The PCI Security Standards Council released the summary of changes for the new version of PCI — 2.0. Merchants, you can quit holding your breath as this document is a yawner — as we’ve long suspected it would be. In fact, to call it 2.0 is a real stretch as it seems to be filled — as promised by earlier briefings with the PCI SSC — merely with additional guidance and clarifications. Jeff, over at the PCI Guru, has a great review of the summary doc so I won’t try to duplicate his detailed analysis. The most helpful part of the doc is an acknowledgement that more guidance on virtualization — the one function per server stuff — will finally be addressed.
Suffice it to say, it doesn’t look good for all those DLP vendors looking for Santa Compliance to leave them a little gift under the tree this year. I’ve been hearing hopeful rumors (that I assume start within the bowels of DLP vendor marketing departments) that PCI would require DLP in the next version. Looks like it’s going to be a three year wait to see if Santa will finally stop by their house.
Remember that this is a summary of changes so there’s not that much meat yet. The actual standard will be pre-released early next month with the final standard coming out after the European Community Meeting in October.
I recently recorded a podcast with GlaxoSmithKline (GSK), the global pharmaceutical company, and their success story of implementing a PC power management initiative that is expected to cut energy costs by ~$1 million per year. While these savings alone should impress any IT executive – especially IT infrastructure and operations professionals who manage PCs – what I found so unique about their story came through my conversation with Matt Bartow, business analyst in GSK’s research and development IT organization, who led this initiative. In particular, GSK is a great example of how “empowering” staff to innovate can industrialize IT operations leading to significant cost savings andgreen IT benefits.
GSK’s success with PC power management is an outcome of the inspired management style advocated in Forrester’s upcoming book, Empowered. By proactively calling on their employees to spur innovation, GSK tapped into one of their greatest inventive resources – staff, like Matt Bartow, who Forrester would consider a highly empowered and resourceful operative (HERO). But as Empowered explains, HEROes can’t succeed without support from management. By initiating the innovation challenge, GSK’s IT leadership not only identified HEROes in their organization but sourced innovative ideas at the same time. From there, the use of social media technology – in this case, using a wiki-type website with voting capabilities – made it simple for GSK staff to participate while giving them a “say” in the selection process.
So how exactly did PC power management become an IT priority at GSK?
Q3 is always a very exciting quarter for the market research team at Forrester. Not only do we analyze, write and publish our annual State Of Consumers And Technology Benchmark report (which my colleague Jackie Anderson is very busy with at the moment), but we also start analyzing our annual reports looking specifically at consumers' online behavior. In Q3 we will first publish the US version of the document, followed by European, Asia Pacific, and LATAM versions later in the year. These reports are internally referenced as “the Deep Dive” reports, not only for the level of detail these reports contain but also because of the depth of analysis included. What really makes these reports unique is that they're similar in setup, making it possible to compare online consumer behavior across regions and within regions.
For example, our 2009 APAC Deep Dive report shows that Asia Pacific consumers are active Internet users compared with North American and European consumers but that their interests and activities varied greatly. And within Asia Pacific it's definitely not one-size-fits-all: The following graphic shows for example how the different countries vary in their uptake of media and entertainment activities:
I’ve been getting a number of inquiries recently regarding benchmarking potential savings from consolidating multiple physical servers onto a smaller number of servers using VMs, usually VMware. The variations in the complexity of the existing versus new infrastructures, operating environments, and applications under consideration make it impossible to come up with consistent rules of thumb, and in most cases, also make it very difficult to predict with any accuracy what the final outcome will be absent a very tedious modeling exercise.
However, the major variables that influence the puzzle remain relatively constant, giving us the ability to at least set out a framework to help analyze potential consolidation projects. This list usually includes:
As green IT plans persist through 2010, I'm starting to receive questions from IT infrastructure and operations professionals — particularly data center managers — about the use of cleaner energy sources (e.g. wind, solar, fuel cells, hydro) to power their data center facilities. So when Google recently announced its purchase of 114 megawatts of wind power capacity for the next 20 years from a wind farm in Iowa, I got excited, hopeful of a credible example I could refer to.
But as it turns out, Google will not be using this wind energy to power its data centers. . . yet. Despite Google stating that the wind capacity is enough to power several data centers, their Senior Vice President of Operations, Urs Hoelzle, explains that, "We cannot use this energy directly, so we're reselling it back to the grid in the regional spot market." I confirmed this in electronic conversations with two other industry insiders, Martin LaMonica (CNET News) and Lora Kolodny (GreenTech), who also covered the announcement.
And it's unfortunate since Google's $600 million data center in Council Bluffs, Iowa could likely benefit from the greener, and possibly cheaper, wind energy. But Iowa is a large state and it's likely that distribution of the wind energy is an issue since the Council Bluffs data center appears to be well over a 100 miles away from their wind farms several counties away.
We’ve all heard software reps blame “revenue recognition” and “Sarbanes-Oxley” as an excuse for not giving an extra discount or contractual concession. IT sourcing professionals may now hear “GSA Rules” and the “False Claims Act” cited as similar justification: “We didn’t give that concession to the government, so we can’t give it to you.” Could that be the worrying unintended consequence of the Justice Department’s action against Oracle: http:/searchoracle.techtarget.com/news/2240019712/US-government-sues-Oracle-for-tens-of-millions-of-dollars?
I can’t comment on the details of the Oracle case, but I’m sure it is complex and two-sided. For instance, I’ve helped clients negotiate reasonable compromises with Oracle to handle special circumstances that won’t apply to many other organizations. These may have involved an extra discretionary discount, if Oracle didn’t have a programmatic way to handle the exception. I wouldn’t expect to get the same concession or discount for another client to whom those special circumstances didn’t apply. For example, this report describes one issue that is particularly important to public sector agencies, but whose impact varies widely: Do Your Software Contracts Permit External Use?
Our new book, Empowered, will be in book stores on September 14. But for a real-world conversation about what it means to unleash employees to solve customer problems using readily available technology, come to our Content & Collaboration Forum in Maryland just outside of Washington, D.C. on October 7 and 8.
Yes, this is a pitch to come to a Forrester event, but I promise you that it will be worth your time if you're looking for help with such Empowered topics as enterprise social, empowered employees, iPad in the enterprise, innovation, collaboration in the cloud, videoconferencing, and IT consumerization as well as deep dives into critical topics like search and taxonomy, enterprise content management, and what it means to be a content & collaboration leader.
You'll get two days of my Forrester analyst colleagues' presentations and face time as well as keynote presentations from some great and experienced content & collaboration executives. GM's Steve Sacho is way ahead of the curve in understanding how to turn consumerization from IT threat to business opportunity. Richard West of the defense firm, BAE Systems, is bringing his story of how investments in knowledge management and collaboration have empowered employees to work more efficiently together to solve customer problems. Both speakers as well as Zach Brand, head of all things interesting at NPR Digital Media (yes, that NPR), will share their stories, lessons, and experience.
You might think summer would be a good time to give acquisitions a break - to let things settle a bit. But the pace of key acquisitions continues and many deserve comment. Datacap, as we all know, is not new to IBM having many - probably 20 - joint customers. This helps shore up IBM's already packed ECM portfolio - which depended for capture on Kofax - and other partners like Datacap. The original capture assets, acquired with FileNet, were adequate but lacked forms processing and a distributed capture strategy. This acquisition plugs those gaps but more importantly provides a needed platform to overlay IBM's suite of analytics products to improve business processes with metadata extraction, document classification, and ultimately to bring text analytics to transactional business processes. Advanced capture will also help IBM in advancing areas of dynamic case management and medical records.
We published today The Future of Search Marketing; thank you to the many marketers and agencies who contributed to the research. There are a number of evolutions happening to search marketing now and in the coming three years, including:
More content and ways to search
Richer search engine interfaces and ads
Overlap with social and mobile
But what stood out to me as the real future of search marketing was that these changes will actually force search marketers to think more like business planners than like channel managers. Tactically speaking, this means thinking about “search marketing” as not just SEM and SEO but as an umbrella term that applies to using any targeted media to help an advertiser “get found” (including, perhaps, biddable display media, social networks, and mobile applications). Strategically, this means focusing more on user intent, your business reasons for using search (and not other media which also drives leads), and fostering collaboration and an awareness of the value of search across your organization.
Open source software (OSS) and business intelligence (BI) are two related market segments where Forrester sees continually increasing interest and adoption levels. BI specifically continues to be one of the top priorities on everyone's mind. The main reason? Enterprises that do not squeeze the last ounce of information out of their data stores and applications, and do not focus on getting strategic, tactical, and operational insight into their customers, products, and operations, risk falling behind competition. And when it comes to open source, 2009 could best be described as "the year IT professionals realized that open source runs their business." The reason is simple: Over the past few years, we've seen that developers adopt open source products tactically without the explicit approval of their managers. This has shown up in numerous surveys where the actual adoption of open source ranks higher than what IT managers report. Well no longer: Forrester's Enterprise And SMB Software Survey, North America And Europe, Q4 2009 shows that management has caught on to the fact that developers increasingly use open source to run key parts of their IT infrastructure. And management has grown increasingly comfortable with it. In fact, throughout 2009, most client inquiries Forrester received regarding open source were focused on how to move from tactical adoption to strategic exploitation.
Yet, when you put the 2 and 2 together (OSS and BI), you mostly get a mixed market, where one unfortunately has to compare apples to oranges. Why? Before plunging into a tool evaluation and selection process, ask yourself the following questions, and make sure you are doing a like-to-like comparison: