Mashupshave taken over the web,
allowing websites to extend applications such asGoogle Maps. It can also be used
within enterprise applications. But what are the
risks?
The latest
Web 2.0-related developments to move into the corporate world
are mashups. Just to make sure we are all on the same page,
Wikipedia defines a mashup as "a web application that combines data
from more than one source into an 'integrated experience.'" Data
and content used for mashups is typically acquired from a third
party via public interfaces or APIs. Other content sourcing methods
include using RSS and other web feeds, web services, and even
screen-scraping techniques. The aim of using mashups is similar to
other Web 2.0 technologies: ease application development so that
even end-users can assemble applications, thus sparking innovation,
increased productivity, and a reduction in development costs.
I am excited about the possible uses of mashups in the
enterprise. However, I also have some reservations. Thus I thought
I would make enterprise mashups the topic of this week's Advisor to
elicit some feedback from readers who are using - or are
considering using - mashups to support their company's business
needs.
Mashups have been popular in the consumer web world for some
time now, typically for applying mapping techniques (Google Maps,
etc.) to a particular problem for example, to help users determine
driving directions or for locating a convenient store or some other
business.
While some of the first mashups to enter the business world were
borrowed from consumer-oriented Internet sites (eg. Google Maps,
Yahoo! Pipes), new suppliers such as Coghead, Denodo, Extensio,
JackBe, and Kapow Technologies, as well as long-time enterprise
players such as IBM, BEA, and Microsoft, are offering mashup
servers and tools designed specifically for corporate use.
Businesses are applying mashups in several ways. One of the most
common application is data mashups, which are used to combine
multiple data sources into a single source - typically to feed a
front end to some business application. This might be as simple as
an intranet portal. On the other hand, it might be to enable a more
focused application for example, I've encountered mashups used to
add mapping capabilities to CRM applications to plot concentrations
of customers.
Another use for mashups involves getting data out of ERP
applications and into desktop productivity tools. For instance,
Extensio offers a SAP connectivity option for use with its mashup
server that enables Microsoft Office users to interact with SAP
data from within Excel, Outlook, Word, and other Office
applications. Information services from SAP and mySAP repositories
are delivered in read/write/refresh modes on Office interfaces. As
an example, business users might access SAP data from within Word,
update employee leave records from within Outlook, receive SAP
reports as periodic Outlook e-mails, and get fresh SAP data without
resorting to cutting and pasting into Excel.
Companies are also using mashups for more complex tasks that can
require integrating different applications. For example, Coghead
offers mashup tools intended to enable tech-savvy businesspeople to
develop applications for common business problems such as task
management and for tracking issues and their severity (issues can
be related to almost anything from packages, software, or
people).
While all this sounds great, my gut feeling is that mashups are
being oversold. First, it seems that the idea of enabling end users
to create applications is over-hyped. Different vendors have talked
for years about enabling non-IT users to create applications (I
remember the expert systems folks pushing the idea with rule-based
systems in the 1980, as did the early object-oriented proponents).
But how many non-IT end users out there can really "assemble"
(i.e., develop) applications on their own without having first
received some amount of training? For that matter, how much
training is required?
My next concern has to do with security -- and security on at
least two levels. First, "combining data from multiple sources"
really means accessing data and potentially sharing data. With not
a day going by in which some company isn't making headlines because
of a customer data breach, the idea of non-IT users accessing and
sharing data tends to make me cringe. The second level of security
concern I have has to do with malware risks. The same technologies
that make it easy to do Web-based, drag-and-drop development can
also make resulting applications susceptible to potential hacking
as well as viruses, spyware, and other malware.
So, am I dead set against the use of mashup in the enterprise?
No. In fact, I think that mashups hold great potential for business
uses -- especially for applications involving data analysis or
applying mapping and other visualization techniques to add clarity
to complex issues. However, for the widespread use of enterprise
mashups to become a reality, I think it's essential that IT
organizations implement - and enforce - rigid policies designed to
ensure their (consistent) safe use.
However, I may be overstating concerns about the use of
enterprise mashups. Therefore, I'd like to get your opinion on
their use in the enterprise. In particular, is your organisation
currently using mashups or considering their use? Why or why not?
What do you see as their greatest benefits and drawbacks? As
always, your comments will be held in utmost confidentiality. Send
them to chall@cutter.com or call me at +1 510 848 7417.
Sincerely,
Curt Hall, Senior Consultant
Business Intelligence Practice
chall@cutter.com