“Enterprise rights management? What does that even mean?! You’re using security speak!” exclaimed my colleague TJ Keitt.

TJ sits on a research team serving CIOs, and covers collaboration software. We were having a discussion around collaboration software and data security considerations for collaboration. “Security speak” got in the way. It wasn’t the first time, and it will likely not be the last, but it is a good reminder to remember to communicate clearly using non security speak – and not just to fellow S&R pros, but to the rest of the business (in this case – the CIO) – to talk about what we really mean. That’s how collaboration starts.

Collaboration is also not just about S&R pros engaging the rest of the business to bring them into the security-minded fold, but to also listen and be aware of what’s bubbling up in other parts of the organization as it can have implications for security too. One of the more interesting examples that I see today come from the marketing side of the business, specifically those involved with strategies for customer experience and digital marketing. Mobile is huge (no surprise, right?), and is transforming how companies interact with customers. The future of mobile is all about context: 1) situation, 2) preferences, and 3) attitudes.

The continued economic viability of software development in India, whether by independent software vendors (ISVs) or “captive” business units, depends less on pure labor arbitrage and more on delivering time-to-market advantage for clients. The pressure of meeting business expectations demands that software firms harness creative capability wherever they can find it. The increased focus on Business Technology innovation and customer experience over mere cost savings presents both a threat and an opportunity to software configuration and development business units (BUs) in India.This is the key finding from my just-published report. 

Forrester developed its software innovation assessment workbook to assess software innovation capability of firms. We provided this tool to members of NASSCOM (the industry association for the IT BPO sector in India), comprising both ISVs and captive development BUs in India, and surveyed them to assess the most important process, organizational, cultural, geographical, and staffing practices that promote software innovation. We also interviewed a dozen selected respondents in greater depth to better understand how innovation capability contributes to business success in India. We found evidence of widespread adoption of the practices correlated with software innovation capability, helping to drive a rapidly changing role for Indian business in the global software supply chain.

Innovators in India that were engaged in software development and configuration received high scores for many of the practices that drive effective innovation. They demonstrated strength in:

• Listening to the voice of the customer
• Making the development process more iterative and responsive
• Developing organizationwide best practices
• Shaping the culture

I met with a group of clients recently on the evolution of data management and big data.  One retailer asked, “Are you seeing the business going to external sources to do Big Data?”

My first reaction was, “NO!” Yet, as I thought about it more and went back to my own roots as an analyst, the answer is most likely, “YES!”

Ignoring nomenclature, the reality is that the business is not only going to external sources for big data, but they have been doing it for years.  Think about it; organizations that have considered data a strategic tool have invested heavily in big data going back to when mainframes came into vogue.  More recently, banking, retail, consumer packaged goods, and logistics have marquis case studies on what sophisticated data use can do. 

Before Hadoop, before massive parallel processing, where did the business turn?  Many have had relationships with market research organizations, consultancies, and agencies to get them the sophisticated analysis that they need. 

Think about the fact, too, that at the beginning of social media, it was PR agencies that developed the first big data analysis and visualization of Twitter, LinkedIn, and Facebook influence.  In a past life, I worked at ComScore Networks, an aggregator and market research firm analyzing and trending online behavior.  When I joined, they had the largest and fastest growing private cloud to collect web traffic globally. Now, that was big data.

Today, the data paints a split picture.  When surveying IT across various surveys, social media and online analysis is a small percentage of business intelligence and analytics that is supported.  However, when we look to the marketing and strategy clients at Forrester, there is a completely opposite picture. 

After RSA's acquisition of SilverTail, things are heating up in mobile application level behavioral detection. 

We see fraud management vendors increasingly looking at mobile application behaviors (beyond web fraud management and device fingerprinting) to build out a normal and abnormal behavior profile for the network traffic signatures coming out of the application (similarly to how SilverTail/RSA looks at web traffic signatures). Note that this is clearly a grey area that falls between what device fingerprinting vendors (iovation, 41st Parameter, BlueCava, ThreatMetrix), or risk-based authentication (RBA) vendors (RSA, Entrust, CA/Arcot, etc.) or what traditional back-end, cross-channel transaction monitoring vendors (Actimize, ACI, Detica, SAS, etc.) have been doing. Although device fingerprinting and RBA vendors have long been providing SDKs and APIs for developers to include in their mobile applications, understanding mobile application network traffic and building good and bad behavioral models is becoming something people are increasingly interested in.

Mobile application behavior detection has the benefits of not having to open up application code, not having to define too many security policies or rules. Because of this, mobile application behavior detection and network traffic signature profiling is something we expect to see a lot of vendor interest in the next 9-12 months.