Opportunity looms for observability vendors willing to make ESG a priority
June 7 2021
by Liam Rogers
451 Research is tracking the intersection of technology and environmental, social and governance (ESG) considerations across each of its coverage areas. Observability is an area that intersects with many facets of ESG – observability being the trend of monitoring and APM vendors leveraging multiple types of telemetry data that is output by a system to understand its state and behavior in order to provide meaningful insights for use in actions such as root cause analysis and optimization. Aspects of ESG in observability include the environmental ramifications of the massive amounts of data being generated and stored for observability use, the social and accessibility considerations in the design of observability platforms, and the ability to protect personally identifiable information (PII) collected from end users as part of observability activities.
The 451 Take
As aggregators of considerable amounts of data, observability vendors have a role to play (and value to add) with their customers when it comes to taking ESG seriously. While many aspects of ESG may rate as a low priority or 'nice to have' functionality compared to issues like preserving data privacy, customers and investors are already considering such factors, which are poised to grow in importance. Shrewd observability vendors will prioritize ESG-centric contributions in order to quantify the positive impacts of their actions over time and demonstrate their ability to align with the needs and expectations of customers and investors. If vendors can demonstrate that their platforms are performing well from a tech perspective while taking environmental and social concerns into account, it could drive differentiation, expand mindshare, and generate additional consideration from customers and prospects, which just might provide an edge in a time when monitoring and APM vendors are embracing the trend of observability, and differences in these sprawling platforms are less readily apparent to customers. However, vendors that make public-facing statements about their commitments will also need to back them up with meaningful action, not just partake in 'ESG washing' for the sake of optics.
Businesses are facing two big challenges: on one hand, they need to embrace rapid technology innovation to digitally transform their organizations, and on the other, they're facing a growing pressure not just to perform financially for shareholders, but to be responsible on a wider set of environmental, social and governance issues to a wider set of stakeholders. These two mandates will increasingly influence each other as businesses look to take advantage of the opportunities that technology brings while mitigating the risks it poses.
Larger vendors like Cisco and IBM, as well as public cloud providers, have staked claims when it comes to cultivating sustainability and diversity/inclusion initiatives. However, observability products are only a part of those vendors' portfolios, and of vendors that are larger forces within this sector, we see that relative to the size of the market, few have publicly espoused comprehensive views or commitments related to ESG initiatives, and many are still assessing how they might take action. Splunk is one example of a vendor that has taken a wide-ranging stance on ESG: it recently added a director of ESG to its ranks and released a report in 2020 detailing its views and commitments regarding 21 ESG issues such as data privacy, diversity, inclusivity and environmental concerns like energy management. The vendor says it will release a more detailed report on these commitments and its progress toward meeting them this fiscal year. It has done materiality testing to determine what is most important to customers and investors and says it is establishing a framework to measure its direct and indirect carbon footprint.
We expect this kind of reporting and quantification regarding impact and measures taken to become normalized as investors and customers alike look for insight into ongoing efforts from vendors. Larger vendors may fall under more scrutiny and face more pressure to take action on ESG, but they will also have more resources to devote to such efforts. We expect vendors of all sizes will have to choose their priorities when it comes to taking action on the various aspects of ESG.
Environmental impacts are becoming a material issue in all industries, with businesses increasingly under pressure to manage their impact and maintain transparency through appropriate monitoring and reporting. Observability might not be the sector most immediately linked with impacting the environment, but vendors in this space play a role in pushing up customers' carbon footprints. Collecting both wide-reaching and highly granular telemetry is crucial for observability as customers and vendors strive to connect as many puzzle pieces as possible to gain meaningful insights into IT environments. The value of data in observability is well established, but with microservices-based applications churning out more telemetry than ever, the amount of operational data being stored is astronomical.
With more use of SaaS-based observability platforms, some of the practical considerations of managing the vast storage needed is taken out of view of customers, but they remain well attuned to the monetary aspect of storing so much data, which has caused some vendors to cut costs significantly for use cases such as log analytics. However, using cloud-based object stores in varying degrees of hot and cold may alleviate monetary concerns in the near term, but it somewhat obfuscates the environmental cost of that storage. Even as customers weigh the pros and cons of a 'selective sampling' vs. a 'save everything' approach for operational data, we expect that more of them will also weigh the environmental cost of data storage, including observability data, and long-term retention in addition to the monetary costs. The end-user quote from our report below highlights the growing awareness of this issue.
"Certainly, there is a price to carbon emissions, whether that's a tax or that's a [capitalist?] incentive. The reality is the sheer volume of data that needs to be acquired, transmitted, stored [for our organization]...is lots of data. And so the footprint necessary for sustaining that, the cost, and certainly the environmental costs associated with acquiring and transmitting and storing [that quantity of] data is tremendous."
-Mid-level management, Consumer/Retail, $10bn+ revenue, 2,000-4,999 employees
Although vendors are in some ways contributing to the problem, they also have considerable opportunities to reduce their own carbon footprint as well as help customers manage theirs. One example of a vendor that has taken its carbon cost into account is Honeycomb, which cites environmental reasons as a factor for its adoption of AWS Graviton2 instances, which leverage ARM processors. Energy efficiency has long been an advantage of ARM compared to x86 processors, though ARM has not seen widespread adoption in on-premises infrastructure. With use at the edge and options in public clouds, ARM presents real potential for vendors and customers alike to optimize for cost and cut energy consumption at the same time.
The huge amount of data being collected by observability vendors is already being leveraged to understand infrastructure utilization, and there is ample opportunity for vendors in the space to use such insights as the basis for bringing more ESG-centric metrics to the fore in their dashboards as customer interest in them grows. Observability vendors could easily position themselves as useful allies when it comes to understanding the potential environmental impacts of an organization's larger IT landscape while they weigh how to reduce their own footprint. As more vendors integrate AI and automation, there is also potential for counteracting wasted resource allocation more expediently, whether it's sounding the alarm on zombie Kubernetes clusters or poorly provisioned infrastructure that is eating up kilowatt hours. Recently, Grafana shared an example in which its dashboarding capabilities along with Prometheus were used in a smart home scenario to surface information about energy consumption in kilowatt hours and the associated dollar cost. Although this is a simple DIY scenario, such methods could be applied to datacenter environments and edge infrastructure.
Social impacts on employees, suppliers and customers are also becoming a material issue in all industries and are directly linked to companies' reputation and brand equity, as well as their operational performance. From a social perspective, observability vendors should be eyeing the same goals as any other sector, such as fostering inclusivity and diversity. In a 451 study, 60% of organizations said they have a formal commitment or program for increasing diversity and inclusion within their workforce. A number of observability vendors have publicly made their own commitments; however, aside from diversity and inclusion, there are also immediately addressable observability-specific scenarios that vendors can address within their products, such as accessibility considerations. For example, one inherent bias is the use of the red-yellow-green spectrum in dashboards to quickly delineate impacts to application and infrastructure health to gauge criticality. This can have the opposite effect for users with color blindness, where red and green can look like very subtle differences of the same shade, so telling them apart can be difficult without scrutiny.
As it stands, some vendors employ default choices of high-contrast colors that are considerably more color-blind-friendly than others, though these choices can vary menu to menu. The ability to toggle between color-blind or color-safe modes is not ubiquitous in observability platforms. Users often have to customize their own palette changes, creating manual work to help parse the color-coordinated information across the graphs in many layers of menus. Sumo Logic is one example of a vendor with a pre-built 'color safe' palette that customers can implement. Although a relatively small portion of current users is likely impacted, for platforms that are all about quick delivery of information when it is most critical to prevent or remediate outages, the addition of a simple option could make a significant difference.
Corporate governance systems ensure a company is managed in the interests of shareholders and other stakeholders, including the checks and balances that enable the board of directors to have appropriate control and oversight responsibilities. Customers will likely place the most emphasis on governance in the immediate future, with environmental and social concerns emerging over time. In our study, we asked respondents to rate the importance of ESG in IT procurement on a scale of one to 10; governance was the clear leader at an average of 7.13.
Data privacy is a major consideration in the observability sector given the vast reach of some monitoring and APM tools, which often capture end-user data that can include PII. With greater emphasis recently on real-user monitoring for web and mobile, and capturing data that is specific to end-user experiences, the need to protect PII is a legitimate concern. Some verticals, such as healthcare, will naturally have more established concerns about PII just as some geographies have regional regulations (such as GDPR in the EU). Aside from vertical and geo-based regulations, other companies have their own mandates about protecting customer privacy. The following end-user narrative highlights the way in which company-specific mandates preempt more widespread regulations.
"I don't see very much external regulation and compliance driving us, especially from a budgeting perspective, I mean, even things like GDPR... I just have to lock these things down and take care of people's privacies. But protecting customer information and protecting customer communications, anything like that, like my [organization's] requirements are way stricter than any law."
-IT Engineering Manager/Staff, Telecommunications, $10bn+ revenue, 100,000+ employees
Some vendors provide data-masking capabilities out of the gate. For example, Dynatrace offers configurable masking capabilities, and data can be masked when it is captured by the agent or before it is sent to storage, and preferences can be set based on user permissions. Although it already takes some ESG concerns into account, Dynatrace says it is in the process of establishing its ESG strategy. Cribl also enables users to scrub PII as it is en route to its destination, as does Splunk Data Stream Processor. One aspect of DataDog's recent acquisition of the software Vector was its ability to scrub PII information en route to storage systems and monitoring platforms.