The death of the mainframe is greatly exaggerated, says CA

With mainframe software tools forming a key part of its overall growth strategy, CA Technologies remains proud of its mainframe heritage

THIS ARTICLE COVERS

IT in ASEAN

With more than half of its revenue tied to the declining mainframe market, CA Technologies may seem beholden to an ageing technology that is still being used by the world’s largest enterprises for processing huge volumes of transactions – at least from the outside.

But Martin Mackay, CA’s president and general manager in the Asia-Pacific and Japan (APJ) region, begs to differ. The Briton, who has been in his job for just over a year, believes the mainframe still offers unparalleled reliability even as more enterprises look to modern computing platforms to power their business.

The 41-year-old company is not standing still, however. It is in the midst of transforming itself into a provider of not only mainframe tools, but also software and services to help companies develop software in an agile and secure manner.

In an exclusive interview with Computer Weekly, Mackay talks up CA’s efforts to rally its employees around its growth strategy, the state of the mainframe market, and how companies in APJ are faring in becoming what CA calls “modern software factories”.

How is CA Technologies transforming itself to keep up with the demands of enterprise customers?

Mackay: Over the past five years, we have undergone transformation in three areas. The first is to become an organic software company built for growth – and that requires us to change the whole culture of CA. The second is to look at acquisitions that will support us in that growth. The recent ones, such as Veracode and Automic, bring key products that are complementary to our existing portfolio and can expand our market share. The final transformation is one that we talk about all the time, which is that our own customers have to undertake transformation in order to be flexible and be built for change. We have driven that transformation through our DNA, which has 10 elements, such as uncompromising integrity, focusing on customer-centricity and creating a memorable employee experience.

What that transformation means from a product strategy point of view is the concept of the application economy, where every company needs to operate as a software company and rethink its processes, culture and technology to put the customer at the heart of its business. And the way a customer interacts with a company is through software. That brings us to the idea of a modern software factory that enables organisations to drive high-quality software development through automation, be agile in the way they operate, respond to customer insights and embed security into every application.

Are companies in Asia-Pacific and Japan far from becoming software factories, especially those in industries such as manufacturing that want to focus on what they do best, rather than develop software?

Mackay: That’s a fair point. The manufacturing base in APJ is probably focusing more on using technology to automate processes and improve quality. The service industry, however, is using software to improve its competitive advantage. We recently ran a survey which found that 87% of executives in APJ are talking about software as imperative to their business transformation initiatives, and 95% are talking about software being an important growth driver.

The challenge for them is the ability to execute, with only 30% of executives happy with the progress they are making in terms of finding the talent they need, doing more with less, and overcoming legacy challenges. Some markets in APJ, such as Singapore, are more adept than others in overcoming those constraints.

How is CA faring in its own transformation?

Mackay: In becoming an organic software company, we have been bringing products to market ourselves rather than only through acquisitions. Recent home-grown examples include application experience analytics, which helps to improve the user experience of mobile applications as well as application monitoring tools. We have also invested in products that we have acquired to improve our competitive advantage.

The second dimension is that, historically, CA has made acquisitions based on running the maintenance base for profit. Now, they are made for growth. We have a 40-year history, so there is always a temptation to look backwards, but our focus is to look forward. The most recent Veracode and Automic acquisitions, for example, were all about providing a SaaS-basedsecurity platform and workload automation management, respectively.

The final dimension is that the culture and DNA I talked about gives us a framework to attract talent that fits into CA. It also acts as a means of making existing teams proud of working for CA. Over the last couple of years, we have won awards for diversity and ethics, which make it great to represent CA.

How is CA rallying its employees around its culture and DNA, especially sales employees who may be more used to selling software with maintenance, rather than growth, in mind?

Mackay: In terms of rallying employees around our culture, the DNA is articulated on a consistent basis across the organisation. In APJ, we run a series of awards every quarter, in which individuals are nominated for each of the 10 DNA categories, and previous winners of the awards would vote in a blind judging process. As for the sales culture, we still have the underlying ethos of making our customers successful. We have a mantra across the board – and certainly in APJ – that we do not want to sell a single product where we don’t have a route to implementation success. So, if you sell software and that software isn’t deployed, the customer is not going to renew your business.

In the past year, we have maintained coverage for our largest customers through account directors who look after the entire customer lifecycle. We are also hunting for new customers that are one tier down in organisational size and are looking at specific product lines. So we have dedicated sales people for security, continuous delivery, agile operations, and so on. In the year that I’ve been here, we have put more emphasis on new business wins.

While the transformation at CA is ongoing, I understand that the mainframe is still a large part of its business. Where do you see that market going? Do you see CA slowly moving out of mainframes at some point?

Mackay: Everyone talks about the legacy mainframe business, but the mainframe is going to be here for many years to come. In the last quarter, we actually won a major deal for a new mainframe customer. The death of the mainframe is greatly exaggerated. It is a very slowly declining market on a worldwide basis, but we are continuing to invest in the mainframe, both in terms of organic products and acquisitions.

We are proud of our mainframe heritage, and our overall approach has been to embed the mainframe as part of our overall strategy and in our ability to support customers from mobile to mainframes. We have customers using the mainframe for high-volume transaction processing, and in many ways the mainframe is still the most reliable platform, especially if you are a bank with 50 million customers. At the same time, there are many things that a bank will want to bring to market in terms of customer experience and engaging fintech companies. We are one of the few companies that are still supporting the mainframe and will do so for years to come.

Read more about IT in APAC

And at the same time, would you help some of these customers move some mainframe applications to other platforms if need be?

Mackay: Absolutely. That is one of our great strengths. We have got this broad array of technologies that support multiple platforms. We have a particular emphasis on hybrid platforms – cloud, on-premise and mainframe – that caters to customers with different entry points as they gear up to become a modern software factory.

There are some customers who are becoming agile at scale, while others may want to move away from an internal legacy approach to embracing third parties, such as fintech companies using APIs and microservices. Then there are those with security concerns and are looking at things like access controls and identity management.

What are your thoughts on the dwindling pool of people who can support mainframes?

Mackay: I was trained as a COBOL programmer and a good one at that, so maybe I have a future career in mainframes! You’ve mentioned that the mainframe is associated with legacy technology, but some of the most interesting technologies we’re developing sit on the mainframe. We have just created a product called data content discovery, which solves the problem of data protection and sovereignty on the mainframe.

To attract more people to the mainframe, we need to change the legacy image of the mainframe, which is an extremely dynamic platform. We are doing that and trying to attract people into the market, and telling them that it is a perfectly acceptable route into a strong, dynamic career in the technology industry.

 

In practice: How customers are using Shielded Virtual Machines to secure data

You’ve read and heard a lot from Microsoft about the unprecedented security provided by Shielded Virtual Machines in Windows Server 2016, but how is this feature being used by real customers? We decided to round up a few customer stories for you, to illustrate the various real-world benefits being reported by users of Shielded VMs in Windows Server 2016.

  • Managed hosting you can trust: The most security-conscious organizations often resist hosted solutions for fear that the hoster will have access to their data. For Rackspace, one of the biggest names in managed hosting, this perception was a sales blocker… until it wasn’t. Using Shielded Virtual Machines in Windows Server 2016, augmented by Microsoft System Center 2016 and Microsoft Operations Management Suite for better security monitoring, Rackspace can move customers into a private cloud with the highest level of security assurance.
  • More security, less cost: Convergent Computing (CCO), a boutique IT consulting company based in San Francisco, likes to use the technologies it recommends to customers. An early adopter of Windows Server 2016, CCO has been pleased with the results. “With Shielded VMs, Host Guardian Service, and software-defined networking, we can cost-effectively give customers the most secure network possible,” says Rand Morimoto, the company’s president. “With previous versions of Windows Server, we could create isolated networks but at a much higher cost, because we had to double every component. With Windows Server 2016, we deliver the same tight security at half the cost.”
  • Stopping the enemy at the gate: While most VM security involves protecting virtual machines from unauthorized access and malicious code, up to now there has been little to prevent a bad actor from copying the VM and running it in an unsecured environment where all its data can be privately exfiltrated. “No one else has an answer to the problem of how to protect your virtual machines from compromised fabric credentials or, heaven forbid, compromised admins,” says Kenny Lowe, head of emerging technologies at Brightsolid, one of the leading datacenter hosting companies in Scotland. The Host Guardian Service (HGS) in Windows Server 2016 protects against this through an attestation service which ensures that only trusted Hyper-V hosts can run your Shielded VMs. This closes the door on security exploits that can occur via the storage system, the network, or even while your VM is being backed up.
  • Reduced regulatory costs: ModusLink Global Solutions helps companies across many industries manage supply chains and logistics. For many customers, ModusLink handles their end-customer credit card data and must comply with ever-changing payment information regulatory requirements. “With Shielded VMs, we’re able to reduce the scope of what needs to be reviewed by PCI auditors, because Shielded VMs encrypt the data,” says Andrew Hamlin, Manager of IT Infrastructure at ModusLink. “The use of Shielded VMs reduces our regulatory compliance costs. We can eliminate outside monitoring services, which delivers a significant savings, and our own lean staff can manage a larger datacenter footprint. By reducing our costs, we can put out more competitive bids, which helps us win more deals.”

For more information on implementing shielded VMs to comply with ISO 27001, PCI, and Fedramp standards, download our free compliance-mapping white paper.