Wednesday, January 28, 2009

Visibility and Control Over API Use and Volume is Crucial as Enterprises Ramp to SaaS and Cloud

Transcript of a BriefingsDirect podcast on how visibility and control lead to better governance and security in cloud and SaaS operations.

Listen to the podcast. Download the podcast. Find it on iTunes and Podcast.com. Learn more. Sponsor: Sonoa Systems.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you're listening to BriefingsDirect. Today, we present a sponsored podcast discussion on bringing enterprise IT expectations on visibility, control, and security to software as a service (SaaS), and cloud-based applications delivery.

As established enterprise IT expectations meet up with cutting-edge cloud delivery models, there's a clear need for additional trust and maturity in order for enterprises to further adopt cloud-based services.

We're going to examine how one SaaS provider, Innotas, has developed a more matured view into services operations and application programming interfaces (APIs) and how they can extend the benefits from that visibility to their customers.

We'll hear how Innotas has used solutions from Sonoa Systems to provide better managed services based on service level agreements (SLAs). We'll also hear how they derive more analytics from network activity and thereby provide mounting confidence in how services are performing.

At the same time, they can add more attributes and benefits to the services they deliver. The goal here is to make online and on-demand applications and services delivery come across with the same sense of maturity, control, reliability, and scale that enterprises and medium-sized business are accustomed to.

Here to help provide an in-depth look at how SaaS and cloud delivery management can be improved is Chet Kapoor, CEO of Sonoa Systems. We're also joined by Tim Madewell, vice president of operations at Innotas, an on-demand project portfolio management (PPM) service. Welcome, Tim.

Tim Madewell: Thank you, Dana.

Gardner: Let’s first get into the whole cloud topic. The world is changing around us. SaaS, of course, has been around for some time and many elements of cloud have been around, but we're starting to see more interest in bringing the enterprise on-premises model in some alignment with what goes on with cloud and SaaS. There's an interest in finding a common sense of security and trust.

Let’s start with you, Tim. Give us a rundown of what Innotas does and a little more information about what your customers' expectations are, now that we’re a bit deeper into this whole cloud mentality?

Madewell: Sure, I’d be happy too. Innotas is an on-demand PPM solution. We focus on IT organizations and provide software access via a standard Web browser for managing projects, as well as non-project work within an IT department.

Our goal, or value proposition, and the problem we're trying to solve with Innotas, is more of a top-down enterprise problem -- how best to utilize the resources that you have within your IT department. That's from a cost standpoint and budgets, as well as capacity and actual resources. Innotas is providing an IT governance solution on-demand, and providing it as a service.

Gardner: So, you're actually at two levels of opportunity and benefits here. You offer visibility, based on the requirements of the application, but also delivering it as SaaS. Has it always been an on-demand application, or did you have this as an on-premises product at one time?

On-Demand and Multi-Tenant


Madewell: Innotas has always been on-demand. We've been on-demand and multi-tenant from day one. That’s been one of our differentiators. Certainly, PPM is not a new category, but something that Gartner has tracked for some time, and there are plenty of competitors out there on the on-premises world.

One of our differentiators was that being on-demand and multi-tenant from day one enabled us to be one of the early adopters in the SaaS world and in subscription-based software.

Gardner: Interestingly enough, you've taken this to the IT department folks, and they've had a chance to examine how SaaS and on-demand works for them. I suppose that’s sort of greasing the skids for their acceptance of these services that they can deliver to either their employee constituents or to online customers and partners.

Madewell: That’s exactly right. Our target audience is IT, and that’s just where we have really chosen to focus.

In many ways, IT has very few projects that they perform that are internal for IT. You end up being your own customer in this type of implementation. We have seen how the attitude around SaaS has matured and evolved here. SaaS has become more standard and available, and as the technology has matured, especially around security, the acceptance level for SaaS has improved. One of the things that benefit us is in focusing on IT. Typically this type of change in acceptance for software starts within the IT organization itself.

Gardner: This is fairly sensitive information, right? What’s going on with the projects? IT could have a great bearing on where a strategy is headed for an organization. So, security, governance, and risk-compliance concerns need to be addressed at this level

Madewell: Absolutely. That’s where differentiation comes into play. To be a business application in a SaaS model today means that you have to step up and be enterprise class.

We look at ourselves as an extension of all of our customers' internal IT and operations groups and we need to live up to those same standards. That’s not unique to us. Any SaaS provider that’s out there that is going to provide a business solution and is going to have to adhere and live up to the same type of standards.

Gardner: As you’ve sought out solutions that can bring those elements of maturity and trust back into your service and therefore to your customers, what sort of problems did you encounter and how did you move forward from them?

Madewell: The problems where we would initially see a push-back was along those lines of acceptance and confidence -- how could we communicate and establish the confidence with our customers that this is secure and reliable. Once we get past the initial security challenges, folks are very interested and concerned about reliability and performance.

When it was traditionally inside your four walls, there was a greater sense of control. As soon as you step into the cloud or with any SaaS provider, some of the benefits and the value prop is that they control it, they manage it for you, but you're giving up some control. Building that confidence and acceptance into the solution is important, and ties back to being enterprise class. What I’ve got to establish and manage within my operations is operations as a service.

I need to be very much like a data center, providing a level of service that’s transparent to customers and with some predictability, and wrap that all up with the SaaS model. I need to do that at a reasonable cost, so that I can keep subscription rates reasonable, and where customers feel like they're getting a reasonable cost-to-value ratio.

Gardner: Let’s go over to Chet. You’ve heard some of the concerns that Tim has had in the way that he is trying to bring more maturity and confidence into his product. I'm sure there are many other providers, and there will be more as this cloud opportunity develops. What does Sonoa look at when it tries to help organizations like Innotas?

Maturity of Services

Chet Kapoor: Thanks, Dana. The approach that Sonoa has taken with a SaaS company like Innotas or an enterprise that wants to take its services and make them available to the cloud is to ask what is the maturity or the evolution of the services. Tim would tell you, using a quote that he has done for us: You always start by wanting to see the needle, because you can’t move the needle, if you don’t see it.

So the first thing is visibility. I want to know who is using my service, what are they using it for, how long are they using it, things like that. You have to have visibility into the services you provide. You always start there.

The next thing you say is, "Okay, now that I have visibility, I want to start putting in some security access control." You may choose to do that at the same time. They could be parallel approaches, and you want to start by saying, "I want to give priority access to priority customers."

Then, the third step that most customers take is to scale it. They have something working across 50 API calls or 100 API calls, and they say, "You know what, we are going to make this available throughout our application, make all our functionality available." And, they want it to be available at a scale where all their customers are getting it.

We've been working with companies like Innotas to get them through this evolution. Some customers choose to get our technology in the form of appliances. Some of them do it in the form of software, as Tim has. And, some of our customers are choosing to get our technology right in the cloud itself where they do not have any data-center whatsoever.

Gardner: Now, these days, being in a tough economic climate, providing visibility and efficiency needs to often be accompanied by a strict return on investment (ROI). Are there elements of what you are providing to organizations like Tim’s that fall into that business case and solution at a high economic value?

Kapoor: We believe so. I'd like Tim to take a stab at this also either now or sometime later to get his perspective. At the end of the day, when somebody is providing a cloud service or consuming a cloud service, it has an element of the client-server model. You are saving cost, especially if you are getting something on demand and you are a consumer of something like Innotas inside the enterprise.

So, there is definitely cost saving there from that point of view. The easier we can make it for enterprises to access the information for their composite applications through APIs, the more successful companies like Innotas are, and there is more adoption. IT enterprises end up saving money.

The second aspect of this is that it's probably a new revenue stream for Web 2.0 and SaaS companies, as well as enterprises. They've maximized or have worked very hard on their channels, whether user access or a browser-based channel. Now, they have an opportunity to go after a different set of folks who are trying to not just go off and use Innotas through a browser or Salesforce.com through a browser.

Somebody else wants to write custom applications and that’s not necessarily the project manager or the sales person, but the CFO wanting to do something. They want the access to information from something in the cloud. So, we’ve found that the ROI model comes in two flavors -- not only cost savings, but also new revenue-generation opportunities with a completely new set of customers.

Gardner: Let’s take that over to Innotas. Tim, when it comes to gaining benefits through this visibility, how you are able to justify that from a cost perspective?

Looking at Immediate Needs

Madewell: I would just second Chet’s comments. Those are right in line with how I looked at this when I was going through the early stages of evaluating Sonoa and just looking at what my immediate needs were within my operations department.

Here's how I justify it. The first one was very selfishly from an SLA. I have an SLA I've got to maintain and deliver against. As the sales team is selling this, my services team is implementing it.

At the end of the day, I've got to have the availability and the performance that was up to what we're selling. That ties directly back to the visibility point Chet made. That was absolutely my biggest value target day one to get up and running -- to give me the visibility and how that translates into my SLA.

I can’t address the problem until I can see it. Sonoa helped me identify problems or potential problems earlier. When I turned up the ServiceNet product it decoupled the traffic from my Web users, my end-users, the traditional users from my back end, and from my API.

Then, I was able to take a look at to see what kind of activity was occurring on the back end. That visibility gave me some input into when my servers were getting hot or heating up. I was seeing a lot of activity and started to differentiate if this activity was generated through the front end or through the back end.

So, my immediate return was to give my operations team a solution and a tool that gives them better visibility and then to control some of that traffic on the back-end.

My ROI on that is A) certainly living up to an SLA. I have penalties if I don’t hit it. So there is a dollar amount that could be tied to that. And B) it’s about serving up an experience of the customers. Certainly a tolerance for response times on an API is a lot greater than an end-user clicking on the screen.

So I have to have this healthy balance, if you will, between making sure I'm still serving up a reasonable end-user experience to the Web browser, and then serving the request on the back-end.

That ROI is really about the experience, and that means renewals for me. In a subscription-based model like Innotas' the customer is absolutely paramount, and the service that we provide is paramount to keep the renewals coming.

Gardner: Of course, when it comes to efficiency in the current economic downturn, a dollar saved is important. You have to meet your SLAs first. Does this give you an opportunity to tweak and customize in such a way that you're getting more utilization?

Aiming for Efficiency

Madewell: I'm serving a lot of customers in this multi-tenant architecture and I need to make sure that I can’t just throw hardware at the problems. I need to be very efficient, and the multi-tenancy gives me efficiency. I also need to make sure that I'm managing the utilization and managing those systems very efficiently.

It gives me that capability that I needed as a multi-tenant application. To your question of this economic environment, with this visibility I'm able to put in some controls that will give me the ability to look at how I make more and better use of the capacity that I have today.

A good analogy here is in my commute over the Bay Bridge -- sitting there in queue, waiting for the metering lights to turn on, and wishing there was another lane or two lanes. I certainly hit some point, where I guess it’s probably a good queuing-theory model where it does make sense to add another lane or two. I'm always looking at that from an operations and capacity standpoint.

But, I don’t want to just throw hardware or lanes at the problem. If I can still move traffic through in an efficient manner, much like the metering lights. I can make the best use of the lanes I have. That’s exactly what I'm looking at, especially in this environment: Where is my capacity, where is my unused capacity, and how do I deploy or redeploy that as efficiently as possible?

Gardner: So, the visibility and control offer you apparently a fairly significant ROI that you are comfortable with. But, then there is that additional benefit that Chet discussed, in terms of richness and additional benefits that you can apply for your services as they’re perceived, delivered, and even built against for your customers.

Madewell: That’s right. Now, from a front-end and from a user model, we're very familiar with the different user types in an application. You may have view-only users, standard users, or power users. We can take the same view on the back end with Web-services. There are certainly different levels of users or different levels of service you could provide for users, depending on their needs.

If I've got real-time integration I'm looking to deploy, my requirements are a lot different and a lot more stringent than somebody on a monthly or weekly basis, which is like an extract and much more tolerant. Now, I've got the ability to take a look at offering some tiered services or tailoring my back-end user type and then tying that to my revenue model.

Gardner: That provides a level of maturity -- not one size fits all, but more customization. Your receiving organizations, if you will, start to view this as closer to what they've been accustomed to with the client-server or distributed computing. Do you have any instances, metrics, or anecdotes about how that’s actually worked out in the field, practice versus theory?

Madewell: In this field it’s kind of a journey, as we've got the visibility and some basic control in place. We've turned up the policy management and SLA management with the ServiceNet product.

Some of the immediate benefits we had were with the early diagnosis of problems and troubleshooting. We had a recurring issue with a specific customer reporting errors with Web services, decoupling that traffic, and having it right there in a real-time dashboard.

We were able to turn around and find the root cause and find that they were submitting multiple attempts with invalid log-ins and flooding the Web service. Our ability to diagnose that quickly was definitely a benefit we were able to realize with Sonoa.

Gardner: Let’s think about some other scenarios -- and I’ll open this up to both Chet and Tim -- with cloud computing and boundaries, hybrid models, business processes that are composed of services from different clouds or different SaaS providers. Quite a bit of complexity can creep into this very rapidly, and the visibility, control, and scale issues become significantly aggravated. What can solutions like Sonoa bring to that level of complexity, when we move beyond a single SaaS-type of application into a business process that’s composed of services.

Hybrid Applications

Kapoor: Dana, let me take a shot, and Tim, as a technologist, would also have a view. We’ve spent the last half an hour talking about how a provider of services -- what are some of their motivations, what are some of their pains, what is the ROI? Tim has done a great job of articulating all of that.

As you said, there are a lot of consumers of cloud services like Innotas, and they probably do it in a very hybrid model because I don’t think on-premise computing is going away. So, customers will write applications or custom applications, where they probably want to use Oracle or SAP inside the firewall and maybe have another custom application of some sort, Innotas or Salesforce or whatever -- outside.

They want to write a composite application, a mashup, or whatever you decide to call it, and they want all these different services. A critical need that we find is that customers start to get nervous. It's not so much with the Innotases of the world, because they are fairly secure. They run like an enterprise application, but it’s available in the cloud. It happens when you start using things like Amazon Elastic Compute Cloud (EC2), and people are starting to put custom applications there.

What we’re finding is there is a need for a way to govern what goes on outside the enterprise. Govern could be a fairly heavy word, so let me be more specific. You want to have visibility into, how many accounts I have at EC2, for example.

If you ask a CIO -- and I've had 50-plus conversations about this -- how many cloud users you have at a very basic level, the SaaS companies you have contracts with, it’s fairly easy. I am using EC2 only as an example. But, if you ask how many people actually use a credit card to open an EC2 account and are doing something with compute resources and doing things with storage, the answer is no.

They have no idea who those people are. So one thing they need is visibility into who is doing what. The next thing is, all senior executives in companies every quarter sign a document saying, "I have complied with law." If I'm in the health-care industry, I am not going to let certain medical information about my patients go out. If I'm in the financial services industry, I'm not going to let the Social Security numbers go out.

The question is how do they know? How do they know that what they are signing is actually happening? There's no way of them figuring out if compliance laws have been broken or not. So, we find that a lot of customers who are just consuming, not doing the SLAs and things like that, as Tim was talking about, but just consumption. They want to have some visibility into what is happening with the cloud. Then, as they get more visibility, they want to see if they are paying extra for SLAs and the SLAs being mapped.

The second thing is that they have multiple cloud providers for resources. Which one is cheaper? Which one is better? Which one has better SLAs? Which one is easier to configure? And, things like that. Or, they can go off and say, "You know the network is really slow because this set of individuals are doing a lot of compute-intensive things, and we are not going to give them the ability to bring the network down towards the end of the quarter." So you don’t only have visibility, but you also have control, and it’s all from a consumer point of view.

Gardner: Let’s take that to Tim. In Innotas, if you get into a position where you are starting to compose services from cloud-based resources and models and deliver that back out to your SaaS providers, it sounds like you are going to really be interested in this level of visibility?

The Importance of Governance

Madewell: Yes, we would. Visibility is real, just from a technology standpoint, and working with my customers through initial security questions and audits that I need to go through as a software provider. What Chet has articulated here is real and growing in my opinion. Governance is going to be very important.

I'll just give you an example. SaaS, especially in the large enterprises, is something that’s very new. In many cases, as I'm working and partnering with our customers to go through the due diligence, the technical review, and the network and infrastructure review, their standards have not been modified yet to even accommodate SaaS.

So, there is a level of education needed there, and this goes back to we started talking about how to get the comfort level up. Well, this is the driver for it. There are many companies out there that have stated that no data is outside their four walls. Yet, now they're trying to accommodate and adopt a hybrid model, which I firmly believe is where this is going.

With that, if they don’t realize the need for governance and control at an enterprise level, as Chet has outlined here, they will very soon, because folks like Innotas and others are making inroads into the enterprise space -- and we’re viable.

There's a very good reason to keep certain data -- health-care is a great example with the HIPAA requirements -- inside your four walls. But, there may be other Tier 2 application solutions that are going to be outside your walls. How do you control that? How do you audit that? These are very important problems to solve.

Gardner: In addition to governance, there is the management from the provider side, as you get into more tiered services and more managed services. You're going to offer different levels of service compliance depending on the pricing and you’re going to have sales people who want to slice and dice these services in a variety of ways, as they can package them and deliver them.

We’re at the early innings of SaaS, but I can foresee that by the sixth or seventh inning, we’re going to get into some serious complexity around those delivery mechanisms. Tim, help us a little bit in terms of what road map you might have at Innotas and what the solution might start to look like?

Madewell: Well, out of the gate, we try to keep it simple, and that is one of the benefits, one of the value props, we push with on demand and with our product in the PPM space -- to keep it simple.

This gives us more flexibility in how we package. Absolutely. I agree. What does our road map look like? We've got about a 12-to-18 month road map at any given time that point features and capabilities into our product. We're looking at ways that we bundle that up and we bring the right mix to the customers. We're looking at ways that we can tier that.

Look at examples of some of the pioneers, especially in the SaaS space. Look at Salesforce.com. They have a pretty simple tiered model. As you walk up to and through their enterprise addition, you're just adding on capability.

That’s in line with what we’re trying to do -- keep a nice, small, reasonable entry cost. The subscription model is very powerful. And then, it's services as you need them, or services as you consume them. We're finding it a lot more appealing to customers, especially in this environment than give me everything and buy it all up front in one lump sum.

Gardner: Because of our use case scenario here we've been focusing on the concerns of the SaaS provider, but as Chet mentioned, we also have the incoming network for the user organization, be it enterprise or small- to medium-sized business. It seems that the solution here benefits receivers and senders. I'm wondering if this is a little bit of a leap into blue sky, Chet, but how about this visibility as a service -- that is to say, getting somewhere between the receiver and the sender. Is there anything that we might look forward to in the future along those lines?

Kapoor: Absolutely Dana. It's something that we recognized and are working on. If you really think about the person who is doing a mash up, every consumer is probably going to be a provider at some point, and every provider is going to be a consumer at some point. So, we've certainly thought about it and have been working on providing, taking what Sonoa provides a ServiceNet product, and making it available as a service. We have some customers that are already going in production. It's something that we will start talking about in the very near future.

Gardner: Well, great. I appreciate your input, Tim, on helping us understand a little bit more of the concerns of a SaaS provider. It’s really important that you're delivering this to the IT organization because they're the ones that are always going to be on the vanguard of managing these boundaries, as they become more permeable, and we see more of these arising scenarios around services delivery and consumption.

I also want to thank you, Chet. We've been discussing how enterprises expectations need to meet up with cloud delivery models, how there is a need for additional trust and maturity, and how services are perceived and delivered.

We've been talking with Chet Kapoor, CEO of Sonoa Systems. We've also been talking with Tim Madewell, vice president of operation at Innotas, an on-demand PPM service. I just want to throw out one more opportunity for input. Is there anything additional you think we should convey Tim?

Madewell: We've covered it well. My daily takeaway, as I go about my business, is that a lot of this is evolving, is new, and it’s a journey. This is one of the things I have really benefited from and appreciated with Sonoa, as well as other vendors that I worked with. We're all evolving in this SaaS and cloud space together.

What I am really encouraged by is that it's heading upstream, if you will, into the enterprise. The leaders in this space, are pushing these boundaries, pushing the governance, recognizing that with breaking down traditional walls comes new challenges that need to be controlled. It’s important to be looking two steps ahead, and evaluating how this all works.

Gardner: Very good. This is Dana Gardner, principal analyst at Interarbor Solutions. You've been listening to a sponsored Briefings Direct Podcast. Thanks for listening and come back next time.

Listen to the podcast. Download the podcast. Find it on iTunes and Podcast.com. Learn more. Sponsor: Sonoa Systems.

Transcript of a BriefingsDirect podcast on how visibility and control lead to better governance and security in cloud and SaaS operations. Copyright Interarbor Solutions, LLC, 2005-2009. All rights reserved.

Monday, January 26, 2009

BriefingsDirect Analysts Discuss Service Oriented Communications, Debate How Dead SOA Really Is

Edited transcript of BriefingsDirect Analyst Insights Edition podcast, Vol. 36, on communications as a service and the future of SOA in light of hard economic times.

Listen to the podcast. Download the podcast. Find it on iTunes/iPod. Learn more. Charter Sponsor: Active Endpoints. Additional underwriting by TIBCO Software.

Special offer: Download a free, supported 30-day trial of Active Endpoint's ActiveVOS at www.activevos.com/insight.

Dana Gardner: Hello, and welcome to the latest BriefingsDirect Analyst Insights Edition, Volume 36. This periodic discussion and dissection of IT, infrastructure related news event with a panel of industry analysts and guests comes to you with the help of our charter sponsor Active Endpoints, maker of the Active VOS visual orchestration system, as well as through the support of TIBCO Software.

I'm your host and moderator, Dana Gardner, principal analyst at Interarbor Solutions. Our topic this week, the week of Jan. 12, 2009, starts and ends with service-oriented architecture (SOA) -- dead or alive?

We're going to begin with an example of what keeps SOA alive and vibrant, and that is the ability for the architectural approach to grow inclusive of service types and therefore grow more valuable over time.

We're going to examine service-oriented communications (SOC) a variation on the SOA theme, and a way of ushering a wider variety of services -- in this case communications and collaboration services from the network -- into business processes and consumer-facing solutions. We're joined by a thought leader on SOC, Todd Landry, the vice president of NEC Sphere.

In the second half of our show, we'll revisit the purported demise of large-scale SOA and find where the wellsprings of enterprise architectural innovation and productivity will eventually come from.

We’ll also delve into the psychology of IT. What are they thinking in the enterprise data centers these days? Somebody’s thoughts might resuscitate SOA or perhaps nail even more spikes into the SOA coffin.

Here to help us calibrate the life span of SOA is this week’s BriefingsDirect Analyst Insights Panel. Please welcome Tony Baer, senior analyst at Ovum. Hey, Tony.

Tony Baer: Hey, Dana how are you doing? I hope you're keeping warm up there.

Gardner: Oh yes. Jim Kobielus, senior analyst at Forrester Research. How are you, Jim?

Jim Kobielus: Hi, Dana. Hi, everybody.

Gardner: Joe McKendrick, independent analyst and prolific blogger on ZDNet and ebizQ. Hey, Joe.

Joe McKendrick: Hey, Dana. Great to be here.

Gardner: Dave Linthicum, founder of Linthicum Group and Blue Mountain Labs.

Dave Linthicum: Hey, Dana.

Gardner: JP Morgenthal, senior analyst at Burton Group.

JP Morgenthal: Good morning.

Gardner: And, Anne Thomas Manes, vice president and research director for application platform strategies at Burton Group. Welcome to the show, Anne.

Anne Thomas Manes: Thanks, Dana.

Gardner: As I mentioned, we’re welcoming our guest Todd Landry, vice president of NEC Sphere. Let’s go to you first, Todd. First of all, welcome to the show.

Todd Landry: Good morning, Dana. We’re joining you today from sunny Chicago, where it started out at minus 17 degrees.

Gardner: Many of us are at or under zero this morning.

Landry: We're looking forward to the balmy weather.

Gardner: I hope you get to move south soon. First, tell us what you mean by SOC and help our listeners, who might not be familiar, understand a little bit about NEC, which is based in Tokyo, and Sphere in particular within that larger organization.

Variety of Applications

Landry: Sounds great, Dana. With SOC, what we're really talking about here is the fact that organizations today use a variety of business applications to help them improve efficiency and drive productivity in their organizations.

But, if you look at any implementation and then what happens in the business, the real connective tissue between all of these includes people. The decisions and actions that take place in a business on a day-to-day basis are highly dependent on these people being effective.

Therefore, the manner in which we can help them with their communications and help them collaborate becomes a critical factor in how the workflows can be more effective and more efficient. We've looked at that and said the more you can make communications into business applications, the more you can make communications a more natural part of an SOA.

The workflow can naturally connect people, when they become part of that workflow process. It should streamline how those processes can be completed, and therefore the result is streamlining how businesses can be effective.

Gardner: Well, exactly what types of services are we talking about here? Is this simply mashing up instant messaging into some more applications? Is it more than that? What’s the scale that we are talking about?

Landry: The idea of being able to click-to-call has been around for quite some time. With the more recent technologies mashing up the directory listings, mashing up a call function inside of a business application, is much more achievable and can be done much easier manner than it has in the past.

Now, that said, we can go to the next step and to give you examples. In one view, we are reaching a human for an approval on a transaction. It can be instigated from the business application itself. So, notifications reaching out to individuals to get approvals, using voice technology for actual voice imprint signatures, is one method.

Another example of use is digital assets of the corporation. As we are all aware there are times when we unfortunately have to have organizations come in and collect a lot of emails and history to help the organization. As part of that, organizations are now looking at dialogues between humans, whether they were voice, text tool, conference calls, or exchanges via email. They become part of the digital assets of the corporation.

When we look at communications wrapping those dialogues with some metadata, bringing them back up into content management system so they become indexable, they may become part of the digital assets of the corporation and become uniquely valuable.

Gardner: Just quickly tell us about Sphere. You were acquired by NEC just a year or two ago, right?

Landry: That’s correct, Dana. Sphere Communications was founded in 1994 with a focus on a mission of turning communications hardware into software and, as a result of turning it into software, building it more like a business application.

About 18 months ago, we concluded a transaction with NEC Corp., headquartered in Tokyo. Our focus stays on the software aspect of building communications for the business environment, but we do that now in the context of a much larger organization.

Gardner: With this philosophy of converting the hardware to software as software services, these communications functions can now be brought into a wider variety of business processes, particularly if you're using SOA, mashups, or a variety of different development frameworks and types. The goal here is to bring people into process. Is that fair?

The SOC Ultimate Goal

Landry: That’s really the ultimate goal. On any given day in a business, do people care about doing the mashup or do they care about having their business be more effective, especially in these times? We believe that people will continue to look for more efficiency in their IT infrastructure. They'll continue to look for how people can be more connected, not only internally but with their customers. At the end of the day, you're right. It’s really about how people get more interconnected with the business process.

Gardner: How about this taxonomy? Why do we have to have another acronym, another three letter word, SOC? Wouldn’t this simply be part and parcel with SOA? Why do you see them as different?

Landry: Well, if there isn’t one born, and then it won’t ever die, right? We looked at it and had to communicate to the industry the concept of how communications integrates into frameworks in the IT infrastructure. SOA is a one term still used out there to define an approach. When we built our communications platform, we opened up all its services in a manner that we believe fit very naturally into the concept of a SOA. Therefore, our communications platform is really more service oriented than it is a closed and proprietary traditional PBX-oriented system.

Gardner: Lets go to our panel. Tony Baer, we've talked about this disconnect between processes and the business world, SOA architectural values, and people. I think we had a show devoted almost entirely to the BPEL for People spec when it came out.

Clearly, if SOA is not to wither and die on the vine, bringing people into the process, finding ways of creating new types of efficiencies and innovations, not just repaving cow paths but doing something quite new all becomes important. From your perspective, Tony, what’s the important deal here with bringing communications services into the play?

Baer: I hate to use a clich√©, but it’s like the last mile of enterprise workflow and enterprise processes. The whole goal of workflows was trying to codify what we do with processes and trying to implement our best practices consistently. Yet, when it comes to verbal communications, we’re still basically using technology that began with the dawn of the human voice eons ago.

Gardner: I've seen people use sign language.

Baer: Well, that maybe too, and smoke signals.

Gardner: A certain finger comes up from time to time in some IT departments.

Kobielus: At least the use of a trusty index DTMS finger.

Gardner: There you go.

Baer: Exactly, and maybe some other fingers as well. But the fact is that in some cases, there's a huge gap. An example is in the area of compliance. It was a well-publicized case. I won't mention the name of the corporation, because I don’t want to get us into legal trouble here. But, there was a major case of cooking the books. The CEO went to jail, but his predecessor, under whom it was alleged these practices began, was never touched. Allegedly, it’s because he left no trail of breadcrumbs. He never used email. It was all spoken.

The idea of being able to manage and integrate spoken communications may actually be a critical gap in compliance strategy. I could see that as being an incredible justification for trying to integrate voice communications. Another instance would be with any type of real-time supply chain or with trading.

Very often, when I call my broker, the message says please do not leave voice messages on the phone. Provide trading instructions. We can now start to track all that. I'm not sure that it’s such a great idea to leave trading instructions in a voice mail, but there are lot of areas where you're integrating voice communications that could provide business value.

Gardner: Jim Kobielus, isn’t there more to this on the consumer side as well? We've got these hand-held devices that people are using more and more with full broadband connectivity for more types of activities, straddling their personal and business lives and activities. We know Microsoft has been talking about voice recognition as a new interface goal for, what, 10 years now. What’s the deal when it comes to user habits, interfaces, and having some input into these back-end processes?

An Important Extension

Kobielus: That’s a huge question. Let me just unpeel the onion here. I see SOC as very much an important extension of SOA or an application of SOA, where the service that you're trying to maximize, share, and use is the intelligence that’s in people’s heads -- the people in the organization, in your team. You have various ways in which you can get access to that knowledge and intelligence, one of which is by tapping into a common social networking environment.

In a consumer sphere, the thing is the intelligence you want to gain access to is intelligence sets residing in mobile assets -- human beings on the run. Human beings have various devices and applications through which they can get access to all manner of content and through which they can get access to each other.

So, in a consumer world, a lot of the SOC value proposition is in how it supports social networking. The Facebook environments provide an ever more service-oriented environment within which people can mash up not only their presence and profiles, but all of the content the human beings generate on the fly. Possibly, they can tag on the fly as well, and that might be relevant to other people.

There is a strong potential for SOC and that consumer Facebook-style paradigm of sharing everybody’s user-generated content that’s developed on the fly.

Gardner: Joe McKendrick, it seems that bringing communications into the stew really does add value. These are the areas that traditionally have been separate. People did voice activities, they did communications, and they also did data and application activities. Straddling the two was something you did with wetware, with your mind or your hands. Do you think that SOC is perhaps a catalyst to increase value in SOA?

McKendrick: Absolutely. There always have been two levels to this discussion. On the upper level, you’re looking at a lot of business traditionally driven by serendipity. That's the chance encounter in the hallway between two people. Or, it's a phone discussion that may evolve to, "By the way, did you hear about such and such a company laying off or such and such company moving to this market."

One challenge that’s always been out there is to figure out a way to capture this more informal transmission of knowledge that highlights business opportunities. If there's a way to at least capture even a segment of that, to digitize it, and put it into the knowledge base. I think that’s a great advance for companies.

Gardner: So it’s bringing tacit knowledge into play with business processes. Is that what you’re getting that?

McKendrick: Exactly. We heard a lot about artificial intelligence (AI) a couple of decades back, and that showed a lot of promise for capturing some of the knowledge. You had these Jedi Knights that seemed to know everything and had everything in their heads. Once they left the organization, that was it. They walked out of the door with the knowledge and moved to Florida or Arizona. That has been the challenge for AI. Now we refer to it as knowledge management, being able to capture this knowledge, this serendipity, and these informal channels the voice communications.

Landry: It’s human nature to use reference points, historical reference points of dialogs -- whether they’re written or wherever I find them -- to remind me of a topical discussion and bring me tighter into the fold of a particular thread. Think of how we use email. Often, there's a thread of email that helps us go back and look at the history of the dialog that occurred. This has happened in pseudo real time basis with instant messaging these days.

As you described, the natural tendency is a quick discussion at the water cooler. To the degree that we can capture that information, put it in a format that’s indexable, and in my day-to-day workflows as an individual be able to pull that up as I am having more and more dialogs, it becomes very useful referenceable information about why we made certain decisions in the business. That’s one aspect we look at there.

Text-Mining Capability

Kobielus: One of the services in the infrastructure of the SOC that will be critically needed in a consumer or a business environment is a text-mining capability within the cloud. That can go on the fly to all these unstructured texts that have been generated, and identify entities in relationships and sentiments to make that information quickly available. Or, it can make those relationships quickly available through search or through other means to people who are too busy to do a formal search or who are too busy to even do any manual tagging. We simply want the basic meanings to just bubble up out of the cloud.

Gardner: Dave Linthicum, it seems like we're just finding ways of joining different networks. There were the telephone networks. We have had IM networks that are still based on Internet protocols, but are doing their own thing. We've had all these disparate communications types and modes that have popped up over the years and now we are trying to bring them to some kind of harmony.

Do you agree that this is really what SOA, as an approach, should do, and that we don’t need a subset of SOC? And, what are your clients looking for in terms of how communications relates to business applications and processes?

Linthicum: Well, if you're going to take services like this, expose them as services, and make easier use of them, then it’s there. You have to create the integration yourself through very disparate mechanisms and things like that. People are always struggling, trying to figure how to aggregate this stuff and its solutions. This is definitely one approach and it’s viable on the market.

As SOA evolves, they are much more rudimentary. We'll talk about later about the whole "death of SOA" thing. The fact of the matter is that people are just getting their arms around exactly what a service is and how you take multiple services and turn them in solutions.

What's occurring, especially with the downturn in the economy, is that people are focused on more tactical and, what I call a shorter, SOA issues. They're trying to solve particular problems with particular instances of technology. Some organizations have the potential for doing that.

When you look at SOA, you talk about this whole big strategy around structuring services and aggregating those services into solutions. But, if you really look at what people want to do, they want to solve particular tactical problems in a very short period of time and show a very quick value proposition. The ability to take all these communications and actually turn them into services and leverage them is a wonderful use case within the context of SOA. It makes sense.

Gardner: Todd Landry, even though we're in such tight economic circumstances, cost savings obviously need to be part of just about any activity. Is there a clear return on investment (ROI) from your perspective in doing away with the hardware and the PBX-based infrastructure around telecom at least inside of enterprises and going to pure software?

Are you able to really demonstrate that going to software, not only for the purposes of extending it into business processes but just alone as replacement for the cost of a traditional PBX infrastructure, is a good story?

The Two Levels


Landry: There is, and there are two levels. I can put some examples around that. At the first level, remember the three large guys with tool belts who show up in a moving van. They roll some big thing that looks like a refrigerator into the secret room and everybody says, "Yeah, that’s the phone system." Nobody knows how it works, except for the specialist who's been through 10 months of training. These systems are very, very costly to maintain these days. They are specialty hardware, very proprietary, and the maintenance alone has become quite an issue now.

Imagine all that capability being delivered to you as part of a download. You run it on the same computing infrastructure that you use for many of your other business applications and you administrate and manage it in the same way. You don’t have to look very hard at that to imagine some significant efficiencies in IT infrastructure. If it’s built in a way where it opens up its services, you can look at some real examples in the business.

Suppose I have a customer who is a major distributor of airline parts. The issue with parts for aircraft is that they are under strict inspection. Once they are put into the distribution center and shipped to a mechanic, they can no longer be restocked without going through a very expensive, re-inspection process.

What happens with airline mechanics is they'll call in to get certain parts and not being sure what they really need, they'll order three or four different parts. The theory is they'll just send the one’s back that they didn’t need.

This has been a big problem for the distributor. What they've utilized is an actual recording of the dialog between the mechanic and the order entry as that order is posted. They can now go back and very easily pull up that transaction and pull forward the recording. Therefore, the mechanic and the airlines have to take those parts.

These are just real, street-level business issues that I've dealt with. We have several of those scenarios, where once you look at inefficiencies in your business and look at how the human action makes that transaction occur, you can apply the technology to overcome it.

Gardner: JP Morgenthal, we've got cell phones, mobile Internet devices, netbooks, this notion of always on and multi-modality always on. Now just saying that you've got voice, text, and the ability to have two-way communications -- synchronous and asynchronous -- begs the necessity for bringing more communications into business processes. Do you agree with that?

Morgenthal: I definitely do. Clearly from an analyst perspective, you can talk about it and give it a very analytical representation, but the interesting thing is that I actually have real world experience in data behind this. Before coming back to being an analyst and joining Burton in November, I had my own software company, Avorcor, and we had developed supply-chain management as a service.

One things I did was integrate with an open-source communications project called StarPound, which is business-process management integrated with Asterisk, and we built a demonstration that really illustrated the value proposition in the warehouse.

I'd been working with a number of companies who had warehouse issues, and we were basically normalizing those issues by instituting a new services architecture and layering that on top of that legacy system, so they could build their business processes.

One of the biggest issue was they were still communicating exceptions that were happening in the warehouse because device limitations were scanners and text in a very noisy environment. Everyone agreed that the best communications tool in that environment was their cell phone because it vibrated. Well, the Blackberry now has vibration too. So, that’s also a valid form of communication.

If you tie this as a unified communications strategy to the business process, it’s very effective and not only is it very effective, but -- I hate to say it -- it begs only more constant information overload.

Years ago, we took it for granted. You didn't get things for a couple of days, because the communications pipeline took that long to complete. Now, we expect things in microseconds. So, it's enhancing the expectations of people in general because of that. But still, I think overall productivity goes up tremendously, and we move much more effectively toward a real-time event architecture across communications and systems and people. It’s really fascinating to watch and it’s very effective.

Gardner: Anne Thomas Manes, we think about crossing these gaps between what were traditionally telephony technologies, and now it can exercise the services and access the services, but there remains a cultural gap. Analysts, architects, and developers are not always thinking along the communications network line of reasoning. They don’t always look necessarily for these on-ramps and off-ramps to business processes. Do we need to try to encourage developers and architects to think differently around SOC capabilities, as they increase their business agility?

Change the Way We Talk

Manes: We’ll get into the "SOA is dead" discussions later. One thing that I have pushed is not that service orientation needs to go away, but that we need to change the way we talk about it. What we need to be focusing on are services that actually provide value to the developers who need access to capabilities and to the business guys who need the capabilities to be inherent inside their systems.

When we're talking about communications services, you want to make sure that those services are very easy to access. With communications services, when you start looking inside PBXs, voice over IP, and those kinds of things, that’s arcane and completely out of the realm of normal development skills that you would get in a Web developer.

Now, we do have some nice capabilities like click to call, and those are set up as drop-in components that people can now use inside their Web applications. Wouldn’t it be nice, if we actually had a much more powerful communications service that a developer can use to communicate with a customer, communicate with a shop manager, or communicate with whatever at this point in the application?

They can call out to a communications service and specify, "Here is who I want to talk to. Here is the information I want to send. And, here is the method through which I want send it." And, and then they can have the communications service completely take care of the whole processes associated with making that work.

I can guarantee that a developer is going to choose that over, "Oh, I have to write all kinds of arcane code in order to figure out how to send an email or how to launch a phone call." So, building these services that simplify a very complex process is extremely valuable from a productivity perspective.

You can also look at it from another perspective and that is that I can call out to this communications service. This goes back to the first conversation we were having about this topic, which is, "I need to make sure that I actually record this and capture this in my CRM system or I need to audit it for whatever reason."

You can apply policy to the service and have that be something that you can manage and maintain from a policy perspective, which is separate from the code that’s actually implemented in the application or in the communications service.

Gardner: How about that, Todd Landry? Do we still require developers to do arcane integrations, or are there application programming interfaces (APIs) and/or other means of automating and easing the ability for developers to exploit communications services?

Landry: I'm really glad you raised that point, because we know your example of click-to-dial has been around for a while, but the execution of that has been very complex. A lot of companies that have enabled that have done it using people who are rich in telecom protocol experience and things like that.

With SOC platforms, we see it as creating an abstraction to those telecom functions -- such as making a call, recording a call, or setting up media streams -- and hiding that all from the developer. You are welcome to a white paper that describes this approach of abstracting the communications complexity.

When we looked at it in terms of how you would make it available to the applications developer, for example, our tools include Web services description language (WSDL) files that can be imported into your environment. So, you can take an IBM Rational environment, bring in functions available on the communications system and use application and Web-type technologies, without having to understand the complexities of underlying telecom protocols. That’s probably one of the most critical things that we need to do on the communications side to allow the developer community to benefit from this.

Gardner: Isn’t there another approach to this, in addition to trying to ease the actual development, to make these services all part of the same cloud? Perhaps salesforce.com or Google might start offering more telephony services within their cloud. Therefore, the integrations are being done within their infrastructure and it becomes easier for developers to create processes. Do you expect that SOC will have a role in how some of these cloud providers increase their value to developers and then therefore to end-users?

Distributed Cloud SOC Services

Landry: Yes, and in the way we deploy today in many of our customers, we would, in some respects, describe it as a private cloud, because of way it’s built and because of way it’s a distributed and shared service within the enterprise.

We've got a handful of cases where we deployed that in more of a service-provider approach and you could argue that, because the consumer, the enterprise, has some stuff on premises they can also overload that or use services from the local provider. It’s built on that kind of model.

There's is another piece of this that says these platforms are bringing together multiple forms of media, so that you can utilize text messaging, audio, or video communications. You can do screen-sharing data collaboration in a simpler and more consistent fashion and you can utilize one set of services to do that.

Whether they're deployed as a cloud and the enterprise is using those services from within a cloud or whether they've made the decision to do them on premises, both are very viable and, in many cases, both are being done today.

Gardner: Okay, last question on SOC. Dave Linthicum, with the emphasis on cloud nowadays, do you see bringing these communications services into a cloud portfolio as a way of enticing more enterprises to get involved, particularly if we're talking about reaching out to consumers through these communications channels? Where do you see SOC and cloud intersecting?

Linthicum: They already are, probably not as formal services and definitely not as integratable data into the enterprise, but anything that’s a value within enterprises, as we are finding, ultimately will be something that some start up or even some big company packages up as a set of services and sticks them up in the cloud.

If you look in ProgrammableWeb, you'll find that there are a ton of services that are very communications oriented. They're probably not as sophisticated as the ones we're talking about now, but as more and more people adopt that as a paradigm and need these things to build enterprise composites or even mashups, then you're going to see a lot of movement in that direction, because it’s a fairly simple thing ultimately to do.

It’s going to be a very high value service to sell. You're not competing with the guys who are giving the stuff away for ad share. And, it’s just going to be another value cloud out there that people can leverage and integrate within their enterprise.

Kobielus: I want to add one last observation before we go to the "SOA is dead" topic. In order for this integration to happen in the cloud, the cloud providers need to federate their new registries with those of their enterprise customers. But, humans are reachable through a different type of registry called a directory, lightweight directory access protocol (LDAP) and other means.

Cloud providers need to federate their identity management in a directory environment with those of their customers. I don’t think the industry has really thought through all the federation issues to really make this service oriented, business communications in the cloud scenario a reality any time soon.

Gardner: So we need an open Wiki-like phone book in the sky.

Kobielus: Exactly.

SOA: Dead or Alive?

Gardner: All right. Let’s move on to our next subject -- "SOA: dead or alive?" Anne, you created a little bit of stir with a recent blog or around declaring SOA under significant pressure, particularly as a result of the economic climate, because people are not going to spend money without that verifiable ROI.

These large-scale SOA implementations are too complex and taking too much time. The economic climate is going to postpone, if not kill them outright. Did I get it right, and what’s been your position since the blog, in terms of the viability of SOA?

Manes: Certainly, lots of people have refuted my claim. At the same time, I've had at least as many people, and probably more, I am dead-on right. My goal with the blog post was to at least get the conversation going, and I think I managed to do that effectively.

I still believe that if you go before a funding board this year -- if you are an IT group and you are trying to get funding for some projects -- and you go forward with a proposal that says we need to do SOA, because SOA is good, it’s going to get shot down. Instead, what you have to go forward with is very specific value-add projects that say we need to do this, we need to do that, and we need to do that.

You need to talk about what services you're going to provide. In the example of communications services, there's a really strong value proposition associated with creating communications services. Likewise, going forward with a request to say, "We need to build a billing service which replaces the 27 different billing capabilities that we have in each of our product applications out there."

That’s a very strong, financially rich, good ROI type of proposal that’s going to win. But, it's not going to work, if you go forward and just say, "Oh, we need to go get an ESB. We need to go get some registry and repository technologies. We need to invest in all the SOA infrastructure. We need to do SOA just because SOA is what everybody is telling me we need to do."

Just talk about the services and talk about the practices that are going to help improve the architecture of your systems. Talk about doing application rationalization and talk about reducing the redundancy within your environment.

Talk about dismantling the 47 data warehouses you have that contain customer information and create a set of data services instead that actually gives you a richer, cleaner and more complete information about your customers. Those are things that are going to win.

Gardner: Does that mean that we're really still heading toward SOA, but we're just going to do it through a variety of tactical measures, and ultimately, without even realizing it, you're going to be doing SOA and that, at some point, you might need to rationalize that at a higher architectural abstraction with such things as ESBs and wider governance? Does that sound right?

Manes: Yes and no. It’s absolutely critical that you still have a strong architectural group. One of my favorite comments that came back from the blog post were the number of people who said, "Basically, we just really suck at doing architecture."

One of the primary reasons that a lot of SOA initiatives are failing is because people don’t actually do the architecture. Instead, what they do is service-oriented integration, as opposed to SOA. If you're truly doing architecture, then you're doing an analysis of your applications architecture, figuring out why you have so much extra garbage in your environment, and figuring out what you should actually start to get rid of.

You still need to have that planning group which is very strongly focused on setting the priorities. But then, what you go forward with in terms of funding are the projects that are actually going to help you achieve your architectural goals.

Bunker Mentality

Gardner: Another observation I had from watching the discussion that you helped create is that there seems to be quite a bunker mentality out there right now. A lot of people in IT are saying, "Listen, we're not going to do anything. We are going to just hunker down and keep it the way it is. We don’t need to innovate now. Wait until we get through this terrible crisis and then we will figure out how to be modern or agile."

On the other hand, I am seeing people saying, "No, now is the time to get innovative, to leapfrog, to take advantage of the pressure to reduce waste and look for efficiencies which ultimately will allow us to be more competitive not only in the short-term but over the long-term." Are we really looking at a typical, conservative-liberal breakdown in terms of the philosophy inside of IT department?

Manes: I suspect that you're going to have a lot of organizations that don’t have a lot of architectural maturity following the first camp, which is, "We're going to cut out everything. We’re just going to focus on tactical projects."

But, the folks who have a little more architectural maturity recognize the value of taking this opportunity, when lots and lots of projects are no longer going forward. They can say, "Well, now is a great time for us to start focusing on architecture and figure out how we can position ourselves to take advantage of the economy, when it does finally turn around."

Gardner: Okay. Tony Baer, we're heading into this deep depression, recession, whatever you want to call it. Those companies that aren’t very good at architecture will probably, if they hunker down, fall even further behind. Those organizations that have some budget to play with, that are not in survival mode alone, and are looking to be something bigger and better on the other side of the recession, they move further ahead. Are we coming into a bifurcation of who does IT better or worse, based on this recession?

Baer: I don’t think there is any question about that. I'd call that the Walmart strategy. Take a look at the previous recession. To some extent, the same thing is happening now that happened back in the recession of 2001-2002. Walmart actually increased its spending for expansion with the expectation that its low-price strategy was sound. In other words, its marketing architecture was sound for that period, but that it would be better prepared for the upswing, when the recovery happened.

I think what Anne is saying right now is that organizations that did get ahead of the curve with SOA, that thoughtfully began the architecture process and rationalized it, will go ahead, because there will be real economies at some point compared to traditional application development.

Those that have been basically doing what Joe McKendrick has called "just a bunch of web services" are just going to essentially retrench and say, "We just can’t afford to create more spaghetti right now. We are just going to do it a lot of break fixes." So, I would totally agree with Anne there.

Gardner: Joe McKendrick, are we going through an acceleration of winners and losers in IT, particularly at a sort of company-strategy level and core-competency level?

McKendrick: Yeah, Dana, absolutely. I've always said that the companies that have gravitated towards SOA are the companies that will probably do well anyway. Those are the companies with more visionary management and more tightly integrated approaches to business. Those are the companies that we've seen in all the case studies that over recent years that have gravitated towards SOA. Let’s face it, if they didn’t have SOA, they probably would have been doing okay anyway, because they're well-managed companies.

The companies that really could have used SOA, the companies not likely to be adopting SOA, or not likely be looking at SOA, as Anne and Tony discussed, those are the hunker-down companies, the companies that have fairly unsatisfactory architectures or no architectural approach. We're going to be seeing that going forward as well.

Gardner: To further refine this, Dave Linthicum, are we talking about companies that are good at IT, regardless of what’s in their quiver whether it’s SOA, Web oriented architecture (WOA), or communications and SOC? Regardless of the tools that you have at your disposal, it’s how well you use them that defines you, and if you fall further behind and you don’t adopt more tools, that’s a bad thing. Is that oversimplifying it?

IT Talent Shortage

Linthicum: Not really. The point that I made is the same point I have been making for a long period of time. We have talent shortage in the world of SOA. There are companies out there that have some very good IT talent, and they can take SOA, WOA, or cloud computing, look at the business problems, make some very nice systems, and automate the business nicely.

However, the majority of people out there who are wrestling around with architecture are ill equipped to solve some of the issues. They have a tendency to focus in wrong areas. Anne hit this in her blog as well. It was brilliant.

In the area of, "Let’s do quick tactical things, and look at this as a big systemic issue we are looking to solve," it just becomes too big, too complex. They try to solve it with things that are too tactical and just don’t have enough value. There are no free lunches with SOA or any kind of an architectural approach or any thing we have to improve the business.

You're going to have to break things down to their functional primitive and build them up again. You're going to have to think long and hard about how your architecture relates and links back to the business and how that’s going to work.

I wish there were something you could buy in a box or something you could download or some cloud you can connect to, but at the end of the day it’s the talent of the people who are doing the job. That’s where people have been falling down. Over and over again, in the last three years, we have identified this. I don’t think anybody has taken steps to improve it. In fact, I think it’s gotten worse.

Gardner: JP Morgenthal, without trying to be derogatory, it sounds like those people who do just tactical things, who are not evolving to a larger culture at a business-process level, at a agility level are kind of like Neanderthals. They were walking around Europe 25,000-100,000 years ago. Then, these Homo sapiens come on the scene and maybe have a little higher abstraction of skills, competency, look strategically at IT, much more services-oriented that eventually will overtake the landscape. Does that sound right?

Morgenthal: It's a great question. To say that you are going to be successful in business because you focused on IT architecture is a stretch. When we did our 2009 predictions, one of my predictions was the rise of disposable computing. For a certain class of businesses, it’s going to be okay to have "good enough" software and not worry about, "Am I going to be using the same application 20 years out," -- really moving the thought processes from 3-5 year plans to 5-9 month plans.

When you talk about things in that range, SOA falls apart as a requirement, because that’s something that you definitely want to engage in where you have longevity or a long-term strategy to apply. Including cloud computing and the rise of start ups in the cloud, or at least their IT infrastructure in the cloud, versus building data centers, is going to introduce an opportunity for that to occur.

There is a class of organizations that hears SOA. They're going to get IT staff that come from an environment where people did SOA. There's going to be a little culture clash, because the executives there are going to be saying, "I don’t get this. I don’t get you. Who are you? I want my cell phone to do this, this and that, and I can make it do that by looking at it sideways. You’re telling me I've got to go spend all this money. Are you nuts?"

So, you have that going on, and then you have organizations that are involved in some very complex business opportunities in the financial sector or in the manufacturing sector. If they don’t look at their business and model it in a way that their systems mirror what they are doing one for one, they’re going to continue to fight that impedance mismatch that’s been going on since the early days of computing.

Then, the mismatch made sense, because the costs of computing were so expensive that we had to take small bites, chew on it, and make it work. Now, with the cost of computing where it’s at, we should be disregarding that notion, reexamining our systems, and saying our systems should meet our business requirements one for one. We shouldn’t have this discrepancy that when I talk business, it needs to be translated for IT purposes.

Gardner: Todd Landry, for some organizations, SOA is dead, at least during the economic downturn. For other organizations, it could be alive and well. From your perspective, what differentiates these organizations? How do you separate the innovator class from the "let’s just keep it simple and do our jobs and hope for the best" class?

Landry: Finding them and separating them is probably an arduous task. During tough economic times, the question of what projects should be worked on becomes more of a financial question than just it’s a cool technology question. During better times, we do many different projects and don’t spend time looking at the business benefit.

JP’s point of, "if you do technology architecture, your business will get better" is not real. There are hundreds of different projects you can look at in any IT infrastructure, and, especially today, people are spending more time looking at which ones will help the business operate in a more streamlined fashion.

They’re questioning what it’s going to cost to do that, how I can do that without spending outrageous dollars, and is it going to make a difference for my business? Again, the observation of cost associated with those projects becomes more heightened during these kinds of economic times.

We're looking for people who are investing in new initiatives, because they see this as an opportunity to optimize, an opportunity to streamline, and it will help them longer term. We look for those kind of people that realize that this can be seen as an opportunity, as much as a tough situation to deal with the economy.

Kobielus: The whole "SOA is dead" theme struck a responsive chord in the industry, because there's a lot of fatigue, not only with the buzzword, but the very concept. It’s been too grandiose and nebulous. It’s been oversold, expectations have been built up too high, and governance is a bear.

We all know the real-world implementation problems with SOA, the way it’s been developed and presented and discussed in the industry. The core of it is services. As Anne indicated, services are the unit of governance that SOA begot.

We all now focus on services. Now, we’re moving into the world of cloud computing and, you know what, a nebulous environment has gotten even more nebulous. The issues with governance, services, and the cloud -- everything is a service in the cloud. So, how do you govern everything? How do you federate public and private clouds? How do you control mashups and so forth? How do you deal with the issues like virtual machine sprawl?

The range of issues now being thrown into the big SOA hopper under the cloud paradigm is just growing, and the fatigue is going to grow, and the disillusionment is going to grow with the very concept of SOA. I just want to point that out as a background condition that I’m sensing everywhere.

Gardner: Anne, is there a hedge on this somehow? That is to say, can you continue to be tactical, can you avoid some of the larger cost issues around SOA, but, at the same time, not put yourself at a disadvantage 18, 24, or 36 months down the road for moving closer to SOA at that time?

Manes: My core recommendation is to think big and take small steps.

You need to do the planning, and your architecture team should be able to do that, without having to go get permission from your funding organization to do planning, because that’s what they’re supposed to be doing. But then, they have to identify quick, short, tactical projects that will actually deliver value.

That’s what they should do and are designed to do to improve the architecture as a whole. It can't be just, "Oh I have to integrate this system with that system." They really should be focusing on identifying projects that will, in fact, improve the architecture. In that way, you’ll be in a better position when things are over.

Gardner: Just to pull our two discussions together, do you think that SOC forms one of those tactical benefits that demonstrates ROI, improves productivity, but that also sets you up for larger benefits later?

Manes: Communications services, as a general rule, are valuable because having your applications integrate with communications is often challenging. But, you need to take a look at your individual corporate priorities to determine whether that actually is a higher priority this year than something else.

Gardner: Does anybody else want to chime in quickly on SOC as a tactical benefit to SOA? Todd, you must have something to say on that.

Landry: The tactical benefit we’re seeing is a lot of very specific cases already in the end-customer areas, where people have made the decision that this is important. We talk about the economy, but security concern is at an all-time high, and there is a lot of sensitivity there.

In most government organizations, they’ve now assigned a geo spatial officer, someone to go look at how the communications system is better used across the different emergency organizations, and how first responders can come together and communicate and collaborate in emergency situations.

We’ve recently demonstrated some multidimensional collaboration tools that bring together the identity of vehicles and simplify the manner in which you tie radio IP-based communications across different emergency entities. You’ve got real cases here that people are addressing today. There are some tactical activities out there related to that.

I think the point made about think big and pick small projects is really important, because it is a big ocean out there and you’ve got to pick the things that makes sense for your business.

Gardner: Great. I want to thank the panel for this week, we had Tony Baer, senior analyst at Ovum. We had Jim Kobielus, senior analyst at Forrester Research. Joe McKendrick, independent analyst and blogger. David Linthicum, founder of Linthicum Group. JP Morgenthal, senior analyst Burton Group, and Anne Thomas Manes, vice president and research director of Burton Group.

We also thank our guest, Todd Landry, vice president of NEC Sphere. I want to also thank our charter sponsor for the BriefingsDirect Analyst Insights Edition podcast series, Active Endpoints, maker of the Active VOS visual orchestration system.

We’re also coming to you through the support of TIBCO Software. This is Dana Gardner, principal analyst at Interarbor Solutions. Thanks for listening and come back next time.

Listen to the podcast. Download the podcast. Find it on iTunes/iPod. Learn more. Charter Sponsor: Active Endpoints. Additional underwriting by TIBCO Software.

Special offer: Download a free, supported 30-day trial of Active Endpoint's ActiveVOS at www.activevos.com/insight.

Edited transcript of BriefingsDirect Analyst Insights Edition podcast, Vol. 36, on communications as a service and the future of SOA in light of hard economic times. Copyright Interarbor Solutions, LLC, 2005-2009. All rights reserved.

Thursday, January 22, 2009

IT Repositories Help Financial Giant Manage Change Amid Complex Systems Consolidation

Transcript of a BriefingsDirect podcast on the role of repositories in data integration for large enterprises. Disclaimer: The views expressed in the following are not necessarily those of Wells Fargo & Co. or any of its subsidiaries or affiliates.

Listen to the podcast. Download the podcast. Find it on iTunes/iPod. Learn more. Sponsor: Hewlett-Packard.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you're listening to BriefingsDirect. Today, we present a sponsored podcast discussion on solutions for enterprise repositories in service-oriented architectures (SOAs).

We'll look at how enterprise systems of record need to be increasingly managed by repositories, or assets need to be quickly federated and integrated in cases of mergers and acquisitions (M&As) or unexpected business consolidations. Done incorrectly, managing and consolidating data from various systems of record may create multiple information systems that may "disagree" about the same piece of information.

Using SOA and repositories effectively, however, can pave the way for harmonious data integration and service mappings across these critical systems. Getting your systems-of-record act together in conjunction with enterprise repository solutions provides more flexibility for change and disruptions -- challenges not unheard of in today's tough economy.

While the challenge is significant, gaining new value from managing repositories and SOA governance sets a stage for much greater visibility and agility, when facing wholesale shifts, unexpected or otherwise, in how applications and data are used.

We're going to provide an in-depth look at how enterprise repository solutions are evolving in conjunction with systems of record. We're joined by two IT enterprise architects from Wachovia, a bank currently moving through a massive acquisition process with Wells Fargo.

We welcome Harry Karr, an IT architect at Wachovia. Thanks for coming on the show, Harry.

Harry Karr: Thank you very much. I appreciate it.

Gardner: We're also joined by Hemesh Yadav, also an IT architect at Wachovia. Hi, Hemesh.

Hemesh Yadav: Thank you so much, Dana.

Gardner: Now, we don't really want to focus on the acquisition so much as we want to focus on the systems of record, and we are looking at managing multiple systems under perhaps difficult circumstances.

Let's start with you, Harry. Tell us how IT architecture is destiny when it comes to these systems of record, and how to manage multiple systems effectively?

Karr: Well, the hardest part is keeping track of what we have, especially in times of mergers and acquisitions, but also at any other time. When we are trying to add new functionality, the first thing you have to know is what you have in place. So, keeping that up to date, knowing what we have is probably the biggest challenge.

Gardner: How is it different now from the past, when it comes to the tools you have at your disposal to manage these various systems and try to bring them into some concert or harmony?

More Distributed Systems

Karr: The difference is that we have more distributed systems now. We have services being offered by a half dozen or a dozen different service containers. We have many different clients hitting those services. We have many more pieces to the puzzle than we had before, and they're all owned by different people, different groups, and different teams.

Keeping up with that is much harder than it used to be with a single monolithic type of application, as in knowing where the touch points are, what the integration needs are, and where the security mechanisms are applied. There are a lot of things you have to know between the applications.

Gardner: How does the repository come into play here? How does this fit into the puzzle in order to make that complexity a bit more manageable?

Karr: I like to talk about a repository solution. A repository solution has more than one physical repository, and each one has certain specific information or a slice of the data. All together, it gives us a good enterprise solution for a repository and gives us a picture of what we have.

In our world, we do a lot of outsourcing and going through a change of structures, determining what we're going to do right now. We're being acquired by Wells Fargo, and all those changes mean different people will be involved with different things.

If something isn't written down, you've lost it. It's not going to be there. What we need to do is make sure that we have a record of what's there, so that anybody in the bank can go back and look and say, "We have this at this point, and these are the touch points involved, this is the security, and these are the access requirements." Anything they need to know about those touch points can be known from that repository solution.

Gardner: I suppose it must be a great comfort if you were to find yourself working with another organization that had gone through the same diligence and has also embarked with repository solutions.

Karr: Oh yeah, it definitely helps. When you first sit down together, you are out there fact-finding. What do you have? What do I have? Having that in a repository, I can look it up and research it. It's readily accessible. I don't have to wait and call another meeting with the right experts in place who weren't there at the first meeting. I have all the information there, and I could talk to one architect to look up all that information.

Gardner: And this seems to be a reactive and proactive benefit. That is to say, you can look into these systems and understand more about your applications and data, but you could also then execute through these repositories, apply policies and rules, and then have a certain level of functionality follow through. Is that correct?

Karr: It is correct, and we have done that to a limited extent. I think there's room to do it a lot more than we've done it, but right now we've just done very minimal amounts of that.

Gardner: Okay. Hemesh, what sort of role do you have in this, and how do these various federated repositories come together effectively?

One Place to Go

Yadav: Dana, my experience is based on my previous job and my current position. I was involved with repository implementation for Bank of America, when we picked the HP repository (HP SOA Systinet). At the same time, I was working with Harry to pick a repository for enterprise solution for Wachovia. I'd just like to add what Harry was trying to convey here. If you have a single repository and multiple federated systems, you have one place to go.

This is especially true around merger and acquisition, when you are trying to consolidate all the information into one place. I've personally used repository for mergers and acquisitions. When we did the merger with Bank of America with another large banking operation, we put all their Web services into one place, and we put our Web services into one place.

Even though you put their services and your services into one place, if you don't have a common place to store and keep the information in very organized way, if you don't have a single repository and you don't have a good taxonomy to classify those services, even though you have a single enterprise solution, it doesn't really make you very productive.

We tried to address single repository with single classification scheme, single taxonomy, and single policy. So, you have policies for the design time or runtime implementation, naming conventions, and also how we store the metadata, even though you have a different source of systems. But, if you build an enterprise repository and implement a single enterprise metamodel, it will be very easy to classify, store, access, and understand data.

Karr: I'd like to add to that. Hemesh brought up a good point about the consistency of the data in a repository. In my mind, there's no value at all in putting information in a repository. The value is when we get the information out, and in order to get it out, you have to be able to query it. Having it in with a consistent taxonomy and consistent metadata is the only way that you can get the information back out again.

Gardner: Hemesh also raised an interesting point about this lifecycle benefit, bridging the gap between design time and runtime. This has some relationship to a configuration management database (CMDB), moving into quality assurance and the whole production process around services, perhaps even in an agile situation where there is very rapid development and many iterations managing that whole lifecycle. Harry, do you have any thoughts on how powerful repositories are in terms of this lifecycle benefit, perhaps, integrating across internal processes?

Karr: You can come up with a case that there is a selling point for repository at any point in the lifecycle, and all together it's a huge story. But, even at any point, such as the original conception part, do we have this already? Is that already available? How does it fit with what we already have? Going into development, are there pieces that can be reused? How do people know what's developed? Where do you put the Web services description languages (WSDLs) and schemas, when you are developing services?

The next point is around the testing. Testing needs to match the business requirements. If those requirements are not in a repository, are they being handed over on a notebook somewhere? Where do they exist? Repository helps a great deal there.

Then, in production and troubleshooting, deployments, end production, or any kind of troubleshooting you need to know what changes have happened. What's going on with that application? What's changed since the last time it was running properly? Without all that tie-in from all those different repositories, you lose track of what you have, and it helps every single lifecycle.

Gardner: Almost on a philosophical level, it seems that repositories help balance the best of decentralization organizationally. And, in terms of policy and access and control with centralization, you want to have both. Does that strike you as fair?

Karr: It does. There are different corporate mandates for centralization, how much is centralized versus not, but the data can be centralized whether the teams are or not. The organizational structure shouldn't be affected by how the repositories are put in place.

Gardner: Hemesh, what sort of requirements do you look for in choosing repositories? I should think that is better to have more standardization, and the ability to embrace as much data and as many systems formats and used structures as possible. Right?

Defining a Metamodel

Yadav: When we looked at a repository, we looked at a couple of points. I'll just mention couple of key points. Number one, you should be able to define a metamodel for a repository. If you have a repository that comes with an out-of-the-box metamodel, there is a specific way you can define the services or load the services into repository. But, we wanted to customize those metamodels. We wanted to change those models so that we could customize according to Wachovia needs. That's number one.

Some products, when you store their services, they try to keep the level at the Web-service level. They don't keep it at the operations level. Web services could have multiple operations. They don't treat operations as a first-class citizen. There is a gray area there, and most of the vendors have not done a great job.

The third point was that we were looking for how to generate good reporting. So even though you load the data into a repository, there's no good way to generate a report using some types of tools. We found that some products are very good with that, but some products had a lot of weaknesses.

Fourth, we wanted to make that sure that when we stored any data in the repository, we should be able to integrate it with extensible markup language (XML) appliances, universal description, discovery, and integration (UDDI), or SOA management solutions, so we can have complete closed-loop governance.

So, you define your policies, you mandate your policies, you track your policies back, make sure you are meeting your service-level agreements (SLAs), and you generate good reporting. These are the three or four items we were looking very closely when we looked at the products.

Gardner: I suppose another important aspect is how to get started on something like this. Harry, given that you're managing multiple repositories, you're probably going to be managing even more over the course of your business activities.

Is there an opportunity to sort of crawl, walk, and run with these? And, once you do get into sort of a jog or are moving along rapidly, how widely can you establish an SOA, vis-à-vis these repositories?

Karr: Well, it's hard, because you want to look at the whole enterprise repository solution. You want to look at what touch points need to be between the different repositories. Once you map out that, then choosing and working on one repository at a time, putting it in place, and putting it in for a certain unit or division within your company will work very well.

If you don't have the big picture to start with, then, when it comes time to integrate those repositories into a cohesive picture of what you have, you are going to be stuck. You'll have to look at a lot of redo of your work, and that's very expensive.

Gardner: What recommendations do have for folks in order to avoid that?

Karr: It's important to look at the whole picture. They need to look at what's important between all the different repositories. You need to have some way of storing your business-process model. That includes business rules, services, information about your systems of record, information about the data, contracts, who's using what, requirements for change management, SLA management, problem management, organizational structure, and process flows.

All those different repositories need to have touch points. Mapping that out ahead of time will give you an idea of what to do with any one of those, as you put each one in place.

Yadav: One thing I want to add here is that when we were looking into repositories, one thing we were looking at was how to implement a repository where we can leverage the implementation for risk lifecycle management and SOA governance. We wanted to keep that bigger picture in mind, so that whatever information we had in place, we wanted to make sure we could capture it and have it be useful for SOA governance purposes as well.

Gardner: That's interesting. We have a need for backward compatibility, if you will, to be inclusive of as many systems and repositories as we can, but we also want to provide insurance for the future. We want to be able to provide a better business process model and management capability with tools along those lines.

How do you view this as a return on investment (ROI), Harry? Is this money well spent, in that if you do this right, it's going to have many returns for quite some time?

Hand in Hand

Karr: I agree completely. It is going to have a lot of benefits. If you can make the business case for governance of any sort, then the repository goes hand in hand with that governance -- being able to track what you are doing, your processes, everything involved. The repository is a key piece of the governance. I don't think that anybody would disagree that governance has a great business case behind it, and the repository is part of that governance model.

Gardner: I've been in some conversations recently where we've gotten into the notion that governance is not only going to be powerful for managing information systems, but ultimately the same repository can be applied -- and the rules and policies extended -- to actual business processes and across front-office and back-office activities. Do you have a sense that we're going to move this beyond just IT?

Karr: Definitely. As I mentioned a minute ago, the business process models are the business. The business owns that, but they need to see what goes on beyond that. How is that implemented? How does that make you real within the services that are being called? Business process models have an active part in this.

Everybody talks about alignment between IT and business. The repository is the key piece of that. In order to have some kind of alignment, you have to have visibility, and the repository gives you that visibility.

Gardner: Do you agree, Hemesh, that this repository solution set provides a better way, a broker or pivot point, across multiple aspects of a business?

Yadav: Definitely. If you start doing your top-down business process modeling, and you try to create a business activity, build a business service, or implement business services, that's the only way you can track it end to end.

You say, "Okay, this is the business activity, and this is a service that belongs to that particular business activity." If you don't have a single point of storage, or if you don't have an enterprise repository, it's very hard to align business needs with IT implementation.

Gardner: Let's look further out on the horizon, as people start doing sourcing across different types of hosting scenarios and models. We hear a lot about cloud computing these days. Do you sense that these repositories and this solution approach can help you manage services from a variety of different environments, different sourcing, and perhaps even entirely different business models?

Karr: We do sourcing in a lot of different ways. We outsource development. We have services that we buy from other vendors. We have services that are hosted by other vendors -- all those different models.

Getting back to one of your original questions, Dana, about why it's different now than it used to be regarding repository, this is much more distributed than it ever was before, and that trend is only going to increase. As we become a global company, we need to be able to communicate and have that visibility into what each of the pieces is doing. And, as the distribution goes across company boundaries, so it gets even more important.

Gardner: Do you have anything to add on that, Hemesh?

Yadav: No, I agree with Harry. I just wanted to give you an example, how we implemented in my previous job, how we leveraged the SOA repository for-end to-end development. We started with the service architecture as very top down. We put the data into a service repository. The designer would come and add WSDL information to the repository.

Then, the offshore resources would add additional metadata about the system. Then, when we'd go to the hosting team, they would add additional information like WSDL endpoints, service hosting data centers, and other things. So the service repository really helped us to bring different parties to work together and share the information in a common way.

Gardner: Now, you're in the banking industry, and we're going to see more regulation. I don't need to be an analyst to make a big bold prediction that there is going to be increased regulation in the banking industry.

Do these repositories and solutions benefit the compliance and regulations that might also be fast changing in the coming years?

Regulation Means Tracking


Karr: Good Point. I don't think I'll question the fact that we're going to have more regulation. It's going to happen. Any time regulations come in, it requires us to track more of what we have, what we're doing, and how we're doing it, and that's where repositories come in. They don't come from different groups owing that information. It needs to be visible at the highest level throughout the company. That's where repository really helps, and having a centralized repository solution is a big part of that.

Gardner: Harry, if you were to go write a book about your experiences with repositories, what would you say would be the first two or three most important chapters that you need to get into that for setting people up for this journey?

Karr: The big part to me is looking at the scope. How big a picture are we looking at? Are we looking at something just for SOA? Are we looking at something that includes change management or business process models? Make sure that you all agree on the scope before you start. That's probably the number one point. Then, know where you're going to go from there.

The next point would be around flexibility. How much flexibility can you allow different groups to have to determine their own metamodel and to make sure that the taxonomies are similar? Are you going to allow a lot of flexibility there, or you are going to make sure it's more governed? There are business cases on both sides, but you want to have agreement upfront on what's going to happen there.

Those are the two biggest points. I can't think of anything else that would be on top right now.

Gardner: Hemesh, what sort of chapters would you add to that book?

Yadav: I agree with Harry on the first two chapters, but I'd like to add two more chapters that are close to my heart, especially around SOA governance. I'd like to define my end-to-end governance first, before I implement a service repository, so that I have a clear scope in mind and a clear metamodel in mind to capture the information.

The fourth item is to identify the key stakeholder and the role-based authorization in the system. I don't want to share based on the regulation discussion we had just now. We need to give a real emphasis on who can modify the information, who can access what information, and who can change the information. That way we know who really owns the data, and who is using the data. So, in chapter four, I want to define the key stakeholder, the librarian of the services, and their role and scope of influence in the repository.

Gardner: Could you finish up our discussion with a little case study on how you brought this about? How did you sell this internally? Both of you seem to feel strongly that this needs to be comprehensive, holistic, and top down, but that makes it more difficult to sell and get buy-in. Harry, how do you get that inclusion and everyone's buy-in?

Karr: We have issues constantly that point to the need for this type of solution. You have issues happen in production, and someone says, "Well, what changed lately?" People need to get that information quickly. It needs to be tied to the systems that were affected. Who is impacted by those changes. That's a very big part of it.

We've built a lot of services. Some of them are great services, and some of them we probably shouldn't have built. We didn't have the visibility to decide that upfront. We didn't have the governance in place to solve that upfront. So, there's a lot of waste there with any of those services. They had to be redone later, which affects the clients, and affects the systems of record in some cases. There's a lot of waste when we do that.

The next selling point we would have would be around regulations. It's a very big concern to the people making the decisions about the purse strings. In a lot of industries, but especially banking, the regulatory and auditory concerns are huge.

We need to look at those as not new. We've always had them, and we're going to have more, and so that's a big selling point. I can help you with the auditing and regulatory systems that will help you meet your requirements. That's a big selling point right there, because that takes up a lot of their time at the top levels.

Gardner: Hemesh, last word to you. How do you help sell this in terms of business value to a wider audience inside of your organization?

Yadav: I'll add to what Harry was trying to say. When I started selling the service repository, one of my key concerns was that if I can't show you what services I have or if I don't provide enough information to reuse the services, it's very hard for me to justify that you need to reuse my services. Service reuse cannot be achieved without implementing the centralized service repository.

The service repository, if you look at it from business perspective, provides more productivity, more agility, and speed to market, and it reduces the silos.

A real-world example is in interest rate services. Most banks have multiple channels. Each channel provides different implementation of the same services. When you try to put those services in to a centralized repository, you start getting feedback. "I have four services. " "I have five services."

Our business started getting the inputs that said by implementing a centralized repository, there is definitely a way to leverage a single service, and it reduces your maintenance cost, production cost, and also posting cost, and it provides a lot of market value and implementation agility.

Gardner: We've been discussing the role of SOA, repositories, management across complex business circumstances like mergers and acquisitions, and how to future-proof your business against complexity, regulation, and ability to manage across the lifecycle of services in IT, and as well as extending into business processes.

Here to help us understand these topics, and I very much appreciate your input, we've been joined by Harry Karr, IT architect at Wachovia. Thank you, Harry.

Karr: Thank you very much. I appreciate it, Dana. It's been enjoyable.

Gardner: Also, we were benefited by the presence of Hemesh Yadav, IT architect, also at Wachovia. Thanks so much Hemesh.

Yadav: Thank you Dana.

Gardner: This is Dana Gardner, principal analyst at Interarbor Solutions. You've been listening to a sponsored BriefingsDirect podcast. Thanks for listening, and come back next time.

Listen to the podcast. Download the podcast. Find it on iTunes/iPod. Learn more. Sponsor: Hewlett-Packard.

Transcript of a BriefingsDirect podcast on the role of repositories in data integration for large enterprises. Disclaimer: The views expressed in the podcast are not necessarily those of Wells Fargo & Co. or any of its subsidiaries or affiliates. Copyright Interarbor Solutions, LLC, 2005-2009. All rights reserved.