Skip navigation
1 2 Previous Next

IT Peer Network

21 Posts authored by: Ilene

Once again, I find myself in a position where I should apologize for the delay in posting this last vblog conversation I had with Intel's CISO, Malcolm Harkins. I could say that I saved the best for last but frankly, they are all good (in my never-to-be-humble opinion ). The last question I posed to Malcolm was what are the security challenges a company faces when employees want to start using their own devices within the corporate environment?


Malcolm talks about both the benefits and challenges of IT Consumerization. For example, how do you intermingle or keep corporate and personal data separate on the same device? Check out his answer below and if you haven't had a chance to catch the other four, the links are here.




Well, I missed a week but I'm back . In the continuing series of my discussions with Malcolm Harkins, Intel CISO, here is the fourth of five vblogs on the various hot topics. In this week's vblog Malcolm talks about how misperceiving risk can be the greatest vulnerability we face today, whether it is over exaggerating or under estimating.

If you haven't had a chance to catch the first three, check them out here:
--Malcolm and security and the cloud
--Malcolm talks about how embracing social computing can reduce risk

--Information Security: Is compromise inevitable?


We, in Intel IT, have had to rethink how we protect Intel. In the old days, blocking everything and only accessing anything within the firewall was the best way to 'protect' our assets. In the new days...with employees wanting to have access to information and data anytime/anywhere, the old ways of thinking just don't work. In fact, if we keep trying to block and tackle everything, we will actually increase the risk because employees will go around and find their own ways in an effort to be more productive. Check our the attached IT@Intel Executive Insights: Intel IT: Information Security should Protect and Enable.

"What is the best way to get the most ROI from every IT dollar invested?"...that is the question of the day! If someone had THE answer to this question we would all be the heroes. At Intel IT we struggle with this same challenge and we believe that, in part, the answer lies in our IT strategic planning process. If an IT organization has a strong strategic planning process, it can become the foundation for IT investments now and in the future.


We have been able to better respond to the dynamic nature of our business since implementing an IT strategic planning process two years ago. As a result, we have been able to better align IT investments with Intel corporate strategies, and better manage our IT budget to improve the business value of IT.


We were better able to anticipate key trends like Cloud Computing, IT consumerization and social computing as a result of our strategic planning process.


The two resources below outline our IT best practices in this area:


  • Executive Insights, Intel IT: Maximizing the Business Value of IT (attached)



Do you do a strategic planning process in your organization? Does it look anything like what we are doing here at Intel IT?


Let's share our best practices and learn from each other!

As I promised last week, here is part three of five vblogs from Intel CISO, Malcolm Harkins. In this short blog, Malcolm talks about why Intel IT has undertaken a radical new five-year redesign of our information security architecture. Malcolm says that compromise is inevitable under almost any compute model, find out why...


If you haven't had a chance to catch the first two, check them out:
--Malcolm and security and the cloud
--Malcolm talks about how embracing social computing can reduce risk


Back in March, I posted a blog on the first of five very short (~1 minute) vblogs with our CISO, Malcolm Harkins. Malcom has some very distinct ideas on some hot industry topics, like cloud computing, IT consumerization, social computing, etc. The first vblog gave Malcolm's perspective on security and cloud computing, the second one, embedded below, gives Malcolm's unique point of view on security and social computing. In this vblog, Malcolm suggests we embrace social media and social computing to reduce risk.




Next week I'll post how Intel IT is embarking on a radical five-year redesign of Intel's information security architecture, so keep comin' back!

What does cloud computing, information security and IT consumerization have in common? Among other things, they are included in three new audio podcasts from Intel IT. These podcasts are great for downloading and listening on your favorite device. Each of these audio podcasts shares Intel IT’s perspective from the Subject Matter Experts doing the work.


Check out:


Looking into the Cloud featuring Das Kamhout and Ajay Chandramouly. In this cloud computing podcast, Das and Ajay examine the enterprise cloud computing initiative at Intel. See how easy provisioning a server can be, and find out how a worldwide technology corporation can increase productivity and save in a big way by deploying a private cloud.


Rethinking Information Security featuring Malcolm Harkins, Intel CISO and Alan Ross, Principal Engineer. Malcolm and Alan discuss how our radical new security architecture is enabling new usage models like cloud computing, IT consumerization and social computing.


Consumerization of IT featuring Ed Jimison and Ron Miller. Learn how Intel IT enabled user-owned devices into the IT infrastructure safely and efficiently.


RFID and IT Sustainability?

Posted by Ilene Apr 26, 2011

What does RFID and IT Sustainability have to do with one another? Intel IT is using RFID to track our assets in order to help us lower our carbon footprint. I asked my colleagues Rob to share the detail behind using RFID and some of the success we have had:


Asset Accuracy with Location Based Services

Is there sustainability value to be gained from upgrading your data centers  to track assets with a Location Based Service (LBS) such as RFID? The answer is a resounding "YES". As we have begun proliferating RFID within our DC's and increasing our tracking accuracy to 100%, we are now able to use the visibility that LBS is providing us to add solid numbers that can be used for accurate capacity planning. Prior to implementing RFID, our audit system was a very manual process and a difficult burden on the employees. They would print out documents and walk the floor to validate the location of a sample set of assets within the Data Centers. 100% validation was rarely done, and was only done in spot cases where accuracy levels were suspected to be below an 80% "target". Also important to note is that our audits were book to floor only, and did not identify or correct any EOL assets that were still plugged in pulling power.


After re-vamping our DC and introducing Location Based Service tracking, we have transformed our process from a simplistic tracking mechanism into a powerful visibility resource that provides us direct actionable information. We now can do 100% floor to book and book to floor validation without burdening the employees. To give some examples of the numbers we pulled right after install that are relevant to planning DC power:

  • 17% of our assets were documented in an incorrect DC and are now correct.
  • 28% of the assets we expected to see in the DC weren't there, so their association was removed.
  • 2% of our assets were expected to be retired, but were still found to be in the DC pulling power.

Obviously the variability in these numbers make used to make any actual planning difficult. Our DC planners had been forced to use general plan instead of actual plan numbers. But now that we have upgraded to an LBS methodology for collecting actual numbers, we are managing DC planning (including power planning) much more efficiently.


Location Based Services is definitely a growth opportunity for IT for a multitude of reasons, and I’m very interested in collaborating with other companies that are doing any work in this space.
---- Rob Colby - Intel LBS/RFID Architect.

My job with Intel IT just keeps getting better; I have the opportunity to share new information, new approaches and new ideas from our own IT organization.  Many of the stories I share are projects from my colleagues that are large and can take many months or even years to implement, like our Rethinking Information Security to Improve Business Agility paper that outlines a radical five-year redesign of our security architecture.


That’s business as usual and it’s fun and fast-paced.  However, as Earth Month begins many of us, including me, think about the impacts we can make as individuals too. I thought it would be appropriate to share this story from my colleague, Karen who manages Intel IT Sustainability communications and messaging for our employees. Karen’s story is about just how powerful the combination of talent and passion can be, even when it’s to the power of one!


Below, in Karen’s words, is about the difference one person can make for IT sustainability…


Think globally, act locally”.  It’s a pretty familiar mantra for guiding environmentally responsible behavior.  Just recently our IT Sustainability team here at Intel got a quick refresher course on just how well it can actually work, courtesy of one of our program team co workers.


As a team, we’d been discussing helping employees become aware of their individual energy footprints (Computer/monitor energy consumption/carbon emission/paper usage etc).  We were thinking globally and asking great questions like “What’s the best way to report progress?”  “Will employees feel like we are “snooping” over the network on their computer or printer use habits?”… You get the picture.


One of our team members, Randy, was inspired to  literally act locally, specifically to see how much info the  local machine could report to its user about energy use.  He went to work on it, and what he came back with was an awesome desktop “gadget” that a user can self install to provide visibility via a simple score into energy behavior (how often the machine goes to sleep, how many jobs are sent through the local print queue etc) and offers tips and tricks to improve energy use and reduce waste.


Did it happen overnight?  Of course not, we did take the gadget through all required due diligence and testing but it was still pretty quick and everyone we worked with as we moved through normal process was impressed by how simple and effective the concept was.


Did it make a difference?  Yes! Today it’s officially known as the “Green Gadget” and it is up on our internal “gadget store” for user “pull” install.  And yes, users are installing it and talking or blogging about it and the impact it has.  I can say personally that since I have installed it on my own machine maintaining a good “score” has been really important to me, I was surprisingly reluctant to print out a series of test images for a major event recently because I wanted to keep my good energy score!   Other users of the gadget have reported making similar adjustments to their habits in order to manage their scores, it is driving positive change. 


Employees take their impacts on energy use seriously here, and the Green Gadget is a great example of how one person successfully used his programming skill, technical curiosity and passion for conservation took local action that is literally driving thought, conversation and change globally within Intel.

In some of my other blogs you may have read, I have talked about the Intel IT Sustainability Program Office and some of the work that Intel IT is doing to lower our carbon footprint. In honor of Earth Day 2011, I asked my colleague Bill, Program Manager for IT Sustainability to give his perspective on Intel IT Sustainability and where we are finding energy savings and where our investments have paid off. Below are Bill’s thoughts! HAPPY EARTH DAY!


What is your footprint... As an, individual, I have a house, yard, drive to work every day, recycle as much as we can, a hybrid, that vehicle for the heavier lifting, recycle as much as we can etc. would love to put solar panels on the roof.. kids of collage age is deferring that  investment so far. I think I am balanced, managing our footprint, strive to do more.


For an IT organization what is it's footprint and how do we change it, what else can IT do to improve the corporations footprint. A couple of years ago Intel IT took a strategic step and established an IT Sustainability Program office. I get asked frequently how is it going, my first thought is great we have been hitting our goals,  getting the organization engaged, decreased our footprint 10% .


We started with defining  just what an IT Sustainability footprint is, Co2?, electricity?, water? , waste? etc and where do we have leverage. The corporation already had mature processes and a culture for reuse recycle and conservation. As we looked closer we concluded electricity and it's associated co2 emissions is IT's biggest opportunity.


The 1st bump in the road was measuring the footprint and sensing change, it was pretty easy to do some back of the envelope calculations of our footprint but we needed to  sense change in standard way, we have very few metering systems to isolate IT consumption, tens of thousands of assets distributed with no way of measuring their actual energy  consumption. What we do have is an IT inventory data base tracking assets and their locations.  We developed a model using the inventory data to estimate an assets energy usage, ie power x hours in a year x percent on etc. sum it up and bingo an estimate of energy usage, which correlated pretty well with what meters we do have, as the inventory changes we sense energy change.


Servers are our highest energy consumers , followed by DC facilities overhead, network and storage, a surprise was desktops and Laptops being less than common perception. Their power draw per system is lower tends to have some power management, and  for laptops users have a natural incentive to turn off conserving battery life. With the model we are able to estimate change nicely for our environment.


As with most IT organizations ours is constantly focusing on satisfying our customers needs and improving our efficiency, balancing cost with performance..  Over the past two years our efficiency goals have been aligning nicely with Sustainability.  Server refresh, network port consolidation , server virtualization all are having the net effect of  reducing our energy footprint, avoiding construction of new data centers, while increasing our computing capacity.  With few new Data Centers being built, we had less opportunity to design in energy efficiency. The Data center engineering team started looking at low cost retrofit opportunities, such as tile management, blanking panels and hot aisle cold aisle  containment work, variable speed fan retrofits etc..  Adding up to 10% improvement over two years.


Now to my second thought, how is it going… there is so much more opportunity, how can we apply IT better to enable human behavior, manage buildings consumption, the supply chain , other  potential  applications of IT capabilities. Where is the innovation going to come from, technology efficiencies will keep coming  we will continue to see power improvements servers , storage, clients, network etc, need to adopt within business environment boundary conditions. We need some breakthroughs in applying IT outside IT's 4 walls, breakthroughs in valuing and financing energy efficiency work , I hear there is pay back on those solar panels I want, I just can't write the check. Building engineers and IT experts work in different circles so may not see breakthroughs by applying their combined skills.


What  worries me,  Jevons Paradox (which I just learned of recently), with increased efficiency in using  a resource the consumption tends to increase. I remember  a factory manager twenty years ago saying "I am not going to give automation any more Ethernet, they'll  just use it all, and ask for more". Is there a killer app on the way that everyone has to have ..needing much more compute capacity, out pacing Moore's law.  We all start talking to our computers Star Trek style, cpu's reading our  thoughts, hopefully running at just a few watts.

With the fast pace of the changing technology landscape and new usage models such as Cloud Computing,  IT Consumerization, and social computing security remains one of the highest priorities for IT. I decided to sit down with Intel’s CISO, Malcolm Harkins and ask his perspective on these various security challenges.


I got Malcolm’s thoughts: security and the cloud, security and IT Consumerization, security and social media, how Intel IT is ‘rethinking’ their security architecture to support all these new models and finally, what does he mean when he talks about the greatest security challenge is the misperception of risk.


Take a look at each of these very short (~1 minute) videos. The first one embedded here is security and cloud computing. I will release the other topics during the month of May. I hope you will comment and give your perspective on these topics and let us know what your IT organization is doing to enable these new usage models. I look forward to the discussion! And since I’m asking, what other security topics would you like to ask Intel IT?


Malcolm Harkins, our CISO, recently published a blog “Clear Focus on Risk Leads to Laptop Security” discussing how the odds of having your laptop stolen or missing is one in ten! This represents not only costs in terms of hardware, but the loss of IP and confidential data is nearly priceless. Seventy percent of companies in a recent study admit to doing nothing to protect their laptops and data. No encryption.  No back-up.  No antitheft technologies. Is that because they misperceive the risk? The misperception of risk can blindside you.


See how Intel IT approaches this idea in a presentation given by Malcolm, The Misperception of Risk, and this blog by my colleague Chris Peters on the same topic: Information Security Best Practices from Intel ITWhat do you think of this approach?  Malcolm and his team have driven down Intel’s number of wayward laptops to less that 1 percent, about 700 computers a year.  That’s 5 to 10 times fewer than any of the companies in the study.

Here at Intel we've had a strong focus on improving and embedding sustainability efforts both inside and outside of our data centers. The work that we've done through server virtualization as part of our server refresh cycles is now saving Intel millions of KWH each year due to the efficiencies gained. Beyond the data center though we're looking at ways to improve the efficiency of computing resource usage in our office and lab areas. This includes not only the electricity needed to power the devices, but also things like paper consumption due to printing. While the savings opportunities are not nearly as large in this space as we've seen in the data center, there is still value in integrating sustainable practices in everything we do.

As we all know, you can't manage what you don't measure. We'd taken the first steps toward understanding our office and lab usage at a macro level and had a feel for where we might be able to influence change. The challenge then was how to make the data visible and actionable at a personal level.  What we've decided to try is providing a tool that can be installed on a PC that allows for tracking of power management and printing behavior. We wanted usage to be optional so as not to seem too "Big Brother" but we also wanted ease of use and timely feedback available to the employees.

One of my colleagues in IT, Randy Sole, developed a gadget that sits on the desktop where employees can get nearly real time feedback. This gadget uses system event logs to gather data on system shutdown/sleep and printing history. We then use the data to generate a score in the areas of power management and printing. Detailed data is available as is content guiding the employee on how to improve their score. The goal of course is to have employees shut down machines when not in use, have their PC's power management settings such that unused machines power themselves down, and to reduce the amount of paper used printing. I have captured a screen shot of my personal usage below, I definitely need to improve shutting down my system when I’m not using it but I am doing well in shutting my system down at night and my printing!


I have sent out a ‘friendly competition’ invitation to my team mates to download the gadget and compare scores at the end of the month. I’ll keep you posted on how the competition goes.

Have others taken a similar or different approach and what have the results looked like in your organization?




In Part 1 of Server Refresh + Energy Rebates = A MATCH, I chatted with my colleagues Tom and David to understand how they were able to motivate their internal customers to stay on track to a four-year refresh cycle. In Part 2 of this discussion, I talked again to David and to his colleague Mary. Mary is a System Administrator and Resource Planner within the Computing Solutions and Services team. Mary owns server purchases and removals.

David – You spent a lot of money to get a rebate that only paid for a fraction of the costs. What other motivation did you have for doing the refresh?

• Great question -- Being a good corporate citizen. Doing the right thing is all part of the big picture. Look, our data centers were reaching capacity limits with no end for incremental growth. An opportunity was presented to remove older capacity refreshing with newer. We just needed to figure out the multiplier and calculations to achieve a reasonable refresh ratio. In an Intel IT white paper: Realizing Data Center Savings with an Accelerated Server Refresh Strategy, we found that we can achieve consolidation ratios ranging from 7:1 to 13:1 depending on the workload and other factors, while substantially reducing energy consumption. Just imagine your data center footprint reduction, power reduction (mechanical/electrical) and my favorite reduced hardware support in addition to a reduced monthly/quarterly power bill. The benefits are long term… 


Mary - You didn’t have much time to remove such a large amount of equipment, how was that done?

• Running an efficient, streamlined end of life (EOL) process is important when you are trying to remove a lot of servers from your data center.  Effective customer communication is key to being successful in accomplishing incident free EOL.  Our EOL Process is done in two phases.   The first phase, is essentially our planning phase and where our initial customer approvals take place.  Out of warranty compute servers are identified 6 months prior to the EOL date.  This gives us ample time to contact server owners and to identify critical servers that cannot be EOLd.  The second phase is the EOL Execution.  This is where the actual EOLing of servers take place.  Due to our diligence during phase 1, we are assured that everything targeted for EOL can be shutdown without interruption to our customers.


David - Did the Energy Trust conduct audits to make sure equipment was removed?


• Yes – An ETO representative performed a final verification. The verification consisted of power readings (within 10% of the forecasted readings), hardware class and quantity. The hardware power readings were monitored for five days meeting all the requirements. Actually I found the process easy and the contracting firm flexible. The representative brought their own equipment for testing to acquire the necessary results.  

Mary - What happens to the removed equipment?

• All of the equipment goes through the Intel waterfall process.  Some of the servers are sold to recyclers through the Intel Resale Chanel.  In Oregon, we have donated portion of our EOL equipment to StRUT (Students Recycling Used Technology).  StRUT is a program incorporated into Oregon Schools where students take donated computers and equipment and learn to refurbish and recycle them.

Mary - What did you use the rebate money for?

• We have completed two energy saving projects using the rebate money, we replaced and recycled CRT monitors with new LCD monitors and replaced and recycled hard disk drives with solid state drives.


David - If others are interested in finding similar opportunities in their areas, how should they go about finding them?

• If you search your local power companies web site, there is usually rebates set aside for businesses. In most cases, contact information is available to call the program manager directly. The first step is making the call… second, finding out what rebates are available… Third, find out what benefits are offered sized appropriately for your business to initiate server, monitor, lighting, building upgrades (mechanical/electrical) refresh/upgrades.


David - Are there some concerns you had?

Knowing what to ask and share the right data is always helpful…
• In most cases you will be asked to share specific data so it is recommended to have a non-disclosure agreement in place and always gain prior approval before sharing any third-party information 
• If you have an idea and willing to share this with the utility power company program manager, a customized program can be developed around your idea. It might be a onetime offering or yearly offering. 
• Know your target – if you’re refresh servers, ask the Utility Power company for a template to calculate the refresh. If this is not available I found several key searches for the word “sustainability” on the web.

One of the unexpected benefits of server refresh is potential energy rebates from local organizations or utilities looking to encourage IT Sustainability. Understanding the financial benefits of a four-year server refresh from a ROI/TCO perspective is relatively easy, however balancing tight schedules and deliverables in a data center can be a challenge.

Several of my colleagues, Tom, Dave and Mary, from our Computing Solutions and Services Team wanted to find a way to keep their internal customers (finance and management inside Intel IT) focused to stay on course to refresh servers on a four year cycle. They were fortunate to find a local non-profit organization, chartered with helping utility ratepayers use less energy. It was a match! did the relationship develop? I chatted with Tom, Dave and Mary to find out the ins and outs. Like any good relationship, it took time and effort.

Part I of 2: I interviewed Tom, Manager of the Computing Solutions and Services team within IT’s Engineering Computing organization and David, System Administrator and Data Center Planner within the computing Solutions and Services Team. Tom and his team manage the Linux servers used by Intel’s design engineers in northwest America and David, owns server landings and data center space allocation.


In Part 1 we discuss how to get started…..


Tom/David – Describe the work you did with the Energy Trust of Oregon (ETO).
• David, Mary, and I worked with the Energy Trust of Oregon to create a custom rebate that would help motivate our internal customers to save power in our data centers by refreshing 4 year old computers with new multi-core computers.  To do this we had to understand the power use, and the CPU performance of the old and new computers. We also needed the estimated costs of the new computers, and the power draw.  With this information the Energy Trust of Oregon created a rebate based on the reduction in the power used when old computers are replaced with a smaller number of computers that have an equal amount of compute power.  The end formula looked something like this:
#old * old_CPU / new_CPU = #new; #old * old_power - #new * new_power = power saved; rebate = a fraction of the power saved, or a fraction of the cost of the project

Tom - Wasn’t it difficult gathering the documentation and data for the agreement?
• The first time it was a little difficult to find the best sources for the data.  We looked at industry standard benchmarks for calculating CPU performance and at vendor specs for the power measurements.  In the end we decided it was more accurate to measure the CPU performance and power usage based on our internal application usage.


Tom - How did you know what the refresh ratios should be? 
• We used benchmarks that are based on internal applications.  By running these benchmarks on the old and new computers we could calculate the throughput of each system type.  Due to the single threaded nature of the benchmarks an instance of the benchmark was run for each core in the CPU. In the end the total throughput was compared.


David - How did you get power ratings?
• The power readings were established through a voltage meter. I might  note that after the system boots, the Amps, Watts, and Volts normalize to lower values. It is recommended to launch a CPU stress test easily downloaded from the Internet. There are several available to select from. We used the same benchmark stress test application to simulate loads against the system(s) starting at 50% CPU utilization to 95%. The readings stayed fairly consistent from 60-80% CPU utilization with little to no increases. Capturing the average readings helped reinforce normalized production runs and actual simulation. We validated this by launching an actual job to the system(s) watching the increase and decrease of CPU utilization during the job start time and completion.       

Tom - So, this was a customized agreement with the ETO; are rebates available that happen automatically (like you get when you purchase a new refrigerator)?
• Yes.  This agreement was customized in order to get the most power savings for the high number of computers that are online.  The Energy Trust of Oregon also has a standard Virtualization rebate that doesn’t require working directly with an ETO engineer.


David - What type of return did the ETO expect in the way of power saved?
• First and foremost, reduced power consumption.
• Although the ETO is based on green power and reducing power consumption, ETO has provided the catalyst for those customers willing to reduce kWh/yr or Kilowatt hours per year. This saves the local power company from building out new electrical grids, thus saving power companies millions of dollars for new infrastructure. So in truth, the small amount of refresh each company can do benefits the power company which in turn will reflect savings on your monthly/quarterly power bill.   


Stay tuned for Part 2 where we will share the results and benefits

Filter Blog

By date: By tag: