Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=189401564
Once upon a time, companies boasted of having offices in Manhattan, Munich, Madrid, Mumbai and Manila. Each office managed its set of customers and suppliers, with a lot of good advice coming in from the head office. There was precious little governance or standardization. Paradoxically, the use of third-party service providers has catalyzed better governance and standards in captive or shared-services centers scattered in distant parts of the world.
There are multiple ways to implement the concept of a worldwide campus. Regardless of the company having globally dispersed teams working on disparate pieces of work, what binds these offices together is a defined, common architecture and a shared-enterprise objective.
Boston-based Fidelity, the worlds largest mutual-fund company, for example, has subsidiary offices in most countries, which service local markets; has captive centers in India to service its global operations; has outsourced to almost half a dozen third-party IT service providers and itself functions as a human resources and benefits administration provider to companies such as General Motors and Novartis.
Fidelity is one of the many hundreds of multinational companies that have such complex setups. With services on their way to becoming commoditized (See Driving Down Prices, Global Services, April 2006), the global playing field is no longer open only to companies with deep pockets. Increasingly, smaller companies are also acquiring capabilities offshore, largely through outsourcing relationships, including managed services. In the area of product development, for instance, it is not uncommon to find tech startups developing their software products in Bangalore. So much so, that a significant number of venture capitalists demand that startups build an offshore angle to their business plans.
Such complexity in operations is nothing new; it has been happening in other industries for decades. In manufacturing, for instance, components may get produced in China and Taiwan, assembled in Malaysia and packaged in and shipped from China. All these activities may be coordinated from the U.S.A.
The services industry, and BPO in general, is just starting to catch up with its manufacturing brethren, says Brian Maloney, recently appointed as President of the newly formed Unisys Global Industries. Maloney has been CEO of AT&T Solutions and COO of Perot Systems.
Making the Right Connections
Of course, placing the right tech investments is the lifeblood of the ever-growing worldwide campuses. There is no denying that it is the enormous amount of fiber-optic cables the fat bandwidth pipes spread under the oceans and telecom connections that form the backbone on which global operations rest. But, how technology is deployed across various locations and what it means for different users parent company, subsidiaries and provider companies determines the flow of information in this complex network.
|Sustaining the Connections|
|Technology, as they say, is only an enabler. It is people, and their ability to communicate that make it work to suit their business needs. Brian Maloney, President, Unisys Global Industries talks about the importance of communication in a worldwide campus|
|What is key to managing a worldwide campus?||Brian Maloney
President, Unisys Global Industries
[In a worldwide campus] communication is not as simple as having everybody in the same room and saying this is what we will do today, tomorrow or next week. Now you have to deal with the distance, time differences and cultural differences when you and I have a conversation, we may be using the same language but we may have different nuances to the words.
How does effective collaboration happen?
You need to have somebody who is close to the customer and the customers business processes. In day-to-day problems, you need somebody who can understand what the CIO and business unit head are wrestling with and translate that back to the people who are doing the system-designing code work in India. This has to be an ongoing collaboration, on a day-to-day basis. The good news is that technology allows that. At AT&T Solutions [which offered IT services to internal and external customers], we took engineers from Asia, Europe and the U.S.A. and put them in the customers premises for a couple of weeks.
How are decisions taken in this widespread mesh?
Lets take an example of a global insurance company that says I dont sell policies that are multinational policies; in general. I sell policies that are local I sell home loan insurance or other kind of insurance in the United States, in European countries, and now I want to sell in India and China. The big decision will be made in the corporate headquarters that will say lets expand in country A and country B. But, those markets are all different, so they [local subsidiaries] make those local decisions.
Multinational companies typically possess a complex, routed network with thousands of devices and end points. Network-management centers, distributed across multiple continents, will have diagnostic and repair capabilities.
During the day when the United States is open [for business], we might have done most of the network management in the US, says Maloney, explaining the industrys follow-the-sun approach that is now quite the norm. During the rest of the clock, we might do it from Asia and Europe.
A tangle of distributed, decentralized and multishore operations requires CIOs to develop a global vision. They need to be able to think about managing data, networks, users and security issues at the local level and then integrating them with the global network. They have to think through questions that may seem straightforward in the context of a local or regional office, yet become complex solutions in the context of a worldwide campus. While larger companies may be more familiar with these issues, its the first-timers that need to grapple with them. Here are some questions to consider:
Where does the data reside? The nucleus of this worldwide campus both in terms of technology and business decisions remains in the head office of the parent country. All the applications and data reside in the parent country the U.S.A. in the case of most American companies or may be spread across a few regions of the world. These data centers have very rigorous backup and coordination capabilities.
Why is data concentrated in one place? Moving the applications and data to local offices is a costly and complicated endeavor, requiring each office to replicate the infrastructure around the data security, redundancy, fail-over, backup and policy. In the context of outsourcing, this will completely negate the cost-arbitrage advantage.
If you move applications [locally], the cost of outsourcing will drastically jump. You will need to plan for fail over of data centers and application redundancy between the locations, which will get costly, explains Vikrant Varshney, India Representative, the Business Continuity Institute, U.K.
How is data accessed? Connectivity is determined by the amount of data to be transferred and the speed at which it has to be transferred. These will be used for voice over IP (VoIP), e-mail (companies prefer collaborative systems such as Lotus Notes), official chat clients (not AOL or Yahoo), video and tele-conferencing.
Every location, almost every building of ours [CSC] is equipped with VoIP and video conferencing. We also have our own portal-based Web conferencing where we can invite a third party or a partner we are working with to participate, explains Padmaja Krishnan, Director, Communications Infrastructure, Computer Sciences Corporation. CSC serves as a good example of a worldwide campus it employs 80,000 people, is present in 92 countries and conducts business in 34 languages.
Who has access to what data? Users in other locations can access the data located centrally depending on their rights of access users in a captive setup may have different access rights to those in a third-party setup, while the project-management team may have an entirely different set of access rights. Even within the captive setup, for instance, the management team may have access to accounting and HR-related information, while the team lead may have access to information related only to the applications-development project that he is working on.
Whether you are five, 50 or 5,000 people, access rules remain the same, says Varshney. And thats where it is easy if you have a thin client environment.
Companies follow one of two means to give access rights: One involves restricting access of everyone by default, and then selectively giving access to some users; the other involves making the system accessible to all by default, and then configuring it to deny access to some users. The first approach is a more secure one.
How is the network secured? Remote security and monitoring is paramount, and companies usually follow some typical measures such as permissions-based access, passwords, firewalls, intrusion-detections systems, virtual-private networks, thin clients, encryption, digital certificates and, increasingly, biometric technology.
Some companies, and often governments, dealing with sensitive data do not give external users the right to access their data centers. Instead they get the service provider to position some of its people within their premises and give them access to their network from there. Some customer companies may even download the relevant data to the service providers.
How is risk mitigated? The more or less centralized approach to managing data brings the issues of business continuity and disaster recovery to the fore. Companies are working towards leveraging their global presence by locating disaster-recovery centers in dispersed regions and by making not just one, but many, facilities across the world function as backup sites. For example, rather than keeping their India operations as a backup for their U.S. data centers, companies are working on models where their other operations in Europe, China or Latin America may step in and take over in the situation of any other country going down.
How important are standards? An understanding of compliance issues and how they may be linked to technology is critical. Equally important is adherence to standards such as Information Technology Infrastructure Library (ITIL). This determine s that all parties geographically dispersed teams of both the customer company and the service providers can integrate into one global network.
Compliance to laws Sarbanes Oxley, COSO framework and the privacy act, for example is increasingly becoming a challenge, and CIOs have a long way to go in adhering to these, says Sarvesh Goorha, CEO, Six Sigma Outsourcing Practices. Goorha is the former CTO of EXL Services, an Indian BPO service provider, where he managed a global network of over 5,000 nodes.
Who manages these complex functions? As in the classic multinational company scenario, all the strategizing and high-level decision-making still remain firmly rooted in the head office. However, the decisions that affect the local offices are far more distributed. In a global campus, even a line manager is more empowered, says CSCs Krishnan.
Krishnan also talks about a matrix-like team structure that CSC follows. We have a matrix-like [not hierarchical] team structure. The global manager may be sitting in India, but his teams may be spread in different countries. Those teams will have their own management structures within those countries so there will be line reporting and functional reporting, she explains. This requires a lot of collaboration between managers decisions are taken jointly, appraisals are done jointly. They have to be prepared for virtual management.
Companies set up separate teams to manage all these IT issues. And these are no mean teams. Of Fidelitys 40,000 employees worldwide, for example, more than 10,000 manage technology. These numbers will, of course, be far lower for a smaller company.