IBM has recently made a number of major announcements and these are linked. In December 2013 IBM announced the acquisition of FiberLink a privately held mobile management and security company. Then on January 23rd it announced that Lenovo plans to acquire IBM’s x86 server business. Lastly on February 24th it made a series of announcements around its cloud offerings. These announcements illustrate the changing way in which IT services are being delivered. This is shifting from an in house model focused on improving the efficiency of internal processes to a more flexible one supporting speed to market, better intelligence and connecting with customers.
In support of these objectives, IBM has been making significant investments over the recent past. These include $2B on the acquisition of SoftLayer and $1.2B on data centre expansion. Through SoftLayer IBM has now a cloud offering that they understand as being attractive to the new breed of “born on the cloud” businesses that would never previously have seen anything from IBM as relevant to their needs. Through the datacentre investment together with the SoftLayer infrastructure IBM now has data centres in all major geographies and financial centres with plans to expand in the Middle East and Africa in 2015. IBM has also announced the open beta of a new Platform as a Service offering code named “BlueMix”.
The new platform is an interesting development, which highlights the shift in the kind of software that IBM sees needs to be developed. This software, from an IBM perspective, is “apps” that must be attractive to end users, be supported on mobile devices and be developed iteratively in response to user feedback. IBM says that the BlueMix platform is based on Open Standards (IBM is a long-time supporter of OpenStack) and the developer can chose any language runtime or bring their own. Critically, IBM claims that it is easy to connect to on- premises systems plus other public and private clouds.
The acquisition of Fiberlink Communications provides IBM with the MaaS360 product, which will enable IBM to offer cloud-based or on premise mobile device management (MDM), mobile content management (MCM), and mobile application management (MAM) including containerization.
So what does this mean from IBM’s point of view? It is clear that IBM sees that cloud services provide more value to the IBM business than the manufacture of volume servers. It establishes PaaS as the model for developing and deploying cloud based applications (Note that IBM is a follower in this area as other major cloud service providers have already shifted to this approach). It emphasizes the importance of mobile device management as a critical aspect of cloud service security. In effect the weakest link in this user centric model for IT services delivered through apps is the user and her mobile device.
Is the cloud the real future of IT services delivery? In KuppingerCole’s opinion the cloud is a commoditized variant of managed services delivery like hosting and so it has a place. Standardizing services and enabling elasticity clearly has a value. The cloud provides an opportunity for SMEs to obtain higher quality and more secure IT services than they could provide themselves. However this is a market with low margins. For large organizations, the cloud provides value through standardized solutions with lower project cost and moving from Capex to Opex. On the other hand, the cloud currently adds complexity for large organizations in the areas of selection, management, integration, and auditing. Furthermore, in Europe there is grave concern over legal and compliance implications. Most large organizations are using the cloud in some way or another, but frequently they refrain from using the cloud for business critical applications or regulated data.
What is the real long-term value of apps to organizations – is this a bubble? In KuppingerCole’s view there is no doubt that apps provide a good way to deliver services to customers, partners and associates through mobile devices (Albeit that the mobile versions commonly are not as good as the desktop ones). Apps also appear to be more targeted towards consuming then working on information and more towards the occasional user then the power user, doing his everyday work. It is less clear that this approach provides real differentiation – if every organization is doing it then it becomes an additional cost rather than a benefit. And who knows today what the device, user interface, and application paradigm will be in few years from now, in this ever-changing world?
Iterative software development provides an excellent way of capturing user requirements but does it lead to secure software? By analogy – would you build a sky scraper or a commercial airliner this way? To create robust and secure systems you need to apply good engineering principles from the foundation upwards.
There is logic in IBM’s strategy; there is a growth market in the cloud but most organizations will continue to use a mix of IT services delivery models. KuppingerCole sees some large organizations using private cloud variants, for services such as SharePoint, from specialized providers who will take care of the legal and compliance concerns. Here IBM has an advantage since it supports both public and private cloud as well as more traditional models including hosting and on premises managed services.
For more information on best practices for managing cloud and mobile device security register now for the European Identity and Cloud Conference to be held in Munich during May 2014.