Guest blog by ThinkApps

How-to-Start-a-Startup-front-cover-print“Enterprises are not going to be able to survive in the future if they do not get good at technology.”

This insight was offered by Box CEO Aaron Levie during his lecture for the “How to Start a Startup” course at Stanford University. The course was the basis for a new book of the same name produced independently by ThinkApps, an on-demand service for designing and building stunning apps for web, mobile, and wearables.

The “How to Start a Startup” book, which was nominated for Product Hunt’s “Book of the Year” award, is the ultimate reference guide to starting a successful tech startup. Below is an except from Chapter 10 on building for the enterprise, which features advice from Levie’s lecture.

Start Small

By finding tiny gaps in existing products, you can make that small space your niche, learn it inside and out, and completely own that wedge of the market.

“What you want to start to do is say, ‘We will take this sliver of a problem and we are going to make the user experience on that incredible,’” said Levie.

This way, you’re not even worrying about the big guys until you completely own your space enough to grow and branch out.

Spot Technology Disruptions

“You have to look for new enabling technologies or major trends … that create a wide gap between how things are done and how they can be done,” advised Levie.

This is not only key to finding that little sliver for your business to fit in, it’s also important for realizing new opportunities for your business before the competition catches on.

Find Asymmetries

There are lots of perks to being the little guy — find them and use them.

“You want to do things that incumbents can’t or won’t do because either the economics don’t make sense for them, the economics are so unusual, or because technically they can’t,” explained Levie.

Before you do this, though, do your research and find exactly where your incumbents can’t afford to drop their prices or personalize their UX. Then fill in those gaps.

Find Outliers

Examining those users around the cusp of your industry can give you just the edge you need to take your next steps.

As Levie put it, “Find the unique characteristics of those customers.”

“If you find customers that are working in the future, you will be able to work with them to find what is missing in the future.” Then ask yourself, “How do we build technology that supports all these new use cases that are going to emerge?”

If you work with those outliers as early adopters, you can study them to see how your product can evolve. This will also help you to distill your overall customer needs and narrow in on the best solution, which as Levie said, may be one that they need, not necessarily one that they want.

To learn more about the “How to Start a Startup” book and get your own copy, visit ThinkApps’ website.

To learn how CMI can assist with cloud management and cost to serve start up options, check out our ADC framework Introduction video or contact us to continue the conversation.


Getting started with VDI

Puzzle - AdobeStock_75782349_colors-01Virtual Desktop Infrastructure (VDI) is on the front burner again. Though the technology has been available since server virtualization technologies became popular in the data center, enterprise adoption is recently on the increase. The past couple of years have been an exciting time for VDI because of the many vendors’ feature advances, an improved and simplified licensing cost model and the emergence of mainstream, affordable hyper converged technology. Planning the right VDI strategy can be a time consuming and challenging undertaking for any level of I.T. resource. Selecting the right VDI implementation practices will reduce time, control costs and most importantly deliver greatest value.

Have you ever heard the expression, “A happy customer will tell 1 person, an unhappy customer will tell 10”? In CMI’s experience, understanding users and their work process habits contributes more to a successful project than the technology you are implementing. You can have the greatest assembly of hardware and software serving up virtual desktops to a 1000 users; but it only takes a handful of users who have a bad VDI experience to label a VDI implementation project a failure. Believe us, this type of feedback makes it all the way to the CEO. Our advice? Spend collaborative, quality time with key users in various departments to understand how they use their applications and workstations. This exercise goes a long way in helping identify any potential issues and challenges as well as sets expectations and gains alignment for users transitioning to a virtual desktop from a physical one.

Understanding user habits trickles down into other areas that are equally important to the success of a VDI rollout, including cost control. Most of what you read on the internet regarding VDI includes some mention of the high cost to implement the platform. One way to manage and predict up front cost is to invest time creating a matrix of worker roles and their resource requirements (processor, memory and storage) based on workers’ productivity needs in your organization. Be sure to keep the list of worker roles small and manageable, at most 4-5 worker types. Remember, a major benefit to VDI is standardizing users.  Having too many user profiles gets away from that benefit. Having this information contributes to cost management because the hardware and software is more accurately sized for the project instead of estimated.

Worker role examples:

  • Front desk /Temporary staff users = 1vCPU, 2GB RAM, 20GB Storage
  • Accounting users = 2vCPU, 2GB RAM, 30GB Storage
  • Power Users = 2vCPU, 3GB RAM, 40GB Storage

A final consideration is the expertise that your company chooses to assist in planning and implementing your VDI solution. With CMI’s Adaptable Data Center framework, our VDI experts are in step with the latest practices and technologies available and can help you strategically plan and choose the right VDI features for your business.

Moving from Sanctioned to Secured to Successful

We are in the midst of the presidential campaign journey and one thing remains constant, many campaign strategists feel we are moved most fervently when we are scared.  Regardless of your political persuasion, fear and scare tactics abound. Transition this to how enterprises are approached by most security vendors today. Most articles and presentations start with reminding you of the many heinous security breaches that have taken place in the last few years and the dire consequences that resulted. While true, the base message is built on scaring you into action. This is a sub-optimal position when working to build a business or organization.

The goal of this blog is to review where we are with security motivations and maturity today and how we may be moving to a more positive and supportive context.

I suggest there are three waves of cyber-security maturity in the marketplace today. The first wave is built on regulatory requirements; what we are forced to do to be compliant with current statutes and laws. The second wave is focused on risk management and appropriately securing the assets you have based on priorities and value. The third wave is more positive and focuses on leveraging cyber-security for business growth and efficiencies.


Let’s review each maturity wave more closely.

Wave One: Compliance – feels most familiar and is predicated on what enterprises have to do to meet governmental and organizational regulations and guidance. Meeting compliance thresholds are defined by the regulations or the interpretation of the regulations by internal and external auditors. Common regulatory drivers include HIPAA, PCI, SOX and a continuing host of expanding rules. Budgets generally are set by the boundaries of the auditor’s interpretations of requirements with technology solutions that are focused on the business processes bounded by the regulatory coverage. Security in this wave is simply about doing what is mandated to stay in business. Security is the ante into the game and is viewed by many organizations as a tax on the business.

Wave Two: Risk Management – is about protecting what you have. Enterprises move from being mandated into security by regulatory requirements to taking inventory of all assets, assigning and prioritizing value, and then determining to what level they need to protect those assets based on uncertainty of events. Risk management’s security objective is to assure uncertainty does not deflect the endeavor from the business goals. For cyber-security this generally equates to what is the risk to and value of what the enterprise owns and establishing a budget commensurate with the assigned risk factors and asset values. We do this naturally with our home in determining how much insurance we need and how comprehensive our security system should be. In this wave, the focus is on detection, prevention and response; it is technology heavy with a growing emphasis on people and process to protect the organization’s brand and market position. This is a more positive and thoughtful approach to security and one that is starting to be embraced.

Wave Three: Business Value – is a relatively new wave and works to leverage security as a value driver that directly affect business outcomes. The question to answer is how cyber-security can be utilized to bring efficiencies to business processes. Examples of this wave in action are:

  • Utilizing identity and access management principles to create highly secure collaboration in product development that brings new product / service ideas to market more quickly.
  • Adding the same people, process and technology identity solutions to your supply chain to bring significant efficiencies in complex environments where accurate visibility into second and third tier providers can improve delivery times and margins.
  • Strengthening security in moving from a product to services-based offering. Providing highly branded security and reputation in a services economy is a market differentiator.

Wave three is emerging within progressive organizations and transitions security from a tax to an advantage. Heavens, what a concept.

We are in an interesting time, there is no returning the toothpaste to the tube. Cyber-security is now a mainstay of our business processes. How we use cyber-security will be an ongoing endeavor and one that each organization will need to evaluate regularly. Are you implementing security practices and technology simply because you have to for compliance purposes? Are you now analyzing your assets and developing programs to appropriately protect the value you have? Are you looking to security as an opportunity to grow your business? There are no universal right or wrong answers – only the constant journey to find the best solutions at each turn. As we continue this journey, please share your thoughts and observations so we can be mindful of the best path.

Adaptable Applications for your Enterprise

ADC-Round-Papers-AdobeStock_70033725Applications are an extension of business process and user collaboration and the application layer in the Adaptable Data Center® (ADC) has multiple perspectives and impacts. The first aspect is the type of applications. Applications can be divided into two broad categories; process oriented like ERP and order to cash application suites, and the other grouping is focused on engagement and productivity.

Process-based applications can be further described as systems of record. Systems of record tend to be internally facing applications that have large database back-ends and keep track of the daily transactions that fuel business. Systems of record by definition have to be orderly and integrated at all times so data is consistent and preserved. You know these systems as the dinosaurs of your enterprise, though extinction of these applications tends to be exaggerated. As long as we have transactions, we will need applications that authoritatively track and maintain those records.

The other application type, often called systems of engagement, are more human oriented and are the productivity tools that we use to get our tasks completed and collaborate with our colleagues and partners. These applications focus less on process and more on user interactions. They leverage mobile, social, cloud, and big data innovation to deliver apps and smart products in the context of our daily lives and real-time workflows of customers, partners and employees. We are more familiar with these application types with a growing dependence on mobile and social to get our business completed in the time demands we face.

Systems of record are entrenched while we have an increasing dependence on human enabling applications to access the information stored in these processes and application. There was a time when we simply were focused on webifying these applications for greater usability. Then we added mobilizing access so we had access anytime / any place. Now we have yet another axis with social applications that bring greater real-time collaboration with extended groups. Add to this mix SaaS / cloud-based applications that can be both systems of record and systems of engagement and reside outside the data center. The plot thickens from just a few years ago.

For those of you who are counting, we have system of record applications based on business process that are the authoritative sources of transactional data. We also have user and social productivity applications that are human facing and can be traditional web-based and/or mobile applications that more easily access the systems of record data. We also have SaaS and mobile applications that may leverage their own data sources as well as collaborative social applications that crowd-source new data and content in real-time.

Given the complexity of applications types, the data that is consumed and exposed by these applications, the user demands of these applications and where these applications reside, integration and security have become proportionally complex. Point-to-point integration is a lost cause. Integration must be considered with an any-to-any model much like the enterprise service bus concepts. The difference is now the bus must be extensive to include SaaS and cloud constructs. Security has to extend everywhere. There are no more borders. Micro segmentation and workload security becomes the new normal. The ADC needs to become very adaptable to find new methods for cost to serve, agility and security.

One more wrinkle; application development. Today we acknowledge three development models; waterfall for the more traditional and systems of record applications, agile that speeds development cycles and moves the data closer to the line of business users, and DevOps that fully integrates development, users and operations into a single development lifecycle of ongoing collaboration. We also are seeing the rise of an extension of Service Oriented Architecture (SOA) service-based development platforms where applications can be assembled from a series of micro-services to become composite applications, almost on demand. IBM Bluemix is an example of these new platforms. New portability models of virtualized containers add yet another layer of innovation and value. Adapting the right development model is complex and obviously important to optimize application value.

As stated in the beginning, applications are an extension of business process and user collaboration. How you adapt your business, processes, data, security and user community interaction has never been more rewarding, innovative, exciting, complex and daunting. Questions often arise regarding what applications you should maintain in-house, what should be moved to cloud, what should be SaaS, how to  protect your data through all its transformations and the best methodology for development. CMI’s Adaptable Data Center® framework and our experienced business consultants and architects are here to help determine the best balance for your firm as you move forward. Application adaptability engage our assets for your advantage.