Database and ERP Security and Best Practice Management
Up-to-date syndicated information on database & ERP privacy, security, audit and compliance
Database and ERP audit plans and best practices at www.checklist20.com
-
Decision Time: Is SharePoint In The Cloud For You?
Posted on February 17th, 2012 No commentsThe days of Microsoft SharePoint being only a locally installed software product are over. Microsoft's commitment to SharePoint in the cloud is evident in its massive data-center investments, its costly retrofitting of the code base to support multitenancy and access via subscription, and its emphasis on "cloud" in sales and marketing efforts. SharePoint Online's potential value is intriguing: lower costs, faster implementations, automatic upgrades, and more. The reality: Office 365/SharePoint Online are still only release two, and Microsoft usually needs three releases to get a product right. The questions you face: Will SharePoint in the cloud work for your organization? Is your organization ready to capture the benefits now? Is the proverbial release three of this Microsoft product the charm — or should you engage now? This research answers these questions using the experiences of early SharePoint Online adopters and analysis of Microsoft's product capabilities today. -
Office 365: Version Two Of SharePoint In The Cloud
Posted on February 17th, 2012 No commentsThere's an old adage that says it takes Microsoft three times to get it right. Its commitment to SharePoint in the cloud is clearly evident in its investment in data centers, a costly retrofitting of the code base to multitenancy, and a go-to-market strategy that emphasizes the cloud in both sales and marketing. The value proposition is intriguing: potentially lower costs, faster implementation, automatic upgrades, and more. Here's the reality: Office 365 makes a SharePoint cloud deployment more viable, but it's still only version two. Success will require tolerance to issues, realistic expectations, and a very strong deployment strategy. -
Information And Communications Technology Industry Opportunities In Professional Services
Posted on February 17th, 2012 No commentsThe professional services industry presents both opportunities and challenges for tech vendors. The opportunities? Professional services is one of the largest industries in terms of tech purchases, with uniform technology requirements and needs across segments. The challenges? Professional services consist of a dozen subindustries filled with primarily small and midsize businesses instead of large enterprises. This report illuminates the size and shape — and quirks — of this industry, identifies its technology needs and priorities, and offers recommendations for vendor success. -
Use Customer Analytics To Get Personal
Posted on February 17th, 2012 No commentsCompanies personalize products, offers, content, and communications for a variety of reasons — to treat customers uniquely, to make them feel special, and to encourage them to spend more. Firms rely on various analytical methods, including recommendation engines, business rules, and collaborative filtering, to make personalization work across inbound and outbound customer interactions. This report highlights how customer analytics should serve as the foundation for personalization efforts across channels. -
Executive Q&A: Forrester’s Customer Experience Index
Posted on February 16th, 2012 No commentsTo help customer experience professionals get the most from Forrester's Customer Experience Index (CXi) research, we've summarized answers to the 10 most frequently asked questions we get from clients about this annual benchmark of customer experience quality. Those questions include: When and how is the CXi data gathered, how is each brand's CXi score calculated, and what other data does Forrester have to help brands figure out what's behind their scores? -
The Forrester Wave(tm): Loyalty Program Service Providers, Q1 2012
Posted on February 16th, 2012 No commentsCompanies turn to loyalty program service providers for support across the loyalty value chain — from program strategy, technology, and program management to creative, fulfillment, and liability management. In Forrester's 60-criteria evaluation of this category, we identified six significant vendors — Aimia, Brierley+Partners, Epsilon, Kobie Marketing, Maritz, and Tibco Loyalty Lab — and researched, analyzed, and scored them. This report compares each vendor's current offering, strategy, and market presence to help customer intelligence professionals and loyalty marketers select the right partner for their loyalty program efforts. -
Helping Information Workers Find The Value In Collaboration Tools
Posted on February 16th, 2012 No commentsContent and collaboration (C&C) professionals are helping their businesses deploy a number of tools to keep information workers connected and productive. However, Forrester data consistently shows that these employees use collaboration technology sparingly — and if these tools are essentially shelfware, they won't benefit the business or IT. So C&C pros must understand the adoption roadblocks that workers encounter. To that end, Forrester developed the convenience quotient methodology to describe how the barriers workers perceive to using a collaboration tool detract from the value that tool's benefits provide. This report outlines how C&C pros can use the convenience quotient methodology to assess in which scenarios employees will embrace collaboration tools. -
Laying The Foundation For Successful Sales Coaching Initiatives
Posted on February 16th, 2012 No commentsExecutive pressure to deliver more profitable growth translates into a host of initiatives to "help sales sell" across marketing, sales, and portfolio teams. One result is that we are seeing more and more sales coaching programs. A close look reveals that most of these programs focus on sales coaches rather than the coaching process. This begs the question: How can sales coaching scale across the sales organization without a consistent sales coaching process at the core? Forrester has developed a sales coaching process for sales enablement professionals to use to help drive more consistent sales coaching relationships between reps and coaches like frontline sales managers. -
Navigate The Future Of CRM
Posted on February 16th, 2012 No commentsThis report outlines the future look of Forrester's solution for application development and delivery (AD&D) executives looking to implement a customer relationship management (CRM) solution. It is designed to help AD&D execs prepare for the future of CRM. The only source of competitive advantage is the one that can survive technology-fueled disruption — an obsession with understanding, delighting, connecting with, and serving customers. But, as organizations strive to succeed in the age of the customer, business and IT professionals responsible for customer-facing processes struggle with how to define CRM strategies, re-engineer customer-facing business processes, acquire and deploy the appropriate supporting technologies, and lead and sustain the organizational changes required to make the transition to new ways of working. This report describes 13 important trends you need to take into account when formulating your CRM plans in 2012. It also contains Forrester's customer relationship management trend impact analysis framework, which will help you pinpoint the key steps you need to take to make your plans bulletproof. -
Source Your Network Architecture From A Strategic Partner
Posted on February 16th, 2012 No commentsOver the past few years in the networking industry, various vendors have claimed they offer clients a choice where there was none before. Really?! Over the past eight years, the networking industry has maintained at least 14 Layer 2 and Layer 3 networking vendors, 13 WAN optimization vendors, 12 Wi-Fi vendors, nine application delivery controller (ADC) vendors, and too many management and monitoring solutions to count. This means that we can create more than half a million different variations of Layer 2 through 7 networks. The multivendor approach is dying, however. This report examines the reasons that infrastructure and operations (I&O) personnel are embracing the strategic business partnership models used by firms like Wal-Mart, IBM, and Toyota instead of setting up partnerships with companies that have the cheapest or the best-of-breed wares. -
Teleconference: Transform Customer Experiences: The Smart Way To Implement Process-Centric CRM
Posted on February 15th, 2012 No commentsOrganizations aspire to implement outside-in, customer-focused, cross-functional processes that transform the organization and set it on the path toward continuous improvement. Instead of deploying slow-to-change packaged applications or building difficult-to-change custom solutions, leading organizations embrace business process (BP) methodologies &mdash supported by process-centric IT platforms &mdash that drive rapid process change, increased business engagement, and dramatic improvements in worker productivity. -
How To Create A Site That Appeals To Affluent Investors
Posted on February 15th, 2012 No commentsFour out of five US online affluent investors visit their investment firms' websites at least a few times a year. What secure-site features do they value most? Account inquiry features — balances, transaction history, holdings — are the most important, followed by moving money and communicating with advisors. Users typically rate these features comparably high on quality. But a handful of important features rank relatively low in quality, such as portfolio performance reporting. Smart eBusiness and channel strategy professionals will strive to get the top-ranked features right; they can then differentiate their online wealth management offerings by providing improved versions of features that lag in quality. -
Conversations With Customer Experience Leaders: Maersk Line’s Jesper Engelbrecht Thomsen
Posted on February 15th, 2012 No commentsIn 2009, Maersk Line asked Jesper Engelbrecht Thomsen, vice president of customer service, to take on the role of improving customer experience enterprisewide. Faced with increasing competition and struggling to protect margins, Maersk Line recognized that customer experience was playing an increasingly important role in creating customer loyalty and stopping commoditization. Forrester interviewed Jesper as part of an ongoing series to understand the role of this type of executive orchestrating enterprisewide customer experience, a position that Forrester refers to as a "chief customer officer" (CCO). -
How Will Dutch Insurance Companies Stay Engaged With The Broker Channel After 2012?
Posted on February 15th, 2012 No commentsHigh-profile bankruptcies like that of DSB Bank and the Woekerpolis investment mis-selling scandal have caused turmoil in the Dutch insurance market. New regulations intended to increase transparency and restore trust will fundamentally change brokers' business model. From 2013, brokers will have to comply with stricter sales policies and will no longer be paid commission by insurance companies for complex products like pension plans and mortgages. Without a financial relationship between brokers and insurance companies, eBusiness and channel strategy executives at insurers will need new strategies to stay engaged with successful brokers. Executives will need to provide brokers with a trustworthy brand, offer simple and transparent products, and support them with digital platforms that let customers move easily from one channel to another. -
The Forrester Wave(tm): Risk-Based Authentication, Q1 2012
Posted on February 15th, 2012 No commentsIn Forrester's 16-criteria evaluation of risk-based authentication vendors, we identified the six significant vendors in this category — CA Technologies, Entrust, iovation, RSA, Symantec, and ThreatMetrix — and researched, analyzed, and scored them. This report details our findings about how each vendor measures up and plots where they stand in relation to each other, to help security and risk professionals select the right solution for their authentication requirements. -
February 2012 Critical Patch Update for Java SE Released
Posted on February 14th, 2012 No commentsHello, this is Eric Maurice.
Oracle just released the February 2012 Critical Patch Update for Java SE. This Critical patch Update provides fixes for 14 new security vulnerabilities affecting the Java Runtime Environment and JavaFX. The most severe CVSS Base Score for these vulnerabilities is 10.0 denoting a potentially complete compromise of the targeted systems on the Windows platform (e.g. Windows XP). Out of the 14 new vulnerabilities fixed in this Critical Patch Update, 6 affect server deployments of Java SE , including the vulnerability in the Lightweight HTTP server. This means that they can be exploited by supplying data to APIs in the specified Component without using untrusted Java Web Start applications or untrusted Java applets, such as through a web service.
When computing CVSS Base Scores, Oracle assumes the worst scenario: in the instance of the Critical Patch Update for Java SE, we assume that a user running a Java applet or Java Web Start application has administrator privileges as is typical on the Windows XP platform. On other platforms, for example Solaris and Linux, users do not routinely operate with administrator privileges. On non-Windows platform, the corresponding CVSS scores for those vulnerabilities reported as 10.0 in the Risk Matrix, for the Confidentiality, Integrity, and Availability impacts are "Partial" (instead of the worst-scenario "Complete" reported in the risk matrix), thus lowering the CVSS Base Score for non-Windows platforms to 7.5.
While a small number of people have criticized Oracle for its strict application of the CVSS Standard, particularly as it relates to the difference between “Partial+” and “Complete,” there is a fundamental difference between vulnerabilities whose impact are limited to the affected application and those that result in a full compromise of the targeted system down to the operating system. In instances of full compromise down to the Operating System, the targeted systems can be maliciously repurposed (to serve malware for example), audit trails can be compromised, and in the case of a compromised server, the “chain of trust” that may exist between the affected server and other systems in the environment can be compromised. In other words, a full compromise down to the operating system pose a threat that can be significantly greater than that of a compromise limited to a layer above the operating system. In addition, forensic responses will be different (as the investigatory and evidentiary values of the logs will be different).
Hundreds of millions of lines of code in Oracle’s codebase are written in Java. Following the Sun acquisition, Oracle has added additional resources to focus on Java security, including multipliying development staff dedicated to Java security. In addition, the Java development team is able to leverage a toolset, including code scanning tools, that was not previously available to them. With these new resources available to them as a result of the Oracle acquisition, the Java development team is weeding out security bugs in Java, and is looking at ways to further improve the security posture provided by Java to its users.
For more information:
- Instructions on removing older (and less secure) versions of Java can be found at http://java.com/en/download/faq/remove_olderversions.xml
- Home users can verify that they’re running the most recent version of Java by visiting: http://java.com/en/download/installed.jsp
- The Advisory for the February 2012 Critical Patch Update for Java SE is located at http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
-
Telcos Without Networks
Posted on February 14th, 2012 No commentsNetwork infrastructure has long been the telco business's cash cow. In recent years, this cow has suffered from a poor diet as the result of pricing pressure, network overloads, and nontelco companies invading its grazing pastures. Network infrastructure is the basis for all funding of telco activities; as such, telcos must not only keep the cash cow alive, but also strengthen it. Management of network infrastructure is easily belittled as a subject for engineering nerds — but it must be treated as a key strategic matter. Outsourcing the management of network infrastructure delivers many benefits, and we expect telcos to do this more and more in the years ahead. This report describes how telcos can balance the simultaneous requirements of cost control, enhanced business flexibility, and innovation to incorporate the right approach to external network infrastructure management into their future strategies and what equipment vendors must do to keep up with traditional IT services providers. -
Navigate The Future Of The Security Organization
Posted on February 14th, 2012 No commentsThis report outlines the future look of Forrester's solution for security and risk (S&R) executives working on building a high-performance security program and organization. This report is designed to help you understand and navigate the major business and IT trends affecting the security organization during the next five years. Today's chief information security officers (CISOs) continue to concentrate too much on tactical activities and day-to-day security operations, unable to escape the reactionary hamster wheel. Additionally, businesses and other parts of IT routinely circumvent today's security organization in order to innovate and avoid hearing the predicted "no" response. So despite all the sensational headlines about major security breaches, many CISOs find themselves marginalized by their business colleagues. In this report, Forrester details what CISOs can do to realign with their businesses and transform themselves into chief business security officers, reasserting their position with management, the board, and the company as a whole. -
The Evolution Of The Customer Engagement Agency
Posted on February 13th, 2012 No commentsAs the demand for customer intelligence (CI) from business stakeholders grows and more organizations increase their CI maturity, organizations' marketing agency needs have also changed. A few traditional marketing services providers have recognized this need and are investing in services ranging from strategy development to creative execution to media buying. In this report, we explore the evolution of this model and provide a look ahead at the new customer engagement agencies. -
Mobile Is The New Face Of Engagement
Posted on February 13th, 2012 No commentsBy 2016, smartphones and tablets will put power in the pockets of a billion global consumers. Mobile is not simply another device for IT to support with a shrunken website or a screen-scraped SAP application. Rather, mobile is the manifestation of a much broader shift to new systems of engagement. These systems of engagement help firms empower their customers, partners, and employees with context-aware apps and smart products. To remain vital in this business technology reformation, CIOs must step up and work with other executives to establish an "office of the chief mobility officer" to implement an enterprisewide mobile strategy. This team will coordinate the business and technology investments under a "design for mobile first" mantra that delivers four immediate benefits: 1) fuel profitable growth with stickier offerings and mobile self-service; 2) move faster along the mobile learning curve; 3) aggregate mobile project budgets to fund needed engagement technology; and 4) grow from an IT group focused on systems of record to a business technology group focused on systems of engagement. -
Understanding The Cross-Channel Attribution Landscape
Posted on February 13th, 2012 No commentsCustomer intelligence (CI) professionals are eager to develop a fully integrated cross-channel attribution strategy as a critical first step to optimizing marketing budgets and plans. However, the black box of cross-channel attribution is daunting for most marketers. And with the ever-changing cross-channel measurement landscape, cross-channel attribution becomes increasingly more complex. Forrester talked with a number of cross-channel attribution vendors and other businesses focusing on cross-channel attribution. As a result, we have classified the landscape into four easy-to-track categories. Organizations that wish to succeed at cross-channel attribution must align their marketing resources, understand the attribution methodology, and develop a plan of action. -
Website Functionality Benchmark: Australian Consumer Electronics Retailers
Posted on February 10th, 2012 No commentsConsumer electronics retailers in Australia face many challenges, but online retail is booming despite the relatively modest feature set provided by most Australian sites. To dig deeper, Forrester applied its Website Functionality Benchmark methodology to the transactional sites provided by five Australian companies: Dick Smith, Harvey Norman, JB Hi-Fi, Kogan, and The Good Guys. The testing showed that these sites have considerable room for improvement, though Dick Smith, Harvey Norman, and The Good Guys deserve recognition for covering core search and navigation tactics; Dick Smith had the best checkout process in the review set; and all retailers stood out for best practice in at least one area. To move forward, each retailer should settle on a clear vision for the future that is well differentiated and creates value for its most profitable customers. From there, the company should test continuously while deploying key features to support that vision. -
The Importance Of Developing A Shared Vision Of Success: Update For 2011
Posted on February 10th, 2012 No commentsYour company is likely losing a sizable number of opportunities in your pipeline because your sales teams have not successfully communicated a clear road map for executives on how they will realize ongoing value from the investment you are suggesting they make. While there are clear common attributes executives think are important to creating a vision of success, few technology vendors today coordinate their resources around delivering those attributes. Executives have a strong bias toward vendors that can work with them to develop a shared vision of success, yet pulling all of those pieces together falls most often on the backs of sales teams. Forrester has observed that about 20% of a sales force is able to consistently put all of the puzzle pieces together to create that road map for success with the client. -
The Corporate CMO’s Renewed Strength
Posted on February 10th, 2012 No commentsLarge consumer-facing companies often have some mix of multiple layers of marketing: corporate, divisional, brand, regional, country . . . These layers are configured in different ways in different companies, and within the same company, the structure and roles fluctuate over time. While there is no single right way to organize marketing, this report will help delineate the role of the corporate CMO as a driver of business growth. -
2012 Mobile Trends For eBusiness Professionals
Posted on February 9th, 2012 No commentsTalk of "the year of mobile" is not only passé but also irrelevant. The disruptive forces of mobile arrived more than two years ago and will fundamentally change businesses in the decades to come. That's why — when we revisited 2011 mobile trends — we found that many, if not all of them, are still evolving and relevant. Mobile is generating both substantial web traffic and revenue for consumer-facing companies. While mobile is maturing as a technology, touchpoint, and medium, it is far from mature. The speed of change is challenging companies to rethink resource allocation, organizational structures, and internal processes ranging from development methodologies to key performance metrics. This report helps eBusiness and channel strategy professionals understand the most important trends that will affect their businesses this year. -
How To Select A Commerce Services Provider
Posted on February 9th, 2012 No commentsAs commerce programs that reach across customer touchpoints get more complex and risky, the process of selecting a services provider has become increasingly critical to businesses' success or failure. Yesterday's relatively simple eCommerce projects have become today's customer experience, business, and technology transformation programs. Companies now require a multidisciplined vendor partner to guide decisions upon which rest millions of dollars of revenue, brand differentiation, customer satisfaction, and careers. It is no longer a matter of selecting an eCommerce platform and hiring a firm to support systems integration: Today's commerce services firms support a range of problems and questions, providing channel strategy, technology strategy, customer experience design, systems integration, and managed services. Selecting your services provider may be the most important decision you make as an eBusiness leader. This report acts as a guide to help you consider the most critical elements throughout that process. -
How To Get Started With Social Intelligence In A Regulated World
Posted on February 9th, 2012 No commentsAlthough more and more businesses are adopting social intelligence strategies, regulated companies — such as those in the insurance, finance, pharmaceutical, and healthcare space — remain cautious with social media. But the increasing number of regulations around social media isn't always an excuse for abstaining from it. In fact, some of the regulations may force customer intelligence (CI) teams into monitoring social media. Regardless of how you get there, the key to addressing the frequently changing regulations is to balance the risk and reward of potential strategies, all while relying on tried-and-true CI practices for handling customer data. -
Introducing The Forrester BT Leadership Maturity Model
Posted on February 9th, 2012 No commentsMany CIOs struggle to answer two deceptively simple questions: 1) How are we doing, and 2) what should I prioritize? These questions invite a host of complexities, raising questions about the role of technology in the organization, who your peers are, what your technology priorities should be, when to push the envelope, and what to focus on first. For a CIO to move from the traditional "aligned IT" model to an "empowered BT" world, these questions need to be answered clearly and unequivocally. Forrester has developed a best practices maturity model to help you answer these questions. The model enables you to conduct a self-assessment to understand how your organization measures up against best practices and to identify the areas offering the greatest opportunity for improvement. -
The Forrester BT Leadership Maturity Model
Posted on February 9th, 2012 No commentsThe Forrester BT Leadership Maturity Model consists of four domains (leadership, strategy and planning, BT service design, and BT service delivery). This model is designed to provide a brief self-assessment that gives insight into the maturity of your BT (business technology) organization; this insight can form the basis for articulating the value of BT to corporate stakeholders. The assessment can also help to identify opportunities for investing in improvements to BT capabilities for leadership, strategy, design, and delivery &mdash and to determine priorities for a BT leadership maturity road map. In separate frameworks, Forrester also provides detailed assessments and maturity models for deeper dives into specific topics such as strategy, IT demand management, BT portfolio management, security, sourcing and vendor management, infrastructure and operations, etc. -
Benchmarking Customer Loyalty Program Efforts
Posted on February 9th, 2012 No commentsForrester recently surveyed 81 loyalty program marketers about their loyalty programs and strategies in an effort to understand the size, structure, and performance of customer loyalty programs. Companies continue to look to loyalty programs to drive customer retention, profitability, and customer engagement in an uncertain economy. But they face challenges when it comes to creating and supporting differentiated programs that leverage intelligent offer management.