Monday 19 November 2012

A GOOD way to do Bring Your Own Device...

Continuing my series on Post-PC / Enterprise vs. Consumer IT, I want to look at the trend towards Bring Your Own Device. As a recap - previously I wrote about how Consumer and Enterprise IT have historically been very separate worlds in terms of both type of product and how its sold. I then talked about how this means that very few vendors have been able to bridge the gap between those worlds.

However as part of the shift away from traditional PC architectures towards a cloud/Post-PC world I believe these two different worlds are now starting to converge. This is going to have massive implications for how we consume IT and how tech companies make money out of it.

I now want to explore the two ways in which vendors are trying to bridge the gap - firstly by running remote services on pure consumer devices via Bring Your Own Device. Secondly by evolving new categories of dedicated crossover products - Post-PC devices.

Let's get going...


What is Bring Your Own Device?


Bring Your Own Device (BYOD) is the catchily titled idea of letting employees access corporate IT and services via their personal computers and smartphones. But BYOD takes that a step further by letting workers directly consume enterprise IT services like on their personal consumer devices.

This has received a lot of attention, but bear in mind this is nothing new. After all we've been logging into our office machines from home for years. Back in 2002 JPMorgan were even nice enough to pay for broadband for my entire house - something my three other housemates were enormously pleased with. What's different is that the rise of personal smartphones and tablets has put a BYOD-able general compute device in a much more accessible position for employees.


Positives:
BYOD makes this a
thing of the past...


    • Better device: We get to use our personal iPhone for work email. Compared to a standard-issue Blackberry this has the advantage of being a) smaller and sleeker b) not making us look like a corporate dinosaur and c) being capable of running Angry Birds.
    • Less device congestion: This saves us having to lug around ridiculous combinations like personal smartphone + work mobile + work Blackberry. This also stops you  looking like a complete mug at the airport x-ray machine (although as an alternative you could just get a SCOTTEVEST with built in iPad pocket...).
    • It saves your employer money: Also as you supply the device your employer saves money, not only on the capex bill for the intial device, but also the cost of ongoing hardware support for said device (remember I said before that support-maintenance is where the big bucks are in enterprise IT).  This is particularly attractive, of course, in the current belt-tightening environment - in essence by having you supply the device they are getting you to pay them to do you job. :-x

    Negatives:
    • Security/lack of control: This is the biggest issue with BYOD - enteprises spend billions of dollars locking down their machines and ensuring they are secure. BYOD opens a whole can of worms in terms of add complexity and thus security risk. The answer is usually some sort of walled garden or sandbox which restricts what data resides on the consumer device.
    • Limited functionality versus native: The downside of a sandboxed environment is that it tends to limit functionality, either in terms of denying it direct access to the hardware (e.g. sensors, file systems) or making software slower because of additional computing overhead from the sandbox.
    • Consumer hardware constraints: One point I made in my first post is that enterprise hardware is built-to-last whilst consumer hardware is built-to-break. There are a number of trade-offs in terms of product reliability which are undesirable for an enterprise road-warrior. The most important one for me is limited battery life - even devices with best-in-class power efficiency will not last a whole day with heavy data usage. That is a major problem if you are on the road and your iPhone is your only link back to base.
    • Data/contract constraints: Consumer devices are also tied to personal consumer contracts - particularly for data. This present issues around quality of service (not all users have the same operator/coverage or be permissioned to use all services) and cost (e.g. is users are unlikely to use data when travelling abroad unless they get reimbursed for stiff roaming fees). 
    • Platform risk: Another difference between enterprise and consumer IT I highlighted is the lack of a long-term roadmap in consumer IT. Consumer IT companies like Apple and Twitter can make significant changes to their product architecture with little or no warning. For an enterprise IT user used to having years of product roadmap this is unacceptable. Imagine even Apple changes the API permissions on iOS and your sales guys could no longer access their CRM system. Even if a quick fix were implemented it could take months to test and roll out - during which time you couldn't perform basic business functions. Yeah...
    So far, so good. But how does this work in practice? As an example I want to look at Good Technology. Firstly because they one of the most successful standalone BYOD vendors, and are doing some very interesting things around developing a platform (I LOVE platforms). Secondly because, despite their success in the banking industry I've seen very little written about them in public.



    Good Technology - the lucky company



    One of Visto's earlier consumer-focused
    products; the tech equivalent of the crazy
    old grand-aunt you never talk about.
    Like most good tech stories Good Technology's story it involves a good slice of luck (several, in fact).

    The company was founded as Visto in 1996 by a bunch of ex-Javasoft employees. For years it puttered along offering push e-mail, burning cash, and suing anyone who infringed its patents. Think Blackberry crossed with a patent troll, minus the hardware business. Historically its focus was on consumer email but, to be frank, the business was going nowhere fast.

    Then it got its first slice of luck. At the time it was suing Motorola for patent infringement (as it had done with RIM and Microsoft). And at the same time Motorola was also looking to sell non-core assets such as Good Technology, an enterprise-focused email provider it had bought for a cool $438m for just a year earlier. It looks someone put put two and two together, settled the litigation and threw Good Technologies into the deal to boot. The deal was so good (no pun intended) that after closing the acquisition in early 2009 Visto renamed itself after the target.

    Acquiring Good gave Visto, which had always been consumer-focused, a much stronger position in the enterprise market. But then again that wasn't necessarily a great place to be - Blackberry obviously dominated enterprise email with its corporate-friendly NOC architecture, and mobile leader Nokia was hot on its heels after its 2006 acquisition of Intellisync.

    But then it got its second slice of luck - just as Good started to push (again, no pun intended!) into the enterprise market it founds its biggest competitors RIM and Nokia being decimated by the onset of the iPhone. However while they remained tied to the inferior hardware and unable to offer credible enterprise email on iPhones, Good could.

    So what does Good do?


    Good's BYOD armoury



    Good email on iPad. What the Playbook should have been...
    Good offers two key products. It's bread-and-butter is its push email solution Good for Enterprise. Effectively this lets you access your corporate email, calender and intranet web browsing on a completely secure sandboxed app on your iOS, Android or Windows Phone 7 device. You simply download the app from the relevant App Store, login in with your pin and off you go.

    This means that everything you can do on your Blackberry in terms of getting push email and operating within the corporate firewall can be done on your smartphone.

    The architecture isn't rocket science. Basically they have their own servers embedded both sides of your firewall to provide a secure link for your data. They then forward the data over an encrypted mobile connection to the Good App which is run in a secure container on your smartphone. Data stored on the smartphone is, of course, encrypted as well:


    It's pretty much the same as what Blackberry did all those years ago - just substitue "Blackberry NOC" for "Good NOC" and "Blackberry Enterprise Server" for "Good control/proxy server" and you could be in Waterloo, Ontario.

    The difference is that while Blackberry's email services are only available on its hardware, Good will give you clients which run on Android, iOS and Windows Phone 7. This means as the end user you don't need to worry about ensuring compatibility/security with all these devices. Good will handle that for you.

    Good's second product is its more interesting one, an app platform called Good Dynamics launched just over a year ago. This takes the same infrastructure used for Good for Enterprise, but exposes it to third party apps. This means that an independent software vendor (ISVs) can build at app which runs on an iPad but plugs directly into a customer's internal app servers via the same secure pathways which the Good email service uses (obviously Good will charge for this, most likely by taking a cut of the ISVs sales and then charging the customer a stiff premium for the control/proxy server).

    Much like the Bloomberg App Portal I discussed last week, this offers small software vendors a way to plug into a heavy-iron enterprise IT systems in ways they wouldn't have been able to do on their own. In return Good receives both the direct financial benefits, and also the network effect of having its service (hopefully) before the go-to platform for mobile apps.

    Apps based on Good Dynamics are already up and running - check out this link for a list of ISVs or simply fire up iTunes and search for "Good Technology" in the app store. Here are a few examples:
    Roambi lets you take pointless charts on the road!

    • Box: Allows users to share share files with each other. Also offers security & mgmt features such as remote-wiping of files.
    • Splashtop: Remote desktop client which lets you plug into your computer at work via your mobile.
    • Roambi: Analytics platform which lets you pull data from your business intelligence system back at base and display it on your iPhone. (NB - sounds a lot like the mobile analytics stuff SAP has been doing with the Sybase Unwired Platform)
    • Breezy: Cloud printing app which lets you to print documents to any networked printer.

    You get the idea... Nothing earth-shaking at the moment but a lot of potential if they can get the platform right.



    How big is Good Technology?



    Good has had strong momentum with its core email/calender/browser app over the last few years, particularly amongst banks. You can see this in the chart below which shows device activations split by industry. According to the company they now sell to 4,000 organisations worldwide, including over 50 of the Fortune 100 US companies.

    Of course all such statistics should be taken with a pinch of salt but I've heard first hand of a number of big Wall Street banks who are users - these guys have clearly got over the hump of credentialising themselves with corporates.
    Source: Good Technology Device Activations Report, Q2 2012









    They also seem to have a jump on the competition at the moment - as I said I've heard of several banks using Good but haven't heard of anyone using an alternate solution. At the moment they seem to be in the sweet spot of being bigger than any other fast-moving startups (e.g. Enterpoid's Divide platform or Android specialist 3LM), and faster-moving than any bigger established vendors (e.g. SAP's Unwired platform - a clear competitor for Good Dynamics - or Citrix).

    Note: Number in blue are hard data from annual reports.
    But how big are they? Unfortunately financial data is hard to come by, but its clear from what's out there they are a force to be reckoned with.

    Let's start with Motorola. Remember Motorola paid a (not inconsiderable) $400m+ for the business in 2007. Not a bad starting point. Then two years later they sold it on to Visto. They didn't disclose how much Visto paid them, but you can do some interesting detective work around Motorola's 2009 annual report.

    Footnote 2 on page 87 discloses that MOT recorded a gain of $175m on disposals in that year. In that period they sold two assets - Good to Visto and their Printrak biometrics business to Safran. Safran's 2009 annual report says they paid $181m for this (p82). We know that at the end of 2008 Good Technologies was carried at a book value of roughly $300m (they paid $438m and took a write-down of $123m on the asset in 2008). So even if we assume Printrak had been held on the balance sheet at zero cost, the gain on disposal implies that Visto paid roughly $300m for Good.

    PS Yeah I'm showing off my forensic accounting skills here. And yeah I'm probably completely wrong due to exogenous factors (patent litigation settlements?) :-p

    Note: Numbers in blue are hard data from annual reports.
    NB the Motorola report also discloses $19m of revenues from the two disposals in Q1 (Good was sold end-Feb, Printrak sold end-Apr). Safran reported €32m ($44.5m) of revenues for the remaining 9 months of Printrak in 2009 which implies a $14.8m run-rate for the Q1 reported by Motorola. This implies $4m of revenues for Good in Jan-Feb implying a $25m annualised run-rate. Note of course this was before the whole iPhone/BYOD schtick took off, so I wouldn't say that's representative of the current business. Plus there's also the revenues Visto had before it bought Good - consumer push email (probably negligible) and patent royalties (likely more sigificant, and very high margin).

    So how big is Good Technology now? To be honest haven't a clue. But if I had to hazard a guess I would say somewhere between $100 and $1bn of revenues (probably the lower half of that range). Pass me a pin please I think there's a donkey I need to affix a tail to... :-x



    Larry Ellison's next acquisition?



    I think the broader point to make is this: Good Technology is not some fly-by-night startup. It's got a set of assets which people have been prepared to pay triple-digit millions for in the past, and since then its taken significant share in an explosive market. I would be very surprised if this was not a hot IPO candidate in the couple of years.

    What's much more likely though is that they will be bought out by a larger enterprise software vendor. Its just a matter of whether this happens before or after the IPO (my bet is before - in this fast moving market no-one can afford to wait). Good Technology is owned by VCs - they will sell for the right price.

    There's already been scuttlebutt about McAfee kicking the tires (dumb idea in my view as that would tie them into Intel at a time when the core smartphone market is going all ARM). The more likely acquirer is one of SAP, Oracle or IBM - i.e. a big-iron enterprise software vendor which doesn't own its own smartphone ecosystem (i.e. not MSFT).  My strongest hunch is that they end up going to Oracle - Larry Ellison has an obvious gap in his armoury on the mobile front, particularly vis-a-vis SAP which made a smart move buying Sybase's assets. Something like the Good Dynamics platform would plug that very nicely.


    Why I don't think BYOD is the answer


    Okay after than brief jaunt into the BYOD-osphere back to the program. I'll be frank - I do not think that BYOD is the answer. I think at best it's an interim solution while tech moves towards a genuine converged device (the Post-PC device) which runs cloud-based consumer and enterprise apps side by side.

    There are big issues I have with BYOD which I'm not sure even Good has grappled with.

    The first is that architecturally speaking its a kludge, a piece of middleware which sticky-tapes a window through the enterprise firewall onto you consumer device. It a short-term patch rather than a long-term answer. What you basically have is the same old enterprise spaghetti-ware back at base, except this time you've layered a few hundred more not-quite-thin client apps on the smartphone side to crunch the data Good has fetched for them.

    I think that's a compromise which reflects the fact that mobile networks are (still) not fast enough and ubiquitous enough to run genuine cloud apps straight into a secure mobile browser. But as networks continue their exponential improvement (hey we've just gotten LTE in London!) you will see the need for this patchwork solution fall away.

    The second is that there is a great deal of platform risk associated with Good's efforts. Take the Good Dynamics platform for example. It reminds me a lot of what Facebook is trying to do to encourage developers to have "social apps" which run on iOS but share data via Facebook. The problem with this model is that if Apple decides that Facebook or Good's platforms are freeloading (or competing) with its own APIs all they have to do is change the terms of service and ban those platforms. That's bad news for Facebook and Good, but that's horrific news if you're an enterprise which is accessing critical IT versus the Good infrastructure.

    That is a risk no sane CIO will want to take.

    Okay that's all for today (its 4pm and all I've had to eat today is a boiled egg). Next up I want to expand on why a genuine Post-PC device is the solution to the Consumer / Enterprise divide. A bientot!

    2 comments:

    1. I emphasize to anybody who brings their own device into their company's corporate environment that mixing these two things is an absolutely horrible idea from the perspective of privacy.

      Once you allow the company's information to be placed onto your device, it opens your device (and perhaps even your whole private collection of devices, accounts, etc.) to the possibility of seizure should the company feel that you have information you're not supposed to have--say for example if you decide to leave the company to work for another one.

      Don't do this. Ever.

      The law is completely unclear as to who owns what in these situations, and as always, it will likely defer to the party that has more money to spend on litigation.

      ReplyDelete
    2. I like how people describe such things
      adult work

      ReplyDelete