Tactical Guideline: Minimizing Risk in Hosting Relationships

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Tactical Guideline: Minimizing Risk in E-Mail Hosting Relationships"

Transcription

1 Research Publication Date: 26 February 2008 ID Number: G Tactical Guideline: Minimizing Risk in Hosting Relationships Matthew W. Cain This report discusses the often hidden risks in moving to a hosted delivery model and suggests ways to mitigate those risks. It is relevant to core and security operational staff, as well as to compliance and procurement staff. Key Findings The market for hosting services is poised for explosive growth in the next few years. There are four areas of common misunderstanding in hosted relationships: legal; security and integration; contract startup and cessation; and operations. Recommendations Clarify legal aspects before signing the contract, including how discovery and preservation requests will be processed. Discuss security and integration before contract, including risks associated with a multitenant server model, as well as directory, application and communication service integration. Go through contract startup and cessation issues before contract, including onboarding and data migration costs, version support and upgrade schedule, and cessation costs and procedures. Clarify operational matters before contract, including archiving and purge services, as well as level-one help desk duties. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

2 WHAT YOU NEED TO KNOW Companies need to address numerous areas of risk in a hosted relationship before engagement. STRATEGIC PLANNING ASSUMPTION By 2012, 20% of enterprise market seats will be delivered via software as a service (SaaS) and similar models. ANALYSIS This document is an updated version of the document published on 26 February This report uses the term "hosting" to refer to externally provisioned services. SaaS is one form of hosting typically one that emphasizes a standard feature set that is easily provisioned, and often sold in large volumes. An example of SaaS is Google's Gmail service. Vendors that sell Exchange-based multitenant and dedicated server model mailboxes are not necessarily SaaS providers, but they are hosters. Hosting, however, does not cover outsourcers, which typically supply and other desktop services together, with both on-premises and off-premises server models. Therefore, the term " hosting" refers to a range of external provisioning models, excluding traditional outsourcing. While the uptake by companies of hosted services has been limited about 1% of the overall market and largely restricted to smaller companies for which the economics are more attractive, Gartner forecasts rapid growth of the market to 20% in 2012 (for more information, see " Hosting: Poised for Explosive Growth"). Given the anticipated shift in delivery models, it is prudent to mine for best practices from the experience of companies that have already gone through the hosting process. For a broader view of hosting concerns, see "Toolkit: Hosting Request for Proposal," and, for a more detailed look at service-level agreements, see "Establishing Service-Level Agreements." One area that stands out is the need to minimize risk in an hosting relationship. The best way to do this is to clarify the respective roles, responsibilities and costs of the more esoteric points. These concerns fall into four categories: legal; security and integration; contract startup and cessation; and operations. There are, of course, many other factors to consider in an hosting relationship (see "Toolkit: Hosting Request for Proposal") but the items listed here are the ones that most often lead to contention later in the relationship. We believe clarifying these issues before entering the contract will prevent strife and help foster a harmonious relationship with the hosting partner. In some cases, investigation of certain issues such as legal ones may lead organizations to conclude that a hosting relationship is not appropriate, given the lack of clarity or experience on the part of the vendor. Legal Given the increasing involvement of in litigation, companies should anticipate that they will be required to meet court-ordered discovery requests, as well as preservation orders. Complying with such requests can be onerous and expensive, and when responsibilities for compliance are not addressed in a hosted relationship, contentious relations are often the result. Generally, local archives personal folders (PSTs) in Microsoft Exchange parlance are the responsibility of the service consumer, but there is no clear responsibility for stored on the server or Publication Date: 26 February 2008/ID Number: G Page 2 of 6

3 resident on hoster backup tapes. The process, cost, and duties for discovery and preservation requirements need to be negotiated upfront, and the appropriate protocols for maintaining attorney-client privilege should also be established at the outset. Similarly, companies should know upfront how the hoster will handle requests for access to corporate messages from governmental agencies, such as the Federal Bureau of Investigation or the National Security Agency in the U.S. Finally, there is an increasing number of country-specific regulations relating to for example, privacy laws in Germany and append disclosure requirements in the U.K. Companies should ascertain if hosting companies can meet these requirements and, if so, what costs (if any) would result. The agreement should clearly state what jurisdiction applies to the contract and how a conflict of laws issue would be mitigated. Security and Integration While there are numerous security and integration issues to be addressed in any hosting relationship, there are several that can often lead to disputes. Directory integration, for example, can be done in several different ways: hosters can join the corporate Active Directory forest (in the case of Exchange); they can create an external resource forest; or they can host the entire directory. Each approach creates roles and responsibilities for the hoster and customer that need to be clarified before contract. Customers also need to know what steps the hoster has taken to remediate a known security exposure when Outlook 2003 is run against a multitenant server hosted model. Similarly, customers should ask vendors to demonstrate how a breach in one customer's environment does not pose a risk to other customers hosted in the data center. Customers should request that the Simple Mail Transfer Protocol (SMTP) relays use Transport Layer Security (TLS) when possible to ensure additional over-the-wire security. On the integration front, organizations need to understand the steps required and/or costs involved in allowing an application to use hosted services (often SMTP services) for existing and new applications. Finally, as the industry moves toward a converged communication paradigm (for example, integrating presence into or routing voice mail to ), procedures and costs for such integration need to be spelled out, particularly in the case of an on-premises/hosted hybrid model. Contract Startup and Cessation Client performance, of course, is paramount in any hosted relationship. In the hosted model, adequate bandwidth (and, in some cases, latency reduction) is imperative. Companies need to establish the amount of bandwidth required for fast client access, the cost of and responsibility for the payment of the bandwidth (including redundant links) and the responsibility for managing the network connectivity. Similarly, any startup costs, typically for onboarding and/or data migration, must be made clear. Because version upgrades lead to feature expansion, it is important to know what version will be used at the back end, and it should be clarified when the next migration is scheduled (for example, the hoster will move to the next version or service pack within six months of commercial availability) and what the costs, if any, will be for the version upgrade. Customers should insist that vendors provide pricing tiers in the contract for additional mailboxes. For example, if a contract calls for 5,000 users, they should ask the vendor to have a price ceiling in the contract for additional blocks of 500 users. Finally, the steps and costs for the cessation of the contract, including any costs, duties and procedures for data migration, need to be detailed. Operations Responsibility for providing level-one help desk support is sometimes overlooked in hosted deals. Most hosters will not provide the service, so alternative provision needs to be made. Similarly, the escalation procedure, authorized callers, and time to respond to level-two help desk calls need to Publication Date: 26 February 2008/ID Number: G Page 3 of 6

4 be established. Many companies also have strict policies on retention some purge certain folders after a set time, and/or preserve some message types or entire folders. Companies need to ensure that the hoster has the capability to meet these requirements, that it can demonstrate compliance, it explains the rights and procedures for accessing archived messages, and stipulates any costs for these services. Many organizations focus on uptime service-level agreements to ensure continuous operations. But these do not address true disaster recovery (DR), which ensures continuous operations in the event of a catastrophic failure at the data center by replicating data to another site. If true DR is required, then site-to-site failover services and specific recovery point and recovery time objectives, and the cost of these services, need to be contractually agreed. Monitoring and reporting can also contribute to risk mitigation. Customers can contractually obligate hosting vendors to provide specific reports on a regular basis, as well as real-time monitoring, to ensure the customer has maximum control over the environment. In addition to clarifying version upgrade schedules, we recommend adding a patch management clause to the contract timely application of the Exchange daylight saving time patch last year, for example, was crucial for continuous stable operations. Tactical Guidelines Legal Clarify the cost and responsibilities (in-house staff versus hoster staff) for complying with discovery mandates. Establish the cost and responsibilities (in-house staff versus hoster staff) for complying with preservation requirements. Determine the actions the hoster will take if a government agency requests access to corporate . Ascertain the hoster's ability to maintain attorney-client privilege. Clarify the hoster's ability to meet any geographic legal requirements for user privacy, disclosure or preservation. Establish what jurisdiction applies to the contract and how a conflict of laws issue will be mitigated. Security and Integration Find out the process by which in-house directories will be linked with, and managed by, the hosting partner. Discover any security risks associated with a multitenant server model (for example, Outlook 2003 access enabling third-party address book viewing). Ensure that TLS is used at the SMTP relay to encrypt data over the wire when possible. Determine the steps necessary to allow applications to use services and what this will cost. Ascertain the steps needed and what it will cost to enable converged communication capabilities (for example, integrating presence into or routing voice mail to ). Publication Date: 26 February 2008/ID Number: G Page 4 of 6

5 Contract Startup and Cessation Establish the amount of bandwidth required for fast client access, the cost of the bandwidth and responsibility for its payment (including backup pipes) and the responsibility for managing network connectivity. Determine any startup, onboarding and data migration costs. Clarify the version of the back-end server to be used and the schedule (and costs, if any) for migration to new versions of the server software. Find out the processes and costs for terminating the contract, including any costs and procedures for data migration. Operations Clarify the responsibility for providing level-one end-user help desk services. Establish the ability of the hosting provider to meet corporate purge requirements. Ascertain the ability to supply archive services and their costs. Determine the ability to offer true DR. Publication Date: 26 February 2008/ID Number: G Page 5 of 6

6 REGIONAL HEADQUARTERS Corporate Headquarters 56 Top Gallant Road Stamford, CT U.S.A European Headquarters Tamesis The Glanty Egham Surrey, TW20 9AW UNITED KINGDOM Asia/Pacific Headquarters Gartner Australasia Pty. Ltd. Level 9, 141 Walker Street North Sydney New South Wales 2060 AUSTRALIA Japan Headquarters Gartner Japan Ltd. Aobadai Hills, 6F 7-7, Aobadai, 4-chome Meguro-ku, Tokyo JAPAN Latin America Headquarters Gartner do Brazil Av. das Nações Unidas, andar World Trade Center São Paulo SP BRAZIL Publication Date: 26 February 2008/ID Number: G Page 6 of 6

Cost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products

Cost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products Research Publication Date: 10 December 2008 ID Number: G00163195 Cost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products Lawrence Orans, Greg Young Most

More information

Cloud E-Mail Decision-Making Criteria for Educational Organizations

Cloud E-Mail Decision-Making Criteria for Educational Organizations Research Publication Date: 10 June 2011 ID Number: G00213675 Cloud E-Mail Decision-Making Criteria for Educational Organizations Matthew W. Cain Educational organizations sometimes struggle to choose between

More information

Research Agenda and Key Issues for Converged Infrastructure, 2006

Research Agenda and Key Issues for Converged Infrastructure, 2006 Research Publication Date: 20 July 2006 ID Number: G00141507 Research Agenda and Key Issues for Converged Infrastructure, 2006 Sylvain Fabre Gartner's research will cover fixed-mobile convergence, the

More information

Q&A: How Can ERP Recurring Costs Be Contained?

Q&A: How Can ERP Recurring Costs Be Contained? Research Publication Date: 18 December 2008 ID Number: G00163030 Q&A: How Can ERP Recurring Costs Be Contained? Peter Wesche Driven by increased pressure for cost containment, attendees at the 2008 Financial

More information

IT Operational Considerations for Cloud Computing

IT Operational Considerations for Cloud Computing Research Publication Date: 13 June 2008 ID Number: G00157184 IT Operational Considerations for Cloud Computing Donna Scott Cloud computing market offerings increase the options available to source IT services.

More information

Q&A: The Many Aspects of Private Cloud Computing

Q&A: The Many Aspects of Private Cloud Computing Research Publication Date: 22 October 2009 ID Number: G00171807 Q&A: The Many Aspects of Private Cloud Computing Thomas J. Bittman Cloud computing is at the Peak of Inflated Expectations on the Gartner

More information

Research. Key Issues for Software as a Service, 2009

Research. Key Issues for Software as a Service, 2009 Research Publication Date: 6 February 2009 ID Number: G00164873 Key Issues for Software as a Service, 2009 Robert P. Desisto, Ben Pring As organizations' capital budgets dry up, clients evaluating SaaS

More information

Responsible Vulnerability Disclosure: Guidance for Researchers, Vendors and End Users

Responsible Vulnerability Disclosure: Guidance for Researchers, Vendors and End Users Research Publication Date: 17 October 2006 ID Number: G00144061 Responsible Vulnerability Disclosure: Guidance for Researchers, Vendors and End Users Amrit T. Williams, John Pescatore, Paul E. Proctor

More information

Organizations Should Implement Web Application Security Scanning

Organizations Should Implement Web Application Security Scanning Research Publication Date: 21 September 2005 ID Number: G00130869 Organizations Should Implement Web Application Security Scanning Amrit T. Williams, Neil MacDonald Web applications are prone to vulnerabilities

More information

Case Study: New South Wales State Department of Education Adopts Gmail for 1.2 Million Students

Case Study: New South Wales State Department of Education Adopts Gmail for 1.2 Million Students Industry Research Publication Date: 26 January 2010 ID Number: G00172722 Case Study: New South Wales State Department of Education Adopts Gmail for 1.2 Million Students Steve Bittinger Australia's New

More information

Iron Mountain's acquisition of Mimosa Systems addresses concerns from prospective customers who had questions about Mimosa's long-term viability.

Iron Mountain's acquisition of Mimosa Systems addresses concerns from prospective customers who had questions about Mimosa's long-term viability. Research Publication Date: 22 March 2010 ID Number: G00175194 Iron Mountain Acquires Mimosa Systems Sheila Childs, Kenneth Chin, Adam W. Couture Iron Mountain offers a portfolio of solutions for cloud-based

More information

BEA Customers Should Seek Contractual Protections Before Acquisition by Oracle

BEA Customers Should Seek Contractual Protections Before Acquisition by Oracle Research Publication Date: 15 February 2008 ID Number: G00155026 BEA Customers Should Seek Contractual Protections Before Acquisition by Oracle Peter Wesche, Jane B. Disbrow Oracle has announced an agreement

More information

Key Issues for Identity and Access Management, 2008

Key Issues for Identity and Access Management, 2008 Research Publication Date: 7 April 2008 ID Number: G00157012 for Identity and Access Management, 2008 Ant Allan, Earl Perkins, Perry Carpenter, Ray Wagner Gartner identity and access management research

More information

For cloud services to deliver their promised value, they must be underpinned by effective and efficient processes.

For cloud services to deliver their promised value, they must be underpinned by effective and efficient processes. Research Publication Date: 15 October 2010 ID Number: G00208009 ITIL 'in the Cloud' George Spafford, Ed Holub The cloud-computing delivery model is generating a lot of interest from organizations wishing

More information

Modify Your Storage Backup Plan to Improve Data Management and Reduce Cost

Modify Your Storage Backup Plan to Improve Data Management and Reduce Cost G00238815 Modify Your Storage Backup Plan to Improve Data Management and Reduce Cost Published: 4 October 2012 Analyst(s): Dave Russell IT leaders and storage managers must rethink their backup procedures

More information

The Five Competencies of MRM 'Re-' Defined

The Five Competencies of MRM 'Re-' Defined Research Publication Date: 14 March 2008 ID Number: G00155835 The Five Competencies of MRM 'Re-' Defined Kimberly Collins This research details the five key competencies of marketing resource management

More information

Managing IT Risks During Cost-Cutting Periods

Managing IT Risks During Cost-Cutting Periods Research Publication Date: 22 October 2008 ID Number: G00162359 Managing IT Risks During Cost-Cutting Periods Mark Nicolett, Paul E. Proctor, French Caldwell To provide visibility into increased risks

More information

Critical Privacy Questions to Ask an HCM/CRM SaaS Provider

Critical Privacy Questions to Ask an HCM/CRM SaaS Provider Research Publication Date: 31 July 2009 ID Number: G00168488 Critical Privacy Questions to Ask an HCM/CRM SaaS Provider Carsten Casper, Thomas Otter, Arabella Hallawell The vast majority (probably greater

More information

Use These Guidelines for Making Better CRM Consulting Provider Selections

Use These Guidelines for Making Better CRM Consulting Provider Selections Research Publication Date: 7 July 2006 ID Number: G00141062 Use These Guidelines for Making Better CRM Consulting Provider Selections Matthew Goldman, Ed Thompson, Lorrie Scardino Gartner sees many inconsistencies

More information

Microsoft's Cloud Vision Reaches for the Stars but Is Grounded in Reality

Microsoft's Cloud Vision Reaches for the Stars but Is Grounded in Reality Research Publication Date: 4 November 2008 ID Number: G00162793 Microsoft's Cloud Vision Reaches for the Stars but Is Grounded in Reality David Mitchell Smith, Neil MacDonald At Professional Developers

More information

Toolkit: Reduce Dependence on Desk-Side Support Technicians

Toolkit: Reduce Dependence on Desk-Side Support Technicians Gartner for IT Leaders Publication Date: 23 April 2007 ID Number: G00147075 Toolkit: Reduce Dependence on Desk-Side Support Technicians David M. Coyle, Terrence Cosgrove The IT service desk and PC life

More information

Backup and Disaster Recovery Modernization Is No Longer a Luxury, but a Business Necessity

Backup and Disaster Recovery Modernization Is No Longer a Luxury, but a Business Necessity Research Publication Date: 11 August 2011 ID Number: G00215300 Backup and Disaster Recovery Modernization Is No Longer a Luxury, but a Business Necessity John P Morency, Donna Scott, Dave Russell For the

More information

Eight Critical Forces Shape Enterprise Data Center Strategies

Eight Critical Forces Shape Enterprise Data Center Strategies Research Publication Date: 8 February 2007 ID Number: G00144650 Eight Critical Forces Shape Enterprise Data Center Strategies Rakesh Kumar Through 2017, infrastructure and operations managers, architects

More information

The Current State of Agile Method Adoption

The Current State of Agile Method Adoption Research Publication Date: 12 December 2008 ID Number: G00163591 The Current State of Agile Method Adoption David Norton As the pace of agile adoption increases, development organizations must understand

More information

Google and Microsoft Battle for the.edu E-Mail Market

Google and Microsoft Battle for the.edu E-Mail Market Research Publication Date: 16 August 2007 ID Number: G00150690 Google and Microsoft Battle for the.edu E-Mail Market Matthew W. Cain, Marti Harris This document compares the current no-fee e-mail programs

More information

Cost-Cutting IT: Should You Cut Back Your Disaster Recovery Exercise Spending?

Cost-Cutting IT: Should You Cut Back Your Disaster Recovery Exercise Spending? Industry Research Publication Date: 11 February 2009 ID Number: G00164764 Cost-Cutting IT: Should You Cut Back Your Disaster Recovery Exercise Spending? Jeff Vining Government CIOs are under increasing

More information

Knowledge Management and Enterprise Information Management Are Both Disciplines for Exploiting Information Assets

Knowledge Management and Enterprise Information Management Are Both Disciplines for Exploiting Information Assets Research Publication Date: 31 July 2009 ID Number: G00169664 Knowledge Management and Enterprise Information Management Are Both Disciplines for Exploiting Information Assets Regina Casonato This research

More information

Business Intelligence Focus Shifts From Tactical to Strategic

Business Intelligence Focus Shifts From Tactical to Strategic Research Publication Date: 22 May 2006 ID Number: G00139352 Business Intelligence Focus Shifts From Tactical to Strategic Betsy Burton, Lee Geishecker, Kurt Schlegel, Bill Hostmann, Tom Austin, Gareth

More information

Discovering the Value of Unified Communications

Discovering the Value of Unified Communications Research Publication Date: 12 February 2007 ID Number: G00144673 Discovering the Value of Unified Communications Bern Elliot, Steve Cramoysan Unified communications represent a broad range of new solutions

More information

E-Mail Is a Commodity and Other Fairy Tales

E-Mail Is a Commodity and Other Fairy Tales G00210585 E-Mail Is a Commodity and Other Fairy Tales Published: 9 February 2011 Analyst(s): Matthew W. Cain A deep understanding of the operational, architectural, policy and feature requirements of an

More information

CDOs Should Use IT Governance and Risk Compliance Management to Advance Compliance

CDOs Should Use IT Governance and Risk Compliance Management to Advance Compliance Industry Research Publication Date: 1 May 2008 ID Number: G00156708 CDOs Should Use IT Governance and Risk Compliance Management to Advance Compliance Barry Runyon Care delivery organizations (CDOs) are

More information

When to Use Custom, Proprietary, Open-Source or Community Source Software in the Cloud

When to Use Custom, Proprietary, Open-Source or Community Source Software in the Cloud Industry Research Publication Date: 3 May 2010 ID Number: G00175030 When to Use Custom, Proprietary, Open-Source or Community Source Software in the Cloud Massimiliano Claps, Andrea Di Maio Cloud computing

More information

The Hype Around an Integrated Talent Management Suite Outpaces Customer Adoption

The Hype Around an Integrated Talent Management Suite Outpaces Customer Adoption Research Publication Date: 3 February 2009 ID Number: G00164356 The Hype Around an Integrated Talent Management Suite Outpaces Customer Adoption James Holincheck Gartner surveyed 123 customer references

More information

Deliver Process-Driven Business Intelligence With a Balanced BI Platform

Deliver Process-Driven Business Intelligence With a Balanced BI Platform Research Publication Date: 12 April 2006 ID Number: G00139377 Deliver Process-Driven Business Intelligence With a Balanced BI Platform Kurt Schlegel To enable process-driven business intelligence, IT organizations

More information

Cloud, SaaS, Hosting and Other Off-Premises Computing Models

Cloud, SaaS, Hosting and Other Off-Premises Computing Models Research Publication Date: 8 July 2008 ID Number: G00159042 Cloud, SaaS, Hosting and Other Off-Premises Computing Models Yefim V. Natis, Nicholas Gall, David W. Cearley, Lydia Leong, Robert P. Desisto,

More information

Now Is the Time for Security at the Application Level

Now Is the Time for Security at the Application Level Research Publication Date: 1 December 2005 ID Number: G00127407 Now Is the Time for Security at the Application Level Theresa Lanowitz Applications must be available, useful, reliable, scalable and, now

More information

Data Center Consolidation in Western Europe Faces Limitations

Data Center Consolidation in Western Europe Faces Limitations Research Publication Date: 19 September 2006 ID Number: G00143179 Data Center Consolidation in Western Europe Faces Limitations Rakesh Kumar Organizations embarking on pan-european data center site consolidation

More information

The Value of Integrating Configuration Management Databases With Enterprise Architecture Tools

The Value of Integrating Configuration Management Databases With Enterprise Architecture Tools Research Publication Date: 13 January 2011 ID Number: G00210132 The Value of Integrating Configuration Management Databases With Enterprise Architecture Tools Ronni J. Colville, Patricia Adams As configuration

More information

The What, Why and When of Cloud Computing

The What, Why and When of Cloud Computing Research Publication Date: 4 June 2009 ID Number: G00168582 The What, Why and When of Cloud Computing David Mitchell Smith, Daryl C. Plummer, David W. Cearley Cloud computing continues to gain visibility.

More information

Cloud IaaS: Service-Level Agreements

Cloud IaaS: Service-Level Agreements G00210096 Cloud IaaS: Service-Level Agreements Published: 7 March 2011 Analyst(s): Lydia Leong Cloud infrastructure-as-a-service (IaaS) providers typically offer SLAs that cover the various elements of

More information

2010 Gartner FEI Technology Study: Planned Shared Services and Outsourcing to Increase

2010 Gartner FEI Technology Study: Planned Shared Services and Outsourcing to Increase Research Publication Date: 20 April 2010 ID Number: G00176029 2010 Gartner FEI Technology Study: Planned Shared Services and Outsourcing to Increase John E. Van Decker, Cathy Tornbohm This Gartner Financial

More information

Best Practices for Confirming Software Inventories in Software Asset Management

Best Practices for Confirming Software Inventories in Software Asset Management Research Publication Date: 24 August 2009 ID Number: G00167067 Best Practices for Confirming Software Inventories in Software Asset Management Peter Wesche, Jane B. Disbrow This research discusses the

More information

Integrated Marketing Management Aligns Executional, Operational and Analytical Processes in a Closed-Loop Process

Integrated Marketing Management Aligns Executional, Operational and Analytical Processes in a Closed-Loop Process Research Publication Date: 26 October 2010 ID Number: G00207031 Integrated Marketing Management Aligns Executional, Operational and Analytical Processes in a Closed-Loop Process Kimberly Collins This research

More information

Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in

Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in Research Publication Date: 15 March 2011 ID Number: G00210952 Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in Tim Zimmerman Enterprises must

More information

Embrace Virtual Assistants as Part of a Holistic Web Customer Service Strategy

Embrace Virtual Assistants as Part of a Holistic Web Customer Service Strategy Research Publication Date: 19 August 2010 ID Number: G00205618 Embrace Virtual Assistants as Part of a Holistic Web Customer Service Strategy Johan Jacobs Customers are insisting on multiple methods to

More information

The Lack of a CRM Strategy Will Hinder Health Insurer Growth

The Lack of a CRM Strategy Will Hinder Health Insurer Growth Industry Research Publication Date: 15 October 2008 ID Number: G00162107 The Lack of a CRM Strategy Will Hinder Health Insurer Growth Joanne Galimi The Gartner 2008 healthcare payer application survey

More information

XBRL Will Enhance Corporate Disclosure and Corporate Performance Management

XBRL Will Enhance Corporate Disclosure and Corporate Performance Management Research Publication Date: 23 April 2008 ID Number: G00156910 XBRL Will Enhance Corporate Disclosure and Corporate Performance Management Nigel Rayner, Neil Chandler Extensible Business Reporting Language

More information

Microsoft and Google Jostle Over Cloud-Based E-Mail and Collaboration

Microsoft and Google Jostle Over Cloud-Based E-Mail and Collaboration Research Publication Date: 24 March 2008 ID Number: G00156216 Microsoft and Google Jostle Over Cloud-Based E-Mail and Collaboration Tom Austin Both Google and Microsoft come up short in terms of delivering

More information

IT asset management (ITAM) will proliferate in midsize and large companies.

IT asset management (ITAM) will proliferate in midsize and large companies. Research Publication Date: 2 October 2008 ID Number: G00161024 Trends on Better IT Asset Management Peter Wesche New exiting trends will lead to a higher adoption of asset management methodologies. Tighter

More information

Roundup of Business Intelligence and Information Management Research, 1Q08

Roundup of Business Intelligence and Information Management Research, 1Q08 Gartner for IT Leaders Publication Date: 2 May 2008 ID Number: G00157226 Roundup of Business Intelligence and Information Management Research, 1Q08 Bill Hostmann This document provides a roundup of our

More information

2010 FEI Technology Study: CPM and BI Show Improvement From 2009

2010 FEI Technology Study: CPM and BI Show Improvement From 2009 Research Publication Date: 22 March 2010 ID Number: G00175233 2010 FEI Technology Study: CPM and BI Show Improvement From 2009 John E. Van Decker Many organizations recognize that current financial management

More information

The IT Service Desk Market Is Ready for SaaS

The IT Service Desk Market Is Ready for SaaS Research Publication Date: 17 April 2009 ID Number: G00166526 The IT Service Desk Market Is Ready for SaaS David M. Coyle The IT service desk market is well-positioned to use the software-as-a-service

More information

Emerging PC Life Cycle Configuration Management Vendors

Emerging PC Life Cycle Configuration Management Vendors Research Publication Date: 20 January 2011 ID Number: G00209766 Emerging PC Life Cycle Configuration Management Vendors Terrence Cosgrove Although the PC configuration life cycle management (PCCLM) market

More information

An outline of the five critical components of a CRM vision and how they contribute to an enterprise's CRM success

An outline of the five critical components of a CRM vision and how they contribute to an enterprise's CRM success Research Publication Date: 1 March 2007 ID Number: G00146362 How to Create a Powerful CRM Vision Gene Alvarez This research provides: Guidance on how to develop a CRM vision An outline of the five critical

More information

Repurposing Old PCs as Thin Clients as a Way to Save Money

Repurposing Old PCs as Thin Clients as a Way to Save Money Research Publication Date: 30 March 2009 ID Number: G00166341 Repurposing Old PCs as Thin Clients as a Way to Save Money Mark A. Margevicius, Stephen Kleynhans Tough economic times are forcing customers

More information

Business Intelligence Platform Usage and Quality Dynamics, 2008

Business Intelligence Platform Usage and Quality Dynamics, 2008 Research Publication Date: 2 July 2008 ID Number: G00159043 Business Intelligence Platform Usage and Quality Dynamics, 2008 James Richardson This report gives results from a survey of attendees at Gartner's

More information

Risk Intelligence: Applying KM to Information Risk Management

Risk Intelligence: Applying KM to Information Risk Management Research Publication Date: 19 September 2007 ID Number: G00151742 Risk Intelligence: Applying KM to Information Risk Management French Caldwell Risk intelligence is the alignment of information governance

More information

Vendor Focus for IBM Global Services: Consulting Services for Cloud Computing

Vendor Focus for IBM Global Services: Consulting Services for Cloud Computing Research Publication Date: 22 February 2010 ID Number: G00174046 Vendor Focus for IBM Global Services: Consulting Services for Cloud Computing Susan Tan Amid the hype and buzz of cloud computing are very

More information

Organizations Must Employ Effective Data Security Strategies

Organizations Must Employ Effective Data Security Strategies Research Publication Date: 30 August 2005 ID Number: G00123639 Organizations Must Employ Effective Data Security Strategies Rich Mogull Organizations can best protect data through a hierarchical data security

More information

Best Practices for Planning Windows 7 Deployment

Best Practices for Planning Windows 7 Deployment Research Publication Date: 4 March 2010 ID Number: G00174371 Best Practices for Planning Windows 7 Deployment Michael A. Silver Successful migrations to Windows 7 will meet user expectations, are done

More information

Transactional HR self-service applications typically get implemented first because they typically automate manual, error-prone processes.

Transactional HR self-service applications typically get implemented first because they typically automate manual, error-prone processes. Research Publication Date: 28 August 2008 ID Number: G00159897 HR Self-Service Applications Defined James Holincheck In this research, we discuss the different types of HR self-service and strategies for

More information

Key Issues for Data Management and Integration, 2006

Key Issues for Data Management and Integration, 2006 Research Publication Date: 30 March 2006 ID Number: G00138812 Key Issues for Data Management and Integration, 2006 Ted Friedman The effective management and leverage of data represent the greatest opportunity

More information

IAM can utilize SIEM event data to drive user and role life cycle management and automate remediation of exception conditions.

IAM can utilize SIEM event data to drive user and role life cycle management and automate remediation of exception conditions. Research Publication Date: 1 September 2009 ID Number: G00161012 SIEM and IAM Technology Integration Mark Nicolett, Earl Perkins Integration of identity and access management (IAM) and security information

More information

Gartner Clarifies the Definition of the Term 'Enterprise Architecture'

Gartner Clarifies the Definition of the Term 'Enterprise Architecture' Research Publication Date: 12 August 2008 ID Number: G00156559 Gartner Clarifies the Definition of the Term 'Enterprise Architecture' Anne Lapkin, Philip Allega, Brian Burke, Betsy Burton, R. Scott Bittler,

More information

Governance Is an Essential Building Block for Enterprise Information Management

Governance Is an Essential Building Block for Enterprise Information Management Research Publication Date: 18 May 2006 ID Number: G00139707 Governance Is an Essential Building Block for Enterprise Information Management David Newman, Debra Logan Organizations are seeking new ways

More information

Case Study: A K-12 Portal Project at the Miami-Dade County Public Schools

Case Study: A K-12 Portal Project at the Miami-Dade County Public Schools Industry Research Publication Date: 31 December 2007 ID Number: G00154138 Case Study: A K-12 Portal Project at the Miami-Dade County Public Schools Bill Rust The Miami-Dade County Public Schools a school

More information

Gartner Defines Enterprise Information Architecture

Gartner Defines Enterprise Information Architecture Research Publication Date: 20 February 2008 ID Number: G00154071 Gartner Defines Enterprise Information Architecture David Newman, Nicholas Gall, Anne Lapkin As organizations look for new ways to exploit

More information

Overcoming the Gap Between Business Intelligence and Decision Support

Overcoming the Gap Between Business Intelligence and Decision Support Research Publication Date: 9 April 2009 ID Number: G00165169 Overcoming the Gap Between Business Intelligence and Decision Support Rita L. Sallam, Kurt Schlegel Although the promise of better decision

More information

Invest in an analysis of current metrics and those missing, and develop a plan for continuous management and improvement.

Invest in an analysis of current metrics and those missing, and develop a plan for continuous management and improvement. Research Publication Date: 29 April 2008 ID Number: G00154802 Key Metrics for IT Service and Support David M. Coyle, Kris Brittain To evaluate IT service and support performance, senior management must

More information

Assessing the Security Risks of Cloud Computing

Assessing the Security Risks of Cloud Computing Research Publication Date: 3 June 2008 ID Number: G00157782 Assessing the Security Risks of Cloud Computing Jay Heiser, Mark Nicolett Organizations considering cloud-based services must understand the

More information

Real-Time Decisions Need Corporate Performance Management

Real-Time Decisions Need Corporate Performance Management Research Publication Date: 26 April 2004 ID Number: COM-22-3674 Real-Time Decisions Need Corporate Performance Management Frank Buytendijk, Brian Wood, Mark Raskino The real-time enterprise model depends

More information

Understanding Vulnerability Management Life Cycle Functions

Understanding Vulnerability Management Life Cycle Functions Research Publication Date: 24 January 2011 ID Number: G00210104 Understanding Vulnerability Management Life Cycle Functions Mark Nicolett We provide guidance on the elements of an effective vulnerability

More information

Data in the Cloud: The Changing Nature of Managing Data Delivery

Data in the Cloud: The Changing Nature of Managing Data Delivery Research Publication Date: 1 March 2011 ID Number: G00210129 Data in the Cloud: The Changing Nature of Managing Data Delivery Eric Thoo Extendible data integration strategies and capabilities will play

More information

Research. Mastering Master Data Management

Research. Mastering Master Data Management Research Publication Date: 25 January 2006 ID Number: G00136958 Mastering Master Data Management Andrew White, David Newman, Debra Logan, John Radcliffe Despite vendor claims, master data management has

More information

The EA process and an ITG process should be closely linked, and both efforts should leverage the work and results of the other.

The EA process and an ITG process should be closely linked, and both efforts should leverage the work and results of the other. Research Publication Date: 4 April 2008 ID Number: G00155260 Integrate EA and IT Governance s Betsy Burton, R. Scott Bittler, Cassio Dreyfuss In many organizations, we find that IT governance (ITG) initiatives

More information

How to Develop an Effective Vulnerability Management Process

How to Develop an Effective Vulnerability Management Process Research Publication Date: 1 March 2005 ID Number: G00124126 How to Develop an Effective Vulnerability Management Process Mark Nicolett IT organizations should develop vulnerability management processes

More information

Best Practice: Having a 'Big Picture' View of IP Telephony Will Give the Buyer More Control

Best Practice: Having a 'Big Picture' View of IP Telephony Will Give the Buyer More Control Research Publication Date: 12 February 2008 ID Number: G00154811 Best Practice: Having a 'Big Picture' View of IP Telephony Will Give the Buyer More Control Steve Blood Companies spend too much on IP-PBXs

More information

Gartner Updates Its Definition of IT Infrastructure Utility

Gartner Updates Its Definition of IT Infrastructure Utility Research Publication Date: 23 April 2004 ID Number: M-22-2393 Gartner Updates Its Definition of IT Infrastructure Utility Claudio Da Rold Our new definition of IT infrastructure utility clears away some

More information

User Survey Analysis: Usage Plans for SaaS Application Software, France, Germany and the U.K., 2009

User Survey Analysis: Usage Plans for SaaS Application Software, France, Germany and the U.K., 2009 Dataquest Publication Date: 23 February 2009 ID Number: G00165376 User Survey Analysis: Usage Plans for SaaS Application Software, France, Germany and the U.K., 2009 Chris Pang Gartner surveyed nearly

More information

Containers and Modules: Is This the Future of the Data Center?

Containers and Modules: Is This the Future of the Data Center? Research Publication Date: 8 April 2011 ID Number: G00211139 Containers and Modules: Is This the Future of the Data Center? David J. Cappuccio Modular and container-based data centers have emerged as yet

More information

Successful EA Change Management Requires Five Key Elements

Successful EA Change Management Requires Five Key Elements Research Publication Date: 26 December 2007 ID Number: G00153908 Successful EA Change Management Requires Five Key Elements Richard Buchanan Change, in all its many aspects, is a critical aspect of the

More information

Government 2.0 is both citizen-driven and employee-centric, and is both transformational and evolutionary.

Government 2.0 is both citizen-driven and employee-centric, and is both transformational and evolutionary. Industry Research Publication Date: 11 November 2009 ID Number: G00172423 Government 2.0: Gartner Definition Andrea Di Maio Given the increasing confusion and hype surrounding Government 2.0, it is important

More information

What Is the Role of Quality Assurance in a SaaS Environment?

What Is the Role of Quality Assurance in a SaaS Environment? Research Publication Date: 15 September 2009 ID Number: G00170552 What Is the Role of Quality Assurance in a SaaS Environment? Thomas E. Murphy, Daniel Sholler, Christian Hestermann Software as a service

More information

Private Cloud Computing: An Essential Overview

Private Cloud Computing: An Essential Overview Research Publication Date: 23 November 2010 ID Number: G00209000 Private Cloud Computing: An Essential Overview Thomas J. Bittman Private cloud computing requires strong leadership and a strategic plan

More information

Six Best Practices for Aligning Enterprise Architecture With the Business Strategy

Six Best Practices for Aligning Enterprise Architecture With the Business Strategy Research Publication Date: 28 January 2009 ID Number: G00164923 Six Best Practices for Aligning Enterprise Architecture With the Business Strategy Anne Lapkin Alignment of enterprise activities and investments

More information

How Eneco's Enterprisewide BI and Performance Management Initiative Delivered Significant Business Benefits

How Eneco's Enterprisewide BI and Performance Management Initiative Delivered Significant Business Benefits Research Publication Date: 13 June 2008 ID Number: G00158605 How Eneco's Enterprisewide BI and Performance Management Initiative Delivered Significant Business Benefits Nigel Rayner Eneco was faced with

More information

Global Talent Management Isn't Just Global

Global Talent Management Isn't Just Global Research Publication Date: 22 July 2008 ID Number: G00159366 Global Talent Management Isn't Just Global Thomas Otter Global talent management projects must take into account local compliance issues or

More information

The Limits of Certification and Guarantees in Buying Electronic Health Records in the U.S.

The Limits of Certification and Guarantees in Buying Electronic Health Records in the U.S. Industry Research Publication Date: 3 February 2010 ID Number: G00174011 The Limits of Certification and Guarantees in Buying Electronic Health Records in the U.S. Wes Rishel It is important not to rely

More information

NGFWs will be most effective when working in conjunction with other layers of security controls.

NGFWs will be most effective when working in conjunction with other layers of security controls. Research Publication Date: 12 October 2009 ID Number: G00171540 Defining the Next-Generation Firewall John Pescatore, Greg Young Firewalls need to evolve to be more proactive in blocking new threats, such

More information

Establishing a Strategy for Database Security Is No Longer Optional

Establishing a Strategy for Database Security Is No Longer Optional Establishing a Strategy for Database Security Is No Longer Optional Published: 29 November 2011 G00226793 Analyst(s): Jeffrey Wheatman The options for securing increasingly valuable databases are very

More information

The Next Generation of Functionality for Marketing Resource Management

The Next Generation of Functionality for Marketing Resource Management G00212759 The Next Generation of Functionality for Marketing Resource Management Published: 11 May 2011 Analyst(s): Kimberly Collins This research defines the next generation of marketing resource management

More information

Key Issues for Business Intelligence and Performance Management Initiatives, 2008

Key Issues for Business Intelligence and Performance Management Initiatives, 2008 Research Publication Date: 14 March 2008 ID Number: G00156014 Key Issues for Business Intelligence and Performance Management Initiatives, 2008 Kurt Schlegel The Business Intelligence and Performance Management

More information

In the North American E-Signature Market, SaaS Offerings Are Increasingly in Demand

In the North American E-Signature Market, SaaS Offerings Are Increasingly in Demand Research Publication Date: 18 August 2011 ID Number: G00215378 In the North American E-Signature Market, SaaS Offerings Are Increasingly in Demand Gregg Kreizman Enterprises are becoming increasing comfortable

More information

How BPM Can Enhance the Eight Building Blocks of CRM

How BPM Can Enhance the Eight Building Blocks of CRM Research Publication Date: 6 April 2007 ID Number: G00146588 How BPM Can Enhance the Eight Building Blocks of CRM Marc Kerremans, Jim Davies Business process management (BPM) should complement an organization's

More information

Gartner's View on 'Bring Your Own' in Client Computing

Gartner's View on 'Bring Your Own' in Client Computing G00217298 Gartner's View on 'Bring Your Own' in Client Computing Published: 20 October 2011 Analyst(s): Leif-Olof Wallin Here, we bring together recently published research covering the hot topic of supporting

More information

What to Consider When Designing Next-Generation Data Centers

What to Consider When Designing Next-Generation Data Centers Research Publication Date: 10 September 2010 ID Number: G00201044 What to Consider When Designing Next-Generation Data Centers David J. Cappuccio Leading-edge data centers are designed for flexibility,

More information

Agenda for Supply Chain Strategy and Enablers, 2012

Agenda for Supply Chain Strategy and Enablers, 2012 G00230659 Agenda for Supply Chain Strategy and Enablers, 2012 Published: 23 February 2012 Analyst(s): Michael Dominy, Dana Stiffler When supply chain executives establish the right strategies and enabling

More information

Take These Steps to Develop Successful BI Business Cases

Take These Steps to Develop Successful BI Business Cases Research Publication Date: 1 February 2008 ID Number: G00154951 Take These Steps to Develop Successful BI Business Cases Neil McMurchy In reviewing many organizations' experiences with developing business

More information

Q&A: The Impact of XBRL on Corporate Performance Management

Q&A: The Impact of XBRL on Corporate Performance Management Research Publication Date: 27 May 2008 ID Number: G00158184 Q&A: The Impact of XBRL on Corporate Performance Management Nigel Rayner Extensible Business Reporting Language is an XML-based standard that

More information

Google: Changing the E-Mail Pricing and Provisioning Paradigm?

Google: Changing the E-Mail Pricing and Provisioning Paradigm? Research Publication Date: 6 March 2007 ID Number: G00146759 Google: Changing the E-Mail Pricing and Provisioning Paradigm? Matthew W. Cain This document analyzes Google s initial foray into the paid enterprise

More information