Monday, July 30, 2012

Enterprise vs. non-enterprise - giving equal time to the other side (sort of)

At times, the Empoprise-BI business blog has been a small champion of enterprise computing. Now one would think that enterprise computing has a lot of supporters, but sometimes it's seemed a little lonely over here. Perhaps it's just because of the crowd that I run in, but sometimes it seems that some technologists have forgotten that enterprises exist.

There have been many times where I've run across technologist comments that run along the lines of "You should use this app" or "You should stop using this OS" or "Just reconfigure your computer." While people often have the ability to do these things on your personal computers, they do not have the power to do this on large enterprise computers. Depending upon the enterprise, users may be discouraged from installing other apps on their computers, or may be prohibited entirely from making any types of administrator changes to their computers. While that means that an enterprise user may not be able to run the latest version of Spotify, it does mean that the chance of conflicts with critical enterprise applications is significantly diminished, ensuring higher productivity of enterprise computing and human resources.

For me, the ultimate were the websites that displayed messages that said "You should not be using Internet Explorer 6." As I noted at the time, I'd be happy to do so, provided that the IE 6 opponents were willing to pay my salary - IE6 was the standard at the enterprise that employed me at the time, and if I was going to violate the enterprise's computer use policies, I'd need an income from somewhere else.

So this blog (and my predecessor blogs, such as the one that ran my 2008 IE6 rant) has been pro-enterprise. But because I want to be fair and balanced, I want to share an issue that was previously shared by Jeremy Chone with the comment:

Web People should not listen to Enterprise People Enterprise people will follow anyway when they understand the simpler way of doing things.

Chone shared this CNET piece, which began as follows:

OAuth 2.0 promised to improve authentication on the Net, but its author has resigned from the project after concluding the standard "is a bad protocol."

So what prompted Eran Hammer-Lahav's resignation?

"At the core of the problem is the strong and unbridgeable conflict between the Web and the enterprise worlds. The OAuth working group at the IETF started with strong web presence. But as the work dragged on (and on) past its first year, those Web folks left along with every member of the original 1.0 community. The group that was left was largely all enterprise... and me," he said. "The resulting specification is a designed-by-committee patchwork of compromises that serves mostly the enterprise."

There is a valid point here, if you buy the notion that "web people" are solely dedicated to finding the best technology, and "enterprise people" are primarily dedicated to advancing their own enterprises.

I certainly buy the latter part of the notion. If WidgetCo appoints me to a standards committee, then I have a duty (for public companies, a fiduciary/legal duty) to ensure that the standards committee does not do things that harm my enterprise. Therefore, if I as a standards committee voter must choose between option A which is good for everybody, and option B which is only good for WidgetCo, then I am going to choose option B.

Standards committees can sometimes resist this. At one point, I knew of a particular standards committee which banned enterprise representatives from membership on the committee. At the same time, enterprise people were strongly encouraged to attend the standards committee meetings, and were strongly encouraged to cooperate with the committee's requests. Sometimes the enterprise people would cooperate, because it was important to keep the committee happy. Sometimes, however, the enterprise people would not cooperate.

And therein lies the danger of adopting a "web people should not listen to enterprise people" attitude. Let's say that OAuth 3.0 overcomes all of the issues with OAuth 2.0, and is a wonderfully clean standard that makes the web people absolutely giddy and ecstatic.

But what happens if the enterprises decline to implement the standard?
blog comments powered by Disqus