EMA Research Blog: Navigating IT and Security Horizons

Black Hat Asia 2025 returned to Singapore with a dynamic mix of technical depth, real-world impact, and plenty of sobering insights about the evolving cybersecurity landscape. Across two packed days, experts from around the globe tackled threats old and new, offering live demonstrations, original research, and thought-provoking commentary on the increasingly blurred lines between digital, physical, and even quantum attack surfaces.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

In an era when government operations increasingly rely on digital infrastructure to remain effective, accountable, and secure, messaging platforms emerged as both an enabler and a risk vector. The question of how government agencies communicate—internally, externally, and across jurisdictional lines—is no longer merely a matter of workflow optimization. It is a fundamental aspect of mission assurance, public trust, and operational integrity. Yet even as messaging tools proliferate and mature, the gulf between platforms built for accountability and those designed for privacy remains pronounced. Nowhere is that divide more evident than in the ongoing tension between Microsoft Teams and Signal—two platforms that, while often deployed in parallel, represent fundamentally different answers to the same set of urgent questions about security, control, and digital sovereignty.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

In an era when cybersecurity threats continue to evolve at an unprecedented pace, organizations are seeking robust, goal-oriented solutions to identify and remediate security vulnerabilities effectively. Traditionally, penetration testing as a service (PTaaS) played a critical role in structured, systematic security assessments. However, as the industry shifts toward more dynamic and continuous testing models, it is becoming increasingly clear that PTaaS needs a redefinition—one that includes the advantages of bug bounty programs under its umbrella.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Organizations are constantly dealing with rapid shifts toward cloud computing, escalating security threats, and regulatory frameworks that have necessitated more robust solutions in data governance. As they continue to accumulate more and more sensitive data, the need for visibility into data assets becomes obvious. Moreover, regulations such as GDPR, HIPAA, ITAR, and PCI impose stringent compliance requirements, compelling organizations to ensure that they can not only manage, but also protect, their data effectively.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

Welcome to the recap of the Enterprise Management Associates (EMA) Cybersecurity Awesomeness (CSA) Podcast. Hosted by Chris Steffen, Vice President of Research and Ken Buckler, Research Director at EMA, the CSA Podcast covers a wide range of cybersecurity topics, from cyber workforce talent shortages to cyber threat intelligence, to current events in technology and security. This short, laidback podcast is for listeners of all skill levels and backgrounds.

In today’s interconnected digital landscape, identity has become the cornerstone of both organizational security and user experience. Whether onboarding a new employee or granting a customer access to services, the journey of identity—commonly referred to as the identity supply chain—encompasses a series of critical stages, from initial verification to continuous authentication and authorization.

The future of cybersecurity is a hot topic, and Episode 91 of the Cybersecurity Awesomeness Podcast dives deep into what 2025 might hold. Hosted by Chris Steffen and Ken Buckler, this episode offers insights into emerging threats, groundbreaking technologies, and the ever-critical human element in security. Here’s what you need to know.

OpenText World 2024 highlighted the growing role of AI in enterprise transformation, with Aviator, OpenText’s AI platform, as a focal point. Now one year into its deployment, Aviator has demonstrated significant potential in addressing challenges across industries by integrating AI into business processes. The platform reflects OpenText’s broader strategy of “Elevating Human Potential,” focusing on AI, cloud, and security as key drivers of innovation. Aviator’s emphasis on secure, data-driven AI models has positioned it as a useful tool for tackling the complexity of modern information management.

I recently had the opportunity to attend Identity Week in Washington, D.C. While this is a smaller conference compared to RSA Conference or Black Hat, some of the conversations were just as powerful and much more focused on the identity market. I was at first encouraged by the large focus of biometrics at the conference, but quickly discouraged upon seeing the limited use cases many of the vendors were promoting.

Generative AI hype has permeated the world of IT operations. My latest research found that 96% of IT pros who have evaluated or used generative AI for IT management use cases believe it can make people in their organizations more productive.

Network as a service (NaaS) is a class of network infrastructure solutions that are delivered via a cloud-consumption model. Often, these networks are managed offerings, where the provider takes ownership of implementation and day-to-day operations. While a NaaS provider is capable of taking over network management for a customer, many IT organizations prefer to maintain some control and ownership of day-to-day operations for a NaaS-based network. 

Fresh off a week at the Splunk conference (called .conf24), I want to share a few insights about my time at the show.

Cisco Live is happening in Las Vegas this week. It remains one of the biggest annual gatherings of network infrastructure professionals in the world. It is also a venue for Cisco to showcase its latest products and services, and it is a place where Cisco lays out its overall vision to address customer requirements.

Another RSA conference (not RSA, not #RSA, but “THE RSA Conference” – those that bought the conference do not want it to be associated with RSA the company, which leads me to wonder why they didn’t just rename the thing to something else more securityish) is in the books, and I thought I would share a few thoughts about things I saw and vendors that I met with at the conference.

According to the RSA Conference website, there was a total of 641 vendors exhibiting or sponsoring the conference in the over 738,000 square feet of exhibit space dedicated within the two-million-square-foot Moscone Center. I had meetings scheduled with approximately 20 of these vendors and met with a small handful of additional vendors on the expo floor as time permitted. I didn’t keep track of how far I walked this year, but the entire Moscone Center complex is approximately 87 acres in size. For comparison, the United States Capitol building is only 4 acres. I made several laps around the expo floor each day, as well as walking around the entire complex throughout various parts of the day. Needless to say, my feet are quite tired, but with the conversations I had with vendors, it was worth it.

IT organizations have always relied on multiple tools to manage and monitor their networks. This reality is a legacy of the evolution of network management tools. Initially, vendors offered point products that solved very narrow sets of tool use cases like device discovery, device metric collection, config management, traffic monitoring, and so on. Network engineers needed a sprawling toolset to address all aspects of operations.

The RSA Conference 2024 is upon us, and this year promises to be a treasure trove of insights for security professionals. We're particularly excited to explore the latest advancements in areas like AI-powered security and cloud protection. To enhance our analysis, we're putting Google Gemini, a large language model, to the test. Can it navigate the vast amount of information available about the conference and identify the themes that matter most? In this blog, we’ll explore the conference through the lens of Google Gemini, offering previews of sponsor briefings, session topics, and emerging trends that will shape the future of cybersecurity, and we’ll also examine Gemini’s ability to analyze text data.

For most IT organizations, network automation boils down to change management. Network engineering teams implement tools that automate their processes for all manner of changes, including network software patches and upgrades, configuration changes, and security policy updates.

To offer more affordable and compact solutions, some solution providers are pitching triggered or “smart” packet capture solutions as an alternative to always-on capture.

In an era rampant with cyber threats, the security of passwords and identity remains a critical concern. According to HaveIBeenPwned.com, over 12 billion credentials were compromised online as of March 6, 2024. This staggering figure underscores the vulnerability of password-based authentication systems. Most (if not all) of these involve compromised passwords, and often expose not only a compromise to the originally affected domain or web application, but also multiple accounts utilizing the same email address and password.

The Dynatrace Perform 2024 conference delivered a plethora of insights and forward-looking perspectives this month. Throughout the conference, the event encompassed keynotes, breakout sessions, customer panels, and hands-on training, offering a holistic view of the latest trends and innovations in the tech industry. The overarching theme, "Make Waves," encapsulates the imperative for transformation and disruption in the tech industry. It underscores the need to drive substantial change and progress amidst evolving trends.

More than 41% of DDI (DNS, DHCP and IP address management) teams lack sufficient influence over their companies’ cloud strategies, according to my research. This stat was published in my market research report, “DDI Directions: DNS, DHCP, and IP Address Management Strategies for the Multi-Cloud Era.” The report was based on a survey of 333 DDI-focused IT professionals.

I will soon publish new market research about enterprise network automation strategies. The report is based on a survey of 350+ IT professionals and one-on-one phone interviews with a dozen experts from a variety of well-known enterprises, universities, and government entities. 

HPE announced this week its intent to acquire Juniper Networks for $14 billion. When this deal closes, Juniper will combine with HPE's Aruba Networks division, which is itself a product of multiple acquisitions by HPE, including Aruba Networks (Wi-Fi and switching) and Silver Peak (SD-WAN and WAN optimization). 

In 2024, we will continue to see globally significant advancements in information security and regulatory compliance spending for organizations of all sizes. From zero trust architecture to the integration of AI-driven solutions and the growing emphasis on regulatory alignment, 2024 will redefine how organizations safeguard sensitive information, navigate compliance complexities, and fortify their API ecosystems. Understanding and adapting to these transformative trends will be pivotal for businesses aiming to stay resilient, secure, and compliant in a time noted for rapid technological advancements and stringent regulatory landscapes. Here are our predictions for information security in 2024.

The Black Hat Europe 2023 conference, a gathering of cybersecurity professionals and experts, delved into the intricate world of cybersecurity, exploring emerging threats, innovative defense strategies, and the pressing need for collaboration between the private sector and government entities. Here's a breakdown of the key takeaways and highlights from a few of the conference sessions.

Every year, technology enthusiasts and industry leaders gather at the serene Rocky Gap in Western Maryland for Tech at the Gap, an event that has earned the reputation of being one of the hidden gems of Maryland's tech conference scene. This year, the conference's theme, "Decoding Intelligence," promised to unveil the mysteries behind artificial intelligence and its transformative potential. With an impressive lineup of keynote speakers and breakout presenters, the event did not disappoint.

Articles proclaiming the death of CMDB started appearing with regularity as early as 2010. Cloud was named as the likely killer. The problem with this bit of folk wisdom is that it isn’t true.

EMA experience and field research consistently find that CMDB use not only continues but is on the rise. In a 2022 EMA initiative on the rise of ServiceOps, 400 global IT leaders stated that CMDB use was central to major functions. For many of those respondents, CMDB use was viewed as increasing in importance for automation of complex processes.  

Where is the disconnect?

The stage was set, the players were ready, and Black Hat USA 2023 delivered a cybersecurity spectacle that left no doubt—this was a game-changing event. As we unpack the highlights, one overarching theme emerges: a united front against ever-evolving threats. From generative AI to cloud security and a glimpse into the future of defense, this year's conference illuminated the power of collaboration and innovation. Amidst these pivotal discussions, one revelation—the TETRA:BURST vulnerabilities—took center stage, leaving an indelible mark on the field.

Last week, I had the privilege of attending ConnectWise’s IT Nation Secure conference. The three-day conference focused on managed service providers (MSPs) – specifically, how those MSPs can better secure and protect small businesses and midmarket companies. If you haven’t attended this conference in the past but have attended others, I highly recommend attending the ConnectWise IT Nation Secure conference due to the unique perspective they provide for the cybersecurity industry.

The 2023 RSA Conference was one of the largest and most impactful cybersecurity events of the year. The conference brought together a large number of exhibitors, training sessions, and sponsor briefings and generated a lot of buzz on social media platforms, such as Twitter and LinkedIn. We took some time to analyze the data from social media and the conference and found some interesting trends.

To celebrate Star Wars Day, I thought I would share a few ways in which the Empire did not adhere to information security best practices, and that enabled the Rebels to win.

To be clear: I do not support the Empire, the Sith Lords, or any other types of scum and villainy. Nor am I trying to portray the Rebel Alliance as a weird, Force-wielding, Galactic hacker consortium or something. But had the Empire not been so lax in their security controls, Emperor Palpatine and his buddies might have been able to bring their “order and peace” to the galaxy.

A working definition: ServiceOps is a technology-enabled approach to unifying IT service and IT operations management for excellence in delivery of digital business services.

Although the two teams have different charters and skillsets, IT service and IT operations are inextricable. There is no service without effective IT operations.

This is a sponsored blog post.

With most companies now operating in multiple cloud providers, network and security complexity are increasing. For instance, 96% of multi-cloud enterprises are using more than one networking vendor across their cloud estates, according to new research from Enterprise Management Associates (EMA).

Seemingly every day, we hear about the next batch of layoffs from the household-name tech companies: 10,000 here, 1,700 there. As we continue into earning seasons for these publicly traded (and some not publicly traded) companies, we will likely hear more. The substory is that unemployment is at an all-time low, with the job market adding over 500,000 jobs in January. 

As of January 2023, Over 194,000 Systems on Internet Still Vulnerable to Heartbleed

The Bleeding Heart of the Internet

In April 2014, the Heartbleed vulnerability was publicly disclosed, sending the information technology world into a panic and rushing to patch this critical vulnerability in OpenSSL, which was allowing the theft of information directly from the memory of vulnerable systems, including private keys and other secrets. This vulnerability featured extremely easy exploitation by attackers, leaving no trace of attacks. Heartbleed ultimately resulted in many late nights for most of the information technology industry, who worked to implement and validate patches for open and closed source products that have integrated the OpenSSL libraries – which accounts for an extremely large percentage of technologies connected to the internet.

The WAN edge is becoming more distributed and dynamic, which is overburdening IT organizations that are already at a breaking point. Software-defined WAN technology has solved some of the issue, but they haven’t gone far enough. The cloud, the Internet of Things (IoT), and the work-from-home (WFH) revolution demand something more.

It’s time to circle the wagons and defend the data and users

As the world reopens, the conference booths light with excitement and empty expo halls are once again filled with hustle and bustle. I thought it important to take a moment and look at what changed in the past two years and where the security industry has room for improvement. This was the first in-person RSA Conference, and likely the first major security conference at all for that matter, with large in-person attendance after the peak of the COVID-19 pandemic. While the conference looks very similar to conferences before the pandemic, the cybersecurity industry landscape has drastically changed.

Recently, I had the opportunity to attend Informatica World 2022 (IW22) in Las Vegas. Returning to the in-person conference scene caused some apprehension; however, reflecting on takeaways and engaging in discussions around data integration made this trip a worthwhile experience. I want to thank IW22 for a thought-provoking week of discussions centered on data management, data integration, interoperability, artificial intelligence, and navigating a complex, hybrid, multi-cloud digital environment with Informatica experts, sponsors, and customers.

Long gone are the days of simple, signature-based defenses against cyber-threats.

Cyber-threats are growing at an exponential rate in the perpetual cat-and-mouse game of cybersecurity, and traditional approaches to cybersecurity are struggling to keep pace. In 2021, anti-malware vendors estimated that they detected between 300,000 and 500,000 new pieces of malware every day. That means than in 2021 alone, over 100 million new pieces of malware were created. Even if cybersecurity vendors can keep up with the sheer volume of new pieces of malware, traditional signature-based and even heuristic-based detection algorithms will struggle to keep up – and that’s only for known malware.

Data center network automation delivers four primary benefits to a business, according to Enterprise Management Associates research: operational efficiency, reduced security risk, improved compliance, and network agility.

It's been quite an interesting couple of weeks. What started off with rising tensions as Russia amassed troops at the Ukraine border evolved into a full invasion of the country. Our newsfeeds are filled with stories and images of ace fighter pilots, brave soldiers making their final stands, and farmers stealing Russian tanks by hooking them up to farm equipment – but another battle has been taking place behind the scenes for many years.

This is the last in a three-part blog series by Enterprise Management Associates for Axonius discussing how vulnerability management can be expanded and simplified by using a cybersecurity asset management solution. In Part 1, we looked at how cybersecurity asset management can simplify vulnerability management and Part 2  focused on how a cybersecurity asset management solution improves an organization’s vulnerability management program. Part 3 of the series provides a brief summary and some perspectives on the benefits of a cybersecurity asset management solution as it relates to vulnerability management.

Sponsored post for Gluware

This is the second in a three-part blog series by Enterprise Management Associates for Axonius discussing how vulnerability management can be expanded and simplified by using a cybersecurity asset management solution. In Part 1, we looked at how cybersecurity asset management can simplify vulnerability management. Part 2 of the series focuses on how a cybersecurity asset management solution improves an organization’s vulnerability management program.

This is the first in a three-part blog series by Enterprise Management Associates (EMA) for Axonius discussing how vulnerability management can be expanded and simplified by using a cybersecurity asset management solution. Part one of the series focuses on defining the cybersecurity asset management solutions category and includes a summary definition of vulnerability management.

More than 75% of enterprises are reporting increased collaboration between their NetOps teams and SecOps teams , according to EMA's new research on NetSecOps partnerships. Digital transformation is a significant driver of this collaboration. About four out of five enterprises reported that NetSecOps collaboration is in response to public cloud adoption, work-from-anywhere initiatives, data center modernization, the internet of things, and edge computing.

Since the start of the COVID-19 pandemic, identity management has taken center stage as the key enterprise security practice for enabling remote workforces while protecting company data and IT services. Though much of the media hype has focused on evolving technologies in enterprise identity and access management (IAM)—such as enabling passwordless and multifactor authentication—it is often overlooked that identity governance and administration (IGA) is experiencing its own renaissance not only due to pandemic-related access requirements, but also in support of recently-enacted compliance regulations, such as the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

I had the opportunity to participate in a podcast with the team at F5. Christine Puccio – VP of Global Cloud Alliances and Heath Parrott – Senior Global Solutions Architect for Cloud discussed their latest announcement: the integration between F5 Essential App Protect, a web application firewall (WAF) SaaS solution and Amazon CloudFront, a content delivery network (CDN) solution from Amazon Web Services (AWS).

Recently, I had the opportunity to participate in a podcast with the team at F5. Christine Puccio – VP of Global Cloud Alliances and Heath Parrott – Senior Global Solutions Architect for Cloud discussed their latest announcement: the integration between F5 Essential App Protect, a web application firewall (WAF) SaaS solution and Amazon CloudFront, a content delivery network (CDN) solution from Amazon Web Services (AWS). Before discussing the announcement specifically, I thought it would be best to provide a bit of insight into these complementary technologies.

Identity and access management (IAM) has been an integral part of IT since the early days of computing. Foundational to the security of IT resources is the need to identify who may access them, and placing limits on what they can do with them. Since these requirements were principally established to support internal business processes, IAM practices and technologies evolved to specifically support business employees. Following the introduction of the internet, however, new security challenges evolved in support of ecommerce. Rather than having to support a limited number of employees, businesses now must ensure the secure delivery of digital engagements with an expansive range of customers and marketing prospects. These challenges greatly accelerated over the last two decades due to the rise in popularity of consumer-focused cloud services and increasing user mobility.

One-half of one second—that is how brief of a time-span it seemingly can take for a business to lose a customer. Gaining and retaining consumer attention is something of a nuanced art form and science that can be completely undone by an easily misplaced word or a cumbersome process. Businesses frequently lose customers not because they have an inferior product or service but simply because, for some reason, the customers had a brief negative experience. While it is impossible to control what customers are thinking and feeling at any given time, it is clear that many of these negative impressions are self-inflicted by businesses that fail to create welcoming environments. Unfortunately, many organizations find it difficult to adopt CIAM approaches that enable favorable consumer experiences without violating security requirements. After all, the primary purpose of CIAM is to protect a business’s intellectual property, secure private customer information, and prevent account misuse or fraud.

As the race to deliver the UAW heats up, EMA sees the following vendors working toward a convergence of the data warehouse and data lake: Ahana, Amazon, Cloudera, Databricks, Dremio, Google, HPE Ezmeral, Incorta, isima.io, Oracle, SAP, Starburst, Teradata, and Vertica. EMA also anticipates that vendors that successfully deliver a unified analytics warehouse will quickly eclipse data warehouse and data lake vendors, making them obsolete, except for targeted use cases and analytical projects.

To assess the likely winners in the race for the unified analytics warehouse, it is important to understand the various requirements of modern analytics programs and the unified analytics warehouse.

The race for a unified analytics warehouse is on. The data warehouse has been around for almost three decades. Shortly after big data platforms were introduced in the late 2000s, there was talk that the data warehouse was dead—but it never went away. When big data platform vendors realized that the data warehouse was here to stay, they started building databases on top of their file system and conceptualizing a data lake that would replace the data warehouse. It never did.

When regional stay-at-home orders in response to the COVID-19 pandemic were first issued in early 2020, the general expectation was that societal changes would only be temporary. As people hunkered down in homes around the world, they expressed a collective confidence that life would eventually (perhaps after only a few weeks) return to normal. Over time, the realization that the pandemic has, in many ways, changed the world forever has slowly been gaining acceptance. Of course, it seems likely that at some point medical science will discover the means to control and perhaps even eradicate the illness, and eventually people will feel free to emerge from their homes. However, many of the fundamental changes to day-to-day activities and lifestyles that have been adopted are likely to persist well into the future.

Syndicate, Syndicate, Syndicate

We are a multi-media generation that offers unlimited media choices to information consumers. Buyers can choose from mobile apps, videos, websites, podcasts, or printed media. They consume infographics, eBooks, whitepapers, slide shares, webinars, interactive sites, and e-learning systems. They can find their media via search, social streams, mashups, or journalistic consolidation sites.

The Magic of the Buying Cycle

Increasing sales and revenue with digital marketing involves far more than generating leads. Too many marketers have focused their efforts almost entirely on demand generation at the expense of proactively moving leads through the funnel and closing more deals. EMA supports a balanced digital marketing approach that focuses on moving buyers forward at all points in their buying journey.

The Search for the Right Persona

Savvy marketers want to better understand buyer personas relevant to the products and solutions in their portfolio. However, not every marketer understands the importance of prioritizing the search for the right persona. Persona creation can be laborious and getting agreement on personas can be even more challenging, but it is worth the effort. Once you create a persona, it becomes the guide for every person in your organization entering a dialogue with a customer or potential buyer.

UEM for user experience management and RPA for robotic process automation are two IT acronyms that continue to elude well-understood definitions, albeit for somewhat opposite reasons. UEM goes back decades, first emerging out of primarily network-centric management, becoming a cornerstone of business service management, and later being consumed by application performance management (APM) much to its own detriment. RPA is comparatively recent, evolving out of screen scraping into far richer technical options that are diverse in nature, with many RPA vendors contending with and replacing the more consultancy-driven platforms for business process management (BPM).

Before the recent COVID -19 pandemic, most companies looked at unified communications and collaborations (UC&C) solutions as important technology often used by sales and marketing teams as part of their process, but not necessarily a critical part of the business infrastructure. With work from home (WFH) becoming the mandated norm, businesses have come to look at UC&C solutions as mission-critical tools, allowing managers and leaders to communicate with their employees and employees to conduct some semblance of normal business.

On Friday, the FBI released an alert warning of increased scams related to the Coronavirus outbreak. From the FBI announcement:

A article was recently released by Bloomberg news discussing the market share of various cloud providers, and their methods and rankings need  to be re-examined.

The best webinars are personalized and targeted. They are personalized by carefully considering and engaging those who will be attending the webinar. They are targeted by understanding the buying phase and persona of the audience. In other words, a webinar created with the audience in mind maps perfectly into digital marketing strategies created and carefully considers the different stages of the buying cycle. This is the way we do webinars here at EMA.

Webinars are boring…until you think outside the box and utilize creative ideas to wake up the minds of your attendees. Pick one of these ten creative options to revitalize your webinars in 2020.

“Webinars are boring!” I’ve heard those exact words from both marketing leaders and webinar attendees. And for the most part it’s true. If you are still doing webinars in which the third-party pundit speaks first, then your company spokesperson gives a product pitch, your audience is probably mumbling those same words.

Few people like the process of completing their taxes every year. But no one wants to be scammed out of the monies owed to them by the government. Be especially careful about those that contact you regarding your taxes, and confirm the sources of those emails and calls whenever possible.

Five years and $1 billion in R&D investment has led to this. Cisco has positioned itself to be a jack-of-all trades routing supplier to network service providers and web-scale data center operators.

Today’s cloud-centric enterprises require agile infrastructure that can scale up and down as capacity requirements evolve. Nowhere is this shift in infrastructure requirements more apparent than in the world of application delivery controllers (ADCs) and load balancers. Today’s enterprises are shifting away from monolithic ADC appliances in favor of lightweight, per-application software ADCs and load balancers.

At SAPPHIRE Now 2019, SAP introduced new cloud services that reach far beyond their installed base and make them a solid option for anyone looking for application or analytics solutions in the cloud. The new data and analytics offerings are not a departure from their commitment to current customers; they extend increased business value for all medium and enterprise companies looking for rapid return on their cloud investments. 

Two primary streaks of innovation drive the need for more flexible, scalable technology at the start of the 2020s. First, digital and mobile business models continue to push organizations to expand their use of data far beyond traditional, structured, and centralized data management. The promise of big data platforms to easily allow for global data collection and analysis has never been realized. Second, modernization and innovation cycles that used to recur every five to seven years have been condensed. Most organizations trying to stay ahead of digital transformation are not ready for the speed and agility necessary to maintain a competitive advantage in a digital world.

In summarizing the teachings of Charles Darwin, Louisiana State University business professor Leon C. Megginson said the following at a convention of the Southwestern Social Science Association:

“It is not the strongest of the species that survives, nor the most intelligent that survives. It is the one that is the most adaptable to change.”

From community to consumers of data, Tableau Conference 2018 (TC18) set the tone for the business intelligence market in 2019.

I could spend pages and days talking all about the new technology that was released at Dreamforce 2018, but I am going to take the higher road and discuss what Dreamforce 2018 means to customer organizations. Salesforce demonstrated that it cares about its customers and is committed to increasing the productivity of customer-facing teams around the world. Of course, if customer-facing teams are more productive, that will mean increased revenue, higher customer satisfaction, and a palpable competitive advantage.

The C-Suite Should see Gains in Productivity and Profitability

Many sales leaders complain about the challenge of getting sales representatives to enter information into their sales automation systems. The results are incomplete information and the inability to properly forecast and manage sales teams for success. The introduction of Einstein Voice allows sales teams to interact with Salesforce products over their morning coffee or handsfree on their drive home, freeing them to do more of what they are paid to do: sell.

In late July, the Department of Homeland Security issued a warning about a growing number of malicious cyberattacks aimed at ERP systems based on a research project conducted by Digital Shadows and Onapsis. This warning comes at the heels of the first-ever DHS CERT Alert focused on SAP Business Applications released in May of 2016. According to the report, hackers exploited old, unpatched vulnerabilities to successfully hack multiple organizations, including government agencies, energy businesses, and financial services companies. Onapsis and Digital Shadows found significant evidence of increased interest on ERP applications, including bad actors in criminal forums on the dark web asking for exploits specifically targeting ERP technology vulnerabilities. The study, “ERP Applications Under Fire: How Cyberattackers Target the Crown Jewels,” found that the attackers do not need to use advanced techniques to breach their targets because the current state of ERP application security across organizations is such that old vulnerabilities still affect these systems. This means that attackers don’t need to develop new zero-days or advanced exploitation techniques.

On September 12, 2018, at Strata NYC, Informatica announced a data management solution for Apache Spark-based cloud environments, including Google Cloud Dataproc, Qubole, and Azure Databricks. Touting new advancements in CLAIRE™, a metadata intelligence technology powered by artificial intelligence (AI) and machine learning, this new release is targeted at increasing the efficiency and reach of data management organizations. To expand efficiency, Informatica is releasing more than 50 new algorithms and functions for automated data discovery and preparation, as well as machine learning focused on industrializing data operations.

Network managers who are supporting the migration of critical applications to the public cloud will need a new set of tools for engineering and operations.

Today, where there are almost as many approaches to digital transformation as there are enterprise software vendors, Docker refocuses its strategy on providing the best unified container management platform for DevOps. Docker’s key value proposition is to enable developers to build an application once and then deploy it to any Kubernetes-driven private or public cloud, where DevOps teams and IT operations can manage it throughout its lifecycle and move it to another location at any point in time. However, Docker also aims to absorb traditional enterprise applications, edge and IoT workloads, big data apps, blockchain, and serverless functions, both on Windows and on Linux.

EMA recently published primary research on the topic of “Adopting Effective Solutions in Endpoint Detection and Response,” which included a detailed comparison of two of the most popular platforms on the market today: Tanium and 1E Tachyon. Put simply, Endpoint Detection and Response (EDR) solutions represent a classification of management tools designed to proactively provide the holistic visibility and rapid automation necessary to respond to endpoint security threats and administration requirements in real-time. The purpose of the evaluation was to provide an example of how to conduct a side-by-side comparison of EDR solutions in order to determine the optimal platform for meeting current endpoint management requirements.

For years network engineers have built lucrative careers upon their wizardly knowledge of things like network protocols, hardware specifications, and the Cisco command line interface (CLI). These skills are still essential to network engineering, but they are emblematic of a highly manual, box-by-box era of network engineering and operations. Today’s enterprises need agile, programmatic networks that leverage software, automation, and more

In the course of researching, documenting and advising on user experience management needs and directions for more than a decade, I’ve found myself waging a quiet (and sometimes not so quiet) war with several industry assumptions. Chief among these is the notion that user experience management (UEM) is purely a subset of application performance management (APM). This APM-centricity misses some of UEM’s most critical value points, and in a basic sense fails to recognize what UEM is truly about.

The week of April 30, 2018, I spent a few days in the great city of London at “The IT security Analyst and CISO Forum,” a small, invitation-only event hosted by Eskenzi PR and Marketing. It was my first year at the event, so I wasn’t sure what to expect. After I arrived, it was obvious the Eskenzi PR team had this event down. It was well orchestrated and executed, and the entire team was very professional.

Editor’s note: This blog post was sponsored by Alcatel-Lucent Enterprise, but the sentiments are entirely my own.

Everyone wants to talk about how analytics is the future of network engineering and operations. The phrase “network analytics” is used by vendors of various stripes to imply that a particular technology is smarter and better than the average solution.

Enterprise networking professionals have a cloud problem, even if they don’t know it. Software-defined WAN (SD-WAN) solutions can help them solve this problem.

Despite what you hear from trolls, bigots, and misogynists, diversity in the technology industry is a good thing. But the philosophy of diversity needs more champions. Tech companies and IT organizations need to expand their workforce beyond the herds of white men that have dominated the industry for decades.

Despite some recent obituaries published by my peers, software-defined networking is not dead. But perhaps certain aspects of it are dead or dying. If that’s the case, I say: “SDN is dead. Long live SDN.”

I admit, “end-user support” sounds kind of old-fashioned. But in many respects just the opposite is true. In the digital age the need for easy access to new services is on the rise, and even with a much ‘hipper’ (and increasingly impatient) end-user population, the need for support and guidance remains. It is just taking different forms than in the past.

What should machine and artificial intelligence (ML/AI) do for IT operations, DevOps and container management? The following table represents my quick outline of the key challenges and specific problem ML/AI needs to address. The table is based on the believe that ML/AI needs to look over the shoulder of IT ops, DevOps, and business management teams to learn from their decision making. In other words, every virtualization administrator fulfills infrastructure provisioning or upgrade requests a little bit differently. Please regard the below table as a preliminary outline and basis for discussion. At this point, and probably at no future point either, I won't claim to know the 'ultimate truth.'

Network Operations and Analytics from CA Technologies has been named a winner of Enterprise Management Associates’ Innovator Award, which recognizes products and services that demonstrate true innovation in the IT industry and address the most critical challenges IT organizations face today.

EMA research has determined that network managers will need to upgrade, expand, and adapt their network monitoring and management tools and practices if they are going to support the Internet of Things (IoT).

Some network operations teams are discovering that they possess a critical asset that can transform enterprises: network data.

I recently presented findings from my Workload Automation (WLA) research and other EMA research on a webinar with Tim Eusterman, Sr. Director Solutions Marketing at BMC in a webinar titled “How Digital Business is Shaping the Next Wave of Automation”. The recording of the webinar is now live here, and the slides are available here.

IT analytics vendor ExtraHop unveiled a cloud-based service that applies machine learning heuristics to the metadata that its appliances generate from packet stream analysis. The service should give users better visibility into IT service problems and security threats.

The Open Networking Foundation (ONF) recently unveiled plans to redefine itself for the post-hype phase of software-defined networking (SDN). I welcome the ONF’s reset and believe it bodes well for the industry’s future.

Editor’s Note: This blog post is sponsored by Citrix. The ideas and analysis are entirely the authors own.

The growing market for analytics in IT is one of the more exciting areas to watch in the technology industry. Exciting because of the variety and types of vendor innovation in this area. And exciting as well because our research indicates the adoption of advanced IT analytics supports data sharing and joint decision making in a way that’s catalytic for both IT and digital transformation.

“Today, a dev team leveraging Kubernetes containers can get a cloud app up in minutes.” This statement by Arvind Krishna, IBM’s GM for Hybrid Cloud, at the beginning of his InterConnect 2017 keynote should have received a lot more recognition than it did. This one sentence shows the fundamental shift in IBM’s strategy, away from the old Tivoli-centric IT ops company and toward a modern DevOps-focused organization that is looking for differentiation up the stack. Today’s IBM encourages developers to deploy entire application environments without IT administrators even being aware.

Cisco recently announced a new series of Catalyst “Digital Building” switches. These Catalyst switches are designed for connecting and powering Internet of Things (IoT) devices and systems in smart buildings and other related environments. For example, one design innovation is the use of a separate power plate for Power over Ethernet (PoE), so even when an administrator reboots the device or updates its software, the switch will continue to deliver power to peripheral devices such as smart lighting and surveillance cameras.

What is Fungible, Inc., the new startup created by Juniper Networks’ founder Pradeep Sindhu, working on?

It’s hard to believe there was actually a time before mobile devices. It wasn’t even all that long ago. In fact, this month Apple is celebrating the 10th anniversary of the iPhone. While the iPhone was not the first smartphone, its introduction is credited with kick-starting the mobile revolution and initiating the “consumerization of IT,” forever changing how technology is developed, marketed, and utilized in business environments. In trying to relate these historical milestones to Millennials, I find myself more and more sounding like a crotchety old man: “Back in my day, we only had PCs—and we were glad to have ‘em, too!” Today, three-quarters of all business workers regularly use mobile devices to perform job tasks, so my nostalgic recollections of PC-only business environments are increasingly falling on disinterested ears.

Back when Dell EMC was still just known as Dell, its networking business staked out a leadership position by becoming the first mainstream switch manufacturer to embrace bare-metal data center switching. Now it’s moving into the bare-metal campus switching market, too.

Avaya will restructure its debt under the protection of a Chapter 11 bankruptcy filing. The company aims to emerge from this action intact with minimal impact on customers. However, it is very possible that Avaya will sell its network infrastructure business.

Software-defined networking (SDN) exploded onto the scene five years ago with a tremendous amount of hype, but the transition from hype to reality has been a little less explosive. Most enterprises are still in evaluation mode with SDN.

[Editors Note: This blog post is sponsored by Infosim^®, but the ideas expressed here are entirely my own]

This sponsored blog post was originally published at at HelpSystems.com

The industry has seen plenty of marchitectures from Cisco and its peers over the years. Its newest one, Digital Network Architecture (DNA), feels different, especially after I spent a week at Cisco Live 2016. DNA is different because underneath all the slideware and demos is an apparent commitment to changing the way enterprises do networking. In other words, Cisco wants network engineers to rely less on their skills with its command line interface (CLI).

[Editor’s note: This blog is sponsored by Infosim^®, but the content is entirely my own]

Editor’s Note: This article was originally published by HelpSystems on February  2, 2016.

Greg Ferro recently blogged about how attempts to define software-defined networking (SDN) are a waste of time. He wrote:

[Author’s Note: This post is sponsored by Edgeworx. The content is entirely mine.]

The Evolution of the “Endpoint”
Over the past few years, the perception of what an “endpoint” is, and therefore the definition, has changed. The original perception was a user workstation independent of operating system. With the expansion of functionality, data persistence, Internet connectivity, and ultimately the threats against them, that definition no longer applies. Laptops became included, then smartphones, servers, tablets, internal file shares, and dedicated or special function devices such as point of sale terminals and processors.

Ahhh, the annual resolutions list! A time-honored tradition when we all look at the new year as an opportunity for a fresh start.

Review of Statistics Done Wrong by Alex Reinhart

Since the advent of the big data era, organizations have been crying out for data scientists. Initially it was finding the true data scientist. But as these resources were considered scarce, it was a search for people who could hand-code analytical models in a Hadoop environment.  As statistical tools such as R, Alteryx, and RapidMiner augmented Hadoop environments, we started to include traditional tools such as SAS and SPSS. These data scientists, or data scientists in training, were asked to take large amounts of data and divine the nuggets that would create a “cross-sell/up-sell” recommendation engine that would launch the next Netflix or link two disparate data sets that explain how markets interact and find the next groundbreaking investment opportunity.

The ability to execute in a low latency time frame is a core component of the concept of next generation data management architectures such as the Enterprise Management Associates Hybrid Data Ecosystem (HDE). One of the key business drivers of the HDE is speed of response,  which stems from an organization’s drive to execute faster than their competitors to create an advantage or to be on par with those competitors to simply “keep up with the Joneses.” You see this in workloads such as cross-sell/up-sell opportunities for revenue generation. You see this in opportunities to limit costs with asset logistics and labor scheduling optimization. You see this in opportunities to limit exposure to risk in fraud management and liquidity risk assessment.

This blog in the Internet of Things (IoT) series comes as a tribute to security researchers everywhere. The autumn’s largest security-focused show is the Black Hat Security conference. If you are not familiar with Black Hat, it is a tech conference that started in 1997 and covers numerous security topics in various presentations that are fairly to highly technical. As mentioned in the first blog in the series, IoT-like systems have been around a long time. However, researchers began paying more public attention to IoT around 2011. Visibility on the subject of the security, or lack thereof, of IoTincreased in 2011, when researcher Jay Radcliffe demonstrated that medical devices; in this case, his own automated insulin pump, could be hacked to deliver a lethal dose of insulin.1 Since that time, there were numerous other IoT hacks in various fields, including:

ForeScout recently released an IoT Enterprise Risk Report based on research from ethical hacker Samy Kamkar. Based on Kamkar’s findings, the report on IoT security issues could readily be renamed something like, “IoT: the bane of the enterprise environment,” or “IoT brings new meaning to the term ‘Enterprise Risk’.”

An unfortunate side effect of maintaining a vibrant technology subculture is an over-reliance on acronyms to describe basic concepts and solutions. For instance, to be ITIL compliant a CTO may need to invoke the ARP of a TCP or UDP IPv6 WAN to determine the DNS entry of an SMTP server for a POS system to prevent GIGO and ensure WYSIWYG. Now, if you understood that statement, you are certainly among the lucky few “in the know” and probably use these terms on a regular basis. However, if you are unfamiliar with or had to look up any of those terms, you likely recognize the core problem. While acronyms are intended to simplify complex technical conversations, they actually impede successful communication if any participants are unaware of their meaning. Sometimes acronyms are introduced to shorten long-winded technobabble; sometimes they are developed as marketing devices to create unique sounding products; and often they evolve simply because they make techno-elitists sound more knowledgeable.

In an ideal world, customers would be able to fully take advantage of the benefits of hybrid cloud by rationally matching infrastructure parameters -cost, performance, reliability, availability, security, regulatory compliance, scalability- with the requirements and dependencies of each application.

As we -Evan and I- were ranting last week about how OpenStack and VMware fit together (see #EMACloudRants), we were mainly focusing on the central conundrum that VMware faces within this context: “Should we support an open platform that could commoditize away a substantial part of our profitable infrastructure business or should we ignore the threat and do our own thing”

As promised in my previous post on “Software Defined Storage – Why Customers Should Care”, I want to follow-up with a brief overview of the competitive landscape.

Evan Quinn and I have been collecting popular customer questions for a while and wanted to share our thoughts on these questions in the form of a new format: EMA CLOUD RANTS. Each week we will discuss one of the hot topics in enterprise IT to provide the viewer with rapid analyst insights, without any fluff. Here goes the first one:

Of course, I always encourage practitioners to carefully study the full EMA research report on the “Obstacles and Priorities on the Journey to the Software-Defined Data Center” or at least read the research study summary or at the very least join the EMA SDDC Research webinar on February 18, but I still want to briefly summarize the key findings here.

What does Big Data mean to traditional enterprise IT? Organizations of any size and industry are becoming more and more aware of the incredible importance of capturing, managing and analyzing the data available to them. The more comprehensively companies are able to tap structured and unstructured data sources, the quicker they can refresh this data and the more successfully they make this body of data available to all business units, the better they can develop advantages in the market place. Today’s business units are demanding the rapid implementation of these big data use cases, as well as optimal resiliency, cost efficiency, security and performance.

Much marketing hype and heated discussions should be seen as excellent indicators for the fact that Software Defined Storage (SDS) is one of the hottest topics in today’s data center. Naturally, every vendor defines SDS based on their own product range, sometimes leaving customer out of the equation.

As every year, IBM invited the analyst community to Stamford, CT, for a deep dialogue on today’s most important topics in enterprise IT. Here is a short overview for everyone interested in IBM’s current world view.

The Havana release of OpenStack was launched on October 17, about three weeks prior to the OpenStack Summit in Hong Kong.  As always, there are many new features -high availability, load balancing, easier upgrades, plugins for development tools, improved SDN support, fiber channel SAN support, improved bare metal capabilities- and even two new core components, Ceilometer -metering and monitoring- and Heat -orchestration of the creation of entire application environments- to admire. Without any doubt, OpenStack is becoming more enterprise ready with each new release .

When it comes to cloud technologies, discussions often get passionate or even heated. It’s all about the “war of the stacks”, where much Cool Aid is dispensed to get customers to buy into the respective cult. This discussion reminds me of the old days of enterprise IT, where everything was about technology instead of business value. You either bought one thing or the other and then you were locked in for a half decade. Dark times.

Optimizing the end-user experience has many dimensions to it, and one key element of them is ensuring that any issues from password reset, to application access, to support for multiple endpoints by a single user—are all addressed without your users feeling that they’re queuing up at the Department of Motor Vehicles. This blog leverages EMA research to examine how a truly efficient service desk can make itself all the more effective by becoming more transparent, less verbally visible, and yet ultimately far more end-user empowering.

In an ideal world, customers would be able to fully take advantage of the benefits of hybrid cloud by rationally matching infrastructure parameters -cost, performance, reliability, availability, security, regulatory compliance, scalability- with the requirements and dependencies of each application.

This is my second blog targeting the next generation of IT service management, or ITSM 2.0. The first blog described the characteristics I see as defining ITSM 2.0. Here we’ll look more closely at the key challenges you might face in getting there from a more traditional ITSM background.

Over the course of numerous deployment dialogs and multiple research projects starting with last year’s work on “ITSM futures,” I have been tracking a still largely unheralded phenomenon: ITSM teams in many organizations are evolving to take a leadership role in helping all of IT become more efficient, more business aligned, and ever more relevant [...]

(With apologies to Jeff Foxworthy) You might be an Apple user if…

In my last IoT blog, I talked about the history of IoT and the evolution of issues surrounding IoT devices. In this part of the series, we will expand on the issues around IoT and the data it collects.

The primary function of enterprise IT management is to empower end users with access to technology resources that will boost their productivity and job performance. However, this focus is at odds with the core precepts of IT security which are adopted to minimize the exposure of enterprise systems, applications, and data. I recall that in a number of IT operations management adventures throughout my career, I often joked with colleagues that the most effective way to create a secure environment is to simply shut down all computers in the data center. Naturally, management executives dependent on the IT infrastructure to generate revenue were not amused by my flippancy…and even less happy that their workers had to “jump through hoops” to gain access to IT resources.

Digital and user experience management has been the focus of multiple EMA research studies throughout the years, both as a stand-alone topic and as part of EMA’s ongoing examination of critical trends such as digital and operational transformation, IT performance optimization, and of course application performance management (APM).  In many respects, optimizing the digital experience [...]

While service catalogs are not new, they are becoming increasingly critical to enterprises seeking to optimize IT efficiencies, service delivery and business outcomes. They are also a way of supporting both enterprise and IT services, as well as optimizing IT for cost and value with critical metrics and insights. In this blog we’ll look at [...]

Cloud is no longer a new topic for IT, or for IT service management (ITSM). But its impact on how ITSM teams work, as well as on how IT works overall, has probably never been greater. Indeed, more and more IT organizations have been “moving to the cloud.” But understanding its relevance can’t be achieved [...]

Nearly every day another successful breach is reported. In 2016 alone, organizations from major governmental agencies such as the IRS and Department of Defense, to major retailers including Wendy’s, have succumbed to attack. These organizations are not alone; every major business and governmental sector has been compromised. Large tech companies such as LinkedIn and Oracle, healthcare providers including Premier Healthcare (as well as numerous hospitals), manufacturers, major educational institutions, and large financial organizations have all succumbed to either internal or external threats.

Time flies when you’re upgrading operating systems. It has officially been a year since Microsoft introduced Windows 10 to much fanfare and approbation. Acceptance of the platform was almost immediate, with many users simply grateful to migrate away from the much-maligned Windows 8 environment. At the core of the problems with the previous edition of Microsoft’s flagship OS was that the GUI was designed to function more effectively on a tablet than on a PC, which infuriated users who had grown used to the Windows 7 look and feel on their laptops and desktops. The release of Windows 10 gave Microsoft’s core audience exactly what it wanted—a unified code base that enables the same applications to be employed on all device architectures (desktops, laptops, tablets, and smartphones) while retaining the look and feel of the classic Windows 7 desktop that they had come to appreciate.

In the last year or so, the topic of Internet of Things (IoT) received a lot of attention. Both the concept of the topic and scope of what should be included in IoT changed dramatically in that time. The first commercialization of IoT were wearables such as GoogleGlass. Shortly thereafter came the next wave, with devices such as smart watches. The first security concerns were focused on personal safety due to user distractions, similar to those voiced when smartphones became popular, and then came the invasion of privacy concerns. However, shortly after the first hackers got hold of them and identified attacks to gather data from them. At that point, the view on IoT expanded to recognize that the concept of IoT was actually much broader and had more significant impacts than privacy.

There is no greater investment we can make in the future than to prepare our children to successfully navigate the challenges of tomorrow. Of course, predicting the workforce requirements of the future is a bit like trying to capture a fly with a cargo net—just when you think you have it, it slips through the holes and buzzes in a different direction. Nonetheless, it’s safe to assume that workforce mobility will be an essential aspect of the coming generation’s career experiences. Mobile technology is already an integral part of nearly every business role, and its use can only be expected to increase in the years to come. To help support this revolution, Apple has pledged to donate $100 million worth of teaching and learning technology to 114 underserved schools across the country and has offered special discount pricing and volume-purchase programs to all educational institutions. A large number of grade schools have embraced these financial enticements and introduced 1:1 iPad programs that provide every student with their own personal iPad to be used during the duration of a school term.

I recently presented findings from my EMA Radar for Workload Automation (WLA): Q1 2016 report. The recording for the webinar is now live here.

For two decades, IBM’s Power Systems family of high-performance servers has been considered the premier alternative to x86-based systems. Combining fast processing, high availability, and rapid scalability, Power Systems are optimized to support big data and cloud architectures. Popularly deployed to run IBM’s AIX and IBM i operating systems, the platform has seen stiff competition in recent years from x86-based Linux systems. In 2013, IBM responded to this challenge by investing a billion dollars into the development of enhancements to the Power line that would support Linux operating systems and open source technologies. This bold move was hailed as a strategy that would greatly improve the attractiveness of the platform and drive broader adoption.

According to 2015 research reports published by Ponemon, Mandiant, and others, median intruder dwell time in a target network prior to detection ranges from just under to just over 200 days. That is a little over six months and as everyone agrees, totally unacceptable.

We live in the digital age—or at least many of us do. Today’s IT-savvy users expect to be able to access any data, form, or record from any device at any location and at any time. However, some organizations seem to be perpetually stuck in the dark ages, relying on antiquated paper documents and physical filing cabinets for document retention. Other businesses may have documents in electronic form but lack any method for organizing them beyond just saving them to a basic filesystem. I’ve even known business professionals who store critical records in archive folders in their email package because they lack any other method for document organization. Electronic document management has never been more essential, and organizations that fail to provide adequate document support either will not be able to compete effectively against businesses that do or, even worse, will fail to meet compliance objectives and lose customers due to an inability to provide adequate support services.

Earlier today I presented findings from my recent EMA Radar for Workload Automation (WLA): Q1 2016 report. The recording for the webinar is now live here.

More and more organizations are increasing the use of data in their decision making. EMA describes this as having a data-driven strategy. Recent research has revealed that almost 63% of respondents included data-driven strategies in their organization at a significant level. EMA has been tracking the growth of big data with annual research since 2012. From our 2015 research, you can see in the chart below how organizations are moving forward with their big data projects.

I thought I’d begin the year by making some predictions about what to look for in 2016 in the area of IT service management (ITSM).  For those of you who have been following my blogs with any regularity, and particularly for those who sat in on our webinar for the research report “What Is the [...]

There is growing industry attention to user, customer, and digital experience management—often condensed by the acronym UEM for “user experience management.” This attention is more than justified, but most of the buzz leaves out critical questions like, “What is user experience management?”, “Who really runs (or who should run) the UEM show in the digital [...]

In many organizations, endpoints see virtually constant change. Users access, download, and utilize applications, data, drivers, files, toolbars, widgets, etc., introducing both new security threats and undocumented changes in systems and processes. For better or for worse, all of these activities leave their mark on the endpoint.

Cloud computing can speed up deployment, reduce costs, and increase efficiency and connectivity. It can open up new ways to get computing work done, but more importantly, the inherent connectivity can change the way employees interact with each other and with customers. It can also change the way companies interact with suppliers and partners. The ease of standing up new apps and connecting with users through mobile devices, as well as the minimal capital investment, can spur innovation.

The Internet can be a pretty scary place. Places like the dark web exist in the form of trading houses with stolen personal information from credit cards and social security numbers, to health records and full identities being obtained for a price. Malware development and deployment and other attack services such as DDoS and botnets can be rented by the hour. Recent reports indicate that DDoS attacks are increasing in both frequency and size, and the problem of botnets being used as attack networks or launch points in DDoS and other malicious activities is significant. Indications are that it will only continue to get worse.

One of the services that EMA provides to the tech industry is research. During the course of the year, numerous projects are launched to help IT consumers and vendors understand market perceptions. EMA then provides analysis and forecasts on trends based upon those perceptions.

In research done earlier this year, we looked at changing patterns of IT service management (ITSM) adoption across a population of 270 respondents in North America and Europe. One of the standout themes that emerged from our findings was the need for the service desk to become a more automated and analytically empowered center of [...]

In August EMA surveyed 306 respondents in North America, England, France, Germany, Australia, China and India about digital and IT transformation. The goal was in part to create a heat map around just what digital and IT transformation were in the minds of both IT and business stakeholders. We targeted mostly leadership roles, but also [...]

If you’re like me, you are increasingly becoming reliant on online shopping to replace the more arduous task of physical in-store shopping. I find this is particularly true during the holiday season when the idea of fighting traffic and elbowing crowds to desperately search numerous shops in order to find just the right gift for Aunt Phillis (who’s just going to hate whatever she receives anyway) gives way to the more idyllic setting of web-surfing multiple stores simultaneously from the privacy of your home while the dulcet tones of Nat King Cole playing gently in the background lull you into the holiday spirit (a little spiced eggnog on the side doesn’t hurt either). But have you ever stopped to consider why you shop at some websites and not at others? Certainly item prices have something to do with it, as does the breadth of product selection. However, there is almost certainly a third element involved—one of which you may not even be consciously aware: The quality of the online store shopping experience directly impacts the likelihood that you (and other consumers) will purchase items on it. Websites that are friendly, professional, and easy to use are far more likely to produce sales than those that are confusing and difficult to navigate.

IT administration is a thankless job. Let’s face it—the only time admins gain any recognition is when something goes wrong. In fact, the most successful IT administrators proactively manage very stable environments where very few failures and performance degradations occur. Unfortunately, though, this is rarely the case, and it is far more common for admins to get stuck in the break/fix cycle of reactive “firefighting” where problems are never truly resolved and are destined to occur again. Making matters worse, increasing requirements for mobility, business agility, high performance, and high availability have substantially increased IT administrator workloads. With this kind of pressure, it’s no wonder IT professionals are frustrated.

The idea of containers has been around for a long time in various forms on various operating systems. It has been part of the Linux kernel since version 2.6.24 was released in 2008. However, containers did not become mainstream until a couple years ago when Docker was first released in March 2013. Docker introduced container management tools and a packaging format, which made container technologies accessible to developers without Linux kernel expertise. By doing so Docker led the way to making containers mainstream as well as one of the hottest trends in application development and deployment because it simplified the way applications are packaged. While this has big advantages, containers are still early in their lifecycle and lack operational maturity. The ease of use with which Docker images can be created leads to image sprawl, previously seen with VMs, and exacerbates the problem of managing security and compliance of these images. Container environments do not integrate well to existing developer tools, complicating team development due to a lack of staging and versioning for preproduction and production promotion. Also, containers do not integrate with existing monitoring tools, complicating management. However, new tools are being developed targeting Docker as an application delivery format and execution environment by an ever-growing Docker community. Many of the benefits are on the development side of the house, with the promise of DevOps benefits. Running in production can be a different story.

When people think of IT mobility, the images most immediately conjured regard smartphones and tablets. In truth, however the mobile device landscape could be considered broader than this. The basic definition of a mobile device is simply “any computing device designed principally for portability.” By that definition, laptops should clearly be included in that scope. However, some definitions state that a mobile device must be “handheld” indicating size is a factor without actually specifying how small a device must be to achieve that designation. Regardless of size limitations, those definitions still favor inclusion of laptops since many are available with a form facture that is smaller than some of the larger tablets. Therefore, the defining descriptor for a mobile device must fall to its portability, which also happens to be the key differentiator between a laptop and a desktop PC. Logically, therefor, a laptop is, in fact, a mobile device.

As a follow-up to my previous columns on change management, I’d like to step back a little and shine a light on an even broader landscape. Here I’ll touch briefly on process, dialog, and workflow as a triad that can help IT organizations move forward toward a more efficient and potentially more business-aligned way of [...]

Most network managers are still many years away from turning on Internet Protocol version 6 (IPv6) in their enterprise local area networks (LANs). Private non-routable IPv4 address ranges can happily exist behind a network address translation (NAT) gateway for the foreseeable future. However, things could change. At any time, someone above your pay grade might [...]

Many small and midsized IT organizations rely on a mix of freeware and open source software to manage their infrastructure. These free tools can be effective and economical choices for smaller networks. But how do you know when it’s time to upgrade to a commercial product? Scale is one of the first indicators that you [...]

You may not have noticed, but log analytics has become table stakes for network management toolsets. Last year, Enterprise Management Associates® (EMA™) surveyed network managers about the data sources that have become important to engineering and operations tasks. Log files consistently scored higher than anything else, including flow data, packet analysis, and SNMP metrics. Fifty-nine [...]

IT administrators love to write scripts – at least, the most talented ones do. Scripting provides a powerful platform to automate simple and repeatable tasks. However, like with most powerful tools, there is an overwhelming temptation for scripting to be overused. When faced with a project deadline, a high-pressure failure event, or even just the need to simplify day-to-day events, administrators can unintentionally create scripts that are so complex they actually put the business at risk. I must confess that during my 2 decades-long tenure as an IT administrator and engineer, I’ve written a lot of scripts…a LOT of scripts…and learned a lot of important lessons. Scripting was never intended to replace application programming. Its purpose is to provide a quick and easy resource for performing simple and repeatable tasks. It is not uncommon, however, for scripts to start simple but balloon over time into complex code that is virtually unintelligible even to its author.

In preparation for my new ‘Achieving Hi-Fidelity Security’ research project, I thought I would post a relevant blog I wrote for InformationSecurityBuzz.com.

Consumers of IT services want speed and dependability above all else. When they envision a new service, they want it built and deployed in record time. While there has always been time pressure, it has become more pressing with the consumerization of IT. Consumerization describes the emergence of IT in the consumer market which then spread to business and government organizations. Users carry their devices and expectations to the workplace and want the same instant gratification, self-service mobile access, and constant stream of new apps they experience in their personal use of technology. Combine this with business intelligence capabilities advancing big data and analytics, and you end up with digital transformation: using data, pervasive connectivity, and easy to use devices to change the way businesses interact with their customers and conduct their core activities. These trends have raised the bar on the expectations of IT to innovate as quickly as possible.

This is the third blog in my series on change management. In the first, I examined both the processes and the use cases associated with managing change. In the second, I looked at metrics, best practices, and pitfalls. In this third blog, I’ll look at how the technologies for service modeling, automation, visualization, and self-service [...]

There is a reason orchestras have a single conductor. Can you imagine the cacophony that would result if a horn section performed out of sync with a string section? Or if the percussions played a faster beat then the woodwinds?  But in IT management, it’s all too common for organizations to have separate automation platforms conducting individual software elements. In fact, this is often the cause of an increased IT complexity that results in degraded performance and reliability. For instance, SAP’s popular customer relationship management (CRM) software includes a built-in job scheduler – the Computing Center Management System (CCMS) – with some limited capabilities specifically designed to support its unique platform (such as to analyze and distribute client workloads). But this is an independent tool requiring administration and monitoring tasks separate from any other automated solutions. An average IT organization will need to manage dozens of similar management platforms, each with its own unique interface and operating parameters.

This is part two of a three-part series. In part one, I addressed the question, “What is change management?” and examined change management from the perspectives of both process and use case. In this blog, I’ll look at what it takes to make change management initiatives succeed—including metrics and requirements, best practice concerns, and some [...]

This is the first of a three-part series on change management. In this blog, I’ll try to answer the question, “What is change management?” from both a process and a benefits (or use-case) perspective. In the second installment, I’ll address best practices for both planning for and measuring the success of change management initiatives. I’ll [...]

Chances are, in an average day, you are not accomplishing as many tasks as you would like … and neither are your colleagues or your employees. What is mystifying about that statement is that it seems today’s workforce is putting in more hours and more effort than ever before coinciding with an increased adoption of IT devices and applications designed to improve user productivity. In fact, this has been a key driver for organizations to enable workforce mobility – to provide flexibility in accessing business IT resources (applications, data, email, and other services) from any device at any location at any time in order to improve overall business performance. But even the most accomplished business professionals must admit there are days when little gets done despite herculean efforts.

In my last blog, I discussed how IT service management (ITSM) roles (and rules) are becoming more operations-aware. The blog examined a number of key game-changers for ITSM, including a growing requirement for shared analytics; the rise (not the demise) of the CMDB/CMS and service modeling; cloud as both a catalyst for innovation and a [...]

It’s time to take a serious look at Office 365. The cloud edition of Microsoft’s broadly adopted business productivity suite – which bundles such popular packages as Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and Microsoft Outlook – has been both heavily praised and heavily criticized since its introduction in 2011. While the adoption rate of the traditional software edition of Microsoft Office is currently in no danger of being overtaken by its cloud-hosted cousin, recent adoption rates for Office 365 have substantially accelerated. Businesses, in particular, have shown increased interest in the cloud-based platform, and many are carefully considering whether to make the transition after existing Enterprise Agreement (EA) licenses expire.

Champions of big data analytics extoll the virtues of massive data stores. Enterprises have so much unstructured data that could help them improve operations and generate new revenue, they say. The more bytes, the better. Some might assume that enterprises will simply push every byte they can find into a Hadoop cluster or data warehouse. [...]

Here we go again. New releases of Microsoft’s flagship operating system are typically greeted with a combination of angst, curiosity, confusion, and dread in equal measure. It seems just as folks have gotten used to a particular Microsoft version, a new one is released with a completely different interface and requiring a whole new set of operational practices. Even worse, upgrading large numbers of desktops to the new edition in a large enterprise environment is a daunting task often avoided by IT operations teams until and unless it is absolutely necessary to perform a mass migration. More often, new OS platform adoption occurs due to device attrition (i.e., replacing old devices hosting old OS versions with new devices hosting the new OS version). The upcoming, late-July release of Windows 10 will likely be no exception to this.

Both the “rules” and the “roles” governing IT service management (ITSM) are evolving to support a far-broader need for inclusiveness across IT, and between IT and its service consumers. Recent EMA research, “What Is the Future of IT Service Management?” (March 2015), exposed a number of shifting trends that might surprise many in the industry. [...]

As an analyst who focuses on network management research, I am particularly intrigued by software-defined networking (SDN). As SDN architectures are deployed in data centers, local area networks and WANs, network management practices will have to evolve. For instance, SDN may make it easier for cloud administrators to provision network services and connectivity for a new application, but how do you ensure that your new programmable network remains compliant with configuration controls and policies? Is your performance management tool able to model and monitor an SDN controller? If you have traditionally relied about appliance-based load balancers and firewalls in your data center, how do you monitor and manage those network functions when they become virtualized services that are as mobile and dynamic as the workloads they serve?

In my last blog, I talked about “IT Cultural Transformation and the Elimination of Technology Silos.” That blog keyed on four key areas of advice, which also provide a useful foundation for the topic of “Governance and Optimization.” These key areas include: Standing in the middle of the storm –This means looking at the interdependencies [...]

There seems to be a direct correlation between how successful business professionals are and their level of impatience. While I am not familiar with any studies on this particular subject, it is simple logic that the most productive employees are those who most frequently demand rapid response to service requests. From my past experience managing and providing IT administrative support, I can attest that these individuals are usually the most irritating—constantly requesting access to new applications, data, and other business resources with expectations of an immediate response. Begrudgingly, I must acknowledge that these are the folks who are also most likely to close deals, beat deadlines, increase revenues, and win awards. In the modern world of highly competitive markets and increased organizational requirements, impatience may actually be a virtue.