Many companies would like to milk revenue from thier IT investments. Some have found new ways to do it.

Could an idea whose time has come and gone have come again? In the 1980s and early ’90s, leading-edge companies in every business sector imaginable believed they could spin off all or part of their IT organizations and turn sizable internal investments into lucrative ancillary businesses. Most of these failed. Seer Technologies, for example, spun out of First Boston Corp. in 1994 with additional backing from IBM. It sought to turn a set of application development tools created at First Boston into a commercial product. After several stumbles, it was acquired by Level 8 Systems Inc. in 1998 for just 35 cents a share. Other spin-offs have staggered through a host of strategic redirections, stock collapses, and bargain-basement acquisitions.

The rise of E-business and the battle cry of “core competencies” seemed to quell enthusiasm for the concept, but in the past year, several companies have shown renewed interest.

In February, GE Plastics created the GE Services Network, which offers its customers everything from marketing services to an innovative one-click patent-licensing system. Vince Cole, global business leader for the new unit, says the network was created to satisfy the requests of business partners that wanted to emulate some of GE Plastics’s practices. Now the service acts as a marketing outsourcer to small and midsize companies, providing everything from E- seminars to E-mail campaigns. It also provides a “pass-through” mechanism for other GE divisions with products or services that have potential to generate revenue. “And because we can leverage the existing GE E-business infrastructure,” says Cole, “we can expand this service network with almost no investment.”

The desire to minimize investment is evident in many IT spin-off deals today. Some companies, in fact, are trying to simultaneously tap new market opportunities and save money. Two recent Canadian outsourcing deals, one involving Ontario Power Generation Inc. of Toronto and the other involving financial services firm Mouvement Desjardins of Montreal, both turned over most IT operations to third parties, with the understanding that the client and the outsourcer will pursue additional IT revenue opportunities together.

Karen Furtado, vice president for consulting services at CGI Group Inc., Ontario Power’s outsourcing provider, says that increasingly, outsourcing deals are being structured so that clients share the gains in any intellectual property that is jointly created. CGI developed a brokerage system with a U.S. client, for example, that both CGI and the client now market. Such deals can produce either a revenue stream for the client or a discount on services, depending on the extent of the client’s involvement.

But not all companies are looking to do spin-offs on the cheap. In February, Shell Services International spun off Kalido Ltd., a London- based company charged with selling an internally developed data warehouse product to large enterprises around the world. Andy Hayler, Kalido’s CEO, says that one reason many spin-offs fail is that “companies don’t realize it costs 10 times as much to commercialize a product as it does to develop it for internal use alone.”

Shell decided to make that investment in 1998, he says, when it saw that its product not only met its internal needs, but also seemed superior to what the market had to offer. Once the company made that decision, it immediately began to hire people from the software business. “We hired people from IBM, Oracle, Cognos, and other companies,” says Hayler, “and we created a different compensation plan for them.” Of 50 employees, only 5 came from Shell.

Many analysts remain dubious of the spin-off strategy. “I haven’t been a big fan,” says Pascal Matzke of Giga Information Group. “The competition is fierce, and without a proven business case and strong focus, you can’t succeed.” He says firms with a vertical industry focus or a focus on the midmarket stand the best chance.

Aretech Information Services Inc. hopes that proves true, since it has both. The company was spun out from Semco Energy Inc. last year when, curiously, the natural-gas company decided its IT department was in trouble. It hired Rudy D. Cifolelli to advise it. After taking a close look, Cifolelli offered two options: hire an outsourcer or become one.

Semco opted for the latter, and Aretech was born. The spin-off not only supplies Semco with its IT needs, but also has landed external contracts. Rudy R. Cifolelli, the company’s vice president of sales and marketing (and Rudy D.’s son), says that the number of midsize industrial firms in the Midwest is large enough to keep Aretech busy for years to come. He agrees with Hayler that capital investment is key, but also says that “the real barrier to entry is leadership and experience, not money.” His father led a similar effort several years ago, when MCN Energy Group Inc. spun off Genix Corp. MCN sold Genix to another service provider in 1996, saying it wanted to focus on its core energy business–and proving that even successful spin-offs face uncertain futures.

IT MANAGEMENT

A Real Project

While it would be an overstatement to say that IT lives and dies by the project, project management is central to the IT mission. That mission is frequently in need of help. In fact, the “CHAOS Report,” produced by The Standish Group, and now in its sixth year, pegs the current success rate at just 28 percent.
Projects that come in over budget, late, or missing some intended functions still account for about half of all projects, although the typical cost overrun is down by 50 percent. Jim Johnson, chairman of the West Yarmouth, Mass., market research firm, says that IT project performance is improving primarily because IT departments are doing a much better job of soliciting input from the employees who will be served by the projects. And projects have also gotten smaller, averaging $660,000 last year, compared with $1.4 million (nonadjusted) in 1995.

But new tools and methodologies have also played a part. Project management software–some of it tailored specifically to the needs of IT departments–abounds. ProSight Inc. takes a different approach: its IT-Enabler software works on a portfolio-management level, helping IT departments prioritize projects and make sure that as business needs change, projects change accordingly.

At its most rudimentary level, CEO John Cimral says, the product doesn’t do anything a management team couldn’t do with a pen and a legal pad manually. “But once projects have been prioritized,” he says, “they often acquire a life of their own, one that gets progressively out of sync with the business over time.” ProSight doesn’t provide the day-by-day workflow and expense information that a typical project management product would; instead, it provides an automated way to manage and measure projects, one that aggregates data so that IT and business leaders can monitor projects in relation to each other, assess ROI, and agree that resources are wisely deployed.

One early customer, PNC Bank, says the software will aid its decision-making. “It can pull information from different sources and present it in a way that helps executives make faster, clearer decisions,” says Bob Bardusch, program office manager at the Pittsburgh- based bank. ProSight runs about $250,000.

CFOs want projects to go smoothly; ideally, they would like a guarantee. Gladwyne Software Surety, based in King of Prussia, Pa., offers something close: the option of purchasing a surety bond in the event that such large-scale projects as CRM and ERP installations go up in flames. The company’s bread-and-butter business is in consulting services that try to ensure such projects stay on track, but the availability of an insurance-backed bond (which costs about 2 percent of the value of the contract) adds an element other consultants lack.

Lee Wilbur, CFO of Jackson Laboratory, a genetics research firm in Bar Harbor, Maine, hired Gladwyne to advise the lab as it rolls out a full suite of Oracle products. “We used them to develop a risk assessment and mitigation plan for us,” says Wilbur. Gladwyne also helped negotiate the contract with Oracle. Wilbur didn’t take them up on the offer of a surety bond, because Jackson didn’t opt for a fixed- price contract with Oracle, which is currently one condition for the bond (although Gladwyne is exploring other options). “But I could see us using it for other projects,” he says. “It’s an intriguing way to mitigate risk on large-scale IT projects.” A Gladwyne survey of financial and IT executives found that the most common way to mitigate risk for IT projects is to budget for contingencies; 70 percent of respondents said they do that, often inflating budgets by as much as 50 percent to allow for disruptions. — S.L.

FORENSIC COMPUTING

Playing Private Eye

Companies routinely find themselves in court these days for everything from trademark disputes to wrongful termination suits. And as more information goes digital, so does more courtroom evidence. Pricewaterhouse-Coopers partner Larry Kanter says that so-called electronic discovery is now commonplace. But it is often a problem for companies because critical information has been deleted or improperly archived. The process of ferreting out such data, known as “forensic computing,” can fall to high-priced experts. But new technologies allow companies to handle much of this themselves.

If your CIO isn’t inquiring about it, chances are your lawyers will. Browning Marean, a partner in the San Diego offices of law firm Gray Cary Ware & Freidenrich, says, “I can’t imagine [lawyers] not expending considerable effort in electronic discovery, because that’s where the good stuff is.”

Computer-based evidence has been introduced in nearly every case he’s worked on in the past 10 years. E-mail is the richest source of information, but other documents that synthesize facts, such as PowerPoint presentations or enterprise software programs, can be revealing as well. For example, Marean was able to prove that a construction company was lying to a lending bank by showing the discrepancies between project management reports submitted for cash draw-downs and records used for internal management decisions.

Even when files are deleted, data rarely disappears unless the drive on which it resides has been overwritten multiple times, experts say. In fact, in most cases it shouldn’t disappear at all–unless companies mandate that it do so. Having a formal data-destruction policy in place is vital in legal proceedings, they say. That way, you’re more likely to hang on to information you need, and to avoid arousing suspicion when information the other side may need is no longer available.

Companies that augment such policies with the latest forensic technologies are tight-lipped about exactly what they do, but clearly such technologies are in vogue. Research firm IDC Corp. says the forensic services market will reach $69 million in 2004, up from $24 million last year.

AccessData Corp., which recently expanded its product line from an encryption-cracking tool to a full forensics tool kit, says demand for the $595 tool kit and nationwide training courses has doubled. Private- sector demand for Guidance Software Inc.’s EnCase, widely used by law enforcement agents, has tripled over the past year. For about $4,000 per person, the company provides the software and training to enable an IT professional to duplicate a cybercrime scene and analyze the evidence.

Niksun Inc., which also says sales have tripled, makes the equivalent of a surveillance camera for network activity. The hardware device allows computer activity to be recreated down to the keystroke, and costs from $30,000 to $70,000. Meanwhile, so many companies have asked high-tech investigators at Kroll Associates to train their staff members in forensic computing techniques that Kroll is now formalizing a vendor-neutral training program, says managing director Jason Paroff.

Bringing such sleuthing capacities in-house not only helps shave litigation fees, but also may forestall court appearances altogether. “You can fend off lawsuits and get better cooperation when you have the evidence in hand,” says Dora Furlong, a computer forensics expert who has spent the past 18 months as a full-time staffer for a Fortune 500 telecommunications company.

Furlong uses tools like EnCase for such jobs as determining the true origin of harassing E-mails and justifying employee terminations. So far, she hasn’t had to visit a courtroom on the company’s behalf.

Investing in the latest tools is only part of the equation. William Spernow, research director at Gartner and former head of the cyberinvestigations group as chief security consultant for Fidelity Investments, goes so far as to argue that a staff person trained in forensic computer analysis–ideally someone with a law enforcement background–is also a must. Deciding which tool to buy is confusing, he says, since there are currently few comprehensive and user-friendly packages. And there’s always the danger that electronic evidence will be overlooked or mishandled, reducing its usefulness in a court case.

But as the tools–and wrongdoers–get more sophisticated, forensic computing may become a more mainstream skill, if only out of necessity. According to Thomas Talleur, managing director of forensic and litigation services for KPMG LLP, “The reality is that companies are losing far more data across networks than they know, but I can’t prove it to them, because only about 10 percent have the tools in place to detect it.” — Alix Nyberg

MODERN-DAY MAGNIFYING GLASSES:

Basic tools for data detective work

 Source: Gartner