How do you structure and manage an IT organization with exponential growth that is almost unfathomable–from a market capitalization of around $500 million USD in 2002 to $60 billion USD today, from a few thousand employees in 2002 to more than 56,000 several years later? This is the challenge Jason Wilkins undertook when he joined Xstrata as CIO.

When the current management team took over Xstrata in October 2001, it was a small, Swiss-listed mining company. With an aggressive acquisition strategy, the team adopted a decentralized business model, whereby autonomous units–Xstrata Copper, Xstrata Coal, Xstrata Zinc, Xstrata Nickel, Xstrata Alloys–maintain their own operations but are guided by a set of central frameworks and standards. "We believe in empowering the business units to operate themselves," Wilkins says. "However, this creates a number of challenges for IT. You end up with a bunch of IT islands and little or no connection or collaboration between each entity."

With this in mind, Wilkins and the executive management team created an innovative IT structure: his corporate team retains responsibility for IT strategy and governance, whereas IT operations reside with each geographically-based business unit. "My team establishes the frameworks and operational standards for each business unit, the policies, procedures, and connectivity that allows the independent business units to communicate effectively, securely, and seamlessly with each other as well as the corporate center," Wilkins explains. And at the end of the day, "adherence to these common frameworks and operational standards reduces the total cost of ownership."

Standard infrastructure, common toolsets

Upon his arrival in 2001, Wilkins recognized that a standard set of technologies and underlying infrastructure was pivotal to facilitating the company's acquisitive growth model. "We wanted rapid integration, a solid foundation–design it once, do it right, and use that framework for integrating new businesses," he notes. "We would only change it when–and if–the business or industry demanded modification."

Wilkins describes Xstrata's technology infrastructure as "its electricity and mortar–the network of communications, the Microsoft Active Directory, Microsoft Exchange, and various other standards and supporting tools." This underlying engine facilitates rapid integration of acquisitions and seamless business unit operations. "We established a de facto technology," Wilkins says. "Once an acquisition is complete, we initiate a transition project to move them over to the standard technology standards and underlying infrastructure. My team is the custodian and architects of this infrastructure foundation."

The complexity of the challenges facing Wilkins and his team becomes clear when the details of Xstrata's business are considered. "We have approximately 16,000 PCs in about 180 locations around the world," Wilkins reports. "The total IT headcount stands at 273 today, with 22 reporting directly to me and the remainder in each of these locations." Wilkins' team is responsible for IT strategy, whereas the local IT teams manage day-to-day IT operations.

As Wilkins and his team have built the underlying technology infrastructure, they've sought out technology providers that would support them through both solution deployments, as well as the ongoing integration of acquisitions. And while Wilkins adheres to the philosophy of not "putting all of his eggs in one basket," he also believes in building "partnerships" with his technology providers. One of the strategic technology providers he chose is Symantec.

Getting started

The genesis of the relationship between Symantec and Xstrata goes back to the adoption of Symantec Backup Exec for backup and recovery. Standardization on Symantec Backup Exec made sense since Xstrata runs Microsoft Windows across both its data center and PC environments.

The real work around establishing a standard infrastructure began in September 2002. Security was an important part of this larger initiative. "I've always said it, and I stand by it, security is critical," Wilkins says. "It is a bit like selling insurance. A customer thinks that her or his house will never burn down. However, if it does, they will be glad they had it."

Prospecting endpoint management

Endpoint management was an important factor as Wilkins compiled the different security-related solution pieces. In particular, he sought a standard toolset that would enable the IT team to install and manage standard images on machines and maintain patches on those machines. "Patching is not just about enhancements or bugs," he notes. "It is also about security issues."

Wilkins and his team initially selected Altiris Client Management Suite for managing their PC environment–one that grew from slightly more than 1,000 in 2002 to more than 16,000 today. They added Altiris Asset Management Solution in order to track software licenses and versions and more importantly, plan upgrades. For the initial deployment of the suite of Altiris products, the Xstrata team engaged Symantec Consulting Services for architectural direction and implementation support.

And as Xstrata has grown as an organization, Altiris has become a more strategic toolset for the Xstrata team. "A couple of our business units have leveraged Altiris Client Management Suite for SAP deployments," Wilkins notes. "These implementations had very tight timeframes, with little room for error." In one instance, a business unit sought to roll out SAP based on the installation of a very large GUI (based on the footprint on each PC). However, with Altiris Client Management Suite, the business unit IT team was able to seamlessly roll SAP out across 600 PCs. "Without the Altiris solution, the project would have been delayed, which would have been a massive issue," Wilkins states.

Because of their success using Altiris Client Management Suite, Wilkins and his team upgraded to Total Management Suite in order to gain access to the full suite of Altiris endpoint management products. Wilkins' team, along with select business unit IT teams, is finding several features particularly useful. First, they are leveraging Altiris Application Metering Solution to identify software utilization per license, and to determine if additional licensing expenditures are needed. Second, they are using Altiris Helpdesk Solution for incident management. As the solution is compliant with IT Information Library (ITIL) standards, it enables integration with the single-asset repository in the Configuration Management Database. Finally, they rely on Altiris Server Management Suite for deployment, management, and monitoring of data center servers.

Mining IT policy compliance

While Xstrata does not have compliance requirements related to Sarbanes-Oxley (SOX), Wilkins and his team have established a baseline around IT policy compliance issues. They implemented an initial solution using competitive software that simply didn't perform to their requirements regarding the need to set policies for servers, analyze them, and then score them against a policy baseline.

"The competitive solution simply didn't meet our needs," Wilkins reports. "We have stringent audit requirements, and both internal and external auditors come in and want to ensure that we're running our business both effectively and appropriately. Therefore, we created various policies, baselines, and frameworks and required an automated toolset to help ensure compliance with those."

After investigating several different solutions, Wilkins and his team migrated to Symantec Control Compliance Suite. As with the Altiris deployment, they solicited the help of Symantec Consulting Services with architectural issues and implementation support. "Symantec sells us solutions, not simply a product, and Symantec Consulting Services is part of that larger equation," Wilkins says.

The Control Compliance Suite implementation, which initially went into production in early 2007, allows the Xstrata team to generate standard reports on compliance issues across its corporate as well as geographically distributed IT environments. It includes compliance reporting across a heterogeneous environment: HP and EMC storage systems, more than 1,500 Microsoft Windows-based servers, Microsoft SQL Server and Oracle databases, and various applications and services. As with most other IT initiatives, standards once again come into play with the Control Compliance Suite deployment. "It provides us with an opportunity to ensure the integrity of our systems through a governance model that complies with ITIL and COBIT standards," Wilkins says.

Extracting the spam

Shortly after Wilkins assumed charge as CIO in 2001, he installed a mail relay solution for spam filtering. Over time, however, with continued growth in email volume and spam, the Xstrata team began to notice an influx of spam–8and even false positives. As a result, they decided to create a layered anti-spam solution by adding a mail server running Symantec Brightmail AntiSpam software in late 2006. "We had always managed spam well," Wilkins remembers, "but we began to experience a significant influx. The Brightmail solution allowed us to reduce our spam volume by 20 percent–with virtually no influx in false positives."

Archiving structured and unstructured data

Because of its acquisition strategy and accompanying increase in email volume, coupled with email data size due to an increase in rich content, messaging management became a pressing concern for Xstrata. "As a rapidly growing organization with an aggressive acquisition strategy, we had a growing amount of email data to manage," Wilkins says. "Email management became a significant issue for us. Employees tend to use it as an information repository." Business issues extended beyond email storage costs, as the growing amount of data was creating longer and longer Microsoft Exchange recovery times. The Xstrata team also wanted to go beyond archiving structured data to unstructured data such as file and print data.

In addition to the above, PST files were a problem; they were scattered across each of the different operating units. "Employees kept email almost indefinitely, and the enormity of PST files on many systems was creating performance issues with Microsoft Outlook," Wilkins recalls. "In addition, we needed to archive the PST files, which were scattered across approximately 16,000 systems, in order to reduce our risk."

One of the business units in Australia had been using Symantec Enterprise Vault for archiving Microsoft Exchange email, and, based on this positive experience, Wilkins decided to purchase the solution. In early 2007, the Xstrata team collaborated with Symantec Consulting Services to roll out Enterprise Vault across each of its locations. The rollout also included ingestion of PST files for every employee in each location. "We brought all of the PST files into centralized offline stores," Wilkins says. "We no longer have concerns about email data being lost or leaked."