Web services - the technology standards that allow any application to connect to any other - are ready for use inside your business. But there are issues to iron out before they are secure and reliable enough to run core processes. There are three major challenges.
Risk: the real value of Web services lies in flexibility and openness. But these are also the biggest weakness. Security, trust and privacy issues need to be sorted out before Web services can be relied on to transmit vital information.
Work on encrypting XML (the common language at the heart of Web services) is well under way. This will allow the creation of digital signatures and other security measures.
But other reliability issues - including the development of suitable service level agreements - still need to be addressed. IT analyst Gartner says that these issues will be resolved between 2004 and 2007.
Accountability: Web services make it possible to build a single business process out of components supplied by a number of different companies.
This opens up opportunities but also raises the question of who is responsible if the business process goes wrong New, inter-organisational positions of accountability therefore need to be created to cover business processes from start to finish.
Deeper integration standards: the basic Web service standards that allow different applications to talk to one another have already been established. The next step is to create further standards - for the ways applications actually use the information they transmit to one another.
Take, for example, an order system and an invoicing system: current Web service standards allow them to exchange data but for the two systems to really work together automatically, further standards are needed that specify how an invoice should be structured or what information needs to be given in an electronic order.
The commercial and legal framework: Web services give companies the tools to change their businesses completely but they do not provide a blueprint for what the new structure should look like. Because Web services allow companies to collaborate more closely, they will increase knowledge sharing.
The intellectual property and other legal issues that this will create definitely need to be tackled.
Web services are still evolving. To make the most of the technology your implementation strategy should follow this evolution.
First, it's important to build a long-term strategy. This should then be implemented incrementally, bearing in mind:
- Which areas of the business would benefit most from the increased flexibility offered by Web services?
- Which parts of the business are in need of deeper integration?
- What trading relationships are ripe for enhancement and/or expansion?
The use of Web services should start inside your business - where risk can be controlled and minimised. Take an example from the public sector. Bradford Hospitals NHS Trust is using the technology to allow nurses and other clinical staff to send stock replenishment orders to their purchasing system using handheld Pocket PCs. The new system, Wander, is expected to free up nursing time equivalent to 25 full-time members of staff, equivalent to the staffing requirement for a new ward.
As your internal Web services applications begin to become established, you can start using Web services with your trading partners. Begin with existing partners that you know well and trust.
Once security and service quality standards are established it will be time to use Web services to link to new partners and suppliers, to outsource non-core processes to third parties (via Web services linkages), and to deliver new kinds of service to customers.
When they have become commonplace, in only a few years' time, Web services will allow your company to plug in to any supplier's systems at the drop of a virtual hat.
Build a business-focused strategy, and begin internal Web services deployment
Connect to existing partners and suppliers
Connect to new partners, outsource processes to third parties, and offer Web services to customers.
Andy Tinlin is managing director at Atos KPMG Consulting. E-mail andy.tinlin @atoskpmgconsulting.co.uk