The CIO Handbook

Edition IV

Featuring research from

www.hcltech.com|www.hclisd.com

Introduction:
The 2012 Technology Roadmap

2
Introduction: The 2012 Technology
Roadmap
3
Rethink Your Mobility Strategy
5
Boost Your Security Network
7
Evolve Your Data Center Strategy
9
Adopt Industrialized, Low-Cost IT
Services (ILCS)
11
Conclusion

t is the best of times and the worst of times for CIOs and
other IT professionals.

On the one hand, factors such as global delivery, industrialization, Cloud Computing, Big Data, Social Media and
Mobility are enabling enterprises to boost their efficiency
and productivity. On the other, these trends are creating an
IT landscape of unprecedented complexity and uncertainty.
As CIOs and business leaders try to navigate this unfamiliar
terrain while working to create a modern IT infrastructure
architecture that can support intensified consumerization,
technology disruption and voluminous Big Data they may
find themselves taking wrong turns or pursuing approaches
that lead to dead ends.
Thats why we offer here a technology roadmap one that
highlights useful landmarks and identifies areas to steer
clear of that you can refer to as you explore todays challenging IT environment.
Source: HCL

12
From the Gartner Files: Gartners Top
Predictions for IT organizations and
Users, 2012 and
Beyond Control Slips Away
26
About HCL

The CIO Handbook, Edition IV is published by HCL. Editorial supplied by HCL is independent of Gartner analysis. All Gartner research is 2012 by Gartner, Inc. All
rights reserved. All Gartner materials are used with Gartners permission. The use or publication of Gartner research does not indicate Gartners endorsement of HCLs
products and/or strategies. Reproduction or distribution of this publication in any form without prior written permission is forbidden. The information contained herein
has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Gartner
shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject
to change without notice. Although Gartner research may include a discussion of related legal issues, Gartner does not provide legal advice or services and its research
should not be construed or used as such. Gartner is a public company, and its shareholders may include firms and funds that have financial interests in entities covered
in Gartner research. Gartners Board of Directors may include senior managers of these firms or funds. Gartner research is produced independently by its research
organization without input or influence from these firms, funds or their managers. For further information on the independence and integrity of Gartner research, see
Guiding Principles on Independence and Objectivity on its website, http://www.gartner.com/technology/about/ombudsman/omb_guide2.jsp.

Rethink Your Mobility Strategy

Legacy desktop and mobile strategies are likely to become obsolete, i.e.,
inadequate of handling the changing enterprise mobility landscape in 2012.

nterprise mobility is not a strange element to modern enterprises. It has been in the limelight for quite some time
and has been making enterprises (and the workforce)
more agile, efficient, and competitive. However, as a disruptive
trend, mobility has its own setbacks. While on one hand, it empowers the users, on the other, it jeopardizes enterprise security
and takes away control (over users as well as costs) from the
hands of enterprise IT.
Stemming challenges in the full swing are

Android devices. Bring your own device and employee-liable

programs are common, and we expect that 80% of organizations will have tablets by 2013. These deployments bring a
range of new challenges, from security, compliance and management, to cost and human capital management. Organizations address these challenges by defining policies that regulate
the usage of consumer and personal mobility for employees,
and they need the appropriate tools to enforce policies, regulate behaviors, contain costs and manage risks, across multiple
device platforms.1

Mobile-device and operating-system fragmentation

Bring-your-own-device (BYOD) revolution and employeeliable programs
Mobile data and applications explosion

However, charting out a mobile strategy requires a long-term vision.

Given these challenges, it is evident that organizations need

a sophisticated mobile device management strategy to handle
the mobile-device proliferation. A Mobile Device Management
(MDM) strategy can help enterprises regulate the use of mobile
devices by employees, regain control over users, and at the
same time, ensure security of corporate data.

Define the category of mobile devices and platform users

that your IT can support.
Redefine a mobile policy that enables new busines devices
and mobile applications in the existing environment.
Invest in an MDM solution that supports multiple platforms,
enforces mobile policies, regulates behavior, mitigates risk,
and controls cost.

According to Gartners report Critical Capabilities for Mobile

Device Management, IT organizations are forced to create
mobility programs to support corporate email and other applications on consumer products, such as iPhone, iPad and

Best Practices:

Note: Enterprises are advised to turn to an IT service firm that

has relevant expertise in mobile device management.

FIGURE 1

MOBILITY MANAGEMENT BEYOND MDM

SOURCE: HCL

Success Cases:
A Fortune 500 Firm Turns to MDM for Security

A Leading Electrical Retailer Optimizes its Business for Mobility

A Fortune 500 U.S. beverages manufacturer with 19,000

employees and 200 distribution centers has implemented an
effective MDM solution that secures all mobile devices and
platforms. The customer implemented HCL Enterprise Mobility
Services to see the desired results. The HCL MDM solution gives
IT and users real-time intelligence and control over smart device content, activity, and applications in order to secure data,
reduce wireless cost, and improve user experience.

Europes largest electrical retailer and services company with

operations in 26 countries is optimizing its business for mobility
and mitigating business risk across corporate and employee-liable devices. The customer is leveraging HCLs Enterprise Mobility Services powered by MobileIron, a virtualized smart device
management platform that can address prime concern areas
of enterprise mobility: mobile device security, enterprise mobility
management and wireless expense management.
Source: HCL

Gartner Inc., Critical Capabilities for Mobile Device Management, G00213877, 29 July 2011

Boost Your Security Network

To thwart the security threats and vulnerabilities that arise as your organization takes advantage
of the ongoing trends in IT consumerization, virtualization, and Cloud Computing.

s enterprises continue to unleash the power of the

latest technology trends such as ubiquitous data access, technology as a service, next-generation workforce, social media, and IT consumerization, they are
opening up their networks to new vulnerabilities and
attacks with maximum threats coming from the Web.
Information gathered from existing HCL customers suggests
that enterprises are ill-equipped to cope up with the growing
threat of cybercrime.
Handheld devices pose the major security risks.
Compliance adherence (17%) and Cloud security (17%)
are two major high-priority security issues.
Other security challenges faced by the enterprises include
data protection (10%), virus/botnet attacks (13%), and
proactive security alerting (9%).
Dealing with these newly found threats demands a paradigm
shift in the security strategy. Enterprises need to evolve their
security defenses and radically change the way IT is managed
and secured. Highly constrained security budgets of enterprises
could be a bottleneck, though.
Under economic pressure, enterprises can adopt managed security services to achieve high level of security and
strike the perfect balance between security expertise and
service innovation.

Gartners MarketScope for Managed Security Services in Asia/

Pacific states, The continuing global economic turmoil has
discouraged enterprises from capital investment in security infrastructure and additional personnel costs for new security
staff. Gartner does not anticipate strong growth in overall IT
spending in client organizations in the next 18 months (see
Forecast Alert: IT Spending, Worldwide, 3Q10 Update).
This fiscal conservation has motivated a number of enterprises to leverage MSS to support security improvements,
continuing regulatory compliance and service expansion for
business operations. Gartner expects that continuing uncertainties in the global economy will reinforce this trend, with
the direct result of stronger growth in MSS client numbers
and revenue.1
Even though many services are part of the managed security
service portfolio, we see the rush toward Cloud-based service
offerings. Among Cloud-based security service offerings, we believe Network Security, Identity as a Service (IDaaS), and Cloudbased Managed Authentication Services (MAS) will be much in
demand. We also anticipate high adoption rates for Distributed
Denial-of-service (DDoS) attack, Security Information and Event
Management (SIEM), and log management, ensuring a proactive security framework.
However, the challenge at hand is to choose the right managed security services provider (MSSP) and devise an ideal
security strategy.

FIGURE 2

FIGURE 3

VERTICAL BREAKDOWN OF CUSTOMERS

TOP SECURITY PRIORITY FOR 2012

DDoS Prevention

SOURCE: HCL

Best Practices:
First, define the scope of security services and the level-ofservice expectations.
Then, evaluate the prospective MSSPs based on the following parameters: adherence to local compliance laws, geographic delivery capabilities, staff augmentation, device
management, real-time monitoring, and security expertise.
Finally, map the service delivery capabilities and security
expertise of your managed security service provider and
align them with your requirements and expectations. This
will always result in a successfully managed security engagement.
Success Cases:
Asias Largest Exchange Firm Derives Enhanced Business Value
with MSS
A Singapore-based, large stock exchange turned to HCL for
managed security services to reduce security risks that todays

ever-changing threat environment posed. HCLs balanced

approach, proactive security stance, technophobic-to-technocentric focus, and employed flexible delivery model helped the
stock exchange develop an organization-wide IAM policy and
process; design and re-architect the data center from a security standpoint, and address its (the exchanges) business- and
compliance-related requirements. This resulted in a 20-22%
reduction in IT administration costs, a 45% fall in password reset
efforts, and establish tamper-proof logs and audit trails.
A Communications Service Provider Optimizes its IT Security
A large South Africa-based telecom service provider optimized its
IT security by moving to HCLs collaborative value framework (specifically designed by HCL for telecom service providers). Leveraging
HCLs existing robust service delivery framework, the telecom organization scaled up the security services for its existing customer base,
which brought in more revenues. This business model also reduced
the operational challenges by using HCLs large pool of certified
resources and OEM partnerships with leading security vendors.
Source: HCL

Gartner Inc., MarketScope for Managed Security Services in Asia/Pacific, G00217190, 30 September 2011

Evolve Your Data Center Strategy

To improve business responsiveness, lower costs and consolidate your data center.

s enterprises continue to face increased pressure from

the global economy to reduce costs, they will be looking
at data centers as the starting point for reducing costs
and complexity, and improve manageability. Companies from
various industries have already discovered the merits of transforming their data centers and harnessing new technologies
and innovations such as Cloud and Infrastructure Utility Services (IUS).
According to Gartners Magic Quadrant for Data Center Outsourcing and IUS, North America, In North America, increasing volumes of storage, high-density computing technologies
versus rising energy costs and green concerns, and the need to
consolidate for efficiency and security often show the physical
limitations of existing data centers. At the same time, higher
service requirements such as 24/7, continuous data replication, fast delivery of new capabilities, high flexibility and lowcost delivery challenge the internal IT management capabilities
of many organizations. As a result, increasing industrialization,
consolidation and global delivery, and utility and cloud approaches characterize the global and North American data
center infrastructure outsourcing market.1
Radical business and technical changes demand that CIOs
and leaders overturn older practices; adopt new strategies
and technologies for data center initiatives; and build a nextgeneration data center. Before CIOs embark on a data center
project or devise a data center strategy for the future, they
must gain some insights into the potentially disruptive and

revolutionary technologies of today such as Cloud Computing and next-stage virtualization. It will help enterprises consolidate better and achieve superior business results.
The next-generation data center of the future must essentially
have Cloud embedded in its architecture, besides Ethernet fabrics, high-density multi-core server hardware, high-bandwidth
networks, and virtualized servers and storage. A Cloud-ready
data center infrastructure can both support new service models at
the scale necessary to meet demand and operate at an efficiency
level that ensures profitability and support full virtualization.
However, this will require CIOs to move to the next level of
IT sourcing source the best IT services from the available
service providers operating in the market. The service providers
must be evaluated on the basis of their ability to offer a dynamic
and ready-to-deploy infrastructure, and the capability to cope
up with IT complexity as the requirements from their business
processes increase.
Enterprises must follow a phased methodology to devise a successful data center strategy. One of the HCL clients implemented a step-wise methodology that was cost-effective and ensured
a healthy bottom-line. Data center infrastructure restructuring
and service management fundamentally must be a part of data
center transformation projects to ensure that organizations
data center can readily adapt to constantly changing service
demands. Also, green initiatives are a must-have for the nextgeneration data center.

FIGURE 4

BUILDING BLOCKS OF THE NEXT-GENERATION DATA CENTER

SOURCE: HCL

Leveraging its over three decades of experience in the IT services industry, HCL has devised a data center transformation
methodology for its customers. It is a structured approach to
build a future-ready data center infrastructure (see Figure 5).

one of the facilities; multiple server and storage technologies,

operating system versions and standards that were complex and
costly to deliver and support; and limited lifecycle management,
leading to out-of-date technologies being maintained.

Best Practices:

The project was conducted in three phases in partnership with

HCL. In the first, completed in the first half of 2010, Old Mutual
implemented structured cabling and resilient UPS. The second
phase, completed in March 2011, involved core infrastructure
components such as storage consolidation, server virtualization,
network consolidation, backup and enhanced disaster recovery.
The final phase, which is ongoing, involves the implementation
of standards and tools such as monitoring, software and patch
management, and database consolidation. Skandia says the
transformation has resulted in 80% of non-production environments being virtualized; 40% of production environments virtualized; and high-density usage of server infrastructure, reducing
power, cooling and use of space in the data center.

Engage all stakeholders and apply appropriate cost

modeling after analyzing latest data center technologies.
To build an optimized data center strategy, evaluate your
capacity needs, your budget constraints, and the capabilities you would like to have in your modern data center.
Success Case:
Old Mutuals Data Center Strategy is Paying Off
Investment specialist firm Skandia, part of the Old Mutual
Group, needed to upgrade an aging IT infrastructure, so in
2009 it began planning a transformation program to update
two key data centers. The transformation addressed several
problems, including limited space in the data centers; a legacy environment that constrained the reliability and growth of

In addition, 20% of servers have been upgraded, and Skandia now

has the ability to provide seamless recovery of critical virtual hosts
in its disaster recovery site. Another benefit is reduced data center
complexity, with the move from three storage technologies to one.

FIGURE 5

Source: HCL

HCLs DATA CENTER TRANSFORMATION METHODOLOGY

SOURCE: HCL

Gartner Inc., Magic Quadrant for Data Center Outsourcing and Infrastructure Utility Services, North America, G00213700, 20 July 2011

Adopt Industrialized, Low-Cost IT Services (ILCS)

I LCS model is set to disrupt the existing IT services industry with its new service value
proposition in 2012. Get ready to adapt!

ndustrialized, Low-Cost IT services (ILCS) are the managed,

multi-tenant, ready-to-use IT services (infrastructure, applications or business processes), which gives organizations a
chance to introduce a transparent and predictable cost model.
The service providers offering ILCS implement standardized but
high-quality, automated, configurable and scalable services in
the client environment and charge them on a monthly basis.
Prices are expressed either as price per user per month or price
per unit per month.

Gartners Top Predictions for IT Organizations and Users, 2012

and Beyond: Control Slips reveals Despite a limited direct market impact (~$20 billion by 2015), ILCS offerings will reset the
ITO market price in the next five years. We expect to see marketing messages like We manage your SAP infrastructure for less
than $10 per user per month. Why are you spending more? to
increasingly fuel CFOs and CEOs interest, further pushing IT
spending as an operating expense externally delivered and no
longer a capital expense internally managed.1

An ILCS model could result in potential savings of 50- 80% on

the entry-level prices against the 20-30% savings that organizations have been achieving by leveraging the traditional
offshore and outsourced IT services without compromising
service quality.

ILCS are still embryonic. Yet, it is an emerging market force in
the IT services industry. Organizations are slowly-yet-steadily
embracing this alternative low-cost IT services/business model
over the traditional IT services to reduce the cost of running
the business. And we believe that this adoption will reach an
all-time high in 2012 and beyond.

Some of the common low-cost offerings that enterprises can

readily take advantage of include: Cloud email (BPOS, IU4Exchange, IU4Lotus etc.), Infrastructure Utility for SAP (IU4SAP),
IaaS, SaaS and more such. IU4SAP represents one of the
most important cases of ILCS for business-critical and core
functions, while collaboration and messaging in the Cloud are
the emerging.

The emerging ILCS model will transform and disrupt the existing IT services landscape by altering peoples common perceptions of pricing and value of IT services.

Figure 6 represents the overall trend toward ILCS. During the

last decade the high cost of corporate IT ($1,000 to $2,000 per
user per month) has fallen due to traditional outsourcing and
offshoring. Now, thanks to new delivery models, industrialized
services and Cloud Computing, we are seeing increasing numbers of low-cost offerings in which the price of a specific unit or
function (such as IU4SAP, e-mail and SaaS) is instead measured
in a few dollars per user, or unit, per month.2

FIGURE 6

THE SHIFT TO HIGHER SAVINGS FROM INDUSTRIALIZED, LOW-COST IT SERVICES2

Cost
per
unit

Corporate IT
Outsourced IT
-20%
Offshored IT
-30%

LOW-COST
IT

Small Fixed Server, Vendor

$800 pm

HIGH-COST
IT

Small Virtual Server, Vendor

$400 pm

SAP Infr. Client

$20 to $30 pupm

2000

IU4SAP
$10 to $20
pupm

2010

Industrialized,
Low-Cost IT
-50% to -80%

Salesforce.com
$75
BPOS/Gmail
$2 pupm

Time

Source: Gartner (January 2011)

*BPOS = Microsoft Business Productivity Online Suite; IU4SAP = Infrastructure Utility for SAP; pm = per month; pupm = per user per month;
1

Gartner Inc., Gartners Top Predictions for IT Organizations and Users, 2012 and Beyond: Control Slips Away, G00226767, 23 November 2011

HCL is helping many of its clients reduce their operational costs

through its standardized, high-quality, low-cost services. However, a word of caution for all the organizations adopting ILCS
will be: Be wary of the turbulence that ILCS model can cause.
Best Practices:
Remember, not all corporate IT can be delivered through
ILCS.
Before embracing ILCS, first conduct an appropriate level
of due diligence and risk analysis specific to your organizations risk profile and act accordingly.
Become proficient at multi-sourcing, since adoption
of ILCS increases the challenge of managing the
co-existence within an ecosystem of different kinds of IT
services delivered.
Success Cases:
A Manufacturing Industry Leader Turns to Cloud for Savings
A leading supplier of analog interface components for communication, industrial and consumer applications devised a
Cloud strategy to reduce its IT spending and meet its organizational goal of building an agile IT organization. It leveraged
HCLs Cloud-based Collaboration and Messaging Services to
migrate its messaging data and mailboxes to the Cloud environment. This resulted in $1.6 million annualized savings and
significant improvement in collaboration among employees
distributed across the globe.

Global Firms Migrate to Greater Flexibility and Lower Costs with

HCL SAPoD
A leading pharmaceutical company in the US ($3.4 billion revenue) and a leading manufacturer in Denmark ($4.7 billion revenue) opted for HCLs SAP-on-Demand (SAPoD), an efficient and
secure Cloud ERP solution falling under the IU4SAP category,
and reduced their infrastructure costs by 30%. SAPoD is HCLs
transformational service that provides customers a technologyaligned, reference-architecture based, ready-to-implement SAP
solution. The solution is hardware vendor neutral and is flexible
enough to adapt to new technology trends.
Global Leader in Sports, Fashion & Media Scales its IT costs with
Standardized, Low-cost IT Services
A leading conglomerate, based out of U.S., put a cap on its
burgeoning costs of operations by leveraging HCLs SCALE Services Standardized, Cost-optimized, Agile, Leveraged and
Enhanced services. The customer is a leader in sports, fashion and media, and has been connecting brands and audiences through sponsorships, licensing media, and consulting
with unparalleled client services for more than 50 years. It used
the combination of HCL SCALE services, dedicated offshore &
onsite resources and re-badged resources that resulted in 15%
reduction in operational costs. Moreover, HCL successfully
managed the disparate IT environments across the customers
diverse business units and helped it [organization] achieve true
business agility and scalability through its high-quality, standardized low-cost offerings.
Source: HCL

Gartner Inc., Behind the Cloud: The Rise of Industrialized, Low-Cost IT Services, G00209857, 1 February 2011

10

Conclusion

In the preceding pages, we have attempted to chart the broad contours of the emerging IT landscape. Of course, more detailed
maps will be needed as you explore particular regions for example, mobility, security or cloud computing of the new environment. But this article hopefully provides a helpful overview and suggests some areas worthy of further exploration.
Source: HCL

11

From the Gartner Files: Gartners Top Predictions for IT

Organizations and Users, 2012 and Beyond: Control
Slips Away
These top predictions herald changes in control for IT organizations when budgets, technologies and costs become more
fluid and distributed.
Overview
The continued trends toward consumerization and cloud computing highlight the movement of certain former IT responsibilities into the hands of others. As users take more control of the
devices they will use, business managers are taking more control of the budgets IT organizations have watched shift over the
past few years. Loss of control echoes through several predictions in this report. This comes with the necessary result of more
focus on certifications and a relentless attention to security in a
changing world. As the world of IT moves forward, it is finding
that it must coordinate activities in a much wider scope than it
once controlled.
Key Findings
IT budgets are moving out of the control of IT departments,
which means IT must reach out to the business.
Cloud models are forcing changes onto internal IT departments and onto traditional outsourcers, but security assertions and certifications for cloud providers are still lacking
in completeness and availability.
Mobile devices continue to outgrow PCs as preferred primary computing devices.
The availability of large amounts of data will
overwhelm most companies ability to understand that data.
Recommendations
End-user organizations must establish a discipline of relationship management in their IT organizations to handle the
influx of service providers.
IT departments must become coordinators (or brokers) of
IT-related activities (across their companies) that were not
specified by the IT organization originally.
Design of new applications must leverage rich browser and
mobile devices to support end-user demands for a movement from PCs to mobile devices.
Budget management for IT projects must be an activity shared
across multiple business units, which will control IT spending.
Strategic Planning Assumptions
By 2015, low-cost cloud services will cannibalize up to 15% of
top outsourcing players revenue.

12

In 2013, the investment bubble will burst for consumer social

networks, and for enterprise social software companies in 2014.
By 2016, at least 50% of enterprise email users will rely primarily
on a browser, tablet or mobile client, instead of a desktop client.
By 2015, mobile application development (AD) projects targeting smartphones and tablets will outnumber native PC projects
by a ratio of 4-to-1.
By 2016, 40% of enterprises will make proof of independent security testing a precondition for using any type of cloud service.
At YE16, more than 50% of Global 1000 companies will have
stored customer-sensitive data in the public cloud.
By 2015, 35% of enterprise IT expenditures for most organizations will be managed outside the IT departments budget.
By 2014, 20% of Asia-sourced finished goods and assemblies
consumed in the U.S. will shift to the Americas.
Through 2016, the financial impact of cybercrime will grow
10% per year, due to the continuing discovery of new vulnerabilities.
By 2015, the prices for 80% of cloud services will include a
global energy surcharge.
Through 2015, more than 85% of Fortune 500 organizations
will fail to effectively exploit big data for competitive advantage.
Analysis
What You Need to Know
Gartners top predictions for 2012 showcase the trends and events
that will change the nature of business today and beyond. Selected
from across our research areas as the most compelling and critical
predictions, the trends and topics they address this year speak to the
reduction of control IT has over the forces that affect it. The movement to cloud computing and mobile devices highlights the reduction of control as consumers demand mobile devices increasingly
over PCs. This leads to the natural desire to reduce gaps in security
where possible, and to gain some certification of outcomes where
its not. Lack of control is a difficult prospect for IT departments,
which must now adapt or be swept aside.
In addition, IT budgets, while on a slight rise, are at risk as
more of the money formerly allocated to IT projects begins to
be directed through the hands of non-IT managers. This leads
to increased speculation that trends such as outsourcing and
cloud computing will not only grow, but will accelerate through
the next five years. This growth will not come without risk or potential added costs. The price of generating cloud services for
large numbers of consumers can lead to increased power and
cooling costs for service providers that are likely to pass them
on to consumers.

Let us not ignore the effect of cloud computing on outsourcers

themselves. The phenomenon of cloud computing not only cuts
into the activities of IT departments, but also into the revenue of
outsourcers that must contend with commodity cloud services
and cloud pricing. Even though the cloud revenue models are
not all established as successful, they provide a rich field for
speculation, and traditional outsourcers must respond to this
movement just as IT organizations are doing. Alongside this is
a bit of a countermovement that sees certain goods and services moving back toward the Americas, rather than in continued
movement to Asia. This, in combination with a cannibalization
of some outsourcer revenue, may provide an opportunity for
some businesses to gain more cost-effective services.
We will enter 2012 with an increase in the amount of information
available to us, but with a shortage of the ability to understand
it. Given the shifts in control of systems that IT organizations
are facing, the loss of the ability to guarantee the consistency
and effectiveness of data will leave many struggling to prevent
their organizations from missing key opportunities or from using
questionable information for strategic decisions. No regulatory
help is on the near horizon, and this leaves each business to decide for itself how to handle the introduction of big data, the ad
hoc collection and dissemination of data in social communities,
and the proliferation of data across the cloud.
Any organization that wishes to excel in 2012 must establish in
itself a significant discipline of coordinating distributed activities. It must establish relationship management as a key skill,
and train its people accordingly. The reason for this is that the
lack of control can only be combated through coordinative activities. The IT organization of the future must coordinate those
who have the money, those who deliver the services, those who
secure the data and those consumers who demand to set their
own pace for use of IT.
Selecting Predictions
The selection process included evaluating several criteria that
define a top prediction. The issues examined included relevance, impact and audience appeal. More than 137 of the
strongest predictions across all research areas were submitted
for consideration this year.
Our top predictions are intended to compel readers to action and to position them to take advantage of the coming
changes, not to be damaged by them. Clarity and conciseness
are also essential characteristics of our top predictions; the average reader of The Wall Street Journal should be able to

follow each prediction and its effect on areas of interest.

These top predictions are for general technology areas, rather than
being specific to industries (see Top Industry Predictions 2011: The
Recessions Aftermath Proves Challenging). In reading these predictions, it will become apparent that our top predictions are pulled
directly from research that is topical and ongoing. They include implications and recommendations for organizations seeking change
opportunities. IT professionals must examine these predictions for
opportunities to increase their support for cost control, revenue generation and business transformation initiatives.
Strategic Planning Assumptions
IT Services
Strategic Planning Assumption: By 2015, low-cost cloud
services will cannibalize up to 15% of top outsourcing players
revenue002E
Analysis By: Claudio Da Rold and Sandra Notardonato
Key Findings:
Industrialized low-cost IT services (ILCS) sit at the crossroads
between ITO (a $315 billion-plus market in 2011, up to
almost $500 billion when considering business process outsourcing [BPO]) and the rising cloud computing external
service market (forecast to reach $150 billion by 2015, of
which more than $60 billion represents services such as software as a service [SaaS], infrastructure utility services [IUS],
infrastructure as a service [IaaS] and platform as a service
[PaaS] that compete with traditional IT outsourcing [ITO]),
and $56 billion represents business process services that
compete with traditional BPO services.
ILCS is an emerging market force that will alter the common
perceptions of pricing and of the value of IT services. In the
next three to five years, this new model will reset the value
proposition of IT.
Low-cost cloud services will cause the cannibalization of current and potential outsourcing revenue through two different
effects: direct (e.g., substitution of services that would have
been delivered in-house or through traditional outsourcing)
and indirect (e.g., the reduction of the price at which traditional outsourcing services are renewed, renegotiated or
outsourced for the first time).
In terms of the direct effect of ILCS, we are focused on the
market size of ILCS as a segment of the broader IT service
marketplace, and specifically the ITO market. Gartner believes that ILCS can reach 2% of the $1 trillion~ IT service
market in 2015, representing a $20 billion market. This is still

13

a relatively small size, compared with cloud services (20% of

non-advertising-based services) and the ITO market.
In terms of the indirect impact of ILCS on ITO, we are focused on the ongoing price reduction driven by the competition of low-priced services and the reset of what is
perceived as the fair market price for specific IT services
by business and IT buyers. In our assessment, the indirect
impact is more than double the direct impact, due to the
large ITO installed base, the effect of intense contract renegotiations at a faster velocity resulting from shorter contract
terms, and the increased use of volume-based pricing formulas (price equals volume times the unit price).
As a proxy to this prediction, we turned to the IT offshore
delivery model (e.g., the low-cost IT skills model) and its
cannibalizing effects on the traditional delivery of staffbased IT services. An analysis of the past 10 years shows
the emergence of a group of India-based providers capturing revenue from clients and existing and traditional providers (the direct effect, ~4.9% of market share in 2010). This
created dramatic pricing pressure and the forced adoption
of the global delivery model by traditional providers in order to remain competitive (the indirect effect is estimated to
be roughly double the direct effect).
As another proxy to this prediction, in early 2009, Gartner
forecast a future reduction of ITO prices for the 2009 to
2011 time frame due to the macroeconomic environment
and service industrialization. This reduction in price (more
than 10% compound annual growth rate [CAGR] per year,
with peaks at more than 20% per year on some specific
service offering) did come to fruition, as forecast.
We forecast now that ILCS is the market benchmark that will
cause ITO unit price reductions to remain an ongoing trend
for at least the next five years.

Market Implications:
Despite a limited direct market impact (~$20 billion by
2015), ILCS offerings will reset the ITO market price in the
next five years. We expect to see marketing messages like
We manage your SAP infrastructure for less than $10 per
user per month. Why are you spending more? to increasingly fuel CFOs and CEOs interest, further pushing IT
spending as an operating expense externally delivered and
no longer a capital expense internally managed.
This sort of external benchmark regardless whether the
advertisement is entirely applicable or not will accelerate
the transition toward industrialized, cloud-based services,
and will heavily impact the renewal of ITO contracts in the
next five years. Clients will either migrate toward new providers or ask their traditional outsourcers to deliver these
services at the right service quality and price points.
14

The lower IT prices will of course also create additional,

new business (especially in the small or midsize business
[SMB] segment) from clients that would not be in a position to outsource or buy these services before and within
new service areas (IT/operational Technology [OT] convergence, ubiquitous IT appliances, mobility, etc.). Nevertheless, such traditional streams of outsourcing revenue
will be cannibalized as cloud computing, industrialized
services and low-cost business models are adopted.
Similar to what happened with the adoption of offshore
delivery, it will be incumbent upon vendors to invest in
and adopt a new cloud-based, industrialized service
strategy either directly or indirectly, internally or externally. Additionally, it will be incumbent upon customers to
align themselves with the service providers making those
investments in order to ensure an IT strategy that is costcompetitive, and that has the potential to positively contribute to cash flows.
Service providers not active enough on these new service
models or trying to leverage the service industrialization
only from a profitability perspective are likely to see their
growth seriously limited, and are at risk of getting marginalized by new entrants to the market or consolidated
due to a decline in financial metrics. Again, using the
offshore impact as a proxy for this statement, we have
seen roughly 25% of the most meaningful players (by
size and geography) in the market being acquired in last
three years due to slower revenue growth and/or operating margin underperformance. On a positive note, the
risk of revenue cannibalization is offset by the potential
to increase operating margins as investments achieve
economies of scale.
Buyers of services (either already outsourced or in-house) will
operate in a market where traditional outsourcing deal unit
prices will decline. Although outsourcing contracts are typically three to five years for an average term, we see multiple
entry points for price renegotiation:
Annual discussions, based on best-practice benchmarking clauses.
Through renewals, extensions and renegotiations (most
organizations renegotiated their deals in 2009 to 2011).
At the end of the term through market bid, RFP or tender.
In this case almost by definition the new deal is signed
at a fair often near to the lowest market price.
With exit clauses that allow the client to leave a contract
and sign a new one.
Despite the long-term nature of outsourcing deals, the reality
is that the price can change over time, and will be influenced
directly or indirectly by market prices.
Importantly, macroeconomic trends will have a significant
impact on the outcome of this transformation. A reaccelera-

tion of global economic growth would reduce the negative

effect of ILCS (due to higher general IT service market growth
and the growth of IT service volumes), while a long-term
stagnation or a double-dip would depress the IT
service market growth in advanced economies, and would
potentially accelerate the adoption of ILCS (see Uncertainty
and Low Prices Could Stall the Growth of the IT Services
Market by 2013).
Assuming the continued decline in market prices, we see
the adoption of industrialized services having a significant
impact on client sourcing strategies. Buyers of services must
be aware that the cultural change from made in-house IT
services into industrialized, external services is not a small
step, and a new culture of adapt to/adopt and outside/in
must apply. Leveraging the ILCS wave is much more than
a procurement ability to buy at the lowest price. It involves
a business-driven sourcing strategy, the ability to manage
a multisourced environment and to integrate industrialized
services into end-to-end business processes.
All in all, Gartner believes that the projected $1 trillion IT
service market is at the beginning of a phase of further disruption, similar to the one low-cost airlines have brought
in the transportation industry. There will be a near-term to
midterm onslaught from innovators on the revenue/growth/
margin of established businesses, causing the restructuring of the industry (consolidations, merger and acquisition
[M&A], restructuring, failures, etc.). This will create disruption, then new value for clients, with new demands and new
services available at lower price points to/from emerging
and advanced economies.
Recommendations:
CIOs, CFOs, business unit managers, sourcing heads, vendor
managers must:
Take ILCS and service price trends into account when
refreshing your sourcing strategy, retendering your
service deals or evaluating the in-house versus outsource IT
trade-off.
Understand what services you are buying and the
value proposition of ILCS (that is, parity IT services and not
differentiating business value services [DVBS]).
Understand that the apparent low price and ease of use
is not always real. An IT professional analysis of risk and
advantages, retained cost and transition/integration investment must be done. Despite low prices, the total cost of
sourcing can be even higher than current costs.
Exercise due diligence in selecting and managing vendors
and providers, and manage risks through disciplined sourcing

management and governance. Expect market turbulence and

provider troubles in the planning period.
Dont sign outsourcing deals that are too long in term (three
years is the norm now), exclusive or broad in scope to limit
your ability to leverage on new service offerings and declining prices.
In addition to traditional benchmark approaches, measure
the cost per unit, per month of your infrastructure and application delivery to prove your efficiency as a provider or
broker of cloud services.
Social Networks
Strategic Planning Assumption: In 2013, the investment bubble will burst for consumer social networks, and for enterprise
social software companies in 2014.
Analysis By: Michael Gartenberg and Matt Cain
Key Findings:
Vendors in the consumer social network space are competing with each other at a rate and pace that are unusually
aggressive, even in the technology market. In an attempt to
win new users and keep existing users engaged, new services, interfaces and partnerships are accelerating, with an
emphasis on capturing the entirety of a consumers social
experience. The net result is a large crop of vendors with
overlapping features competing for a finite audience.
In the enterprise market, we see many small independent
social networking vendors struggling to reach critical mass at
a time when market consolidation is starting, and megavendors, such as Microsoft, IBM, Oracle, Google and VMware,
have made substantial efforts to penetrate the enterprise social networking market.
Success breeds success in the consumer social ecosystem. The network effect a network becomes more desirable as the number of users grows has been the key in
driving social network growth, which makes it harder for
new players to enter and compete against larger established players.
In the enterprise space, megavendors are, or will be, providing social capabilities as horizontal platform services
consumable by applications, making it difficult for small
vendors to sell stand-alone products that provide similar services. Google, for example, will add Google+ to
Google Apps for Business, Microsoft added social networking to SharePoint, and Oracle will provide social infrastructure services to be used by its Fusion applications.

15

 The majority of social networking interactions through

2013 will migrate to mobile devices from PCs, creating new
opportunities for consumer social networks. Established
social networking players may not lead in mobile acuity, but
will be fast-followers, thereby removing a point of differentiation potentially available to new entrants.
In the enterprise space, the same dynamic exists, and megavendors, with significant investments in secure mobility services,
will have a substantial advantage over smaller, stand-alone
vendors struggling to keep pace with mobile developments.
There is a wide variety of business models for consumer social networks and services, but the majority will be advertising-driven. The result is that a limited amount of advertising
dollars will be available for new players in the market.
In the enterprise space, megavendors are in a position to
subsidize social networking investments for years. Smaller,
independent vendors have no such luxury.
Future growth in the consumer and enterprise social networking market will depend on how well current players
can expand market share. Vendors that have the resources
to challenge the status quo will likely be other large companies looking to expand in the social space and not smaller
startups, which lack the substantial capital to challenge the
established players.
Consumers and enterprise users are wary of changing
and/or rebuilding social graphs. Data portability is limited,
at best. Consequently, the longer a user participates in a
social network, the more difficult it is to migrate to a new
platform. This creates barriers to entry for new entrants.
Market Implications:
Social networking is one of the top activities on the Internet. The overall number of users continues to rise, but the
overall growth rate will slow over the next two years as the
number of unaffiliated consumer declines. New entrants,
therefore, will have a much smaller pool of consumers to
target, making the staggering growth rates of established
networks difficult to reproduce.
Penetration rates for social networking in the enterprise are
still less than 15%, so there is substantial room for growth.
But the delta between best-of-breed independent vendors
and megavendors has diminished substantially over the past
two years, and will continue to erode, making it difficult for
organizations to justify an investment with a small supplier.
The maturing of the market for consumer and enterprise social networking will impact the amount of capital
available for startups in the space. While substantial
excitement will be raised by private firms going public (e.g.,
Facebook and Jive), we believe that valuations of smaller

16

independent vendors will diminish as recognition sets in that

the opportunities for market differentiation and fast growth
have eroded. These diminished valuations reflected in the
slowing of new investments will curtail the fervor to fund
new social networking. We expect this recognition of diminished opportunities to take slightly longer be reached in the
enterprise space, where the market dynamics are not as clear
at present.
Recommendations:
For the consumer space:
Existing consumer social networking services must incorporate new, value-added features and services in an attempt to
keep users engaged longer, and to prevent defections.
Brands looking to engage with consumers via social networks must take care in evaluating how their budgets will
be spent, and the likely success of new entrants versus existing players. While it will be easier to stand out on a newer
service, that service will likely have fewer users and greater
difficulty keeping them engaged.
Partners of consumer social networks and organizations that
depend on social networks for their marketing, branding or
sales platforms must use social analytics tools to monitor
their customers reactions and use of social networks, and
must be prepared to follow their customers if they begin to
migrate to other social technologies and services, and to
evaluate new entrants into the market.
Newer and niche vendors must provide a differentiated experience in order to capture new users. This can be through
features and services not currently offered by dominant players, or by targeting more niche demographics and markets.
New entrants into the social networking market must make
it easier for consumers to integrate existing social graphs
into their services. Investors in new services must consider
that consumers will not continue to recreate their social
graphs repeatedly with each new service that emerges
without ease and strong product differentiation.
For the enterprise space:
Carefully weigh the benefits versus risks of using a small supplier with a richer feature set against a large, incumbent supplier with emerging social networking ambitions.
Understand the financial status of smaller players, and what
the exit strategy is likely to be.
Understand the potential benefits of integrating social networking over an existing vendor stack versus the benefit of a
lightly coupled social networking service.

Social Software and Collaboration

Strategic Planning Assumption: By 2016, at least 50% of
enterprise email users will rely primarily on a browser, tablet or
mobile client, instead of a desktop client.
Analysis By: Matt Cain
Key Findings:
While the rise in popularity of mobile devices and the growing comfort with browser use for enterprise applications
preordains a richer mix of email clients and access mechanisms, we believe the pace of change over the next four
years will be breathtaking.
Most organizations routinely enable browser access to
email and calendars, but the vast majority of email read/
writes are done with a traditional desktop client. The growing parity between desktop clients and browser functionality,
however, coupled with an IT group desire to reduce desktop
complexity via the removal of the PC client, is rapidly accelerating browser access to email. The growing popularity of
Google Gmail which is optimized for browser access as
an enterprise email supplier will accelerate email browser
dependency, as will the uptake of HTML5, which will supply
much-needed offline and drag-and-drop support. Microsoft, too, is likely to release rich HTML5 browser support for
Exchange over the next year or two.
Migration away from local email archives/folders to very
large, centralized mailboxes (particularly in the cloud) will
decrease the need for a desktop email client, as will the
use of Microsofts personal archive feature in Exchange
2010, which offers a server-side alternative to client-side
archives. Research In Motions (RIMs) intention to offer nofee BlackBerry Enterprise Server services to Microsoft Office
365 cloud email customers (expected in 2Q12) may help
Office 365 maintain its presence in the enterprise.
Lifestyle changes will also accelerate the trend. There is a growing expectation on the part of businesses that employees will
be available during nonwork hours, and that location should
not be a barrier to communication. Furthermore, users will no
longer have a primary device for corporate collaboration, but
will rely on a fleet of self- and business-provided devices with
the expectation of a largely uniform user experience. We expect Google and Apple to increase the sophistication of native
Android and iOS email clients. Rapid and deep penetration of
tablets with Amazons forthcoming $200 Android-based Kindle Fire expected to be a fast-follower to the iPad will increase
demands for mobile email access.

We expect the impending Windows 8 (by YE12) from Microsoft to contribute to the trend. This OS will run on ARM processers (in addition to Intel processors), and will be touchenabled for deployment on tablets, accelerating the uptake
of Outlook running on tablets and smartphones. We also
believe it is inevitable that Microsoft will release versions of
Outlook running on Android and iOS devices sometime in
the next year or two. Finally, the near-universal acceptance
of the Exchange Active Sync protocol for mobile access to
email and the rise of rich mobile device management tools
facilitates the broad use of mobile devices for email access. However, users will still have access to a desktop client,
in addition to mobile access mechanisms.
Market Implications:
We expect mobile device manufacturers Apple, Nokia,
Samsung, LG, Motorola, etc. to enter a new phase of competition to offer rich email clients to maintain rough parity and
to establish competitive differential. Email system vendors
Microsoft, IBM, VMware and Google are also likely to build
mobile clients for diverse set of devices for the same reason.
Market opportunities for mobile device management platform vendors will soar. Increased pressure will be on those
suppliers to accommodate an increasing portfolio of collaboration services, including IM, Web conferencing, social
networking and shared workspaces.
Recommendations:
Enterprises should:
Develop policies governing the use of corporate- and employee-supplied devices, and should implement rich device
management applications for controlling and securing remote access.
Upgrade email systems to versions that support rich browser
and mobile device access to email services.
Investigate opportunities to eliminate desktop email clients
to reduce PC complexity and eliminate local email archives.
Work with HR resources to optimize life/work balances and decrease employee stress due to growing availability expectations.
Ensure that the remote email access infrastructure has a
high degree of redundancy at all points to ensure continuous availability.
Plan to extend email mobility to adjacent collaboration services such as IM, shared workspaces and social networking.
Train users on best practices for email communications in a
mobile world (better, shorter subject lines, shorter messages,
clear action requests, etc).

17

Strategic Planning Assumption: By 2015, mobile AD projects targeting smartphones and tablets will outnumber native
PC projects by a ratio of 4-to-1.
Mobile and Wireless Communications
Analysis By: William Clark
Key Findings:
Smartphones and tablets represent over 90% of the net-new
growth in device adoption for the coming four years, and increasing application platform capability across all classes of
mobile phones is spurring a new frontier of innovation, particularly where mobile capabilities can be integrated with location,
presence and social information to enhance usefulness.
Mobile AD is rapidly moving through its adolescence, triggered by a broad increase in demand for all categories
of mobile applications: business-to-consumer (B2C), business-to-employee (B2E) and B2B.
The very definition of applications is changing many mobile
applications are mere shells (or hybrid) apps or applets Webtechnology-oriented, but wrapped in native device code.
Market Implications:
Smartphones and tablets represent over 90% of the net-new
growth in device adoption for the coming four years, and the
increasing application platform capability across all classes of
mobile phones is spurring a new frontier of innovation, particularly where mobile capabilities can be integrated with location,
presence and social information to enhance usefulness.
Web enablement, especially with the advent of HTML5, is a
key part of mobile application strategy, native or rich mobile AD demands are being triggered in all three areas:
In B2C, due to the marketing/advertising impact of
app stores, as well as the huge financial potential of
targeted context-aware advertising and offers, most
CMOs are demanding applications, which can add
even greater value or opportunity if they are resident
and provide stickiness to consumers. In addition, many
media-rich or gaming applications require native mobile
development. For consumer-facing enterprises, such
as retailers and consumer packaged goods, mobile
consumer application strategies cover Web, native and
messaging (SMS/MMS) channels, and comprehensive
strategies are linking these together.
In B2E, bring your own device (BYOD) is having a major impact on user demand, especially in requests for supporting

18

applications on tablets employees are accustomed to the

app store provisioning model, and the consumerization of
IT is raising expectations around mobile application experience. Consumerization and the scale of the smartphone and
media tablet market are also causing organizations to consider consumer-grade devices for things like field sales, field
service, survey taking, analytics and inventory. In contrast, in
B2E, many enterprise application vendors are moving toward
portals that adapt, further reducing the number PC-targeted,
client-side projects.
B2B mobile applications are very important for many enterprises, and present a unique challenge B2E-type requirements for security and functionality that can exceed
what Web/portals can achieve, but B2C-type requirements, in that, in most cases, organizations cannot dictate
the devices being used for mobile applications.
The fact that the definition of applications is changing to a
hybrid model of Web and native functions wrapped together
lowers the barriers to creation. The bottom line is that innovation is moving to the edge for mobile devices; whereas, in
2011, Gartner estimates app development projects targeting PCs to be on par with mobile development, future adoption (e.g., the installed base of smartphones and tables) will
triple from 4Q10 to 1Q14, and will result in the vast majority of client-side applications being mobile only or mobile
first for these devices a ratio that Gartner estimates at four
new mobile AD projects for each PC-oriented project.
Recommendations:
AD organizations should perform a mobile-only, mobilefirst, or legacy assessment of AD. Too many developers still
assume that desktop applications are needed, or that legacy
applications need to be moved forward.
Virtualization (Citrix Receiver and Wyse PocketCloud) is being used to project PC applications to tablets today, and
while the user experience is, in many cases poor, there are
cases where this approach can be used to avoid further investment in those projects.
Complement tactical investments in mobile AD tools (which
will remain volatile through 2015) with an understanding of
the trade-offs of six styles of mobile application architecture
(thick, thin, rich, streaming, messaging and no client).
Cloud Security
Strategic Planning Assumption: By 2016, 40% of enterprises
will make proof of independent security testing a precondition
for using any type of cloud service.

Analysis By: Joseph Feiman

Key Findings:
Cloud systems, and the interfaces through which they service
their clients, can often be exploited by such attacks as SQL injection, cross-site scripting and cross-site request forgery, which
could result in the loss of sensitive information, unauthorized
asset transfer and system behaviors that endanger system users
(individuals and enterprises, humans and equipment).
Conventions have not yet been developed for the appropriate level and form of security testing of cloud providers
technologies, and expectations for provider transparency
have not been well-established.
Market Implications:
Cloud providers of all kinds including providers of application operations, data management, infrastructure management and security will become top targets for hackers
from all over the world. This is because cloud providers
store critical data from a large number of cloud clients,
which, from the hackers viewpoint, is worth stealing, and
run applications that are worth abusing. For this reason,
while enterprises are evaluating the potential cloud benefits
in terms of management simplicity, economies of scale and
workforce optimization, it is equally critical that they carefully evaluate cloud services for their ability to resist security
threats and attacks.
Enterprises will be unable to test cloud providers systems
themselves for a number of reasons. The applications the
cloud provider uses to service its clients are its most valuable intellectual property, and the provider will likely be
reluctant to grant access to them for inspection purposes.
Moreover, even when inspection is authorized by the cloud
provider, most enterprises do not have the necessary skills
or resources to conduct such security testing. For this reason, many enterprises will use cloud services brokerages as
the inspecting agency.
Vendors of application security testing technologies both
static application security testing (SAST) and dynamic application security testing (DAST) will play a critical role
in the third-party independent testing and compliance verification of outsourced, packaged and cloud applications.
Most of these vendors have already begun to deliver their
capabilities as services, offering them alongside their
application security products. Some startup vendors have
focused exclusively on security as a service and do not offer
products at all. This is further advancing SAST and DAST
vendors capability to test cloud providers systems.

Gartner believes that inspectors certifications will eventually around 2016 become a viable alternative or
complement to third-party testing. This means that instead
of requesting that a third-party security vendor conduct
testing on the enterprises behalf, the enterprise will be
satisfied with a cloud providers certificate stating that a
reputable third-party security vendor has already tested its
applications.
Recommendations:
Demand assurances from cloud providers that their software
has been tested for security vulnerabilities. Security testing of
cloud providers systems conducted by reputable independent application security testing vendors is a preferred option.
An alternative is security testing conducted by the cloud provider itself.
Accept security certificates issued by trusted security vendors if
they meet your industrys and enterprises security standards.
Seek cloud services brokerages that demonstrate a proficiency in security inspection, auditing and certification.
Content Management
Strategic Planning Assumption: At YE16, more than 50% of
Global 1000 companies will have stored customer-sensitive
data in the public cloud.
Analysis By: Gavin Tay
Key Findings:
With the current global economy facing ongoing financial
pressure, organizations are compelled to reduce operational
costs and streamline their efficiency. Responding to this imperative, it is estimated that more than 20% of organizations
have already begun to selectively store their customer-sensitive data in a hybrid architecture that is a combined deployment of their on-premises solutions with a private and/or
public cloud provider in 2011.
In 2010, more than 40% of data archiving deployments
that contained sensitive data were to the cloud. Many CIOs
rank the improvement of their agility very high, but fear
the trade-off in introducing greater risk, such as lapses in
security, compliance, audit, availability, reputation or, importantly, custody of their critical data. Leaders of organizations must realize that by going to a hybrid architecture, not
only will they add significant complexity, but they will also
continue to bear both the tangible and intangible costs of
running multiple environments.

19

Market Implications:
As global organizations commence a progressive journey to
the public cloud, their primary objectives to consistently delight patriotic and new customers, as well as improve business performance, will continue to remain a priority. In so
doing, organizations will reduce operational costs, gain efficiency, increase business agility and attain regulatory compliance. This journey to the public cloud will take organizations to the next level to fulfill these objectives; however, it
will inevitably prove to be one with its fair set of challenges.
They include:
Organizations operating in countries that require data residency, each with its distinct laws.
The data privacy laws of world governments, for example,
intrusion of privacy by mining data of public clouds.
Security risk and vulnerabilities (e.g., physical, network,
software platform and auditing/governance policies) of the
public cloud infrastructure will change as the cloud evolves.
Lack of standards for intercloud dependency or integration.
Organizations will recognize the need to re-engineer their
business processes and governance/data retention policies
as they embark on the public cloud. The growth of organizational roles such as legal counsel, infrastructure planning
engineers, and network and security specialists will be in
much greater demand.
Recommendations:
For international information communication authorities:
Governing bodies from all countries should collaborate on
a mutually developed cloud standard and framework of
operation, such as the Cloud Data Management Interface
from SNIA.
Harness their efforts in being an advocate for greater regulation in public clouds, and examine providing legal assistance, particularly smaller organizations that have proceeded with initial adoption.
For organizations:
Continue pilots and active projects using public cloud offerings with less sensitive data before progressing to customersensitive data, such as finance/accounting, CRM, project
management, supply chain management, HR, manufacturing, business partner management, etc.
IT leaders should examine the nuances and risk of a public
cloud or, conversely, should prepare better in anticipation

20

of their adoption, for example, disaster recovery, high-availability SLAs, authentication vulnerabilities, in-country regulations for data retention and application compatibility.
Weigh the tangible and intangible costs of each risk. Examples of questions to ask include:
How much does it cost to migrate from one public cloud provider to another (traces of intellectual property left behind)?
How much money and/or reputation will the organization
suffer from downtime (unrecoverable data)?
Legal counsels of organizations should assess the jurisdiction
of data ownership in the event of a liquidation or seizure,
especially when operating on a global platform.
Network and security specialists should conduct a walkthrough of the vendors data center for compliance or audit
checks as they would their organizations infrastructure.
IT and Operational Technology
Strategic Planning Assumption: By 2015, 35% of enterprise
IT expenditures for most organizations will be managed outside
the IT departments budget.
Analysis By: Brian Prentice
Key Findings:
Most IT organizations are allocating 80% their budgets to
keep the lights on expenses. The other 20% of IT spending
is for activities that grow and transform the business.
Next-generation digital enterprises are being driven by a new
wave of business managers and individual employees who
no longer need technology to be contextualized for them by
an IT department. These people are demanding control over
the IT expenditure required to evolve the organization within
the confines of their roles and responsibilities. Numerous examples of this pressure exist today:
Cloud computing is expected to grow to 20% or more of the
total IT budget by 2013. Our research indicates there is already significant non-IT involvement in decision making with
finance, marketing, HR and other business, acting as key
stakeholders between 25% to 30% of the time and funding
computing services between 10% to 30% of the time.
Global spending on media tablets is forecast to increase
at an annual average rate of 52% through 2015. That is
set against a backdrop of weakening demand for traditional
PCs in developed economies. These devices will have an
increased impact on the enterprise, yet it is users who are
driving both the purchases and, as a result, the platform support decisions required by the IT organization.

 Aligning physical-equipment-oriented technology (operational technology), developed, implemented and supported

separately from the IT groups with traditional IT systems is
surfacing as a general management concern. While an integrated approach is required, IT organizations must ultimately recognize that line-of-business managers are in the
best position to steer the practical application of building
control systems, geological modeling tools, automated production and broadcasting equipment or warehouse automation systems.
Market Implications:
A constant refrain from CIOs has been the desire to drive
greater alignment between the IT organization and the rest
of the business. Underlying this wish was the hope that the
business would better understand the inherent potential of IT.
That wish is rapidly coming true, but not necessarily in the
way most in the IT profession would have imagined. Rather
than seeking IT professionals help to apply established IT
products within established IT practices, non-IT professionals
are understanding the transformative potential of digitization
and are applying these ideas in their own way.
The modern marketing organization is a perfect example.
As recently as 15 years ago, marketing was dominated
by creative thinkers who obsessed over ephemeral brand
messages, while taking great pride in a 5% response rate
on direct mail campaigns. Todays marketing profession is
obsessed with gathering and analyzing information. They
have an increasingly nuanced understanding of social media borne from constant trial and error. They are driven by
a direct and quantifiable impact on revenue. The modern
marketing managers understanding of the role technology
plays in achieving each of these results has eclipsed that
of the average IT professional. This dynamic is playing out
across departments from supply chain managers to HR
directors. Even individual employees are applying technology to improve personal productivity more rapidly than IT
organizations can keep up with.
As business managers and employees see the increased
value in IT and a diminishing value proposition from IT departments, the resulting dynamic will play out for the funding processes. CIOs will see some of their current budget
simply reallocated to other areas of the business. In other
cases, IT projects will be redefined as business projects, with
line-of-business managers in control. More organizations
will find themselves exploring employee-funded devices. IT

spending will continue to increase, but CIOs will have diminished control over it. A majority of organizations between
50% and 60% will see IT expenditures managed outside
the IT department growing to 35% of total spending. By and
large, this will not be offset by equivalent reductions in the IT
departments budget, as Gartner sees an ongoing increase
in IT budgets of 1.5% to 2.5% over the next four years. However, this extent of IT expenditure within the business is not
universal. More conservative organizations roughly onequarter will see a lower level of IT expenditure outside the
IT department. This will more likely be 20% to 25%. The remaining one-quarter, with highly conservative IT and non-IT
professionals, will see little to no IT expenditure outside the
IT department.
Ultimately, CIOs will find themselves faced with an existential
question are they ultimately being asked to do the same
or more with less, or do they need to recast their organizations value proposition in the context of a changed business
landscape and funding assumptions.
Recommendations:
CIOs should increase their focus toward connective technology the enabling tools that tie business solutions together.
Connective technologies include master data management,
business intelligence (BI) and analytics, business process
management (BPM) suites, composition technology, process
and data integration, service-oriented architecture (SOA)
governance technology, and identity and access management architectures.
Put the I back in IT. Many IT organizations are skewed toward technology when the emerging digital enterprise thrives
on information. While individual lines of business will generate and analyze large volumes of data, it is the IT organization that is best positioned to act as the data caretaker.
Central to achieving this outcome is to recognize that data
is an asset in its own right not a theoretical asset, but one
that should ultimately be accounted for in the organizations
balance sheet.
Supply Chain
Strategic Planning Assumption: By 2014, 20% of Asiasourced finished goods and assemblies consumed in the U.S.
will shift to the Americas.
Analysis By: Michael Dominy

21

Key Findings:
Political, environmental, economic and supply chain risks
are causing many companies serving the U.S. market to
shift sources of supply whether they are toys, toothpaste,
equipment subassemblies or commodity parts that go into
finished products from Asia to the Americas, including
Latin America, Canada and the U.S. Except in cases where
there is a unique manufacturing process or product intellectual property, most products are candidates to be relocated.
North American enterprises underestimate the total supply
chain costs of offshoring the supply network to Asia. Escalating oil prices globally and rising wages in many offshore
markets, plus the hidden costs associated with offshore outsourcing, erode the cost savings that didnt account for critical supply chain factors, such as inventory carrying costs,
lead times, demand variability and product quality.
Double-digit economic growth in many offshore markets means
a larger portion of output generated in those markets will be
consumed within those markets instead of being exported to
developed markets. Locating manufacturing or sourcing from
suppliers that are closer to customer demand enables enterprises to respond faster, thereby reducing risks, lead times and
costs, including transportation and inventory carrying costs.
There are examples of manufacturers across industries and retailers shifting manufacturing or sourcing locations from China
to the Americas. Manufacturers of products for which labor is a
smaller percentage of total cost, or whose quality and intellectual property concerns are more pronounced, have been more
inclined to move production back to the Americas.

22

The net result is that enterprises will need help assessing, redesigning and transforming internally oriented supply chains into
market-focused, demand-driven value networks. Supply chain
service providers, including consulting and advisory firms, will
need to deliver more sophisticated and comprehensive supply chain assessments that can model various scenarios, and
represent them in strategic and financial terms that chief executives and boards of directors can understand.
The persistently high unemployment rate in the U.S. will lead
more states to offer tax breaks to companies that set up local
operations.
Factors that will cause the prediction to come true:
Asian, and especially Chinas, policies regarding currency
valuation and exchange rates do not change dramatically.
Incentives offered by national and local governments within
countries in the Americas continue or expand.
Fuel prices increase, with oil prices reaching $100 or more
per barrel.
Continued general economic growth in Asian countries, and
China specifically, will consume an increasing amount of capacity and manufacturing output produced by China.
Persisting concerns surround intellectual property protection.
Productivity gains in the Americas continue to offset the Asian
total cost advantage.
The ability to respond more quickly to demand, especially
volatile demand, in American markets makes it necessary for
enterprises to have shorter supply chains, with manufacturing plants being located closer to points of demand.

Market Implications:

Factors that could cause the prediction to be false:

Customer demand for service excellence and increased

product choice at competitive prices are driving brand owners to reassess the value delivered by their supply networks.
Sacrificing lead time for reduced unit costs will be insufficient to satisfy this customer requirement.
Enterprises must analyze their supply chain networks. They need
capabilities to perform supply chain segmentation and a more
comprehensive cost-to-serve analysis that includes agility and
risks, such as excess or obsolete inventory, quality problems and
intellectual property theft, in addition to per-unit costs.
Supply chain realignments will become a public relations
challenge. Decisions that involve repatriating operations
will be lauded, while those that involve outsourcing will
be criticized. Executives will need to develop a deeper understanding of their supply chain network and the dynamics associated with orchestrating the flow of information,
material and goods across internal and external facilities
and operations.

Significant economic policy changes by China.

Rapid recovery and ensuing inflation in the U.S. The result
would drive up wages and other costs in the U.S.
Falling fuel prices.
Another global recession similar to that of 2008
to 2009.
A major destabilizing event that disrupts Mexicos government or business environment, or intensified challenges to
law and order in Northern Mexico. Mexico is one of the most
attractive nearshore manufacturing locations to supply North
America, but continued problems with violent crime in and
around these regions is of major concern.
Recommendations:
Enterprises need to institute strong cross-functional
planning processes that enable them to better understand
demand and make conscious choices that balance the

trade-offs associated with the structure and operation of

the supply network.
Enterprises should start cataloging their current use of suppliers and outsourced manufacturers. Identify who is providing what services, and where and long contractual obligations run. Document key contractual terms and conditions,
including when the contract is due to expire or renew. Understanding and detailing all relationships will make it easier to identify the opportunities and challenges associated
with moving sourcing locations from Asia to the Americas.
Enterprises must segment their supply chain types and conduct a cost-to-serve analysis to understand how many supply chains they have, and the performance of each. Doing
so will enable enterprises to make better decisions regarding offshoring, nearshoring and reshoring. It will also help
enterprises identify which initiatives are required to align internal operational capabilities with each supply chain, and
what capabilities to seek from external providers.
Organizations and supply chain service providers need to
develop or enhance their network design, supply chain segmentation and cost-to-serve services. Analytical and modeling tools will need to replace spreadsheets and sample
data. Outsourcing providers will need to form and foster
relationships that enable them to present the right balance
between services for low-cost operational excellence and
services designed for flexibility and agility. As enterprises
segment and better understand their supply chains, outsourcing providers with both types of services will have an
advantage over those only offering either operational excellence or agility.

Market Implications:

Security and Risk

Analysis By: John Pescatore

Enterprises need to ensure that they are evolving their security defenses and processes to deal with changing vulnerabilities and changing attacks.
To meet the demands of changing delivery models like the
cloud and the use of smartphones and mobile devices, enterprises must make a radical change in how they manage
and secure IT.

Key Findings:

Cloud Computing and Sustainability

As IT delivery methods meet demand for the use cloud services and employee-owned devices, new software vulnerabilities will be introduced, and innovative attack paths will
be developed by financially motivated attackers.
The consumerization trend will cause continuing disconnects
between the use of consumer-grade services and devices, and
enterprise-oriented processes and governance approaches,
enabling attacks against critical business and customer data
.

Strategic Planning Assumption: By 2015, the prices for 80%

of cloud services will include a global energy surcharge.

Strategic Planning Assumption: Through 2016, the financial

impact of cybercrime will grow 10% per year, due to the continuing discovery of new vulnerabilities.

At every major change in the way IT gets delivered (going from mainframe to client/server, client/server to Web,
etc.), software development and IT operations management
processes break, and new forms of vulnerabilities are introduced and exploited by attackers. In the 2011 to 2016 time
frame, IT delivery is changing to add the use of cloud-based
services and support the use of employee-owned laptops,
smartphones and tablets.
At the same time, cyber attacks have moved from simple vandalism to targeted, financially motivated attacks that use sophisticated techniques to evade detection and steal sensitive
business and customer data. These methods are often used
later by politically motivated attackers (such as Anonymous),
as well as nation-launched attacks, often called advanced
persistent threats. In 2011 alone, Sony had to publicly announce security incidents that cost over $200 million, and
RSA filed U.S. Securities and Exchange Commission (SEC)
statements acknowledging direct costs of over $65 million.
Other companies have seen all of their corporate emails
published on the Internet, with enormous financial impact.
The combination of new vulnerabilities and more targeted
attacks will lead to continued growth in bottom-line financial
impact due to successful cyber attacks. Recognizing this, the
SEC issued guidance detailing circumstances that will require publicly traded companies to fully disclose the impact
of security incidents.
Recommendations:

Analysis By: Steve Prentice and Jorge Lopez

Key Findings:
As transaction volumes at cloud-based data centers grow,
so the hardware and software costs per transaction fall,

23

leaving operational costs, especially energy consumption,

to increase as a component cost.
In the current business climate of global economic volatility and ongoing political uncertainty in key oil producing
regions, allied with rising pressure for governments to meet
sustainability targets, a continuing upward pressure on energy prices appears inevitable.
With a key cost component outside their control and subject
to short-term volatility and potentially large price increases
over the long term, isolating this cost element and passing
increases onto the user as a surcharge avoids potentially
crippling cost increases, or substantial and recurring contractual renegotiation.
The continuing focus on carbon emissions and sustainability issues enables a visible and clear isolation of energy
consumption, even for transactions undertaken outside the
organizations data centers, which is likely to be important
for future carbon trading schemes.

include the majority of operators driven by competitive pressures and a me too approach. Linking this surcharge to global
energy prices will help average the costs across different regions,
and will allow an externally determined and clearly identified
base index to be used to determine the surcharge. By visibly
highlighting the energy component, they also highlight the sustainability issues surrounding carbon emissions that many cloud
users have sought to conveniently avoid by moving transaction
processing off their premises and systems. A visible energy surcharge neatly transfers the onus (and carbon emissions) back
to the user which is likely to be a significant issue as carbon
trading schemes emerge more strongly.
In the long term, the surcharge could become a variable
component (capable of falling and increasing), although
this seems unlikely given the global trends and the focus on
long-term sustainability.

Market Implications:

Business and IT leaders and procurement specialists must expect to see energy costs isolated and included as a variable
element in future cloud services contracts.
This additional uncertainty represents an increased business
risk and price volatility that must be considered in the decision
to move toward externally sourced cloud-based services.

With the increasing scale of cloud-oriented data centers,

allied with growing transaction volumes and increased
computing efficiency, the actual cost breakdown of a single
transaction is steadily evolving. Hardware, software and facility costs are all declining as a result of scale, Moores law
and increasing volume. As a result, energy costs (both to
power the hardware and to dissipate the resultant heat) are
steadily increasing as a percentage of overall transaction
costs. With electricity prices inexorably rising, driven by increasing fuel costs and greater sustainability concerns (and
their associated costs), this situation will only get worse. It
is exacerbated by ongoing volatility and unrest in leading
oil-producing regions and ongoing financial turmoil in the
global markets. As politicians are driven to deliver against
previous promises of carbon emission reduction targets, but
are squeezed by funding limitations and investor caution to
invest heavily in renewable sources, prices are likely to rise
even further as volatility continues for several years to come.
While cloud operators can make strategic decisions about locations, tax subsidies are no long-term answer to managing
costs, and investments in renewable-energy sources remain
costly. Cloud operators, therefore, face a future in which an
increasing element of their cost structure is externally influenced
and controlled, highly volatile and under significant upward
pressure due to sustainability issues. Some cloud data center
operators already include an energy surcharge in their pricing package, and we believe this trend will rapidly escalate to

24

Recommendations:

Information Management
Strategic Planning Assumption: Through 2015, more than
85% of Fortune 500 organizations will fail to effectively exploit
big data for competitive advantage.
Analysis By: Steve Prentice
Key Findings:
Current trends in smart devices and growing Internet connectivity are creating significant increases in the volume of
data available, but the complexity, variety and velocity with
which it is delivered combine to amplify the problem substantially beyond the simple issues of volume implied by the
popular term big data.
Collecting and analyzing data is not enough it must be
presented in a timely fashion so that decisions are made as
a direct consequence that have a material impact on the
productivity, profitability or efficiency of the organization.
Hence, technical and management capabilities both need
to be established in order to progress from data to decision.

 Most organizations are ill-prepared to address the technical

and management challenges posed by big data; as a direct
result, few will be able to effectively exploit this trend for
competitive advantage.
Market Implications:
As the number and diversity of smart devices grows, so
does the volume of data they generate. Increasing storage
of data in the cloud and enhanced public access to this
amplifies the issue. New types of data location, time, state
of sensors, for example, together with increased volumes
of rich media serve to further increase the avalanche of
data facing organizations. Over this decade alone, data
volumes across the Internet are expected to grow 300-fold
as the number of Internet-connected devices grows rapidly.
As a result, most organizations will face the challenge of
addressing the issues of big data. It is unfortunate that this
popular term focuses the attention on the volume of data
alone. While volume is an issue, the complementary aspects
of velocity (the speed with which data is being presented),
variety (the broad range of data types being presented) and
complexity (especially around the growing volume of unstructured data from social networks and elsewhere) are equally
challenging. Hence, big data is actually better thought of as
a popular term for the extreme information management issues that arise when accessible data starts to overwhelm the
existing information management infrastructure.
Storage, processing power and bandwidth will all become
significant challenges for most enterprises, although the
pain point will be felt at different levels of scale. Even where
the enterprise infrastructure can collect, process and present incoming data in a usable and timely manner, there
remains the cultural and organizational issues associated
with management receiving the information, trusting the

information and making a decision in an appropriate time

frame to effect a material change in outcome. Notwithstanding the demand by business leaders for better information
with which to make fact-based decisions, at the heart of
some of these challenges lies the erosion of the personal
power and long-standing expertise by which decisions are
normally made. These will at best delay and at worst prevent
useful decisions from being made in many organizations.
The combination of technical challenges, cultural and organizational challenges, and the relentless increase in accessible
data available and being presented leads us to the conclusion
that the majority of organizations will fail at one or more of
these steps, effectively reducing their ability to gain a competitive advantage from big data through at least 2015.
Recommendations:
CIOs and IT leaders should consider the technical issues
surrounding extreme information management (or big data),
but should not be overwhelmed by the potential scale of the
challenge. They should focus their attention on areas where
improved utilization of specific data will deliver timely and
trusted input to defined business decisions with a material
impact and measurable business benefit.
Business leaders should consider their most valuable and critical business processes, and should evaluate which additional
data would deliver a material and measurable improvement
in business outcome. They should actively engage with IT to
ensure that the complete cycle from data to decision is enacted to ensure an effective and a positive outcome.
Source: Gartner Research G00226767, Daryl Plummer, Peter Middleton, Matt
Cain, William Clark, Claudio Da Rold, Michael Dominy,
Joseph Feiman, Michael Gartenberg, Jorge Lopez, Sandra Notardonato, John
Pescatore, Brian Prentice, Steve Prentice, Gavin Tay,
23 November 2011

25

About HCL

stablished in 1976 as an IT garage setup, HCL is a $6.2 billion leading global technology and IT enterprise comprising two companies listed in India - HCL Technologies and HCL Infosystems. HCL leverages its extensive global offshore infrastructure
and network of offices in 31 countries to provide holistic, multi-service delivery in key
industry verticals including Financial Services, Manufacturing, Consumer Services, Public
Services and Healthcare. HCL takes pride in its philosophy of Employees First, Customers
Second which empowers our 88,000 transformers to create a real value for the customers. Since its inception into the global landscape after its IPO in 1999, HCL Technologies,
a leading global IT services company, focuses on `transformational outsourcing, underlined by innovation and value creation, and offers integrated portfolio of services including infrastructure management, software-led IT solutions, engineering and R&D services
and BPO. The companys fastest growing line of business HCL Technologies Infrastructure
Services Division, also known as HCL ISD, manages mission critical environments and
handles over 3 million devices for over 1.7 million end users.

26