Ask the analyst – expert answers to your business IT questions

Are you flummoxed by a business IT problem? Then go to our Ask the Analyst blog for enlightenment

The Ask the Analyst blog invites IT managers to submit their real-life questions to experts at Gartner. Each month we will select the three best questions, put them to the Gartner analysts, and publish their responses.

If you have a business IT question to ask Gartner analysts, simply post it as a comment on the Ask the Analyst blog, or email us at feedback@computing.co.uk and we will select the best questions to put to the experts.

Here are the first three questions and answers.

We have opted for an SOA strategy for application development, but I don’t quite understand the relationship between SOA and enterprise architecture?
Brian Burke, research vice president at Gartner, says:
The decision to move to a service-oriented architecture (SOA) strategy must be made within the context of the organisation, not a project or a development team. So, when you “opted for an SOA strategy for application development”, you (hopefully) had already made an enterprise architecture decision. If the decision to move to an SOA was made within the narrow context of a project or development approach, there is a high probability of failure. Besides the decision to move to an SOA approach, there are a number of other intersection points between SOA and enterprise architecture to consider.

Typically, the selection of technologies to support SOA is an enterprise architecture decision. There are many participants in technology selection decisions, including representatives from application development, security, operations and other groups. But it is enterprise architects who will drive the technology selection decisions.

Enterprise architects also play a role in determining which services to develop and the development priorities. They typically have a good understanding of the broad application landscape and are well positioned to identify services with the greatest potential for reuse. Enterprise architects (particularly business architects) also know which business processes are highly volatile and can focus SOA efforts to support those processes that must be rapidly reconfigured as business processes change. Again, enterprise architects (particularly information architects) also have a good understanding of the data that is most commonly used and shared across the organisations. Information architects are well positioned to identify data-centric types of services, which provide consistent access to shared data.

It is a common mistake for organisations to believe the move to an SOA development approach is purely a development decision. The move to an SOA approach has a broad impact on many areas of the business and IT. Gartner recommends organisations create an integration competency centre (ICC) as a forum for decision making to support the migration to an SOA approach. Enterprise architects play a key role in the ICC, providing information on the business vision and strategy, guiding principles, future state models and roadmaps, technology standards, and executive sponsorship.

Should we use social networking tools in our business to improve internal communication and collaboration?
Jeffrey Mann, research vice president at Gartner, says:
The shortest answer is yes. Business executives are often put off by the thought of using social networking tools in a business environment because they are most commonly associated with consumer use. However, the drivers that encourage consumers to use these tools are really not so different from business needs when analysed more closely.

Seeing users “throw sheep” at each other (a popular way of demanding attention on Facebook), recommend obscure music, garner support for fashionable or frivolous causes, or publicise grainy video clips of drunken antics or cute kittens could lead managers to believe that what happens on these sites has no relevance to the serious, disciplined working world. In reality, there is more overlap between these two worlds than might initially be expected. While the objects dealt with will be very different, the kinds of interactions fostered by consumer social software sites are actually very close to the desired behaviour that collaboration managers should be encouraging.

At Gartner, we strongly believe that social software technologies will soon gain wide business acceptance. These social networking sites and consumer tools are solving problems in such areas as collaboration, information sharing, group formation, employee engagement, and information organisation in interesting new ways that are worth learning from.

Although consumer users typically deal with artifacts such as videos, music clips, recipes, travel tips, sports scores and fashion pictures, the way they deal with these objects is fundamentally similar to how enterprise users deal with reports, transactions, emails, proposals and presentations. Many of the basic needs are strikingly similar, even if the objects and descriptions are widely divergent. While consumers want to keep up with what their friends are doing, business users want to keep up with their colleagues’ activities. Consumers want advice about whom to date or what clothes to buy, while business users want to tap into colleagues’ expertise on vendors and suppliers. Consumers look to involve their friends in political or social causes, while business users want to mobilise to take advantage of an opportunity or react to a crisis.

Expressed in a different context, all of these social behaviours are the kind of thing that organisations should be encouraging. It is within the interest of businesses for their employees to have better contact with colleagues and partners and to seek new ways of sharing information and attaining clearer insights.

I am the IT manager of a small business. Would it be easier and quicker for me to outsource IT security to a managed service provider than to organise it in-house?
Tom Scholtz, research vice president at Gartner, says:
Outsourcing operational security activities to a managed security provider is a valid strategy, as long as some basic principles are adhered to.

First, you can never outsource the accountability for protecting the organisation’s information resources. Outsourcing the operational activities does not absolve the organisation from its responsibilities toward all its stakeholders. For example, if personal financial information is compromised because the security provider failed to detect a security breach, the client organisation will be held accountable by the customer, not the security provider. Hence, it is imperative that the client organisation retains a clearly defined role for managing overall security strategy, for making important risk mitigation and breach response decisions, and for ongoing management of the relationship with the service provider.

Second, never outsource what you don’t understand. An effective outsourcing relationship is based on a clear and mutual understanding of the nature of service requirements and deliverables. Outsourcing a security function that you don’t understand will bring frequent misunderstandings with your provider and you will pay above the going market rate.

But outsourcing is still a valid strategy. Indeed, Gartner research indicates that customer satisfaction with managed security services continues to improve as service delivery matures.

Visit the Ask the Analyst blog to put your questions to the experts at Gartner