Man Alive, It’s COBIT 5: How Are You Governing And Managing Enterprise IT?

You think that this blog title is bad? Be thankful that I didn’t try something like: “There’s No Obit For COBIT.”

Anyways, today sees ISACA (an international professional association for IT Governance) release COBIT 5 – the latest version of its internationally recognized “Business Framework for the Governance and Management of Enterprise IT.”

As in previous blogs such as “It’s Time To Realize That ITIL Is Not The Only Fruit,” the industry’s obsession with ITIL needs to be both tempered and supplemented with more pragmatic guidance on IT management and IT service management. COBIT can help with this in spades. In fact, some would argue that ITIL should be used to supplement COBIT – try some of Rob England’s (The IT Skeptic, and a great supporter of COBIT) short COBIT blog posts on for size: “The difference between ITIL and COBIT for consultants: four words” or “COBIT 5 will be released in April.”

So What’s New?

ISACA states that:

“COBIT 5 builds and expands on COBIT 4.1 by integrating other major frameworks, standards and resources, including ISACA’s Val IT and Risk IT, ITIL (“the IT service management best practice framework”) and related standards from the International Organization for Standardization (ISO).”

Read more

Dell Gets Thin: Words to the Wyse

On the night of his 18th birthday, Gregg Allman drew a bull's-eye on his shoe, then shot himself in the foot to avoid the draft. If next week, Forrester's IT department declared that I should be expecting a box with a thin client PC at my desk, and I would be expected to use it instead of my MacBook Air for work, I'd be drawing a bull's-eye but not on my shoe. It would be on the box.

I suspect most road warriors and office workers alike would feel the same way. Ever try to go to a meeting in a conference room with a thin client? It's bolted to your desk. As long as all of the information you ever need for meetings is crammed between your eustachian tubes, you're good to go. If however you're like the rest of us, there are benefits to taking your computer (and applications and data) with you, like showing more than one other person what you've been working on.

That's where client virtualization (as opposed to simply VDI) comes in, and it's in this context that Dell's acquisition of Wyse makes some sense. Wyse makes thin and zero clients, as most of us hopefully know, and surely not by pure coincidence…so does HP. But thin clients as a standalone tool for most of us, is a non-starter. But as part of a mosaic of virtualization technologies that taken together offer me my work environment no matter where I am, have potential.

Read more

Reunion Special: Licensing With The Frenemy

A recent conversation with IBM software executives sheds more light on the topic of software audits. Responding to a blog post we published a few months ago, IBM recognized some of the challenges inherent in an IBM software audit.  They proclaimed that getting through an audit, addressing these challenges, and moving towards license optimization is cemented in Software Asset Management (SAM) best practices. IBM also told us that the causes of client exposures fall into one of three categories:

  • Customers' indifference to their responsibility in an IBM software agreement. Few companies fall under this category, as most decide to be held accountable for their compliance.
  • Loss of deployment control. Complicated licensing structures and poor SAM practices characterize this category. While IBM licenses inherently are complicated, clients add to the complexity when they deviate from the standard contract in an effort to add flexible terms. A common example of a poor SAM practice that contributes to IBM software exposure is the lack of communication between those that procure the licenses/negotiate entitlements and those that deploy licenses.
  • Over-deployment due to non-malicious gross error. While companies may not maliciously over-deploy IBM software in their environments, some innocently deploy them by accident. A common example includes the case of the "golden CD" where software from a CD is mistakenly replicated across the vast server landscape. Additionally, some companies misinterpret their entitlements. An example of this includes deploying licenses based on a misunderstanding of their terms and conditions.
Read more

Dell Bolsters Its Apps Mod Street Cred By Acquiring MAKE Technologies And Clerity

Dell made two bold moves last week that bolster its apps modernization street cred. Since MAKE Technologies and Clerity Solutions may not be household names to you, here are our observations about the moves and some rumination on what it means to you.

Who Dell Bought

  • MAKE Technologies (MAKE) - Vancouver, BC-based MAKE brings powerful application analysis, apps portfolio management, and advanced re-engineering capabilities to Dell.
  • Clerity Solutions (Clerity) - not to be confused with CA-Clerity - the PPM tool, it was one of the last remaining COBOL compiler vendors in the business of rehosting COBOL applications to Unix and Microsoft operating systems. It and Micro Focus arguably owned the lion's share of the market.
Read more

Are Macs Vulnerable? Wrong Question.

The misinformation and rhetoric surrounding the recent discovery of the Flashback trojan for Macs is vehement, and says more about the historically stable state of Mac security, and the irrational way many think about it than it reveals about its weaknesses. Even long-time industry observers, who should know better, are jumping into the fray to say: See! I told you so! The Mac is vulnerable! Well…duh…that's not exactly news, folks.

Of course the Mac is vulnerable. EVERY internet connected device is vulnerable. What matters is probability, frequency and potential impact. So the correct question then, is whether or not your prevention, detection and recovery mechanisms are effective. For example, I'm not convinced that traditional anti-virus approaches are right for the Mac. The track record of these tools in the Windows world is abysmal in my view. They're among the most intrusive technologies  to the user - hogging system resources and making even basic tasks impossible as they inspect every file, every day, often several times a day. And…they're reactive. Think: death by a thousand papercuts over a period of years, only to be interrupted by a rare strain of encephalitis, followed by a partial lobotomy and organ transplant to get the patient breathing again, and you're in the ballpark. Application whitelisting will hopefully come to be seen as a better approach.

Read more

New Focus Of EA: Preparing For An "Age Of Agility"

 

    I just recently had a conversation with Peter Hinssen, one of our keynote speakers at Forrester’s colocated CIO Forum and EA Forum in Las Vegas (May 3-4) and our EMEA CIO Forum and EA Forum in Paris (June 19-20). 

   Peter is both a dynamic speaker and a provocative thought-leader on the rapidly changing relationship of technology, business, and “the business function called IT.” Here’s a short summary of this conversation — and a preview of what he will be talking about at our forums.

 

On “The New Normal”:

Technology has stopped being “technology,” and digital has just become “normal”: We’ve entered the world of the “New Normal.” The rate of change of the technology world has become the beat to which markets transform. But the rate of change “outside” companies is now faster than the internal velocity of organizations. But how will companies evolve to cope with the changes as a result of the New Normal? How will organizations evolve to respond quickly enough when markets turn into networks of intelligence?

What this means for IT:

Read more

US Tech Market Outlook Improves For 2012 And 2013

The US economy continues to show improvement – for example, today’s news that new jobless claims were near a four-year low. As the economy outlook has improved, so, too, have prospects for the US tech market. In our updated Forrester forecast for US tech purchases, "US Tech Market Outlook For 2012 To 2013: Improving Economic Prospects Create Upside Potential," we now project growth of 7.5% in 2012 and 8.3% in 2013 for business and government purchases of information technology goods and services (without telecom services). Including telecom services, business and government spending on information and communications technology (ICT) will increase by 7.1% in 2012 and 7.4% in 2013. 

The lead tech growth category will shift from computer equipment in 2011 to software in 2012 and 2013, with and IT consulting and systems integration services playing a strong supporting role. Following strong growth of 9.6% in 2011, computer equipment purchases will slow to 4.5% in 2012, as the lingering effects of Thailand's 2011 floods hurt parts supply in the first half and the prospect of Windows 8 dampens Wintel PC sales until the fall. Apple Macs and iPad tablets will post strong growth in the corporate market, though, and server and storage should grow in the mid-single digits. 

Read more

Is "Good Enough" Customer Service Good Enough?

Eighty-six percent of customer service decision-makers say that a good customer experience is one of their top strategic priorities. Sixty-three percent say that they want their customer experience to be the best in their industry. Yet few companies deliver a good customer experience.

In our recent survey, just over one-third of the 160 large North American brands questioned were found to provide a positive customer experience — a number that hasn’t significantly moved for the past five years.

We know that a bad service experience has quantifiable negative impacts, as measured by monitoring the wallet share of each customer over their engagement lifetime with a brand. But when is a service experience good enough? A recent Harvard Business Review blog says that delighting your customers is a waste of time and energy, and exceeding customer expectations has a negligible impact on customer loyalty — that customers just want simple, quick solutions to their problems.

What customers also want is a consistent, reproducible experience across all touchpoints.

What this means is that a customer wants to receive the same data, the same information, over any voice, electronic, or social communication channel used. Customer service agents supporting customers across these channels should follow the same business processes. And channels should be linked — either from a technology perspective or a business process perspective — so that customers can start a conversation on one channel and move it to the next without having to restart the conversation.

Read more

IT Service Management And ITIL Thinking – Brawn, Brains, Or Heart?

Some great IT service management (ITSM) conversations with BMC this week got me thinking about ITSM people “stereotypes” and what we can learn from them in terms of communication, education, and ITSM  tool selection. It started from my mental 2D matrix that plotted organizational ITSM tool need against the axes of organization size, e.g. enterprise, and level of ITSM maturity – with the latter, in my opinion, being a better gauge as to the ITSM tool that is most appropriate.

Conversations about the people within the organizations, however, made me wonder about the need for a third axis of “ITSM mindset” which could further better help to pin down the type of ITSM tool for a particular organization through a now-3D matrix.

Did Somebody Mention Stereotypes?

Oops, yes that was me. My imagination conjured up three stereotypes, and perhaps there are many more, but I liked that they leant themselves to a collective description of Brawn, Brain, and Heart (oh yes, it's a little "Wizard of Oz").

Where the stereotypes are:

  • Brawn– this describes the traditional IT Hero mentality, it’s all about you and the IT. Very much an IT-centric approach to IT delivery. Probably no concept of IT services and no interest whatsoever in ITIL (the ITSM best practice framework). It’s all about IT muscle in dealing with a never-ending stream of IT issues – the proverbial fire fighting. Talking to a Brawn about ITIL wastes everyone’s time, they will never be interested.
Read more

Nine Managed Security Services Providers (MSSPs) Compete In The North American Market

After months of diligent vendor evaluations, last week we officially published The Forrester Wave: Managed Security Services: North America, Q1 2012. This report features our detailed analysis on nine of the top managed security services providers (MSSPs) offering a robust set of security services to their North American clients.

Through this process, we uncovered a market that we believe is currently ripe for a major disruption: market demand for managed security services (MSS) remains extremely strong, customer satisfaction is higher than we’ve seen in the past, and current MSSPs tend to compete on delivery, customer service, and cost.

This isn’t to say MSSPs all currently offer the same services with the same level of quality – not by a long shot. Selecting the right provider still means that you must understand your needs and the areas you feel they can enhance your security program the most. Each MSSP we evaluated has solid overall security capabilities, but has unique strengths in certain security areas and use different deployment methods to bring their offerings to bear.

At the same time, however, we hear more decisions today come down to cost and execution, and as this becomes more commonplace, we begin to prepare ourselves for a shift in the market. In fact, we believe we’ll see significant changes over the next couple of years for three primary reasons:

Read more