The ROI-Death (War) Politics or Security; Case In Point.

I am responding not only to this article from a recent post by CIO, but introducing my credible information as a person on the ground whose team worked these RFID issues in the Boeing manufacturing sector from 2001 to 2003. I was the Network Infrastructure Services Chair and Business Manager for this RFID team. This team was one of six or seven different projects that were on-going in which I was 'full-on' and involved, as far as I know. Through no fault of my own, except perhaps my age, I was layed-off with 40-50K people. Additionally, this in turn is another article on port safety.

METRICS:
"One of the challenges that comes along with securing the supply chain is measuring success. How do you know you've prevented something that hasn't happened?" I mentioned in my last post, [Lyle K'ang; No American Management for Our Ports?] about efficiencies. By using traditional business metrics: "Improvements in safety, insurance liability, efficiency.These are outgrowths of a good security program." [Reference 1: Security Compliance, Customs Rattles the Supply Chain.

Well yes, and by the numbers or metrics that are produced that specify 'no hits' or disabling features (dirty bombs exploding) which customs are tracking and looking for. At first glance, it is an easy-no-brainer-approach, of course, this is the obvious way, and a 'best practices' method!

What is a good system is the 'old dash board' system of BI (business intelligence)used in Boeing's manufacturing plants. No problems-the light stay's green and the line keeps on churnin' away. Used in other companies as well, I assume this process will allow freight to move through at lightning speed with the new ATDI. If your cargo is 'trusted' you can go right through via the 'green lane' and not be inspected. This is a great system-you know, getting products there fast. However, are there any foreseeablee features not architected that can breach the 'express lane'? You tell me...

"The reduction in inspections promised by C-TPAT (a government sponsored Web application) are another potential source of ROI. Toymaker Hasbro spent just under $200,000 on its up-front C-TPAT compliance and spends an additional $112,500 a year maintaining it. Since it became C-TPAT-certified in November 2002, its inspections have dropped from 7.6 percent of containers coming into the U.S. in 2001 to 0.66 percent in 2003. Given that in 2003 the company imported about 8,000 containers, and that port authorities charge around $1,000 per inspection, Hasbro is saving about $550,000 a year in inspection costs alone, approximately a 5-to-1 return rate." CIO 2006

"Members of the trade community expect that ATDI participation will be a requirement for Green Lane status. The definition of Advance Trade Data Initiative (ATDI), "which requires importers to share with Customs every bit of information about a shipment, including the purchase order, which ports it passes through, proof of delivery and its final destination within the United States". And while no one has a firm timetable for the merging of ATDI and C-TPAT (Customs says that participating in the ATDI pilot qualifies companies for tier-three status), the funding is in place. In November, Sen. Murray introduced the Green Lane Maritime Cargo Security Act of 2005; expectations for its passage are high. In all likelihood, CIOs will have between 18 and 36 months to prepare for compliance, but a terror event looms as a wild card. If there's an attack, that timetable could telescope quickly." CIO 2006.

HUGE DATABASES?:
In large companies, databases become very costly and purging data requires a project team to define which, when, who, where, data gets purged. How long it's archived, and for what purpose. IT Architecture is advanced enough today to take in these scenarios. As conservative as we all are, especially in 'money producing the perfect design', it is a 'best-practice' to limit the data archiving processes as an intelligent design.

RFID [Radio Frequency Identification]:
"Smart containers could tell Customs officials (among other things) whether a container had been opened, and, if so, when and where." Reference 2: The Stories Containers Tell-Technology can make the cargo talk.

HIGH SEAS-SATCOM:
I assume the above statement is voicing its concerns about the high-seas and voyages. If it is, the tracking and reusable RFID components have apprecialbly decreased in costs from 3 to 6 years ago. In fact, by using this RFID technology after refinements, budget/costs studies and fairly balancing risks to shippers, ports, destinations, and visual affects of a port explosion in America to its population is imperative. But if not implemented, any company that does not integrate RFID or similar technology to secure our shipments on the ground and ocean, today is dumb. Again, without going into the technical nuances of using Satcom and close reader mechanisms which read RFID tags within buildings, we'll assume that you the reader, has an overview of the technical workings of what it can and can't do.

"Assuring that your suppliers are handling your cargo in a secure way will require greater visibility into what is actually happening in the supply chain". CIO 2006. This is being done today on the ground in battle, in many aspects to record through RFID, smart containers, vehicles and servicing logs and utilizing other promising emerging technologies that are tied into a basic concept of RFID mechanisms.

"For intercontinental shipments, an RFID tag can trigger automated alerts when a container enters a terminal equipped with an RFID network. (Without automated alerts, importers are at the mercy of terminal operators who sometimes don’t send their manual alerts until days after a container arrives in the United States.)"

BOEING:
The above scenario can be done today as witnessed again with Boeing's directives. To further lend credence to my team's research, is Stanford's Professor Hau Lee who found that "between reductions in inventory and pilfering, as well as other savings, companies that use technologies like RFID can avoid as much as $462 in costs per container. Reusable RFID tags range between $20 and $150, and networks can cost from $30,000 for a small site to over $1 million."

NOT A CORRECT STATEMENT:
[["But right now, many of these technologies are still too immature or expensive to work in the real world. Until then, companies will need to integrate systems with their overseas suppliers so that they can risk-manage the supply chain by spotting anomalous activity as it happens. Even secure processes "can be compromised," says Ken Konigsmark, Boeing's C-TPAT program manager. "[Overseas workers] get paid peanuts, and it would be very easy to bribe them."]]

PUT RISK BACK INTO THE MIX?:
The above statement is putting risk back into the mix instead of removing it. Using broad statements without any bases to backup such ridiculous truisms is incredible and meant to confuse the reader about real practices and opportunities that RFID delivers today. Ken inserts about three (expensive, immature, bribery) different topics in his one diatribe.

Let me explain. For instance, Boeing is now working on a technology called 'flight bag' which essentially downloads and uploads information by a system that automatically updates the avionic systems in the cabin, for incoming (docking) aircraft. (It's a get ready for the next trip, type of application). This same system can be extended and used for exports and incoming ships that approach ports since its main fuel is wireless AP's, and/or Satcom used as a backup or redundancy or as an alternative. Electronics or transducers which can be made to record weights of vessels or anything WE want to record, takes innovative thought.

POOR PEOPLE:
Saying 'poor' people (the enemy) can 'hack away' into secure systems designed by security scientists doesn't say much about educated Americans, or 'no nothing' well paid executives. VP's who have nothing to add but company politics should be replaced with bright, energetic, innovative men or women whom are humble and knowing, that make statements supported with ethics. If the systems are breached-they are breached by under-paid internal American security folks. How naive-replace him-he's 'poor' in thought.

Now perhaps, I have introduced a similar atmosphere in which the Coast Guard finds itself in today or probably more aligned to how Boeing can race-to-get its product to market. But 'big' ships are hard to turn in water, no matter who you are, Big C or Big B.

So, what do you say? The CIO article as it stands, is a fantastic, gigantic hoorah, for what we can do as 'a movin' team' when we're pushed to the wall. Don't feel pushed yet? Please don't wait for our 21+ ports to be managed by others besides our American companies and our U.S. Unions. Lazy or Innovative. Intelligent or Ignorant. Tired or Energetic. Or are the ports political? Never mind that-nevertheless, they are not secure! You tell me!!

No American Management for Our Ports? Case In Point.

The recent accusation that American business can not be found nor assumed to be viable, if found to run our countries 16 ports, is not a business statement, nor provides a climate for business discussion that want to manage these ports.

The statement is a political statement and not the focus of this web site, however, I will clearly, yet succinctly, try to produce ALL business issues from my vantage.

It appears from what we are learning from the outrage, is that there are Unionized ports or entities thereof, that are Union run. Nothing wrong with that, providing that the Unions, which include their rank and files KNOWLEDGE, are providing the benefits' to those workers' according to Union contracts and Federal Laws pertaining to rights to organize in the United States.

WORKING TOWARDS A COMMON GOAL:
Again, I have no problem with Unions when working for worker's rights alongside management are involved. I was a VP of the [ILWU]/AFL-CIO International Longshoremen Warehouse Workers Union in Honaka'a, HI. This was a time when Ghiradelli Chocolate treated the Filipino workers-mostly Hawai'ian Island born, like third-world imbeciles. This is not good for business. Hell, tourists could see right inside the factory that things were not correct. So, can you share in my point, when I express that there is nothing wrong with Unions, if and when they live up to their contracts. And, in this case, the ILWU did. When Unions carry the same vision and work in concert with the company execs. you have an enterprise, a team focused on winning (profits, cash, move products). When you don't have this cohesion you have both sides working against each other, and in the case of the Macadamia Nut company (Ghiradelli), it did not take long, in less than five years they claimed bankruptsy.

AMERICAN SECURITY:
To state that no American businesses exists that can handle the management of our ports, is a form of criminal utterance that begs to confuse and further cloud our collective goals as Americans that want and demand American security.

A loosely constructed statement undermines American security by saying to the World, that we (Americans) are not capable of performing management, in any form, let alone on our own [4]-[16]-21 ports. If all of them are deep water ports, these then are extremely valuable to Americans in times of moving commerce and National Security. Is this not in the best interest for the American citizen?

When you are inducted into any branch of the service as a GI (government issue), you are sworn in to uphold The Constitution of The United States of America, to protect America from domestic as well as foreign enemies. These are our 'fighting men and women' of uniform. We have capable National Guardsmen to perform these tasks. Without getting into the nuances here, we have trained border patrol, FBI, Homeland defense mechanisms in place to guard us from foreign invasion. We can do this and must, because as it stands, many systems are still broken and have never been inacted. Management here recieves an 'F' grade from a U.S. commission -

ARCHITECTURAL OVERVIEW:
If we have potential breaches in one or many of these architectures or components, management holds the responsibility to quickly correct, test and perform Quality Assurance on the corrected Process. This is architectural management which includes, process and sub-level forms of Program/Project management. These skill levels as well as processes are scrutinized and tested thoroughly for function to assure that its deliverables and tasks are met, within the allocated budget and time constraint periods. Many of the processes used in America come from the Project Management Institute and International ISO9000 Certification Societies where we hold appointed seats.

SYSTEMS:
Our own production and scientific research facilities have produced some of the finest equipment during WWII and presently, today's (public knowledge) war-grade RF Communications. If the plan is difficient and not ready for publication or production, it goes back to the drawing board, specifically, to correct that anomally. Simple as that.

Perhaps too simple. The present container management is broken-containers are coming in (supposedly inspected elsewhere) to our ports with manifests that are grossly in error. Some containers weights are far heavier than the manifests say. So heavy, the cranes have a hard time lifting them up. Does this scenario wave red flags for you? It does too me.

Without going into too much specifics, remember, if you want to venture further into our weapon/technology history, defense companies and others have manufactured systems that have grossly malfunctioned. We should look at the Program Managers and political focuses here and find fault with them, their CEO's and Senior Management for botched projects that kill and maime Federal personnel. They (management) must be held to a higher standard and be accountable. It is an honor to be called into management, therefore it must be treated as such. Not debased with filth , power, and greed.

MANAGEMENT:
American Companies' lack the expertise to manage our ports is an incorrect statement as far as ethical performance goes. It is clearly, a fraudulent statement made in haste by our American government where each member took an oath to protect The Constitution of the United States of America. Are they delivering on that promise to the American owned/multinational companies and specifically, the American citizen when statements are incorrectly put?

BUSINESS/GOVERNMENT FOCUS:
Is this another business error or management shortcoming? It's not as simple as that because our government was setup in such a way as to not emulate big business because it has a dissimilar functon or core competency than a regular corporation or multinational. Let me explain briefly, a business' core may have its focus on customer support or the customer satisfaction for its services or products.

The governments' focus is many-fold and not about profits. But when distilled, it boils down to one core competency and that we are that core; 'we the people' must always remember-that everything revolves around 'WE THE PEOPLE'. Security, National Security, Foreign Policy, Internal Infrastructure (highways, roads; dirt, gravel, concrete, blacktop. Utilities; electrical, water, sewers. Shipping lanes. Oil and gas distribution lines and ports), are all high terms that act as umbrellas to protect, provide for and guard the CORE of These United States of America, 'WE THE PEOPLE'.

TAXES:
Nevertheless, the person or person(s) making these statements and/or condoning that America can't manage its own ports, is undermining my protections granted to me as a citizen and our American Security...business, et al. Period. Businesses pay taxes for commerce infrastructure (trucks, air, ships, railway), and should-they expect their payload to travel from one point to their destination safely, and should. They depend on the U.S. Government, a.k.a. U.S. Coast Guard to protect them-once out in International waters, other protections take-over.

WE THE PEOPLE:
Furthermore, our national collective conscious and focus after 9/11 promised to strengthen our security of our ports...another exclamation from business and the citizenry. We assume that the United States knows of or has several American Companies that are capable and willing to provide port management, but because of other focuses, it has been verbally stated that none exists. Why? Isn't America the Greatest! Yes! Because of 'THE PEOPLE' and its diversification.

If none exists (American port management companies), then MY government for similar programs, in the past, has opened several venues to train and produce the 'best of class' programs that have addressed these other shortcomings, and can perhaps do the same for this issue in the United States. After going on four years, since 9/11, if we have not addressed these many shortcomings that (WE THE PEOPLE) are not aware of, I ask, what has management been doing? What does the board say?

GLOBAL ETHICS AND INDIVIDUAL POLICING:
Today, in executive business boards across the U.S. and overseas, address issues that are more directed to their governance boards' and policies. I like to think that they are driven from a foundation of ethics, which include global ethics. Some companies do this-AHEAD of and in concert with monetary gain, but you seldom here about them.

PROCESS MANAGEMENT:
No! American Business Management for Our Ports, is not a business statement but an agenda with a different name. Business issues are solved through collaboration and integration, utilizing processes which use metrics, a viable form used for producing analysis by reaching the bottom lines of financial goals.

POLICY-TECHNOLOGY:
Technology is a very helpful tool and will solve 85%-99.9% of the problems, but it is the 14.9% or .9% that I worry about. This less than 1% of the equation if systems are almost perfect, is the failure of the human component to excercise his or her's 'free will', to 'think out of the box', to act apart from the daily politics by following a set of guidelines and procedures. These can only be assertained - produced from a security panel that has the American peoples' interest as their goal.

Within these guidelines and procedures, a deliverable of this panel is to produce a working outcome that promotes efficiency through tehnology use. This has to come from that government panel who also draw their expertise from consultants whom have U.S. American security clearances. This means NO foriegn entities allowed. Why? Because inorder to draft a stable, viable and thorougly efficent system, those that plan the process will have to know U.S. process lines which maybe secret.

These 'secrets' can come in the form of where and how do escalated issues that may come from 'storage' or 'unloading' areas, as examples, receive immediate remedy? Once these are established, potential candidates have to declare that they meet the guidelines, have the monetary wherewithall to perform technically. Which means simply; SAFETY! And trucks, lifts, fuel containers, service crews, including IT such as computers, scanners, sensors, databases, secure wireless, redundant servers, firewalls, and backup apparatus have to be in place in secure locations, off site, tested and ready to go, at a failure rating of 99.99% to 100% within 6 months after starting.

SIGNUP:
Where can American businesses gain access to view the requirements needed, if they themselves deem that they pass the test with the required knowledge and financial stability, to perform on a competitive basis? But instead, we are told that (WE), don't exist?

EQUAL OPORTUNITY:
Can we have a match or contest of business competitive management vying for these slots? Should it include businesses which are driven by executive women managers', and what about American ethnic minorities? How will they compete? Equally burdened or is there room for favoritism? If there is room for unethical behavior, then there exists a considerable breach of policy and must be repaired immediately!

Somehow, I believe it will never happen, but strangely enough, if it does, there are past and present guidelines in place because, it's in the LAW!

Document Retention Strategy

To be ahead of the anxiety that litigation hold has on a corporate culture, IT and governance executives must meet before it happens. Many times this does not happen. Waiting till the courts inform you, is too late. Late, because money, time and scramble efforts does not help you.

WHAT IS NOT NEEDED, is complex. But by formulating a plan to save specific data, by training IT personnel in what is needed is most important. Nevertheless, testing via quality assurance with counsel, litigators and IT personnel is healthy.

Now there are several excellent companies that do this service to help you pre-plan.

I ask you that have experience here. What did you do?

Lyle K'ang, MBA/IM
Sr. Business Analyst
IndyMac Bank -Cognizant Technology Systems

Acceleration Optimization

Making money, making profits after expenses is good, right?

How can we drastically cut our expenses by 50%?

Well, at least by 34% and I'll show you how.


By using a combination of fixes:

1. Business Performance Management (Infrastructure).

2. Business Application Optimization and IT architecture enhancement.

1. Business Performance is critical, especially when looking at exacting issues that off the top, look like a nightmare for you. There's money in there being wasted-I'll get to that soon. Secure Web optimization is one of the processes that come to mind. The other is WAN Application Optimization and its benefits.

#1 can promise you a a reduced bandwidth utilization by greater than 75%. There's a bunch of acceleration optimization technologies out there. Be careful-many can hurt your bottom-line.

2. Business Apps., middleware (open source) and the optimization of its software and hardware engineering by using special products that go along way in defining this type of process. I know of several within that framework labeled as Application Traffic Management.

There's the reliable and secure access of corporate data, authenticating offloading and layering every layer for better network security for these applications is a must to prevent against application attacks. Of course, there will be application layer attacks that may go undetected but without the checking capabilities of blocking and logging application layer attacks, the absolutely critical stage of application firewalling has not been met.

With #2 in place we can actually see our costs going down by requiring fewer server resources and lower overall infrastructure costs. Dramatic improvements to application performance is noted.

I would venture and guess that some of you know of the practice to break the client/server connection dependency through TCP/IP multiplexing. There's another example of efficiency.

Now, if you want more information, for a reasonable fee ($110.00 for assessment-then negotiated contract fee to finish the project), we can go over your infrastructure and recommend the systems and performance approach mentioned in #1 & #2.

Reply to this blog and we'll carry-on a dialog to assess where your infrastructure is or is not. I'll get back too you so our conversation will be private, if you like.
1. Include the time-frame in which your project is to be completed and 2. What are your exact issues that you want to solve? If these are not known because of ambiguity, we'll find them for you to review before we start anything.

Just remember-when doing business, business costs you. Reducing WAN latency which is a significant cause of congestion on the Internet actually cuts the costs of doing business. This is another one of those hidden overheads which can be eliminated.

Yours Truly,
Lyle K'ang, MBA/IM
Sr. Business Analyst

Consultant for VITConsultancy.com
And Cognizant Technology Systems - IndyMac Bank

Business Impact-Enterprise_Architecture

"Enterprise Architecture is the practice of applying a comprehensive and rigorous method for describing a current or future structure for an organization's processes, information systems, personnel and organizational sub-units, so that they align with the organization's core goals and strategic direction.

Although often associated strictly with information technology, it relates more broadly to the practice of business optimization in that it addresses business architecture, performance management and process architecture as well. [reference: Wikipedia 5 Feb. 2006 http://en.wikipedia.org/wiki/Enterprise_architecture]".

Enterprise Architecture

Let me speak with the CEO's and CIO's of enterprises and any of you that find these types of topics interesting.

When diving in to locate the chain and its weak-link of your enterprise that may be located on a design, we'll call the directional arrows that I refer to within the drawings, not as arrows but as chains. Thanks to my wife (very strategic in thought), I present a difficult concept.

We're now looking for the "weak-link". Get it! Not "points-of-failure" as someone I know called it. My God, that terminology scares the baddest of the bad, especially Sr. VP, VP and Systems Admin. people. Why? Because it's demeaning and introduces negative connotations from the get-go.

Understand?! Good-let's continue...

Most IT executives forget about this one most important fact. The plain fact that there are many layers of an architectural design that can be considered as strategic, but to whom. This initial discussion can be considered high level (strategic in design), and is the area where I wish to clarify.

If you can not articulate at what level of the design you want to digest, then let me suggest something to start you along.

The fact, that many of you Chief Information Officers are leaving, jumping ship and switching positions to wherever at an alarming rate, is irresponsible in my estimation. Stop and take hold of your resources.

CEO's can't fathom why you are jumping except that maybe that's the norm here. Well it isn't except for the one's that can't clearly paint that picture for those 8 a.m. meetings with your seniors.

Give me a break folks! Let's look, discuss and target what we are really after besides the $$$.

You really have much to offer, yes that's a fact. You really know your stuff-yes, that's another fact. And, how you wish others can just understand what you are saying, take-off from there and fly in the same airspace as you. That's a fact for many of us!

OK! That's not the point- the point here is that if you have not been schooled with and in technology, then that 'old school' thought that you can run the business or section well is absolutely untrue. Not today!

I now want to speak with the those of you who have a technical as well as business background-these in my humble gestimation are the champs. Here we can go high-level, mid-high-level, higher than high level or lower than the third high-level and still get it.

So, we are now ready to understand the business impact of technology and how it plays on the architecture.

I am adding some designs to give you an example of where we are going with the discussion.



This is a high-level on something called Enterprise Service Bus Architecture...cool.

Here's another one on the same subject, different high-level approach.




Now, at this point we can add all kinds of scary trash here like an architecture of a large bank that has Microsoft's Systems Management Server (SMS) for app./patches/upgrades/etc. deployment to 8,700 end users desktops. These SMS servers are, let's say about 1,300 in number (good round numbers).

We are in fact, painting the underpinnings or underbelly of this giant beast. Now, I hope you are getting the point so far. Just because you don't understand the underside of the beast, does not mean it's not important to YOUR discussion. It is. Let's go on.

This enterprise is a large one and NOT make believe. It in fact, lives. I saw it, smelled it, and worked on it.

We'll add another 1401 Servers (prod., Dev., Lab., and Test). Storage is around 103 TB. OK! This is getting boring, so I'm calling it - 7,560 TDM phones, 2,735 VoIP Telecommunications. 2,700 Wireless Blackberries and finally, 897 Offshore (India) clients.

We have painted (together) the belly of the best beast. Here we understand that the chain is strong and everything is working. The chain exists even with its weak-links. However, we also understand that intermittent problems can and do exist. Even though, we are working, there are underlying issues. What is the cost of intermittent downtime to YOU!

I am not going into the myriad of details about how one can build in Web Optimization, appliance redundancy, and integrating BIGIP systems throughout to solve a ton a problems. Or, the fact that the OC3 Vendors that give you light through your trunks (circuits) need to be diverse. Diversity meaning more than one vendor supplier. Anyway, the problems solved here on paper and the issues understood.

Now, at this point before we loose the "business executives" who should have a clue what we've just discussed, and probably don't, I'll say right here, right now, that your summation of the enterprise cannot possibly be articulated with any business intelligence, because "if you don't understand that a car needs oil in it's engine-guess what?"

We have fooled around too long - let's get to that diagram I promised early on.



This is what these executives understand. But again, let me reiterate, the weak-links of the system or under-belly of the beast have to be understood as "intermittent" and possible "weak-links".

You will never know when they go, so designing a high-level design just so "YOU" understand and having analysts build you a full offering with metrics and quantitative equations, is really an exercise that can show you a "dashboard" that really has no merit, whatsoever. It looks good-but it's off...It's primarily a circle jerk!

Why? Because the weak-link will fail, break, tear apart, stop working when you least expect it.

Again- these are the points that can have a large business impact and high intangible cost. They can be prioritized as medium or high-because we the technical cadre' understand about an engine running without oil.

CIO's, Sr. VP's and CEO's-now's the time to talk with each other, by formulating points of discussion, understanding by referencing why intangibles are more harmful to an enterprise than black and white, tangibles. High Impact-You Bet!

Understand the many levels of strategic design before simplifying a design that really does not or at best attempts to capture any intelligence whatsoever.

In closing, if I were to say to my CEO, that at this strategic level, our mission statement and IT infrastructure is aligned....I would not be ethically inclined to bet my life on that broad statement. You can go ahead and say what you want. It may never break. But when it does, pack your bags and run after the CIO's who went before you.

Lyle K'ang, MBA/IM
VP Business IT Analyst Consultant
-LyveOasis-
Consultant for VITConsultancy.com