Linux in Government: The End Game for Vendor Lock-In

Enterprise transformation appears to exist in a continuous loop. Every
three to five years we have to deal with new jargon and new technology.
The jargon de jour differs from that of 10 years ago, when we
spoke of Total Quality Management, ERP, Business Process Re-engineering,
Activity Based Accounting, Best Practices and IDEF. If you do not
recognize these terms, don't worry; we now have a set of new issues on the
table and organizations have started responding accordingly.

Technology has the ability to enable business success, and some executives
understand that. Once they "get it", you can see decision-making moving
from IT departments to executive suites and board rooms. Today, a
CEO has to understand much more than a few IT terms. He or she has to
understand how technology owns everything from profits and losses to the
serious potential liabilities associated with an oppressive regulatory
environment.

CEOs cannot simply turn the problem over to the techies anymore. So, we
can say that IT has moved from the data center to the executive suite,
the legal department, assurance specialists and the board room, and we
would be correct.

If you ran an enterprise, revenue growth and cost containment would occupy
every waking and sleeping moment. In government, that also means increasing
appropriations and grants and operating more efficiently. You have to use
your money more effectively. Flat appropriations persist in economies
such as the one we have now and what looks like the foreseeable future.

Add the increasing burden of regulatory compliance to the mix, and your
costs have grown 30% for document retention alone. You have to
increase your ability to store documents, retrieve them and share them
appropriately. In many cases, retention of documents has gone from
a statutory requirement of three to five years to 25 years. Consider
what retrieving documents 25 five years from now might require. Your
descendants may not have the technology available to produce the documents
an auditor or attorney might want a decade from now, much less in 25 years.
Why Linux?
Not long ago, an enterprise could erect walls around its IT
infrastructure. It safely could contain the outside world, and if it
had problems, security could contain it. Value added networks, or VANS,
provided private pipes with which to do business with EDI partners.

Today, IT infrastructures stretch beyond the firewall. Vendors and supply
chain management touch one end of the value chain, and customers and
business partners touch the other end. The regulatory environment touches
your infrastructure because of requirements stipulated in the Health Insurance
Portability and Accountability Act of 1996 (HIPAA), Sarbanes Oxley,
DoD 5015.2, Patriot Act, Employee Retirement and Income Security Act,
Consumer Product Safety Act, Family and Medical Leave Act, SEC Rule 17a-4,
NASD 3010 and 3110 and much case law, to mention only the main ones.

The regulatory environment alone demands resources we did not consider
necessary five years ago. Now, even small-to-medium size businesses have to
make investments in storage area networks (SANS), back-up facilities and
redundant architectures. Requirements for open standards and application
security can bring heavy fines and penalties for non-compliance. In
February of this year, the SEC levied fines totaling $2.1 million against J.P. Morgan
Securities for failing to produce all of the e-mail requested during an
inquiry.

Linux fits the needs of the new business environment. It provides open
standards and access to its source code. It allows an enterprise to
provide revenue growth and cost containment. It also provides stability,
security and interoperability among disparate operating systems and
software applications.

More importantly, the spread of Linux to the corporate infrastructure
itself creates a need to manage heterogeneous environments. Companies
have to deal with Linux, and they no longer simply can turn to a
Microsoft island. Business partners, vendors, customers and service
providers in the global community utilize Linux among other disparate
systems. Enterprises have too much at stake to stick with a limited IT
environment, and finally people have come to realize that this is for
their own best interests.

The days of putting up with frozen screens, viruses, worms, unpatched
systems and applications and bad system management practices are coming
to a swift end. All of the marketing hype in the world
cannot make Microsoft a better system. It's time finally to admit that
you can search the Internet faster with Google and its Linux technology
than with your own desktop. Enterprises might consider that fact when starting
to think about consolidating their business processes.
Enterprises Require Integrated IT Environments
If you ever have called a company for customer service, had to enter your
account number to start the call only to give it to the operator again,
you have a sense of a disintegrated business. A disintegrated business
has applications and storage in various silos.

In
a recent article,
Madan Sheina provides a nice description of application silos:

As IT advances at a rapid clip, the original focus has largely been on
process automation--i.e. capturing and managing transactions. As
the amount of transactional data collected within enterprises
continues to rise, the number of places and ways it is stored has
also grown proportionately. This has led to a syndrome commonly called
"application silos", where the deployment of multiple IT systems--such
as enterprise resource planning (ERP), customer relationship management
(CRM), data warehouses, customer portals and content management
systems--are giving business users incomplete and inconsistent pictures of
corporate information.

For someone obsessed with revenue growth and cost containment, the
replication of data in various silos causes unaffordable problems. To
provide an example, think about Credit Agricole, a company that manually processed
all of its security events and alerts from various firewalls, routers,
system scanners, databases, anti-virus software, network logon failures
and so on. The enterprise saw approximately 450,000 alerts a day. Consider the
amount of staff time and workload required to deal with this many
alerts. Using an integration tool, the company
centralized all of its various log events into a single reporting
environment, and by eliminating duplication, brought its actionable
events down to 30 a day.

Consider Credit Agricole's problem as lightweight compared to customer
data, inventory analysis or simple record access from user account
management. In a survey on Wall Street, analysts discovered that on average 60%
of all user accounts were orphaned. That means the employees no longer
worked at the company.

Also think about all the directories companies have in application
silos, such as human resources, e-mail directories, insurance and retirement
accounts, security applications, customer relationship management
tools, accounts payable and receivable and so on. Using open source tools on
Linux, system administrators can reconcile those records and virtualize
them. Data can be verified, duplication eliminated and user privileges
assigned through automation.

Linux allows businesses the ability to simplify their infrastructures
and their management, provide business continuity and durability
of data while managing it through its life cycle. Linux provides high
availability and self-healing grid computing and the ability to virtualize
silos into a single managed environment. The majority of major solution
providers for grids, storage area networks, Web services, federated
identity management and the like run on Linux. Of all the major providers,
IBM appears to lead the industry with its early recognition of this
fact, which the company chairman calls On-Demand Business.
Wake Up Call Being Heard
According to a seminar by IBM called
"The Road to Resiliency",
Yankee Group and Sunbelt Software surveys indicate that enterprises
recognize the value proposition of Linux in increasing revenues and
containing costs. The survey results indicate that:

• 64% of customers plan to move a portion of their OSes to
  Linux
• 25% plan to migrate from Windows to
  Linux
• 21% plan to add Linux servers
• 11% plan to replace Windows servers totally.

According to the same sources, enterprises see Linux as having advantages in:

• Speed of development
• Flexibility
• Skills reuse
• Speed of adjustment to changes
• Freedom
• Choice

In the same seminar, the presenters discussed a major customer that
switched its primary mission-critical application to Linux from a
proprietary system. The company, Cendant Travel Distribution Services,
put its Fares application on Red Hat Enterprise Linux and IBM
WebSphere using IBM xSeries and IBM BladeCenter servers. The move reduced
expenditures by 90% while achieving 99.999% availability and handling
300-400 transactions per second.

During the presentation, IBM shared a quote from Robert Wiseman, CTO of
Cendant Travel Distribution Services: "By standardizing
the architecture, we have reusable components that allow us to rapidly
develop and deploy new services and applications to meet our customer's
needs to be competitive in the market place."
Some Final Thoughts on Vendor Lock-In
Every generation of information technologists seem to have "the answer"
that will revolutionize the world. From my involvement in the industry
and my studies and research, I would say the answer changes according
to advances in the market, social and economic conditions and business
success. Ultimately, no one has "the answer".

In the last five years, Linux has proven to have a worthy paradigm
for collaboration and it makes effective use of the Internet. Using Web
service technologies and open standards allows enterprises to respond to
security threats while providing higher levels of customer satisfaction
and containing costs. The opportunity to use Linux exists now. Take the
decision to the executive suite and see if it makes sense for you.

Tom Adelstein is a Principal of Hiser + Adelstein, an open-source
company headquartered in New York City. He's the co-author of the book
Exploring the JDS Linux Desktop and author of an
upcoming book on Linux system administration to be published by O'Reilly.
Tom has been consulting and writing articles and books about Linux since
early 1999.