The economic benefits are revealed in a report produced by IBRS and Insight Economics and commissioned by enterprise software firm TechnologyOne and quantify for the very first time the $224bn economic opportunity that can be unlocked if the public and private sectors embrace new innovations and replace redundant IT platforms with next-gen Software as a Service (SaaS) technology.

According to the report, every year more than $70bn of the $98bn spent in Australia on software is directed towards legacy on-premise platforms, which costs the economy billions and has a detrimental environmental impact through higher emissions.

Full Story.

Artificial intelligence (AI) is an emerging technology that can be applied across business lines and yield significant results when aligned with business priorities. Assessing the AI maturity of your organisation can assist in providing AI roadmaps and aid in developing strategies and business cases.

The purpose of this presentation kit is to provide an AI maturity model in the analytics space. The proposed maturity model can be applied to any type of industry. Log in and click the PDF above to download the 'Analytics Artificial Intelligence Maturity Model' presentation kit and discover:

  • An IBRS AI maturity model that provides the foundation to apply the existing AI technology where it matters to the business
  • Guidelines to evolve into the future, whereby only limited data is available to make informed decisions
  • Next steps for your organisation

Read more ...

Conclusion:

Dual SIM mobile phones can deliver value to employers and employees alike in an increasing transient and gig economy workforce. Mobile phone policies need to be modified and adapted to ensure BYO devices are enabled with a corporate SIMs business number, and a suite of corporate apps. It should be as effective as providing a new starter with a laptop.

The market is responding with increasing product sophistication to address these overlapping demands of business and personal use. A business number and applications can reside effectively on one handset alongside a private number and personal applications provided both are addressed by technology and policies. The business policy must be designed to promote business benefits first principles.

Porting of business numbers has become clumsy with businesses bearing the cost of number porting. Users are also left with the dilemma of managing one or more handsets to retain their personal information, or worse still, having to sacrifice a long-held number to accept a business phone. Reducing these legacy policies and supporting dual SIM phones will contribute to greater employee choice and satisfaction rather than addressing business benefits alone.

Read more ...

Conclusion:

This month, discussions regarding mergers and acquisitions have been prominent, in particular the high level of activity in ICT services companies. A number of companies have attributed growth to past acquisitions, announced intentions to acquire particular firms or flagged acquisition activity as a strategic priority. Associated actions, such as rebranding, restructuring, and capital raising efforts have also been discussed. The need to remain competitive in current environments, utilising mergers and acquisitions to help evolve businesses has become clear. These transactions can be highly beneficial when expansion plans include re-engineering core business lines, or developing new and targeted specialisations. However, when looking into acquisitions, it is important to plan carefully, intertwine activities with current company strategies and ensure a balance between a company’s existing strengths and stretching newly acquired specialities.

Read more ...

Conclusion:

Implementing machine learning operations (MLOps) is complicated by several challenges: the number of the stakeholders involved in a project; the shortage of people with the necessary skills; the scope of regulatory compliance; validation of the machine learning (ML) model; and model degradation issues. Considering how these challenges will be addressed is a vital precursor for the successful implementation of MLOps.

Read more ...

Conclusion:

As cyber security breaches are now an almost daily occurrence for organisations, a serious breach is a question of when rather than if. Dealing with security breach not only impacts the organisation’s operations but more importantly, it poses a threat to its image and credibility.

Responses to breaches often focus on recovering business operations, systems, and data, while the response to impacted stakeholders takes a lower priority. However, it is this response that is at the core of protecting the organisation’s brand.

Read more ...

Conclusion:

As organisations flesh out their detection and response strategies, one new area of applicability of this technology deserves serious consideration. The new area is identity detection and response (IDR). Most of the current detection capabilities are clustered around the malicious actor’s activity across the infrastructure. Activities such as lateral movement using networks, system compromise using fileless malware, and even social engineering users to act on the attacker’s behalf.

Yet identity is the holy grail sought out by malicious actors in almost every penetration of a system. It is central to every IT environment. Organisations should examine IDR and assess the visibility it may bring to their detection systems.

Read more ...

Conclusion:

In the modern business landscape, ICT products and services are becoming more and more critical to the success of the business. It is now more common than not that ICT products and services are being delivered through outsourcing of some kind, using Software-as-a Service (SaaS) or Cloud service providers (CSPs). Innovating improvements to the business can become a challenge when your organisation is tied to delivery of ICT services under contract; most very specific in nature but key to delivering success.

The key to successful innovation is situational awareness across both the business and the ICT environment. The result of being able to achieve situational awareness will enable both business units and ICT to innovate with their eyes wide open to both the opportunities and constraints impacting the business. The true cost and time to market the innovation presents, can then be clearly understood against the benefits envisaged.

Read more ...

Conclusion:

Project prioritisation is a critical element of ensuring that limited resources are applied to the most appropriate initiatives, and result in the biggest bang for the buck. In a constrained financial environment this is even more critical, and will reveal inappropriate models, failures in governance, and decision making and the potential for missed opportunities or wasted resources. Identifying an accepted model is only one step and understanding the challenges in applying a prioritisation approach effectively will result in a far more productive outcome.

Read more ...

The Latest

16 August 2021: VMware and AWS announced that VMware Cloud had been independently assessed by an Information Security Registered Assessors Program (IRAP) assessor against the Information Security Manual (ISM) PROTECTED controls.

Why it’s Important

IBRS has noted that VMware Cloud is becoming increasingly popular as a management platform for hybrid Cloud. Its main attraction is that it offers a smooth ‘lift-and-shift’ of on-premises vSphere environments to a hyperscale over time, with different aspects of the data centre ecosystem running in the Cloud and/or on-prem. The VMCloud approach is particularly attractive for heavily regulated organisations and agencies, since it supports Amazon Elastic Compute Cloud elastic, bare-metal infrastructure. 

By assessing the VMCloud service, public sector customers have the opportunity to accelerate their Cloud migration, moving more of the load from on-prem environments to Cloud, while retaining operational consistency with their on-prem data centre.

While VMware Cloud IRAP for PROTECTED status is very much welcome, there is also the risk that IRAP is treated more as a ‘check-box’ in a security policy, rather than a foundation on which to build robot security practices. Many Cloud breaches are not the result of zero day exploits or misconfigurations from vendors (despite recent issues with Azure) but rather weak configuration management. This is exacerbated by the ongoing skills shortage in Cloud engineers, plus the even more critical shortage of cyber security professionals.

VMware Cloud provides common approaches to managing the Cloud environment, but it is only as good as the attention to detail given to the configuration of the environment. Tools such as GorillaStack can assist, but operational security is ultimately a matter of practice.

Who’s impacted

  • CISO
  • Cloud teams

What’s Next?

When considering Cloud management tools, security certifications and IRAP assessments are a sign that the vendor has best practices in place, but are not a panacea for mitigating risk. Treat them accordingly. 

Related IBRS Advisory

  1. Cloud Security Considerations – Lessons from the Frontline
  2. PROTECTED Cloud: Cyber considerations
  3. The value proposition for PROTECTED Cloud
  4. Why Cloud Certified People Are in Hot Demand
  5. VENDORiQ: Microsoft Cloud Database Security Flaw - A Nightmare or a Wake-up Call?

The Latest

22 September 2021: Six months after GorillaStack has released capabilities to monitor and apply rules to any AWS events, it has added similar functionality to Azure. The new service enables greater governance and automation of Azure. The new Azure service focuses on identifying when bad changes - particularly those that may impact security - occur.

Why it’s Important


As previously discussed, Aussie born GorillaStack is one of the earliest vendors to address the complexities of Cloud cost management.

Since its inception, GorillaStack has evolved into a more expansive Cloud monitoring service, with a growing focus on security and compliance. In March 2021, GorillaStack announced real-time event monitoring for AWS. With this announcement, it expands the monitoring of events to Azure, and confirms IBRS analysis that Cloud cost optimisation and security compliance go hand-in-hand. In short, enforcing configurations for security follows the same processes and uses common architectures as enforcing financial governance within Cloud infrastructure. 

Who’s Impacted

  • CIO
  • CISCO
  • Cloud teams 

What’s Next?


When reviewing solutions for Cloud cost optimisation through compliance, consider the extent to which the service can also assist with tightening up security. Conversely, when looking at tools to help enforce Cloud security compliance, consider how these may also be used to manage costs.

Related IBRS Advisory

ICT executives and data analytics specialists are facing ever-increasing demands from business stakeholders. Driven by vendors’ promises of agile, self-service analytics and instant access to big data, business stakeholders expect the world, while concerns of governance and data quality are often overlooked.

In this webinar replay, IBRS explores the growing tension between business stakeholders expectations and the ICT group’s ability to provide appropriate guardrails for analytics.

The video explores:

  • How the concerns of business stakeholders differ from those of ICT
  • The four operating models of business intelligence
  • The emergence of data mesh architecture, and the potential impact
  • Using data literacy maturity to drive an evolving and practical data strategy

Download the presentation kit:  Business-First_Analytics_Webinar.pdf

 

As self-service data analytics and visualisation becomes mainstream – due in no small part to Microsoft’s Power BI strategy – traditional data teams within IT groups need to reconsider traditional business intelligence architectures and plan a migration to a new environment. Underpinning the new architecture must be a sharper focus on tools and practices to support data governance, which is not a strength of Microsoft’s portfolio.

Download the 'Power BI is Driving Data Democratisation: Prepare Now' presentation kit and discover:

  • The key areas of business intelligence to inform your Power BI strategy
  • Next steps for your organisation

Read more ...

IBRSiQ is a database of Client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

Conclusion:

This month, discussions regarding security threats to third party suppliers have been prominent. With malicious actors targeting new technologies and work methods, it has become critical for customers to assess and conduct ongoing reviews of third party supplier security prior to establishing partnerships, particularly critical systems providers. A rigorous security strategy and ongoing maintenance is required to safeguard customer data and internal systems. Third party suppliers require the ability to deal with irregular activities, as well as technical controls and policies that correlate with their customers. Supplier vulnerabilities can result in operations and compliance risks, necessitating professionals to develop, implement and audit third party risk management strategies and processes. It also requires security professionals to conduct ongoing audits, establish plans for third party incident responses, and the implementation of restricted access mechanisms. Customers can strengthen their resistance and attack containment mechanisms with professionals to help detect, analyse, contain, and respond to security threats.

Read more ...

Conclusion:

The choices when selecting and designing an enterprise resource planning (ERP) solution are immense and typically require industry-specific considerations. Executives rightly desire fully-integrated IT services across all departments within an organisation. The end result is a reliable, fully-integrated, and secure solution whether it is deployed in a public or hybrid Cloud solution.

What should not be up for negotiation are the essential, machine critical controls (CCs) that maintain the effectiveness and security of this critical asset during normal business operations. In all, IBRS previously addressed the 10 human-facing CCs1. In this research article, the focus is the remaining 10 machine CCs.

Read more ...

Conclusion:

Part four in this series of advisories looks at how to improve the disaster recovery (DR) planning maturity of your organisation. The focus of improving maturity in DR planning is to improve your probability of successfully meeting the needs of your business in the event of a disaster. Ensuring your DR plan (DRP) and business continuity planning (BCP) are fully integrated and that all elements of the organisation have a high degree of familiarity with DR processes.

Importantly, your organisation must understand that maturity is both a journey and a target. To maintain the target maturity, your organisation must put in place a number of strategies that will be continually repeated to ensure the target is both met and maintained.

Read more ...

Conclusion:

When considering the level of Microsoft/Office and licensing, the biggest conundrum is generally around E3 versus E5 licensing. E3 licensing is closest to the capabilities organisations have had with perpetual licensing for the Office Pro suite. E5 licensing adds a slew of new services, including security, analytics, and advanced e-discovery and enterprise voice.

Read more ...

Conclusion:

Low-code is not a novel technology. Rather, it is an evolutionary technology that started as rapid application design (RAD) in the late ’80s, transitioned into business process modelling (BPM) in the 2000s, which then evolved into e-forms in 2010, before finally becoming low-code in 2020.

This evolution has been a meandering path and has spawned a broad ecosystem of solutions, each with unique traits and features that fit specific organisational structures. IBRS has listed key traits of modern low-code platforms to match your organisation’s ecosystem and help streamline the process of shortlisting a platform.

The most important trait of the new low-code platform will be how well it supports the transition from the existing ICT-centric governance model to a new model that must be defined by potential benefits and risks.

Read more ...

Conclusion:

There is still significant emphasis on increasing the effective delivery of projects. According to a joint survey by KPMG and Australian Institute of Project Management (AIPM)1 only 25 per cent of projects in 2020 were delivered successfully, at least most of the time. This figure is up from 19 per cent the previous year. In 2021, this figure should be much higher given the focus on Agile and PRojects IN Controlled Environments (PRINCE2) over the past few years to improve project execution. Delivering a project on time, on budget and to requirements is the how and is the bare minimum. Delivering successfully means having a hard focus on the why and what. Why does a problem need fixing and what value will be created as a result. With organisational change and benefits realisation still at a very low maturity across many organisations, there is a lot to gain from putting a hard focus on the softer stuff.

Read more ...

Conclusion:

Cyber security incidents are increasing in frequency and severity. Organisations, governments, executives, and boards are now actively monitoring and probing the progress of cyber security initiatives. At the same time, there are legislative and industry-wide pressures to achieve predetermined levels of compliance. Cyber security frameworks (CSF) provide a system of standards to achieve and demonstrate cyber security maturity. However, the task of selecting an appropriate CSF is now more complex due to the number of frameworks currently flooding the market.

Read more ...

According to a landmark economic analysis from IBRS and Insight Economics, Australia’s Federal and State government sector could unlock an $62 billion ‘digital dividend’ by replacing old technology with Cloud-based Software as a Service systems (SaaS). 

In their report, “The Economic Impact of Software-as-a-Service”, IBRS and Insight Economics set out to analyse, for the first time, the savings from modernising IT systems across a range of industries including government, education, health & aged care and financial services.

Full Story.

The Latest

27 August 2021: Security flaw hunters at Wiz were able to obtain the security keys that control access to Microsoft’s Azure Cosmos DB, and demonstrate that it was possible to access customers’ Azure Cosmos DB.  

Why it’s Important.

This flaw is especially worrying, because all Cloud vendors and many independent security advisors, including IBRS, have been advocating that Cloud security is generally of a far higher standard than that achieved by most in-house data centre teams. IBRS stands by this claim. But this does not mean Cloud vendors will not make security mistakes. And when they do, they will impact large numbers of organisations.

There is no evidence that this security flaw - likely an operational oversight - has been exploited. Once it was identified by Wiz (on the 9th August) and flagged with Microsoft (on the 12th August), the existing keys were quickly re-secured. Unfortunately, the keys in question are fundamental security assets that Microsoft cannot change. Therefore, Microsoft emailed the customers (on the 26th Aug) requesting they create new keys, just in case the previous keys had fallen into the hands of bad actors. It is estimated that 3300 customers have been impacted. 

To mitigate this issue, Microsoft advises Cosmos DB customers to regenerate their Cosmos DB primary keys immediately.

Unfortunately, just because there is no evidence the flaw had been leveraged, organisations should assume the worst. It is well publicised that state-actors hoard such flaws for intelligence gathering. In this case, paranoia may be justified.

More importantly, the situation highlights the need to take a multi-level approach to security in the Cloud. Relying on security protocols to secure an essential asset places organisations at greater risk of these hyper-scale security flaws.  

For example, in this situation, organisations that have behavioural/usage pattern analytics monitoring the database would likely have been altered should any bad actor start to access the database, and remedial action would be triggered. Furthermore, data from such monitoring could be used to determine the likelihood that the security flaw had been exploited - something few Azure Cosmos DB customers can confirm at the moment. 

Another example is using encryption services, these services should be leveraged extensively. Assume data assets will leak and repositories (including databases) will be breached, base encryption strategies on the sensitivity of the data. 

A migration to the Cloud can often improve the security stance of an organisation, but only if security is treated as a multifaceted, ‘trust nothing’ (akin to zero trust) philosophy is taken.

Who’s impacted

  • CISO and security teams
  • Cloud architects
  • Cloud migration teams

What’s Next?

  • If you are an Azure Cosmos DB client or have instances in development teams, immediately regenerate the primary keys for these databases.
  • Review your Cloud solution designs - including those of ‘lift and shift’ of legacy systems - to identify where single points of security failure could occur. Consider remediation strategies using multi-facilitated security services risks. Such effort needs to be balanced against business risk and information sensitivity. 

Related IBRS Advisory

  1. Cloud Security Considerations – Lessons from the Frontline
  2. CyberArk launches AI-powered service to remove excessive Cloud permissions
  3. New generation IT service management tools Part 2: Multi-Cloud management

The Latest

19 August 2021: Microsoft has announced pricing increases for its Office 365 and Microsoft 365 offerings, which has resulted in a great deal of media coverage.Microsoft is at pains to point out that it has not increased its prices on 365 for a decade, and during that time has added a great deal of functionality (20+ applications) to the portfolio.

The Specifics

Microsoft is still working through how the new pricing will be applied in the Australian market and an announcement is expected soon. IBRS will perform a detailed cost analysis at this time. However, Microsoft has confirmed that any changes to local pricing will mimic the North American price changes. 

Based on the US data, enterprise and business plans will see increases in March 2021. Based on US$, the dollar amounts range from US$1 to US$4 per user per month, or US$12 to US$48 per user per year, with the percentage increases running from a low of 9% to a high of 25%. Microsoft F-series licences for frontline workers and Microsoft 365 E5 are not subject to price increases. Consumer and education-specific plans (the A-series) are also unaffected by the price increases.

The new pricing structures will disproportionately impact small businesses and those with the lower levels of the Microsoft suite, while enterprises with E5 licences will be left unscathed. That in itself reveals Microsoft’s clear intent to nudge the market towards its E5 offerings. It is estimated that only 8% of Microsoft customers globally opt for E5 licensing, though IBRS has seen strong interest among Australian organisations to at least explore the more expansive capabilities found in E5.

At this time, we believe the majority of IBRS clients will see price increases in the lower range. However, given that Australia has been one of the fastest adopters of Office 365, and has for decades suffered from ‘the Australia tax’ of software vendors, the increases will still be felt deeply across the industry.

Why it’s Important.

For many IBRS clients, the immediate impact is the need to set aside extra budget for its existing 365 environment. 

Something that is not gaining attention is that the new pricing also increases the cost of Microsoft’s Unified support, since it is calculated as a percentage (10-12%) of the overall Microsoft spend. IBRS recommends that organisations set aside a budget for this increase as well.

However, the price increase is not the full story. A closer look at how the new pricing is structured, plus other less publicised changes, suggests it is geared towards making E5 licences more attractive to mid-sized organisations. 

The increases came shortly after Microsoft announced that its perpetual-licence Office would see a 10% increase and that its service for Office would drop from 7 years (it was previously 10) to just 5. Even more telling is that Microsoft has effectively engineered a one year ‘gap’ in N-2 support for Office (with the persistent licensing model), which forces organisations with older Office Pro licences to either purchase an upgrade sometime before 2023, or migrate to Office 365. 

In summary, Microsoft’s recent changes to Office licensing are a strategy that makes the price difference from E3 to E5 licensing less imposing and makes sweating perpetual Office licences far less attractive, if not unworkable. The savings from sweating Office licences over a five-year period are still there, but they are significantly lower than with seven-year cycles.

IBRS has long stated that Microsoft’s goal is not necessarily to drive up ICT budgets. A closer look at the additional capabilities found in E5 licensing reveals that most are aimed at moving Microsoft into adjacent product sets. For example, the additional security capabilities that become available with E5 licensing are clearly aimed at security incumbents, such as Symantec. Microsoft’s E5 strategy is to pull ICT budget away from competitors and into its own coffers. It is about carving out competition.

Who’s impacted

  • CIO
  • CFO & procurement
  • Digital workspace teams

What’s Next?

In the Australian market, IBRS sees few enterprises still on persistent licensing for Office. Globally, Australia has been an early adopter of E3 licensing, though until the mass push to work from home in 2020, many organisations did not take full advantage of the additional features and collaboration capabilities of the 365 platform. Furthermore, Google Workspaces is only making marginal increases in the local market, meaning Microsoft has little real local competitive forces working to temper it in the office productivity space (though this is not the case in other markets in the Asian region).

Therefore, the question for organisations is, is this strategy to push customers from existing E3 licences to E5 licences a trigger to start re-evaluate ways to leverage more value from the Microsoft ecosystem (that is, double-down on Microsoft).  

Organisations may respond to this price increase and Microsoft’s strategy to push customers from existing E3 licences to E5 licences as a trigger to:

  1. Re-evaluate ways to leverage more value from the Microsoft ecosystem (that is, double-down on Microsoft).  Just prior to this announcement, IBRS had drafted a paper on how to decide between E3 and E5 licensing. It is due for publishing in the coming month. However, if you wish an advance (draft) copy, please request it from nbowman@ibrs.com.au. It is focused on how to evaluate the additional benefits of E5 in the context of your existing software ecosystem.
  2. Set up a ‘plan b’ for enterprise collaboration. In a practical sense, this would likely be a shift to Google Workspace for part of the organisation, coupled with a percentage (generally 20-30%) of the organisation also having Office software, though not necessarily Office 365.  
  3. Set aside 12-15% extra budget for the existing E3 environment, plus a similar increase for support of the Office environment, and re-evaluate the situation in 2-3 years

IBRS also recommends considering what will happen in another 10 years, when many organisations have migrated to E5 (which is likely). What new business risks will emerge from this? Migrating from Office 365 E3 to a competitive product (e.g. Google or Zoho) is hard enough. When E5 features are fully leveraged, the lock-in is significant, but so too is the value. At the end of the day, the ultimate risk factor is trust in Microsoft not to engage in rent-seeking behaviour.

Related IBRS Advisory

  1. Pros and Cons of Going All-In With Microsoft
  2. Special report: Options for Microsoft support - Key findings from the peer roundtable: August 2020
  3. The journey to Office 365 Part 6: Mixing up Microsoft’s 365 licensing and future compliance risks
  4. DXC Technology and Microsoft collaborate on workplace experience
  5. AIP Should be Essential to Any O365 and Workforce Transformation Strategy
  6. AIS and Power BI Initiatives
  7. Microsoft Pivots to Target Verticals

The Latest

12 August 2021: TechnologyOne released a significant report based on a six-month long study into the economics of Cloud computing and SaaS among Australian organisations.  

The study, which was independently conducted by IBRS and Insight Economics, explored the tangible costs associated with migrating to the Cloud, with both IaaS and SaaS journeys investigated. An economic analysis of the data collected through 67 in-depth case studies with CIOs and C-suite executives, additional interviews, and over 400 respondents, revealed a $224bn economic dividend for the Australian economy, prompting TechnologyOne to term the report "too big to ignore".

Why it’s Important.

While the report is aimed at policymakers and strategies looking at the macro-economic impact of technology, it also details the costs and benefits of Cloud adoption by industry sectors, providing IT strategists with realistic benchmarks. 

When developing the methodology for the report, IBRS and Insight Economics took a ‘no free lunches’ approach to data collection. Unlike other reports on the benefits of Cloud migration, the study took into account the costs of, and time needed for transition, including training, change management, skills (and skill shortages) and the fact that many organisations will need to retain on-premise environments to support legacy and home-grown applications for years to come. In addition, only productivity benefits that had been measured were included in the analysis. 

As a result of the evidence-only approach to the study, the ‘direct returns’ on Cloud migration detailed in the report are both far lower and far more realistic than those found in studies conducted in the USA and Europe.

The report may be accessed here: https://toobigtoignore.com.au/

Who’s impacted

  • CEO, COO, CFO, CIO
  • Cloud migration teams

What’s Next?

The conservative approach to the study, the rich data collected, means that organisations still struggling to make a business case for SaaS have practical benchmarks and economic modelling to call upon.

Related IBRS Advisory

  1. The economic impact of software as a service in Australia
  2. Get board agreement to the Cloud strategy

The Latest

28 July 2021: During Inspire, Microsoft unveiled Windows 365, which it positions as a Cloud desktop service. IBRS views Windows 365 as an evolution of existing virtual desktop solutions. 

In addition, Windows Virtual Desktop services have been rebranded as Azure Desktop Services. With this rebranding, Microsoft also introduced a number of enhancements, including closer integration with Azure Active Directory (AAD) and Endpoint-Manager, with the ability to deploy applications across both physical devices and Cloud-based desktops based on roles. 

Windows 365 is built on top of Azure Virtual Desktop service. The difference between Windows 365 and Azure Desktop Services is that Windows 365 has more automated, easier deployment and administration options. It is well suited to organisations with minimal VDI specialisation and more akin to a ‘fully managed virtual desktop environment’.  

In contrast, Azure Desktop Services is better suited to larger organisations that have a need for a high level of customisation. It is more akin to a virtualised Citrix farm.

Why it’s Important.

In 2019, Microsoft quietly changed the licensing conditions for running virtual servers in the Cloud, which hindered VMware’s ability to migrate VDI (among other services) to hyper-scale Cloud services. Since then, IBRS has had reports of efforts to migrate VDI into the Cloud stifled by rights, with Microsoft partners steering organisations to an ‘all-in Azure’ approach.

The introduction of Windows 365 and the rebranding of Azure Virtual Desktop certainly fits a strategy of selecting alternative virtual desktop environments less compelling. 

This is not to say that Microsoft’s VDI capabilities are not solid offerings. Windows 365 certainly addresses a problem in the Australian market, where fully managed VDI has suffered greatly from vendors under-scoping the resources needed to run a client's environment in order to come in at the lowest possible cost. Autoscaling in the Windows 365 environment largely eliminates this issue. The level of automation is also impressive, as is an application cook

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Windows 365 is a viable option for specific use VDI cases, and it may be considered against traditional fully managed desktop vendor solutions. However, it may not be cost-effective at scale. Solutions from AWS, VMWare and Google should also be examined, though it is important to consider the total cost of operation of this type of VDI, not just the licensing / service costs. Be sure to factor in human resources for administration, application compatibility testing and packaging (which are significant hidden costs and often overlooked, as well as help desk and support.

In addition, if staying within the Microsoft stack, Azure Desktop Services can provide a more flexible and scalable solution. Again, be sure to factor in the total cost of operation.

Overlooked by many discussions of Cloud VDI is the rise of Cloud application virtualisation services from the likes of Cameyo. Rather than presenting an entire desktop, these services only stream a configured application, either in a manner that makes it appear as a native application or within a web browser. Such an approach is significantly lower cost than traditional VDI. When considering a new virtual environment for your workers, both VDI and Virtual Application Delivery (VAD) options should be considered.

Related IBRS Advisory

  1. Should You Outsource Your Virtual Desktop Infrastructure?
  2. When to Consider Virtual Desktop Infrastructure
  3. VDI trends for 2021–2025
  4. End-user computing managed services: 3 initial things to consider for the RFP
  5. SNAPSHOT: Workforce Transformation beyond Mobility and Digital Workspaces
  6. IBRS Compass: Beyond the Desktop: Creating a Digital Workspace Strategy for Business Transformation

The Latest

3 August 2021: Salesforce has announced an agreement to acquire Servicetrace, a robotics process automation vendor. This marks another milestone in Salesforce’s strategy to deliver enterprise SaaS solutions surrounded by a mesh of low-code process automation and integration. It is also evidence of how the previously disparate markets for low-code application development tools, RPA, process mapping, and integration tools are consolidating into a service mesh that goes beyond process digitisation. In this case, when coupled with enterprise SaaS, the sum is greater than the parts.

Why it’s Important.

In the IBRS trends report for 2021-2026, a fourth-wave of ICT was detailed. The crest of this wave is the rapid consolidation of low-code, process mapping, RPA and (soon) rules engines, and AI.  

However, IBRS case studies with scores of executives involved in Cloud migration strategies, suggest that many organisations ICT groups are resistant to the coming wave. This is mainly due to sunk costs in on-premises software and infrastructure, the difficulty in justifying costs of integrating disparate systems and, at least to some degree, concerns over losing control or lacking skills to manage core infrastructure.

The cost of integration coupled with the need for digitising manual processes is currently a real economic barrier. Financial modelling suggests that the labour and costs of integrating disparate (on-premises and Cloud) solutions can destroy the return on investments for Cloud migration in the near to mid-term (1-5 years). This is especially problematic for industries with a complex mix of specialist enterprise solutions, such as healthcare and utilities. 

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Organisations that have previously rejected Cloud migrations due to not being able to make the financials stack up should consider re-evaluating the decision in 2022, taking into account the potential of buying into a mesh ecosystem that unifies low-code, workflow, process mapping, RPA rules engines and possibly AI services and that supports SaaS enterprise solutions ‘out of the box’.

Enterprise architects should also consider a shift towards a fourth-wave of ICT will impact their organisation’s ICT architecture and, if needed, begin planning to evolve to a new environment.

Related IBRS Advisory

  1. Hammering Low-Code into Place Takes Time
  2. Mulesoft Believes it Can Accelerate Digital Customer Experiences on SAP
  3. Salesforce introduces Hyperforce
  4. Salesforce Einstein automate

The Latest

16 August 2021: Zoom is best known for its video conferencing solution, which set new standards for ease of use and quick adoption, which in turn saw its usage skyrocket during the first months of COVID-19 lockdowns. The firm’s brand is now so ingrained that staff often refer to video conferencing as ‘zoom calls’ and the public use the terms ‘zooming’ and ‘zoom me’, even when Zoom may not be technology in use. Unfortunately for Zoom, its strong brand recognition with video calls often obscured the breadth of its unified communications (UC) ecosystem.

Zoom is attempting to reposition its brand as an end-to-end UC platform. The topics for its planned Zoomtopia summit, scheduled for the 14th of September, are clear indicators of where Zoom will focus its efforts in the coming year: 

  • Public sector
  • Education
  • Healthcare
  • Financial services

IBRS recent interviews as part of the Cloud economic study found these four sectors have all been particularly impacted by COVID-19 in terms of service delivery volume and increasing expectations on multichannel (if not omnichannel) experiences. So Zoom’s targeting makes sense. 

Why it’s Important.

The requirements for UC are shifting from internal standardisation (cost optimisation, ensuring staff can communicate efficiently and switch between communications modes) to external flexibility (delivering services using end-points that the public have on hand). It is for this reason that both Microsoft Teams and Zoom are finding their way into call centre strategies. It is not just that these video communications technologies fit within a larger communications ecosystem, but that the majority of the public are familiar with the services and likely have clients already installed on their devices. The mature wave of UC, which IBRS introduced 14 years ago, is moving from the trailblazers into the mainstream.

Who’s impacted

  • User experience / customer journey teams
  • Development team leads
  • Customer service teams
  • Call centre teams

What’s Next?

There two key triggers for replatforming an organisation’s UC environment, or at least introducing a new UC platform:

  • An overhaul of call centres, possibly in conjunction with CRM modernisation.
  • Replacement of legacy PBX or VoiP solution

 

Related IBRS Advisory

  1. Unified Communications: the future is full of MUC
  2. Unified Communications: Justifications and Predictions
  3. Special Report: Using Lessons from Activity-Based Working to Redefine the Post-Pandemic Workplace

The Latest

18 August 2021: While natural language processing AIs are becoming increasingly accurate in how they respond to questions, their ability to explain how they arrived at their answers has been limited. As The Doctor reveals, confronting a rogue AI in the Green Death, ‘Why?’ remains, perhaps, the hardest question for machine intelligence. IBM’s AI Horizons Network is developing a method to enable AIs to explain their reasoning with a common sense data set.1 

Why it’s Important.

Today, virtual service agents, both customer facing and internal IT held-desks, are effective and very efficient FAQs. They can identify a context from natural language and then provide answers to questions, as well as provide follow up answers based on the original context. However, they cannot provide details as to how they arrived at any given answer, which generally leads to a request for human manual intervention.

Specialists who develop conversation virtual service agents, work around these limitations by programmatically refining the answers AIs have available (i.e. curating the FAQ) to include reasons. E.g. “Your transaction has been declined because of XYZ.” 

IBMs work to allow AIs to report back on their reasons, may not only minimise the programming effort needed to develop virtual agents, but allow them to report decision-making in ways that organisations have not considered. 

While AI development will remain a niche activity for most Australian organisations, AI will increasingly find its way into enterprise SaaS products. Natural language AIs coupled with machine learning over knowledge assets held in core enterprise systems will see a rapid increase in the use of virtual agents, both for internal and external services. 

Who’s impacted

  • AI specialists
  • Service automation / customer experience teams
  • ICT strategy leads

What’s Next?

The rapid improvements in AI quality, coupled with their integration into most enterprise SaaS products, will make them ubiquitous for customer service delivery within the next 2-5 years.

Organisations need to start exploring the AI service agent capabilities already available in their SaaS products, and develop plans for how to leverage such capabilities. The goal should not be to deliver an ‘all-singing and dancing’ virtual agent experience, but rather to incrementally introduce capabilities over time, learning how clients and staff wish to interact, and continually leveraging advances in technology as they become available. 

Related IBRS Advisory

  1. Chatbots Part 1: Start creating capabilities with a super-low-cost experiment
  2. Preparing for the shift from digital to AI-enabled transformation
  3. BMC Adds AI to IT Operations
  4. Trends for 2021-2026: No new normal and preparing for the fourth-wave of ICT
  5. Software Agents Maturity Model
  6. Artificial intelligence Part 2: Deriving business principles

 

Footnotes

1. COMMONSENSEQA: A Question Answering Challenge Targeting Commonsense Knowledge, 2019 Association for Computational Linguistics

To improve call centre resources scheduling, some organisations have implemented software agents to either improve users’ experience and/or reach the right expert at the right time. Organisations should assess the software agent maturity and determine which level should be reached to fulfil the business imperatives.

Log in and click the PDF above to download the 'Software Agents Maturity Model' infographics poster to discover:

  • 5 levels of software agent maturity
  • 9 qualifiers used to evaluate software agents
  • A self assessing approach to address software agent shortcomings

Read more ...

Regardless of its digital strategy, many organisations have not been positioned to properly leverage the digital and data assets that are available to them. A Chief Data Officer (CDO) role can improve this situation by advancing an organisation’s data portfolio, curating and making appropriate data visible and actionable.

Log in and click the PDF link above to download 'The New CDO Agenda' presentation kit and discover:

  • 4 pivotal points of the CDO agenda
  • A sample framework on how to understand the ownership of a data domain
  • Next steps for your organisation

Read more ...

According to a new analysis from IBRS, Australia could reap a $224bn dividend by fast-tracking investments in digital transformation – and grow the economy by 1.3 per cent, more than six times the benefit of the Olympic Dam Expansion.

Full Story.

Conclusion:

Part three of this four part series looks at how the disaster recovery (DR) plan can be verified. The DR plan is in effect a contingency plan to deal with risk of a disaster. The DR test plan is a validation of the preparedness of the organisation to address these risks.

The need to have a DR plan verified is therefore essential if the contingency is to be effective. Just having a plan in place is not enough to mitigate the risk. The plan must be tested and verified as part of business as usual (BAU) to both increase familiarity with the plan, its standard operating procedures (SOPs) and processes, and most importantly, improve the likelihood of success.

Read more ...

Conclusion:

This month, discussions regarding security threats to managed services providers (MSPs) have been prominent. In the past, cyber criminals and ransomware gangs have targeted MSPs to gain access to corporate networks. Outsourcing IT administration can leave clients vulnerable when MSPs are given highly privileged access to customer systems. Remote management tools can also leave vendors open to attacks. It is imperative that MSP offerings and managed services provide a comprehensive and dedicated suite of technologies and skills to defend vendor security. A clear strategic approach for clients is necessary in order to address the difficulties associated with recent security threats.

Read more ...

Conclusion:

Chargeback of enterprise-wide ICT costs were developed to assign ICT costs to the point of usage. The outcome is twofold; it ensures the initial allocation of ICT assets and services are identifiable, and it enables reallocation of underutilised or unnecessary services. This relies on IT creating assets and services which are commodified and transferable.

A chargeback arrangement can increase tension between ICT and the department managers. Allocating all ICT costs to achieve a zero-sum IT department can exacerbate that tension. Making IT fully responsible and accountable for IT costs can create insular behaviours which stifle innovation and investments in new IT services for departments. Departments will feel entitled to explore ICT improvements without an effective relationship with IT. Creating a chargeback governance model that manages disputes and builds trust in the process is preferable.

Read more ...

Conclusion:

The rapid adoption of Cloud services and the increasing and well publicised cyber security compromises have added to the security concerns within many organisations. The Australian Cyber Security Centre (ACSC) has recently published a set of Cloud computing security considerations whereby organisations are able to undertake a high level self-assessment of their cyber risks as they transition to Cloud services. IBRS has recently hosted a roundtable with senior ICT and security professionals to highlight some hands-on lessons for managing cyber security in a Cloud environment.

Read more ...

Conclusion:

Organisations everywhere are implementing Agile as a dynamic approach to speed up the creation of value and improve development of new and improved services and products. It should be noted that despite all the strengths of Agile it is not suited to all projects. Adopting a best practice such as Agile is more than learning a new process and skill and then applying it in a project environment. Implementing Agile in an established organisation means that there are often a number of other frameworks, best practices and procedures that will need to co-exist with Agile. Without looking at Agile as part of the whole ecosystem, the results can seem underwhelming or negatively impact on other areas, and can cause a lack of appreciation for Agile and subsequent lack of adoption, or a complete rejection of an approach that has so much to offer.

Read more ...

Conclusion:

There are many low-code myths in the market, some promoted by vendors and others touted by development teams that are resisting the trend. IBRS explores and debunks these myths.

Read more ...

Conclusion:

Organisations must evolve practical and sustainable governance when incorporating low-code platforms into their enterprise architecture (EA). The majority of organisations will use more than one low code platform on their digital transformation journey. As a result, governance will need to encompass tenets that determine which tools (and thus skills and teams) are most appropriate for which types of applications and workflows.

Read more ...

The Latest

27 July 2021: During Google Cloud Platform’s (GCP) analyst update, the vendor unveiled details regarding its Australian expansion with a new Melbourne data centre and new management for the ANZ region. 

Why it’s Important

The new data centre is more an indication of overall Cloud growth in Australia, as IBRS has reported in the past. It is less a turning point in Google’s strategy, and more of a necessary response to market trends. It should be noted that a large set of GCP services will be available from the Melbourne zone, but not all. Others will be added ‘based on market demands’. This is a strategy that has been adopted by all three hyper-scale Cloud vendors, and is a clear indication of how Cloud usage is expanding in Australia: from core infrastructure services (especially storage, compute, containers and analytics) to more nuanced services, such as AI.

During the briefing, Google highlighted its private ANZ wide data network as a key differentiating factor. There is merit to this claim, as network infrastructure in Australia remains a thorny issue for Cloud clients outside the major States, such as Perth and Darwin, Adelaide, etc.

More telling was what was not elaborated upon during the briefing. In the past, Google has focused on its capabilities in AI as a key differentiator in the market. While Google clearly has strong credentials in AI, the reality is that most Australian organisations are not investing in AI directly, but rather obtaining it as part of other solutions. 

For example, AI is found in capabilities of CRM products Salesforce (Einstein) and Zoho (Zia), in low-code products from Appian and Microsoft’s Power Platform and so on.  

Instead, Google championed its partner program and its support credentials. Google knows channel partners are essential to competing against AWS and Microsoft. It also recognises that skills are in short supply, so is investing in training and support programs. 

In reality, Google’s strongest competitive weapon is an age-old one: value for money. When evaluating like-for-like core compute and storage services, GCP is more economical than its two top rivals.

Who’s impacted

  • CIO
  • Cloud infrastructure teams

What’s Next?

Most organisations will end up with a multi-Cloud environment, though with a preference for a ‘primary’ platform. Many Cloud migration strategies IBRS reviews are scoped in such a way to limit the choice of deployment to Azure and/or AWS. Given the strengths of these two Clouds, this makes sense. Oracle’s Cloud platform is also appealing to Oracle customers looking for an ‘easy’ migration of their core services. 

Far fewer Australian organisations are formally considering GCP as a viable alternative for running core workloads, or even leveraging it for failover/parallel workloads. This is a lost opportunity. While IBRS is not recommending GCP, it considers that the vendor is under-represented in shortlists and as a result, opportunities for Cloud cost optimisation and contestability in multi-Cloud environments suffer. 

Related IBRS Advisory

  1. IBRSiQ: Google Cloud - Are Their AI Offerings a Point of Difference From Other Vendors?
  2. Vendor Lock-in Using Cloud: Golden Handcuffs or Ball and Chain?
  3. Options for Machine Learning-as-a-Service: The Big Four AIs Battle it Out
  4. How to get on top of Cloud billing
  5. Why Cloud Certified People Are in Hot Demand
  6. VENDORiQ: Data Replication Goes Serverless with Google Datastream

Subscribe

Want to get the latest papers from all our advisors? Subscribe, and we'll send you the information you need.

Invalid Input
Please enter a valid email address
Invalid Input
Please enter your mobile phone number
Invalid Input