Tom Petrocelli's take on technology. Tom is the author of the book "Data Protection and Information Lifecycle Management" and a natural technology curmudgeon. This blog represents only my own views and not those of my employer, Enterprise Strategy Group. Frankly, mine are more amusing.

Friday, July 21, 2006

CA and XOSoft

In the past week or so I have had a lot of people ask me what I thought about the recent acquisition of XOSoft by CA. Overall the questions range from the overarching "Why did CA buy XOSoft?" to the more pointed "Isn't XOSoft worried about CA's reputation?" Here's my two second analysis.

  1. CA Wins - CA needs to fill out their product line. With CDP and Replication technology from XOSoft, CA has one of the most complete data protection product lines in the industry. CA customers will soon have a complete, well integrated basket of data protection tools to draw from. CA also gets a willing partner and doesn't have to pay a premium needed to acquire an unwilling one.


  2. XOSoft Wins - Besides the obvious monetary gain for XOSoft founders and investors they now get access to big company resources and the entire range of data protection and security products that CA offers. Let's face it, CDP is becoming a feature. XOSoft would have had to acquire someone (a small or distressed cmopany with the obvious problems associated with that) or would have become a niche player catering to the "I hate the big guys" crowd. There's not much of a future in that.


  3. CA's Reputation - This is still a problem. Everyone thinks of CA as having questionable (at best) business practices and slow, inattentive, and non-responsive product development. While that's changing, it will be awhile before CA can change the industry's perception of itself. From CA's point of view, bringing energetic young companies into the fold helps this along. For the folks at those companies, it means having to manage an issue they have never dealt with.


  4. XOSoft Customers - Come on now. You didn't really think these guys were going to stay independent forever. You can now look forward to getting a well integrated data protection and security suite rather than cobbling one together on your own. It was inevitable and is beneficial in the long run.


Ultimately, it was best for XOSoft to take the deal with a known partner rather than wait on the sidelines until all the other CDP companies were gone. If they had done that, they would have been faced with limited choices and probably a lower selling point. If they had continued to stay independent, they would have been pushed to the back of the room, forever a small niche player with limited growing room. For CA, they get a quality purchase that fills out their product line, making them much more competitive. Sounds like a good deal to me.

As to the CA rep, remember what Timon says in the Lion King "You have to put your past behind you". At some point the industry has to give CA a chance to move beyond it's past indiscretions. The XOSoft acquisition is a step in that direction.

Riding That Train..

Riding the same train as my previous post on intellectual property, I turn my attention to those most reviled of creatures, The Patent Troll.

To many, Patent Trolls - those who buy patents only to generate licensing fees from them - are a form of life only sightly above parasitic worms. I don't understand the rancor. These aren't spammers or treet purveyors (all lower case, don't be upset Armour and Hormel). These folks simply bought an asset and are trying to get some money from it. If I bought a car and rented it out to people, would folks throw rocks at me? They might but not because of the car. This is no different.

When you read the stories of people complaining about Patent Trolls, two themes emerge.

  • The complaining folks want something they did not work for, namely someone else's asset

  • The complainers did not do their homework to see if there is a patent for the widget they are building


In other words, it's their fault they are in legal hot water.

The most common charged levied at the so-called Patent Troll is that they squelch innovation. Really? It would seem to me that it is in the patent holders best interest to license the patent as widely as possible. Otherwise, they won't make much money from it. The more times they license the patent, the more money they make. It is also in the Patent Trolls best interest to do this without litigation. Paying lawyers costs money. A lot of money. That cuts into the profit they can expect to make from licensing, in essence raising the cost of deriving value from the asset. Why bother to do a thing like that?

The reason they bother is that some people don't want to pay what the patent holder wants. Think about this a minute. The chief complaint is that the Patent Troll won't sell their asset for what certain people are willing to pay for it. Keep in mind, I did not say that no one is willing to pay that price. If no one will pay what the Patent Troll is asking, then The Troll will price themselves out of the market. That means that someone is willing to pay for it at the price the Troll wants.

Now, this only applies to legitimate patents. Companies that claim patents on public work, such as Linux perhaps, don't fall into this category. Patent holders who knowingly lie in wait for someone to develop products and then immediately litigate are scum. Companies that buy patents so that no one can use them are hurting the economy and the technology industry. However, if you buy an asset and simply want to be paid for its use, then you are not a troll. You are a capitalist.

Monday, July 10, 2006

The Intellectual Property Dilemma

The lifeblood of any technology venture is intellectual property, usually called IP. IP is what a tech venture owns. One look at a modern technology company and you realize the following:

  • They don't have factories - Manufacturing is almost universally outsourced, much of it overseas

  • Brands are transient or nonexistent - Other than Apple with its "i" and "e" products (which is becoming tiresome) most technology companies don't have strong product brand recognition. The other exception to the rule is Microsoft with it's Windows and Office franchises but even those are slipping. Most people have stopped referring to Windows as anything but the version ("Are you running XP or 2000?")

  • Products change rapidly - Product lifecycles in many categories, especially PCs and consumer electronics, are as short as six months. A technology company cannot hope to milk the same product for years on end like Proctor and Gamble can with Tide.


All of this adds up to a need to develop and protect core technology. Technology drives innovation, products, and sales, not the other way around. The more walls you put around your technology, in order to prevent copying, the bigger your competitive advantage.

Herein lies the dilemma. The more you try and protect technology, the more difficult it is to work with others and the more restrictive the environment becomes for customers. If you open up technology so that others can use it - in order to develop the ecosystem your technology needs to thrive - you lose control over it. Over time, what was once a competitive advantage becomes commonplace and free. The tech company loses control over key technology and can no longer derive as much value from it.

The other problem is that too tight a control can actual inhibit innovation and usefulness. Let's face it, there are some features that are important to customers that you may not wish to or cannot develop. If others can, then everyone benefits. It's like holding Jello. Squeeze too tight and and it squishes through your fingers.


One solution is licensing. You can tie select partners, or anyone who wants to have a relationship with you, to agreements that restrict what they can and cannot do. That leaves you in the drivers seat. Unfortunately, these agreements are not always enforceable overseas. This is especial true in the developing world where IP and contract laws are not get fully realized. There are also a number of places where different cultural views of property exist. These work against the enforcement of agreements and basic IP rights.


You can sometimes use technology to protect your technology. The whole Digital Rights Management (DRM) space is about
using technology to protect IP. However, DRM cannot easily discriminate between legitimate and illegitimate uses of IP.Two prime examples of DRM technology gone awry are the limitations placed on downloadable music or the silly way that Microsoft makes your computer phone home to reinstall your software. The restrictions placed on legitimate use angers customers and inhibits the spread of the product.

The open source world thinks it has the ultimate solution: give the technology away. This is a great way to develop core, commodity infrastructure. However, even open source relies on licensing, the GPL primarily, to make sure that there is no misuse. The open source license is, in this respect, just a different type of wrapper like proprietary licensing or DRM. As long as the wrapper can be enforced it works fine. The chief advantage of open source licensing is that by being less restrictive, there is less incentive to actually break it. There is also less advantage to be had from the IP. This is why you rarely see open source used for complete applications. The exception is community developed products like Firefox where the profit motive doesn't exist, and even that's changing.


So, where's the solution? Open source, DRM, restrictive licensing? Hardly any hold up in all environments. Either there are onerous restrictions on customers or it is impossible to truly protect the IP worldwide. However, I think I have a solution - social pressure. That's right, simple morality. If the world community responds with disgust and disdain to pirates, the pirates cannot thrive. Instead of suing customers or sending the FBI and Interpol after would be pirates, shame the the priates customers. Expose them and shame them! My guess is if the RIAA had simply called the parents of the big music sharers and said "do you know what your kid is doing" the big time distribution of downloaded music would have stopped sans all the negative publicity. What CEO wants to have his name in the paper with THIEF slapped across it. No one I know.


Of course there will still be outliers. There are always immoral people who will do what they want. Shame works here too. Others will not want to do business with wrong doers. If you don't think that Microsoft's reputation as a ruthless killer of small companies doesn't hurt it, then you haven't been looking at their stock price. Social conventions are very powerful tools.


So, as a community, lets resolve to gently inform people as to why we have IP rights and what their duty is. Bind us, not to a faceless legal document that practically no one understands except the lawyers, but to other people.
Even in the developing world this can work since they presumably want to do business with Western countries. We have a strong cultural prohibition against piracy and should not do business with those who don't, regardless of cost considerations. If we make this clear and live up to our ideals the whole issue of how to protect IP will finally find some balance.

Friday, July 07, 2006

Will EMC Get Integestion from Gobbling Up RSA?

Look! Up in the sky. It's a storage hardware company. It's a software conglomerate. No! It's EMC.

The big news last week in the storage world had nothing to do with storage. EMC announced that it is acquiring security systems outfit and pioneer RSA Security for $2.1B. Zowie, that's a lot of money to spend. The fact that EMC was willing to spend that much money on RSA tells me two things. One, that EMC really realizes that the storage business is not enough to sustain it as a major player. Obviously, the Documentum and VMWare acquisitions were not a fluke. It also shows that the primary legs of a systems company these days are data protection, information management, and security. It kinda suggests what IT is spending it's money on doesn't it...

I find this tremendously gratifying of course. About 18 months ago, as I was writing my book, I suggested just such a model at Storage Networking World. Unfortunately, having realized that this was the model that was going to stick, I ended up changing most of the first chapter of my book, adding a couple of chapters and generally rearranging things. It was worth it but took extra time. If anyone would like to see that presentation, send me an e-mail. Or buy the book. But, enough about me.

The acquisition, at least from a product and technology perspective, makes sense for EMC. With VMWare, RSA, and Documentum, they now have a critical mass in products that secure the IT environment. Couple that with their traditional data protection products and you have a powerhouse that can lock down storage, server, and network systems, as well as the data in them.

The server piece presents a tricky problem. Servers are becoming, or have become depending on your point of view, a fairly low margin business with lots of rivals. If EMC were to acquire a server vendor, they could end up spending a lot of money while adding very little to their bottom line. However, a line of servers would give them a complete toolbox. It's a tough call. So far, the strategy has been to bulk up in software and that looks to be a winning solution. Frankly, I would not be all that surprised to see them jettison the storage hardware business to someone who really needs the help like IBM. EMC could then focus on developing software assets like data protection tools. The problem is that the storage hardware business still generates the bulk of their revenue. That's like crack, a very hard habit to kick.

So what's in the future for EMC. As I rub the crystal ball I see a couple of things. One, they could pick up one of the dozens of new data protection software companies, such as XOSoft or Avamar. Most of these companies have gone about as far as they could on their own. They would provide some more depth in their upcoming fight with Symantec.

It is conceivable that they could go for a company that is big and broad but struggling. CA comes to mind. It has a very large software portfolio, decent mainframe software, but is in serious trouble. If it were me, I would start talking to them, do my due diligence, but wait until they get even deeper in trouble. Keeps the cost down.

So, my hat is off to Tucci and company. I like the RSA acquisition and think it will benefit EMC and EMC's customers tremendously. Good luck EMC folks!