The Next Big Thing
Posts about next generation technologies and their effect on business.

IoT and IT’s ability to foresee unintended consequences

Internet of things.pngI was recently talking with someone about an Internet of Things study that is coming out and it really made me wonder. HP has been doing work in the IoT for decades and gets relatively little credit for the efforts. In fact where I started work back in the 80s was writing statistical analysis tools for plant floor (SCADA) data collection – essentially the high value, big data space of its time, back when a 1 MIPS minicomputer was a high $$ investment.

 

The issues we deal with today are a far cry from that era, now we’re as likely to analysis data in the field about well head performance or robotics but many of the fundamentals remain the same. I’ve mentioned the issue of passive oversharing in the past, and addressing that issue needs to be at the foundation of today’s IoT efforts as well as value optimization issues.

 

I was in a discussion about vehicle to vehicle communications requirements a few months back and the whole issue of privacy looms much larger than the first thoughts of preventing accidents. I think everyone would agree that putting on the breaks by those vehicles affected is a good idea. Should the stop lights recognize bad behavior and visually send a signal to other drivers? There are a wide range of innovations possible with a network like this.

 

There are also negative possibilities to be considered:

  • Is passing along this driver performance to the police a good idea? What about insurance companies?
  • What about just that fact that your car knows it is speeding, is that something that others should know?
  • Or the information about where you’re driving to, now that your car is sharing this information with other cars and infrastructure (cell phones already do this by the way).
  • What if a driver can ‘socially engineer’ the limits of the system to maximize the performance for them. An example of this might be if you were to push the system so that yellow lights would stay yellow a bit longer because you’re accelerating into the intersection – is that OK?

Some unintended consciences are going to happen. We should be able to see many of them coming, if we think creatively. IT organizations will need to develop their implication assessment skills, for their social as well as business effects. The IT team should have better comprehension of the analysis and data sharing that has happened elsewhere and the implications, regardless of the business or industry and be able to advise accordingly. They need to reach out early and often.

Preventing the IoT from being the Oort cloud of the enterprise

riding comet.pngLast month, IEEE Spectrum had an article on how Most Technologists Upbeat About Future Internet of Things and I am optimistic as well --do you really think being down about it will prevent it from happening? I mentioned that ubiquitous power is a prerequisite for the IoT to really take off, at least for some applications.

 

On the same day I gave an IoT intro presentation I was in an exchange with CIOs about rogue clouds, in the process I made a joke pointing out that rogue clouds are the Oort cloud of IT - an area we don’t pay any attention to until something is about to impact our business.

 

There are a number of challenges for technologist to overcome. For every positive aspect, there is a negative trap to fall into and be prevented or at least understood.

 

Challenge

Positive

Negative

Privacy/Security

A view into what is actually going on

Passive oversharing

Identity

Knowing what is what

Device ‘identity’ mistaken for true identity- people become a network address

Efficiency

Speed

Unemployment

Decisions

Automation takes latency out

Loss of freedom and understanding, if automation becomes just another legacy system

Culture

Gamification

Big Brother and data bias

 

What are some of the other issues that have both positive and negative dimensions??

Autonomous vehicles now, near and someday

autonomous car.pngIEEE Spectrum had an article on the current state of self-driving cars -- many of these features are already in commercially available cars. They may not seem like much, but they are the foundation for those fully autonomous cars we keep hearing about. It will be closer to the end of the decade before we see those in any volume.

 

One of the areas that will be deployed sooner is vehicle-to-vehicle (V2V) communications. V2V communications is made up of a WiFi like wireless network where automobiles (and infrastructure – V2I) send messages to each other with information about what they’re doing. This research once implemented should aid people in driving more safely, by taking latency out of the response to situations.

 

This will have all the complications and security/privacy requirements that IoT implementations should address.

 

It is not just cars we’re trying to make smarter, there are also efforts to make the roads smarter as well.

The shifting view of security required today

security extend.pngLast month while in Canada, I was part of a discussion about what’s abundant and scarce in the finance space. We touched on security. I think we can all admit that there is nearly an infinite supply of hackers willing to work for free and at the same time a business’s resources in the security space is constrained. It is not hard to image a large organizations being the focus of 10,000 or more cyber-attacks in a single day. Are our systems really up for this level of defense?

 

We can also admit that the security fortress approach (where you create a secure perimeter) to protect the corporate systems and data is insufficient and outdated. This notion of security seems quaint in a cloud-enabled world where the business draws upon an ecosystem of partners and sites across the globe. Even the systems that we’re implementing are no longer hierarchical in nature, they are an aggregation of services and functionality providing significant business value but presenting opportunities to rethink what we mean by governance, compliance and access. The concept of having zero risk appears naïve.

 

We live in a world of conflict. We want our systems to be secure and yet collaborative, innovative and low risk. This kind of paradox points to the need for an innovative approach.

 

We are going to have to abandon our current fragmented defense mentality and rethink our cyber-attack response. This gorilla war will be defined by a business-driven, risk-management approach where security needs to be baked in at every level and not bolted on as an afterthought.

 

There was also a discussion related to a mobile approach to control. Some of the folks were talking about using Bluetooth LE to open locks and control a facility (since a wide variety of mobile devices support it). I pointed them to an analysis that shows how Bluetooth LE provides low energy consumption but also low security. It may be OK as long as you add additional security capabilities throughout the rest of the system and don’t depend on the Bluetooth specification, since LE doesn’t really use the defined security functionality in its attempt to lower power consumption.

 

There are a few ‘simple’ things organizations can do to start shifting their perspective:

-          Prioritize information assets based on business risks.   I’ve mentioned before my view about BYOD – for the corporation, it is not about devices, but access to corporate information and policy. Organizations need to develop a data portfolio that defines the information assets they need to protect and have clear policies on their use – this may extend into a context portfolio perspective.  This will require business and IT to work together to assess risks across the entire value chain and set appropriate policies for the underlying information assets.

-          Define policies for security integration. In the more flexible (cloud-based approach) being deployed today services that are created or subscribed to can morph from what they were originally intended to be used in other ways – plan for this. Everyone in the IT (and probably the business as well) need to have a foundational understanding of how to incorporate security awareness into their work, during the entire lifecycle of processes and projects. Security and privacy are everyone’s job.

 

Security can be a differentiator for an organization – both in a good and a bad way. Organizations need to actively take control instead of passively waiting to see what happens.

 

2014 – a year of instability

crystalball.gif2014 will be a year of Instability for most organizations. For the optimists, it will be a year that many of the technologies that entered the business environment, shift to delivering significantly new levels of value. For the pessimist, it will be another year of unwanted change.

 

One of the changes organizations will embrace is the shift from a focus on service delivery (including cloud) as a commodity to a value play. This will move Service Level Agreement metrics from measuring commodity performance (like uptime) to more business-focused and quality measures.

 

Many of the service players will begin to offer solutions higher up the value stack and directly address business processes. SaaS vendors moving to BPO for example, causing them to take on whole new areas of responsibility.

 

The same kinds of shifts will happen within IT support organizations. Workplace services that are currently focused on supporting BYOD will need to embrace Bring Your Own Service – a more environmental view of what is needed to address the business needs of the day. The security and service broker functions will become even more critical for support organizations since much of the work will be provided by others.

 

In 2013, HP talked a lot about the new style of IT. In 2014, a new style of business that is more social, mobile, flexible, data driven, secure and automated will generate greater value levels and allow those who embrace the change to excel. For example, social will be a lever for greater engagement for employees and customers. Mobile will build upon that engagement capability and add in the element of speed, shifting the time to action for organizations. Analytics will move out of the glass house and take advantage of mobile to provide the visibility and efficiency needed and where possible automation will offload well understood tasks and assist in simplifying and eliminating distractions. The race with the machine will be the race to watch in 2014 -- this will be a year of widespread transformation. Defining criteria to evaluate an innovation and its implication will help organizations minimize instability.

 

In 2012 a wide variety of ubiquitous and wearable computing hit the ground (even more in 2013) but in 2014 these will hit the road and be incorporated into more business and personal processes. They will shift from being isolated devices to becoming linked networks of functionality. As the costs and power requirements go down, they will be embedded in more products (and produce, limiting spoilage -- as an example) optimizing results. This will also enable a more software-defined everything view of computers in products. The instabilities this shift implies will be readily apparent in 2014.

 

Another shift will be to a software defined anything approach. The concepts of OpenStack for Cloud OS and OpenFlow for software defined networking will start to permeate higher into the value stack with a more open ‘smarts’ approach to pattern recognition and process optimization during 2014. This more open approach will allow for standardization yet customization enabling new level of business flexibility and applicability. The personalization and custom development for 3D printing... will continue to move into the mainstream.

 

Software in 2014 will incorporate more flexible information sources and analytics, enabling greater levels of automation and systems of action. For the end user we’ll likely see a great deal of interface work and changes as HTML5 integrates more capabilities for voice, video… and organizations begin to capitalize upon these capabilities across devices. A wider variety of spatial (gesture), touch, voice and even mind control interfaces will be incorporated into enterprise software, moving out of the consumer space. Organizations will learn from how the consumer space adopts the functionality of the Xbox One into their interactions. We will move beyond a ‘mobile first’ view for development to mobile is 'the interface' and desktop is a special case – fortunately with HTML5 that should not be that big of an issue.

 

The software portfolio that has been built through the success of all the previous projects will need to be re-assessed in 2014 against these services and the revised needs of the business. Mobile interfaces will allow the enterprise to take advantage of the computer everyone has with them. This environmental perspective will enable the employees to become more engaged with the processes, customers and other employees, empowering them and enabling them to empower others.

 

Organizations will need to assess what is abundant in this world of 2014 and what will still be scarce for them. Those that recognize this distinction will have a significant advantage in planning and removing instability. Everyone can probably recognize that security, privacy and time (attention) will be scarce, but what else can be optimize and used differently to provide advantage.

 

Engaged and motivated employees will still be scarce. I think businesses will need to do more in-house orientation and development enabling a more predictable talent creation pipeline. Although a variety of education techniques can be applied to make this happen, the passive approach that came about during the .com era will no longer be accepted by the businesses or its employees and the new skills and change management required to shift the business will be recognized and addressed in 2014.

 

Organizations that can quickly adjust to the volatility around them will remain stable and in control. Most of the instability can be predicted, although there are some situations that will always surprise us. Being flexible and aware can make those situations turn into an opportunity.

Search
Follow Us
About the Author(s)
  • Steve Simske is an HP Fellow and Director in the Printing and Content Delivery Lab in Hewlett-Packard Labs, and is the Director and Chief Technologist for the HP Labs Security Printing and Imaging program.
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation