I’m fortunate enough to be tracking two exciting, but vague and ill-defined markets that are becoming increasingly critical to large enterprises around the globe: master data management (MDM) and metadata management. Ask ten information management professionals what MDM and metadata means to them and you’ll likely receive 20 distinct answers. MDM usually involves some business-focused statement about achieving a single trusted view of a customer, product, or some other critical data, while IT typically looks at metadata to reduce complexity, and increase productivity, reuse, and collaboration, by having a single version of truth about their company’s “data about data.” To me, it seems there should be more synergies and collaboration between these currently siloed and disparate enterprise initiatives.
I believe in a close alignment for a number of reasons:
Perhaps the most interesting part of Lotusphere this year was the renewed focus on people, community, and social software. The theme ran through every aspect of the conference – from the new Lotus Connections product announcement to noticeable improvements in software usability across all Lotus and WebSphere products, and even to the forward-thinking forays into new social computing environments like Second Life. It was hard not to notice the excitement and interest of participants as they asked hard questions about how well social software concepts and technologies will translate into an enterprise setting – will people tag, bookmark, chat, converse, and share via these tools? And why would a company use these tools as opposed to using free services on the Web? While we’re starting to see business users adopting these tools, clear answers to these questions will take time to materialize.
Of course, IBM is not alone in putting their emphasis on human beings – Microsoft’s latest wave of products also have many of these themes coursing through their marketing material. This is good for the buyers of both software vendors’ products. For years the software industry as a whole has been characterized by products that are engineered before they’re designed – and the race to get new features on the market led to engineering groups throwing partially engineered products over the wall to red-meat-eating sales professionals who then crammed them down the throats of buyers. The feature war is over. I much prefer to see the software vendors competing to make people more effective and have impact in their roles – by making their software easier to approach, easier to use, and easier to integrate, and by helping people to make richer connections to each other.
Google had a security incident earlier this month whereby information they collected to aid in their anti-phishing techniques was revealed on the web site including some personal information. To their credit, they removed the information quickly, but ideally there would be controls in place to prevent this. Not knowing the internal workings at all of Google, it does make me wonder about how they review new business opportunities for privacy risks. I also remember this issue being raised with Microsoft's anti-phishing tool bar as well and they were grilled in the press for it. To stay vigilant let's remember to hold everyone to the same standard, whether they're number one in the market or not. But perhaps these incidents show us that press reaction is not based entirely on the incident itself, but the company's response.
Something really big is happening. Many companies and even software vendors aren’t aware of it because they’re so busy trying to get their arms around content—put it in repositories, integrate the repositories, manage corporate records, get people to stop emailing documents around—that they’re way too busy to see the ground shifting underneath their feet. This groundswell is about putting content to work—and that means, quite simply, doing something with the content that’s being managed so it creates business advantage.
For years, enterprises, vendors, integrators, consultants and others (including me) have strived mightily to get content under control. It’s still a massive problem: there’s so much content — written documents, presentations, email, web pages, spreadsheets, graphics, videos, podcasts . . . the list goes on — and it’s in every filing cabinet, drawer, hard disk and memory stick. Even today, after years of investing in document imaging, document management, collaboration, and web content management systems, most content is not locked down, versioned and searchable using metadata or tags. But it’s time to move on — “simply” (that’s a laugh) managing content isn’t enough.
This week, the mainstream press reported that Microsoft made a Wikipedia “no-no”: Microsoft offered to pay an independent contributor — Rick Jelliffe — standards expert and the CTO at an Australian tech company — to investigate the accuracy of, and change, if necessary, technical articles about Open XML and Open Document Format (ODF) on Wikipedia. ODF is an OASIS and ISO standard and Open XML is Microsoft’s alternative, currently an ECMA standard and potential ISO standard. Kyle McNabb and I were talking about this incident. Here are our thoughts:
Lotusphere was inspiring. The investment and effort that IBM Lotus has made in social computing with its announcement of Lotus Connections is visionary. Although learning is not a part of it in a formal way yet, it’s coming. I spent a number of hours in the Research Lab with researchers from all over the world looking at their ideas; some were more developed than others. These thinkers have taken the step forward in looking at learning as something that is informal, contextual, controlled by the employees, and available when employees need it so they can be successful at a task. 2007 will bring more developments and I’m betting that informal learning will be an important part of Lotusphere 2008. Of course, all this is going to require a culture change within organizations. Companies that encourage people to explore new technology for use as a business tool will be the first adopters. Those, for example, that still don’t allow IM most likely will watch from the sidelines. A knowledge management or collaboration evangelist or champion is important to get social computing started within an organization.
I saw this article on Slashdot about MINI giving out RFID fobs to drivers so that when they pass by a particular billboard it will display their own personally chosen message. This serves absolutely no useful purpose of any kind, but I can see why people are interested. It's neat to see a billboard change because you came near it! It makes you feel cool and important. I foresee the acceptance of RFID coming from these kind of toys because customers like to view the world as revolving around them. Reminds me of a song by Toby Keith.
Quality assurance testers are an important part of the software development process. But they mostly test for functionality -- does it work with the data I put in? Often times they don't test what happens if one inputs malformed data and tries to break the system. Security should be part of the QA testing process. Often times we get blank stares when we ask companies how they ensure security of their applications. Robert Auger has put up a very basic set of steps to bring security testing into your QA process. It's worth taking a look.
Interesting report from Brian Krebs over at the Washington Post. He compiled statistics on how long it took some of the major software vendors to issue patches for security flaws in their products, starting with IE. In a vacuum though this information isn't terribly helpful except to remind people to continue vigilance, but I look forward to more reports on different products and vendors so that they can be compared.
New ID theft laws are now taking effect in Pennsylvania and Hawaii to join the over 30 other states that have already enacted legislation similar to California's groundbreaking laws like those discussed in Forrester's report "California Law Establishes Duty Of Care For Information Security". Just as Michael Rasmussen predicted in 2004, the number and variety of information security and privacy laws are getting worse in the United States, and around the world. For your business, your best bet is to adhere to the strictest rules in your US operating jurisdictions, which often means California.
Ideally the federal government will act soon to unify identity laws and provide a reasonable minimum of protection and information loss reporting requirements. Until then, separate state rules will continue to terrorize corporate privacy execs.