Beyond Chief Information Officer to Network Manager

John J. Donovan

Harvard Business Review

No. 88504 SEPTEMBER–OCTOBERHBR 1988

John J. Donovan

Decentralized computing is sweeping business voring decentralization. Employees want to operate like a wave rolling onto a beach. Its advance is un- their own systems, in their own way, and when it’s stoppable—and for some powerful reasons. Eco- most convenient for them. nomics is one important factor. On a mainframe The migration of computing power from corporate computer, the average cost per mip (millions of headquarters to divisions, plants, and desktops prom- instructions per second), a benchmark of hardware ises to reduce costs, enhance competitiveness, and performance, approaches $200,000. On a personal renew organizational creativity. But it also poses pro- computer the cost is only about $4,000. A similar found technological and political dilemmas for se- cost comparison applies to software. Individuals and nior executives responsible for computer operations. small groups can develop computer applications If they try to exploit the favorable economics of PCs faster and less expensively than large teams can. To and locally developed software, they may wind up avoid diseconomies of scale in programming, compa- with hundreds of isolated applications—what I call nies disperse the software development process. information islands—unable to share data. If senior Strategic and organizational factors are also driving executives focus on avoiding these information is- the decentralization of computing power. By defini- lands by resisting decentralization, they may not tion, information systems that link companies with only forfeit attractive business opportunities but also distant customers or suppliers—the much-heralded invite mutiny among users wanting to develop sys- use of information technology as a competitive tems of their own. weapon—cannot be restricted to a headquarters com- There is no shortage of cautionary tales about the puter facility under tight central control. Within perils for managers of decentralized computing. For companies, the emergence of confident and capable example, the senior executive in charge of computer computer users creates a powerful constituency fa- systems at a lawn-equipment company allowed its two major factories to develop their own information John J. Donovan is Chairman and Chief Executive Officer of The systems for tracking work orders and inventory. Both Cambridge Technology Group in Cambridge, Mass., an organiza- used stand-alone IBM System/36 minicomputers, tion that builds major strategic applications for a variety of organizations in the public and private sectors. Professor Donovan is but their application teams wrote incompatible pro- also a tenured faculty member at MIT’s Sloan School of grams customized to their factories’ operations. This Management. created problems when the CEO asked for regular

Copyright ᭧ 1988 by the President and Fellows of Harvard College. All rights reserved. consolidated reports on shipments and inventory. In practice, network management means evaluat- The chief information officer’s staff had to collect ing hardware technologies with as much emphasis data from each factory separately and combine the on telecommunications capabilities as on sheer information by hand. Responsiveness to the individ- processing performance. It means developing sys- ual needs of each factory interfered with corporate- tems-level software tools that guarantee network se- level data collection and analysis. curity and create consistent, easy-to-use interfaces These problems are not confined to the private between workstations of different power built sector. One state government’s information center around different architectures. It means implement- allowed individual agencies like public welfare and ing connectivity standards throughout the organiza- finance to purchase their own computer hardware tion so that users are free to revise their applications and specify the most urgently needed applications. without jeopardizing the company’s entire network. To avoid connectivity problems, software engineers In short, it means setting technological and organiza- in the information center wrote the programs and tional ground rules to guide self-directed computer made sure they conformed to standards. But long users. backlogs developed, and frustrated users began Up to now, CIOs have governed computer use in squeezing free applications from their hardware ven- decentralized environments using several distinct dors or burying the acquisition of unauthorized soft- policies. (See the illustration, ‘‘The Four Stages of ware in equipment purchase orders. Ultimately, the Decentralized Computing.’’) The logic of this frame- government wound up with dozens of data bases work is quite simple. CIOs make centralization/de- and spreadsheets that could not feed into its central centralization choices on three levels. The three computer. It still has not unraveled the mess. dimensions of the framework correspond to these In the world of business computing, the 1980s has choices. The x-axis traces the degree to which compa- been the decade of the chief information officer. nies distribute hardware to factories and offices. The Company after company has named a senior exe- y-axis reflects the decentralization of development cutive, reporting to the CEO, to preside over its functions like writing new applications and updating strategic information agenda and data-processing op- software. The z-axis tracks the location of decision- erations. CIOs and their staffs have been busy manag- making authority over information systems—for ex- ing enormous hardware and software budgets, ample, who approves hardware purchases, or who de- designing strategic applications, training new users, termines what applications to develop. and building and running vast computer systems. The point on the framework where the three axes I believe the 1990s will witness the emergence of meet represents the set of centralized policies with a new breed of senior information executive—the which virtually every company entered the com- network manager—whose priorities and challenges puter age three decades ago. Here, the corporate will differ in many important respects from the information staff wields absolute control: large CIO’s. Unless CIOs successfully transform them- mainframes available only to data-processing profes- selves into network managers, they will be ill- sionals run programs designed and written by cen- equipped to confront the user dissatisfaction, organi- tralized software teams. Today this set of policies is zational squabbles, and technological roadblocks in- an organizational and technological dinosaur. To be variably triggered by the advance of decentralized sure, some companies still maintain administrative computing. systems, like payroll and accounts payable, under What’s the difference between a CIO and a network rigid central controls. But the proliferation of mini- manager? Network managers understand that in a computers, technical workstations, and PCs has ren- world of accelerating decentralization, the most ef- dered extinct policies based on highly centralized fective way to oversee a company’s computer re- hardware. sources is to relinquish control of them and instead Point B, on the other hand, represents the ‘‘helping focus on the networks that connect them. Network hand’’ method of managing computers in the current managers won’t merely accept the inevitability of era of distributed hardware. Mainframes, minicom- decentralized computing. They will encourage it by puters, and PCs are located in and are operated surrendering authority over hardware purchases and by the factories or branch offices that use them. But software development while seizing control of com- these departments do not write, update, or service munications systems and policies. These areas will the application software that powers their equip- grow increasingly complex as hardware and software ment. A central technical staff performs all develop- migrate down the organization, and the business re- ment work in response to priorities set by the users. lies more heavily on electronic links with customers The state government information center described and suppliers. earlier operated under such policies.

HARVARD BUSINESS REVIEW September–October 1988 135 None of these points represents a natural home in 187 tax offices throughout the state. To facilitate base for an organization. The competitive demands data feedback from these offices to a powerful Am- of the industry, the organizational structure of the dahl computer in the state capital, the IS department company, and the technological competence of the insisted on absolute control over the details of every work force all influence the pace and method of de- application. centralization. But virtually every company is mov- But its 12 programmers couldn’t make even minor ing (although at different rates) toward Point D, the changes fast enough to satisfy users. Some local of- ‘‘network’’ model. Let’s look at each of these policies fices wanted to enter names in an order different in turn. from standard. Others wanted touch screens to speed data retrieval. Still others wanted more efficient search routines for updating vehicle information on existing files. These disenchanted users began tin- Big Brothers and Powerless Users kering with the programs and acquiring unauthorized software. State legislators, worried about Big brother policies usually govern transaction-ori- applications overload of the IBM equipment, pres- ented systems where users have limited technical sured central IS to clamp down. expertise—applications like point-of-sale scanners in The motor vehicles department has not yet devised supermarkets or hand-held terminals that help truck a solution. Ultimately, however, it will have to face drivers track billings and deliveries. One distinguish- up to a classic information systems dilemma. Should ing feature of big brother systems is their simplicity. the department expand its programming staff to Applications in this environment are specialized, make it more responsive to user needs? Or should it with users choosing from no more than ten possible accept the users’ growing confidence by loosening transactions. Moreover, since users of big brother control over applications while requiring conformity applications tend to be line personnel, they usually to data communications standards? Whatever the lack clout within the organization to voice or act on department decides, the central lesson is clear. Once any dissatisfaction they feel about the system. users in the big brother environment reach a critical The simplicity of the applications and the lack mass of restlessness, the status quo is almost impos- of expertise and organizational standing among end sible to maintain regardless of the users’ lack of users allow the information systems (IS) department power to act on their grievances. to maintain a tight grip on computing systems. It trains and supports users and distributes single, cen- trally developed versions of all software. Rather than give users source code that might permit them to A Helping Hand for Indirect Control tinker with an application, the IS staff distributes only binary machine code—a string of ones and Helping hand policies govern complex applica- zeroes that even experts might find difficult to alter tions used by executives who have a deep under- and that unsophisticated users certainly couldn’t re- standing of their operation’s competitive strengths vise. In deciding how to meet users’ needs, the CIO and weaknesses. The manager of an insurance com- often keeps an eye on controlling costs instead of pany’s regional office, for example, will have unsur- trying to minimize response time. passed knowledge of that territory’s risk profiles, This environment suffers from several built-in ten- regulatory structures, and customer preferences. It’s sions. For example, though the users may spend the unlikely that computer professionals at company bulk of their day working with the computers, they headquarters could generate programs that meet the have little control over how they operate. Companies needs of this regional office without its close involve- that base service on minimizing costs often create ment. In this case, unlike the big brother model, the long backlogs for users who seek to have programs central IS staff writes and maintains programs to updated or modified. Even if cost is not an issue, meet specifications set by branch offices, divisions, the IS staff in big brother environments often resists or subsidiaries. And computer users often have direct upgrading its responsiveness to users for fear that access to senior management—a political reality that too many versions of an application may undermine can complicate the CIO’s control over computing software consistency. Backlogs and lack of respon- resources. siveness breed resentment. But maintaining control is still the CIO’s basic That’s what happened at the department of motor objective. The IS staff develops software that is based vehicles in a large southern state. The department on user specifications, but that also conforms to stan- processed automobile registrations and title applica- dards set by headquarters. The IS department selects tions on dedicated IBM Series 1 computers located programming languages, development procedures,

136 HARVARD BUSINESS REVIEW September–October 1988 The Four Stages of Decentralized Computing

D Network

Watchdog C Development

B Helping Hand

Decision Making Big Brother A

Equipment

A. Decentralized equipment B. Decentralized equipment C. Decentralized equipment D. Decentralized equipment Centralized development Centralized development Decentralized development Decentralized development Centralized decision making Centralized decision making Centralized decision making Decentralized decision making

and operating systems that maximize network con- Consider how changes in federal tax laws affect nectivity. It uses its authority over departmental pur- computer systems at a real estate development firm. chases of hardware, software, and peripherals to The IS group may have to alter dozens of customized maintain consistent hardware architectures. Finally, financial, marketing, and accounting programs that the IS office trains and supports the technically unso- contain now-obsolete assumptions about tax rates phisticated end users. and depreciation schedules. Then it must distribute The control tactics in the helping hand model are the changes to possibly thousands of PCs simultane- more indirect than in big brother policies. The CIO ously—an expensive and time-consuming operation. and the IS staff play supportive instead of authoritar- While central IS defines development procedures ian roles. Developers work closely with users when in principle, in practice frustrated users can threaten writing programs and discourage features that might program consistency in several ways. Consultants interfere with the company’s broad computing goals. hired without authorization can develop chunks of Central IS often acts as a software librarian, main- programs or entire applications that don’t follow IS taining tapes of programs and swapping applications guidelines. The availability of low-cost, off-the-shelf between offices and departments. A financial analy- software can also give rise to elaborate spreadsheets sis program developed for one branch office might and data bases outside IS control. If they’re incompat- be offered as a bonus to other branch offices. In this ible with existing programs or network software, way, software becomes a bartering chip with which these pockets of information can introduce inaccura- the CIO maintains user harmony. cies into corporatewide data and jeopardize the Central IS must also play a mediating role as of- smooth functioning of strategic applications. fices and divisions vie for limited resources. Indeed, A real estate company owned by a major entertain- scarce programming resources—particularly for ment conglomerate illustrates these risks. The com- maintaining existing applications—are the greatest pany’s local offices relied on customized sales and source of instability in the helping hand environ- marketing support systems tied into a central main- ment. Analysts estimate that every dollar a CIO frame to track their primary resources: homes, con- spends developing a program requires an addi- dominiums, and raw land. The CIO wanted to tional $4 in maintenance costs over its life. So maintain an accurate inventory of all the company’s as customized applications proliferate, IS budgets holdings by ensuring smooth data flow between local skyrocket. computers and the company mainframe. To this end,

HARVARD BUSINESS REVIEW September–October 1988 137 the IS department required local offices to run the unusual for auditors to visit departments on a weekly core applications on a brand of personal computer or even daily basis to search through computer files chosen for its ease of connection with the main- for unauthorized programs. frame. Within these hardware and software con- Within these tight constraints, however, indepen- straints, IS programmers modified and enhanced the dent development teams essentially run their own sales and marketing applications based on local technical shops. The local staff handles day-to-day specifications. operations like setting passwords and correcting The backlog of unmet modifications kept grow- hardware and software failures. These local teams ing. Central IS tried to buy time by offering users develop and distribute software to users. Still, they remote access to other popular programs on the must requisition the hardware and development corporate mainframe. But local managers appealed tools from central IS and obtain permission to de- to the company’s senior executives and got permis- velop applications. sion to hire consultants to make the much-delayed The watchdog environment has the most severe software changes. Before long, information began built-in tensions of any of the models I’ve studied to migrate from the mainframe corporate data base and is therefore the least stable. Despite the elimina- to these new PC programs—not all of which fed tion of programming backlogs (local developers write smoothly back to the mainframe. The company and update their own software), purchase orders and could no longer maintain an accurate inventory of requests for permission to develop applications can its properties; and, because users often failed to pile up and slow the programming process. Bright, back up data on their new programs, information capable engineers resent development delays even on some properties disappeared altogether during more than their business-minded counterparts in the hardware failures. helping hand framework or the line personnel in the The CIO called for audits to root out troublesome big brother environment. Moreover, strict policing programs and withheld mainframe services from the by central IS can be interpreted as interference or renegade offices. The political struggle became cor- harassment—another potential source of frustration. poratewide and tempers ran high. There still is no So it’s not unusual for talented local programmers long-term resolution to this situation. A carrot-and- to spend a good deal of their time developing and stick approach based on rewards for good behavior hiding unauthorized software or otherwise skirting and software audits may provide incentives to main- IS controls. tain the integrity of the data base. Otherwise, the The government of a large northern California city CIO may have to allow local offices to take charge recently experienced this problem. Each of the city’s of their own software modifications as long as the 24 departments had two or three programmers re- changes meet strict mainframe-to-micro communi- sponsible for loading, integrating, and debugging cation standards. software on the department’s private branch telephone exchange (PBX). One important application tracked outgoing telephone calls and billed the offices that made them. In turn, each of the PBXs was Watchdogs Can’t Watch Everything connected to a citywide network through a communications program controlled by a central computer The factors that give rise to watchdog policies are services group. But the communications software often the reverse of those that lead to helping hand had weaknesses that the central group was slow to principles. Watchdog policies most often govern correct. large, inflexible bureaucracies with clear lines of au- Long accustomed to the hierarchy of city govern- thority and hierarchy. Military installations almost ment, local programmers wasted no time in going always operate this way, with teams of engineers over the CIO’s head to voice their frustration. They writing programs specified by higher ranking offi- simply developed their own communications soft- cers. In general, end users in the watchdog environ- ware, which eventually created inconsistencies in ment are technically proficient, but lack the business the network. Moreover, the time local programmers insights to specify the applications they need. As a devoted to communications software was time they result, central IS controls all major decisions, from should have spent on other projects. This is a clear hardware and software purchases to application de- example of a CIO losing control of a vital re- velopment priorities. The IS staff standardizes op- source—in this case, programmers’ time—by ne- erating systems, programming languages, sometimes glecting the technical concerns of subordinates who even programming style, and the CIO enforces direc- are fully capable of addressing those concerns tives through frequent and rigorous audits. It’s not themselves.

138 HARVARD BUSINESS REVIEW September–October 1988 The Challenges of Network nies, purchasing equipment, and cutting long- distance phone bills. These managers almost never Management give data networks the attention they deserve. Some forward-looking companies have assigned special There is a structural elegance, based on simplicity responsibility for data communications to a man- and self-direction, that distinguishes the network ager who reports directly to the CIO. This is an model from its counterparts. End users in the other improvement, but it doesn’t go far enough. The frameworks are under the control—direct or indirect, CIO must become personally and deeply involved respected or circumvented—of the corporate infor- in communications decisions—perhaps to the point mation staff. As we’ve seen, such control can lead of spending several hours a day on the design, to struggles over scarce resources. This turmoil not maintenance, and expansion of the physical net- only undermines the CIO’s authority but also jeopar- work. Otherwise, it’s unlikely that the company dizes the computing goals the policies were designed will make the investments or devote the staff to serve. resources necessary to build a high-performance Control over day-to-day computing is not an issue communications infrastructure. for network managers. Technical staffs under the di- Systems-level connectivity is the second major rection of the company’s departments or divisions challenge. A smoothly functioning network should handle every aspect of their information systems. allow the corporate information staff to monitor and They purchase hardware and peripherals, develop address the performance of every computer on a par- and write applications, load operating systems, and ticular network. For example, the network manager’s respond to equipment failures. Development back- staff should be able to assign or modify passwords logs and approval delays are a thing of the past. quickly to block unauthorized access to new applica- Beneath this decentralized simplicity, however, tions on a network that contains sensitive data. Like- lurk imposing technological challenges. Completing wise, the IS staff should be able to distribute new the transition from CIO to network manager requires applications to whatever computers in the network implementation of the three levels of connectivity— need it, regardless of their operating systems or physical, systems, and applications—that link com- locations. puters and enable them to share information. The Several major vendors, including IBM, Digital computer industry’s failure to adopt multivendor Equipment, and AT&T, as well as a few independent standards in so many areas—operating systems, data software companies, offer systems-level tools that storage and exchange, mainframe-to-micro commu- perform some connectivity functions. But these nications—immeasurably complicates the network third-party solutions have grave shortcomings. Most manager’s job. But the development of effective, cus- of them provide security and manage remote termi- tomized solutions to all three levels of network nals, but they generally don’t integrate these capabil- connectivity is a prerequisite for evolution to the ities under a consistent, easy-to-use interface. And network model. as with the physical network, the absence of industry Let’s consider each level separately. A single noisy standards means that no single product can address telephone line or a faulty chip at a component instal- more than a fraction of the hardware and communi- lation can cripple a system that depends on exchang- cations protocols scattered throughout the organi- ing information between factories, or between a zation. Effective systems-level connectivity may mainframe computer at headquarters and microcom- require a large investment of staff time to develop puters in branch offices, or between a company and customized solutions to vexing technological prob- its customers. So a network manager’s most basic lems. These investments won’t be approved unless responsibility is to build and maintain a robust data the senior executive in charge of information sys- communications infrastructure—the physical net- tems makes them a priority. work—that minimizes interruptions and downtime. Building a reliable communications infrastructure This means paying closer attention to the selection whose performance can be monitored by the central and maintenance of telecommunications equipment IS staff is valuable only if the hundreds of applica- and services like long-distance data transmission, tions running on the network can freely exchange modems, multiplexers, and controllers, and evaluat- information. True applications connectivity is a for- ing these technologies on the basis of reliability and midable challenge—even for a network composed of accuracy, as well as cost. nearly identical computers and software—because Today data transmission at many companies is the applications are constantly changing. And modifica- responsibility of a director of telecommunications tions can interfere with an application’s ability to who focuses mostly on selecting telephone compa- feed data into other software.

HARVARD BUSINESS REVIEW September–October 1988 139 The technical obstacles to relationship banking, a links a company with its suppliers almost invariably highly prized application in the competitive finan- must support several operating systems. Perhaps a cial services industry, are a case in point. A single decade from now the computer industry will adopt marketing representative analyzes, evaluates, and connectivity standards for easier exchange of data recommends changes in a customer’s entire portfo- between computers built around different architec- lio. To do this, the representative must be able to tures. Until then, however, it’s up to network manag- summon on command a comprehensive profile of ers to devise customized solutions. the customer’s activities in all the bank’s services. These solutions require the development of what That requires pulling information from the separate I call ‘‘application filters’’ that translate between dif- computer systems that manage, for example, home ferent systems on the network, hide each computer’s mortgages, certificates of deposit, checking ac- particular characteristics, and adjust for application counts, and car loans. But each system’s evolution changes. Several organizations, including Covenant can affect the entire network. Something as simple Insurance, the American Red Cross, and Maryland as reversing the order in which checking-account National Bank, have implemented such filters in operators record first and last names threatens the large strategic applications. Their experiences to date integrity of a network unable to adjust to that change. have been quite encouraging. In the near future, ex- At this level, maintaining applications connectiv- pert systems may be able to detect and adjust auto- ity requires strict procedures to guarantee that matically for application changes affecting the rest departments notify the network manager of all soft- of the network. Prototypes of such expert systems ware modifications. Under this system, the role of have been developed, although the technology re- the central IS staff evolves from approving or devel- quired for full-scale implementation is still several oping applications to adjusting the interface between years away. modified applications so they can continue to ex- The transition from CIO to network manager will change data. be neither immediate nor easy. But it must be made Applications connectivity becomes even harder if senior executives want lower costs and enhanced when the network is supporting incompatible com- strategic advantage from their computer systems. puter systems. For example, a bank that acquires a The CIO who faces the challenges of network man- competitor and wants to offer relationship banking agement head-on can overcome the perils of decen- may have to gather data from two vastly different tralized computing and tap its vast potential. computing environments. Likewise, a network that

140 HARVARD BUSINESS REVIEW September–October 1988