Inferences for ‘07
Monday, January 1st 2007 | Ismael Ghalimi
Last year’s inferences lead to an unexpectedly high 83% success rate. This will be hard to beat, especially because my new batch of nine inferences will be stated in more measurable ways, leaving little room for history rewriting. Let’s give it a shot anyway, and meet again on December 31st, 2007 for our yearly performance review. In the meantime, happy new year to all!
Open Source will drive BPM adoption
The release of a complete BPMS under an Open Source license should significantly reduce any barrier to adoption. The leading Open Source BPM vendor will capture the largest market share, while more companies will start BPM projects than in the prior three years combined.
Google will acquire a complete Office 2.0 suite
Google Docs is like ThinkFree’s Quick Edit mode: it works, but the feature set is way too limited to convince a large-enough number of Microsoft Office users to make the switch. Something akin to ThinkFree’s Power Edit mode is necessary, and buying it will certainly be quicker than building it. Google, which doubled its workforce to almost 10,000 employees in 2006 would rather spend cash and stock than waste time. ThinkFree or Zoho look like perfect targets, even though convincing the good folks at AdventNet won’t be an easy task. Apple Computer might make a similar move too, significantly enhancing the capabilities offered by the excellent .Mac online service. On the mobility front, Palm will likely be acquired as well, possibly by a telecommunication service provider.
Office 2.0 will start getting adoption in the corporate world
While early adopters will continue to be very small businesses and academic users, the corporate world will start playing with the technology as well. Individual users will favor large collections of applications such as Zoho, while corporate departments will prefer feature-rich suites such as ThinkFree. This movement will be acknowledged by several Gartner reports, as well as a cover article in BusinessWeek magazine.
All top ten off-shore software development firms will have a BPM practice
The Capability Maturity Model for Software (also known as CMM) has been retired, and the Capability Maturity Model Integration (CMMI) replaced it, with a stronger emphasis on business processes. The model-driven development approach enabled by Business Process Management (BPM) technologies makes it easier to measure and improve the quality of development processes compared to traditional software development approaches based on the writing of code. Off-shore software development firms have known that for a long time — Infosys was one of the first companies in the world to develop a working implementation of the BPML language back in 2001 — and will take advantage of it, now that commercial implementations have matured enough.
Open Source vendors will grow faster than their closed source competitors
More user accounts will be created on SugarCRM and vtiger combined than on Salesforce.com. Compiere will announce the successful migrations of several large Oracle E-Business Suite customers. Intalio will sign more new customers than Lombardi, Pegasystem, and Savvion combined. The vast majority of SOA projects will be using Open Source solutions such as Axis, Mule, and ServiceMix. And the first Open Source database vendor (EnterpriseDB, Ingres, or MySQL) to release a plug-compatible replacement for the Oracle database that can support the SAP R/3 application for over 10,000 concurrent users will get the best home run in database history since Sybase, but that might take a couple more years…
Apple Computer will make online data synchronization really work
Once the iPhone — or PodPhone, or whatever Steve decides to call it — is released, people will realize that its killer feature is not that it can play tunes, but that it can synchronize contacts and events in a wireless fashion more easily than any other system. Granted, such synchronization has been working fairly well with the BlackBerry+Exchange combination for quite sometime now, but who really likes to administrate a Microsoft Exchange server? Also, a Mac-compatible version of QuickBooks Online Edition will be released, unless a competitive offering steals the show first.
SOA will get simpler
The Java Business Integration (JBI) API will go the way of CORBA and be relegated to specific vertical industries such as telecommunication services. Large corporate users demanding very high transaction volumes — think Wall Street brokers & dealers — will favor lightweight application servers with streamlined stacks for Web services such as Apache Axis, and MuleSource will emerge as the leading Open Source ESB player. Production-grade ESB functionality will come for free with all major Open Source stacks, accelerating the demise of the few propriatery EAI vendors left standing.
Enterprise 2.0 will establish itself as a sticking meme
High-profile conferences originally focused on collaboration and e-Business will adopt the moniker, Oracle and SAP will incorporate Enterprise 2.0 stacks similar to Intel’s SuiteTwo within their respective product lines, and the SEC will issue new guidelines for corporate blogging.
Standards for online services will be adopted
Enough services supporting OpenID and Amazon’s Simple Storage Service (S3) will become available for early adopters to build a working Office 2.0 Setup that provides single sign-on and remote data storage. Open Source frameworks offering plug-compatible alternatives to Amazon’s EC2, S3, SQS will be released as well, enabling truly distributed backup strategies to be developed.
That’s it for now. Happy new year to you all again!
Disclaimer: I work for Intalio and serve as an advisor for ThinkFree and Zoho.
Entry filed under: BPM 2.0, Cloud Computing, Consolidation, Office 2.0, Offshoring, Open Source, SOA, Social Networking, Standardization
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Could you define exactly how Intalio is Open Source?
The folks at JBoss don’t believe so.
Ismael,
A great list, but I do wonder how much corporate adoption of Office 2.0 there will really be in 2007. I think it’s a foundational year, but 2008 will be the big breakout I suspect.
Same with Enterprise 2.0, though that will have less problems with adoption I think, mostly due to the fact that there are unsolved problems, as most seats in a given company already owns MS Office today.
But these are just quibbles, your points are excellent.
Best,
-Dion
Roger,
As announced on this press release, Intalio will release its entire product under the Mozilla Public License (MPL) ammended with an attribution clause, following the model adopted by SocialText, SugarCRM, Zimbra, and several other commercial Open Source companies. The code will be released in Q1.
Best regards
-Ismael
Dion,
Good points. How would you measure this ‘big breakout’ in 2008?
-Ismael
[…] Original post by Ismael Ghalimi and software by Mark Bean […]
Ismael,
I believe that you might have missed several emerging trends that could have a significant impact to the IT arena. They are:
1. SysML, DoDAF, and ISO AP233 have been converging as a de jure international standard that could replace BPMN and the like.
2. CMMI has replaced CMM for a long time. CMMI 1.2 will come in 3 variants, namely: Development (already released), Services, and Aquisition.
3. Until BPMS can support operational processes (not just business processes) and EDI (X.12 and EDIFACT) similar to BizTalk, not many large organizations will jump on the BPMS bandwagon anytime soon. This has to do with supply chain management processes using RFID technology in large enterprises such as WalMart and DoD.
Don’t forget, DoD is the largest IT buyer and user in the world. When it buys products from a vendor for the whole department, many other government agencies follow. A good example is the US Congress that uses Microsoft’s Exchange for e-mail management. Would US Congress adopt Open Source software? The answer is highly unlikely, as none would pass the C2 certification. An example is that IBM rewrote AIX to get the C2 certification. Microsoft’s NT-based OSes have been C2 certified. When DoD wants something as standard, DoD always gets it from standard bodies such as ANSI (MUMPS, Ada, etc.), EIA (EVMS), IEEE (POSIX), and now OMG and ISO for DoDAF!
-Francis
Francis,
I could not agree more, and here is an other inference for you: a BPMS will receive C2 certification within the next five years, and it will be based upon an Open Source code base.
Ismael,
That would be great. BPMS should then be renamed as EPMS (Enterprise Processes Management System), only if it can really support all enterprise activities, with a generic template or model, as depicted in Professor Porter’s “Value Chain” model.
Have a prosperous 2007!
-Francis
Francis,
I like the concept for an EPMS… We might used that term at some point.
Happy new year to you!
-Ismael
Regarding C2 certification: If you’re referring to OS certification (as would seem to be the case by references to NT and AIX), then Red Hat Enterprise Linux 3 achieved the equivalent of C2 certification back in 2004 when it achieved Common Criteria validation at Evaluation Assurance Level 3 (EAL3). Common Criteria is the replacement for the “Orange Book” security criteria like C2, B1, etc. About a year ago RHEL4 received Common Criteria validation at EAL4, a substantially more rigorous standard than the old C2 certification. So Open Source operating systems are now fully competitive with proprietary OSes in terms of security certifications.
The main thing lacking from an Open Source point of view is security certification of applications above the OS — but this is not just an issue with Open Source. The current list of Common Criteria evaluated products contains only a few products that are not OSes or security-related products, and most of those are middleware (e.g., Oracle, WedSphere).
However, achieving Common Criteria validation, though not trivial, is not an insuperable obstacle either (it basically takes a couple of years and on the order of $1M or more, depending on assurance level), so think the expectation of seeing Open Source applications achieve CC validation within five years is a reasonable one.
Hi Ismael,
A very Happy New Year to you.
I’m not sure how secure the future of BPM is at times. It seems that there has been a bit of a lack of innovation in this space, considering how long it has been around. I realize it is often hard to turn the excitement and promise of a new technology into revenue, and I expect that has a major impact on developments.
Because of this, it seems that many vendors have created alternative approaches (largely because they don’t understand BPM properly). This just adds to the confusion of potential customers. So I’m not so sure how much time ‘pure’ BPM has before some of these alternatives become too embedded in the minds of those customers.
But I remain optimistic.
Cheers
-Bob
“More user accounts will be created on SugarCRM and vtiger combined than on Salesforce.com.”
This I believe, but how much revenue will the accounts generate vs. CRM seats? And will they really dent the core CRM base & growth rate? All accounts of course not created equal.
Frank,
Thanks for the clarification. Very helpful.
-Ismael
Bob,
If you look at the time it took for the RDBMS to go from idea (ealy 70’s) to working implementation (early 80’s), BPM seems to be on a faster track. But you’re right in saying that too many vendors are confusing the message. In the end, I trust customers to be smarter though, and to focus on what will really solve their problems. I do not believe that a revamped workflow solution will make the cut there…
Jason,
You’re right in saying that revenues generated by SugarCRM and vtiger will be a lot less than the ones generated by Salesforce.com. But what interests me is the disruptive power of such solutions. In the end, they make a difference, much like the availability of a good Open Source J2EE application server (JBoss) completely reshaped this industry, to the customers’ benefit.
Security, in general, is ignored by most software developers when they conceive, design, and develop their products. Many software vendors — including IBM — have to retrofit it, when they want to sell their products to governments (e.g. U.S., U.K., Canada, Australia, and many others). Oracle needed to get C2 certified because it has its own file I/O and clustering subsystems, which bypass every OS, including IBM mainframes, UNIX, and Windows. By the way, no one can get A1 (or equivalent) certified, for it needs to be mathematically proven that the software or hardware complies with all A1 requirements. Moreover, the one who submits the proof, must have a recognized MS degree or higher!
If BPMS is as powerful and versatile as most vendors claim, it needs to be C2 certified, for it can potentially interface with many, if not all, enterprise systems. Let us say that a BPMS can interface with the systems for an intelligent building to monitor system activities at a high-level. In its current form, it is not too difficult to tap into a BPMS and take control of the security and environmental control systems of a building! Imagine that you could gain access to virtually everywhere in the building by bypassing all surveillance devices such as CCTV and motion detectors. In essence, a Chief Risk Officer, not the CIO, must be able to verify and ensure that the BPMS is not a loophole that poses security threats. SOA and AJAX are vulnerable to many forms of attacks over the Internet in their current forms!
-Francis
Francis, Ismael,
I have a few models for security, based on the level of paranoia required by the organization. Military systems have a high level, Ismael’s Blog a low level. My solution is to have a process-based system that is open to access by anyone, the process system then determines how the process should run, not if it should run. This way, security is embedded in the BPMS. You can still be paranoid if you like, and add a firewall, but it should not be necessary.
Cheers
-Bob
It is good that the folks over at JBoss have it all wrong regarding Intalio, and that it is 100% free to use even in production environments.
Bob,
I believe that you may get somewhere with your security models. Please submit them to ISO to enhance its standard — Common Criteria (CC): ISO/IEC 15408. CC (C2) was derived from DoD’s Trusted Computing System — the Orange book. After its publication, many governments in the world adopted it as security standard for ADP (Automatic Data Processing). There are many levels of certification, the minimum is C2. The highest one is A1, which no one has been able to achieve as of yet. Instead of maintaining the Orange book to incorporate feedback from other governments, DoD turned it over to ISO to evolve and maintain it as an international standard. When software is C2 certified, governments can purchase it without questions.
When BPMS matures to be an EPMS (Enterprise Processes Management System), it needs to be C2 certified before large organziations will use it. The current statistics for the failure rate in BPMS implementation is 41%, even with help from BPM consultants and vendor specialists. Many organizations question the real benefits as touted by BPMS vendors. The concept is fantastic, but the software falls short in realizing the benefits claimed!
Going down the Open Source route is a good way to promote BPMS. When a facing high failure rate, BPMS is another venture like ERP implementation — expensive and with a lot of headaches and heartaches! There is no free lunch, even if the cost for the software is a big fat zero. An organization still needs to invest in hiring external expertise and training its staff to plan, design, configure, execute, and maintain the BPMS.
In essence, it is about more than just security in deploying BPMS within an organization. Open source vendors make money by offering training and support services. Moreover, it is a general practice that Open Source software’s documentation is at the lowest level of quality. The best documentations are from IBM and Microsoft. DEC and Tandem were too, but they no longer exist, as they are part of HP’s operations! IBM’s Principles of Operations for the 360 Mainframe was the best computer architecture document ever published in the sofware arena!
-Francis
Roger,
Glad to see you write that. I think so too.
Best regards
-Ismael
Francis,
Where did you find this statistics about the failure rate of BPMS projects? I believe it must be close to the reality, but I would like some reference for it. Also, the quality of documentation for Open Source projects varies greatly, and is up to the commercial Open Source vendors to improve. Feel free to join us if you want to help.
Best regards
-Ismael
Ismael,
Actually, the failure rate is 59%, not 41% as I quoted. “A recent survey by BPM Magazine advised that vendors and consultants fall short in delivering on the promise of BPM systems -– only 41% of the companies surveyed reported that their BPM system implementation went according to plan.” The source is BPM Magazine’s Survey on BPM Implementations.
You can subscribe to get a copy of that report in the BMP magazine.
Best regards,
-Francis
Francis,
Thanks for sharing the source. I would not say that “not going according to plan” equals failure, but the figure is disturbing to say the least. My take is that most BPM products out there simply do not work, for they are not products, but rather frameworks that only consultants paid by the vendors themselves can actually deploy into production, and that is when these consultants are actually good.
A couple of months ago, I had a discussion with an analyst at one of the top analyst firms. I mentioned our BPMS Challenge — which by the way no vendor managed to complete, contrary to what they claimed — and I asked her if she could name one BPMS vendor — beside Intalio — which product had been successfully deployed without any help from the vendor itself. She admitted that she could not. As a point of reference, this analysts conducts over 300 customer briefings on BPM every year, and personally covers all BPM products you and I could think of. To me, this tells the whole story.
More on this later.
Best regards
-Ismael
[…] In my Inferences for ‘07, I suggested that open-source, plug-compatible alternatives to Amazon’s EC2, S3, SQS will be released sometime this year. Here are a set of reasons why this would make sense, and why everybody would benefit from such a thing, including Amazon itself. […]
Trackback this post | Subscribe to the comments via RSS Feed
Leave a Comment