Osterman Research

Is Email Really Going Away?

By Michael Osterman
in

In the 2009 to 2011 timeframe, there were a number of articles in the trade and popular press about the demise of corporate and personal email. Many believed that email use would dwindle as younger people entered the workforce, those weaned on social media and text messaging. Email was for the “grups” (you’re welcome, original Star Trek fans), while newer forms of communication would replace it.

Maybe someday, but not now. We just completed a survey with corporate email users to determine if that was the case. What we found is that 42% of email users are employing email more today than they were 12 months ago, while only 10% are using it less. The remainder are using email at about the same level they were a year ago.

Our research also found that email continues to be the dominant communication tool used in the workplace. For example, the typical email user does something in their corporate email client or corporate Webmail for a mean of 149 minutes on a typical workday. That’s dramatically more time than they spend on the telephone (66 minutes), instant messaging (29 minutes) or the Big Three social media tools (10 minutes).

Why is email still so popular? The most obvious answer is that email is ubiquitous and standards-based, and so sending an email or attachment to someone can be accomplished with very high reliability. However, I think there are two additional reasons that email is so popular:

  • Email is the corporate equivalent of call screening, a fairly common practice and one of the primary reasons we like caller ID and voicemail so much. Someone can send us an email or an attachment and we don’t have to do anything about it until we want to do so. Unlike instant messaging, text messaging or a real-time collaboration system, we can receive an email and not interact with the sender, or we can send an email and not have to interact with the recipient. In short, email gives us the flexibility of timing our social interactions in a way that other tools cannot.
  • Second, email is our “junk drawer”—that repository of emails, contacts, files and other information that acts as something of a flat-file database in which we can store content that is easily searchable. Moreover, anyone can add to our database by doing nothing more than sending us an email. Yes, there are those minimalists who maintain little in their inboxes—but most of us are “pack rats” that store thousands of emails and other content somewhere in their email system. Using email in this way frees us from the tasks associated with being file managers, since we can almost always find whatever we need in our email system.

The bottom line is that email is not going away anytime soon.

Published February 4, 2013

Some Thoughts on IBM Connect

By Michael Osterman

I spent time this week at IBM Connect in Orlando and enjoyed the weather that was very similar to the weather in my home base of Seattle – the only difference being that Orlando was warm, dry and sunny.  Attendance at Connect was up from Lotusphere last year, and the analyst audience was the largest that IBM has hosted for the event.

The obvious theme of Connect was “social”, which permeated every aspect of the conference, the product announcements, and the discussions at a large number of the sessions.  Among the many new product announcements were:

  • An upgrade to Connections (v4.5) that offers new analytics capabilities, improved integration with Microsoft Outlook and more SharePoint-like capabilities.
  • An upgrade to Notes/Domino, Social Edition 9, that will feature a variety of new social capabilities and support for the leading mobile platforms – Android, iOS, Windows Phone and BlackBerry 10.
  • A completely revamped Exchange-to-Domino migration capability with both a server and client component that offers granular migration capabilities.  This, in and of itself, seems to represent a renewed vigor in regaining some of Notes/Domino’s lost ground to Exchange over the past years in the more traditional email space.

What was particularly interesting about IBM Connect was that while there was continued focus on social and the “newness” of integrating social capabilities into everything that IBM does, this is really not new for IBM at all.  Notes/Domino, for example, has always been about the sharing of information, both requiring and fostering a corporate culture that rewards employees for sharing their work in a collaborative fashion instead of rewarding employees based on their ability to build and maintain information “fiefdoms”.  IBM’s growing emphasis on social computing is more evolutionary than revolutionary in this regard, since the company has been building to this point for many years.

What was also particularly interesting – and admitted to openly by multiple senior IBM executives – is that IBM is not really focused on technology as much as they are on helping their customers to create and manage new business processes based on social interactions.  More than one exec said that IBM’s technology is not really the “secret sauce” of IBM’s current and future success, but rather the development and fostering of the social enterprise, for which technology is simply the underlying enabler.  This theme was underscored by the large number of business-focused, as opposed to IT-focused, audience members in many of the sessions, with a particular focus on HR-types (no doubt because of IBM’s December 2012 acquisition of Kenexa).

Personally, I would like to have seen more emphasis at Connect on Watson, IBM’s artificial intelligence system that can answer questions using natural language.  While we are definitely in the early stages of what Watson can do, and while IBM is aggressively focused on a few key verticals with Watson, I believe it will revolutionize the way that people interact with information and will be as much of a revolution in the future as social has been for the past few years.  For example, much of the discussion at Connect was on how access to vast quantities of social media information that can be used to learn more about customers, improve business processes and the like.  Imagine a world in which this information can be processed by a Watson-like capability from a desktop or mobile device to learn about customer behavior in real time or to provide guidance on which sales contacts to call within the next 30 minutes.

Fundamentally, I came away from Connect with a strengthening of my belief that IBM is well ahead of their fiercest competitor in several key respects, particularly with respect to social and cloud computing.  I think that IBM needs to do a better job at telling the world what they do, particularly in the area of cloud computing, but overall the company is on a very nice trajectory.

Published January 31, 2013

Recent Malware Exploits Should Get Your Attention

By Michael Osterman
in
  • During early October 2012, several US-based power plants were impacted by malware and at least one was shut down for a period of three weeks. One of these plants was brought down during a software update in which a USB stick infected with an identity-theft Trojan was used by an outside contractor. The anti-virus software at this plant had not been updated.
  • In December 2012, the FBI and the US Department of Justice arrested 10 individuals who had used the Yahos banking Trojan via Facebook to steal $850 million and infect 11 million computers via the Butterfly botnet.
  • McAfee discovered a Russian scheme that was targeted at 30 US banks, including Wells Fargo, Citibank and Chase. The plan was to infect the computers of these banks’ customers with Trojans, withdrawing funds from their accounts. Although the scheme may have been thwarted because of its discovery, at least 300 computers have already been infected and the plan may still be moving forward.
  • Zaxby’s, a restaurant chain that serves customers in 13 states across the southeast and mid-Atlantic states, reported earlier this month that it found various malware files in its restaurants in 10 of those states. Customer credit and debit card numbers, as well as their names, may have been stolen.
  • On November 26th and 27th, a Web application was breached at the Rosenthal Collins Group resulting in the possible breach of individuals’ names, addresses, Social Security numbers, net worth, net income, passwords and other sensitive information.
  • Kaspersky reported earlier this month that a large and internationally distributed malware network has stolen several terabytes of information from government embassies worldwide. The malware is spread through email and enters computers via an attachment; it has been discovered in 39 countries so far.

There are several lessons to draw from these incidents:

  • Any device can be infected—from a USB stick used by a bona fide computer technician to a smartphone to your desktop computer. The proliferation of devices used in the workplace, particularly personally owned devices that are used to read and write corporate data, increase the likelihood of infection.
  • You are valuable—or at least your data is valuable—to bad guys.  If you have a bank account with a reasonable balance, a passport, a credit card, a mortgage, login credentials to your bank or corporate systems, etc., you are a potential target. The more you know and the more you have, the more interested that bad guys will be in you.
  • Using credit cards online can be risky. Their use can also be risky when you buy a hamburger at a restaurant down the street.

Perhaps the most important lesson is to be careful by following six fairly simple security precautions. While these are seemingly obvious, you’d be surprised at how many people aren’t so careful:

  1. Maintain good anti-virus defenses on every platform and device you use, including the lowly USB stick. If you’re in IT and your employees are using personally owned devices to access corporate data and systems, make sure that their anti-virus software is up-to-date.
  2. If you’re an IT decision maker charged with security in your organization, make sure that any deal includes security tools or services for end users working from home. If you’re a financial decision maker charged with approving security-related purchases, fund the additional cost of protecting your employees’ home computers.
  3. When you access a Web site that is asking for personal information, look for a lock symbol in the browser signifying that content is being sent using encryption and that the certificate is valid.
  4. Don’t open email attachments or click on links in email if you don’t know the sender or if it looks even the slightest bit suspicious.
  5. Be careful about oversharing: Don’t share personal information on Facebook, Twitter or anywhere else you would not want the world to see.  Don’t enable GPS capabilities on your mobile devices unless you want to be tracked. Don’t post your vacation photos unless you have a house sitter or some other way to safeguard your home while gone.
  6. Make sure your mobile devices can be remotely wiped if they are lost or stolen.

Apologies for offering such basic advice, but many people simply don’t follow these steps consistently or at all.

Published January 17, 2013

The Element of Trust in Cloud Messaging

By Michael Osterman
in

The traditional model of deploying email, security, archiving, backup and related solutions using on-premise servers and software (or appliances) requires a certain amount of trust—trust in the technology offered by the hardware and software vendors, trust in the quality of the ways these technologies have been implemented, trust in the responsiveness of their support when things go wrong, trust in the patches and upgrades that are offered, and so forth.

However, for those charged with managing these capabilities in the cloud, an almost quantum leap increase in the level of trust is required of the providers offering these services for the simple reason that data is now in the hands of a distant third party. Not only must decision makers place trust in the quality of the hardware and software deployed in the cloud providers’ data centers, the ways their technologies have been implemented, the responsiveness of support staff, etc., but now trust must be placed in several other attributes of the provider(s). These include the quality of the technical team managing the cloud data center, the quality of the management team that runs the business, the overall financial health of the cloud provider’s business, their integrity in managing sensitive and confidential customer data, and their responsiveness in migrating data back to their customers for any reason.

Fundamentally, this creates four primary responsibilities—two for prospective customers of cloud providers and two for the providers themselves:

  1. Customers must carefully define the service levels, migration strategy, archiving strategy, messaging policies and every aspect of their communication and collaboration capabilities that might move to the cloud. Many organizations have not yet established detailed and thorough messaging policies, for example, and so are simply not ready to migrate capabilities to the cloud.
  2. Due diligence is extraordinarily important in selecting cloud providers because of the high stakes involved. Cloud vendors must be vetted on a number of parameters, including their business model, financial health, uptime, backup strategies, and redundancy. While due diligence is important when selecting on-premise solutions, an order of magnitude more care must be applied when vetting cloud providers.
  3. Cloud providers must implement a range of technologies and best practices to ensure that customer data is maintained securely, it can be migrated from and back to customers with a minimum of time or pain, and they must be sufficiently capitalized to ensure that the business keeps running even in difficult economic times.
  4. Finally, cloud providers must offer a level of transparency into their operations that will satisfy decision makers charged with evaluating them.

It’s important to note that I’m not arguing against the use of small and/or startup cloud providers. Many of them have solid business models, provide excellent service and have a good record of uptime. Large does not necessarily imply that superior service will be offered, nor does small necessarily imply the opposite.

The bottom line is trust: successful use of the cloud to run critical business operations demands it.

Published January 9, 2013

An Interesting Cloud-Based Intranet Offering

By Michael Osterman
in

I was recently briefed on Jostle’s People Management platform, an offering that the company refers to as an intranet, but that many might consider to be an enterprise social platform. Jostle’s platform is an interesting offering for several reasons:

  • Unlike SharePoint that has a document-centric focus with social capabilities also built-in, Jostle’s People Management platform has a social/people focus that also has document capabilities built-in. For example, Jostle’s offering has a photo wall that presents the images of everyone in the organization. Users can search across all employees by name, role, location, skill set, etc. Clicking on an image presents contact and other information about that individual, such as tags about the individual’s interests that are auto-generated by the system based on their activity.
  • The People Management platform also offers a “Relationships View” that presents the activities individuals are working on at any given time. Interestingly, it can also present the formal organizational structure of an organization, but also the informal organization structure that might represent a better picture of how employees relate to one another collaboratively. This view provides insight into the contributions made by individual employees and the groups in which they participate, perhaps offering insight into how the organization really works.
  • One of the more powerful features of the platform is its ability to find expertise within a company based on activities in which employees participate, information that might not otherwise be discoverable through conventional communication and collaboration channels.
  • The platform also provide a robust news platform that allows individuals or groups to post events, documents, client information and other content that can keep everyone in an organization up to speed on the latest events.

So, why are tools like Jostle’s People Management platform, as well as social offerings from companies like Socialtext, Jive, Socialcast, IBM, Microsoft, Novell Vibe and many, many others important?  While they allow individuals in one location to share information and become more productive and informed as a result, I believe one of the primary advantages is that they allow geographically separated employees—both those across the world and those across town who telework, for example—to work more efficiently.

For example, in An Empirical Study of Global Software Development: Distance and Speed—a research paper written several years ago by individuals from Lucent Technologies, the University of Michigan and Xerox PARC—the authors discuss the results of their research into problems caused when people who must work together are separated geographically. An interesting finding from the study came from questioning professionals, mostly software engineers, about delays in their work caused by the need for information from other people. The study found that when these people needed information from others at local sites, there was an average of 2.1 delays per month and the average length of delay was 0.9 days. However, when they needed information from others at geographically distant sites, the mean number of delays was 1.9 per month with an average length of 2.4 days. In other words, there were 1.9 local delay-days per month when needing information from others at the same site, but 4.6 delay-days per month when the information was needed from people who were geographically separated, a difference of more than 140%.

The key takeaway here is that distance imposes delays in gathering information from others. These delays might manifest themselves in slower response to a customer inquiry, delayed introduction of a new product, deleting certain product features from a new release if the deadline for the release is unchangeable, and other problems. None of these are issues that are necessarily going to create a clear and quantifiable financial impact in and of themselves, but they will result in an impact on the bottom line at some point. Tools like Jostle’s People Management platform and a host of others will help to address these issues by eliminating at least some of the barriers introduced by distance.

Published December 20, 2012