It’s a phrase we’ve been using for years to describe technologies, applications, features, implementations, an overarching approach and a cluster of associated expectations -- this, that or the other is “enterprise-grade.” But what does that really mean (if anything) in today’s connected, software and app-forward enterprise?
Question-and-answer users on Quora provide nebulous answers, but Gartner gets more technical: “products that integrate into an infrastructure with a minimum of complexity.” Other sources have admirably attempted to take the specificity further by defining it within the parameters of the cloud or other segments. Even still, others try to argue that its relevance is waning, which I’d contend is uninformed.
I would instead argue that the term has become too diluted or ill-defined and that it’s long overdue for distillation and reframing. I’d also posit that there are three critically important pillars of what constitutes something as enterprise-grade in the modern business.
1. Security
Look at almost any list of priorities for IT decision makers -- some of the chief bellwethers of what should and shouldn’t qualify as enterprise-grade -- and you’ll most likely find security. We could spend all day discussing the elements that factor into a modern approach to comprehensive security, but what’s certain is that it goes far beyond putting up firewalls and protecting the perimeter.
One of the most crucial security fundamentals is maintaining end-to-end encryption. Encryption applied only to certain portions of an app or service leaves gaps, and the old adage applies that a chain is only as strong as its weakest link. You can bet there’s a man-in-the-middle attack waiting in the wings to exploit those unencrypted gaps. For applications and services, 128-bit encryption should always be used end to end, with an upgrade to 256-bit encryption whenever possible, even if the tradeoff is a slight downgrade in user experience or friction.
Other key components of security include data storage -- making sure that account logins, passwords and other sensitive information are properly hashed and salted, whether that data is stored in the cloud or on-premise. And speaking of logins and passwords, we can’t forget about multifactor authentication (MFA), which has become a best practice across all sound enterprise technologies. Together, along with other security mechanisms that I wish we had more real estate to delve into, end-to-end encryption, data storage and MFA go a long way toward making a technology enterprise-grade.
2. Openness
From that first criterion of security, we progress to openness as an indicator of enterprise-grade. This doesn’t necessarily mean that a technology needs to be completely open-source, but being built on open standards is a pragmatic middle ground between that extreme and being completely proprietary. In our video conferencing industry segment, for example, Web Real-Time Communication (WebRTC) is the open project that most technology providers standardize on, allowing us all to work across many browsers, operating systems, mobile platforms and devices, as well as with each other’s solutions. Other notable examples of open standards and projects include HTML and CSS for web development, SQL for databases and Kubernetes for containers. Building atop open standards and projects is simply better for the entire industry and more reassuring to enterprise buyers, admins and users.
That notion of openness also extends past the way we build our discrete technologies -- it speaks to interoperability and integration with other workflows, tools and even competitive services or hardware. No enterprise wants to waste time and resources trying to ram two technologies together that should complement each other but, instead, mix like oil and water. In our case, we have made the conscious choice to integrate not only with collaboration platforms, but an end user can also access our cloud service on, say, a Poly device or utilize our meeting room systems to make a Skype for Business call.
3. Transparency
The final leg of the enterprise-grade tripod concerns transparency, in terms of performance, operations and compliance. This may seem obvious, but when an enterprise is selecting a worthy solution, its users need to be able to count on a service level agreement (SLA) that guarantees exceptionally high degrees of service or application uptime (usually 99% or higher). To deliver that reliability, technology providers must have a network of data centers around the globe — either their own or supported by a cloud provider.
In the increasingly globalized economy, it’s also important to promote transparency in where operations are based and how providers do business. Vendors are in some ways extensions of their customers’ business, and geopolitical considerations do become part of the equation. That transparency is almost an evolution of corporate social responsibility, and any company shrouding their operations (even factories), business practices or intentions does not meet the bar for enterprise-grade.
While transparency in performance and operations is often self-reported, there are external forces and bodies that enhance transparency too, in the form of compliance. Regulations and policies like the General Data Protection Regulation (GDPR) for privacy, PCI for payments and HIPAA for medical records all represent ways to apply rigor around the mandate to be transparent. At the risk of sounding like a broken record, any company not complying with the expectations for its industry cannot be considered enterprise-grade.
Definitively Becoming Enterprise-Grade
There are many solutions and providers that choose to shirk the responsibility of delivering the hallmarks and assurances of a truly enterprise-grade offering, and that’s their prerogative. But when it comes to inking bigger deals with larger companies, IT teams, executives and users deserve peace-of-mind that the products and services they’ve evaluated will actually deliver on expectations. As we (re)establish clearer parameters, a technology provider either meets the security, openness and transparency expectations required to be enterprise-grade or it doesn’t. Let’s stop watering down what qualifies. There’s no halfway. For this technologist at least, it’s high time the distinction of enterprise-grade stood for something again.
