VENDORiQ

The Latest

28 June 2022: Messaging program app Slack, will launch GovSlack in July 2022 for public sector customers. Salesforce, its parent company, secured the app’s security and operational certifications from the Federal Risk and Authorization Management Program (FedRAMP), Department of Defense Impact Level 4 (DoD IL 4), and the International Traffic in Arms Regulations (ITAR). GovSlack will be released as a complementary tool with Salesforce’s Government Cloud Plus, a dedicated instance for U.S. government customers.

Why it’s Important

Slack joins a long list of FedRAMP-certified vendors such as Google, Oracle, Cisco, Nintex, and MongoDB, that have met the stringent security standards of the U.S. government. Salesforce’s approach to offering complementary government-compliant products is strategically similar to what is provided by DocuSign, Microsoft, IBM and Snowflake, to ensure consistency in cyber security of Cloud service.

Since the majority of government agencies deal with sensitive data, meeting major public office standards and regulations can bolster a Cloud service provider’s (CSP) reputation in the industry, and expand their market to federal agencies, state and local public offices, and government-affiliated agencies. Furthermore, vendors need to expand their compliance to other countries standards such as the hosting certification framework provided by the Australian Government Digital Transformation Agency, which certifies service providers, Cloud services, and data centre facilities.

Who’s Impacted

  • CEO
  • Procurement teams
  • IT teams

What’s Next?

When considering Cloud management tools, security certifications and assessments are a sign that the vendor has best practices in place, but are not a panacea for mitigating risk. Treat them accordingly. 

Related IBRS Advisory

  1. VENDORiQ: It’s An IRAP! VMware on AWS Gets Assessed for Aussie Protected Status
  2. IBRSiQ: Sovereign Cloud Providers

The Latest

14 June 2022: Meeting transcription company Otter.ai has enabled two-factor authentication for all its plans to secure all accounts at no additional cost to subscribers. Users will need to enter their password and a verification code sent via an authenticator app. For US and Canada subscribers on the Business and Enterprise plans, they also have the additional option to receive the code via SMS.

Why it’s Important

IBRS recently published an advisory on the risk of exposing critical and confidential information from recorded meetings, stored by call recording platforms that lack security controls. Otter.ai’s added security layer is a welcome development to the growing number of transcription software platforms that have yet to integrate multi-factor authentication or offer it to all subscribers, instead of just those on expensive plans. With more software developers getting into the call recording industry, these enterprises must take a risk-based approach by adding security features to their Cloud infrastructure, such as implementing encryption on all recordings and limiting the ability of users to share the recording to other platforms, or download it to their personal devices.

Who’s impacted

  • End user computing/digital workplace teams
  • Cyber security teams
  • IT teams

What’s Next?

  • Organisations must set in place governance requirements that identify which enterprise meetings can be recorded, stored, shared and transcribed.
  • Enterprises must also review potential vendors’ security layers and only purchase recording solutions that support multi-factor authentication.
  • An organisation-wide training session must be implemented to ensure all staff are aware of the risks associated with the use of recording platforms.

Related IBRS Advisory

  1. A Disaster Waiting to Happen – Meeting Recording Solutions
  2. Modern telephony: Considerations
  3. Is it safe to use Zoom?

The Latest

7 June 2022: Nintex added more than 50 new pre-built process maps, automation templates, workflows, and connectors to its Nintex Gallery that are designed to accelerate the digitisation of workflows across private and public sector organisations. This comes after acquiring online process management library Promapp in 2018, to expand the company’s range of end-to-end automated business templates such as employee onboarding and invoice processing.

Why it’s Important

Since its acquisition of Promapp, Nintex has introduced a wider range of Cloud-based workflow solutions to help various enterprises realise digitalisation and automation much more easily through visual process maps. Customers find value in integrating the templates in a more cost-efficient approach, which encourages teams to find more solutions to streamline and digitise their internal functions within the organisation.

In addition, even with more low-code platforms being leveraged by citizen developers, the process still requires investment in time and effort to digitise all-too-common manual processes. However, the Nintex Gallery evolves such concepts by providing digital processes that can be adopted 'out of the box', customised to meet specific needs, and integrated with different organisational systems according to an organisation’s needs. 

Finally, templated processes are about more than simply speeding up low-code development with cookie-cutter approaches, since they can also be used to obtain 'better practices' (or even just standardised practices) across industries. This is particularly useful in compliance-heavy  sectors, such as local government and healthcare. 

Who’s impacted

  • CEO
  • Procurement teams
  • Managers

What’s Next?

  • When reviewing low-code platforms, consider the availability and applicability of process templates that promote faster compliance and prevent handover risks.
  • Use process templates not only as an opportunity for quick-wins, but also as an avenue to assist with training and change
  • When procuring a digital business process automation solution, pay attention to local support channels and the costs associated with gaining experienced, local implementation partners.

Related IBRS Advisory

  1. Aussie vendor radar: Nintex joins the mainstream business process automation vendor landscape
  2. VENDORiQ: ServiceNow Introduces ServiceNow Impact

The Latest

31 May 2022: Microsoft Viva Goals was launched to offer better visibility among users with regard to their objectives and key results (OKRs), as well as their current performance, in line with the organisation’s goals. Its integration with Microsoft Teams enables users to better monitor, modify, and verify their progress towards personal and team goals. 

Why it’s Important

Employee experience (EX) management has become a huge industry as more enterprises desire to engage their workforce at every stage of the employee lifecycle. By leveraging platforms that deliver seamless collaboration that go beyond traditional online surveys, organisations can better uncover issues and realise opportunities to retain their talent. 

The move towards targeting human resources (HR) teams through Viva Goals is a welcome opportunity for Microsoft, which has been branding Microsoft Teams as more than a message and conferencing platform. IBRS believes that with the company’s revived EX strategy, it can better cater to HR executives that continue to work with the IT department in improving the collection of employee needs and concerns.

As noted in a previous IBRS advisory, ensuring employee engagement supports building more reliable social capital, which is highly essential for project success. Even with more enterprises adopting hybrid work, employees may still feel excluded when they find it hard to align with the organisation’s core values. As such, establishing structured communication with the help of digital platforms can help employees better align themselves with their goals and that of the enterprise.

Who’s impacted

  • CEO
  • CIO
  • Managers

What’s Next?

Leaders should give preference to learning tools that secure employee engagement through a unified platform that streamlines the collection and analysis of performance. Simply delivering learning content is not enough for true change management to occur. .

The Latest

31 May 2022: The South Australian (SA) government is launching a bug bounty program through the Department of Premier and Cabinet (DPC) to drive cyber security researchers in the discovery of weaknesses in the organisation’s technology. The DPC revealed that 234 of the SA government’s environments have not undergone pentesting in the past three years. The SA government allotted a AU$20 million budget for its cyber defence program in 2021 to establish  cyber security operations centres (CSOC). No exact amount was mentioned for the financial compensation for researchers who can successfully discover vulnerabilities.

In 2019, New South Wales created the state’s first bug bounty program through the Service NSW digital driver’s licence. The U.S. Department of Homeland Security (DHS), on the other hand, launched a similar program last year, which rewards participants with the highest bounties based on the severity of the bugs.

Why it’s Important

Crowdsourcing ethical hackers to discover cyber vulnerabilities that organisations should be aware of is necessary to validate the existence of weaknesses within their applications. For both public and private organisations, they benefit from improved remediation time as a result of increased detection of vulnerabilities to better prevent data breaches. In addition, with such a program, access to top talent is more cost-effective than maintaining an in-house team who are under contract whether they find any issues or not.

While websites often undergo vulnerability testing for maintenance and security practices, putting out a bug bounty program weeds out amateur hackers who leverage websites that offer free tools to identify security flaws or misconfigurations. Some of these include SSL Labs by Qualys, Security Headers by Probely, and CookieServe by CookieYes. The reports from these tools produce little to no value, which only adds to the workload of the organisations that have to review and verify the findings.

A well-managed bug bounty program, on the other hand, can provide excellent feedback on the security of a site. It harnesses the expertise of many researchers and encourages responsible disclosure. For example, a bug bounty vendor, BugCrowd, is now offering a posse of testers as an option for pentesting a website. 

In addition, with a bug bounty program set in place, it can also be used to test the ability of an in-house security team and existing tools being used to detect flaws on websites. 

However, IBRS also underscores the limitations of such a program. For instance, when an organisation doesn’t have a transparent and clear scope for testing, participants may go beyond ethical frameworks, or breach regulatory compliance standards.

In addition, when too many vulnerabilities are discovered, it can drive up the cost of financial incentives. This can include security issues that were not immediately remediated.

Finally, not even a bug bounty program will stop malicious hackers from researching, testing and taking advantage of flaws to attack a site. However, encouraging ethical hackers to discover vulnerabilities first is more than necessary, so organisations can get ahead of outsiders who can exploit such weaknesses.

Who’s impacted 

  • CEO
  • Cyber security teams
  • CIO

What’s Next? 

  • Ensure that the website is hosting a security.txt file. This provides information on who to contact for security issues, links to any vulnerability disclosure programs, or bug bounty programs in place. It is now an official RFC 9116 issued by the Internet Engineering Task Force (IETF) to guide vulnerability disclosures.
  • Establish a closed bug bounty that is only open to named researchers. This puts a cap on the financial incentives that will be given out for successful discoveries. Then the organisation can eventually open to a wider audience for participation. Simultaneously, the organisation should tightly define what’s in and out of scope. This should be managed progressively since researchers can quickly get frustrated if the coverage of the program is less transparent. 
  • Do not fully depend on bug bounty programs that detect single vulnerabilities as a long-term security strategy. Instead, examining the attack surface must cover the full spectrum to avoid relying only on incremental improvements.

Related IBRS Advisory

  1. Advancing cyber security capabilities requires continual maturation
  2. The difference between fraud and cybercrime

The Latest

24 May 2022: ActiveCampaign has acquired email delivery service Postmark and email authentication DMARC Digests to improve its sales and marketing communications features. With the integration of Postmark, ActiveCampaign users can send transactional emails through a drag-and-drop tool to engage more non-technical users. On the other hand, with the DMARC Digests feature, users can easily identify sources that are sending unauthenticated emails that result in DMARC failures. 

Why it’s Important

Email marketing tools are evolving rapidly, with platform features that support greater usability. In addition, allowing recipients to reply to transactional emails, such as Postmark’s feature, can help improve recipients’ engagement with the organisation.  

Similar to other Cloud analytics vendors, IBRS expects more mergers and acquisitions among customer experience automation firms. It projects more features using no-code technology to be integrated for a streamlined email building process. This will help marketers and non-developer teams to create, maintain and analyse their marketing campaigns while simplifying their workflows.

However, these drivers also mean that more email automation is on the way. In turn, this means more scrutiny of email quality, trust and delivery.

Who’s impacted

  • CMO
  • Sales and marketing teams

What’s Next?

Organisations should look at how their digital marketing can improve customer engagement. No-code/low-code platforms help cut down the time to build campaigns and also create better analysis of marketing initiatives. However, they must not only leverage new technologies and integrations that optimise each customer’s touchpoint, but also consider compliance regulations, customer analytics and engagement to accelerate return on investment (ROI) in lead conversion.

Related IBRS Advisory

  1. Reduce Email Overload to See a New World Order
  2. Measuring Marketing return on investment

The Latest

24 May 2022: Oracle has recently been recognised by the Digital Transformation Agency as a certified strategic hosting provider, the highest level of assurance which permits the Australian government to specify strict ownership and control conditions. The company now joins other accredited Cloud providers in Australia such as Microsoft, Amazon Web Services (AWS), Sliced Tech, AUCloud, and Vault Cloud. The Australian government has mandated that its agencies will only host accredited partners starting July 2022, to better manage supply chain issues.

Oracle partnered with Australian Data Centre (ADC) in 2021 to offer public Cloud services to government agencies. 

Why it’s Important

For organisations with existing investments in Oracle platforms, the company’s Cloud offering is considered a low-risk, quick and easy way to obtain the benefits of hyperscale Cloud. Through the accreditation, government agencies can now use Oracle as a government-ready Cloud services provider (CSP).

For Oracle’s other clients, the company’s regulatory compliance means that the services its users receive follow critical best practices in the areas of procedures, policies and designs. It also offers assurance that their security requirements are met by Oracle since it is more difficult to obtain government accreditation owing to practices that need to be demonstrated to conform to stringent standards.

While Oracle's Cloud platform does not have the breadth of a Platform-as-a-Service (PaaS) compared to its hyperscale Cloud rivals, it may have all the services its existing clients need. Organisations looking to retain Oracle's products should evaluate the Oracle Cloud platform from a financial perspective, as part of their multi-Cloud strategy. For instance, Oracle Cloud includes automated database tuning administration, so enterprises need to consider the costs associated with having trained staff to monitor the database, which could result in higher overheads.

Who’s impacted

  • CISO
  • Security teams
  • ICT strategy leads
  • Infrastructure architects

What’s Next?

Over the last three years, IBRS has noticed a significant mind shift in how organisations think about database infrastructure and, in particular, the Cloud. Many IBRS clients have reported that they are actively looking to embrace Cloud-native data platforms. The Oracle Cloud provides not only a 'stepping stone' for Oracle database customers, and those with Oracle's enterprise solutions, but a potential platform for running containers.

A New Program for New Programmers

Appian, a low-code vendor, recently launched a LowCode4All, a scholarship program that will cater to developing the low-code skills of marginalised individuals. The program will be launched in stages, with an initial focus on people with a background in STEAM (science, technology, engineering, arts, and mathematics) or that have outdated coding skills.

Initially, eligible participants will include current undergraduate and graduate students, students who have paused their education, unemployed individuals, career-changers, and military veterans. As the program progresses, additional target groups will be added, such as single mothers, women returning to the workforce and disenfranchised groups. Low-code platforms represent a particularly powerful option for bringing people into the technology industry, and providing education and certification to disenfranchised citizens is both a socially sound policy and a way to directly address the skill shortage in software development.

This round of the program includes distributing 1,000 scholarships to provide training and certification to marginalised communities, teaching them low-code development practices. This not only benefits the individuals receiving the training, but also addresses the critical scarcity of skilled software professionals. Obviously, it also benefits Appian by ensuring a ready supply of Appian-skilled staff.

In short, the program aims at helping people that have historically seen employment opportunities limited to the lowest paying jobs, or who have experienced generational poverty, which may have hindered them from entering the technology workforce.

The fully-funded program includes a training program, trial examinations, mentoring and employment opportunities through the Appian network. Applicants will need to pass a final examination before becoming an Appian Certified Associate Developer.

Importantly, the program also includes post-certification mentorship with the vendor’s engineering and professional services teams to ensure they are ready for employment.

In an interview with IBRS and Appian’s executive, Appian described the plan as a way of ‘democratising access to a low-code career by reducing financial barriers’. Aside from supporting the scholarship recipients’ low-code platform certification, it will also assist them with job placement. IBRS notes that starting rates for low-code specialists average around US$70,000, which is significant, even life-changing for some candidates targeted by the program, but still very cost-effective application development (which is one reason why low-code is gaining such traction). Given that the people being targeted for the program may have been at poverty level wages, such employment opportunities are genuinely life-changing.

Other tech companies have also launched similar corporate initiatives for low-income learners to earn their certifications. For instance, Microsoft offers the Women at Microsoft Scholarship for high-school women and non-binary applicants, while Salesforce has established the Salesforce Foundation that supports global educational initiatives.

IBRS believes that these programs can help improve diversity by nurturing qualified developers. Women returning to work and young women are both targets for these types of programs. In addition, the programs can help address underemployment within the ageing population and low-income communities. They have real economic and social benefits.

Observations and Lessons from Appian’s Proposed Model

During IBRS’s discussion with Appian’s executives, several contentious issues were raised about the structure of the program. While the intentions of the Appian scholarship program are to support vulnerable members of society, especially those whose income opportunities are limited, IBRS raised the following:

 1. Educational Mentorship is Different from Career Mentorship

Appian’s mentorship program commences once the applicant gets certified after the final exam. However, a true educational mentorship program fosters prioritising first the development of the individual over his or her identity as a certified skilled worker. This means that the mentorship has to be set right during the practice exams instead of leaving them to figure out coding exercises on their own until they experience burnout prior to the final certification test. 

Appian has taken this advice on board and will be expanding mentorship within the program over time.

 2. Mental Health Concerns Among Learners

The target scholarship recipients are individuals with stressful backgrounds compared to typical university scholarship applicants. For instance, U.S. army veterans or service members who were recently discharged and intend to go back to the civilian workforce may still have post-traumatic stress disorder (PTSD) or simply be facing severe financial stress. Many academic and clinical literature has shown that such stressors manifest in dysfunctions when transitioning to student life. 

In addition, the pandemic has affected the mental health of employees who initially took their retrenchment in their stride but have become more distressed by the situation. Anxiety is high among this group of individuals.

IBRS recommends that a combination of tutoring and mentorship, with a special consideration on mental health issues, be instituted to ensure that the trainees can remain committed to fulfilling the requirements of the program. Most educational networks (TAFEs, universities, K12 schools) have mental health professionals that support students in need. Vendor-driven programs - especially those targeting marginalised individuals - will need similar support.

3. Time Flexible

Many of the marginalised individuals targeted by these types of programs will be time poor, or have commitments well outside of their control. For example, low-income, single parents may not be able to fully commit to the training in a given time period. Many of them have inflexible schedules and would have to balance their jobs and training while making time for their children because they cannot afford daycare facilities. 

Any programs that aim to support the marginalised will need to accommodate a great deal of flexibility in how and when training is conducted, timing and approach to trial exams, and even the certification exam. This means any mentors involved in the program will also need sufficient training and freedom to work with students at sometimes inconsistent times. A balance must be struck - but exactly what that balance looks like will depend upon the type of training and subject matter.

 4. One-Time Examination

In relation to the points raised above, the drawback to an all-or-nothing certification exam is highly concerning given that these students have to deal with non-academic issues and mental health problems. A pass-or-fail mentality can be demotivating since not everyone can be at the same pace in terms of building their low-code skills.

In these situations, the exam may likely have a poor predictive quality if the performance of all examinees are considered on their first attempt, due to anxiety and lack of focus initially, even if students had engaged with practice exams prior to the final test.

IBRS recommends that vendors implementing such programs establish a ‘safety net’ for their students. In its simplest form, students can be assured that they can retake the final examination a number of times to prevent further anxiety around whether they can pass or not. This can be done by requiring them to do some or all of the curriculum again before being allowed to retake the test.

5. Forward-Looking Approach

Such programs need to be evaluated at least annually to assess the quality and success of the program over time. Without formal evaluation, such programs can be dangerous - actually harming marginalised individuals - and the vendors cannot identify areas for improvement.

Conclusion

Appian is engaged in what should be a powerful win-win-win program:

  • a win for society by creating new employment pathways for marginalised people, in a way that government programs rarely provides
  • a win for the ICT industry that is critically short of developers
  • a win for Appian, as it expands the availability of workforce ready talent

The Latest

10 May 2022: Microsoft Research has introduced an advanced prototype of PeopleLens for young learners with visual impairment at the University of Bristol. 

The solution uses augmented reality eyeglasses tethered to a mobile device to identify people and track their direction and distance from the user. Using artificial intelligence (AI), the solution registers people in the system through facial recognition and alerts the wearer in real-time by identifying the person and their distance and direction through spatialised audio. To protect privacy, facial images in the system are not stored as photographs but as vector numbers to represent identities. The technology is not yet commercially available, but does provide hints at what the near future will

Why it’s Important

Education is something of a laggard in the application of AI, especially in Western economies. 

However, innovations such as PeopleLens provide a glimpse (pun intended) of what is possible. Using AI in education is expected to grow quickly, but where and how it will be applied is as much a matter of economics as it is technology. 

The cost of AI at scale can be a prominent issue in this case. AI computation may be inexpensive in cases where requests are relatively small, but costs can quickly add up for applications that require millions or even billions of transactions. In addition, releasing new AI algorithms is still relatively expensive, due to the high cost of investment in research and design, as well as expenditures for the development of prototypes, complementary equipment and software. Hyperscale Cloud computing helps reduce these initial expenditures, but training is still required. 

Therefore, the business cases for an AI initiative must be carefully weighed against the potential future scale versus the value to individuals. In short, does it scale economically?

In a recent IBRS interview with an Australian Microsoft Azure specialist who developed an AI model to detect improper Microsoft Teams usage among students - such as cyberbullying, aberrant behaviour and inappropriate content sharing platforms - the transactional cost was not feasible, even with the aggregate value of securing children from harassment online. Since the Teams environment hosted hundreds-of-thousands of users, each producing scores if not hundreds of messages daily, the total cost of running the solution was not a viable commercial option.

In the case of PeopleLens, on the other hand, the number of transactions per individual may be relatively high, but the number of transactions as an aggregate is relatively low. As such, it is potentially an example of where the value returned is acceptable when compared against the cost. 

Who’s impacted

  • CEO
  • Innovation managers
  • Education policy strategists
  • AI solution development teams
  • Product research teams

What’s Next?

Industries that are planning to leverage AI effectively and at scale should ask for examples of how different AI-powered solutions are being justified.  

For most organisations, AI will be leveraged as features from within SaaS solutions, such as SalesForce's Einstein and Microsoft's use of GPT3 inside the PowerPlatform. 

However, for those looking to create new applications that leverage Cloud and ML capabilities, transactional volume should be carefully considered early in the planning stage to accrue the most value from the investments in research, design, development and production in the long run.

Related IBRS Advisory

  1. All Together Now! Hybrid Work, Technology, Diversity & Inclusion
  2. Innovation: Taking action in 2018

The Latest

10 May 2022: Microsoft has integrated the Z-code Mixture of Experts (MoE) models to Translator and other Azure AI services to improve the quality and accuracy of its translation capabilities. Through the Z-code MoE, the models can speed up language translations on Microsoft Word, PowerPoint and PDF files. 107 languages are currently supported. 

Why it’s Important

Pretrained ML models now produce faster translations with consistency and help human translators reduce their workload, especially for repetitive writing and translation tasks. IBRS has observed that hyperscale machine translation has already progressed in terms of computational efficiency. Capabilities such as Z-code save runtime costs by using parameters that are only relevant for specific translation tasks.

However, to match (or sometimes surpass) the quality of human translators, genre-specific translation engines trained specifically on different types of content must be employed. The generic models offered by the hyperscale Cloud vendors are often insufficient. 

Genre-specific machine translation engines involve training highly nuanced models. Solutions such as those from Omniscien Technologies, for instance, provide far more accurate models that can be curated. In addition, these specialised models also allow for the translations to run on an organisation's own infrastructure, which is a consideration for organisations that need to translate sensitive or private content without digressing from the context of the original text.

Who’s impacted

  • CEO
  • Corporate communications teams

What’s Next?

Machine translation services will eventually make their way into the daily life of most people, much like how global positioning systems (GPS) have been integrated into mobile devices. 

Currently, free machine translation tools such as Google Translate and Bing Translator are not nuanced and far less accurate when compared to the output of human translators. Translation apps such as SayHi, allow speech-to-text translation in real-time while Papago and Waygo feature image recognition that automatically translates text on pages, signs and screen. However, these still cannot produce highly accurate translations based on context and language registers.

As such, translation at a basic level (word-for-word, literal) is not good enough for all use cases. For example, translating medical information, patents, user manuals or outputs for e-discovery requests requires a much higher fidelity of translation that must include referential, cohesive and natural-sounding output. For these cases, consider specialised machine translation solutions alongside (and possibly complementing) the more general offerings from the hyperscale Cloud vendors.

Related IBRS Advisory

  1. Can IBRS provide information on the establishment and maintenance of multi-lingual Web sites?
  2. Software Agents Maturity Model
  3. Managing cultural diversity

The Latest

12 April 2022: IT consulting firm, Atos, has partnered with low-code enterprise software developer Mendix to expand the former’s low-code application service offerings. According to the press release, the collaboration will also enable Atos to promote its commitment to lowering enterprises' carbon footprints through digital modernisation tools.

Why it’s Important

Atos’s partnership with Mendix is one of the many collaborations between tech consulting firms and vendors that were forged to respond to the surge in demand for low-code solutions. IBRS has observed that major service partners are increasingly using low-code tools to deliver results more quickly, while simultaneously opening up new opportunities for other more sophisticated and profitable IT projects. 

This is a result of the growing market for low-code being a fundamental component of Fourth Wave ICT (or the low-code everything era), and the benefits of adopting such a culture for many organisations as discussed in our Special Report

In addition, many vendors are touting their sustainability credentials: all the hyperscale Cloud vendors and many of the major SaaS vendors all now report their progress towards zero or negative carbon footprints.

However, IBRS has previously pointed out that technology vendors with no credible approach to transparency are highly likely to leverage energy and carbon efficiencies to promote themselves, but diverge towards greenwashing – claiming benefits for the climate but without actually changing anything. 

Unfortunately, the agreement between Atos and Mendix appears to be no exception. By claiming that organisations can build applications to assist with decarbonisation, it does not necessarily translate for Mendix or Atos (or for any low-code for that matter) to produce viable carbon emissions reductions. This is because emission reductions are attributed solely to organisations that are actively involved in energy consumption or those that have a carbon footprint. For a software developer to overstate such claims, it is at best double-counting, and at worst blatantly committing cynical greenwashing.

Vendors will stretch their claims regarding sustainability, especially how products can impact carbon footprints. Without clear accountability and metrics, this is often little more than posturing. 

As more consumers are becoming aware of corporate disinformation, enterprise compliance on emission reduction claims in procurement policies for technologies needs to conform to proper sustainability reporting such as the Global Reporting Initiative Standards while incorporating the Oxford Offsetting Principles. Greenwashing will backfire. Proper reporting must include demonstrating a real and measurable commitment to contributing to environmental campaigns.

Who’s impacted

  • CEO
  • Procurement teams
  • IT teams

What’s Next?

  • Familiarise the concepts of allocating and reporting on carbon emissions within your industry. Include what standards exist, and which are likely to be mandated by regulatory institutions in the coming four to five years. 
  • Apply reporting standards to hold vendors accountable when claiming decarbonisation and emissions reductions. 
  • Prevent greenwashing from detracting from the very real business benefits of reducing carbon emissions, such as reduced costs, adoption of elastic ICT provisioning where needed, and meeting staff and public expectations. 
  • Ensure there is transparency in every claim by demonstrating how such green declarations were achieved through reliable accounting methods that gauge emission reductions more accurately.

Related IBRS Advisory

  1. Considerations for Selecting Modern Low-Code Platforms

  2. Think green IT: Think saving money

  3. Greening your ICT purchases

The Latest

12 April 2022: Research by risk consulting firm Kroll revealed a 356 per cent surge in common vulnerabilities and exposures (CVEs) or zero-day vulnerabilities (also known as freshly announced threats) in the last three months of 2021 compared to the previous quarter. By December, an increase in new ransomware variants was detected in ManageEngine, ProxyShell, VMWare, and SonicWal pushed CVE logs to an all-time high.

Kroll’s industry survey revealed that while phishing remained the most popular initial access infection vector, at 39 per cent in the fourth quarter, CVE increased from 6 per cent to 27 per cent in the same period.

 

Source: Q4 2021 Threat Landscape: Software Exploits Abound

 

Why it’s Important

Many incidents of ransomware continue to impact Australian organisations who are considered prime targets due to (a) their capacity to pay and (b) their relatively immature (from a global perspective) cyber-defence and cyber-response capabilities of a larger number of mid-sized enterprises. Many of these organisations struggle to close common vulnerabilities, let alone zero-day exploits, quickly enough to avoid intrusions due to their weak defence postures.

Organisations need to address their ability to defend against such attacks and respond appropriately to limit any impact caused by breaches. More effort is required across industries to contain the likelihood of attacks impacting productivity, reputation and financial resources, rather than just within individual businesses. This will support sharing of intelligence and the growth of cyber-defence nationally.

Who’s impacted

  • CMO
  • Development team leads
  • Business analysts

What’s Next?

  • Cyber-defence can no longer be left to a 'best effort' basis by ICT groups. Organisations that lack a dedicated cyber security specialist, must seek out specialist services, peer groups and forums, and actively leverage better practices from these groups.
  • Evaluate the status of your enterprise’s ransomware defence and look into the strengths and weaknesses of your current security posture.
  • Create a dedicated team that will develop a roadmap to improve the organisation’s stance against ransomware.

Related IBRS Advisory

  1. The Security Impact of Remote Working: Find the Gaps in (Zero) Trust
  2. Use Security Principles to Guide Security Strategy
  3. Reducing the Risk of a Successful Ransomware Attack

The Latest

12 April 2022: Low-code enterprise software developer OutSystems announced Integration Builder’s (IB) support for Generic PostgreSQL version 13, Aurora PostgreSQL version 12, as well as non-relational database MongoDB. Prior to the announcement, OutSystems only supported a limited number of platforms including MySQL, Oracle, Azure SQL and SQL Server. With more connection options for infrastructure servers, users can now better develop applications where data resides in Cloud-based, high-capacity, elastic databases.

Why it’s Important
As low-code plays an increasing role in application delivery, the adoption of open-source databases will become increasingly common for several reasons. First, it opens up low-code applications to existing solutions as well as allowing existing applications built upon these databases to be extended by low-code developers. Second, it has the potential to reduce the overall cost of low-code architecture. Finally, the inclusion of elastic databases allows low-code to be used for massive scale data applications.

Therefore, for organisations that are considering purchasing a new low-code platform with connected services from different sources, look into how the vendor caters to the evolving hyperscale Cloud computing market to support the scalability and high-performance needs of clients. As previously noted by IBRS, the most successful ones will require minimal changes in enterprises' existing SQL Server application code, speed of migration, and ease of switching to other tools post-migration.

Who’s impacted

  • CTO
  • Development team leads
  • Business analysts
  • Low-code centre of excellence

What’s Next?

Review the low-code spectrum to determine which types of low-code capabilities your organisation needs in the near and midterm, and which are most likely to be needed in the longer-term.
In addition, it is imperative to assess risks associated with adopting a new operating model and platform before investing in any low-code platform.

 

Related IBRS Advisory

  1. Considerations for Selecting Modern Low-Code Platforms
  2. VENDORiQ: AWS Babelfish Brings PostgreSQL to its Hyperscale Database

The Latest

5 April 2022: Amazon Web Services (AWS) launched AWS Billing Conductor for customisation of Cloud cost reporting and more accurate monthly billing data. Organisations can now organise accounts into billing groups, apply specific pricing packages, assess and edit pro forma expenses and reports, and compare rates between those applied to groups and current AWS rates.

Why it’s Important

The COVID-19 pandemic has impacted 92 per cent of organisations to exceed their Cloud spend forecasts in the last 12 months, according to a recent report. As a result, many ICT groups are being asked to justify their increasing spend on Cloud services to optimise the enterprise’s purchase decisions.

Although Cloud can reduce overall costs in some areas of ICT's business as usual (BAU) expenditure (operational costs that are part of standard daily work), the increase in demand for computing and storage generally makes it appear that promised costs of savings from Cloud are not materialising. By allocating costs to specific business units’ consumption, deployment projects, use cases and new digital transformation initiatives, enterprises can identify which efforts drive the most Cloud spend. This goes a long way to clarifying why Cloud investments are worthwhile (or not, as the case may be).

Therefore, it is no longer sufficient to consider Cloud budgets as simply part of BAU, nor treated in the same way software costs have been treated in the past. These old approaches will mean that justifying Cloud spend will only ever be short-lived.

Cloud cost management tools that enable not just Cloud cost identification, but also allocation back to business benefits will be vital for identifying profitable technologies and projects within the Cloud. While there are other third party solutions in this space (such as VMWare’s CloudHealth, Cloudability and Densify), the AWS Billing Conductor will assist mid-sized organisations who cannot afford such services, or lack the skills needed to implement Cloud spend budgeting with better accuracy.

Who’s impacted

  • CMO
  • Development team leads
  • Business analysts

What’s Next?

IBRS has observed that many less mature organisations have a ‘sprawl’ of Cloud services that need to first be identified and then reined in, before cost optimisation products can be fully effective. Therefore, consider how Cloud business cases and ongoing budgets need to be communicated, and to whom, within your organisation. In addition, look into how you can set up a billing responsibility model and cost dashboard, designed for cost efficiency. Ideally, decisions around this should be made by the Cloud centre of excellence.

Related IBRS Advisory

  1. VENDORiQ: Aussie Cloud-cost Specialist GorillaStack Expands What it Watches
  2. Cloud Financial Management is Optimised with Cloud Certified Partners
  3. How to get on top of Cloud billing

The Latest

22 March 2022: Knowledge management application software developer Objective Corporation (Objective) has acquired US Cloud-based content management system firm Simflofy. With the acquisition, Objective’s governance extends beyond a focus on regulated and public sectors to accommodate organisations struggling to govern Microsoft365 suite. Through a combined enterprise federated governance and single source of truth (SSOT), users can expect the features of the integration to be introduced in its newest tool, Objective 3Sixty.

Why it’s Important

The Australian public sector’s content management solution vendors are dominated by Micro Focus Content Manager (formerly known as TRIM) and Objective. However, both solutions providers lack the technology to fully address the demand for federated knowledge management due to the effect of disruptive collaboration, and the adoption of Microsoft Office 365 by many enterprises. 

However, the acquisition of Simflofy will be a game changer for Objective.” to avoid it seeming like Simflofy has acquired Objective. The integration of Simpflofy’s federated information management capabilities to Objective’s strength in knowledge management in compliance rich environments, has the potential to balance a unified view of organisation wide content from disparate sources of information, with rigorous information lifecycle management.

At the very least, the acquisition signals that Objective is now committed to federated knowledge management, instead of the traditional record-keeping system that it is known for.

Who’s impacted

  • CMO
  • Sales/marketing teams

What’s Next?

Objective customers should monitor the vendor’s progress with Objective 3Sixty’s features such as SSOT through consolidating various sources across multiple information repositories and managing it all in one place.

In addition, public sector organisations that use Objective as well as SharePoint without appropriate governance and compliance add-on solutions (such as RecordPoint’s Records365), should start exploring how the new Objective plans and acquisition may impact discussions on where and how knowledge is stored in a compliant manner.

Likewise, Micro Focus Content Manager’s customers must raise inquiries to the vendor on the progress of the service provider’s plans for filling in the gaps of federated content management capabilities for Content Manager, in particular Control Point. 

Related IBRS Advisory

  1. The Challenge of Disruptive Collaboration and the Future of Enterprise Knowledge Management Solutions
  2. Does IBRS have a framework which describes the capabilities of Knowledge Management?

The Latest

22 March 2022: Virtual application delivery (VAD) service provider Cameyo joins Citrix and VMWare as certified Google Chrome Enterprise Recommended solutions for virtualisation. Cameyo’s features, combined with the Chrome operating system (OS), provides Cloud-based desktops’ with Windows apps. This extends Google’s virtualisation features by running fewer servers at higher capacity with centralised infrastructure, security and data management. 

Why it’s Important

Application virtualisation services expand users’ access through a secure ecosystem that supports legacy systems on Chrome (and other devices). This approach may reduce operating costs relative to traditional desktop virtualisation infrastructure.

In addition, Cloud VDI does not limit users into a single device when accessing data and applications and does not compromise security or reduce the capacity of endpoint management. Enterprises likewise can save on the costs of acquisition and maintenance of devices, resorting to lower-code (and lower-cost to support) Chromebooks. 

Cameyo’s recognition by Google marks a turning point in the move towards wider acceptance of application virtualisation, as opposed to full VDI.

Who’s impacted

  • Desktop / digital workspace teams
  • Development team leads
  • Business analysts 

What’s Next?

Organisations re-evaluating their VDI investments - especially in light of Citrix’s request acquisition,  should consider the potential of application virtualisation, and perform a detailed RIO that includes not just the licensing and hardware, but also the operational costs over an extended period - say five years. 

It should also be noted that, with Citrix being acquired, many organisations have started to be less optimistic about new innovation coming from the platform. IBRS reiterates that users should not expect any revolutionary new Citrix features to be released in the near future. Instead, IBRS expects a gradual acceleration of the shift towards application virtualisation services, regardless of a vendor’s existing popularity in the industry.

Related IBRS Advisory

  1. VENDORiQ: Citrix to be Acquired by Vista Equity Partners and Evergreen Coast Capital
  2. VENDORiQ: Windows 365 - The New Hotness, or Same Stuff in a New Can?

The Latest

15 March 2022: Snowflake announced its planned acquisition of data applications builder Streamlit. Snowflake’s goal is to integrate app building into its Warehouse-as-a-Service platform with simplified data access and governance features. 

Why it’s Important

There has been a growing trend in the acquisitions of analytics platform developers to boost product features and improve capabilities of data science tools.

IBRS expects more mergers and acquisitions among leading Cloud analytics vendors that will commence the initial stages of consolidating the hyperscale, elastic analytics market. It projects more integration of key components of the data analytics system in the next three years. In particular, data catalogues or data sharing solutions will become increasingly integrated with Cloud data lakes and data warehouses.

However, it is the use of centralised data repositories - data lakes and warehouses - to simplify the development of low-code apps that has been overlooked. One of the biggest challenges and costs for low-code apps development is integration. However, data analytics platforms have already integrated and normalised data from multiple systems. As a result, using these centralised data resources for low-code application development could be very attractive. 

Microsoft’s Dataverse is essentially this concept - albeit within the Microsoft world. Snowflake’s investments in Streamlit are an indication that there is a growing market for this use case.

Who’s impacted

  • COO, CIO, CTO
  • Business analysts

What’s Next?

Organisations should look at how their low-code initiatives tie into data analytics initiatives. Low-code platforms generate not only data captured from forms, but also metrics on how processes are performing - data which will likely end up being reported upon via analytics platforms. But there are also opportunities to leverage the analytics platforms to act as engines for low-code and rapid application development environments. Bringing the people involved in each of these areas together can reveal new opportunities to ‘streamline the process of streamlining processes’.

Related IBRS Advisory

1. VENDORiQ: AWS Accelerates Cloud Analytics with Custom Hardware

The Latest

15 March 2022: Google announced general availability of Dataplex, a ‘dash fabric’ (aka, data mesh) solution that allows enterprises to centrally manage and control data across data lakes, databases and data warehouses. Google claims that the product can mesh Google Cloud with open source technology for analytics professionals to better govern data. Dataplex was launched together with Datastream and Analytics Hub that make up Google Cloud’s database services in its analytics portfolio.

Why it’s Important

Since it was introduced in 2019 by its creator Zhamak Dehghani, the concept of data mesh is becoming hyped. Similar to service oriented architecture (SOA), it is misunderstood by vendors and buyers alike who believe that it is all about technology. Instead, data mesh is as much a philosophical shift, from viewing data being centralised in data lakes or warehouses, to managing data close to where it is created, through a domain-oriented design with a self-serve data infrastructure.

Google, on the other hand, identifies Dataplex as a data fabric, which provides a technology layer over disparate data sources for better access, discovery, integration, governance and security. Data fabric focuses on existing multiple centralised technologies that consolidate data. Data mesh, on the other hand, promises a fully domain-oriented, decentralised approach, since it considers all enterprise data as a set of different repositories, preventing any loss in domain expertise during translation, unlike with a data lake. Thus, in a pure data mesh platform, different groups can manage data as they see fit, sharing some common governance measures while maintaining their domain knowledge on the data.

IBRS has observed that data catalogue vendors are leveraging data mesh rhetoric to market their products. However, most of these do not truly align with the philosophy of data mesh, which is fine for the near term, as few organisations are prepared for the changes involved when adopting such a democratised approach to data management.

Who’s impacted

  • CTO
  • Analytics teams

What’s Next?

Organisations that want to explore data mesh concepts must carefully consider shifts in data team structures, roles, responsibilities and skills before looking at technical solutions.Some changes brought by such a data architecture approach will impact domain-specific variations in data across departments, domain ownership, data product self-containment, and governance architecture to preserve global controls.

Related IBRS Advisory
1. Business First Data Analytics - Webinar and Q&A

The Latest

1 March 2022. Microsoft recently launched Carbon Call with ClimateWorks Foundation and more than 20 other leading organisations in the private, philanthropic, scientific and non-governmental sectors to develop more reliable and interoperable carbon emissions accounting practices. The collaboration is expected to address and solve gaps in current global carbon accounting systems, with a focus on carbon removal and land sector, methane, and indirect emissions. 

Why it’s Important

There has been a noticeable growth in the number of hyperscale Cloud vendors publicising their efforts to reduce their carbon footprint and energy consumption levels. Such growth outnumbers the total of on-premise data centre services that are following the same move towards carbon-free energy sources and more sustainable ICT operations.

This reflects the industry’s answer to the immediate call for action on climate change and the economic advantages of hyperscale. However, global standards for sustainability reporting still vary widely, according to a study published by the International Federation of Accountants and the Association of International Certified Professional Accountants. The lack of a robust set of sustainability-related reporting standards presupposes that any vendor may overstate its claims of adhering to a climate-first approach, further relegating corporate reporting across a range of environmental, social and governance (ESG) areas into suspicion.

But progress has been made since. In November, during the 2021 UN Climate Change Conference (COP26), the International Financial Reporting Standards Foundation proposed the International Sustainability Standards Board (ISSB) to bring the much needed transparency in reporting across different industries, enterprises and regions.

Microsoft's adoption of an emerging global standard for reporting reflects the next stage of the trend towards ICT sustainability issues. By 2025, IBRS expects that not only all the hyperscale Cloud vendors will have adopted a standardised carbon report, but most of the top Fortune 500 companies will be following suit. Around this time, it is expected that public sector shared services will be put under greater scrutiny to do the same move towards carbon-free energy sources with a globally agreed set of standards.

Who’s impacted

  • COO, CIO, CTO
  • Data centre managers
  • Corporate risk and policy directors
  • Sustainability managers

What’s Next?

Organisations must learn to start monitoring trends in sustainable computing, especially among the hyperscale Cloud vendors. As all organisations will soon be obliged to adhere to a consistent, harmonised and global set of sustainability reporting standards that will help define collective enterprise reporting and accountability, be prepared for boards to request standardised ICT sustainability reporting. This will enhance their commitment to actively participating in collecting and reporting sustainability information and the credibility of their report. 

Finally, organisations must consider what solutions may be needed to integrate ESG in creating value for the organisation over the long term, rather than attempting to build such capabilities in-house with existing analytics platforms. 

Related IBRS Advisory

  1. VENDORiQ: Cloud Vendors will Push New Wave of Sustainable ICT Strategies
  2. VENDORiQ: Oracle Announces Innovation Lab During COP26 Summit

The Latest

22 February 2022: Process intelligence and automation company Nintex announced its acquisition of robotic process automation (RPA) developer Kryon. Australian low-code vendor Nintex, plans to improve its intelligent process automation (IPA) features through Kryon’s process discovery technology capabilities and full cycle RPA with artificial intelligence (AI).

As a process management and automation software builder, Nintex offers low-code design platforms for IT teams, operations experts and business analysts. Some of its largest clients in Australia include Naylor Love, Toyota Australia, Arab Bank Australia, RICOH, Auswide Bank, Port Stephens Council in New South Wales, Auto & General Holdings, and Allegis Group who have benefitted from its low-code development tools to help employees, regardless of their programming expertise, create applications that solve unique enterprise challenges.

Why it’s Important

Nintex’s move to acquire Kryon is yet another example of the merging of all low-code tools (i.e., process singularity) and how mid-tier low-code vendors are pushing up the low-code spectrum. This broad ecosystem of solutions, each with unique traits and features that fit specific organisational structures, should have specific modern low-code platforms that match an organisation’s ecosystem to help better streamline operational processes. In addition, constantly ensuring governance features to avoid the chaos that can ensue from unfettered development when acquiring low-code platforms is crucial in the long-term for better return on investment (ROI) whatever low-code solution is selected.

Nintex is also one of the many Australian companies that have exhibited fast-growing performances in the international market recently through acquisitions and mergers. However, as previously noted by IBRS, most local enterprises and the national government have lower regard for smaller Australian vendors making a name abroad. In many cases, smaller local vendors offer better value and generally have positive project outcomes as a result of their vested interest in meeting their clients’ expectations.

Who’s impacted

  • COO, CIO, CTO
  • Business analysts

What’s Next?

IBRS recently conducted a market scan on low-code vendor trends and found out that large vendors will continue acquiring today’s most successful low-code platform companies until 2025. This will help expand their product portfolios to secure a majority of market share. In this regard, when looking at low-code platforms, organisations must consider the greater ecosystem of low-code tools that will meet their long-term needs. For instance, vendors that can offer a more robust platform that caters to internet of things (IoT) solutions can help organisations focus on IoT devices and controllers instead of hardware and software development integrations.

Related IBRS Advisory

  1. Low-Code Mythbusting
  2. Hammering Low-Code into Place Takes Time
  3. Low-Code Platform Feature Checklist
  4. VENDORiQ: What Marketplacer Shows Us About Buying Aussie Tech

The Latest

22 February 2022: MetricStream has launched software solutions for governance, risk and compliance (GRC) that generate quantified, AI-powered risk insights for business growth, cybersecurity, and environmental, social and governance (ESG) reporting compliance. The SaaS company’s line of GRC software products address enterprises’ manual processes for GRC reporting with automation and improved visibility. The solutions consolidate fragmented and siloed data sources required to report on GRC.The solutions are available as three pre-configured packages, with the end goal being to enhance enterprise ESG scores.

Why it’s Important

Organisations with a lack of GRC capabilities can surfer from weaker strategic and operational processes. Without clear accountability and ownership, they run the risk of operating outside compliance boundaries, potentially with penalties and regulatory sanctions.

The purpose of GRC is to provide a centralised risk repository and reporting, in theory, leading to better transparency through enterprise regulation measures.

While it is possible to implement GRC within existing business intelligence and data management tools, not all Australian organisations can deploy GRC this way due to limited expertise and capacity constraints within the analytics teams. Furthermore, unlike in large enterprises where robust BI tools are integrated into their core information repositories and external data sources, small and medium enterprises have yet to achieve a more mature data management capability, and lack the budget for analytics and information management teams. In the end, compliance reporting costs them a lot of their financial resources to be at par with the quality of reporting that regulatory offices demand from them. Pre-configured GRC and ESG reporting tools may be a more viable option for these enterprises.

IBRS believes that GRC is becoming increasingly important among Australian organisations and will impact them across industries in terms of transparency through systemic workflows where real-time insights can be used to guide decision-making that meets minimum requirements from regulatory changes.

Who’s impacted

  • COO, CIO, CTO
  • Business analysts
  • Risk managers

What’s Next?

Organisations need to be familiar with GRC and how they can best create a culture of compliance that ensures active oversight and adherence to applicable laws and regulations. Senior executives can drive a culture of transparency and efficient risk management by engaging in programs that meet GRC expectations, through compliance participation and implementation of preventive measures. This will improve risk control and promote good governance and organisational ethics.

To overcome the complexity of ‘build-it-yourself’ GRC and ESG reporting, consider if GRC software tools may complement the organisation's existing analytics platform through add-on solutions or dedicated products that make it easier to produce audit, accreditation and governance risk management reports.

Related IBRS Advisory

  1. IBM Acquires Data Analytics Firm Envizi
  2. More Evidence for Cloud Leading Sustainable ICT Charge

The Latest

Australian ecommerce platform Marketplacer announced in December 2021 that it had successfully raised US$38 million to begin its U.S. expansion, product development and partner program.  

The company has already secured US$85 million of funding and has over 100 marketplace clients. It has also partnered with ecommerce giants such as Salesforce (who has invested in them), Adobe, Publicis Sapient, and Fenom Digital.  

To date, Marketplacer’s 100 clients have added more than 13,000 businesses, agencies and enterprises for shopping cart services, payment processing, promotions management, and drop-shipping in one platform.

IBRS interviewed Marketplacer’s executive team about their business and the opportunities that meshed marketplaces have for local merchants and service providers.

What is Marketplacer?

Marketplacer’s SaaS-based platform allows organisations with existing ecommerce platforms or large online communities to quickly integrate third party sellers into their environments. Amazon revolutionised retailing by allowing other retailers to sell on its shopping platform, and gained not only additional revenue streams but also expanded the value of the Amazon site to shoppers. Marketplacer’s platform effectively allows organisations to create a similar business model.

Marketplacer simplifies connecting an enterprise’s current ecommerce system (such as Salesforce Connected Cloud or Magento 2) with affiliated merchants. It allows an organisation with an existing base of customers to rapidly present new products and services to them from affiliates. 

The operator portal provided by Marketplacer covers day-to-day onboarding, marketplace management, product and return maintenance, central database management, process payments and payouts, tax and accounting, orders and logistics, communications and marketing, ratings and reviews, and data and insights. 

The seller portal allows sellers to access their own marke​​tplace and manage orders, refunds, logistics, marketing and promotion, as well as insights and reporting.

Why it’s Important

A new ecommerce segment emerges

Major players in the ecommerce platform industry such as Shopify, WooCommerce, Bigcommerce, and Magento have dominated much of the market. 

However, Marketplacer differentiates itself by allowing sellers to take advantage of pre-built connectors to fully maximise the platform that complements their existing tools and offering to support a wide range of products and services for sale. In addition, its front end is decoupled from back end logic and channel programming language, aside from being framework-agnostic. 

While Marketplacer is not the only platform attempting to define this new ecommerce segment, it has an edge in terms of out of the box integrations and features. The recent capital injection will position the vendor well in the US market, but also strengthens its long term stability in the Australian market.

IBRS predicts that Marketplacer’s biggest competitors will come from large enterprises that have acquired tech startups to expand their services and offer similar capabilities through their SaaS products, such as Oracle’s purchase of NetSuite in 2016, to expand Cloud solutions in more regions and industries. 

Aussie vendors punching above their weight

Many Australian tech and software companies have earned success overseas such as Canva, Atlassian, Afterpay, Xero and NEXTDC, all with market caps above US$5 billion.  

However, most local enterprises - including government - fail to recognise that smaller Australian vendors just starting to do well overseas are worth putting on their shortlists. This is not just a concern regarding national pride. IBRS notes that in many cases, smaller local vendors offer good value and generally have positive project outcomes, due in no small measure to having development resources close to their clients and having a vested interest in keeping such founding clients content.

In addition, local ISV (independent software vendors) often have solutions that are designed specifically to meet domestic compliance requirements and business processes: especially those that support public sector functions.

Another issue worth noting is that there has been a ramp up in the number of acquisitions of Australian tech post-startups in the past years. In 2021, Queensland based Clipchamp was bought by Microsoft, SaaS company CitrusAd was purchased by the Publicis Group, and Quantium was acquired by Woolworths. Channel partners and specialist IT service providers are also being snapped up.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Australian enterprises should look beyond the traditional mainstream players to emerging vendors and local providers. Pay attention to the benefits of local support channels and the costs associated with gaining experienced, local implementation partners that have expertise in the local market.

Finally, when working with internal teams to determine how new platforms will demand changes to operations and even the business model, look more closely at the implications of selecting such tools or platforms, including security and reputational risks, from local vendors as well as the international brands.

Related IBRS Advisory

  1. Aussie vendor radar: Nintex joins the mainstream business process automation vendor landscape
  2. Positive customer experiences must lead digital transformation

The Latest

31 January 2022: Private equity firms Vista Equity Partners and Evergreen Coast Capital, announced their acquisition of virtualisation tech firm Citrix Systems. Citrix’s secure digital workspace and hybrid work environments will be merged with the market data management and business intelligence features of Vista’s TIBCO. The all-cash $16.5 billion acquisition, which is expected to be formally closed mid-2022, will impact Citrix customers, amounting to approximately 100 million end-users.

The buyout will make Citrix a private venture and address its debt after reporting a 1 percent decrease in annual revenue at the end of 2021. Reports of the deal have been in the news for quite some time, despite Citrix acquiring Wrike last year to further support hybrid work models for its clients.

Why it’s Important

At the start of the pandemic, demand for Citrix’s digital workspace solutions increased to allow secure access to corporate information systems through web traffic isolation, as well as remote access to devices in physical offices for employees on a work-from-home setup. However, there have been concerns that Citrix has not been at the forefront of innovation in the last few years.

The acquisition has the potential to provide Citrix with an opportunity to invest in new features now that its Desktop-as-a-Service tool competitors (Azure Virtual Desktop, Amazon Workspaces and VMWare Horizon DaaS Platform) have outperformed the Florida-based virtualisation tech company.  

However, history of previous acquisitions suggests that that potential will only be partially realised, if at all. IBRS has observed that among venture capital firms that have bought tech companies, users should not expect any new features to be released any time soon since private equity managers often prioritise profitability on existing customers using the same range of products. 

Conversely, with Citrix being consolidated with TIBCO, there is an opportunity to repackage the brand, add sophisticated integration and workflow capabilities to an existing market that’s maturing. 

In the near term (2-3 years), IBRS does not expect much direct impact on current clients.

Who’s impacted

  • CIO
  • Desktop / EUC teams
  • Business stakeholders dealing with workforce management and project delivery

What’s Next?

Since many organisations have adopted digital workspace architectures (as opposed to end user computing architectures), they should review their current service contracts that may be impacted by mergers and acquisitions in relation to workspace technologies. One strategy is to centralise vendor management activities and develop a set of governance policies. 

IBRS also recommends organisations running Citrix review the papers below, and then schedule a consultation session with IBRS to identify the next best courses of action for their enterprise.

Related IBRS Advisory

1. Mergers & acquisitions require federated service providers governance

2.Running IT-as-a-Service Part 46: Mergers and acquisitions impact on service contracts

The Latest

25 January 2022: ServiceNow has recently launched ServiceNow Impact that provides AI-driven recommendations along with human-powered solutions on technical support, prescriptive guidance, preventive solutions, role-based training, curated content, and coaching using the Now Platform. Users will receive personalised recommendations on customer success, progress monitoring, platform architecture and performance management to improve their overall workflow automation.

ServiceNow’s AI is leveraged to deliver recommendations that allow users to optimise their existing ServiceNow platform, without integrating third party tools into the system. The solution also provides personal support through on-demand training, and dedicated expert teams and developer consulting depending on a user’s subscription package. 

Why it’s Important.

IBRS has observed a rise in the number of AI decision support services being integrated into workflow automation tools. Hyper-automation on decision-making processes built on top of existing workflow platforms and enterprise resource planning (ERP) solutions is where most organisations will obtain the quickest impact from AI - specifically machine learning (ML). Therefore, instead of investing in separate ML tools and developing custom algorithms, it may be more prudent to leverage existing SaaS platforms emerging AI and ML capabilities.

In addition, many service providers that use AI to automate workplace processes, customer journey flows and enterprise spend management continue to expand their tool’s capabilities in terms of customised solutions to address each organisation’s requirements on value acceleration. In this regard, AI will continue to maintain its essential ‘invisible’ role by recommending better workflows, which in turn drive service quality and agility.

Who’s impacted

  • CIO
  • System administrators
  • Development team leads
  • Business analysts

What’s Next?

Look for opportunities to leverage AI (and ML) from existing investments in SaaS platforms. In particular, look for how AI is being used to make recommendations on improving workflow with low-code development platforms. Bespoke AI initiatives will be less utilised in favour of AI being added to already existing SaaS applications.

Related IBRS Advisory

  1. Machine Learning Operations (MLOps), the AI Productivity Fast Track
  2. Trends for 2021-2026: No new normal and preparing for the fourth-wave of ICT
  3. How can AI reimagine your business processes?
  4. VENDORiQ: ServiceNow to Acquire RPA Vendor Intellibot

The Latest

25 January 2022: IBM has announced its acquisition of Sydney-based data analytics software company Envizi. In an official press release, the move was finalised to boost IBM’s capabilities to provide environmental, social and governance (ESG) analytics, which is an emerging specialised field.  

Envizi will be integrated with IBM’s existing package of manufacturing and supply chain solutions such as IBM Maximo, IBM Sterling, IBM Environmental Intelligence Suite (EIS) and IBM Turbonomic to support feedback automation in their operations and corporate environmental initiatives. 

Why it’s Important.

IBRS has observed increased activity by large vendors acquiring small, local Australian enterprises that specialise in data analytics. Some of these include the following:

  • Fujitsu’s acquisition of Melbourne-based data and analytics firm Versor in 2021
  • Cognizant’s 2021 purchase of Sydney-based Servian, a data analytics and AI vendor
  • Healthcare tech firm Beamtree’s acquisition of New South Wales-based comparative analytics enterprise Potential(x) in 2021
  • Accenture’s 2019 purchase of Australian big data and analytics consultancy Analytics8 then its series of acquisitions involving advanced analytics firms overseas such as Bridgei2i and Byte Prophecy in India, Novetta Solutions and End-to-End Analytics in the United States, as well as PRAGSIS BIDOOP in Spain.

Aside from these, acquisitions of data analytics startups by other firms outside of Australia have become prominent in the industry with the likes of Capgemini on Sweden-based Advectas, Genpact on Enquero, and Infogain on Absolutdata, which were all formalised in 2020.

IBRS believes that while it is beneficial for the industry to have vendors expand their analytics capabilities, customers or enterprise partners need to constantly assess the likely impact on their existing service contracts with analytics partner vendors. Some of the areas that are critical include terms and conditions, possible pricing changes, future services, contracted support and personnel changes, among others.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Organisations need to be prepared for their analytics partners to be the next targets for acquisitions. As part of its strategy, organisations must remain vigilant and engaged with their analytics vendor partners regarding any acquisitions and the potential impact on services and costs. This includes assessing the implications of the potential scenarios that are most likely to occur, as well as the risks or opportunities that may be present with regard to adjusting to ramifications to the existing service, if there are any. Some potential risks or challenges that must be reviewed by the organisation’s legal and procurement teams can be found on this checklist.

Finally, organisations need to be cautious on assurances that are critical to their operations if these have not yet been put into written agreement. Becoming more pragmatic about the new vendor will minimise service disruptions in the future.

Related IBRS Advisory

  1. Mergers & acquisitions require federated service providers governance
  2. Mergers and Acquisitions - Devising the Right Strategy for IT

The Latest

4 January 2022: RingCentral recently announced that it is expanding its telephony solutions through the Message Video Phone™ (MVP™) platform via a ‘bring your own carrier’ (BYOC) offering. The vendor will also enhance its service to enterprise call centre solutions by allowing Microsoft Teams clients in Australia to integrate the RingCentral app for embedded dialler integration, direct routing solution and fax, call-to-web and voicemail capabilities.

Why it’s Important

IBRS has observed a rise in the number of call centres integrating apps such as Microsoft Teams and Zoom in their operations for embedded phone features. In March 2021, MaxContact, a vendor of a Cloud-based call-centre solution, announced it is supporting integration of Microsoft Teams clients. 

The increased interest in integration of popular video collaboration solutions is a direct result of customers’ recent experiences with video calling. The pandemic has raised expectations for digital service delivery and omnichannel experiences.

IBRS predicts that within the next three to five years, video call centres will be common, and supplement existing in-house facilities. This will coincide with the majority of call centres adopting real-time agent solutions to off-load common service requests and free up operators to offer a deeper, hyper-personalised care that will increasingly include video. These companies will also leverage advanced real-time analytics and artificial intelligence that will accurately detect client sentiment and reaction in every digital interaction.

However, while white-glove service is ideal and will be the norm in the coming years, two challenges will arise. First, even if the technology is already available, it is too early to determine which industries will lead the way and what impact it will have on traditional call-centre outsourcing models. For instance, Australian banks have relocated their call centre operations back to Australia to streamline communications and quickly resolve issues firsthand.

Second, will be the value of outsourced call centres, especially in Asia Pacific where millions of business process outsourcing (BPO) workers in the Philippines cater to telecommunication, banking and insurance customers in the United States, Australia, Europe, Canada and Japan. Video calls will require more than just accent training to make it appear that the servicing company is based locally. The entire user experience - including the call centre environment - will need to be ‘localised’ for different markets.

Who’s impacted

  • CIO
  • Development team leads
  • User experience/customer journey teams
  • Customer service teams
  • Call centre teams

What’s Next?

Call centre managers must invest time in exploring new modes of communication with the aim of enhancing customer relationship management (CRM) tools. However, given that it is highly profitable for vendors to take advantage of this trend in the next five years, call centre solution vendors will be looking for ways to differentiate themselves, while also supporting a wide range of common integrations.

Related IBRS Advisory

  1. VENDORiQ: Why is Zoom Pivoting? Do You Need to Be on Top of the Fourth-Wave of Unified Comms?
  2. Better Practice Special Report: Microsoft Teams Governance
  3. VENDORiQ: CommsChoice becomes Australia's first vendor of Contact Centre for Microsoft Teams Direct Routing

The Latest

December 2021: Data centre and colocation service provider NEXTDC announced it will buy 20 per cent (AU$35m of equity) in Infrastructure-as-a-Service (IaaS) provider AUCloud to support the latter's Cloud platform zone expansion in Brisbane, Melbourne and Adelaide. These centres will be operational as early as the fourth quarter of 2022.

Why it’s Important

NEXTDC is a major data centre provider in Australia with strong contracts in the public and private sectors. By buying into AUCloud, the firm is preparing its position for what is expected to be a wave of 're-localisation' of Cloud services, bringing Cloud workloads back from geographically spread environments to smaller, Australian-based sites.

With re-localisation, enterprises can benefit from highly responsive support from regional Cloud providers that do not just ride the trend of introducing solutions based on US or European requirements and enforce it for local enterprises.

Who’s impacted

  • CIO
  • Development team leads

What’s Next?

Organisations must consider the advantages of working with localised Cloud service providers, especially those with a strong reputation in the industry. They have to look into the benefits that it can bring to their platform in terms of service and technology, delivering geographic redundancy while taking advantage of the proximity to their facilities. These localised services can help with latency and meet data security and compliance requirements demanded by some industries.

Related IBRS Advisory

  1. The Industrialised Web Economy - Part 1: Cloud Computing
  2. VENDORiQ: Google Next: Distributed Cloud is More Than Hybrid and Multi-Cloud

The Latest

18 November 2021: AWS recently announced the launch of AWS Skill Builder, a digital learning platform which provides free Cloud computing skills training globally. It currently has over 500 free, on-demand courses - including nearly 60 new Cloud computing classes added this year. 

This expands AWS’s free access Cloud skills training programs in the region, in addition to last year’s launch of the AWS re/Start program - a free, 12-week full-time skills training program that prepares the unemployed, and underemployed, for careers in Cloud computing. Training is done in partnership with Indigenous training companies Goanna Solutions, Academy IT, and FDM in Australia and Te Pūkenga, the largest tertiary education provider in New Zealand. 

In addition, AWS is collaborating with local institutions such as The University of NSW’s (UNSW) CyberSECurity Education Network (SECedu) to teach both professional and practical cyber security skills in response to the growing demand for Cloud-oriented security skills.

Why it’s Important

Cloud skills are in hot demand, with competition for talent driving up salaries. 

Furthermore, IBRS has noted a growing dissatisfaction in paid programs for Cloud training and certification, though this is more a matter of perceived quality of delivery than concerns over the material in the training programs. Tech training is a booming industry right now, and the quality of independent training suppliers is mixed.

Therefore, it is no surprise that there is some scepticism about the quality and effectiveness of free Cloud professional training. If the paid programs are struggling to get it right, how will free programs deliver?

IBRS believes that scepticism is healthy. However, after a review of the AWS strategy and offerings, IBRS has concluded the program is robust and addresses some of the most critical skills gaps organisations are facing with Cloud migrations. Rather than treating these programs as ‘free’ organisations should be evaluating the available programs and building them into their internal skills development initiatives.  

AWS’s Skill Builder initiative is based on the concept of micro-credentials (small, granular certifications) which make it relatively easy to insert into organisations' existing skills development programs.

Reviewing and inserting Cloud training programs (from any of the major hyperscale Cloud vendors) into an organisation's internal skills development program is where the tight training budget can be spent effectively.

Who’s Impacted

  • Educational policymakers
  • CIOs
  • Educational ICT strategy leads 
  • Principals and senior leadership of higher education institutions
  • Digital workspace teams

What’s Next?

Adoption of Cloud computing across multiple industries is predicted to spawn a huge number of new roles over the next decade. Organisations should consider supporting a workforce education program. Their investment in digital skills training will not only help organisations achieve their digital transformation goals but also improve employee retention.

Related IBRS Advisory

The Latest

17 November 2021: Google announced that it has launched a second zone in Sydney for Bare Metal Solution (BMS). Google BMS now has a global presence in 13 regions.

Why it’s Important

With Oracle pushing hard for organisations to move their legacy applications and workloads into its next-generation Oracle Cloud, Google is attempting to swoop in with BMS as a less costly alternative that promises to run Oracle workloads with less than 2ms to Google Cloud. 

Google BMS leverages Google Cloud Platform (GCP) services, including BigQuery and CloudSQL for database operations. This may be a draw for organisations looking to reduce their dependency on Oracle, or exit Oracle altogether and switch to a managed database service. It is a potential stepping stone to open-standards-based databases. 

Oracle’s user based licensing approach is oftentimes seen as complicated and treacherous. Google BMS uses a simpler subscription pricing model without upfront costs. Most importantly, Google BMS also offers license portability. You can bring your own license (BYOL) from Oracle and run it on Google BMS. It has been reported to IBRS that this can avoid Oracle’s early contract cancellation costs that run between 30-50% of its original contract value.

On the surface, Google BMS appears to be an economical alternative to Oracle Cloud. However, there are certain considerations such as server sizing and configuration, OS and chipset upgrades, and possible database upgrades that could make the move to Google BMS turn out to be more complex.

It is also possible that Oracle, like Microsoft, will alter its licensing terms to block migrating on-prem licensing to hyper-scale Cloud. 

Who’s Impacted

  • CIO
  • CFO
  • ICT strategy leads
  • Infrastructure architects

What’s Next?

Before moving to Google BMS, consider the additional complexity involved. Specialised skills are needed in order to deploy Oracle on Google BMS. Migration to Oracle Cloud, in contrast, is reported as being a relatively smooth process. Oracle Cloud also includes automated database tuning administration. In short, you need to consider the costs associated with having trained staff to monitor your Oracle database on Google BMS, which could result in higher overheads.  It is not just about the cost of the Cloud. But if the goal is to migrate from Oracle over time, Google BMS is attractive from a cost perspective.

Related IBRS Advisory

  1. AWS Babelfish Brings PostgreSQL to its Hyperscale Database
  2. Google Next: Data - PostgreSQL Spanning the Globe
  3. Google introduces Database Migration Service

The Latest

30 November 2021: Microsoft recently announced the release of Windows 11 SE in 2022, which is designed to support K-8 students’ blended learning needs in the classroom. The operating system (OS) will only be available on low-cost devices sold exclusively to educational institutions. Windows 11 SE was developed after consulting with teachers and students for 18 months, which resulted in removing the widgets section, adding an automatic backup of files to OneDrive, and launching apps in full screen mode. The new Surface Laptop SE for students as well as upcoming devices from Acer, ASUS, Dell, Dynabook, Fujitsu, HP, JK-IP, Lenovo and Positivo will carry the OS.

Why it’s Important

With the launch of Windows 11 SE, Microsoft hopes to influence educational technology teams to shy away from Chrome OS. Microsoft claims with this product, IT admins can take advantage of the simplified backend as well as bundled Microsoft and non-MS apps such as Minecraft for Education.

IBRS recently conducted a major study of the Australian education sector to explore issues relating to the transition to remote learning during the pandemic. IBRS discovered that it is not the OS, nor the device, that is the primary challenge. Rather, it is the identity, access and administration concerns safeguarding students' privacy that were the single biggest issue.

Microsoft Windows 11 SE markets itself as a student-friendly version to compete against Google Chrome OS. In Australia and New Zealand, it is unlikely to impact the relatively low (in comparison to international market) presence of Chrome OS.

Who’s impacted

  • Educational policymakers
  • CIOs
  • Educational ICT strategy leads 
  • Principals and senior leadership of higher education institutions
  • Digital workspace teams

What’s Next?

Based on IBRS’s series of consultations with the education sector, the group recommends educational institutions decide on robust or streamlined solutions based on their learners’ needs and not on the premise of fear of missing out (FOMO). Developers must continue to collaborate with their target market, allowing students to be exposed to professional tools that provide a headwind in accelerated learning. Likewise, stakeholders must constantly assess their technological devices and platforms and how these impact the learning styles of users.

Related IBRS Advisory

  1. Dr Sweeney on the Post-COVID Lessons for Education (Video Interview)
  2. Kids, Education and The Future of Work with Dr Joseph Sweeney - Potential Psychology - 25 July 2018
  3. Higher Education Technology Future State Vision
  4. BYOD in Education: A report for Australia and New Zealand

The Latest

30 November 2021: Enterprise automation software firm UiPath collaborates with business schools to support student training on robotic process automation (RPA). This is part of their program to develop students’ skills in automation technologies, especially for business and finance majors. The strategy is aimed at growing future demand for RPA among business (as opposed to technical) staff.

Why it’s Important

Microsoft successfully transformed MS Excel into a standard spreadsheet software program in universities and enterprises, and edged out Lotus 1-2-3 and Quattro Pro in the ‘80s. Having Excel built into the curriculum of most schools at that time solidified Excel’s adoption.

In a one-on-one executive interview with IBRS, UiPath’s executive revealed that while it is a relatively young vendor, it has donated millions of dollars to business schools as part of the company’s Academic Alliance partnerships. In the ANZ region, this includes:

  • University of Melbourne
  • Deakin University
  • Tower Australian College
  • University of Tasmania
  • Swinburne University of Technology
  • University of Wollongong
  • University of Auckland
  • Auckland University of Technology

UiPath’s goal is to train students early in using personal software robots to support the automation of manual processes, build smarter assistants, and create their startup similar to how Microsoft influenced developing spreadsheet skills in the ‘80s and ‘90s. In other words, the company is developing a new type of use case in the business and finance department where the launch of a non-IT version of the RPA will mean creating a domain for business majors, and not just for the IT department.

IBRS predicts that since RPA is rapidly becoming merged within the low-code everything ecosystem, it will play a vital role in business and finance even if it will take some more time for the technology to provide insights, predict outcomes and exercise self-healing. 

Who’s impacted

  • Educational policymakers
  • CIOs
  • Educational ICT strategy leads 
  • Principals and senior leadership of higher education institutions
  • Digital workspace teams

What’s Next?

IBRS recommends CIOs prepare for RPA to become a standard business staff tool over the next three to 10 years. Its accelerated adoption in universities will expand its scope of automating rule-based digital processes and advanced cognitive automation on unstructured data sources across industries. Furthermore, organisations need to recognise the shift in management approaches and process discovery by adopting more sophisticated solutions that will leverage no-code tools and AI-driven technology to achieve their target ROI.

Related IBRS Advisory

  1. Dr Sweeney on the Post-COVID Lessons for Education (Video Interview)
  2. Higher Education Technology Future State Vision
  3. Trends for 2021-2026: No new normal and preparing for the fourth-wave of ICT

The Latest

23 November 2021: SoftIron is developing an Australian facility to manufacture it’s high-performance data processing appliance. This is the company’s second facility after its California factory and they have plans to develop another centre in Berlin in the coming years. The planned edge manufacturing facility is expected to be the first component level computer manufacturing hub in Australia for several decades.

SoftIron’s New South Wales manufacturing facility is supported by a AU$1.5 million grant from the Department of Defence. The hardware provided by SoftIron will include open-source appliances for high performance data processing.

The vendor will leverage smaller-scale, automated ‘edge manufacturing’ systems and effectively side-step global supply chain bottlenecks.  

SoftIron claims that security-minded clients, such as the Australian Government, are increasingly concerned about the risks of supply chains that include foriegn entities suspected to have inserted spyware. Governments are already applying bans on foreign providers of communications and data processing hardware that power modern data centres. SoftIron claims the ability for clients to verify every aspect of a product - from the open source code to the supply chain of components and manufacturing cycle - is critical for trust in data centre appliance.

Why it’s Important

SoftIron’s entry into Australian tech manufacturing is welcome. Australia’s technology tech manufacturing was decimated by large-scale overseas production capabilities in the mid to late 80s, despite having some extraordinary world-leading products. For example, the world’s first battery-powered laptop, the Dulmont Magnum (aka the Kookaburra) designed and manufactured in Australia in 1984. Hartley Computers developed hardware and software locally in the same decade, before concentrating on supporting imported Wang minicomputers.

The SoftIron announcement raises several important considerations:

Supply Chain Risk

Procuring hardware from an foriegn manufacturing plants (such as POS and telecommunication systems) is now being flagged as a possible point of exposure to business espionage and spying. The complexity of international supply chains combined with the opaqueness of the firmware and code running on tech products, opens up many avenues for criminal and state actors to inject malware into products sold overseas. While China is a target of US suspicions, it should be noted that Australia's allies have engaged in similar activities in the past: in particular the US and Germany with encryption technologies, and the recent use of the ANoM phone app used to ensnare criminals.  

For Australian enterprises, the lack of visibility into the supply chain should be a growing concern. The only way to address this concern is to adopt a risk assessment policy that includes verifiability of the supply chain, and the firmware and code of products.

Support Chain

Edge manufacturing (aka micro-manufacturing) leverages the ever lowering costs of robotic manufacturing systems and (importantly) the lowering cost of programming such robots, to compete against the cost-efficiencies of huge factories in lower labor-cost countries. 

Technology manufacturing firms have traditionally driven costs down through economies of scale and labor savings. However, the global supply chain crunch due to the pandemic and slow-moving trade wars, coupled with rising labor costs globally, is causing a change in the equilibrium of manufacturing. 

Edge manufacturing employs robotic technologies and short-run production automation to deliver specialised products at a faster rate, at costs that are within the realm of those offered by large scale manufacturing, when transport, warehousing and related global supply chain costs are considered.  Edge manufacturing is less susceptible (though not immune) to global supply chain disruptions. 

Most importantly, edge manufacturing is highly agile and their entire manufacturing process is verifiable, making the model attractive for security conscious buyers. Finally, firms that locate their facilities here are covered by Australian laws and are therefore required to be certified to a compliance standard to ensure the level of data security is being met.

Who’s impacted

  • CIO
  • CFO
  • Procurement managers

What’s Next?

IBRS believes that the national economy has a solid potential to benefit from edge manufacturing.  Recent economic modelling by IBRS and Insight Economics noted a 10% increase in organisations buying Australian software (as opposed to US and European solutions) would return close to a $1.5 billion uplift in the economy within a decade. This economic benefit would be significantly magnified if hardware was added.

Organisations can examine the premium put on closer collaboration with suppliers and vendors through this business model by:

  • Running a hypothetical stress tests on their current supply chain to understand how it affects their financial standing
  • Utilising local vendors while considering a third party risk assessment and compliance program that will fit their cyber security strategy
  • Assessing a vendor’s governance framework using the IBRS Vendor Governance Maturity Model

Related IBRS Advisory

  1. How does your organisation manage cyber supply chain risk?
  2. Vendor governance framework (VGF): Evaluate maturity to manage growth and risks
  3. Strategic vendor management in government
  4. Challenges when conducting business impact analysis

The Latest

16 November 2021: Oracle recently launched the Oracle Industries Innovation Lab as part of its commitment to supporting the 2021 UN Climate Change Conference’s (COP26) climate goal of lowering global temperature by 1.5 degrees. The facility, located in Reading, UK, is set to open in the spring of 2022 and will become a sustainable town centre dedicated to creating solutions to fight against climate change. It will feature wind turbines, electric vehicles and a simulated train station with a railcar made from repurposed materials. Oracle’s first innovation lab was built in Chicago in 2018 to host tools and technology for testing in simulated worksite environments.  

Why it’s Important

Other new tech initiatives that were introduced during the conference include:

  • Salesforce announced its US$300 million investment in reforestation and ecosystem restoration over the next ten years. It will donate technology through its nonprofit program and commit 2.5 million volunteer hours to organisations that work on climate change initiatives.
  • Amazon pledged US$2 billion to transform inadequate food systems and restore landscapes. Its aviation unit, Amazon Air, which operates exclusively to cater to the business’s cargo operations, also vowed to use sustainable aviation fuels (SAF) together with other major US airlines.
  • Rolls Royce secured the backing of the British government to develop the country’s first small modular nuclear reactor to deploy low carbon energy and replace its aging nuclear plants.

In 2008, an IBRS study found that the majority (25% rating it as a high priority, 59% rating it as somewhat of a priority) of ANZ organisations had a strong mandate for the executive to reduce the environmental impact of IT. However, interest in sustainable computing has plummeted year on year, and by 2019, less than 5% of CIOs rated sustainable ICT as a high priority. 

Recent climate events, and shifting public opinions are now seeing the trend reverse sharply. Initial data from a 2020-2021 study (not yet complete) suggests that once again most private and public organisations are joining the call for immediate action on climate change, with 24% of respondents stating it is a high priority.

All hyperscale Cloud vendors are promoting their carbon footprint and energy consumption credentials.. 

CIOs should expect increased demand to balance success in terms of investment returns and the impact on the environment, especially when pledging their support for man-made carbon capture innovations. Transparency and clarity through specifics in planning and execution of net zero transitions are the keys to speeding up the progress of such initiatives.

Who’s impacted

  • CIO
  • CFO
  • Data centre leads
  • Infrastructure architects

What’s Next?

CIOs must revisit their Green IT strategies and consider revising areas that do not meet proactive and incremental operational eco-efficiencies as well as cleaner processes. This includes focusing on infrastructure efficiencies and implementing energy management that takes action out of boardroom discussions and into actual practice.

In addition, more gains will be realised in the coming years through cleantech, with Cloud computing being a major contributor to carbon emission reductions, as we concluded in our 2021 study. CIOs must consider benefits such as this when designing their Green IT strategy.

Related IBRS Advisory

  1. VENDORiQ: Cloud Vendors will Push New Wave of Sustainable ICT Strategies
  2. Building your Green IT strategy
  3. VENDORiQ: More Evidence for Cloud Leading Sustainable ICT Charge

The Latest

16 November 2021: BlackLine launched its new accounts receivable (AR) tool, which it claims is the first unified platform for end-to-end cash flow optimisation in the industry. The software features intelligent optical character recognition (OCR) to eliminate manual work and reduce process errors. It also allows the predictability of customer payments when building cash flow forecasts. 

Why it’s Important

More organisations are adopting e-invoicing to take advantage of automation features, reduced printing costs, shorter payment delays and faster delivery times. As noted in our previous advisory The ERP: A critical IT application for the business, more Australian organisations are joining the trend of transforming their finance processes by replacing their ERP finance systems with a scalable Cloud-based ERP system that offers seamless integration to other business applications and streamlines backend business processes. 

Recently, IBRS conducted a study into the economics of ERP and Cloud solutions to find out the best ROI on their tech investments. A common answer among mid-size organisations and government agencies is the value of financial automation in relation to labour hours. On average, they reported productivity savings of between 0.5 and 3 full-time equivalent (FTE) roles when they switched to e-invoicing. Interestingly, the same benefit was cited by respondents in our 2019-2020 study on local governments in the country.

There are challenges to e-invoicing adoption, however. Apart from the perceived complexity and difficulty of most organisations in getting up to speed in their transition, employees worry about the threat of being made redundant in the near future.

IBRS discovered, however, that senior leadership teams transfer employees impacted by the reduction in labour hours to other roles where their skills are applicable. Organisations that go down this path gain more control in carefully managing their employee concerns. E-invoicing has become a foundational solution for better process management to establish digital relationships with their partners and internal staff.

Who’s impacted

  • CFO
  • CIO

What’s Next?

Before upgrading the financial platform, review the context of your current organisational and ICT strategy. Consider how the platform supports full ‘end-to-end’ processes that are integrated with other business software systems so that appropriate touchpoints are captured and understood. By doing so, the platform can meet its expected impact on your financial metrics and process requirements.

Related IBRS Advisory

  1. A review of ERP finance systems
  2. The ERP: A critical IT application for the business
  3. Replace or reinvigorate today's ERP Solution now
  4. Turning data analysis from an art to a science

The Latest

09 November 2021: Amazon Web Services (AWS) announced the availability of Babelfish for Amazon Aurora. Babelfish enables its hyperscale Aurora relational database service to understand Microsoft SQL Server and PostgreSQL commands. This allows customers to run applications written for Microsoft SQL Server directly on Amazon Aurora with minimal modifications in the code. 

Why it’s Important.

This new feature in Amazon Aurora, means enterprises with legacy applications can migrate to the Cloud without the time, effort and huge costs involved in rewriting application codes. In addition, using Babelfish benefits organisations through:

  • Reduced migration costs and no expensive lock-in licensing terms, unlike in commercial-grade databases
  • No interruption in existing Microsoft SQL Server database use since Babelfish can handle the TDS network protocol
  • Availability of the open-source version of Babelfish for PostgreSQL on GitHub under the permissive Apache 2.0 and PostgreSQL licenses 

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

More general availability of hyperscale Cloud computing to support scalability and high-performance needs is expected in the coming months from major vendors. The most successful ones will require minimal changes in enterprises' existing SQL Server application code, speed of migration, and ease of switching to other tools post-migration.

Related IBRS Advisory

  1. VENDORiQ: Google Next: Data - PostgreSQL Spanning the Globe
  2. VENDORiQ: Google introduces Database Migration Service

The Latest

28 October 2021: The US Senate voted unanimously to deny Huawei and ZTE from supplying equipment to US enterprises due to national security threats that would violate the Secure Equipment Act. Once approved by Pres. Joe Biden, the companies will not be granted equipment licenses by the Federal Communications Commission (FCC) under its ‘Covered Equipment or Services List’. A few days before, the Federal Bureau of Investigation (FBI) raided PAX Technology's Jacksonville warehouse after reports of alleged transmission of malware through the Chinese manufacturer's point-of-sale (PoS) terminals.

Why it’s Important.

As a member of Five Eyes (FVEY), an alliance of countries including Canada, New Zealand, the UK and the US, for joint cooperation in signals, military and human intelligence, Australia has previously followed the US in cutting off suspicious foreign tech companies' domestic presence due to national security concerns.

  • Australia blacklisted Huawei and ZTE in 2018 from selling 5G equipment. The two firms vehemently dismissed accusations over high-speed mobile network espionage, citing discriminatory tactics even with a no-backdoor agreement. 
  • In the same year, the Australian Defence Department banned messaging and payment app WeChat for failing to meet the organisation's standards for use on networks and mobile devices but not necessarily because of security and privacy issues.
  • In late October 2021, PoS terminals from PAX were detected sending anomalous network traffic, which has seen formal requests to replace the equipment due to security concerns. 

The fundamental issue here is supply chain security - the ability of nation state actors to inject spyware (or other malware) into equipment that is broadly used globally. Even where the security risks are not validated, the potential remains. It must also be noted that in the recent past, allies of Australia have engaged in such activities.

With the current geopolitics on global telecommunications being influenced by the US, sweeping impacts on the global supply chain and reduced competition in the market are likely.  

IBRS expects this technology supply spat will expand into areas outside of telecommunications, such as industrial control systems and PoS. Any widespread technology that can be used to impact or monitor aspects of national economies are likely targets.

Who’s impacted

  • Telecommunications procurement

What’s Next?

For organisations considering foreign-manufactured tech products and services, look more closely at the implications of selecting such equipment or platforms. While there is still no public evidence on the credibility of allegations against specific state actors, senior leaders must take security concerns in their organisation and assess the risks they are willing to take when selecting any vendor.

In addition to the security risks, there are also reputational risks, and risks associated with having to replace key solutions, such as is the case with the PAX PoS hardware.

Related IBRS Advisory

  1. Choosing Huawei could be risky - but not why you think
  2. Are you FRUSTRATED with procurement? Why procurement often goes off the rails

The Latest

02 November 2021: Snowflake recently released the Snowflake Media Data Cloud that allows access to real-time, ready-to-query data products, and services from more than 175 data providers. The data-sharing company announced that its product can combine consumer data across sectors to reduce data latency and improve accuracy.

Why it’s Important.

More Australian organisations now recognise that access to external data enables enterprises to create one-to-one or one-to-many relationships for more reliable insights into data. Since it is difficult for businesses to make sense of data they don’t generate themselves, sharing information between internal business units inside the same company or between outside organisations, has narrowed insight gaps aside from lowering the cost of data collection and research. Some recent developments in this area include the following institutions that have extended their data sharing:

  • In 2014, Coles revealed that its online shoppers using Flybuys would have their personal information shared with 30 companies under the same Coles umbrella as well as with third parties in more than 23 countries.
  • Woolworths first started granting access to its consumer shopping behaviour data with all of its suppliers in 2017 to support collaborative decision-making with a customer-centric approach. However, it remains obstinate against disclosing all companies that handle its data when asked to submit comments during the Privacy Act review in 2021.
  • In June 2021, Bunnings announced an upgrade of its tech platform to capture customer information to improve buyer experience. Its privacy policy page explicitly discusses how information is shared with third party businesses such as financial searches, security providers, market research firms, and payment collectors.
  • Likewise, Target Australia discloses customer information to its service providers based overseas and to external call centres, recruitment companies and external fulfilment businesses. 

Ensuring the rights of consumers whose data is being shared can be an issue and apprehensions about maintaining privacy and confidentiality are often raised. The government introduced open banking across the country to provide consumers greater control of their personal data, and with whom it is shared, when applying for banking services.

Enterprises in the data-sharing environment must also find ways to ensure fair and equitable advantage of the information by accessing the same level of data insights as their competitors do. 

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Enterprises need to address the challenges of sharing large scale datasets, such as adherence to legislative and ethical frameworks, using personally identifiable information (PII) for testing, defining the critical role of service providers and their limitations, and improving the overall context of each shared data environment. This can be achieved if policies, procedures and standards on data privacy and security are aligned with data ethics that engender trust among the myriad direct and indirect actors involved in data sharing. Whatever goals such practice entails (such as developing innovative ancillary products with business partners or improving customer care by analysing real-time dashboards for rapid issue resolution), making the best use of opportunities in the field needs to be secure, lawful, just and ethical to ensure that collaboration leads to better decision making when building upon the work of others and fostering a culture of trust. 

Related IBRS Advisory

  1. Beyond privacy to trust: The need for enterprise data ethics
  2. Three ways to turn employee engagement results into actionable and achievable plans
  3. Data loss by the back door, slipping away unnoticed
  4. How Australia must use the PageUp data breach to become stronger - AFR - 18th June 2018

The Latest

2 November 2021: Two former Western Sydney TAFE (WSI TAFE) executives have been charged by the NSW Independent Commission Against Corruption (ICAC) for allegedly engaging in illegal solicitation and acceptance of $450,000 from IT consultancy firm Oscillosoft. The three-year investigation published its findings in a public report that revealed how the executives failed to comply with the proper IT procurement processes when they acquired the iPlan software program on behalf of the institute.

Why it’s Important.

IT-related fraud and corruption have grabbed the headlines in the past years, including:

  • the payment of false invoices in 2015 by a former IT manager who worked at several Australian universities 
  • the 2016 corruption investigation involving $1.7 million in payments for the personal business of an ICT manager at TAFE NSW South Western Sydney Institute 
  • the 2012 illegal ICT contractor recruitment by the head of ICT projects at The University of Sydney 
  • and just recently in 2020, the Australian National Audit Office (ANAO) investigated fraud allegations concerning $2.8 billion worth of procurement contracts by government agencies made with IBM. 

While these headline grabbing examples are concerning, the reality is questionable contracting and programming in ICT is far more pervasive than most executives would like to admit.

IBRS has seen multiple examples of this problem. 

Sometimes these have been uncovered as part of ‘project rescue’ engagements where IBRS has been asked to review why a project is failing and recommend remediation. This is the worst time to discover that the consulting services being procured are more or less thin air, as it means significant budget has already been spent. In one case, IBRS identified a project to implement a major information system had burnt through $3.5 million over three years without a single delivery milestone being met and no code being available for review. There was a ‘friendship’ between the contracting company and the ICT executive.   

In another case, IBRS uncovered consulting being awarded to a family member of the person granting the contracts, and the organisation had an ‘over-reliance’ on contracting.   

Neither of these situations may warrant a corruption investigation. Though they certainly skirted the edges of the law.

At other times, IBRS has uncovered questionable contracting and procurement as part of project assurance reviews. This is the best time to reveal problematic procurement, since it occurs earlier in the project cycle and thus heads off significant losses. More importantly, when staff know that such activities are likely to be exposed as part of the regular due diligence of project assurance, the temptation to engage in such activities that just barely skirt corruption is far less likely to occur.

There is a great deal of financial and reputational savings to be accomplished by putting appropriate governance, such as formal gateway reviews and project assurance programs, in place. 

That said, not every project needs a top-down approach to procurement. Still, the industry needs a more careful process of choosing the right level of governance and assurance for the right projects, taking into consideration the context and culture of each organisation.  

Who’s impacted

  • CIO
  • CFO
  • Procurement teams
  • Executive board

What’s Next?

For fraud and corruption to be prevented, better oversight by an institution's board should be extended to overriding controls, reviewing financial transactions and reporting processes, coupled with a program of project assurance.

Internal controls in payroll, procurement, inventory, sales and financial reporting must be proactive to prevent the manipulation of processes. 

Finally, organisations must review procurement processes regularly and amend sections that promote poor supervision and weak adherence to routine audits.

Related IBRS Advisory

  1. The difference between fraud and cybercrime
  2. Critical Controls for ERP Projects: The Human Factor
  3. Recognising cognitive biases for better decisions

The Latest

2 November 2021: The 2021 Australian Digital Inclusion Index indicates improvement in technology access, but many are still considered left out of the digital revolution.The recently published Index reports access to technology accelerated to 71.1 from 67.5 points the previous year, indicating significant improvement among middle-aged and senior Australians. It remains to be seen if this pace of progress can be sustained in the next year, considering the impact of the COVID-19 pandemic on online participation.

Why it’s Important

When planning digital engagement, service and marketing teams need to be aware that access to digital services is not ubiquitous. This is especially important for public sector organisations, where the failure of equitable delivery services may harm the most at-risk segments of society. However, it is also important for private sector organisations, as they plan multi and omnichannel services.

The Index provides important information that can help with planning digital services.

Some of the report's key findings necessary for policy implications include the following: 

  • The metro-regional gap has narrowed in different regional areas to 67.4 from 62.3 points
  • The national access score has improved to 70.0, but it is not shared evenly by all citizens, with 11 per cent of the population still being excluded
  • A slight boost in the digital ability score has been achieved at 64.4 points, although basic operational skills (setting passwords, connecting online, etc.) have dropped.
  • 14 per cent of Australians would need to pay more than 10 per cent of their income to afford a reliable internet connection
  • The gap between citizens with the lowest and highest income has slightly widened from 25.3 to 26.5 points.

These survey results indicate the need for solutions to remove barriers to inclusion, such as affordability of devices and lack of training for better digital literacy. In particular, the Index recommends improvement in network access and critical infrastructure through the ongoing pandemic, and provision of more affordable broadband connections across all regions and cities.

Who’s impacted

  • CIO
  • Managers
  • Business analysts

What’s Next?

When planning digital services, look for qualified sources of information on the extent to which the new services will be accessible and, importantly, who may be excluded. Discuss the impact of any exclusion on both those being excluded and your organisation. What additional, non-digital channels will be needed, and how will these channels eventually find their way back into the multi or omnichannel strategy?

Related IBRS Advisory

  1. Staff need data literacy – Here’s how to help them get it
  2. Trends for 2021-2026: No new normal and preparing for the fourth-wave of ICT

The Latest

22 October 2021: Google’s latest digital solutions, product features and partnerships were unveiled at Google Cloud Next ’21. In this three-day event, Google and Alphabet chief Sundar Pichai and Google Cloud CEO Thomas Kurian led the keynote sessions on Google Cloud’s improved customer ecosystem and security capabilities.

Possibly the most significant announcement at the event was around Google Distributed Cloud. The Google Distributed Cloud (GDC) platform allows deployment of Cloud-native architecture to private data centres. GDC Edge provides capabilities to run applications at the ‘far edge’ of organisations - IoT devices, AI enabled devices, and so on - via low-latency LTE, radio access network (RAN) networks, and newer 5G Core network technology.

Google Distributed Cloud does not require enterprises to connect to Google Cloud when using their APIs or managing network infrastructure. This is important for organisations (e.g. public sector, finance, health) needing to retain on-premises deployment for tighter control over security and compliance.

Why it’s Important

With GDC, all the top three hyperscale Cloud vendors now have options to run applications developed for public Cloud across private and semi-private infrastructure. Furthermore, all three vendors have approaches to ‘edge’ computing. This is a natural evolution of the operational practices, automation and management software, software defined networking and hyper-converged infrastructure (HCI) that sees the Cloud seeping back into all areas of ICT. As this trend continues, and the lines between where ‘Cloud infrastructure’ sits, organisations will need to make decisions on the key automation and management platforms they will adopt across Clouds.

More organisations have started looking for better solutions to place their Cloud resources anywhere and in any geolocation. This offers considerable reductions in latency by eliminating the distance between users and their content to ensure highly available data while keeping costs low.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

All the hyperscale Cloud vendors are offering this type of flexibility and they are strongly expected to improve over time. It will further drive hyper converged infrastructure (HCI) investments driven by the demand for cost-effective scalable storage with strong durability and availability guarantee.

Related IBRS Advisory

The Latest

22 October 2021: At Google Cloud Next ’21, Google announced the general availability of a PostgreSQL interface to its hyperscale, global spanning Spanner relational database. In short, this means that organisations that have applications that are compatible with PostgreSQL can now migrate to a highly elastic database that is significantly less costly, more robust than running PostgreSQL instances on virtual machines.

Why it’s Important

Google’s highly scalable Cloud relational Spanner database provides high-velocity transactions, strong consistency, and horizontal partitioning across global deployments. Like other specialised, serverless Cloud databases, Spanner previously required legacy (on-premises) applications’ data access layers to be reworked. 

The addition of a PostgreSQL interface greatly reduces development teams’ workload for migrating applications to Spanner. This has several knock-on impacts when migrating applications to the Cloud, including: 

  • reducing training  / new skills development, and allowing existing skills to be fully leveraged
  • reducing the vector for new bugs to be introduced
  • simplifies testing

Overall, this significantly lowers the cost and risk of moving an app to the Cloud. 

As always, the devil is in the detail. Cloud Spanner Product Manager, Justin Makeig posted that the platform does not yet have universal compatibility for all PostgreSQL features, since the company’s goal was to focus on portability and familiarity. However, IBRS has determined that even with the current level of functionality, the PostgreSQL interface for Spanner presents good value for teams looking to migrate legacy applications to the Cloud.

Google is not the only hyperscale Cloud vendor that has enabled this type of operability. However, Cloud Spanner is more economical than competitive hyperscale Cloud database products at this time.

Who’s impacted

  • Development team leads
  • Cloud architecture teams

What’s Next?

Google announced that it is planning to expand its Spanner integration to additional database standards. Data portability and migration of legacy applications to hyperscale Cloud is now a focus for many ICT groups. The availability of open standard SQL interfaces to database PaaS (platform-as-a-Service)  is expected to be a trend for application and data migration, especially where the applications are complex.

Related IBRS Advisory

  1. VENDORiQ: Google introduces Database Migration Service
  2. Enterprise resource planning (ERP) Part 5: Will automation of S/4HANA data migration make modernisation

The Latest

22 October 2021: Google introduced the Work Safer program at the Google Cloud Next ’21 event. The new program includes the Google Workspace suite of products, and adds several third party cyber security services for endpoint security and access to legacy solutions. In addition, Google unveiled upgraded devices, including new Chromebooks from HP.   

A new in-house Google Cyber security Action Team was also introduced in the event. The group will take the lead in developing cyber security and digital products by leveraging the capabilities of the Work Safer program and developing training and policy materials..

Interestingly, Google is offering a whopping 50% discount for the term of the initial contact for all products (its own and third parties) within the Work Safer program.

Why it’s Important

The aim of the Work Safer program is to reinvigorate interest in the Google Workspace ecosystem.  

Microsoft continues to have a near monopoly on the office productivity space, and is using that position to drive organisations towards its Azure Cloud ecosystem and its security ecosystem. Microsoft’s strength is its breadth of services, support for legacy solutions and resistance to change by both desktop teams and office staff.  Creating sufficient impetus for change to a light-touch, collaborative environment of the magnitude Google proposes is hard.

Google Workspaces has a far smaller attack vector compared to Microsoft. Its architecture has been firmly rooted in zero trust since its inception - from the devices all the way to the apps, storage and access controls. However, organisations that have not yet gone down the Google path retain a significant array of existing network investments, legacy solutions, mixed access controls and identity management, devices and so on. To meet these clients' needs, Google has partnered with CrowdStrike and Palo Alto Networks to come up with endpoint protection and threat detection solutions. The partnerships should not be viewed as “Google is backfilling weaknesses in its ecosystem” (which is something we expect to hear from Google’s competitors soon. Instead, these partnerships should be viewed as Google recognising its ecosystem will need to sit alongside ecosystems based on architectures that were conceived several decades ago and retain complexities that need to be addressed.

With more businesses shifting to a remote or hybrid work setup, the risks of ransomware attacks through phishing campaigns, malware infections and data leaks pose a threat to these companies’ data security practices. As such, Google easily benefits from its product’s value proposition already being consumed.   

Therefore, it would appear that Google’s messaging is on point. 

However, from roundtable discussions with digital workspace teams held this month, IBRS has confirmed that Australian organisations’ ICT groups and senior executives continue to resist a major step-change in the office productivity and device space. Rather, most organisations continue to look for ways to extract more value from their existing Microsoft contracts, increasingly looking to expand their investments into Microsoft’s E5 security offerings.  

In short, Google’s challenge is not convincing organisations they have a better, leaner security model. It is not even being less costly than Microsoft.  

It is literally resistance to change.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Even if an organisation is unlikely to switch to Google Workspace, it is beneficial to review Google’s architecture and which aspects can be applied to the existing architecture.

Organisations should also consider running Google Workspaces experiments with groups of remote / hybrid workers that have less connection with legacy solutions.

Related IBRS Advisory

  1. Deciding between Google G Suite and Microsoft Office 365
  2. Considering Chromebooks Part 1: Show me the money!
  3. Chrome OS: Follow the money

The Latest

22 October 2021: Microsoft recently unveiled the latest versions of its Surface line of devices with versatile form factors to cater to different use cases. Highlights include the redesigned 13-inch Surface Pro 8 tablet with 11th generation Intel processor, the portable Surface Go 3, the laptop/tablet Surface Pro 7+, the pocket-sized Surface Duo 2, and the highly anticipated Surface Laptop Studio.

Why it’s Important

Microsoft released its redesigned Surface lineup form factor alongside its rollout of Windows 11 earlier this month. While there are plenty of improvements in the new lineup, most are best described as evolutionary: more computing power, refinement of form factors, etc. 

However, two products stand out as potential new niche market makers: the Duo 2 and the Surface Laptop Studio.

The Duo 2: Win-Win or Double-Trouble?

IBRS has obtained a Surface Duo 2 and finds it fits somewhere between a smartphone and a tablet… yet not quite matching either role. While Samsung found some success with its Galaxy Z Fold device as a smartphone, the Duo 2 tends more towards the tablet end of the market.

If the Duo 2 is to be successful, it will be due to Microsoft defining a new niche for mobile prosumer (professional- level consumers). The success of the device will indicate that there is no single market niche for foldable devices (as they are currently being touted), but several sub-niches tied more to screen size, onscreen keyboard capabilities and photography prowess.

On the flip side (pun intended), first impressions of the Duo 2 suggest it may be a workable alternative to the semi-ruggedised, larger format smartphones which are making inroads against traditional fully-ruggedised tablets. 

The additional screen space and size of the on-screen keyboard, positions the Due 2 slightly above most of the large format phones for field workers. It is even passable (just) for running remote virtual desktop applications. 

Surface Laptop Studio: Solves the problem you didn’t know you had

IBRS has also trialled the Surface Laptop Studio. IBRS believes this device serves a new niche between more traditional laptops (such as the Surface Book) and hybrid devices (such as the Surface Pro).  

The Laptop Studio has a hinge at the back to help set up the device in three versatile constructions: a regular laptop, a ‘stage’ mode where the screen is closed when streaming or engaged in video calls, and the ‘studio’ mode where the screen slides out flat, effectively turning the device into a graphic-intensive tablet.

From observations during ‘digital workspace’ consulting engagements, IBRS has noted that the Surface Pro is often used as a ‘primary desktop’ (meaning, used mostly when seated as a staff-members regular desk and in the home office). The weakness here is that the device is better suited for mobile (nomadic) work.

The Laptop Studio is more geared towards a desk-top experience, while also providing for flexible user configuration. For example, it features more connectivity ports, but less focus on the battery 

Microsoft is not the only company implementing a new form factor to cater to users’ needs for devices that straddle between existing designs. Acer’s ConceptD 3 Ezel and HP’s Spectre Folio also share the same form factor as the Surface Laptop Studio. 

It is likely this ‘desktop oriented yet flexible’ form factor will gain ground as more organisations adapt to the demands of hybrid working. It is not enough to consider someone working between multiple office locations as being a ‘remote worker’. Rather, they are full-time office workers that may wish to move between locations, while gaining the ability to host video conferencing, engage in pen / tablet creative work, and switch back to having a more traditional desktop experience.

Who’s impacted

  • Procurement
  • Digital workspaces / end-user computing teams

What’s Next?

The evolution of end user devices is ongoing - albeit slowly and with more than a few dead-ends. Manufacturers continue to experiment with new market niches, as organisations become more selective with devices that meet specific needs.  

The upshot of this is that care should be taken when developing ‘personas’ for digital workspaces. Keep in mind that a persona is not solely related to a staff member’s ‘job’ (which is really multiple different types of jobs). It needs to factor the environment, the tasks performed in the context of the environment, and the staff's ability to switch between different devices based on needs at any given time.

In addition, when determining mobile force field device needs, do not limit the evaluation to the features of fully rugged products. Instead, consider the lifecycle of the products and software dependencies. Only then should an organisation decide which available devices on the market can best cater to the work contexts and personas you have.

Related IBRS Advisory

  1. Redefining what ruggedised means
  2. The use and abuse of Personas for end-user computing strategies
  3. Examples of Persona Templates
  4. VENDORiQ: Samsung unveils new smartphones

The Latest

16 August 2021: VMware and AWS announced that VMware Cloud had been independently assessed by an Information Security Registered Assessors Program (IRAP) assessor against the Information Security Manual (ISM) PROTECTED controls.

Why it’s Important

IBRS has noted that VMware Cloud is becoming increasingly popular as a management platform for hybrid Cloud. Its main attraction is that it offers a smooth ‘lift-and-shift’ of on-premises vSphere environments to a hyperscale over time, with different aspects of the data centre ecosystem running in the Cloud and/or on-prem. The VMCloud approach is particularly attractive for heavily regulated organisations and agencies, since it supports Amazon Elastic Compute Cloud elastic, bare-metal infrastructure. 

By assessing the VMCloud service, public sector customers have the opportunity to accelerate their Cloud migration, moving more of the load from on-prem environments to Cloud, while retaining operational consistency with their on-prem data centre.

While VMware Cloud IRAP for PROTECTED status is very much welcome, there is also the risk that IRAP is treated more as a ‘check-box’ in a security policy, rather than a foundation on which to build robot security practices. Many Cloud breaches are not the result of zero day exploits or misconfigurations from vendors (despite recent issues with Azure) but rather weak configuration management. This is exacerbated by the ongoing skills shortage in Cloud engineers, plus the even more critical shortage of cyber security professionals.

VMware Cloud provides common approaches to managing the Cloud environment, but it is only as good as the attention to detail given to the configuration of the environment. Tools such as GorillaStack can assist, but operational security is ultimately a matter of practice.

Who’s impacted

  • CISO
  • Cloud teams

What’s Next?

When considering Cloud management tools, security certifications and IRAP assessments are a sign that the vendor has best practices in place, but are not a panacea for mitigating risk. Treat them accordingly. 

Related IBRS Advisory

  1. Cloud Security Considerations – Lessons from the Frontline
  2. PROTECTED Cloud: Cyber considerations
  3. The value proposition for PROTECTED Cloud
  4. Why Cloud Certified People Are in Hot Demand
  5. VENDORiQ: Microsoft Cloud Database Security Flaw - A Nightmare or a Wake-up Call?

The Latest

22 September 2021: Six months after GorillaStack has released capabilities to monitor and apply rules to any AWS events, it has added similar functionality to Azure. The new service enables greater governance and automation of Azure. The new Azure service focuses on identifying when bad changes - particularly those that may impact security - occur.

Why it’s Important


As previously discussed, Aussie born GorillaStack is one of the earliest vendors to address the complexities of Cloud cost management.

Since its inception, GorillaStack has evolved into a more expansive Cloud monitoring service, with a growing focus on security and compliance. In March 2021, GorillaStack announced real-time event monitoring for AWS. With this announcement, it expands the monitoring of events to Azure, and confirms IBRS analysis that Cloud cost optimisation and security compliance go hand-in-hand. In short, enforcing configurations for security follows the same processes and uses common architectures as enforcing financial governance within Cloud infrastructure. 

Who’s Impacted

  • CIO
  • CISCO
  • Cloud teams 

What’s Next?


When reviewing solutions for Cloud cost optimisation through compliance, consider the extent to which the service can also assist with tightening up security. Conversely, when looking at tools to help enforce Cloud security compliance, consider how these may also be used to manage costs.

Related IBRS Advisory

The Latest

27 August 2021: Security flaw hunters at Wiz were able to obtain the security keys that control access to Microsoft’s Azure Cosmos DB, and demonstrate that it was possible to access customers’ Azure Cosmos DB.  

Why it’s Important.

This flaw is especially worrying, because all Cloud vendors and many independent security advisors, including IBRS, have been advocating that Cloud security is generally of a far higher standard than that achieved by most in-house data centre teams. IBRS stands by this claim. But this does not mean Cloud vendors will not make security mistakes. And when they do, they will impact large numbers of organisations.

There is no evidence that this security flaw - likely an operational oversight - has been exploited. Once it was identified by Wiz (on the 9th August) and flagged with Microsoft (on the 12th August), the existing keys were quickly re-secured. Unfortunately, the keys in question are fundamental security assets that Microsoft cannot change. Therefore, Microsoft emailed the customers (on the 26th Aug) requesting they create new keys, just in case the previous keys had fallen into the hands of bad actors. It is estimated that 3300 customers have been impacted. 

To mitigate this issue, Microsoft advises Cosmos DB customers to regenerate their Cosmos DB primary keys immediately.

Unfortunately, just because there is no evidence the flaw had been leveraged, organisations should assume the worst. It is well publicised that state-actors hoard such flaws for intelligence gathering. In this case, paranoia may be justified.

More importantly, the situation highlights the need to take a multi-level approach to security in the Cloud. Relying on security protocols to secure an essential asset places organisations at greater risk of these hyper-scale security flaws.  

For example, in this situation, organisations that have behavioural/usage pattern analytics monitoring the database would likely have been altered should any bad actor start to access the database, and remedial action would be triggered. Furthermore, data from such monitoring could be used to determine the likelihood that the security flaw had been exploited - something few Azure Cosmos DB customers can confirm at the moment. 

Another example is using encryption services, these services should be leveraged extensively. Assume data assets will leak and repositories (including databases) will be breached, base encryption strategies on the sensitivity of the data. 

A migration to the Cloud can often improve the security stance of an organisation, but only if security is treated as a multifaceted, ‘trust nothing’ (akin to zero trust) philosophy is taken.

Who’s impacted

  • CISO and security teams
  • Cloud architects
  • Cloud migration teams

What’s Next?

  • If you are an Azure Cosmos DB client or have instances in development teams, immediately regenerate the primary keys for these databases.
  • Review your Cloud solution designs - including those of ‘lift and shift’ of legacy systems - to identify where single points of security failure could occur. Consider remediation strategies using multi-facilitated security services risks. Such effort needs to be balanced against business risk and information sensitivity. 

Related IBRS Advisory

  1. Cloud Security Considerations – Lessons from the Frontline
  2. CyberArk launches AI-powered service to remove excessive Cloud permissions
  3. New generation IT service management tools Part 2: Multi-Cloud management

The Latest

19 August 2021: Microsoft has announced pricing increases for its Office 365 and Microsoft 365 offerings, which has resulted in a great deal of media coverage.Microsoft is at pains to point out that it has not increased its prices on 365 for a decade, and during that time has added a great deal of functionality (20+ applications) to the portfolio.

The Specifics

Microsoft is still working through how the new pricing will be applied in the Australian market and an announcement is expected soon. IBRS will perform a detailed cost analysis at this time. However, Microsoft has confirmed that any changes to local pricing will mimic the North American price changes. 

Based on the US data, enterprise and business plans will see increases in March 2021. Based on US$, the dollar amounts range from US$1 to US$4 per user per month, or US$12 to US$48 per user per year, with the percentage increases running from a low of 9% to a high of 25%. Microsoft F-series licences for frontline workers and Microsoft 365 E5 are not subject to price increases. Consumer and education-specific plans (the A-series) are also unaffected by the price increases.

The new pricing structures will disproportionately impact small businesses and those with the lower levels of the Microsoft suite, while enterprises with E5 licences will be left unscathed. That in itself reveals Microsoft’s clear intent to nudge the market towards its E5 offerings. It is estimated that only 8% of Microsoft customers globally opt for E5 licensing, though IBRS has seen strong interest among Australian organisations to at least explore the more expansive capabilities found in E5.

At this time, we believe the majority of IBRS clients will see price increases in the lower range. However, given that Australia has been one of the fastest adopters of Office 365, and has for decades suffered from ‘the Australia tax’ of software vendors, the increases will still be felt deeply across the industry.

Why it’s Important.

For many IBRS clients, the immediate impact is the need to set aside extra budget for its existing 365 environment. 

Something that is not gaining attention is that the new pricing also increases the cost of Microsoft’s Unified support, since it is calculated as a percentage (10-12%) of the overall Microsoft spend. IBRS recommends that organisations set aside a budget for this increase as well.

However, the price increase is not the full story. A closer look at how the new pricing is structured, plus other less publicised changes, suggests it is geared towards making E5 licences more attractive to mid-sized organisations. 

The increases came shortly after Microsoft announced that its perpetual-licence Office would see a 10% increase and that its service for Office would drop from 7 years (it was previously 10) to just 5. Even more telling is that Microsoft has effectively engineered a one year ‘gap’ in N-2 support for Office (with the persistent licensing model), which forces organisations with older Office Pro licences to either purchase an upgrade sometime before 2023, or migrate to Office 365. 

In summary, Microsoft’s recent changes to Office licensing are a strategy that makes the price difference from E3 to E5 licensing less imposing and makes sweating perpetual Office licences far less attractive, if not unworkable. The savings from sweating Office licences over a five-year period are still there, but they are significantly lower than with seven-year cycles.

IBRS has long stated that Microsoft’s goal is not necessarily to drive up ICT budgets. A closer look at the additional capabilities found in E5 licensing reveals that most are aimed at moving Microsoft into adjacent product sets. For example, the additional security capabilities that become available with E5 licensing are clearly aimed at security incumbents, such as Symantec. Microsoft’s E5 strategy is to pull ICT budget away from competitors and into its own coffers. It is about carving out competition.

Who’s impacted

  • CIO
  • CFO & procurement
  • Digital workspace teams

What’s Next?

In the Australian market, IBRS sees few enterprises still on persistent licensing for Office. Globally, Australia has been an early adopter of E3 licensing, though until the mass push to work from home in 2020, many organisations did not take full advantage of the additional features and collaboration capabilities of the 365 platform. Furthermore, Google Workspaces is only making marginal increases in the local market, meaning Microsoft has little real local competitive forces working to temper it in the office productivity space (though this is not the case in other markets in the Asian region).

Therefore, the question for organisations is, is this strategy to push customers from existing E3 licences to E5 licences a trigger to start re-evaluate ways to leverage more value from the Microsoft ecosystem (that is, double-down on Microsoft).  

Organisations may respond to this price increase and Microsoft’s strategy to push customers from existing E3 licences to E5 licences as a trigger to:

  1. Re-evaluate ways to leverage more value from the Microsoft ecosystem (that is, double-down on Microsoft).  Just prior to this announcement, IBRS had drafted a paper on how to decide between E3 and E5 licensing. It is due for publishing in the coming month. However, if you wish an advance (draft) copy, please request it from nbowman@ibrs.com.au. It is focused on how to evaluate the additional benefits of E5 in the context of your existing software ecosystem.
  2. Set up a ‘plan b’ for enterprise collaboration. In a practical sense, this would likely be a shift to Google Workspace for part of the organisation, coupled with a percentage (generally 20-30%) of the organisation also having Office software, though not necessarily Office 365.  
  3. Set aside 12-15% extra budget for the existing E3 environment, plus a similar increase for support of the Office environment, and re-evaluate the situation in 2-3 years

IBRS also recommends considering what will happen in another 10 years, when many organisations have migrated to E5 (which is likely). What new business risks will emerge from this? Migrating from Office 365 E3 to a competitive product (e.g. Google or Zoho) is hard enough. When E5 features are fully leveraged, the lock-in is significant, but so too is the value. At the end of the day, the ultimate risk factor is trust in Microsoft not to engage in rent-seeking behaviour.

Related IBRS Advisory

  1. Pros and Cons of Going All-In With Microsoft
  2. Special report: Options for Microsoft support - Key findings from the peer roundtable: August 2020
  3. The journey to Office 365 Part 6: Mixing up Microsoft’s 365 licensing and future compliance risks
  4. DXC Technology and Microsoft collaborate on workplace experience
  5. AIP Should be Essential to Any O365 and Workforce Transformation Strategy
  6. AIS and Power BI Initiatives
  7. Microsoft Pivots to Target Verticals

The Latest

12 August 2021: TechnologyOne released a significant report based on a six-month long study into the economics of Cloud computing and SaaS among Australian organisations.  

The study, which was independently conducted by IBRS and Insight Economics, explored the tangible costs associated with migrating to the Cloud, with both IaaS and SaaS journeys investigated. An economic analysis of the data collected through 67 in-depth case studies with CIOs and C-suite executives, additional interviews, and over 400 respondents, revealed a $224bn economic dividend for the Australian economy, prompting TechnologyOne to term the report "too big to ignore".

Why it’s Important.

While the report is aimed at policymakers and strategies looking at the macro-economic impact of technology, it also details the costs and benefits of Cloud adoption by industry sectors, providing IT strategists with realistic benchmarks. 

When developing the methodology for the report, IBRS and Insight Economics took a ‘no free lunches’ approach to data collection. Unlike other reports on the benefits of Cloud migration, the study took into account the costs of, and time needed for transition, including training, change management, skills (and skill shortages) and the fact that many organisations will need to retain on-premise environments to support legacy and home-grown applications for years to come. In addition, only productivity benefits that had been measured were included in the analysis. 

As a result of the evidence-only approach to the study, the ‘direct returns’ on Cloud migration detailed in the report are both far lower and far more realistic than those found in studies conducted in the USA and Europe.

The report may be accessed here: https://toobigtoignore.com.au/

Who’s impacted

  • CEO, COO, CFO, CIO
  • Cloud migration teams

What’s Next?

The conservative approach to the study, the rich data collected, means that organisations still struggling to make a business case for SaaS have practical benchmarks and economic modelling to call upon.

Related IBRS Advisory

  1. The economic impact of software as a service in Australia
  2. Get board agreement to the Cloud strategy

The Latest

28 July 2021: During Inspire, Microsoft unveiled Windows 365, which it positions as a Cloud desktop service. IBRS views Windows 365 as an evolution of existing virtual desktop solutions. 

In addition, Windows Virtual Desktop services have been rebranded as Azure Desktop Services. With this rebranding, Microsoft also introduced a number of enhancements, including closer integration with Azure Active Directory (AAD) and Endpoint-Manager, with the ability to deploy applications across both physical devices and Cloud-based desktops based on roles. 

Windows 365 is built on top of Azure Virtual Desktop service. The difference between Windows 365 and Azure Desktop Services is that Windows 365 has more automated, easier deployment and administration options. It is well suited to organisations with minimal VDI specialisation and more akin to a ‘fully managed virtual desktop environment’.  

In contrast, Azure Desktop Services is better suited to larger organisations that have a need for a high level of customisation. It is more akin to a virtualised Citrix farm.

Why it’s Important.

In 2019, Microsoft quietly changed the licensing conditions for running virtual servers in the Cloud, which hindered VMware’s ability to migrate VDI (among other services) to hyper-scale Cloud services. Since then, IBRS has had reports of efforts to migrate VDI into the Cloud stifled by rights, with Microsoft partners steering organisations to an ‘all-in Azure’ approach.

The introduction of Windows 365 and the rebranding of Azure Virtual Desktop certainly fits a strategy of selecting alternative virtual desktop environments less compelling. 

This is not to say that Microsoft’s VDI capabilities are not solid offerings. Windows 365 certainly addresses a problem in the Australian market, where fully managed VDI has suffered greatly from vendors under-scoping the resources needed to run a client's environment in order to come in at the lowest possible cost. Autoscaling in the Windows 365 environment largely eliminates this issue. The level of automation is also impressive, as is an application cook

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Windows 365 is a viable option for specific use VDI cases, and it may be considered against traditional fully managed desktop vendor solutions. However, it may not be cost-effective at scale. Solutions from AWS, VMWare and Google should also be examined, though it is important to consider the total cost of operation of this type of VDI, not just the licensing / service costs. Be sure to factor in human resources for administration, application compatibility testing and packaging (which are significant hidden costs and often overlooked, as well as help desk and support.

In addition, if staying within the Microsoft stack, Azure Desktop Services can provide a more flexible and scalable solution. Again, be sure to factor in the total cost of operation.

Overlooked by many discussions of Cloud VDI is the rise of Cloud application virtualisation services from the likes of Cameyo. Rather than presenting an entire desktop, these services only stream a configured application, either in a manner that makes it appear as a native application or within a web browser. Such an approach is significantly lower cost than traditional VDI. When considering a new virtual environment for your workers, both VDI and Virtual Application Delivery (VAD) options should be considered.

Related IBRS Advisory

  1. Should You Outsource Your Virtual Desktop Infrastructure?
  2. When to Consider Virtual Desktop Infrastructure
  3. VDI trends for 2021–2025
  4. End-user computing managed services: 3 initial things to consider for the RFP
  5. SNAPSHOT: Workforce Transformation beyond Mobility and Digital Workspaces
  6. IBRS Compass: Beyond the Desktop: Creating a Digital Workspace Strategy for Business Transformation

The Latest

3 August 2021: Salesforce has announced an agreement to acquire Servicetrace, a robotics process automation vendor. This marks another milestone in Salesforce’s strategy to deliver enterprise SaaS solutions surrounded by a mesh of low-code process automation and integration. It is also evidence of how the previously disparate markets for low-code application development tools, RPA, process mapping, and integration tools are consolidating into a service mesh that goes beyond process digitisation. In this case, when coupled with enterprise SaaS, the sum is greater than the parts.

Why it’s Important.

In the IBRS trends report for 2021-2026, a fourth-wave of ICT was detailed. The crest of this wave is the rapid consolidation of low-code, process mapping, RPA and (soon) rules engines, and AI.  

However, IBRS case studies with scores of executives involved in Cloud migration strategies, suggest that many organisations ICT groups are resistant to the coming wave. This is mainly due to sunk costs in on-premises software and infrastructure, the difficulty in justifying costs of integrating disparate systems and, at least to some degree, concerns over losing control or lacking skills to manage core infrastructure.

The cost of integration coupled with the need for digitising manual processes is currently a real economic barrier. Financial modelling suggests that the labour and costs of integrating disparate (on-premises and Cloud) solutions can destroy the return on investments for Cloud migration in the near to mid-term (1-5 years). This is especially problematic for industries with a complex mix of specialist enterprise solutions, such as healthcare and utilities. 

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Organisations that have previously rejected Cloud migrations due to not being able to make the financials stack up should consider re-evaluating the decision in 2022, taking into account the potential of buying into a mesh ecosystem that unifies low-code, workflow, process mapping, RPA rules engines and possibly AI services and that supports SaaS enterprise solutions ‘out of the box’.

Enterprise architects should also consider a shift towards a fourth-wave of ICT will impact their organisation’s ICT architecture and, if needed, begin planning to evolve to a new environment.

Related IBRS Advisory

  1. Hammering Low-Code into Place Takes Time
  2. Mulesoft Believes it Can Accelerate Digital Customer Experiences on SAP
  3. Salesforce introduces Hyperforce
  4. Salesforce Einstein automate

The Latest

16 August 2021: Zoom is best known for its video conferencing solution, which set new standards for ease of use and quick adoption, which in turn saw its usage skyrocket during the first months of COVID-19 lockdowns. The firm’s brand is now so ingrained that staff often refer to video conferencing as ‘zoom calls’ and the public use the terms ‘zooming’ and ‘zoom me’, even when Zoom may not be technology in use. Unfortunately for Zoom, its strong brand recognition with video calls often obscured the breadth of its unified communications (UC) ecosystem.

Zoom is attempting to reposition its brand as an end-to-end UC platform. The topics for its planned Zoomtopia summit, scheduled for the 14th of September, are clear indicators of where Zoom will focus its efforts in the coming year: 

  • Public sector
  • Education
  • Healthcare
  • Financial services

IBRS recent interviews as part of the Cloud economic study found these four sectors have all been particularly impacted by COVID-19 in terms of service delivery volume and increasing expectations on multichannel (if not omnichannel) experiences. So Zoom’s targeting makes sense. 

Why it’s Important.

The requirements for UC are shifting from internal standardisation (cost optimisation, ensuring staff can communicate efficiently and switch between communications modes) to external flexibility (delivering services using end-points that the public have on hand). It is for this reason that both Microsoft Teams and Zoom are finding their way into call centre strategies. It is not just that these video communications technologies fit within a larger communications ecosystem, but that the majority of the public are familiar with the services and likely have clients already installed on their devices. The mature wave of UC, which IBRS introduced 14 years ago, is moving from the trailblazers into the mainstream.

Who’s impacted

  • User experience / customer journey teams
  • Development team leads
  • Customer service teams
  • Call centre teams

What’s Next?

There two key triggers for replatforming an organisation’s UC environment, or at least introducing a new UC platform:

  • An overhaul of call centres, possibly in conjunction with CRM modernisation.
  • Replacement of legacy PBX or VoiP solution

 

Related IBRS Advisory

  1. Unified Communications: the future is full of MUC
  2. Unified Communications: Justifications and Predictions
  3. Special Report: Using Lessons from Activity-Based Working to Redefine the Post-Pandemic Workplace

The Latest

18 August 2021: While natural language processing AIs are becoming increasingly accurate in how they respond to questions, their ability to explain how they arrived at their answers has been limited. As The Doctor reveals, confronting a rogue AI in the Green Death, ‘Why?’ remains, perhaps, the hardest question for machine intelligence. IBM’s AI Horizons Network is developing a method to enable AIs to explain their reasoning with a common sense data set.1 

Why it’s Important.

Today, virtual service agents, both customer facing and internal IT held-desks, are effective and very efficient FAQs. They can identify a context from natural language and then provide answers to questions, as well as provide follow up answers based on the original context. However, they cannot provide details as to how they arrived at any given answer, which generally leads to a request for human manual intervention.

Specialists who develop conversation virtual service agents, work around these limitations by programmatically refining the answers AIs have available (i.e. curating the FAQ) to include reasons. E.g. “Your transaction has been declined because of XYZ.” 

IBMs work to allow AIs to report back on their reasons, may not only minimise the programming effort needed to develop virtual agents, but allow them to report decision-making in ways that organisations have not considered. 

While AI development will remain a niche activity for most Australian organisations, AI will increasingly find its way into enterprise SaaS products. Natural language AIs coupled with machine learning over knowledge assets held in core enterprise systems will see a rapid increase in the use of virtual agents, both for internal and external services. 

Who’s impacted

  • AI specialists
  • Service automation / customer experience teams
  • ICT strategy leads

What’s Next?

The rapid improvements in AI quality, coupled with their integration into most enterprise SaaS products, will make them ubiquitous for customer service delivery within the next 2-5 years.

Organisations need to start exploring the AI service agent capabilities already available in their SaaS products, and develop plans for how to leverage such capabilities. The goal should not be to deliver an ‘all-singing and dancing’ virtual agent experience, but rather to incrementally introduce capabilities over time, learning how clients and staff wish to interact, and continually leveraging advances in technology as they become available. 

Related IBRS Advisory

  1. Chatbots Part 1: Start creating capabilities with a super-low-cost experiment
  2. Preparing for the shift from digital to AI-enabled transformation
  3. BMC Adds AI to IT Operations
  4. Trends for 2021-2026: No new normal and preparing for the fourth-wave of ICT
  5. Software Agents Maturity Model
  6. Artificial intelligence Part 2: Deriving business principles

 

Footnotes

1. COMMONSENSEQA: A Question Answering Challenge Targeting Commonsense Knowledge, 2019 Association for Computational Linguistics

The Latest

27 July 2021: During Google Cloud Platform’s (GCP) analyst update, the vendor unveiled details regarding its Australian expansion with a new Melbourne data centre and new management for the ANZ region. 

Why it’s Important

The new data centre is more an indication of overall Cloud growth in Australia, as IBRS has reported in the past. It is less a turning point in Google’s strategy, and more of a necessary response to market trends. It should be noted that a large set of GCP services will be available from the Melbourne zone, but not all. Others will be added ‘based on market demands’. This is a strategy that has been adopted by all three hyper-scale Cloud vendors, and is a clear indication of how Cloud usage is expanding in Australia: from core infrastructure services (especially storage, compute, containers and analytics) to more nuanced services, such as AI.

During the briefing, Google highlighted its private ANZ wide data network as a key differentiating factor. There is merit to this claim, as network infrastructure in Australia remains a thorny issue for Cloud clients outside the major States, such as Perth and Darwin, Adelaide, etc.

More telling was what was not elaborated upon during the briefing. In the past, Google has focused on its capabilities in AI as a key differentiator in the market. While Google clearly has strong credentials in AI, the reality is that most Australian organisations are not investing in AI directly, but rather obtaining it as part of other solutions. 

For example, AI is found in capabilities of CRM products Salesforce (Einstein) and Zoho (Zia), in low-code products from Appian and Microsoft’s Power Platform and so on.  

Instead, Google championed its partner program and its support credentials. Google knows channel partners are essential to competing against AWS and Microsoft. It also recognises that skills are in short supply, so is investing in training and support programs. 

In reality, Google’s strongest competitive weapon is an age-old one: value for money. When evaluating like-for-like core compute and storage services, GCP is more economical than its two top rivals.

Who’s impacted

  • CIO
  • Cloud infrastructure teams

What’s Next?

Most organisations will end up with a multi-Cloud environment, though with a preference for a ‘primary’ platform. Many Cloud migration strategies IBRS reviews are scoped in such a way to limit the choice of deployment to Azure and/or AWS. Given the strengths of these two Clouds, this makes sense. Oracle’s Cloud platform is also appealing to Oracle customers looking for an ‘easy’ migration of their core services. 

Far fewer Australian organisations are formally considering GCP as a viable alternative for running core workloads, or even leveraging it for failover/parallel workloads. This is a lost opportunity. While IBRS is not recommending GCP, it considers that the vendor is under-represented in shortlists and as a result, opportunities for Cloud cost optimisation and contestability in multi-Cloud environments suffer. 

Related IBRS Advisory

  1. IBRSiQ: Google Cloud - Are Their AI Offerings a Point of Difference From Other Vendors?
  2. Vendor Lock-in Using Cloud: Golden Handcuffs or Ball and Chain?
  3. Options for Machine Learning-as-a-Service: The Big Four AIs Battle it Out
  4. How to get on top of Cloud billing
  5. Why Cloud Certified People Are in Hot Demand
  6. VENDORiQ: Data Replication Goes Serverless with Google Datastream

The Latest

24 June 2021: Samsung Networks, which was launched early in 2021, has struck a deal with infrastructure supplier PLUS ES to support the deployment of Samsung’s 5G technologies. Given activities from other 5G vendors, it is clear that the 5G rollout in Australia will only accelerate.

Why it’s Important

5G will impact both consumer and business applications, as well as hybrid working. It is not just a matter of speed. With greater bandwidth and different cost points, new services become possible. For example: chatbots passing not to a human agent using text, but a human agent on video. These service delivery innovations need to be tested in terms of how the public will accept them, the operational and staffing changes needed to support them, and finally the IT issues and architecture they will raise (including what to do with all the new data coming in)!

CTOs and innovation teams in organisations with public-facing services need to be experimenting and testing new service delivery options and ideas now, since such services are likely to give a competitive advantage.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

If not already established, form a temporary committee to brainstorm the potential for 5G on:

  • Service delivery
  • Field operations and staff
  • Business processes, both internal and external, and how these can be digitised ‘into the field’
  • Hybrid working

Related IBRS Advisory

  1. 5G potential to deliver economic upsides
  2. Samsung unveils new smartphones
  3. Telecommunications reborn
  4. Redefining what ruggedised means

The Latest

2 July 2021: Amazon released a video summary and report on its sustainability targets and performance. The key take outs are that Amazon is the largest corporate purchaser of renewable energy, with a shift of 42% from non-renewable within one year. The underlying message here is sustainability is no longer a political issue for the corporate sector, but a fiscal imperative.  

Why it’s Important

As outlined in previous IBRS research, all of the hyperscale cloud vendors - Google, AWS, Microsoft, Oracle and Alibaba - have well-documented strategies to reduce their reliance on carbon-based fuel sources. All position sustainability as a competitive advantage, not just against each other, but against on-premises data centres. 

It is likely that cloud vendors will be positioning their sustainability credentials in both business and general news channels, looking to position their brand as a leader on climate action. From a cynical view, this messaging will play well with the existing news cycle of the impact of climate change, from the disastrous bushfires to killer heatwaves in North America, to unseasonable storms and record-setting weather events. From a more optimistic perspective, these vendors will drive genuine solutions to reduce the carbon footprint associated with providing computing service.

Therefore, as cloud vendors set or meet zero carbon energy targets, the issue of sustainable ICT is set to re-emerge as a priority for CIOs and data centre architects.  

IBRS and BIAP (via the IT Leaders Summits) have tracked CIOs interest in the topic of green IT. An IBRS study in 2008 had sustainable ICT being rated as ‘very important’ for 25% of CIOs and ‘somewhat important’ for 59% of CIOs. Since then, interest in sustainable computing has plummeted year-on-year. The IBRS / BIAP data for 2016 had 6% of CIOs rating sustainable ICT as a priority. By 2020, less than 0.5% of CIOs rated sustainable ICT as a priority.

IBRS expects this trend to reverse sharply in 2024-2025 as the leading cloud vendors continue to demonstrate both environmental and financial benefits associated with renewable energy.

Who’s impacted

  • CIO
  • CFO
  • Data centre leads
  • Infrastructure architects

What’s Next?

By 2025 the leading cloud vendors will leverage their position in renewable energy consumption as a selling point for policy-makers to mandate cloud computing and place unattainable goals for architects of on-premises data centres.

Rather than waiting, CIOs should review previous strategies for sustainable ICT, with the expectation that these will need to be updated and reinstated within the next 3-5 years.

Related IBRS Advisory

  1. The Status of Green IT in Australian and New Zealand (2008)
  2. Building your Green IT strategy
  3. Think green IT: Think saving money
  4. Forget Green; think sustainable computing in 2009

The Latest

28 June 2021: After a leak of an early pre-release version of Windows, Microsoft formally announced Windows 11 and have followed up with a series of posts, most aimed at promoting the new user experience of the operating system. A quick look on YouTube will find dozens of reviews and tests of the pre-release version of Windows 11, and from early tests, it appears as if there is little performance impact for the OS. Reviews of Microsoft’s documentation suggest that there is no significant change to how Windows 11 can be deployed. The bulk of the changes appear to be related to how Microsoft’s Office 365 products are put front and centre within the desktop experience. Teams, in particular, takes centre stage. As with the release of Windows 10, Windows 11 will start by building new expectations among consumers, which will in turn drive staff to demand the new environment from their ICT groups. In this sense, the key issues for ICT look to be identical to those faced in 2015.

Why it’s Important

While Microsoft executives famously touted that Windows 10 would be the last Windows, a clear reference to enterprises’ frustrations with continued hardware/software refresh treadmill and the expense of upgrading fleets of desktops en-mass, the statement was never officially enshrined in the product lifecycle. This means that enterprises, at least for the foreseeable future, will need to plan for generational shifts in desktop upgrades, complete with the demands of change management and the potential bulk hardware refreshes.  

The common driver for most organisations looking to refresh their desktop environment (device management, security, application deployment and change management), is to ‘flatten the investment’ needed to keep users up to date. From a device asset management perspective, the goal is to move away from four-to-five year bulk buys and move to a rolling schedule of device refreshes. For software deployment, it's a move to a self-service model. And for the OS, it's a move to a gradually updated, evolving platform.  

All the above have become critical enablers of hybrid working and by extension business continuity. 

Microsoft’s Cloud-based approach to deploying devices and software with Autopilot is highly attractive as it supports the new digital workspace model. How best to migrate to Autopilot from the legacy ‘tiered’ desktop management approach is by far the most common question IBRS is asked in relation to digital workspaces.

Microsoft has noted that Windows 11 can be managed using all current tools and processes that are used to manage Windows 10. This means Windows 11 can be managed using the Cloud-based Autopilot approach and the ‘standardised desktop’ approach via SCCM (System Centre Configuration Manager). Third-party tools such as Ivanti are also expected to work without problem. Therefore, based on available information, there appears to be little additional benefit to Windows 11 over Windows 10 when it comes to deployment and management.

This is not to say that Windows 11 will not have other benefits to enterprises, but the (current) benefits appear to be more related to putting Office 365 services forward.

Who’s impacted

  • CIO
  • Desktop / end user computing teams
  • ICT asset management teams
  • CFO / ICT financial planning teams

What’s Next?

Enterprise desktop teams do not need to rush into Windows 11 planning. Device and software compatibility is expected to be high (despite some initial negative assumptions on YouTube). Instead, organisations should continue to focus their efforts on migrating from the standardised desktop management model to the ‘digital workspaces’ model which focuses on offering self-service capabilities and zero-trust security. In addition, adopting an iterative and ongoing approach to Office 365 change management is needed. Moving to the digital workspaces model will not only reap significant operational benefits over the older standardised desktop approach, but will also ensure a smoother transition to Windows 11 before the 2025 end of support deadline.

Related IBRS Advisory

  1. Digital Workspaces Master Advisory Presentation
  2. SNAPSHOT: Workforce Transformation beyond Mobility and Digital Workspaces
  3. How will you deal with Microsoft’s Pester Power strategy for Windows 10?
  4. The journey of Office 365: A guiding framework Part 3: Post-implementation

The Latest: 

26 June 2021: Zoho briefed IBRS on Zoho DataPrep, it’s new business-user focused data preparation which is being included in its existing Zoho Analytics tool, as well as being available separately as a tool to clean, transform and migrate data. DataPrep is in beta, and will be officially launched on 13th July 2021.

Why it’s Important

Traditionally, cleaning and transforming data for use in analytics platforms has involved scripting and complex ETL (extract, transform and load) processes. This was a barrier to allowing business stakeholders to take advantage of analytics. However, several analytics vendors (most notably Microsoft, Tableau, Qlik, Snowflake, Domo, etc.) have pioneered powerful, drag-and-drop low-code ETL into their products.  

Zoho, which is better known for its CRM, has an existing data analytics platform with Cloud storage, visualisation and reports, and dashboards. While the product is not as sophisticated as its top-drawer rivals, it can be considered ‘good enough’ for many business user’s needs. Most significantly, Zoho Analytics benefits from attractive licensing, including the ability to share reports and interactive dashboards both within an organisation and externally. 

However, Zoho Analytics lacked a business-user-friendly, low-code ELT environment, instead relying on SQL scripting. Zoho DataPrep fills this gap by providing a dedicated, AI-enabled platform for extracting data from a variety of sources, allowing data cleaning and transformations to be applied, with results being pushed into another database, data warehouse and Zoho Analytics. 

All existing Zoho Analytics clients will receive Zoho DataPrep with no change to licensing.

However, what is interesting here is Zoho’s decision to offer its DataPrep platform independent of its Analytics platform. This allows business stakeholders to use the platform as a tool to solve migration and data cleaning, not just analytics. 

IBRS’s initial tests of Zoho DataPrep suggest that it has some way to go before it can compete with the ready-made integration capabilities of Tableau, Power BI, Qlik, and others. In addition, it offers less complex ETL than it’s better established rivals. But, that may not be an issue for organisations where staff have limited data literacy maturity, or where analytics requirements are relatively straightforward.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

The bigger take out from Zoho’s announcement is that ETL, along with all other aspects of business intelligence and analytics, will be both low-code, business-user friendly and reside in the Cloud. ICT departments seeking to create ‘best of breed’ business intelligence architectures that demand highly specialised skills will simply be bypassed, due to their lack of agility. While there will be a role for highly skilled statisticians, data scientists, and machine learning professionals, the days of needing ICT staff that specialise in specific reporting and data warehousing products is passing. 

Related IBRS Advisory

  1. Snowflake Gets PROTECTED Status Security Tick by Aussie Auditor
  2. IBRSiQ: Power BI vs Tableau
  3. Business-First Data Analytics
  4. AWS Accelerates Cloud Analytics with Custom Hardware
  5. IBRSiQ AIS and Power BI Initiatives
  6. Trends in Data Catalogues
  7. When Does Power BI Deliver Power to the People?
  8. Staff need data literacy – Here’s how to help them get it

The Latest

26 May 2021: Google has introduced Datasteam, which the vendor defines as a “change data capture and replication service”. In short, the service allows changes in one data source to be replicated to other data sources in near real time. The service currently connects with Oracle and MySQL databases and a slew of Google Cloud services, including BigQuery, Cloud SQL, Cloud Storage, Spanner, and so forth.

Uses for such a service include: updating a data lake or similar repository with data being added to a production database, keeping disparate databases of different types in sync, consolidating global organisation information back to a central repository.

Datastream is based on Cloud functions - or serverless - architecture. This is significant, as it allows for scale-independent integration.

Why it’s Important

Ingesting data scale into Cloud-based data lakes is a challenge and can be costly. Even simple ingestion where data requires little in the way of transformation can be costly when run through a full ETL service. By leveraging serverless functions, Datastream has the potential to significantly lower the cost and improve performance of bringing large volumes of rapidly changing data into a data lake (or an SQL database which is being used as a pseudo data lake). 

Using serverless to improve the performance and economics of large scale data ingestion is not a new approach. IBRS interviewed the architecture of a major global streaming service in 2017 regarding how they moved from an integration platform to leveraging AWS Kinesis data pipelines and hand-coded serverless functions, and to achieve more or less the same thing that Google Datastream is providing. 

As organisations migrate to Cloud analytics, the ability to rapidly replicate large data sets will grow. Serverless architecture will emerge as an important pattern.

Who’s impacted

  • Analytics architecture leads
  • Integration teams
  • Enterprise architecture teams

What’s Next?

Become familiar with the potential to use serverless / cloud function as a ‘glue’ within your organisation’s Cloud architecture. 

Look for opportunities to leverage serverless when designing your organisations next analytics platform. 

Related IBRS Advisory

  1. Serverless Programming: Should your software development teams be exploring it?
  2. VENDORiQ: Google introduces Database Migration Service

The Latest

26 May 2021: Talend, a big data, analytics and integration vendor, has received ISO 27001:2013 and 27701:2019 certifications. According to the Talend, they are the only big data/integration vendor with this level of certification.  

Why it’s Important

IBRS has observed that even the most security focused organisations often overlook their big data integration and ETL (extract, transform, load) when it comes to assessing business risk. For example, when Microsoft launched its protected Azure services in Canberra, many of the Azure analytics capabilities, such as its machine learning services, were excluded from the platform.

The data being ingested into data lakes, be they on-premises or in the Cloud, will include private information on clients, staff or citizens, and possibly sensitive financial data. But more significantly, taken as an aggregate, this information contains patterns and insights that cyber criminals and state actors may leverage for further attacks.  The value of analysing data at scale to an organisation is just as valuable to criminals.

Who’s impacted

  • Business analytics architecture specialists
  • CISO 
  • Security teams

What’s Next?

Start by reviewing the sensitivity of information moving to the data analytics platform. Such information would be reviewed against the organisation's existing data governance and data classification framework.

Next, review the process of how sensitive information is ingested, manipulated, stored and accessed within the organisation’s analytics platform. Be sure to pay attention to ETL processes: both the technologies and processes involved. 

Finally, review the third-party (vendor) supply chain for all platforms and services involved in data analytics.

Related IBRS Advisory

  1. How does your organisation manage cyber supply chain risk?
  2. IBRSiQ: Risk assessment services and the dark web
  3. VENDORiQ: SolarWinds Incident

The Latest

10 May 2021: ServiceNow is acquiring Lightstep, a specialist vendor for monitoring digital workflows. While ServiceNow already has capabilities for monitoring its low-code applications and workflows, Lightstep will provide deep analytics and performance metrics. 

Why it’s Important

The rise of low-code will necessitate the use of application monitoring tools.  

From a technical perspective, being able to monitor performance of applications that may themselves be comprised of dozens of integrations and span multiple SaaS environments, is an important precursor to meeting user expectations. In low-code environments, gone are the days of being able to monitor server and network performance. Vendors such as ThousandEyes and Lightstep have emerged to provide a more comprehensive (and simplified) view of the complex application infrastructure that is emerging. Buying Lightstep is a smart move for ServiceNow, as it increasingly moves into enabling low-code departmental and public-facing applications. 

Another reason for monitoring low-code is to report back to the business tangible business benefits. While digitising a process can clearly save money, being able to quantify the savings with evidence after a solution has been deployed helps build the case for an expansion of low-code and (in the case of high-value products, such as ServiceNow) justify any increased licensing.

However, an often overlooked benefit of observability is application lifecycle. Observability allows organisations to identify and consolidate duplicate processes across an organisation. Observability also allows organisations to identify digital processes that are not being utilised and determine why, and give clues as to what to do about them.

Who’s impacted

  • Development team leads
  • Business analysts

What’s Next?

Expect low-code vendors to continue investing in workflow monitoring/observability tools, as well as low-code integration capabilities. 

When selecting a low-code application development platform, consider the degree to which being able to monitor workflows and processes will be useful. If using ServiceNow, will the existing capabilities be sufficient, or will investments in products such as Lightstep be needed. If using products such as Nintex, will leveraging their business process modelling tools provide the desired observability.

Related IBRS Advisory

  1. VENDORiQ: ServiceNow to Acquire Vendor Intellibot
  2. VENDORiQ: Creatio - More Low-Code Investments
  3. Aussie vendor radar: Nintex joins the mainstream business process automation vendor landscape

The Latest

19 May 2021: Google has launched Vertex AI, a platform that strives to accelerate the development of machine learning models (aka, algorithms). According to Google and IBRS discussions with early adopters, the platform does indeed dramatically reduce the amount of manual coding needed to develop (aka, train) machine learning models. 

Why it’s Important

The use of machine learning (ML) will have a dramatic impact on decision making support systems and automation over the next decade. For the majority of organisations, ML capabilities will be acquired as part of regular upgrades of enterprise SaaS solutions. Software leaders such as Microsoft, Salesforce, Adobe and even smaller ERP vendors such as Zoho and TechnologyOne, are all embedding ML powered services into their products today, and this will only accelerate.

However, developing proprietary ML models to meet specific needs may very well prove critically important for a few organisations. Recent examples of this include: customise direct customer outreach with specific language tailored to lessen overdue payment, and creating decision support solutions to reduce the occurrence of heatstroke.

IBRS has written extensively on ML development operations (MLOps). However, the future of this disciplin e will likely be AI-powered recommendation engines that aid data teams in the development of ML models. In a recent example, IBRS monitored a data scientist as they first developed an ML model to predict customer behaviour using traditional techniques, and then used a publicly available tool that leveraged ML itself to build, test and recommend the same model. Excluding data preparation, the hand-coded approach took 3 days to complete, while the assisted approach took several hours. But more importantly, the assisted approach tested more models that the data scientist could test manually, and delivered a model that was 3% more accurate than the hand-coded solution.

It should be noted that leveraging ‘low-code’ AI does not negate the need for data scientists or the pressing need to improve data literacy within most organisations. However, it has the potential to dramatically reduce the cost of developing and testing ML models, which lowers the financial risk for organisations experimenting with AI.

Who’s impacted

  • CIO
  • COO
  • CFO
  • Marketing leads
  • Development team leads

What’s Next?

Prepare for low-code AI to become increasingly common and the hype surrounding it to grow significant in the coming two years. However, the excitement for low-code ML should be tempered with the realisation that many of the use cases for ML will be embedded ‘out of the box’ in ERP, CRM, HCM, workforce management, and asset management SaaS solutions in the near future. Organisations should balance the ‘build it’ versus ‘wait for it’ decision when it comes to ML-power services. 

Related IBRS Advisory

  1. Six Critical Success Factors for Machine Learning Projects
  2. Options for Machine Learning-as-a-Service: The Big Four AIs Battle it Out
  3. How can AI reimagine your business processes?
  4. Low-Code Platform Feature Checklist
  5. VENDORiQ: BMC Adds AI to IT Operations
  6. Artificial intelligence Part 3: Preparing IT organisations for artificial intelligence deployment

The Latest

11 May 2021: Jamf is a market leader in Apple iOS device management, with a strong presence in education. It has announced its intention to acquire the zero-trust end-point security vendor Wandera. 

Why it’s Important

Vendors in the device management have two options for continued growth: add new services and grow horizontally within their market (as in VMWare), or specialise in increasingly niche areas. Jamf has remained firmly entrenched in providing Apple device management, so it is a niche (though important) player in device management. Its acquisition of Wandera, hot on the heels of its purchase of Mondad, will broaden its base and help cement its position against the broader players. 

Who’s impacted

  • End user computing/digital workspace teams
  • Security teams

What’s Next?

Globally, the move to working from home saw an uplift in Apple products being connected to enterprise (work) environments. Citing IDC, Jamf reports the penetration of macOS in 2019 was around 17%, and during 2020 this increased to 23%. In addition, globally 49% of smartphones connecting to work environments remain iOS, though this is slightly lower in Australia, where Android has gained small market share in a tight market last year. 

The challenge with supporting a mixed device ecosystem (Windows, Android, macOS, iOS, Chrome) is now more than just securing the end-point, but the entire information ecosystem. VPNs in particular proved difficult to scale and adapt to a myriad of end points. The need to patch reliability and manage software also becomes significantly difficult due to differing rates of change, patch cycles and tools needed. 

Jamf’s acquisition of Wandera will not eliminate these challenges completely, but will at least simplify the Apple slice of the situation. 

Related IBRS Advisory

  1. Requirements Check-List for Mobile Device Management Solutions
  2. Embracing security evolution with zero trust networking

The Latest

Mid May 2021: Mulesoft detailed its new Connectors for SAP during an analyst’s briefing. The SAP connector is most interesting, since it aims to speed up the development of lightweight, agile customer-facing, online self-service capabilities, while building on the weighty (not exactly agile) capabilities of SAP.  

Mulesoft has out-of-box integrations (called connectors) for existing data sources including AWS, Google, GCP, Azure, Snowflake, Salesforce, Splunk, Stripe, Oracle, ServiceNow, Zendesk, Workday Jira, Trello, Azure, SAP, Microsoft Dynamics, etc. Mulesoft has identified 900 common enterprise applications, though only 28% of these have pre-existing integrations. Mulesoft states that on average 35 different apps are needed for a single customer-facing enterprise digital solution. Therefore, it is investing heavily in developing additional connectors for enterprise solutions, with at least 50 planned for release in 2021.

Why it’s Important

In late 2019 and early 2020, IBRS conducted a series of 37 detailed interviews with organisations that found organisations with ERP SaaS platforms supported by low-code workflows and integration, saw at least 3 times (and up to 10 times!) as many customer-facing services delivered annually as compared with on-premise solutions with traditionally managed API integrations. A recent series of 67 interviews confirms these findings.

During COVID-19, the big winners of the ‘prepackaged integration’ model (specifically, the model outlined in the 'Trends for 2021-2026: No New Normal and Preparing For the Fourth Wave of ICT'), were business-to-consumer organisations that quickly pivoted from a myriad of shopfront locations to digital stores in a matter of weeks. As Mulesoft has figured out, this is not just an issue of having the ability to integrate, but having a consolidated core of ERP capabilities to provide core data and processes, surrounded by a fabric of low-code application, workflow and integration services.

Who’s impacted

  • COO
  • CIO
  • Head of sales 
  • DevOps leads
  • Enterprise architects

What’s Next?

Organisations should consider how their current environment - including legacy ERP - can evolve to support the fourth wave of enterprise architecture. This will impact upgrade decisions for ERP and other enterprise applications, the selection of low-code application development and integration tools.  

Related IBRS Advisory

  1. Trends for 2021-2026: No New Normal and Preparing For the Fourth-wave of ICT
  2. Accelerating Remote Services Deployment

The Latest

May 2021: Talend, a vendor of data and analytics tools, released its Data Health Survey Report that claims 36% of executives skip data when making decisions, and instead go “with their gut”. At the same time, the report claims that 64% of executives “work with data everyday”. On the surface, these two figures seem at odds. However, the report goes on to claim 78% of executives “have challenges in making data drive decisions”, and this is largely due to data quality issues. However, the most interesting finding from the report is “those who produce and those who analyse data live in alternative data realities”.

Why it’s Important

At its core, this report highlights the issue of data literacy. The report was compiled from 529 responses from companies with over USD10 million in sales. A quarter of respondents were from the Asia Pacific region. However, IBRS cautions drawing Australia-specific inference, given that different markets have differing levels of data literacy maturity. No details were given for industry, which is also likely to impact data literacy maturity. In fairness, any more detailed analysis of a country or industry would not be feasible, given the sample size. 

The above concerns aside, the report does highlight the importance of data literacy: investments in big data tools are useless unless executives are knowledgeable and well versed in the key concepts of applying analytical thinking to business decisions. IBRS notes that without data literacy, the most common use of new self-service visualisation tools such as Power BI, Looker, Domo, Tableau, Qlik, Zoho and others, is to ‘prove’ executives' gut feelings. In short, too often visualisations tools are used to reinforce the ‘current ways of thinking’ rather than seek areas for improvement.  

The report’s statement that “those who produce and those who analyse data live in alternative data realities”, frequently underpins IBRS inquiries into why business intelligence and analysis programs fail to produce the expected business benefits.

Who’s impacted

  • Business intelligence/analytics teams
  • Senior line-of-business executives
  • Human resources/training teams

What’s Next?

ICT teams responsible for providing business intelligence and analytics services need to cease solely focusing on the tools and technologies and ‘getting data curated’, and spend time exploring which business decisions would most benefit from the application of analytical thinking. However, the ICT teams cannot do this alone. They need to be involved in uplifting data literacy among line-of-business executives and work closely with them to identify the decisions that not only can be addressed with data, but those that would make the biggest difference to organisational outcomes. This does not mean that all aspects of a data scientists role need to be explained to business executives. Rather, training executives in the principles of using data to inquire into issues or disprove current ways of doing things is more important.  

Related IBRS Advisory

  1. Staff need data literacy – Here’s how to help them get it
  2. When Does Power BI Deliver Power to the People?
  3. The critical link between data literacy and customer experience

Contract management can be more than just record keeping. When done well, it can enable organisations to explore the best ways to optimise their investments when conditions change.

This capability proved essential for the Australian government when COVID-19 hit, with investments in all manner of services and infrastructure being needed almost overnight.

IBRS interviews ZEN Enterprise, an Australian niche contract management solution vendor, and the contract manager from a large Australian agency to tease out the benefits and challenges of advanced contract management in an age of rapid change.

The Latest

29 April 2021: Cloud-based analytics platform vendor Snowflake has received ‘PROTECTED’ status under IRAP (Australian Information Security Registered Assessors Program).  

Why it’s Important

As IBRS has previously reported, Cloud-based analytics has reached a point in cost of operation and sophistication that it should be considered the de facto choice for future investments in reporting and analytics. However, IBRS does call out that there are sensitive data sets that need to be governed and secured to a higher standard. Often, such data sets are the reasons why organisations decide to keep their analytics on-premises, even if the cost analysis does not stack up against IaaS or SaaS solutions.

The irony here is that IT professionals now accept that even without PROTECTED status, Cloud infrastructure provides a higher security benchmark than most organisations on-premises environments.

However, security must not be overlooked in the analytics space. Data lakes and data warehouses are incredibly valuable targets, especially as they can hold private information that is then contextualised with other data sets.

By demonstrating IRAP certification, Snowflake effectively opens the door to working with Australian Government agencies. But it also signals that hyper-scale Cloud-based analytics platforms can not only offer a bigger bang for your buck, but greatly improve an organisation's security stance.

Who’s impacted

  • CDO
  • Data architecture teams
  • Business intelligence/analytics teams
  • CISO
  • Public sector tech strategists

What’s Next?

Review the security certifications and stance of any Cloud-based analytics tools in use, including those embedded with core business systems, and those that have crept into the organisations via shadow IT (we are looking at you, Microsoft PowerBI!). Match these against compliance requirements for the datasets being used and determine if remediation is required.

When planning for an upgraded analytics platform, put security certification front and centre, but also recognise that like any Cloud storage, the most likely security breach will occur from poor configuration or excess permissions.

Related IBRS Advisory

  1. Key lessons from the executive roundtable on data, analytics and business value
  2. VENDORiQ: AWS Accelerates Cloud Analytics with Custom Hardware
  3. IBRSiQ: AIS and Power BI Initiatives
  4. VENDORiQ: Snowflakes New Services Flip The Analytics Model

The Latest

7 May 2021: Analytics vendor Qlik has released its mobile client Qlik Sense Mobile for SaaS. During the announcement, Qlik outlined how the new client enables both online and offline analytics and alerting. The goal is to bring data-driven decision-making to an ‘anywhere, anytime, any device’ model. 

Why it’s Important

While IBRS accepts that mobile decision support solutions will be of huge value to organisations, this needs to be tempered with an understanding that not all decisions should be made in all contexts. There is a very real danger that in the hype surrounding analytics, people will start making decisions in less than ideal contexts. Putting decision support algorithms (i.e. agents), KPI dashboards and simply modelling tools on mobile devices will likely be the next wave of analytics. In short, mobile big data/AI driven solutions that support specific, narrow mobile work tasks will be a very big deal in the near future.

However, creating and diving into data - that is, data exploration - is or should be, a process rooted in deep, careful, considered scientific thinking. That is a cognitive task that is not well suited to a mobile device experience. This is not just due to the form factor, but also the working context. Such deep thinking requires focus that a mobile work context does not provide.

As organisations embrace self-service analytics and more staff are engaged in creating and consuming visualisations and reports, data maturity will become an increasingly important consideration. However, data literacy is not just a set of skills to learn: it requires a change in culture and demands staff become familiar with rigorous models of thinking. It also requires honest reflection, both of the organisation’s activities and individually. 

While mobile analytics will be a growing area of interest, it will fail without a well-structured program to grow data literacy within the organisation and without granting staff the time and appropriate work spaces to reflect, explore and challenge their assumptions using data.

Who’s impacted

  • CDO
  • HR directors
  • Business intelligence groups

What’s Next?

Organisations should honestly assess staff data literacy maturity at a departmental and whole or organisation level. Armed with this information, a program to grow data literacy maturity can be developed. The deployment of data analytics tools, and indeed data sets, should coincide with the evolution of data literacy within the organisation. 

Related IBRS Advisory

  1. Staff need data literacy – Here’s how to help them get it
  2. When Does Power BI Deliver Power to the People?
  3. The critical link between data literacy and customer experience

The Latest

28 April 2021:  AWS has introduced AQUA (Advanced Query Accelerator) for Amazon Redshift, a distributed and hardware-accelerated cache that, according to AWS, “delivers up to ten times better query performance than other enterprise Cloud data warehouses”.

Why it’s Important

AWS is not the only vendor that offers distributed analytics computing. Architectures from Domo and Snowflake both make use of elastic, distributed computing resources (often referred to as nodes) to enable analytics over massive data sets. These architectures not only speed up the analytics of data, but also provide massively parallel ingestion of data. 

By introducing AQUA, AWS has added a layer of specialised, massively parallel and scalable cache over its Redshift analytics platform. This new layer comes at a cost, but initial calculations suggest it is a fraction of the cost of deploying and maintaining traditional big data analytics architecture, such as specialised BI hyperconverged appliances and databases.

Given the rapid growth in self-service data analytics (aka citizen analytics) organisations will face increasing demands to provide analytics services for increasing amounts of both highly curated data, and ‘other’ data with varied levels of quality. In addition, organisations need to consider a plan for rise in non-structured data. 

As with email, we have reached a tipping point in the demands of performance, complexity and cost where Cloud delivered analytics outstrip on-premises in most scenarios. The question now becomes one of Cloud architecture, data governance and, most important of all, how to mature data literacy across your organisation.

Who’s impacted

  • Business intelligence / analytics team leads
  • Enterprise architects
  • Cloud architects

What’s Next?

Organisations should reflect honestly on the way they are currently supporting business intelligence capabilities, and develop scenarios for Cloud-based analytics services. 

This should include a re-evaluation of how adherence to compliance and regulations can be met with Cloud services, how data could be democratised, and the potential impact on the organisation. BAU cost should be considered, not just for the as-in state, but also for a potential future states. While savings are likely, such should not be the overriding factor: new capabilities and enabling self-service analytics are just as important. 

Organisations should also evaluate data literacy maturity among staff, and if needed (likely) put in place a program to improve staff’s use of data.

Related IBRS Advisory

  1. IBRSiQ: AIS and Power BI Initiatives
  2. Workforce transformation: The four operating models of business intelligence
  3. Staff need data literacy – Here’s how to help them get it
  4. The critical link between data literacy and customer experience
  5. VENDORiQ: Fujitsu Buys into Australian Big Data with Versor Acquisition

The Latest

29 April 2021: Microsoft briefed analysts on its expansion of Azure data centres throughout Asia. By the end of 2021, Microsoft will have multiple availability zones in every market where it has a data centre.

The expansion is driven in part by a need for additional Cloud capacity to meet greenfield growth. Each new availability zone is, in effect, an additional data centre of Cloud services capability.

However, the true focus is on providing existing Azure clients with expanded options for deploying services over multiple zones within a country.  

Microsoft expects to see strong growth in organisations re-architecting solutions that had been deployed to the Cloud through a simple ‘lift and shift’ approach to take advantage of the resilience granted by multiple zones. Of course, there is a corresponding uplift in revenue for Microsoft as more clients take up multiple availability zones.

Why it’s Important

While there is an argument that moving workloads to Cloud services, such as Azure, has the potential to improve service levels and availability, the reality is that Cloud data centres do fail. Both AWS and Microsoft Azure have seen outages in their Sydney Australia data centres. What history shows is organisations that had adopted a multiple availability zone architecture tended to have minimal, if any, operational impact when a Cloud data centre goes down.

It is clear that a multiple availability zone approach is essential for any mission critical application in the Cloud. However, such applications are often geographically bound by compliance or legislative requirements. By adding additional availability zones within countries throughout the region, Microsoft is removing a barrier for migrating critical applications to the Cloud, as well as driving more revenue from existing clients.

Who’s impacted

  • Cloud architecture teams
  • Cloud cost / procurement teams

What’s Next?

Multiple available zone architecture can be considered on the basis of future business resilience in the Cloud. It is not the same thing as ‘a hot disaster recovery site’ and should be viewed as a foundational design consideration for Cloud migrations.

Related IBRS Advisory

  1. VENDORiQ: Amazon Lowers Storage Costs… But at What Cost?
  2. Vendor Lock-in Using Cloud: Golden Handcuffs or Ball and Chain?
  3. Running IT-as-a-Service Part 49: The case for hybrid Cloud migration

The Latest

09 April 2021: During its advisor business update, Fujitsu discussed its rationale for acquiring Versor, an Australian data and analytics specialist. Versor provides both managed services for data management, reporting and analytics. In addition, it provides consulting services, including data science, to help organisations deploy big data solutions.

Why it’s Important

Versor has 70 data and analytics specialists with strong multi-Cloud knowledge. Fujitsu’s interest in acquiring Versor is primarily tapping Versor’s consulting expertise in Edge Computing, Azure, AWS and Databricks. In addition, Versor’s staff have direct industry experience with some key Australian accounts, including public sector, utilities and retail, which are all target sectors for Fujitsu. Finally, Versor has expanded into Asia and is seeing strong growth. 

So from a Fujitsu perspective, the acquisition is a quick way to bolster its credentials in digital transformation and to open doors to new clients. 

This acquisition clearly demonstrates Fujitsu’s strategy to grow in the ANZ market by increasing investment in consulting and special industry verticals.  

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Given its experienced staff, Versor is expected to lead many of Fujitsu’s digital transformation engagements with prospects and clients. Fujitsu’s well-established ‘innovation design engagements’, are used to explore opportunities with clients and leverage concepts of user-centred design. Adding specialist big data skills to this mix makes for an attractive combination of pre-sales consulting.

Related IBRS Advisory

  1. The new CDO agenda
  2. Workforce transformation: The four operating models of business intelligence
  3. VENDORiQ: Defence Department Targets Fujitsu for Overhaul

The Latest

16 April 2021: BMC has released a new edition of its Helix Platform, which leverages machine learning algorithms to support AI-driven IT operations (AIOps) and AI-driven service management (AISM) capabilities. The introduction of these algorithmic features enable IT service and operations teams to predict and resolve issues more effectively.

Why it’s Important

The use of algorithms to both categorise and predict events in IT operations is a growing trend. Such AI capabilities will be increasingly embedded in existing IT operations suites. As vendors enter a new ‘AI-powered’ competitive phase, these new AI capabilities will be included as part of regular upgrades and maintenance, rather than as add-on components.

Getting value from the new AI capabilities requires planning very human responses.  

For example, the predictive capabilities of algorithms, especially when using multi-organisational data, can provide op teams with alerts well in advance of problems becoming apparent. But unless op teams are resourced and given budget to respond to such ‘predictive maintenance’ issues, these predictive capabilities will be relegated to little more than an alarm clock with a snooze button. 

Likewise, the ability to correctly leverage and continually train advisory from resolution support algorithms, will demand both training of, and input from, the support team. The algorithms are only as good as the information and the contexts they can draw on. Support team people play an intimate role in ensuring the right information is selected for training the algorithm and, most importantly, the right contexts. This is especially pertinent as virtual agents (chatbots) are introduced for self-help capabilities.

Who’s impacted

  • CIO
  • IT operations staff
  • Support desk

What’s Next?

Begin to track the new AI capabilities available in IT operations support platforms, not just for the platforms used by your organisation, but in the competitive landscape. While there is no critical priority to adopt AI-powered IT operations or service management capabilities (just yet), it is important to understand what is coming and what may already be available as part of your current licensing agreements.

Assemble a working group to explore how AI capabilities could positively impact IT operations and service management, and the changes in process and roles that would be required to leverage them.

In short, start planning for AI-powered operations and a service management future.

Related IBRS Advisory

  1. Running IT-as-a-Service Part 55: IBRS Infrastructure Maturity Model
  2. Sustaining efficiency gains demands architecture risks mitigation Part 2
  3. Artificial intelligence Part 3: Preparing IT organisations for artificial intelligence deployment
  4. IBRSiQ: Approach to identifying an ITSM SaaS Provider

The Latest

18 March 2021: Veeam released a report which suggests that 58% of backups fail. After validating these claims, and from the direct experiences of our advisors who have been CIOs or infrastructure managers in previous years, IBRS accepts there is merit in Veeam’s claim.

The real question is, what to do about it, other than buying into Veeam’s sales pitch that its backups give greater reliability?

Why it’s Important

Sophisticated ransomware attacks are on the rise. So much so that IBRS issued a special alert on the increasing risks in late March 2021. Such ransomware attacks specifically target backup repositories. This means creating disconnected, or highly-protected backups is more important than ever. The only guarantee for recovery from ransomware is a combination of well-structured backups, coupled with a well-rehearsed cyber incident response plan. 

However, protecting the backups is only useful if those backups can be recovered. IBRS estimates around 10-12% of backups fail to fully recover, which is measuring a slightly different, but more important situation than touted by Veeam. Even so, this failure rate is still far too high, given heightened risk from financially-motivated ransomware attacks.

Who’s impacted

  • CIO
  • Risk Officers reporting to the board
  • CISCO
  • Infrastructure leads

What’s Next?

IBRS has identified the ‘better-practice’ from backup must include regular and unannounced, practice runs to recover critical systems from backups. These tests should be run to simulate as closely as possible to events that could lead to a recovery situation: critical system failures, malicious insider and ransomware. Just as organisations need to rehearse cyber incident responses, they also need to thoroughly test their recovery regime. 

Related IBRS Advisory

  1. Maintaining disaster recovery plans
  2. Ransomware: Don’t just defend, plan to recover
  3. Running IT-as-a-Service Part 59: Recovery from ransomware attacks
  4. Ransomware, to pay or not to pay?
  5. ICT disaster recovery plan challenges
  6. Testing your business continuity plan

The Latest

28 March 2021: MaxContact, vendor of a Cloud-based call-centre solution, announced it is supporting integration of Teams clients. Similar vendors of call centre solutions have announced or are planning similar integration with Teams and/or Zoom. In effect, the most common video communications clients are becoming alternatives to voice calls, complete with all the management and metrics required by call centres. 

Why it’s Important

The pandemic has forced working from home, which has in turn positioned video calling as a common way to communicate. There is an expectation that video calling, be it on mobile devices, desktop computers or built into televisions, will become increasingly normalised in the coming decade. Clearly call centres will need to cater for clients who wish to place calls into the call centre using video calls.

But there is a difference between voice calls and video that few people are considering (beyond the obvious media).  That is, timing of video calls is generally negotiated via another media: instant messaging, calendaring, or meeting invites. In contrast, the timing for voice calls are far less mediated, especially when engaging with call centres for service, support or sales activities.

For reactive support and services, video calls between a call centre and a client will most likely be a negotiated engagement, either instigated via an email or web-based chat agent. Cold-calling and outward bound video calls is unlikely to be effective.

The above has significant implications for client service and support processes and call centre operations.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

The adoption of video calls by the masses is here to stay. Video calling is not a fad, but it will take time to mature. 

Having video support and services available as part of the call centre mix is likely to be an advantage, but only if its use makes sense in the context of the tasks and clients involved.  

Organisations should begin brainstorming the potential usage of video calls for serving. However, adding video calling to the call centre is less of a priority than consolidating a multi-channel strategy and, over time, an omnichannel strategy.  

Related IBRS Advisory

  1. Better Practice Special Report: Microsoft Teams Governance
  2. Evolve your multichannels before you try to omnichannel
  3. VENDORiQ: CommsChoice becomes Australia's first vendor of Contact Centre for Microsoft Teams Direct Routing

The Latest

28 March 2021: AWS has a history of periodically lowering the costs of storage. But even with this typical behaviour, its recent announcement of an elastic storage option that shaves 47% off current service prices is impressive. Or is it?

The first thing to realise is that the touted savings are not apples for apples. AWS’s new storage offering is cheaper because it resides in a single-zone, rather than being replicated across multiple zones. In short, the storage has a higher risk of being unavailable, or even being lost by an outright failure. 

Why it’s Important

AWS has not hidden this difference. It makes it clear that the lower cost comes from less redundancy. Yet this architectural nuance may be overlooked when looking at ways to optimise Cloud costs.

One of the major benefits of moving to Platform-as-a-Service offerings is the increased resilience and availability of the architecture. Cloud vendors, including AWS, do suffer periodic failures within zones. Examples include the AWS Sydney outage in early 2020 and the Sydney outage in 2016 which impacted banking and e-commerce services.  

But it is important to note that even though some of Australia’s top companies were effectively taken offline by the 2016 outage, others just sailed on as if little had happened. The difference is how these companies had leveraged the redundancies available within Cloud platforms. Those that saw little impact to operations when the AWS Sydney went down had selected redundancies in all aspects of their solutions.

Who’s impacted

  • Cloud architects
  • Cloud cost/contract specialists
  • Applications architects
  • Procurement leads

What’s Next?

The lesson from previous Australian AWS outages is that organisations need to carefully match the risk of specific application downtime. This new announcement shows that significant savings (in this case 47%) are possible by accepting a greater risk profile. However, while this may be attractive from a pure cost optimisation/procurement perspective, it also needs to be tempered with an analysis of the worst case scenario, such as multiple banks being unable to process credit card payments in supermarkets for an extended period.

Related IBRS Advisory

  1. VENDORiQ: AWS second data centre in Australia
  2. Post COVID-19: Four new BCP considerations
  3. Running IT-as-a-Service Part 55: IBRS Infrastructure Maturity Model

The Latest

18 March 2021: Zoho is a privately held, Indian, Cloud-based CRM vendor that has grown rapidly internationally. It has just turned 25 years old. While it’s CRM suite is not as sophisticated as that of SalesForce, it is supported by a suite of low-code development tools and marketing-oriented modules for small to mid-sized business.

zoho timeline

Why it’s Important

IBRS has noted that many Australian organisations - in particular the public sector - are only short-listing Salesforce and Dynamics for modern CRM. This is often due to the research into available CRMs being exclusively limited to vendors in leading positions on US-focused market research papers, or advice from consultancies that only refer to such public materials.

To ensure the best suite at the best cost-point is selected, IBRS strongly recommends that the following be considered during the shortlisting process: 

  1.  Be sure to explore niche CRM products, as some of these may have a better fit or specific industry sector focus that can deliver benefits more quickly and at significantly lower costs than the leading products. Just because a solution as complex as a CRM is leading the market, does not mean it is necessarily the best for your organisation.
  2. When reading international reports, keep in mind that North America and Europe have different technology market ecosystems to Australia. In particular, skills availability (and therefore costs) differ. Be sure to factor in local issues.
  3. Carefully consider your starting point. How complex is your software environment? Factor your organisation’s networking infrastructure and the integration requirements both immediate and longer term.
  4. Leverage the channel capabilities and skills of local implementation partners. Implementation partners play a significantly greater role in a CRM’s successful implementation than the product itself. It is therefore vital that buyers not only consider the product in question, but also the available partners. 

The ultimate impact of limiting modern CRM (and related digital services) to the major vendors is that organisations may find themselves paying for far more than they need in a system, while also introducing more complexity into business operations than is necessary. 

IBRS is not suggesting that Zoho (or any of the other niche CRMs from the myriad available) is right for your organisation. Salesforce and Dynamics are exceptional products. However, many organisations do not need exceptional: they simply need more than good enough for their current and future needs, and they need it quickly and at the right cost point.

Who’s Impacted

  • CIO
  • Digital platform leads
  • Procurement teams
  • Business units executives

What’s Next?

Shortlists are critical for keeping procurement agile and within scope. However, do not short-change the shortlisting process by relying on generic reports that do not factor in:

  • specific industry needs
  • the Australian context
  • local channels and skills 

Related IBRS Advisory

  1. Trends for 2021-2026: No New Normal and Preparing For the Fourth-wave of ICT
  2. VENDORiQ: Salesforce Introduces Hyperforce
  3. Salesforce vs Dynamics
  4. CRM Modernisation Part 5: Microsoft Dynamics vs Salesforce Total Cost of Service
  5. IBRSiQ: Can IBRS Review Our Dynamics365 (D365) Licensing Calculations?

 

The Latest

23 March 2021: ServiceNow has signed an agreement to purchase robotic process automation vendor, Intellibot. The deal will see Indian-based Intellibot, which was founded in 2015, embedded into the ServiceNow platform. 

Why it’s Important

RPA is rapidly becoming merged within the low-code everything ecosystem. ServiceNow’s planned investment in buying into RPA is not surprising: other low-code vendors, such as Nintex, have already secured their RPA solutions through acquisition. Buyers of standard-alone RPA solutions can expect more acquisitions, followed by rapid market consolidation in 3-5 years time. 

Who’s Impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Expect RPA to play an increasing role in areas such as customer account creation and management, customer verification, employee on-boarding and off-boarding, data extraction and migration, and claims and invoice processing, among others.

Related IBRS Advisory

  1. Exploring Robotic Process Automation
  2. How Can AI Reimagine Your Business Processes?
  3. Cloud Low-code Vendor Webflow Secures US$140 Million
  4. Aussie Vendor Radar: Nintex Joins the Mainstream Business Process Automation Vendor Landscape
  5. SNAPSHOT: A Robotic Process Automation Infographic

The Latest

20 March 2021: GorillaStack has released capabilities that allows it to monitor and apply governance rules to any external service that communicates with AWS EventBridge.

Why it’s Important

GorillaStack is one of the earliest vendors to address the complexities of Cloud cost management, having started in Australia in 2015 and moved to having strong growth in the international market. In May 2020, GorillaStack was acquired by the switzerland-based SoftwareOne.

Like its international competitors, GorillaStack moved from helping organisations monitor and optimise their Cloud spend, to monitoring the Cloud ecosystems for performance and security concerns. This recent announcement suggests that the next phase of growth for organisations in the Cloud cost optimisation space is not only to detect events in Cloud infrastructure, but also external services, and then apply rules to perform specific actions on those events. Such rules can not only automatically help reduce Cloud spend by enforcing financial governance directly into the Cloud infrastructure, but also helping to enforce security rules.

Who’s Impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Cloud cost optimisation is already an important discipline for organisations with mature Cloud teams. Like software asset management (SAM), tools alone will not see organisations optimise their expenditure on Cloud services. An understanding of the disciplines required and setting up appropriate rules is needed. In addition, IBRS notes that many less-mature organisations have a ‘sprawl’ of Cloud services that need to first be identified and then reigned in before cost optimisations products can be fully effective. 

Related IBRS Advisory

  1. New Generation IT Service Management Tools Part 2: Multi-Cloud Management
  2. How to Get on Top of Cloud Billing
  3. Sourcing Monthly April 2020 – May 2020

The Latest

27 March 2021: Google has announced programs with two US-based insurance companies where clients taking up Google Cloud Platform security capabilities will receive discounts on cyber insurance premiums. 

Why it’s Important

The number of serious cyber incidents is on the increase and insurance premiums in the US have tripled over the last two years. Having a cyber incident response plan in place helps mitigate the risks and reduces the recovery time from a cyber incident, but also contributes to lowering the premium for cyber insurance. It is akin to having fitted window locks to a house, lowering insurance premiums in certain circumstances.

Google’s security posture, and threat assessment services, and services to manage security incidents effectively are sufficient to both reduce the frequency of security incidents and lessen their impact. Insurance actuaries see the benefit in such services and have determined there are savings to be made by the lower risk and risk mitigation profiles. 

Notwithstanding any special programs brokered between Cloud vendors and insurers, being able to demonstrate both a strong security posture and, importantly, an incident response plan will drive down an organisation's premiums, especially as insurance companies are inserting their own teams into incident response situations. 

Who’s Impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

If not already done, organisations should undertake a cyber risk assessment and implement a cyber incident response plan backed by appropriate cyber insurance. 

Related IBRS Advisory

  1. Improving Your Organisation’s Cyber Resilience
  2. Incident Response Planning: More Than Dealing with Cyber Security Breaches and Outages
  3. How Does Your Organisation Manage Cyber Supply Chain Risk?
  4. Why You Need a Security Operations Centre

The Latest

9 March 2021: Dropbox has acquired DocSend for US$165 million. This is a welcome addition to managing the risks associated with information management in a collaborative environment. 

Why it’s Important

Dropbox’s acquisition is not about organic growth, as DocSend’s client base of 17,000 users is dwarfed by Dropbox’s estimated 600 million. The deal is more about positioning Dropbox against the likes of Adobe Document Cloud, by allowing organisations to track what happens to information once it is shared. Being able to manage and track document access is a critical aspect of modern, enterprise-grade file sharing which is needed for secure collaboration. It is a feature missing in most collaborative platforms - at least out of the box. 

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Being able to manage access and track who’s accessed a document is a good start for closing the governance issues of most collaborative platforms (e.g. Teams, Slack, Zoom, Zoho, etc.)  However, organisations should look at adopting a zero trust model for information assets, involving identity management linked to access controls and an ‘encrypt everything by default’ mentality.  

Related IBRS Advisory

  1. Did Dropbox just break knowledge management?
  2. IBRS survey exposes Teams risk - The Australian - 21 January 2021
  3. Microsoft Teams governance: Emerging better practices
  4. Data loss by the back door, slipping away unnoticed
  5. Workforce transformation Part 2: The evolving role of folders for controlled collaboration

The Latest

11 March 2021: Talend, a big data / data integration solutions vendor, has signed an MOU to be acquired by private equity giant Thomas Bravo for US$2.4 billion, representing a nearly 30% premium on its current share price. 

Why it’s Important

Talend has been aggressive with the development of its solutions in the last few years, in particular in the area of managing data quality. During one-on-one briefings with IBRS, the company has demonstrated considerable flexibility in its roadmap and the willingness, and agility, to take cues of the emerging needs of clients.

Conventional wisdom is that once tech firms get subsumed by private equity, innovation declines as business drive turns to ‘rent seeking’ behaviour. This is especially true for funds that have a portfolio of well-established (legacy) technologies. A review of Thomas Bravo’s current and prior investments places Talend in a fund that previously held the likes of Attachmate and Compuware. Attachmate (now owned by Micro Focus) was seen to be aggressive with audits during the period it was owned by Thomas Bravo. On the surface, this could be cause for concern about the future direction of Talend.  

However, there are significant differences. Talend has a growing user base, is positioned in a market segment that is still evolving and has at least a decade of product innovation to come.  

Who’s impacted

  • CIO
  • Business intelligence / big data teams
  • Data management leads
  • Procurement 

What’s Next?

Over the next half-decade, an acquisition of Talend by Thomas Bravo is likely to deliver a continued commitment to market-led innovation. There is enough head-room for the fifteen-year old Talend to continue deploying new capabilities at pace that keeps clients happily buying more services.  

However, as the market for big data management solutions matures - especially shared data catalogues - pressure may start to mount for Talend to refocus on extracting more revenue from clients with proportionally less investment in development. Yes, that is a worst-case scenario, and it is not unique to Talend nor its deal with Thomas Bravo.  

Even so, organisations looking to invest in big data management solutions need to be viewing their investment futures over a decade. Such solutions quickly become fundamental platforms for the business and will be difficult (and expensive) to replace as they become increasingly embedded. Keep the long-term scenario in mind. 

Related IBRS Advisory

  1. Power BI is driving data democratisation: Prepare now
  2. Why investing in data governance makes good business sense
  3. Key lessons from the executive roundtable on data, analytics and business value
  4. Machine learning will displace “extract, transform and load” in business intelligence and data integration
  5. IBRSiQ: Can IBRS provide input into suitable reporting systems using primarily in-system data, but not excluding third party?

The Latest

9 March 2021: The Australian Defence Department has inked a deal with Fujitsu, Leido and KBR to blitz its ageing network and end-user computing environment in a program of work thought to be worth around AU$200 million.

Why it’s Important

Fujitsu is not the first vendor that comes to mind when thinking about end-user computing overhauls. However, in the world of highly secure workplaces, vendors such as Fujitsu and Unisys have unique offerings and experiences. Even if not using these vendor’s capabilities, the critical components of the security architecture are worth noting by organisations that need to protect information assets with an increasingly mobile or distributed workforce. 

Who’s impacted

  • End-user computing / digital workspace architects
  • Security teams

What’s Next?

With remote working no longer a choice, but a business continuity issue, organisations need to rethink traditional approaches to securing information assets and people when planning for the next upgrade of end-user computing. Identity management, contextual access control and encryption of information assets are three essential pillars of a modern, secure digital workspace. Building upon these pillars, organisations can look towards zero trust approaches and adopt emerging new techniques for detecting issues and protecting the organisation, such as embodied in products for user, entity and behavioural analytics (UEBA).

Related IBRS Advisory

  1. Architecting identity and access management
  2. Embracing security evolution with zero trust networking
  3. Trends for 2021-2026: No new normal and preparing for the fourth-wave of ICT

The Latest

18 February 2021: The latest Australian Bureau of Statistics (ABS) Labour Force report highlighted major increases in employment for ICT and business professionals.

Net increases of note in the period were:

ICT professionals 

  • programmers (14%)
  • network professionals (16%)
  • web designers (16%)
  • database administrators (23%)

Business professionals

  • accountants (14%) 
  • information / organisational professionals (27%).

Who’s impacted