Dell info chief outlines acquisition challenges

Dell has been going through a busy period of acquisition. In January, in its most recent announcement, the company said it had completed the takeover of security-as-a-service firm SecureWorks.

That purchase followed a string of planned acquisitions, including medical-imaging archive company InSite One and software-as-a-service specialist Boomi.

ZDNet UK caught up with Dell chief information officer Robin Johnson to put to him customer concerns about the impact of these acquisitions — as well as to canvass his views on security and the effects of UK and US austerity on business.

Q: Dell has made a number of recent acquisitions. How much of a challenge is integrating those technologies into Dell?
A: It's about the enterprise efficiency story. I deal with seven major business units, each adding new apps. When new acquisitions come in, their labs are different, and every business is unique. We're trying, as an IT leader, to figure out what drives business models, and acquisitions are really an extension of that. People get wrapped up in integration — it's difficult work, but a simple concept. It's trying to take systems, put them into the portfolio, and rationalise them into the core company.

People get wrapped up in integration. It's trying to take systems, put them into the portfolio, and rationalise them into the core company.

SecureWorks is a security company in the financial services sector. Has Dell talked to customers to gauge any concerns about the acquisition?
I personally haven't been out to customers, but Dell and SecureWorks have been out to their customer base. The big interest in the customer base has been in terms of how we run our own IT shop.

What kinds of concerns do those customers have? I was [previously employed] with a number of banks in the UK and in Holland. A lot of risk is whether companies will still be around — they want to know whether [the service] will still be around in five to seven years' time. Obviously that's not an issue with Dell.

Do banking customers not worry about service disruption due to integration?
Generally the questions aren't around integration. We all know it's hard; we all know it's complex. In the banking community, most organisations are pretty astute to the IT challenge. It's always an intellectual conversation. You don't generally get asked the question, "Will integration increase risks?" Generally, the questions are about whether the product line will still be there. Things like escrow elements get discussed.

Many governments are focused on risks to critical infrastructure through cyberattack at the moment. What are your views on the security of financial organisations?
I think there have been a couple of evolutions. Companies always took security pretty seriously. My career has been in FTSE 100 companies — [Marks and Spencer] in the UK, Ernst & Young, Safeway in the US, Dell. Both reputational risk and doing the right thing have been on the agenda for as long as I've been in the industry — which is 23 years.

In the past five or six years in the UK, with Sarbanes-Oxley and PCI DSS, we've seen much tougher rules centred around the protection of networks, the protection and care of systems, and traceability. I would say there has been a tightening-up and a standardisation of expectation. The Data Protection Act has done the industry good — industry has got better. Companies want data protection — look at the reputational impact on companies that have a leak.

This [concern] is not limited to critical infrastructure. There are a lot of conversations about where data will reside. Networks are at an early stage on a global basis. I think as more of the world uses electronic technologies, there will be...

...more rules and regulations. When I started in business, sales reps went to customers, then came back and entered orders into the back office. Now sales reps are taking orders on PCs. The entirety of business processes is dependent on technology. As people make more systems, we will see more regulation.

As much as we've done, there's still a lot to do. The day we've got it all — and perfect — there will be not a lot of growth left.

When commerce went to the internet, we saw an explosion of attacks. Most are relatively simple, and technology can deal with most of that. Something like one tenth of one percent of attacks are very sophisticated, and are probably to do with organised crime.

Security is often characterised as an arms race. Have technological defences kept up with attacks?
Technology has kept pace with outside attacks, but many major data leaks are because of stuff that's been lost in the mail. Technology is doing a pretty good job, but we can't be complacent. The sophistication of attacks is constantly evolving, just as the tech to deal with them is evolving. Hackers are intrigued, and like to see if they can break technology. Crime follows the cash. It always has, and it always will.

How does Dell test its products to see if they are up to scratch?
Products go through our product group testing and methodology. Dell IT is one of the largest and best of large corporate IT departments, and yes, we do test the products in the organisation. We can describe issues at a roadmap stage, and have a good customer perspective as we're not biased. We run Dell on Dell.

The global economy is still slow. In the UK, the government is attempting to implement austerity measures. Has this climate affected Dell's acquisitions strategy?
There are still gaps in our portfolio. I'm not going to pretend we don't use consultants. If you think of our infrastructure brand, there are clearly more services in the IT community and geography where we need to fill in the gaps. As much as we've done, there's still a lot to do. The day we've got it all — and perfect — there will be not a lot of growth left. I think there's a lot of room to grow. I'm not going to go into how much money is in the bank at Dell.

What business challenges are you facing at the moment?
Fundamentally I run two organisations: a fixed-cost organisation and development. The only thing I can do with the fixed-cost side is to make it run faster, better and cheaper. The other side of the company is development — that's the stuff that will enable the company to grow and compete.

For the past 30 months we have run at 1.74 percent of revenue, and we run pretty lean — the industry average is 2.6 percent of revenue. The upcoming budget will be about 1.35 percent of revenue, which is about a $300m drop.

In the year finishing the end of January, we spend 52 percent of IT budget on development, and 48 percent on keeping the lights on. We have used heavy standardisation to drive world-leading cost reductions. We focused on freeing up spending through a combination of virtualisation, SAN tiering, and datacentre consolidation.