I like charismatic leaders of privately owned companies—well, I do until they do something to the company like Ken Olsen did to DEC. It's an interesting (but not very proactive) aspect of governance—what most people do in public (and there's a lot of regulated transparency and publicity around a stock-market listing) which might make making a catastrophically wrong decision a bit harder. Although, very obviously, not impossible—we aren't talking black and white here and some private companies get divorced from the real world of the competition and some public companies worry more about the market and the press than they do about their customers. And some public companies are apparently run as fraudulent concerns; Enron, for example, and the BCCI—the "Bank of Conmen and Crooks International" according to someone in my bank at the time; oddly enough, when BCCI was still being allowed to trade. Institutionalised fraud is apparently difficult for auditors to spot—the books add up but the company objectives are wrong (I think there is still a place for ethics as part of good governance). Effective governance, I think, comes with transparency but transparency is necessary without being sufficient. You also need attribution, enforcement and (dare I say it) company ethics.

Something else that is necessary (still not sufficient) for good governance is accurate information, as a basis for fact-based decision making. Which is one reason why I follow BI generally and why I was at an Information Builders Inc. (IBI) customer day, listening to Gerry Cohen (its CEO and founder) talking about strategy. I like Gerry anyway because he's bright and experienced and as the CEO of a privately held company he has the freedom to say what he thinks without worrying too much about the press; and he is obviously very focused on his customers, as well. I also like IBI's traditional focus on "BI for the masses" which doesn't preclude "BI for Power Users" but does promote transparency, I think, instead of simply focussing on power-user information silos and the "knowledge is power" attitude associated with them—which usually ensures that knowledge isn't always available where it is needed.

Gerry has an interesting view of his competition. IBM, for example, is a competitor; but IBM's very successful "DB2 Web Query" for the iSeries, with 30k installations in 2 years, is actually a re-badged version of IBI's WebFOCUS, he points out.

He also sees an increasing focus on low-latency "now" data, which means that WebFOCUS is concentrating on providing out-of-the-box access to high quality analytics by providing a GUI interface to the R open source stats libraries, much used in academic reaching institutions and also in the open source "Business Intelligence and Reporting Tools" (BIRT [http://eclipse.org/birt/phoenix/]) project. The entire library comes free with WebFOCUS, although only about 25% of it has the GUI interface so far—and you have to pay for deployment.

Nevertheless, this library probably provides even more functionality than SAS, Gerry claims, and there's a low barrier to entry for familiarisation and training. Mention of SAS, however, reminds me that a year or so ago IBI and SAS were best of friends and WebFOCUS had direct access to SAS executables; I wonder what's happened to that relationship? Gerry says that 2/3rds of the cost of doing analytics is in collecting data and cleaning it up—which sounds about right to me—and that IBI's business intelligence tools can already do more of this than SAS does and run on more platforms (on IBM iSeries, for example).

According to Gerry, IBI is now concentrating on security (it has just delivered a new internal WebFOCUS security model)—if you include external models, it has lots of security models to chose from (Gerry says that this choice makes it harder to hack, although it might also make it harder for users to be sure they've implemented security properly, it seems to me). Of course, this is an important aspect of governance too—if you are to run a company with "fact-based decisions" it is important that the integrity and availability of those facts (and, only sometimes, their confidentiality) is strongly protected. Information Builders is apparently the only Business Intelligence company that's an Organizational Member of OWASP, the "Open Web Application Security Project", a worldwide free and open community focused on improving the security of application software generally. Gerry seems proud that with WebFOCUS Release 8, it's now operating at: "OWASP level 3, with a hardened WebFOCUS shell and enlarged security model; and we've trained our programmers in security awareness (such as in the necessity for not giving away unnecessary information in error messages".

He also highlighted a special Release 7.7 of WebFOCUS for IBM z series mainframes, which supports the System z Integrated Information Processor (zIIP) chip for "free" mips (free, because IBM charges by General Processor, not by zIIP chip usage). With the latest z mainframes, TCA (total cost of acquisition) is high, but the incremental cost of adding new apps is low especially if you use zIIP; and, according to Gerry, although zIIP was introduced in 2004, "we're the only people using it in a large way", for a BI platform. Effective utilisation of resources, such as any mainframe investment, is an important aspect of governance.

Interestingly, given its existing emphasis on "mass BI" for everyone, Gerry also told us that IBI was placing a new emphasis on power users with something called "InfoAssist": "this is really an end-user tool," Gerry says, "and we've always been focussed on mass BI—but we need Info Assist when we acquire Business Objects customers".

Leaving his own products, Gerry offered some general insights on where information processing and governance is going. IBI has, apparently, been playing with Amazon Electric Cloud and Gerry advises, "don't ask cloud apps to read from behind your firewall—put the data in the cloud"; which presumably means that the cloud must be as well-governed as internal systems (and the current popularity of "private clouds").

He is also keen on electronic publishing for disseminating information: "a huge money saver, often overlooked," he says.

And he recommends real time Data Quality governance, because it's "most cost effective to fix quality before it gets to the database". This is partly because the infrastructure needed is already there in the network and you don't have to build ETL (extract, transform, load) stuff for a special data cleansing exercise, you "just" cleanse the data as it passes on its way in—if you have the technology to do this both efficiently (fast) and effectively.

Gerry finished off with a quote from Lee Segall: "A man with one watch knows what time it is; a man with two watches is never quite sure"; which, he says, is the classic data quality analogy. This is probably true—but Segall prefaced it with "it is possible to own too much", which makes me think that it is also possible for a badly governed company to "own" (in a rather passive sense) too much poorly-understood data (regardless of any data duplication problems) for it to be data rich and information poor.