Information Security Metrics & The Balanced Scorecard

Edward Ferrara

I just finished a final draft of a presentation on information security executive reporting that I and some colleagues will present at the upcoming Forrester IT Forum in Las Vegas.  For those of you who want more information on the Forum please see Forrester's IT Forum 2011 in Las Vegas. In this presentation Alissa Dill, Chris McClean and I will present an approach for using the Balanced Scorecard to present security metrics for senior level audiences. For those of you who are not familiar to the Balanced Scorecard, it was originated by Robert Kaplan currently of the Harvard Business School and David Norton as a performance measurement framework that added non-financial performance measures to traditional financial metrics to give managers and executives a 'balanced' view of organizational performance[1].  This tool can be used to:

  • Align business activities to the vision and strategy of the organization
  • Improve internal and external communications
  • Monitor organization performance against strategic goals
Read more

NetSuite Announces Aggressive Plans To Move Into The Enterprise

Kate Leggett

NetSuite was kind enough to invite me to the analyst day at its SuiteWorld 2011 user conference — an event packed with product, strategy, customer, and partner information. The focus was clearly on its platform and ERP solutions. Here are my thoughts and takeaways:

  • NetSuite wants to ride the SaaS wave into the enterprise. NetSuite is the only SaaS-based ERP suite of scale. It reports that its data centers get 2.2 million unique logins and 4 billion customer requests a month. However, NetSuite wants to do better. It wants to take its well-tested and well-adopted solution in the midmarket and extend into the enterprise. The timing is right, as Forrester reports that enterprises are ready to consider SaaS-based ERP solutions. In fact, NetSuite reports that sales to enterprise customers increased 37% between 2009 and 2010.
  • NetSuite has a solution package targeted at the enterprise. NetSuite announced a new “Unlimited” package for about $1 million, which includes all modules, unlimited storage, applications, SuiteCloud customizations, subsidiaries, and unlimited users. The exact pricing is based on functionality and number of users (which starts at 500), and scales up from there. It is a package targeted to compete with traditional on-premise ERP vendors as well as SAP’s on-demand solution, Business ByDesign.
Read more

Categories:

Ballmer's Masterstroke In Buying Skype

Mike Gualtieri

Steve Ballmer Does Not Like To Lose

With Microsoft's plan to acquire Skype for $8.5 billion, Steve Ballmer is doing a Jason Voorhees in Crystal Lake. Let me explain. Microsoft failed miserably at mobile. While the boys and girls in Redmond were contemplating how to put the "Start" menu on a phone, Steve Jobs was cleaning mobile clocks with the iPhone. But, like all great competitors, Microsoft knew they lost it. So they started from scratch. The result: Windows Phone 7. In my opinion, an awesome mobile platform on a par with iPhone, albeit with a lot less cultural cachet. The problem: The momentum favors iPhone and Android. Microsoft needs an ace card. Ballmer, potentially, found an ace card in Skype.

With 633 Million Users, Skype Is A Communication Juggernaut

Skype is not a phone. It's a way to see your three-year-old granddaughter, connect with your adult children, or make sure your family is safe 4,000 miles away. And, it's mostly free. Of the 633 million users, fewer than 8 million are paying users. No matter. What is important is that many of these users would love to make free calls on a mobile phone.

Read more

Expand Your Enterprise Mobile Horizon

Jeffrey Hammond

 

Monday was yet another announcement-filled day in what seems to be the year that mobile takes center stage for application developers. While the U.S. Congress was grilling Apple and Google executives about their privacy practices, Microsoft was buying Skype,  and Google was making a slew of announcements including information about Ice Cream Sandwich, the next version of Android. Mobile strategy is high on everyone’s list: It’s a refrain I hear every week in the client inquires I take. The shift to mobile is big — as big as anything I’ve seen since the early days of client-server. If the arrival rate of my inquires is any indication, it’s bigger than the move to implement SOA and it’s faster than the embrace of open source software. It’s ironic that both have a part to play in incorporating mobile apps into enterprise infrastructure. In some ways, they are key contributors to the perfect storm we’re in now.

But as big as mobile seems now, I’m not sure that IT professionals are thinking big enough. I’ll be moderating a keynote panel at IT Forum with some of Forrester’s best thinkers in the mobile space, and as I’ve been reviewing some of their slides I find that they’re expanding my vision of just how profound the changes we're going through are going to be. These are some of the issues we’ll be discussing:

Read more

What Microsoft's Skype Deal Means: A Post For Content & Collaboration Professionals

Ted Schadler

I'm not going to comment on the $8.5B purchase price, though I'm sure Marc Andreesen's investment company is happy with their return. And I'm not going to comment on the impact on Xbox, Hotmail, and Live.com. And I don't think this has anything to do with Windows Mobile.

But I am going to comment on the impact of the deal on the enterprise, and specifically on content and collaboration professionals responsible for workforce productivity and collaboration. When you strip it down to its essence -- Skype operating as a separate business unit reporting to Steve Ballmer -- here's what you need to know about the Skype deal:

First, Microsoft gets an important consumerization brand. Skype is a powerful consumer brand with a reported 600+ million subscribers. But it's also a "consumerization brand," meaning that it's a valuable brand for people who use Skype to get their jobs done. Consumerization of IT is just people using familiar consumer tools to get work done. It's a force of technology-based innovation as we wrote about in our book, Empowered: Unleash Your Employees, Energize Your Customers, Transform Your Business. Google and Apple and Skype have dominant consumerization brands. Microsoft does not. Until now. And as a bonus, Google doesn't get to buy Skype. And more importantly, neither does Cisco.

Read more

Your Vertical Is . . .

John Kindervag

Companies often demand to know what their peers in a particular vertical market are doing within the realm of information security before making new decisions. “We’re in retail” or “healthcare” or “financial services” they will say, “and we want to do what everyone else in our industry is doing.” Why? The TCP/IP revolution has changed everything, including how vertical markets should be viewed. In the old analog world, you could define yourself by your product or service, but no longer. Today it doesn’t matter if your company sells plastic flowers or insurance — what defines you is your data and how you handle it.

When advising Forrester clients on InfoSec, the first question I ask is, “what compliance mandates are you under?” Like it or not, compliance determines how data is handled and that defines your vertical in our data-driven society. For example, I often say that, “PCI is the world’s largest vertical market.” It is a single global standard that affects more companies than not. You may think you are a hotel and your vertical is hospitality, but if you handle credit cards your real vertical — from a data perspective — is PCI.

Data defines markets. Look at your data, your transactions, and your process, and map them to your compliance initiatives. That will determine your digital — not analog — vertical. Using this measure, you can determine your security baseline and compare yourself to companies who must handle data in the same manner as you to help guide your security decisions.

Categories:

RIM Puts Mobile Device Management Vendors On Notice

Christian Kane

Supporting non-BlackBerry mobile devices is a priority for every company I speak with these days. Regardless of industry and size, firms are bringing in mobile device management (MDM) solutions alongside their BES to manage the increasing number of Android and iOS devices that are in their employees’ hands.

Now let’s be clear, even with these MDM solutions in place I&O professionals should not expect the same levels of security and management for Android and iOS that they’ve come to know on BlackBerry with a BES, yet. Ultimately these MDM solutions are limited by Apple and Google’s APIs, but eventually they will have all of the necessary components to challenge RIM’s position as the enterprise mobile device, especially as more companies allow personal devices inside their networks.

RIM is obviously putting a lot of work into combating the market share erosion it’s seeing in the hardware and platform space, but what about device management? With well over 25 vendors in the MDM space currently, the fight is on for who will manage mobile devices moving forward. Cue RIM’s announcement last week at BlackBerry World stating that it will expand BES and BES Express support to include both Android and iOS devices later this year, you can feel the other MDM vendors collectively shudder.

Read more

Continuation Of The BI Software Plus Services Convergence Trend

Boris Evelson

As we predicted more than three years ago, BI software and services are converging. Today, Deloitte announced its acquisition of the assets of the BI SaaS vendor Oco.  This is a great confirmation of several trends:

  • BI is hot. All of the leading management consultancies and systems integrators are putting BI at the top of their priority lists.
  • BI is all about software plus services. There’s no such thing as  “plug-and-play” BI. One always needs to bundle it with services to integrate data, customize metrics and applications, etc.
  • BI is a perfect fit for any firm with a software-plus-services offering, as demonstrated by
    • IBM acquisition of PWC, Cognos, and SPSS
    • HP acquisition of Knightsbridge and Vertica
    • SAS acquisition of Baseline Consulting
    • EMC acquisition of Conchango and Greenplum.
Read more

Cloud Computing Will Save IT Millions, But Only If You Have Elastic Applications

Mike Gualtieri

Do you keep every single light on in your house even though you are fast asleep in your bedroom?

Of course you don't. That would be an abject waste. Then why do most firms deploy peak capacity infrastructure resources that run around the clock even though their applications have distinct usage patterns? Sometimes the applications are sleeping (low usage). At other times, they are huffing and puffing under the stampede of glorious customers. The answer is because they have no choice. Application developers and infrastructure operations pros collaborate (call it DevOps if you want) to determine the infrastucture that will be needed to meet peak demand.

  • One server, two server, three server, four.
  • The business is happy when the web traffic pedal is to the floor.
Read more

Painting The IT Industry Landscape

Chris Mines

All of us in the technology industry get caught up in the near-term fluctuations and pressures of our business. This quarter’s earnings, next quarter’s shipments, this year’s hiring plan . . . it’s easy to get swallowed up by the flood of immediate concerns. So one of the things that we work hard on at Forrester, and that our clients value in their relationships with us, is taking a few steps back and looking at the longer-term, bigger picture of the size and shape of the industry’s trajectory. It provides strategic and financial context for the short-term fluctuations and trends that buffet all of us.

I am lucky to co-lead research in Forrester's Vendor Strategy team, which is explicitly chartered to predict and quantify the new growth opportunities and disruptions facing strategists at some of our leading clients. We will put those predictions on display later this month at Forrester's IT Forum, our flagship client event. Among the sessions that Vendor Strategy analysts will be leading:

  • "The Software Industry in Transition": Holger Kisker will preview his latest research detailing best practices for software vendors navigating the tricky transition from traditional license to as-a-service pricing and engagement models.
  • "The Computing Technologies of 2016": Frank Gillett will put us in a time machine for a trip five years into the future of computing, storage, network, and component technologies that will underpin new applications, new experiences, and new computing capabilities.
Read more