In this podcast, Principal Analyst Craig Le Clair will discuss one of the classic untamed processes, invoice processing. Results from a survey of accounts payable departments will be shared, highlighting current pain points of automating the accounts payable process. Also discussed is how enterprise content management and EIPP can possibly help to tame accounts payable.
Oracle Siebel CRM and SAP CRM still offer the most complete solutions, with improved usability. SAP has been steadily working to fill out its CRM offering, resulting in end-to-end process integration support that no longer comes at the expense of missing CRM functionality. Meanwhile, Oracle Siebel CRM is still the most full-featured CRM solution, with a breadth and depth of functionality for many industry verticals. Both vendors have moved to address key complaints: poor usability, high cost, and long implementation times. Siebel 8.1 features the Siebel User Interface, which can be highly personalized and is task-driven. The SAP CRM 7.0 UI is flexible to support varying roles and offers drag-and-drop personalization that allows any section of any page to be rearranged by the end user. Both vendors are working to lower total cost of ownership (TCO) for their customers by introducing more preintegrations with other solutions from within their respective corporate families and offering “rapid implementation” methodologies and tools to reduce upgrade costs.
We recently embarked on a Forrester-wide research project to benchmark the use of social technologies across enterprise organizations. Why is this important? Well, as you may know, we cover social technologies from a wide range of perspectives — from roles in marketing to IT to technology professionals. We find each of these roles differs in its general “social maturity” and that most companies are experiencing pockets of success, but few, if any, are successfully implementing it across the board. In fact, full maturity in this space could take years, but there are clear differences in how some ahead-of-the-curve companies are using social technologies for business results. In fact, at this point it has been clearly established by many people (including us many times over) that social technologies as transformative tools that are changing the way companies do business. So we’re not talking as much about the opportunity social presents, but rather we are trying to determine the current reality of practitioners. It’s also clear that many companies have made tremendous strides in planning and organizing for the use of social technologies. However, the one question we consistently get is: “where is my organization compared to others in the use of social media?” We want to benchmark these companies to see if we can answer questions like:
How do you define “social maturity” and why is it important to get there?
Which companies are ahead of the curve in implementing social technologies for both external use (i.e., for customers/consumers) and/or internal use (i.e., for employees/partners)?
What have been the biggest drivers of success?
What are the biggest challenges?
What steps do most organizations need to take and why?
IBM announced its intentions to acquire Coremetrics, a leading Web analytics vendor, as BI megavendors continue to round out their BI portfolios (the other leading vendor in the space, Omniture, was recently picked up by Adobe). Good move, IBM. Web analytics can't really continue to exist in a silo. In order to get truly complete 360-degree view of customers, prospects and products, one needs to combine Web analytics data with ERP, CRM, HR, Financials and other transactional and analytical data sets. Currently, there are no off-the-shelf solutions that do that - it's pretty much the realm of customized offerings and systems integration. If IBM can indeed plug Web analytics into its data integration, data warehouse and BI products and solutions, it'd be quite a differentiated offering. Other large BI vendors, like Microsoft, Oracle and SAP will probably pick up one of the remaining Web analytics vendors Nedstat, Unica and Webtrends sometime soon.
I once played golf with an ex-politician who ran Liverpool Council until he had to resign after being caught accepting bribes from local firms tendering for lucrative council contracts. He claimed there was no impropriety because all the bidders paid him the same amount. I remembered this story when the leader of IBM’s sell-side e-commerce program, presenting at Ariba Live this week, talked about moving selling “off the green and into the blue.” His goal is to make IBM customers’ on-line buying experience (the blue) so great that IBM can reduce the time its sales reps spend playing golf with customers (the green).
Of course, that message went down like a lead balloon at a software event packed with sales reps and purchasing managers (not to mention analysts) who regard frequent corporate shindigs as an important compensation for an otherwise overworked and underpaid existence. He is right that suppliers should integrate their order processing system with customers’ eProcurement applications, such as via a supplier network, but not at the expense of the business relationship. Moreover, though it’s a nice tag line, it confuses sourcing (deciding from whom to buy) with procurement (getting things you need from the approved sources).
Today, with some fanfare, Oracle announced its Oracle BPM Suite 11g Release. Although the product has been GA since late April, Oracle is just now launching a major campaign to announce and promote the new release.
The Oracle BPM Suite 11g release comes as a long-awaited announcement for former BEA customers that built large-scale BPM practices and competency centers around BEA's AquaLogic BPM (ALBPM) Suite offering. Since Oracle announced its acquisition of BEA in January 2008, many of these customers have been scratching their heads trying to figure out whether Oracle was going to kill BEA's BPM Suite in favor of Oracle BPEL. And in some cases, Oracle helped fan the flames of confusion by putting out conflicting messages about which product would survive.
Prior to joining Forrester, I led a dedicated BPM practice for a global consulting firm based in Washington, DC. I stood up the practice with Fuego - a leading BPM suite vendor at the time - as our premier BPM suite partner. We transitioned to partnership with BEA when Fuego was acquired by BEA in 2006. And then finally transitioned to partnership with Oracle, when Oracle acquired BEA in 2008. Over the past 5 years I've had a front row seat - across sales, delivery, and support - to the evolution of the product that Oracle now calls Oracle BPM Suite 11g. I've seen its sparkles and its warts over numerous large-scale implementations for public sector and commercial customers.
Many product strategists are, like me, old enough to remember software stores like Egghead. Those days are gone. Today, consumer packaged software represents a very limited market – the software aisle has shrunk, like the half-empty one at the Best Buy in Cambridge, MA (pictured).
Only a few packaged software categories still exist: Games. Utilities and security software. And Microsoft Office – which constitutes a category unto itself. Some 67% of US online consumers regularly use Office at home, according to Forrester’s Consumer TechnographicsPC And Gaming Online Survey, Q4 2009 (US). Office is the most ubiquitous – and therefore successful – consumer client program aside from Windows OS.
Office 2010, Microsoft’s latest release, will continue to succeed with consumers. On the shoulders of Office 2010 rests nothing less than the defense of packaged software in general. It’s also the most tangible example of Microsoft’s Software Plus Services approach to the cloud – a term that Microsoft seems to be de-emphasizing lately, but which captures the essence of the Office 2010 business goal:
To sell packaged client software and offer Web-based services to augment the experience.
A few weeks ago, Stephanie Balaouras and I posted a podcast on a topic that has been a high priority for many of our customers — how to apply risk management techniques to IT security. We know that many of you are feeling the pressure to take the lead in IT risk management and in some cases even play a role in initiating risk management at the corporate level.
The key to success is understanding the core elements of risk management and how to plug them into existing processes without creating simply another layer of overhead. A major theme of my recent research has been on existing risk management standards and how they are being applied to IT Security and Risk functions. For example, the ISO 31000 risk management standard outlines a five-step process for formalized risk management. My January report, Introducing ERM To IT Security And Risk , provides a summary of the standard, and I will be expanding upon the next steps in my upcoming research documents. In addition, look out for my next doc on Regulatory Intelligence, to be published in the next few months.
In the meantime, I encourage you to listen to this podcast to hear about best practices and lessons learned from clients who have gone through these steps. And as always, I welcome any questions or feedback.
Valleywag reported yesterday that a hack targeting AT&T’s infrastructure led to the disclosure of 114,000 iPad owners' email addresses, including those of prominent celebrities, politicians, and high-profile industry figures.
As far as we can gather at this point, this is most likely a parameter tampering attack. The hackers attacked AT&T’s iPad support Web application, traversed through a range of ICCIDs (Integrated Circuit Card Identifiers), and were able to eventually obtain valid iPad owners’ email addresses without proper authentication.
If this is indeed true, AT&T has done a poor job designing their Web applications — being able to guard against automated parameter traversal attacks is one of the first things you do to secure your Web apps. One can launch an automatic parameter traversal attack fairly easily these days: It does not require sophisticated technology or advanced reconnaissance on the victim Web application.
This attack apparently only affected iPad 3G users, not those with Wi-Fi-only iPads. AT&T's official response stated that this particular flaw on their Web application has been remediated.