4. Windows 7 is the last big OS launch. Even as I typed that sentence, I paused. Is Windows 7 a big OS launch? It sure doesn’t feel as big as XP or 2000 or even 95. Heck, even the much maligned Vista launch seemed bigger. Sure, Microsoft is marketing the bejesus out of it, and there’s even a disturbing Burger King marketing tie-in in Japan, The 7 Layer Whopper, but this still has the feel of something that Microsoft cares about, but the rest of us don’t.
Let’s compare the OS to automobiles. Some gear heads care about their engine’s exact horsepower and precise number of cubic inches, but most consumers don’t. Most consumers think more about functionality. Is it fast? Is it economical? Is it a truck? Is it a minivan? To them, horsepower simply means decent power, regardless of the number. If it didn’t have power, after all, why would they advertise the horsepower?
We’re entering that same phase with the operating system. No one cares much anymore about what’s under the hood. They just want it to work and allow them to do the things they want to do, whether it’s streaming video or gaming or running multiple productivity apps at once and having them all interoperate.
From most accounts, Windows 7 is a vast improvement over Vista, which wasn’t really as bad as many critics made it seem. For the tech crowd, there are plenty of things to love or hate about Windows 7, but for the average consumer, they’ll only care about how well it streams their movies on Netflix.
5. Security transitions to a risk-management model. The other day I was talking with Geoff Webb, senior product marketing manager at NetIQ, a provider of systems and security management software. He believes that security is slowly but surely moving to a risk-management model.
The trouble, as I see it, with the risk-management model is the concept is rather abstract. How do you quantify risks for your company’s board so that your security dollars aren’t cut in the next budget? According to Webb, we’re only just starting to have the right tools to quantify risks. Network visibility tools are important. However, if you can measure how a new solution has actually diminished attacks, you’re even better off. Even that, though, is probably not enough.
“We could really use some agreed upon metrics and for security. I was actually talking to a security officer who said that he kind of wishes his company would be hit by a virus or worm,” Webb said. “He wasn’t serious, obviously, but his point was that if you do your job well and your organization stays safe, upper management mistakenly believes that the risks must not be that serious. Therefore, they start taking away your budget.”
Adopting a risk-management strategy is a start because you’ll be forced into adopting such things as “risk scores.” But what exactly do you measure and how do you even refer to your measurements? Today, it varies widely.
For instance, Webb pointed to what he calls the “malice-without-thought” threat category. In the new CSI Computer Crime and Security Survey, “25% of respondents felt that over 60% of their financial losses were due to non-malicious actions by insiders.”
While there are plenty of security savants out there, what we need is an IT security Bill James.
What is the security equivalent of OPS (on-base plus slugging percentage)? There isn’t one. Perhaps 2010 will be the year that we find one.
6. Smart phones dominate. Earlier, I discussed how the mobile handset/carrier market took it on the chin in 2009. What I didn’t mention is that one of the bright spots in 2009 was smartphones. The iPhone, Google Android, the Palm Pixie, HTC’s Droid Eris, and Blackberry Bold are all sought after shiny new gadgets.
In fact, while Gartner was cautious about IT spending and even the overall mobile market, it noted that for Q2 2009 smartphone sales were way up. “Smartphone sales surpassed 40 million units, a 27% increase from the same period last year, representing the fastest-growing segment of the mobile-devices market,” Gartner reported.
What does this mean for IT? It means you better start figuring out how to manage these gadgets. Remember how much trouble laptops were (and still are)? At least, many laptops are corporate property, so you can demand that your employees load them up with whatever security and control software you prefer. Most smartphones are user-owned devices, which means that the most you can do is create policies, hold your breath, and hope people follow them.
Worse, the replacement cycle for smartphones, even if it is getting longer these days, is still much shorter than for laptops. Once you have control over a certain category of devices, people will start lugging around newer ones with innovative features you haven’t planned for.
Look for vendors to put emphasis on enterprise smartphone security and management solutions. This could even be an IT budget line for many organizations in 2010. Forward-thinking organizations, especially those already saving money via new technologies like desktop virtualization, would be wise to take that money and spend it on subsidized smartphones for knowledge workers. Then, you can force whatever sort of security solution you want onto them.
According to Gartner, PC vendors are already beginning to treat smartphones as mini-PCs, hoping to boost their market share in this segment to help offset a declining PC market. IT would be wise to adopt the same strategy. 2010 will be the year that proactive organizations do.