Osterman Research

Many technology companies are notorious for being too cautious when introducing new products or bringing to market new technology developed by their skunk works. A new offering will often be underdesigned or feature-limited because product managers fear the new will cannibalize sales of the old. The IBM PCjr is a great case in point – a low-price point PC (for the time) with lots of potential, but one that lacked key features that could have driven it into the SMB and education markets quite nicely. The result is a new product that fails to meet expectations when it isn’t necessary.

But what if a company organized itself in such a way that it fought itself – that it actually planned to fail? Take Apple for instance. What if the company organized itself so that the iPad folks sought to put the MacBook Air folks out of business? And vica versa. Of course, they would rely on the same basic operating system – which would be an operation unto itself with two competing customers – but in every other way the two divisions would slug it out and try to move customers away from one platform and toward the other. No intentional design limitations, no giving one product the faster processor, etc.

Conventional wisdom says that such a strategy is pretty stupid. And it could be if not managed properly. But it might actually elevate competing offerings within the same company to levels that it could not otherwise achieve.

Why?

First, there’s an old rule that always applies: if someone is going to cannibalize your market share, make sure you're that someone. For example, if hosted archiving is going to do away with your on-premise archiving solution, make sure it’s your hosted archiving solution that will do it. If your customers are moving to SaaS-based email and away from your on-premise software or appliances, they had better be moving to your SaaS-based email offering. Trying to preserve margins or market share or tradition without being the destination for those leaving you is futile.

Second, competition almost always improves your offerings, regardless of from where that competition arises. If you’re the MacBook Air folks and the iPad folks are gaining market share at your expense, chances are you’ll be motivated enough to at least try to do it better than them. Nations do the same thing by offering lower tax rates or cheaper labor or easier export rules (Ireland is a good case in point.)

Third, acting stupid by announcing to the world that you’re competing with yourself might get good press – and any press is almost always good press. Telling the world that you’re trying to do away with the old and move to the new – while still supporting and improving the old – might just net more market share than you otherwise would have if you hung on too tightly to the old paradigm.

Last week, I had the privilege of attending a very interesting day-and-a-half IBM meeting in San Francisco on Advanced Case Management, which will be the subject of an upcoming blog post in the near future.

However, this newsletter is focused on Atlas for Lotus Connections, an older IBM application that sits on top of Lotus Connections, the company’s social networking tool. I was given a demo of Atlas while at the meeting and was quite impressed with its capabilities, among which are two important capabilities:

• The ability to create a visual map of social connections within an enterprise or another group. For example, type in a keyword or phrase on a topic, client, etc. and a map of individuals and their relevance to that search term will be displayed. This is quite useful when trying to find an expert to help on a project or to find someone who has experience with a particular client.
• The ability to find the shortest path to an individual with whom you’d like to connect. Atlas will analyze the various types of individual communications in an organization and map out the best path of individuals that can help you find an expert on a topic. Again, very useful if need to find expertise outside of your direct circle of social contacts.

I'm impressed by Atlas’ ability to create what IBM calls “social value” across an organization. This is very useful in large and/or geographically distributed organizations in which personal interactions would be nearly impossible or would happen only by chance. This concept is not new, of course, but has been developed by a number of companies over the years.

The ability to create social value will become more important in the future for two important reasons. First, organizations are becoming more distributed as decision makers find they can reduce costs by allowing employees to work from home. This complicates and slows the decision making process because of the geographic separation of co-workers, in no small part because the person you need to talk to isn’t just a quick walk down the hall. Second, younger workers that are used to employing Web 2.0 applications, text messaging and other non-traditional tools are becoming a larger proportion of the workforce. While IT departments can force these workers to use traditional tools with their limited capabilities, smart ones will deploy social networking tools and build value-added capabilities on top of them.

You can get more information on Lotus Atlas at http://www-01.ibm.com/software/lotus/services/atlasasset.html

The decision of whether or not to archive email and other electronic content is (or at least should be) fairly simple: if you keep a copy of your personal tax return for at least a few years, then you’ve already acknowledged the importance of archiving critical information. Just apply the same logic to your business records.

More problematic for some decision makers, however, is the notion of using a hosted or SaaS-based archiving solution. For some decision makers, letting a third party manage the crown jewels – the critical business records that they will need for many years – is not as desirable as on-premise solutions because they fear the loss of those records, an inability to retrieve them on demand, poor performance when conducting searches, and so forth. While this perception is real, the evidence to support it simply is not there. Consider:

• Global Relay, which focuses heavily on the financial services industry – the most rigorous industry for archiving given SEC and FINRA requirements for long-term data retention with very high integrity – has been in the hosted archiving business for 11 years and in that time has never experienced even one incident in which it lost a customer’s email. The company’s infrastructure is highly scalable and is based on a very high performance search database technology that permits rapid searching across even enormous stores of archived data, with a typical search conducted in under three seconds (we recently published a white paper with survey results that were somewhat contrary to this, but the white paper presented the results of a survey, not a bakeoff). Global Relay’s customer data is encrypted using a highly secure encryption algorithm.
• Smarsh is another hosted provider that has been in the archiving business for many years and also focuses on the financial services industry. Yes, Smarsh had an outage of its Web site and VoIP-based phone system back in February (prompting one blogger to question the integrity of the company’s archived data), but absolutely no customer data was lost, nor was the archiving of customer data interrupted in any way.
• LiveOffice is another leading vendor of hosted archiving that has been in business since 1998 with a heavy emphasis on the financial services industry. The company serves a large and growing client base, offers 99.99% uptime (less than 4.5 minutes per month) and a 97% client retention rate, all while offering very good performance and tremendous security.
• Proofpoint, which acquired hosted archiving vendor Fortiva in 2008, uses its DoubleBlind Encryption technology to encrypt clients’ data both in transit and while being stored at Proofpoint’s data centers. Proofpoint’s archiving offering is focused on Exchange-enabled organizations and offers another highly secure and safe choice for archiving data.

There are many other good hosted archiving vendors that are worth a close look if you need to archive your data – and you should. Hosted archiving is safe and your data will be secure – ‘nuff said.

However, another important consideration for the use of hosted archiving solutions is the ability to store and retrieve data over the long term. For example, when I worked at SRI International, one operation in the company was going through an audit in which it needed to retrieve data from tapes that were about a decade old. The company was having difficulty reading this data because the equipment that had recorded it was no longer in use – retrieving the data was going to cost a bundle. That’s a problem that could occur for companies that manage their own data for long periods assuming that they migrate their older data to tape instead of keeping it on magnetic storage, which many do for cost reasons. Because tapes deteriorate over time, many companies find that they simply cannot retrieve very old data – assuming they still have the equipment that can read those tapes.

Even for data that is stored for much shorter periods, on-premise archival can be compromised by natural disasters, power outages, fires, floods and other problems. This won’t happen to most companies, but it will happen to enough of them to warrant taking precautions against these eventualities.

These arguments don’t mean that organizations should not use on-premise archiving – there are many very good on-premise solutions available and organizations of all sizes can be well served with an on-premise solution. But the bottom line is this: hosted archiving is safe and, with the right vendor, your data will be secure.

I played with an iPad over the weekend and was very impressed. Reflecting Apple’s robust engineering and design in just about every product it offers, the iPad is an elegant, fun and very solid device. I haven’t purchased one because I don’t believe it will offer me much that I can’t get from my iPod Touch or MacBook, but that’s beside the point. Plus, I like to joke that if the next version of the iPad offers a hinged aluminum cover – and a physical keyboard built into that cover – it really will be a killer device!

All kidding aside, though, I believe the iPad reflects what has looked for a long time like an inferiority complex on the part of Apple. The company offers hardware and software design that is second to none (albeit with a few minor exceptions) and their marketing prowess is extraordinary. Apple stores are packed seemingly just about all the time and the experience of buying, unpacking and using any Apple product is without peer. However, Apple almost seems to intentionally underdesign its offerings for reasons that are often difficult to explain. Consider:

• The iPad is clearly designed for a cloud environment and would be ideally suited to videoconferencing for mobile workers – if it had a built-in camera like all iMacs have. This is a serious flaw for those that really would like to participate in a videoconference on their patio or in an airport.
• The iPad does not support Adobe Flash, a nearly universal – and the de facto – video standard on the Web today. While there are some good technical and marketing reasons not to use Flash from Apple’s perspective, this limits the appeal of the iPad for a wide variety of applications, including some messaging tools.
• That the iPad comes with varying amounts of internal memory, coupled with the fact that it still requires a physical connection to download music and photos, indicates that Apple intends for the iPad to be semi-cloud enabled, not a fully cloud-enabled device.
• The iPad does not permit multitasking, a major drawback in my opinion. This is particularly true for people who won’t necessarily use their iPad for doing lots of work per se, but who would like to use it for simultaneous use of Twitter, email and maybe instant messaging. I suspect the iPad will permit multitasking in a future iteration – it should now.

I’d appreciate hearing your thoughts on the iPad, particularly if you just bought one.

Real-time communications is a double-edged sword: it can make people more productive and enable people to work more effectively from remote locations, but it also creates a number of new ingress points for malware, new compliance issues with which IT and LOB managers must contend, and new policy challenges that add complexity to what IT is already doing with email and more traditional parts of the IT infrastructure.

FaceTime announced today the release of Vantage, the product formerly known as IMAuditor. Vantage is designed to address the security, compliance and management requirements for a wide variety of real time communications applications, and offers a range of capabilities, including:

• Support for a number of enterprise-grade and consumer-focused real time communications tools, including Microsoft OCS 2007, Lotus Sametime, Google Talk, Yahoo! Messenger, AOL Instant Messenger and Skype, among others.
• The ability to set granular corporate policies for things as diverse as controlling how instant messaging is used on BlackBerry devices, managing ethical wall enforcement policies for Microsoft LiveMeeting and Lotus Sametime sessions, and controlling file management on a wide variety of real time communications platforms.
• Managing anti-malware and anti-SpIM capabilities when users are connected to consumer instant messaging networks, as well as zero-day worm blocking.
• The ability to monitor content across a variety of platforms.
• The ability to archive real time conservations and integrate with various email archiving and WORM storage systems.
• Management of potential data leaks through a variety of avenues, including content scanning for Microsoft Office documents sent via real time communications tools, blocking messages that contain keywords and expressions, re-rerouting consumer instant messaging conversations over internal networks, and managing the specific types of files that can be sent.

Of particular interest is Vantage’s ability to manage Skype conversations, including scanning the content of instant messaging conversations, preventing file transfers using Skype, and logging of Skype conversations. While Skype is not yet approved for use by most IT departments, according to an Osterman Research survey to be published this week it does find use in 29% of SMBs and 7% of enterprises, and so represents a potential security hole if not managed properly.

I’m really not trying to make this newsletter sound like a FaceTime press release! But I am quite impressed by the thoroughness of the Vantage approach both in terms of the number of different platforms it can monitor and manage, and in terms of the large number of features and functions that it provides. If your organization uses real time communications of any kind, I would definitely recommend giving Vantage a close look.

We're familiar with the growing threat of data leaks - sensitive and confidential information like credit card numbers, passwords, financial information, etc. that exits companies unencrypted or unmonitored through email, Web 2.0 applications or instant messaging tools.
But what about the stuff that doesn't rise to the level of a data leak, but that can still prove very damaging to your company?
What I'm referring to is content that your employees might send out using social networking or other tools that could come back to bite your company. For example, someone at a company that I follow on Twitter (not a client of Osterman Research) yesterday tweeted a link to a very derogatory blog post about the CEO of a major software company, and tweeted this under the name of their employer. The blog post discussed the eternal fate of this CEO, implied he probably had multiple mistresses, and expressed the view that he looks like the "child of Karl Rove and Stewie from Family Guy". Not very complimentary stuff no matter how tongue-in-cheek might have been the intent of the author.
Now, imagine you're a salesperson or CMO or CEO of the company that employs the Twitter poster and you're trying to work a deal with the company whose CEO was denigrated in the blog post. At best, it might be embarrassing and at worst it might kill a potential deal. In any case, it's not the kind of thing that most people would like added to the mix in the negotiation process.
This raises the question of the balance that companies need to achieve between the free speech rights of their employees, the value that they derive from letting employees use tools like Twitter and Facebook, and the potentially negative consequences from unfettered discussion in public forums.
Your thoughts?

I spent Monday at BrainShare, Novell’s annual conference held in Salt Lake City each year, although the show took a hiatus in 2009 for reasons that were primarily economic – both for Novell and for its customers.

Although the show was fairly well attended, including a mostly packed keynote on Monday morning, the show was clearly much smaller than in past years. For example, the large dining hall that served breakfast and lunch each day was replaced by multiple food stations on the show floor itself. While there were a decent number of exhibitors on floor, there were fewer than in past years. Other than Novell itself, GWAVA and IBM were two of the larger exhibitors.

On a positive note, the keynote on Monday morning presented some very interesting content (although I got there late and missed the opening portion), including a good demonstration of Novell Pulse – Novell’s real-time collaboration tool – soon to be released to attendees of BrainShare for use with up to five of their friends. Also shown was a very nifty demo of ZENworks used to demonstrate the migration of a user from Windows XP to Windows 7 – along with their data – in a matter of just a few minutes. I also attended a quite interesting session on the use of virtualization for disaster recovery using VMware ESX.

BrainShare, as always, is an interesting and informative show. This year, however, it was made all the more interesting by the undercurrent of Novell’s potential acquisition. In early March, Elliott Associates, a hedge fund operator, made a roughly $2 billion bid for the company that the company turned down on March 21. It’s likely that Elliott Associates will up its bid or Novell will be acquired by another company – one person in the know with whom I spoke on Monday afternoon is surprised that Citrix has not made a public bid for Novell given the synergy and existing partnership between the companies. Another alternative is the parceling out of the more valuable bits of Novell to various suitors. GroupWise, for example, is still making money (albeit not acquiring customers in huge numbers) and might be acquired by a company that already focuses heavily on the GroupWise space (a couple of them come to mind). Whatever, Novell does, it will likely be sooner rather than later given the company’s last year-and-a-half of declining revenue.

Personally, I am impressed by a lot of Novell’s technology and hope to see its continued development. GroupWise, for example, still has many loyal users and is a very solid messaging and collaboration platform; Novell Pulse is an interesting technology for real-time collaboration, and so forth. It will be interesting to see what happens with the company over the next few months.

Commtouch has introduced a new system, based on the company's Recurrent Pattern Detection technology, designed to help service providers identify sources of spam within their networks. The Commtouch Outbound Spam Protection (OSP) system has two primary functions: a) it blocks spam emanating from service provider networks, and b) it rapidly identifies the sender of the offending content.
OSP offers several advantages over what the vast majority of service providers are doing today, namely blocking Port 25, imposing limits on the number of outbound emails that can be sent per hour or per day, or using traditional spam-filtering technology on outbound messages. Using OSP, a service provider can pinpoint the source of compromised computers or Webmail accounts without penalizing legitimate users, and it does so with reportedly very low false positives.
While this is a new offering, it appears that it may be a significant step forward in helping service providers to address the quite serious problem of zombie computers in their network without having to use the rather heavy-handed approaches that many employ today.

Barracuda has published its annual report and provides some interesting insights into a variety of security, social network, email and other issues. Here are some of the bits I thought were particularly interesting:

• Criminals are using Twitter. In 2006, the Twitter Crime Rate (TCR) – or those accounts that were eventually suspended for malicious or similar activity – was 1.2%. by October 2009, that figure had jumped to 12%, a ten-fold increase in just three years. In fact, the figure in 2008 was only 2.2%, meaning that the TCR jumped more than five times in the space of just a year.
• The “middle class” of Twitter is the most active. The most active Tweeters are those with an average of 1,000 followers. Those with more than 100,000 followers or those with fewer than 100 tweet substantially less. This substantiates a recent Wired commentary that posited the view that when social networking audiences become too large, they become recipients of broadcast content instead of participants in a discussion.
• Much of Twitter’s growth came during the Red Carpet Era (RCE), the six-month period ending in April 2009 during which lots of celebrities joined Twitter. This period saw much of Twitter’s growth – at the beginning of the RCE, Twitter was growing at 1.95% per month, but this increased to 20% per month at the end of the period. Since that time, growth has fallen back to normal – 0.34% in 2009, about what it was at the beginning of 2008. I believe this indicates that much of the novelty of Twitter is over, and that the more serious users are beginning to exert more influence over where Twitter is headed long term.
• Twitter growth is deepening. For example, the number of Twitter users with no followers almost halved between June 2009 and now, and only 20% of users follow no one, compared to 25% in June 2009. This indicates that more people are beginning to see Twitter as a viable content source – not just as a way to find out what Kim Kardashian had for breakfast – and, for some, as a serious business tool. This is clearly good news for just about everyone that uses Twitter, since it means the tool will become a more meaningful part of users’ online experience in the months to come.

I would recommend taking a look at the report at http://barracudalabs.com/.

We have just published a major study of messaging in the small- and mid-sized business (SMB) market in North America. Here’s some of what we found:

• Interestingly, despite the fact that SaaS can reduce the cost of providing email, particularly for smaller organizations, many decision makers are absolutely against the use of this delivery model for email. Most SMB decision makers believe that in-house infrastructure managed by internal IT staff is the most desirable approach for managing email capabilities. Not surprisingly, appliances are preferred by a large proportion of SMBs – even more than SaaS services. However, many SMBs would likely or definitely deploy – or seriously consider deploying – an email system using more than one delivery model.
• The top four problems in managing SMB email systems are storage related: increase backup/restore times, growing sizes of messages, users sending large attachments, and overall growth in email storage requirements.
• Some of the more popular social networking tools are generally not perceived by IT decision makers to be legitimate. For example, Twitter is viewed by fewer than one in three decision makers to be legitimate and Facebook fares only slightly better. Even LinkedIn, a clearly business-focused social networking site, is viewed as non-legitimate by two out of five decision makers.
• Mobile platforms in the SMB space are led by RIM BlackBerry devices, accounting for a substantial proportion of end users’ mobile devices. This penetration is expected to remain steady into 2010. However, the penetration of the iPhone will increase substantially during the forecast period. Similarly, mobile phones that use the Google Android operating system are expected to approximately double in use between 2009 and 2010.
• Green computing, while certainly not dead as an issue in server, data center and other IT infrastructure planning, is probably not going to be a major factor for purchasing decisions among SMBs over the next few years. While SMBs will want to reap the benefits of green computing, such as hardware cost savings and reduced power consumption, the economics of these decisions will likely play a much greater role than the PR value of “going green”.

As I and many others have discussed before, data leaks are a fact of life when employees are allowed to use communication tools of any kind, including email, instant messaging or even the telephone. Social networking tools like Facebook and Twitter have become a key and growing area of concern for many decision makers because these tools are typically used independently of IT management or oversight.
An interesting example of such a data leak - albeit not a corporate one - is an Israeli soldier's post to Facebook about an upcoming raid by Israel's Defense Forces in the West Bank. The soldier's post, which included both the time and location of the operation, prompted the IDF to call it off. More information about the incident is available here.
This should serve as a good lesson for senior business managers, IT management and others in organizations that allow the use of social networking tools: while these tools can be incredibly useful in a business context and their use should be encouraged, unmanaged posting to these sites can result in the revelation of information you might not want the outside world to know.
Osterman Research will be publishing a white paper in March on why organizations need to focus on managing the content that leaves their organization through email, instant messaging systems, social networking tools and other systems.

Social networking tools like Twitter, Facebook, LinkedIn and a growing variety of other Web 2.0 tools offer a number of benefits: they allow you to monitor trends among customers and prospects, they provide a vehicle for low-impact marketing, they can give your key people a presence as thought leaders or industry gurus, and they provide a channel to communicate with individuals that might not otherwise hear your message.

But these tools also have a number of downsides: every employee that tweets or posts or recommends using one of these tools becomes your company’s de facto spokesperson – whether you like it or not. An employee can inadvertently divulge confidential or sensitive information in violation of corporate policies, regulatory obligations or legal counsel’s advice. Plus, social networking tools carry with them a key problem that consumer-facing instant messaging clients have always had: as capabilities that users initiate, those users define their online moniker and how and when the tools are used.

There are a number of things that IT can do in response to the problems posed by social networking and other Web 2.0 tools:

• Block their use (good luck with that).
• Implement policies about acceptable use. This is a good and necessary first step, but it won’t solve much of the problem.
• Pre-review tweets and other postings. This provides IT with lots of control, but negates the timeliness of posts and requires enormous IT and/or compliance resources to manage properly.
• Implement lexicon-based or other policy management tools that will scan outbound content for violations. This is a useful approach, but can lead to false positives and it misses certain types of content, particularly whn usrs r tryng 2 stay under 140 chars.
• Archive all content that is sent to social networking sites. This is a good approach because it can capture all content and make it available for review, legal discovery and regulatory compliance audits, despite the fact that it does represent an extra expense for IT.

LiveOffice has just announced Social Archive, a solution designed to archive content from social networking sites. The solution archives this content and also makes it available for monitoring, discovery, audit and other purposes. This is a necessity in the financial services industry, particularly in light of FINRA’s Regulatory Notice 10-06 that defines the regulator’s position on the use of social networking tools by registered representatives and others. However, archiving social media content should also be a consideration by those in less regulated industries as a best practice to monitor for inadvertent data breaches and other communication that might not be considered acceptable according to corporate policies. It can also be useful for things like e-discovery, since there will be an increasing number of discovery efforts in the future that will require production of social networking content.

On February 22nd, Iron Mountain announced that it had acquired archiving vendor Mimosa Systems for $112 million – 5.4 times Mimosa’s 2009 revenues of $20.6 million.

The acquisition is an interesting one on a couple of levels. First, Mimosa Systems is a very solid archiving vendor, one of the leading players in the email archiving space, despite the fact that the company was not yet profitable (it had a bit more than $32 million in expenses in 2009). The company also offers archiving capabilities for SharePoint and other electronic content, as well as e-discovery, .PST archiving and disaster recovery solutions. Mimosa was fairly well funded, receiving $34.5 million in venture capital funding by April 2008 and another $17 million from various sources through January of this year.

Second, the acquisition is interesting because it bucks the trend in which hosted archiving vendors have been the prime acquisition targets (Fortiva, ZANTAZ, MX Logic, MessageLabs, FrontBridge, MessageOne, etc.) By acquiring Mimosa, Iron Mountain now has a very solid player in the on-premise archiving space and a broader range of offerings for archiving customers. Plus, it gives them the opportunity to provide a solid hybrid offering, a trend that we think will pick up steam over the next 24 months.

The acquisition price was certainly not high by historical standards. For example, Veritas bought KVS for $225 million in 2004 and EMC bought LEGATO for $1.3 billion in 2003. However, given the size of Mimosa’s substantial customer base, coupled with a still soft economy, the value of the deal was not at all bad for either company.

One of the traditional difficulties of business travel has been not having access to files when you need them. You can take key files with you on a USB stick, but reviewing a proposal or making changes to a document, for example, can result in confusion about the latest version of a file, making changes to an old document, etc. One of the ways around this is the use of online productivity applications, such as Google Docs, that permit access to the latest versions of every file because they are on the Web and not on a desktop machine or in some other location that might be inaccessible. However, for those that still rely heavily on traditional, desktop applications, there are several Web-based file synchronization tools that allow your content to be automatically available on every platform you use.

I have used two such solutions, SugarSync (http://www.sugarsync.com) and Dropbox (http://www.dropbox.com), and have generally favorable impressions of both:

• Both tools provide very easy setup: you install a small footprint application on your “home” computer and define the files and/or folders that you want to synchronize across your other computers. You can then set up as many other platforms as you’d like, such as your notebook or home computer, installing the same application on each.
• SugarSync is a bit more flexible in defining content to synchronize, since you can specify any file or folder on your computer; Dropbox requires a specific folder into which you move the content you want to synchronize (although the SugarSync capability is a planned feature in Dropbox).
• After the initial synchronization takes place (which can take a few days depending on the amount of data you’re copying and the speed of your connection), all of your files are available in the cloud. When you connect with your remote platform, all of the files that you’ve identified on your home computer are downloaded.
• From that point, synchronization is automatic – update and save a file on any platform and the file is copied to the cloud. The next time you connect with any other platform in your network, any changed files are automatically downloaded. All of your files are also available in the cloud, accessible via any Web browser.
• One of the nice features of both SugarSync and Dropbox is that they work with both Windows and Mac platforms (which I really appreciate because I use both platforms), although Dropbox for the Mac is still in beta mode as of this writing. Dropbox also has a Linux version and supports the iPhone; SugarSync does not support Linux, but supports the iPhone, BlackBerry, Windows Mobile and Android platforms.

As noted, I have used both tools and generally have had good experiences with both. That said, I have had some problems with SugarSync, such as its automatically appending more than 2,000 files on my Mac with “(from [computer name])” – an annoying, but relatively harmless problem. Dropbox has caused a few problems, as well, such as creating multiple copies of a file because it perceives a conflict between file versions. On one occasion, this led me to send the wrong draft of a white paper to a client, which was a bit embarrassing – I attribute the versioning problem to the fact that Dropbox for the Mac is still version 0.7+.

Bottom line: I would recommend either tool, but lean slightly toward SugarSync because a) it is out of beta on the Mac, and b) it provides greater flexibility in terms of the content that you want to synchronize.

IT managers, CIOs, CTOs and others make technology decisions about a wide variety of solutions that impact how we work: email, archiving, encryption, collaboration, managed file transfer, Web 2.0 applications and so forth. Decision makers take into account the features and functions these systems will provide, how they will mitigate risk, how they will boost productivity or how they will boost revenue.

However, I believe that a key missing element in the analysis of what will work and how much it will cost is how (or even if) it will be used. This is simply because a key determinant in the success of many technology solutions is the existing culture of the corporate environment. For example:

• If you deploy a corporate collaboration system based on social networking that allows employees to share information through Twitter-like capabilities, blogging and the like, but your corporate culture rewards employees for hoarding information, the collaboration system will have little impact and might actually be resented by some.
• If you deploy easy-to-use, manual encryption capabilities for your employees, but do not make it easy for your employees’ recipients to receive and open encrypted emails, few will send encrypted communications.
• If you want to alleviate the burden of large attachments sent through email and improve the security of your content by deploying a managed file transfer system, it will be necessary to make this system about as easy to use as email. However, if a file transfer system is cumbersome and disruptive to normal workflows, it simply won’t be used.

The key, therefore, is to examine technology solutions in light of the existing corporate culture to see what will be used and what employees will simply ignore. Corporate edicts of “thou shalt use” the new technology are unlikely to work – employees will typically find workarounds that will negate the value of the investment in the new technology. Instead, corporate culture should be the first thing that decision makers review in light of a) the current state of the culture and b) where they might like it to be. For example, if productivity and the bottom line will be improved by employees sharing information, they must first develop a corporate culture that rewards people for sharing information, working in teams, developing communities of content sharing and the like – and then deploy solutions that will enable that to happen.

Deploying technology first and hoping corporate culture catches up rarely works.

I originally wrote this for Network World Fusion back in July 2008, but thought it would be timely for presentation again:

There’s a lot of talk about unified communications – the integration of email, voice, fax, video, presence-enabled applications like instant messaging, collaboration tools and other capabilities into a unified system that can be accessed through a single interface. But what if we look 10 years down the road and examine the characteristics of a truly unified communications system? Here are my thoughts on what that might look like:

Instead of having multiple email addresses, instant messaging handles, phone numbers, etc., each of us would have just a single address – either an email address as we have today or a phone number. To support this, we would have a powerful directory system that would be populated with information on all of our various modes of communication – published and unlisted phone numbers, email addresses, instant messaging handles, etc. – as well as detailed information on our preferred methods of communication based on time of day, day of the week, presence status, travel status and, perhaps, even our current mood based on biometric sensors at our desk or on our mobile device. For example, based on my presence information, when I’m out of the office on business travel I may prefer to receive a communication from a business associate as a text message on my mobile device. However, if that communication were urgent, it would then be converted to a voice call for both the sender and recipient so that a real-time conversation could take place. If that communication took place on a weekend, a normal message might be sent to my email client, but an emergency message might go to my home number. The bottom line is that the sender does not know how to reach us – he or she simply sends a message to our only address and we, using a sophisticated directory system, decide how and when to receive these communications.

The interface for such a system, I believe, will look more like social networking tools we know today than traditional email clients. For example, in Facebook I can receive emails, view the presence status of others in my network and obtain other relevant information all from a single interface.

Further, such a system would learn from my behavior and would be tightly integrated with a variety of Web services. For example, instead of having to set up an autoresponder in email when I’m gone to a conference, the system would know my travel plans and automatically enable and disable the autoresponder.

I’d like to get your take on this: what do you think unified communications will look like 10 years from now. Please send me an email with your thoughts.

Michael Sampson is an industry analyst who for many years has focused on collaboration practices and technologies with an emphasis on how distributed teams can work together more effectively. He is on my short list of most respected analysts in the collaboration space. Recently, he graciously sent me his new book, SharePoint Roadmap for Collaboration. I would highly recommend it for anyone that is using SharePoint, considering it, or just needs to get up to speed on how collaboration technologies from any vendor can be used more effectively.

In the book, he discusses his “7 Pillars Model for Team Collaboration”, a framework that he developed in 2005 for evaluating collaboration technologies without the vendor-bias that can sometimes be present using other methods to evaluate them. Michael offers a frank assessment of SharePoint in the context of these seven pillars, giving it a pass or fail grade for each.

I won’t give away his ratings for SharePoint on each of the pillars, since I really think you should invest in this book, but Pillar 5: Social Engagement is of particular interest to me because of its impact on corporate culture and the way that distributed teams work. Michael’s assertion, with which I agree, is that collaborative technologies that are made available to teams of distributed co-workers should have a) presence and availability information for each team member made available to all other team members, b) the ability to interact in real time, and c) personal blogging capabilities. The goal is to recreate, as closely as possible, the typical office environment in which people can interact by walking down the hall, schmooze at the water cooler, overhear others’ conversations, and so forth. The goal of recreating this environment is that information of a less formal nature can be shared by all team members, allowing them to use this information for the advantage of the team and allowing them to interact on an ad hoc basis whenever they are available to do so. Michael points out that SharePoint by itself does not offer all of these capabilities, but in conjunction with OCS 2007 these capabilities are available.

While SharePoint Roadmap for Collaboration is focused on SharePoint and users of that offering will derive the greatest value from it, it also offers some valuable insights for organizations that are focused on other collaboration offerings. Given that collaboration is a major thrust at IBM with its growing set of excellent offerings focused on real-time communications, Web conferencing and social interaction; and that Novell is also pursuing this focus with its innovative Pulse offering, as are other vendors, Michael’s book is definitely worth a read even if SharePoint is not your immediate interest.

Michael can be contacted at michael@michaelsampson.net.

Without doubt, the Apple iPad is an extremely cool device. Watching the video on their Web site, I would definitely like to have one.
But where does the iPad fit for business travelers? Here's my two cents:

• If I was going on a day trip and had no plans to do any writing of more than a few paragraphs, a Wi-Fi-enabled, 3G-enabled iPad would be a great device for checking emails, watching a video or reading a book on the plane, writing a short blog post, etc.
• If I was visiting a client and wanted to make a presentation, the iPad would also be a great device.
• However, if I was traveling overnight or longer, would the iPad be my device of choice? Maybe, but answering 50 emails would likely be more difficult than on a laptop or netbook. Writing multi-page reports would be even more difficult.

Admittedly, I have not held an iPad and can't evaluate its virtual keyboard more thoroughly. However, I'm not sure I would want to lug around both an iPad and my MacBook Air on a trip. (That said, I will probably end up getting one at some point.)
So, where do you think the iPad will fit for your business travel?

Why do we have an office? For must of us, it's so that we can have a physical location in which to receive and send emails, make calls, access files, visit Web sites, write documents, build spreadsheets and tweet.
We're all familiar with the ubiquitous "out of office" messages that are the automatic response to emails received when we're physically out of the office - we create them when we're physically removed from our office. But, in an era in which our notebooks and mobile devices can receive and send emails, allow us to make calls, access files, visit Web sites, write documents, build spreadsheets and tweet, what does an "office" really mean? Not much. With unified communications systems that build on all of these capabilities, an office means even less.
So why do we still use "out of office" messages?

The Financial Industry Regulatory Authority (FINRA) has issued a regulatory notice that provides its guidance on how registered representatives should use, and how their firms should manage, postings on social networking sites and blogs. Here are some highlights:

• Firms must preserve the communications sent through social networking sites relevant to broker-dealers' business dealings. SEC Rules 17a-3 and 17a-4 and NASD Rule 3110 apply to these communications.
• A securities recommendation made through social networking tools must be "suitable for every investor to whom it is made". NASD Rule 2310 applies here.
• Firms must supervise relevant employees' electronic communications, including those posted to blogs and social networking sites. NASD Rules 2711(b)(3)(A), 3110(j) and 3070(c), and NYSE Rules 472(b)(3), 410 and 401A may apply here, depending on the type of communication involved.
• "Firms must adopt policies and procedures reasonably designed to ensure that their associated persons who participate in social media sites for business purposes are appropriately supervised, have the necessary training and background to engage in such activities, and do not present undue risks to investors."

The bottom line in this notice is that social networking tools - Twitter, Facebook, blogs, etc. - are fundamentally no different than the other types of electronic communication tools on which FINRA and the SEC have previously imposed requirements. Communication using newer tools must be supervised, managed and archived just like email and instant messages have been for years.
You can read the notice here.