In the past, organizations have focused their security efforts on stopping external threats by deploying an array of security solutions, including firewalls, intrusion detection systems, antivirus software, denial of service prevention systems, secure router configurations, and vulnerability scanners. SIM evolved when network managers were becoming overwhelmed with volumes of diverse data generated by these solutions. SIM allowed organizations to leverage existing resources to achieve new efficiencies while increasing the security of the enterprise by protecting the network from external threats.

Yet despite the huge investment made in these security technologies, data leakage and inappropriate user activity from inside the enterprise have become a more daunting and often more complex challenge, forcing organizations to reconsider their approach to managing risk from the inside.

Now the challenge of risk management and compliance has shifted to protecting customer, patient, and other valuable corporate data and applications at the core – compelling companies to address the explosion of threats that are now originating inside the organization. In fact, according to Gartner analyst Richard Hunter, “more than 70 percent of unauthorized access to information systems is committed by employees, as are more than 95 percent of intrusions that result in significant financial losses.”

To read the entire WhitePaper: Click Here

IT project management can be precarious: Depending on which source is consulted, the failure rate for IT projects ranges anywhere from 30 to 60%. So, the odds are good that an IT project will fail to achieve its business case.

But, here’s a silver lining: There’s plenty of history documenting IT project mistakes. Administrators looking to steer a project to success should study the mistakes others have made in the past, especially within their own organizations. After all, those who don’t learn from history are doomed to repeat it.

It would seem logical that an expensive IT project would have clearly defined objectives and a clear idea of the resources and outlays needed to get to the end zone. However, many organizations have suffered through poorly planned projects that ended up in the corporate scrap heap.

Unless everyone agrees on what is getting built, what the parameters are, and the rules for how things can change, the eventual outcome will be an unhappy ending, says Tony Navarrete, lead technical marketing in the IT Business Management unit of BMC Software (www.bmc.com).

“Early in the project definition stages, you need everyone to agree on the scope, high-level project budget, and key requirements,” says Navarrete. And, he adds, all of the stakeholders in the project must agree on these points so the project can move forward.

Harry Schultz, senior vice president of product development and solutions at Digital Reasoning Systems (www.digitalreasoning.com), says the true hallmark of a successful project is a customer that enthusiastically embraces the deployed system because it successfully addresses the specific needs that initiated the project in the first place.

But, says Schultz, the requirements-gathering process usually requires a significant commitment of time with the end customer to really understand their business and how the proposed system will be used. To accomplish this, Schultz recommends that a standing group of key customers (both technical end users and major decision makers) and key project members be formed to participate in the requirements definition process at the project outset.

A complex IT project involves a substantial number of people working together toward one goal. A lack of clear communications can cause personnel to lose direction, focus, and ultimately the desire to see the project through.

One of the reasons projects often fail to align well with the desired value is because of inconsistent or inadequate interaction with the various sponsors and stakeholders, says Eric Willeke, lead architect for EMC Consulting (www.emc.com). To avoid this landmine, he adds, project leaders should focus a majority of their energy outside the project to ensure a clear understanding exists between the project team and the stakeholders. These communication channels, he says, allow potential impediments to be resolved promptly.

William Stuckert, vice president and general manager for Advanced Technology Services (www.advancedtech.com), says lack of communication about the business value of a project can have a negative impact on the people working on a project. Managers should clearly communicate the reasons a project is important to the business, Stuckert says, adding that this shows personnel the overall impact of their contributions.

Every undertaking must have direction from a leading individual. Without a strong hand to provide direction and leadership, a project may run aground very quickly, much like a ship steered by multiple captains who each wish to go in different directions.

Digital Reasoning Systems’ Schultz says successful projects require a project leader, not a project manager. An IT project should not be run as a democracy but rather as a benevolent dictatorship, he adds, because the project team requires clear direction and quick conflict resolution.

“A project awash in indecision is ripe for failure,” Schultz says. Strong leaders must convey a very concise message about project goals and how those goals are to be met. Another dimension of leadership is ensuring that the person leading the project has the expertise needed to do so. But, says Jack Bergstrand, CEO of Brand Velocity (www.brandvelocity.com), the program director for a company is usually a respected business or technology executive who has never run a large IT project before. When that happens, this individual depends too much on the consulting systems integrator from the start, thus creating the expectation that the integrator will manage the project in a turnkey fashion.

Projects are filled with unknowns at the outset, so determining what the potential obstacles are and the risks they pose to the effort is absolutely essential.

According to Alexander Magno, senior director of ADM North American Delivery at Keane (www.keane.com), a common mistake made by project managers is taking a “sit back and wait” approach to risk and attempting to solve problems once they occur. Magno says project managers should avoid falling into this passive approach.

The first step to avoiding this mistake, says Magno, is for team leaders to create a collaborative team atmosphere where openness helps identify and manage risks before they become issues. Second, he says, project leads should enable and coach teams so they consider the downstream impacts of delays, for example. Finally, mitigation strategies should be identified so the project team can work around risks and keep moving forward.

A project that lacks management support has a good chance to fail. After all, uncommitted top management is more likely to pull the plug on a project the first time things go awry.

For starters, lack of alignment with business objectives can cause project managers to “put blinders on” and neglect to account for market changes that cause a project’s business objectives to become invalidated, says Magno, who adds that it is important to keep business objectives for an IT project in mind throughout the process to avoid making this mistake. An executive steering committee should actively participate and review stated project objectives and business impacts throughout the course of the project, Magno says.

“Getting into the habit of recalibrating the project’s return on investment will help a manager remain ready and equipped to identify when to cut the cord,” he says.