Betterment Tosses Desk Phones and Moves to Cloud Communications
Betterment Tosses Desk Phones and Moves to Cloud Communications



Last year, the IoT botnet Mirai was used in a number of high-profile DDoS (distributed denial of service) attacks, taking advantage of hundreds of thousands of insecure Linux-based IoT devices. In recent weeks, a new strain of IoT malware has emerged, with a different and potentially dangerous new purpose.
Dubbed Brickerbot, the malware seeks out vulnerable Linux devices, accesses them and then executes a series of instructions that corrupts storage, disrupts Internet connectivity and inihibits kernel operations, rendering the device useless, or "bricked." Brickerbot works much like Mirai, scanning for devices that still have their default user names and passwords.
As Mirai's effectiveness underscores, far too many end users simply forget, don't know how, or don't care to take the simple security step of changing their devices' defaults.
Security firm Radware discovered Brickerbot in March, when the malware targeted devices in a honeypot Radware maintains for security research purposes.
Since then, speculation has centered on the motivations of Brickerbot's author or authors. One popular hypothesis finds Brickerbot to be a form of vigilantism. In other words, by proactively destroying unsafe devices, the likes of Mirai will be inhibited.
Brickerbot's creator(s) haven't publicly stated their motivations, and it's possible their intents are solely malicious. But if vigilantism is the goal, that's inexcusable, says Constellation Research VP and principal analyst Steve Wilson.
"Some hackers have god complexes," he says. "The very words 'white hat' and 'black hat hackings betray a blurred morality where one way or another people take the law into their own hands."
"Who makes the judgement that a device is insecure? It's not black and white," Wilson adds. "Where is the risk assessment that a vulnerable device that might malfunction is worse that a bricked device that will actually malfunction?"
Indeed, as a post on Network World notes, applied unchecked malware like Brickerbot could have fatal consquences:
Imagine driving down the road and having your car’s computer bricked. ... At some point, lives will be lost and people maimed. An uncontrolled botnet seeking to protect us all from badly designed devices will brick the wrong one—or dozens of them.
IoT device manufacturers, eager to get their products to market as quickly and cheaply as possible, bear much of the responsibility for the current threat landscape.
"I am outraged by the parlous state of IoT security," Wilson says. "It is appalling that devices which never were computers are foisted on consumers with unapprehended complexities and inadequate computer security. We need to see action on the part of consumers, to demand proper security. Consumer affairs regulators need to act to ensure device quality is fit for purpose. Manufacturers need to be held accountable for damages caused by faulty products."
"The last thing we need is vigilantism," Wilson says. "By all means expose, names and shame culpable product companies but don't take the law into your own hands."
24/7 Access to Constellation Insights
Subscribe today for unrestricted access to expert analyst views on breaking news.
Microsoft is building out its capabilities for the popular open-source container orchestration platform Kubernetes with the acquisition of Deis. Here are the details from a blog post by Microsoft EVP Scott Guthrie:
Container technologies let organizations more easily build, deploy and move applications to and from the cloud. With this increase in agility and portability, containers are helping to make applications the new currency in the cloud. At Microsoft, we’ve seen explosive growth in both interest and deployment of containerized workloads on Azure, and we’re committed to ensuring Azure is the best place to run them.
To support this vision, we’re pleased to announce that Microsoft has signed an agreement to acquire Deis – a company that has been at the center of the container transformation. Deis gives developers the means to vastly improve application agility, efficiency and reliability through their Kubernetes container management technologies.
We expect Deis’ technology to make it even easier for customers to work with our existing container portfolio including Linux and Windows Server Containers, Hyper-V Containers and Azure Container Service, no matter what tools they choose to use.
The Deis team will join Microsoft and its technology will remain open source, Deis CTO Gabriel Monroy said in a separate post:
Over the years, we have worked hard to be open, reliable, and dependable open source maintainers. From our new home at Microsoft you should expect nothing less. We will continue our contributions to Workflow, Helm, and Steward and look forward to maintaining our deep engagement with the Kubernetes community.
Kubernetes originated from Google, which donated the project to the Cloud Native Computing Foundation in 2016. It has thrived as an open-source project, moving toward becoming the industry standard for container orchestration. Microsoft's move to acquire Deis comes just a couple of months after Kubernetes became generally available on Azure Container Service (which also supports the Docker Swarm and DC/OS orchestration tools).
Buying Deis is a good move by Microsoft, says Constellation Research VP and principal analyst Holger Mueller. "It's no longer enough to just support Kubernetes. It's also important to provide the best Kubernetes experience. Deis is bringing those tools and the experience to develop more.
"I'd expect Deis to remain open source, but Microsoft will have to walk the balance between differentiation and open source contribution," Mueller adds.
Deis had been acquired by PaaS vendor Engine Yard in 2015. That connection wasn't mentioned in Microsoft's announcement, nor the purchase price revealed.
24/7 Access to Constellation Insights
Subscribe today for unrestricted access to expert analyst views on breaking news.


It's safe to say that Twitter has had a complex and at times contentious relationship with developers that want to integrate with and build on the social messenging service. In October 2015, CEO Jack Dorsey acknowledged the problem and said Twitter wanted to "reset" its developer relationships, as Venturebeat notes:
“Somewhere along the line, our relationship with developers got confusing, unpredictable,” he acknowledged. “We want to come to you today and apologize for the confusion. We want to reset our relationship and make sure that we’re learning, listening, and that we are rebooting."
Twitter conducted fairly extensive developer outreach during 2016, but the picture blurred once again with the departure of several prominent developer advocates from the company, and Twitter's decision in January to sell its Fabric mobile development toolkit to Google.
Now Twitter is taking measure of its developer outreach, announcing a unified API platform and increased transparency through a public development road map. Developer advocate Andy Piper laid out the landscape in a blog post:
We’re excited to announce that we’ll be unifying our API platform to make it easier for developers to build new applications that can smoothly scale as they grow. We’re also launching new APIs and endpoints that enable developers to build on the unique attributes of Twitter to create better experiences for businesses. Developers can see where we’re focusing and what we’re building with our newly-published API platform roadmap.
Twitter values developers because they can help serve new use cases and spark innovation, Piper wrote. He cited examples such as the U.S. Geological Service's use of Twitter data for earthquake tracking, and LikeFolio's consumer service for stock investors.
Of course, the broader intent—as with any developer outreach effort—is to help grow Twitter's center of gravity, user base and ultimately revenue.
What Twitter has lacked, but wants to remedy now, is an API set and strategy that's clear, stable and relevant to developers at all ends of the spectrum, from startups to large enterprises. Piper walked through some examples of the new normal:
Since 2006, we’ve had a set of broadly available REST and real-time (streaming) APIs that provide access to a range of features and functions. In 2014, we acquired Gnip, a partner who built a suite of enterprise-grade APIs for the world’s largest and most demanding software companies to create solutions with Twitter data. The Gnip APIs provide deeper access to public data from the Firehose and greater functionality than the standard REST and streaming APIs, but have a price point that is often out of range for developers just starting to scale their businesses. As we’ve met and listened to developers at events around the world and in our developer discussion forums, we’ve heard that this can be a source of frustration.
This year, Twitter will roll out a new developer experience that combines its REST and streaming APIs "with the enterprise-grade power and reliability of Gnip," Piper wrote. "The goal is to create an integrated Twitter API platform that serves everyone, from an individual developer testing a new idea to Twitter’s largest enterprise partners."
Developers will enjoy a streamlined API experience; rather than having to shift among multiple APIs as their projects scale up, there will be a single tool for a given task, such as filtering data from Twitter's Firehose. There will be tiered access, from free at the low end to paid self-service and enterprise grade, Piper wrote.
Despite his earlier mention of developer frustration over Gnip pricing levels, Piper gave no indication Twitter plans to cut those costs. Rather, he emphasized that Twitter will "clearly define the features and costs at each tier" so developers can make the plans best suiting their needs.
Twitter also has some new products in the works that target data analytics and customer engagement scenarios. There's more detail in Piper's full post, which is worth a read.
Piper characterized Twitter's efforts as a "massive new engineering and product investment" for its platform and developer ecosystem. That may be the case, but it comes after years of missteps and fractious relations with developers, not to mention amid stagnant revenue growth and diminished buzz around the service.
"It's good to see Twitter putting order into its API strategy," says Constellation Research VP and principal analyst Holger Mueller. "It needs to regain the trust it lost a few years ago when changing and reducing API access. And as always with Twitter, monetization is the question. This could open up new alleys."
The bottom line here? Twitter needs developers—many more of them—to start regaining traction. On the face of it, Twitter's unified API plans are welcome and long overdue. The question is how well it can sustain focus on this path.
24/7 Access to Constellation Insights
Subscribe today for unrestricted access to expert analyst views on breaking news.

WalkMe has a simple goal, they want to help companies make sure their employees and customers have the best possible experience with their applications and websites. If your Sales team is struggling using your CRM system, WalkMe will help guide them through the trouble spots. If your customers are not finding what they need on your website, WalkMe can show them the way. Think of it as the modernization of the Help file.
This week WalkMe announced the acquisition of Jaco, who’s product records the clicks people perform as they navigate around a website or web-based applications. This data can then be played back allowing administrators and designers to get insight into the trouble spots people are experiencing, then fix those problems to provide an improved experience.
Jaco’s technology will be integrated into WalkMe’s Digital Adoption Platform, providing a media player like experience, where people can replay, click by click, the interactions people take.

This is WalkMe’s second acquisition of the year, the first being ABBI.io, a tool that helps optimize the experience of mobile applications.
Helping People Get Work Done
One of the biggest challenges with applications and websites is that everyone has a different style in how they use them. Digital Adoption Platforms such as WalkMe provide a way to monitor, study, and ultimately fix the roadblocks people are having. This leads to improved workflows, less support calls, and happier users. WalkMe is aggressively improving their platform, constantly seeking new ways to help organizations improve the adoption of the tools they provide their employees and customers.
Future of Work
Anaplan says increased R&D investment will keep it ahead of cloud-based performance management arena. Here’s what connected planning is all about.
When Frank Calderoni, Anaplan’s new CEO, took the stage at the March 27-29 Anaplan Hub 17 event, he cited positive company statistics including signing 250 new customers in the last year (bringing the total count above 660) and more than 75 percent annual year-over-year subscription revenue growth to a $120-million-annual run rate. Just two months on the job, Calderoni also promised a “significant increase” in R&D investment, saying the company intends to stay ahead of the competition.
At Anaplan Hub 17, Frank Calderoni, who joined the company as CEO in January, promised
increased R&D investment. He was previously CFO at RedHat and Cisco, respectively.
Indeed, competition is tightening in the corporate performance management arena, in which the lion’s share of growth is going to cloud-based offerings. Incumbents including Oracle (Hyperion) and SAP (BPC) have introduced their own software-as-a-service options while SaaS rivals Adaptive Insights and Host Analytics have been courting larger and larger customers. Even partners are getting in on the act, with Workday adding Workday Planning to its cloud-based performance management application portfolio in 2016.
Anaplan stands apart among the cloud options in that it focuses on a broader range of business planning challenges than any of its competitors, most of which concentrate on the needs of finance departments. Financial planning and sales planning are Anaplan’s most mature use cases, but the company also supports supply chain, workforce, marketing, IT and other planning needs with more than 195 starting-point applications on its Anaplan App Hub. Roughly two thirds of these domain- and industry-specific apps are offered by partners, such as Accenture, Deloitte and Workforce Insight, who help customers build out and customize apps to their specific needs.
Customers typically start with one planning challenge, such as financial planning and analysis or sales planning, but Anaplan educates customers on the need for “connected planning” as part of its land-and-expand strategy. By connecting plans, companies can understand and account for interdependencies, cascading changes in plans and what-if scenarios across interconnected data, people and processes.
Why do companies need connected planning? Anaplan founder and CTO Michael Gould cited the example of U.K.-based companies that are now in the cross hairs of Brexit. Adequate preparation and forecasting demands more than a single plan; these companies need interconnected plans around possible changes in exchange rates, border tariffs, trade deals, supply costs, pricing and resulting demand. In the U.S. it’s easy to imagine the complex, interconnected planning healthcare organizations will need to come to grips with potential changes in the Affordable Care Act.
Of course, planning and forecasting challenges are more often triggered by routine business dynamics rather than legislative or geopolitical sea changes. Routine business changes such as mergers, acquisitions, digital disruption and emerging market opportunities all trigger complex planning and forecasting challenges. Anaplan customers are typically large companies and fast-growing companies – mostly in retail, banking, technology, healthcare and consumer packaged goods – that face complexity and constant change.

MyPOV on Anaplan’s Progress
There weren’t a lot of high-profile announcements at Anaplan Hub 17 in part because the company is still in the process of delivering capabilities promised at Anaplan Hub 16 (thus, Calderoni’s promise to step up R&D investment). For example, a Business Map feature announced at Hub 16 is still a few weeks away. The Business Map will support connected planning by giving customers a holistic view of all business planning activities, with tagging, searching and filtering by use case, business process and geography.
Also still in the works is a promised expansion of existing predictive capabilities to better support workforce optimization, supply planning, transportation assignment, product marketing, and risk modeling, among other forward-looking analyses. Anaplan did release a module in a limited private beta, but executives say they’re reworking the module to support mathematical optimization without requiring coding.
Late last year Anaplan did deliver on Application Lifecycle Management (ALM) capabilities promised at Hub 16. The new ALM capabilities brought an important productivity advance, enabling customers to split large models and synchronize model versions so they don’t have to replicate changes across development, testing and production instances.
At Hub 17, Anaplan did announce a new data-integration option called Anaplan HyperConnect, which is a licensed version of Informatica Cloud that Anaplan will sell and support under its own brand. It also announced reporting integrations with Tableau, and the company is days away from releasing a DocuSign integration that will take paperwork and, thus, time out of approval processes.
Anaplan didn’t play up the announcement, but in a roadmap session it unveiled plans for two important coming platform capabilities that will unlock yet more growth. A Bring-Your-Own-Key encryption requested by security-conscious banks and financial institution is due out later this year. And a lightweight workflow capability will improve planning throughput, governance and collaboration by routing tasks, approvals and alerts. Release dates weren’t disclosed, and one Anaplan executive quipped that the company wants to live down recent product delays by under-promising and overdelivering.
Anaplan has had its share of executive changes over the last year, as is common in any CEO regime change. But as Calderoni settles in and the company pours more of its considerable venture funding into development, I expect innovation to accelerate and the connected planning story to get stronger.
Related Reading:
Anaplan Scales Platform, Prepares for Prediction
SAP Feels Your Pain, ‘Storms Ahead’ on New Apps, Consumer Insights
Cloud-Based Performance Management: Why the Digital Era Demands Agile Planning

Google has created a new patent cross-licensing effort in the interest of stemming litigation within the burgeoning Android ecosystem. It's called PAX, which means "peace" in Latin. Here are the key details from Google's official blog post on PAX:
Under PAX, members grant each other royalty-free patent licenses covering Android and Google Applications on qualified devices. This community-driven clearinghouse, developed together with our Android partners, ensures that innovation and consumer choice—not patent threats—will continue to be key drivers of our Android ecosystem. PAX is free to join and open to anyone.
PAX members currently include Google, Samsung Electronics, LG Electronics,Foxconn Technology Group, HMD Global, HTC, Coolpad, BQ, and Allview. The members collectively own more than 230,000 patents worldwide. As more companies join, PAX will bring even more patent peace and value to its members through more freedom to innovate.
It's important to note a couple of things here. One, there are indeed some big names signed onto PAX at launch, but they represent only a small percentage of Android OEMs. As the blog notes, the Android ecosystem now has more than 400 partner manufacturers and 500 carriers, with greater than 4,000 devices created in just the past year. There is plenty of room for PAX's ranks to grow, and no doubt they will as word gets out.
Don't expect Microsoft, which at one point was reportedly earning $2 billion per year licensing its patents to Android device makers, to join up.
Second, PAX's launch companies may possess more than 230,000 patents but that doesn't mean all of them will pertain to PAX or Android. It also appears that PAX will focus on software, not hardware patents.
PAX is not Google's first patent pool. Past initiatives include the LOT Network, which focuses on combating patent trolls. Google also participates in long-standing patent pools such as the Open Invention Network.
Google has set up a website for PAX, but it contains very little specific information. In fact, visitors are asked to submit a request if they want to see a copy of the PAX license. The site offers no guarantee one will be received, but in the case one is, asks that recipients keep it confidential save for employees, board members and attorneys, or if compelled by law.
While still in its early days, the emergence of PAX is good news not only for the Android partner and developer ecosystem, but for enterprises. Despite Android's nearly 90 percent smartphone market share, it has lagged Apple dramatically in the enterprise market for a number of reasons, chief among them the Android ecosystem's rampant fragmentation and a resulting perception (or reality) of inferior security.
While most every iOS device gets updated with new operating system versions within a matter of weeks or even days, that's never been the case with Android, with many carriers taking years to make updates available to customers. This makes BYOD initiatives much tougher to do for enterprise IT with Android devices, given users may be running earlier, less secure versions of Android.
Google has taken significant steps in the past year to make Android more enterprise-friendly, adding an array of security features in Android 7.0 (Nougat), which was released in August. (Go here for a comprehensive rundown). Google also sees enterprise overall as its next big path to growth, and has invested accordingly. Expect Google to spend plenty of energy educating the market on where Android stands as an enterprise solution over the course of this year and beyond.
While PAX doesn't draw a direct line toward spurring enterprise adoption of Android, if successful it can only help. An Android partner ecosystem focused more on creating new innovations than fending off intellectual property claims could help reduce fragmentation and thus coalesce around enterprise mobility opportunities, which are already vast.
There's a broader view to consider, as well. "A digital economy built around a new generation of interactive, high-value business and consumer apps and service orchestrations calls for levels of shared and integrated technology operations that massively surpass that of the Web," says Constellation Research VP and principal analyst Andy Mulholland. "The recent battle around protecting patents on smartphone features has shown just how difficult it can be to simultaneously add patented features while in parallel allowing user interactivity with other technology and apps."
"Multiply that many times over the next several years as hundreds of successful startups add their claims to those of the established vendors in the rush to win a share of the new digital markets and the results will be at best chaotic, and at worst could lead to users find their purchases are banned from use," he adds. "Revising both patent and commercial law may not be easy but its very necessary."
24/7 Access to Constellation Insights
Subscribe today for unrestricted access to expert analyst views on breaking news.