When the going gets tough, the tough get lean, focused, and flexible. To help organizations survive the bad times and thrive in all climates, their information management initiatives must remain agile and adaptable.
If you feel your information management strategy is anything but lean, you’re not alone. Many organizations struggle to gain control over information infrastructures that have become too bloated, rigid, and slow to realign with new business drivers.
As most Forrester customers know, data security has rocketed to the top of the list of CISO priorities for 2009, even considering the down economy. Our Business Data Services group has published some excellent quantitative research on this subject, which we've summarized in report form for Forrester customers. I refer you to Jonathan Penn's excellent The State of Enterprise Security 2008 to 2009 for more details. But for those of you who want the sound bite, 90% of CISOs said that data security was either "important" or "very important" on their proirity lists for this year. That trumped disaster recovery, identity and access management and regulatory compliance.
I always predicted that Open Source BI has to reach critical mass before it becomes a viable alternative for a large enterprise BI platform. All the individual components (a mixture of Open Source BI projects and commercial vendor wrappers around them) are slowly but surely catching up to their bigger, closed source BI brothers. Talend and Kettle (a Pentaho led project) offer data integration components like ETL, Mondrian and Palo (SourceForge projects) have OLAP servers, BIRT (an Eclipse project), Actuate, Jaspersoft and Pentaho have impressive reporting components, Infobright innovates with columnar dbms well suited for BI, and productized offerings from consulting companies like European based Engineering IngegneriaInformatica – SpagoBI – offer some Open Source BI component integration.
With the market now in favor of the enterprise software licensee, its now time to update the Enterprise Software Licensee's Bill of Rights to include newer topics such as virtualization, SaaS and subscription pricing, newer usage based pricing models, open source, and vendor lock-in avoidance. As mentioned in a call to action in a December 2008 Monday's Musings, this groundbreaking report, originally published in December 2006, will be updated to reflect current market conditions. The goal - improve this reusable contract negotiation model that cuts across the 5 key phases of the software ownership life cycle:
In the next few weeks, Forrester Research will release my report, Forrester TechRadar: Database and Server Data Security, Q1 2009. In this report, we describe how the risks of theft, corruption and abuse has made securing data stored on servers and in databases much harder. To help security and risk professionals plan their next decade of investments in server data security, the report describes current and future state of 8 important technologies: centralized key management, data classifiers for security, data discovery scanners, data obscurity tools, database activity monitoring, database encryption, outbound web application filtering, and tape and backup encryption.
As part of the process of researching some of the business drivers for this report, I analyzed data from DataLossDB, a public database containing information on data loss events reported in the press and to governmental organizations as required by various disclosure laws. The data makes for fascinating study, and I urge our readers to take a look at it if they want to see what's been going on in the whole area of data breaches. Best of all, I know some of the principals involved in the project, and they are doing a terrific job.
Some of the analysis nuggets we mined from the database are fascinating. I thought I'd share one here, as excerpted from the report: