Global IT challenges: Privacy, standardization, transformation top the list

By:  Esther Shein


It’s one of an IT leader’s biggest nightmares: Imagine you’ve got a division in Russia, which has very strict privacy laws regarding employees’ rights to control their information, and there are 12 employees who refuse to allow their information to leave company walls.

“Then the reality is you need to then manage the data around those 12 individuals and then it comes down to scope, scale and size,” notes Clark Golestani, CIO of Merck. Sometimes, if there is a small amount of information company officials need to work with, “paper may be the most efficient method,” he says. If it’s a larger amount of data, “putting in a locally based system will be necessary.”

And there are other global challenges, like how to handle systems that capture information about customers through all forms of communication — especially in highly regulated industries like healthcare.
IT also has to, of course, grapple with issues that are more technical than regulatory, especially in countries with less-developed infrastructures. “So you’ve got the technical challenge of network availability and network stability and power availability and stability,” Golestani says. “I think those actually are easier to [solve] with technology than the information privacy aspects, because one can employ all sorts of technical techniques to build robustness into the technology.”
Today’s global challenges

These are not the logistical challenges of days gone by, when offshore outsourcing began and companies started developing IT in different countries where technology was being consumed. Back then, when it came to global deployment of technology, size and complexity used to give IT the jitters.

Nowadays, it’s the need for speed, staying flexible while trying to standardize processes as much as possible and engaging in digital transformation — all while operating globally — that are keeping IT leaders up at night.

“More is possible now because of what’s happening around the world — telecom costs are continuing to come down as deregulation costs come down,” observes Frances Karamouzis, a vice president and distinguished analyst at Gartner. As a result, there is a big push to get to a single instance for deploying apps and analytics.

“People want real-time dashboards and analytics,” she says. Executives in Walmart or the Gap, for instance, “want to be able to walk around wherever they are on an iPad and have conversations with people in other regions around the world and look at real-time data,” so they can make decisions proactively, she says. She terms that a “persistent digital experience.”

All of this requires a single instance, says Karamouzis. “I can’t have my databases in Russia, Brazil and the U.S. and every week sync them up. They have to all hit the same database. That’s the single-instance structure.”
More standardization required

As companies implement their technologies around the world, the biggest trend Karamouzis sees is the movement to create more process standardization and to digitize as many processes as possible. “Gone are the days of every business unit saying ‘I’m special or unique so I need a different system in Brazil or Russia,'” she says. “We’re in this mode where you have to more highly justify why something is new or unique.” Software as a service or in the cloud are “based on a repeatable model where if things aren’t customized they are configurable.”

She admits that getting to a single instance is not easy, given corporate politics, “but at the end of the day, senior people in an organization have to really put their foot down and embrace the idea and permeate it down.”

Security is of course, another challenge — how to stay compliant with multiple countries’ regulatory requirements as they change and how to stay secure in a dynamic environment when you’re developing new functionality.

A third big area for global companies is figuring out the key performance indicators — how to measure success, Karamouzis says. “Can you come up with global standards to measure our success consistently from country to country? How do I develop these dashboards?”
A single-instance strategy

Merck operates in over 140 countries, and to effectively roll out technology worldwide, the company has adopted a global single instance strategy. In other words, systems such as SAP are made available to the majority of countries Merck operates in, says Golestani.
Clark Golestani, CIO of Merck
Global technology issues are “are easier to [solve] … than the information privacy aspects” says Clark Golestani, CIO of Merck.

Yet, even with such a strategy in place, operating globally has “all sorts of interesting twists that keep [a global single instance] from being full executed,” he adds, such as data privacy concerns. “Another challenge is physics — electrons and light travel around the globe only so fast,” so there are things that have to be worked through to ensure adequate performance.

In countries with strict privacy laws “you end up compromising the global single instance, or you have to put in all the extra work to gain the agreement to be able to operate,” Golestani says. In those instances, Merck has two options: Either gain consent from the individual to whom that data belongs, and/or put in place privacy provisions that allow the global movement of data, he says.

It’s not just IT that gets involved in these situations — it’s a combination of regulators, compliance organizations and various business units that may be looking to utilize the data within their business processes, he says.

“As a company, we put in place very robust policies, procedures and technologies to enable the movement and management of data in accordance with Safe Harbor and binding corporate rules,” says Golestani. “To achieve that takes a very high level of rigor and discipline globally.”
Business rules mean you don’t reinvent the wheel

With 3,219 sites in 220 countries connected to its network, UPS can’t afford to have technology glitches. This is especially true when it comes to deploying mobile apps such as updates to scanning technology on its ubiquitous 128,000 Delivery Information Acquisition Devices (DIADs) that UPS drivers carry with them.

An engine containing business rules for various countries makes global tech deployments to existing systems like the DIADs more seamless, says Nick Costides, vice president of information technology at UPS. If the technology the company is deploying is itself a process change, then it’s handled very differently, he says

Whether it’s introducing new UPS products or services such as My Choice to the marketplace, or implementing large-scale integrated capabilities like World Wide Express Saver Freight — which rely on multiple systems — “we choreograph the deployments across our teams and systems. We would first beta-test the releases in the individual markets such as the U.S., Europe and Asia, prior to executing the global deployment, testing all facets of the solution including the installation and functionality,” Costides says.

Once beta testing is completed, “that’s when we pull the trigger on system deployment,” says Costides. Whether it is pushing software out to PCs, DIADs, workstations or the servers that support them, the key is everything has to be awake and on to receive the update, he explains.

“For a lot of more mature solutions, in addition to the packaged software we use for software distribution, we’ve also written algorithms that allow us to check the versions when the device wakes up” to ensure it takes the upgrade, because it is being done in concert with other devices. So synchronization, algorithms and software distribution solutions are critical to ensuring that the distribution occurred, he says.

That’s something IT has learned over time: The importance of synchronizing the vast number of devices — including servers, workstations, mainframe regions and mobile devices — across the ecosystem that support a given solution, Costides says. For example, updates to UPS’ My Choice Service, known as Follow My Delivery, required enhancements to both the operational technologies in the company’s package centers and in the software code used in customer visibility solutions, he says.

Like Merck, UPS has also run into privacy issues when entering new countries. For example, DIADs were made available in Malaysia earlier this year. “There are privacy laws in certain markets that are very different … in terms of how we store and encrypt data, so we have to be very careful that we understand those [local] laws and we may have to actually make investments in the app” for that specific market, he says.

Consequently, more code has to be written to accommodate the rules of different countries UPS enters. In that case, “we’ll architect the solution” so it is “based on local market knowledge,” Costides says. The idea is not to deliver one-offs because requirements will often repeat in different countries. “In a lot of our modern solutions we’ll use a business rules engine,” Costides notes.
Nick Costides – UPS vp/IT
“We choreograph [app] deployments across our teams and systems,” says Nick Costides, vice president of IT for UPS.

For example, as packages move across borders where UPS has to understand specific compliance and customs regulations, instead of writing the individual business rules in a native program language — which is prone to error and costs more to deliver, he says — UPS will employ a business rules engine to manage the country-specific business rules for customs compliance.

“Instead of something that has to be engineered, the toolset has a place where we can put in different data by market or process,” and IT uses off-the-shelf products to do this, he explains.

UPS has to deal with different providers in different markets for wireless and cellular coverage, which sometimes involves tricky negotiations, especially when the company enters new countries. The firm also tries to make local hardware purchases wherever possible. “If you can leverage partners whose assets are in that country you save from a cost perspective,” he says. “Since we deploy tech globally, we look to source locally.”
Making the digital transformation

As General Electric transforms itself into a digital industrial company, it is rolling out a secure global IT stack both in the cloud and on-premises to efficiently serve both internal and external customers.

As a result, IT is becoming more than support function; it’s becoming the critical enabler of the business to help achieve “the disruptive innovation we want to bring to each of the businesses,” says Alain Lafanechere, Digital Workplace Solutions executive at GE.
Alain Lafanechere, Digital Workplace Solutions executive at General Electric, says its global deployment challenges are about finding the right balance between speed and consistency.

GE conducts business in some 180 countries, and Lafanechere says its deployment challenges are all about finding the right balance between speed and consistency. “To do that, we must rely on this modern application infrastructure, which means having the right central global framework, tooling and models. And on the other hand, we must keep a local presence and local proximity to customers and keep listening to them and deliver to them solutions and value they’re expecting.”

Part of that balance involves deciding when technology needs to be sourced regionally and when a global system should be used, such as GE’s Predix cloud-based operating system for industry, he says. That involves taking into account local and industry constraints, and also country-based requirements for data privacy and data retention.

Finding local talent is also something the company constantly contends with, especially since that is key to understanding different countries’ requirements, Lafanechere adds. GE has started doing significant hiring around the world.

Gartner’s Karamouzis agrees that finding local talent has become a more acute challenge. The tables have turned, she says, because companies used to be able to find plenty of offshore talent in India. “But newer skills, like mobile and user experience design … are skills you need to have closer to home,” meaning the company’s domestic location and in the same time zone and near its customers and business professionals, she says. “So the pendulum of demand swung to India — and now an element of that has swung back.”

A lot of digital and user experience design web projects often have to be done in-country or near shore, she says. Now there is a big movement to get rid of labor — or what Gartner calls “automation arbitrage” — by automating a process and taking labor out of the equation. Making things move better and faster by removing labor is “the single biggest trend we’re seeing in globalization,” Karamouzis says.
Time zone challenges

The U.S. Coast Guard has utilized contractors in other countries, not so much to deal with local requirements but to be able to work around the clock. Yet that hasn’t always proven so easy.

In his previous job as division chief for the Information Systems Division for the Coast Guard Aviation Logistics Center, Commander Chad Long had a developer working from India for a period of time. “We thought that it would be great jointly working on projects around the clock,” he recalls. Instead, “what we found was lots of work stoppages waiting for questions to be answered from coworkers in the opposite time zone.”
Chad Long, IS division chief for the U.S. Coast Guard and Premier 100 IT Leader

In his previous job as division chief for the Information Systems Division for the Coast Guard Aviation Logistics Center, Commander Chad Long had a developer working from India for a period of time. “We thought that it would be great jointly working on projects around the clock,” he recalls. Except it wasn’t.

The developer was doing a lot work for the Coast Guard’s home-grown supply chain tool in North Carolina, and went back to visit family in India, says Long, who is now an aeronautical engineering officer for the Coast Guard in Atlantic City, N.J.

The developer did not get his visa approved right away to return, and since he was a critical part of their workforce, Long says they tried to figure out what he could do remotely. “We would work on things during the day and then we’d pass it on to him, and the bottom line is, there was a dual workforce working on some of these areas.”

IT staffers found they were “constantly …waiting for him to answer some questions or for us to answer some of his questions,” which was hampered by the significant time zone differences. This went on for four months until the developer’s visa was approved.

What they learned as a result of that experience was to prepare contingencies for contractors working remotely around the world, especially when they faced a similar situation with a developer in South Korea, Long says. “The more that these teams in other locations can be self-sufficient … is going to make them more efficient.”
What you should know

When it comes to figuring out the best way to deploy technology globally, Merck’s Golestani likes to think of a 2×2 matrix. On one axis there is complexity of data and regulations, and on the other is data robustness. If a country has low complexity with regard to regulations and high robustness, deploying technology should require fewer resources, he maintains.

Things become dicier when there is a need for high robustness and complex regulations. “Complex regulations and low infrastructure capability usually requires the highest amount of resources — that’s the most challenging environment,” he says. “So with some type of rubric you can plot each of those quadrants.”

Sometimes, says Karamouzis, you’re not going to be able to solve a global challenge in a simple way. She recently talked to the CIO of a large professional services company with a presence in up to 30 countries — all with different CRM systems.

The CIO wanted to do a study looking at the best way to integrate all these systems “at a cost of hundreds of millions of dollars,” she says. “That kind of money will never get approved,” not to mention the fact that it will take at least a couple of years to do the work, she says. While it will be cheaper in the long run to go out a buy a brand new CRM system, it means the company will have to agree on a standardized process for how to track qualified leads.

Karamouzis told the CIO to first figure out what business problem he was trying to solve, then prioritize the business issues and, finally, decide on time horizons. The CIO was able to figure out the business problem; he said if they can’t standardize on one CRM system in the next five years the company won’t be able to compete.

Today, there is a level of transparency and a level of real-time information that is really pushing everybody to have global standards and processes. “The reality is, you have to say, ‘This is the new way we’re doing it. This is the standard and only in extreme circumstances can you deviate from the standard because of the exponential costs'” and the potential loss in transparency and real-time information, Karamouzis says.

When it comes to something like deploying a CRM system, companies often pick a small area where they want to be furthest along on the curve. She noted that GE had the goal of going from 470 different instances of ERP a couple of years ago to a number in the single digits. Now GE is at 70% of where they want to be, according to a company spokesperson. That’s a big accomplishment for a huge company, which is trying to figure out how to get to 30- to 90-day ERP deployment cycles.

“The focus on speed has never been more ruthless,” she adds, noting that ERP implementations have historically taken years.

“Years ago, if you walked into a conference room and discussed 30- to 90-day cycles everyone would have laughed and said ‘That’s a joke.'”

This story, “Global IT challenges: Privacy, standardization, transformation top the list” was originally published by Computerworld.
Esther Shein — Contributing writer

Esther is a journalist with extensive experience writing and editing for both print and the web with a focus on business and technology as well as education and general interest features