Wednesday, November 4, 2015

The Case for Non-Persistency

"Never write if you can speak; never speak if you can nod; never nod if you can wink."
-- Martin Lomasney, Massachusetts state senator

We have collaboration, we have enterprise file sharing, we have enterprise content management systems. It’s secure, efficient, and compliant. Yet, most collaboration is still done using email. Why is that? What does email have that all the collaborative software doesn’t?

What all these tools have in common is that they are persistent. The messages, comments, and documents that we create and share as part of collaboration are meant to remain preserved in the repository for a long time. And, for a good reason. They are part of the organizational body of knowledge, the corporate memory, that can be leveraged by the entire organization today and in the future. Often, there are also compliance reasons that stipulate persistency, sometimes even requiring us to turn all collaboration artifacts into formal records.

Photo: Flickr
But this persistency has a side effect. For one, employees often refuse to commit to bits the communication that they don’t want anyone to forward or discover. No, I don’t mean any politically incorrect jokes or some corporate sexting. I mean useful, productive communication in the form of feedback, opinions, advice, or critique that are often only shared in person. That’s why a lot of this communication either doesn’t happen at all or happens via SMS text messages and consumer instant messaging tools outside of IT control.

Another problem of persistency is vulnerability. That’s the benefit that Snapchat exploits so well when they say that delete is the default. Persistent information can be leaked or hacked. Information that has vanished because it was non-persistent, can’t. Many consumer companies have recently learned a tough lesson when their customer database has been hacked and the customer data has been leaked. If the data wasn’t persistently stored in the database, it wouldn’t have been leaked.

The other side effect of persistency is the added burden on employees. When you are saving a document in a repository where it may be shared with other people, you have to save it responsibly. Responsible collaboration means you have to think about where you save it, what you name it, decide with whom you share it, specify access permissions, assign metadata, add an expiration policy, and perhaps even classify it as a record. If you don’t do that, you are not collaborating responsibly because the organization won’t be able to get much benefit from what you are sharing.

Sure, some of those tasks can be automated and there is an entire industry trying to solve that problem. But some of the steps can’t be and that makes it a hassle. That’s why so many people just email the document to those they need to collaborate with right now. With email, we are free to collaborate irresponsibly -  we don’t need any of that metadata or policies, we don’t even have to name the document. All we need is just to click on Reply to All.

Email is not exactly non-persistent but it seems that way. Sure, some of us might be aware that the emails live on a server somewhere and some might even know that their IT department archives all emails for possible litigation and compliance purposes. But that’s only preventing us from engaging in irresponsible behavior, not in irresponsible collaboration.

There is one more burden that persistency creates. It creates clutter. The more sharing of documents and comments, the more clutter that is being created. If the collaboration artifacts remain persistent, the volume of documents, folders, messages, and comments just keeps growing and growing. Pretty soon the repository becomes difficult to navigate and nobody can find anything anymore. The corporate memory becomes a digital landfill, denying the organization the benefit of future reuse.

In fact, non-persistent collaboration is a gap in the collaboration market. We need a solution where a few people can quickly come together in an asynchronous way and just share, review, comment, and edit information. It could be a single document, a collection of images, or just an idea in the form of a sketch. After the collaboration is concluded, the initiator can decide whether the result should be moved to a persistent area or just leave it upon which it would vanish. The versions, comments, and messages would all vanish too.  The vanishing could be timed or immediate and it would always be the default behavior. Any move to persistence would have to be deliberate and it would notify all participants.

I am not aware of any commercial offerings providing non-persistent collaboration today but they might exist. I know that the US military has been using such a solution in the past, perhaps they still are. Obviously, the security aspects of non-persistency have a great appeal for a security sensitive organization like the military. I should probably also mention Snapchat again here. It is not exactly a commercial offering but it certainly has made a mark with its non-persistent messaging.

Would such non-persistent collaboration finally replace email? Maybe. Probably not. If I had a penny for every time someone declared email for dead… But it would address a gap in people’s needs. I know it goes against the grain of every corporate legal counsel and chief compliance officer but non-persistency would make us more productive.

Thursday, April 2, 2015

They Should Be Business Tools

A few weeks ago, Google decided to quietly sunset Google Glass. They never said it publicly and in fact they might be considering another strategy for the device, but by all measures, Google Glass as we know it has failed. There are many theories for the reasons of this failure ranging from privacy concerns to the lack of social acceptance for walking around with geeky glasses. My theory is that the failure may be related more to the $1,500 price tag as consumer gadgets are simply not supposed to be that expensive.

Sergey Brin wearing Google Glass
That’s perhaps really the problem. Google Glass was certainly too expensive as a gadget for consumers but it likely wouldn’t have been too expensive as a business productivity tool. Most companies wouldn’t have a problem with the devices price, particularly with the customary volume discounts, if it demonstrated tangible benefits.

I can think of numerous business applications for Google Glass – from instructions while operating or repairing complex machinery, to patient records during surgery, to production data on the assembly line and supplier data in the warehouse.

But none of that was ever a priority apparently. Instead, Google put all their efforts into marketing Glass to consumers. The consumers may represent a greater opportunity in terms of volume but the enterprise market may represent a greater opportunity to optimize revenue. Just ask Microsoft.

There have been other technologies that I thought would have benefited from this strategy. Microsoft Kinect for Xbox comes to mind. While popular with gamers, the novelty of gaming via full body motion control is now wearing off. Let’s face it, most gamers want to shoot at aliens while sitting on their sofa and the Kinect is not the optimal weapon for that.

I would have hoped that we’d see Kinect being used in business – the repair technicians with oily hands reviewing designs, foremen at construction sites reviewing blue prints, surgeons with sterile hands reviewing patient records, farmers with dirty hands, lab technicians working in gloves – there are many use cases for gesture-based interaction.

When gestures are not practical, voice-based interaction might be appropriate. This is another technology that might have a greater application in the professional world than in the consumer space, at least given the current state of voice recognition. While the consumers relish in finding out the shortcomings of the still relatively new technologies such as Apple Siri or Amazon Echo, the business use cases may be more feasible. The business vocabulary is more precise and predictable, particularly in the given context. Professionals usually have to learn their business vocabulary as part of their job training and that makes it easier and less ambiguous.

Consumers usually resort to calling a company’s 800-number only after they failed to accomplish something online. At that point, we are exposing the already frustrated consumer to a voice recognition system that is far less mature than the web site and expect it to deliver a great experience. People usually don’t call in to do something that can be done with a smartphone app – like to check their account balance. In the business world, on the other hand, users are already trained to use a fairly precise language and their voice commands are usually in the context of a specific data set or business process.

I need the Q3 revenue data for Europe broken down by product group” is much easier for a machine to understand and act upon than: “I want to buy a companion ticket for my spouse using my miles to match an already issued ticket purchased by my employer”. This relatively common task requires many additional data points - ticket number, flight numbers, account number, name and DOB of the traveler, seating preferences, credit card number, etc. – and that is very difficult for a voice-driven system to piece together.

Apple Watch. Yes, I want one!
A few weeks ago, Apple launched its new Watch. By all measures, it is already a success even though it won’t ship for another few days. The demo by the Apple team was very impressive and the press reviews are glowing. I have no doubt that the Apple Watch will become a success. But I wonder about the practical use cases of the Watch for consumers. So far, most wearable devices have focused on fitness but that market is very saturated already. The serious athletes will be hard to separate from their specialized Garmin, Timex, and Suunto watches. The hobby athletes are well served by the Fitbit, Jawbone, and Nike Fuel fitness trackers or they simply keep using their smartphones.

I can’t help but to wonder about the business use cases for the Apple Watch. There are many possibilities – approving process tasks, participating in simple collaboration activities, delivering business context-relevant information, etc. Smart watches are looking for a killer app and sharing your heartbeat is probably not it.  I suspect that we could find it sooner in business rather than the consumer space. 

Google Glass page on March 31, 2015

Monday, March 23, 2015

Business Process – the Future of ECM

This is a blog post that summarizes the presentation I delivered on March 19 at the AIIM Conference 2015. The link to the presentation slides on SlideShare is included below.

For years, enterprise content management (ECM) solutions were adopted primarily for two main use cases. The first was to achieve compliance, and many early adopters of ECM continue to successfully use it to address various regulatory requirements. Compliance provided functionality for records management, archiving, and information governance. A while back I wrote a blog post titled What Features Ensure Compliance? that elaborates on the functionality required for compliance use cases.

The second use case was around team effectiveness with functionality such as collaboration, document sharing, and social capabilities. Collaboration is subject to frequent changes in direction as every new technology promises an easier and more compelling user experience—from mobility and social software to file sync-and-share. The frequent feature churn in the collaborative use cases doesn’t go well with the compliance requirements that often need the system to remain unchanged for several years (validated environments, anyone?).

ROI and Dependency on the User
Not only were the two primary use cases not really well aligned in their feature requirements, they had two additional challenges. Neither use case provides a very strong ROI. Sure, we marketers always calculate the savings in storage and government fines that compliance solutions help you avoid. But let’s face it: preventing penalties is not exactly a hard ROI and storage is cheap (or at least everybody thinks it is). The collaborative use cases are even worse—measuring the ROI here is fuzzy at best and often impossible.

The second challenge was the dependency on the users to do the right thing. For the compliance use cases, users were expected to diligently file their documents, weed out their inboxes, type in the metadata, and apply the right retention policies. Obviously, users are not very consistent at it, even if you try to force them. In the case of collaboration, users were expected to share their documents openly with others, comment in a productive way, and stay away from email and all the other collaboration tools around them. As it turns out, this type of behavior very much depends on the culture of the team—it works for some, but it will never work for others. The adoption of any collaboration solution is therefore usually very tribal.

So, is there any hope for ECM? Can we get an ROI and get employees to use it without someone watching over their shoulder?

ECM: Part of the Process
As it turns out, there is a third type of use case emerging. It is the use of ECM as part of a business process. Business processes are something people already do—we don’t have to force anyone. That’s what companies and working in them is all about: everything we do is part of a business process. Business processes are also important, relevant, and very measurable. There is an ROI behind every business process. Every instance of a business process includes the context, which can be used to populate the metadata and to select the right policy automatically. Business processes can handle the automation of content management and don’t have to rely on the end user to do it.

But business processes don’t live in ECM. Sure, the process artifacts usually reside in a content repository, but it would be a stretch to claim that the entire business process happens in an ECM application. Nor does it live in the BPM application, even if that application may be the primary application for some users. In fact, there is usually a master application from the structured data world that rules the business process: enterprise resource planning (ERP), customer relationship management (CRM), product lifecycle management (PLM), supply chain management (SCM), etc.

That’s why it is important for ECM to connect with the master applications through the business process. This is not just a simple way to link data sets or to hand over data from one system to another. Using modern, REST-based technology, it is possible to achieve integration that goes much deeper and involves users, roles, permissions, classifications, and of course the user experience.

Deal with Content Chaos
ECM addresses some very important problems that every organization has to deal with. Given the volume and relentless growth of content in every enterprise, it has to be managed. Yet ECM struggled to be adopted widely because of lack of tangible ROI and a difficulty to attract end users. Tying ECM to a business process through a master application addresses these challenges. It may not solve every problem with content in the enterprise and there will still be content outside of any business process, but it will go a long way to dealing with what AIIM calls “Content Chaos”.

Monday, March 9, 2015

Is It Time to Revive Knowledge Management?

This blog post has been originally posted on the Big Men on Content blog:
Back in the 90s, Knowledge Management was being heralded as one of the best use cases for content management. The goal of Knowledge Management was to effectively capture and reuse an organization’s knowledge. That’s a lofty goal and it’s not a surprise that most Knowledge Management failed miserably.
There were many cultural, organizational, and process reasons for the failures of Knowledge Management but one of the main reasons was the technology.  Back in the 90s, the technology to capture, manipulate, share, and reuse content was still in its infancy. In fact, most vendors indirectly admitted as much when they stopped marketing Knowledge Management as one of their offerings.
But the customers haven’t given up on it.
In fact, I keep running into customers and prospects with “Knowledge Management” on their business cards. And, rightfully so! There are some major demographic related issues that drive the demand for Knowledge Management.
Many customers I meet face the problem of an aging workforce. According to the Bureau of Labor Statics, there are numerous industries with a median workforce age over 50. I’ve seen organizations with an average workforce age over 55. In fact, the Stanford Center on Longevity predicts that by the year 2020, the 55+ years old workers will represent 25% of the workforce!
This is a workforce that is not Internet natives. They are not millennials. They didn’t grow up digital. A lot of their knowledge and expertise is not in a corporate repository. It is in the decades of notes stored on paper and in their heads. In a few years, those employees will retire and their knowledge will leave the organization. Often, this knowledge is mission critical and it has to be captured, processed, shared, and reused.
Does that sound familiar?
Yes, that’s exactly what Knowledge Management is supposed to be all about. Knowledge Management is needed more than ever before and, finally, the technology has advanced mightily since the 90s. Today, our ability to capture information in the form of paper, voice, images, drawings, video, and other content is very powerful. So is our ability to ingest, index, and manipulate the content. We have structured and unstructured data analytics which help to make sense of all that information. Finally, we have compelling responsive experience, mobile devices, and cloud environments that help us share and consume the information effectively.
Knowledge Management is needed and increasingly, Knowledge Management is possible. Maybe, it’s time to start promoting Knowledge Management again. Because this time, it might actually work.

Friday, February 6, 2015

Could ECM Have Prevented the Sony Hack?

This blog post has been originally posted on the Big Men on Content blog:
There were hundreds of data breaches last year but Sony Pictures won the prize for the most publicity received by a hack. Mostly that publicity came about because Dennis Rodman’s friends got to watch The Interview before any of us. Like the President of the United States said, we can’t tolerate that. We must prevent such cyber-attacks.
But how?
According to the media coverage, most of the stolen data was in the form of structured data such as employee salaries and social security numbers but also emails, documents, movie scripts, and video files – even entire full-feature movies. Over 100 terabytes of data have been allegedly stolen and a lot of it was unstructured data, content. From the little information we have about the hack, no ECM system was in place and the content was stolen from servers and employees computers running Windows. ECM has always been claiming to have the ability to ‘secure’ content, right?
So, would ECM have prevented the Sony hack?
Let’s assume that it really was a hack – a malicious data breach by external actors rather than an internal security leak. An Edward Snowden scenario would have been a whole different ball of wax. But if the bad guys came from the outside, could ECM have prevented the Sony hack?
ECM could have certainly helped by securely archiving the content files and email messages, keeping them off the user drives, and expunging them as their retention period expired. Culling the email volume would have reduced the number of sensitive and sometimes embarrassing emails that were hacked and exposed. It wouldn’t solve the problem entirely but it would have helped. Getting rid of unneeded and potentially compromising data is one of the best practices of information governance solutions based on ECM. Well organized ECM repository and processes would have kept at least some of the sensitive content off employees’ hard drives.
Next, let’s consider permissions. Many of the stolen files were allegedly swept off file servers, which likely had little or no permission control. An admin level access gives a hacker the master key to the vault. Permissions provided by an ECM system would make things much more difficult for the hackers. Sophisticated permissions often allow administrators or even curators to do their job without having the rights to access the content itself – no master key. That would have helped a lot.
How about security features? I’ll skip over the authentication, SSL, VPNs, and other perimeter security that is not specific to ECM – most ECM systems do this but so do other applications. I’m skipping over virus checker and malware detection for the same reason – those were clearly not in place or ineffective in the hack but they are outside the scope of ECM. By the way, a two-factor authentication and a good firewall would have helped too – chances are they had some of it and it was hacked.
The ECM specific security would include repository level encryption and possibly also file level encryption. The repository level encryption is big – many customers use it, it doesn’t burden the users, and it does represent another layer of security, which could have prevented some of the data theft.
File level encryption provided by a rights management system is also a capability that some ECM vendors provide. But let’s be honest, most customers don’t use it as it imposes a significant burden on users and impacts their productivity. That said, having to break the encryption of every file would provide as much security as one can get these days.
I should also mention the audit trail, which by itself doesn’t prevent any data theft but it does help the forensics after the fact. Tracing back the hack helps to assess the damage and more importantly, to prevent it from happening ever again. The Sony hack apparently occurred over several months. A good audit would have discovered the breach earlier and prevented some of the data loss. ECM systems are well known for their sophisticated audit trails and I bet Sony now wishes they had it.
So, to sum things up, an ECM system could not have entirely prevented a data breach like the Sony Pictures hack. No system can. But it would have provided several additional layers of security to protect the intellectual property better and the result of the hack would have compromised less data. Every security layer makes things more difficult for the bad guys and it slows them down. That’s what security is all about – both in the physical and in the digital world.

Wednesday, January 7, 2015

The Need for Content Curation

This blog post has been originally published on the Big Men on Content blog. 
Most content libraries start great. You pick a repository, populate it with some initial content, include decent metadata, establish ways for people to add more content, set some expiration policies, and voilĂ  – you have your sales library, your marketing assets library, or your library of product information.
The library is easy to use and navigate. It was built by a small group of people who had a clear, shared concept of how to organize it. The users can find what they need and everybody is happy. We have another content management success story under our belt!
Now, let’s fast-forward a few months. People are regularly contributing additional artifacts to the library and the library’s growing. The team that has built the library has moved on to build something else. But that’s OK; they have done their work. The library is still well organized and everyone can find what they need, when they need it. This is content management at its best. Everybody is still happy.
A couple of years later, the library has grown substantially. Nobody really remembers the original structure or how content was to be stored, tagged, and classified. People are saving artifacts based on their view of the structure and everyone has a different view. Nobody has time to add proper metadata to content assets – most content is stored without metadata or with “lazy” metadata. The original project team has had the foresight to set default expiration rules for content but when content assets come up for review, there is no time for it and everything is being kept without ever deleting anything.
The library is no longer well organized. Nobody can easily navigate it and every search yields pages and pages of results. Hardly anyone is happy with the library. The library is now seen as this dreaded place where content goes to die. The users need something better to be productive. They need something simple, easy to navigate, not this bloated repository full of junk. The business blames IT and IT blames the vendor.
Eventually, they decide to build a new library…
What has gone wrong? Well, it wasn’t the content management system, no matter which vendor you chose. It was the process. More precisely, it was the lack of process. The library was built without a content curation process in place. Curation would ensure that somebody decides what to keep in the library and what not. Curation would also ensure that every new artifact is added the right way – in the right location and with the right metadata. Curation would also ensure that the structure, rules, metadata, and policies are evolving to keep up with the changing requirements of the organization.
Some of the curation processes can be automated and some of them may require manual work. But without curation, a successful content management deployment can quickly become a digital landfill.

Wednesday, December 31, 2014

My 2014 Predictions Scorecard

Just like every year, I review my predictions from last January and publicly score how well I did. After all, predicting the future without accountability is something only a futurist would do. Futurist is a cool job if you can get it. It’s fun just like a historian, except you can’t be confronted with any actual facts. Well, I’m not a futurist and so this is how I did:

1.     Big Data shifts to Big Content
I predicted that the industry would get tired of talking about ‘big data’ and that we would start looking for insights coming from ‘big content’, large volumes of unstructured data. Well, this has really happened, even if the term itself isn’t used much. The media got tired of ‘big data’ and replaced it pretty early on in 2014 with new buzzwords such as the Internet of Things (IoT) and – yes! – Analytics. Analytics refer to the ability to get insight from unstructured data, in contrast to Business Intelligence (BI), which is primarily focused on structured data. Ever heard of IBM Watson? Well, that’s all about analyzing large volumes of content.
Score: 1 out of 1

2.     ECM stays
I predicted that the term Enterprise Content Management (ECM) will survive another year unscathed, even though many voices will keep calling for its demise. Not only has ECM survived, I find that it’s stronger than in the last couple of years. Many of the vendors from adjacent industries such as Enterprise File Sync and Share (EFSS) and Capture are reinventing themselves as ECM wannabes. As the market is consolidating, the term ECM seems to be one of the constants.
Score: 2 out of 2

3.     BPM market looking for direction
I predicted that the BPM market would continue looking for a something new. It still is. I was at the Gartner BPM Summit just a couple of weeks ago and among the 20-30 sponsors, hardly anyone stood out with their ability to differentiate. I have further predicted that BPM will become a feature of other solutions. That hasn’t exactly happened yet, even though I have not seen many BPM deployments lately that didn’t involve a repository and one or more core applications. Yet the BPM market remains solidly an independent market for now and I can only give myself half of a point here.
Score: 2.5 out of 3

4.     Digital marketing meets compliance
I have predicted that amid the consumer security and privacy pressures, marketers will start paying more attention to information governance and data security. I was completely wrong on this one. While there has been a security breach story every week through 2014, still nobody cares about consumer privacy and data security. The last of all who will ever care are apparently the marketing departments. #Fail.
Score: 2.5 out of 4

5.     Mobile market
I’ve predicted that not much will happen in the mobile market with iOS and Android keeping their massive share while Blackberry remains stagnant. I have also predicted, though, that Microsoft will enjoy a substantial adoption of their Surface tablets, reaching 10% share of the tablet market. Why did I ever make a quantifiable and verifiable prediction? The market stayed about the same, with Apple and Google far ahead of anyone else. The Surface gained a lot of adoption and I see a whole bunch of them now when I travel. Yet, its market share according to Statista was only 5.7% in Q3/2014 - not quite enough for 10%. Still, I think that I deserve half of a point here!
Score: 3 out of 5

6.     Spying will continue
I predicted that we wouldn’t see any material changes in legislation or any proof that the NSA would change any of their data collection practices as a result of the Snowden leaks. Indeed, nothing changed. We have moved on, accepting the spying the same way as we have accepted security controls at airports. Life sucks a little more but not enough to take it to the streets.
Score: 4 out of 6

7.     Data privacy will become the new code of business conduct
Yes, yes, yes. This has happened. As I have predicted, many companies started putting their employees through mandatory security and data privacy training classes. Just like in the case of the code of business conduct training, the primary goal is to reduce corporate liability rather than to address the actual problem - which may or may not be even possible. Anyway, I call it progress towards security awareness and get a point here.
Score: 5 out 7

8.     The end of corporate social software
I’ve predicted that most companies will give up on building a generic social water cooler and that they will simply replace social software with file sync and share. This happened – since sharing files is apparently the highest level of collaboration most employees are willing to endure. I’m not sure anyone even mentioned enterprise social software at all in 2014. Pure play vendors continue disappearing with some of the once-leaders going through major shake-ups including CEO replacements (i.e. Jive) and company re-branding (i.e. Newsgator – now Sitrion).  Just like I have predicted, social software became a feature. What’s even more interesting is that the traditional collaboration software and – gasp – e-mail are going through a renaissance with a new breed of solutions such as Google Inbox and IBM Verse.
Score: 6 out of 8

9.     Cloud will go through a reality check
2014 has become a year of reality check for cloud software vendors. The big event that I predicted would come was Box when they filed their now fabled S1 document with the SEC. The filing exposed an alarming and widely unexpected disregard for profitability. The market gasped in unison and Box was forced to postpone their IPO indefinitely and we haven’t seen any other cloud vendors rushing to disclose their numbers. As a result, things have certainly cooled off a bit on the venture-funding front and people are all of the sudden asking those pesky questions about monetization, cash flow, and (oh dear!) profits. That said, we haven’t seen an actual failure of a cloud vendor and nobody is worried about viability of any of the cloud vendors who are now safe-guarding our corporate data. So in all fairness, I don’t deserve a full point on this one.
Score: 6.5 out of 9

10. Cars will beat wearable devices
I’ve predicted that wearable devices would not be a big hit in 2014. That has happened – Google has effectively killed its once-hyped Glass, Apple failed to ship the Apple Watch (though I still want one), Nike did something stupid with the FuelBand and not much new happened otherwise. That said, I have also predicted that more attention would be paid to the user experience in our cars, which didn’t happen at all. While everyone continues drooling about the Tesla, nothing new happened in the auto sector, not even at Tesla. That’s too bad because most car manufacturers still believe that better user experience means dark wood interior trim… I will have to stretch the rules to give myself half of a point here. But then again, I’m doing the scoring so why not, right?
Score: 7 out of 10

With 7 out of 10 points, my predictions weren’t particularly good. Some of them were obvious, some didn’t happen. The greatest disappointment in 2014, albeit one that I predicted, was the lack of advances in data security. The problem is becoming dire and yet nobody cares. This has to be the greatest problem to be solved right now – and I am not sure it will be solved anytime soon. The one prediction that I have missed completely was the Internet of Things (IoT), which is where most of the innovation occurred. With the IoT, home automation is becoming reality at a reasonable price, which is very exciting. Other than the IoT and the re-invigoration of email, 2014 was kind of a slow year.

We’ll see what happens in 2015!