No-one goes into IT just to maintain and tweak old
applications. The main attraction is always in creating new
systems, preferably using the latest technology. Systems
development not only makes life a lot more interesting, but when it
comes to finding a new job, it certainly adds lustre to the
CV.
But real life rarely lives up to our dreams, and IT is no
exception. Legacy systems need to be kept going and unless they hit
serious problems, companies are usually loath to change them. So a
lot of time gets taken up with patching and mending rather than
starting from scratch.
According to the last available expenditure statistics from the
National Computing Centre
(NCC), which apply to 2006, a whopping 68% of all IT spend goes
on running and keeping systems going, and only 28% goes on capital
expenditure and development.
The figure varies by industry. Business services, transport,
utilities and finance spend more than 30% of their budgets on
development, while government (local and central), education and
manufacturing spend less than 25%.
For the last decade, the general rule of thumb has been that
two-thirds of the IT budget goes on operations and one-third on
development. That, however, could be about the change, due to a
number of factors.
As the recent sensationally successful flotation of
VMWare proved,
virtualisation has become big business, and for good reason.
Companies have woken up to the fact that they own vast estates of
servers but that the utilisation rate for each machine is just 15%
or so; direct-attached storage devices similarly underemployed.
By bundling different applications (often running different
operating systems) onto a smaller number of servers, they can
achieve much higher utilisation rates, often getting up to 85%, and
cut down on a lot of support costs simply because they have fewer
devices to look after.
Virtualisation also helps to solve the other twin
datacentre problems of lack of space and soaring power costs.
Some central London office space now rents at more than £100 per
square foot, so halving the size of the datacentre (or avoiding the
need to build a new one) has big financial benefits. And with areas
like Canary Wharf literally running out of electrical capacity,
organisations there have little option but to cut back on power
usage.
Going hand in hand with the virtualisation trend is a new-found
interest in
data governance. For a variety of reasons, companies are
revisiting the way they store data and seeing what can only be
described as a mess.
Despite the widespread adoption of
enterprise resource planning (ERP) systems over the last few
years, which have done much to help users rationalise their
operational data, information still gets duplicated and copied onto
multiple systems, making it impossible to ensure consistency and
security. That partly explains why so many companies are struggling
to comply with the
payment card
industry's data security standard (PCI/DSS) - they just don't
know exactly where all the credit card numbers sit on their
systems.
In another study published earlier this year on IT strategies,
the NCC found that just 30% of companies had a data governance
policy in place, with another 30% having made some progress towards
formulating a policy.
As the report says, "Although the benefits of data governance
can be compelling from a purely IT perspective, in most
organisations it was most likely to be seen as a blended IT and
business initiative."
The IT department's motivation is to improve data quality, while
the business's drivers are better decision-making through improved
data quality, plus a range of compliance issues, notably data
protection.
Data governance demands the right mechanisms, and that is
driving a move to
network-attached storage (NAS) and
storage area networks (SANs). In contrast to direct-attached
storage, NAS and SANs provide greater agility in the way users
store data. And, like virtualised servers, they make better use of
available capacity.
The same NCC report showed SANs already present in two-thirds of
organisations and likely to be in 96% in two years.
The effect of these trends is to tidy up the sins of the past
and provide a clean platform on which to build for the future. They
require new technology, new techniques and new ways of doing
things, but they are essentially going over old ground.
So coming back to the question of new development, where is the
money being spent?
The NCC strategy report, published earlier this year, shows that
customer relationship management (CRM) is finally being adopted
by more companies. Only 17% of organisations have a fully
implemented CRM system, but 33% have partially implemented it, and
another 10% have it under development.
Workflow and collaborative applications are also operational or
under development in more than 60% of organisations.
Fully operational
business intelligence (BI) applications occur in just 35% of
organisations, but another 25% say they have a BI project under
way.
The demonstrable cost savings of
VoIP communications make it an easy technology to sell to
management, and the NCC reports shows that 53% of respondents have
some degree of VoIP development, and a further 31% expect to
implement it.
In terms of applications technologies, the report shows a sharp
uptake in
Ajax (Asynchronous Javascript and XML), with 29% of respondents
actually using it, and another 24% saying they planned to do
so.
Service oriented architecture (SOA) is now used by a quarter of
companies and a further 36% say they plan to adopt SOA.
All these developments point in the same direction.
Virtualisation and better data governance through SANs and NAS will
allow companies to streamline their operations, and tackle data
quality. That will allow them to start making good use of the data
they hold, because they know they can rely on it. Hence the growth
in CRM and BI, which really can deliver tangible benefits to the
business provided it has good, reliable data.
VoIP brings certain functional benefits but its main attraction
is cost-cutting, while technologies such as Ajax and SOA should
help to make the IT department much responsive to business
demands.
So could this really be the point at which IT starts supporting
the business in a cost-effective way, and providing the agility it
has struggled so far to achieve? And will this leave more money for
new systems development?
Well, yes and no. According to Ian Campbell, CIO at British
Energy and chairman of the
Corporate IT Forum, IT budgets
can easily get swallowed up in unexpected ways, such as by sloppy
software purchasing.
"A lot of companies regret not looking more carefully at
software licensing," Campbell says, adding that annual licence fees
can be anything from 10% to 30% of the purchase price.
And while SOA and application integration sound great, they can
have a huge bearing on software fees. "You may start off with a CRM
or ERP pilot in a single department, then integrate it with other
systems and find your number of users has risen by thousands, which
has a direct impact on what you pay," Campbell warns.
"You need to do some careful consideration up-front, and include
clauses that allow for renegotiation," he advises, although he
admits that can be "a double-edged sword".
He also strongly recommends reviewing software contracts a year
before they are due to end to allow time for negotiation or changes
of plan.
Even if you do manage to cut costs through simplification and
integration of systems, don't expect money for new projects to be
approved any more readily.
Frank Cordrey, head of development support and network
infrastructure for John Lewis, says the key is to prove business
benefit and alignment with business strategy, but admits this is
not always easy. "Infrastructure changes, including sunsetting of
old products, can be the most difficult to achieve agreement for
and commitment to because they don't always bring obvious benefit
and won't always fit with business plans or priorities," he
says.
The one area that seems to meet little resistance from the
business is security, partly because company boards are scared into
action by high-profile security breaches, and partly through the
need to comply with different regulations.
"Security is generally fundable as long as there is appropriate
balance, pragmatism and understanding of the risk involved," says
Cordrey. But he adds that compliance can get in the way of other
plans. "Compliance changes are the most difficult because they
often get in the way of business changes already in hand. For
instance, PCI/DSS has been a major bugbear over the last few years,
particularly because the card schemes have kept moving goalposts
and size of pitch."
The message is that IT will always need to prove its relevance
and value to the business, and return on investment will generally
determine approval or refusal.
As Campbell says, that can make some infrastructure projects
hard to justify because they deliver soft benefits. For instance,
he has a collaboration project under way, using Microsoft
Sharepoint, which he says will deliver benefits in providing a
central repository for documents. But putting an actual figure on
the amount of time it will save is hard to prove.
"Some projects have to go ahead in the belief there will be a
benefit. For instance, how could you quantify the return on
investment for e-mail?" he points out.
Other projects, such as ERP or CRM, will save a lot of manual
work, and may be easier to justify on the basis of prospective
headcount reductions. But as Campbell says, if you justify a
project on cost reductions, just make sure you deliver. "The board
will want to lock in those savings," he says.
Just because you save money with one system, don't expect
decisions on future projects to get any easier. And if interest
rates rise, IT investments will be even harder to justify.