Exploding the Enterprise, Part II


Darren Lee, the CEO of NextPage is one of the panelists on the panel I'm moderating at SuperNova 2004 next week. I've been meaning to catch up with him on what NextPage is up to anyway and since he's local, I took some time this morning to visit. They have some very interesting new products in the works and that lead to some thoughts that are applicable to next week's panel on Exploding the Enterprise.

First, the term "exploding the enterprise" can be thought of two ways.

  • Most organizations now employee people at multiple locations.
  • Many organizations now outsource large parts of their operations to service providers as well as employing temporary, contract employees persistently (i.e. there's always some group of contract employees on board).

These developments have some consequences:

  • The ROI on provisioning contractors and part-time service providers, what we'll call "non-persistent employees" is lower than with a direct employee. IT systems have to be architected to reduce the amount of effort required for employee provisioning to make this model effective. Otherwise, it can eat the infrastructure budget alive.
  • Any enterprise is not longer a single organization, but a federation of many organizations. The organizations in the federation do not report to a common manager or even share a common long-term goal. They are federated by contracts and connected by networks.
  • Enterprise applications are no longer homogenous. There is no common IT infrastructure and no hope to ever build one. For example, you need to talk to the company that does your payroll, but you're not big enough to force any kind of architectural decisions on them.
  • You have a varying ability to influence how they operate. This goes beyond the common IT infrastructure decisions I was talking about in the last bullet--you may not even be able to get them to adhere to your corporate document naming standards, for example.
  • For the most part, these organizations don't want to let you all the way inside their systems and you don't want to let them all the way inside yours. The interaction is at well-defined (hopefully) interfaces.
  • All of these add up to the fact that there is not and never will be a shared infrastructure for document management or anything else. The solution has to be decentralized to work.

Much of the focus in this area has been in federating identity with the idea that once we have federated identity we can manage the access control issues of this exploded enterprise. There is a third way, however and that is to use accountability for those resources that its appropriate for. Dan Geer says that "accountability is a log processing problem." For accountability to work in managing resources in the exploded enterprise, you don't need federated identity, just some identity (like an email address). That's an interesting concept.

If you've got further thoughts on this, please share them on the forum. I'll try to see that they get incorporated into next week's discussion.