovery stuff?’

Wherever I go these days, people seem to be talking about eDiscovery. Certainly every email archiving company talks about it. But truly, none of them have a complete solution that can span across all enterprise data — text, images, spreadsheets, documents, audio files, animation, Website and computer programs, across desktops, servers and across network; and I have yet to see a single solution that can handle structured data. Yet this data is very important to enterprise-wide searches; for instance to answer discovery in civil torts. Any eDiscovery solution that cannot examine the data in the organization’s databases leaves you only half-covered, like going to the court without your trousers.

Now you see where I am going with organic eDiscovery. The challenges are daunting. Before you can deploy a search across all enterprise applications, you have to understand all enterprise data. Typically, according to Gartner, Forrester, etc., IT maintains six copies of each production application database to cover testing, training, and development along with, of course, actual production and backup. Obviously search speed can be boosted dramatically by ignoring these copies, particularly since important subsets of the data in most of them should be masked anyhow. So once you understand the duplicate copies, you can optimize the overall search.

Now that we agree that data in enterprise apps need to be searched and that we need to ignore all the duplicate data; the next question is how do you search these very complex databases, with their thousands of tables, multiple versions, patches, and lots of moving parts. First you need to collect each application’s metadata and this requires an enterprise metadata management tool. Most of these solutions, such as Solix Enterprise Data Management Suite(EDMS), include a central repository tool to manage all enterprise metadata and track changes with upgrades and patches. Deploying an enterprise data management solution not only helps in creating a leaner infrastructure, faster applications and in controlling cost of storage, but also becomes the foundation for deploying a true enterprise-wide search/eDiscovery solution.

We just announced our integration with Oracle Universal Online Archive (UOA) to provide document, email, and application data management. This integration lays the foundation to eventually deploy a eDiscovery solution that can span across all enterprise data. With billable rates for junior associates at many law firms now starting above $200 per hour, the cost to review can be enormous. Investing in building the foundation for eDiscovery for review faster and review less prepares the organization for this tight economy.

I hope to see you at our booth, # 2623, Moscone South, at Oracle Open World. Let us explain how Solix EDMS with Oracle UOA can provide the eDiscovery foundation for you.

After my last blog (CIO To Do List – The Challenge of Protecting Sensitive Data), we surveyed several CIOs on their management of test data. What we found is that many of those we talked do not seem to appreciate the immense risk that test data taken from live databases could fall into the wrong hands and reveal competitive secrets to competitors and others, severely damaging their organization’s position in the marketplace.

The initial response of most CIOs we contacted is that they are aware of the danger of test data exposing sensitive information, and their staff is doing an adequate job of protecting that data. However, when asked what data they consider sensitive, few mention competitive information. And none of them were able to explain how their staff monitor test processes to ensure security and privacy of sensitive data. And they had no answer to the question of how they ensure their IT staff doesn’t misuse their data access privileges.

The focus of almost everyone contacted is on the legal implications of losing Social Security or credit card numbers and similar personal identity information of their customers. Of course these issues have been almost constantly in the news for several years, and companies and government agencies have gotten black eyes when someone gets careless with a laptop holding parts of their customer database. As a result, most CIOs seem to think that all they have to do is mask a few key fields in their test databases and end up masking few sensitive fields. This might meet specific legal requirements, but it does nothing to protect vital competitive secrets.

However, when asked about competitive information such as bill of materials, price lists, or discounts, almost all agreed that they were not doing enough to address the security of this data. What bothers me most is that most of those we talked don’t seem to realize that the loss of this information can damage their businesses at least as much as the loss of a customer database. And this information is commonly included in test databases. Imagine your company going into a competitive bid against a competitor who knows exactly how much of a discount you will offer the customer. And that is just one scenario. A leak of employee information could let a competitor raid your company for its top producers; manufacturing methodologies could be very valuable to a foreign competitor who wants to raid your markets; drug discovery information can be worth hundreds of millions of dollars. The list goes on. You could be losing vital information, putting company at a serious disadvantage in the marketplace, and have no way to figure out what was lost, what its business value is, or where the leak is. In fact, few companies even have systems in place to monitor how test data is used, who handles it, and whether and under what conditions it is shared with vendors and outside contractors.

And in some cases the exposure may reach far beyond the test data itself, into the heart of the company. If the test data comes from a system that is integrated with the corporate ERP, CRM, or financial solution, it could conceivably contain the security keys supporting that connection. If so, it could become an open door into those systems that any competent competitor could use either to extract copies of production data or, worse, to introduce false data.

And the risk is not just that outsiders such as vendors may get this data. Who watches the internal IT people who have access to this data? For instance, test data extracted from corporate HR could easily give IT employees – and employees of contractors who often also have unrestricted access to test databases – accesses to information that should not be allowed out of HR. Yes the names are redacted, but that doesn’t even begin to answer the security issues involved. Just the rumors that could start – that have started from this one scenario – are the stuff of nightmares.

The bottom line: The data security problem involved with test data is immense; few organizations appreciate the magnitude of the problem; and masking a few fields in production data does not even begin to address the problem. This is a comprehensive data security issue.

As a result, we are announcing a Data Privacy pack for Oracle applications starting at $25K. This provides a comprehensive solution that can extend to multiple environments at a starting price point. We firmly believe that CIOs need to address the test data security issue immediately and that this product will put them far ahead at a low cost in both money and time.