Exploding the Enterprise: Summary


As I've considered the topic of the panel, Exploding the Enterprise and discussed it with the panelists, we've decided that the description in the Supernova program is sufficiently vague to allow at least two interpretations:

  1. Exploding the Enterprise in an internal sense. That is, allowing teams, groups and organizations to function effectively regardless of distance.
  2. Exploding the Enterprise in the external sense. That is, creating opportunities for more and more of the business to be performed by service bureaus and even independent contractors.

The first is the domain of network communications, groupware, IM, and presence. The second is the domain of Web services, identity management, and transactions. The first is about cross-functional and interdepartmental cooperation and is long-term and fluid. The second is generally more focused by the specific tasks being performed (e.g. payroll), well-defined, and for a fixed-term.

I attended a MIT continuing education course 4 or 5 years ago where someone (wish I could remember who) presented research that showed that group interaction dropped in half when participants were separated by more than 400 feet (yes, feet!). And that's on the same floor. Don't even talk about stairs. This seems to present a huge barrier for the exploded enterprise. Perhaps the more limited, transactionally oriented, focused interactions common with external relationships overcomes this.

The external sense of "Exploding the Enterprise" seems more in line with the expertise of the members of the panel and I think that's where we will spend most of the time, but there's also some interesting discussion that can take place at the intersection of these two areas.

For example, I was part of an organization, state government, that in many ways could be considered dysfunctionally organized, but is probably not all that unusual among large organizations. There were many different divisions with their own goals and budgets and they were only loosely connected. As CIO, I saw Web services and identity management as great tools to create cooperative ventures among the loosely coupled divisions.

In this scenario, we could view the external, highly focused interactions of an organizations and the many external service bureaus and contractors as just a leading indicator of the kind of relationships that might exist in internal situations as organizations become more loosely coupled. Put another way, are technologies like presence, Web services, identity management, P2P document management and so on enabling a new kind of loosely coupled, decentralized organization that's still able to cooperatively achieve larger goals?

Here are some possible discussion points for the panel:

  • Phil Becker and others, like the Jerico Forum, have talked about the "deperimeterization" of the enterprise. That seems an apt description of what we're talking about. This is being brought about by things as important as the need to work more closely with trading partners and even customers and as mundane as regular folks installing Wi-Fi in their homes and then logging onto the corporate network through a VPN. The exploding enterprise has significant ramifications for our traditional notions of computer and network security.
  • Any enterprise is no longer a single organization, but a federation of many organizations. The organizations in the federation do not report to a common manager or even share a common long-term goal. They are federated by contracts and connected by networks.
  • Enterprise applications are no longer homogeneous. There is no common IT infrastructure and no hope to ever build one. For example, you need to talk to the company that does your payroll, but you're not big enough to force any kind of architectural decisions on them.
  • You have a varying ability to influence how partners operate. This goes beyond the common IT infrastructure decisions I was talking about in the last bullet--you may not even be able to get them to adhere to your corporate document naming standards, for example.
  • For the most part, your partner organizations don't want to let you all the way inside their systems and you don't want to let them all the way inside yours. The interaction is at well-defined (hopefully) interfaces.
  • The reality of modern organizations is that there is not and never will be a shared infrastructure for identity, computing, document management or anything else. The solution has to be decentralized to work.
  • The ROI on provisioning contractors and part-time service providers, what we'll call "non-persistent employees" is lower than with a direct employee. IT systems have to be architected to reduce the amount of effort required for employee provisioning to make this model effective. Otherwise, it can eat the infrastructure budget alive.
  • Much of the focus in this area has been in federating identity with the idea that once we have federated identity we can manage the access control issues of this exploded enterprise. There is a third way, however and that is to use accountability for those resources that its appropriate for. Dan Geer says that "accountability is a log processing problem." For accountability to work in managing resources in the exploded enterprise, you don't need federated identity, just some identity (like an email address).
  • We're inclined to associate presence with IM since that's where its used most pervasively, but presence messages could be separated from the IM application and deployed as a general-purpose infrastructure that's usable by many apps, including IM. In this scenario, presence messages would flow between machines over an enterprise messaging infrastructure. These presence messages would be generated by an IM client, but by just about any application, such as your calendar or word processing program.