Compliance, along with security and privacy, is a big topic when firms consider cloud services. I recently did a Forrester Webinar on the topic of compliance for cloud computing. This blog entry is a recap of the Webinar.
In terms of compliance for cloud services, there are four categories of issues of concern:
Where: Geographically-related issues
How: This is about operational details that affect compliance
Audit: Show me evidence that you can help me achieve compliance
Others: Everything that doesn’t fit into the above categories
For the “where” category, you need to be conscientious of the following aspects:
Implications of local laws and regulations (where the datacenters are operating)
Third-party access: Does the vendor use any “third-party” resources that may affect the locations of relevant data?
We recently helped a client evaluate the business suitability of a SaaS provider. In the course of doing so, we discovered that the SaaS vendor used a third-party backup service to back up their logs. Although the SaaS provider is located entirely in the US, the backup service provider is not. Therefore there is a question of whether my client’s logs will get stored in a datacenter outside the country. This made my client uneasy.
The “How” category is the biggest and most comprehensive, as it includes many operational aspects. For example, along with other aspects, you need to consider:
I had the chance to join 50 other people at a telepresence event last week. This one took place in real-time using Cisco's TelePresence rooms. (Okay, full disclosure, it was a Cisco industry analyst event held on December 9th.)
(This is a long post, so for those looking for key lessons and gotchas, just scroll now to the bottom.)
For those of you who've been asleep for the last 4 years as first HP and then Cisco followed by LifeSize, Polycom, RADVISION, Tandberg, and Teliris demonstrated the like-being-there experience of telepresence, it's pretty amazing stuff. Video conferencing with near face-time quality. You can in fact see the whites of their eyes.
Companies like P&G, GE, and Dreamworks are using telepresence technology to slash executive travel and give technical staff the tools to collaborate across massive distances with almost the same experience as being there (save the ability to shake hands, share a meal, and have a side conversation).
I first experienced telepresence in 2004 at HP's Corvallis, OR, lab, and it blew me away back then. It's only gotten better. (Colleague Claire Schooley has calculated the ROI of telepresence for those thinking about this technology.)
Back to this telepresence event:
Cisco used 12 telepresence rooms in at eight cities: Boston, New York, San Jose, Toronto, Copenhagen, Amsterdam, and Bedfont outside London.
Much a'twitter today about a possible Google phone — not just another Android "with Google" phone like the various existing models from HTC, Motorola, and Samsung, but a phone solely branded and sold by Google. TechCrunch has reported that the phone will be made by HTC and sold unlocked (that is, direct to consumers rather than through operator channels) beginning in January 2010.
I must emphasize that these details are speculation at this point, unconfirmed by Google (other than a validating post that Google gave out this model of phone to a number of employees). Nevertheless, it's worth considering the implications of this, should it prove true. The most important question is:
Will the phone be sold at full retail price, or will it be subsidized?
As the debate continues between what’s best for businesses and consumers as we look for economic recovery, a few of the amendments expected to come to a vote today involve the creation of a new consumer financial protection agency, a Sarbanes Oxley exemption for small firms, and new power for the Government Accountability Office to audit the Federal Reserve.
While this debate is going on, the Organization for Economic Cooperation and Development released a framework last week to guide policymakers in the reform of international financial markets. According to the announcement, “Increasing transparency is key. The complexity and opaqueness of products made risk assessment difficult for firms and investors and hindered market transparency, a major cause of the crisis.”
The framework’s explanation of the financial landscape includes principles for 1) A definition of the financial system, 2) Transparency, and 3) Surveillance and analysis. Responsibilities for the collection and distribution of relevant data are described for government authorities, industry groups, and international organizations. These principles mirror the focus of other potential regulatory changes and will have a substantial impact in the way organizations document and track a wide range of business processes and transactions if they are carried out in legislation.
A brief reflection from the SAP Influencer Summit on SAP’s On-Demand strategy
At the SAP Influencer Summit in Boston Dec 8/9, SAP put a lot of emphasis on its new roadmap into cloud computing and how serious the company is taking the topic for its future success. Well, to be true SAP actually avoided the term ‘cloud’ almost entirely and talked about ‘on-demand’ solutions instead. Maybe the company stayed away from the term ‘cloud’ because there is still a lot of confusion in the market (or inside SAP?) what cloud computing actually is, or to simply differentiate from the masses that currently go ‘crazy in the cloud’. Anyways, to offer pay-by-use software applications via self-service over the web indeed is pure cloud computing and SAP has declared it to be a future focus area for the company when Jim Snabe said “… significant [SAP] investment into on-demand will disrupt the market and SAP will regain leadership in this space”.
Last week, Microsoft disclosed that it expects Office 2010 and related products to be generally available to consumers at retail in June 2010. Office 2010 and related products will be available to business customers through volume licensing earlier in the first half of 2010. This launch confirmation means massive effort by the Redmond product teams to work through feedback from the public beta and ready the suite for launch.
Since 2004, I have been arguing in my research that the tech market would enter a new cycle of innovation and growth starting in 2008. This thesis was based on my review of the US tech market since the 1950s, which showed a pattern of eight-to-ten year cycles of strong growth in tech purchases, followed by eight years of modest growth. This pattern had repeated three times, first with the introduction of mainframe computers in the late 1950s and 1960s, then with the arrival of personal computers in the 1970s and 1980s, and then with ERP software, client-server systems, and the Internet in the period from 1992 to 2000. Based on this pattern, I predicted that the tech market (at least in the US) would grow at about the same rate as the overall economy from 2004 to 2007 as business "digested" that third wave of technology, then decline in 2007 or 2008 due to a recession in that period ("IT Spending Outlook: 2004 To 2008 And Beyond -- Waiting For The Next Big Thing": http://www.forrester.com/Research/Document/0,7211,35063,00.html; "Expect A Tech Slowdown Before The Next Boom -- Forrester's Long-Term IT Spending Forecast For The US, 2005-2010": http://www.forrester.com/Research/Document/0,7211,37816,00.html). While not all aspects of these predictions have come true, overall I believe they were a generally accurate forecast of what happened in the tech market from 2004 to 2008.
We recently finished some research into what clients need from our research – role “deep dives.” Those of you who are clients of the sourcing and vendor management (SVM) role might remember having done one for us a while back. When SVM piloted that research last year, we used the information to refine our research strategy and create an SVM Roadmap. We then shared that roadmap with our clients in a teleconference to get more feedback into what you needed (and didn’t) from us.
Staples Technology Solutions - a separately managed part of the growing company - will outsource your desktops or address print management needs. So this means IT outsourcing as well providing Managed Print Services for printers, imaging equipment, copiers, and fax machines. They are strong in volume pricing and support coverage and will do well in the mid part of these markets. I would have liked to have seen more connection to their print and copy retail service centers. For example allowing jobs to be routed from a business to a retail center for special preparation - the type of things corporate print centers use to do.