Forrester Blogs For Business Technology Professionals
This is a roll-up of all Forrester blogs written for Business Technology Professionals. Role-specific blogs are listed below. Visit Forrester.com to learn how we make Business Technology Professionals successful every day.
With apologies to the late great President Ronald Reagan, "trust but verify" is outmoded advice when it comes to computer network security. So, why do so many information security professionals still think trusted and untrusted networks zones are still best practice? Most think that people are trusted or untrusted. The problem with that thinking is you never know who can or cannot be trusted. Remember wikileaks? It was an inside job.
The solution: Zero Trust - Verify Then Trust
Meet John Kindervag, Forrester Principal Analyst and a leading expert in network and information security. He says that firms must take a Zero Trust approach to network security that means "verify then trust". In this episode of Forrester TechnoPolitics, John describes the what, why, and how of the Zero Trust approach to network and information security.
Podcast: Zero Trust - Your Only Hope For A Secure Network (8 mins)
As businesses get serious about the cloud, developers are bringing more business-critical transaction data to cloud-resident web and mobile apps. Indeed, web and mobile apps that drive systems of engagement (how you interact with your customers and partners) are the reason why many companies look to the cloud in the first place. Public clouds offer the speed and agility developers want, plus the development tools they need. Once you’ve built a killer web or mobile app in the cloud and it’s in production, driving real revenue, who’s responsible for making sure it performs?
It’s a team effort. Developers have to think about performance management as they build, and IT operations teams need to design application monitoring and management into their cloud deployment processes up front. Why? Because there’s no time to do it later. You won’t have time to implement a new app monitoring solution for each new cloud app before you need to get it out to users. And once it’s out there, you need to be tracking user experience immediately.
In traditional IT, one of the reasons we could get away with limited insight into application performance was because we usually overprovisioned resources to make sure we didn’t have to worry about it. It’s easier to have excess capacity than to solve tricky performance problems – problems you might only see once in a while.
Apple’s earnings call yesterday(for the quarter ending March 30, 2013) revealed that its tablet product category, comprised of iPad and iPad Mini, is extremely healthy:
iPad quarterly sales rose year-over-year to 19.5 million compared with 11.8 million in the same quarter last year. This represented an over 65% increase. Seasonality effects – like the holiday season in many countries in November and December – meant that sequential-quarter sales dipped (as would be expected). What It Means: The iPad was the fastest-growing product segment for Apple by far. The iPad Mini has generated a new pathway for market penetration, while the iPad continues to be the market leader in its size category.
International – particularly Asian – iPad sales grew quickly. CEO Tim Cook called out successes in China (where iPad sales increased by 138%) and Japan. Apple plans to double number of stores in China from 11 to 22 in the next 2 years. What It Means: Having a healthy Asian business will be increasingly important to the iOS ecosystem as it competes with Android. (In China, for example, Android tablets enjoy a strong market presence). Apple is making the right moves to bolster its sales and its ecosystem in Asia.
We all hear and read stories of terrible customer experiences; like me, you probably have had your own share of bad experiences. And social media has made it possible for these bad experiences to be shared instantly with millions of people. But in our journey through life, we also experience service that exceeds our expectations. And as we read reviews online, we're more likely to see a mixture of both good and bad experiences. For example, I recently posted a glowing review for a B&B in Bethel, ME, even though a few things about my stay would have typically caused me to deduct points. My five-star review was extremely positive because the proprietor had blown away my expectations on service, delivering an experience way beyond any I've had in a five-star hotel.
But excelling at the personal touch in a small-town B&B is far easier than doing it at scale in a multibillion-dollar business. Yet there are companies that consistently deliver great customer experiences. (My colleagues even wrote a book on them). They aren't perfect all the time, but, on average, they are better than their competitors. At Forrester, we identify these companies through our annual Customer Experience Index (CXi) research. Toward the top of the 2013 index, we find companies like Marshalls, Courtyard by Marriott, USAA, TD Bank, Southwest Airlines, Vanguard, Home Depot, Kohl's, Fidelity Investments, and FedEx.
I was at Oracle’s Analyst day today, and spent time with the Customer Experience Team drilling into the technology that allows organizations to deliver consistent, cross-channel, cross-touchpoint experiences across what Oracle terms the buying and owning journey – and which parallels Forrester’s viewpoint quite nicely. Here is Oracle's view of this journey:
“Enterprise rights management? What does that even mean?! You’re using security speak!” exclaimed my colleague TJ Keitt.
TJ sits on a research team serving CIOs, and covers collaboration software. We were having a discussion around collaboration software and data security considerations for collaboration. “Security speak” got in the way. It wasn’t the first time, and it will likely not be the last, but it is a good reminder to remember to communicate clearly using non security speak – and not just to fellow S&R pros, but to the rest of the business (in this case – the CIO) – to talk about what we really mean. That’s how collaboration starts.
Collaboration is also not just about S&R pros engaging the rest of the business to bring them into the security-minded fold, but to also listen and be aware of what’s bubbling up in other parts of the organization as it can have implications for security too. One of the more interesting examples that I see today come from the marketing side of the business, specifically those involved with strategies for customer experience and digital marketing. Mobile is huge (no surprise, right?), and is transforming how companies interact with customers. The future of mobile is all about context: 1) situation, 2) preferences, and 3) attitudes.
Every company generates data that would be of significant value to its customers, partners and potential partners; information that could be combined with insights from this ecosystem, public data and other sources to generate significant new discoveries, products and business values. But making our data available, easily consumable and getting payback for sharing it are significant hurdles.
Over many years we have built up an ever-more complex web of security, legal and data management practices that make it nearly impossible to share valuable info between companies in an open marketplace style – which is exactly what is needed to open up this value.
But it doesn’t have to be this way. There is a new approach that leading enterprises and governments are taking today that is significantly simpler, more manageable and empowers companies to share their key data more freely, opening up massive new market opportunities for all. Here's how a few Forrester clients are taking advantage of this new model:
The continued economic viability of software development in India, whether by independent software vendors (ISVs) or “captive” business units, depends less on pure labor arbitrage and more on delivering time-to-market advantage for clients. The pressure of meeting business expectations demands that software firms harness creative capability wherever they can find it. The increased focus on Business Technology innovation and customer experience over mere cost savings presents both a threat and an opportunity to software configuration and development business units (BUs) in India.This is the key finding from my just-published report.
Forrester developed its software innovation assessment workbook to assess software innovation capability of firms. We provided this tool to members of NASSCOM (the industry association for the IT BPO sector in India), comprising both ISVs and captive development BUs in India, and surveyed them to assess the most important process, organizational, cultural, geographical, and staffing practices that promote software innovation. We also interviewed a dozen selected respondents in greater depth to better understand how innovation capability contributes to business success in India. We found evidence of widespread adoption of the practices correlated with software innovation capability, helping to drive a rapidly changing role for Indian business in the global software supply chain.
Innovators in India that were engaged in software development and configuration received high scores for many of the practices that drive effective innovation. They demonstrated strength in:
Listening to the voice of the customer
Making the development process more iterative and responsive
I was very excited to finally get a copy of the much-anticipated 2013 Verizon Data Breach Investigations Report (DBIR.) I have found the report to be valuable year after year. This is the 6th iteration and this year’s report includes 621 confirmed data breaches, as well as over 47,000 reported security incidents. 18 organizations from across the globe contributed to the report this year. The full report is 63 pages, and I have to say that Wade Baker and company did a great job making it an enjoyable read. I enjoyed the tone, and I found myself laughing several times as I read through it (Laughing and infosec aren't commonly said in the same breath.) There are tons of great references as well, ranging from NASCAR, to Biggie Smalls, the Violent Femmes and more. The mantra of this year’s report is “Understand Your Adversary’ is Critical to Effective Defense and Response.” Here are a few observations:
The focus on the adversary answers customer questions. Who is the adversary? This is a frequent question from Forrester clients. The Mandiant APT1 report stirred up much debate on state sponsored actors and Verizon's data and analysis gives us more perspective on this class of threat actor. The first table in the report profiles the threat actors that are targeting organizations. It provides a high level view that I suggest you include in any type of executive engagement activity you participate in. This 3rd party snapshot of the threat actors should resonate with a wide degree of audiences.
I met with a group of clients recently on the evolution of data management and big data. One retailer asked, “Are you seeing the business going to external sources to do Big Data?”
My first reaction was, “NO!” Yet, as I thought about it more and went back to my own roots as an analyst, the answer is most likely, “YES!”
Ignoring nomenclature, the reality is that the business is not only going to external sources for big data, but they have been doing it for years. Think about it; organizations that have considered data a strategic tool have invested heavily in big data going back to when mainframes came into vogue. More recently, banking, retail, consumer packaged goods, and logistics have marquis case studies on what sophisticated data use can do.
Before Hadoop, before massive parallel processing, where did the business turn? Many have had relationships with market research organizations, consultancies, and agencies to get them the sophisticated analysis that they need.
Think about the fact, too, that at the beginning of social media, it was PR agencies that developed the first big data analysis and visualization of Twitter, LinkedIn, and Facebook influence. In a past life, I worked at ComScore Networks, an aggregator and market research firm analyzing and trending online behavior. When I joined, they had the largest and fastest growing private cloud to collect web traffic globally. Now, that was big data.
Today, the data paints a split picture. When surveying IT across various surveys, social media and online analysis is a small percentage of business intelligence and analytics that is supported. However, when we look to the marketing and strategy clients at Forrester, there is a completely opposite picture.