IBRS interviews Dr Kevin McIsaac, a data scientist who frequently works with board-level executives to identify and prototype powerful data-driven decision support solutions.

Dr McIsaac discusses why so may 'big data' efforts fail, the role ICT plays (or rather, should not play) and the business-first data mindset.

IBRSiQ is a database of Client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

The government’s new tax incentives making it easier to depreciate software will help big businesses invest in their own software development but will do “bugger all” for Australian software companies and small and medium businesses, and may even create perverse incentives for large companies to invest in the wrong type of software, industry experts say.

IBRS advisor Joseph Sweeney, who works with numerous large organisations on their technology strategies said the policy was a positive step in recognising the need to increase development of a local digital services economy, but would do little to raise productivity in the small- and medium-sized business market, which accounts for half of Australia’s workforce. Dr Sweeney is midway through conducting a study into national productivity gains from Cloud services, and said the early data showed that introducing Software-as-a-Service solutions to small and mid-sized organisations was the quickest way to get tangible productivity gains.as
 
“By only allowing for offset in assets like CapEx in IT infrastructure and software, this policy has the potential to skew the market back towards on-premises solutions. It will certainly make the ‘total cost of operation’ calculations for moving to the Cloud less attractive,” Dr Sweeney said.
 

Conclusion

Whilst many enterprises have successfully implemented a bring your own device (BYOD) mobile policy, many have put this in the too-hard basket fearing a human resources (HR) backlash.

Revisiting the workplace mobile policy can reduce operating costs associated with device loss, breakages, and unwarranted device allocation. IT service delivery operating costs have been increasing annually as more sophisticated and expensive handsets hit the market. Meanwhile, mobile applications are creating increased security concerns which add to asset management and monitoring costs.

Now is the time to take stock and transform the organisation’s mobility space by creating a shared responsibility with staff. Mobile phone allowances are fast becoming the norm with a multitude of different models now being adopted. Choose the one that delivers cost savings across the board as there are both direct and indirect costs associated with each option.

Read more ...

Conclusion

The deployment of machine learning (ML) solutions across a broad range of industries is rising rapidly. While most organisations will benefit from the adoption of ML solutions, ML’s capabilities come at a cost and many projects risk failure. Deployment of ML solutions needs to be carefully planned to ensure success, to minimise cost and time, but also to deliver tangible results and assist decision-making.

Read more ...

Conclusion

With the growth of dependence on ICT for business to perform effectively, many organisations have increased risk associated with the ability of ICT to provide service continuity. ICT downtime means business is negatively impacted. Many organisations believe the DRP is a problem that is ICTs to solve. Whilst ICT will lead the planning and do a lot of the heavy lifting when a disaster occurs, it can only be successful with the assistance and collaboration of its business partners. It will be the business that sets the priorities for restoration and accepts the risk.

Both business and ICT need to be comfortable that the disaster recovery (DR) plan has been verified to ensure a reasonable expectation that recovery will be successful.

Read more ...

Conclusion

For organisations when there is stakeholder agreement the enterprise resource planning (ERP) solution has failed to meet business needs, act decisively to turn failure into success. Management must also be proactive, and act when the implementation cost has been fully amortised and deemed past its use-by date, or when vendors providing SaaS ERP solutions have not met their contractual and service delivery obligations. In all situations, it is important to be proactive and tell executive management what is being done about it.

Read more ...

Conclusion

This month, discussions regarding project investment have been prominent. In particular, increases attributed to the changing threat environment and the constant emergence of new technologies. The resultant digital initiatives help create new opportunities or mitigate issues that can have a cascading and negative impact throughout operations. A continuous cycle of project investment is beneficial to improve business processes, resolve operational difficulties, as well as accelerate digital transformation. By delivering more efficient and innovative operations, companies can address new and shifting technology goals and expectations.

Read more ...

Conclusion

The growing maturity of data handling and analytics is driving interest in data catalogues. Over the past two years, most of the major vendors in the data analytics field have either introduced or are rapidly evolving their products to include data cataloguing.

Data catalogues help data users identify and manage their data for processing and analytics. Leading data cataloguing tools leverage machine learning (ML) and other search techniques to expose and link data sets in a manner that improves access and consumability.

However, a data catalogue is only beneficial when the organisation already has a sufficient level of maturity in how it manages data and analytics. Data literacy (the skills and core concepts that support data analytics) must also be established in the organisation’s user base to leverage full benefits from the proposed data catalogue.

Organisations considering data catalogues must have a clear picture of how to use this new architecture, and be realistic in how ready they are to leverage the technology. Furthermore, different organisations have unique and dynamic data attributes, so there is no one-type-fits-all data catalogue in the marketplace.

Read more ...

Conclusion

Low-code solutions expand the entry-level for application development by enabling non-developers (a.k.a. citizen developers) and developers alike to create applications visually. Low-code platform solutions allow citizen developers to develop applications using WYSIWYG tools to create functional prototypes of applications that digitise special – often narrowly defined – business processes. This can be highly disruptive without clear policies (see ‘Non-techies Are Taking Over Your Developers’ Jobs – Dealing with the Fallout’). In addition, to avoid the Microsoft access problem of creating fragmented applications and processes, the ICT group needs to be involved in the selection of a low-code platform that provides not only eforms and workflow capabilities, but also governance features to avoid the chaos that can ensue from unfettered development.

Low-code platforms can be viewed as offering a spectrum of capabilities, as detailed in ‘How to Succeed with Eforms Part 1: Understand the Need'. To provide a smooth transition along the spectrum of development capabilities, organisations may either:

  • introduce a second developer-focused low-code platform, since many citizen-developer-focused solutions have insufficient capabilities for developers.
  • adopt a single, low-code platform that provides both the simplicity needed for citizen developers and the power needed for developers.

Read more ...

The Latest

29 April 2021: Cloud-based analytics platform vendor Snowflake has received ‘PROTECTED’ status under IRAP (Australian Information Security Registered Assessors Program).  

Why it’s Important

As IBRS has previously reported, Cloud-based analytics has reached a point in cost of operation and sophistication that it should be considered the de facto choice for future investments in reporting and analytics. However, IBRS does call out that there are sensitive data sets that need to be governed and secured to a higher standard. Often, such data sets are the reasons why organisations decide to keep their analytics on-premises, even if the cost analysis does not stack up against IaaS or SaaS solutions.

The irony here is that IT professionals now accept that even without PROTECTED status, Cloud infrastructure provides a higher security benchmark than most organisations on-premises environments.

However, security must not be overlooked in the analytics space. Data lakes and data warehouses are incredibly valuable targets, especially as they can hold private information that is then contextualised with other data sets.

By demonstrating IRAP certification, Snowflake effectively opens the door to working with Australian Government agencies. But it also signals that hyper-scale Cloud-based analytics platforms can not only offer a bigger bang for your buck, but greatly improve an organisation's security stance.

Who’s impacted

  • CDO
  • Data architecture teams
  • Business intelligence/analytics teams
  • CISO
  • Public sector tech strategists

What’s Next?

Review the security certifications and stance of any Cloud-based analytics tools in use, including those embedded with core business systems, and those that have crept into the organisations via shadow IT (we are looking at you, Microsoft PowerBI!). Match these against compliance requirements for the datasets being used and determine if remediation is required.

When planning for an upgraded analytics platform, put security certification front and centre, but also recognise that like any Cloud storage, the most likely security breach will occur from poor configuration or excess permissions.

Related IBRS Advisory

  1. Key lessons from the executive roundtable on data, analytics and business value
  2. VENDORiQ: AWS Accelerates Cloud Analytics with Custom Hardware
  3. IBRSiQ: AIS and Power BI Initiatives
  4. VENDORiQ: Snowflakes New Services Flip The Analytics Model

The Latest

7 May 2021: Analytics vendor Qlik has released its mobile client Qlik Sense Mobile for SaaS. During the announcement, Qlik outlined how the new client enables both online and offline analytics and alerting. The goal is to bring data-driven decision-making to an ‘anywhere, anytime, any device’ model. 

Why it’s Important

While IBRS accepts that mobile decision support solutions will be of huge value to organisations, this needs to be tempered with an understanding that not all decisions should be made in all contexts. There is a very real danger that in the hype surrounding analytics, people will start making decisions in less than ideal contexts. Putting decision support algorithms (i.e. agents), KPI dashboards and simply modelling tools on mobile devices will likely be the next wave of analytics. In short, mobile big data/AI driven solutions that support specific, narrow mobile work tasks will be a very big deal in the near future.

However, creating and diving into data - that is, data exploration - is or should be, a process rooted in deep, careful, considered scientific thinking. That is a cognitive task that is not well suited to a mobile device experience. This is not just due to the form factor, but also the working context. Such deep thinking requires focus that a mobile work context does not provide.

As organisations embrace self-service analytics and more staff are engaged in creating and consuming visualisations and reports, data maturity will become an increasingly important consideration. However, data literacy is not just a set of skills to learn: it requires a change in culture and demands staff become familiar with rigorous models of thinking. It also requires honest reflection, both of the organisation’s activities and individually. 

While mobile analytics will be a growing area of interest, it will fail without a well-structured program to grow data literacy within the organisation and without granting staff the time and appropriate work spaces to reflect, explore and challenge their assumptions using data.

Who’s impacted

  • CDO
  • HR directors
  • Business intelligence groups

What’s Next?

Organisations should honestly assess staff data literacy maturity at a departmental and whole or organisation level. Armed with this information, a program to grow data literacy maturity can be developed. The deployment of data analytics tools, and indeed data sets, should coincide with the evolution of data literacy within the organisation. 

Related IBRS Advisory

  1. Staff need data literacy – Here’s how to help them get it
  2. When Does Power BI Deliver Power to the People?
  3. The critical link between data literacy and customer experience

The Latest

28 April 2021:  AWS has introduced AQUA (Advanced Query Accelerator) for Amazon Redshift, a distributed and hardware-accelerated cache that, according to AWS, “delivers up to ten times better query performance than other enterprise Cloud data warehouses”.

Why it’s Important

AWS is not the only vendor that offers distributed analytics computing. Architectures from Domo and Snowflake both make use of elastic, distributed computing resources (often referred to as nodes) to enable analytics over massive data sets. These architectures not only speed up the analytics of data, but also provide massively parallel ingestion of data. 

By introducing AQUA, AWS has added a layer of specialised, massively parallel and scalable cache over its Redshift analytics platform. This new layer comes at a cost, but initial calculations suggest it is a fraction of the cost of deploying and maintaining traditional big data analytics architecture, such as specialised BI hyperconverged appliances and databases.

Given the rapid growth in self-service data analytics (aka citizen analytics) organisations will face increasing demands to provide analytics services for increasing amounts of both highly curated data, and ‘other’ data with varied levels of quality. In addition, organisations need to consider a plan for rise in non-structured data. 

As with email, we have reached a tipping point in the demands of performance, complexity and cost where Cloud delivered analytics outstrip on-premises in most scenarios. The question now becomes one of Cloud architecture, data governance and, most important of all, how to mature data literacy across your organisation.

Who’s impacted

  • Business intelligence / analytics team leads
  • Enterprise architects
  • Cloud architects

What’s Next?

Organisations should reflect honestly on the way they are currently supporting business intelligence capabilities, and develop scenarios for Cloud-based analytics services. 

This should include a re-evaluation of how adherence to compliance and regulations can be met with Cloud services, how data could be democratised, and the potential impact on the organisation. BAU cost should be considered, not just for the as-in state, but also for a potential future states. While savings are likely, such should not be the overriding factor: new capabilities and enabling self-service analytics are just as important. 

Organisations should also evaluate data literacy maturity among staff, and if needed (likely) put in place a program to improve staff’s use of data.

Related IBRS Advisory

  1. IBRSiQ: AIS and Power BI Initiatives
  2. Workforce transformation: The four operating models of business intelligence
  3. Staff need data literacy – Here’s how to help them get it
  4. The critical link between data literacy and customer experience
  5. VENDORiQ: Fujitsu Buys into Australian Big Data with Versor Acquisition

The Latest

29 April 2021: Microsoft briefed analysts on its expansion of Azure data centres throughout Asia. By the end of 2021, Microsoft will have multiple availability zones in every market where it has a data centre.

The expansion is driven in part by a need for additional Cloud capacity to meet greenfield growth. Each new availability zone is, in effect, an additional data centre of Cloud services capability.

However, the true focus is on providing existing Azure clients with expanded options for deploying services over multiple zones within a country.  

Microsoft expects to see strong growth in organisations re-architecting solutions that had been deployed to the Cloud through a simple ‘lift and shift’ approach to take advantage of the resilience granted by multiple zones. Of course, there is a corresponding uplift in revenue for Microsoft as more clients take up multiple availability zones.

Why it’s Important

While there is an argument that moving workloads to Cloud services, such as Azure, has the potential to improve service levels and availability, the reality is that Cloud data centres do fail. Both AWS and Microsoft Azure have seen outages in their Sydney Australia data centres. What history shows is organisations that had adopted a multiple availability zone architecture tended to have minimal, if any, operational impact when a Cloud data centre goes down.

It is clear that a multiple availability zone approach is essential for any mission critical application in the Cloud. However, such applications are often geographically bound by compliance or legislative requirements. By adding additional availability zones within countries throughout the region, Microsoft is removing a barrier for migrating critical applications to the Cloud, as well as driving more revenue from existing clients.

Who’s impacted

  • Cloud architecture teams
  • Cloud cost / procurement teams

What’s Next?

Multiple available zone architecture can be considered on the basis of future business resilience in the Cloud. It is not the same thing as ‘a hot disaster recovery site’ and should be viewed as a foundational design consideration for Cloud migrations.

Related IBRS Advisory

  1. VENDORiQ: Amazon Lowers Storage Costs… But at What Cost?
  2. Vendor Lock-in Using Cloud: Golden Handcuffs or Ball and Chain?
  3. Running IT-as-a-Service Part 49: The case for hybrid Cloud migration

IBRSiQ is a database of Client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

IBRSiQ is a database of Client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.

Read more ...

The Latest

09 April 2021: During its advisor business update, Fujitsu discussed its rationale for acquiring Versor, an Australian data and analytics specialist. Versor provides both managed services for data management, reporting and analytics. In addition, it provides consulting services, including data science, to help organisations deploy big data solutions.

Why it’s Important

Versor has 70 data and analytics specialists with strong multi-Cloud knowledge. Fujitsu’s interest in acquiring Versor is primarily tapping Versor’s consulting expertise in Edge Computing, Azure, AWS and Databricks. In addition, Versor’s staff have direct industry experience with some key Australian accounts, including public sector, utilities and retail, which are all target sectors for Fujitsu. Finally, Versor has expanded into Asia and is seeing strong growth. 

So from a Fujitsu perspective, the acquisition is a quick way to bolster its credentials in digital transformation and to open doors to new clients. 

This acquisition clearly demonstrates Fujitsu’s strategy to grow in the ANZ market by increasing investment in consulting and special industry verticals.  

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Given its experienced staff, Versor is expected to lead many of Fujitsu’s digital transformation engagements with prospects and clients. Fujitsu’s well-established ‘innovation design engagements’, are used to explore opportunities with clients and leverage concepts of user-centred design. Adding specialist big data skills to this mix makes for an attractive combination of pre-sales consulting.

Related IBRS Advisory

  1. The new CDO agenda
  2. Workforce transformation: The four operating models of business intelligence
  3. VENDORiQ: Defence Department Targets Fujitsu for Overhaul

The Latest

16 April 2021: BMC has released a new edition of its Helix Platform, which leverages machine learning algorithms to support AI-driven IT operations (AIOps) and AI-driven service management (AISM) capabilities. The introduction of these algorithmic features enable IT service and operations teams to predict and resolve issues more effectively.

Why it’s Important

The use of algorithms to both categorise and predict events in IT operations is a growing trend. Such AI capabilities will be increasingly embedded in existing IT operations suites. As vendors enter a new ‘AI-powered’ competitive phase, these new AI capabilities will be included as part of regular upgrades and maintenance, rather than as add-on components.

Getting value from the new AI capabilities requires planning very human responses.  

For example, the predictive capabilities of algorithms, especially when using multi-organisational data, can provide op teams with alerts well in advance of problems becoming apparent. But unless op teams are resourced and given budget to respond to such ‘predictive maintenance’ issues, these predictive capabilities will be relegated to little more than an alarm clock with a snooze button. 

Likewise, the ability to correctly leverage and continually train advisory from resolution support algorithms, will demand both training of, and input from, the support team. The algorithms are only as good as the information and the contexts they can draw on. Support team people play an intimate role in ensuring the right information is selected for training the algorithm and, most importantly, the right contexts. This is especially pertinent as virtual agents (chatbots) are introduced for self-help capabilities.

Who’s impacted

  • CIO
  • IT operations staff
  • Support desk

What’s Next?

Begin to track the new AI capabilities available in IT operations support platforms, not just for the platforms used by your organisation, but in the competitive landscape. While there is no critical priority to adopt AI-powered IT operations or service management capabilities (just yet), it is important to understand what is coming and what may already be available as part of your current licensing agreements.

Assemble a working group to explore how AI capabilities could positively impact IT operations and service management, and the changes in process and roles that would be required to leverage them.

In short, start planning for AI-powered operations and a service management future.

Related IBRS Advisory

  1. Running IT-as-a-Service Part 55: IBRS Infrastructure Maturity Model
  2. Sustaining efficiency gains demands architecture risks mitigation Part 2
  3. Artificial intelligence Part 3: Preparing IT organisations for artificial intelligence deployment
  4. IBRSiQ: Approach to identifying an ITSM SaaS Provider

Conclusion

Even well-articulated and documented cyber incident response plans can go astray when a cyber incident actually happens. Experience shows the best plans can fail spectacularly. In this special report, IBRS interviews two Australian experts of startups in the field of cyber incident response, and uncovered the better practices for keeping your incident response plans real.

Read more ...

The Latest

18 March 2021: Veeam released a report which suggests that 58% of backups fail. After validating these claims, and from the direct experiences of our advisors who have been CIOs or infrastructure managers in previous years, IBRS accepts there is merit in Veeam’s claim.

The real question is, what to do about it, other than buying into Veeam’s sales pitch that its backups give greater reliability?

Why it’s Important

Sophisticated ransomware attacks are on the rise. So much so that IBRS issued a special alert on the increasing risks in late March 2021. Such ransomware attacks specifically target backup repositories. This means creating disconnected, or highly-protected backups is more important than ever. The only guarantee for recovery from ransomware is a combination of well-structured backups, coupled with a well-rehearsed cyber incident response plan. 

However, protecting the backups is only useful if those backups can be recovered. IBRS estimates around 10-12% of backups fail to fully recover, which is measuring a slightly different, but more important situation than touted by Veeam. Even so, this failure rate is still far too high, given heightened risk from financially-motivated ransomware attacks.

Who’s impacted

  • CIO
  • Risk Officers reporting to the board
  • CISCO
  • Infrastructure leads

What’s Next?

IBRS has identified the ‘better-practice’ from backup must include regular and unannounced, practice runs to recover critical systems from backups. These tests should be run to simulate as closely as possible to events that could lead to a recovery situation: critical system failures, malicious insider and ransomware. Just as organisations need to rehearse cyber incident responses, they also need to thoroughly test their recovery regime. 

Related IBRS Advisory

  1. Maintaining disaster recovery plans
  2. Ransomware: Don’t just defend, plan to recover
  3. Running IT-as-a-Service Part 59: Recovery from ransomware attacks
  4. Ransomware, to pay or not to pay?
  5. ICT disaster recovery plan challenges
  6. Testing your business continuity plan

The Latest

28 March 2021: MaxContact, vendor of a Cloud-based call-centre solution, announced it is supporting integration of Teams clients. Similar vendors of call centre solutions have announced or are planning similar integration with Teams and/or Zoom. In effect, the most common video communications clients are becoming alternatives to voice calls, complete with all the management and metrics required by call centres. 

Why it’s Important

The pandemic has forced working from home, which has in turn positioned video calling as a common way to communicate. There is an expectation that video calling, be it on mobile devices, desktop computers or built into televisions, will become increasingly normalised in the coming decade. Clearly call centres will need to cater for clients who wish to place calls into the call centre using video calls.

But there is a difference between voice calls and video that few people are considering (beyond the obvious media).  That is, timing of video calls is generally negotiated via another media: instant messaging, calendaring, or meeting invites. In contrast, the timing for voice calls are far less mediated, especially when engaging with call centres for service, support or sales activities.

For reactive support and services, video calls between a call centre and a client will most likely be a negotiated engagement, either instigated via an email or web-based chat agent. Cold-calling and outward bound video calls is unlikely to be effective.

The above has significant implications for client service and support processes and call centre operations.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

The adoption of video calls by the masses is here to stay. Video calling is not a fad, but it will take time to mature. 

Having video support and services available as part of the call centre mix is likely to be an advantage, but only if its use makes sense in the context of the tasks and clients involved.  

Organisations should begin brainstorming the potential usage of video calls for serving. However, adding video calling to the call centre is less of a priority than consolidating a multi-channel strategy and, over time, an omnichannel strategy.  

Related IBRS Advisory

  1. Better Practice Special Report: Microsoft Teams Governance
  2. Evolve your multichannels before you try to omnichannel
  3. VENDORiQ: CommsChoice becomes Australia's first vendor of Contact Centre for Microsoft Teams Direct Routing

The Latest

28 March 2021: AWS has a history of periodically lowering the costs of storage. But even with this typical behaviour, its recent announcement of an elastic storage option that shaves 47% off current service prices is impressive. Or is it?

The first thing to realise is that the touted savings are not apples for apples. AWS’s new storage offering is cheaper because it resides in a single-zone, rather than being replicated across multiple zones. In short, the storage has a higher risk of being unavailable, or even being lost by an outright failure. 

Why it’s Important

AWS has not hidden this difference. It makes it clear that the lower cost comes from less redundancy. Yet this architectural nuance may be overlooked when looking at ways to optimise Cloud costs.

One of the major benefits of moving to Platform-as-a-Service offerings is the increased resilience and availability of the architecture. Cloud vendors, including AWS, do suffer periodic failures within zones. Examples include the AWS Sydney outage in early 2020 and the Sydney outage in 2016 which impacted banking and e-commerce services.  

But it is important to note that even though some of Australia’s top companies were effectively taken offline by the 2016 outage, others just sailed on as if little had happened. The difference is how these companies had leveraged the redundancies available within Cloud platforms. Those that saw little impact to operations when the AWS Sydney went down had selected redundancies in all aspects of their solutions.

Who’s impacted

  • Cloud architects
  • Cloud cost/contract specialists
  • Applications architects
  • Procurement leads

What’s Next?

The lesson from previous Australian AWS outages is that organisations need to carefully match the risk of specific application downtime. This new announcement shows that significant savings (in this case 47%) are possible by accepting a greater risk profile. However, while this may be attractive from a pure cost optimisation/procurement perspective, it also needs to be tempered with an analysis of the worst case scenario, such as multiple banks being unable to process credit card payments in supermarkets for an extended period.

Related IBRS Advisory

  1. VENDORiQ: AWS second data centre in Australia
  2. Post COVID-19: Four new BCP considerations
  3. Running IT-as-a-Service Part 55: IBRS Infrastructure Maturity Model

Conclusion

At 21.7 per cent, staff attrition within the Australian Information Technology (IT) sector is unsustainably high. Staff recognition can be defined as the action or process of recognising employees for the work completed through words and gratitude1. Over the past five years, globally, organisations have increased their focus and investment on employee reward and recognition.

However, despite this increased focus, research shows that recognition is not occurring as often as it should be, as only 61 per cent of employees feel appreciated in the workplace1. Research also shows that even when recognition is provided for employees, it is not executed well or enacted correctly 1/3 of the time.

Organisational development and human resource studies demonstrate that reward and recognition programs commonly do not resonate or hit the mark for employees, if they are: not authentic and sincere2, only provided in a single context, or are based on award criteria that is overly complex or unattainable3.

This paper covers how leaders and organisations can recognise and then subsequently avoid these three common pitfalls, to maximise the investment into employee reward and recognition programs and efforts.

Read more ...

Conclusion

Traditionally, vendor lock-in was associated with deliberate vendor-driven outcomes, where software and hardware forced the client to align their business processes to those offered by a specific software or ICT platform. Vendor lock-in often limited the flexibility of organisations to meet business needs as well as increasing costs. As a result, information and communication technology (ICT) was often seen as a limiting factor for business success when agility was needed. Historically, vendor lock-in was therefore seen as a negative. Poor timing, bad decisions and clumsy procurement practices may still see organisations fall into unwanted vendor lock-in situations. But is vendor lock-in always a negative?

Read more ...

Conclusion

Many security incidents are having major impacts on organisations. In too many cases these are left to the information technology teams to handle.

Yet the group most responsible for an organisation’s continued survival and growth is the chief officer (CxO) group. Incident response therefore ultimately resides with this group. In order to develop the ability to handle a major attack on an organisation, it is imperative that the CxO group also become familiar with responding to cyber security events.

This can be done by running tabletop exercises that then become the basis for building more detailed plans around communications, crisis management, and the organisation’s preparedness.

Read more ...

Conclusion

This month, discussions regarding customer and employee experience solutions have been prominent. New remote working models have driven demand for products and services which support improved customer and employee experience solutions. Customer engagement services that can align business goals and needs with IT services and infrastructure are required to avoid the implementation of solutions that interfere with business processes. Data science tools, solutions and a combination of information from different sources can help vendors retain a focus on customer metrics that drive business growth. They also help to manage operations, supply chain issues and provide a greater understanding of changes underlying customer and employee behaviours.

Read more ...

Conclusion

Virtual desktop infrastructure (VDI) is suitable for addressing a range of business challenges. As VDI has evolved over the past decade, understanding of use-cases for where is best applied has also matured. In this paper, we explore the use-cases where VDI has been most successful.

Read more ...

Conclusion

Major increases in demand for ICT and business professional employment in the year 2020 have been reported, despite the economic downturn. These increases are important to note as they signal a post-pandemic increase in ICT investment in the year 2021 and in future years to support enhanced business systems and demand (user) computing.

To complicate matters a survey of Australian CIOs indicated that it will be more challenging to find qualified technology employees in 2021 compared to pre-pandemic market conditions. Unless recruitment programs are well thought out, the inability to recruit the right people will stifle plans to take advantage of ICT growth opportunities in 2021.

Read more ...

Conclusion

The COVID-19 pandemic has, in many cases, forced the workforce environment to shrink to the walls of worker’s houses for at least nine months. While some services such as shopping, online learning and telemedicine proved to be useful when made available remotely, many other services were not suitable to run effectively outside the traditional work environment (e. g. those with inadequate network capacity). Organisations should study the feasibility and cost-effectiveness of deploying additional remote services that are critical to improve business performance, increase service efficiency and reduce the cost of doing business.

Read more ...

Conclusion

The decision to integrate machine learning (ML) into systems and operations is not one that is made lightly. Aside from the costs of acquiring the technology tools, there are added considerations such as staff training and the expertise required to improve ML operations (MLOps) capabilities.

An understanding of the ML cycle before deployment is key. Once requirements and vision are defined, the appropriate tools are acquired. ML specialists will then analyse and perform feature engineering, model design, training, and testing and deployment. This is also known as the dev loop. At the implementation stage, the ML model is deployed and the application is subsequently refined and enhanced. The next stage is the monitoring and improving stage where the organisation refines the model and evaluates the ROI for its data science efforts. This stage triggers the retraining of the model through data drift and monitoring.

Read more ...

Conclusion

DevOps, business intelligence (BI) and data, machine learning (ML) and artificial intelligence (AI) are all driving rapid change within IT departments. The challenge will be finding Cloud certified people to meet the rising demand.

Leaders have two main choices. Upskill their existing teams, or embark on a recruitment campaign that brings in Cloud certified professionals to manage Cloud migration and provide the ongoing support and optimisation needed to bring the full value of Cloud to IT operations.

For organisations who suddenly realise how far they are behind on the Cloud value curve, pressure will mount to deliver results quickly. Make sure staff are certified and ready to address your hybrid or multi-Cloud environments.

Read more ...

The Latest

18 March 2021: Zoho is a privately held, Indian, Cloud-based CRM vendor that has grown rapidly internationally. It has just turned 25 years old. While it’s CRM suite is not as sophisticated as that of SalesForce, it is supported by a suite of low-code development tools and marketing-oriented modules for small to mid-sized business.

zoho timeline

Why it’s Important

IBRS has noted that many Australian organisations - in particular the public sector - are only short-listing Salesforce and Dynamics for modern CRM. This is often due to the research into available CRMs being exclusively limited to vendors in leading positions on US-focused market research papers, or advice from consultancies that only refer to such public materials.

To ensure the best suite at the best cost-point is selected, IBRS strongly recommends that the following be considered during the shortlisting process: 

  1.  Be sure to explore niche CRM products, as some of these may have a better fit or specific industry sector focus that can deliver benefits more quickly and at significantly lower costs than the leading products. Just because a solution as complex as a CRM is leading the market, does not mean it is necessarily the best for your organisation.
  2. When reading international reports, keep in mind that North America and Europe have different technology market ecosystems to Australia. In particular, skills availability (and therefore costs) differ. Be sure to factor in local issues.
  3. Carefully consider your starting point. How complex is your software environment? Factor your organisation’s networking infrastructure and the integration requirements both immediate and longer term.
  4. Leverage the channel capabilities and skills of local implementation partners. Implementation partners play a significantly greater role in a CRM’s successful implementation than the product itself. It is therefore vital that buyers not only consider the product in question, but also the available partners. 

The ultimate impact of limiting modern CRM (and related digital services) to the major vendors is that organisations may find themselves paying for far more than they need in a system, while also introducing more complexity into business operations than is necessary. 

IBRS is not suggesting that Zoho (or any of the other niche CRMs from the myriad available) is right for your organisation. Salesforce and Dynamics are exceptional products. However, many organisations do not need exceptional: they simply need more than good enough for their current and future needs, and they need it quickly and at the right cost point.

Who’s Impacted

  • CIO
  • Digital platform leads
  • Procurement teams
  • Business units executives

What’s Next?

Shortlists are critical for keeping procurement agile and within scope. However, do not short-change the shortlisting process by relying on generic reports that do not factor in:

  • specific industry needs
  • the Australian context
  • local channels and skills 

Related IBRS Advisory

  1. Trends for 2021-2026: No New Normal and Preparing For the Fourth-wave of ICT
  2. VENDORiQ: Salesforce Introduces Hyperforce
  3. Salesforce vs Dynamics
  4. CRM Modernisation Part 5: Microsoft Dynamics vs Salesforce Total Cost of Service
  5. IBRSiQ: Can IBRS Review Our Dynamics365 (D365) Licensing Calculations?

 

The Latest

23 March 2021: ServiceNow has signed an agreement to purchase robotic process automation vendor, Intellibot. The deal will see Indian-based Intellibot, which was founded in 2015, embedded into the ServiceNow platform. 

Why it’s Important

RPA is rapidly becoming merged within the low-code everything ecosystem. ServiceNow’s planned investment in buying into RPA is not surprising: other low-code vendors, such as Nintex, have already secured their RPA solutions through acquisition. Buyers of standard-alone RPA solutions can expect more acquisitions, followed by rapid market consolidation in 3-5 years time. 

Who’s Impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Expect RPA to play an increasing role in areas such as customer account creation and management, customer verification, employee on-boarding and off-boarding, data extraction and migration, and claims and invoice processing, among others.

Related IBRS Advisory

  1. Exploring Robotic Process Automation
  2. How Can AI Reimagine Your Business Processes?
  3. Cloud Low-code Vendor Webflow Secures US$140 Million
  4. Aussie Vendor Radar: Nintex Joins the Mainstream Business Process Automation Vendor Landscape
  5. SNAPSHOT: A Robotic Process Automation Infographic

The Latest

20 March 2021: GorillaStack has released capabilities that allows it to monitor and apply governance rules to any external service that communicates with AWS EventBridge.

Why it’s Important

GorillaStack is one of the earliest vendors to address the complexities of Cloud cost management, having started in Australia in 2015 and moved to having strong growth in the international market. In May 2020, GorillaStack was acquired by the switzerland-based SoftwareOne.

Like its international competitors, GorillaStack moved from helping organisations monitor and optimise their Cloud spend, to monitoring the Cloud ecosystems for performance and security concerns. This recent announcement suggests that the next phase of growth for organisations in the Cloud cost optimisation space is not only to detect events in Cloud infrastructure, but also external services, and then apply rules to perform specific actions on those events. Such rules can not only automatically help reduce Cloud spend by enforcing financial governance directly into the Cloud infrastructure, but also helping to enforce security rules.

Who’s Impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Cloud cost optimisation is already an important discipline for organisations with mature Cloud teams. Like software asset management (SAM), tools alone will not see organisations optimise their expenditure on Cloud services. An understanding of the disciplines required and setting up appropriate rules is needed. In addition, IBRS notes that many less-mature organisations have a ‘sprawl’ of Cloud services that need to first be identified and then reigned in before cost optimisations products can be fully effective. 

Related IBRS Advisory

  1. New Generation IT Service Management Tools Part 2: Multi-Cloud Management
  2. How to Get on Top of Cloud Billing
  3. Sourcing Monthly April 2020 – May 2020

The Latest

27 March 2021: Google has announced programs with two US-based insurance companies where clients taking up Google Cloud Platform security capabilities will receive discounts on cyber insurance premiums. 

Why it’s Important

The number of serious cyber incidents is on the increase and insurance premiums in the US have tripled over the last two years. Having a cyber incident response plan in place helps mitigate the risks and reduces the recovery time from a cyber incident, but also contributes to lowering the premium for cyber insurance. It is akin to having fitted window locks to a house, lowering insurance premiums in certain circumstances.

Google’s security posture, and threat assessment services, and services to manage security incidents effectively are sufficient to both reduce the frequency of security incidents and lessen their impact. Insurance actuaries see the benefit in such services and have determined there are savings to be made by the lower risk and risk mitigation profiles. 

Notwithstanding any special programs brokered between Cloud vendors and insurers, being able to demonstrate both a strong security posture and, importantly, an incident response plan will drive down an organisation's premiums, especially as insurance companies are inserting their own teams into incident response situations. 

Who’s Impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

If not already done, organisations should undertake a cyber risk assessment and implement a cyber incident response plan backed by appropriate cyber insurance. 

Related IBRS Advisory

  1. Improving Your Organisation’s Cyber Resilience
  2. Incident Response Planning: More Than Dealing with Cyber Security Breaches and Outages
  3. How Does Your Organisation Manage Cyber Supply Chain Risk?
  4. Why You Need a Security Operations Centre

Conclusion:

While some bots may be benign, many are engaged in unscrupulous behaviour, such as stealing valuable commercial data or attempting to obtain access illegitimately. At best, bots are a drain on an organisation's resources, increase demands on infrastructure and causing the expenditure of resources, pushing up costs. In the worst case, they represent a significant cyber threat.

IBRS interviewed experts in the field of bot defence: Craig Templeton, CISO and GM Tech Platforms with REA Group and Sam Crowther, developer of the Kasada bot defence platform.

Read more ...

The Latest

9 March 2021: Dropbox has acquired DocSend for US$165 million. This is a welcome addition to managing the risks associated with information management in a collaborative environment. 

Why it’s Important

Dropbox’s acquisition is not about organic growth, as DocSend’s client base of 17,000 users is dwarfed by Dropbox’s estimated 600 million. The deal is more about positioning Dropbox against the likes of Adobe Document Cloud, by allowing organisations to track what happens to information once it is shared. Being able to manage and track document access is a critical aspect of modern, enterprise-grade file sharing which is needed for secure collaboration. It is a feature missing in most collaborative platforms - at least out of the box. 

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

Being able to manage access and track who’s accessed a document is a good start for closing the governance issues of most collaborative platforms (e.g. Teams, Slack, Zoom, Zoho, etc.)  However, organisations should look at adopting a zero trust model for information assets, involving identity management linked to access controls and an ‘encrypt everything by default’ mentality.  

Related IBRS Advisory

  1. Did Dropbox just break knowledge management?
  2. IBRS survey exposes Teams risk - The Australian - 21 January 2021
  3. Microsoft Teams governance: Emerging better practices
  4. Data loss by the back door, slipping away unnoticed
  5. Workforce transformation Part 2: The evolving role of folders for controlled collaboration

The Latest

11 March 2021: Talend, a big data / data integration solutions vendor, has signed an MOU to be acquired by private equity giant Thomas Bravo for US$2.4 billion, representing a nearly 30% premium on its current share price. 

Why it’s Important

Talend has been aggressive with the development of its solutions in the last few years, in particular in the area of managing data quality. During one-on-one briefings with IBRS, the company has demonstrated considerable flexibility in its roadmap and the willingness, and agility, to take cues of the emerging needs of clients.

Conventional wisdom is that once tech firms get subsumed by private equity, innovation declines as business drive turns to ‘rent seeking’ behaviour. This is especially true for funds that have a portfolio of well-established (legacy) technologies. A review of Thomas Bravo’s current and prior investments places Talend in a fund that previously held the likes of Attachmate and Compuware. Attachmate (now owned by Micro Focus) was seen to be aggressive with audits during the period it was owned by Thomas Bravo. On the surface, this could be cause for concern about the future direction of Talend.  

However, there are significant differences. Talend has a growing user base, is positioned in a market segment that is still evolving and has at least a decade of product innovation to come.  

Who’s impacted

  • CIO
  • Business intelligence / big data teams
  • Data management leads
  • Procurement 

What’s Next?

Over the next half-decade, an acquisition of Talend by Thomas Bravo is likely to deliver a continued commitment to market-led innovation. There is enough head-room for the fifteen-year old Talend to continue deploying new capabilities at pace that keeps clients happily buying more services.  

However, as the market for big data management solutions matures - especially shared data catalogues - pressure may start to mount for Talend to refocus on extracting more revenue from clients with proportionally less investment in development. Yes, that is a worst-case scenario, and it is not unique to Talend nor its deal with Thomas Bravo.  

Even so, organisations looking to invest in big data management solutions need to be viewing their investment futures over a decade. Such solutions quickly become fundamental platforms for the business and will be difficult (and expensive) to replace as they become increasingly embedded. Keep the long-term scenario in mind. 

Related IBRS Advisory

  1. Power BI is driving data democratisation: Prepare now
  2. Why investing in data governance makes good business sense
  3. Key lessons from the executive roundtable on data, analytics and business value
  4. Machine learning will displace “extract, transform and load” in business intelligence and data integration
  5. IBRSiQ: Can IBRS provide input into suitable reporting systems using primarily in-system data, but not excluding third party?

The Latest

9 March 2021: The Australian Defence Department has inked a deal with Fujitsu, Leido and KBR to blitz its ageing network and end-user computing environment in a program of work thought to be worth around AU$200 million.

Why it’s Important

Fujitsu is not the first vendor that comes to mind when thinking about end-user computing overhauls. However, in the world of highly secure workplaces, vendors such as Fujitsu and Unisys have unique offerings and experiences. Even if not using these vendor’s capabilities, the critical components of the security architecture are worth noting by organisations that need to protect information assets with an increasingly mobile or distributed workforce. 

Who’s impacted

  • End-user computing / digital workspace architects
  • Security teams

What’s Next?

With remote working no longer a choice, but a business continuity issue, organisations need to rethink traditional approaches to securing information assets and people when planning for the next upgrade of end-user computing. Identity management, contextual access control and encryption of information assets are three essential pillars of a modern, secure digital workspace. Building upon these pillars, organisations can look towards zero trust approaches and adopt emerging new techniques for detecting issues and protecting the organisation, such as embodied in products for user, entity and behavioural analytics (UEBA).

Related IBRS Advisory

  1. Architecting identity and access management
  2. Embracing security evolution with zero trust networking
  3. Trends for 2021-2026: No new normal and preparing for the fourth-wave of ICT

Conclusion:

Involving end-users in the software development cycle isn’t a new concept, yet reportedly, 78 per cent of IT project professionals believe business stakeholders need to be more involved in and engaged with the requirements process1. Commonly, software development project managers report problems with end-users’ ability to learn and use the new system and/or the end-users’ perceived quality of system functionality. While usability testing is meant to be a safeguard for system ease-of-use, user acceptance testing is designed to be a safeguard for the development of quality functionality. Both play a different role in the software development lifecycle.

This paper covers the differences between usability testing with end-users and user acceptance testing, also conducted with end-users and why both are equally important for the software development success.

Read more ...

Subscribe

Want to get the latest papers from all our advisors? Subscribe, and we'll send you the information you need.

Invalid Input
Please enter a valid email address
Invalid Input
Please enter your mobile phone number
Invalid Input