This is a roll-up of all Forrester blogs written for Business Technology Professionals. Role-specific blogs are listed below. Visit Forrester.com to learn how we make Business Technology Professionals successful every day.
Technology is essential in any managed security operations center. Technology has come a long way to create an active defense of the enterprise. There are vendors that offer solutions for log management, web application defense, firewall, incident event correlation, and many others. In order to understand the size of the security technology market, Forrester and the MSP Alliance are partnering in a survey to look at the managed security functions and the technology MSSPs use to deliver their services. If you are an MSSP or an end user of these technologies, you can complete this survey at:
We get a lot of calls from EA leaders that find themselves stuck between a rock and a hard place: They need a tool to help them through a specific initiative such as application rationalization or transformation management, but don’t have the time, maturity, approach, and financial justification for the EA management suite (EAMS) that would get the job done. As I mention in my recent report, "Select A Right-Fit Toolset For EA," this uncertainty and urgency has fueled the proliferation of new vendors addressing specific challenges. What I did not mention is that these new choices don’t just signal more competition in the usual market - they actually signal a new market entirely. One that is probably bigger than many might first think.
I’m referring to the mid-market. Not just in the obvious sense of smaller, less mature EA practices, but also including the myriad situations where the initiative is being carried out by a role that has no idea that they’re acting as an “EA,” or by consultants hired to get the job done and get out. There’s a big market out there of temporary EA “initiatives” (as opposed to permanent EA groups or practices) and consultants that would leverage a tool if it were cheap enough, easy enough, and straight-forward enough for these short-term use cases.
With all the talk of data out there, who is actually using it and what are they using? Turns out, most data used in the enterprise today comes from internal applications. That is starting to change, and the trend will accelerate. But for now, when asked which data types were important to their firm’s overall business strategy, the majority of business intelligence users and planners cited internal sources such as transactional data from corporate apps or other customer data. Only about 1/3 of respondents reported the importance of external sources such as scientific data, partner data or other 3rd party data. Fewer still used unstructured external data such as Twitter feeds or other social media sources. Current data sources are limited. Yet both business and IT decision-makers recognize the need to improve their use of data: 56% of business and IT decision-makers surveyed by Forrester see improving the use of data and analytics to improve business decisions and outcomes as a top priority. And, that potentially includes expanding the use of external data... if they can find it.
Where do they go for external data? What types of data might complement their transactional and other internal data? How can corporate strategists and market research teams identify new sources of information? Where can they find them, and how can they acquire and consume them? Can they be combined with internal data? Are the sources safe? reliable? sustainable?
Peter Kujawa CEO of Locknet, Steve Tallent from Fortinet, and I were speaking at the recent MSPWorld Conference in San Jose, California about the cloud revolution. Steve was interested in the conversation because Fortinet is now offering virtualized versions of their Fortigate UTM solution. Peter was interested because his business is built on taking the pain away that platform management entails. Obviously security intersects both of these worlds.
We discussed the changes cloud computing was making to the MSP/MSSP markets and the differences between the SMB and enterprise businesses and what motivates them to consider the cloud IaaS, SaaS, and PaaS model.
Peter talked about one of his clients – a smaller client – that managed their business from a small server stashed in the closet of their offices. Peter’s company offered to replace the box with a cloud-based system that took over patching, updates, and maintenance for the system for a simple monthly fee. The client would access their applications via the Internet. The risk to this business was huge for so many reasons. The customer leapt at the chance to get rid of the box.
In another case, I was speaking with a large client and we talked about the motivation for the cloud. Inasmuch as maintenance and support are an issue, the larger issues for large companies are the IT assets on the balance sheet. This company liked cloud because of their need to “clean up” the balance sheet. There were too many IT assets loading down the balance sheet – distorting the company's return on assets.
Outside of Tempe is a place called Sahuarita, Arizona. Sahuarita is the home of Air Force Silo #571-7 where a Titan missile, that was part of the US missile defense system and had a nine-megaton warhead that was at the ready for 25 years, should the United States need to retaliate against a Soviet nuclear attack. This missile could create a fireball two miles wide, contaminate everything within 900 square miles, hit its target in 35 minutes, and nothing in the current US nuclear arsenal comes close to its power. What kept it secure for 25 years? You guessed it...four phones, two doors, a scrap of paper, and a lighter.
Photo Credit: Renee Murphy
Technology has grown by leaps and bounds since the cold war. When these siloes went into service, a crew supplied by the Air Force manned them. These men and women were responsible for ensuring the security and availability of the missile. Because there was no voice recognition, retinal scanning, biometric readers, and hard or soft tokens, the controls that were in place were almost entirely physical controls. All of the technology that we think of as keeping our data and data centers secure hadn’t been developed yet. It is important to note that there was never a breach. Ever.
It might be an occupational hazard, but I can relate almost anything to security and risk management, and my visit to the Titan Missile Museum at AF Silo #571-7 was no exception. The lesson I took from my visit: there's room for manual controls in security and risk management.
I was recently invited to join the celebrations for the opening of Portugal Telecom's (PT) new tier 3 data center in Covilha, Portugal. On this occasion, CEO Zeinal Bava reported the completion of major milestones in a five-year transformation program, including: 1) the transition to a next-generation network (NGN); 2) the transformation of business models to become more responsive to changing consumer needs; and 3) a transformation of the customer experience to become a customer-centric organization. Mr. Bava also announced the launch of a public cloud that's freely available to Portuguese citizens and elaborated on PT's hunger for cloud business in a competitive marketplace. As a symbolic act, 38 companies — including Accenture, the Football Association of Lisbon, Banco BIC, and Wipro Portugal — signed a cloud deal with PT on-stage. PT staged this event, located at its new state-of-the-art facility, to demonstrate its capabilities for innovation in terms of resilience, architectural design, energy efficiency, and capacity. Here is what it means for PT:
Here we are a week into the Federal government shutdown and, as the Republicans and Fox News commentators like to say, the sky has not fallen. Nonetheless, in subtle ways, the shutdown is taking a toll on the economy. To pick one relatively small example, tech market analysts like myself who depend on data from the US Bureau of Economic Analysis, US Census Bureau, and the US Bureau of Labor Statistics are operating in the dark -- just take a look at their Websites, e.g., "Due to the lapse in government funding, www.bea.gov will be unavailable until further notice." More substantively, approximately 800,000 Federal employees are not being paid, Federal government purchases of goods and services have come to a standstill, Federal grants to states and local governments are on hold, and Federal government services ranging from disaster recovery, meat and drug inspections, medical research, public health, to National Parks are not available to citizens and businesses.
The practice of enterprise architecture is about your business – guiding decisions and designing solutions for better, more sustainable business outcomes.
Pretty much every EA leader would agree with this statement – but only a small percentage can say that this describes their program. Whether due to the situation they are in, or their own leanings, their impact is mostly on IT outcomes. It’s in this context that it’s such a pleasure for me to announce the winners of the 2013 InfoWorld/Forrester Enterprise Architecture Awards.
Two words stand out in all these winning submissions: “business” and “transformation.” These EA programs all share a singular focus on being central to how their business, not just their IT function, evolves.
Many in our profession have said that EA should report into the business, not IT. The EA program in the National Bank of Abu Dhabi; the second largest lending bank in the United Arab Emirates, does so. In their submission: Building the Global Business Transformation Roadmap, they describe how the credibility and impact they had when they were part of IT lead to them being moved into the Transformation Management Office, reporting to the CEO. They are now responsible for the analysis and transformation road maps, transformation program design, and balanced scorecards for the overall bank as it seeks expand to 45 countries in five years.
I was perusing one of my favorite trade pubs, The Register, and noticed an article about the new HP OneView systems management, which reminded me that I was going to write a blog on it at some point. Further perusing the article gave me even more incentive to get down to penning this post, since I really think that this is one of the rare occasions where the usually excellent staff of “El Reg” allowed themselves to get carried away with their enviable witticisms and just plain missed the point.
The Register article seemed to dismiss HP OneView as some sort of cosmetic trick, with references to things like “dressing up software in easy to use user interfaces”. My perception is completely the opposite — dressing up software in easy to use interfaces is exactly what is needed in a world drowning in IT complexity, and I believe that HP OneView is a significant development in systems management tools, both useful to HP customers today and probably setting a significant bar for competitive offerings as well.