Folks,
This
has indeed been a busy year, with new product launches, new acquisitions, and new
business models seems like every company is trying to reinvent itself and in
process claiming innovation, thought leadership and market leadership. To this,
I spend sometime in pondering over what’s next? Does a new mobile app, which is cool, and has
generated a buzz and that albeit may extend an existing business process –
validate the claim on “innovation”? Or mere product rejuvenation? Will this
trend continue in 2014? I would like to share some thoughts on my last post of
2013, thereby, reflecting on 2013 and pondering on what is to come in 2014. I
think our conversation ought to be much different in 2014 – especially on
Innovation landscape.
I’d
like to start with “Digital Strategy” as a conversation starter? Do our clients
understand what it is? Do we understand what is a “Digital Strategy”?
Investment into IT strategy be it in Cloud, Big Data, Business analytics
and even enterprise mobile platforms can be construed as Digital Strategy but
it is NOT! Let me explain. The new era of business, client interaction and
simple transaction, be it selling, commerce, client care will be pervasive,
much like how we interaction with our connection in social media (on-line or in
person), it is context aware, relevant and pervasive! This means an enterprise
strategy that relies on various data points from various sources about the:
a.
person (customer/employee),
b.
Things (inventory, item, UPC) and
c.
Place (Location)
i.e. -->Intelligent,
instrumented and Interconnected.
Much
like a Smarter Planet campaign
launched by IBM about 5 or so year ago. This type of permeating ‘interaction of systems’ requires an
overhaul of the “systems Thinking” from an IT Strategy to a “Digital Strategy”.
IT Strategy suggested a model that treated technology in isolation, project
based deployment that has evolved into a Services oriented design. Digital
Strategy on the other hand focuses on harnessing all-encompassing amalgamation of individual
technologies such as a cloud, big data, Mobile, Business analytics etc, to
provides us with a unified and contextual view of an Object (person, things,
place). An enterprise should thus “focus their strategy on digital transactions
based on automating and substituting physical resources for digital will only
feel digital. Such digital substitution strategies create virtual copies of the
real world, creating e-channels, e-stores and other e-surrogates for physical
processes”1. How much of this “Digital Strategy” do our
client’s capitalize on? How much
of an ‘enterprise potential’ can this unlock for our clients? --- Something to
ponder upon!
Now,
Mobility/Mobile Application as a medium is most certainly disruptive to the
enterprise computing platforms, as it imposes several technical challenges (such
as scalability, security and new computing models) which can be expensive and
time consuming to be meaningful, but Mobility/Mobile application also provides
organizations, small and large alike, to exploit the possibilities presented by
this new digital model with relative speed – this is possible due to community
defined standards (Frameworks, standards etc), data source in public domain
(social media) and shifting the computing (processing)focus ( and data entry)
to the end consumer. So this is fundamental shift in consumer driven computing,
processing (and data) model. I think this trend will continue to
dominate in 2014 and beyond and we simply need to understand and find avenues
to adapt and exploit this shift as it related to an enterprise digital
strategy.
I
would also like to touch upon how these digital touch point’s fare in Mobility/Mobile
Application paradigm. To this I would like to broadly classify touch points as
follows. ( Please note this is broad category to explain the digitization not
ONLY Mobility):
1.
User
Specific data (Instrumented)
– This includes all user specific data including user profile, preferences,
user data owned (co-owned) by user in social media (public and private). This
can be B2C or B2E depending on the context.
2.
Security
(Intelligent) – This
related to context and risk based access, user credentials, shared security
domain and trusts (OAuth/SAML etc).
3.
Location
specific data (Instrumented)
– This relates to Location i.e. place specific data includes GPS coordinates,
Cartesian coordinates, and in-building location via access points. This also
include the location of transaction i.e. place of transaction execution, range,
geo fencing etc.
4.
Enterprise
Messaging (Interconnected)
– This include bi-directional communication with users, things and places. Messaging also include receiving
messages from sensors, events, users and their devices.
5.
Enterprise
Intelligence (Intelligent)
– Enterprise intelligence refers to our digital strategy discussion. The
ability for an enterprise to collectively harness, Analyze and digitize the
invest into physical assets, IT systems and People.
Technically Speaking:
I. Mobile Security: I think Mobile
Security will be part of every true enterprise mobile conversation. With
security breach at “Target Stores” during peak holidays season followed by
media coverage has brought security into focus, and I think Mobile security
should be on every CIO/CMO’s radar. So I suggest we better understand the Mobile security landscape
to better prepare for 2014
Broadly
speaking we categorize Mobile security into 3 aspects:
1. Security
(App and data) on Device: This includes everything on the
device including (but not limited to):
a. B2E
(in some cases B2B) -- MDM -- Device management such as a Device
signature/device registration (trusted)/Jailbreak detection etc.
b. B2C
- Application tampering/Malware related exploits/data on the device etc
Broad range of
solution to address many of these facets:
(i) Containerization
– Aim to address
separation of work and play, secure containers or protected sandbox for secure
and trusted (signed) application/data and resulting traffic security.
(ii) Securing the application -- Malware
injection/tampering/Application auth tests/Data exfilteration -- AIM to make
sure that the app and related data is secure.
(iii) Securing the data on the device and prevent
leakage --- goes back to on device data encryption, transport encryption (enforced
by enterprise security), access control etc.
2. Security (Data)
in Transit/ Transport
This is to
ensure that data is securely transported AES/SSL/TLS -- mostly enforced by
protocol over public network and enforcement is burden of the enterprise --
Tools such as a ISAM for Mobile (with integration with SIEM for reporting),
Datapower - for AAA etc, Edge and reverse proxies etc.
Now this has
been business as usual we now begin to see Mobile and context awareness
requirements in the edge and a more intelligent ways to provide access control (OTP/MOTP
etc)
3. Security
(Data) in Enterprise:
This is also
business as usual for many enterprises with securing enterprise
application/services and data and access to it. Things like AAA, trust
interceptors and role based enterprise security access with PAP/PDP/PEP
concepts at play. Here also we now begin to see Mobile and context awareness
requirements.
Reference:
Thoughts on 2014:
Let
us focus on conversation and design around Enterprise “Digital Strategy” which is
pervasive and all encompassing. Mobility will certainly dominate “Digital
Strategy” discussion, and mobility is not just Mobile application but includes
M2M (Machine to Machine), sensor data and implicit interaction between systems
that needs to be captures and analyzed. Above all I believe 2014
will kick off a new era in Digital Evolution – and we all have a
tremendous opportunity to contribute and lead.
As
Always I welcome critique and thoughts.
Have a Great
Holiday Season, Merry Christmas and Happy New year – 2014!
:)
Nitin
