In my last post I conveyed the first part of my conversation with Matt Chiste and John Pusey from Function1. They provide services to AquaLogic (new name for Plumtree) customers and develop products to strengthen the AquaLogic line. In my first post I discussed one of these products developed from client work, their Exchange Portlet Suite. I also provided more context about the firm and Plumtree’s evolution. In this post, I will cover a two more examples, an RSS Reader for the AquaLoic environment and Lockdown for enhanced security management.

Their RSS Reader was co-funded through a major consumer goods firm that is a Function1 client. This customer is heavily embracing Enterprise 2.0, and wanted to start with even basic functionality like an RSS reader. Unfortunately, the out-of-the-box AquaLogic portlet offering left a lot to be desired: while users can specify multiple feeds in the portlet, it only shows one at a time (with a drop-down list at the top to select others). You only see a list of articles and have to manually expand to see the summaries, and there’s no concept of a “read” article (i.e., the portlet only displays what’s on the feed, not what the user hasn’t actually read yet). Below is a screen shot of this portlet:

Using the “Web 2.0” technologies Function1 applied to the Exchange portlets, they developed a much richer UI to address all of these shortcomings: An easy list of feeds on the left, individual “read” status, configurable tabbed interface for reading articles, and search functionality:

They have since re-sold this product at other accounts, and have passed the incremental enhancements back to the original customer.

I will now turn to their Lockdown security management utility. Matt said that one of the hallmarks of Web 2.0 is that it is almost entirely open (i.e., Wikipedia); security is often an afterthought and there are often missteps along the way (i.e., Facebook security gaffes). In order to truly bring Web 2.0 to the enterprise and allow open collaboration between specific teams and individuals, security needs to be considered from the beginning, ensuring that only the right people are seeing the right knowledge. This is an issue that most enterprise 2.0 firms are addressing in their various niches.

Matt said that the AquaLogic portal has a relatively primitive security management infrastructure: users click page-by-page through the administrative taxonomy, click another button to modify security, and when security privileges are changed, the only option is to copy the entire ACL (Access Control List) down the tree, rather than just applying the changes made to that one object. So for example, if a user is applied to the security list on a top-level folder, and subfolders have their own security settings, administrators can’t remove that individual user without wiping out the security for all of the subfolders, or manually clicking page-by-page (hundreds or thousands of times) to modify the ACLs. Consequently, security configurations are often compromised due to the inconvenience and pain of properly configuring them.
Below is a screen shot of the out-of-the-box administration tool:

Function1 again took the model of co-funding a project to produce a rich security management tool that relies heavily on AJAX and tabbed interfaces to allow more effective security management and rights propagation:

So now I have gone through three examples of creating Enterprise 2.0 products from services work in these tow posts. Leveraging their ongoing client services experience, Function1 intends to become a significant player in the Enterprise 2.0 space for the AquaLogic product line as it migrates its way into the Oracle environment. I think they are taking a great path. Not only are the products coming out of real client needs but the services work provides an ongoing revenue stream to support the development of the products, at least that was my experience when I was involved in this type of development in the 80s.