Information Management Targets E-Discovery, Compliance, Legal Risks While Delivering Long-term BI and Governance Benefits

Transcript of a sponsored BriefingsDirect podcast on the need to manage explosive growth of information within enterprises to head off legal risks and penalties.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Learn more. Sponsor: Hewlett Packard.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you’re listening to BriefingsDirect.

Today, we present a sponsored podcast discussion on gaining control over information sprawl at enterprises. We'll take a look at the short-term and potentially massive savings from thwarting legal discovery fulfillment problems in advance by controlling information. And we'll examine how management lifecycle approaches can bring long-term payoffs through better analytics, and regulatory compliance, while reducing the cost of data storage and archiving.

To help us better understand the perils and promise around the well-managed -- versus the haphazard -- information oversight approach, we're joined by two executives from Hewlett-Packard (HP).

Please join me in welcoming Jonathan Martin, Vice President and General Manager for Information Management at HP. Welcome, Jonathan.

Jonathan Martin: Hi, Dana. Good to be here.

Gardner: We’re also joined by Gaynelle Jones, Discovery Counsel at HP. Thanks for joining, Gaynelle.

Gaynelle Jones: Hi, Dana. Good to be here.

Gardner: Let us start with you, Jonathan. We've seen quite a bit of change in the business issues around information, including risk, compliance, and oversight. Could you help set up our discussion by helping us understand how the world has changed in the past year or two, and why information management issues have become more prominent?

Martin: If you look at every organization over the last 20 years or so, fundamentally they've built a majority of their business processes on top of information technology (IT). And, the information that flows through those IT systems tends to be one of the core assets of any business in today's economy.

Now, over the last five to 10 years, we've become increasingly addicted to information, both at home and at work. At home, the idea, even three years ago, of walking around with 40,000 songs in your pocket would have been a little crazy. Today, we do it almost as habit. At work today, 85 percent of our business communications go by email.

What we've seen is a trend that's been going on for the last 15 to 20 years, and the size of it is beginning to really impact businesses. This trend is that information tends to either double every year in developing countries, and tends to double about every 18 months in developed organizations. Today, we're creating more information than we have ever created before, and we tend to be using limited tools to manage that information. We're getting less business value from the information that we create.

Over the last few years, organizations have put in place what we might call an ILM strategy. Some vendors like to tell you, it stands for the "information lifecycle management." A lot of customers who have been through the pain of an ILM implementations will tell you, it's really about "investing lots more."

Throwing more capacity

That's really been the way that the problem is being solved -- just throwing more and more capacity at the problem and throwing more and more storage space, and more and more available space to store this information.

Unfortunately, in the last 18 months or so, the economy has begun to slow down, so that concept of just throwing more and more capacity at the problem is causing challenges for organizations. Today, organizations aren't looking at expanding the amount of information that's stored. They're actually looking at new ways to reduce the amount of information.

At the same time, we're going into the stage of the economic cycle where everyone is thinking beyond how to reduce cost and cash burn, and how to ensure that this never happens again. Eight years ago, we saw the economy go through a similar cycle.

As we began to bump along the bottom in 2002 and pull back into recovery in 2003, we saw the implementation of Sarbanes-Oxley. Coming into 2010, both in the US and in Europe, there is going to be a new wave of a regulation that organizations are going to have to take on board about how they manage their business information.

Gardner: So the business risks have certainly gone up, but it looks like one particular type of risk is pressing, the legal risk. Gaynelle would you tell us a little bit about your background, what your role is at HP, and why the legal aspects of information management are so important?

Jones: Oh, certainly, Dana. I'm the Discovery Counsel at HP. I work with the litigation group in managing the discovery process for HP. I've been a litigation manager, as well as a prosecutor and a trial judge. Because we have black-letter law that computerized data is discoverable if relevant, and because of the enormous amount of electronic information that we are dealing with, the litigants have to be concerned with discovery, in identifying and producing it, and making sure it's admissible.

I'm charged here with developing and working with both the IT and the litigation teams around making sure that we are compliant, and that we respond quickly to identify our electronically stored information, and that we get it in a form that can be produced in the litigation.

Gardner: Now, the stakes here are quite high. Not being able to fulfill the quest for discovery and for information in its various electronics forms can come at a high penalty. Do you have any examples of how that can work?

Horror stories in the news

Jones: Oh, absolutely. There are horror stories that have been in the news in recent years around major companies such as Morgan Stanley, Enron, Qualcomm and a host of others being sanctioned for not following and complying properly with the discovery rules. In Morgan Stanley and Zubulake, the court issued adverse inference instructions, because data was lost. Morgan Stanley had a jury return of verdict around $1.4 billion, and in Zubulake, the jury returned $29-million verdict.

In each case, companies failed to properly implement litigation rules, directly pointing to their failure to properly manage their electronic information. So the sanctions and the penalties can be enormous if we don't get a hold of this and comply.

Gardner: And these types of legal requests or at least legal issues are not uncommon at large organizations. Do you have any sense of what the typical legal caseload is typically?

Jones: It depends on the enterprise. At HP, we have everything, which puts us sort of on the cutting edge to develop and really come up with some best practices. But the typical enterprise would have data around employment matters. You would be dealing with the human-resource databases.

It might have contracts, and have to deal with keeping up with the contracts, emails, and correspondence. Emails, by themselves, have tremendous issues in terms of identifying and preserving, as well as voice mail and instant messages.

At HP, we have hundreds, if not thousands, of database applications that contain our business

We've seen, over the last few years, organizations move from taking a very reactive approach on these kinds of issues to a more proactive or more of a robust approach.

records, our sales records, our revenue, our marketing, and so forth. So, we have dynamic databases, and all of these things can come into play in litigation, if they have relevant information.

Gardner: Jonathan, you mentioned earlier the issues around compliance and the fact that regulations are bound to creep up in a number of industries and in different countries as well. Between the regulatory issues and the legal issues, it seems like there is an awful lot of money to be saved by doing this correctly.

Martin: Absolutely. We've seen, over the last few years, organizations move from taking a very reactive approach on these kinds of issues to a more proactive or more of a robust approach. We heard from Gaynelle earlier some of the examples of the reactive approach. Organizations that are in this mode tend to take one of three ways as strategies for solving their problems.

They may trust their employees to do the right things. Obviously, everybody knows that translating policy into day-to-day behaviors for employees is not always easy. Employees, by their very nature, in the main don't tend to be particularly okay with legal or regulatory requirements of the organization.

Trusting the lawyers

The second one is that they trust their lawyers. When they run into an issue and they're subpoenaed for some information, or required to present information from an audit, they pull in a couple of bus-loads of lawyers, and get the lawyers to dig or troll through miles and miles of content to try and find the relevant information. It tends to be a very, very expensive approach to just finding information.

The third one is that they trust that their IT consultants. When the subpoena for a piece of information to come in, to find that one email in hundreds of millions of emails that the organization sends. So, as you see, we've got lots of examples in the industry of why taking a reactive approach to a litigation readiness or the ability to respond to an audit is a bad one.

Over the last two to three years, organizations began to take a more proactive approach. They're gathering the content that's most likely to be used in an audit, or that's most likely to be used in a legal matter, and consolidating that into one location. They're indexing it in the same way and setting a retention schedule for it, so that when they're required to respond to litigation or are required to respond to an audit or a governance request, all the information is in one place. They can search it very quickly.

Gardner: Of course, we've also seen a great deal of additional types of content. We're talking about all sorts of electronic. We're talking about social media, where folks are blogging, and they are using sources that are offsite and that are in someone else's servers, perhaps in a cloud environment, and we're also, I suppose, thinking about paper. How do we think about approaching this proactively, when it's such a mish-mash of content types?

Martin: At first, the problem statement may look absolutely enormous. What we see is that

SharePoint is a business that is exploding for Microsoft right now. It's growing like wildfire through many organizations.

organizations begin to chunk that problem statement down into the areas that a subpoena is most likely to target or the area an audit is most likely to target. Typically, if you think of the things that subpoenas look for in an audit, they tend to look for business conversations.

We've already identified that 85 percent of business conversations today go through email. So, as organizations begin to take a more proactive approach to electronic discovery -- as it is called in the US, and electronic disclosure, as it is called in the rest of the world -- they really focus on email first of all.

So they're gathering all emails that the organization sends, consolidating them into one place, indexing them, setting retention schedule for them, and getting them ready, should they be required to respond.

Subsequently, the area that is very much in focus now is Microsoft SharePoint content. As you know, SharePoint is a business that is exploding for Microsoft right now. It's growing like wildfire through many organizations, and is being used in a very different way than traditional content management applications.

It's a very collaborative, free-form, and very easy-to-use set of tools. Typically, we see lots of projects spinning up within organizations. As the project begins, they will spin up a SharePoint along with it, as a repository, where they can put all the content relating to the project, as well as the meeting minutes for the projects, the collaboration, etc.

New wave of solutions

This really becomes the central point within the project team for them to collaborate. Typically, the things that are going into those are meeting minutes, statements of work, draft contracts, submissions, etc. -- by anybody's definition, true business records. We're beginning to see a shift from the auditors and the litigators, away from just focusing on business conversations on email, to begin to target this new wave of content-management solutions, particularly around SharePoint.

Gardner: I see. We're looking at structured content, unstructured content, communications, and even minutes for meetings. I want to go back to Gaynelle, if I could. We're not just talking here about crisis intervention. It seems to me that, over time, this is going to be something that will pay back in significant ways, when it comes to managing intellectual property, protecting rights, and the use of very important information within the organization.

Jones: Absolutely. You have to be concerned with all sorts of issues and litigation, including the ones you've mentioned, as well as privacy issues with the data that you're dealing with, and other regulatory areas, issues that might impact upon the information that you have.

You have to be able to identify and manage the information and think ahead about where you're likely to have to pull it in and produce it, and make a plan for addressing these issues before you have to actually respond. When you're managing a lot of litigation, you have to respond in a quick timeframe, by law. You don't have time to then sit down and draw up your plan.

When you are doing it then, you are paying outsiders -- legal fees to the outside counsel, their

. . . organizations that went through this shift from reactive to proactive two to three years ago have actually got a new asset within the organization.

associates, and so forth. This makes the process at least twice as expensive, than if you've planned ahead, strategized, and know where your information was, so that when the time comes, you could find it and preserve it and produce it.

Gardner: Jonathan, the economic payback here can be very large and impactful, because of the prevention of these discovery problem awards. Certainly, you can react more quickly to issues around security and risk, but it strikes me that there is a long-term benefit as well. The return on investment (ROI) isn't immediate and impactful at a crisis level, but perhaps at an analytics level. We hear similar rationale around why we should invest in business intelligence (BI), for example?

Martin: Today, eyeballs are very focused on information governance around risk litigation. What we're seeing, though, is that organizations that went through this shift from reactive to proactive two to three years ago have actually generated a new asset within the organization.

If you logically think through the process, as an organization, you are taking a more proactive stance. You're capturing all of those emails, you're capturing content from file systems and your SharePoint systems. You're pulling sales orders. You get purchase request from your database environment. You're consolidating maybe miles and miles of paper into a digital form and bringing all of this content into one compliance archive.

This information is in one place. If you're able to add better classification of the content, a better way of a layer of meaning to the content, suddenly you have a tool in place that allows you to analyze the information in the organization, model information in the organization, and use this information to make better business decisions.

Unstructured data

Traditionally, as you've mentioned, BI is focused solely on structured content, content that sits in databases. Today, 80 percent of the information an organization creates is actually in an unstructured form. If any of you went to business school, you'll know all about that 80-20 rule. You're supposed to focus on that 80. In BI, we tend to focus on the 20.

Organizations are finding, by going through an e-discovery initiative and by going through a more proactive approach to this, they ultimately end up with a brand-new repository in the organization that can help them make better business decisions, leveraging the majority of the content that the organization creates.

Gardner: Now that we understand the dimension of the problem and that there are significant short-term and long-term payoffs, how do you start approaching the solution? You did talk about chunking it up a little earlier. That made a great deal of sense, but is there an overarching vision of how to think about information differently that perhaps sets the stage for beginning this process?

Martin: There are probably a couple of stages that we see organizations go through. The first one is just to catalog the information that you have out there. Use some kind of stored user-management technology to find where all the information resides in the organization.

An example of that might be something like the Storage Essential Suite from HP. This really

Some applications you may never be able to retire. Other applications, you might have a duplication of capability within the datacenter.

allows you to identify where all the applications are in the organization, where all the content sits, where the databases are, and where all the storage arrays are. That gives you the ability to find all the information.

The second step is to de-duplicate the content in the organization. There are really two ways that we can do this. First, may be to take a huge swage of information by retiring legacy applications, through applications that fit into data center that may be required for regulatory or reporting reasons, but consume power, heating, lighting, support, service, license requirements etc.

Target those applications. Some applications you may never be able to retire. Other applications, you might have a duplication of capability within the data center. So, begin to de-duplicate the systems or retire the systems that are no longer required. Equally, get focused on de-duplicating the actual content that the organization creates.

Take an HP example, if [HP Chairman and CEO] Mark Hurd sends out an email to everybody with 2009 goals, everybody realize this is an important email. It's got nice attachments and a PowerPoint associated with it. So, everybody in the organization says, "I need to save this." Mark Hurd sends out one email, and it ends up getting saved 300,000 times.

That's an extreme example of duplication. On average, every piece of information an organization creates gets duplicated somewhere between 5 and 20 times by the time it has been backed up, sent to other people in emails, etc.

The second step, once you've discovered all of this content, is to begin to de-duplicate or cull down the amount of content. Once you've done that, the third step tends to be to take the content that's most likely to be used in a discovery exercise and put it into a system of record.

Consolidating content

There are a series of products from HP, products like HP TRIM for records management, and HP Integrated Archive Platform for storing, archiving and retrieving content, that allow you to take all of these different types of content, consolidate them into one place, index them, set the retention schedule, and store them for long term preservation.

The final step, once you've got all that content in one place, is to add a layer of analytic or modeling capability to allow you to manipulate that content and respond quickly to a subpoena or an audit request.

Gardner: Gaynelle, listening to Jonathan explain the overarching vision for this, could you, as a consumer of this, help us understand, when you do this, what the net results are?

Jones: Absolutely. We've been really fortunate to be able to jump up and get first in line, shall we say, for the benefits of these products. We're working right now on putting an evidence repository in place, so that we can collect information that's been identified, bring it over, and then search on it. So, you can do early electronic searches, do some of the de-duping that Jonathan has talked about, and get some early case assessment.

Our counsel can find out quickly what kind of emails we've got and get a sense of what the case is

The earlier you do it, and more that it's planned, the more it's a shared expense.

worth long before we have to collect it and turn it over to our outside vendors for processing. That's where we're moving at this point.

We think it's going to have tremendous benefit for us in terms of getting on top of our litigation early on, reducing the cost of the data that we end up sending outside for processing, and of course, saving cost across the board, because we can do so much of it through our own management systems, when they're in place. We're really anxious and excited to see how this is going to help us in our overall litigation strategy and in our cost.

Gardner: Now, of course, now a days, we can't look for much discretionary spending. Any requests for spending are highly scrutinized, but I'm curious. When it comes to this legally mandated and enforcement approach with information, where does the PO come from? Who signs on the bottom line to say that we need this? Is this an IT expenditure, a business expenditure, or a legal expenditure. Gaynelle, do you have any sense of that -- or you, Jonathan, as well?

Jones: I'll start, and Jonathan deals with it at a broader stage. Ideally, we get involved, if we don't do it ahead of time in terms of planning. This is what we're doing with our evidence repository, and it becomes a part that will be shared across the business. If you wait until you are actually in the litigation, then it generally ends up being paid by the business, or the group that owns that litigation. So the earlier you do it, and more that it's planned, the more it's a shared expense. At least, that's the way we do it at HP.

From reactive to proactive

Martin: Absolutely. If you move from that kind of reactive to proactive approach, you commonly see the creation of what we would call "the committee." Typically, the committee is a combination of representatives from the legal side of an organization, as well as the IT side of an organization.

Typically today, these e-discovery projects don't get funded at the start of the year. They're one of those things that IT typically doesn't have a line item for. When they get subpoenaed to do something, then it suddenly become a priority, as we've already heard.

What you tend to find is that the committee gets together, looks at what the legal operating budget looks like, and where they're spending money on doing these requests, and by bringing these capability in-house, are they able to shift money from the legal operating budget to an IT budget to be able to gain some efficiency.

Just from a purely IT perspective, you can see almost immediate return by going down this path of retiring applications that are no longer required in the organization. Obviously, every application you have up and running creates a footprint, requires cooling, lighting etc. You can decommission these applications, while maintaining access to the content that they use to create. There's an immediate return for the organization.

Gardner: I'm curious about what is to come in terms of technology. We've certainly seen lot of

Just from a purely IT perspective, you can see almost immediate return by going down this path of retiring applications that are no longer required in the organization.

interesting advances around consolidation and warehousing of data. Again, perhaps mostly on the structured side, we've seen them around BI and analytics, but are there any activities at, say, HP labs for example, that point to the opportunity be doing yet more with this problem set?

Martin: Yes, there are probably two big areas on the horizon. The organizations that have been through the fundamentals like the capture process, the collection process, and the preservation process are beginning to think about.

The first is the scope of content that they capture. Increasingly, we're seeing more and more content move into the cloud. This is may be coming from a top-down initiative, or from a cost or capability perspective. Organizations are saying, "Maybe it's no longer cost effective for us to run an email environment internally. What we'd like to do is put that into the cloud, be able to manage email in the cloud, or have our email managed in the cloud.”

Or, it may come from the grassroots, bottom up, where employees, when they come to work, are beginning to act more and more like consumers. They bring consumer-type technology with them, something like Facebook or social networking sites. They're coming to the organization to set up a project team and to set up a Facebook community, and they collaborate using that.

New implications

So we're seeing either top-down or grassroots-up content moving into the cloud. From a regulatory perspective, a governance perspective, or a legal perspective, this has new implications for the organizations. A lot of organizations are struggling a little bit on how do they respond to that.

Gardner: So, in this case, the source data might not be in your control, but you would have access to the metadata about that data, and that becomes yet another aspect of your systems of record in your index.

Martin: Yes, potentially, and how do you discover this content, how are you required to capture this content, or are they the same, legal obligations, the content that's inside your data center of this various IT data centers? How do you address applications, maybe mashups, where content may be spread across 20 to 30 different data centers. It's a whole new vista of issues that are beginning to appear as content moves into the cloud.

Jones: We're seeing some of that now with situations in our litigation, where we have our third-party set managing our data. We have an obligation to make sure that that gets preserved.

Even smaller enterprises that perhaps may think that they don't have to deal with some of these issues, if they're providing services to companies like ours, will need to be able to have management or preservation programs in place, because we have to reach out. We're seeing in litigation where you have to deal with telephone company providers, the cable company providers, and other providers. So, it's not only managing your information, but getting access and preserving for litigation that information that others maybe managing.

Gardner: So, from your perspective, Gaynelle, we've already got a difficult situation that

The courts haven't yet addressed the cloud era, but it's going to definitely be one for which we're going to have to have a plan in place.

perhaps is going to become more difficult with the advent of a cloud era.

Jones: Right. The courts haven't yet addressed the cloud era, but it's going to definitely be one for which we're going to have to have a plan in place. The sooner you start being aware of it, asking the questions, and developing a strategy, the better. Once again, you're not being reactive and, hopefully, you're saving money in the process.

Gardner: I appreciate the discussion. It's been very interesting. To finish up, how do folks start to get a handle on this? Are there some steps or some places for information? Where do you begin on this journey?

Martin: Probably one of the best ways to learn is from the experience of others. We've invested quite heavily over the last year in building a community for the uses of our products, as well as the potential use of our products, to share best practices and ideas around this concept of information and governance that we've been talking about today, as well as just broader information management issues.

There is a website, www.hp.com/go/imhub. If you go there, you'll see lots of information from former users about how they're using their technology. If you're interested in going beyond education and getting an understanding of how HP might be able to help you in your environment with these kind of issues, we run something called the Information Management Transformation Experience Workshop, which is quite a mouthful.

If you search for IM Transformation Workshop on the HP site, you'll find that, and from there you'll be able to engage with us. Typically, it's a half-day workshop experience where we come in and brainstorm on what the issues might be and best practices that we might have for getting them solved. It's a kickoff to a broader engagement.

Gardner: Very good. We've been learning about the perils and promise of mismanaging, and then perhaps getting a proactive handle over, information and content and providing a governance approach, and a life cycle approach. We really appreciate the input from Jonathan Martin, Vice President and General Manager for Information Management at HP. Thank you, Jonathan.

Martin: Thanks, Dana.

Gardner: And also, Gaynelle Jones, Discovery Counsel at HP. Thanks so much, Gaynelle.

Jones: My pleasure.

Gardner: This is Dana Gardner, principal analyst at Interarbor Solutions. You have been listening to a sponsored BriefingsDirect podcast. Thanks for listening, and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Learn more. Sponsor: Hewlett Packard.

Transcript of a sponsored BriefingsDirect podcast on the need to manage explosive growth of information within enterprises to head off legal risks and penalties. Copyright Interarbor Solutions, LLC, 2005-2009. All rights reserved.

BriefingsDirect Analysts Debate the 'Imminent Death' of Enterprise IT as Cloud Models Ascend

Edited transcript of BriefingsDirect Analyst Insights Edition podcast, Vol. 43 on the health of corporate IT and whether reports of its demise are premature.

Download the transcript. Read the summary blog post. Charter Sponsor: Active Endpoints. Also sponsored by TIBCO Software.

Special offer: Download a free, supported 30-day trial of Active Endpoint's ActiveVOS at www.activevos.com/insight.

Dana Gardner: Hello and welcome to the latest BriefingsDirect Analyst Insights Edition, Volume 43. I'm your host and moderator Dana Gardner, principal analyst at Interarbor Solutions.

This periodic discussion and dissection of IT infrastructure-related news and events with a panel of industry analysts and guests comes to you with the help of our charter sponsor, Active Endpoints, maker of the ActiveVOS, visual orchestration system, and through the support of TIBCO Software.

Our topic this week on BriefingsDirect Analyst Insights Edition, and it is the week of June 8, 2009, centers on the pending purported death of corporate IT, and perhaps the unplugging of the last on-premises Web server any day now.

You may recall that in the early 1990s, IT pundits, and my former boss Stewart Alsop, glibly predicted at InfoWorld that the plug would be pulled on the last mainframe in 1996. It didn't happen.

Stewart apologized, sort of, and the mainframe continues to support many significant portions of corporate IT functions. But Stewart's sentiments are newly rekindled and expanded these days through the mounting expectations that cloud computing and software-as-a-service (SaaS) will hasten the death of on-premises enterprise IT.

Some of the analyst reports these days indicate that hundreds of billions of dollars in IT spending will soon pass through the doors of corporate IT and into the arms of various cloud-service providers. We might conclude that IT is indeed about to expire. Not all of us, however, subscribe to this extent in the pace of the demise of on-premises systems, their ongoing upkeep, maintenance, and support.

To help us better understand the actual future role of IT on the actual floors inside of actual companies, we're joined by our guests and analysts this week. First, Jim Kobielus, senior analyst at Forrester Research. Hey Jim.

Jim Kobielus: Hey, Dana. Hey, everybody.

Gardner: Tony Baer, senior analyst at Ovum.

Tony Baer: Hey, Dana. How are you doing?

Gardner: Brad Shimmin, principal analyst at Current Analysis.

Brad Shimmin: Hi, Dana.

Gardner: Ron Schmelzer, senior analyst, ZapThink.

Ron Schmelzer: Hi, guys, just unplugging my mainframe, as we speak.

Gardner: And, for the first time on our show, Sandy Rogers, former program director at IDC, and now independent IT analyst and consultant. Welcome, Sandy.

Sandy Rogers: Thanks, Dana. Great to be here.

Gardner: And, as our guest this week, welcome Alex Neihaus, vice president of marketing at Active Endpoints. Hey, Alex.

Alex Neihaus: Hi, Dana. Hi, everyone.

Gardner: Well, let's start with you, Jim Kobielus, if you don't mind.

Kobielus: I don't mind.

Gardner: We've heard this before, the same story, new trend, new paradigm shift, money to be saved, pull out the plug, you'll get it off the wire, or you'll get it from much lower cost approaches to IT.

I do believe that cloud computing is going to have a pretty significant impact and we've discussed that quite a bit on our show so far. What's your take? Do we have a sense of the mix? Is there any way to predict what's going to happen in, say, five years?

Death notice premature

Kobielus: There are plenty of ways to predict what's going to happen in five years. I need to buy a dartboard. That's one of the ways. I can predict right now, based on my conversations with Forrester customers, and specifically my career in data warehousing and business intelligence (BI). This notion of the death of IT is way too premature, along the lines of the famous Mark Twain quote.

If you look at a vast majority of enterprise data warehousing in BI environment, there is a bit of a movement toward outsourcing of the date warehouse into the cloud. There is a bit of a movement toward moving more of the report and dashboard and analytic application development to the end user or to the power user or subject matter expert and away from the priesthood of mathematicians, statisticians, professional data modelers, and data-mining specialists that many large companies have.

There is a bit of a movement in both directions. But it's only movement. In other words, there aren't a substantial number of enterprises that have outsourced their data warehouse or their marts. Probably there aren't that many commercial options yet that are fit to do so. Only a handful of data warehousing vendors offer a hosted solution, a SaaS, or cloud solution. I've been telling people that 2009 is not the year of the cloud in data warehousing, nor is 2010. I think 2011 will see a substantial number of data warehouses deployed into the cloud.

Gardner: Well, Jim, will that be taking them off of the corporate network and putting them in the cloud or will they just be new ones on the cloud?

Kobielus: The component of your data-warehousing environment that will be outsourced to public cloud, initially, in many cases, will not be your whole data warehouse. Rather it will be a staging layer, where you're staging a lot of data that's structured and unstructured and that you're pulling from both internal systems, blogs, RSS feeds, and the whole social networking world -- clickstream data and the like.

They will be brought into cloud storage services that will operate as a staging layer

First is security. You need strong control and you need to also be able to monitor it 24/7, because it's the most fundamental thing that you run your business on.

where transforms, cleansing, match and merge, and all those functions will be performed on massive amounts of data. We're talking about petabytes where it makes more sense, from a dollars-and-cents standpoint to use a subscription service in a multi-tenant environment.

Gardner: We're still going to see data growing on-premises as well.

Kobielus: Yeah, we're definitely going to see data growing a lot on-premises. The core data-warehousing hub where your master data is stored -- for most companies of most sizes -- will remain on-premises for lots of reasons. First is security. You need strong control and you need to also be able to monitor it 24/7, because it's the most fundamental thing that you run your business on.

There are lots of reasons why the centerpiece of your data-warehousing environment, the master tables, were made on-premises. For the foreseeable future, I sense strong reluctance from corporate IT to outsource that. As to the whole front-end mash-up side of these all sort of developments, I'm doing a report that will be published in about a month on the uptake of that approach. But, that's several years down the road, before we see that come to fruition. So, I don't think IT is dying anytime soon.

Gardner: Tony Baer, what about applications?

Cloud is transformational

Baer: Well, I just completed actually a similar study in application lifecycle management (ALM), and I did find that that cloud certainly is transforming the market. It's still at the very early stages, but it's not going to be basically a one single, monolithic, silver-bullet approach. And, not all pieces in the app lifecycle are as well suited for the cloud as others.

I found that two areas really stuck out. One is anything collaborative in nature, where you need to communicate -- especially as development teams go more global and more distributed, and of course, as the pace of business changes the business climate and accelerates -- it's more important than ever to get everybody on the same page, almost literally. So, what I found was that planning, budgeting, asset management, project portfolio management, and all those collaborative functions did very well.

At the other end of the scale, another side that did very well was something that I think Jim was sort of hinting at, which is anything that had very dynamic resource needs,

When you're developing code, you don't want to have to deal with any type of network latencies that are going to come up when you deal with cloud.

where today you need a lot of resource, tomorrow you don't. A good example of that is testing -- if you are a corporate IT department, which has periodic releases, where you have peaks and valleys in terms of when you need to test and do regression test.

Gardner: Platform as a service (PaaS)?

Baer: Yeah. What I found though that did not map well to the cloud was anything that related to source code. There were a number of reasons for that. One is, basically, that developers like to have the stuff on their own local machines.

There is a degree of control that you like, but there are some tactical reasons. When you're developing code, you don't want to have to deal with any type of network latencies that are going to come up when you deal with cloud. No matter how good the bandwidth, there are always going to be times when there are going to be some speed bumps.

But, the other part was also related to IP, which is source code before it's compiled in the binaries. It's basically pretty naked and it's pretty ripe for stealing. This is your intellectual property. Today, if you're doing development, it's because there aren't packages that are available to supply a generic need. It's something that's a process that's unique to your organization.

So, I got a lot of reluctance out there to do anything regarding coding in the cloud. There is the Bespin project on Mozilla, but that's the exception to the rule. So, in terms of IT being dead, well, at least with regard to cloud and on-premise, that's hardly the case in ALM.

Gardner: Brad Shimmin, why do we see these reports, some of them coming out of Wall Street? They're supposed to be smart money saying $120 billion of IT is going to be in the cloud in the matter of two or three years. Is it that they don't understand what cloud is, or are they dead wrong?

Shimmin: I don't think they're dead wrong. As Tony was saying, it depends on what you're putting in the cloud. Because I follow the collaboration area, I see that happening much, much more quickly, and, frankly, much sooner than even the discussion we've been having recently about cloud computing.

Way back in the late 90s, and early "0-dots," Microsoft and IBM were making big money out of their managed hosting services for Exchange and Notes, and they are pushing that downstream a little bit more now to get to the channel and the long tail.

Gardner: So there is not a lot of intellectual property in a messaging transfer agent?

Bothersome IT functions

Shimmin: That's just it. Those are the functions that IT would love to get rid of. It's like a diseased appendix. I would just love to get rid of having to manage Exchange servers. Any of us who have touched any of those beasts can attest to that.

So, even though I'm a recovering cynic and I kind of bounce between "the cloud is just all hype" and "yes, the cloud is going to be our savior," for some things like collaboration, where it already had a lot of acceptance, it's going to drive a lot of costs. If that's what Wall Street is talking about, then, yeah, I think they're pretty much accurate.

Gardner: Ron Schmelzer, we certainly heard a lot about cost reduction. It's certainly top of mind in a recession. I also think that cloud computing can offer some significant cost savings, but to what degree are we talking about disrupting the status quo in most IT departments?

Schmelzer: It's really interesting. If you look at when most of the major IT shifts happen, it's almost always during period of economic recession. The last time was in 2000-2001, when we first started really talking about service-oriented architecture (SOA). In the mid- '90s was when we really started pushing out the Web. In the early part of the '80s, when recession was kind of bad, that's when personal computers started coming about.

You kind of go back into this package every time. Companies are like, "I hate the systems I have. I'm trying to deal with inefficiency. There must be something wrong we're doing. Let's find some other way to do it." Then, we go ahead and find some new way to do it. Of course, it doesn't really solve all of our problems. We spend the next couple of years trying to make it work, and then we find something new.

The cost-saving benefit of cloud is clearly there. That's part of the reason there is so much attention on it. People don't want to be investing their own money in their own infrastructure. They want to be leveraging economies of scale, and one of the great things that clouds do is provide that economy of scale.

From my perspective on the whole question of IT, the investments, and what's going to happen with corporate enterprise IT, I think we're going to see much bigger changes on the organizational side than the technological side. It’s hard for companies to get rid of stuff they have invested billions of dollars in.

Gardner: Wait a minute. So, this is like a neutron bomb. The people die, but the machines keep running?

Schmelzer: Actually vice versa. The machines might change and the machines might move, but IT organizations will become a lot smaller. I don't really believe in 4,000-person IT organization, whose primary job is to keep the machines running. That's very industrial revolution, isn't it?

Gardner: Sandy Rogers, the theory is good, the vision is good, but so was the theory in 1995 that you'd pull out the last mainframe in a year. What's your perspective, given that you've been tracking enterprise infrastructure software for quite some time?

The cost of change

Rogers: Well, it's interesting. Many organizations have avoided legacy modernization projects due to the cost of change. It's not just about the technology replacement. It's a loss of capabilities. It's the change in human workflow and knowledge base. All that is a critical consideration. I see enterprises all the time that are caught between a rock and a hard place, where they have specialized technologies that were built out in the client-server era. They haven't been able to find any replacements.

So the idea of software-as-a-service (SaaS), that one-to-many model, means the kinds of replacements that are available will be very generic in nature, for the most part. There will be some niche capabilities, moving way out in the time horizon. But, the ability to take a legacy system that may be very specialized, far reaching, have a lot of integrations and dependencies with two other systems is a very difficult change. A company has to get to a very specific point within their business to take on that level of risk from change.

Gardner: It's one thing to change from a legacy system to a more modern standard-based hardware and operating system platform environment and to frameworks

It's not to say it won't be done, but it certainly has a big learning curve that the whole industry will be engaging in.

for development. That's not quite the same, though, as making a transition to cloud. Do you think they go hand-in-hand?

Rogers: One thing to think about is there are so many different layers of the stack that we're talking about. When we're talking about cloud and SaaS, it's going to impact different layers. So, there may be some changes in the types of deployments that go on, the target locations.

It reminds me of the film, Pretty Woman. That's "just geography," and that's the way I envision the first wave moving out. We may want to think about leveraging other systems and infrastructure, more of the server, more of the data center layer, but there is going to be a huge number of implications as you move up the stack, especially in the middle-ware and integration space, and pick and choose different applications and their capabilities.

There are a lot of systems out there that are not designed to be run in this kind of capacity. We're still at the very beginning stages of leveraging services and SOA, when you look at the mass market. What I've been discovering in speaking with enterprises that are either doing SaaS as a business or as an enterprise is that the first thing they're thinking about is that the architecture has to able to support this kind of dynamic access and the ability to scale.

So, there's a lot of work that needs to be done to just think about turning something off, turning something on, and thinking that you are going to be able to rely on it the same way that you've relied on the systems that have been developed internally. It's not to say it won't be done, but it certainly has a big learning curve that the whole industry will be engaging in.

Gardner: Not about just pulling a plug at all.

Rogers: Yeah.

Gardner: Alex Neihaus, you're someone who's actually in the software business -- unlike the rest of us. And, by the way, thanks very much for sponsoring the show. We really appreciate it.

Neihaus: Our pleasure,

Gardner: Tell me a little bit about your perspective as someone who is delivering software, productivity, and value to enterprises. Why not go up on someone else's cloud and deliver this strictly as a service?

Borg-like question

Neihaus: We think that this is a Borg-like question -- who assimilates whom? Ron was exactly correct that cloud and the associated technologies that we describe today is today's shining new toy. What we find more interesting is not the question of whether the cloud will subsume IT or IT will subsume the cloud, but who should be creating applications?

And, there is a meta question, or an even larger question, today of whether or not end users can use these technologies to completely go around IT and create their own applications themselves? For us, that seems to be the ultimate disingenuousness, the ultimate inability for all the reasons that everyone discussed. I mean, no one wants to manage an Exchange server, and I was glad to hear Brad include Notes Server in that list, but, in fact, IT is still doing it.

So for us, the question really is whether the combination of these technologies can be made to foster a new level of collaboration in enterprises where, frankly, IT isn't going to go away. The most rapid adoption of these technologies, we think, is in improving the way IT responds in new ways, and in more clever ways, with lot more end-user input, into creating and deploying applications.

You hear a lot of people talk about the generational shift in business people. I agree that there is a lot more familiarity with IT among business end users, but we don't

For us, the cosmic question is whether we are really at the point where end users can take elements that exist in the cloud and their own data centers and create processes and applications that run their business themselves.

hear from our customers that business end users even want to be in the business of creating or manipulating applications in IT, in the cloud, or anywhere else.

Gardner: What I hear you saying is that you see the IT department as your customer, but also, at some level, the end user is your customer. You need to make them both happy, but can you make that end user happy without the IT department?

Neihaus: Our answer is no, simply because of some of the things that Sandy was talking about. There are legacy systems -- there are plenty of things lying about, would be the right way to put it -- that need to be integrated, using technologies that are modern and appropriate.

For us, the cosmic question is whether we are really at the point where end users can take elements that exist in the cloud and their own data centers and create processes and applications that run their business themselves. And our response is that that's probably not the case, and it's probably not going to be the case anytime soon. If, in fact, it were the case, it would still be the wrong thing to do in enterprises, because I am not sure many CEOs want their business end users being IT.

Gardner: Now, your product is something that's designed to make crafting and managing business processes easier and more visual. You're trying to elevate this from a code-based or tool-based process to more of a visual, something that an analyst level person could do, but not necessarily a line-of-business person. So, you've already tested the waters here and your conclusion is that IT can't go away.

Model-based environment

Neihaus: Correct. We're a model-based execution environment, and you're exactly right that we try and expose those processes to the business. But, there are what I call "pretty pictures" kinds of approaches to this, and they can exist in the cloud and they can exist in IT. But, for most people, those are customizations of existing applications.

You might go buy a call-center application and allow end users to modify the workflow. But, once you get beyond the pure human workflow, and you begin to integrate the kinds of systems that Sandy was talking about, and I think Ron was talking about, you're beyond the skill, desire, or capability of an end user.

Now, can these things be composed from elements that exist in the cloud? They could be and they probably should be. But, whether the cloud represents something that can enable business users to eliminate IT is a huge stretch for us, based on what we experience in the marketplace.

Gardner: We haven't really explored that dimension where the cloud fits. Does the cloud get between the end user and IT, or is the cloud behind IT and IT gets between the cloud and the corporate user and perhaps even their customers out in the public domain?

Brad Shimmin, recently we saw some inkling about Google Wave. What that's going to represent? I found the demo and the implications very interesting.

We've all been end users at some point and still are in many ways, for what we do day-in and day-out. I think all of us here will attest to the fact that we can be incredibly stupid.

Google seems to think that they can go directly to the end user, at least for some elements of collaboration for bringing different assets together in a common view -- maybe some check-in, check-out benefits, using a spectrum of different communication modalities and synchronicities.

What's your take? Is Alex right that we're not going to get too much out to the end user directly, that IT is going to be part of that? Or, are we perhaps being a little bit too cautious about what end users are capable of?

Shimmin: We've all been end users at some point and still are in many ways, for what we do day-in and day-out. I think all of us here will attest to the fact that we can be incredibly stupid. Yesterday, when I was sitting on Microsoft's Virtual Analyst Summit, I heard them say that what they'd like to accomplish is for users to be able to open up an Excel spreadsheet and create a BI report that would normally take IT two weeks to do.

I thought, "Hey, that's terrific, but, oh dear Lord, you don't want anyone to do that, because they're going to use the wrong datasets, they're going to perhaps have the wrong transitions and transformations for data."

It's not as simple as the picture is being painted. With Goggle Wave, as we've said before, when they are talking about certain types of collaborative applications, that sort of mashability -- as Jim put it earlier -- is something users are capable of and comfortable with. It's within the bounds of something they know how to manage, and they know that what they get out of the application is right.

When I hear about customers being able to mash-up their own BI reports, for example, I think, "How would they know? How on earth would they know that what they've gotten out of it is correct?"

Gardner: And, would the security and regulatory compliance issues be maintained?

Loss of control

Shimmin: Sure, that's the other horn on the bull. The more you move into the cloud, the less control you have over the data. The vendors that I talk to realize that fact, but they still haven't come to a point in which you can control which data resides where and what happens to that data. This is even in the collaboration space, mind you, which is I've said is really getting out there ahead of a lot other ventures,

A lot of companies that say they are pure SaaS are really still using shared data resources on the back-end, which is not a good thing, if you really need to lock down that data.

Gardner: It's not really cloud. Is it?

Shimmin: No.

Gardner: Jim Kobielus, I'm sorry I cut you off earlier, but I wanted to get across the spectrum of our analysts, before we dug down too deeply. But, now is the time to dig deeply to this point that end users, even sophisticated power users in a corporate environment, are probably not going to be in a position of doing SQL queries or even queries that have been visually abstracted for them. We need a sort of intermediary group or capability between the consumers of data and the actual production of data. Isn't that right?

Kobielus: The intermediary group is the governance group. Alex, Brad, Sandy, and the others are talking about how, as you allow the end users or encourage them or require them to mash up the hone applications in their own data, in their own presentation layer, that becomes chaos unless you have strong governance.

As Brad said, when users are given a sandbox of their own, they should know that the whole sandbox, in fact, was built and is being monitored by IT, so that you're taking the right data, doing the right transforms, and applying the right presentation components, the right data model, the right calculation, as defined by your company, its policies, and its rules. You need strong governance to keep this massive cloud sandbox from just becoming absolute chaos.

So, it's the IT group, of course, doing what they do best, or what they prefer to be doing, which is architecture, planning, best practices, templates, governance control, oversight support, and the whole nine yards to make sure that, as you deal in new platforms for process and data, such as the cloud, those platforms are wrapped with strong governance.

Gardner: Tony Baer, perhaps what we are seeing is not the demise of IT, but the transformation and elevation in the role and importance of IT.

The other part is technical. If you're going to provide them the capabilities to mash up things, which is certainly valuable, you want to do this in a protected sandbox

Instead of doing support, maintenance, patches, and keeping the red lights out and the green lights on, they're going to be involved with the governance, provisioning, security, and more innovation in terms of getting closer to the productivity benefit than simply keeping the cycles going and the hard-drive spinning.

Baer: There's no question about that. It reminds me of some of the notion that to make things simple underneath the plumbing is very complex, so make things simple on top. As Jim is saying, you can't provide users the ability to mash-up assets and start creating reports without putting some sort of boundary around it.

This is process-related, which is basically instituting strong governance and having policies that say, "Okay, you can use these types of assets or data under these scenarios, and these roles can access this and share this."

The other part is technical. If you're going to provide them the capabilities to mash up things, which is certainly valuable, you want to do this in a protected sandbox. That's where I see technical innovations that could go to cloud, which would be like enterprise mash-up hubs -- probably a good example -- or like a report center.

I could use those Excel spreadsheets to generate those reports, but they're coming from a protected set of data for which there are very stringent access controls and governance. So, it's a combination of both process and technology.

The same cloud?

Gardner: Ron Schmelzer, I'm a neat person. I like things that follow in nice little neat packages that line up, and are not crooked. What I am starting to see now in this cloud evolution is one part of a cloud being something that end users would use, inside of companies or consumers at home through their mobile devices.

I'm also seeing the cloud providing these back-end infrastructure services, automation and lower cost, and building blocks for IT. And, IT has a value-added role on top of that. But, is it the same cloud? Is it a different cloud, and how would we manage this border between, "I want to use the cloud as an end user" and "I want to use the service from the cloud through the IT department control."

Schmelzer: It sounds like you have a future in interior decoration to put things in neat boxes, but that's why we call it a cloud, right? The reason we call these things cloud is because they're kind of amorphous. They don't have well-defined boundaries.

The whole reason for the metaphor "cloud" is that in network diagrams you want to show something outside the boundaries of the IT organization, but you don't know exactly how it's configured. You just represent it visually as a cloud, right? So, that's the conceptual model we are computing here, where you don't necessarily have all the details of the implementation.

Now, the question is: is the cloud boundary at the firewall or is the cloud boundary necessarily outside of the organization? Not necessarily. There maybe internal processes in IT or the IT organization that are leveraging aspects and elements that you don't have complete control over, in which case they are very cloud-like. They have all the same features and benefits of the cloud.

What we have to be aware is that there are a lot of different things that are wrapped up in the cloud. There's SaaS and application service provider stuff that we've been doing since late '90s. There's utility computing, grid computing, elastic computing, compute on demand, and all this sort of stuff.

The question is what benefits do we want? That's what differentiates cloud.

There's an increasing need to compose and integrate silos within organizations. That has a huge implication on governance activities.

It really is a third-party provider that we're paying for on a transactional model and leveraging infrastructure we have no visibility over, rather than a model that we have ownership of. We have cost visibility, but we have elastic consumption capability. So, we're using more of the implementations of the cloud.

Gardner: Sandy Rogers, you've been tracking governance capabilities, and is it the role of IT to further govern this amorphous boundary between what a cloud, off-the-wire set of services might bring to an organization in addition to governing the IT that goes on inside of their SOA activity. Is IT going to rise up to this or you are going to say, hey, that's outside of our purview and we are not interested.

Rogers: It's certainly within the purview of both IT and business, as partners, to address governance, whether it's internal to an organization or it's leveraging facilities that are external or outside the firewall. IT is still responsible for ensuring that whatever systems are used, how and where the technologies and being used, they accomplish the business goals.

It's off-loaded for support overall. They're going to have to be responsible to ensure that it fits in line with their governance policies in their meeting to set goal. I think the availability and maturity of technologies will evolve, and it will evolve in different spaces to be one-for-one able to be replaced.

The sophistication of the solution interfaces and the management in the administrative capabilities to enable governance, are very nascent in the cloud offerings. That's an opportunity for vendors to approach this. There's an increasing need to compose and integrate silos within organizations. That has a huge implication on governance activities.

Gardner: And, that doesn't even include these outside silos.

Step back and do the basics

Rogers: Yes. It's just being exaggerated with these cloud-based environments. What I've seen in looking at SOA governance is that for those companies that don't have good governance policies, programs, and procedures to start with really are in a situation where they have to step back and do the basics. Every time you end up with some type of distributed, federated environment, you have to look at all of those issues that relate to governance, whether it's compliance, security, management, or anything like that.

SOA, or any distributed environment, exaggerates this. Cloud will exaggerate it even further. Managing contracts and legal arrangements will be a growing emphasis within IT. What's interesting in the cloud space is that we're seeing a lot of packaged services, where one company may be engaging with a service provider, and that service provider is dependent on another service provider for, say, providing some compute infrastructure services.

Gardner: An ecology approach to this.

Rogers: Yes, having the visibility, having access to the right information to perform governance is going to be an area that needs to be worked on. It will have to be worked on sooner, rather than later, to win over those C-level executives who are very nervous about relinquishing control.

Gardner: Another area that I'd like to get into, before we run out of time, is the ability for the vendors, the software providers, to make a decent living. If they're only going to deliver what they do through a cloud model and they have a subscription they are going to charge per user per month, or some similar model, can they, in fact, cover their cost and make a profit?

JP Morgenthal, who has been on our show, has been critical and says that even open source is a threat, because of the same issue. The innovative, quality software won't get developed in the future, if the models don't support it. I'll take that to Alex as a software developer and provider of value. Is there a case here that the subscription model undercuts the viability of your business?

Neihaus: I don't think so, and I'll tell you why. Like any other vendor of any product in any marketplace, we'll sell our services or our products the way customers want to buy them.

The software market is very big. The market we exist in, the business-process management system marketplace, is very big. Companies like ours and others will adapt to what customers ask for

As of yet, at least in our case, we've had no substantive demand for subscription, which is closely associated with the open-source model. It turned out to be fairly expensive over a longer period of time, or per user per month hosted Exchange or Notes mailbox pricing. -- at least for the category in which we exist.

The software market is very big. The market we exist in, the business-process management system marketplace, is very big. Companies like ours and others will adapt to what customers ask for. We can be more nimble than some of the bigger players in this marketplace to responding to that, and that's the key point.

The very large, leviathan players in the space have the most to lose from any kind of change in pricing or distribution business models. So, there's a huge lethargy in the marketplace towards changing buying behavior.

Even if we wanted to promulgate and distribute a new business model, customers are so used to buying the way they have been buying from companies for such a long time that their internal processes from decision-making to contracting are wrapped around those models. It's something we would adapt to, but I think the market is going to change relatively slowly.

Gardner: Brad Shimmin, to Alex's point that the big players, the leviathans, have the most to lose from the wholesale move to cloud, that's in semi-agreement with this concept that moving to a services provisioning subscription model has its risks compared to a license on-premises, per processor type of model. Where do you come down on that?

Vendors will adapt

Shimmin: Well, I stand firmly on the side of broader ecosystems and the power to the people. So, my feeling is that the vendors will adapt to this, just as Alex was saying, but they're doing it slowly. When I look at Microsoft, Cisco, and IBM, for example, I see three very different approaches to that.

With Microsoft, they were pretty quick to roll out their Microsoft online services and firmly undercut the pricing that their partners could give their customers on hosted Exchange, for example. But, they set it up so that those partners could then build value-add on top of it to increase their revenues. As we've been talking about here, when it comes down to just a numbers game, it's hard to make money on just a pure services contract -- unless you have a huge scale to work with.

When Microsoft rolled out Azure -- last October, I think it was -- the plan was to allow their ecosystem, their channel partners, to build applications for vertical markets. These are the things they are good at and the things that Microsoft is not good, and they can make money on those by building into the cloud.

It's these channel partners that are going to benefit the most from these standardized interfaces and the mashability component that's built into these cloud services. It's not the end users who are going to be putting things together. It's the channel partners who are going to be assembling value that they can then deliver to customers.

Gardner: Tony Baer, it seems to me that the open source rollouts of the past 10 years may be harbingers of things to come into cloud.

A lot of customers have said, "Look, just handle the infrastructure for an extra fee, and we'll to continue to pay our perpetual license."

If a large vendor wants things to go slowly, they could perhaps time things. At the same time, they might offer certain elements of their services as a service for free in order to undercut competitors and/or to entice the use of a larger solution, rather than an application or feature set. Do you expect they will see that?

Baer: To a certain extent, where you will see it is in the commodity areas. Microsoft is obviously the poster child there, because they have the most to gain and the most to lose. Actually, it's more that they have the most to lose, not so much to gain. They are really in a defensive position there.

But, when you look at enterprise software or more specialized software, I don't think that's really the case. One of the notes I was jotting down here was that I thought this may actually be very particular to my market, to the software tools market, and that it may march to a different drummer, compared to customer relationship management (CRM) or Exchange.

IBM is struggling with the pricing for how it's going to price its cloud. Hewlett-Packard's (HP's) experience so far, at least from the Mercury side which has offered testing services going back a long ways, is that in many cases, the pricing is not on the subscription model. A lot of customers have said, "Look, just handle the infrastructure for an extra fee, and we'll to continue to pay our perpetual license."

The move to the cloud and subscription pricing are two different things. One does not necessarily follow the other. That's a finding that actually surprised me.

Gardner: Ron Schmelzer, Tony Baer made a point that you could be a victim of cloud, before you could be a beneficiary of it, if you are a provider and a vendor. That's a tough transition to go through.

All transitions are similar

Schmelzer: Maybe, and I think all these transitions are like that. If you look at what happened to the Web. I was on the CRM side of things back in the mid '90s, and we thought that the Web was going to kill client-server CRM applications, and, to a certain extent, it kind of did. It just took a lot longer than we thought. I remember Siebel's dominance and they're saying, "We are not going to move to the Web."

Obviously, Salesforce put the impetus behind it, but even before Salesforce was out there in the late '90s, we were asking, "Why are we using this in-house enterprise application software system with all this great Web stuff happening over there? Why can't we put this stuff online?" The same thing is going here.

We talked about this a couple of podcasts ago, this IT divide between the IT experience at work and the IT experience at home. The home IT experience is just so much richer than what we've got at work. So, it's the same question. Why are we still using these systems in the enterprise and we have all this cloud-based mash-up stuff when we go home?

The writing is on the wall. The smart vendors will learn how to transition themselves in a way that doesn't cannibalize their existing business model. The stupid ones will be pushed to the model anyways, They can't resist it, and they will, of course, suffer.

Gardner: I think this has been a very good and interesting discussion. I'd like to go around the table before we close out, because I haven't heard too much about the death of IT in these permutations of the subject that we've gone through here.

Jim Kobielus, first to you. On a scale of 1 to 10, with 1 being IT dead and 10 being

Much of the actual guts of IT within an organization will migrate to hosted environments, and much of the development will be done by end users and power users.

IT alive, robust, and growing vibrantly, where do you think we're going to see the IT department's role in say three years?

Kobielus: Okay, in three years. I'll be really wishy-washy and give it a 5. It's almost like Schrodinger's cat. You know it's in the box, but you don't know if it's dead or alive yet. It depends on how the quark falls. But, I think that in three years time, IT will be alive, kicking, robust, and migrating toward more of a pure planning, architecture, and best practices function.

Much of the actual guts of IT within an organization will migrate to hosted environments, and much of the development will be done by end users and power users. I think that's writing on the wall.

Gardner: So, the role and impact of IT will be about the same in three years?

Kobielus: Yeah.

Gardner: Tony Baer, how do you come down -- 1 to 10?

Baer: I was really confused about Jim's answer, because I thought he said at one point that IT's role is going to change as we go to hosted services.

Gardner: We may change his mind on the show.

Doing the cool stuff

Kobielus: Actually, 20 years ago I worked as a contractor for a government agency that outsourced a vast majority of their IT to contractors. I remember that the folks who remained as the government's employees running the shop were all procurement, planning, architecture, and all the high-level, cool stuff. They didn't get their fingernails dirty.

Baer: I don't subscribe to the death of IT, because I remember 20 years ago hearing about the death of IT, when Yankee Group did the announcement of that Kodak did a big outsourcing contract, because they decided that, as a company, they were not really in the business of IT. They were in business of photography. A few years later, they realized that the business of photography really did involve IT, and they very quietly backtracked on those contracts.

Gardner: JP Morgan Chase did the same thing about five or six years ago, right?

Baer: Exactly. As Sandy was saying before, there is a lot of complexity, even if you outsource. Outsource means that you need more management. Even if you use the cloud, that requires more governance.

So, I don't see IT's role diminishing. There may be a lower headcount, but that can just as much be attributed to a new technology that provides certain capabilities to end users and also using some external services. But, that's independent of whether there's a role for IT, and I think it pretty much still has a role.

Gardner: If you have 1 to 10, give me a number.

Baer: And 10 being that it does have a role?

Gardner: Vibrant, alive, thriving, and growing like crazy.

Baer: I am going to give it an 8.

Gardner: Excellent. Brad Shimmin?

Shimmin: I'm giving it a 7 for similar reasons, I think that it's going to scale back in size little bit, but it's not going to diminish in value.

IT is not going to go away. I don't think IT is going to be suffering. IT is just a continuously changing thing.

Back to what Sandy was saying, I think it's going to be very much alive, but the value is going to be more of a managerial role working with partners. Also, the role is changing to be more of business analysts, if you will, working with their end users too. Those end users are both customers and developers, in some ways, rather than these guys just running around, rebooting Exchange servers to keep the green lights blinking.

Gardner: So, more architects, fewer admins.

Shimmin: Yup.

Gardner: Ron Schmelzer?

Schmelzer: I'm going to be your lemming here. I think it's 10. IT is not going to go away. I don't think IT is going to be suffering. IT is just a continuously changing thing. Look, IT is only 60 years old. The whole life of the entire IT-as-an-organization department within the enterprise is only 60 years.

So, IT is going to be thriving in three years. It's going to be completely different than anything we may know today or maybe it'll be mostly similar. But, I guarantee that whatever it looks like, it will be still as important as an IT organization.

Now, of course, my information tells me that the world is coming to an end at three years, my Mayan Calendar. That was a good choice on time horizon, because if you had said four years, that would mean the world is not going to exist in four years. So what kind of trick question is that?

Gardner: Well, that's why I bring it down. Sandy Rogers -- 1 to 10?

Some IT is in deep trouble

Rogers: Probably in the 7 to 8 range. I agree with everything that's been said here. I think it's up to the individual enterprises. In some enterprises, IT is in deep trouble if they do not embrace new technologies and new opportunities and become an adviser to the business. So it comes down to the transition of IT in understanding all the tools and capabilities that they have at their disposal to get accomplished what they need to.

Some enterprises will be in rough shape. The biggest changeover is the vendor community. They are in the midst of changing over from being technology purveyors to solution and service purveyors. That's where the big shift is going to happen in three years.

Gardner: Alex Neihaus, how about your choice here? 1 to 10?

Neihaus: Our self-interest is in a thriving a segment of IT, because that's who we serve. So, I rate it as a 10 for all of the reasons that the much-more-distinguished-than-I panel has articulated. I wish to say one thing, though. The role of IT is always changing and impacted by the technologies around it, but I don't think that that could be used as an argument that it's going to diminish its importance or its capabilities really inside organizations.

Gardner: Well, I'll go last and I'll of course cheat, because I'm going to break it into two questions. I think their importance will be as high or higher, so 8 to 10, but their budget, the percent of spend that they're able to derive from the total revenues of the organization, will be going down. The pressure will be on, and it will be going down.

So, from a price and monetary budgeting perspective, the role of IT will probably be down around 4. That's my take.

Thanks very much for all of your input. I also want to thank the sponsors for the BriefingsDirect Analyst Insights podcast series, Active Endpoints and TIBCO Software.

And I also want to thank our guests this week. Jim Kobielus, senior analyst at Forrester Research. Thanks Jim.

Kobielus: Always a pleasure.

Gardner: Tony Baer, senior analyst at Ovum.

Baer: Great discussion as usual.

Gardner: Brad Shimmin, principal analyst at Current Analysis.

Shimmin: Thank you, Dana. It was great today.

Gardner: Ron Schmelzer? What's your name again? Brawn? No, Ron Schmelzer, senior analyst at ZapThink.

Schmelzer: Glad to be here, and I think my mainframe is taking about three years to turn off. I'll let you know in three years.

Gardner: Thank you also Sandy Rogers, now an independent IT analyst and consultant.

Rogers: It was great to participate and be here.

Gardner: And also a special thanks to Alex Neihaus, vice president of marketing at Active Endpoints.

Neihaus: It was a thrill to join you guys today.

Gardner: Thanks for listening to BriefingsDirect. Come back next time.

Download the transcript. Read the summary blog post. Charter Sponsor: Active Endpoints. Also sponsored by TIBCO Software.

Special offer: Download a free, supported 30-day trial of Active Endpoint's ActiveVOS at www.activevos.com/insight.

Edited transcript of BriefingsDirect Analyst Insights Edition podcast, Vol. 42 on on the health of corporate IT and whether reports of its demise are premature. Copyright Interarbor Solutions, LLC, 2005-2009. All rights reserved.