Google Wave beta, the BITA view
I would like to welcome everyone back and hope your holidays were great. Consider this one those early January real world wake up calls reminding you that the holidays are over and it’s time to hit it again. It’s OK to have a heavy sigh of resignation now; I’ll wait until you’re finished… OK, now that you’re fully reengaged, I’ll move on.
A few weeks ago I became part of the Google Wave beta program. For those of you that don’t know what Google Wave is, I’ll summarize. It’s Google’s spin on what real-time threaded message collaboration should look like. For those of you who want a more robust description, I’ll provide a link here. For those of you who are more visual there is a YouTube video below.
I believe that Google sees it as the next generation of email. I think that is naïve at best. The current version of Wave tries to be all things to all people and is just too much for most people outside of a dedicated team collaboration scenario. For example, writing notes on paper preceded email by millennia. Yet it persists both in the form of paper notes as well as electronic text messages. I do think that Wave will offer some great opportunities for those of us in the business-IT alignment, or BITA, space. One of the core requirements for IT doing a better job of supporting their company’s core business processes is improved communication between IT and their customers. Any tool that makes that communication more effective is a good thing.
The best way to explain my point is through a simple example. An example wave is shown below. Since I am the only member of this hypothetical team I must ask for your understanding by imagining a larger group.
What you see is a threaded discussion much like you would see in Lotus Notes, Microsoft Groove or any one of several other discussion board tools. In this case, the wave is a new manufacturing requirement proposal document that IT needs to prepare. The initial entry for this thread is the general statement of what needs to be done. Subsequent statements hold the initial text for each of the three sections. The collaborators for each section can then begin to edit that text with supporting discussions as to why they made their changes to it.
The strength of Wave is the ability to see modifications as they are made and to engage in an instant messaging discussion as the process takes place (phone calls can work too but that isn’t very Web 2.0). You could be seeing text and discussions appearing in all three groups simultaneously in real-time by different people. It would be a little like having a real-time control room where you are watching a manufacturing activity taking place before your eyes. Such activity can become unmanageable very quickly without some ground rules, especially if the manufacturing group is included as collaborators. This doesn’t consider that the whole Wave platform is open source and can be extended to include all kinds of cloud-based tools.
To me it’s clear that for work of any complexity it makes sense to embed Wave into another application which will manage the workflow and constrain the flexibility of the Wave tool to something that is manageable for real world use. The good news is that such applications can be built fairly quickly or adapted from other existing applications.
I’m sure that Wave will evolve fairly quickly into something very useful for real business use. Then it just becomes a question of a company’s comfort level with using cloud-based tools for sensitive work. I hope you found this post useful. I can now say that I’m fully reengaged after my holidays. My heavy sigh follows…
A New Deal
I want to take a minute to wish all of you a very merry Christmas and a Happy New Year. As a Christian, I believe that this season represents receiving a new deal.
I believe that all of us were presented with the opportunity to accept a new contract to govern how we live our lives. Like all contracts, it has terms and conditions as well as benefits. Those terms and conditions can be a real burden sometimes but those benefits are worth it. I have to remember that it is up to me to keep my life in alignment with the terms of that contract. I talk a lot about business IT alignment but I never forget that staying aligned with this larger contract is the most important of all.
From us to all of you, may this season and the new year be your best ever.
Mike Pattison
Cloud Alignment – Part III (Security)
The purpose of this post is to address the issue of the security of cloud based applications from the perspective of the CIO of a midsize company. His focus would be primarily on prudent cost reduction opportunities. I will not attempt to provide an in depth technical discussion here. I will provide some useful links to such discussions. However, I don’t think a midmarket CIO, or CXO, would be well served by loosing himself in the technical details at this point. It’s all evolving too fast.
As I researched this topic I was initially amazed at the amount of information. After I thought about it for awhile I realized that this was a hot and rapidly evolving topic, so this volume of information is to be expected (and I’m contributing to it myself with this blog post). My research has been fairly extensive but not exhaustive. I could have easily made this a white paper taking months. It will also be dated fairly quickly. Like I said, this subject is changing quickly.
The first item of business is a definition of some useful terms. I will standardize on the definitions provided by NIST (National Institute of Standards and Technology). The link to those definitions is here and a link to a cloud computing overview is here. I like the NIST definition: “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” The other document at this site is a 92 page PowerPoint presentation. I think it is useful but lacks sufficient material in the speaker’s notes.
I am a big fan of Gartner’s Hype Cycle diagrams. Over the years I have found them to be a good way of representing the expectations we have of technology. I have included an overview below. A link to the Gartner site is here.
Every technology category is typically represented by a point on the curve. That point is color coded to indicate how fast it is moving through the cycle. If you want more details on this I encourage you to go to their site and sign up for their free registration. In Figure 1 I overlaid a red line on that section of the curve where I believe cloud computing is today based on Gartner’s predictions as well as other sources. We are clearly at or near a peak of enthusiasm and expectations for a new technology.
Figure 1 – Cloud computing expectations
One concern that I have is that when I have talked to people in midsize or small companies making a decision on how to use cloud computing all I hear about is the opportunity for cost reduction. That opportunity is real but the decision is not just about cost reduction. It’s also about risk exposure and that means security concerns. One document that details those risks is from ENISA (European Network and Information Security Agency). Its link is here. Be warned, this document is not for the faint of heart. It is large and detailed but does offer a comprehensive list of risks. Another less detailed source of cloud security insight is provided in an InfoWorld article on a Gartner report. Its link is here.
One thing to remember is that using cloud computing usually means virtualized applications made available over the internet. A useful but detailed discussion of virtualization can be found here. There are several types of virtualization risks such as attacks on the hypervisor, attacks on automated provisioning and problems in digital forensics due to mobile locations of virtual machines. Detailing each of these examples generate a significant amount of information and is beyond the scope of this post.
We should also briefly touch on the major players providing cloud based infrastructure and development environments. The three big names in these areas are the Google App Engine, the Amazon Elastic Compute Cloud (EC2) and Microsoft’s new Azure Platform. For these offerings, you rely on either secure data center operation or the security capabilities of their development tools. Cloud computing is new to most developers as well. Their skills in using these tools are still maturing, including security.
It would be easy to discuss various risks almost indefinitely. However, that wouldn’t address the main concern of making an informed decision on what to do with cloud computing now. As you can see from Figure 1, I placed a red line over the region of the curve which represents the earliest time for mainstream adoption. The period between where cloud computing is today and mainstream adoption starts is a time for trying out this technology. I recommend a trial that doesn’t involve sensitive company data but is non-trivial. Such a trial will provide insight into the management of cloud based infrastructure, applications and working with cloud vendors. It will provide an opportunity to gain experience in relative safety.
For example, I am part of the Google Wave beta program. If interested, check out this link or the Google site. In addition to that, I am working with Itensil on a new product which leverages Google Wave with its other existing products for collaborative, wiki-based consulting project work. For me it’s a great opportunity to learn more about using cloud computing to do something relevant for my business. That work could eventually lead to a significant competitive differentiator. For a business IT alignment consultant, it’s putting my money where my mouth is and aligning some cloud IT to my own business.
For a blog post, this one is long. As a discussion of the security of cloud based computing, it just scratches the surface. The recession has accelerated the adoption of cloud computing and the recovery will accelerate its adoption further. Midsize and smaller companies will be most of the early adopters of cloud technology along with a few large corporations. Security concerns will be the throttle that regulates the speed of adoption. As cloud security is resolved I think we are in for some very transformational times.
Thanks for stopping by and stay tuned for more…
Cloud Alignment – Part I
This is the first of a series of posts on cloud computing. This is a hot topic in the technology world yet it is also the source of much confusion. Before I start talking about cloud computing, I should provide you with my practical definition. My perspective is that of someone responsible for both IT and business operations within a larger “midsize” company. I don’t care about technology for technology’s sake but only for what it can do for my business. Given all of that my definition is:
“Cloud computing refers to beneficial software functionality delivered as services via the Internet. Those services reduce the demands on the company’s IT infrastructure, other than the capacity of the connection to the Internet.”
Its only value is to give me access to capabilities I didn’t have before for a price I can afford and/or to lower the costs of services already provided to my customers. The Wikipedia definition is provided here. There is much more material there but I believe it’s consistent with my definition above.
I also separate the cloud into two parts. There is that part of the cloud that provides my connection to a hosted application. It is composed of various routers, gateways and backbones but it basically my highway to the application. I’ll refer to that generically as the “pipe”. The other part is the hosting environment itself. It contains the application and data storage. I’ll refer to that environment generically as the “host”. This distinction will be important throughout the subsequent parts of this series.
My current plan for the series is:
Part I – Introduction and definitions (this part)
Part II – Cloud performance
Part III – Cloud security
Part IV – Cloud privacy (legal issues)
Part V – Conclusion
There is no shortage of material on cloud computing on the Internet and it’s not hard to find. Try not to get caught up in the hype. It’s easy to do. Remember, cloud computing in some form and by some name will be important to all of us in the future. It will be part of your business and IT strategic plan in the not too distant future. Stay tuned for more…
What is BITA Triage?
The purpose of this post is to try to articulate the reasons behind creating our new BITA Triage offering. It isn’t intended as an overt pitch for us but as an observation of the marketplace in general. First, we need to define the terms. Triage is a term used in the medical field to refer to the initial sorting out of patients based on need and available resources. A more complete definition can be found here. Next is BITA which stands for Business IT
Alignment. It struck me some time ago that many references to the notion of BITA had become somewhat negative about the concept, claiming it was ineffective or out of date. I disagree with that idea so I investigated where it came from.
To be clear, while I did a lot of reading of various materials, like Blog posts, articles and some books, I do not claim that my approach followed a rigorous methodology as used in statistically valid research projects. I do believe that my research was extensive enough to provide useful insight based on both anecdotal data and personal experience. After all, I intended to use it to make an informed business decision and investment. Some of the notable insight I gained was:
- Most opinions were based on comparing the formal theory of BITA frameworks to real life applications of those frameworks.
- The need of the author to attract readership by being somewhat controversial.
- Some authors are very passionate on the subject and are somewhat rigid in their definition of success.
- Several authors ignored or undervalued soft skills like relationships and communication.
From these observations and others I concluded that:
- Many perceived alignment problems stemmed from poor communications between key players in organizations.
- Our current offering, the SLR methodology, was too focused on quantitative analysis, like spreadsheets and simulations.
What was needed was an initial qualitative body of work which would quickly sort and prioritize the client’s needs and then rank them is some logical manner. From this I realized that the need I was describing was a form of Voice of the Customer (VOC) survey and analysis. A more complete definition is provided here. Essentially, the customers were the business process execution staff in a client’s organization. The product was the body of services offered by the IT organization which enables those business processes. From this it was obvious that the best approach would come from the quality and marketing worlds. The most appropriate tools are established practices like a VOC survey and Quality Function Deployment (QFD) analysis. Those would be combined with some methodology to assess the communication styles and coach the client’s key players on how to improve their communications effectiveness. The result was the BITA Triage offering. It is described here.
As I proof read this post I’m struck with the simplicity of the description of our approach contrasted with all the work to produce a competent offering. I think it was worth the effort and adds a valuable new dimension to our offerings. Only time will tell.
Thanks for your time and stay tuned for more…