Optimize Lead Generation With Lead Scoring

In today’s competitive environment, optimizing Sales’ resources by giving them qualified leads is key to B2B marketing success.

EXECUTIVE BRIEF

Analyst Perspective

Improve B2B seller win rates with a lead scoring methodology as part of your modern lead generation engine.

As B2B organizations emerge from the lowered demands brought on by COVID-19, they are eager to convert marketing contacts to sales-qualified leads with even the slightest signal of intent, but many sales cycles are wasted when sellers receive unqualified leads. Delivering highly qualified leads to sellers is still more art than science, and it is especially challenging without a way to score a contact profile and engagement. While most marketers capture some profile data from contacts, many will pass a contact over to Sales without any engagement data or schedule a demo with a contact without any qualifying profile data. Passing unqualified leads to Sales suboptimizes Sales’ resources, raises the costs per lead, and often results in lost opportunities. Marketers need to develop a lead scoring methodology that delivers better qualified leads to Field Sales scored against both the ideal customer profile (ICP) and engagement that signals lower-funnel buyer interest. To be successful in building a compelling lead scoring solution, marketers must work closely with key stakeholders to align the ICP asset/activity with the buyer journey. Additionally, working early in the design process with IT/Marketing Operations to implement lead management and analytical tools in support will drive results to maximize lead conversion rates and sales wins.

Jeff Golterman

Managing Director

SoftwareReviews Advisory

Executive Summary

Your Challenge

The affordability and ease of implementation of digital marketing tools have driven global adoption to record levels. While many marketers are fine-tuning the lead generation engine components of email, social media, and web-based advertising to increase lead volumes, just 32% of companies pass well-qualified leads over to outbound marketers or sales development reps (SDRs). At best, lead gen costs stay high, and marketing-influenced win rates remain suboptimized. At worst, marketing reputation suffers when poorly qualified leads are passed along to sellers.

Common Obstacles

Most marketers lack a methodology for lead scoring, and some lack alignment among Marketing, Product, and Sales on what defines a qualified lead. In their rush to drive lead generation, marketers often fail to “define and align” on the ICP with stakeholders, creating confusion and wasted time and resources. In the rush to adopt B2B marketing and sales automation tools, many marketers have also skipped the important steps to 1) define the buyer journey and map content types to support, and 2) invest in a consistent content creation and sourcing strategy. The wrong content can leave prospects unmotivated to engage further and cause them to seek alternatives.

Info-Tech’s Approach

To employ lead scoring effectively, marketers need to align Sales, Marketing, and Product teams on the definition of the ICP and what constitutes a Sales-accepted lead. The buyer journey needs to be mapped in order to identify the engagement that will move a lead through the marketing lead generation engine. Then the project team can score prospect engagement and the prospect profile attributes against the ICP to arrive at a lead score. The marketing tech stack needs to be validated to support lead scoring, and finally Sales needs to sign off on results.

SoftwareReviews Advisory Insight:

Lead scoring is a must-have capability for high-tech marketers. Without lead scoring, marketers will see increased costs of lead gen, decreased SQL to opportunity conversion rates, decreased sales productivity, and longer sales cycles.

Who benefits from a lead scoring project?

This Research Is Designed for:

• Marketers and especially campaign managers who are:
• Looking for a more precise way to score leads and deploy outbound marketing resources to optimize contacts-to-MQL conversion rates.
• Looking for a more effective way to profile contacts raised by your lead gen engine.
• Looking to use their lead management software to optimize lead scoring.
• Starting anew to strengthen their lead generation engine and want examples of a typical engine, ways to identify buyer journey, and perform lead nurturing.

This Research Will Help You:

• Explain why having a lead scoring methodology is important.
• Identify a methodology that will call for identifying an ICP against which to score prospect profiles behind each contact that engages your lead generation engine.
• Create a process of applying weightings to score activities during contact engagement with your lead generation engine. Apply both scores to arrive at a contact/lead score.
• Compare your current lead gen engine to a best-in-class example in order to identify gaps and areas for improvement and exploration.

This Research Will Also Assist:

• CMOs, Marketing Operations leaders, heads of Product Marketing, and regional Marketing leads who are stakeholders in:
  • Finding alternatives to current lead scoring approaches.
  • Altering current or evaluating new marketing technologies to support a refreshed lead scoring approaches.

This Research Will Help Them:

• Align stakeholders on an overall program of identifying target customers, building common understanding of what constitutes a qualified lead, and determining when to use higher-cost outbound marketing resources.
• Deploy high-value applications that will improve core marketing metrics.

Insight summary

Continuous adjustment and improvement of your lead scoring methodology is critical for long-term lead generation engine success.

• Building a highly functioning lead generation engine is an ongoing process and one that requires continual testing of new asset types, asset design, and copy variations. Buyer profiles change over time as you launch new products and target new markets.
• Pass better qualified leads to Field Sales and improve sales win rates by taking these crucial steps to implement a better lead generation engine and a lead scoring methodology:
• Make the case for lead scoring in your organization.
• Establish trigger points that separate leads to ignore, nurture, qualify, or outreach/contact.
• Identify your buyer journey and ICP through collaboration among Sales, Marketing, and Product.
• Assess each asset and activity type across your lead generation engine and apply a weighting for each.
• Test lead scenarios within our supplied toolkit and with stakeholders. Adjust weightings and triggers that deliver lead scores that make sense.
• Work with IT/Marketing Operations to emulate your lead scoring methodology within your marketing automation/campaign management application.
• Explore advanced methods including nurturing.
• Use the Lead Scoring Workbook collaboratively with other stakeholders to design your own methodology, test lead scenarios, and build alignment across the team.

Leading marketers who successfully implement a lead scoring methodology develop it collaboratively with stakeholders across Marketing, Sales, and Product Management. Leaders will engage Marketing Operations, Sales Operations, and IT early to gain support for the evaluation and implementation of a supporting campaign management application and for analytics to track lead progress throughout the Marketing and Sales funnels. Leverage the Marketing Lead Scoring Toolkit to build out your version of the model and to test various scenarios. Use the slides contained within this storyboard and the accompanying toolkit as a means to align key stakeholders on the ICP and to weight assets and activities across your marketing lead generation engine.

What is lead scoring?

Lead scoring weighs the value of a prospect’s profile against the ICP and renders a profile score. The process then weighs the value of the prospects activities against the ideal call to action (CTA) and renders an activity score. Combining the profile and activity scores delivers an overall score for the value of the lead to drive the next step along the overall buyer journey.

EXAMPLE: SALES MANAGEMENT SOFTWARE

• For a company that markets sales management software the ideal buyer is the head of Sales Operations. While the ICP is made up of many attributes, we’ll just score one – the buyer’s role.
• If the prospect/lead that we wish to score has an executive title, the lead’s profile scores “High.” Other roles will score lower based on your ICP. Alongside role, you will also score other profile attributes (e.g. company size, location).
• With engagement, if the prospect/lead clicked on our ideal CTA, which is “request a proposal,” our engagement would score high. Other CTAs would score lower.

SoftwareReviews Advisory Insight:

A significant obstacle to quality lead production is disagreement on or lack of a documented definition of the ideal customer profile. Marketers successful in lead scoring will align key stakeholders on a documented definition of the ICP as a first step in improving lead scoring.

Use of lead scoring is in the minority among marketers

The majority of businesses are not practicing lead scoring!

Up to 66% of businesses don’t practice any type of lead scoring.

Source: LeadSquared, 2014

“ With lead scoring, you don’t waste loads of time on unworthy prospects, and you don’t ignore people on the edge of buying.”

Source: BigCommerce

“The benefits of lead scoring number in the dozens. Having a deeper understanding of which leads meet the qualifications of your highest converters and then systematically communicating with them accordingly increases both ongoing engagement and saves your internal team time chasing down inopportune leads.”

– Joey Strawn, Integrated Marketing Director, in IndustrialMarketer.com

Key benefit: sales resource optimization

Many marketing organizations send Sales too many unqualified leads

• Leads – or, more accurately, contacts – are not all qualified. Some are actually nothing more than time-wasters for sellers.
• Leading marketers peel apart a contact into at least two dimensions – “who” and “how interested.”
• The “who” is compared to the ICP and given a score.
• The “how interested” measures contact activity – or engagement – within our lead gen engine and gives it a score.
• Scores are combined; a contact with a low score is ignored, medium is nurtured, and high is sent to sellers.
• A robust ICP, together with engagement scoring and when housed within your lead management software, prioritizes for marketers which contacts to nurture and gets hot leads to sellers more quickly.

Optimizing Sales Resources Using Lead Scoring

Lead scoring drives greater sales effectiveness

When contacts are scored as “qualified leads” and sent to sellers, sales win rates and ROI climb

• Contacts can be scored properly once marketers align with Sales on the ICP and work closely with colleagues in areas like product marketing and field marketing to assign weightings to lead gen activities.
• When more qualified leads get into the hands of the salesforce, their win rates improve.
• As win rates improve, and sellers are producing more wins from the same volume of leads, sales productivity improves and ROI on the marketing investment increases.

“On average, organizations that currently use lead scoring experience a 77% lift in lead generation ROI, over organizations that do not currently use lead scoring.”

– MarketingSherpa, 2012

Average Lead Generation ROI by Use of Lead Scoring

Source: 2011 B2B Marketing Benchmark Survey, MarketingSherpa

Methodology: Fielded June 2011, N=326 CMOs

SoftwareReviews’ Lead Scoring Approach

Key Deliverable: Lead Scoring Workbook

The workbook walks you through a step-by-step process to:

• Identify your team.
• Identify the lead scoring thresholds.
• Define your IPC.
• Weight the activities within your lead generation engine.
• Run tests using lead scenarios.

Tab 1: Team Composition

Consider core functions and form a cross-functional lead scoring team. Document the team’s details here.

Tab 2: Threshold Setting

Set your initial threshold weightings for profile and engagement scores.

Tab 3:

Establish Your Ideal Customer Profile

Identify major attributes and attribute values and the weightings of both. You’ll eventually score your leads against this ICP.

Record and Weight Lead Gen Engine Activities

Identify the major activities that compose prospect engagement with your lead gen engine. Weight them together as a team.

Test Lead Profile Scenarios

Test actual lead profiles to see how they score against where you believe they should score. Adjust threshold settings in Tab 2.

Test Activity Engagement Scores

Test scenarios of how contacts navigate your lead gen engine. See how they score against where you believe they should score. Adjust thresholds on Tab 2 as needed.

Review Combined Profile and Activity Score

Review the combined scores to see where on your lead scoring matrix the lead falls. Make any final adjustments to thresholds accordingly.

Several ways we help you build your lead scoring methodology

Guided Implementation

What does a typical GI on this topic look like?

A Guided Implementation (GI) is series of calls with a SoftwareReviews Advisory analyst to help implement our best practices in your organization. For guidance on marketing applications, we can arrange a discussion with an Info-Tech analyst. Your engagement managers will work with you to schedule analyst calls.

Workshop Overview

Accelerate your project with our facilitated SoftwareReviews Advisory workshops

Phase 1

Drive an Aligned Vision for Lead Scoring

This phase will walk you through the following activities:

• Solidify your vision for lead scoring.
• Achieve stakeholder alignment.
• Assess your tech stack.

This phase involves the following stakeholders:

• Field Marketing/Campaign Manager
• CMO
• Product Marketing
• Product Management
• Sales Leadership/Sales Operations
• Inside Sales leadership
• Marketing Operations/IT
• Digital Platform leadership

Step 1.1

Establish a Cross-Functional Vision for Lead Scoring

Activities

1.1.1 Identify stakeholders critical to success

1.1.2 Outline the vision for lead scoring

1.1.3 Select your lead scoring team

This step will walk you through the following activities:

• Discuss the reasons why lead scoring is important.
• Review program process.
• Identify stakeholders and team.

This step involves the following participants:

• Stakeholders
• Project sponsors and leaders

Outcomes of this step

• Stakeholder alignment on vision of lead scoring
• Stakeholders described and team members recorded
• A documented buyer journey and map of your current lead gen engine

1.1.1 Identify stakeholders critical to success

1 hour

1. Meet to identify the stakeholders that should be included in the project’s steering committee.
2. Finalize selection of steering committee members.
3. Contact members to ensure their willingness to participate.
4. Document the steering committee members and the milestone/presentation expectations for reporting project progress and results

SoftwareReviews Advisory Insight:

B2B marketers that lack agreement among Marketing, Sales, Inside Sales, and lead management supporting staff of what constitutes a qualified lead will squander precious time and resources throughout the customer acquisition process.

1.1.2 Outline the vision for lead scoring

1 hour

1. Convene a meeting of the steering committee and initiative team members who will be involved in the lead scoring project.

• Using slides from this blueprint, understand the definition of lead scoring, the value of lead scoring to the organization, and the overall lead scoring process.
• Understand the teams’ roles and responsibilities and help your Marketing Operations/IT colleagues understand some of the technical requirements needed to support lead scoring.
• This is important because as the business members of the team are developing the lead scoring approach on paper, the technical team can begin to evaluate lead management apps within which your lead scoring model will be brought to life.

SoftwareReviews Advisory Insight:

While SMBs can implement some form of lead scoring when volume is very low and leads can be scored by hand, lead scoring and effective lead management cannot be performed without investment in digital platforms and lead management software and integration with customer relationship management (CRM) applications in the hands of inside and field sales staff. Marketers should plan and budget for the right combination of applications and tools to be in place for proper lead management.

Lead scoring stakeholders

Developing a common stakeholder understanding of the ICP, the way contact profiles are scored, and the way activities and asset engagement in your lead generation engine are scored will strengthen alignment between Marketing, Sales and Product Management.

SoftwareReviews Advisory Insight:

Marketers managing the lead scoring initiative must include Product Marketing, Sales, Inside Sales, and Product Management. And given that world-class B2B lead generation engines cannot run without technology enablement, Marketing Operations/IT – those that are charged with enabling marketing and sales – must also be part of the decision making and implementation process of lead scoring and lead generation.

1.1.3 Select your lead scoring team

30 minutes

1. The CMO and other key stakeholders should discuss and determine who will be involved in the lead scoring project.

• Business leaders in key areas – Product Marketing, Field Marketing, Digital Marketing, Inside Sales, Sales, Marketing Ops, Product Management, and IT – should be involved.

• The size of the team will vary depending on your initiative and size of your organization.

Download the Lead Scoring Workbook

Lead scoring team

Consider the core team functions when composing the lead scoring team. Form a cross-functional team (i.e. across IT, Marketing, Sales, Service, Operations) to create a well-aligned lead management/scoring strategy. Don’t let your core team become too large when trying to include all relevant stakeholders. Carefully limit the size of the team to enable effective decision making while still including functional business units.

Step 1.2 (Optional)

Assess Your Tech Stack for Lead Scoring

Our model assumes you have:

1.2.1 A marketing application/campaign management application in place that accommodates lead scoring.

1.2.2 Lead management software integrated with the sales automation/CRM tool in the hands of Field Sales.

1.2.3 Reporting/analytics that spans the entire lead generation pipeline/funnel.

Refer to the following three slides if you need guidance in these areas.

This step will walk you through the following activities:

• Confirm that you have your tech stack in place.
• Set up an inquiry with an Info-Tech analyst should you require guidance on evaluating lead pipeline reporting, CRM, or analytics applications.

This step involves the following participants:

• Stakeholders
• Project sponsors and leaders

Outcomes of this step

• Understanding of what new application and technology support is required to support lead scoring.

SoftwareReviews Advisory Insight:

Marketers that collaborate closely with Marketing Ops/IT early in the process of lead scoring design will be best able to assess whether current marketing applications and tools can support a full lead scoring capability.

1.2.1 Plan technology support for marketing management apps

Work with Marketing Ops and IT early to evaluate application enablement for lead management, including scoring

A thorough evaluation takes months – start early

• Work closely with Marketing Operations (or the team that manages the marketing apps and digital platforms) as early as possible to socialize your approach to lead scoring.
• Work with them on a set of updated requirements for selecting a marketing management suite or for changes to existing apps and tools to support your lead scoring approach that includes lead tracking and marketing funnel analytics.
• Access the Info-Tech blueprint Select a Marketing Management Suite, along with analyst inquiry support during the requirements definition, vendor evaluation, and vendor selection phases. Use the SoftwareReviews Marketing Management Data Quadrant during vendor evaluation and selection.

SoftwareReviews Marketing Management Data Quadrant

1.2.2 Plan technology support for sales opportunity management

Work with Marketing Ops and IT early to evaluate applications for sales opportunity management

A thorough evaluation takes months – start early

• Work closely with Sales Operations as early as possible to socialize your approach to lead scoring and how lead management must integrate with sales opportunity management to manage the entire marketing and sales funnel management process.
• Work with them on a set of updated requirements for selecting a sales opportunity management application that integrates with your marketing management suite or for changes to existing apps and tools to support your lead management and scoring approach that support the entire marketing and sales pipeline with analytics.

Access the Info-Tech blueprint Select and Implement a CRM Platform, along with analyst inquiry support during the requirements definition, vendor evaluation, and vendor selection phases. Use the SoftwareReviews CRM Data Quadrant during vendor evaluation and selection.

SoftwareReviews Customer Relationship Management Data Quadrant

1.2.3 Plan analytics support for marketing pipeline analysis

Work with Marketing Ops early to evaluate analytics tools to measure marketing and sales pipeline conversions

A thorough evaluation takes weeks – start early

• Work closely with Marketing and Sales Operations as early as possible to socialize your approach to measuring the lifecycle of contacts through to wins across the entire marketing and sales funnel management process.
• Work with them on a set of updated requirements for selecting tools that can support the measurement of conversion ratios from contact to MQL, SQL, and opportunity to wins. Having this data enables you to measure improvement in component parts to your lead generation engine.
• Access the Info-Tech blueprint Select and Implement a Reporting and Analytics Solution, along with analyst inquiry support during the requirements definition, vendor evaluation and vendor selection phases. Use the SoftwareReviews Best Business intelligence & Analytics Software Data Quadrant as well during vendor evaluation and selection.

SoftwareReviews Business Intelligence Data Quadrant

Step 1.3

Catalog Your Buyer Journey and Lead Gen Engine Assets

Activities

1.3.1 Review marketing pipeline terminology

1.3.2 Describe your buyer journey

1.3.3 Describe your awareness and lead generation engine

This step will walk you through the following activities:

• Discuss marketing funnel terminology.
• Describe your buyer journey.
• Catalog the elements of your lead generation engine.

This step involves the following participants:

• Stakeholders

Outcomes of this step

• Stakeholder alignment on terminology, your buyer journey, and elements of your lead generation engine

1.3.1 Review marketing pipeline terminology

30 minutes

1. We assume for this model the following:
1. Our primary objective is to deliver more, and more-highly qualified, sales-qualified leads (SQLs) to our salesforce. The salesforce will accept SQLs and after further qualification turn them into opportunities. Sellers work opportunities and turn them into wins. Wins that had first/last touch attribution within the lead gen engine are considered marketing-influenced wins.
2. This model assumes the existence of sales development reps (SDRs) whose mission it is to take marketing-qualified leads (MQLs) from the lead generation engine and further qualify them into SQLs.
3. The lead generation engine takes contacts – visitors to activities, website, etc. – and scores them based on their profile and engagement. If the contact scores at or above the designated threshold, the lead generation engine rates it as an MQL and passes it along to Inside Sales/SDRs. If the contact scores above a certain threshold and shows promise, it is further nurtured. If the contact score is low, it is ignored.
2. If an organization does not possess a team of SDRs or Inside Sales, you would adjust your version of the model to, for example, raise the threshold for MQLs, and when the threshold is reached the lead generation engine would pass the lead to Field Sales for further qualification.

SoftwareReviews Advisory Insight:

Score leads in a way that makes it crystal clear whether they should be ignored, further nurtured, further qualified, or go right into a sellers’ hands as a super hot lead.

1.3.2 Describe your buyer journey

1. Understand the concept of the buyer journey:
1. Typically Product Marketing is charged with establishing deep understanding of the target buyer for each product or solution through a complete buyer persona and buyer journey map. The details of how to craft both are covered in the upcoming SoftwareReviews Advisory blueprint Craft a More Comprehensive Go-to-Market Strategy. However, we share our Buyer Journey Template here (on the next slide) to illustrate the connection between the buyer journey and the lead generation and scoring processes.
2. Marketers and campaigners developing the lead scoring methodology will work closely with Product Marketing, asking them to document the buyer journey.
3. The value of the buyer journey is to guide asset/content creation, nurturing strategy and therefore elements of the lead generation engine such as web experience, email, and social content and other elements of engagement.
4. The additional value of having a buyer persona is to also inform the ICP, which is an essential element of lead scoring.
5. For the purposes of lead scoring, use the template on the next slide to create a simple form of the buyer journey. This will guide lead generation engine design and the scoring of activities later in our blueprint.

2 hours

On the following slide:

1. Tailor this template to suit your buyer journey. Text in green is yours to modify. Text in black is instructional.
2. Your objective is to use the buyer journey to identify asset types and a delivery channel that once constructed/sourced and activated within your lead gen engine will support the buyer journey.
3. Keep your buyer journey updated based on actual journeys of sales wins.
4. Complete different buyer journeys for different product areas. Complete these collaboratively with stakeholders for alignment.

SoftwareReviews Advisory Insight:

Establishing a buyer journey is one of the most valuable tools that, typically, Product Marketing produces. Its use helps campaigners, product managers, and Inside and Field Sales. Leading marketers keep journeys updated based on live deals and characteristics of wins.

Buyer Journey Template

Personas: [Title] e.g. “BI Director”

[Persona name] ([levels it includes from arrows above]) Buyer’s Journey for [solution type] Vendor Selection

1.3.3 Describe Your Awareness and Lead Gen Engine

1. Understand the workings of a typical awareness and lead generation engine. Reference the image of a lead gen engine on the following slide when reviewing our guidance below:
1. In our lead scoring example found in the Lead Scoring Workbook, tab 3, “Weight and Test,” we use a software company selling a sales automation solution, and the engagement activities match with the Typical Awareness and Lead Gen Engine found on the following slide. Our goal is to match a visual representation of a lead gen and awareness engine with the activity scoring portion of lead scoring.
2. At the top of the Typical Awareness and Lead Generation Engine image, the activities are activated by a team of various roles: digital manager (new web pages), campaign manager (emails and paid media), social media marketer (organic and paid social), and events marketing manager (webinars).
3. “Awareness” – On the right, the slide shows additional awareness activities driven by the PR/Corporate Comms and Analyst Relations teams.*
4. The calls to action (CTAs) found in the outreach activities are illustrated below the timeline. The CTAs are grouped and are designed to 1) drive profile capture data via a main sales form fill, and 2) drive engagement that corresponds to the Education, Solution, and Selection buyer journey phases outlined on the prior slide. Ensure you have fast paths to get a hot lead – request a demo – directly to Field Sales when profiles score high.

* For guidance on best practices in engaging industry analysts, contact your engagement manager to schedule an inquiry with our expert in this area. during that inquiry, we will share best practices and recommended analyst engagement models.

Lead Scoring Workbook

2 hours

On the following slide:

1. Tailor the slide to describe your lead generation engine as you will use it when you get to latter steps to describe the activities in your lead gen engine and weight them for lead scoring.
2. Use the template to see what makes up a typical lead gen and awareness building engine. Record your current engine parts and see what you may be missing.
3. Note: The “Goal” image in the upper right of the slide is meant as a reminder that marketers should establish a goal for SQLs delivered to Field Sales for each campaign.

SoftwareReviews Advisory Insight:

Marketing’s primary mission is to deliver marketing-influenced wins (MIWs) to the company. Building a compelling awareness and lead gen engine must be done with that goal in mind. Leaders are ruthless in testing – copy, email subjects, website navigation, etc. – to fine-tune the engine and staying highly collaborative with sellers to ensure high value lead delivery.

Typical Awareness and Lead Gen Engine

Understand how a typical lead generation engine works. Awareness activities are included as a reference. Use as a template for campaigns.

Phase 2

Build and Test Your Lead Scoring Model

This phase will walk you through the following activities:

1. Understand the Lead Scoring Grid and establish thresholds.
2. Collaborate with stakeholders on your ICP, apply weightings to profile attributes and values, and test.
3. Identify the key activities and assets of your lead gen engine, weight attributes, and run tests.

This phase involves the following participants:

• Field Marketing/Campaign Manager
• Product Marketing
• Sales Leadership/Sales Operations
• Inside Sales leadership
• Marketing Operations/IT
• Digital Platform leadership

Step 2.1

Start Building Your Lead Scoring Model

Activities

2.1.1 Understand the Lead Scoring Grid

2.1.2 Identify thresholds

This step will walk you through the following activities:

• Discuss the concept of the thresholds for scoring leads in each of the various states – “ignore,” “nurture,” “qualify,” “send to sales.”
• Open the Lead Scoring Workbook and validate your own states to suit your organization.
• Arrive at an initial set of threshold scores.

This step involves the following participants:

• Stakeholders

Outcomes of this step

• Stakeholder alignment on stages
• Stakeholder alignment on initial set of thresholds

2.1.1 Understand the Lead Scoring Grid

30 minutes

1. Understand how lead scoring works and our grid is constructed.
2. Understand the two important areas of the grid and the concept of how the contact’s scores will increase as follows:
1. Profile – as the profile attributes of the contact approaches that of the ICP we want to score the contact/prospect higher. Note: Step 1.3 walks you through creating your ICP.
2. Engagement – as the contact/prospect engages with the activities (e.g. webinars, videos, events, emails) and assets (e.g. website, whitepapers, blogs, infographics) in our lead generation engine, we want to score the contact/prospect higher. Note: You will describe your engagement activities in this step.
3. Understand how thresholds work:
1. Threshold percentages, when reached, trigger movement of the contact from one state to the next – “ignore,” “nurture,” “qualify with Inside Sales,” and “send to sales.”

2.1.2 Identify thresholds

30 minutes

We have set up a model Lead Scoring Grid – see Lead Scoring Workbook, tab 2, “Identify Thresholds.”

Set your thresholds within the Lead Scoring Workbook:

• Set your threshold percentages for ”Profile” and “Engagement.”
• You will run test scenarios for each in later steps.
• We suggest you start with the example percentages given in the Lead Scoring Workbook and plan to adjust them during testing in later steps.
• Define the “Send to Sales,” “Qualify With Inside Sales,” “Nurture,” and “Ignore” zones.

SoftwareReviews Advisory Insight:

Clarify that all-important threshold for when a lead passes to your expensive and time-starved outbound sellers.

Lead Scoring Workbook

Step 2.2

Identify and Verify Your Ideal Customer Profile and Weightings

Activities

2.2.1 Identify your ideal customer profile

2.2.2 Run tests to validate profile weightings

This step will walk you through the following activities:

• Identify the attributes that compose the ICP.
• Identify the values of each attribute and their weightings.
• Test different contact profile scenarios against what actually makes sense.
• Adjust weightings if needed.

This step involves the following participants:

• Stakeholders

Outcomes of this step

• Stakeholder alignment on ICP
• Stakeholder alignment on weightings given to attributes
• Tested results to verify thresholds and cores

2.2.1 Identify your ideal customer profile

Collaborate with stakeholders to understand what attributes best describe your ICP. Assign weightings and subratings.

2 hours

1. Choose attributes such as job role, organization type, number of employees/potential seat holders, geographical location, interest area, etc., that describe the ideal profile of a target buyer. Best practice sees marketers choosing attributes based on real wins.
2. Some marketers compare the email domain of the contact to a target list of domains. In the Lead Scoring Workbook, tab 3, “Weight and Test,” we provide an example profile for a “Sales Automation Software” ICP.
3. Use the workbook as a template, remove our example, and create your own ICP attributes. Then weight the attributes to add up to 100%. Add in the attribute values and weight them. In the next step you will test scenarios.

SoftwareReviews Advisory Insight:

Marketers who align with colleagues in areas such as Product Marketing, Sales, Inside Sales, Sales Training/Enablement, and Product Managers and document the ICP give their organizations a greater probability of lead generation success.

Lead Scoring Workbook

2.2.2 Run tests to validate profile weightings

Collaborate with stakeholders to run different profile scenarios. Validate your model including thresholds.

SoftwareReviews Advisory Insight:

Keep your model simple in the interest of fast implementation and to drive early learnings. The goal is not to be perfect but to start iterating toward success. You will update your scoring model even after going into production.

2 hours

1. Choose scenarios of contact/lead profile attributes by placing a “1” in the “Attribute” box shown at left.
2. Place your estimate of how you believe the profile should score in the box to the right of “Estimated Profile State.” How does the calculated state, beneath, compare to the estimated state?
3. In cases where the calculated state differs from your estimated state, consider weighting the profile attribute differently to match.
4. If you find estimates and calculated states off dramatically, consider changing previously determined thresholds in tab 2, “Identify Thresholds.” Test multiple scenarios with your team.

Lead Scoring Workbook

Step 2.3

Establish Key Lead Generation Activities and Assets

Activities

2.3.1 Establish activities, attribute values, and weights

2.3.2 Run tests to evaluate activity ratings

This step will walk you through the following activities:

• Identify the activities/asset types in your lead gen engine.
• Weight each attribute and define values to score for each one.
• Run tests to ensure your model makes sense.

This step involves the following participants:

• Stakeholders
• Project sponsors and leaders

Outcomes of this step

• Final stakeholder alignment on which assets compose your lead generation engine
• Scoring model tested

2.3.1 Establish activities, attribute values, and weights

2 hours

1. Catalog the assets and activities that compose your lead generation engine outlined in Activity 1.3.3. Identify their attribute values and weight them accordingly.
2. Consider weighting attributes and values according to how close that asset gets to conveying your ideal call to action. For example, if your ideal CTA is “schedule a demo” and the “click” was submitted in the last seven days, it scores 100%. Take time decay into consideration. If that same click was 60 days ago, it scores less – maybe 60%.
3. Different assets convey different intent and therefore command different weightings; a video comparing your offering against the competition, considered a down funnel asset, scores higher than the company video, considered a top-of-the-funnel activity and “awareness.”

Lead Scoring Workbook

2.3.2 Run tests to validate activity weightings

Collaborate with stakeholders to run different engagement scenarios. Validate your model including thresholds.

SoftwareReviews Advisory Insight:

Use data from actual closed deals and the underlying activities to build your model – nothing like using facts to inform your key decisions. Use common sense and keep things simple. Then update further when data from new wins appears.

2 hours

1. Test scenarios of contact engagement by placing a “1” in the “Attribute” box shown at left.
2. Place your estimate of how you believe the engagement should score in the box to the right of “Estimated Engagement State.” How does the calculated state, beneath, compare to the estimated state?
3. In cases where the calculated state differs from your estimated state, consider weighting the activity attribute differently to match.
4. If you find that the estimates and calculated states are off dramatically, consider changing previously determined thresholds in tab 2, “Identify Thresholds.” Test multiple scenarios with your team.

Lead Scoring Workbook

Phase 3

Apply Your Model to Marketing Apps and Go Live With Better Qualified Leads

This phase will walk you through the following activities:

1. Apply model to your marketing management/campaign management software.
2. Get better qualified leads in the hands of sellers.
3. Apply lead nurturing and other advanced methods.

This phase involves the following participants:

• Field Marketing/Campaign Manager
• Sales Leadership/Sales Operations
• Inside Sales leadership
• Marketing Operations/IT
• Digital Platform leadership

Step 3.1

Apply Model to Your Marketing Management Software

Activities

3.1.1 Apply final model to your lead management software

This step will walk you through the following activities:

• Apply the details of your scoring model to the lead management software.

This step involves the following participants:

• Stakeholders
• Project sponsors and leaders

Outcomes of this step

• Marketing management software or campaign management application is now set up/updated with your lead scoring approach.

3.1.1 Apply final model to your lead management software

Now that your model is complete and ready to go into production, input your lead scoring parameters into your lead management software.

3 hours

1. Go to the Lead Scoring Workbook, tab 4, “Model Summary” for a formatted version of your lead scoring model. Double-check print formatting and print off a copy.
2. Use the copy of your model to show to prospective technology providers when asking them to demonstrate their lead scoring capabilities.
3. Once you have finalized your model, use the printed output from this tab to ease your process of transposing the corresponding model elements into your lead management software.

Lead Scoring Workbook

Step 3.2

Test the Quality of Sales-Accepted Leads

Activities

3.2.1 Achieve sales lead acceptance

3.2.2 Measure and optimize

This step will walk you through the following activities:

• Suggest that the Inside Sales and Field Sales teams should assess whether to sign off on quality of leads received.
• Campaign managers and stakeholders should now be able to track lead status more effectively.

This step involves the following participants:

• Stakeholders
• Project sponsors and leaders

Outcomes of this step

• Sales leadership should be able to sign off that leads are better qualified.
• With marketing pipeline analytics in place, campaigners can start to measure lead flow and conversion rates.

3.2.1 Achieve sales lead acceptance

Collaborate with sellers to validate your lead scoring approach.

1 hour

1. Gather a set of SQLs – leads that have been qualified by Inside Sales and delivered to Field Sales. Have Field Sales team members convey whether these leads were properly qualified.
2. Where leads are deemed not properly qualified, determine if the issue was a) a lack of proper qualification by the Inside Sales team, or b) the lead generation engine, which should have further nurtured the lead or ignored it outright.
3. Work collaboratively with Inside Sales to update your lead scoring model and/or Inside Sales practice.

SoftwareReviews Advisory Insight:

Marketers that collaborate with Sales – and in this case, a group of sellers as a sales advisory team – well in advance of sales acceptance to design lead scoring will save time during this stage, build trust with sellers, and make faster decisions related to lead management/scoring.

3.2.2 Measure and optimize

Leverage analytics that help you optimize your lead scoring methodology.

Ongoing

1. Work with Marketing Ops/IT team to design and implement analytics that enable you to:
2. Meet frequently with your stakeholder team to review results.
3. Learn from the wins: see how they actually scored and adjust thresholds and/or asset/activity weightings.
4. Learn from losses: fix ineffective scoring, activities, assets, form-fill strategies, and engagement paths.
5. Test from both wins and losses if demographic weightings are delivering accurate scores.
6. Analyze those high scoring leads that went right to sellers but did not close. This could point to a sales training or enablement challenge.

Analytics will also drive additional key insights across your lead gen engine:

• Are volumes increasing or decreasing? What percentage of leads are in what status (A1-D4)?
• What nurturing will re-engage stalled leads that score high in profile but low in engagement (A3, B3)?
• Will additional profile data capture further qualify leads with high engagement (C1, C2)?
• And beyond all of the above, what leads move to Inside Sales and convert to SQLs, opportunities, and eventually marketing-influenced wins?

Step 3.3

Apply Advanced Methods

Activities

3.3.1 Employ lead nurturing strategies

3.3.2 Adjust your model over time to accommodate more advanced methods

This step will walk you through the following activities:

• Apply lead nurturing to your lead gen engine.
• Adjust your engine over time with more advanced methods.

This step involves the following participants:

• Stakeholders
• Project sponsors and leaders

Outcomes of this step

• Marketers can begin to test lead nurturing strategies and other advanced methods.

3.3.1 Employ lead nurturing strategies

A robust content marketing competence with compelling assets and the capture of additional profile data for qualification are key elements of your nurturing strategy.

SoftwareReviews Advisory Insight:

Nurturing success combines the art of crafting engaging copy/experiences and the science of knowing just where a prospect is within your lead gen engine. Great B2B marketers demonstrate the discipline of knowing when to drive engagement and/or additional profile attribute capture using intent while not losing the prospect to over-profiling.

Ongoing

1. The goal of lead nurturing is to move the collection of contacts/leads that are scoring, for example, in the A3, B3, C1, C2, and C3 cells into A2, B2, and B1 cells.
2. How is this best done? To nurture leads that are A3 and B3, entice the prospect with engagement that leads to the bottom of funnel – e.g. “schedule a demo” or “schedule a consultation” via a compelling asset. See the example on the following slide.
3. To nurture C1 and C2, we need to qualify them further, so entice with an asset that leads to deeper profile knowledge.
4. For C3 leads, we need both profile and activity nurturing.

Lead nurturing example

SoftwareReviews Advisory Insight:

When nurturing, choose/design content as to what “intent” it satisfies. For example, a head-to-head comparison with a key competitor signals “Selection” phase of the buyer journey. Content that helps determine what app-type to buy signals “Solution”. A company video, or a webinar replay, may mean your buyer is “educating themselves.

3.3.2 Adjust your model over time to accommodate more advanced methods

When getting started or within a smaller marketing team, focus on the basics outlined thus far in this blueprint. Larger and/or more experienced teams are able to employ more advanced methods.

Ongoing

Advanced Methods

• Invest in technologies that interpret lead scores and trigger next-step actions, especially outreach by Inside and/or Field Sales.
• Use the above to route into nurturing environments where additional engagement will raise scores and trigger action.
• Recognize that lead value decays with time to time additional outreach/activities and to reduce lead scores over time.
• Always be testing different engagement, copy, and subsequent activities to optimize lead velocity through your lead gen engine.
• Build intent sensitivity into engagement activities; e.g. test if longer demo video engagement times imply ”contact me for a demo” via a qualification outreach. Update scores manually to drive learnings.
• Vary engagement paths by demographics to deliver unique digital experiences. Use firmographics/email domain to drive leads through a more tailored account-based marketing (ABM) experience.
• Reapply learnings from closed opportunities/wins to drive updates to buyer journey mapping and your ICP.

Frequently used acronyms

Works cited

Arora, Rajat. “Mining the Real Gems from you Data – Lead Scoring and Engagement Scoring.” LeadSquared, 27 Sept. 2014. Web.

Doyle, Jen. “2012 B2B Marketing Benchmark Report: Research and insights on attracting and converting the modern B2B buyer.” MarketingSherpa, 2012. Web.

Doyle, Jen, and Sergio Balegno. “2011 MarketingSherpa B2B Marketing Benchmark Survey: Research and Insights on Elevating Marketing Effectiveness from Lead Generation to Sales Conversion.” MarketingSherpa, 2011.

Kirkpatrick, David. “Lead Scoring: CMOs realize a 138% lead gen ROI … and so can you.” marketingsherpa blog, 26 Jan 2012. Web.

Moser, Jeremy. “Lead Scoring Is Important for Your Business: Here’s How to Create Scoring Model and Hand-Off Strategy.” BigCommerce, 25 Feb. 2019. Web.

Strawn, Joey. “Why Lead Scoring Is Important for B2Bs (and How You Can Implement It for Your Company.” IndustrialMarketer.com, 17 Aug. 2016. Web.

Annual CIO Survey Report 2024

An inaugural look at what's on the minds of CIOs.

1. Firmographics

• Region
• Title
• Organization Size
• IT Budget Size
• Industry

Firmographics

The majority of CIO responses came from North America. Contributors represent regions from around the world.

n=354

Firmographics

A typical CIO respondent held a C-level position at a small to mid-sized organization.

Half of CIOs hold a C-level position, 10% are VP-level, and 20% are director level

38% of respondents are from an organization with above 1,000 employees

Firmographics

A typical CIO respondent held a C-level position at a small to mid-sized organization.

40% of CIOs report an annual budget of more than $10 million

A range of industries are represented, with 29% of respondents in the public sector or financial services

2. Key Factors

• IT Maturity
• Disruptive Factors
• IT Spending Plans
• Talent Shortage

Two in three respondents say IT can deliver outcomes that Support or Optimize the business

Most CIOs are concerned with cybersecurity disruptions, and one in four expect a budget increase of above 10%

How likely is it that the following factors will disrupt your business in the next 12 months?

Looking ahead to 2024, how will your organization's IT spending change compared to spending in 2023?

3. Adoption of Emerging Technology

• Fastest growing tech for 2024 and beyond

CIOs plan the most new spend on AI in 2024 and on mixed reality after 2024

Top five technologies for new spending planned in 2024:

1. Artificial intelligence - 35%
2. Robotic process automation or intelligent process automation - 24%
3. No-code/low-code platforms - 21%
4. Data management solutions - 14%
5. Internet of Things (IoT) - 13%

Top five technologies for new spending planned after 2024:

1. Mixed reality - 20%
2. Blockchain - 19%
3. Internet of Things (IoT) - 17%
4. Robotics/drones - 16%
5. Robotic process automation or intelligent process automation - 14%

n=301

Info-Tech Insight
Three in four CIOs say they have no plans to invest in quantum computing, more than any other technology with no spending plans.

4. Adoption of AI

• Interest in generative AI applications
• Tasks to be completed with AI
• Progress in deploying AI

CIOs are most interested in industry-specific generative AI applications or text-based

Rate your business interest in adopting the following generative AI applications:

There is interest across all types of generative AI applications. CIOs are least interested in visual media generators, rating it just 2.4 out of 5 on average.

n=251

Info-Tech Insight
Examples of generative AI solutions specific to the legal industry include Litigate, CoCounsel, and Harvey.

By the end of 2024, CIOs most often plan to use AI for analytics and repetitive tasks

Most popular use cases for AI by end of 2024:

1. Business analytics or intelligence - 69%
2. Automate repetitive, low-level tasks - 68%
3. Identify risks and improve security - 66%
4. IT operations - 62%
5. Conversational AI or virtual assistants - 57%

Fastest growing uses cases for AI in 2024:

1. Automate repetitive, low-level tasks - 39%
2. IT operations - 38%
3. Conversational AI or virtual assistants - 36%
4. Business analytics or intelligence - 35%
5. Identify risks and improve security - 32%

n=218

Info-Tech Insight
The least popular use case for AI is to help define business strategy, with 45% saying they have no plans for it.

One in three CIOs are running AI pilots or are more advanced with deployment

How far have you progressed in the use of AI?

Info-Tech Insight
Almost half of CIOs say ChatGPT has been a catalyst for their business to adopt new AI initiatives.

5. AI Risk

• Perceived impact of AI
• Approach to third-party AI tools
• AI features in business applications
• AI governance and accountability

Six in ten CIOs say AI will have a positive impact on their organization

What overall impact do you expect AI to have on your organization?

The majority of CIOs are waiting for professional-grade generative AI tools

Which of the following best describes your organization's approach to third-party generative AI tools (such as ChatGPT or Midjourney)?

Info-Tech Insight
Business concerns over intellectual property and sensitive data exposure led OpenAI to announce ChatGPT won't use data submitted via its API for model training unless customers opt in to do so. ChatGPT users can also disable chat history to avoid having their data used for model training (OpenAI).

One in three CIOs say they are accountable for AI, and the majority are exploring it cautiously

Who in your organization is accountable for governance of AI?

More than one-third of CIOs say no AI governance steps are in place today

What AI governance steps does your organization have in place today?

Among organizations that plan to invest in AI in 2024, 30% still say there are no steps in place for AI governance. The most popular steps to take are to publish clear explanations about how AI is used, and to conduct impact assessments (n=170).

Among all CIOs, including those that do not plan to invest in AI next year, 37% say no steps are being taken toward AI governance today (n=243).

6. Contribute to Info-Tech's Research Community

• Volunteer to be interviewed
• Attend LIVE in Las Vegas

It's not too late; take the Future of IT online survey

Contribute to our tech trends insights

If you haven't already contributed to our Future of IT online survey, we are keeping the survey open to continue to collect insights and inform our research reports and agenda planning process. You can take the survey today. Those that complete the survey will be sent a complimentary Tech Trends 2024 report.

Complete an interview for the Future of IT research project

Help us chart the future course of IT

If you are receiving this for completing the Future of IT online survey, thank you for your contribution. If you are interested in further participation and would like to provide a complementary interview, please get in touch at brian.Jackson@infotech.com. All interview subjects must also complete the online survey.

If you've already completed an interview, thank you very much, and you can look forward to seeing more impacts of your contribution in the near future.

Methodology

All data in this report is from Info-Tech's Future of IT online survey 2023 edition.

A CIO focus for the Future of IT

Data in this report represents respondents to the Future of IT online survey conducted by Info-Tech Research Group between May 11 and July 7, 2023.

Only CIO respondents were selected for this report, defined as those who indicated they are the most senior member of their organization's IT department.

This data segment reflects 355 total responses with 239 completing every question on the survey.

Further data from the Future of IT online survey and the accompanying interview process will be featured in Info-Tech's Tech Trends 2024 report this fall and in forthcoming Priorities reports including Applications, Data & EA, CIO, Infrastructure, and Security.

What strategic, technical, and support implications should be considered in support of a move to VDI or DaaS?

Executive Summary

Insight

End-user experience is your #1 consideration

Virtual desktop infrastructure (VDI)/desktop as a service (DaaS) users expect their user experience to be at least equal to that provided by a physical PC, and they do not care about the underlying infrastructure. If the experience is less, then IT has failed in the considerations for VDI/ DaaS. In this research we analyze the data that the IT industry tracks but doesn't use or sometimes even look at regarding user experience (UX).

Identify the gaps in your IT resources that are critical to success

Understanding the strengths and weaknesses in your in-house technical skills and business requirements will assist you in making the right decision when it comes to VDI or DaaS solutions. In the case of DaaS this will include a managed service provider for small to medium-sized IT teams. Many IT teams lack a seasoned IT project manager who can identify gaps, risks, and weaknesses in the organization's preparedness. Redeploy your IT staff to new roles that impact management and monitoring of UX.

IT should think about VDI and DaaS solutions

Ultimately, IT needs to reduce its complexity, increase user satisfaction, reduce management and storage costs, and maintain a secure and effective environment for both the end user and the business. They must also ensure productivity standards throughout the considerations, strategically, tactically, and in support of a move to a VDI or DaaS solution.

Executive Summary

Info-Tech Insight

Every IT organization needs to be asking what success looks like. If you do not consider how your end user will be impacted, whether they are doing something as simple as holding a team meeting with voice and video or working with highly technical workloads on a virtual environment, you will run into multiple issues that affect end-user satisfaction, productivity, and adoption. Understand the tension metrics that may conflict with meeting business objectives and KPIs.

Voice of the customer

The enterprise end-user compute landscape is changing

Surveys are telling us a story

End-user KPI metrics are difficult to gather

Security is always quoted as a primary justification for VDI/DaaS, while UX is far down the list of KPIs. WHY? IT engineers use network and performance metrics to manage end-user complaints of “slowness,” which in reality is not what the user is experiencing. IT needs to invest in more meaningful metrics to manage end-user pain: Logon duration App load time App response time Session response time Graphic quality and responsiveness and latency Application availability and performance

(Source: Enterprise Strategy Group, 2020)

Dimensions of user experience

The dimensions of end-user experience can be broken down into four distinct categories that will impact not only the end user but also the business. Picturing your landscape in this framework will help clearly define your considerations when deciding on whether a VDI or DaaS solution is right for your business. We will investigate how these scenarios impact the end user, what that means, and how that can guide the questions that you are asking as you move to an RFP. Info-Tech Insight In the world of VDI and DaaS, if you do not get buy-in from the end user, the rate of adoption and the overall success of the implementation will prove difficult to measure. It will be impossible to calculate ROI even as you feel the impact of your TCO.

KPIs and metrics

Understand the types of end-user activities that are most likely to be reported as being slow. You need to know what storage, CPU, memory, and network resources are being used when the user performs those activities. In other words, what is the OS doing behind the scenes and what hardware is it using? Once you have determined which resources are being used by the various activities you will have to monitor the UX metrics to see which OS, network, storage, or server configuration issue is causing the performance issue that the user is reporting. What IT measures Most business KPI objectives concentrate on business goals, whether it be cost containment, security, simplification, ease of management, or centralization of apps and data, but rarely is there a KPI for end-user experience. You can’t fix what you can’t see. Putting a cost benefit to end-user satisfaction may come in the form of productivity. This may be a central reason why VDI has not been widely adopted as an architecture since it came to the marketplace more than 15 years ago.

VDI processes to monitor

Monitoring end-user metrics will mitigate the tension between business KPIs and end-user satisfaction

“If employees are the competitive edge and key differentiator for a business, I&O has a duty of care to ensure that the employees’ digital experience enables and does not impede the value of that asset.” (John Annand, Principal Director, Info-Tech Research Group)

The case for VDI today

Is security and data sovereignty the only reason?

“Though the desktops are moving to the cloud, accountability is not.” (Gary Bea, Director of Consulting Services and Technical Operations, Goliath Technologies)

The case for DaaS

Any device anywhere: key benefits of DaaS

Technical capability comparison

X as an endpoint client

From an end-user experience perspective, what makes sense in terms of usage and cost?

Security: on-premises versus cloud

Security decisions based on risk tolerance

• What is your risk tolerance? When deciding between VDI and DaaS, the first consideration is whether the business is better served with an on-premises or a cloud solution.
• Low risk tolerance: Considerer data sovereignty, complex compliance requirements, and data classification. For example, at the Pentagon, DoD requires heavy compliance with security and data sovereignty. DaaS cloud providers may be in a better position to respond to threats and attacks in a timely manner.
• Low risk tolerance: If the business mandates security tools that cannot be deployed in cloud solutions, VDI is a better solution.
• Low risk tolerance: Smaller businesses that don’t have resources with the expertise and skill set to handle security are better served in cloud. Security operations centers (SOCs) are more likely to present in large corporations.
• Low risk tolerance: When patching requires customization, for example in legacy applications, the ability to test patches is impacted, which may cause possible complications or failures.
• High risk tolerance: For cloud-based solutions, patching is taken out of the IT team’s hands, and testing is done against the complete cloud solution.

Info-Tech Insight

What is the better security posture and control plane? Clarify your stakeholders’ objectives, then see if VDI is an adequate solution.

Security needs for VDI and DaaS

• IDENTITY AND ACCESS MANAGEMENT — MFA, authorization, provisioning, SSO, identity federation, data owners, workflows, role-based access control (RBAC), user lifecycle management
• ENCRYPTION — TLS 1.3, and 256-bit, endpoint encryption, file encryption, AES, PKI, BitLocker
• DATA LOSS PREVENTION — Centralized policy management, sensitive data detection, HIPAA, GDPR
• ANTIVIRUS & PATCH MANAGEMENT — Group policy management, AV exclusions, anti-ransomware, keylogger mitigation
• DDoS protection — HTTP, UDP flood mitigation, content delivery network, always-on services
• ENDPOINT DETECTION & RESPONSE — Detect and react to advanced active attacks on endpoints

Activity

Define the virtual infrastructure solution for your end users

1. Define and build your value hypothesis/proposition
   1. What is the business case? Who is championing the investment?
   2. Identify the project management team and stakeholders.
   3. Set goals to be achieved based on value.
   4. Identify KPIs and metrics to measure success.
2. Identify use cases and personas
   1. Identify possible user friction (e.g. emotional, cognitive, interaction).
   2. Understand current infrastructure shortcomings/capabilities (e.g. network, security posture/tolerance, staffing needs, qualified technicians, end-user devices).
3. Articulate use cases into functional and nonfunctional requirements
   1. Separate must haves and nice to haves.
   2. Categorize requirements into identifiable functionality capabilities.
   3. Review your outputs and identify “gotchas” using the MECE (mutually exclusive, collectively exhaustive) principle.

Related Info-Tech Research

	Modernize and Transform Your End-User Computing Strategy Phase 3.2 of this research set covers virtual desktop infrastructure.
	Implement Desktop Virtualization and Transition to Everything as a Service Follow Info-Tech’s process for implementing the right desktop virtualization solution to create a project plan that will help ensure that you not only choose the right solution but also implement it effectively.
	Cloud Strategy Workbook Use this tool to assess cloud services (desktop-as-a-service).
	Desktop Virtualization TCO Calculator This tool is designed to help you understand what desktop virtualization looks like from a cost perspective.

Bibliography

Anderson, Joseph. “Five Ways VDI Will Grow in 2022 Thanks to Hybrid Work.” StratoDesk, 28 Feb. 2022. Web.

Bowker, Mark. “Are Desktops Doomed? Trends in Digital Workspaces, VDI, and DaaS.” ESG, May 2020. Web.

“The CISO's Dilemma: How Chief Information Security Officers Are Balancing Enterprise Endpoint Security and Worker Productivity in Response to COVID-19.” Hysolate, Oct. 2020. Web.

King, Val. “Why the End-User Experience Is Not Good for Your Remote Workforce .” Whitehat Virtual Technologies, 2 Dec. 2021. Web.

Perry, Yifat. “VDI vs DaaS: 5 Key Differences and 6 Leading Solutions.” NetApp, 26 Aug. 2020. Web.

Rigg, Christian. “Best virtual desktop services 2022.” TechRadar, 20 Jan. 2022 . Web.

Seget, Vladan. “Key metrics to consider when assessing the performance of your VDI/DaaS environment.” vladan.fr, 19 April 2021. Web.

Spruijt, Ruben. “Why Should You Care About VDI and Desktop-as-a-Service?” Nutanix, 28 Jan. 2020. Web.

Stowers, Joshua. “The Best Desktop as a Service (DaaS) Providers 2022.” business.com, 21 Dec. 2021. Web.

“Virtual Desktop Infrastructure(VDI) Market 2022.” MarketWatch, 5 Jan. 2022. Web. Press release.

Zamir, Tal. “VDI Security Best Practices: Busting the Myths.” Hysolate, 29 Nov. 2021. Web.

Zychowicz, Paul. “Why do virtual desktop deployments fail?” Turbonomic Blog, 16 Dec. 2016. Web.

Domino – Maintain, Commit to, or Vacate?

Lotus Domino still lives, and you have options for migrating away from or remaining with the platform.

Executive Summary

Info-Tech Insight

“HCL announced that they have somewhere in the region of 15,000 Domino customers worldwide, and also claimed that that number is growing. They also said that 42% of their customers are already on v11 of Domino, and that in the year or so since that version was released, it’s been downloaded 78,000 times. All of which suggests that the Domino platform is, in fact, alive and well.”
– Nigel Cheshire in Team Studio

Your Challenge

You have a Domino/Notes footprint embedded within your business units and business processes. This is taxing your support organization; you are meeting resistance from the business, and you are now asked to help the organization migrate away from the Lotus Notes platform. The Lotus Notes platform was long used by technology and businesses as a multipurpose solution that, over the years, became embedded within core business applications and processes.

Common Obstacles

For organizations that are struggling to understand their options for the Domino platform, the depth of business process usage is typically the biggest operational obstacle. Migrating off the Domino platform is a difficult option for most organizations due to business process and application complexity. In addition, migrating clients have to resolve the challenges with more than one replaceable solution.

Info-Tech Approach

The most common tactic is for the organization to better understand their Domino migration options and adopt an application rationalization strategy for the Domino applications entrenched within the business. Options include retiring, replatforming, migrating, or staying with your Domino platform.

Review

Is “Lotus” Domino still alive?

Problem statement

The number of member engagements with customers regarding the Domino platform has, as you might imagine, dwindled in the past couple of years. While many members have exited the platform, there are still many members and organizations that have entered a long exit program, but with how embedded Domino is in business processes, the migration has slowed and been met with resistance. Some organizations had replatformed the applications but found that the replacement target state was inadequate and introduced friction because the new solution was not a low-code/business-user-driven environment. This resulted in returning the Domino platform to production and working through a strategy to maintain the environment.

This research is designed for:

• IT strategic direction decision-makers
• IT managers responsible for an existing Domino platform
• Organizations evaluating migration options for mission-critical applications running on Domino

This research will help you:

1. Evaluate migration options.
2. Assess the fit and purpose.
3. Consider strategies for overcoming potential challenges.
4. Determine the future of this platform for your organization.

The “everything may work” scenario

Adopt and expand

Believe it or not, Domino and Notes are still options to consider when determining a migration strategy. With HCL still committed to the platform, there are options organizations should seek to better understand rather than assuming SharePoint will solve all. In our research, we consider:

Importance to current business processes

• Importance of use
• Complexity in migrations
• Choosing a new platform

Available tools to facilitate

• Talent/access to skills
• Economies of scale/lower cost at scale
• Access to technology

Info-Tech Insight

With multiple options to consider, take the time to clearly understand the application rationalization process within your decision making.

• Archive/retire
• Application migration
• Application replatform
• Stay right where you are

Eliminate your bias – consider the advantages

“There is a lot of bias toward Domino; decisions are being made by individuals who know very little about Domino and more importantly, they do not know how it impacts business environment.”

– Rob Salerno, Founder & CTO, Rivet Technology Partners

Domino advantages include:

Modern Cloud & Application

• No-code/low-code technology

Business-Managed Application

• Business written and supported
• Embrace the business support model
• Enterprise class application

Leverage the Application Taxonomy & Build

• A rapid application development platform
• Develop skill with HCL training

HCL Domino is a supported and developed platform

Why consider HCL?

• Consider scheduling a Roadmap Session with HCL. This is an opportunity to leverage any value in the mission and brand of your organization to gain insights or support from HCL.
• Existing Domino customers are not the only entities seeking certainty with the platform. Software solution providers that support enterprise IT infrastructure ecosystems (backup, for example) will also be seeking clarity for the future of the platform. HCL will be managing these relationships through the channel/partner management programs, but our observations indicate that Domino integrations are scarce.
• HCL Domino should be well positioned feature-wise to support low-code/NoSQL demands for enterprises and citizen developers.

Visualize Your Application Roadmap

1. Focus on the application portfolio and crafting a roadmap for rationalization.
   • The process is intended to help you determine each application’s functional and technical adequacy for the business process that it supports.
2. Document your findings on respective application capability heatmaps.
   • This drives your organization to a determination of application dispositions and provides a tool to output various dispositions for you as a roadmap.
3. Sort the application portfolio into a disposition status (keep, replatform, retire, consolidate, etc.)
   • This information will be an input into any cloud migration or modernization as well as consolidation of the infrastructure, licenses, and support for them.

Our external support perspective

by Darin Stahl

Member Feedback

• Some members who have remaining Domino applications in production – while the retire, replatform, consolidate, or stay strategy is playing out – have concerns about the challenges with ongoing support and resources required for the platform. In those cases, some have engaged external services providers to augment staff or take over as managed services.
• While there could be existing support resources (in house or on retainer), the member might consider approaching an external provider who could help backstop the single resource or even provide some help with the exit strategies. At this point, the conversation would be helpful in any case. One of our members engaged an external provider in a Statement of Work for IBM Domino Administration focused on one-time events, Tier 1/Tier 2 support, and custom ad hoc requests.
• The augmentation with the managed services enabled the member to shift key internal resources to a focus on executing the exit strategies (replatform, retire, consolidate), since the business knowledge was key to that success.
• The member also very aggressively governed the Domino environment support needs to truly technical issues/maintenance of known and supported functionality rather than coding new features (and increasing risk and cost in a migration down the road) – in short, freezing new features and functionality unless required for legal compliance or health and safety.
• There obviously are other providers, but at this point Info-Tech no longer maintains a market view or scan of those related to Domino due to low member demand.

Domino database assessments

Consider the database.

• Domino database assessments should be informed through the lens of a multi-value database, like jBase, or an object system.
• The assessment of the databases, often led by relational database subject matter experts grounded in normalized databases, can be a struggle since Notes databases must be denormalized.

Key/Value		Column
Use case: Heavily accessed, rarely updated, large amounts of data Data Model: Values are stored in a hash table of keys. Fast access to small data values, but querying is slow Processor friendly Based on amazon's Dynamo paper Example: Project Voldemort used by LinkedIn		Use case: High availability, multiple data centers Data Model: Storage blocks of data are contained in columns Handles size well Based on Google's BigTable Example: Hadoop/Hbase used by Facebook and Yahoo
Document		Graph
Use case: Rapid development, Web and programmer friendly Data Model: Stores documents made up of tagged elements. Uses Key/Value collections Better query abilities than Key/Value databases. Inspired by Lotus Notes. Example: CouchDB used by BBC		Use case: Best at dealing with complexity and relationships/networks Data model: Nodes and relationships. Data is processed quickly Inspired by Euler and graph theory Can easily evolve schemas Example: Neo4j

Understand your options

Archive/Retire

Store the application data in a long-term repository with the means to locate and read it for regulatory and compliance purposes.

Migrate

Migrate to a new version of the application, facilitating the process of moving software applications from one computing environment to another.

Replatform

Replatforming is an option for transitioning an existing Domino application to a new modern platform (i.e. cloud) to leverage the benefits of a modern deployment model.

Stay

Review the current Domino platform roadmap and understand HCL’s support model. Keep the application within the Domino platform.

Archive/retire

Retire the application, storing the application data in a long-term repository.

Abstract

The most common approach is to build the required functionality in whatever new application/solution is selected, then archive the old data in PDFs and documents.

Typically this involves archiving the data and leveraging Microsoft SharePoint and the new collaborative solutions, likely in conjunction with other software-as-a-service (SaaS) solutions.

Advantages

• Reduce support cost.
• Consolidate applications.
• Reduce risk.
• Reduce compliance and security concerns.
• Improve business processes.

Considerations

• Application transformation
• eDiscovery costs
• Legal implications
• Compliance implications
• Business process dependencies

Info-Tech Insights

Be aware of the costs associated with archiving. The more you archive, the more it will cost you.

Application migration

Migrate to a new version of the application

Abstract

An application migration is the managed process of migrating or moving applications (software) from one infrastructure environment to another.

This can include migrating applications from one data center to another data center, from a data center to a cloud provider, or from a company’s on-premises system to a cloud provider’s infrastructure.

Advantages

• Reduce hardware costs.
• Leverage cloud technologies.
• Improve scalability.
• Improve disaster recovery.
• Improve application security.

Considerations

• Data extraction, starting from the document databases in NSF format and including security settings about users and groups granted to read and write single documents, which is a powerful feature of Lotus Domino documents.
• File extraction, starting from the document databases in NSF format, which can contain attachments and RTF documents and embedded files.
• Design of the final relational database structure; this activity should be carried out without taking into account the original structure of the data in Domino files or the data conversion and loading, from the extracted format to the final model.
• Design and development of the target-state custom applications based on the new data model and the new selected development platform.

Application replatform

Transition an existing Domino application to a new modern platform

Abstract

This type of arrangement is typically part of an application migration or transformation. In this model, client can “replatform” the application into an off-premises hosted provider platform. This would yield many benefits of cloud but in a different scaling capacity as experienced with commodity workloads (e.g. Windows, Linux) and the associated application.

Two challenges are particularly significant when migrating or replatforming Domino applications:

• The application functionality/value must be reproduced/replaced with not one but many applications, either through custom coding or a commercial-off-the-shelf/SaaS solution.
• Notes “databases” are not relational databases and will not migrate simply to an SQL database while retaining the same business value. Notes databases are essentially NoSQL repositories and are difficult to normalize.

Advantages

• Leverage cloud technologies.
• Improve scalability.
• Align to a SharePoint platform.
• Improve disaster recovery.
• Improve application security.

Considerations

• Application replatform resource effort
• Network bandwidth
• New platform terms and conditions
• Secure connectivity and communication
• New platform security and compliance
• Degree of complexity

Info-Tech Insights

There is a difference between a migration and a replatform application strategy. Determine which solution aligns to the application requirements.

Stay with HCL

Stay with HCL, understanding its future commitment to the platform.

Abstract

Following the announced acquisition of IBM Domino and up until around December 2019, HCL had published no future roadmap for the platform. The public-facing information/website at the time stated that HCL acquired “the product family and key lab services to deliver professional services.” Again, there was no mention or emphasis on upcoming new features for the platform. The product offering on their website at the time stated that HCL would leverage its services expertise to advise clients and push applications into four buckets:

1. Replatform
2. Retire
3. Move to cloud
4. Modernize

That public-facing messaging changed with release 11.0, which had references to IBM rebranded to HCL for the Notes and Domino product – along with fixes already inflight. More information can be found on HCL’s FAQ page.

Advantages

• Known environment
• Domino is a supported platform
• Domino is a developed platform
• No-code/low-code optimization
• Business developed applications
• Rapid application framework

Understand your tools

Many tools are available to help evaluate or migrate your Domino Platform. Here are a few common tools for you to consider.

• SWING Software
  • Lotus Notes application archiving with Seascape for Notes: Seascape for Notes and Lotus Notes migration
  • Lotus Notes to SharePoint Migration
• Rivit MigrateMe
• SkyBow Notes to SharePoint
• CIMtrek: CIMtrek SharePoint Migrator and Migrating Lotus Notes Applications to the Cloud Using the CIMtrek migration tools [PDF]
• 4WS.Platform

Notes Archiving & Notes to SharePoint

Summary of Vendor

“SWING Software delivers content transformation and archiving software to over 1,000 organizations worldwide. Our solutions uniquely combine key collaborative platforms and standard document formats, making document production, publishing, and archiving processes more efficient.”*

Tools

Lotus Notes Data Migration and Archiving: Preserve historical data outside of Notes and Domino

Lotus Note Migration: Replacing Lotus Notes. Boost your migration by detaching historical data from Lotus Notes and Domino.

Headquarters

Croatia

Best fit

• Application archive and retire
• Migration to SharePoint

* swingsoftware.com

Domino Migration to SharePoint

Summary of Vendor

“Providing leading solutions, resources, and expertise to help your organization transform its collaborative environment.”*

Tools

Notes Domino Migration Solutions: Rivit’s industry-leading solutions and hardened migration practice will help you eliminate Notes Domino once and for all.

Rivive Me: Migrate Notes Domino applications to an enterprise web application

Headquarters

Canada

Best fit

• Application Archive & Retire
• Migration to SharePoint

* rivit.ca

Lotus Notes to M365

Summary of Vendor

“More than 300 organizations across 40+ countries trust skybow to build no-code/no-compromise business applications & processes, and skybow’s community of customers, partners, and experts grows every day.”*

Tools

SkyBow Studio: The low-code platform fully integrated into Microsoft 365

Headquarters:

Switzerland

Best fit

• Application Archive & Retire
• Migration to SharePoint

* skybow.com | About skybow

Notes to SharePoint Migration

Summary of Vendor

“CIMtrek is a global software company headquartered in the UK. Our mission is to develop user-friendly, cost-effective technology solutions and services to help companies modernize their HCL Domino/Notes® application landscape and support their legacy COBOL applications.”*

Tools

CIMtrek SharePoint Migrator: Reduce the time and cost of migrating your IBM® Lotus Notes® applications to Office 365, SharePoint online, and SharePoint on premises.

Headquarters

United Kingdom

Best fit

• Application replatform
• Migration to SharePoint

* cimtrek.com | About CIMtrek

Domino replatform/Rapid application selection framework

Summary of Vendor

“4WS.Platform is a rapid application development tool used to quickly create multi-channel applications including web and mobile applications.”*

Tools

4WS.Platform is available in two editions: Community and Enterprise.
The Platform Enterprise Edition, allows access with an optional support pack.

4WS.Platform’s technical support provides support services to the users through support contracts and agreements.

The platform is a subscription support services for companies using the product which will allow customers to benefit from the knowledge of 4WS.Platform’s technical experts.

Headquarters

Italy

Best fit

• Application replatform

* 4wsplatform.org

Activity

Understand your Domino options

Application Rationalization Exercise

Info-Tech Insight

Application rationalization is the perfect exercise to fully understand your business-developed applications, their importance to business process, and the potential underlying financial impact.

This activity involves the following participants:

• IT strategic direction decision-makers.
• IT managers responsible for an existing Domino platform
• Organizations evaluating platforms for mission-critical applications.

Outcomes of this step:

• Completed Application Rationalization Tool

Application rationalization exercise

Use this Application Rationalization Tool to input the outcomes of your various application assessments

In the Application Entry tab:

• Input your application inventory or subset of apps you intend to rationalize, along with some basic information for your apps.

In the Business Value & TCO Comparison tab, determine rationalization priorities.

• Input your business value scores and total cost of ownership (TCO) of applications.
• Review the results of this analysis to determine which apps should require additional analysis and which dispositions should be prioritized.

In the Disposition Selection tab:

• Add to or adapt our list of dispositions as appropriate.

In the Rationalization Inputs tab:

• Add or adapt the disposition criteria of your application rationalization framework as appropriate.
• Input the results of your various assessments for each application.

In the Disposition Settings tab:

• Add or adapt settings that generate recommended dispositions based on your rationalization inputs.

In the Disposition Recommendations tab:

• Review and compare the rationalization results and confirm if dispositions are appropriate for your strategy.

In the Timeline Considerations tab:

• Enter the estimated timeline for when you execute your dispositions.

In the Portfolio Roadmap tab:

• Review and present your roadmap and rationalization results.

Follow the instructions to generate recommended dispositions and populate an application portfolio roadmap.

Info-Tech Insight

Watch out for misleading scores that result from poorly designed criteria weightings.

Related Info-Tech Research

Build an Application Rationalization Framework

Manage your application portfolio to minimize risk and maximize value.

Embrace Business-Managed Applications

Empower the business to implement their own applications with a trusted business-IT relationship.

Satisfy Digital End Users With Low- and No-Code

Extend IT, automation, and digital capabilities to the business with the right tools, good governance, and trusted organizational relationships.

Maximize the Benefits from Enterprise Applications with a Center of Excellence

Optimize your organization’s enterprise application capabilities with a refined and scalable methodology.

Drive Successful Sourcing Outcomes With a Robust RFP Process

Leverage your vendor sourcing process to get better results.

Research Authors

Darin Stahl, Principal Research Advisor,
Info-Tech Research Group

Darin is a Principal Research Advisor within the Infrastructure practice, leveraging 38+ years of experience. His areas of focus include IT operations management, service desk, infrastructure outsourcing, managed services, cloud infrastructure, DRP/BCP, printer management, managed print services, application performance monitoring, managed FTP, and non-commodity servers (zSeries, mainframe, IBM i, AIX, Power PC).

Troy Cheeseman, Practice Lead,
Info-Tech Research Group

Troy has over 24 years of experience and has championed large enterprise-wide technology transformation programs, remote/home office collaboration and remote work strategies, BCP, IT DRP, IT operations and expense management programs, international right placement initiatives, and large technology transformation initiatives (M&A). Additionally, he has deep experience working with IT solution providers and technology (cloud) startups.

Research Contributors

Rob Salerno, Founder & CTO, Rivit Technology Partners

Rob is the Founder and Chief Technology Strategist for Rivit Technology Partners. Rivit is a system integrator that delivers unique IT solutions. Rivit is known for its REVIVE migration strategy which helps companies leave legacy platforms (such as Domino) or move between versions of software. Rivit is the developer of the DCOM Application Archiving solution.

Bibliography

Cheshire, Nigel. “Domino v12 Launch Keeps HCL Product Strategy On Track.” Team Studio, 19 July 2021. Web.

“Is LowCode/NoCode the best platform for you?” Rivit Technology Partners, 15 July 2021. Web.

McCracken, Harry. “Lotus: Farewell to a Once-Great Tech Brand.” TIME, 20 Nov. 2012. Web.

Sharwood, Simon. “Lotus Notes refuses to die, again, as HCL debuts Domino 12.” The Register, 8 June 2021. Web.

Woodie, Alex. “Domino 12 Comes to IBM i.” IT Jungle, 16 Aug. 2021. Web.

Manage Exponential Value Relationships

Are you ready to manage outcome-based agreements?

Analyst Perspective

Outcome-based agreements require a higher degree of mutual trust.

Exponential IT brings with it an exciting new world of cutting-edge technology and increasingly accelerated growth of business and IT. But adopting and driving change through this paradigm requires new capabilities to grow impactful and meaningful partnerships with external vendors who can help implement technologies like artificial intelligence and virtual reality. Building outcome-based partnerships involves working very closely with vendors who, in many cases, will have just as much to lose as the organizations implementing these new technologies. This requires a greater degree of trust between parties than a standard vendor relationship. It also drastically increases the risks to both organizations; as each loses some control over data and outcomes, they must trust that the other organization will follow through on commitments and obligations. Outcome-based partnerships build upon traditional vendor management practices and create the potential for organizations to embrace emerging technology in new ways. Kim Osborne Rodriguez Research Director, CIO Advisory Info-Tech Research Group

Executive Summary

Info-Tech Insight

Outcome-based partnerships require a higher degree of trust than traditional vendor relationships. Build trust by sharing risks and rewards.

Vendor relationships can be worth billions of dollars

Positive vendor relationships directly impact the bottom line, sometimes to the tune of billions of dollars annually.

• Organizations typically spend 40% to 80% of their total budget on external suppliers.
• Greater supplier trust translates directly to greater business profits, even in traditional vendor relationships.1
• Based on over a decade of data from vehicle manufacturers, greater supplier relationships nearly doubled the unit profit margin on vehicles, contributing over $20 billion to Toyota’s annual profits based on typical sales volume.2
• Having positive vendor relationships can be instrumental in times of crisis – when scarcity looms, vendors often choose to support their best customers.3,4 For example, Toyota protected itself from the losses many original equipment manufacturers (OEMs) faced in 2020 and showed improved profitability that year due to increased demand for vehicles which it was able to supply as a result of top-ranked vendor relationships.

1 PR Newswire, 2022.
2 Based on 10 years of data comparing Toyota and Nissan, every 1-point increase in the company’s Working Relations Index was correlated with a $15.77 net profit increase per unit. Impact on Toyota annual profits is based on 10.5 million units sold in 2021 and 2022.
3 Interview with Renee Stanley, University of Texas at Arlington. Conducted 17 May 2023.
4 Plante Moran, 2020.

Sources: Macrotrends, Plante Moran 2022, Nissan 2022 and 2023, and Toyota 2022. Profit per car is based on total annual profit divided by total annual sales volume.

Outcome-based relationships are a new paradigm

In a new model where organizations are procuring autonomous capabilities, outcomes will govern vendor relationships.

An outcome-based relationship requires a higher level of mutual trust than traditional vendor relationships. This requires shared reward and shared risk.

Don’t forget about traditional vendor management relationships! Not all vendor relationships can (or should) be outcome-based.

Case study

INDUSTRY: Technology

SOURCE: Press Release

Microsoft and OpenAI partner on Azure, Teams, and Microsoft Office suite

In January 2023, Microsoft announced a $10 billion investment in OpenAI, allowing OpenAI to continue scaling its flagship large language model, ChatGPT, and giving Microsoft first access to deploy OpenAI’s products in services like GitHub, Microsoft Office, and Microsoft Teams.

Shared risk

Issues with OpenAI’s platforms could have a debilitating effect on Microsoft’s own reputation – much like Google’s $100 billion stock loss following a blunder by its AI platform Bard – not to mention the financial loss if the platform does not live up to the hype.

Shared reward

This was a particularly important strategic move by Microsoft, as its main competitors develop their own AI models in a race to the top. This investment also gave OpenAI the resources to continue scaling and evolving its services much faster than it would be capable of on its own. If OpenAI’s products succeed, there is a significant upside for both companies.

Adapt your approach to vendor relationships

Both traditional vendors and exponential relationships are important.

Use Info-Tech’s research to Jump Start Your Vendor Management Initiative.

Common obstacles

Exponential relationships require new approaches to vendor management as businesses autonomize:

• Autonomization refers to the shift toward autonomous business capabilities which leverage technologies such as AI and quantum computing to operate independently of human interaction.
• The speed and complexity of technology advancement requires that businesses move quickly and confidently to develop strong relationships and deliver value.
• We are seeing businesses shift from procuring products and services to procuring autonomous business capabilities (sometimes called “as a service,” or aaS). This shift can drive exponential value but also increases complexity and risk.
• Exponential IT requires a shift in emphasis toward more mature relationship and risk management strategies, compared to traditional vendor management.

The shift from technology service agreements to business capability agreements needs a new approach

Eighty-seven percent of organizations are currently experiencing talent shortages or expect to within a few years.

Source: McKinsey, “Mind the [skills] gap”, 2021.

Sixty-three percent of IT leaders plan to implement AI in their organizations by the end of 2023.

Source: Info-Tech Research Group survey, 2022

Insight summary

Assess your readiness for exponential value relationships

Key deliverable:

Exponential Relationships Readiness Assessment

Determine your readiness to build exponential value relationships.

Measure the value of this blueprint

Save thousands of dollars by leveraging this research to assess your readiness, before you lose millions from a relationship gone bad.

Our research indicates that most organizations would take months to prepare this type of assessment without using our research. That’s over 80 person-hours spent researching and gathering data to support due diligence, for a total cost of thousands of dollars. Doesn’t your staff have better things to do?

Start by answering a few brief questions, then return to this slide at the end to see how much your answers have changed.

Use Info-Tech’s research to Exponential Relationships Readiness Assessment.

Establish a baseline

Gauge the effectiveness of this research by asking yourself the following questions before and after completing your readiness assessment:

How to use this research

Five tips to get the most out of your readiness assessment.

1. Each category consists of five competencies, with a maximum of five points each. The maximum score on this assessment is 100 points.
2. Effectiveness levels range from basic (level 1) to advanced (level 5). Level 1 is generally considered the baseline for most effectively operating organizations. If your organization is struggling with level 1 competencies, it is recommended to improve maturity in those areas before pursuing exponential relationships.
3. This assessment is qualitative; complete the assessment to the best of your ability, based on the scoring rubric provided. If you fall between levels, use the lower one in your assessment.
4. The scoring rubric may not perfectly fit the processes and practices within every organization. Consider the spirit of the description and score accordingly.
5. Other industry- and region-specific competencies may be required to succeed at exponential relationships. The competencies in this assessment are a starting point, and internal validation and assessments should be conducted to uncover additional competencies and skills.

Financial management

Manage your budget and spending to stay on track throughout your relationship.

“Most organizations underestimate the amount of time, money, and skill required to build and maintain a successful relationship with another organization. The investment in exponential relationships is exponential in itself – as are the returns.”

– Jennifer Perrier, Principal Research Director,
Info-Tech Research Group

This step involves the following participants:

• Executive leadership team, including CIO
• CFO
• Vendor management leader
• Other internal stakeholders of vendor relationships

Activities:

• Assess your ability to manage scope and budget in exponential IT relationships.

Successfully manage complex finances

Stay on track and keep your relationship running smoothly.

Why is this important?

• Finance is at the core of most business – it drives decision making, acts as a constraint for innovation and optimization, and plays a key role in assessing options (such as return on investment or payback period).
• Effectively managing finances is a critical success factor in developing strong relationships. Each organization must be able to manage their own budget and spending in order to balance the risk and reward in the relationship. Often, these risks and rewards will come in the form of profit and loss or revenue and spend.

Build it into your practice:

1. Ensure your financial decision-making practices are aligned with the organizational and relationship strategy. Do metrics and criteria reflect the organization’s goals?
2. Develop strong accounting and financial analysis practices – this includes the ability to conduct financial due diligence on potential vendors.
3. Develop consistent methodology to track and report on the desired outcomes on a regular basis.

Build your ability to manage finances

The five competencies needed to manage finances in exponential value relationships are:

Relationship management

Drive exponential value by becoming a customer of choice.

“The more complex the business environment becomes — for instance, as new technologies emerge or as innovation cycles get faster — the more such relationships make sense. And the better companies get at managing individual relationships, the more likely it is that they will become “partners of choice” and be able to build entire portfolios of practical and value-creating partnerships.”

(“Improving the management of complex business partnerships.” McKinsey, 2019)

This step involves the following participants:

• Executive leadership team, including CIO
• Vendor management leader
• Other internal stakeholders of vendor relationships

Activities:

• Assess your ability to manage relationships in exponential IT relationships.

Take your relationships to the next level

Maintaining positive relationships is key to building trust.

Why is this important?

• All relationships will experience challenges, and the ability to resolve these issues will rely heavily on the relationship management skills and soft skills of the leadership within each organization.
• Based on a 20-year study of vendor relationships in the automotive sector, business-to-business trust is a function of reasonable demands, follow-through, and information sharing.

(Source: Plante Moran, 2020)

Build it into your practice:

1. Develop the soft skills necessary to promote psychological safety, growth mindset, and strong and open communication channels.
2. Be smart about sharing information – you don’t need to share everything, but being open about relevant information will enhance trust.
3. Both parties need to work hard to develop trust necessary to build a true relationship. This will require increased access to decision-makers, clearly defined guardrails, and the ability for unsatisfied parties to leave.

Build your ability to manage relationships

The five competencies needed to manage relationships in exponential partnerships are:

Performance management

Outcomes management focuses on results, not methods.

According to Jennifer Robinson, senior editor at Gallup, “This approach focuses people and teams on a concrete result, not the process required to achieve it. Leaders define outcomes and, along with managers, set parameters and guidelines. Employees, then, have a high degree of autonomy to use their own unique talents to reach goals their own way.” (Forbes, 2023)

In the context of exponential relationships, vendors can be given a high degree of autonomy provided they meet their objectives.

This step involves the following participants:

• Executive leadership team, including CIO
• Vendor management leader
• Other internal stakeholders of vendor relationships

Activities:

• Assess your ability to manage outcomes in exponential IT relationships.

Manage outcomes to drive mutual success

Build trust by achieving shared objectives.

Why is this important?

• Relationships are based on shared risk and shared reward for all parties. In order to effectively communicate the shared rewards, you must first understand and communicate your objectives for the relationship, then measure outcomes to ensure all parties are benefiting.
• Effectively managing outcomes reduces the risk that one party will choose to leave based on a perception of benefits not being achieved. Parties may still leave the agreement, but decisions should be based on shared facts and issues should be communicated and addressed early.

Build it into your practice:

1. Clearly articulate what you hope to achieve by entering an outcome-based relationship. Each party should outline and agree to the goals, objectives, and desired outcomes from the relationship.
2. Document how rewards will be shared among parties. What type of rewards are anticipated? Who will benefit and how?
3. Develop consistent methodology to track and report on the desired outcomes on a regular basis. This might consist of a vendor scorecard or a monthly meeting.

Build your ability to manage outcomes

The five competencies needed to manage outcomes in exponential value relationships are:

Risk management

Exponential IT means exponential risk – and exponential rewards.

One of the key differentiators between traditional vendor relationships and exponential relationships is the degree to which risk is shared between parties. This is not possible in all industries, which may limit companies’ ability to participate in this type of exponential relationship.

This step involves the following participants:

• Executive leadership team, including CIO
• Vendor management leader
• Risk management leader
• Other internal stakeholders of vendor relationships

Activities:

• Assess your ability to manage risk in exponential IT relationships.

Relationships come with a lot of hidden risks

Successfully managing complex risks can be the difference between a spectacular success and company-ending failure.

Why is this important?

• Relationships inherently involve a loss of control. You are relying on another party to fulfill their part of the agreement, and you depend on the success of the outcome. Loss of control comes with significant risks.
• Sharing in risk is what differentiates an outcome-based relationship from a traditional vendor relationship; vendors must have skin in the game.
• Organizations must consider many different types of risk when considering a relationship with a vendor: fraud, security, human rights, labor relations, ESG, and operational risks. Remember that risk is not inherently bad; some risk is necessary.

Build it into your practice:

1. Build or hire the necessary risk expertise needed to properly assess and evaluate the risks of potential vendor relationships. This includes intellectual property, ESG, legal/regulatory, cybersecurity, data security, and more.
2. Develop processes and procedures which clearly communicate and report on risk on a regular basis.

Info-Tech Insight

Some highly regulated industries (such as finance) are prevented from transferring certain types of risk. In these industries, it may be much more difficult to form vendor relationships.

Don’t forget about third-party ESG risk

Customers care about ESG. You should too.

Protect yourself against third-party ESG risks by considering the environmental and social impacts of your vendors.

Third-party ESG risks can include the following:

• Environmental risk: Vendors with unsustainable practices such as carbon emissions or waste generation of natural resource depletion can negatively impact the organization’s environmental goals.
• Social risk: Unsafe or illegal labor practices, human rights violations, and supply chain management issues can reflect negatively on organizations that choose to work with vendors who engage in such practices.
• Governance risk: Vendors who engage in illegal or unethical behaviors, including bribery and corruption or data and privacy breaches can impact downstream customers.

Working with vendors that have a poor record of ESG carries a very real reputational risk for organizations who do not undertake appropriate due diligence.

A global survey of nearly 14,000 customers revealed that…

Source: EY Future Consumer Index, 2021

Seventy-seven percent of customers believe companies have a responsibility to manufacture sustainably.

Sixty-eight percent of customers believe businesses should ensure their suppliers meet high social and environmental standards.

Fifty-five percent of customers consider the environmental impact of production in their purchasing decisions.

Build your ability to manage risk

The five competencies needed to manage risk in exponential value relationships are:

Contract management

Contract management is a critical part of vendor management.

Well-managed contracts include clearly defined pricing, performance-based outcomes, clear roles and responsibilities, and appropriate remedies for failure to meet requirements. In outcome-based relationships, contracts are generally used as a secondary method of enforcing performance, with relationship management being the primary method of addressing challenges and ensuring performance.

This step involves the following participants:

• Executive leadership team, including CIO
• Vendor management leader
• Risk management leader
• Other internal stakeholders of vendor relationships

Activities:

• Assess your ability to manage risk in exponential IT relationships.

Build your ability to manage contracts

The five competencies needed to manage contracts in exponential value relationships are:

Activity 1: Assess your readiness for exponential relationships

1-3 hours

1. Gather key stakeholders from across your organization to participate in the readiness assessment exercise.
2. As a group, review the core competencies from the previous four sections and determine where your organization’s effectiveness lies for each competency. Record your responses in the Exponential Relationships Readiness Assessment tool.

Download the Exponential Relationships Readiness Assessment tool.

Understand your assessment

This step involves the following participants:

• Executive leadership team, including CIO
• Vendor management leader
• Other internal stakeholders of vendor relationships

Activities:

• Create an action plan.

Understand the results of your assessment

Consider the following recommendations based on your readiness assessment scores:

• The chart to the right shows sample results. The bars indicate the recommended scores, and the line indicates the readiness score.
• Three or more categories below the recommended scores, or any categories more than five points below the recommendation: outcome-based relationships are not recommended at this time.
• Two or more categories below the recommended scores: Proceed with caution and limit outcome-based relationships to low-risk areas. Continue to mature capabilities.
• One category below the recommended scores: Evaluate the risks and benefits before engaging in higher-risk vendor relationships. Continue to mature capabilities.
• All categories at or above the recommended scores: You have many of the core capabilities needed to succeed at exponential relationships! Continue to evaluate and refine your vendor relationships strategy, and identify any additional competencies needed based on your industry or region.

Activity 2: Create an action plan

1 hour

1. Gather the stakeholders who participated in the readiness assessment exercise.
2. As a group, review the results of the readiness assessment. Where there any surprise? Do the results reflect your understanding of the organization’s maturity?
3. Determine which areas are likely to limit the organization’s relationship capability, based on lowest scoring areas and relative importance to the organization.
4. Break out into groups and have each group identify three actions the organization could take to mature the lowest scoring areas.
5. Bring the group back together and prioritize the actions. Note who will be accountable for each next step.

Related Info-Tech Research

Jump Start Your Vendor Management Initiative
Create and implement a vendor management framework to begin obtaining measurable results in 90 days.

Elevate Your Vendor Management Initiative
Transform your VMI from tactical to strategic to maximize its impact and value

Evaluate Your Vendor Account Team to Optimize Vendor Relations
Understand the value of knowing your account team’s influence in the organization, and your influence, to drive results.

Related Info-Tech Research

Build an IT Risk Management Program
Mitigate the IT risks that could negatively impact your organization.

Build an IT Budget
Effective IT budgets are more than a spreadsheet. They tell a story.

Adopt an Exponential IT Mindset
Thrive through the next paradigm shift..

Author

Kim Osborne Rodriguez Research Director, CIO Advisory Info-Tech Research Group

Kim is a professional engineer and Registered Communications Distribution Designer (RCDD) with over a decade of experience in management and engineering consulting spanning healthcare, higher education, and commercial sectors. She has worked on some of the largest hospital construction projects in Canada, from early visioning and IT strategy through to design, specifications, and construction administration. She brings a practical and evidence-based approach, with a track record of supporting successful projects. Kim holds a Bachelor’s degree in Honours Mechatronics Engineering and an option in Management Sciences from the University of Waterloo.

Research Contributors and Experts

	Jack Hakimian Senior Vice President Info-Tech Research Group Jack has more than 25 years of technology and management consulting experience. He has served multibillion-dollar organizations in multiple industries including financial services and telecommunications. Jack also served several large public sector institutions. He is a frequent speaker and panelist at technology and innovation conferences and events and holds a Master’s degree in Computer Engineering as well as an MBA from the ESCP-EAP European School of Management.		Michael Tweedie Practice Lead, CIO Strategy Info-Tech Research Group Mike Tweedie brings over 25 years as a technology executive. He’s led several large transformation projects across core infrastructure, application and IT services as the head of Technology at ADP Canada. He was also the Head of Engineering and Service Offerings for a large French IT services firm, focused on cloud adoption and complex ERP deployment and management. Mike holds a Bachelor’s degree in Architecture from Ryerson University.
	Scott Bickley Practice Lead, VCCO Info-Tech Research Group Scott Bickley is a Practice Lead & Principal Research Director at Info-Tech Research Group, focused on Vendor Management and Contract Review. He also has experience in the areas of IT Asset Management (ITAM), Software Asset Management (SAM), and technology procurement along with a deep background in operations, engineering, and quality systems management. Scott holds a B.S. in Justice Studies from Frostburg State University. He also holds active IAITAM certification designations of CSAM and CMAM and is a Certified Scrum Master (SCM).		Donna Bales Principal Research Director Info-Tech Research Group Donna Bales is a Principal Research Director in the CIO Practice at Info-Tech Research Group, specializing in research and advisory services in IT risk, governance, and compliance. She brings over 25 years of experience in strategic consulting and product development and has a history of success in leading complex, multistakeholder industry initiatives. Donna has a bachelor’s degree in economics from the University of Western Ontario.

Research Contributors and Experts

Jennifer Perrier Principal Research Director Info-Tech Research Group Jennifer has 25 years of experience in the information technology and human resources research space, joining Info-Tech in 1998 as the first research analyst with the company. Over the years, she has served as a research analyst and research manager, as well as in a range of roles leading the development and delivery of offerings across Info-Tech’s product and service portfolio, including workshops and the launch of industry roundtables and benchmarking. She was also Research Lead for McLean & Company, the HR advisory division of Info-Tech, during its start-up years. Jennifer’s research expertise spans the areas of IT strategic planning, governance, policy and process management, people management, leadership, organizational change management, performance benchmarking, and cross-industry IT comparative analysis. She has produced and overseen the development of hundreds of publications across the full breadth of both the IT and HR domains in multiple industries. In 2022, Jennifer joined Info-Tech’s IT Financial Management Practice with a focus on developing financial transparency to foster meaningful dialogue between IT and its stakeholders and drive better technology investment decisions.

Phil Bode Principal Research Director Info-Tech Research Group Phil has 30+ years of experience with IT procurement-related topics: contract drafting and review, negotiations, RFXs, procurement processes, and vendor management. Phil has been a frequent speaker at conferences, a contributor to magazine articles in CIO Magazine and ComputerWorld, and quoted in many other magazines. He is a co-author of the book The Art of Creating a Quality RFP. Phil has a Bachelor of Science in Business Administration with a double major of Finance and Entrepreneurship and a Bachelor of Science in Business Administration with a major of Accounting, both from the University of Arizona.

Research Contributors

Erin Morgan Assistant Vice President, IT Administration University of Texas at Arlington

Renee Stanley Assistant Director IT Procurement and Vendor Management University of Texas at Arlington

Note: Additional contributors did not wish to be identified.

Bibliography

Andrea, Dave. “Plante Moran’s 2022 Working Relations Index® (WRI) Study shows supplier relations can improve amid industry crisis.” Plante Moran, 25 Aug 2022. Accessed 18 May 2023.
Andrea, Dave. “Trust between suppliers and OEMs can better prepare you for the next crisis.” Plante Moran, 9 Sept 2020. Accessed 17 May 2023.
Cleary, Shannon, and Carolan McLarney. “Organizational Benefits of an Effective Vendor Management Strategy.” IUP Journal of Supply Chain Management, Vol. 16, Issue 4, Dec 2019.
De Backer, Ruth, and Eileen Kelly Rinaudo. “Improving the management of complex business partnerships.” McKinsey, 21 March 2019. Accessed 9 May 2023 .
Dennean, Kevin et al. “Let's chat about ChatGPT.” UBS, 22 Feb 2023. Accessed 26 May 2023.
F&I Tools. “Nissan Worldwide Vehicle Sales Report.” Factory Warranty List, 2022. Accessed 18 May 2023.
Gomez, Robin. “Adopting ChatGPT and Generative AI in Retail Customer Service.” Radial, 235, April 2023. Accessed 10 May 2023.
Harms, Thomas and Kristina Rogers. “How collaboration can drive value for you, your partners and the planet.” EY, 26 Oct 2021. Accessed 10 May 2023.
Hedge & Co. “Toyota, Honda finish 1-2; General Motors finishes at 3rd in annual Supplier Working Relations Study.” PR Newswire, 23 May 2022. Accessed 17 May 2023.
Henke Jr, John W., and T. Thomas. "Lost supplier trust, lost profits." Supply Chain Management Review, May 2014. Accessed 17 May 2023.
Information Services Group, Inc. “Global Demand for IT and Business Services Continues Upward Surge in Q2, ISG Index™ Finds.” BusinessWire, 7 July 2021. Accessed 8 May 2023.
Kasanoff, Bruce. “New Study Reveals Costs Of Bad Supplier Relationships.” Forbes, 6 Aug 2014. Accessed 17 May 2023.
Macrotrends. “Nissan Motor Gross Profit 2010-2022.” Macrotrends. Accessed 18 May 2023.
Macrotrends. “Toyota Gross Profit 2010-2022.” Macrotrends. Accessed 18 May 2023.
McKinsey. “Mind the [skills] gap.” McKinsey, 27 Jan 2021. Accessed 18 May 2023.
Morgan, Blake. “7 Examples of How Digital Transformation Impacted Business Performance.” Forbes, 21 Jul 2019. Accessed 10 May 2023.
Nissan Motor Corporation. “Nissan reports strong financial results for fiscal year 2022.” Nissan Global Newsroom, 11 May 2023. Accessed 18 May 2023.

Bibliography

“OpenAI and Microsoft extend partnership.” Open AI, 23 Jan 2023. Accessed 26 May 2023.
Pearson, Bryan. “The Apple Of Its Aisles: How Best Buy Lured One Of The Biggest Brands.“ Forbes, 23 Apr 2015. Accessed 23 May 2023.
Perifanis, Nikolaos-Alexandros and Fotis Kitsios. “Investigating the Influence of Artificial Intelligence on Business Value in the Digital Era of Strategy: A Literature Review.” Information, 2 Feb 2023. Accessed 10 May 2023.
Scott, Tim and Nathan Spitse. “Third-party risk is becoming a first priority challenge.” Deloitte. Accessed 18 May 2023.
Stanley, Renee. Interview by Kim Osborne Rodriguez, 17 May 2023.
Statista. “Toyota's retail vehicle sales from 2017 to 2021.” Statista, 27 Jul 2022. Accessed 18 May 2023.
Tlili, Ahmed, et al. “What if the devil is my guardian angel: ChatGPT as a case study of using chatbots in education.” Smart Learning Environments, 22 Feb 2023. Accessed 9 May 2023.
Vitasek, Kate. “Outcome-Based Management: What It Is, Why It Matters And How To Make It Happen.” Forbes, 12 Jan 2023. Accessed 9 May 2023.

Prevent Data Loss Across Cloud and Hybrid Environments

Leverage existing tools and focus on the data that matters most to your organization.

Analyst Perspective

Data loss prevention is an additional layer of protection

Driven by reduced operational costs and improved agility, the migration to cloud services continues to grow at a steady rate. A recent report by Palo Alto Networks indicates workload in the cloud increased by 13% last year, and companies are expecting to move an additional 11% of their workload to the cloud in the next 24 months1.

However, moving to the cloud poses unique challenges for cyber security practitioners. Cloud services do not offer the same level of management and control over resources as traditional IT approaches. The result can be reduced visibility of data in cloud services and reduced ability to apply controls to that data, particularly data loss prevention (DLP) controls.

It’s not unusual for organizations to approach DLP as a point solution. Many DLP solutions are marketed as such. The truth is, DLP is a complex program that uses many different parts of an organization’s security program and architecture. To successfully implement DLP for data in the cloud, an organization should leverage existing security controls and integrate DLP tools, whether newly acquired or available in cloud services, with its existing security program.

Bob Wilson
CISSP
Research Director, Security and Privacy
Info-Tech Research Group

Executive Summary

Info-Tech Insight

Data loss prevention is the outcome of a well-designed strategy that incorporates multiple, sometimes disparate, tools within your existing security program.

Your challenge

Protecting data is a critical responsibility for organizations, no matter where it is located.

45% of breaches occurred in the cloud (“Cost of a Data Breach 2022,” IBM Security, 2022).

It can take upwards of 12 weeks to identify and contain a breach (“Cost of a Data Breach 2022,” IBM Security, 2022).

• Compliance obligations will require organizations to protect certain data.
• All data states can exist in the cloud, and each state provides a unique opportunity for data loss.
• Insider threats, whether intentional or not, are especially challenging for organizations. It’s necessary to prevent illicit data use while still allowing work to happen.

Info-Tech Insight

Data loss prevention doesn’t depend on a single tool. Many of the leading cloud service providers offer DLP controls with their services and these controls should be considered.

Common obstacles

As organizations increasingly move data into the cloud, their environments become more complex and vulnerable to insider threats

• It’s not uncommon for an organization not to know what data they use, where that data exists, or how they are supposed to protect it.
• Cloud systems, especially software as a service (SaaS) applications, may not provide much visibility into how that data is stored or protected.
• Insider threats are a primary concern, but employees must be able to access data to perform their duties. It isn’t always easy to strike a balance between adequate access and being too restrictive with controls.

Insider threats are a significant concern

Info-Tech Insight

An insider threat management (ITM) program focuses on the user. DLP programs focus on the data.

Insight summary

DLP is not just a single tool. It’s an additional layer of security that depends on different components of your security program, and it requires time and effort to mature.

Organizations should leverage existing security architecture with the DLP controls available in the cloud services they use.

Data loss prevention is not a point solution

Data loss prevention is the outcome of a well-designed strategy that incorporates multiple, sometimes disparate tools within your existing security program.

Prioritize data

Start with the data that matters most to your organization.

Define an objective

Having a clearly defined objective will make implementing a DLP program much easier.

DLP is a layer

Data loss prevention is not foundational, and it depends on many other parts of a mature information security program.

The low hanging fruit is sweet

Start your DLP implementation with a quick win in mind and build on small successes.

DLP is a work multiplier

Your organization must be prepared to investigate alerts and respond to incidents.

Prevent data loss across cloud or hybrid environments

Data loss prevention is not a point solution.
It’s the outcome of a well-designed strategy that incorporates multiple, sometimes disparate tools within your existing security program.

Info-Tech Insight

Leverage existing security tools where possible.

Data loss prevention (DLP) overview

DLP is an additional layer of security.

DLP is a set of technologies and processes that provides additional data protection by identifying, monitoring, and preventing data from being illicitly used or transmitted.

DLP depends on many components of a mature security program, including but not limited to:

• Acceptable use policy
• Data classification policy and data handling guidelines
• Identity and access management

DLP is achieved through some or all of the following tactics:

• Identify: Data is detected using policies, rules, and patterns.
• Monitor: Data is flagged and data activity is logged.
• Prevent: Action is taken on data once it has been detected.

Info-Tech Insight

DLP is not foundational. Your information security program needs to be moderately mature to support a DLP strategy.

DLP approaches and methods

DLP uses a handful of techniques to achieve its tactics:

• Policy and access rights: Limits access to data based on user permissions or other contextual attributes.
• Isolation or virtualization: Data is isolated in an environment with channels for data leakage made unavailable.
• Cryptographic approach: Data is encrypted.
• Quantifying and limiting: Use or transfer of data is restricted by quantity.
• Social and behavioral analysis: The DLP system detects anomalous activity, such as users accessing data outside of business hours.
• Pattern matching: Data content is analyzed for specific patterns.
• Data mining and text clustering: Large sets are analyzed, typically with machine learning (ML), to identify patterns.
• Data fingerprinting: Data files are matched against a pre-calculated hash or based on file contents.
• Statistical Analysis: Data content is analyzed for sensitive data. Usually involves machine learning.

DLP has two primary approaches for applying techniques:

• Content-based: Data is identified through inspecting its content. Fingerprinting and pattern matching are examples of content-based methods.
• Context-based: Data is identified based on its situational or contextual attributes. Some factors that may be used are source, destination, and format.

Some DLP tools use both approaches.

Info-Tech Insight

Different DLP products will support different methods. It is important to keep these in mind when choosing a DLP solution.

Start by defining your data

Define data by answering the 5 “W”s

Who? Who owns the data? Who needs access? Who would be impacted if it was lost?
What? What data do you have? What type of data is it? In what format does it exist?
When? When is the data generated? When is it used? When is it destroyed?
Where? Where is the data stored? Where is it generated? Where is it used?
Why? Why is the data needed?

Use what you discover about your data to create a data inventory!

Compliance requirements

Compliance requirements often dictate what must be done to manage and protect data and vary from industry to industry.

Some examples of compliance requirements to consider:

• Healthcare - Health Insurance Portability and Accountability Act (HIPAA)
• Financial Services - Gramm-Leach-Bliley Act (GLBA)
• Payment Card Industry Data Security Standards (PCI DSS)

Info-Tech Insight

Why is especially important. If you don’t need a specific piece of data, dispose of it to reduce risk and administrative overhead related to maintaining or protecting data.

Classify your data

Data classification facilitates making decisions about how data is treated.

Data classification is a process by which data is categorized.

• The classifications are often based on the sensitivity of the data or the impact a loss or breach of that data would have on the organization.
• Data classification facilitates decisions about data handling and how information security controls are implemented. Instead of considering many different types of data individually, decisions are based on a handful of classification levels.
• A mature data classification should include a formalized policy, handling standards, and a steering committee.

Refer to our Discover and Classify Your Data blueprint for guidance on data classification.

Sample data classification schema

Info-Tech Insight

Data classification should be implemented as a continuous program, not a one-time project.

Understand data risk

Knowing where and how your data is at risk will inform your DLP strategy.

Data exists in three states, and each state presents different opportunities for risk. Different DLP methodologies will be appropriate for different states.

Data states

In use

• End-user devices
• Mobile devices
• Servers

In motion

• Cloud services
• Email
• Web/web apps
• Instant messaging
• File transfers

At rest

• Cloud services
• Databases
• End-user devices
• Email archives
• Backups
• Servers
• Physical storage devices

Causes of Risk

The most common causes of data loss can be categorized by people, processes, and technology.

Check out our Combine Security Risk Management Components Into One Program blueprint for guidance on risk management, including how to do a full risk assessment.

Prioritize your data

Know what data matters most to your organization.

Prioritizing the data that most needs protection will help define your DLP goals.

The prioritization of your data should be a business decision based on your comprehension of the data. Drivers for prioritizing data can include:

• Compliance-driven: Noncompliance is a risk in itself and your organization may choose to prioritize data based on meeting compliance requirements.
• Audit-driven: Data can be prioritized to prepare for a specific audit objective or in response to an audit finding.
• Business-driven: Data could be prioritized based on how important it is to the organization’s business processes.

Info-Tech Insight

It’s not feasible for most organizations to apply DLP to all their data. Start with the most important data.

Activity: Prioritize your data

Input: Lists of data, data types, and data environments
Output: A list of data types with an estimated priority
Materials: Data Loss Prevention Strategy Planner worksheet
Participants: Security leader, Data owners

1-2 hours

For this activity, you will use the Data Loss Prevention Strategy Planner workbook to prioritize your data.

1. Start with tab “2. Setup” and fill in the columns. Each column features a short explanation of itself, and the following slides will provide more detail about the columns.
2. On tab “3. Data Prioritization,” work through the rows by selecting a data type and moving left to right. This sheet features a set of instructions at the top explaining each column, and the following slides also provide some guidance. On this tab, you may use data types and data environments multiple times.

Click to download the Data Loss Prevention Strategy Planner

Activity: Prioritize your data

In the Data Loss Prevention Strategy Planner tool, start with tab “2. Setup.”

Next, move to tab “3. Data Prioritization.”

Click to download the Data Loss Prevention Strategy Planner

Determine DLP objectives

Your DLP strategy should be able to function as a business case.

DLP objectives should achieve one or more of the following:

• Prevent disclosure or unauthorized use of data, regardless of its state.
• Preserve usability while providing adequate security.
• Improve security, privacy, and compliance capabilities.
• Reduce overall risk for the enterprise.

Example objectives:

• Prevent users from emailing ePHI to addresses outside of the organization.
• Detect when a user is uploading an unusually large amount of data to a cloud drive.

Most common DLP use cases:

• Protection of data, primarily from internal threats.
• Meet compliance requirements to protect data.
• Automate the discovery and classification of data.
• Provide better data management and visibility across the enterprise.
• Manage and protect data on mobile devices.

Info-Tech Insight

Having a clear idea of your objectives will make implementing a DLP program easier.

Align DLP with your existing security program/architecture

DLP depends on many different aspects of your security program.
To the right are some components of your existing security program that will support DLP.

1. Data handling standards or guidelines: These specify how your organization will handle data, usually based on its classification. Your data handling standards will inform the development of DLP rules, and your employees will have a clear idea of data handling expectations.

2. Identity and access management (IAM): IAM will control the access users have to various resources and data and is integral to DLP processes.

3. Incident response policy or plan: Be sure to consider your existing incident handling processes when implementing DLP. Modifying your incident response processes to accommodate alerts from DLP tools will help you efficiently process and respond to incidents.

4. Existing security tools: Firewalls, email gateways, security information and event management (SIEM), and other controls should be considered or leveraged when implementing a DLP solution.

5. Acceptable use policy: An organization must set expectations for acceptable/unacceptable use of data and IT resources.

6. User education and awareness: Aside from baseline security awareness training, organizations should educate users about policies and communicate the risks of data leakage to reduce risk caused by user error.

Info-Tech Insight

Consider DLP as a secondary layer of protection; a safety net. Your existing security program should do most of the work to prevent data misuse.

Cloud service models

A fundamental challenge with implementing DLP with cloud services is the reduced flexibility that comes with managing less of the technology stack. Each cloud model offers varying levels of abstraction and control to the user.

Infrastructure as a service (IaaS): This service model provides customers with virtualized technology resources, such as servers and networking infrastructure. IaaS allows users to have complete control over their virtualized infrastructure without needing to purchase and maintain hardware resources or server space. Popular examples include Amazon Web Servers, Google Cloud Engine, and Microsoft Azure.

Platform as a service (PaaS): This service model provides users with an environment to develop and manage their own applications without needing to manage an underlying infrastructure. Popular examples include Google Cloud Engine, OpenShift, and SAP Cloud.

Software as a service (SaaS): This service model provides customers with access to software that is hosted and maintained by the cloud provider. SaaS offers the least flexibility and control over the environment. Popular examples include Salesforce, Microsoft Office, and Google Workspace.

Info-Tech Insight

Cloud service providers may include DLP controls and functionality for their environments with the subscription. These tools are usually well suited for DLP functions on that platform.

Different DLP tools

DLP products often fall into general categories defined by where those tools provide protection. Some tools fit into more than one category.

Cloud DLP refers to DLP products that are designed to protect data in cloud environments.

• Cloud access security broker (CASB): This system, either in-cloud or on-premises, sits between cloud service users and cloud service providers and acts as a point of control to enforce policies on cloud-based resources. CASBs act on data in motion, for the most part, but can detect and act on data at rest through APIs.
• Existing tools integrated within a service: Many cloud services provide DLP tools to manage data loss in their service.

Endpoint DLP: This DLP solution runs on an endpoint computing device and is suited to detecting and controlling data at rest on a computer as well as data being uploaded or downloaded. Endpoint DLP would be feasible for IaaS.

Network DLP: Network DLP, deployed on-premises or as a cloud service, enforces policies on network flows between local infrastructure and the internet.

• “Email DLP”: Detects and enforces security policies specifically on data in motion as emails.

Choosing a DLP solution

You will also find that some DLP solutions are better suited for some cloud service models than others.

DLP solution types that are better suited for SaaS: CASB and Integrated Tools

DLP solution types that are better suited for PaaS: CASB, Integrated Tools, Network DLP

DLP solution types that are better suited for IaaS: CASB, Integrated Tools, Network DLP, and Endpoint DLP

Your approach for DLP will vary depending on the data state you’ll be acting on and whether you are trying to detect or prevent.

Click to download the Data Loss Prevention Strategy Planner
Check the tab labeled “6. DLP Features Reference” for a list of common DLP features.

Activity: Plan DLP methods

Input: Knowledge of data states for data types
Output: A set of technical DLP policy rules for each data type by environment
Materials: The same Data Loss Prevention Strategy Planner worksheet from the earlier activity
Participants: Security leader, Data owners

1-2 hours

Continue with the same workbook used in the previous activity.

1. On tab “4. DLP Methods,” indicate the expected data state the DLP control will act on. Then, select the type of DLP control your organization intends to use for that data type in that data environment.
2. DLP actions are suggested based on the classification of the data type, but these may be overridden by manually selecting your preferred action.
3. You will find more detail on this activity on the following slide, and you will find some additional guidance in the instructional text at the top of the worksheet.
4. Once you have populated the columns on this worksheet, a summary of suggested DLP rules can be found on tab “5. Results.”

Click to download the Data Loss Prevention Strategy Planner

Activity: Plan DLP methods

Use tab “4. DLP Methods” to plan DLP rules and technical policies.

See tab “5. Results” for a summary of your DLP policies.

Click to download the Data Loss Prevention Strategy Planner

Implement your DLP program

Take the steps to properly implement your DLP program

1. It’s important to shift the culture. You will need leadership’s support to implement controls and you’ll need stakeholders’ participation to ensure DLP controls don’t negatively affect business processes.
2. Integrate DLP tools with your security program. Most cloud service providers, like Amazon, Microsoft, and Google provide DLP controls in their native environment. Many of your other security controls, such as firewalls and mail gateways, can be used to achieve DLP objectives.
3. DLP is best implemented with a crawl, walk, then run approach. Following change management processes can reduce friction.
4. Communicating controls to users will also reduce friction.

Info-Tech Insight

After a DLP program is implemented, alerts will need to be investigated and incidents will need a response. Be prepared for DLP to be a work multiplier!

Measure and improve

Metrics of effectiveness

DLP attempts to tackle the challenge of promptly detecting and responding to an incident.
To measure the effectiveness of your DLP program, compare the number of events, number of incidents, and mean time to respond to incidents from before and after DLP implementation.

Metrics that indicate friction

A high number of false positives and rule exceptions may indicate that the rules are not working well and may be interfering with legitimate use.
It’s important to address these issues as the frustration felt by employees can undermine the DLP program.

Tune DLP rules

Establish a process for routinely using metrics to tune rules.
This will improve performance and reduce friction.

Info-Tech Insight

Aside from performance-based tuning, it’s important to evaluate your DLP program periodically and after major system or business changes to maintain an awareness of your data environment.

Related Info-Tech Research

Research Contributors

Andrew Amaro
CSO and Founder
Klavan Physical and Cyber Security Services

Arshad Momin
Cyber Security Architect
Unicom Engineering, Inc.

James Bishop
Information Security Officer
StructureFlow

Michael Mitchell
Information Security and Privacy Compliance Manager
Unicom Engineering, Inc.

One Anonymous Contributor

Bibliography

Alhindi, Hanan, Issa Traore, and Isaac Woungang. "Preventing Data Loss by Harnessing Semantic Similarity and Relevance." jisis.org Journal of Internet Services and Information Security, 31 May 2021. Accessed 2 March 2023. https://jisis.org/wp-content/uploads/2022/11/jisis-2021-vol11-no2-05.pdf

Cash, Lauryn. "Why Modern DLP is More Important Than Ever." Armorblox, 10 June 2022. Accessed 10 February 2023. https://www.armorblox.com/blog/modern-dlp-use-cases/

Chavali, Sai. "The Top 4 Use Cases for a Modern Approach to DLP." Proofpoint, 17 June 2021. Accessed 7 February 2023. https://www.proofpoint.com/us/blog/information-protection/top-4-use-cases-modern-approach-dlp

Crowdstrike. "What is Data Loss Prevention?" Crowdstrike, 27 Sept. 2022. Accessed 6 Feb. 2023. https://www.crowdstrike.com/cybersecurity-101/data-loss-prevention-dlp/

De Groot, Juliana. "What is Data Loss Prevention (DLP)? Definition, Types, and Tips." Digital Guardian, 8 February 2023. Accessed 9 Feb. 2023. https://digitalguardian.com/blog/what-data-loss-prevention-dlp-definition-data-loss-prevention

Denise. "Learn More About DLP Key Use Cases." CISO Platform, 28 Nov. 2019. Accessed 10 February 2023. https://www.cisoplatform.com/profiles/blogs/learn-more-about-dlp-key-use-cases

Google. "Cloud Data Loss Prevention." Google Cloud Google, n.d. Accessed 7 Feb. 2023. https://cloud.google.com/dlp#section-6

Gurucul. "2023 Insider Threat Report." Cybersecurity Insiders, 13 Jan. 2023. Accessed 23 Feb. 2023. https://gurucul.com/2023-insider-threat-report

IBM Security. "Cost of a Data Breach 2022." IBM Security, 1 Aug. 2022. Accessed 13 Feb. 2023. https://www.ibm.com/downloads/cas/3R8N1DZJ

Mell, Peter & Grance, Tim. "The NIST Definition of Cloud Computing." NIST CSRC NIST, Sept. 2011. Accessed 7 Feb. 2023. https://csrc.nist.gov/publications/detail/sp/800-145/final

Microsoft. "Plan for Data Loss Prevention (DLP)." Microsoft 365 Solutions and Architecture Microsoft, 6 Feb. 2023. Accessed 14 Feb. 2023. https://learn.microsoft.com/en-us/microsoft-365/compliance/dlp-overview-plan-for-dlp

Nanchengwa, Christopher. "The Four Questions for Successful DLP Implementation." ISACA Journal ISACA, 1 Jan. 2019. Accessed 6 Feb. 2023. https://www.isaca.org/resources/isaca-journal/issues/2019/volume-1/the-four-questions-for-successful-dlp-implementation

Palo Alto Networks. "The State of Cloud Native Security 2023." Palo Alto Networks, 2 March 2023. Accessed 23 March 2023. https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/state-of-cloud-native-security-2023.pdf

Pritha. "Top Six Metrics for your Data Loss Prevention Program." CISO Platform, 27 Nov. 2019. Accessed 10 Feb. 2023. https://www.cisoplatform.com/profiles/blogs/top-6-metrics-for-your-data-loss-prevention-program

Raghavarapu, Mounika. "Understand DLP Key Use Cases." Cymune, 12 June 2021. Accessed 7 Feb. 2023. https://www.cymune.com/blog-details/DLP-key-use-cases

Sheela, G. P., & Kumar, N. "Data Leakage Prevention System: A Systematic Report." International Journal of Recent Technology and Engineering BEIESP, 30 Nov. 2019. Accessed 2 March 2023. https://www.ijrte.org/wp-content/uploads/papers/v8i4/D6904118419.pdf

Sujir, Shiv. "What is Data Loss Prevention? Complete Guide [2022]." Pathlock, 15 Sep. 2022. Accessed 7 February 2023. https://pathlock.com/learn/what-is-data-loss-prevention-complete-guide-2022/

Wlosinski, Larry G. "Data Loss Prevention - Next Steps." ISACA Journal, 16 Feb. 2018. Accessed 21 Feb. 2023. https://www.isaca.org/resources/isaca-journal/issues/2018/volume-1/data-loss-preventionnext-steps

Define Your Virtual and Hybrid Event Requirements

Accelerate your event scoping and software selection process.

Analyst Perspective

When events go virtual, IT needs to cover its bases.

The COVID-19 pandemic imposed a dramatic digital transformation on the events industry. Though event ticket and registration software, mobile event apps, and onsite audio/visual technology were already important pieces of live events, the total transformation of events into online experiences presented major challenges to organizations whose regular business operations involve at least one annual mid-sized to large event (association meetings, conferences, trade shows, and more).

Many organizations worked to shift to online, or virtual events, in order to maintain business continuity. As time went on, and public gatherings began to restart, a shift to “hybrid” events began to emerge—events that accommodate both in-person and virtual attendance. Regardless of event type, this pivot to using virtual event software, or digital event technology, brings events more closely into IT’s areas of responsibility. If you don't begin with strategy, you risk fitting your event to technology, instead of the other way around.

If virtual and hybrid events are becoming standard forms of delivering content in your organization, use Info-Tech’s material to help define the scope of the event and your requirements, and to support your software selection process.

Emily Sugerman
Research Analyst, Infrastructure & Operations
Info-Tech Research Group

Executive Summary

Info-Tech Insight

If you don't begin with strategy, you will fit your event to technology, instead of the other way around.

Your challenge

The solution you have been using for online events does not meet your needs.

Though you do have some tools that support large meetings, it is not clear if you require a larger and more comprehensive virtual event solution. There is a need to determine what type of technology you might need to purchase versus leveraging what you already have.

It is difficult to quickly and practically identify core event requirements and how they translate into technical capabilities.

Maintaining or improving audience engagement is a perpetual challenge for virtual events.

Source: Virtual Event Tech Guide, 2022

Common obstacles

These barriers make this challenge difficult to address for many organizations.

Events with networking objectives are not always well served by webinars, which are traditionally more limited in their interactive elements.

Events that include the conducting of organizational/association business (like voting) may have bylaws that make selecting a virtual solution more challenging.

Maintaining attendee engagement is more challenging in a virtual environment.

Prior to the pandemic, your organization may not have been as experienced in putting on fully virtual events, putting more responsibility in your corner as IT. Navigating virtual events can also require technological competencies that your attendee userbase may not universally possess.

Technological limitations and barriers to access can exclude potential attendees just as much as bringing events online can open up attendance to new audiences.

Opportunity: Virtual events can significantly increase an event’s reach

Events held virtually during the pandemic noted significant increases in attendees.

“We had 19,000 registrations from all over the world, almost 50 times the number of people we had expected to host in Amsterdam. . . . Most of this year’s [2020] attendees would not have been able to participate in a physical GrafanaCon in Amsterdam. That was a huge win.” – Raj Dutt, Grafana Labs CEO[5]

[1] Kelly, 2020; [2] Price, 2020; [3] Stanford Digital Economy Lab, 2022; [4] Warren, 2022; [5] Fast Company, 2020

Info-Tech’s methodology for defining virtual/hybrid event requirements

Event planning phases

Apply project management principles to your virtual/hybrid event planning process.

Online event planning should follow the same established principles as in-person event planning.
Align the event’s concept and objectives with organizational goals.

Source: Adapted from Event Management Body of Knowledge, CC BY 4.0

Gather inputs to the planning processes

Acquire as much of this information as possible before you being the planning process.

Budget: Determine your organization’s budget for this event to help decide the scope of the event and the purchasing decisions you make as you plan.

Internal human resources: Identify who in your organization is usually involved in the organization of this event and if they are available to organize this one.

List of communication and collaboration tools: Acquire the list of the existing communication and collaboration tools you are currently licensed for. Ensure you know the following information about each tool:

• Type of license
• License limitations (maximum number of users)
• Internal or external-facing tool (or capable of both)
• Level of internal training and competency on the tool

Decision point: Relate event goals to organizational goals

What is driving the event?

Your organization may hold a variety of in-person events that you now wish, for various reasons, to hold fully or partially online. Each event likely has a slightly different set of goals.

Before getting into the details of how to transition your event online, return to the business/organizational goals the event is serving.

Ensure each event (and each component of each event) maps back to an organizational goal.

If a component of the event does not align to an organizational goal, assess whether it should remain as part of the event.

Common organizational goals

• Increase revenue
• Increase productivity
• Attract and retain talent
• Improve change management
• Carry out organizational mission
• Identify new markets
• Increase market share
• Improve customer service
• Launch new product/service

Common event goals

• Education/training
• Knowledge transfer
• Decision making
• Professional development
• Sales/lead generation
• Fundraising
• Entertainment
• Morale boosting
• Recognition of achievement

Decision point: Identify your organization’s digital event vision

What do you want the outcome of this event to be?

Attendee goals: Who are your attendees? Why do they attend this event? What attendee needs does your event serve? What is your event’s value proposition? Are they intrinsically or extrinsically motivated to attend?

Event goals: From the organizer perspective, why do you usually hold this event? Who are your stakeholders?

Organizational goals: How do the event goals map to your organizational goals? Is there a clear understanding of what the event’s larger strategic purpose is.

Common attendee goals

Education: our attendees need to learn something new that they cannot learn on their own.
Networking: our attendees need to meet people and make new professional connections.
Professional development: our attendees have certain obligations to keep credentials updated or to present their work publicly to advance their careers.
Entertainment: our attendees need to have fun.
Commerce: our attendees need to buy and sell things.

Decision point: Level of external event production

Will you be completely self-managed, reliant on external event production services, or somewhere in the middle?

You can review this after working through the other decision points and the scope becomes clearer.

Decision point: Assign event planning roles

Who will be involved in planning the event? Fill/combine these roles as needed.

Decision point: Assign event production roles

Who will be involved in running the event?

Decision point: Map attendee goals to event goals to organizational goals

Input: List of attendee benefits, List of event goals, List of organizational goals
Output: Ranked list of event goals as they relate to attendee needs and organizational goals
Materials: Whiteboard/flip charts
Participants: Planning team

1. Define attendee benefits:
   1. List the attendee benefits derived from your event (as many as possible).
   2. Rank attendee benefits from most to least important.
2. Define event goals:
   1. List your event goals (as many as possible).
   2. Draw a connecting line to your ranked list of attendee benefits.
   3. Identify if any event goals exist with no clear relationship to attendee benefits. Discuss whether this event goal needs to be re-envisioned. If it connects to no discernible attendee benefits, consider removing it. Otherwise, figure out what attendee benefits the event goal provides.
3. Define organizational goals:
   1. Acquire a list of your organization’s main strategic goals.
   2. Draw a connecting line from each event goal to the organizational goal it supports.
   3. If most of your event goals do not immediately seem to support an organizational goal, discuss why this is. Try to find the connection. If you cannot, discuss whether the event should proceed or be rethought.

Decision point: Break down your event into its constituent components

Identify your event archetype

Decompose the event into its component parts

Identify technical requirements that help meet event goals

Benefits:

• Clarify how formerly in-person events map to virtual archetypes.
• Ensure your virtual event planning is anchored to organizational goals from the outset.
• Streamline your virtual event tech stack planning later.

Decision point: Determine your event archetype

Analyze your event’s:

• Main goals.
• The components and activities that support those goals.
• How these components and activities fall into people- vs. content-centric activities, and real-time vs. asynchronous activities.

1. Conference
2. Trade show
3. Annual general meeting
4. Department meeting
5. Town hall
6. Workshop

Info-Tech Insight

Begin the digital event planning process by understanding how your event’s content is typically consumed. This will help you make decisions later about how best to deliver the content virtually.

Conference

Goals: Education/knowledge transfer; professional advancement; networking.

Major content

• Call for proposals/circulation of abstracts
• Keynotes or plenary address: key talk addressed to large audience
• Panel sessions: multiple panelists deliver address on common theme
• Poster sessions: staffed/unstaffed booths demonstrate visualization of major research on a poster
• Association meetings (see also AGM archetype): professional associations hold AGM as one part of a larger conference agenda

Community

• Formal networking (happy hours, social outings)
• Informal networking (hallway track, peer introductions)
• Business card exchange
• Pre- and post-event correspondence

Commercial Partners

• Booth reps: Publishing or industry representatives exhibit products/discuss collaboration

Trade show

Objectives: Information transfer; sales; lead generation.

Major content

• Live booth reps answer questions
• Product information displayed
• Promotional/information material distributed
• Product demonstrations at booths or onstage
• Product samples distributed to attendees

Community interactions

• Statements of intent to buy
• Lead generation (badge scanning) of booth visitors
• Business card exchange
• Pre- and post-event correspondence

Annual general meeting

Objectives: Transparently update members; establish governance and alignment.

Meeting events

• Updates provided to members on organization’s activities/finances
• Decisions made regarding organization’s direction
• Governance over organization established (elections)
• Speakers addressing large audience from stage
• In-camera sessions
• Translation of proceedings
• Real-time weighted voting
• Minutes taken during meeting

Administration

• Notice given of meeting within mandated time period
• Agenda circulated prior to meeting
• Distribution of proxy material
• Minutes distributed

Department meeting

Objectives: Information transfer of company agenda/initiatives; group decision making.

Major content

• Agenda circulated prior to meeting
• Updates provided from senior management/leadership to employees on organization’s initiatives and direction
• Employee questions and feedback addressed
• Group decision making
• Minutes taken during meeting
• Minutes or follow-up circulated

Town hall meeting

Objectives: Update public; answer questions; solicit feedback.

Major content

• Public notice of meeting announced
• Agenda circulated prior to meeting
• Speakers addressing large audience from stage
• Presentation of information pertinent to public interest
• Audience members line up to ask questions/provide feedback
• Translation of proceedings
• Recording of meeting archived

Workshop

Objectives: Make progress on objective; achieve consensus; knowledge transfer.

Major content

• Scheduling of workshop
• Agenda circulated prior to meeting
• Facilitator leads group activities
• Participants develop alignment on project
• Progress achieved on workshop project
• Feedback on workshop shared with facilitator

Decision point: Analyze your event’s purpose and value

Use the event archetypes to help you identify your event’s core components and value proposition.

1. Attendee types: Who typically attends your event? Exclusively internal participants? External participants? A mix of the two?
2. Communication: How do participants usually communicate with each other during this event? How do they communicate with the event organizers? Include both formal types of communication (listening to panel sessions) and informal (serendipitous conversations in the hallway).
3. Connection: What types of connections do your attendees need to experience? (networking with peers; interactions with booth reps; consensus building with colleagues).
4. Exchange of material: What kind of material is usually exchanged at this event and between whom? (Pamphlets, brochures, business cards, booth swag).
5. Engagement: How do you usually retain attendees' attention and make sure they remain engaged throughout the event?
6. Length: How long does the event typically last?
7. Location and setup: Where does the event usually take place and who is involved in its setup?
8. Success metrics: How do you usually measure your event's success?

Info-Tech Insight

Avoid trying to exactly reproduce the formerly in-person event online. Instead, identify the value proposition of each event component, then determine what its virtual expression could be.

Example: Trade show

Goals: Information transfer; sales; lead generation.

1. Identify event component(s)
2. Document its face-to-face expression(s)
3. Identify the expression’s value proposition
4. Translate the value proposition to a virtual component that facilitates overall event goal

Plan your metrics

Use the analytics and reporting features available in your event technology toolset to capture the data you want to measure. Decide how each metric will impact your planning process for the next event.

Examples of metrics:

• Number of overall participants/registrants: Did you have more or fewer registrants/attendees than previous iterations of the event? What is the difference between number of registrants and number of real attendees?
• Locations of participants: Where are people participating from? How many are attending for the first time? Are there new audiences you can pursue next time?
• Most/least popular sessions: How long did people stay in the sessions and the event overall?
• Most/least popular breakout rooms and discussion boards: Which topics should be repeated/skipped next time?
• Social media mentions: Which topics received the most engagement on social media?
• Surveys: What do participants report enjoying most? Least?
• Technical failures: Can your software report on failures? Identify what technical problems arose and prepare a plan to mitigate them next time.

Ensure the data you capture feeds into better planning for the next event

Determine compliance requirements

A greater event reach also means new data privacy considerations, depending on the location of your guests.

General Data Protection Regulation (GDPR)

Concerns over the collection of personal electronic data may not have previously been a part of your event planning considerations. However, now that your event is online, it’s wise to explore which data protection regulations apply to you. Remember, even if your organization is not located in the EU, if any of your attendees are European data subjects you may still be required to comply with GDPR, which involves the notification of data collected, allowing for opt-out options and the right to have data purged. The data must be collected for a specific purpose; if that purpose is expired, it can no longer be retained. You also have an obligation to report any breaches.

Accessibility requirements

What kind of accessibility laws are you subject to (AODA, WCAG2)? Regardless of compliance requirements, it is a good idea to ensure the online event follows accessibility best practices.

Decision point: Set event policies

What event policies need to be documented?
How will you communicate them to attendees?

Code of conduct

One trend in the large event and conference space in recent years has been the development of codes of conduct that attendees are required to abide by to continue participating in the event.
Now that your event is online, consider whether your code of conduct requires updating. Are there new types of appropriate/inappropriate online behavior that you need to define for your attendees?

Harassment reporting

If your organization has an event harassment reporting process, determine how this process will transfer over to the digital event.
Ensure the reporting process has an owner and a clear methodology to follow to deal with complaints, as well as a digital reporting channel (a dedicated email or form) that is only accessed by approved staff to protect sensitive information.

Develop a risk management plan

Plan for how you will mitigate technical risks during your virtual event
Provide presenters with a process to follow if technical problems arise.

• Presenter’s internet connection cuts out
• Attendees cannot log in to event platform
• Attendees cannot hear/see video feed
• What process will be followed when technical problems occur: ticketing system; chatbot; generic email accessible by all IT support assigned

Testing/Rehearsal

Test audio hardware: Ensure speakers use headphones/earbuds and mics (they do not have to be fancy/expensive). Relying on the computer/laptop mic can lead to more ambient noise and potential feedback problems.

Check lighting: Avoid backlighting. Reposition speakers so they are not behind windows. Ask them to open/close shades. Add lamps as needed.

Prevent interruptions: Before the event, ask panelists to turn phone and computer notifications to silent. Put a sign on the door saying Do not Disturb.

Control audience view of screenshare: If your presenters will be sharing their screens, teach them how this works on the platform they are using. Advise them to exit out of any other application that is not part of their presentation, so they do not share the wrong screen unintentionally. Advise them to remove anything from the desktop that they do not want the audience to see, in case their desktop becomes visible at any point.

Control audience view of physical environment: Before the event, advise participants to turn their cameras on and examine their backgrounds. Remove anything the audience should not be able to see.

Test network connectivity: Send the presenters a link to a speed test and check their internet speed.

Emergency contact: Exchange cell phone numbers for emergency backchannel conversations if problems arise on the day of the event.

Set expectations: Presenting to an online audience feels very different to a live crowd. Prepare presenters for a lack of applause and lack of ability to see their audience, and that this does not mean the presentation was unsuccessful.

Identify requirements

To determine what kind of technical requirements you need to build the virtual expression of your event, consult the Virtual Event Platform Requirements Tool.

1. If you have determined that the requirements you wish to use for the event exceed the capabilities of your existing communication and collaboration toolset, identify whether these gaps tip the scale toward purchasing a new tool. Use the requirement gaps to make the business case for purchasing a new tool.
2. Use the Virtual Event Platform Requirements Tool to create a list of requirements.
3. Consult the Software Reviews category for Virtual Event Platform Data Quadrant and Emotional Footprint reports.
4. Assemble your documentation for approvals and the Rapid Application Selection Process.

Download the Virtual/Hybrid Event Software Feature Analysis Tool

Rapid Application Selection Framework and Contract Review

Launch Info-Tech’s Rapid Application Selection Framework.

Using the requirements you’ve just gathered as a base, use Info-Tech’s complete framework to improve the efficiency and effectiveness of software selection.

Once you’ve selected a vendor(s), review the contract. Does it define an exit strategy? Does it define when your data will be deleted? Does it set service-level agreements that you find acceptable? Leverage Info-Tech’s contract review service once you have selected the virtual event solution and have received a contract from the vendor.

Further research

Run Better Meetings

Bibliography

Dutt, Raj. “7 Lessons from This Company’s First-Ever Virtual Conference.” Fast Company, 29 Jul 2020. Web.

Kelly, Samantha Murphy. “Microsoft Build Proves Splashy Tech Events Can Thrive Online.” CNN, 21 May 2020. Web.

“Phases.” Event Management Body of Knowledge (EMBOK), n.d. Web.

Price, Michael. “As COVID-19 Forces Conferences Online, Scientists Discover Upsides of Virtual Format.” Science, 28 Apr 2020. Web.

“Stanford HAI Spring Conference - Key Advances in Artificial Intelligence.” Stanford Digital Economy Lab, 2022. Web.

“Virtual Event Tech Guide 2022.” Skift Meetings, April 2022. Web.

Warren, Tom. “Microsoft Build 2022 Will Take Place May 24th–26th.” The Verge, 30 March 2022. Web.

Contributors

6 anonymous contributors

Transition Projects Over to the Service Desk

Increase the success of project support by aligning your service desk and project team.

Executive Summary

Info-Tech Insight

Make sure to build a strong knowledge management strategy to identify, capture, and transfer knowledge from project delivery to the service desk.

A lack of formal service transition process presents additional challenges

When there is no formal transition process following a project delivery, it will negatively impact project success and customer satisfaction.

Link how improvement in project transitioning to the service desk can help service support

A successful launch can still be a failure if the support team isn't fully informed and prepared.

Integrate the service desk into the project management lifecycle for a smooth transition of service support

Service desk involvement in the development, testing, and maintenance/change activity steps of your project lifecycle will help you logically define the category and priority level of the service and enable service level improvement accordingly after the project goes live.

As some of the support and project processes can be integrated, responsibility silos should be broken

Processes are done by different roles. Determine roles and responsibilities for the overlapping processes to streamline service support transition to the service desk.

Determine the interfaces

At the project level, get a clear understanding of support capabilities and demands, and communicate them to the service desk to proactively bring them into the planning step.

Clear responsibilities help you define the level of involvement in the overlapping processes

Conduct a stakeholder analysis to identify the people that can help ensure the success of the transition.

Goal: Create a prioritized list of people who are affected by the new service and will provide support.

Why is stakeholder analysis essential?

Identify the tasks that are required for a successful project handover

Embed the tasks that the project team should deliver before handing support to the service desk.

Integrate project description and service priority throughout development phase

Include the service desk in discussions about project description, so it will be enabled to define service priority level.

Document project description and service priority in the Project Handover Template.

Embed service levels and maintenance information

Include the service desk in discussions about project description, so it will be enabled to define service priority level.

Document service level objectives and maintenance in the Project Handover Template.

Enhance communication between the project team and the service desk

Communicating with the service desk early and often will ensure that agents fully get a deep knowledge of the new technology.

Transition of a project to the service desk includes both knowledge transfer and execution transfer.

01

Provide training and mentoring to ensure technical knowledge is passed on.

02

Transfer leadership responsibilities by appointing the right people.

03

Transfer support by strategically assigning workers with the right technical and interpersonal skills.

04

Transfer admin rights to ensure technicians have access rights for troubleshooting.

05

Create support and a system to transfer work process. For example, using an online platform to store knowledge assets is a great way for support to access project information.

Info-Tech Insight

A communication plan and executive presentation will help project managers outline recommendations and communicate their benefits.

Communicate reasons for projects and how they will be implemented

Proactive communication of the project to affected stakeholders will help get their buy-in for the new technology and feedback for better support.

Implement knowledge transfer to the service desk to ensure tickets won’t be unnecessarily escalated

The support team usually uses an ITSM solution, while the project team mostly uses a project management solution. End users’ support is done and documented in the ITSM tool.

Even terminologies used by these teams are different. For instance, service desk’s “incident” is equivalent to a project manager’s “defect.” Without proper integration of the development and support processes, the contents get siloed and outdated over time.

Potential ways to deal with this challenge:

Use the same platform for both project and service support

This helps you document information in a single platform and provides better visibility of the project status to the support team as well. It also helps project team find out change-related incidents for a faster rollback.

Note: This is not always feasible because of the high costs incurred in purchasing a new application with both ITSM and PM capabilities and the long time it takes for implementing such a solution.

Integrate the PM and ITSM tools to improve transition efficiency

Note: Consider the processes that should be integrated. Don’t integrate unnecessary steps in the development stage, such as design, which will not be helpful for support transition.

Build a training plan for the new service

When a new system is introduced or significant changes are applied, describe the steps and timeline for training.

Integrate knowledge management in the transition plan

Build a knowledge transfer process to streamline service support for the newly developed technology.

Use the following steps to ensure the service desk gets trained on the new project.

Identify training functions and plan for a formal knowledge transfer

1. Brainstorm training functions for each group.
2. Determine the timeline needed to conduct training for the identified training topics.

Document your knowledge transfer plan in the Project Handover Template.

Build a checklist of the transition action items

At this stage, the project is ready to go live and support needs to be independently done by the service desk.

Activity: Prepare a checklist of initiatives before support transition

Download the Project Handover Template

Download the Service Support Transitioning Checklist

Define metrics to track the success of project transition

Consider key metrics to speak the language of targeted end users.

You won’t know if transitioning support processes are successful unless you measure their impact. Find out your objectives for project transition and then track metrics that will allow you to fulfill these goals.

Summary of Accomplishment

Problem Solved

Following the steps outlined in this research has helped you build a strategy to shift service support from the project team to the service desk, resulting in an improvement in customer service and agent satisfaction.

You have also developed a plan to break the silo between the service desk and specialists and enable knowledge transfer so the service desk will not need to unnecessarily escalate tickets to developers. In the meantime, specialists are also responsible for service desk training on the new application.

Efficient communication of service levels has helped the project team set clear expectations for managers to create a balance between their projects and service support.

If you would like additional support, have our analysts guide you through other phases as part of an Info-Tech workshop.

Contact your account representative for more information

workshops@infotech.com

1-888-670-8889

Related Info-Tech Research

Improve customer service by driving consistency in your support approach and meeting SLAs.

The best type of service desk ticket is the one that doesn’t exist.

Right-size PMBOK for all of your IT projects.

Works Cited

Brown, Josh. “Knowledge Transfer: What it is & How to Use it Effectively.” Helpjuice, 2021. Accessed November 2022.

Magowan, Kirstie. “Top ITSM Metrics & KPIs: Measuring for Success, Aiming for Improvement.” BMC Blogs, 2020. Accessed November 2022.

“The Complete Blueprint for Aligning Your Service Desk and Development Teams (Process Integration and Best Practices).” Exalate, 2021. Accessed October 2022.

“The Qualities of Leadership: Leading Change.” Cornelius & Associates, 2010. Web.