We just published my latest research, the Forrester Wave: SaaS Web Content Security, Q2 2015. Forrester categorizes web gateways/forward proxies into this web content security category. I did something different with this evaluation, instead of looking at on-premise appliances; I only evaluated the SaaS deployment model. If a vendor didn't have a SaaS delivery model, we didn't include them in the Wave.
The decision to focus this wave on the SaaS model, wasn't popular with some of the vendors we evaluated. The majority of vendors who sell web proxies lead with the on-premises delivery model and relegate SaaS to a niche deployment option. As users, their endpoints, and their applications move outside the perimeter and into the cloud, the traditional web gateway model is being disrupted; yet many vendors are still very attached to their appliances. Instead of evaluating a very mature on-premise market, I wanted to focus this Wave on the future.
“Business buyers don’t buy your product; they buy into your approach to solving their problems.”
Most B2B marketers need to position their firms as thought leaders on the issues their buyers face. This is easier said than done, because marketing mindsets focused primarily on brands, products, and offerings makes it difficult for marketers to develop interesting content that captures their buyers’ attention.
A lack of skills and experience in developing customer-focused content make it difficult to produce engaging content. Our benchmark study showed 87% of marketers struggle to produce engaging content. (subscription required) And most firms don’t have a process or framework for managing thought leadership marketing initiatives, so they push out product brochures and white papers thinly disguised as thought leadership content.
As a result, buyers don’t find B2B content engaging because the digital world gives them more power to form buying decisions alone. To intercept these buyers when they begin to discover issues and start to explore options; marketing and sales teams need to put your firm’s points of view out there for prospects and customers to see. Really provocative or forward-leaning points of view help to not only attract an audience, but build interactions. Doing this is thought leadership marketing.
In a world where OS and low-level platform software is considered unfashionable, it was refreshing to see the Linux glitterati and cognoscenti descended on Boston for the last three days, 5000 strong and genuinely passionate about Linux. I spent a day there mingling with the crowds in the eshibit halls, attending some sessions and meeting with Red Hat management. Overall, the breadth of Red Hat’s offerings are overwhelming and way too much to comprehend ina single day or a handful of days, but I focused my attention on two big issues for the emerging software-defined data center – containers and the inexorable march of OpenStack.
Containers are all the rage, and Red Hat is firmly behind them, with its currently shipping RHEL Atomic release optimized to support them. The news at the Summit was the release of RHEL Atomic Enterprise, which extends the ability to execute and manage containers over a cluster as opposed to a single system. In conjunction with a tool stack such as Docker and Kubernates, this paves the way for very powerful distributed deployments that take advantage of the failure isolation and performance potential of clusters in the enterprise. While all the IP in RHEL Atomic, Docker and Kubernates are available to the community and competitors, it appears that RH has stolen at least a temporary early lead in bolstering the usability of this increasingly central virtualization abstraction for the next generation data center.
A few weeks back I published a report entitled New Tools Make Hybrid Apps A Safer Bet. It’s my first report at Forrester, a brief on some of the changes happening in the hybrid application space and what they mean for application development and delivery (AD&D) pros. The topic is something I was noodling on before I joined Forrester and it was a natural topic for my first report.
I’ve been a contributor to the Apache Cordova project and written 4 books on the topic, and while a lot of developers are building hybrid apps using Cordova, broad adoption of the approach has been lacking. Don’t get me wrong, a lot of developers are using the framework, and there are a lot of apps out there, but we haven’t seen a lot of big name adoption. Developers eschew the hybrid approach for reasons both valid and invalid; recent changes in the hybrid space address some of those issues and should set the stage for broader adoption of hybrid. Check out the report and I would love to hear your feedback.
The Social Security Administration’s (SSA) Supplemental Security Income (SSI) program had a problem: It was paying out way too much in unearned benefits to program participants. This was happening because participants weren’t reporting their income often enough. As participants’ incomes went up, their SSI eligibility went down — but they continued receiving SSI benefits based on the lower income they had previously reported.
SSA used fundamental customer experience (CX) techniques to solve this problem. As a result, it ended up fixing not one problem, but three.
First, SSA and its contractor performed basic quantitative and qualitative customer research to discover why people weren’t reporting their income. The reason wasn’t fraud — it was convenience. SSA had made it too difficult for beneficiaries to report their income, so they weren’t doing it as often as they should. But how to make it easier? Solid CX design methods presented the solution: a mobile app.
I’ve been doing a lot of thinking about ITIL and whether or not it is fit for purpose for DevOps. The logic I keep hearing goes like this - you shouldn't confuse the ITIL approach with the implementation; the ITIL approach is building blocks; these building blocks are easily applied to DevOps. I’m not convinced. First, ITIL is fundamentally time bound. For example, ITIL v1 was primarily around applying mainframe disciplines into the emerging world of Client/Server, ITIL v2 was more about ensuring quality of output across complex operations environments and ITIL v3 was more about consolidating established operations principles and shifting the focus to “how does IT contribute to business value?” Isn’t it a stretch to make best practices for previous waves of technology apply to DevOps whereby infrastructure and operations professionals are not silo’d but play an active part in delivering customer products and services along with application developers? Second, ITIL zealots are convinced that these ITIL “best practices” are some kind of complex baking recipe and if all steps are not followed to the letter, the end result will be a failure. This means that for many, the approach and the implementation of ITIL is tied. This leads me to my question: Is ITIL fit for purpose for DevOps? To return to the analogy of building blocks, let’s use the ultimate of building blocks – Legos. When I think about ITIL and service management, what most enterprises have implemented, looks like this:
Today, IBM and Box announced a partnership and integration strategyto “transform work in the cloud." This is an interesting move that further validates Forrester’s view that the ECM market is transforming — largely due to new, often customer-activated, use cases. We also see that the current horizontal collaboration market is shifting to better target specific work output, as opposed to more general-purpose knowledge-dissemination use cases.
What does this partnership mean for IBM, Box, and their partners and customers?
For Box, the company gets important access to the extensive IBM ecosystem: Global Services, developer communities via IBM’s Bluemix platform, and the IBM-Apple MobileFirst relationship, as well as engineering acceleration to fill gaps in its content collaboration offering in areas such as capture, case management, governance, and analytics, including Watson.
If the RSA Conference was any indicator, threat intelligence has finally joined the ranks of cloud and advanced persistent threat as ambiguous/overused terms that mean many different things to many different people. If you were given a dollar, pound or euro every time you heard "threat intelligence," there is no doubt you could fund your security budget for decades to come. Your biggest challenge would be determining how to invest some of that money into threat intelligence capabilities.
To help Forrester clients navigate the threat intelligence market I have several pieces of research underway. The first report, "The State Of The Cyberthreat Intelligence Market" has just published. In it I discuss the frenzied venture capital and vendor investment in the threat intelligence space. I also provide guidance on how security and risk professionals should navigate the marketing hype to make the best investment of their limited resources. I am currently writing the second report "Market Overview: Threat Intelligence Providers." Here is a snippet from the latest research that illustrates just how much vendor focus we have seen. Since October of 2014:
There have been three acquisitions and eight fundraising rounds.
iSight Partners (Critical Intelligence) and Lookingglass (Cloudshield) have each raised funds and made an acquisition.
Of the acquisitions, only one company publicly disclosed the acquisition amount: $40 million (Proofpoint.)
The eight fundraising rounds raised a total of $102.5 million dollars.
I noticed an interesting phenomenon at Interop which sparked my theory on new network technologies. New network technology maturity and its adoption correlate directly to the five stages of loss: 1) denial; 2) anger; 3) bargaining; 4) depression; and 5) acceptance. For example, Interop break-out sessions on cloud and bring your own device (BYOD) now mostly seemed to be mainstream initiatives compared to other technologies, such as software defined network or network functions virtualized. In the mainstream initiative sessions, an aura of acceptance and even tinges of optimism reverberated throughout the room. Presenters spoke passionately and positively about their topics and reinforced the importance of:
Teamwork.Courtney Kissler, Vice President of E-Commerce & Store Technologies at Nordstrom, shared with the audience that the new world is made up of a team of business product managers and mobile app and networking professionals, to name just a few groups working together under the initiative. There was the mentality that everyone is accountable and must work together as a team, helping each other to roll out a great application that will benefit the business.
Consumers in Asia Pacific have made the mobile mind shift—the expectation that they can get what they want in their immediate context and moments of need. This rings particularly true for consumers in Singapore, where smartphone penetration will reach a staggering 85% by the end of 2015. From researching products prior to purchase to booking of taxi services, consumers in Singapore are increasingly reaching into their pockets for their smartphones to get information and services in their mobile moments of need. And they have come to expect similar—if not better—information, digital services and customer experience from their financial institutions. It comes as no surprise then that competition in mobile banking has started to heat up in Singapore, with many banks enhancing their mobile capabilities to serve increasingly empowered customers.
In our inaugural 2015 Singapore Mobile Banking Functionality Benchmark report, we have evaluated the retail mobile banking offerings of four banks in Singapore using 41 criteria. We found that:
Banks in Singapore offer accessibility and convenience, providing a wide range of mobile touchpoints where customers can quickly log into their accounts to carry out key tasks, either on the web or on the app.
Most banks offer services that matter most to customers including balance checking, transaction history, and basic money movements.
Leading banks (such as DBS Bank and OCBC Bank) differentiate by offering next-generation value-added features, either by using augmented reality technology to help home buyers with their purchase decisions or by using mobile image capability to pay bills.
Yet, there is room for improvement for banks when it comes to leveraging context and analytics to gain a deeper understanding of their customers, and they can do more to cross-sell additional banking products and services through mobile