Copyright © 2002 John Zipperer unless indicated otherwise.
(05/01/02) Speaking to the chief of Divine Inc. can be a bit disconcerting. See, whenever I think of Andrew "Flip" Filipowski and the company he heads as Chairman and CEO, I remember the photo of him that accompanied his Internet World Interview ["Flip Filipowski," July 1, 2000, p. 60]. Looking like an aging baby boomer who had checked out of bourgeois life to pursue time on the beach, he's shown staring off into the distance, a multi-colored hat pulling his greying hair back from his face.
But he was no refugee from reality; in fact he remained in Chicagoland to carry out his mission with divine interVentures to "spread Internet wealth across the heartland," as we wrote about him then. Similarly, he's no refugee from the modern business world, which is what divine proves today and which brings us back to the disconcerting effort of reconciling his A.D. 2000 headgear with his clear-eyed vision of enterprise technology.
Today, speaking on the phone from Chicago about his company's broad array of offerings of what it dubs "extended-enterprise services," he is hard to imagine as anything but a dark-suited business executive doing phone interviews from limousines and during airport layovers. He talks about the extended enterprise and how the building of it rests on the foundation laid by every preceding business technology development, from ERP to ubiquitous desktop PCs. With enterprise employees and their partners getting connected, the extended enterprise has "certain characteristics that are diametrically opposed to the traditional system," Filipowski says. "A whole new approach needs to be used in defining those systems. An internal system used by your employees often got its greatest value if it was static. The more it didn't change, the more it was able over time to recover its cost."
Divine has three areas of focus: professional services, software services, and managed services. Basically, divine appears to be approaching the challenge as one of connections: between companies and their customers, customers and their data, companies and the data, employees and employees, and partners and partners all up and down the value chain. He believes it can be dominated like Microsoft and Siebel dominate their markets.
"We think there's
a really significant value in creating a business that focuses on
the business systems that have this extended enterprise characteristic,"
The focus of that July 2000 interview, divine interVentures, is still around. It is what Filipowski refers to as his "organic development unit," developing things that can become parts of divine, inc. But divine is also buying what it can't build fast enough; it recently announced its acquisition of Delano Technology Corp., maker of a marketing application suite. As he built up divine's offerings over the past couple years, "it was becoming more and more obvious that soon it would be far more cost-effective to acquire the components of an extended enterprise company," and it would be cheaper than growing it on its own, he says.
I hope the heart of the multi-colored-hat-wearing Filipowski still beats in the chest of the extended-enterprise services Filipowski, because the combined package could be a corporate leader the likes of which we see far too seldom.
(05/02/02) Maybe it is just the fan of morbid tales in me, but I have long taken an interest in true-life anecdotes about corporate security snafus. They so often reveal the human element in technology business decisions that all-too-often get ignored or glossed over. But when they mean the difference between sound security or sound defeat, it's long past time to listen.
At the recent Internet World Spring 2002 conference in Los Angeles, I got a chance to hear from a number of audience members as well as participants in the two panels I moderated in the Security Matters meetings track. I quickly got the impression that business people looking for security solutions tend to know what their problems are, though they're often not sure what are the best solutions. This Security Matters newsletter, of course, is a partial answer to that; we try to point out various solutions that are out there, and highlight their applications, so you can see whether or not it might fit your needs. But another useful method for figuring out what to do is to meet your peers at these professional conferences, and ask your real-world questions.
Audience participants at a panel on security products echoed comments I have heard before -- and that I have made myself -- about the need for security to deal with the unpredictability of the human element. Earlier in the 1990s, before high-technology was humbled by the NASDAQ drop, systems were talked about as needing to be "idiot-proof" to protect them from errors introduced by non-tech-savvy users. Today, the language might be less condescending, at least in public, but the need is not only still there, it has grown considerably with the proliferation of threats and user devices and applications.
There was the IT executive who noted that she had a board member who connected his laptop to the Internet while on the train to-and-from work. While at work, he was protected by the company's firewall and other security products. But her challenge was to make sure that any infections his system picked up during that wireless connection on the train didn't get introduced into her company's network when he connected again at the office. How often should she check his computer? Who should check it? Should it be an automated process?
Mark Mellis, a consultant with SystemExperts Corp., made the good point that at issue was whether or not the IT person wanted to trust that computer. Mellis' attitude, like the famous "X-Files" phrase, is to trust no one. In this case, trust no computer. Assume it's a danger, disinfect, and protect. Daily. I should add that the system one sets up to ensure that the executive's computer gets properly scanned and cleaned should be invulnerable to tampering by the user.
Chris Christiansen, the program vice president for e-business infrastructure and Internet security software at IDC, painted a sobering picture of the growing complexity of the security threat to organizations. Hybrid threats, worms, denial of service, and much more are in existence to keep you awake at night. But Christiansen also points out the human -- and legal -- side of trying to respond to some of those threats. Programs you put in to monitor and track your employees' Web usage, for example, can be seen as invasive. Your first response may be that they are overreacting, but it's not a matter of argument with over-sensitive users (though that occurs all the time). It's a question of to what lengths will they go in order to circumvent your controls? How much of your security system of scanning and monitoring can they dismantle or at least turn off?
This means management of rights to company computers. It means a mindshift for some people, from thinking that their company laptop is for their private use when they're at home and have finished their take-home work. (Don't bend on this rule. They can get their own inexpensive PC or Apple to do that.) But separating "business" from "personal" technology use is a good first policy step to take, and it will make the rest of your policy enforcement easier, too. What's "business" is open to your regulation, and what's "personal" has no connection to your network or databases, and they're free to screw it up at will.
Security Matters Newsletter Commentary
Threats From Grid Computing
By John Zipperer
(04/25/02) Are you thinking about grid computing? It is probably a good time to start looking at how this technology will have an impact on your security plans. The issues at stake are similar to other security concerns that come up with interconnected companies, but they also include some fascinating concerns as grid computing moves technology in a new direction.
Grid computing brings to mind visions of the global SETI project, in which computer users around the world donate processing time from their home computers to help the extraterrestrial-search project crunch through data. The project is a failure, in the sense that it hasn't yet found alien life, but it's a success in popularizing the notion of distributed computing.
The technology has begun to move into the enterprise world, but in a manner that differs by keeping the distributed parts mostly behind the firewall. (See a report in the June issue of Internet World magazine.) That part of the security is easy we already understand networks behind the firewall. But already the next step is being taken, in which organizations are spreading their grids to trusted partners. (This is mostly happening in the academic and research communities.) After that, there will be efforts to share all of that unused processing power sitting in those over-powered but underutilized personal computers owned by people you don't know and trust. Do you avoid getting into grid computing at that point, or can we handle it?
Barton Miller is a professor of computer science at the University of Wisconsin-Madison, where his research and teaching topics include parallel performance, distributed systems, and something called "fuzz random software testing." He says there are a number of security issues with outside-the-firewall grid computing that need to be dealt with. He starts by noting that there are a couple ways of thinking about the process of running a job on a grid system.
"We're all going to be sharing resources, so you start thinking about two concerns," says Miller. "Is the owner of that computer safe, with jobs coming from other organizations? That problem has been well understood. But a problem that has gotten less attention remains, my job is running on systems owned by other people, and is my information safe?'"
You don't know where the project is running or if the owner of that computer is trustworthy. Even worse, it may not matter if the owner is trustworthy. Miller describes a project in which he launched a job into the grid, and the job left "lurker processes" running around behind it, allowing him to do things to subsequent jobs that arrive at that computer.
The threats are that malicious things could be done to your data, or that your program for handling the data might be altered, or that someone could simply steal data. The first two are easier to handle than the third. "If you're throwing the data out there in a simulation [project], your data is out there in ways you don't control for anyone who has access to that machine in one way or another." He says there's not a way of stopping this, and until there is, if the information really is sensitive, you shouldn't be running your job at sites you don't control.
What we know from our non-grid experience is that any weakness that can be found or created in Internet systems will be found, created, and exploited. The commercial producers of grid-computing technology are eager to say those problems are surmountable, and Miller doesn't say otherwise. But it's worthwhile listening to academia on the limitations of this technology, because academics are the ones leading the development of grid technology, not unlike the role they played in the development of the Internet itself.
(04/08/02) Not too long ago, hosting companies were getting squeezed by the evolution of their core business and were looking for a new approach. The hosting industry was talking about taking on managed services as a way to restore profitability; collocation was becoming a commodity, and managed services appeared to be the way to offer higher-level services. But moving to that new model meant major investment in new tools, and adapting enterprise management systems for outsourcing centers presented its own challenges.
And that's where Inkra came along. Inkra Networks takes its name (Inkra, that is, not Networks) from the German word "inkrafttreten," which means "to take effect" or "to come into force." The Fremont, Calif.-based company was founded in May 2000 to tackle the IP service delivery channel challenge.
When the company's founders talked to data center representatives, "Nobody told us they couldn't build something they needed built. Nobody told us they needed something faster. It wasn't about performance specs," says Dave Roberts, cofounder and vice president of marketing for Inkra. "It was all about economics." Roberts is an alumnus of Nortel Networks, where he was responsible for product strategy for that company's layer-2 and layer-3 Ethernet switches and campus ATM switches.
Inkra's approach was to provide a single system that would perform the functions that are currently performed by other IP services appliances. It aims to be less-expensive for both capital expenses and operating expenses as well as making the management of these services easier. Its answer is to virtualize the services.
Its Virtual Service Architecture (VSA), for deploying and managing scalable, multi-tier applications, was announced in February and targeted toward the service-provider community and enterprise data centers. It uses a "virtual rack" approach, analogous to a physical rack of network equipment that has been virtualized "a container for virtual services in the same way that a physical rack is the container for physical equipment," says Roberts. Each customer of the service provider has a specific configuration of services in the virtual rack; it's his or her partitioned workspace, in effect.
Security is handled through Inkra's HardWall technology, which does many functions. It allocates resources for each application; it enforces security between applications; it protects services from changes or problems introduced by other services. Roberts says the goal was to preserve attributes of the appliance model, with predictable performance and some isolation in the face of failures. "When the system is processing packets for your virtual rack, it is not allowed to see the virtual racks of others in the system," says Roberts, who notes that a technology like HardWall is critical and that service providers told him they wouldn't deploy vitualized systems unless it had such a feature to give them security and crash protection, so they're not exposed if something goes down. "A lot of our customers told us, 'I need that [feature] to be able to offer my customers predictable performance and to limit my exposure in the face of failure,'" he says.
Customers can also integrate third-party appliances into their virtual system. They could use most of the services in the virtual rack, then go out and use an external appliance, and return to the virtual rack to use the rest of their services.
(04/01/02) So much for english as the lingua franca. You don't have to be a devotee of Samuel Huntington to believe that doing international business increasingly will require juggling multiple languages. Huntington is the Harvard political scientist who argues that as civilizations other than the West continue their economic resurgence (such as in China, India, and some Middle Eastern countries), English will be used decreasingly as the common language between two parties of different cultures. Increasingly, they will study other major languages in school and use those languages with each other, and English speakers will find more resistance to the expectation that they will use English with us, too.
The idea of a common language in business has long been oversold. [See "Global Languages Aren't Universal," June 15, 2001, p. 14.] The main problem is that it still only dealt with a thin layer of a society, the elites who were somewhat cosmopolitan. But your consumers in other countriesas well as Americans whose primary language is other than Englishneed information and help in their local languages and your business customers will, too. So how do you deliver it to them?
Companies such as package-deliverer United Parcel Service, with call centers around the globe, already had a local-language infrastructure in place as they looked to expand their CRM services. "Being global is not new to UPS," says Ramsey Mansour, the company's director of international e-commerce. "We've always had the process in place where we have the local content in the local language."
Michael Ryan, vice president of international e-commerce at UPS, says that bringing its customer relationships to the Weband away from physical visitsand handling the necessary translations were the big parts of the effort behind its recently launched UPS Online Tool, which gives its customers the ability to use services from the Web or from a mobile device. The company had seen the importance of local languages when it upgraded its Web sites. "We've been working hard to get our UPS.com Web sites around the globe translated. About a year ago, we translated our Asian Web sites, and we saw such a tremendous growth in usage in Asia alone, there was a 225-percent increase in usage," says Ryan. "That sends us a message that our customers want to use their local languages."
Yoram Nelken, Banter's CTO, says handling customer queries presents a problem because of the imperfect language people use. "When you analyze newspapers and articles, you can assume correct language and grammar," he says. But "real" people don't necessarily comply with all the language rules, and that becomes an even bigger problem to sort out when you have to handle bad grammar or improper word-usage in multiple languageseven though English may have a place of (dis)honor for the most mistakes. "Broken language is mostly an English phenomenon," Nelken says. "You have more foreigners trying to write English than any other language. If you're writing in French, you're more likely to be French."
As some multinational companies consolidate international offices to take advantage of centralized information control or just to lower costs, there's a need to go beyond mere translation. That's why products like Point Information Systems' CRM solution or Click Commerce's Relationship Manager stress their localization abilities. Point's product is in 19 languages across 36 countries; Click's is in more than 15 languages in at least 70 countries.
"The Click Commerce Relationship Manager allows users to specify their locale rather than just their country," says Steve Cole, senior vice president of corporate strategy for Click Commerce. "This complex profile allows users to select their country, their language, and even their preferred currency, while simpler applications would assume, for example, that all people living in Italy speak Italian."
This is also the approach of Kanisa Inc.'s Kanisa 3.0 product. (Kanisa's Web site states that the company is named after the word "know" in Lingala, an African tribal commerce language.) Its automated customer-care system offers the ability to handle customer interaction in multiple languages simultaneously.
Kanisa's vice president of solutions and technology, David Kay, says that handling languages gets complicated. "Any one aspect of the problem is relatively easy, certainly from a technological standpoint, but the whole package is really, really hard, because there are so many policies," he says.
Genesys announced a product
in March that it calls Contact Navigator, which is a contact-center
tool that rests on top of CRM applications. The product is also compliant
in Unicode, a system for displaying the written texts of various languages.
Juggling Multiple Languages
"ROI isn't only measured by dollar savings," agrees Robb Eklund, PeopleSoft's vice president of CRM product marketing, "but it also goes to the question of am I able to improve the level of services to customers? Am I able to deploy my best resources to my most profitable customers?"
"The business of internationalization has been very interesting for us," says Kay. "Without a well-thought-out approach to internationalization, none of our customers would have bought us. On the other hand, there are so many challenges to the organizations themselves to roll out completely internationalized experiences, it's still taking them longer then they'd like just to get their own ducks in line internally. It's a problem, but it's one that our customers tell us will offer significant competitive advantage for them."
(04/04/02) Based on its conviction of the importance of the Java programming language to the development of services and programs for devices, SavaJe Technologies has taken its Java operating system for handhelds and adapted it for smart phones. The result, SavaJe OS Smartphone Edition, was launched in mid-March at the CTIA Wireless 2002 Conference in Orlando. The company then took its message to San Francisco audiences at JavaOne Sun's Java developer's conference in San Francisco.
A handful of other exhibitors at the Moscone Center were using it to run demonstrations of their own products, including Intel, Sun, and Zeosoft. SavaJe's message to potential customers is pitched on the Java-fidelity of the OS. It's a truly Java-only offering without the need to deal with different APIs, according to Matthew Catino, vice president of business development for SavaJe. The company says its standards-based platform is designed for developers to use in their J2ME and MIDP offerings, and serves as groundwork for future development.
Catino used two Compaq iPaqs to do a side-by side comparison of SavaJe with a competitor. The SavaJe OS loaded applications much more quickly, while the other iPaq (running Microsoft's Windows CE-based Pocket PC platform) had long delays. Once the first application began to run which included an animation it ran visibly smoother on the SavaJe iPaq. Catino only ran one application at a time on the Pocket PC iPaq, saying it couldn't handle apps running in the background. He opened up another application on the SavaJe iPaq without closing the animation, which continued to run smoothly.
Catino attributes the speed to the architecture of the system. "We actually use stuff in the hardware that no one else uses," he says, referring to its tapping of the memory chip. He notes that the SavaJe OS Smartphone Edition supports the whole set of Java APIs, ranging from MIDP to J2SE, on wireless and handheld devices.
The North Chelmsford, Mass.-based company was founded by veterans of Lucent Technologies' Inferno Operating System team in 1999. The impetus for SavaJe was customer interest in a full Java product for next-generation wireless and handheld devices.
"If you have no preconceived notions, and you were going to build a device, what OS would you want to run on the device?" asks Catino. "You'd want the full standard edition of Java." As a result, his company has been touting the certification of its Java handheld OS for J2SE compliance. Its support of the "SE-Lite" area of MIDP helps device makers take the OS down to the next generation of smaller devices.
For now, SavaJe is bringing its smart-phone message to OEMs and developers, making the case that its product will ease their development work and increase the reach of their offerings to customers.
"All the stuff that's generally associated with building a client-server application is here," says Catino. "This should enable carriers to build applications much more quickly." He notes that SavaJe also courts developers and points to its developer site, where they can download the OS and partake of other developer-community features.