In our current print issue, editors Tim Wilson and Richard Hoffman spend some in-depth time with the IT staff at medical manufacturer MedicAlert, learning about their wide-ranging service-oriented architecture (SOA) project. Here, in a few easily-digested chunks, are five things you need to know about this leading-edge deployment. Make sure to read the pair of feature stories in their entirety to get the full story. It's an instructive one for enterprises looking to realize the full business value of SOA and Web services.

1. Rethink Information, Reinvent Your Business

MedicAlert had a huge repository of customer-managed data. But it was focused on its core business -- making ID bracelets. A new focus on opening up access to that data via Web services is turning the company into a primary provider of consumer health profiles, an entirely new business opportunity. "So we're no longer just for people who have a medical condition--we're for healthy people who'd like a safe and secure location to store their medical information," says Paul Kortschak, president and CEO of MedicAlert.

2. Know That SOA is Still Bleeding-Edge

MedicAlert is well-positioned to take advantage of its SOA work. But it wasn't an easy path. MedicAlert found that there's no commonly accepted template for building an SOA architecture. So its IT staff had to create one from scratch, which wasn't easy because the medical industry hasn't created any standards for Web services calls to medical records. Expect hard work ahead of the industry curve to make a major SOA splash today.

3. Make Mistakes -- In Testing

MedicAlert spent many of its early days reading, building prototypes and experimenting before it began production work. Even a successful demo before Congress was as much as anything an opportunity to learn what they didn't yet know. Says Jorge Mercado, consultant on the project: "After we did that demo, we realized, 'Wow, there's a lot of potential here.' And we also realized, 'Wow, we really screwed this up.' I wanted to make those mistakes, because I wanted to see what things we were doing wrong so that we could do them better. Then we saw that there was this whole SOA movement going on, and we realized that that was the way we wanted to go."

More on SOA: - Build a Better Enterprise Application - Workshop: SOA Demystified - British American Tobacco Builds an SOA Pipeline

4. SOA In a Nutshell

According to consultant Mercado, a service-oriented approach essentially consists of four major elements: identity access management, Web services management, business process integration and entity aggregation. Says Mercado: "The hard part is figuring out which of those four you can do first. We went after Web services management and BPI, because those were the two areas where we had some real problems in our legacy systems."

5. ROI and Payback

For its first major services-based app -- a USB memory key that MedicAlert synchs with company data stores via Web services -- MedicAlert estimates the total cost was just more than $1 million: $150,000 in software, $400,000 in hardware and about $500,000 in labor. The hardware costs were primarily the infrastructure upgrade the company undertook along with the Web services project. The company believes it can roll out new services more cheaply by taking advantage of the infrastructure it deployed and the lessons it learned with its initial SOA effort.

To get the whole story, read all about MedicAlert's SOA deployment:

Spyware: Get It Before It Gets You

There's got to be a better way to keep your system free of spyware than the scan/clean/remove method. Aluria Software thinks it's got one.

NWC reviews editor Jenny Zaino recently spoke to the Aluria's CEO about how users can proactively confront this digital scourge. Get the scoop in today's featured podcast.

Click here to listen to Jenny's podcast.

Listen to more podcasts at NWC Podcasts.

Cisco Revamps Security-Management Offerings
A new security-event manager will accept information from multiple vendors' security applications and networking equipment--including firewalls, routers, VPNs, and intrusion-prevention systems.

NWC's Take:
Big focus is on multi-vendor management, but Cisco stresses it's security management app isn't just for large enterprises -- mid-sized users will find much to like as well.

Security Watch: RSA Expo Sneak Preview
New products will abound in the endpoint and messaging security spaces, and attendees will learn about a sage named Aryabhatta.

NWC's Take:
Stay tuned all week for more from RSA -- starting here with news from Symantec, StillSecure, BorderWare and others.

Test Of Net Neutrality
Telecom companies want to change long-standing practices that treat all network traffic equally. Businesses could face application degradation-- or higher prices.

NWC's Take:
Look out, this battle is going to Capital Hill. Which means it won't be decided any time soon, but when it is, the impact could be large. Focus is on prioritizing some types of Internet traffic -- for instance video -- as well as finding an equitable way to de-prioritize other traffic -- most notably bulk, or spam, email.