According to a new analysis from IBRS, Australia could reap a $224bn dividend by fast-tracking investments in digital transformation – and grow the economy by 1.3 per cent, more than six times the benefit of the Olympic Dam Expansion.

Full Story.

Conclusion:

Part three of this four part series looks at how the disaster recovery (DR) plan can be verified. The DR plan is in effect a contingency plan to deal with risk of a disaster. The DR test plan is a validation of the preparedness of the organisation to address these risks.

The need to have a DR plan verified is therefore essential if the contingency is to be effective. Just having a plan in place is not enough to mitigate the risk. The plan must be tested and verified as part of business as usual (BAU) to both increase familiarity with the plan, its standard operating procedures (SOPs) and processes, and most importantly, improve the likelihood of success.

Read more ...

Conclusion:

This month, discussions regarding security threats to managed services providers (MSPs) have been prominent. In the past, cyber criminals and ransomware gangs have targeted MSPs to gain access to corporate networks. Outsourcing IT administration can leave clients vulnerable when MSPs are given highly privileged access to customer systems. Remote management tools can also leave vendors open to attacks. It is imperative that MSP offerings and managed services provide a comprehensive and dedicated suite of technologies and skills to defend vendor security. A clear strategic approach for clients is necessary in order to address the difficulties associated with recent security threats.

Read more ...

Conclusion:

Chargeback of enterprise-wide ICT costs were developed to assign ICT costs to the point of usage. The outcome is twofold; it ensures the initial allocation of ICT assets and services are identifiable, and it enables reallocation of underutilised or unnecessary services. This relies on IT creating assets and services which are commodified and transferable.

A chargeback arrangement can increase tension between ICT and the department managers. Allocating all ICT costs to achieve a zero-sum IT department can exacerbate that tension. Making IT fully responsible and accountable for IT costs can create insular behaviours which stifle innovation and investments in new IT services for departments. Departments will feel entitled to explore ICT improvements without an effective relationship with IT. Creating a chargeback governance model that manages disputes and builds trust in the process is preferable.

Read more ...

Conclusion:

The rapid adoption of Cloud services and the increasing and well publicised cyber security compromises have added to the security concerns within many organisations. The Australian Cyber Security Centre (ACSC) has recently published a set of Cloud computing security considerations whereby organisations are able to undertake a high level self-assessment of their cyber risks as they transition to Cloud services. IBRS has recently hosted a roundtable with senior ICT and security professionals to highlight some hands-on lessons for managing cyber security in a Cloud environment.

Read more ...

Conclusion:

Organisations everywhere are implementing Agile as a dynamic approach to speed up the creation of value and improve development of new and improved services and products. It should be noted that despite all the strengths of Agile it is not suited to all projects. Adopting a best practice such as Agile is more than learning a new process and skill and then applying it in a project environment. Implementing Agile in an established organisation means that there are often a number of other frameworks, best practices and procedures that will need to co-exist with Agile. Without looking at Agile as part of the whole ecosystem, the results can seem underwhelming or negatively impact on other areas, and can cause a lack of appreciation for Agile and subsequent lack of adoption, or a complete rejection of an approach that has so much to offer.

Read more ...

Conclusion:

There are many low-code myths in the market, some promoted by vendors and others touted by development teams that are resisting the trend. IBRS explores and debunks these myths.

Read more ...

Conclusion:

Organisations must evolve practical and sustainable governance when incorporating low-code platforms into their enterprise architecture (EA). The majority of organisations will use more than one low code platform on their digital transformation journey. As a result, governance will need to encompass tenets that determine which tools (and thus skills and teams) are most appropriate for which types of applications and workflows.

Read more ...

The Latest

27 July 2021: During Google Cloud Platform’s (GCP) analyst update, the vendor unveiled details regarding its Australian expansion with a new Melbourne data centre and new management for the ANZ region. 

Why it’s Important

The new data centre is more an indication of overall Cloud growth in Australia, as IBRS has reported in the past. It is less a turning point in Google’s strategy, and more of a necessary response to market trends. It should be noted that a large set of GCP services will be available from the Melbourne zone, but not all. Others will be added ‘based on market demands’. This is a strategy that has been adopted by all three hyper-scale Cloud vendors, and is a clear indication of how Cloud usage is expanding in Australia: from core infrastructure services (especially storage, compute, containers and analytics) to more nuanced services, such as AI.

During the briefing, Google highlighted its private ANZ wide data network as a key differentiating factor. There is merit to this claim, as network infrastructure in Australia remains a thorny issue for Cloud clients outside the major States, such as Perth and Darwin, Adelaide, etc.

More telling was what was not elaborated upon during the briefing. In the past, Google has focused on its capabilities in AI as a key differentiator in the market. While Google clearly has strong credentials in AI, the reality is that most Australian organisations are not investing in AI directly, but rather obtaining it as part of other solutions. 

For example, AI is found in capabilities of CRM products Salesforce (Einstein) and Zoho (Zia), in low-code products from Appian and Microsoft’s Power Platform and so on.  

Instead, Google championed its partner program and its support credentials. Google knows channel partners are essential to competing against AWS and Microsoft. It also recognises that skills are in short supply, so is investing in training and support programs. 

In reality, Google’s strongest competitive weapon is an age-old one: value for money. When evaluating like-for-like core compute and storage services, GCP is more economical than its two top rivals.

Who’s impacted

  • CIO
  • Cloud infrastructure teams

What’s Next?

Most organisations will end up with a multi-Cloud environment, though with a preference for a ‘primary’ platform. Many Cloud migration strategies IBRS reviews are scoped in such a way to limit the choice of deployment to Azure and/or AWS. Given the strengths of these two Clouds, this makes sense. Oracle’s Cloud platform is also appealing to Oracle customers looking for an ‘easy’ migration of their core services. 

Far fewer Australian organisations are formally considering GCP as a viable alternative for running core workloads, or even leveraging it for failover/parallel workloads. This is a lost opportunity. While IBRS is not recommending GCP, it considers that the vendor is under-represented in shortlists and as a result, opportunities for Cloud cost optimisation and contestability in multi-Cloud environments suffer. 

Related IBRS Advisory

  1. IBRSiQ: Google Cloud - Are Their AI Offerings a Point of Difference From Other Vendors?
  2. Vendor Lock-in Using Cloud: Golden Handcuffs or Ball and Chain?
  3. Options for Machine Learning-as-a-Service: The Big Four AIs Battle it Out
  4. How to get on top of Cloud billing
  5. Why Cloud Certified People Are in Hot Demand
  6. VENDORiQ: Data Replication Goes Serverless with Google Datastream

The Latest

24 June 2021: Samsung Networks, which was launched early in 2021, has struck a deal with infrastructure supplier PLUS ES to support the deployment of Samsung’s 5G technologies. Given activities from other 5G vendors, it is clear that the 5G rollout in Australia will only accelerate.

Why it’s Important

5G will impact both consumer and business applications, as well as hybrid working. It is not just a matter of speed. With greater bandwidth and different cost points, new services become possible. For example: chatbots passing not to a human agent using text, but a human agent on video. These service delivery innovations need to be tested in terms of how the public will accept them, the operational and staffing changes needed to support them, and finally the IT issues and architecture they will raise (including what to do with all the new data coming in)!

CTOs and innovation teams in organisations with public-facing services need to be experimenting and testing new service delivery options and ideas now, since such services are likely to give a competitive advantage.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

If not already established, form a temporary committee to brainstorm the potential for 5G on:

  • Service delivery
  • Field operations and staff
  • Business processes, both internal and external, and how these can be digitised ‘into the field’
  • Hybrid working

Related IBRS Advisory

  1. 5G potential to deliver economic upsides
  2. Samsung unveils new smartphones
  3. Telecommunications reborn
  4. Redefining what ruggedised means

The Latest

2 July 2021: Amazon released a video summary and report on its sustainability targets and performance. The key take outs are that Amazon is the largest corporate purchaser of renewable energy, with a shift of 42% from non-renewable within one year. The underlying message here is sustainability is no longer a political issue for the corporate sector, but a fiscal imperative.  

Why it’s Important

As outlined in previous IBRS research, all of the hyperscale cloud vendors - Google, AWS, Microsoft, Oracle and Alibaba - have well-documented strategies to reduce their reliance on carbon-based fuel sources. All position sustainability as a competitive advantage, not just against each other, but against on-premises data centres. 

It is likely that cloud vendors will be positioning their sustainability credentials in both business and general news channels, looking to position their brand as a leader on climate action. From a cynical view, this messaging will play well with the existing news cycle of the impact of climate change, from the disastrous bushfires to killer heatwaves in North America, to unseasonable storms and record-setting weather events. From a more optimistic perspective, these vendors will drive genuine solutions to reduce the carbon footprint associated with providing computing service.

Therefore, as cloud vendors set or meet zero carbon energy targets, the issue of sustainable ICT is set to re-emerge as a priority for CIOs and data centre architects.  

IBRS and BIAP (via the IT Leaders Summits) have tracked CIOs interest in the topic of green IT. An IBRS study in 2008 had sustainable ICT being rated as ‘very important’ for 25% of CIOs and ‘somewhat important’ for 59% of CIOs. Since then, interest in sustainable computing has plummeted year-on-year. The IBRS / BIAP data for 2016 had 6% of CIOs rating sustainable ICT as a priority. By 2020, less than 0.5% of CIOs rated sustainable ICT as a priority.

IBRS expects this trend to reverse sharply in 2024-2025 as the leading cloud vendors continue to demonstrate both environmental and financial benefits associated with renewable energy.

Who’s impacted

  • CIO
  • CFO
  • Data centre leads
  • Infrastructure architects

What’s Next?

By 2025 the leading cloud vendors will leverage their position in renewable energy consumption as a selling point for policy-makers to mandate cloud computing and place unattainable goals for architects of on-premises data centres.

Rather than waiting, CIOs should review previous strategies for sustainable ICT, with the expectation that these will need to be updated and reinstated within the next 3-5 years.

Related IBRS Advisory

  1. The Status of Green IT in Australian and New Zealand (2008)
  2. Building your Green IT strategy
  3. Think green IT: Think saving money
  4. Forget Green; think sustainable computing in 2009

The true benefit of digital strategies is in the thinking, reviewing, assessing and critical evaluation of where the current state is and where the target needs to be. Organisations that have commenced digital transformation have recognised that capability development and ownership of the strategy can make or break success. It is critical to be brutally honest about capability and skills to get to the target.

Log in and click the PDF link above to download the IBRS presentation kit to inform your team.

Read more ...

Too often, information communications technology (ICT) and business analytics groups focus on business intelligence and analytics architectures and do not explore the organisational behaviours that are required to take full advantage of such solutions. There is a growing recognition that data literacy (a subset of digital workforce maturity) is just as important, if not more important, than the solutions being deployed. This is especially true for organisations embracing self-service analytics.

The trend is to give self-service analytics platforms to management that are making critical business decisions. However, this trend also requires managers to be trained in not just the tools and platforms, but in understanding how to ask meaningful questions, select appropriate data (avoiding bias and cherry-picking), and how to apply the principles of scientific thinking to analysis.

Log in and click the PDF above to download the IBRS presentation kit to kickstart your journey. 

Read more ...

Conclusion:

There is no denying that the incidence and severity of ransomware cyber attacks, both real and fake, are on the rise. Whether the attacks are State-based or purely criminal in nature, organisations need to address their ability to both defend against such attacks and respond appropriately when they occur. The impact of a successful breach can have a high cost in the areas of productivity, reputation and the potential for financial losses. A good defensive posture against cyber attacks will make your organisation a harder nut to crack for the attackers.

Read more ...

Conclusion:

This month, discussions regarding changes to company structures and operations have been prominent. An increased demand for transformation and internal enhancements has prompted managed service providers to further develop their firms. Streamlining and redeveloping customer products and offerings to meet specific targets has been a particular focus, as well as using predictive techniques and tools to respond to customer needs. In an effort to meet demands, service providers require transparency with customers, and improved offerings for their clients and business partners. This will assist vendors when delivering products, services and support to their customers, and drive their productivity and growth.

Read more ...

Conclusion:

Virtual Desktop Infrastructure (VDI) implementation involves identifying whether VDI can be done internally or outsourced through a third party, seeking out and engaging a supplier, and finally, determining the cost-effective and efficient way to deploy the service.

Read more ...

Conclusion:

Employee empowerment is the basic principle behind activity-based working (ABW). In order to make ABW work, a company’s culture needs to shift from command and control to trust, responsibility, and empowerment. As organisations plan their return-to-office strategy, an opportunity exists to decide if workplace defaults will continue, or the lessons learned from working through a pandemic will be incorporated to accommodate a more holistic approach to getting work done.

Read more ...

Conclusion:

The choices when selecting and designing an Enterprise Resource Planning (ERP) solution are immense and typically require industry specific considerations. Executives rightly desire fully-integrated IT services across all departments within an organisation. The end result is a reliable, fully-integrated, and secure solution whether it is deployed in a public or hybrid Cloud solution.

What should not be up for negotiation are the essential, human-facing critical controls (CCs) that maintain the effectiveness and security of this critical asset during business operations. In all, IBRS sees organisations needing to address 10 human-facing CCs from a group of 20 CCs. The remaining 10 CCs will cover the technical controls later in this research series.

Read more ...

Conclusion:

Delivering value faster and better with quality code has been the holy grail of software development and support for many years. Navigating a post-COVID-19 world, organisations will find themselves faced with new challenges and the expectation of delivering value and quality results in a shorter time frame.

DevOps is a set of practices that works to automate and integrate the processes between software development and support, so project teams can build, test, and release software faster and more reliably. As such, DevOps and Agile methodologies have become key tools in responding to an increasingly diversified and dynamic business landscape where most, if not all businesses are using technology to reshape their respective organisations.

Yet despite its potential to deliver, many organisations are struggling with DevOps implementations. Developing a clear roadmap based on best practices and a pragmatic approach will accelerate this journey and minimise the risk of failure.

Read more ...

Conclusion:

As detailed in IBRS’s 2021 Trends report, the vaccine shot will not end sporadic lockdowns. Organisations should routinely review workplace safety plans and update them based on current public health guidelines. Protective measures should still be in place.

If not already established, organisations should set up a workplace COVID-19 working group, which should include ICT representation. The working group should ensure the company’s compliance with public health recommendations, plan education, and determine how digital services will support the plan.

The Australian context for workplace vaccination policies are complicated by different privacy, duty of care and other workplace and safety regulations. This paper provides an overview of the policies that may impact management decisions as of June 2021.

Read more ...

The Latest

28 June 2021: After a leak of an early pre-release version of Windows, Microsoft formally announced Windows 11 and have followed up with a series of posts, most aimed at promoting the new user experience of the operating system. A quick look on YouTube will find dozens of reviews and tests of the pre-release version of Windows 11, and from early tests, it appears as if there is little performance impact for the OS. Reviews of Microsoft’s documentation suggest that there is no significant change to how Windows 11 can be deployed. The bulk of the changes appear to be related to how Microsoft’s Office 365 products are put front and centre within the desktop experience. Teams, in particular, takes centre stage. As with the release of Windows 10, Windows 11 will start by building new expectations among consumers, which will in turn drive staff to demand the new environment from their ICT groups. In this sense, the key issues for ICT look to be identical to those faced in 2015.

Why it’s Important

While Microsoft executives famously touted that Windows 10 would be the last Windows, a clear reference to enterprises’ frustrations with continued hardware/software refresh treadmill and the expense of upgrading fleets of desktops en-mass, the statement was never officially enshrined in the product lifecycle. This means that enterprises, at least for the foreseeable future, will need to plan for generational shifts in desktop upgrades, complete with the demands of change management and the potential bulk hardware refreshes.  

The common driver for most organisations looking to refresh their desktop environment (device management, security, application deployment and change management), is to ‘flatten the investment’ needed to keep users up to date. From a device asset management perspective, the goal is to move away from four-to-five year bulk buys and move to a rolling schedule of device refreshes. For software deployment, it's a move to a self-service model. And for the OS, it's a move to a gradually updated, evolving platform.  

All the above have become critical enablers of hybrid working and by extension business continuity. 

Microsoft’s Cloud-based approach to deploying devices and software with Autopilot is highly attractive as it supports the new digital workspace model. How best to migrate to Autopilot from the legacy ‘tiered’ desktop management approach is by far the most common question IBRS is asked in relation to digital workspaces.

Microsoft has noted that Windows 11 can be managed using all current tools and processes that are used to manage Windows 10. This means Windows 11 can be managed using the Cloud-based Autopilot approach and the ‘standardised desktop’ approach via SCCM (System Centre Configuration Manager). Third-party tools such as Ivanti are also expected to work without problem. Therefore, based on available information, there appears to be little additional benefit to Windows 11 over Windows 10 when it comes to deployment and management.

This is not to say that Windows 11 will not have other benefits to enterprises, but the (current) benefits appear to be more related to putting Office 365 services forward.

Who’s impacted

  • CIO
  • Desktop / end user computing teams
  • ICT asset management teams
  • CFO / ICT financial planning teams

What’s Next?

Enterprise desktop teams do not need to rush into Windows 11 planning. Device and software compatibility is expected to be high (despite some initial negative assumptions on YouTube). Instead, organisations should continue to focus their efforts on migrating from the standardised desktop management model to the ‘digital workspaces’ model which focuses on offering self-service capabilities and zero-trust security. In addition, adopting an iterative and ongoing approach to Office 365 change management is needed. Moving to the digital workspaces model will not only reap significant operational benefits over the older standardised desktop approach, but will also ensure a smoother transition to Windows 11 before the 2025 end of support deadline.

Related IBRS Advisory

  1. Digital Workspaces Master Advisory Presentation
  2. SNAPSHOT: Workforce Transformation beyond Mobility and Digital Workspaces
  3. How will you deal with Microsoft’s Pester Power strategy for Windows 10?
  4. The journey of Office 365: A guiding framework Part 3: Post-implementation

The Latest: 

26 June 2021: Zoho briefed IBRS on Zoho DataPrep, it’s new business-user focused data preparation which is being included in its existing Zoho Analytics tool, as well as being available separately as a tool to clean, transform and migrate data. DataPrep is in beta, and will be officially launched on 13th July 2021.

Why it’s Important

Traditionally, cleaning and transforming data for use in analytics platforms has involved scripting and complex ETL (extract, transform and load) processes. This was a barrier to allowing business stakeholders to take advantage of analytics. However, several analytics vendors (most notably Microsoft, Tableau, Qlik, Snowflake, Domo, etc.) have pioneered powerful, drag-and-drop low-code ETL into their products.  

Zoho, which is better known for its CRM, has an existing data analytics platform with Cloud storage, visualisation and reports, and dashboards. While the product is not as sophisticated as its top-drawer rivals, it can be considered ‘good enough’ for many business user’s needs. Most significantly, Zoho Analytics benefits from attractive licensing, including the ability to share reports and interactive dashboards both within an organisation and externally. 

However, Zoho Analytics lacked a business-user-friendly, low-code ELT environment, instead relying on SQL scripting. Zoho DataPrep fills this gap by providing a dedicated, AI-enabled platform for extracting data from a variety of sources, allowing data cleaning and transformations to be applied, with results being pushed into another database, data warehouse and Zoho Analytics. 

All existing Zoho Analytics clients will receive Zoho DataPrep with no change to licensing.

However, what is interesting here is Zoho’s decision to offer its DataPrep platform independent of its Analytics platform. This allows business stakeholders to use the platform as a tool to solve migration and data cleaning, not just analytics. 

IBRS’s initial tests of Zoho DataPrep suggest that it has some way to go before it can compete with the ready-made integration capabilities of Tableau, Power BI, Qlik, and others. In addition, it offers less complex ETL than it’s better established rivals. But, that may not be an issue for organisations where staff have limited data literacy maturity, or where analytics requirements are relatively straightforward.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

The bigger take out from Zoho’s announcement is that ETL, along with all other aspects of business intelligence and analytics, will be both low-code, business-user friendly and reside in the Cloud. ICT departments seeking to create ‘best of breed’ business intelligence architectures that demand highly specialised skills will simply be bypassed, due to their lack of agility. While there will be a role for highly skilled statisticians, data scientists, and machine learning professionals, the days of needing ICT staff that specialise in specific reporting and data warehousing products is passing. 

Related IBRS Advisory

  1. Snowflake Gets PROTECTED Status Security Tick by Aussie Auditor
  2. IBRSiQ: Power BI vs Tableau
  3. Business-First Data Analytics
  4. AWS Accelerates Cloud Analytics with Custom Hardware
  5. IBRSiQ AIS and Power BI Initiatives
  6. Trends in Data Catalogues
  7. When Does Power BI Deliver Power to the People?
  8. Staff need data literacy – Here’s how to help them get it

Conclusion:

The disruption brought about by the COVID-19 pandemic has highlighted how essential agility is to business. Many organisations were able to quickly respond to the challenges of the restrictions and lockdowns by focusing on the needs of their customers while transitioning into remote work. This response shaped how the public now sees and perceives the organisation and the critical role of ICT. At the same time it has raised business expectations of ICT and organisational response that can only be addressed by utilising Agile approaches.

Read more ...

Conclusion:

The complexity and scale of Cloud operations is beyond the capability of traditional financial management processes. Today, organisations use Cloud service providers to increase agility, flexibility, and efficiency. Efficiency in this context means the speed of delivery coupled with a reduction in both capital and operational costs. However, that is not the only benefit to be derived. Operating cost reduction is a challenge to organisations that are new to the Cloud and even with those who achieved a certain maturity level. Dealing with operational cost needs in-depth Cloud financial management (CFM).

With this in mind, there are three things to consider with Cloud cost optimisation. First, assess your organisation needs and its level of maturity in using the Cloud. Second, if you lack the skills, then collaborate with a Cloud-Certified Partner (CCP). Lastly, set a collective governance system (guidelines and guardrails) to ensure the services are continuously cost-optimised.

Read more ...

Conclusion: 

The need to have a disaster recovery (DR) plan that is understood, agreed, and jointly owned by all elements of the organisation is essential in preparing for a disaster event. An effective DR plan will focus on managing the risk associated with completing a successful restoration and recovery in a time, and to a level of effectiveness, acceptable to business.

To ensure the plan is effective at mitigating the risks associated with completion of restoration and resumption of services after a disaster event; the DR plan must also clearly identify how the plan is to be verified and therefore reduce the risk of not completing a successful disaster recovery.

The key focus of the DR plan must always be about the restoring delivery of business functions. The technical delivery may be from ICT services on-premise, outsourced providers, or Cloud. Regardless of technical delivery to business, the impact of an ICT disaster event needs a verified plan!

Read more ...

Conclusion:

Due to the scarcity of skilled ICT professionals and managers, organisations will inevitably seek extra capacity from augmented services providers to address the shortfall. Staff conducting due diligence to find the best provider and qualify the providers must be unafraid to ask difficult questions, business savvy and, when dealing with providers, able to separate the wheat from the chaff. Identifying providers with the capacity and ability to deliver the desired outcomes and are a good fit is not an easy task.

If the staff find that no provider can deliver what is required, stakeholders must either:

  • Wait for internal staff to become available, or
  • Hire and train staff which can be an expensive, time-consuming exercise that may increase business risks.

Read more ...

Conclusion:

This month, discussions regarding an increased demand for disaster recovery, business continuity and work management solutions has been prominent. While the pandemic has triggered fundamental IT changes in an effort to resolve gaps and vulnerabilities, the accelerated rate of digital transformation and migration efforts has resulted in shortfalls when planning and establishing new work environments. Vendors have found difficulties maintaining business processes when unforeseen or extreme events occur. Combined with management solutions that cannot cater to all scenarios and a lack of clarity regarding customer responsibilities when responses to operational failures are required, difficulties have arisen for service providers. This requires vendors to provide more detailed and clearer disaster recovery and business continuity plans for customers, as well as specialised management tools and associated resources to implement solutions and responses. It is also critical for vendors to communicate with customers to facilitate the recovery of processes and ensure all business systems can be utilised in new and dispersed working environments.

Read more ...

Conclusion:

Traditional development practices have been supplanted by the DevOps movement over the past decade. The next evolution is the movement towards DevSecOps where security is integrated across the development lifecycle.

DevSecOps is not just a matter of buying the latest tooling and running the developers through some training. It requires commitment, not just from the technology group as a whole but from the business leaders themselves.

It is as transformative a project for an organisation as is a move from on-premise to Cloud. Poorly managed or even unplanned DevSecOps can have a negative impact on the development capabilities within an organisation.

Read more ...

Conclusion: 

Project management in organisations is commonplace. Reviews are often undertaken at the end of the project to gain insights for future projects. Project reviews completed during the life of a project need to ensure that they are inclusive of appropriate stakeholder groups, and assessment is targeted at the appropriate focus areas. Active and inclusive review and assurance activities need to be well understood and supported within the organisation so that it is not viewed as an exam that needs to be prepared for and passed. Applying reviews and assurance as a process checkpoint only, is ineffective and will not ensure quality project delivery.

Read more ...

The Latest

26 May 2021: Google has introduced Datasteam, which the vendor defines as a “change data capture and replication service”. In short, the service allows changes in one data source to be replicated to other data sources in near real time. The service currently connects with Oracle and MySQL databases and a slew of Google Cloud services, including BigQuery, Cloud SQL, Cloud Storage, Spanner, and so forth.

Uses for such a service include: updating a data lake or similar repository with data being added to a production database, keeping disparate databases of different types in sync, consolidating global organisation information back to a central repository.

Datastream is based on Cloud functions - or serverless - architecture. This is significant, as it allows for scale-independent integration.

Why it’s Important

Ingesting data scale into Cloud-based data lakes is a challenge and can be costly. Even simple ingestion where data requires little in the way of transformation can be costly when run through a full ETL service. By leveraging serverless functions, Datastream has the potential to significantly lower the cost and improve performance of bringing large volumes of rapidly changing data into a data lake (or an SQL database which is being used as a pseudo data lake). 

Using serverless to improve the performance and economics of large scale data ingestion is not a new approach. IBRS interviewed the architecture of a major global streaming service in 2017 regarding how they moved from an integration platform to leveraging AWS Kinesis data pipelines and hand-coded serverless functions, and to achieve more or less the same thing that Google Datastream is providing. 

As organisations migrate to Cloud analytics, the ability to rapidly replicate large data sets will grow. Serverless architecture will emerge as an important pattern.

Who’s impacted

  • Analytics architecture leads
  • Integration teams
  • Enterprise architecture teams

What’s Next?

Become familiar with the potential to use serverless / cloud function as a ‘glue’ within your organisation’s Cloud architecture. 

Look for opportunities to leverage serverless when designing your organisations next analytics platform. 

Related IBRS Advisory

  1. Serverless Programming: Should your software development teams be exploring it?
  2. VENDORiQ: Google introduces Database Migration Service

The Latest

26 May 2021: Talend, a big data, analytics and integration vendor, has received ISO 27001:2013 and 27701:2019 certifications. According to the Talend, they are the only big data/integration vendor with this level of certification.  

Why it’s Important

IBRS has observed that even the most security focused organisations often overlook their big data integration and ETL (extract, transform, load) when it comes to assessing business risk. For example, when Microsoft launched its protected Azure services in Canberra, many of the Azure analytics capabilities, such as its machine learning services, were excluded from the platform.

The data being ingested into data lakes, be they on-premises or in the Cloud, will include private information on clients, staff or citizens, and possibly sensitive financial data. But more significantly, taken as an aggregate, this information contains patterns and insights that cyber criminals and state actors may leverage for further attacks.  The value of analysing data at scale to an organisation is just as valuable to criminals.

Who’s impacted

  • Business analytics architecture specialists
  • CISO 
  • Security teams

What’s Next?

Start by reviewing the sensitivity of information moving to the data analytics platform. Such information would be reviewed against the organisation's existing data governance and data classification framework.

Next, review the process of how sensitive information is ingested, manipulated, stored and accessed within the organisation’s analytics platform. Be sure to pay attention to ETL processes: both the technologies and processes involved. 

Finally, review the third-party (vendor) supply chain for all platforms and services involved in data analytics.

Related IBRS Advisory

  1. How does your organisation manage cyber supply chain risk?
  2. IBRSiQ: Risk assessment services and the dark web
  3. VENDORiQ: SolarWinds Incident

The Latest

10 May 2021: ServiceNow is acquiring Lightstep, a specialist vendor for monitoring digital workflows. While ServiceNow already has capabilities for monitoring its low-code applications and workflows, Lightstep will provide deep analytics and performance metrics. 

Why it’s Important

The rise of low-code will necessitate the use of application monitoring tools.  

From a technical perspective, being able to monitor performance of applications that may themselves be comprised of dozens of integrations and span multiple SaaS environments, is an important precursor to meeting user expectations. In low-code environments, gone are the days of being able to monitor server and network performance. Vendors such as ThousandEyes and Lightstep have emerged to provide a more comprehensive (and simplified) view of the complex application infrastructure that is emerging. Buying Lightstep is a smart move for ServiceNow, as it increasingly moves into enabling low-code departmental and public-facing applications. 

Another reason for monitoring low-code is to report back to the business tangible business benefits. While digitising a process can clearly save money, being able to quantify the savings with evidence after a solution has been deployed helps build the case for an expansion of low-code and (in the case of high-value products, such as ServiceNow) justify any increased licensing.

However, an often overlooked benefit of observability is application lifecycle. Observability allows organisations to identify and consolidate duplicate processes across an organisation. Observability also allows organisations to identify digital processes that are not being utilised and determine why, and give clues as to what to do about them.

Who’s impacted

  • Development team leads
  • Business analysts

What’s Next?

Expect low-code vendors to continue investing in workflow monitoring/observability tools, as well as low-code integration capabilities. 

When selecting a low-code application development platform, consider the degree to which being able to monitor workflows and processes will be useful. If using ServiceNow, will the existing capabilities be sufficient, or will investments in products such as Lightstep be needed. If using products such as Nintex, will leveraging their business process modelling tools provide the desired observability.

Related IBRS Advisory

  1. VENDORiQ: ServiceNow to Acquire Vendor Intellibot
  2. VENDORiQ: Creatio - More Low-Code Investments
  3. Aussie vendor radar: Nintex joins the mainstream business process automation vendor landscape

The Latest

19 May 2021: Google has launched Vertex AI, a platform that strives to accelerate the development of machine learning models (aka, algorithms). According to Google and IBRS discussions with early adopters, the platform does indeed dramatically reduce the amount of manual coding needed to develop (aka, train) machine learning models. 

Why it’s Important

The use of machine learning (ML) will have a dramatic impact on decision making support systems and automation over the next decade. For the majority of organisations, ML capabilities will be acquired as part of regular upgrades of enterprise SaaS solutions. Software leaders such as Microsoft, Salesforce, Adobe and even smaller ERP vendors such as Zoho and TechnologyOne, are all embedding ML powered services into their products today, and this will only accelerate.

However, developing proprietary ML models to meet specific needs may very well prove critically important for a few organisations. Recent examples of this include: customise direct customer outreach with specific language tailored to lessen overdue payment, and creating decision support solutions to reduce the occurrence of heatstroke.

IBRS has written extensively on ML development operations (MLOps). However, the future of this disciplin e will likely be AI-powered recommendation engines that aid data teams in the development of ML models. In a recent example, IBRS monitored a data scientist as they first developed an ML model to predict customer behaviour using traditional techniques, and then used a publicly available tool that leveraged ML itself to build, test and recommend the same model. Excluding data preparation, the hand-coded approach took 3 days to complete, while the assisted approach took several hours. But more importantly, the assisted approach tested more models that the data scientist could test manually, and delivered a model that was 3% more accurate than the hand-coded solution.

It should be noted that leveraging ‘low-code’ AI does not negate the need for data scientists or the pressing need to improve data literacy within most organisations. However, it has the potential to dramatically reduce the cost of developing and testing ML models, which lowers the financial risk for organisations experimenting with AI.

Who’s impacted

  • CIO
  • COO
  • CFO
  • Marketing leads
  • Development team leads

What’s Next?

Prepare for low-code AI to become increasingly common and the hype surrounding it to grow significant in the coming two years. However, the excitement for low-code ML should be tempered with the realisation that many of the use cases for ML will be embedded ‘out of the box’ in ERP, CRM, HCM, workforce management, and asset management SaaS solutions in the near future. Organisations should balance the ‘build it’ versus ‘wait for it’ decision when it comes to ML-power services. 

Related IBRS Advisory

  1. Six Critical Success Factors for Machine Learning Projects
  2. Options for Machine Learning-as-a-Service: The Big Four AIs Battle it Out
  3. How can AI reimagine your business processes?
  4. Low-Code Platform Feature Checklist
  5. VENDORiQ: BMC Adds AI to IT Operations
  6. Artificial intelligence Part 3: Preparing IT organisations for artificial intelligence deployment

IBRSiQ is a database of Client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

IBRSiQ is a database of Client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

The Latest

11 May 2021: Jamf is a market leader in Apple iOS device management, with a strong presence in education. It has announced its intention to acquire the zero-trust end-point security vendor Wandera. 

Why it’s Important

Vendors in the device management have two options for continued growth: add new services and grow horizontally within their market (as in VMWare), or specialise in increasingly niche areas. Jamf has remained firmly entrenched in providing Apple device management, so it is a niche (though important) player in device management. Its acquisition of Wandera, hot on the heels of its purchase of Mondad, will broaden its base and help cement its position against the broader players. 

Who’s impacted

  • End user computing/digital workspace teams
  • Security teams

What’s Next?

Globally, the move to working from home saw an uplift in Apple products being connected to enterprise (work) environments. Citing IDC, Jamf reports the penetration of macOS in 2019 was around 17%, and during 2020 this increased to 23%. In addition, globally 49% of smartphones connecting to work environments remain iOS, though this is slightly lower in Australia, where Android has gained small market share in a tight market last year. 

The challenge with supporting a mixed device ecosystem (Windows, Android, macOS, iOS, Chrome) is now more than just securing the end-point, but the entire information ecosystem. VPNs in particular proved difficult to scale and adapt to a myriad of end points. The need to patch reliability and manage software also becomes significantly difficult due to differing rates of change, patch cycles and tools needed. 

Jamf’s acquisition of Wandera will not eliminate these challenges completely, but will at least simplify the Apple slice of the situation. 

Related IBRS Advisory

  1. Requirements Check-List for Mobile Device Management Solutions
  2. Embracing security evolution with zero trust networking

The Latest

Mid May 2021: Mulesoft detailed its new Connectors for SAP during an analyst’s briefing. The SAP connector is most interesting, since it aims to speed up the development of lightweight, agile customer-facing, online self-service capabilities, while building on the weighty (not exactly agile) capabilities of SAP.  

Mulesoft has out-of-box integrations (called connectors) for existing data sources including AWS, Google, GCP, Azure, Snowflake, Salesforce, Splunk, Stripe, Oracle, ServiceNow, Zendesk, Workday Jira, Trello, Azure, SAP, Microsoft Dynamics, etc. Mulesoft has identified 900 common enterprise applications, though only 28% of these have pre-existing integrations. Mulesoft states that on average 35 different apps are needed for a single customer-facing enterprise digital solution. Therefore, it is investing heavily in developing additional connectors for enterprise solutions, with at least 50 planned for release in 2021.

Why it’s Important

In late 2019 and early 2020, IBRS conducted a series of 37 detailed interviews with organisations that found organisations with ERP SaaS platforms supported by low-code workflows and integration, saw at least 3 times (and up to 10 times!) as many customer-facing services delivered annually as compared with on-premise solutions with traditionally managed API integrations. A recent series of 67 interviews confirms these findings.

During COVID-19, the big winners of the ‘prepackaged integration’ model (specifically, the model outlined in the 'Trends for 2021-2026: No New Normal and Preparing For the Fourth Wave of ICT'), were business-to-consumer organisations that quickly pivoted from a myriad of shopfront locations to digital stores in a matter of weeks. As Mulesoft has figured out, this is not just an issue of having the ability to integrate, but having a consolidated core of ERP capabilities to provide core data and processes, surrounded by a fabric of low-code application, workflow and integration services.

Who’s impacted

  • COO
  • CIO
  • Head of sales 
  • DevOps leads
  • Enterprise architects

What’s Next?

Organisations should consider how their current environment - including legacy ERP - can evolve to support the fourth wave of enterprise architecture. This will impact upgrade decisions for ERP and other enterprise applications, the selection of low-code application development and integration tools.  

Related IBRS Advisory

  1. Trends for 2021-2026: No New Normal and Preparing For the Fourth-wave of ICT
  2. Accelerating Remote Services Deployment

The Latest

May 2021: Talend, a vendor of data and analytics tools, released its Data Health Survey Report that claims 36% of executives skip data when making decisions, and instead go “with their gut”. At the same time, the report claims that 64% of executives “work with data everyday”. On the surface, these two figures seem at odds. However, the report goes on to claim 78% of executives “have challenges in making data drive decisions”, and this is largely due to data quality issues. However, the most interesting finding from the report is “those who produce and those who analyse data live in alternative data realities”.

Why it’s Important

At its core, this report highlights the issue of data literacy. The report was compiled from 529 responses from companies with over USD10 million in sales. A quarter of respondents were from the Asia Pacific region. However, IBRS cautions drawing Australia-specific inference, given that different markets have differing levels of data literacy maturity. No details were given for industry, which is also likely to impact data literacy maturity. In fairness, any more detailed analysis of a country or industry would not be feasible, given the sample size. 

The above concerns aside, the report does highlight the importance of data literacy: investments in big data tools are useless unless executives are knowledgeable and well versed in the key concepts of applying analytical thinking to business decisions. IBRS notes that without data literacy, the most common use of new self-service visualisation tools such as Power BI, Looker, Domo, Tableau, Qlik, Zoho and others, is to ‘prove’ executives' gut feelings. In short, too often visualisations tools are used to reinforce the ‘current ways of thinking’ rather than seek areas for improvement.  

The report’s statement that “those who produce and those who analyse data live in alternative data realities”, frequently underpins IBRS inquiries into why business intelligence and analysis programs fail to produce the expected business benefits.

Who’s impacted

  • Business intelligence/analytics teams
  • Senior line-of-business executives
  • Human resources/training teams

What’s Next?

ICT teams responsible for providing business intelligence and analytics services need to cease solely focusing on the tools and technologies and ‘getting data curated’, and spend time exploring which business decisions would most benefit from the application of analytical thinking. However, the ICT teams cannot do this alone. They need to be involved in uplifting data literacy among line-of-business executives and work closely with them to identify the decisions that not only can be addressed with data, but those that would make the biggest difference to organisational outcomes. This does not mean that all aspects of a data scientists role need to be explained to business executives. Rather, training executives in the principles of using data to inquire into issues or disprove current ways of doing things is more important.  

Related IBRS Advisory

  1. Staff need data literacy – Here’s how to help them get it
  2. When Does Power BI Deliver Power to the People?
  3. The critical link between data literacy and customer experience

We all hear that data is growing at exponential rates, and so too is the demand and complexity of data management practices. But does this mean you need to obtain the highest levels of data management and buy into the most sophisticated tool?

Read more ...

Contract management can be more than just record keeping. When done well, it can enable organisations to explore the best ways to optimise their investments when conditions change.

This capability proved essential for the Australian government when COVID-19 hit, with investments in all manner of services and infrastructure being needed almost overnight.

IBRS interviews ZEN Enterprise, an Australian niche contract management solution vendor, and the contract manager from a large Australian agency to tease out the benefits and challenges of advanced contract management in an age of rapid change.

Subscribe

Want to get the latest papers from all our advisors? Subscribe, and we'll send you the information you need.

Invalid Input
Please enter a valid email address
Invalid Input
Please enter your mobile phone number
Invalid Input