Members of eWeeks Corporate Partner Advisory Board recently convened to discuss their organizations IT priorities for the coming year. Moderated by Technology Editor Peter Coffee, the roundtable focused on the increasingly difficult challenge of creating competitive advantage with limited budgets. Linux is intriguing, the Corporate Partners say, but other enterprise applications might preclude its use. VPNs and server consolidation are ongoing concerns, while the Tablet PC and .Net Server platforms arent seen as compelling—at least for now.
eWeek: Frank, lets start with you. At Bose, whats on your radar for 2003?
Calabrese: Our primary focus is the globalization of initiatives that we worked on this past year.
eWeek: And those would include?
Calabrese: Were seeing a lot of work-from-home, remote-type applications, and were supporting a virtual private network installation method that works within the security infrastructure weve set up.
How do we protect data, how do we protect confidentiality? How do we protect all the laptops we have out in the field, and how do we do that, again, with this global focus?
eWeek: So youre trying to elevate the level of both telecommuting and an internationally distributed work force with broadband. Were talking broad order of megabit-per-second bandwidth to everybody?
eWeek: And using VPN technologies to make that as reliable and secure as it would be behind a firewall?
eWeek: Are you finding those technologies ready to go, or are you having any difficulties with interoperability—across different vendors, for example?
Calabrese: Were having problems with vendors, naturally. The telecommunications industry has thrown us for a loop, so that always makes things fun.
What we are really working on is how [to] deploy our VPN solution. The last challenge was to China. Weve created a master installer that not only drops the VPN client down but also drops anti-virus software onto the target chain and a managed version of Internet Security Systems Inc.s firewall onto the remote machine.
Our machines are deployed with power-user capabilities, not with administrative privileges to those machines by the end user, so our installer has to know what the administrative password is, grant itself privileges and install itself. And it cant be modified during that installation.
What happens if the installation doesnt work? What happens to the supported machine now that weve taken control of the administrative capability and the user is normally located in Hong Kong and has now traveled to Shanghai and is looking to us for support? These are all issues that we havent seen up until this point.
As I said, its riding on top of the security infrastructure that were rolling out. We havent gotten too fancy. We looked at biometrics, and we didnt see that we could do it at this point. But were doing strong passwording; were mandating resets and some of the stuff we have to manage remotely.
eWeek: Nelson, in the health care domain, youre passing a lot of information around your networks that requires strict confidentiality and data integrity assurances. Are you looking at some of the kinds of things that Frank is talking about?
Ramos: We looked at the technology that we have and asked, Where is it that we can provide the biggest impact and provide the biggest differentiation between us and our competitors? We came up with the area of patient safety and using broadband as the foundation for that.
eWeek: Kathie, I imagine that you, in distance education, are also looking at whether ubiquitous broadband is something you can assume.
Sigler: We have a large, growing distance education program here. Were currently using Web computer training—right now, about 1,000 students. For us, thats very small because Miami-Dade has 165,000 students in all of our six campuses. What were trying to do is to take each of our programs and get not only the general-education requirements done but also then get our full degrees offered. So were working program by program, trying to accomplish that.
Were also very interested in the whole e-book area. Weve been working very closely with RCA. … Were also talking to Microsoft [Corp.], to see if we can take the best of what the Tablet PC technology is going to provide.
I would say probably 75 percent of all the students at this campus walk around dragging rolling suitcases just because of the size of their books. Were talking to several Microsoft partners with the Tablets and are very interested in that whole thing.
eWeek: Do you feel that the Tablet PC technology youve been seeing during the last few months is really ready to be used and not merely demonstrated?
Sigler: I dont know. Ive had my hands on the systems but [not enough] so that I could really put them through their paces. So, personally, the jury is still out.
eWeek: Are others interested enough in the Tablet form factor to be evaluating it or at least researching at this point?
Brorson: At the University of Minnesota, weve looked at the Tablet for nearly a year now. Once the [operating system] is actually released, well probably have a better idea of where the support for applications is going to be. But right now, I would say that there is less optimism than there was a year ago.
Calabrese: As a replacement for the laptop, it isnt an appropriate tool. I think its a good supplement for 30 percent of the folks that would normally carry laptops.
Inks: I think its a poor replacement for a laptop.
Wilson: Im a little more intrigued by the wireless display technology and think more people will latch on to that once they see it.
eWeek: At USA Today, Gary, youve been looking at whether people would rather read content on paper or get it in some kind of electronic form. Is the Tablet PC going to be the delivery vehicle that gets people reading their newspaper on a screen through a wireless link instead of reading it on paper? Is it finally the delivery device of next-generation news?
Gunnerson: Weve been tracking these kinds of technologies all the way through e-books and everything else, and they just dont catch on. They seem to be a nice niche product for a while, and some people enjoy them, and then it kind of fades away.
I think there are places where Tablet PCs make unbelievable sense.
eWeek: Such as?
Gunnerson: Order entry, forms-based tasks, where youre checking things off and writing things in.
eWeek: Michael, at AdSpace Networks, youve been looking at relatively advanced and specialized technologies for delivering rapidly changing content into stores in the form of your signage and so on. Are you looking at things such as the Tablet PC technology, flat screen or digital paper?
Skaff: In terms of the Tablet PCs, we are very interested in the small form factor because were looking at a couple of different designs for how we deploy these systems. One of them includes a local PC, and if its local to the display, were very interested in a small form factor.
eWeek: When we talk about all this stuff thats needed to handle transactions, push content out to devices and so on, the thing that I always think about is whats down in the basement in terms of the server room. Larry, whats on your radar at Nordstrom in terms of scalability and reliability issues? What are the technologies that youre watching for the next year?
Shaw: Most of what were doing is basically replacing older hardware with new, rolling upgraded hardware in our store locations.
eWeek: Whats driving that upgrade cycle?
Shaw: Age, primarily. Our replacement cycle is about three years.
eWeek: Whats going on the new systems?
Shaw: Windows 2000 in our stores. Were using Solaris on the back end for most of our new merchandising applications. Our primary network for supporting users is still Windows 2000. Were also rolling out our point-of-sale network on Windows 2000.
eWeek: Is there anything happening in terms of trying to make servers more of a large, dynamically allocated pool of capacity instead of having to try to anticipate capacity on more of a point-by-point basis?
Shaw: Were doing that to a limited degree. We are looking at where we have concentrations, like the Seattle area. We are looking at going to SAN [storage area network] in those areas to concentrate storage rather than the number of discrete servers at our data center.
Most of our locations are fairly loosely connected with low-speed wires and dont really make storage of centralized data practical for those. So from a file/print/data point of view, we still maintain a single file print server at each store to store the data for that location and then back it up at night to a central facility.
eWeek: When you talk about those distributed devices—file and print servers or network-attached storage and SAN devices—where theyre really just a pretty focused box, are any of these appliances that youre looking at running Linux or other lower-cost operating systems?
eWeek: Is that by choice, or it just hasnt happened yet?
Shaw: In most cases, the server is also providing user validation for that location, so its the local Active Directory source and global catalog for our centralized Exchange servers, as well.
eWeek: Is there anyone who is making any significant efforts to evaluate or adopt any of the open-source technologies?
Brorson: Smaller enterprises that I work with outside the university are looking in that direction, especially as the Office-type applications have improved, whether its OpenOffice or StarOffice. I certainly see companies that are now asking whether they should [consider open source], and a year ago I didnt even hear that asked.
eWeek: So the idea is gaining traction, if not yet actual adoption?
Calabrese: We use Linux-embedded software in some of the products we make. Also, with some of the OEM components, we develop in a Linux environment on a desktop, which then begs the question of, If youre working on developing a product in Linux that will be embedded in one of our software or hardware systems, on your laptop, should you have to have a dual-boot to receive your e-mail, or would you rather receive your e-mail while youre working on a product in that same environment?
To further it, if Im developing a Linux application and I also want to get my e-mail and I want to maybe send copies of this application to other people, then I also have to work within the same environment that the rest of the corporation works in. E-mail, you can expect, will have Word enclosures and Excel enclosures. So, now, for every Linux-based development station, Ive got to have a full productivity suite so that engineers can communicate. And should it be dual-boot, or should we use an open-source version of the productivity suite?
eWeek: I guess thats a still-unanswered question?
Calabrese: Its a question that were trying to find the best answer to.
eWeek: Are there particular alternative productivity suites that youre evaluating?
Calabrese: At this point, nothings really cropped up. Were trying to see whether we can go down this track because, again, you take the example one step further: These engineers who are developing in Linux may not be here at corporate headquarters. I may have a guy working from his cabin in Maine with Linux on his machine, and he wants to VPN in. Now I need a Linux firewall, and I need a Linux-based VPN client.
So all the tools and services that I provide and Im comfortable with in the Windows environment have to be replicated. So its not just a matter of whether we introduce StarOffice but can we introduce at exactly the same time the full complement of services for Linux?
eWeek: So the whole infrastructure has to be there, not just point solutions?
Inks: Some improvements in coordination in telecommunications would be great. I had feelings of déjà vu listening to Frank earlier.
Atlantic Research has been replacing its frame relay with VPN technology, and we tried as hard as we could to sole-source the broadband part of it. Of course, when it gets down to the last mile or two of the company, you cant, and thats where weve had a significant amount of problems coordinating between the local carriers and AT&T [Corp.], which is our primary broadband [provider]. Its been a real challenge. They tend to point fingers at each other an awful lot, and thats been the biggest concern that weve had in doing VPN.
eWeek: So the hardware and software really arent the issue—its really a matter of supplier relationships and people accepting responsibility for making it work?
Inks: Yes. The hardware seems to be pretty solid; we havent had any problems with the stuff that we chose. Its more been issues with local configurations and coordinating AT&T configurations.
Baradet: At the S.C. Johnson School of Management, were going back and looking at developing policies and procedures for some things that we havent considered in the past, such as encryption—how do we develop an escrow for the keys?
eWeek: You mean things such as encrypted e-mail and documents?
Baradet: Yes, and corporate data and what constitutes corporate data. The university is addressing this at a higher level but is basically [saying] that we have to develop a policy if we use it. So were trying to decide who decides whats corporate data and when its appropriate to encrypt and not encrypt, and then who should hold the keys.
Gunnerson: Have you looked at timer destruction of key storage as a method for getting rid of content?
Baradet: No, were just getting started. Ive written something that will be brought up in front of our management committee to see where they want to go with it.
eWeek: Gary, youre basically talking about automating a document retention policy so that if something is old enough that its not needed, then it is automatically destroyed?
Gunnerson: Well, what youll do is end up destroying the keys that created an e-mail document. Once the keys are destroyed, you cant read the document anymore. Thats a retention policy thats enforced by key management.
eWeek: Right. Kevin Wilson, what are you tracking for the coming year?
Wilson: Were dealing with the energy market, and there are things happening with the energy companies. Were reassessing, re-budgeting, re-scoping most of the development efforts to see, for next year, what we want to do. People are still knocking on their budgets right now.
eWeek: When you say development …
Wilson: Application development. A lot of application projects are just getting re-scoped with different budgets right now.
eWeek: Is Microsoft .Net development occupying a lot of mind share right now?
Wilson: .Net is being explored as part of our electronic vendor interfaces. Electronic vendor interfaces are viewed as having a lot of benefit right now.
Baradet: Were also going to look at putting in things like Microsofts system update server and central anti-virus definition distribution, so a lot of the routine stuff doesnt have to leave the campus.
eWeek: So youre looking at mechanisms for reducing the workload of administering these things?
Baradet: Right. Were also looking to minimize the number of people who keep go- ing and hitting Symantec [Corp.]s Web site for the latest patches when we could just download them once and then have them hit on an internal connection.
eWeek: Kevin, I think you were one of the ones who mentioned that things such as Windows 2000 and Active Directory were taking a long time to get traction in your environment. Are they there now?
Baradet: It wasnt Active Directory; it was the transitioning of older servers that were running third-party applications that we used. We had to put in Active Directory when we brought up our Exchange 2000 system, and we just finished migrating all of the folks out of the old NT domain and have shut that down.
eWeek: But thats something you got done during the current year?
Baradet: We just got it done. A lot of it is that we need to test the applications to make sure we got the right permissions on the servers and so on.
It looks at this point as if the NT stuff will just die by attrition and well wait till the vendors bring out new versions of the software. Most of the apps are going to undergo fairly significant rewrites and move to a different platform, so at that time well put them up on Windows 2000 servers.
eWeek: So when your Microsoft rep comes by with coffee and doughnuts and a proposal to upgrade your entire environment to .Net server …
Baradet: Not interested at the moment.
eWeek: Do you think thats something you might want to do in two years? One year? Never?
Baradet: Well see what the product is like when it ships.
eWeek: But by no means is it an automatic assumption that youll adopt it in any foreseeable future?
eWeek: Is anyone here actively evaluating the new Microsoft server platforms?
Calabrese: Casually, not aggressively. I think everybody would probably agree that there is casual activity going on, but nobody is looking to rapidly move it out once its shipping.
eWeek: And it sounds like its not in anyones budget.
S.C. Johnson School of Management, Cornell University, Ithaca, N.Y.
Northern Great Plains Initiative for Rural Development Crookston, Minn.
Bose Corp. Framingham, Mass.
Gannett Co. Inc. McLean, Va.
Atlantic Research Corp. Gainsville, Va.
McCann-Erickson Forest Hills, N.Y.
Sutter Health Modesto, Calif.
Nordstrom Inc. Seattle
Miami-Dade Community College, Miami
AdSpace Networks Burlingame, Calif.
Duke Energy Corp. Charlotte, N.C.