by Ross Sivertsen | Nov 23, 2007 | Blog, Web/Tech
Link: » The Magic Quadrant: Team collaboration and social software | Between the Lines | ZDNet.com.
Ok, so I’ve been looking in to the whole use of Web 2.0 applications for use in the enterprise, the Enterprise 2.0 concept. Now call me provincial, and I probably should learn much more about this than I have, but one of the things we’ve really been struggling with during the last several years is the work group collaboration over dispersed geographic regions.
So I’m sitting here on Thanksgiving day thinking about this stuff while I’m eating my turkey and dressing (also eating collard greens being the good southern boy I am). I’m doing some casual research on the subject and run across this article on ZDNet. Seems Gartner has already published a report on the concept of the use of social software (like Facebook, Twitter, blogging, wikis and the like) to facilitate team collaboration.
Now everything said and done, the "money shot" of this report is the "Magic" quadrant, see figure 1, a graphic representation of leaders, bleeders, followers and trailers in the social software sector using applying this technology to solve the problems of collaboration in the enterprise.
Alright, so the long and short of this image are two interesting organizations coming even anywhere close to being leaders, and that’s Microsoft and IBM, two of the largest behemoths in the technology industry. What does that really mean? Well, that just because an organization is big that it doesn’t have vision, and just because an organization is small and agile, that it does have vision.
This is a really intriguing topic for me, and one I’m going to continue to write about. Let’s see how this is all going to apply to my new projects, and where this is going to lead.
Stay tuned…
by Ross Sivertsen | Nov 21, 2007 | Blog, Current Affairs
Ok, so I sent a Twitter post last Sunday while my wife and I were sitting in the final class of Dave Ramsey’s Financial Peace University, and he was talking about the notion of "stewardship" campaigns in the church. He points out, and as I’m sure you’re familiar with as am I, that the term "stewardship" usually equates to "fund raising" drive.
Now, I’m all about fund raising, and certainly giving money to worthy causes and tithing to your church should be, and FPU teaches, the very first lines in your budget, before anything else.
That said, as Dave was talking about "the great misunderstanding" about charitable donating, he mentioned something that I found interesting. Dave said, what if more churches taught stewardship, not in the form of donating and asking for money from the body, but stewardship as it was really meant, teaching lessons in managing the abundance given to us.
This has nothing to do with Christians, Jews, Muslims, Hindus or Buddhists. It has nothing to do with Churches, Synagogues, Mosques, or Temples. This has to do with teaching humanity to be good managers of the gifts that have been placed in to our lives.
Now, before I come across as sounding too self-righteous, I’ll be the first one to stand up and say I haven’t been a good steward of the abundance in my life. But I do work on it daily, and get a little bit better every day. But I digress.
The whole point of the lesson is that if the Church (or whatever) began teaching their respective bodies on HOW to be good stewards, there is a VERY GOOD possibility, that the body will respond by GIVING more abundance to the Church.
by Ross Sivertsen | Nov 1, 2007 | Blog, Business
I’ve been
thinking about something the last several days, you know I sit on the board of
a couple of non-profit organizations, and we’ve been looking at outsourcing
services to other organizations. I also had a discussion about outsourcing with
a lunch partner today, and this thought cropped up again.
As outsourcing
of mission critical services becomes more and more commonplace, especially in
small business where business owners don’t have the means to maintain a
dedicated technology staff, I have a question about how service organizations mitigate financial risk from service failures.
In
businesses that build and sell widgets, you would typically carry a warranty
reserve as a liability on the balance sheet to compensate for the cost of
returns from the field. But that doesn’t work in a services business that hosts
and maintains mission critical applications (and quite often sensitive private information). What happens if there is a failure that causes a service outage
for a length of time (which in many cases isn’t very long) creating a financial
impact on the business that relies on the service?
I mean,
I’m sure the company backs up, and I’m sure they co-locate their sites.
I’m
talking from a financial responsibility perspective, how they carry a loss of
service/information liability on their books.Even a publically held company’s
10Q mentions service disruption risks as part of their operating model, go ask
your CFO if your financial processes account for those service disruption risks
on the balance sheet.
Here’s
the reason why; any business that provides goods or services has some type of
reserve on their balance sheet to cover the liability of a failure in either
goods or services.
As part
of the T&C of the service agreement, they will make some claim regarding
confidentiality, integrity and availability of the information and service. If
they fail to meet those T&Cs they’re going to experience a liability. How
do they carry that liability (and how much) on their balance sheet?
It’s
important to know because we’re entrusting our very private and critical
information to a service outside of our control. I’m sure they do their due
diligence on backups, but it’s easy in a fast growing business to not keep up
with the controls necessary to protect the C/I/A of the information (both from
a process and infrastructure perspective).
The single failure cost of loss to a small business could be
catastrophic (think loss of either information or unintentional divulgence of
information). The company you contract with has some financial responsibility
to make you whole (at least in part) because you have the SAME responsibility
to your community (think about it this way, if your credit card information was
left out on someone’s desk, the cleaning crew came by, took it and ran up
thousands of dollars on www.myporn.com, you’d expect the company to attempt to
fix the problem, wouldn’t you?).
So the
question is how does the company mitigate that risk? In similar cases the way
to transfer the risk is through the purchase of insurance, but you can’t insure
against that. So the company has to self-insure by carrying a liability reserve
account on their balance sheet. Ok, so now, the company has thousands of
clients, right? *IF* there is a failure (in service or process) and *IF* the
company doesn’t carry enough of a reserve on their books to compensate their
clients for a claim, they can’t (or won’t) attempt to make things right without
a fight.
Now, I’m
not so naive to think that we’re going to change anybody’s mind about how any company
does their internal risk mitigation or accounting. But if a company has shown
enough foresight to put internal controls in place to mitigate financial
liability against these types of risks, then there is a good chance that they
have enough foresight to place control in other parts of their corporate
governance. And, if they’re a publically held company, then SOX applies, and
they’re being audited on GCC anyway.
Now
before all y’all think that this makes no difference, and that I’m tilting at
windmills, consider that just in the last couple of weeks, that Home Depot had
a laptop stolen with "the names, home addresses and Social Security
numbers of 10,000 employees," AND Iron Mountain a DATA PROTECTION SERVICES
COMPANY admitted it lost a decade’s worth of bank account data and Social
Security numbers for almost all Louisiana college applicants and their parents
during a move when a driver apparently failed to follow company security
procedures.
All of
these weren’t malicious attempts at terrorism, they were simply part of the
category of sh** happens.
At the
end of the day how a company’s internal processes address these types of risks
is a barometer of where their focus sits.