What does the Oracle-Sun news mean for enterprise CTOs?

OK, sometimes I get emotionally attached to great technology.  I need to watch that, I know humans are what is important.  But science is cool too, and it gets really really exciting to watch great humans create and field great technologies.  That is why I have long been a fan of both Oracle and Sun.  I like many other powerhouse IT companies as well… but those are the two names dominating this week’s news and it has been the topic of dozens of conversations with other CTOs since the announcement that Oracle Buys Sun.

Here is some of the significance of the announcement, in my opinion:

- This is a $7.4B purchase.  Oracle would only have done this if they realized there is incredible value for IT customers in this transaction.

- The value of Sun is in far more than just intellectual property.  It is in incredible thought leadership of Sun’s talented people and terrific, visionary data center experience.  It is also because of the tremendous community leadership in the open source world. And of course there is the hardware production, distribution and service.  And, as emphasized in the release, Java and Solaris.

- You can believe Larry Ellison when he says” The acquisition of Sun transforms the IT industry, combining
best-in-class enterprise software and mission-critical computing
systems.” He also said  “Oracle will be the only
company that can engineer an integrated system – applications to disk -
where all the pieces fit and work together so customers do not have to
do it themselves. Our customers benefit as their systems integration
costs go down while system performance, reliability and security go
up.”  All of this rings true.

There are some immediate steps enterprise CIOs and CTOs should do because of this announcement:

- Continue your plans to accelerate open source software into your enterprise.  Move faster now.  Your risk is lower than ever. 

- Understand that market dynamics are going to change.  Oracle is a great company that will ensure Java and Solaris and MySQL continue to improve (with backing by and leadership of the great open source software community, of course).  But understand the dynamics may change the equation when it comes to software support costs.  

- Move now to lock in your service and support plans for open source Solaris, MySQL, Java Composite Applications Platform Suite (CAPS) and Java Enterprise Services (JES).   Lock in at today’s rates if you can.  And extend today’s rates out for more years if you can.

– The leading operating system for the Oracle database is Solaris. Since Solaris is now open and since its use is growing there are huge numbers of trained administrators with mastery over Solaris.  But this is a good time to re-evaluate how many trained masters you have.  If you have an enterprise suport agreement with Sun it might have training options on it that you are not using.  Now is the time to max out your training.  Clearly this is going to pay off for your enterprise long term.  And after the aquisition is complete there is a chance that if you have not locked in your training rates that some of this cost may go up.

- With this agreement, enterprises are now faced with easy choices for identity management solutions. Sun Identity Management solutions already form about 60% of the identity management stack in the enterprise-class federal space.  Oracle in their fusion middleware account for much of the rest of the enterprise-grade solutions space.  Accelerate your Sun Identity Management solutions.  I believe, just based on personal experience, that Oracle and their policy management capabilities are best of breed, and they can already be engineered to work with open enterprise class leaders like Sun.  I imagine that will be a much smoother integration in the future.  Which leads to the next key point:

- While now is the time to lock in, rapidly, your Solaris, JES, MySQL support licenses, and now is the time to take advantage of any Solaris/Java training available to you, you should also agressively review the entire Oracle Fusion Middleware stack.  There are some really GREAT capabilities there.      

Any thoughts on any of the above?

A look ahead: Some technology developments to expect in 2009

2008 was a year of rapid changes for Chief Technology Officers.  We should expect 2009 to move even faster.  Where will the biggest trends take us?  I offer some considerations below.  Please
look these over and give me your thoughts.   Push back if you have
disagreement.

First, my overall advice for CTOs in 2009… Just like the new thin interfaces you will be testing in your lab… be flexible.   Now here are some more thoughts on what's in store for CTO s in 2009:

• Here is a no-brainer: Increasingly CTOs will leverage social media to
  collaborate.  Things are moving so fast that we all like to network to
  seek help on big things and to get advanced warning on what is coming
  next.  More of us will be on Twitter, in Facebook, and writing blogs. 
  And this is a good thing.

• "Mashups" will still be very
  important as an enterprise objective in 2009 (and beyond).   And the
  company that will help accelerate them into the federal enterprise is
  JackBe.  They do things in a way that enterprise CTO s like.  They build
  in connections to governance, security, identity management.  And they
  play well with the entire ecosystem so you don't have to rework all
  legacy just to use them.  Of course web2.0 will remain a key trend, but mashups takes web2.0 to a new, more mission-oriented level and for enterprise players the mission is what is important.

• An approach we will all learn to love and follow is "context
  accumulation".   This very important term was coined by Jeff Jonas, and
  I think Jeff is going to have all of us moving out on that in the next
  12 months.   If you agree, visit his blog and by all means help others
  understand why this is really the only way we humans stand a chance of
  surviving/thriving in the onslaught of data.

• Federal acquisition of IT will still be criticized for all the
  reasons it always has been.  But there will also be an acceleration of
  a dramatic positive change brought about because of open source
  software and a new appreciation that IT acquisition processes
  (RFI/RFP/FAR/DFAR based purchases) do not apply to software that is
  free.  Free software is not being bought, it is being used, for free. 
  The whole reason the FAR exists is to ensure when the taxpayer's money
  gets spent it gets spent wisely.  When things are free the FAR has less
  applicability.  Services for open source are being bought and since
  that uses government money of course the taxpayers will continued to be
  served by the same FAR-type processes that are meant to ensure open
  competition, but that is not for free open source software, that is for
  services to configure and manage the software.

• Will this be the year of enterprise security?  We have been banking on that for a long long time.  We know the answers on how to make enterprises more secure.  There is a great recap of some of the most important components of security in the CSIS report.  But there are many more things that can be done as well. My goal, as captured here, is to improve security by two orders of magnitude within the next 24 months. 

• Netbooks, Thin Clients and Cloud Computing will accelerate
  throughout the technology landscape, especially inside the federal
  government.  These trends in both devices and the cloud components are directly related and are also benefiting from the global, unstoppable trend toward open computing
  (open software and open standards).  One to watch in this area:  Sun
  Microsystems.   But also track the dynamics of the netbooks providers. 
  Dell will get serious about netbooks, but Acer will continue to grow
  market share.

• A key accelerator of Cloud Computing has been the powerful technologies of virtualization, especially those of VMware.  Open source and other virtualization capabilities are coming fast too.  Trend to watch in 2009 is the arrival of higher order, more elagant capabilities to manage virtualizaiton accross large enterprises.  VMware and Opsware (HP) will continue to evolve to do this, but Appistry, Vizioncore, Xsigo and Sun (and others?) are coming fast.    
• Increasingly leaders will recognize that concepts of operation that
  require humans to tag and create metadata are sub-optimized.  When busy
  people are tasked with burdensome tagging operations they too
  frequently become tempted to cut corners and rush the process.  Over
  time, meta data generated this way just becomes meta crap.  This
  growing recognition in the federal space will sweep in new technologies
  and new approaches to discovery of content.  One to watch to solve this
  issue:  Endeca, because of their approach to visualizing information and enabling human to computer iterative examination of data. 

  

• Flexible computers will arrive in production this year for early
  adopters and many CTOs will use them in labs to assess applicability
  for massive deployment in the coming years.   These flexible computers
  are the ultimate thin clients.   Backends/servers/architectures
  developed for the cloud perfectly suit ultra thin, flexible computing
  devices. For more on this hot topic, start at the site of the Flexible Display Center at ASU.

• Collaboration will increasingly be seen as the means to link human
  brains together.   Collaboration tools that are stand alone stovepipes
  will be a thing of the past.  Users will collaborate using the entire
  technology environment:  voice, video, data, whiteboard, chat,
  application sharing, info discovery will increasingly be integrated
  into a single fabric.  Key players here:  Adobe, Microsoft and Cisco.

• In a big change for how money is moved in major enterprises, the CIO
  will be given responsibility for the energy budget.  This will encourage
  CIOs to modernize to conserve energy, since money saved from energy
  costs can be invested back in modern IT.  This will be a very virtuous
  cycle, that saves money for organizations, saves energy, and modernizes
  IT.   

• In a stunning turn, IPv6 will be rapidly adopted, not by enterprises,
  but in homes.  The major home communications provider that delivers
  full IPv6 to home environments (and to cell phones) will have an incredible advantage over
  competitors and will dominate.  The many rich features of IPv6
  delivered to consumers will finally push enterprises everywhere to move
  out on IPv6. 

• In 2009, as in every year prior and for most into the future, there
  will continue to be bad people using technology to do bad things. 
  Enterprises will move to protect info, but bad guys will keep moving to
  get the data.   And the use of social networking tools by terrorists
  will likely grow.  This is not a foregone conclusion, but I'm not
  personally sure what can be done to mitigate the use of advanced
  technology by bad people, other than to say that we good people need to
  work together more to stop them, and my hope is that we can keep 2009
  safe and secure.

Thoughts/comments/suggestions?  Please let me know what you think.

CTOs, Global Cyberwar and Our Collective Future

If you are a technologist, please take a moment to download the PDF of the report by the U.S. Commission on Cybersecurity.  This report, titled Securing Cyberspace for the 44th Presidency, is the best proclamation of the challenges of cyber I have read.  It is also a roadmap that will help any trying to navigate these very tough issues.

I've been involved in things cyber for a long time.  My deepest
involvement began in December 1998, almost 10 years ago to the day.  
In all that time I've seen lots of studies and lots of papers and many
treatments of the issues.  But I've never seen one that captures the
complexities and the need for specific actions as well as this one. 

I'd really recommend you read every word, if you want to be considered literate in this field.   But if it will be a little while till you get to it, here are some key points:

The three major findings are:  1) Cybersecurity is now a major national security problem for the U.S., 2) Decisions and actins must respect privacy and civil liberties, and 3) only a comprehensive national security strategy that embraces both the domestic and international  aspects of cybersecurity will make us more secure.

The report makes a few points about the Bush Administration's Comprehensive National Cybersecurity Initiative (CNCI).  In general the give credit to that initiative, and call it good.  I agree, it is a great activity I've previously written about that is led by one of the most effective people in government today and has done great work.  But as the comission points out, the work of the CNCI is good but not sufficient. 

The biggest shock for me in this study:  The amount of funding on R&D for cyber security.  I have been looking into the many activities underway, and maybe that look made me deceive myself into thinking it was a well funded effort.  According to the comission, however, they estimate that the total R&D funding in the federal government for cybersecurity is about $300million.  Less than two-tenths of one percent of the total federal R&D.

The report has a great section on identity manangement. 

I am convinced the organizational approaches outlined in the study are the right ones as well.  There is only one place in our government where we can lead solutions to this challenge.  Where is that?  Hey read the report!

What else do I recommend CTOs do besides read the report?  I think one way we can all help the cybersecurity effort is to think through which standards bodies are the most important to engage with regarding security.   A few are here:
http://www.ctovision.com/2008/05/standards-organizations-ctos-should-track.html

The Technology Implications of the Obama Win

There are several megatrends sweeping the technology industry today.  Some of them are about to be accelerated.  

I like to use five key topic areas to track megatrends in IT: 

- Convergence and trend towards unified communications and user empowerment
- Globalization and increasing internationalization of IT and demographic shifts
- Increasing open development of software and hardware
- Power, Cooling and Space (PCS) impacting data centers and every place computing is done
- Increasing pace of technology development and probability of disruption

Over the past two months two major events have occurred which are impacting these trends.  

The
first was the collapse of Lehman Brothers and the resulting cascading
effects on the financial industry.  The impact on IT spending and the
movement of more enterprises to grid/cloud computing because of that
are still being assessed, but for some thoughts see: Wall Street Crisis

The second was the Presidential election of Barack Obama.   

Read the rest of this entry »

Melissa Hathaway Op-Ed on Cyber Security

Below I'm going to post, in its entirety, the text of an e-mail I received from the ODNI notification service.   The subject is an op-ed written by Melissa Hathaway, a senior leader who has been spearheading significant coordination action in the federal government (opinion: Melissa is perhaps the most effective SES-level leader in the US government today, IMHO).

I wanted to post this in totality for a couple reasons.  One is it is something all of us should read.  Although I believe most readers of this blog will find no surprises in this op-ed, Melissa has a real talent for capturing information in easy to understand ways and I think we can all borrow lessons from the way she explains things. 

Read the rest of this entry »

Securing Enterprise Data and Computer Power

In March I posted an entry on a significant enhancement in the computing realm, the thin client.   That post focused on how thin client computing is changing the net assessment in computer security (see:  http://www.ctovision.com/2008/03/computer-securi.html  ).

I've been really pleased to watch thin client computing take off.  How widespread is adoption now?  In August Sun announced that they had nearly doubled their shipments of thin clients from the previous quarter.   That's pretty cool.  In fact, it is Kurzweilian.  

Read the rest of this entry »

Thin Client Laptops: Functionality, Security, Mobility

For the past few weeks I've been using a unique device — a totally stateless laptop. 

It is the Tadpole M1400 Ultra-Thin Client Wireless Sun Ray.  

Here are some things this device can enable for enterprise users:

- Enhanced security.  If the laptop is lost/stolen/attacked no data is lost.  The data is never in the laptop, it remains in your enterprise.

- Enhanced functionality. All users everywhere can get upgrades to the latest software instantly. Upgrades happen in the server room, not by downloading apps to every device.  And multiple domains can be presented to one laptop.

- Enhanced flexibility.  All users everywhere can get access to presentations of operating system environments they need.  Depending on what the enterprise chooses, users can be presented with MS Windows, Mac OS, Solaris or Linux desktops. 

- Enhanced mobility.  Like any other laptop, this device is designed to be mobile.  It can connect to the grid over WiFi, 3G card, or if you desire, an Ethernet cable. I've tested it using WiFi at home and on the road and the performance is great. 

Concerning speed and 3G: I tested the Tadpole thin client using 3G (using a Qualcomm 3G CDMA card on the Verizon Broadband Access network).  When you have to use it, 3G delivers ok performance, but just like with fat client laptops or iPhones, 3G speeds can leave you wanting more (faster networks are coming quickly, see: How fast is 3G and what is 3.5G and when will 4G be here? ).  

If you are a CTO/CIO/enterprise technologist you can probably already understand the power and potential of the "stateless laptop."  Having one in my hands just brings that home to me. This is a way to deliver significantly enhanced security and enterprise-class functionality/power to mobile users.  And since it can be done in a way that reduces cost it makes this a compelling approach.

I wonder, what could the role of this new device be in the federal government's Cyber Initiative (see Protecting Federal Networks Against Cyber Attack) ?  Or what the role might be in reducing cyber crime?   I'll leave those for topics of future posts.

Thin client computing and converged voice

Companies, real companies that focus on business success, buy
solutions, not point products.  One of the most significant solutions I
have seen in years is coming from a partnership between two great IT
firms, Sun Microsystems and Mitel.  The video below has Sun founder and
Chairman Scott McNealy and Mitel Chairman Terry Matthews place this
solution in context.   The solution described saves in costs but more
importantly delivers incredible computing power to the user, where ever
the user is, and it does that with far more security.

Scott hits on how important this technology can improve the security situation for government users and I think he gets it exactly right.  Thin client changes the security net assessment, as I’ve blogged about before (see:  Computer Security: a change to the net assessment ).

As you watch the demo in the video, a couple things will jump right out
at you, like how seamless an integrated desktop to mobile back to
desktop voice and data and computing power solution can be.  Another
important point for government users is that the pioneering work that
was done in helping articulate requirements for devices like the Sun
Ray has resulted in a much better product that corporate america is now
running with.  That should keep the innovation going in the Sun Ray
product line, which will result in more capabilities in the future.

So, please check this out:

 

More later.

CIA IT Leaders Are World Class IT Leaders (continued)

CIO magazine continues its reporting on the IT enterprise at CIA and the CIA's CIO (Al Tarasiuk).  I have little more to add:  My comments from before still stand:  Al is a world class leader and this follow on report just underscores that.  I imagine Al is similar to other great CIOs from industry (folks like HP CIO Randy Mott, for example) and my old boss Mike Pflueger of DIA.   These leaders must wrestle with far more than technology (they can hand of the easy technology stuff to CTOs, right?).  In story after story of the great CIOs I note that they spend a great deal of time on culture, policy, process and human factors. 

For continuity I wanted to provide the link to the rest of the story.   It is here:  http://www.cio.com/article/print/441688

Bob

Clayton Christensen, Disruptive Innovations and Enterprise IT

Today I got to meet one of the most influential
thinkers/speakers/writers in the globe today– Clayton Christensen.  He
spoke to a small group of technologists (CIOs and CTOs) at the Cisco IT
executive forum, and held us all spell-bound by his fascinating (but
sometimes dismal) projections based on his understanding of some major market forces.

Although I recognize most of the thoughts he presented from his
books and articles, it was good having his personal context.  It may
help some of those concepts to sink it a bit more, and will help me as
I try to maintain an eye on the horizon for the next technology
disruptions.

One thing I realized right away is that I have been using the terms
he coined a little bit differently than he does.  I hope that is just a
matter of perspective and not a misuse of the concepts he articulates
so well.

Read the rest of this entry »