Bonus
Seven years ago SI published a short article that stated if your data isn’t immediately accessible online, either behind your firewall or behind someone else’s firewall or in the cloud, when your employees need it, then they are going to download it to their machines. If their machine is a laptop, and the data is not securely encrypted, and the laptop is stolen then … it could cost your organization 1 million (or more) based upon research conducted by ZoneAlarm. There were a host of reasons for this including fraud costs (if financial information was stolen), lawsuits (if personal data was stolen), market loss (if trade secret data was stolen and sold to your competitor who then got a jump start on a competing product), and so on.
However, GDPR has upped the cost of a breach. Given that a single violation could result in a fine equal to 4% of your organization’s annual revenue, that could be a 4 Million, 40 Million, or even a 400 Million fine. And it’s not unreasonable to think that the EU could slap that size of a fine on you if you didn’t have any controls or policies around personal data and didn’t even notice when a junior HR employee decided to download your entire corporate directory to his laptop to do “statistical processing” on the weekend, didn’t bother to even encrypt the data, left the laptop at the bar where he stopped for a drink on the way home, where it got stolen, and the entire corporate directory, complete with SIN numbers and banking information, ended up on the dark web Saturday morning.
But if your data is online 24/7, and all of your applications your employees need to process that data is online 24/7, then they have no need to download the data, and if it’s easier to do it online than download, they won’t even try.
And don’t say its insecure to put your data and applications online. Don’t forget that as long as you have an internet connection coming in (and you do), your data is online whether you like it or not, and if the appropriate security precautions aren’t in place, any script kiddie who wants it can get it.
And unless you are an IT SaaS solutions provider, chances are your internal security controls are not as strong as the security controls the provider has put in place. Offering data and application security is part of their core business, it’s not part of yours. You can be sure they have strong encryption in place, multiple firewalls, DDoS detection capability, deep logging capability, penetration attempt detection, and other security controls that you likely don’t have.
Also, modern SaaS providers support private database instances (so if someone hacks your competitor, you don’t get hacked), private application instances (on your own private virtual machine that can be configured to only be access through your own private VPN), and deep security controls around users and roles.
So unless you plan on going 100% offline, and keeping all your data on machines only accessible on servers in highly secure facilities surrounded by Faraday cages, it’s probably safer for your organization to go 100% online.
We’ve been writing a lot about M&A lately, including, but not limited to, our pieces on:
because M&A is still going strong. (And, as per our recent post on The Hidden Value of SI Association, SI is acutely aware of this because this is how it loses its customers. SI works with these companies, helps them become known and successful [through a focus not on buzz but actual education, process improvement, and appropriate roadmaps], they get noticed by cash-rich firms, who then buy them, and in many cases, strip out the management teams and/or consultants.)
We’ve also noted that not only will some platforms have to disappear (to make the mergers successful) but that (in our recent piece on One Vendor Won’t Rule Them All … And One Ring Won’t Bind Them), due to the wide range of needs that organizations need and the different process that are used around the globe in organizations headquartered in different regions and run by different cultures.
But that being said, now that Sourcing and Procurement technology is starting to become more mainstream — and the majority of organizations are looking for analytics, procurement automation, and supplier program management — those organizations that are looking for their first platform (as well as the early adopters of first generation platforms that are now almost a decade behind) are trying to figure out who they should look at and, more importantly, what product lines they should look at (now that some organizations have as many as three different product lines for Procurement under one organizational roof).
This is hard to predict, especially since the Fortune 500 is in more flux than it’s ever been. It used to be if you were on the list, you were on the list for years (if not decades) and changes were subtle. Now a company can make it one year and as a result of one major disruption or media fiasco, be in bankruptcy the next year (and disappear from the list). And while most of the companies in our space are not on the Fortune 500, these companies are now being bought by the big enterprise software giants, including SAP (with a market cap over 100B), that are.
And the instability in enterprise software companies amplifies they smaller they are, and when the biggest stand-alone public company in our space has a valuation of a mere 2.5B and the largest private company in our space would likely get a valuation in the same range, you can see where we are when the average large company has revenues that you have to round up to 100M and the average BoB vendor rounds to the 10M range.
But the platforms provided by some companies, due to the immense value they offer, will survive, even if under a different name, as part of a different platform, under a different company, held by a different holding co, whose name may change three times over the next decade. And who will they be?
Simply put, they will be those platforms that are the hardest to replicate and offer the deepest capabilities that are key to value identification, like optimization, advanced predictive and prescriptive analytics, cognitive process automation, semantic risk identification and monitoring etc — whether the platform is a standalone best of breed platform in a financially stable 10M company or part of a suite of a larger 100M company or just one module in a suite in stable of suites in a 1B enterprise. So don’t try to guess which vendor will survive, instead focus on what platform will survive — and chances are you will be setting your organization up for success.
Nope. Not even close. And a recent Hackett study proves it.
Earlier this month, The Hackett Group released a point of view on Robotic Process Automation: A Reality Check and a Route Forward where they noted that while early initiatives have produced some tangible successes, many organizations have yet to scale their use of RPA to a level that is making a major impact on performance, likely because RPA has come with a greater-than-expected learning curve.
Right now, mainstream adoption of RPA is 3% in Finance, 3% in HR, 7% in Procurement, and 10% in GBS – Global Business Services. Experimentation (referred to as limited adoption) is higher, 6% in HR, 18% in Finance, 18% in Procurement, and 29% in GBS, but not that high, especially considering the high learning curve for the average organization will end up with a number of these not continuing the experiment.
Due to the large amount of interest, Hackett is predicting that, within 3 years, RPA will be mainstream in 11% of HR Organizations, a 4X increase, 30% of Procurement, a 4X increase, 38% of Finance, a 12X increase, and 52% in GBS, a 5X increase, as well as increases in experimentation. Experimentation will definitely increase due to the hotness of the topic, but mainstream adoption will require success, and as Hackett deftly notes, successful deployment requirements have certain key prerequisites too:
And when the conditions are right, organizations:
But this is not enough for success. Hackett prescribes three criteria for success, which they define as:
and you’ll have to check out Robotic Process Automation: A Reality Check and a Route Forward for more details, but is this enough?
Maybe, maybe not. It depends on how good of an RPA team is built, and how good they are at identifying appropriate use cases for RPA, and how good they are at the successful implementation. Success breeds success, but failure eliminates the option of continued use of RPA, at least until a management changeover.
I TOLD YOU SO! I TOLD YOU SO!
And where do you think this is going LOLCat?
P.S. If by some chance you just came up from spelunking and had no cell signal or access to news, self-driving ubers are now committing murder. (Source: New York Times)