So a funny thing happened on my way to the West Coast this week, I was invited to a product launch at Box.net. I’ve always been a fan of the concept of Content Management in the Cloud and the direction Box has taken in the Content Management space.
The established vendors are having to determine how to change both their business models and architecture before they more to the the cloud. Box is already there, they just need more features.
Box is Great!
Everything started slow, but that was because I understood the world that Box is targeting and I was anxious to get to the new stuff. After listening to some of the press attendees ask questions afterwards, I realize that many needed the overview.
There were the standard testimonials from existing clients and partners. That quickly transitioned to Aaron Levie, founder and CEO, talking about what Box has achieved to-date. I found more to be critical here than I did elsewhere, but nothing bad.
Box achieved 99.98% uptime in 2010, which Aaron claimed rivals the uptime of SalesForce.com and other SaaS vendors. When you look at it from that angle, it is pretty darn good. Over the course of the year, they were down around 100 minutes. As this was unscheduled, the odds are that at least half an hour of that was during the work day. As a whole that isn’t bad. Many people talk about five 9s for enterprise applications, but that is very difficult to achieve. Box is flirting with four 9s. I did notice no reference to data loss, so I’m hoping that is sitting at 0%.
In 2010, Box increased from 1GB to 5GB of free storage. The previous night I actually saw Aaron speak at Stanford and he mentioned how Box could not have been started in 2000 because the technology wasn’t there. By 2005, Moore’s Law had allowed them to offer 8x more storage. In the 5-6 years since, while Moore’s law has increased the multiple by 8 again, Box just through in a 5x multiplier. To be fair, 5GB of free storage isn’t bad and Google Docs only gives away 1GB. Nothing to complain about. Just a fun observation.
They attacked SharePoint as part of the vision, as always. It is definitely done in the spirit of fun. It is important though as it conveys the type of Content Management application that they are, collaborative. They can’t touch SharePoint on the full suite of stuff, but they handle the content collaboration part just fine.
Aaron stated that they weren’t covering features like tasks and security in the overview, but they have those features. Of course, those are the things that I care most about, but I wasn’t the typical attendee. They then moved into the announcement stage which they broke into three core areas, Simple, Open, and Mobile.
Simplicity is the Key
One of their keys is that everything needs to be simple. I agree. I’ve seen many an implementation fail because it was too hard to use the system and training couldn’t spread fast enough. The more training that is necessary to use a system, the greater the risk of non-adoption.
For this release, they claim to have rewritten the entire user interface. That is a pretty gutsy thing to do, but biting the bullet to make a change like that is sometimes necessary. The interface didn’t look completely rewritten (which is good), but it did look different.
The standard workspace devotes more space for viewing documents. This includes most common office formats, though not Visio and Project. It does include Photoshop and Illustrator, so users without those applications can view those formats. (Viewer is not new)
What really mattered here was the addition of discussions and an activity stream. Being able to converse about a piece of content from within the system is important. That is one less conversation taking place in email. It is all about applying context to the discussion which is often, Can you look at slide 7?”
Look at the pretty activity stream with comments thrown in for good measure.
The activity stream is useful because knowing on which content people have been working is a fairly useful feature. This isn’t just a Facebook feature showing up for the sake of copying, but a way to track activity and be aware what content needs to be reviewed. This concept is something with which people are becoming familiar, thanks to Facebook.
Openness is a Good Think
The focus finally shifted to more Enterprise features. Aaron talked a lot about allowing other applications to access Box from within those applications, addressing the context issue. NetSuite was introduced and talked about capturing content through the entire Sales>Services>Support process. Very useful, very important.
At this point though, I wasn’t thrilled. I liked the new features, but I didn’t really need to be at the event to effectively learn about them. Then, Noah Wasmer, the Product Manager for VMware’s Project Horizon, took the stage.
Awesome.
Essentially, they showed how a user could access Box, and other SaaS applications, using your corporate LDAP authentication, including Active Directory. Identity Management for the Enterprise in the cloud. All it takes, in theory, is a VMware appliance in the DMZ, a “little” configuration, and you are suddenly using Single Sign-On in the cloud!
Did I mention that this was awesome? How about uber cool?
This made it all worthwhile. VMware still has this under development, but they are working with customers to make it real. I got the feeling that it would be a reality later this year, but no promises on when. It is very exciting stuff and I’ll probably talk about it later in more detail.
Mobile as the Anti-Climax?
Believe it or not, a company as mobile-focused as Box hit the anti-climax with their Mobile announcements. The reason is simple. They already have both an iOS and Android interface deployed that work well. What more do you really need?
Well, Samsung stood up and talked about how they are thinking of deploying Box on their tablets going forward. Very interesting. The most interesting part is that it seems the Box and Samsung are on each other’s speed dials. Not a bad thing, especially for Android people.
Interesting, useful, but I was still giddy from the VMware part of the show for it to truly impress me.
Now What?
Well, aside from the Identity Management piece, not much progress was made for the long-term Content Management market for large entities like the government. The Identity Management piece was huge, but nothing about retention, CMIS, and other advance CMS concepts. To be fair, they are growing at a healthy pace and don’t need all of those features to maintain their growth.
On the plus side, I had some follow-on conversations that indicated that the advanced CMS features were on their minds and in their plans. They asked me the right questions, so I’m fairly sure that they are thinking ahead.
Box still has a way to go. Today they maintained their course, but it was just another step in a long journey for them.
Disclaimer:
To keep the FCC happy, I just wanted to point out that Box.net is reimbursing my travel expenses for extending my stay in California (once I provide receipts) and all attendees received a Samsung Galaxy Tab tablet device (mine is still packaged, so don’t ask). All those things did was make me think that they were nice people that want publicity. Thus this post. They did not ask me to write a post, much less tell me what to write. If you ask EMC, they’ll tell you that bribery doesn’t work very well with me anyway.
Word of Pie 
Man, freebie Galaxy Tab – you swine… 🙂 If you bring it to AIIM I will steal it !
LikeLike
Interesting post … I am seeing lots more interest from my customer base around deploying ECM as a SaaS and evolving more into a cloud model. Probably driven by the lure of significant potential cost reductions (from licence, implementation and hosting). The increasing commoditisation of the core functionality of ECM, increasing influence of open source and SaaS vendors (changing the traditional business models), CMIS and cloud are driving much of this. I discuss these topics in my series of blog posts at http://mcgratha.wordpress.com/2011/01/19/future-of-ecm-the-next-5-years. Would be very interested in your opinions.
Kind regards,
Adrian
LikeLike
Laurence,
Cloud/SaaS SSO for on-premise AD/LDAP instances is available today, and for many, many other SaaS/cloud applications using services from OneLogin.com and others.
Many business-grade cloud vendors already work with OneLogin and provide this to their customers.
Daniel
LikeLike
Interesting stuff. Looks like you have to have an LDAP server in the DMZ for the integration. They are also the broker. Not bad. The VMware solution allows LDAP to stay in the core network and just their appliance sits in the DMZ. The company also seems to manage/own the SSO source, not the SSO vendor. Essentially, OneLogin is a SaaS version of the VMware product (which is why the LDAP has to be in the DMZ).
I know that some SaaS/SSO vendors/feature providers, in no way implying OneLogin, do some insecure things in order to provide their functionality. For anyone looking at a solution, it is critical to know how it works. I would also talk to your SaaS application providers as they may have a good idea on how their SSO vendor’s technology works as they know what API/Services are being leverage.
Due Diligence in all things security.
LikeLike
OneLogin’s Active Directory integration does not require anything to be placed in a DMZ. We have an Active Directory Connector that runs as a Windows service on the customer’s LAN and creates an outbound connection to our servers. Not only is this very secure, it is also easy to deploy as in most cases no firewall changes are required.
Many customers who are moving into the cloud prefer this solution over an appliance, since they are trying to get rid servers.
OneLogin enables enterprises to SSO in minutes as we’re pre-integrated with 1300+ apps, many of them via SAML, for example Box.net, Salesforce, Google Apps, WebEx, Workday, Yammer and KnowledgeTree.
LikeLike
Thanks for the detailed response. I’ll have to look in to both solutions in the near future to fully understand all difderences, but they both seem viable from a sexurity standpoint.
LikeLike