Why map

September 7th, 2013 Comments off

As a follow on from the benefits of business mapping from July, Simon Wardley has kindly used the example to explain why you map. This illustrates:

  • Needs, differentials and efficiency targets, including the operational constraints as well as hidden business components;
  • What type of focus and management can you apply to the various components based on the types of focus;
  • Ideas on measurement for different stages in the lifecycle; and
  • Where to attack the market using  Innovate, Leverage and Commoditise (ILC).

My plan was to do a similar write-up, however I don’t think I’d ever explain it as well as Simon, instead I’ll work on a couple of follow-up posts that discuss integration of the business map into the Business strategy / Enterprise Architect roadmap (as opposed to just the technical roadmap) and a generic look at the cost vs. value as you move from new capability to commodity.

Thanks again to Simon for sharing his thoughts and ideas.

Business Mapping

July 29th, 2013 Comments off

I’m very much of the view that every business is a technology company. Trying to say that they are not is not only fooling themselves but setting their business’ up for a failure. Over the last six to twelve months I’ve been looking at the practical application of business mapping. This is all courtesy of the work of Simon Wardley and his sharing of something he has been doing for some time. In the process of taking these concepts and applying to my every-day job as an Enterprise Architect and recent undertaking of a Masters degree I’ve pulled together an expanded view of how to apply this, not only to my business, but for customers wishing to outsource.

Simon’s view – See insert image “Simon Wardley – Value Map”

Simon Wardley – Value Map

This is Step 4 of Simon Wardley’s basic’s of business mapping  - http://blog.gardeviance.org/2013/03/basics-repeated-again.html 

I’ve added a little something to it as I’ll discuss below.

Ideally you would start with a business map and decompose it, but in my role as an Enterprise Architect I find that I’m forced to take a technology centric view and then shape everything around it. Ultimately the outcome is the same. A holistic view of the business’ make-up (value chain), the technology that supports it and the trajectory of the evolution and value of the technology over time.

The following is how I’ve taken the simple technology road-mapping, paired it with market audits and then used that to create a view on business mapping that puts the humble technology roadmap in context. There are a number of tools I’ve used, they are not definitive, nor are they necessarily the best ones. These are the ones that have worked for me.


Technology Roadmaps


Let’s put it in perspective, what is a technology roadmap? As wikipedia points out - A technology roadmap is a plan that matches short-term and long-term goals with specific technology solutions to help meet those goals. Mapping of any sort shows the hows (and potentially whys) of attaining technology goals. These can be presented in any number of ways. The most popular are in diagrammatic format with little boxes or bubbles that group capabilities together and show the different states. There is also examples where capability can be linked in a hybrid view showing capability development over time with a Gantt chart. Google it if you don’t know what I’m talking about. Here are a couple of examples and a close crop image of one from Enterprise Architects below:

Enterprise Architects - Reference Architecture Example

Enterprise Architects – Reference Architecture Example

Context for Technology roadmaps

Why do we create technology roadmaps? Some people do it because they just do it and have little understanding of the use of roadmaps (been there and done that myself because it was a contractual deliverable), others to illustrate what they are thinking. The reality is that it is for helping customers (internal business users are customers too) understand the technology, current and future, that is at work in their business. It shows managers and executives a clear view of their current investment of technology and the linkage between the different investments. It sets the scene for asking “Why?” and helps businesses with investment planning. But the technology investment view is only a very small part of the puzzle.


Market Audits with trending


Looking at just  roadmaps of technology, and what capability you need as a business, is only a part view. To make sure that you are not only addressing the business’ immediate and projected needs but also not setting yourself up for failure, you need to have a larger view of the product/capability and what is playing out in the wider market or landscape. This is know as a market audit.

What is a market audit?

A market audit is the term for process of reviewing the landscape and determining the product fit within the market itself and various hierarchies of business strategy. Kotler (2009) had a number of questions that should be answered in the process of the market audit including:

  • Current market situation – What is happening now in terms of size, growth, and segments within the market?
  • Product situation – What is the organisational view of sales, product, prices, margin and profits for the products(s) being reviewed?
  • Competitive situation – Who, or what are your major competitors?
  • Distribution situation – Who are your major collaborators for growth, size, goals, etc?

These questions only glance the surface of all the questions you need answered, however, they are a very good start. This audit will allow you to better understand the various forces at play and how they will affect your business. These are all extremely important when moving on to business mapping. Previously I’ve approached the landscape analysis (as I used to call it) in a piecemeal way. During my recent studies I’ve come across a number of different tools that can be used together to create a more complete view.

There are a number of tools and techniques that you can use to help review the environment; the external forces, internal forces and interaction of them on each other. Below I’ve exampled a couple I’ve used.


External forces

I found the PESTLED analysis technique very useful in looking to understand the opportunities and threats for a given capability, product or service.

  • Political – Legislative constraints that may affect your audited capability.
  • Economic – Customer buying power
    • Macro – what is happening in the larger political-economic sphere. As Simon has pointed out in the past, Hayek and Keynes are good ways of viewing the manipulation of the economic factors at play.
    • Micro – What you see individual business doing with regards to their spending habits. In this case, what my target potential customer’s trends are and how they compare to the generalised trends of their peers.
  • Social/Cultural – The generic values attributes and benefits expected from the capability
  • Technological – Changing markets through technological advancement. What is emerging and what is trending for the capability. You can take the time to audit the environment yourself, or use a number of sources like IDC, Gartner and Forrester for the mainstream, or smaller boutique and specialist firms that target your chosen capability, to point you in the direction. Whilst I don’t think that they are always on the money, they will certainly give you a good view of the wider industry and trends.
  • Environmental - What are the environmental expectations or considerations you need to make.
  • Demographical – Population breakup and markets within it
    • People = consumer focus
    • Organisations = B2B

Internal forces

There are a lot of internal moving pieces that make up a business and you ned to understand how they are used to support the capability, product or services you are auditing. Understanding how each of these affect the component in question will help you understand the inertia a business faces when trying to move on past one phase of the capability evolution into another. These are the business’ strengths and weaknesses.

  • Company – all parts inside and those that feeds the business
  • Customers – the people that buy
  • Suppliers – Raw material/inputs to allow the creation of products
  • Intermediaries – Or marketing channels that help crate and deliver value.
  • Competitors – Those that can limit your success.
  • Publics – any group that has potential interest in an organisation.


Porter’s 5 forces analysis

Whilst this is generally used by businesses for product development there is a lot of use in this when mapping out the landscape and understanding the various market forces that could be at play, Figure 1, below.


Figure 1 – Porter’s 5 forces

  • Rivalry amongst existing competitors
    • Driven by: numerous competitors; slow growth; high exit barriers; committed rivals.
  • Threat of new entrants
    • Low entry cost = high threat. Prices must be kept low or high investment to deter competitors
    • High entry cost = low threat. If there is a threat, profitability will be kept low.
    • Barriers to entry are:
      • Supply-side economies of scale
      • Demand-side benefit of scale
      • Customer switching cost
      • Capital requirements
      • Incumbency advantages independent of size
      • Unequal access to distribution channels
      • Restrictive government policy
      • Expected retaliation – how potential entrants believe that they will be received, and how this will shape their strategy
  • Threat of substitutes
    • These can be direct or indirect substitutes that perform the same or similar function. Causes profitability issues.
  • Power of buyers
    • The more powerful the buyer, the greater their ability to force down price, keeping value for themselves.
  • Power of suppliers
    • The more powerful the supplier the more value they keep for themselves (through higher prices)


Affect on roadmap mapping

What all of this does is forces you to cast aside any preconceived ideas on what it is you think the best implementation of capability, product or service should be and look at what it NEEDS to be given the various influences at play.

In the provider (technology or services) space you can also use this technique to identify trends in approaches. These may buck the trends that you think are happening and allow you to ask more questions.


Business Mapping


Now on to the important part, business mapping. As I originally said, the business map should ideally happen at the beginning, however, in the process of looking at all these various capabilities that the business uses you will have started to get a very good view of the individual landscapes involved in delivering the products or service your business markets. The trick is now pulling this all together. this is the business map. I’ll use a completely fictitious map for this as I don’t wish to offend anyone (past or present employers included). For an overview of business mapping please see Simon Wardley’s blog here.

As Simon points out it really starts with a value chain view of the organisation (actually it starts out with the business identifying the need that they are addressing, but I’m skipping that, very important part).

Figure 2 – S. Wardley – Value Chain

This is then mapped to the evolution cycle. There are a number of different ways that you can do this:

I’ve chosen Simon Wardley’s model of genesis through to commodity/utility as it works really well for a number of other applications. Figure 3:

1. Start View

Figure 3 – Start view of value map

Using the market audit you will have identified that some of these capabilities have a certain trajectory from bespoke or product through to commodity and utility (Figure 4). This not only shows the relationship of each area of business and technical capability, but it also clearly identifies the perceived value the business places on each piece. The trajectories can show where the industry trends see those capabilities and provides the business a view on where their future should be, unless there is a really good reason for not (Figure 6) going that way.

Figure 4 - Projected view

Figure 4 – Projected view

This starts to highlight a number of trends, especially popular are those capabilities that are now being delivered as a Service (aaS), see Figure 5.

Figure 5 - aaS option view

Figure 5 – aaS option view


Figure 6 - aaS where value it soo great

Figure 6 – aaS where value it soo great

What I started to see is that there starts to exist an imaginary line across the graph where management of the capabilities are clearly considered too valuable to push outside the boundaries of the organisation, despite its place in the lifecycle, Figure 7. My own interpretation of this is where a business is with its maturity in approach to IT, though occasionally affected by regulation.

Immature -  insourcing components that are obviously products and services that can be obtained externally, arguably cheaper and potentially more robust, through FUD (fear, uncertainty and doubt).

Legislative constraints - Forced to insource.

Or mature in business and outsourcing - taking the low value new-capabilities and bespoke builds, pushing the risk and pain of development external to their core business, bringing it back in-house once it has proven its worth and demonstrated value.

This can also explain the ongoing war between private and public cloud people. It all comes down to the specific use case and reasons behind the decisions to insource or outsource.

Figure 7 - Managed services view

Figure 7 – Managed services view

These maps now arm the technologist, and business professional, with information that can be used to understand the overall business’ direction and what factors influence the various capabilities that underpin the central need of the value chain. Providing context for recommendations and decisions.

Update: Based on some questions and feedback I’ve added an example of a reference architecture and some links as well as a link to Simon Wardley’s blog for an overview on business mapping.

The (not so) glamorous life of travel

July 14th, 2013 Comments off

BOZigqrCUAA_V5qThe one thing that constantly puzzles me is the amount of people who say “wow, you travel a lot for work!” and then follow up with “how exciting it must be” or “how important you are to travel a lot”. My response is always, try it for 2 months and you will never want to travel again. I’m always reminded of a conversation I had with a colleague and friend about this very subject; whilst we were both separately on the road and on the phone together lamenting travel. He punctuated this by describing his dinner on said trip home being a sandwich purchased at a road stop. Glamorous indeed.

Categories: Career, Family Tags: , ,

Thoughtlet – Are we moving to a single device?

June 15th, 2013 Comments off

This isn’t a fully fleshed out thought. It is the beginning of some musings after looking at the Apple WWDC announcements and how they are building tighter integration between OSX and iOS. It was also spurred on by this article. As users are being driven by portability and the lag between feature parity of devices is shrinking, and looking at the history and trends of personal computing purchases, are we finally moving to the “single device”? What will this new “single device” look like and what affect will it have on the current trends in the market?

Screen Shot 2013-06-17 at 9.42.33 AM

If you don’t like my picture there are others to choose from

Personal computing kicked off in the 1980s with the personal computer. This was the first time that general and flexible computing was available to the average person.

In the 1990s mobile phones took off as did the personal digital assistant (PDA) in the mid to late ’90s. This took communications and personal computing mobile. Given the limited capabilities of the PDAs at the time, most people still had a desktop PC. Those lucky enough, also had access to laptops in the ’90s, these too had limitations and for the more powerful users, increased their device count further.

In the late 1990s PDAs merged with phones to create the first smart phone, reducing the number of devices a person carried.

The 2000s brought the advancement of laptops as the norm and in the latter part of the decade saw the introduction of net books and ultrabooks as a way of increasing the portability of computing, it also saw the paradigm (can’t believe I used paradigm) shift in mobile telephony with the introduction of the iPhone. This new interface saw people’s view of mobile computing change forever.

By 2010 tablet computing, on the back of smart phones, came to market and introduced another compromise to computing. This now sees people with 3 devices, notebook, smart phone and tablet computer, each needed for a specific purpose, notebook as the data entry and manipulation device, smart-phone for the all purpose device and a tablet as the compromise of the two, meeting somewhere in the middle.

In 2013 we now see the decline in PC sales and increase in smartphone sales with tablets of varying specification and size, trying to balance capability and portability, as well as smart-phones that are so large that the challenge the smaller of the tablets on the market. Why? This jostling and positioning is trying to meet the consumers needs what are these needs?


I argue that people are trying to get that balance right. Ideally they don’t want a phone and a tablet, but the phone screen is too big, or the tablet too big to always have with them. If this is truly the case then the real future is going to look a lot different from where we are now, reaching an almost sci-fi climax.


I think what will eventually happen is that the processing power that a mobile phone can have will be comparable with that of the ultrabooks of today. Once this happens is there really a need for everyone to  have 16 devices? The new devices will be like the smart phone today with a docking capability to turn it into a powerful data entry and manipulation tool or a sleeve that allows it to have a bigger, interactive display like that of a tablet or laptop .


vision of future of personal computing

If this is the case, what are the implications to current enterprise trends?


Cloud Services - Today file sharing tools like box and dropbox allow us to share files with others, but most people tend to use them as a way of syncing and backing up their own personal data. In the single device world this won’t need to change. whilst the sync capability will be less of a concern, the sharing capability will increase as it does today, moving from file sharing to collaborative content creation and manipulation.

BYOD – the Bring your own device phenomenon,like cloud, is moving past the disruptive trend and becoming the norm. With a single device, the only barrier is compartmentalisation of work and personal. As mobile computing power increases so will the ability to have capabilities like personas or profiles. Allowing the seamless switching between contexts work and personal contexts

Security implications – This will cement the concept of the micro perimeter (see really crappy Figure 2 below). Mobile computing and secure code execution is becoming more and more mature, so too has the shift in desktop computing. We’ve moved from the personal firewall and the Hypervisor to the Micro-visor (see Figure 1 below) providing the ability to secure the execution of the operating system itself, as well as temporary sandboxed instantiation of the applications as they are used. Incorporating the Mobile device management (MDM) platform concept into a policy based micro visor, allows the seamless movement from personal device to multifunction device, with employers being able to specify policies for the components under their control.


Figure 1: Hypervisor to Micr-visor

Figure 2: Evolution of the micro-perimeter

Figure 2: Evolution of the micro-perimeter

I think that the trends of today are not going to change much or slow down, each seems to fuel the other in regards to personal computing. There are still niches in the market to be had to help consumers and businesses ease into this new paradigm (there you have it I use paradigm)!

UPDATE – 18/6/13: After a brief twitter exchange with Brian Katz (@bmkatz) and Ian Bray (@appsensetechie) I realised that I conflate the concept of Mobile Device Management, Mobile Application Management and Device Data management into the MDM terminology.

I see Mobile Device Management,  device control, as the initial stage in the evolution of dealing with the data management problem. Application management is controlling the conduit to the data via enforcing trusted applications (another potential flaw). Ultimately the data is the only thing that anyone truly cares about. This is an oversimplification of the problem as there are other concerns and factors that come into it.

UPDATE – 22/6/13: Further comment from Tal Klein (@VirtualTal) reminds me that there will always be a multi device driven by consumption/creation as well as an aggregation and administration drive to consolidation of devices. I can see that there will continue to be those that have specific needs and require multiple devices (driven by technology adaptation, or scenarios). I’m also driven by watching my family’s adoption. I’m the only one that really has multiple machines, everyone else really utilises dual devices, and only uses the secondary device due to lack of feature parity on the primary iDevices.

Bruteforce become DOS

May 27th, 2013 Comments off

I noticed that I started too get a few emails from Wordfence about invalid login attempts. Now as I have both wordfence and Google two factor authentication happening I wasn’t worried, though I thought I’d do a large IP range block just to cut down on the noise.

 blocked login
What I found was that my provider was being really awesome in their pro-activeness and started automatically detecting brute force attacks on WordPress sites and removing the login.php
As I stated above I have both Wordfence installed, this will automatically block users and IP addresses that have attempted too many times to log in to a site. But what I also have is Google 2 Factor authentication set up as well, stopping these clowns.
So whilst my provider was doing an awesome job preventing those-bad-guys™ from getting to my site, they in essence have locked me out too. Hats off to the support team for pulling this together. But the next stage really needs to include, not only scanning for the fact I run wordpress to block attacks, but scan for plugins too. Or even better, allow me to opt out..