IBRS Advisor Team

IBRS Advisor Team

Read latest work...

Connect with IBRS

Have a specific question for IBRS Advisor Team?

Email

Conclusion:

Consumers are increasingly sceptical of how organisations – both in the public and private sector – use and secure their personal information. At the same time, organisations are realising that data has the potential to drive significant gains in customer service efficiency and new business opportunities. Balancing consumers’ expectations and emerging legislative requirements against actionable opportunities is essential.

Unfortunately, such a balance is not possible where there is insufficient leadership to develop clarity, alignment, and urgency in data culture initiatives.

Without a robust data culture initiative that can provide focus, leadership, clarity, and commitment, organisations may not achieve a suitable balance, and therefore face consumer backlash.


Read more


Conclusion:

Information asset categorisation (IAC) builds the capabilities of an organisation to establish guardrails for more efficient data governance practice. It is at the heart of addressing the changing risks of information management due to the rapid update of collaboration tools and hybrid working.

However, poor acceptance by stakeholders can be an issue, eventually putting information trustworthiness and security at risk. It takes more than just a change of organisational culture or management practises to entrench IAC. Clearly defined roles among the ICT groups and other members of the organisation are needed to achieve the security, privacy, and information governance benefits that IAC can deliver.


Read more


Conclusion:

A low-code Centre of Excellence (CoE) is not just about getting people to use low-code platforms. Rather, it provides leadership, support, training, and best practices that address innovation and continuous success within the organisation. It is crucial for an organisation to establish a CoE, especially when the need to concentrate expertise is fundamental to reduce operational and knowledge silos in the workplace.

A CoE provides recognition and authority as the centre of management competency in the organisation. By delivering best-practice methodologies, standards, and tools to enable teams to effectively deliver projects, it can best support business outcomes (sales, services, etc.) as well as ensure compliance and business integrity. By aligning the CoE’s goals with that of the organisation’s, processes can be more easily improved or changed to meet the demands of a post-COVID-19 environment, where agility, compliance, and business integrity are essential.


Read more


The Latest

12 April 2022: Research by risk consulting firm Kroll revealed a 356 per cent surge in common vulnerabilities and exposures (CVEs) or zero-day vulnerabilities (also known as freshly announced threats) in the last three months of 2021 compared to the previous quarter. By December, an increase in new ransomware variants was detected in ManageEngine, ProxyShell, VMWare, and SonicWal pushed CVE logs to an all-time high.

Kroll’s industry survey revealed that while phishing remained the most popular initial access infection vector, at 39 per cent in the fourth quarter, CVE increased from 6 per cent to 27 per cent in the same period.

 

Source: Q4 2021 Threat Landscape: Software Exploits Abound

 

Why it’s Important

Many incidents of ransomware continue to impact Australian organisations who are considered prime targets due to (a) their capacity to pay and (b) their relatively immature (from a global perspective) cyber-defence and cyber-response capabilities of a larger number of mid-sized enterprises. Many of these organisations struggle to close common vulnerabilities, let alone zero-day exploits, quickly enough to avoid intrusions due to their weak defence postures.

Organisations need to address their ability to defend against such attacks and respond appropriately to limit any impact caused by breaches. More effort is required across industries to contain the likelihood of attacks impacting productivity, reputation and financial resources, rather than just within individual businesses. This will support sharing of intelligence and the growth of cyber-defence nationally.

Who’s impacted

  • CMO
  • Development team leads
  • Business analysts

What’s Next?

  • Cyber-defence can no longer be left to a 'best effort' basis by ICT groups. Organisations that lack a dedicated cyber security specialist, must seek out specialist services, peer groups and forums, and actively leverage better practices from these groups.
  • Evaluate the status of your enterprise’s ransomware defence and look into the strengths and weaknesses of your current security posture.
  • Create a dedicated team that will develop a roadmap to improve the organisation’s stance against ransomware.

Related IBRS Advisory

  1. The Security Impact of Remote Working: Find the Gaps in (Zero) Trust
  2. Use Security Principles to Guide Security Strategy
  3. Reducing the Risk of a Successful Ransomware Attack

The Latest

12 April 2022: Low-code enterprise software developer OutSystems announced Integration Builder’s (IB) support for Generic PostgreSQL version 13, Aurora PostgreSQL version 12, as well as non-relational database MongoDB. Prior to the announcement, OutSystems only supported a limited number of platforms including MySQL, Oracle, Azure SQL and SQL Server. With more connection options for infrastructure servers, users can now better develop applications where data resides in Cloud-based, high-capacity, elastic databases.

Why it’s Important
As low-code plays an increasing role in application delivery, the adoption of open-source databases will become increasingly common for several reasons. First, it opens up low-code applications to existing solutions as well as allowing existing applications built upon these databases to be extended by low-code developers. Second, it has the potential to reduce the overall cost of low-code architecture. Finally, the inclusion of elastic databases allows low-code to be used for massive scale data applications.

Therefore, for organisations that are considering purchasing a new low-code platform with connected services from different sources, look into how the vendor caters to the evolving hyperscale Cloud computing market to support the scalability and high-performance needs of clients. As previously noted by IBRS, the most successful ones will require minimal changes in enterprises' existing SQL Server application code, speed of migration, and ease of switching to other tools post-migration.

Who’s impacted

  • CTO
  • Development team leads
  • Business analysts
  • Low-code centre of excellence

What’s Next?

Review the low-code spectrum to determine which types of low-code capabilities your organisation needs in the near and midterm, and which are most likely to be needed in the longer-term.
In addition, it is imperative to assess risks associated with adopting a new operating model and platform before investing in any low-code platform.

 

Related IBRS Advisory

  1. Considerations for Selecting Modern Low-Code Platforms
  2. VENDORiQ: AWS Babelfish Brings PostgreSQL to its Hyperscale Database

The Latest

5 April 2022: Amazon Web Services (AWS) launched AWS Billing Conductor for customisation of Cloud cost reporting and more accurate monthly billing data. Organisations can now organise accounts into billing groups, apply specific pricing packages, assess and edit pro forma expenses and reports, and compare rates between those applied to groups and current AWS rates.

Why it’s Important

The COVID-19 pandemic has impacted 92 per cent of organisations to exceed their Cloud spend forecasts in the last 12 months, according to a recent report. As a result, many ICT groups are being asked to justify their increasing spend on Cloud services to optimise the enterprise’s purchase decisions.

Although Cloud can reduce overall costs in some areas of ICT's business as usual (BAU) expenditure (operational costs that are part of standard daily work), the increase in demand for computing and storage generally makes it appear that promised costs of savings from Cloud are not materialising. By allocating costs to specific business units’ consumption, deployment projects, use cases and new digital transformation initiatives, enterprises can identify which efforts drive the most Cloud spend. This goes a long way to clarifying why Cloud investments are worthwhile (or not, as the case may be).

Therefore, it is no longer sufficient to consider Cloud budgets as simply part of BAU, nor treated in the same way software costs have been treated in the past. These old approaches will mean that justifying Cloud spend will only ever be short-lived.

Cloud cost management tools that enable not just Cloud cost identification, but also allocation back to business benefits will be vital for identifying profitable technologies and projects within the Cloud. While there are other third party solutions in this space (such as VMWare’s CloudHealth, Cloudability and Densify), the AWS Billing Conductor will assist mid-sized organisations who cannot afford such services, or lack the skills needed to implement Cloud spend budgeting with better accuracy.

Who’s impacted

  • CMO
  • Development team leads
  • Business analysts

What’s Next?

IBRS has observed that many less mature organisations have a ‘sprawl’ of Cloud services that need to first be identified and then reined in, before cost optimisation products can be fully effective. Therefore, consider how Cloud business cases and ongoing budgets need to be communicated, and to whom, within your organisation. In addition, look into how you can set up a billing responsibility model and cost dashboard, designed for cost efficiency. Ideally, decisions around this should be made by the Cloud centre of excellence.

Related IBRS Advisory

  1. VENDORiQ: Aussie Cloud-cost Specialist GorillaStack Expands What it Watches
  2. Cloud Financial Management is Optimised with Cloud Certified Partners
  3. How to get on top of Cloud billing

The Latest

22 March 2022: Knowledge management application software developer Objective Corporation (Objective) has acquired US Cloud-based content management system firm Simflofy. With the acquisition, Objective’s governance extends beyond a focus on regulated and public sectors to accommodate organisations struggling to govern Microsoft365 suite. Through a combined enterprise federated governance and single source of truth (SSOT), users can expect the features of the integration to be introduced in its newest tool, Objective 3Sixty.

Why it’s Important

The Australian public sector’s content management solution vendors are dominated by Micro Focus Content Manager (formerly known as TRIM) and Objective. However, both solutions providers lack the technology to fully address the demand for federated knowledge management due to the effect of disruptive collaboration, and the adoption of Microsoft Office 365 by many enterprises. 

However, the acquisition of Simflofy will be a game changer for Objective.” to avoid it seeming like Simflofy has acquired Objective. The integration of Simpflofy’s federated information management capabilities to Objective’s strength in knowledge management in compliance rich environments, has the potential to balance a unified view of organisation wide content from disparate sources of information, with rigorous information lifecycle management.

At the very least, the acquisition signals that Objective is now committed to federated knowledge management, instead of the traditional record-keeping system that it is known for.

Who’s impacted

  • CMO
  • Sales/marketing teams

What’s Next?

Objective customers should monitor the vendor’s progress with Objective 3Sixty’s features such as SSOT through consolidating various sources across multiple information repositories and managing it all in one place.

In addition, public sector organisations that use Objective as well as SharePoint without appropriate governance and compliance add-on solutions (such as RecordPoint’s Records365), should start exploring how the new Objective plans and acquisition may impact discussions on where and how knowledge is stored in a compliant manner.

Likewise, Micro Focus Content Manager’s customers must raise inquiries to the vendor on the progress of the service provider’s plans for filling in the gaps of federated content management capabilities for Content Manager, in particular Control Point. 

Related IBRS Advisory

  1. The Challenge of Disruptive Collaboration and the Future of Enterprise Knowledge Management Solutions
  2. Does IBRS have a framework which describes the capabilities of Knowledge Management?

The Latest

22 March 2022: Virtual application delivery (VAD) service provider Cameyo joins Citrix and VMWare as certified Google Chrome Enterprise Recommended solutions for virtualisation. Cameyo’s features, combined with the Chrome operating system (OS), provides Cloud-based desktops’ with Windows apps. This extends Google’s virtualisation features by running fewer servers at higher capacity with centralised infrastructure, security and data management. 

Why it’s Important

Application virtualisation services expand users’ access through a secure ecosystem that supports legacy systems on Chrome (and other devices). This approach may reduce operating costs relative to traditional desktop virtualisation infrastructure.

In addition, Cloud VDI does not limit users into a single device when accessing data and applications and does not compromise security or reduce the capacity of endpoint management. Enterprises likewise can save on the costs of acquisition and maintenance of devices, resorting to lower-code (and lower-cost to support) Chromebooks. 

Cameyo’s recognition by Google marks a turning point in the move towards wider acceptance of application virtualisation, as opposed to full VDI.

Who’s impacted

  • Desktop / digital workspace teams
  • Development team leads
  • Business analysts 

What’s Next?

Organisations re-evaluating their VDI investments - especially in light of Citrix’s request acquisition,  should consider the potential of application virtualisation, and perform a detailed RIO that includes not just the licensing and hardware, but also the operational costs over an extended period - say five years. 

It should also be noted that, with Citrix being acquired, many organisations have started to be less optimistic about new innovation coming from the platform. IBRS reiterates that users should not expect any revolutionary new Citrix features to be released in the near future. Instead, IBRS expects a gradual acceleration of the shift towards application virtualisation services, regardless of a vendor’s existing popularity in the industry.

Related IBRS Advisory

  1. VENDORiQ: Citrix to be Acquired by Vista Equity Partners and Evergreen Coast Capital
  2. VENDORiQ: Windows 365 - The New Hotness, or Same Stuff in a New Can?

The Latest

15 March 2022: Snowflake announced its planned acquisition of data applications builder Streamlit. Snowflake’s goal is to integrate app building into its Warehouse-as-a-Service platform with simplified data access and governance features. 

Why it’s Important

There has been a growing trend in the acquisitions of analytics platform developers to boost product features and improve capabilities of data science tools.

IBRS expects more mergers and acquisitions among leading Cloud analytics vendors that will commence the initial stages of consolidating the hyperscale, elastic analytics market. It projects more integration of key components of the data analytics system in the next three years. In particular, data catalogues or data sharing solutions will become increasingly integrated with Cloud data lakes and data warehouses.

However, it is the use of centralised data repositories - data lakes and warehouses - to simplify the development of low-code apps that has been overlooked. One of the biggest challenges and costs for low-code apps development is integration. However, data analytics platforms have already integrated and normalised data from multiple systems. As a result, using these centralised data resources for low-code application development could be very attractive. 

Microsoft’s Dataverse is essentially this concept - albeit within the Microsoft world. Snowflake’s investments in Streamlit are an indication that there is a growing market for this use case.

Who’s impacted

  • COO, CIO, CTO
  • Business analysts

What’s Next?

Organisations should look at how their low-code initiatives tie into data analytics initiatives. Low-code platforms generate not only data captured from forms, but also metrics on how processes are performing - data which will likely end up being reported upon via analytics platforms. But there are also opportunities to leverage the analytics platforms to act as engines for low-code and rapid application development environments. Bringing the people involved in each of these areas together can reveal new opportunities to ‘streamline the process of streamlining processes’.

Related IBRS Advisory

1. VENDORiQ: AWS Accelerates Cloud Analytics with Custom Hardware

The Latest

15 March 2022: Google announced general availability of Dataplex, a ‘dash fabric’ (aka, data mesh) solution that allows enterprises to centrally manage and control data across data lakes, databases and data warehouses. Google claims that the product can mesh Google Cloud with open source technology for analytics professionals to better govern data. Dataplex was launched together with Datastream and Analytics Hub that make up Google Cloud’s database services in its analytics portfolio.

Why it’s Important

Since it was introduced in 2019 by its creator Zhamak Dehghani, the concept of data mesh is becoming hyped. Similar to service oriented architecture (SOA), it is misunderstood by vendors and buyers alike who believe that it is all about technology. Instead, data mesh is as much a philosophical shift, from viewing data being centralised in data lakes or warehouses, to managing data close to where it is created, through a domain-oriented design with a self-serve data infrastructure.

Google, on the other hand, identifies Dataplex as a data fabric, which provides a technology layer over disparate data sources for better access, discovery, integration, governance and security. Data fabric focuses on existing multiple centralised technologies that consolidate data. Data mesh, on the other hand, promises a fully domain-oriented, decentralised approach, since it considers all enterprise data as a set of different repositories, preventing any loss in domain expertise during translation, unlike with a data lake. Thus, in a pure data mesh platform, different groups can manage data as they see fit, sharing some common governance measures while maintaining their domain knowledge on the data.

IBRS has observed that data catalogue vendors are leveraging data mesh rhetoric to market their products. However, most of these do not truly align with the philosophy of data mesh, which is fine for the near term, as few organisations are prepared for the changes involved when adopting such a democratised approach to data management.

Who’s impacted

  • CTO
  • Analytics teams

What’s Next?

Organisations that want to explore data mesh concepts must carefully consider shifts in data team structures, roles, responsibilities and skills before looking at technical solutions.Some changes brought by such a data architecture approach will impact domain-specific variations in data across departments, domain ownership, data product self-containment, and governance architecture to preserve global controls.

Related IBRS Advisory
1. Business First Data Analytics - Webinar and Q&A

Conclusion:Salesforce’s Einstein Automate uses a number of AI algorithms to automate high-volume, manual, and repetitive tasks. The Flow Orchestrator tool applies AI to the building of workflows, recommending steps to improve workflows and spot process bottlenecks. The application of AI to the development of workflows will become increasingly common, with vendors such as Appian and Nintex having such capabilities. The result will be the acceleration of process digitisation by citizen developers.


Read more


Conclusion: Power Apps (along with Power Automate and the broader Power Platform) is Microsoft’s low-code application creation and application lifecycle management tool. It aims to enable application development to all levels of the stakeholder: from citizen developers (non-technical staff) to business analysts up to technical teams. Microsoft Power Apps supports a variety of business use cases that address development backlogs. However, similar to most Software-as-a-Service (SaaS) tools, its limitations need to be carefully considered before an organisation decides to adopt the enterprise-ready platform in its digital transformation initiative.


Read more


Conclusion: Accrued technical debt can have a severe impact on operations when left unattended. Unless organisations acknowledge the existence of technical debt and set a strategy to address it and minimise its impact, they can end up paying far more for remediation. By learning how to measure technical debt, organisations can start identifying its root causes and develop strategies that become a part of their development process.


Read more


Conclusion: Microsoft Azure Arc allows customers to run Azure in multiple, hybrid Cloud environments, with a focus on servers and Kubernetes. One core concept is to allow Kubernetes clusters with containerised applications to be managed across both public Cloud (Azure and others) and private data centres. This approach allows organisations to “modernise data centres” so that they support Cloud-native app building. Key to leveraging Arc for data centre modernisation is the re-emergence of hyperconverged infrastructure (HCI).


Read more