Enterprise architecture in a world of automated change

action 002I posted the other day on the Enterprise CIO blog an entry about the CIO’s role and the self-driving business that got me thinking about the Enterprise architect and the processes (e.g., TOGAF). There seems to be a lack of any real automation thread. Do you see one? This clearly needs to be addressed.

One of the primary roles of an Enterprise Architect is to identify, define and support business transformation projects. The capabilities of the technologies and the business drivers have changed quite dramatically in recent years but the processes in many ways remain the same. EA practitioners will need to take a very different approach to their role going forward and how it can shape the business.

Automation will be playing an ever increasing role in business. One concept that needs to be address is that of Enterprise Context Management, which is one of those foundational elements needed for automation, yet that’s not really part of any EA process work product – at least that I know of. To me this is like a repository of enterprise state (for lack of a better term) and who subscribes to the changes in state.

Gartner came up with the term of Vanguard Enterprise Architect, describing EAs that are focused on digital business techniques and its value to the business. As part of this more forward looking approach, architects need to understand that it’s not about creating documents but about blending people, process and system to meet business needs. Through the use of automation techniques the environment will still need to be human-centric, it will just use those individual’s attention more efficiently and effectively.

The days of EA’s gathering, documenting and then just placing a few recommendations on the table are likely over. EA is not about just hardware, software and projects. Sure those play a part but now it is services, relationships and a holistic ecosystem view aligned to desired outcomes. The expectation should be for the EA to deliver business outcomes, backed by contextual depth of impact and analytics that maximize the value from one of the scarcest resources in any business, the creativity of its people.

Advertisements

7 Questions to Help Look Strategically at IoT

question and analyticsThere are still many people who view the Internet of Things as focused on ‘the things’ and not the data they provide. Granted there are definitely some issues with the thing itself, but there are also concerns for enterprise, like the need to monitor the flow of information coming from these things, especially as we begin to automate the enterprise response to events.

A holistic perspective is needed and these are the top issues I believe an organization needs to think through when digging into their IoT strategy:

  1. What business value do the devices provide – independent of the data they collect?
    Having said that it is not really about the devices, it remains true that the devices should be delivering value in themselves – the data may be just a side effect of this role. Understanding those functions will increase the reliability and usefulness of the data over the long haul. No one wants to put an approach consuming a data stream just to have it dry up.
  2. What access will the devices have to the enterprise?
    Is it bi-directional? If it is the security risk of the devices is significantly higher than those that just provide raw data. If a positive feedback loop exists, it needs to be reinforced and secure. If the data flow is too narrow for this level of security, the need for bi-directional information flow needs to be scrutinized – if the interaction is that valuable, it really needs to be protected. Think about the issue of automotive data bus attacks, as an example.
  3. If attacked, how can the devices be updated?
    Does the devices support dynamic software updates and additions, if so how can those be delivered, by whom? Users of devices may download applications that contain malware, since it can be disguised as a game, security patch, utility, or other useful application. It is difficult for most to tell the difference between a legitimate application and one containing malware. For example, an application could be repackaged with malware and a consumer could inadvertently download it onto a device that is part of your IoT environment. Not all IoT devices are limited SCADA solutions, they may be smartphones, TVs… pretty much anything in our environment in the future.
  4. How will the data provided be monitored?
    Wireless data can be easily intercepted. When a wireless transmission is not encrypted, data can be easily intercepted by eavesdroppers, who may gain unauthorized access to sensitive information or derived behaviors. The same may be true of even a wired connection. Understanding the frequency of updates and shifts in data provided is usually an essential part of IoT’s value, and it should be part of the security approach as well.
  5. Can any personal or enterprise contextual information leak from the device connection?
    I blogged a while back about the issue of passive oversharing. As we enable more devices to provide information, we need to understand how that data flow can inadvertently build a contextual understanding about the business or the personnel and their behavior for other than the intended use.
  6. Is the device’s role in collecting information well-known and understood?
    No one like the thought of ‘big brother’ looking over their shoulder. People can easily feel offended or manipulated if a device enters their work environment and provides data they feel is ‘about them’ without their knowing this is taking place. A solid communications plan that keeps up with the changes in how the data is used will be a good investment.
  7. Who are all the entities that consume this data?
    As IoT data is used to provide a deeper contextual understanding of the environment, the contextual understanding may be shared with suppliers, partners and customers. These data flows need to be understood and tracked, like any consumer relationship, otherwise they may easily turn into a string of dominoes that enable unexpected shifts in results as they change. Awareness of enterprise context management will be growing in importance over the coming years – note that was not content management but context management.

All these issues are common to IT systems, but with an IoT deployment, the normal IT organization may only be able to influence how they are addressed.