I’m not so sure. Over the past few years, I’ve made some observations on why the standards/integration movement in the biosciences industry never seems to get off the ground. True, everyone agrees they’d like to see something come together, but there’s little overall organization and cohesiveness. Go to your favorite seminar, interest group or association, and getting a room full of people to agree on anything is like herding cats, never mind organizing anything on a larger regional or even national level.

Truth is, there is very little organization in the user community. Sure, there are lots of groups, associations and the like. But they’re not aligned. You’d nearly need everyone to agree on and establish a central governance body. Only then would you have some serious political clout to move and shake things. Most people seem to believe that you’d need to apply some major leverage on vendors and manufacturers to get them to adopt a standard, or commit to at least a more open architecture. I myself though this way for many years - Now, I’m not so sure.

Point in case: over the past year, while attending various shows, seminars and groups, I’ve noticed that people love to get together, and talk about the latest and best products, how to implement them, or resolve issues or problems. Of course, people also talk about their wish lists, with new feature sets, SaaS, with open standards usually being right at the top. There’s a lot of excitement, and conversations can get intense.

Intense until a vendor or manufacturer walks into the room. All of a sudden, there’s this collective “who invited you?” and immediately people withdraw. There seems to be an ingrained, inherent distrust or suspicion that takes hold. It’s as if people suddenly think “Ok, watch what you say…they might try to sell us something!”. There are a few forums I know that are so anti-vendor, that even the slightest commercial reference can get your removed. Of course, there have been abuses, so these kinds of cautions are warranted and justified to some extent, and groups and forums have user policies for good reason. And they apply to everyone.

Still, I find this phenomenon to be a bit baffling. On one hand, people get really exciting about a bit of software and want to learn all about it, but then they distrust the company that makes it. The trouble with this is that this can go both ways, and become self fulfilling. If a vendor or manufacture perceives this reaction, then they will tend to adopt an equally defensive posture. Given this, what motivation does a manufacturer or vendor have to what to work with the user community at large to even consider adopting an open standard?

In the medical industry, the financial drivers created by managed care and the market forced organizations to standardize. It was either adopt, or perish. Plain and simple. In the biosciences industry, you don’t have the same financial regulation, so vendors and manufacturers are not “required” to change. And why should they when they, as well as all the bioscience companies, continue to thrive even in our current economy.

Bioscience companies spend a lot of money on industry products – a single company can easily spend millions of dollars yearly. So clearly, no one wants to loose a customer like this! And being this kind of paying customer, you could have some influence. One things for sure in the biosciences industry – it’s intensely competitive, and getting more so very day. So, why is there the user-vendor reluctance to work on changes that could be mutually beneficial? Why the distrust?

An acquaintance of mine, who runs an Institute, states that a large number of problems encountered in labs have nothing to do with the science, technologies involved or the instruments. He feels the origin of these problems arise out of the business itself due to organization inefficiencies rather than technical shortcomings. In short, he’s referring to the human factor.

I couldn’t agree more. In many organizations that I have worked in or visited, there often are conflicts of some type between lab personnel, management, and information technology professionals. Those organizations that have close alignment between these groups tend to be the most efficient and successful.

How do these conflicts - the “us vs. them” mentality - originate? Can you think of one at your company? I’m sure you can…now can you recall how it started? Or was it always “just there” when you started working there? In the big picture, it really doesn’t matter how it starts. What matters most is how it can be resolved, and that we are willing to try.

So here’s a novel concept: if people started to work with vendors and manufacturers on a level playing field, and dropped their guard, I wonder if we might be surprised by the reaction they’d get. I’ll bet that most would be willing to at least talk. Talking is the most important, crucial step. Once that starts, everything else is possible. We might find that manufacturers and vendors are more than willing to cooperate with us, and give us what we want, perhaps in some middle ground. That certainly would be a whole lot better than where we are now.

Perhaps this sounds naïve, even pollyanna-ish. Well, something needs to give sooner or later. Someone has to hold out their hand for that first handshake. As I’ve mentioned in previous posts, and this post, there needs to be leadership to start this. That’s the first step. The second step is willingness to work with the vendors and manufacturers and have a neutral playing field where the needs of both sides can be seen and understood. This process may take years. Perhaps longer. But we need to start thinking about it now.

One of the most effective and successful solutions that MUSA has come up with is a communication model that enforces regular meetings with both the scientific stakeholders and those in IT.  Using this model a partnership between the scientific community and IT is formed, helping everyone get on the same page.  During meetings scientific team members are tasked with updating their IT counterparts with feedback from their colleagues.  This feedback should include, but not be limited to:  plans for purchasing and installing new instrumentation (since most has an IT component), need for additional capabilities that’s often met by rolling out new software packages, upcoming initiatives that may require a spike in IT services (storage, processing power, etc), and so on.

By ensuring that communication lanes stay open, the scientific community can benefit from having IT assist in evaluating new products and ensure that the proper resources are in place before they’re needed.  This results in a more stable environment and less headache over time.  In turn, IT team members should be updating their scientific colleagues on any work being planned that may have an impact on tasks being carried out in the labs or on the manufacturing floor.  Experiments and drug lot production often run for long periods of time and can be extremely sensitive to even small blips in service availability.

By implementing this type of Scientific IT team, MUSA has helped many of our clients realize a significant improvement in communication between the IT and scientific communities.  Improved communication in turn results in a more proactive approach to overall technology strategy in the labs, and leads to improved productivity and decreased time to market.  When products can get to marker quicker the entire organization becomes more profitable, and what’s more fun than that?

As a lab specialist, I was particularly interested to see the latest developments in data integration solutions. At BIO-IT, I wasn’t disappointed – there were a number of vendors that had offerings in this area. On one hand, this was very encouraging to see. Data integration technologies are really beginning to emerge and gain ground, in response to a growing call from the scientific communities for tools and solutions that will help them work with their data.

This doesn’t mean the instrument manufacturers will jump on the standards development bandwagon. However, as data integration solutions continue to gain a broader foothold and user adoption, the demand for open access will become progressively harder for the manufacturers to ignore.

There was one pitfall to most of the solutions I saw at BIO-IT: cost. It seems that many of the Data Integration solutions available on the market right now are enterprise level. Many of the applications I saw were impressive, offering very powerful toolsets. The downside is that entry price, in one case, was nearly $50,000. A full deployment was hundreds of thousands, and required specialized staff to be onsite. If you’re big pharma, that may not be an obstacle. But if you’re a startup, or a small company, many of these solutions will be out of reach. On the other end of the spectrum, there were some DI vendors who are offering right sized solutions, but lack the visibility (and marketing budgets) of larger companies.

This is what makes shows such as BIO-IT and BIO International so important – it’s a chance for everyone to see “what’s out there” first hand. The shows allow new companies to network, and connect with others to collaborate, share information or partner. And, of course, they provide direct access to users who may be interested in their products.

BIO International in Chicago was a great example of information exchange and networking. For me, the best thing about BIO was the collaboration. Nothing replaces face to face meetings. It’s just the best interactive format for people to really learn who you are, what you do, and what you have to offer, and vice versa. So, this is the best way to further data integration and standards development, right?

The answer to this question is surprising. I recently spoke with a number of people who attended shows such as PITTCON and Smartlabs Exchange, and they voiced a common concern: while nearly everyone who gave or attended sessions agreed the need for data integration and standards exist, there isn’t a lot of agreement about what to do about it. The movement just lacks a clear direction right now.

The answer to this problem may be as simple as time. While the direction or the form of the change may not be clear now, shows such as BIO-IT and BIO International clearly indicate we are in the early stages. We’re seeing more examples of information exchange, more vendors creating new products, and people are talking. Which is to say, we’re making progress.

For information about MUSA's data integration and lab support services, contact us through MUSA's information request form or call (800) 401-9123.

First of all, it’s important to outline out what services you are looking for, and what kind of support you need. There are some firms that offer 24/7 support, while others only offer support during regular business hours. Also, it is important to know whether you will need the firm to send consultants to your site or if you would like them to work by tapping into your systems remotely to help you with your technology concerns. Most managed services providers work in a way where you can contact them through email or over the phone and they will respond in whatever mode is best suited for the job, including remotely accessing your network to support the issue.

More recently, companies have been moving towards cloud and virtual solutions. While these are definitely cost-effective and beneficial to companies to set up, they can still be demanding in terms of regular support and maintenance. It is important to find a consulting firm that is comfortable working with these technologies and can help troubleshoot incidents you may have with cloud computing or VMware servers. In order to verify this expertise, ask for VMware certified professionals, to make sure that the company has people on staff who have proven knowledge and experience working with these sensitive environments.

Lastly, If your firm is in an industry that has strict regulations to comply with, it is important to find an IT consulting firm that has the experience and certifications to be working on sensitive data and information in your industry. For example, if your firm is in the life sciences industry, which is rigorously regulated by the FDA, it is important that the firm you choose for your managed services solutions is familiar with HIPAA standards and regulations for data protection and integrity, and it is crucial that the technology consultants you bring in are GxP certified to validate your systems and hardware based on latest regulations. For firms in the financial industry, it is important that IT support staff is abreast of Sarbanes-Oxley regulations and is certified to be working in such a sensitive environment.

As mentioned in a previous blog post titled  “Domestically Outsourcing IT Services and Support,” the primary reasons to outsource IT services and support are to reduce and control operating costs, improve company focus, gain access to world-class capabilities, and to free up internal resources for other purposes. Thus, it’s apparent that outsourcing IT support, especially for day-to-day support issues that pull away resources from a company’s core function,  can be a good investment for a company. However, it is important to choose the right managed services provider based on your specific needs, including the size and type of your business, what kind of services you’re looking for, and what industry standards you have to comply with. By researching numerous managed services providers, and making sure to choose the one that best fits your needs, you will be able to find a solid partner for the long haul.

While this is a workable solution, it’s tremendously inefficient in terms of time and resources, and prone to human error. In some cases, the time lost due to the manual work, and/or errors can mean delays of days, even weeks.  This is hardly a new phenomenon. This problem has plagued the industry for years, and efforts to address this problem in analytical lab environments have lagged far behind other industries. For example, the medical device industry has long established data interchange standards and devices with compatible data outputs.

What is the explanation for this? A key factor is economic. In the medical device industry, the creation of standards and compatible devices was driven, in part, by cost controls. Faced with today’s highly regulated healthcare environment, users demanded it. Vendors, suppliers and organizations realized they needed to change, or they’d run the risk of losing a competitive edge. These same market forces do not exist to the same extent in the biotechnology  and pharmaceutical industries. However, there remains a glaring need for data integration solutions and standards. Users are certainly demanding it but the problem is, the vendors can afford not to listen.

The good news is that this may be changing. There is increasing momentum in the scientific community towards establishing data standards and integration. In the past decade, technology has been making a real impact in the labs. “Electronic” solutions are gaining ground and broader acceptance, as labs and business see that advantages of the “paperless” lab. Laboratory Information Management Systems (LIMS), and Electronic Laboratory Notebooks (ELN), are great examples. However, there is a fundamental difference between an “electronic” lab and an “integrated” lab. An electronic solution, like an ELN, addresses a particular process need, but this does not mean it provides a way for all the instruments – and their data - to work together.

There have been some attempts to create data standards for analytical labs. More and more user groups and organizations are sprouting up to discuss the issue, to propose and share ideas, and to think about next steps. While these efforts have not yet yielded tangible results, or made a broader impact, there is at least a grass roots effort underway to make something happen.

In my opinion, the biggest challenge to these efforts is a lack of leadership and initiative. The life sciences community  lacks communication and efforts so far have been siloed and insular. What the industry needs is leaders who are willing to take on the significant commitment of underwriting and supporting a serious effort to complete and establish a uniform data standard, to develop innovative data integration solutions, and to be able to influence vendors. If this occurs, it will energize the broader community, resulting in greater collaboration and development in the life sciences industry as a whole.

MUSA Technology Partners has committed to this challenge. We have partnered with innovators in the data integration space, allowing us to offer unique solutions to the biotechnology and pharmaceutical industries which will give scientists tools that will allow them to work more efficiently and accurately with their instrument data, as well as saving time and resources. The net result is that more time can be spent working toward research objectives, and less time worrying about technology issues.

For information about MUSA's data integration and lab support services, contact us through MUSA's information request form or call (800) 401-9123.

by Douglas Lantigua, Principal, MUSA Technology Partners

There are four primary reasons why a business or organization should (domestically) outsource any portion of its IT services and technology management:

1. Reduce and control operating costs

2. Improve company focus

3. Gain access to world-class capabilities

4. Free up internal resources for other purposes

Source: Survey of Current and Potential Outsourcing End-Users
The Outsourcing Institute Membership

The reasons to outsource your IT infrastructure are apparent, but what isn’t so clear is how to best handle it. This is an upfront, unbiased outline of how to manage technology outsourcing correctly, and how to avoid falling in a common IT outsourcing trap that many organizations find themselves fall into. If you follow this advice, you can make the most of outsourcing your IT, and reap all the benefits that come with it, without the common pitfalls many organizations face.

Depending on the size of your organization, the role of technology vendor management is likely one person’s partial responsibility, or is left to a multi-tiered management structure to handle. Once the decision to domestically outsource IT services is made, a line is drawn within the organization to separate the internal knowledge and management from the outside vendor. The front line, internal resources are in place to make sure the IT services vendor performs work that is in alignment with company objectives. Internal IT roles shift from the management of departments, people and projects to the management of the external IT services vendor.

Technology outsourcing companies in general have become skilled at creating self-seeking contracts through an evolution of  service delivery, exclusive contracts and assumed expertise. The company that is outsourcing a division may have a few people who have lived through an outsourcing and the intricacies of the contract details, but every year vendors gain additional knowledge and experience on how to write contracts that seem to only benefit themselves.  Most of the larger outsourcers are public companies driven by market forces that demand higher profits and the expansion of services. At the same time, vendors are in a conflicting position to answer to management and stakeholders for higher profits while also trying to align with their client’s goals of lowering costs. The conflict of interest apparent here tends to create long term problems.

The original contract usually turns out to be a building block towards costly contract changes. A large company that has outsourced may review their contract and see what is working and what isn’t every five to ten years. Once the outsourcer controls the entire process and resource pool, it is relatively easy to demand fees that aren’t on par with market rates. In many IT outsourcing engagements, the company outsourcing its work will sell its IT equipment to the service provider for a good amount of money, in return for the short term cash influx. The reasons are mainly to offload all aspects of the IT burden and turn it into a service provided for outside of the firm. However, once the IT services firm holds a monopoly with its' clients environment and ownership of the equipment, the ground is fertile for less than ethical behavior. When the original firm needs a change to the base outsourcing contract, which can happen often over a 5-10 year period, the costs tend skyrocket. 

The moral of the story: Do not sell your infrastructure to an outsourcing company unless the infusion of cash is absolutely necessary in the short term. Maintaining control of the infrastructure is an essential step in protecting the company from contractual obligations. This will break up the monopoly and keep project costs closer to actual market value. Also, by introducing some rivalry in the environment, the large outsourcing company will be kept on its toes when faced with potentially losing business. Without this competition an orgainzation will need to live with the equation where the result is added into the recurring service fee: [(the organization’s ‘walk away’ from the contract fee) / (Monthly service fee)]* [(Level of the organizations business critical need of the project or service on a scale of 1-10) * (10,000)] ^₁

By going with a multi-vendor model, an organization looking to outsource has the ability to freely choose the best of breed service delivery model for each particular subcomponent of its technology outsourcing needs. The firm should place strict terms of engagement to limit the role of a company coming in to do a particular service. This will keep the multiple vendors in harmony in their roles and allow them to work together to deliver a cohesive overall service. Contracts should be made shorter to keep the service quality high for the duration of the contract, and to increase competition between vendors. When outsourcing IT services, there is little difference for an orgainzation between managing one vendor or multiple vendors. If the orgainzation prefers to only interact with one vendor, another general contractor vendor can be brought in to govern the interactions and assist with contract negotiations since they will likely come up more frequently. For many reasons, domestic technology outsourcing is advantageous and here to stay. However, how an organization chooses to outsource will determine its success with it.

¹This formula is a simplified model, but for organizations that currently outsource their IT, this concept will look all too familiar.

For additional insight or help with successfully outsourcing technology services either partially or completely, contact MUSA Technology Partners, a rapidly growing technology consulting firm based in Cambridge, MA, through MUSA's online request form or call us at (800) 401-9123.

Cloud computing, although it seems to have become the latest buzzword in technology today, has always been a vaguely defined term. The cloud is referred to as a metaphor for the internet, so the most referred to definition of cloud computing has to do with using “virtual servers available over the internet.” (InfoWorld ) The definition is very vague and up in the air primarily because cloud computing is such a new and developing idea. However, simpler forms of cloud computing have been around for a long time, and chances are you’ve already used it in some form or another. It also appears that cloud computing is gaining in prominence, and is likely to become the most valuable trend in IT of 2010.

One common example of simpler forms of cloud computing that have been around for a while already are Hotmail, Yahoo! Mail, or Gmail. The emails and data you access through these services are not stored locally on your computer, but on a server or network your browser accesses over the internet. Thus, your files are not on your local computer, but in fact somewhere on the cloud, and are accessed by your interface software, the browser. Traditional concerns with cloud computing have been about security, but according to James Deoulakis of GlassHouse Technologies, “the security concerns have been reasonably addressed through encryption and other techniques... Cloud services providers have been refining techniques to reduce latency and protect data more efficiently, meaning that their offerings will become more attractive to other users.” (CRN.com )

With security concerns moving out of the way, it appears that cloud computing is ready for implementation on both public and private ends in the near future. Cloud computing is also starting to be seen as a cost effective solution for developing a disaster recovery and business continuance plan, because it allows data to be stored safely and cheaply on a location away from the local server. This means that if a local server or hard-drive crashes, it will still be safely stored and accessible through the cloud.

Even those who have been hesitant to move to cloud computing in the past, will now have to consider moving towards cloud computing. John Ross, CTO of GreenPages, states “2010 will be the year of planning for the cloud. During this time everyone, customers, vendors, resellers and integrators will need to stop thinking about how we have done things in the past and begin to think about how we can do things differently with the resources that are being made available to us.” (CRN.com)

For more information or help on how cloud computing and server virtualization can help your company, contact MUSA Technology Partners through this web form.

Digg This!

Subscribe to the MUSA Blog RSS Feed

Most companies do not start planning DR/BC initiatives early enough. It is far easier to implement a plan early (and then build upon that original plan) than it is to implement a new plan after you have hundreds of servers over multiple geographic locations. There are several techniques to determine which applications and services require special attention, and most are dictated by the business. However, since IT provides the core services that enable access to these business essentials, there’s a cascade of dependencies which also need to be accounted for. For example, it really wouldn’t matter if the ERP system was up and running if the end users couldn’t authenticate or locate the ERP system on the network. When mapping out the business-critical applications and services, make sure to design a highly resilient supporting infrastructure that is easy to maintain and keep in alignment with business and DR/BC goals.

Notice I’ve been writing about ‘applications’ and ‘services’ and not servers. This is because businesses care very little about a server, but instead care very much if an application or service is available. The server culture is under constant attack from clustering, virtualization and cloud computing deployments. As long as applications and services are available, the business will not care if half of the servers supporting this functionality crashed. Appliances are a different story. In the last decade, the trend was to deploy appliances to lessen the burden on IT departments for deployments. Today, most vendors are moving toward virtual appliances and you should take advantage of this trend. 

Tier your applications and services in a list broken down into:  

Uninterruptible Goal of 99.999% or better uptime (roughly 5 minutes of downtime per year)
Essential Goal of  99.995% or better uptime (roughly 30 minutes of downtime per year) 
Critical Goal of 99.99% or better uptime (roughly 1 hour of downtime per year)
Important Goal of 99.95% or better uptime (roughly 4 1/2 hours of downtime per year)
Enhanced Goal of 99.9% or better uptime (roughly 9 hours of downtime per year)
Standard Goal of 99% or better uptime (roughly 3 1/2 days of downtime per year)
Other – Can be down for multiple concurrent days

Companies that use a chargeback model should include DR/BC costs against this chart or a modified version of this chart. Calculate the overall cost and amortize for the life cycle of the implementation.

You may find you don’t want all of these levels of uptime and would be better suited to only offer a couple of levels. It is important to differentiate between Disaster Recovery and Business Continuity. You can argue the definitions for years, but to make it simple, I’ll break it down this way: Disaster means that your datacenter or facility is completely offline for an unacceptable amount of time where people/applications/services need to be relocated to continue normal operation of the business. Everything else falls under Continuity. It is far easier to recover from an issue without moving people/applications/services. The Business Continuity is mostly a site-specific action plan with a couple of modest exceptions relating mostly to infrastructure. 

Your typical SunGard type facility works with tape restoration. This can take several days to get fully back on line before people can work and your core business is functioning again. Unless your facility is completely unusable for a period of time, this option is perfect for a pinpoint Disaster like a fire, but fails the local community when multiple businesses are in need of the same facility. 

Only the business can determine the criticality of each deployment. Infrastructure will need to respond by making the core services available at the same service level or better. For example, if infrastructure is responsible for ensuring a database-driven application deployment needs to be available at 99.999% uptime, this requires every dependency to have even better availability. Consider the database, network, servers and connectivity to the system all have 99.999% uptime; if each of these dependencies has a 5-minute outage, the overall deployment has a 99.995% uptime. The business should understand the cost of requiring multiple 9’s right of the decimal point. The cost incline isn’t as steep as it was a couple years ago, but the cost can be significant and multiplied if the business and IT organization doesn’t take a holistic view of DR/BC.

For help developing a disaster recovery and business continuance plan, contact MUSA Technology Partners, experts at DR/BC solutions.

Digg This!

Subscribe to the MUSA Blog RSS Feed

by Warner Jones, MUSA Technology Partners, Cambridge, MA

Most people today agree that business data and applications (email, financials, supply chain, etc.) are key components of their business operations. Many will state unequivocally that their businesses simply could not operate without them. Yet, people address this dependency with varying levels of commitment to protecting it. Some people operate under the assumption that nothing bad will ever happen to their data and applications - those people are often surprised in the worst way at the worst time. Others recognize that something bad might happen, but they figure that they can create a work-around (using paper files and manual processes) if that ever occurs – those people often underestimate what they can cobble together in a crisis. Some people do understand the full extent to which a loss of business data can affect their company and recognize that some companies will never recover from such a loss, but not nearly as many people put serious thought into this issue as should.

So, what could possibly happen to your business data and applications?

• A disgruntled employee deletes data from your server.
• A virus corrupts your data.
• A hard disk crash occurs in your file server or mail server.
• A fire breaks out within your datacenter or server room.
• A loss of power occurs due to storm damage.

Any and all of these will interrupt communications within your business as well as between your business and your clients. In fact, there are myriad reasons why you need to develop a plan to first back up your data and, second, have an alternative plan to run your business if your primary datacenter is down for an extended period of time.

Business Continuity

Disaster recovery is actually part of the larger topic of Business Continuity that also includes planning for personnel, facilities and communications in case of disaster. For this discussion, we are focusing specifically on IT infrastructure and planning for the eventuality of a disaster that affects your data and applications.

Time is Money

In order to adequately assess your options, you need to answer some tough questions:

1. How much data can you afford to lose in the event of a failure?

1. Could you survive without the archive of your emails from the last 12 months?
2. How would losing the Excel, Word and data files you’ve created in the last 30 days affect your business?

2. How long can you be without your data, business applications and email?

1. How would you run your business without email for a day? What about a week?
2. Could you get by without access to your financials for a few days?

Possible Courses of Action

Each of the following are possible courses of action -  progressing down the list increases the security and reliability of the course of action to turn it into a solution for your business:

1. Do nothing and accept the inherent risks of data loss and downtime.
2. Back up your data to portable media and store it off-site.
3. Back up your data off-site to a third-party online service.
4. Back up your data to another company location.

Certainly, solutions for disaster recovery will vary depending on the size of your company and often on your budget. Larger companies have more data, but they also usually have more money to implement complete solutions to ensure their continuity of service.

Assessment and Planning

The first step towards understanding an appropriate solution for your business is to conduct an assessment of your internal systems and your risk tolerance. MUSA Technology Partners can assist with this evaluation and provide recommendations for solutions that are relevant to your feature and budget requirements.

For a more technical discussion of how a large company can leverage its Virtual Private LAN Service (VPLS), check out the article by Doug Lantigua on Networking for Disaster Recovery and Business Continuance. This article also discusses the Run Book, Recovery Point Objectives and Recovery Time Objectives.

Contact MUSA Technology Partners for more information or help with conducting a Disaster Recovery and Business Continuance plan.

Digg This!