Blue Cedar Puts Mobile Application Security Far Ahead of MDM

I get to join several product demonstrations each month and speak with various technology companies about the current and next-generation problems they are working to solve. Sometimes you hear about products when it’s too late, when you don’t work with a client anymore who might have benefited from a solution or a solution they tried killed implementation completely.

When speaking with Blue Cedar CEO John Aisien last week, I found a product that could have helped me solve for a problem a client was challenged with in 2016. John and his co-founder Kevin Fox have assembled a team that is simplifying the role out of BYOD for enterprises and delivering seamless security solutions for heavily regulated B2C organizations focusing on mobile applications for their users. They have competition in the space, but I noticed a differentiation between them and the more commonly known providers in EMM.

How? By placing the Blue Cedar Security Injection product directly into an organizations application development tool-kit. The solution lights up a security control center to monitor, track, and control the applications behavior on any given device without any use of the traditional MDM products. They are moving the line on untrusted user access, creating a tool that enables the enterprise to securely mobilize their entire workforce, and with the varying controls that enterprises are accustomed to in the MDM services we utilize today. The key difference, however, is that there is no MDM agent required to sit on any BYOD device – a huge move to full enabling BYOD.

I see Blue Cedar taking serious strides to simplify the mobile application security management questions that enterprises are boiling water over today. Their recent announcement of a partnership with Neptune Software and their Rapid Mobile APP Development Platform, as well as their ongoing work with SAP is evidence of this. And they are developing a tool set that becomes more critical as we expand our hardware connectivity and computing capabilities from a centralized secure location to the edge.

Theoretical? No!

Blue Cedar completely solves a very real enterprise security problem.
The client this made me think of is a pharmaceutical company that took the strategic initiative to bring mobile technology to their clinical trials. What an opportunity – and challenge – to securely generate valuable user data.

Think about it; this company runs more than 200 clinical trials annually and for varying lengths of time. The number of participants per trial varies from 50 to tens of thousands, and the user make up is diverse and unique to each clinical trial they run. None are employees and they’re not consumers whose data can be shared, viewed, or left unattended.

It’s not that the users could not be trusted with their own data. The question really surrounded how to securely deploy an application that would collect highly sensitive and proprietary data from a decentralized and uncontrolled user group?

The solution at the time was to loan these users a corporate-owned tablet, pre-configured with a Mobile Device Management (MDM) application, coupled with Apple’s Device Configurator (I know, I cringed too), a custom-built in-house application specifically for use in this trial, and a robust logistical support strategy for replacements, software and application updates. We started with a user group of 250 participants in one country and had some other challenges to consider.

We knew right away that this would be expensive and technically challenging to scale from one trial to more than 200. Each clinical trial requires its own application(s) and connectivity capabilities with other 3rd party applications, and maybe even wearables or connected medical devices and other controlled systems. Not every user needs a device, but not every user doesn’t need a device.

If I were to guess, 80 percent or more of the total users globally could be BYOD users if a tool like the Blue Cedar product were deployed in their application development strategy. It solves the security conundrum that MDM was meant to address while delivering a high volume of logistical and user support savings. Otherwise, a client would spend hundreds of millions of dollars on one-time-use hardware and the tracking of 3rd party software licenses.

The remaining 20 percent of users who receive a device for the term of their trials would leverage the same application, but with a far less complex device configuration setup and logistical support network. This would further save the company millions in support and deployment costs.

Who else is solving for complex mobile problems and weighed down by the cost and security of the hardware, and the security of the network? Everyone.

Apple iPhone X Highlights Enterprise Corporate-Liable vs. BYOD Conundrum

The consumption by enterprises of world-class phones has increased as the demand for the latest and greatest technology has shaped a monumental change in the workforce. The workforce has become mobile and the enterprise is now grappling with the cost of the latest and greatest hardware versus its ability to maintain current and functional technology – all while trying to balance how quickly to advance solutions to keep up with new technology. It’s the age-old question: what is the advantage? Finding that advantage requires a balance between checkbooks and talent – development talent, sales talent and so much more.

Apple owns the corporate-liable space in the United States. Recent reports from AOTMP show that 82 percent of corporate devices are Apple iOS, though many remain two to four generations behind the current model. This means the iPhone 5S – iPhone 7 dominates among enterprise users. And often, this is by design.

But every organization is already dealing with the iPhone 8 or iPhone X in some respect. That’s where I believe things get interesting for Apple – and why it might lose its standing as the corporate-owned leader. Being first-to-market with technology that clients cannot keep pace with is as dangerous as not coming to the market with a solution at all. Apple understands this, as its growth within the enterprise remains filled with adversity.

As Apple devices get more expensive and more complex, mobility management experts are having an easier time overseeing BYOD within the enterprise environment. This could lead to a full-scale tilt away from mass corporate purchases of Apple devices. While Apple has produced management tools to simplify the deployment and security of corporate managed devices with Apple DEP and third-party partnerships, Android has released a cross-manufacturer deployment management tool in Android for Work. This delivers a more seamless deployment solution with simplified APIs across a range of desirable manufacturers beyond Samsung and the Samsung Knox solution.

The consumer market dictates so much of the noise we hear when a new device becomes available. There are mentions of the enterprise and some models are the subject of campaigns targeting the enterprise workforce. But what do enterprises relying on corporate-owned oversight do when a new device comes out and their users clamor for it?
A few will panic, some will plan, and many will wait.

Why the panic?

Generally, panicking companies are behind in deploying a full management solution for their mobile devices. It’s still the wild west and, often, users will dictate the adoption via shadow IT. When a new Apple device comes out, users will buy them on their own with a corporate credit card, expensing them as new technology purchases. Or mobility management professionals see a drastic uptick in “dropped,” “lost,” and “stolen” claims – an annual phenomenon known as “Apple season.”

Great! Now what? Is the enterprise’s EMM or MDM platform prepared for the changes in protocol for the new device? New control capabilities? Do mobility management experts even know users have a new device, or are users taking a roundabout approach to accessing corporate email and sensitive materials? Shadow IT can drive new innovations and create new user experiences. But left in the shadows, it can also risk the security of corporate data.

Therefore, if organizations plan for employee demand of the latest Apple device, how are they planning?

The enterprises that plan are often the ones that wait to deploy the latest device. These organizations are actively engaged in the changing market and are usually current with security software. No matter a company’s size, there are experts in this space to provide guidance and manage the various software and support requirements when you’re using a service. These enterprises have built an internal telecom/mobility/technology management Center of Excellence or relied on a solid provider to reduce mobility management headaches. They participate in beta programs with manufacturers and have controls via policy and user-request modules to dictate new devices’ accesses and permissions. They understand the value of the hardware they are using versus the increased value of the device coming to market. In fact, the value an enterprise can generate from these new devices comes not from the hardware, but from applications that make the most of the hardware’s capabilities. As such, these organizations aren’t necessarily adopting the latest and greatest device.

Take, as an example, a global pharmaceutical firm struggling to centralize control of new applications. This is creating risks in “managing look, feel, security, certification and refresh process,” the contact told me. To curb the problems, the firm is deploying an agile development team for its mobile applications.

Along those lines, the iPhone X’s updated capabilities are exciting. Apple is bringing some unique experiences, such as augmented reality, to users. But the question for corporate-liable enterprises is whether they can develop the applications and systems to leverage those capabilities. The answer, in many cases, is no. Internal application development efforts have traditionally remained months behind new device technologies, if not years.
That’s where planning can create issues. Teams need to work closely together to get where they need to be. I’ve seen enterprises build incredible consumer applications, only to be turned down by the internal security or mobile management team for installation on corporate-owned devices. Users were forced to operate with two phones just, so they could use their company’s apps.

Waiting to adopt the latest device can be a wise move, especially considering budget. As the representative from the global pharma company said, “Our recommendation to our board was neither the iPhone 8 or X gives significant advantage over the 7.” Ultimately the board opted to allow the iPhone 8, but not the X due to cost – for now. The pharma will likely be an iPhone X house by the end of the year, the source said.

However, waiting too long to adopt can hurt an unprepared organization. The latest and greatest often does not address an unmet need, but it will ultimately create problems for the underprepared development team. Organizations must practice caution when deciding to wait, as waiting too long can be as detrimental as launching too quickly. Apple will stop supporting the iPhone 5S, and likely the iPhone 6/6S, in the next 18 months.

Organizations still depending on this hardware will be tapping into the $47.8 billion aftermarket for replacement devices and looking to find consistent, high-quality repair services. Additionally, taking on unsupported devices from the manufacturer creates an increased support burden for internal teams.

And if rumors are true, the iPhone 8 may be the last phone of its type as Apple moves to a more advanced hardware set under its new iPhone X model and design.

Blue Hill - AOTMP 2018 Q1 Agenda

Dual logo header image

First Quarter 2018 Research Agenda

 Click Here to Download a Copy of the Agenda

IoT/Telematics/VR/IoT Analytics Research Practice

Analyst Insight: The World of Augmented, Virtual and Mixed Reality

This report targets the emerging world of virtual reality (VR). It does so by placing VR within the context of already existing enterprise augmented reality solutions, as well as by providing an understanding of “mixed” reality – a new term that bridges the gap between AR and VR. The report also provides insight into the differences between AR and VR, and the applications that best suit each. Further, it examines the key underlying driver for both AR and VR within the enterprise: the explosion of enterprise IoT deployments and the vast amounts of data generated.

Market Landscape: Augmented Reality and Virtual Reality 

This Market Landscape report delivers an overview of the types of vendors in the combined IoT and AR/VR markets. It offers insights into the maturity level of each vendor’s ability to deliver workable and meaningful AR/VR services. Though the report does not rank vendors, it assesses which ones stand out as the leaders in this space. Finally, mini case studies demonstrate the various ways enterprises are using AR/VR.


Mobile Application Development Research Practice

Analyst Insight: It Is No Longer Your Father’s MAD World

Mobile application management is, at the same time, the most, and least, mature market segment within enterprise mobility. Application development now emphasizes immediacy and agility. Mobile vendors compete on fulfilling the need for speed without sacrificing application richness. The terms that matter most are “low touch” and “low code” – each of which reflects agile development methodology. This analyst insight explains the framework needed to understand what today’s vendors – whether startups or tech giants – offer and how they differ.

Market Landscape: Mobile Application Development

This Market Landscape classifies the types of vendors in the application development space and brings insight into each vendor’s ability to deliver on agile development services. Though the report does not rank vendors, it does provide comparative assessments highlighting which vendors represent the leaders, including the smaller ones that have remained relevant.


Enterprise Mobility Management Research Practice

Analyst Insight: Is it EMM 2.0 or UEM?

The EMM market is a mature mobile segment; it houses a number of very established veterans and features few opportunities for new entrants. And yet, the market is advancing quickly with new and less-mature technology such as unified endpoint management. The real work for enterprises in 2018 is to understand what UEM means and whether it represents a legitimate next step in the mobile management market – or whether it is a buzzword best ignored. This Analyst Insight examines the evolving state of mobile security, presents a framework for understanding EMM, UEM, digital workstation platforms and discusses whether mobile application management still has a unique role to play.

Market Landscape: EMM/UEM 

This Market Landscape report classifies the vendor types that operate in the mobile management and mobile security sectors. It analyzes the three main categories into which vendors fall: EMM 2.0, UEM and Digital Workstation Platforms. Though the report does not rank vendors, it does provide comparative assessments and charts highlighting which vendors stand out as leaders. Finally, analysts consider possible consolidation scenarios enterprises should know.

Survey Project: Mobility and Endpoint Management from the Enterprise User Perspective

This field research targets vendors by providing in-depth information from, and analysis of, enterprise perspectives and expectations for the mobile management marketplace. It highlights enterprise priorities for mobile management, and mobile security services and capabilities.


IT Service Management Research Practice

Analyst Perspective: Trends in Managing Change Using ITSM Software Capabilities

The change management process concerns any adjustment that affects IT services within the enterprise. The challenge is to implement such change with as little impact as possible – and that’s a tall order. Done wrong, IT change management stands a big chance of hurting business operations. Conversely, done well, change management can improve an organization’s spending, collaboration and market visibility. For all those reasons and more, it is imperative to understand trends in managing change through ITSM solutions and stay abreast of how organizations are using the software. This Analyst Perspective report examines these areas as they relate to enterprises and vendors. 


Enterprise Telecom Environments Research Practice

Analyst Perspective: Enterprise Vendor-Management Trends

Telecom/IT vendor performance significantly impacts the productivity and efficiency of an enterprise telecom environment and, as a result, the business. How enterprises manage these vendors, ensuring expectations and performance levels are met, is critical. This Analyst Perspective report explores key trends influencing vendor management practices within the enterprise; analyzes top enterprise vendor management trends; provides guidance about what should change to improve vendor performance management; and discusses what enterprises should do to improve relationships with vendors.

Analyst Perspective: Enterprise Telecom/Mobility/IT Policy Management Trends

Developing, managing and enforcing solid telecom, IT, and mobility policies throughout an enterprise mitigates risk and improves telecom management performance. For example, AOTMP Research has found that organizations with stringent wireless policies and enforcement protocols reduce mobile expense by 21 percent. They also report fewer security incidents than their peers because they planned ahead. Often, though, enterprises struggle to establish a policy that meets or exceeds business requirements, and that can be monitored and enforced effectively in an automated fashion. The most effective policies are clear, concise and comprehensive. This Analyst Perspective report considers how enterprises are managing telecom, IT and mobility policies and discusses ways to improve policy management performance from both the enterprise and vendor perspectives.


Telecom Management Ecosystem Research Practice

Market Landscape: Telecom Management Ecosystem 

Recalling that the Telecom Management Ecosystem consists of telecom, IT and mobility vendors, the environment and the business, this report will uncover how each facet is performing as technologies and industry changes impact the market landscape. The Telecom Management Ecosystem defines the relationship of vendors to enterprise fixed and mobile telecom environments, and the influence of fixed and mobile telecom environments – including vendor-delivered products and services – on business results. It consists of three components that work together to deliver efficient and effective business performance. Therefore, this Market Landscape report highlights key trends influencing the performance and efficiency of the telecom management ecosystem. It further provides analyst recommendations for implementing and negotiating change that will improve overall outcomes through telecom management.


Telecom Expense Management Research Practice

Analyst Perspective: Are TEM Vendors’ Global Capabilities Keeping Pace with Enterprise Needs and Demands?

Executing upon a global strategy for managing telecom, IT and mobility services can be complex. Regulations, billing formats, cultural practices – everything varies country to country. Relying on TEM vendors to handle these domains can be a solid decision if the vendor’s capabilities are up to par. Using enterprise and vendor input, as well as analyst perspective, this report assesses the state of TEM vendors’ global capabilities in meeting enterprise requirements as the industry looks ahead to 2018 and beyond. It further discusses enterprise requirements regarding managing global telecom expense; evaluates the state of vendors’ global TEM capabilities; and analyzes areas of strength and those that need reinforcement. 

Analyst Perspective: Understanding TEM Vendor SLAs

Service level agreements, or SLAs, establish performance thresholds that vendors are expected to meet. Most TEM vendors offer a variety of SLAs centered around invoice processing, service ordering and help desk support activities, and more. Although SLAs themselves are important, establishing remedies for missed performance is equally as critical for holding vendors accountable. In addition, measuring and monitoring SLA performance is essential for gaining visibility into areas where strength and opportunity can be improved. In this report, analysts dig into what enterprises need to know about TEM vendor SLAs.

Analyst Insight: The Short-Term Futures of TEM and MMS

The TEM and MMS markets are rapidly becoming critical to enterprises mobility and telecom management. In other words, as both AOTMP Research and Blue Hill Research, a division of AOTMP, underscored in 2017, the same tools that drive TEM are necessary for managing entire IT departments and operations. TEM is evolving into IT Expense Management (ITEM) and MMS is transforming into Technology Lifecycle Management (TLM). Enterprises must have a clear understanding of where ITEM and TLM meet, and know which vendors fall into which categories. They further need to pinpoint which vendors remain purely focused on TEM and be able to identify which ones incorporate ITEM/TEM into their own platforms. This Analyst Insight explores the key issues and market implications of these shifts.

Market Landscape: TEM and MMS

This market landscape analyzes the overall TEM and MMS ecosystems, and profiles primary and secondary vendors within their respective markets. Though the landscape will not rank each group and category of vendor, it will include comparative tables and charts, and provide assessments of the value each company brings to the enterprise. This landscape rounds out the perspectives and information provided in the related Analyst Insight report, The Short-Term Futures of TEM and MMS.

Analyst Insight: The New Technologies of TEM: Artificial Intelligence, Machine Learning and More

As vendors build solutions that make use of leading-edge technologies, enterprises want to know how to benefit from expanded platform capabilities. This report builds on The Short-Term Futures of TEM and MMS, and answers that question for enterprises. It explores how TEM and MMS vendors are supporting technologies including artificial intelligence, machine learning and natural language processing. 

Survey Project: The Evolution of TEM to ITEM from the Enterprise-User Perspective

This field research and quantitative analysis targets vendors. It offers in-depth information from, and analysis of, enterprises and their expectations for the TEM and ITEM marketplaces. It also highlights enterprise priorities for TEM/ITEM services and capabilities.


New! Blue Hill - AOTMP Expand Research Practice Areas

Dual logo header image

Welcome to 2018, a year that will bring great transformation in the technology, IT and telecom sectors. As part of that evolution, AOTMP Research has acquired Blue Hill Research. Together our AOTMP Research and Blue Hill teams are expanding coverage far beyond traditional focal points to specialize in the following practice areas:

  1. IoT/Telematics/VR/IoT Analytics
  2. Cybersecurity
  3. BI/Data Analytics/Machine Learning/AI
  4. Mobile Application Development
  5. Enterprise Mobility Management
  6. IT Service Management
  7. Enterprise Telecom Environments
  8. Telecom Management Ecosystem
  9. Telecom Expense Management

Indeed, 2018 will see the emergence of exciting technologies that enterprises must use to bolster competitive advantage, market share, customer acquisition and retention, profits and more. This year will usher in true inflection points where technology transcends hype and becomes usable. Expect this to happen in augmented reality, wearable technology, machine learning, lightweight and rapidly developed mobile applications, and in mobility dominating as the primary tool of entire workforces.

Meanwhile, technologies that have experienced their inflection points will undergo the adoption that follows the period of hype. Look for the much-discussed Internet of Things (IoT) and certain aspects of cloud to lead. To the latter point, 2018 will be the year enterprises become mainly cloud-based entities.

The trends are not all sunshine, however – with the positive comes more challenges for enterprises. The chief example? Cybersecurity. As hacks and breach grow more sophisticated and frequent, enterprises must arm themselves against attacks. At the same time, organizations are generating more data than ever before – and letting more valuable information fall to the wayside than ever before. Shoring up a business intelligence/data analytics practice will create functional insights that lead to revenue. Finally, adding technology into an enterprise also adds expense. Managing the intricacies of licensing, user and other costs still requires budget, expertise and attention.

Each of these trends holds significant implications for enterprises. That is why AOTMP Research and Blue Hill Research have combined, and why analysts are diving into new practice areas and addressing the growth and change within existing domains. 

With that in mind, look for an expanded roster of deliverables in the first quarter of 2018 as AOTMP Research and Blue Hill Research hit the ground running. Enterprises and vendors alike can expect the following:

  • Market Alerts
  • Analyst Perspective reports
  • Analyst Insight reports
  • Anatomy of a Decision
  • Market Landscape reports
  • Special survey projects
  • Podcasts
  • Webinars
  • Interviews
  • Whitepapers

As always, AOTMP Research and Blue Hill Research will augment these deliverables as trends and markets demand. Along the way, enterprise and vendor input is critical. Share your perspective by answering short questionnaires distributed to the Enterprise Research Panel and to the Vendor Research Panel. Such feedback helps guide the AOTMP Research-Blue Hill Research agenda, and connects organizations with peers and resources to elevate the entire technology/IT/telecom industry. 


Warm regards!

Tony Rizzo, Chief Research Officer, Blue Hill and Senior Research Director, AOTMP Research

Andrew Hartwyk, Senior Research Director, AOTMP Research


NEWS: AOTMP Acquires Blue Hill Research

Acquisition Adds Fresh Content and Expertise in New Technology Trends to AOTMP Research Practice

INDIANAPOLIS—9 January 2018— AOTMP, a global information, research and advisory firm for telecom management best practices and industry standards, today announced the acquisition of Boston-based Blue Hill Research, a technology research firm focused on providing timely guidance for organizational technology investment.

The acquisition will enable AOTMP to build upon its strong position within global enterprise telecom/mobility/IT environments by capitalizing on Blue Hill Research’s strong position with the vendor community and expertise in new technology trends and user adoption. “We are excited to have Blue Hill Research join forces with AOTMP to take our research practice to an entirely new level,” said Tim Lybrook, AOTMP President & CEO. “Bringing together these teams gives us many more points of intelligence around what technology leaders are thinking and planning that will drive more valuable research studies and trending for our clients of all sizes.”

The acquisition includes all assets of Blue Hill Research. The research, analyst, client services and sales teams will join AOTMP and founder and Research Fellow, Ralph A. Rodriguez will take on the role of Strategic Advisor at AOTMP where he will work closely with Stacy Hiquet, Chief Content Officer and Timothy C. Colwell, SVP, Efficiency First® Adoption as the combined company looks to integrate Blue Hill Research into the AOTMP Research Practice.

“We have long admired AOTMP and the complementary offerings make sense at a time when the telecom and IT space is changing and evolving rapidly with the emergence of new technologies driving the consumerization of IT,” says Ralph A. Rodriguez, Blue Hill Research Founder.

Over 1,000 pieces of Blue Hill research content covering key industry reports, analyst insights, podcasts, infographics, webinars and blogs will be added to the AOTMP Research Library, making it one of the largest telecom and IT topic-specific databases in the world.

“Combining enterprise end-user and vendor research insights into one complete research offering is of major importance for the three key technology stakeholders in all organizations – technology, finance, and line-of-business executives,” says Tony Rizzo, Senior Research Director, AOTMP and Chief Research Officer, Blue Hill Research. Rizzo further notes that, “Joining together the deep technology expertise of AOTMP and Blue Hill collectively creates exactly the actionable insights businesses need to make highly informed technology decisions.”

Blue Hill Research will become a division of AOTMP. Terms of the cash and stock deal remain confidential.


AOTMP is a global information, research and advisory firm for telecom management best practices and industry standards. We deliver actionable insight, data, and best practices through our Efficiency First® Framework that equip telecom, IT, and mobility leaders and vendors to achieve telecom management industry excellence. For more information, visit

Very Enterprising Tech Trends for 2018 - Mobile, IoT, Blockchain, ITEM & Much More!

Fast Mobile Society Prognosticator

January 2018 began with a true tech blockbuster – Blue Hill Research and AOTMP merged to create and deliver an exciting and new emerging technology, mobile and telecom management research and advisory service! What an amazing way to start a new year of working within the realm of advanced technology!

Personally, I am thrilled to be an insider on this deal. AOTMP’s acquisition of Blue Hill augers an awesome opportunity to provide both enterprises and vendors with the critical actionable insights they need to achieve true strategic value through the use of advanced and emerging technology. The Research and Advisory team is full-on psyched to deliver on it.

As a way to bring my own little bit of celebration to our combined new company, I’ve pulled together my thoughts on the tech trends that are moving towards real and large scale enterprise implementation in 2018.

After you’ve read it through let me know: Agree? Disagree? Let’s start a conversation!

Mobile technology continues to move forward at a rapid pace, but it’s “guise” as an actual device users carry will begin – has already begun – to change. Sure, we’ll always have our mobile devices – nothing here changes in 2018, aside from moving to Apple’s FaceID and whatever Samsung has up its sleeve for the Galaxy S9 that will be announced in late February at Mobile World Congress 2018. But there are plenty of new and different devices to think about and many new ways mobility will drive our futures..

Before getting into details here is my short trends list for 2018 that I believe will see large scale implementation:

  • Wearable Technology
  • Internet of Things (IoT)
  • Augmented Reality (AR) and Virtual Reality (VR)
  • Machine Learning
  • Artificial Intelligence (AI)
  • Cybersecurity and Cyber-attacks
  • Mobile Security – Unified Endpoint Management (UEM)
  • Unlocked Phones and eSims
  • Automated Mobile Workforce Support and Self Service
  • Bitcoin and Blockchain (a bonus trend/prediction!)

Some of these trends are co-dependent. For example, cyber-attacks will become far more prevalent as mobile access points into enterprise networks increase exponentially through IoT and wearable technology. Automated service support will grow based on the combined growing market penetration of machine learning, virtual reality and the first real stages of artificial intelligence (AI).

The one sure constant in all of this is a fast proliferation of enterprise options for deployment, implementation, ongoing maintenance and upgrade cycles and workforce support. Before digging in, here is one last general thought: all of the trends below (aside from my bonus blockchain prediction) lead to the transformation within the enterprise to full-fledged IT Expense Management (ITEM as we refer to it). Keep that firmly in mind when reading through my POVs below.

Wearable Technology in the Enterprise

Wearable technology has, for the most part, been driven by consumer and personal use, typically in the form of Fitbits and Apple Watch kinds of tech. More prevalent in the enterprise has been the use of such devices as eye wear from Epson and Vuzix, which make use of augmented reality to visually enhance the physical, existing workplace, and devices with dedicated functionality for specific work environments, such as retail shop floors and healthcare provider ecosystems. I’ve been covering wearable tech since 2012 and aside from a lot of consumer hype, enterprise use outside of healthcare has been slow to take off. But I am predicting that 2018 is the enterprise inflection point year for the technology. Look for a major explosion of use everywhere in the enterprise, from the retail shop to the manufacturing floor and all points in between.

Internet of Things (for real)

IoT has long risen past the point of buzzword status. From the early days of serving as simple field-based machine to machine (M2M) alerting devices (e.g. sense a predefined temperature range and issue an alert to a human via a low bandwidth network such as 2G) we now have complex tools that are able to communicate directly not only with other IoT devices but with entire systems of devices that in many cases generate their own actions and workflows based on real time and real world conditions.

As with wearable tech hardware – all of which can be considered IoT devices in their own right, IoT device penetration will explode in 2018. Enterprises will create many dynamic operations that will become business-critical on a 24 hour, seven day a week basis. These devices, networks of devices and systems of interactive devices will also generate big data on a massive scale that in turn will feed machine learning systems (more on this shortly).

Augmented and Virtual Reality

It’s important to understand the difference between augmented reality (AR) and virtual reality (VR) – the former literally “augments” existing environments, while the latter creates environments that do not actually exist, even though they may be based on real environments. AR’s first real use in the enterprise dates back to 2013 as a wearable device – that is, the eye wear was more important than the rudimentary underlying apps supporting the devices.

Today we have IoT-enhanced access to the work place that adds substantial information to the apps used with the eye wear and related tech such as sensor-enabled gloves. An example of a particularly useful AR application is its use in guiding medical technicians – utilizing AR eye wear with built-in infrared capabilities – to locate real veins in real arms for intravenous applications. Hospitals have seen tremendous clinician IV productivity improvements here that also deliver directly to the holy grail of enhanced patient satisfaction. This example scratches the surface of what will be created in 2018.

Virtual reality creates virtual spaces and images that do not actually exist, and allows users to interact with those systems. This of course plays enormously well for consumer gaming but the real money in VR will be found in enterprise use – especially in IoT-driven environments, where the combination of IoT sensor information and VR-driven environments will simplify field-based repairs, demonstrate for technicians different exploded parts of a complex system or machine, and allow them to make repairs or other modifications as needed.

There have been rudimentary wearable tech-driven systems available for doing such things since 2012 or so (Motorola was a first driver) but VR now benefits from visuals provided through sophisticated head-mounted displays and sensors that provide near-real experiences virtually. 2018 will only see the first of these systems emerge but think of it as the year the enterprise VR trend begins.

Machine Learning

A misnomer of sorts, “machine” learning is really about extracting valuable and actionable business information from big data stores that in turn helps enterprises to automate a variety of service- and sales-related business processes. In 2018 we will see businesses aggressively develop and ramp up automated advisors and assistants that can both receive calls and proactively initiate calls, delivered with near-human interactive capabilities. For the most part these efforts will center on reducing the enormous amounts of “routine” and common things the human workforce currently handles. The chief productivity goal is to free up the workforce to focus on more important and personalized work and workflow processes that go beyond routine and common towards achieving high levels of customer satisfaction.

From an IoT perspective, machine learning-based automated advisers will take advantage of the data being reported ongoing from the field and be able to determine when service calls are necessary and when parts need to be replaced in complicated machinery (e.g. high speed elevators in skyscrapers) – ahead of actual failure. 2018 will bring major new efforts in creating standards for infrastructure and machinery maintenance and support – with the goal of driving productivity up and significantly reducing the costs of doing business.

Artificial Intelligence

In 2017 we spent an entire year following the AI hiring practices and M&A activity of the major tech vendors. To be sure, it was all about gaining access to engineers and scientists with expertise in artificial intelligence (AI) or buying companies focused on AI. Meanwhile, IBM spent 2017 pushing the term “cognitive” across all of its technology platforms – by which it means delivering capabilities that begin to “think” for themselves. Whereas machine learning is about extracting valuable intelligence based on real world info and facts and reacting to them in useful ways, AI begins to address understanding the potential interconnections between our ever expanding bases of knowledge.

Machine learning uses data extraction and correlations to tell us that a part is due to be replaced. AI will tell us why that part is likely to need replacing, what the likely causes of the wear on a part might be, and offer some “thoughts” on reducing that wear. Machine learning will tell you what your next chess move should be based on data and brute force. AI will tell you the rules of the game based on actually self-divining the rules and behaviors of the game and elegantly determining moves without brute force.

I’ll leave it at that – there isn’t much more I can say here. But in 2018 we will see the first real world AI implementations that from a business perspective will begin to provide recommendations for solving business problems rather than merely eliminating routine and repeated processes from requiring human interactions.

Cyber-attacks and Cybersecurity

Unfortunately and sadly 2018 is going to see a significant uptick in cyber-attacks. We heard a great deal in 2017 about large scale attacks against major companies (think Equifax) – some of them on a global scale. My own concern however lies in the ability of hackers and cyber evil-doers to attack any business, and especially SMBs with limited tech resources – something that can easily destroy those companies and wreck massive havoc with personal user data. The proliferation of mobile and IoT devices ups the hacking ante and creates myriad opportunities to get inside networks, and in 2018 the counter-trend must be to become super-vigilant about such attacks, all while ensuring that enterprises can deliver security solutions with true agility.

Mobile Security – Unified Endpoint Management (UEM)

A year never goes by where mobile security does not deliver a new acronym, and 2017 was no different. Unified endpoint management – UEM, is the new mobile security buzzword de jour. In 2018 however, UEM will evolve from buzzword to stand operating procedure. The proliferation of user mobile hardware, wearable technology and IoT devices will require any business to extend their MDM or EMM platforms to provide a comprehensive and cohesive strategy for managing this collective set of endpoints. Still hanging on to that old 2010 era MDM solution? 2018 will require many businesses to finally upgrade to UEM.

eSims and Unlocked Phones

I need to underscore that in 2018 we will see a proliferation of unlocked mobile phones specifically in the US market. This will be driven in good part by subsidies that are now beginning to dry up and that will likely completely disappear. This isn’t a problem but an opportunity and avenue to cost-effective hardware acquisition and related short and long term financial planning around device procurement.

In 2018 we will also see eSIM technology go mainstream. This means that it will become much easier to electronically switch mobile devices from one telco to another, with no physical access necessary. Telco operator automation will become available simply by utilizing their platform APIs. This is another opportunity but one that will only become viable through having a detailed understanding of the efforts that will be required to take advantage of it, including understanding myriad security-related issues and defending against them.

Automated Mobile Workforce Support and Self Service

It will be virtually impossible to operate a business in 2018 – regardless of size – without implementing some form of automated workforce support, whether directly or through a reliable mobile partner. The proliferation of machine learning services as well as automated advisors and assistants will demand that businesses deliver automated support and services. As unlocked mobile phones and eSims become prevalent in 2018 the sheer diversity of hardware will overwhelm any human-driven system in the form of greatly wasted workforce time.

The clear warning message in 2017 as the US economy revs up is that businesses are already finding it difficult to land new workers with the skills and training necessary to operate in today’s business world. In particular businesses need to be very aware of maintaining high levels of workforce satisfaction in 2018 as a competitive advantage. Failure to do so will drive competitive disadvantages and workforce defections to those businesses that provide those high levels of satisfaction.

Bitcoin and Blockchain – A Special Prediction

In my very humble opinion the cryptocurrency Bitcoin is in the midst of a “massively massive” bubble that can only be compared to the Dutch Tulip Bulb mania of the mid-1600s. A Bitcoin is literally nothing more than an entry in a ledger. To be sure there has to be some “mathematical mining” to uncover a legitimate Bitcoin entry, and future Bitcoins (the total number of which are finite in number) become harder and harder to uncover (that is, to mine) and require tremendous amounts of expensive super computing power.

I am very interested to see quantum computing applied to Bitcoin mining – it may reduce the value of Bitcoins to pennies. Yes, something is worth anything a market will bear at any given point, but sooner than later those ascribing a value of $17,000 (or more!) to a Bitcoin (that is, an entry in a ledger) today will be in for a very rude awakening. Last I looked as I tweak this blog post in mid-January there are many already holding a $17,000+ bag that is today worth less than $10,000.

As an aside, it is currently estimated that the energy required to mine a single Bitcoin today (it gets harder and harder as we end the mining lifecycle over the next few years) literally requires the equivalent energy it takes to run an entire average household for two years. Quantum computing cannot come to bitcoin mining soon enough!

The real importance of Bitcoin, and the reason I mention it is that the underlying blockchain technology that secures the entire Bitcoin ecosystem is the real gold in the Bitcoin mania. Blockchain offers a deep level of both security and transparency that can be used to protect transactions as well as the ownership and provenance of actual things (such as diamonds, or say mobile devices) – essentially anything. I mention it as a bonus trend here because I am anticipating – no, I am predicting – that we will see the introduction in 2018 of blockchain-based mobile security. Major companies with global reach – such as IBM – are already heavily invested in blockchain and are working to drive the technology into every aspect of business. The first mobile security vendor on the blockchain block will show up in 2018 – that is my prediction and I’m sticking with it.

A Concluding Thought

There are certainly other trends predictions to include here, along with a hundred thousand words to detail their implications for both the enterprise and vendor communities. I and the rest of the AOTMP and Blue Hill research and advisory team will be digging into all of it throughout the year – stay tuned!

Meanwhile, as I noted at the top of this post, let me hear from you! Share your thoughts, tell me I’m wrong or why you might agree with me. Finding the common ground to actionable technology insight within the technology, mobility and telecom management world is what I and the research team are here for!

Managing Today’s Mobile Projects - Part 3: Successful Deployments – Setting Goals & Measuring Results

Stratix Blog 1In my last blog post, “The Enterprise Mobility Stakeholders & the Mobile Center of Excellence,” I pushed hard for businesses to establish internal or Managed Mobility Services (MMS)-managed Mobile Centers of Excellence (MCoE). I want to clarify that MCoEs can go by other names such as Mobile Committee, Office of Mobile Operations. There isn’t any reason to actually refer to a MCoE as such, but what is important is to establish the team that delivers on the full functionality I ascribed to it in the earlier blog post.

Also from that blog post – and this goes specifically to what I will cover today – I referred to both short-term mobile projects, or “fixes,” and longer-term enterprise mobile strategies. The term “short-term mobile fixes” is clear enough and I use it as a descriptor for hastily and typically poorly conceived and planned out mobile efforts that are often driven not by original internal ideas but as reactions to what competitors are up to. Mobile efforts as “fixes” are never a good idea.

On the other hand “longer-term mobile strategies” may be a bit misleading. In today’s mobile world, enterprises need to build, update and maintain a mobile-specific plan and infrastructure to support mobile initiatives that scale to meet the needs of the enterprise as well as Lines-of-Business (LOB) goals. That effort begins in the MCoE and involves the C-suite, Finance, LOB and IT – with support from the selected MMS provider. This team will collaborate on needs and requirements to create a mobile plan that spans across the enterprise – a much different deliverable from a mobile project plan that deals with a single deployment. Rather than use a MMS provider to rollout a mobile project, MMS are best tapped to advise and help lead the effort to create the mobile plan for the enterprise, and to deploy, manage and support subsequent mobile initiatives that scale across the enterprise in support of that plan.

The MCoE’s enterprise mobile plan needs to clearly spell out the business drivers shaping each of the mobile initiatives under consideration, along with the specifics on how success will be measured. For example, mobile KPIs can and should expand beyond the typical “on budget, on deadline” mandate to include benchmark targets to address uptime and reliability; issue resolution on the first support call; service, warranty and repair trends; and device-specific cost management – from acquisition to retirement – which rolls up to enterprise mobile’s Total Cost of Ownership (TCO).

Once the enterprise mobile goals and KPIs are established, the next step is to assemble the MCoE and develop the strategic implementation plan which contains all identified mobile projects which support the company’s overall mobile plan.  These mobile projects address a single LOB’s need (e.g. new tablets for line workers), or they can be broader projects which span across LOBs (e.g., a new MDM provider). At this stage, both the LOB and finance stakeholders have established their mobile business outcome priorities. The project then generally shifts to IT, and MMS partners to build and deliver the project plan.

Setting Goals and Measurement Points

A general rule to follow, based on a consensus I’ve gathered over the last few years, is that a new mobile project shouldn’t take more than 90 days – from initial configuration and field testing to proof of concept (POC) and enterprise deployment.

The development of mobile applications is a topic for other blog post series. Aside from noting that a DevOps and agile app development methodology should be employed, I’ll leave it at that. The MMS partner will be able to assist IT in determining the most appropriate tools and development platforms to use and the best suited means to ensuring that the workforce itself weighs in on user interfaces and a steady stream of software features can be delivered and tested during POC and deployment phases.

The MMS partner at this point becomes the critical cog in all the moving parts that need to mesh to ensure a company can meet the informal 90 day delivery deadline. To get a better sense of what an enterprise should expect – or in fact demand – from its MMS partner, let’s set up a hypothetical that creates some rather demanding requirements.

Let’s assume mobile needs to be rolled out to 10,000 employees. And let’s further assume there are three different groups of employees who require three different device configurations for the smartphones and tablets they will use in addition to a mixture of rugged devices used in various warehouse locations. To keep the example simple, we’ll ignore the “real world” complexity normally found where BYOD devices are part of the deployment mix, and we’ll assume the enterprise will deploy using the latest versions of iOS and Android, including Android on all rugged devices.

Even with the standardization on Android and iOS, the different device configurations for smartphones and tablets, combined with a mixture of rugged devices, leads to numerous permutations of hardware and software that will require testing, evaluation and internal certification for initial use. In addition, continuous retesting and certification will be needed as operating systems update, applications change and new devices become available. Further, the spare-pool inventory that replaces user-returned devices must reflect the latest versions used in the field – including applications, operating systems and device types. This is a daunting task simply because of its scope and one that many enterprises fail to grasp. Even if our hypothetical deployment focused on a smaller SMB deploying to 500 or 1,000 employees, meeting the challenge internally would prove impossible – it is one of the common and typically insurmountable roadblocks that fast and furious mobile efforts focused on catching up with competitors run into. There’s no need to belabor this, but I am consistently amazed by how often this seemingly simple issue stalls mobile projects and often kills them.

Do it yourself (DIY) mobility often allows a project to move to POC but will lose momentum as the needs of the enterprise quickly outpace the ability for internal teams to deliver. DIY mobility doesn’t work!

My experiences here strongly suggest that only an MMS partner will be able to fully scale quickly and effectively to an enterprise project that needs to deploy to large numbers of employees. Keep in mind as well that the smaller SMB deploying to 500 to 1,000 employees will often have no IT resources on hand to enable scaling to full project deployment.

As I’ve underscored in my earlier blog posts, there are numerous other issues associated with a mobile deployment. Simply getting a mobile project through a POC and then deployed within a 90 day window is critical. But the next step is probably the toughest – maintaining initial momentum, ensuring that end users are delighted and actually use mobile, assuring that mobile devices and their applications happily (yes, happily) operate in concert, and delivering effective support are the keys to real mobile success.

Workforce support includes easy and typically pre-configured onboarding, a straight-forward path to upgrades (including software, operating systems. MDM platforms and mobile devices), and support staffed with mobile experts so that any employee – whether a VP or a truck driver – can have issues or problems resolved quickly – preferably on the first call.

Finally, the finance team that helps to kick off any mobile project will come back prior to deployment at scale and demand a full cost accounting. This includes of course demand for a rock-solid and predictable hardware procurement, software development and ongoing maintenance and support budget. There is nothing simple or easy to accomplish here. In most cases, poorly managed budgets have been based on uninformed assumptions (by which I mean uninformed through a lack of hands-on experience).

The right MMS partner will be able to meet every one of the challenges/goals I’ve skimmed over here. Finance and IT professionals will directly understand the deeper implications at ground level. Meanwhile, the LOB stakeholders and the CxOs will only care about one thing – that mobile works as intended, has full workforce usage, and meets and possibly exceeds their desired business outcomes and KPIs.

An overarching conclusion we can come to in seeking to make the case that all enterprises and larger SMBs need to turn to an MMS partner to ensure the viability and success of their mobile projects, especially those operating under the burden of fast and furious mobility. As we leave 2017 behind and look ahead to the next year the notion of Mobility as a Service – MaaS – needs to become the guiding principle for all large scale mobile projects. MaaS eliminates upfront capital spending on new devices by bundling all device costs and mobile services into a flat monthly fee. MaaS will deliver on all the issues I’ve noted throughout this blog series.

Find an MMS partner that can deliver on MaaS and whether your company is a mobile pioneer or a business finally moving to deploy mobility you will succeed and remain highly competitive – and successful – in today’s fast and furious mobile world.

Managing Today’s Mobile Projects - Part 2: Enterprise Stakeholders & the Mobile Center of Excellence

Stratix Blog 1Mobility is now a table-stakes requirement for any organization to deliver on, and most companies that I speak with these days fully acknowledge this mobile reality. In an earlier blog post, “Managing Today’s Enterprise Mobile Projects – The Right Partners are Critical to Success,” I strongly suggested that, as large SMBs and enterprises embrace mobility for significant strategic business initiatives which typically have very short windows of opportunity for successful deployment (what I sometimes refer to as fast and furious mobile deployment), there will be plenty of opportunity for unsuccessful results.

Companies that either fail to plan properly for their projects or that opt to try and manage their mobile deployments internally will find themselves on the sure road to mobile project failure.

What must businesses do to ensure they avoid that road?

To read the rest of this blog post please head over to the blog section of Stratix, where the blog post is provided in full.

Managing Today’s Mobile Projects - Part 1: An MMS Partner is Critical to Success


Stratix Blog 1

Over the 16 years, I’ve covered enterprise mobility I can identify three distinct eras of enterprise mobile computing. This first, the pre-iPad era running from 2001 to 2009, we can now think of as ancient history. Some might argue that the ancient history ended in 2007 when the original iPhone was introduced, but this isn’t true. It was the combination of the iPad and the generation of iPhones that emerged in 2010 that were the critical mobile game changers.

Next are the middle ages covering 2010 to 2014, a five year period that saw the real foundation of enterprise mobility – mobile devices, wireless communications/bandwidth and mobile software capabilities – fall into place. Finally, we have the era we now live in, the Renaissance…in the truest sense of the word – enterprise mobility rebirth.

Rebirth? Yes. Despite the many exciting business transformation promises of anytime, anywhere capabilities mobility brought to enterprises and regardless of BYOD and how many pioneers sought to gain business advantages through it, mobile technology as a key enterprise enabler went through a slow slog of growth. It left many enterprise mobile researchers wondering if mobility would ever become as transformative as we kept predicting it would be.

In 2015 that all changed – suddenly and quickly. In what I define as a true mobile inflection point a great many businesses across every possible vertical market had the sudden and urgent realization that despite apparently slow enterprise mobile adoption there was substantial – in fact enormous – progress being made at those companies that had chosen to embrace mobile technology early on.

To read the rest of this blog post please head over to the blog section of Stratix, where the blog post is provided in full.


GRC Implementation Success, Part 2: GRC’s Place in the Business

DoubleCheck Software presents GRC Implementation Success, a guest blog series by Blue Hill Research Principal Analyst David Houlihan. This series draws on five years of Blue Hill studies in GRC in order to highlight key lessons for purchasing and implementing GRC software.

Part 2 of this series looks to the common business role and objectives that underlie the various use cases for GRC. Part 1 examined why GRC implementation success is critical to the success of the overall GRC investment.

“Governance, Risk, and Compliance” (or GRC) can refer to a wide variety of business processes and software capabilities. Each letter in GRC itself refers to a broad swath of operations that can occur across several operational contexts within the organization. We might see GRC in the IT department, in finance, in multiple legal mitigation and compliance strategies, or even as larger roll-up of enterprise risk.

Because this particularized need often drives the software purchase, it can be difficult to divorce GRC’s larger business role from the various specialized uses it might place across an enterprise. Unsurprisingly, the GRC market itself is fragmented and diverse, with many vendors offering similar sets of capabilities to serve various, specialized sets of use cases. As a result, we can break GRC into seemingly endless sub-markets based on function (internal audit, compliance, quality, supplier / vendor governance, etc.) or standards framework (FERC, SOX, KYC, HIPAA, anti-bribery, FDA, etc.).

Essential Elements of GRC

Across these various business use cases, we generally see the same core set of software functionality implemented in some form. Blue Hill has previously identified these core capabilities as:

–        Centralized risk data management

–        Process and controls management

–        Workflow management

–        Automated monitoring and alerting

–        Automated reporting

In most cases, some combination of these capabilities will be found in a GRC implementation, while the real differences tend to emerge in the content libraries and workflows used.

Figure: Core Functionality Supported by GRC

Screen Shot 2017-08-14 at 1.39.45 PM

Nonetheless, the host of specializations and use-case-based nuances can obscure the underlying commonalities. Investment decisions relating to GRC thus tend to focus on the instigating point problem (“We need a solution for SOX”). That’s not bad in and of itself, but it often prevents the organization’s understanding of larger business objectives to proceed beyond good intention and assumption. While there are reasons good and bad for this (often the point need is real), it often leaves the organization with a lack of clarity that will hamper its ability to scope and plan the implementation . . . or to accurately assess the total business value.

GRC’s Role in the Business

GRC is used to enhance an organization’s ability to complete one or a combination of the following processes: risk analysis, controls process management, and the generation of reports to serve a variety of business stakeholders. Often, the use of a GRC platform is a replacement for manual processes and spreadsheet-based information management. In these contexts, GRC is correcting for the time-intensive nature of manual activities or the version control and silos that emerge in manual data management environments.

To see how these dynamics reoccur in GRC implementations, we can review several GRC business cases that Blue Hill has examined in its research:

–        Regional North American Utilities Provider: With risk management efforts distributed among line of business management in a decentralized model, the organization needed a platform for the consolidation of risk data to support enterprise risk analysis at executive and board of directors levels. The organization needed to be able to normalize multiple types of risk, facilitate information collection from an “effectively endless” array of reporters, and permit two dedicated staff to meet standard reporting intervals as well as provide real-time insight on request.

–        United States Pharmaceutical Manufacturer: The organization’s quality assurance management efforts were dominated by spreadsheets, manual processes, and a “disaster of a file share platform.” As a result, quality reporting suffered from significant wasted effort and FDA and customer audit requests that created significant business interruptions. The organization sought a solution that could integrate with existing knowledge repositories, provide centralized control of documents and versions, and support the management of core processes.

–        Global Metals Mining and Manufacturing Company: Spreadsheets served as the organization’s primary mechanism for modeling and reporting on financial risk. Distributed business units used managed local financial risks through manual risk registers in spreadsheets or local ERP solutions with no common risk analysis or reporting framework. After identifying the potential for error generated by manual processes and divergent methodologies, the organization implemented a global enterprise risk platform to provide a centralized source of truth and standardized risk methodology.

–        Large European Commercial Bank: Regular vulnerability scans performed by the organization resulted in over 60,000 lines of data that could not be effectively analyzed within the organization’s vulnerability scanners. As a result, the organization exported vulnerability data to spreadsheets to conduct manual categorization and risk analysis. This resulted in lags in time to act on information and opportunities for error, while consuming roughly three days of employee time to compile each report. The organization required a platform to consolidate, categorize, and format data for business reporting.

–        Large International Financial Holding Company: A regulatory agency identified the need to implement an automated system for tracking, managing, and reporting on risk within 90 days to resolve an issue. The organization possessed a legacy GRC platform on an outdated version. To upgrade the solution and obtain the required automation would result in failure to meet the terms of the resolution. As such, the organization identified a replacement solution from another vendor that provided the needed functionality and could be implemented within the required cycle.

Essential Business Drivers of GRC

In each of the cases identified above, we can see the same organizational needs at work. From these, we can distill two basic business objectives for GRC investment:

  • Reduce operational burdens: Often the objective is to reduce the time and labor associated with performing risk, compliance, and governance tasks. This can involve either (or both) dedicated risk and compliance teams or other business stakeholders that are responsible for supplying information to these teams. Blue Hill finds that the most common area of focus for this objective is in the generation of standard and ad hoc reports for enterprise consumption. In response, Blue Hill’s The Hidden Costs of Spreadsheets in Compliance and Risk Management study found that the adoption of GRC results in between 25% and 30% in time saved in compliance and risk activities. The business can consume the benefits associated with labor reductions in terms of an FTE (full-time equivalent) reduction. However, more often Blue Hill sees these benefits translate into increased labor quality, with time traditionally associated with rote tasks transferred to business-critical and strategic activities.
  • Understand or reduce enterprise risk: Improved information centralization as well as standardization and automation in reporting provide improved visibility into the scope and nature of the risks facing the organization. It also reduces the time lag between what is reported and the present business state. The organization thus becomes empowered to act with greater understanding of its needs and becomes more responsive to emerging issues. These factors can help to reduce overall risk exposure. While significant, these benefits are tied closely to the organization’s ability to avoid the occurrence of business-adverse events. Accordingly, it can be difficult to estimate the impact of GRC in these areas.

In most cases examined by Blue Hill, both of these objectives are present to one degree or another. Often, because the second factor is commonly tied to indirect benefits, organizations often focus the business cases justifying investment on the potential labor impact. The risk impact thus tends to become an added benefit that does not need to be tracked to demonstrate the “success” of the investment.

For organizations planning GRC investments and implementations, these dynamics play a crucial scoping role. Application costs, implementation project scope, and related factors should be tethered to the short-term operational upside the organization believes it can obtain. Without these boundaries, the organization can easily fall in the trap of over-engineering its solution or failing to give enough attention to factors that can cause an implementation to extend indefinitely.

As we’ll see in Part 3, precision in business requirements is the single most important factor in obtaining this balance.

Next, we look at: defining business requirements for GRC.

Before this, we discussed: why implementation success is investment success.

Latest Blog

Blue Cedar Puts Mobile Application Security Far Ahead of MDM Apple iPhone X Highlights Enterprise Corporate-Liable vs. BYOD Conundrum Blue Hill - AOTMP 2018 Q1 Agenda

Topics of Interest

Advanced Analytics




Artifical Intelligence


Augmented Reality



Big Data


Business Intelligence



Cognitive Computing

Corporate Payments

Data Management

Data Preparation

Data Wrangling





design thinking


Emerging Tech

enterprise applications

Enterprise Mobility

Enterprise Performance Management

enterprise video

fog computing

General Industry



Hadoop World

Human Resources


IBM Interconnect




Information Builders


Internet of Things





legacy IT


Legal Tech

Log Data

Machine Learning

Managed Mobility Services


Mixed Reality


Mobile App Security

Mobile devices

Mobile Managed Services







Predictive Analytics

Private Equity



Questioning Authority

Recurring Revenue

Risk Management


Sales Enablement



service desk

Social Media



Supply Chain Finance

Switchboard Software




Telecom Expense Management




Unified Communications


USER Applications

User Experience

User Interface

video platform

Virtual Reality



Wearable Tech