Thursday, February 28, 2008

Business model innovation opportunities in designing SaaS channels

The business model challenges are far more complex and brutal than the technology or architectural challenges for SaaS and they get compounded when selling to an SMB. It has been argued that the success of complex to implement enterprise software in marketplace is attributed to the channels, ISVs and VARs, to a certain extent since they step in and do the dirty job and it is a very lucrative business for them. If the VARs are not selling it, customers won't probably buy as much. This has serious implications on the SaaS as a delivery model. The fundamental benefits of SaaS such as pay-as-you-go type subscription models, try before buy, personalize against customize, and no physical box are some of the factors that work against the SaaS vendor since there aren't enough incentives for the indirect channels with the current business model.

If a vendor believes that a product is so good that it does not need any (value add) channels, the vendor can use web as platform for volume sell. Google recently slashed down the price of Postini by 90% and it is a move to get rid of the channels since it was an artificial cost barrier. Google believes that now it has much better shot at getting to the right customers at the right price. This move has upset some VARs but it is all about your supplier being smarter than you.

This is the business model innovation that the vendors should be paying attention to. Many enterprise software vendors have never sold over the web and they relied on their direct sales force driving around in their BMWs and selling to the customers. They also relied on the partners heavily. When these vendors move towards SaaS delivery model for volume selling to the SMBs, they have an option to build new infrastructure or use an existing infrastructure to volume sell to the customers. I also see the benefits of web as a volume selling platform to sell anything and not just the software. I can imagine Amazon’s e-commerce platform as a SaaS sales platform and it is also not farfetched for a software company into the business of providing platform via SaaS delivery to sell SaaS software.

Many SaaS solutions originally designed for SMBs do get subscriptions from large enterprises as well since in some cases the IT is fragmented into many departmental solutions for a large enterprise. These departments do not want to deal with the IT and would rather go for a SaaS delivery model even if it means a limited functionality and no integration capability with other departments. This decentralized strategy is a nightmare for many CIOs but in some cases loose integration could also mean higher productivity and a CIO is willing to make that compromise. There are also behavioral issues that a vendor will have to deal with on how to approach customers and whether a customer is comfortable making software purchase over the web where they relied on the partners in the past.

This is an interesting trend that SaaS vendors should be watching for since it simply changes the definition of an SMB. More and more knowledge workers are inclined to bypass IT if they have an access to better and easy-to-use solution. One of the new features of Google Apps is targeted towards this behavior. If you are a Google Apps consumer in one department, you can see who else has signed up for Google Apps (based on the domain name) and can collaborate with those people. This is what I would call it loose integration.

In a way, selling to small businesses is similar to a selling to a set of individual consumers and not to a business since a lot of these small businesses behave as individual consumers. Turbotax is a good example to compare channels for on-premise and SaaS delivery models. Intuit has separate sales and marketing channels to sell TurboTax. Intuit partners with financial institutions such as Fidelity, Vanguard, and Bank Of America to offer discount on the online offering and also distributes coupons for the on-premise offering at brick-and-mortar discount stores such as Costco.

SaaS delivery model, for an SMB or a large enterprise, has many channel challenges and the concept and definition of these channels are likely to be redefined as the SaaS adoption continues.

Wednesday, February 20, 2008

Scenario-based enterprise architecture - CIO’s strategy to respond to a change

Scenario-based planning is inevitable for an enterprise architect. The changing business models, organizational dynamics, and disruptive technology are some of the change agents that require enterprise architecture strategy to be agile enough to respond to these changes. The has a post on a CIO's challenge on the enterprise architecture to respond to a possible change in the strategic direction due to a new CEO.

For CIOs, the key question is how to turn IT into an asset and a capability to support the business and not to become an IT bottleneck that everyone wants to avoid or circumvent. Strategic IT planning that is scenario-based, transparent policies, and appropriate governance could help the enterprise architecture from falling apart and build capabilities that serves the business needs and provides them with the competitive advantage.

To be tactical and strategic at the same time is what could make many CIOs successful. In my interaction with CIOs, I have found that some of their major concerns are organizational credibility and empowerment. CIO is often times seen as an inhibitor by the business people and it is CIO’s job to fix that perception. To be seen as a person who can respond to business needs quickly and pro-actively can go a long way to fix this perception. You cannot really plan for all the possible worst case scenarios but at least try to keep your strategy nimble and measures in place to react to the ones that you had not planned for and act ahead of time on the ones that you did plan for.

Monday, February 11, 2008

Data encryption as a new class of DoS

Not to sure what to make out of this argument. Experts from IBM Internet Security Systems, Juniper, nCipher argue that data encryption is a new class of DoS. The post says "It's a new class of DoS attack.. If you can go in and revoke a key and then demand a ransom, it's a fantastic way of attacking a business." This does not make any sense. If someone can get your private key revoked you would have a lot to worry about other than data encryption.

It also says "Another risk is that over-zealous use of encryption will damage an organization's ability to legitimately share and use critical business data". The storage is encrypted but the access is not, so I am not sure what sharing issues the post is talking about. The leading database vendors such as Oracle provides column level encryption where data is encrypted before it is stored but it is decrypted on-the-fly when accessed and it is very transparent to the user or to the application. Though a limited set of real-time data should be encrypted since there is an overhead of decryption every time the data is accessed and the physical and digital security of the real-time data store is much better than an off-line storage such as backup tapes . On the other hand the backups should always completely be encrypted because they are not supposed to be accessed in real time and there is a greater risk of loosing a tape from a UPS truck or get stolen by baggage handlers. In fact Oracle once considered not to allow taking unencrypted backups at all.

What really matters is the encryption strategy of the organization for the data accessed in real time and the data that gets backed up on a tape. Some simple key management solutions and the right decisions and governance can solve the supposed DoS problems that are being discussed. You could take any tool and use it a wrong way and then complain about the tool itself. Encryption is just a tool and an enabler and you have to figure out how to use it. If you closely look at the "experts" in the post they are into the key management business and want you to believe that your keys will be revoked one day and you might end up paying ransom and also risk your data so why not pay us now and buy our software.

Tuesday, February 5, 2008

Supply side of cloud computing

Lately the most of the buzz is around the demand side of the cloud computing - Google's data centers, Microsoft Live, Amazon EC2 etc. Add one more player, Cisco, but on the supply side. Cisco has entered into the supply side of the cloud computing by unveiling its 15 terabit/sec switch - that's ridiculously and embarrassingly fast (found via Rough Type). Cisco recognizes the opportunities around network and data center vitualization in the rising world of ubiquitous computing. This initiative and innovation emphasizes that the utility computing is not just about taking few commodity hardware and connect them together. That is just tip of the iceberg. The cloud computing at core would certainly support the computing needs in a utility fashion but the data center redundancy and geographical connectivity is crucial as well. You can get a lot done when two geographically dispersed severs can transfer high volume data at lightning speed.

Now put this switch in on of those Sun's black truck and see the difference!

Saturday, February 2, 2008

Monetizing social networks and preserving privacy - an oxymoron?

How do social networks monetize their core platform and applications? It's more than a billion dollar question, figuratively and literally. The social network companies such as Facebook does recognize the potential of an open platform for participation and developer-friendly attitude to let the community sip the champagne of the social network data. There is a plethora of applications built on Facebook platform and and this might be the key towards monetization. The other key players have also been experimenting with their platforms and business models but there is no killer business model, at least not yet.

Monetizing efforts do ruffle some feathers on the way since it is intertwined with other factors such as privacy, data portability, and experience design. The Facebook's experience design keeps applications' users inside of Facebook but at the same time provide the necessary, or sometimes unnecessary, access to user's data to the application providers. This has set off some debates around privacy concerns. Access to user's data and open architecture is a key to increased adoption that can potentially lead to monetization, but Facebook needs to be careful here not to piss of the users. Compare this with Google few years back where Google made a conscious decision to keep the search results rank clean (do no evil) and that strategy paid off when Google started monetizing via AdSense.

Marketers argue that the spending power of the current demographics of Facebook is not high, so why bother? This is true but don't forget that when these millennial grow up to buy that 60" plasma TV, some companies do want to make sure that they have a brand tattooed in their heads from their previous branding experience on such social networks. As pointed out by many studies, the millennial are not brand loyal and that makes it even more difficult for the marketers . The Facebook is a great strategic brand platform to infuse the brand loyalty into these kids.

Data portability is part of longer term vision for any social network. The applications are constrained inside a social network, but an ability to take the data out in a standard format and mesh it up with an application outside of Facebook has plenty of potential. Leading social and professional network providers have joined the Data Portability Group. Imagine to be able to link your Facebook friends with your LinkedIn contacts and provide a value add on top of that. There are plentiful opportunities for the social network providers to build the partner ecosystem and have the partners access to the data and services in the process of co-innovation. LinkedIn for the longest time resisted providing any APIs and relied on their paid subscription services. LinkedIn has tremendous potential in the data that they posses and standardizing the formats and providing the services has many monetization opportunities. It is good to see that LinkedIn has also joined the Data Portability Group and has also promised to open up APIs. Google's OpenSocial effort, partially opening up Orkut as a sandbox, and social network visualization APIs are also the steps in the right direction.

What I can conclude that the growth of such social networks is in two directions, platform and verticals. As platform becomes more open we can anticipate more participation, larger ecosystem, and service innovation. This should help companies monetize (no, no one has figured out how). The growth in vertical will help spur networks for specific verticals such as employment, classifieds, auction - who knows?

Monetization, experience design, and privacy cannot be separated from one another and few wrong strategic decisions could cause significant damage to the social network providers and their users.