Linux in Government: The End Game for Vendor Lock-In
Enterprise transformation appears to exist in a continuous loop. Every three to five years we have to deal with new jargon and new technology. The jargon de jour differs from that of 10 years ago, when we spoke of Total Quality Management, ERP, Business Process Re-engineering, Activity Based Accounting, Best Practices and IDEF. If you do not recognize these terms, don't worry; we now have a set of new issues on the table and organizations have started responding accordingly.
Technology has the ability to enable business success, and some executives understand that. Once they "get it", you can see decision-making moving from IT departments to executive suites and board rooms. Today, a CEO has to understand much more than a few IT terms. He or she has to understand how technology owns everything from profits and losses to the serious potential liabilities associated with an oppressive regulatory environment.
CEOs cannot simply turn the problem over to the techies anymore. So, we can say that IT has moved from the data center to the executive suite, the legal department, assurance specialists and the board room, and we would be correct.
If you ran an enterprise, revenue growth and cost containment would occupy every waking and sleeping moment. In government, that also means increasing appropriations and grants and operating more efficiently. You have to use your money more effectively. Flat appropriations persist in economies such as the one we have now and what looks like the foreseeable future.
Add the increasing burden of regulatory compliance to the mix, and your costs have grown 30% for document retention alone. You have to increase your ability to store documents, retrieve them and share them appropriately. In many cases, retention of documents has gone from a statutory requirement of three to five years to 25 years. Consider what retrieving documents 25 five years from now might require. Your descendants may not have the technology available to produce the documents an auditor or attorney might want a decade from now, much less in 25 years.
Not long ago, an enterprise could erect walls around its IT infrastructure. It safely could contain the outside world, and if it had problems, security could contain it. Value added networks, or VANS, provided private pipes with which to do business with EDI partners.
Today, IT infrastructures stretch beyond the firewall. Vendors and supply chain management touch one end of the value chain, and customers and business partners touch the other end. The regulatory environment touches your infrastructure because of requirements stipulated in the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Sarbanes Oxley, DoD 5015.2, Patriot Act, Employee Retirement and Income Security Act, Consumer Product Safety Act, Family and Medical Leave Act, SEC Rule 17a-4, NASD 3010 and 3110 and much case law, to mention only the main ones.
The regulatory environment alone demands resources we did not consider necessary five years ago. Now, even small-to-medium size businesses have to make investments in storage area networks (SANS), back-up facilities and redundant architectures. Requirements for open standards and application security can bring heavy fines and penalties for non-compliance. In February of this year, the SEC levied fines totaling $2.1 million against J.P. Morgan Securities for failing to produce all of the e-mail requested during an inquiry.
Linux fits the needs of the new business environment. It provides open standards and access to its source code. It allows an enterprise to provide revenue growth and cost containment. It also provides stability, security and interoperability among disparate operating systems and software applications.
More importantly, the spread of Linux to the corporate infrastructure itself creates a need to manage heterogeneous environments. Companies have to deal with Linux, and they no longer simply can turn to a Microsoft island. Business partners, vendors, customers and service providers in the global community utilize Linux among other disparate systems. Enterprises have too much at stake to stick with a limited IT environment, and finally people have come to realize that this is for their own best interests.
The days of putting up with frozen screens, viruses, worms, unpatched systems and applications and bad system management practices are coming to a swift end. All of the marketing hype in the world cannot make Microsoft a better system. It's time finally to admit that you can search the Internet faster with Google and its Linux technology than with your own desktop. Enterprises might consider that fact when starting to think about consolidating their business processes.
If you ever have called a company for customer service, had to enter your account number to start the call only to give it to the operator again, you have a sense of a disintegrated business. A disintegrated business has applications and storage in various silos.
In a recent article, Madan Sheina provides a nice description of application silos:
As IT advances at a rapid clip, the original focus has largely been on process automation--i.e. capturing and managing transactions. As the amount of transactional data collected within enterprises continues to rise, the number of places and ways it is stored has also grown proportionately. This has led to a syndrome commonly called "application silos", where the deployment of multiple IT systems--such as enterprise resource planning (ERP), customer relationship management (CRM), data warehouses, customer portals and content management systems--are giving business users incomplete and inconsistent pictures of corporate information.
For someone obsessed with revenue growth and cost containment, the replication of data in various silos causes unaffordable problems. To provide an example, think about Credit Agricole, a company that manually processed all of its security events and alerts from various firewalls, routers, system scanners, databases, anti-virus software, network logon failures and so on. The enterprise saw approximately 450,000 alerts a day. Consider the amount of staff time and workload required to deal with this many alerts. Using an integration tool, the company centralized all of its various log events into a single reporting environment, and by eliminating duplication, brought its actionable events down to 30 a day.
Consider Credit Agricole's problem as lightweight compared to customer data, inventory analysis or simple record access from user account management. In a survey on Wall Street, analysts discovered that on average 60% of all user accounts were orphaned. That means the employees no longer worked at the company.
Also think about all the directories companies have in application silos, such as human resources, e-mail directories, insurance and retirement accounts, security applications, customer relationship management tools, accounts payable and receivable and so on. Using open source tools on Linux, system administrators can reconcile those records and virtualize them. Data can be verified, duplication eliminated and user privileges assigned through automation.
Linux allows businesses the ability to simplify their infrastructures and their management, provide business continuity and durability of data while managing it through its life cycle. Linux provides high availability and self-healing grid computing and the ability to virtualize silos into a single managed environment. The majority of major solution providers for grids, storage area networks, Web services, federated identity management and the like run on Linux. Of all the major providers, IBM appears to lead the industry with its early recognition of this fact, which the company chairman calls On-Demand Business.
According to a seminar by IBM called "The Road to Resiliency", Yankee Group and Sunbelt Software surveys indicate that enterprises recognize the value proposition of Linux in increasing revenues and containing costs. The survey results indicate that:
64% of customers plan to move a portion of their OSes to Linux
25% plan to migrate from Windows to Linux
21% plan to add Linux servers
11% plan to replace Windows servers totally.
According to the same sources, enterprises see Linux as having advantages in:
Speed of development
Speed of adjustment to changes
In the same seminar, the presenters discussed a major customer that switched its primary mission-critical application to Linux from a proprietary system. The company, Cendant Travel Distribution Services, put its Fares application on Red Hat Enterprise Linux and IBM WebSphere using IBM xSeries and IBM BladeCenter servers. The move reduced expenditures by 90% while achieving 99.999% availability and handling 300-400 transactions per second.
During the presentation, IBM shared a quote from Robert Wiseman, CTO of Cendant Travel Distribution Services: "By standardizing the architecture, we have reusable components that allow us to rapidly develop and deploy new services and applications to meet our customer's needs to be competitive in the market place."
Every generation of information technologists seem to have "the answer" that will revolutionize the world. From my involvement in the industry and my studies and research, I would say the answer changes according to advances in the market, social and economic conditions and business success. Ultimately, no one has "the answer".
In the last five years, Linux has proven to have a worthy paradigm for collaboration and it makes effective use of the Internet. Using Web service technologies and open standards allows enterprises to respond to security threats while providing higher levels of customer satisfaction and containing costs. The opportunity to use Linux exists now. Take the decision to the executive suite and see if it makes sense for you.
Tom Adelstein is a Principal of Hiser + Adelstein, an open-source company headquartered in New York City. He's the co-author of the book Exploring the JDS Linux Desktop and author of an upcoming book on Linux system administration to be published by O'Reilly. Tom has been consulting and writing articles and books about Linux since early 1999.