Updates on the New England Electronic Commerce Users Group.
Full Article Below -
The recent New England Electronic Commerce Users’ Group (NEECOM) conference gave attendees time to think about the future of technology and an opportunity to reflect on personal and career development. The agenda of mutually supportive topics emphasized the value of industry organizations in facilitating career development and enriching commerce in the technology market.
The Future of MFT
Managed File Transfer (MFT) was an important topic at this year's conference. It appears that MFT is really at the beginning of its market growth. MFT has a lot going for it, given the concerns about complex data-sharing, compliance, legal regulations, and security interests. CIOs are responsible for secure B2B traffic and transactions while supporting demanding end-users who want the ability to share simple files such as PowerPoint and Word documents and media files in a more secure file-sharing environment. Hence, the MFT market will only grow. MFT technology has evolved, and also has a lot of market opportunity ahead of it. That may translate into more partnerships, consolidation, and, in general, more innovation from the MFT providers.
This conference highlighted several MFT providers who explained the issues associated with government regulation and their implications for the end-user. For example, Attachmate spoke about what I would call the lost zone of file libraries.1
Companies have huge libraries of either redundant or unopened files, and nobody's quite sure what's in there. Besides being a management issue, these huge disk farms of unused data can, potentially, expose corporations to legal action. (And you are paying for it!) And of course, in the lost zone, when you do need something—you cannot find it.
In their presentation, Attachmate described how to manage (by finding the balance between security and efficiency) the huge number of files that most companies have and how to make them secure, yet easy for end-users to access. Currently, end-users are just going around the system.
Not to be outdone by Dropbox or Box.net, Attachmate offers an email plug-in for file transfers that are part of an overall commercial-grade MFT. This does several things to support the above-mentioned challenges. Attachmate's approach is to provide a separate email server and a separate secure file repository, the former having the ability to notify the recipient of an attachment to download, and the latter that can monitor and manage all the particular content files that are being shared. (This provides a benefit that one would not get from YouSendIT or Dropbox.) First, the secure file repositories are managed by the corporation’s IT department. They have a common management capability, an overstructure that sees all the documents and whether or not they have been opened, and sends reminders to the recipients (and notifications to the senders that the files have or have not been opened). Protecting corporate assets, data-cleansing, security, and maintaining user-friendliness can all be accomplished this way.
The IT community is just beginning to embrace the fact that end-users need an efficient, easy-to-understand methodology for sharing large files. Today, users go around the corporate infrastructure, not because of a desire to deceive, but because they need to get their jobs done. So the commercial MFT community is starting to announce and release these email approaches. It remains to be seen whether the MFT community, by providing these end-user utilities, can compete with Dropbox and Box.net (both of whom seem to be chugging along fairly successfully). My own view is that there needs to be a consolidation. No doubt, the consumer environment prefers freeware like Dropbox, but Dropbox has had security issues in the past. Box.net, on the other hand, has taken an enterprise perspective and earned many security certifications from the Drummond Group, and HIPAA compliance to assure CIOs that they can protect their data. However, this technology (I hesitate to call it solution) provides a simple utility for the average user, and no more. In contrast, commercial-grade MFT is able to handle the whole IT infrastructure, the myriad of techniques and protocols, and has all the prebuilt connections from senders and receivers. It is really about sharing in the richest sense of the word. But as I said, the MFT vendors have been slow to adopt the trend.
In another presentation, bTrade gave a different perspective on issues associated with managed file transfer. This presentation was informative as well as controversial, since we got into a deep discussion about cloud providers’ security and their ability to secure enterprise files. Most MFT approaches advocate storing information inside the enterprise behind the firewall. The DMZ is used only as a pass-through vehicle and Internet server, and files are not retained. It is a switching station only.
bTrade’s perspective is that corporations should be responsible for their own data security; of course, with the aid of good tools or third party MFT providers. We agree. With concerns around cyber security growing (most companies have had some kind of hacking, although they don't like to admit it) battening down the hatches is the way to go. In addition, regulations, standards, and industry compliance methods continue to proliferate, and most companies cannot keep up with them. So using third parties (MFT providers) to keep up ensures that all your documents are secure and you are in compliance with the latest regulations. It is an important approach for enterprises to consider.
MFT is not just AS2. In the bTrade presentation, I was interested to hear about regulations in the banking and financial community, for example, Check21. The Check21 Act has been used by banks for a long time. It allows a digital file such as a PDF file to be sent to your bank as a check substitute. With mobile computing, it appears that Check21 may soon be used by consumers. This presents huge challenges, I would assume, associated with shoring up document security as well as validating senders and receivers. That is the kind of thorny problem with which MFT solution providers can help companies. Although a majority of the MFT community has been embracing AS2, the reality is that corporations have many more challenging and complex problems that they need to deal with.
So that is what leads me to my assessment that MFT is just beginning to roar. Firstly, MFT is beginning to supplant the FTPs of the past. FTP is a fundamentally insecure approach; whereas MFT provides more security advantages. MFT vendors seem to be aligning somewhat, at this point in the market, along industry-specific and application approaches such as banking and finance, supply chain and EDI, consumer markets, mobile, and the enterprise end-user mail services. In addition, just sitting and listening to the speakers makes you realize that corporations, large and small, are somewhat in over their head when it comes to all the legal and compliance issues they now face.2
Seeking tangible support from a software provider seems like an easy first step for many companies to take. More on MFT coming soon.
Self-Enrichment, Career Development in the Future of the IT Professional
Here was an interesting set of great speakers. (I was very happy to learn that some of the thought leaders are right in our own neighborhood, providing stimulating insights for the future.) One important presentation I heard was from Eric Bloom, President and CTO of Manager Mechanics, IT leadership and development experts. This was a particularly significant presentation considering the dynamics the market is currently going through. We are going through a sea change in technology as we move into mobile, social networking, big data, etc. However, as Eric pointed out in one of his most popular blogs, “COBOL Will Outlive Us All,” the need for traditional technologies is not dead. I arrived at the same conclusion in my recent research on the B2B/commerce/EDI end-user community (which I presented at the conference). Staying relevant is about understanding the employment and business markets and having marketable skills that meet the new needs, keeping an eye on the fact that things are changing.
Eric stated that part of “your personal marketability is your own personal brand.” As more technology people become free agents (by choice or not), it behooves us to think more about our soft skills—our personal brand.
Interestingly, one of Eric's recommendations is for people to do more publishing—using social networks, blogging, doing presentations, and in general, sharing their knowledge with others. (I can attest to the value of such an approach.) In fact, Eric states, “When building your professional brand, your knowledge is most powerful when it is shared with others." Well said! You can check out Eric at his blog at IT world.
We ended the day with a presentation from Partners Healthcare. Partners is one of the largest healthcare organizations in the US and one of the largest employers in Massachusetts. What's interesting about Partners is their collaborative approach in working with Boston-area hospitals and private providers such as doctor’s offices and other service providers. This collaboration plus the major changes due to healthcare reform have been huge catalysts for the electronic-commerce professional. Healthcare—certainly in the US—is going electronic. So right now the mandates are on for major upgrades to both patient records and the electronic transactions between healthcare providers and payers, patients, etc. We've talked about this topic before, but hearing from someone who deals with this every day reinforced the complexity, the challenges, and the career development opportunities for people who want to have a career in both electronic commerce and healthcare.
The world is moving toward electronic transactions. That's been a truism for several decades, but it seems to be accelerating now as consumers connect the dots between their personal lives, their entertainment, and the businesses that provide services to them. Small businesses, home offices, and consumers all seem to want to integrate the electronic free-for-all. This provides security and technology challenges, but also career opportunities for the future technology professional.
1 The IRS (without a warrant) has the ability to access these files if they have not been opened for some time. Under the Electronic Communication Privacy Act (ECPA), the IRS or law enforcement does not actually have to get a warrant to look at files that are on your server. With legal exposure due to Sarbanes-Oxley (SOX) and other regulations, companies are loath to let outsiders see their data. -- Return to article text above 2 In compliance-dominated industries such as finance, banking, and healthcare, teams of people are dedicated to understanding, implementing, and monitoring legal and industry compliance.
-- Return to article text above
To view other articles from this issue of the brief, click here.