Conclusion:

Thinking that the pandemic will soon be past and some form of new normal will emerge, be it working from home or office work, or a hybrid mix - is a misconception. Even with a vaccine, the pandemic will continue in isolated, difficult to predict pockets, and cause sporadic rapid changes to work practices for the foreseeable future. Organisations will need to be able to quickly flip-flop work environments rapidly, and work processes - and thus technologies - must evolve to meet the challenges of the 'age of uncertainty'. A fourth wave of ICT architecture is emerging, with a focus on information over architecture, low-code everything and powered by algorithms.

Find attached at the bottom of the article a free downloadable PDF copy of the trends for 2021-2026 executive presentation deck.

Read more ...

The Latest

17 February 2021: Google Apigee announced the release of Apigee X, its latest edition of its API management solution.

Why it’s Important

IBRS has found that the topic of APIs has moved out of the boiler room to the boardroom. During a series of roundtables with CEOs, CFOs and Heads of HR in late 2019, IBRS noted that many of these executives were advocates for ‘API enabled enterprise solutions’. Upon further questioning, these non-technical executives were able to accurately describe the core concepts and purposes of APIs. Much of their knowledge had come from engagements with combined SalesForce / Mulesoft sales teams. During 2020, the demand for rapid digitisation of processes with low-code platforms further raised the profile of API usage.

Expectations for APIs are high. Meeting those expectations demands a structured approach to management of APIs, and the ability to report on their usage. 

Who’s impacted

  • CTO
  • Software development teams

What’s Next?

Consider how the topic of APIs - which many executives see as critical for evolving business functions, or even a building block of digital transform efforts, needs to be communicated within the organisation. Explore how the adoption of low-code platforms both within and tangential to the ICT group will further expand the use of APIs. If not already available, put in place a roadmap for the introduction of API management capabilities, factoring both governance issues and supporting technologies.

Related IBRS Advisory

  1. Architectures for Mobilised Enterprise Applications
  2. Running IT-as-a-Service Part 15: Traditional enterprise architecture is irrelevant to digital transformation
  3. IBRSiQ: Can IBRS advise on the pros and cons of best of breed combined EAM/ERP vs fully integrated ERP/EAM?
  4. The impact of Software-as-a-Service on enterprise solutions: Why you must run IT-as-a-Service
  5. Enterprise resource planning (ERP) Part 2: Planning the ERP strategy for modernisation
  6. How to succeed with eforms Part 4: Selection framework
  7. Making the case for enterprise architecture

The Latest

10 February 2021: Competition for highly secure hyperscale Cloud capabilities for government services has been boosted with Oracle joining forces with Australian Data Centres (ADC) to provide Canberra-based services. Oracle now has three Australian regions for managed Cloud, with Sydney and Melbourne.

Why it’s Important

Oracle’s Cloud service is highly attractive for organisations looking for a simpler Cloud transformation journey for critical, Oracle-based solutions.

Last year, Oracle’s SaaS solutions in the areas of security, human services, and health were certified as offering PROTECTED data capabilities. ADC has a strong presence in the Australia government, already running sensitive workloads and being connected to the secure Intra-Government Communications Network (ICON). By leveraging ADC’s footprint in Canberra, Oracle is now able to meet the second part of the trust equation: the physical safety of the environment.

Who’s impacted

  • CIO
  • Cloud migration teams

What’s Next?

Oracle now joins Microsoft in offering a specialised, highly secure Cloud capability for government agencies in Canberra. Agencies looking to quickly adopt a Cloud first strategy now have clear Microsoft and Oracle trajectories that include a physical presence, while AWS approaches the PROTECTED Cloud stance solely through a service-by-service model. When considering Cloud migration, agencies should review the extent of Oracle in their ICT architecture and factor this into the Cloud platform (or platforms) to be selected. 

Related IBRS Advisory

The Latest

16 February 2021: Veeam continues to expand its footprint across the hyperscale Cloud vendors with the introduction of Veeam Backup for Google Cloud Platform. This follows its December 2020 announcement when Veeam announced the general availability of AWS v3 Backup and Azure v4 Backup. As a result, Veeam now provides backup and recover capabilities across - and just as importantly between - the three major hyperscale Cloud vendors. 

Why it’s Important

During a briefing with IBRS, Veeam detailed its strong growth in the Asia Pacific region. It also discussed its strategy for providing backup and recovery capabilities over the major hyperscale Cloud services: Azure, AWS and Google. The demand for Cloud backup and recovery is growing with greater recognition organisations adopting hybrid Cloud (the most likely future state for many organisations) demands more consistent and consolidated approaches to management - including backup and migration of data between Clouds. VMWare is seeing growth in its hybrid Cloud management capabilities as well, and the synergy between Veeam and VMWare productions is no coincidence.  

Who’s Impacted

  • Cloud architects
  • Business continuity teams

What’s Next?

Backing up Cloud resources appears to be a simple process. Taken on as service-by-service, this might be true. However, in reality the backup becomes increasingly challenging. As more and more applications are made up of a myriad of components, this leads to a rapidly evolving ecosystem of solutions. Hence, data recovery and restoration are also getting more complex. This is further exacerbated by the growing adoption of hybrid Cloud. 

Organisations need to explore backup and recovery based on not only current state Cloud architecture, but possible migration between Cloud services and where different integrated applications reside on different Cloud platforms.

Related IBRS Advisory

The Latest

2 February 2021: Google has announced general availability of Dialogflow CX, it’s virtual agent (chatbot) technology for call centres.  The service is a platform to create and deploy virtual agents for public-facing customer services. Google has embraced low-code concepts to allow for rapid development of such virtual agents with a visual builder. The platform also allows for switching between conversational ‘contexts’, which allows for greater flexibility in how the agents can converse with people that have multiple, simultaneous customer service issues.

Why it’s Important

While virtual agents are relatively easy to develop over time, two key challenges have remained: 

  1. the ability to allow non-technical, customer service specialists to be directly involved in the creation and continual evolution of the virtual agents
  2. the capability of virtual agents to correctly react to humans’ non-linier conversational patterns.

Google’s Dialogflow CX has adopted aspects of low-code development to address the first challenge. The platform offers a visual builder and the way conversations are developed (contexts) can be described as ‘program by example’. While there are third-party virtual agent platforms that further simplify the development of agent workflows (many of which build on top of Dialogflow), the Google approach is proving sufficient for non-technical specialists to get heavily involved in the development and fine-tuning of virtual agents

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

If not already in place, organisations should establish a group of technical and non-technical staff to explore where and how virtual agents can be used. Do not attempt a big bang approach: keep expectations small, be experimental and iterative. Leverage low-code ‘chatbot builder’ tools to simplify the creation of virtual agent workflows, while leveraging available hyperscale cloud platforms for the back end of the agents. 

Related IBRS Advisory

  1. Chatbots Part 1: Start creating capabilities with a super-low-cost experiment
  2. Virtual Service Desk Agent Critical Success Factors
  3. SNAPSHOT: The Chatbot Mantra: Experimental, experiential and iterative
  4. New generation IT service management tools Part 1
  5. Artificial intelligence Part 3: Preparing IT organisations for artificial intelligence deployment
  6. VENDORiQ: Tribal Sage chatbot

The Latest

20 January 2021: In its 2020 Q4 quarterly earnings report, Citrix announced it is buying Wrike, a Cloud-based, collaborative project management service, for US$2.25 billion.

Why it’s Important

The market for collaborative workforce management tools has grown sharply in 2020. Prior to the pandemic, products such as Write were generally procured by business stakeholders. The ICT group’s ability to mandate a specific collaborative workforce management tool was limited due to the ease of acquiring such tools, strong user preferences based on past experiences with tools and waves of vendor’s branding activities. As a result, most organisations have a myriad of collaborator workforce management tools, including: Wrike, Monday, Trello, Microsoft Project, Microsoft Planner, Plutio and others. 

However, as outlined in IBRS’s whiteboard session on Disruptive Collaboration, this situation is unsustainable. These Cloud-based tools can not only create pockets of documents and sensitive information, but also act as barriers for different teams to work together when they each have different tools. 

Citrix’s acquisition of Wrike is a sign that the market for such tools may be starting to consolidate.

However, for existing Citrix customers and for Wrike customers, the acquisition will have little direct impact at this time.

Who’s impacted

  • Project managers
  • Business stakeholders involved with workforce management / project delivery

What’s Next?

  • ICT groups should seek out which workforce collaboration tools are in use across the organisation. Longer term, plans should be in place to begin limiting the number of tools in an effort to improve information management and compliance, collaboration between disparate teams and reduce the security footprint.

Related IBRS Advisory

  1. Disruptive Collaboration (whiteboard session)

Conclusion:

While discussions regarding industry trends and customer priority shifts have remained prominent this month, vendor innovation in light of expected growth has also been a focus. In particular, managed service providers required to innovate beyond evolving technologies to include hybrid and integrated offering structures, effective business operations and external sources to support vendor growth. The need to access external sources for funding, skills, offerings and client base has become apparent. The demand for improved internal frameworks to allow for hybrid solutions, offering delivery and customer interactions has also been flagged. Accelerated activity in a critical and complex industry requires vendors to continue to provide high quality, innovative service provision frameworks in order to remain competitive.

Read more ...

Conclusion:

As is common in security, a buzzword becomes a product segment which is then flooded with new entrants or even old players with new offerings. A classic case is the detection and response segment. Initially, it was one approach – endpoint detection and response. But as vendors entered the segment they were driven to find differentiation points to stand out from the crowd.

What was a simple segment became one with many new acronyms, new problem definitions and of course a plethora of products. To help understand the basic differentiation of products in this segment this advisory provides a direct and simple definition for each main sector along with points to note about how to select any specific product in the segment.

Read more ...

Conclusion:

COVID-19 has presented a number of challenges for business and the underlying Information and Communication Technology (ICT) in particular. These challenges have presented both as crisis and opportunity but all have been compelling events. To paraphrase Winston Churchill, ‘never let a good crisis go to waste’. In each case, this will only be possible when the lessons learned are properly investigated and documented, allowing evidence-based decisions to ensure organisations improve the way business is done.

The COVID-19 pandemic has resulted in many changes to the way business is done, how employees contribute, and how customers interact. Taking the time to evaluate performance, document the lessons learned, and to improve your business decision processes is invaluable. Applying the technical and business lessons learned from the period of this pandemic will add value for many years to come. It will allow your organisation to reinforce successes, avoid possible errors, and potentially improve its position in the marketplace.

Read more ...

Conclusion:

Australian organisations in both public and private sectors enthusiastically identify and implement best practices from around the world. After considerable time and effort has been allocated to implementing these processes and the associated tools the results are all too often less than satisfactory. There are many best practices, frameworks and tools to assist in the optimisation of IT but there are two key problems areas that if overcome, can make a significant difference in the benefits that organisations will derive from best practice implementation.

Read more ...

Conclusion:

For enterprises and small to medium businesses (SMBs), Artificial Intelligence (AI) opportunities are widespread and industry-specific. Each industry will grapple with conversations to understand how AI can:

  1. Create competitive advantage.
  2. Complement existing business.
  3. Disrupt, or even destroy the business model that exists today.

What businesses need to plan for is that AI engineering and AI ops are destined to be the essential umbrella to govern AI in the coming decade. Hyper-automation (HA) of business processes will see some business models fail whilst others thrive into the 2030s.

Read more ...

Conclusion:

The recent SolarWinds security compromise provides a timely reminder that a cyber security compromise from third parties is a clear and present threat. Virtually all organisations utilise third party vendors to provide services, software solutions and to store data. For these reasons, it is essential that all organisations have a third party risk assessment and compliance program as part of a broader cyber security strategy. Given that organisations utilise a multitude of vendors it is impractical to adopt a one-size-fits-all approach to third party risk management. This article provides a pragmatic approach to mitigating this risk.

Read more ...

Conclusion:

Minimising risks from systems specification errors and cyber risks from network intrusions when an enterprise-wide digital transformation is underway is a daunting task, as many stakeholders could be impacted. Depending on the severity of the error or network intrusion, an incident could damage a brand’s image and shareholder confidence in the board. In the public sector, a cyber incident could result in the leaking of citizens’ private data and put an unwelcome spotlight on ministers and bureaucrats.

While boards are ultimately responsible for monitoring and minimising risks, they must ensure management creates a risk abatement framework and strategy, and executes it. The problem is compounded when the organisation’s aim is to transform or reshape its business model and the changes proposed are resisted by staff concerned at possible job losses or fear of failure – risks which must be addressed in the strategy.

Read more ...

Conclusion:

Too often, information communications technology (ICT) and business analytics groups focus on business intelligence and analytics architectures and do not explore the organisational behaviours that are required to take full advantage of such solutions. There is a growing recognition that data literacy (a subset of digital workforce maturity1) is just as important, if not more important, than the solutions being deployed. This is especially true for organisations embracing self-service analytics2.

The trend is to give self-service analytics platforms to management that are making critical business decisions. However, this trend also requires managers to be trained in not just the tools and platforms, but in understanding how to ask meaningful questions, select appropriate data (avoiding bias and cherry-picking), and how to apply the principles of scientific thinking to analysis.

Read more ...

The Latest

27 January 2020: Sitecore, which offers a web content management and online customer experience platform, announced a US$1.2 billion investment plan to grow its global footprint. 

Why it’s Important

In the market for online customer experience, Sitecore is the key rival to Adobe. While Sitecore does not provide the breadth of digital design services that Adobe offers, its web content and digital marketing capabilities are competitive. This US$1.2 billion investment plan signals Sitecore’s desire to take advantage of the increased demand for digital service delivery in the wake of the pandemic. 

Sitecore’s offering is price-competitive against Adobe, though still at the high-end of the market. However, it does need to boost its support network and partners if it wishes to encroach on Adobe, while also defending against mid-tier players and modern CRMs such as Salesforce and Netsuite ecommerce and customer service offerings. 

Who’s impacted

  • CMO
  • Sales / Marketing teams

What’s Next?

While Sitecore is well-known in Australia and the Asia Pacific / Japan region, strengthening its implementation partners and support network will go a long way to positioning it against Adobe. IBRS has noted that some Australian Sitecore clients have expressed frustration with the availability of local Sitecore skills and sought US-based contractors to fill the gaps. Investment in building an international footprint may help alleviate local skills shortages.

Related IBRS Advisory

  1. CRM modernisation Part 1: Strategy, planning & selection
  2. CRM modernisation Part 2B: Creating a customer experience strategy
  3. Positive customer experiences must lead digital transformation

The Latest 

19 January 2021: Salesforce has added a customer loyalty management module to its Customer 365 Platform. The new module allows organisations to define and deploy programs for incentives and rewards, linked to customer data held within the core Salesforce and customer experience platform.

Why it’s Important

During the pandemic and related lockdowns, digital service delivery has surged. More significantly, as consumers adopted more online service delivery, they also tried out new brands. McKinsey estimates that 80% of US consumers stuck with their new channels, with digital customer loyalty programs being a significant force in this trend.  

Who’s impacted

  • CMO
  • Sales executives
  • E-commerce teams

What’s Next?

While data for Australian consumers' adoption of digital channels and digital loyalty programs is not readily available, anecdotal evidence from discussions with IBRS clients and from well established online retailers such as Kogan and Woolworths, suggests Australia has also seen a similar pattern to that of North America, though perhaps not as pronounced.  

Loyalty programs will likely become a key differentiating factor for brands to maintain repeat business as more (niche) Australian retailers take up digital channels to meet their client demands. Organisations should begin to explore how digital loyalty programs can:

  • drive repeat and regular online engagement 
  • build brand awareness and affiliation, and 
  • increase life-time-value measures.

Related IBRS Advisory

  1. CRM modernisation Part 1: Strategy, planning & selection
  2. CRM modernisation Part 2B: Creating a customer experience strategy
  3. Positive customer experiences must lead digital transformation

The Latest

27 January 2021:  M-Files, which provides a document and content management solution, has raised US$80 to develop an AI to analyse, categorise and manage enterprise information. 

Why it’s Important

There are two forces driving the destruction of traditional electronic documents and records management (EDRMS) solutions: 

  • collaboration, which breaks legacy information lifecycles, and
  • the explosion of information types and stores, which hinders the ability to have a single repository of digital records

When combined, it becomes clear that legacy EDRMS solutions are not only incapable of providing the flexibility needed to manage enterprise information is a way that enables new ways of working, but also cannot address the ‘mess’ (really, complexity) of these work practices.

Leading EDRMS vendors are looking to leverage AI to address this ‘mess’ by:

  • analysing and automatically applying meta-data / classifications to information
  • determining which information policies need to apply to content, and enforcing such policies automatically
  • seeking out information across an organisation for the purposes of applying information lifecycle policies, e-discovery and security. 

By investing in AI, M-Files is ensuring it remains relevant and able to compete in the future of enterprise content management. 

Who’s impacted

  • CIO
  • Information Managers

What’s Next?

While legacy products such as TRIM (now Micro Focus Content Manager) remain in place and are being supplemented by add-on solutions (eg. Micro Focus Control Point), the future will be products with AI taking centre stage within the core information management functionality. 

Organisations considering their future information management strategies must factor the disruptive impact of collaboration, including the Office 365 platform, and the ever growing amount, variety and location of information. EDRMS solutions that feature AI as a core component should be short-listed.

Related IBRS Advisory

  1. Disruptive Collaboration - Whiteboard Session
  2. Making work, work better: digitisation, digital workflow, & the new normal
  3. Teams Governance: Emerging better practices
  4. Planning your next generation Office Suite? Consider Records Management
  5. Records management discipline must not be ignored during digital transformation

Future of Work expert and IBRS advisor Dr Joseph Sweeney has made seven recommendations towards good Microsoft Team governance after surveying and speaking to 80 CIOs across Australian organisations. 

Microsoft Teams usage grew to more than 44 million global daily active users during COVID-19 and has still continued to grow. Dr Sweeney's findings discovered a number of concerning issues for organisations with Teams implementation and the risks associated with them. Businesses rushed to deploy Teams in a way that left them at risk of exposing critical data and damaging productivity.

Dr Sweeney emphasised Microsoft hasn't created an insecure environment with Teams. "Out of all the vendors Microsoft actually has a really good security Story" said Dr Sweeney. "The problem is, a lot of organisations in the rush to get people working from home turned Teams on, and they've deployed (it) without full consideration of all of these new risks."

Full story.

 

Related Articles

Microsoft teams governance: Emerging better practices

Better Practice Special Report: Microsoft Teams Governance

IBRSiQ is a database of Client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

The Latest

15 January 2021: Samsung released a set of three Galaxy S series smartphones, aimed at the consumer market. All models support 5G. The high-end model - the Galaxy S21 Ultra - has features that rival its flagship executive-level smartphone, the Galaxy Note. In addition, the announcement stressed Samsung’s workplace features:

  • Wireless DeX for using smartphone as desktop
  • Office 365 integration
  • Knox Suite for device management and end-point security.

Why it’s Important

Despite the market for smartphones declining sharply in 2020 (a drop of 16 percent), Samsung gained around 5% market share. The decline in the market is due to consumers retaining their smartphones for longer periods of time due to the increasing costs of premier devices.  

Samsung’s efforts to sell into enterprises - blending consumer and enterprise features - are proving effective in shoring up its strength against rivals. The vendor has been making inroads into the enterprise space with both consumer-grade devices and semi-ruggedised devices. The S21 series of devices support Samsung’s enterprise security features, DeX and the Knox (as well as third-party) end-point management services. 

The devices also include new cameras that make them attractive for field-based asset management activities. The S21 Ultra is a large format device that supports pen-input (via an add-on pen and case) positioning it against Samsung’s popular Galaxy Note.

Who’s impacted

  • Field support teams
  • Telecoms / comms teams
  • Workforce transformation strategists
  • End-point / security teams

What’s Next?

While Samsung’s DeX feature is interesting, IBRS has seen very few organisations launching DeX desktop experiences from smartphones. For now, this remains an ‘experimental’ idea, limited to tech. However, launching DeX desktop experiences from tablets is growing in popularity.

Samsung is betting heavily on 5G, especially in regard to new services on its devices. The new cameras can produce not only high-resolution images, but high-colour sensitivity (12-bit) RAW images and depth of field information, which open up new applications for asset management, field maintenance, and design. Any files that leverage these camera capabilities will be large. 5G networks will make such files viable in field applications.

From recent client research, IBRS notes that organisations using premium consumer-grade devices (namely Apple and Samsung) for field force tasks overestimate the battery life of these devices, and as a result, the replacement cycle needed. When such devices are used for ‘typical’ consumer use, batteries last for 3-4 years before their capacity diminishes to a point where they are problematic. In contrast, such devices used for field-forces result in batteries decaying within 2 to 2 ½  years. Therefore, buyers of enterprise smartphone devices need to monitor device health, adjust their device procurement lifecycles - and budgets - accordingly.

Samsung’s new S21 range supports enterprise features and cameras that make them attractive for field use. The range of price points for the S21 series make them attractive against their rival in enterprise smartphones.

Related IBRS Advisory

  1. Redefining what ruggedised means
  2. Keeping your mobile device strategies up to date

The Latest

11 January 2021: IBRS interviewed low-code vendor Kintone, exploring its unique capabilities. The Japanese company is looking to expand its presence in the Australian market through traditional channels and some unexpected partners.

Why it’s Important

As detailed in the ‘VENDORiQ: Cloud low-code vendor Webflow secures US$140 million’, the low-code market is growing rapidly.  Kintone Australia is a subsidiary of Cybozu, one of Japan’s largest software companies, which was founded in 1997. The firm’s platform focuses as much on collaboration around digitised processes as it does on the development of applications - with every process having ‘conversational threads’. The firm’s clients in Australia are predominantly Japanese firms with local operations.

Who’s impacted?

  • Development team leads
  • Workforce transformation leads

What’s Next?

Kintone addresses the low to mid-range of the IBRS spectrum of services for eforms and low-code environments. It is suited for less-technical staff (including business analysts) to create structured processes that include collaboration. 

Kintone’s approach is worth noting, since many of the processes digitised by low-code platforms are replacing ad-hoc, messy processes that are often managed with manual activities and collaboration. There is an active evolution from manual, collaborative processes to digitised processes.

Kintone has a stable financial base via its strength in the Japanese market. Skills, training and support for Kintone are comparatively weak in the domestic market. However, Kintone is looking to partner with IT services organisations and partners with strengths in providing printing and digitisation technologies. 

Related IBRS Advisory

  1. How to succeed with eforms Part 1: Understand the need.
  2. Workforce transformation part 4: Non-techies are taking over your developers’ jobs – Dealing with the fallout
  3. Aussie vendor radar: Nintex joins the mainstream business process automation vendor landscape
  4. VENDORiQ: Cloud low-code vendor Webflow secures US$140 million

The Latest

14 January 2021: IBRS interviewed Appian, a low-code vendor that specialises in providing business analysts and developers with a platform to deliver custom enterprise applications. The vendor has seen strong growth in the later half of 2020 due to organisations needing to quickly develop new applications to address lockdowns and new digital service delivery demands. The vendor also detailed how it is leveraging machine learning to guide users through the development of applications. The use of machine learning to recommend low-code application designs and workflows is a key differentiator for Appian.

Why it’s Important

As detailed in the 'VENDORiQ: Cloud low-code vendor Webflow secures $140 million', the low-code market is growing rapidly. Appian is a major global vendor in the low-code market. It positions itself above the non-technical / citizen-developer tools such as Forms.IO, but below the specialised development team platforms such as OutSystems. Appian’s ‘sweet spot’ is teams of business stakeholders working with business analysts and developers to jointly prototype and then put into production applications. 

Appian has been expanding the use of machine learning algorithms to application design. During application development, the algorithms will make recommendations on fields that are needed on forms, workflow steps, approval processes, etc.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

When selecting a low-code platform, organisations should be very clear about who the stakeholders are, who will use the platform, the project management model for application development and the applications to be developed.  

In the case of Appian, there is clearly a close alignment with Agile business methodologies, which extend beyond the ICT group as outlined in the 'IBRS Snapshot: Agile Service Spectrum'.

The use of AI during the development applications is a feature more than a gimmick. This ‘guided’ approach to design not only speeds up application development, but by analysing a large body of existing applications and drawing inferences based on usage and effectiveness, it helps ensure that ‘best practices’ in workflows are not overlooked.

Related IBRS Advisory

  1. How to succeed with eforms Part 1: Understand the need.
  2. Workforce transformation part 4: Non-techies are taking over your developers’ jobs – Dealing with the fallout
  3. Aussie vendor radar: Nintex joins the mainstream business process automation vendor landscape
  4. VENDORiQ: Cloud low-code vendor Webflow secures US$140 million

The Latest

12 January 2021: Webflow, a Cloud-based low-code vendor, has secured US$140 in investment. The new round of investment values the vendor at US$2.1 billion. 

Why it’s Important

The low-code market exploded over the last year. Newer entrants, such as Webflow (founded in 2012), are attracting significant venture capital. Just 17 months ago, Webflow took $72 million investments which valued the company at $400 million. The new investments thrust the vendor into unicorn status. At the same time, well-established low-code vendors such as Nintex and Microsoft are consolidating and expanding their portfolios to include robotic process automation, process modelling and integration tools.

The market for low-code is not yet at the peak of its feverish growth, but IBRS cautions that current rates of investment and hype are unsustainable. There will be turmoil as the mark begins to consolidate, likely in 2023 to 2026.

Who’s impacted

  • CIO
  • Development team leads
  • Workforce transformation leads

What’s Next?

Low-code development is not a new concept. However, the uptake of Cloud platforms, common data models, robot process automation and business modelling are extending the notion of low-code development from simple ‘e-forms’ tools to services that enable enterprise-grade process digitisation.  

The pandemic and working from home has supercharged the need for process digitisation, and low-code vendors are all seeing strong sales growth. 

Unfortunately, the term ‘low-code’ is starting to become meaningless, as vendors that provide very different application development tools and platforms attach the term to their products.  IBRS recommends organisations view ‘low code’ as a broad term that covers a spectrum of capabilities, as detailed in 'How to succeed with eforms Part 1: Understand the need'. It is likely that most organisations will need to acquire two low-code products to cover different parts of this spectrum: one product aimed at non-technical staff for simple e-forms, and another product to increase the agility of pro-developers in the ICT group.

Consider the financial backing and stability of a vendor when selecting low-code tools, as market consolidation is on the horizon. You do not wish to be developing business processes on a platform they will outlive.

Related IBRS Advisory

  1. How to succeed with eforms Part 1: Understand the need.
  2. Workforce transformation part 4: Non-techies are taking over your developers’ jobs – Dealing with the fallout
  3. Aussie vendor radar: Nintex joins the mainstream business process automation vendor landscape
  4. IBRSiQ: Can IBRS assist in identifying a mobility platform other than Xalt?

With the rush to deploy Teams to enable remote work in 2020, the majority of organisations have not yet fully considered the highly disruptive nature of deep collaboration. Governance has been largely overlooked in the effort to ‘just get people working’. IBRS outlines the seven critical areas of governance that must be immediately addressed for Teams to be sustainable and to mitigate the new risks (and benefits!) of deep collaboration. Find attached a PDF of the webinar to download for free. Or to view the webinar, click on the video below.

 

Conclusion: Most organisations have vast pools of data (a. k.a. information assets) lying underutilised, as many IT and business professionals are unsure where it is stored and are unaware of its value. To turn the situation around organisations must strive for data mastery1, which is the ability to embed the data into products and services to increase efficiency, revenue growth and customer engagement.

Read more ...

Conclusion: Cyber attacks are a clear and present threat. Some organisations now have varying degrees of detection, monitoring and response capability in place, while other organisations still rely on their major incident response process to identify and manage cyber security incidents. In these organisations, cyber security operational responsibility is still embedded in traditional ICT operations. Such a siloed approach is suboptimal and presents risks in the effective management of cyber security risk. CIOs and other cyber security professionals should ensure that they have implemented a SOC capability that is appropriate to their organisation.

Read more ...

Conclusion: Credential theft is still one of the prime means of attacking systems. Dictionaries of passwords are readily available (many with millions of passwords). These allow attackers to perform credential stuffing attacks – often successfully.

Eliminating passwords has been difficult in the past. However, the consensus amongst vendors of both software and hardware is to bring to market methods of achieving authentication without passwords. The ubiquity of mobile devices with touch or facial authentication is one prime element.

This is a necessary evolution of authentication.

Read more ...

Conclusion: To improve call centre resources scheduling, some organisations have implemented software agents to either improve users’ experience and/or reach the right expert at the right time. However, self-service success depends on the quality of information available to the software agent and its analytical ability to provide reliable recommendations. Any deficiency in these resources will leave the software agent with no alternative but to call the live agents, thereby making the investment in agent technology questionable. Organisations should assess the software agent maturity and determine which level should be reached to fulfil the business imperatives. This note provides a self-assessing approach to address software agent shortcomings.

Read more ...

Observations: In theory, Virtual Desktop Infrastructure (VDI) technology enables organisations to be nimble, providing flexible, remote working and (for some use cases) more cost-effective deployment of digital workspaces. Recent events and technology advances have tested this theory and spawned several major changes. The rush to cater for remote working has increased adoption to Cloud-based VDI for ‘burst workloads’, at least in the short term. The need to quickly address scalability issues for organisations that had previously invested in VDI has favoured increased sales of hyperconverged solutions.

Longer term, organisations are looking to leverage VDI to enable compute and data-intensive tasks while keeping information ‘inside the data centre’. Some organisations – especially in financial services – are looking to expand previous VDI experiments to transform workplaces and service delivery models.

Read more ...

Conclusion: Agility to respond to change has become essential. Compared with previous years, CIOs are expected to produce results over longer periods of time, now expectations have become much higher. Stakeholders are expecting results as soon as possible. With the trend geared towards an increase in technology dependence, the pressure of delivering results has therefore increased for CIOs and IT leaders.

Part of this new set of expectations is improved efficiency and productivity, which in most cases requires a thorough evaluation of business processes to garner potential inefficiencies. One of the primary tools organisations have at their disposal is the enterprise resource planning (ERP) systems. Eventually, it all boils down to whether or not the migration to S/4 HANA can be justified in terms of value-add-services. Implementation effort and run costs are only a part of the business case, not the whole.

Read more ...

Conclusion: This month, discussions regarding expected industry trends in 2021 have been prominent. In particular, the growth of providers that support digital transformation projects and associated infrastructure, as well as security, Cloud services and automation tools. This growth is expected to be driven by industry shifts resulting from COVID-19 and the need to adapt to new operating environments and business processes. Vendors are preparing for heightened activity and expanding offerings to cater to customer needs. Customers will require integrated vendor services that respond to external issues, internal business changes, and the adoption of new technologies and frameworks to improve efficiencies.

Read more ...

Conclusion: Regardless of its digital strategy, many organisations have not been positioned to properly leverage the digital and data assets that are available to them. A Chief Data Officer (CDO) role can improve this situation by advancing an organisation’s data portfolio, curating and making appropriate data visible and actionable.

The CDO position is appropriate for all larger organisations, and small-to-large organisations focused on data-driven decision-making and innovation. These organisations benefit from a point person overseeing data management, data quality, and data strategy. CDOs are also responsible for developing a culture that supports data analytics and business intelligence, and the process of drawing valuable insights from data. In summary, they are responsible for improving data literacy within the organisation.

Read more ...

Conclusion: It is no longer viable for telecommunication providers to simply offer Session Initiation Protocol (SIP) trunks for voice connectivity or Multi-Protocol Label Switching (MPLS) links to connect office and data centre locations. Nor does it make good business sense for the telco or for the customer.

The modern architectures of Cloud and Software-as-a-Service (SaaS), mixed with the need to maintain on-premise for critical elements are key components that support most digital strategies. Using older telecommunications architectures with fixed connections and physical infrastructure for routing and switching can be costly, and can stifle agility and therefore productivity.

However, modern telecommunication architectures bring an ability to virtualise connections and network switching. The abstraction of these capabilities allows dynamic management of the services providing substantial agility, as well as potential productivity gains and cost savings to the customer.

Read more ...

The latest

14 December 2020: FireEye announced it had been breached. An extremely comprehensive overview is available from FireEye. This blog post includes timelines, technical recommendations, and IoCs (indicators of compromise). 

FireEye, a company that exists to track and thwart advanced and persistent adversaries, was itself compromised by an advanced and persistent adversary. FireEye was compromised through a product from SolarWinds. 

What now?

There are four main areas worth exploring. 

1) Check your SolarWinds instance(s) 

The FireEye blog post includes instructions for what to look for. Good asset management will be useful in this verification process. One CISO noted they found an unmaintained SolarWinds instance in one of their OT environments. 

A core lesson that many security executives drew from the MobileIron vulnerability (CVE-2020-15505) was that anything an organisation has that is internet facing needs to consistently receive critical patches quickly, even out of cycle. 

This will require a process to identify critical patches, but for the process to actually be executed. Citrix, VPNs, staff home routers (see FF no.02), and now MDMs have all been leveraged this year for compromise. Everything is up for grabs, so logically, anything internet facing needs to be aggressively maintained. This relates to patching but also asset management. 

Further, it's an opportunity to review privilege. Just because a product can do something, doesn't mean it should. Does SolarWinds really need to talk to the Internet? There are technical controls like host firewalls and properly profiled application allow-listing that will significantly frustrate an adversary in this scenario. It’s a great example where a zero trust architecture would make a big difference.

2) Organised crime 

The ACSC has noted that once a vulnerability is disclosed, threat actors can develop an exploit within 48 hours. We've seen this timeline achieved this year, with both F5 and MobileIron vulnerabilities. Now that the advanced and persistent actor has been ejected from FireEye (and hopefully from SolarWinds) it could be a matter of time before organised crime tries to exploit unpatched SolarWinds instances. 

FireEye will recover, and have an even better story to tell. At this early stage it seems that FireEye was the last target compromised by this adversary, and probably compromised for the shortest duration before the adversary was detected and ejected. It sounds like FireEye was targeted as a source for further intel on government agencies.  

I've got no evidence for this, but I wouldn't be surprised if FireEye was the last, trophy, "let's see if we can do this" target. 

3) Supply chain

The critical point about FireEye being breached, is it points to what industry has been saying for years - "it's not if, it's when". What matters after bang (or 'right of bang'), is how the organisation responds and FireEye is giving a master class on how to respond. But FireEye is only able to do this on the back of years of refining their art. 

However, going left of bang will encourage technology and security executives to look at their supply chain. What other products have access to systems, data and privileges that would be a nightmare if you did not have sole occupancy?

What other software has pervasive access like SolarWinds? What protocols are my service providers following when they use tools like SolarWinds on my environment? We cannot boil the ocean but, as Kevin Mandia said at a CISO Lens gathering in 2016, "protect most what matters most". 

4) Cyber insurance

I've not heard anyone talking about cyber insurance regarding this whole hostile campaign. It seems inevitable that public attribution will end up pointing to a particular nation. If this is the case, many insurers will likely point to exclusion clauses that indemnify the insurer from costs incurred through nation-state activity.

If you have cyber insurance, it may be worth getting a position from your insurer on whether you would have been able to make a claim against your policy if your organisation had been compromised.

The Latest

8 Dec 2020: AWS has announced plans to open a second region in Australia in the second half of 2022. This venture will consist of three availability zones supporting hundreds of thousands of AWS customers. This promotes lower latency, enhanced fault tolerance, and resiliency for critical Cloud workloads. 

Why it’s Important

This is not a competitive response to Microsoft Azure, which already has several data centres across Australia. Instead, it is the result of Amazon's continuing growth in the market. AWS needs to build significant additional domestic capacity to meet expected demand up to 2025. Hence, doing so in a new location provides AWS an additional benefit with on-shore multi-zone resilience. 

A new AWS region in Melbourne will also fuel different organisation innovative efforts. Government, private organisations, and the education sector will continue to transform their research and development endeavours that aim to protect, prioritise and benefit people across the country.

Who’s Impacted

  • Cloud architects
  • Cloud engineers

What’s Next?

In practical terms, this move has little direct impact on most organisations’ Cloud strategies. However, it does provide an additional option for resilience for organisations that need to keep all data on-shore. 

Related IBRS Advisory

The Latest

2 December 2020: Salesforce introduces Hyperforce. This move is a re-architecture of Salesforce’s design to continually support its global customer base. It has B2B and B2C performance scalability, built-in security, local data storage, and backward compatibility.  

Hyperforce allows Salesforce solutions to be run on a hyper scale Cloud service based on the client’s choice. These solutions include:

  • Sales Cloud
  • Service Cloud
  • Community Cloud
  • Chatter
  • Lightning Platform (including Force.com)
  • Site.com, Database.com
  • Einstein Analytics (including Einstein Discovery)
  • Messaging
  • Financial Services Cloud
  • Health Cloud, Sustainability Cloud
  • Consumer Goods Cloud
  • Manufacturing Cloud
  • Service Cloud Voice
  • Salesforce CPQ and Salesforce Billing
  • Customer 360 Audiences

Why it’s Important

Being able to move a SaaS solution to the Cloud based on client's preference, is a radical departure from convention for most major SaaS vendors. It is likely to be followed by other SaaS solution vendors, though Oracle’s close ties with Netsuite and Microsoft Dynamics with Azure, suggest Salesforce’s two main rivals will not be following this strategy any time soon.

This is a long-overdue overhaul for the entire Salesforce architecture as it needs to offer both architectural and commercial elasticity to aid customer’s global digital transformation.

It solves data sovereignty issues and provides all the advantages of using public Cloud resources. It also reduces implementation time despite being an enhanced architecture designed from the ground up to help customers deliver workloads to the public Cloud of choice.

Who’s Impacted

  • CIOs
  • CTOs
  • CRM leaders
  • Salesforce developers

What’s Next?

While the Hyperforce announcement is welcoming, there are still loopholes in the horizon. The solution is not available for on-prem implementations of the major Cloud vendors. Meaning, Hyperforce is not a path to an on-prem or hybrid Cloud solution.

For Australian organisations that aim to gain more control over how Salesforce stores information, either for compliance or cost control, to bring it closer to other Cloud services, Hyperforce is worth considering. It offers greater flexibility but also comes with a greater need for managing resources and costs. 

Before making any decision on moving to Hyperforce, Salesforce clients should have clear understanding of the following migration aspects:

  • Who will do the migration (i.e. the client or Salesforce)?
  • Who will deal with the public IaaS provider on a daily basis?
  • How will the current service cost be impacted?
  • Who will be responsible for the service management of public IaaS including the service desk?
  • What are the new risks that should be identified and mitigated?
  • Are there any changes to the current backup arrangements?
  • Are there any changes to the disaster recovery and business continuity arrangements?
  • How will the current change management arrangements change?
  • How the exit fees might change?

Related IBRS Advisory

The Latest

8 Dec 2020: Veeam announced the general availability of AWS v3 Backup. This is a timely endeavour with the continuous growth of multi-faceted Cloud apps built in AWS that necessitates backup and disaster recovery solutions.

Veeam offers automated backup and disaster recovery solutions that provide additional protection and management capabilities for Amazon EC2 and Amazon RDS. There are two options to consider:

  • Veeam Backup for AWS - protects data housed on AWS using its standalone AWS backup and recovery solution.
  • Veeam Backup & Replication™ - safeguards and consolidates AWS backup and recovery with another Cloud, virtual or physical, across different Cloud platforms with unlimited data portability. 

Why it’s Important

Cloud backups are no longer an option. Competition now requires additional redundancy and security for businesses. This ensures that their important data is available and retrievable if and when disasters strike.

Backing up Cloud resources appears to be a simple process. Taken on as service-by-service, this might be true. However, in reality the backup becomes increasingly challenging. As more and more applications are made up of a myriad of components, this leads to a rapidly evolving ecosystem of solutions. Hence, data recovery and restoration are also getting more complex.

Who’s Impacted

  • Cloud architects
  • Business continuity teams

What’s Next?

Tech management should explore which Cloud services, both IaaS and SaaS, need to be backed up. Establish strategies and choose the appropriate interplay between these services. For a growing Cloud usage or a forecast usage growth, evaluate how the services can be backed up reliably. This is possible through knowing beforehand the important parts that may be reconstructed into a recovered state if needed. 

Related IBRS Advisory

The Latest

2 December 2020: Salesforce Einstein is being extended into the Mulesoft automation and data integration platform. The newly announced Flow Orchestrator enabled non-technical staff to transform complex processes into industry-relevant events. The new AI-assisted MuleSoft Composer for Salesforce will allow an organisation to integrate data from multiple systems, including third-party solutions.

Why it’s Important

AI enables business process automation as a key technology enabler that favours organisations with a Cloud-first architecture. Salesforce will leverage its experience and connections with selling to organisation’s non-IT executives to secure a strong ‘brand leadership’ position in this space.

Who’s Impacted

  • CIOs
  • CTOs
  • CRM Leaders

What’s Next?

In mid-2019, IBRS noted a significant upswing in interest in Mulesoft and integration technologies more broadly from the non-ICT board-level executives. In particular, COOs and CFOs expressed strong interest in, and awareness of, process automation through APIs.  

Digging deeper, IBRS finds that Salesforce account teams, who are well-known for bypassing the CIO and targeting senior executive stakeholders, are also bringing Mulesoft into the business conversation. Also, Microsoft is expected to double-down on AI-enabled business process automation with the PowerPlatform. 

As a result, the addition of Salesforce Einstein AI into the discussion of automation and integration is expected to land very well with COOs and CFOs. 

CIOs need to be ready to have sophisticated discussions with these two roles regarding the potential for AI in process automation. Expectations will be high. Understanding the possible challenges of implementing such a system takes careful consideration. CIOs should be ready to build a business case for AI-enabled business process automation.

Related IBRS Advisory

The Latest

2 December 2020: DXC Technology is partnering with Microsoft to create modern workplace experience. This effort is aimed at addressing the demand by enterprises to improve workplace agility, which has come into sharp relief during the pandemic.

Why it’s Important

This announcement clearly shows Microsoft’s strategy for securing not just segments of the enterprise architecture of the future but the lion’s share. 

Enterprise companies are driving the business transformation to enhance collaboration, increase mobility, and improve customer engagements. This announcement comes as competition such as Salesforce heats up through several acquisitions, and Microsoft’s long-time rival, Oracle, makes inroads into new models of SaaS.

Who’s Impacted

  • CIO / CTO
  • Enterprise software architecture team

What’s Next?

Microsoft, like all vendors, has a strategy to extract ever more revenue from its clients.  However, Microsoft's unique position in the market gives it huge power. Understanding how Microsoft will evolve its services and licensing models is essential for keeping budgets in control.

As explored in this week’s Salesforce Slack announcement, IBRS sees that one option for the future digital workplace architecture is based on five platforms.

  1. A platform consisting of central systems of record (e.g., CRM, ERP, etc.) in the Cloud or Cloud-like environments
  2. An integration platform that surrounds the mentioned platforms 
  3. A one (or likely two) low-code platform(s) 
  4. A platform that provides the needed collaboration tools  
  5. A federated information management platform.

Indeed, Salesforce is buying the platforms it needs and integrating them then, leveraging its strength in selling it to both technical and non-technical executives. On the other hand, Microsoft is starting from a position of technical strength and deep connection with the systems integrators. 

This is evident with the DXC agreement, which is a classic strategy. Leveraging larger SIs as a strategy to deliver a future digital workplace architecture, with Microsoft 365 and Teams (collaboration), Dynamics 365 (core systems), Power Platform (low code and automation), and Power BI (business intelligence).  

Related IBRS Advisory

The Latest

2 Dec 2020: Salesforce Signs Definitive Agreement to Acquire Slack. The forthcoming merger of Salesforce and Slack provides an avenue for a new operating system of how e-commerce organisations and companies grow and succeed in the digital space. The merger is anticipated to close in the second quarter of Salesforce’s fiscal year 2022. 

Why it’s Important

Salesforce has struggled to shore up offerings in the collaborative side of the business, which will evolve to be an important part of modern CRMs and ERPs, along with low code dev and integration for process automation and business intelligence tools for analytics. The planning acquisition of Slack rounds out Salesforce’s ‘magic four’ components of a modern digital workplace. 

The Slack acquisition aims at heading off increasingly strong competition from Microsoft’s Dynamics, the Power Platform, PowerBI, and Teams.

Who’s Impacted

  • CIOs
  • CFOs
  • COOs

What’s Next?

Consider your future digital workplace architecture based on these five high-level platforms: 

  • A platform consisting of central systems of record (e.g., CRM, ERP, etc.) in the Cloud or Cloud-like environments
  • An integration platform that surrounds the mentioned platforms 
  • A one (or likely two) low-code platform(s) 
  • A platform that provides the needed collaboration tools  
  • A federated information management platform 

Though these five platforms need not all come from the same vendor, nor even be made up of a single vendor’s solutions, Microsoft, Salesforce, and little-known Zoho are all vying for the entire set. The competition for the overall ‘Enterprise Digital DNA’ will heat up significantly through to 2025.  

IBRS expects Salesforce and possibly Microsoft to make new investments in information management platforms from 2021 to 2022. There will be rapid expansion, followed by feverish consolidation of the low code platform market.

Related IBRS Advisory

Subscribe

Want to get the latest papers from all our advisors? Subscribe, and we'll send you the information you need.

Invalid Input
Please enter a valid email address
Invalid Input
Please enter your mobile phone number
Invalid Input