Arvind Jain

Subscribe to Arvind Jain feed
My observations in IT, Business Services, Cloud, SaaS, Security, Product Management, Compliance and SOA.Arvind Jain
Updated: 7 hours 25 min ago

Thanks US Bank for all these appreciation eCards. Thanks Daniel Hoke !!

Wed, 2018-02-14 22:29
Sent: Monday, June 12, 2017 2:24 PM
To: Arvind Jain
From: Daniel Hoke
Core Value: We power potential

Sunday was the official launch of the next best action engine. The NBA engine powers potential for U.S. Bank and helps us to stay a step ahead. This is new for U.S. Bank and very much on the leading edge for the financial services industry.

This project was initiated in 2015 and thanks to your work, it launched on schedule with all the expected features. This was a big undertaking, including having to first upgrade the CRM system to Microsoft Dynamics.

The point of all of my summary explanation is that the NBA launch is a big deal to U.S. Bank!
I am writing to personally recognize your role in making this happen. Thank you for your work behind the NBA launch!!!

Daniel Hoke

Keep the recognition going, click here to access The Best In Us Appreciation System.

When it comes to issuing eCards no body beats US Bank

Wed, 2018-02-14 22:26
  Sent: Tuesday, June 13, 2017 3:24 PM
To: Arvind Jain
From: Deepak Nair
Core Value: We stay a step ahead

Thank you for your commitment to helping us close out ETM testing. Because of your dedication, even on weekends to help us move this forward, we have delivered with such high speed and quality. This was a great sign of team work and dedication. Thank you for all the support and help!


Keep the recognition going, click here to access The Best In Us Appreciation System.

Marketing Operations Team – Mantra

Mon, 2017-10-30 19:44
Marketing Operations Team Mantra , in one slideI was recently invited to present on my best practices for running a Marketing Ops team.

During the conversations and presentation I realized that sooner or later everyone needs efficient operations to be viable.  Big or small, Pre IPO or a public company, you need to be able to measure how you are doing and then only you can improve upon it.

With all the modern tools available, there is a lot of confusion out there. So it was a long conversation but here is a quick take away summary of my presentation in one slide below.

What else would you look at ? Please comment.

Image credits:  Anthony Powell's article "Efficient Marketing Operations with Data Management"

US Bank executive team awards Cognizant Team on successful NBA Project Implementation.

Fri, 2017-10-27 19:09

I am glad to share some pictures from a recent San Francisco event where US Bank top executives recognized and awarded Cognizant NBA team for successful Production delivery of NBA on Adobe Marketing Cloud.

All those nights and weekend of labor is gone now but it also signals that new challenges and opportunities await for me and my team as it is mainly production and operations support from now on .....

Reality hits me home, with aging parents and uncertainties of life. I learn about OPLL

Mon, 2017-01-09 16:11
I never thought that I will be writing out something way outside my comfort zone of IT technology.

But a recent mishap accident with my father has made me realize that there are far more difficult and significant things in life than I had yet to confront and I was not prepared to handle it alone.

Diwali the festival of lights had just gone by and we were all in a cheerful mood. My brother and his family were back home in India and the grand parents were having a good time with grand kids. My dad has just returned back to India after a pleasant three month stay with me here in USA.  

Then came the scary Halloween trick for me. On a fateful day of Oct 30th 2016, just after Diwali in Bhilai, India my dad slipped and fell and the back of his neck hit the swing base. It was not a major accident by external measures, no external bleeding or wound, but it was severe enough to compress the nerves to a point were he could not move or stand up. He was lying on the floor, lifeless and could not move his both legs and one hand.

He was fortunately able to make an audible alarm and was picked up , lifted and transported to hospital.  He was immediately admitted to Bhilai Sec-9 hospital in Chhattisgarh, India. There it was diagnosed that he already had a case of OPLL () and this fall and immobility are symptoms of  a final breakdown.

OPLL is a calcification of the soft tissues that connect the spinal bones which results in a narrowing of the spinal canal and compression of the cervical spinal cord.

The cause of OPLL is unclear and I could not get a certain answer from anyone, but was told that people of Asian heritage especially Japanese have a higher likelihood of developing OPLL. Also more men seem to be affected than women.
OPLL SymptomsMost patients with OPLL are asymptomatic with no symptoms at all, but others may experience mild pain and numbness in the arms and/or legs to complete numbness in the extremities. The symptoms are similar to those of cervical cord compression.
Treatment of OPLLThis depends on the stage of OPLL and in my case , my dad is at stage 4 and that is the severest stage. Conservative treatment like activity modification and exercises may help relieve the pain caused by OPLL but I was told that open spine surgery is required.

If pressure is not relieved on the spinal cord then future damage and loss of neurological function is very much possible. At sec 1 Bhilai hospital, my brother was told that this may affect respiratory functions as well. So they advised immediate surgery and there is a major risk when you open up the spine.

Since then in last 2 months we have gone through many things and are working on getting this thing taken care of. It is a big help that my brother is back home in India and can execute on many on site things.  Simple things like opening zipper or buttons that we take granted for in life start to seem like mammoth tasks. What you can do in person on site, is a significant thing in such circumstances.

I would like to thanks and credit the following websites for some of my research. Indian Government portal surprisingly had a good amount of research papers at NCBI.

We have undergone surgery since then and in future articles I will share more details, but if anyone is in similar situation, I will be glad to share detailed notes. I was helped by many known and unknown people so my heartfelt thanks goes out to them and I plan to pay it forward.



Micro segmenting using Adobe Target leading to personalization

Thu, 2016-12-01 20:34
Using DMP and DSP tools like Adobe Target, Adobe Audience Manager, LiveRamp.. you can practically (not legally) deliver real-time personalization. What they really do is micro targeting / micro segmentation. But today it has reached that fine level of granularity where ads / messaging shown to end users have started looking creepy. We are being watched all the time.

Realtime micro targeting is possible, in the same way as it is with any other type of CRM data - data is pre-loaded into Adobe Audience manager (AAM) and as soon as AAM sees that particular user in realtime, it can show specific segment messaging based on their segment qualification. They key here is how finely you define your segments. The more micro targeting you do, the more personal the message will appear.

The thing that is not realtime is sending CRM data to AAM, but once the data is dropped to AAM it is available later for real-time use after some sync duration.

Thanks for reading


How can companies prevent cyber attacks like that of Dec 2013 Target credit card data theft ?

Fri, 2014-01-24 18:07
1//24/2014 By: Arvind Jain

By now we all know that passionate hackers are very smart and they will always have a edge over whatever known systems we can create (Firewall, IPS etc). Even the best SIO (Security Intelligence Operations) team cannot possibly know of each and every malware in advance so a traditional approach of IPS or Malware detection based on signature is so stone age thing now.

So what could have been done at Target? I am sure many experts are pondering over it but here is my simple thinking. A combination of proactive people, process and tools would have prevented it.

We need people for behavior analysis or analytics.  BlackPOS creators and Hackers in general know what a Firewall can do. So they timed data transfer to normal business hours, merged it with FTP traffic and used internal dump servers in Targets own network. This is what I gathered from iSight comment in the WSJ article today.

"ISight, hired by the Secret Service and Department of Homeland Security to help with the investigation, said the bug had a "zero percent antivirus detection rate," meaning even updated security software couldn't tell it was harmful.  So a endpoint security system or antivirus software would also have been ineffective to detect the malware.

This is where you need a joint effort on part of system, people, and process to detect anomalies.  Something like a Cyber Threat Defense solution (like the one offered by Cisco) is a good way to detect patterns and flag them.

The hack involved several tools, a Trojan horse scanned the point-of-sale system's memory for card data which was stored unencrypted in memmory. Another logged when the stolen data was stashed inside Target's network. Yet another sent the stolen data to a computer outside the company. The coordination of those functions was complex and sophisticated, but could have been easily seen as an anomalous pattern.

Like if there is traffic jammed up in freeway you know something is wrong ahead. For that matter if all traffic goes to a different side than normal for that route then also you know something is not right. To detect anomalous activity, you have to look at traffic timing, volume, direction etc. to detect activity.

These are good indicator that something has happened and potentially it requires immediate attention from people and processes. You could then take the traffic flow (using a tool like NetFlow) and look for anomalous traffic patterns.  You would have encountered something that is never before seen and that would have triggered deep packet inspection of dump files.

Typically Malwares siphoned data and stored it in local Intranet (to disguise it as internal traffic over a temporary NetBIOS share to an internal host inside the compromised network) and then attempt to send the data to the attacker over a legitimate call like via FTP or HTTP.  Compromised data was collected in .DLL files (in this case, track data, which includes all of the information within the magnetic strip) and is periodically relayed to an affected “dump” server over a temporary NetBIOS share drive.  In this particular case the DLLs weren't malicious (they just contained normal data so no system could have tracked it without insight from people or Target IT staff).

Tools like Lancope StealthWatch help you detect such anomaly. The dump server was not a host that the POS systems were required to communicate with. So when POS systems attempt to communicate to one another or to a unidentified server a Host Lock Violation alarm is generated. Similarly once the data started to be sent to the dump server, it could have triggered a Relationship High Traffic or potentially a Relationship New Flows alarm.

Internet Control Message Protocol (ICMP) is one of the main protocols of the Internet Protocol Suite used by network devices, like routers, to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached. ICMP anomalies can be detected using network-monitoring tools provided by companies like Cisco or its recent acquisition

So you do have all the tools at your disposal, all that was needed was a good brain with commonsense to do correlation between the series of activities that were happening anomalously and could have been detected by monitoring tools.


Of course if you do not have time for all these or the tools or the in-house security expertise, Cisco Advanced Services for Managed Cyber Security is at your service. Feel free to reach out to me for recommendations.


What is behind these recent acquisitions by Palo Alto Networks and FireEye ? Domain Talent and Virtualization

Tue, 2014-01-14 20:17

Security is a red hot fascinating sector right now, acquisitions are happening left and right and I have stopped trying to do a financial valuation, there is something else happening. When money is cheap, I see these acquisitions happening as a race to get ahead with talent and new technology. But payoff will come for those who are first with economies of scale.

The two outstanding reasons for these acquisitions in my opinion are Virtualization in Security and Talent with domain expertise. Many security startup are focusing on use of in-situ virtual sandboxes to investigate suspicious files to detect malware before letting them loose in the main network.

Blue Coat Systems acquired Norman Shark, which had developed a sandboxing technology platform for malware analysis.  Palo Alto network acquired Morta Security  (CEO Raj Shah) a Silicon Valley-based security startup to bolster its cloud-based WildFire malware inspection technology. Aim was to get NSA talent as well as the virtualization technology. A week earlier FireEye acquired Mandiant which provides endpoint security software and is well known for its threat intelligence research and incident response services.

So what next ….. I am waiting to see some big - Bigdata plus Security related acquisitions and they are coming sooner than you will expect ….

Safe Surfing …

A day in Kunming China

Sun, 2013-11-17 09:08
Kunming is a important location for transit passengers traveling via China Eastern.I had a unplanned 24 hour stay and I am glad that I found a reasonable accommodation. So for those that are looking for simple, straightforward transit stay in Kunming,  Dhaka Hotel Ph# 135 2933 2392 is a good option if you are within a budget. They have WiFi, Airport Transfer and South Asian food options.

Complete Gross Margin improvement framework

Tue, 2013-05-28 00:48

Posted above is a time tested framework for significant gross margin improvement to your business unit's overall gross margin.

Simple but very powerful. If you can deploy these buckets wisely then GM savings can be anywhere in thousands or millions .. depending on your operations scale.


Pricing strategies for services

Thu, 2013-05-02 00:11

How can a services provider (Advanced Services, Technical Services or Professional Services) make sure it has priced its services just right?
There are three ways to do pricing
1)      Cost Plus
2)      EVC (Economic Value to Customer)
3)      Competitive Marketplace

Just going by Cost Plus, you leave money on table. EVC is theoretically best pricing but you cannot price case by case (so you set list price and give discounts to adjust for case by case basis). Competitive Marketplace is what most people do but then you are treating your services as commodity.

I suggest that you follow a more methodical approach about pricing strategies for services.
1)      Creating a pricing model, which takes into account your fixed costs and business strategy.  A baseline formula would let you know what price range is NOT feasible.  Say your prices will not be less than this amount so that you maintain your Gross Margin and survive in the industry.

2)      Break down your costs into buckets (Server, support, manpower, gas, commute, task time, delivery model and expertise) and then have a variable formulae based on weightage to what you have in plenty and what is scarce for you.

Research your industry (business cycle, technology trend)

Research your customers (segment the market, are you their strategic partner, long term potential).

There is a constant pressure on services to invest in new practice areas, either because these investments would help meet business unit sales quotas or because the business units need more people/partners out there, evangelizing new sort of technologies. Evaluate those opportunities so as to keep your costs low.

Five pillars of Gross Margin Improvement

Mon, 2013-04-22 17:00

When growth comes to standstill or products start to become commodity …nothing else matters as much as maintaining your Gross Margin.

A company can have stagnant revenue but Wall Street will still reward it's shares if it show profitability growth and how do you do it? Look no further than Gross Margin.

Essentially the five pillars of Gross Margin improvement are:

  1. Financial Planning
  2. Operational Effectiveness
  3. Pricing Optimization
  4. Product Management
  5. Sales Effectiveness
Want to know more? I am working on a Gross Margin play book. Drop me a note and will be glad to share.

Operational effectiveness as a Gross Margin tool

Mon, 2013-04-22 15:54
Effective Operations can help your company move in the right direction w.r.t. Gross Margin.

The 8 top most things that come to my mind when we look at GM in high-tech industry from an operations perspective are (in no order of importance).

Operational Effectiveness
NMS - (Fixed + variable) OthersPortfolio AlignmentNMS - Freight SavingsOver HeadTransformation SavingsSupplier SavingsProduct and Theater MixRoyalty Management

We will drill down into each some other day in a white paper.

How is SaaS Product Management different from traditional Product Management?

Tue, 2010-02-23 00:27
As Enterprise Architects we are inclined to always question that how a particular technical architecture is going to benefit business strategy of my company. In the same thoughts I had a debate with my colleague that Product Management for a SaaS or Cloud based product is very different than a traditional approach to product management.

As SOA Architect I can see some of the challenges with reuse or creating global services. So here are some of the key differences between traditional product management vs SaaS product management, that I can think of. Please comment your thoughts or elaborate more.

In Saas product management you have to worry about all these additional things,

1) Data Management of customer data (Backup, recovery, export, migration)
2) Additional security around Access & Authorization
3) You earn your money every day and every moment, so it is not a traditional sell once and forget till the next new producty is available. If you fail customers may not and will not renew the subscription. So you have to develop SaaS with some stickiness feature like creating a website with lowest bounce rate and higher CTR (click through rate). so that there is highest probability of customers renewing.
4) Special considerations for On Demand / Multi Tenacy of the product / solution.
5) Much higer emphasis on Disaster Recovery, Peak Load and High Availablity.
6) One size does not fit all, so how would you provide innovation in cloud? How to empower customers in cloud so that they can maintain their cuttting edge by intelligent customizations.

I am thinking there will be additional issues like Multi Tenant Pricing that will be of concern (based on usage pattern, product differentiation etc.) so please comment your thoughts or elaborate more if you can.

MIT South Asian Alumni Association - MBA Panel Discussion

Tue, 2010-02-09 01:42
MIT South Asian Alumni Association had invited me to a panel discussion at the Stanford University campus to share my MBA experience and guide future business school applicants. It was a good debate and most importantly I belive the assosciation is doing a great service to public. More details can be found here

Some very interesting Web 2.0 Links that can help in Smart Marketing & positioning

Sun, 2010-01-24 17:53

This page contains links to some very interesting websites that I use as part of my Product Marketing SEO tasks, they help you gain strategic edge using IT (information technology). Anyone interested in Search Engine Marketing (SEM) must pay attention to these tools:

  • Google Trends - find temporal trends in search word usage on the internet
  • Google Insights for Search - estimate relative importance of search terms with trends by geographical regions

  • Google Analytics - web analytics solution that gives insight into your website traffic and marketing effectiveness

  • Quantcast - monitor website traffic and effectiveness of marketing communications to customers. This give Demographics info of Visitors. You can also use Microsoft AdCenterLabs to analyze demographics.
  • Hitwise - ISP data, can be used to analyze how people get to, spend time in and depart from websites, large sample size

  • Alexa - web traffic metrics based on voluntary anonymous tracking of people who have signed up for free, large sample size
  • Comscore - web traffic metrics based on voluntary tracking of people who have signed up for a fee, gives much more detailed information but sample size is small

  • CrazyEgg - Click density analysis, find out where people are clicking on your webpage (is your design driving people to the right place?)  
When you use Google AdWords be sure to use Ad Preview Tool at

Landmark achievement for my team - Cisco announced as overall winner for SOA implementation award by CIO magazine and SOA Consortium.

Mon, 2009-11-02 20:13
Landmark achievement for my team - Cisco announced as overall winner for SOA implementation award by CIO magazine and SOA Consortium.

Cisco SOA Team Wins SOA Consortium / CIO Magazine Award

Cisco has been selected as the overall winner of the 2009 CIO Magazine “SOA Case Study Competition“ organized by the SOA Consortium. Please see detailed news article here.

Cisco was recognized by industry experts for its SOA initiatives, platform and implementation successes.
The SOA Case Study Competition highlights business success stories and lessons learned to provide proof points and insights for other organizations considering or pursuing SOA adoption. The contest was open to organizations of all sizes, including government agencies that have successfully delivered business or mission value using an SOA approach.
CIO Magazine, launched in 1987, produces award-winning content and community resources for information technology executives. The SOA Consortium is a group of renowned industry experts and practitioners, who through the years honor companies for outstanding achievement with this award.

If you are interested in the case study then please contact me offline at

How to configure Standalone Fuego BEA Aqualogic Oracle BPM Studio to work with Secure Web Services?

Mon, 2009-01-26 18:00
While evaluating BEA BPM Studio I had to struggle a bit with how to configure Standalone Fuego BEA Aqualogic Oracle BPM Studio .... I am trying to give credit to all companies here :) to work with Secure Web Services?
Now I have secured web services orchestrated and also using encryption in my BPM Processes. Here is the meat of the matter ...
In order to communicate with secured webservices using SSL encryption (those with WSDL end point starting as https:// ) you need to have certificates from those servers installed in your keystore.
For BPM Standalone these are the steps. And before you begin set JAVA_HOME to C:\OraBPMStudioHome\eclipse\jre if you have not done so already.
1. Download the .cer file from server. (One way is you can use IE browser to get that file and export it from browser to a local directory)
2. Put this file in %JAVA_HOME%\jre\lib\security. You can put it anywhere you want.
3. Run the following command at a command prompt:
C:\Program Files\Java\jre1.6.0_02\bin>keytool -import -trustcacerts -alias <CERT ALIAS NAME> -keystore ..\lib\security\cacerts -file ..\lib\security\gd_<cert file name>.cer
4. You will be prompted for a password. If you have not changed the password, it will be "changeit".
5. You will then get the following message if all is successful - "Certificate was added to keystore".
6. Restart Tomcat (inbuilt server in BPM Studio).
This should solve your problem.
Pls note that if you have not configured your keyStore then first do so. you will find this document handy to do so.
Quick tip: To see a list of keys in keystore
%JAVA_HOME%\bin\keytool -list -keystore ..\lib\security\cacerts

Switched from Oracle BEA BPM Enterprise Version (on Weblogic) to the Standalone Version for Evaluation Purposes.

Wed, 2008-12-03 19:03
Last week was a very short week during which I tried to install an Enterprise BEA BPM on Weblogic. There were a lot of configurations needed for Enterprise WebLogic Edition (Directory Server, Database, Deployment within the WebLogic JVM etc). I have listed the steps below.
It was taking too much time and was not very straightforward. I had to ensure that I have installed and configured the BEA WebLogic application server properly even before I could debug & play with the BPM engine.
<?xml:namespace prefix = o />

At end of last Tuesday I made a call to switch to Enterprise Standalone but the efforts put in were good learning and useful for Standalone Installation as well. So for the purpose of proceeding with evaluation going forward I have shifted to Enterprise Standalone Version as my focus is BPM.

Some learnings or observations .... On the Oracle website they refer to downloading Oracle BPM <?xml:namespace prefix = st1 />Enterprise Administration Guide.pdf but in real scenario there was no such file name. I realized that it was same as Oracle BPM Admin Guide.pdf and the same goes for configuration guide as well. So will not get confused in future :)

Ok so with the ultimate aim being to Deploying and Publishing a New BPM Project I had to go through a series of steps. (For standalone I needed a much smaller set but the practice and drill was worthwhile learning in terms of infrastructure and operationalization of product.

The whole list of steps:

  1. Creating Directory Service ( need to configure Directory Database Schema)
  2. Creating a Process Execution Engine ( need to configure a separate Execution Engine Database Schema)
  3. Configuring Weblogic Server
  4. Creating Weblogic Server Domain
  5. Create Oracle BPM Deploy User
  6. Installing Oracle BPM Deployer
  7. Creating JDBC Data Sources on BEA Weblogic Server
  8. Creating JMS Server, Module & Resources
  9. Configuring the Deployer and Deployment Targets
  10. Enabling Clustering
  11. Building and Deploying Application EAR Files
  12. Deploying and Publishing a New BPM Project

As of now I have Standalone Enterprise BEA BPM configured with Directory (Oracle 10g DB). Engine DB configuration has some issues due to privileges. Make sure you have a friendly DBA to help out.

I am trying to come up with a set of use cases to test out different features.

More next week as I try to put together a list of features .. dully prioritized that I will like to test out.

If you have a challenge for me ...Bring it ON :)

Currently evaluating Oracle BPM 10gR3

Fri, 2008-11-21 15:49

For the next one month I want to be critically evaluating Oracle BPM 10gR3. 


Yes this is the new face and name of  BEA Aqualogic BPM 6.5 , now with Oraclelization it is called as Oracle BPM 10gR3. Too early to make a comment.


My aim is to see how well Oracle has leveraged and integrated the BEA Aqua logic BPM products with its other products to offer a complete suite.<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />


Getting started was easy .... Installed Oracle BPM Studio  from the link below. To get started

Please visit:

Here you will find download link – for initially getting your feet wet purposes, download of studio should suffice. Also, there is a tutorial and link to docs.


Installation was smooth, took around 60 Minutes. I referred to this site for the product documentation


One glitch ....

It took me 20 minutes to figure out why the "Launch Workspace" icon was disabled. Figured out that after designing the process I had unfortunately clicked on either "outline" or the "Log Pane" that exist below and clicking on those panes dynamical change the Menu and disable certain icons.


More later