I had the good fortune to attend unConference 2012 today. It was good fun. I ran into a lot of people I know from the Boston tech community. Many that I hadn't seen in a while. I was able able to sit in on three sessions during the course of the day. Here are thoughts and notes from two of them.
Bring Your Own Mobile Device
This was a small and intimate gathering with a lot of give-and-take. At the outset, everyone agreed that the devices to be discussed would be limited to smartphones and tablets rather than desktops or laptops. Personally, as someone who brings a laptop into the office every day, I think they should have been included . . . but that’s just me.
Daniel Gerow – who does corporate IT at Wayfair, a home goods e-tailer – was the host of our little band.
At the outset, he asked everyone to share topics of interest.
Security came up a lot, in terms of protecting the data on a device and providing devices with secure access to the enterprise. Policies were one approach, but everyone agreed they are not especially strong, difficult to enforce and better in theory than in practice.
In my opinion, one of the most interesting discussions (as far as I was concerned) was around technologies that created secure devices on an existing device – not exactly virtual, but separated and running in parallel. Two companies were mentioned. The first was Enterproid, whose product, Divide, allows an enterprise to create a secure phone on a personal one. By tapping the home button twice, the secure device is started. It can then access enterprise resources and corporate IT has centralized management capabilities. Double tap again and the phone is your personal one once again.
The second company was MobileSpace. This takes a different approach. It “wraps” applications (no one was quite able to say how exactly “wrapping” worked) and only those apps were able to access the enterprise.
The centralized management offered by both was a big deal.
This is easy to understand when you consider the second issue that came up: fragmentation.
Gerow explained that for him, everything was about standardization. He doesn’t want to have to think about or manage all of these different devices, operating systems and OS variants. Wayfair is a Microsoft shop and so he is able to use ActiveSync to manage all the devices that come through the door (assuming they all support ActiveSync of course). He asks employees wanting to use their own devices what they plan to use them for and is then able to configure policies and permissions based on their specific use case.
The next topic focused on people’s assumptions about the mobile experience. This became a pretty freewheeling topic and covered a lot of ground. One of the elements of the discussion was storage and how frequently people are using services such as DropBox to move files from work to home and back again – whether on a mobile device or otherwise. Everyone agreed that access to corporate data without corporate control was a big issue. The challenge is that dealing with VPNs – especially on mobile devices – is not a great experience. It’s just so much easier to set up a DropBox.
Although no one was able to name a specific product, several people said there are enterprise solutions with DropBox-like capabilities, but without the public cloud storage.
The other user experience issue had to do with live data. One participant discussed healthcare apps that allow caregivers to access and update records from their mobile devices or a PC. Because these are busy people, most tend to want to use their device. This creates a new set of challenges – encryption, performance and maintaining data state if a mobile device loses its connection to the network.
The bottom line is that the technology is in place and people are using it in the workplace. Yes, it raises issues and concerns but the genie isn’t going back in the bottle. Of course, many enterprises hold a digital trump card:
If a device is ever lost or compromised, it can be wiped – killing all the data, personal and enterprise.
Big Data and Privacy
This is an issue that’s near and dear to my heart. Over the past several years I’ve worked with a number of digital advertising and marketing companies so big data and privacy are constant topics.
The big theme here was concern. People agreed there’s going to be more and more data, coming from more and more sources and analyzed and used in ways we haven’t even imagined. As the volume and use of data accelerates privacy concerns will only grow. This presents a huge opportunity for entrepreneurs and technologists.
Participants were asked what they thought was behind what was described as an “immunity” to privacy concerns. The answer from most was that it’s a generational thing. People for whom the Internet has been present for their whole lives seem less concerned that older people.
An interesting variation on this theme was that it also depended on where people were from. One person asked, “What’s the cost of failure? If my credit card is compromised it’s fast and easy to shut it down.” Several disagreed with this attitude, suggesting that Europeans who had lived or known people who had lived in surveillance states were more likely to be careful than Americans. Others pointed out that in despotic countries privacy can be an issue of life of death.
It was suggested that at some point there may be a catastrophic event that forces everyone to rethink their attitude toward privacy, but for now there’s no impetus to change. In fact, we’re being trained and encouraged to share more and more. One participant made the point that Facebook has made everyone more comfortable with sharing information about themselves. The fact that there’s only a “Like” button reinforces people’s willingness to share more information about themselves.
And all that data is being put to work by marketers. Retargeting was mentioned as one use and another participant observed that more data equals better conversion. But this, people thought, was just the low-hanging fruit. There’s movement in the market – around algorithms and analytics – that will allow data to be used more easily.
The important issue around data ownership came up. Who owns the data about us we’ve put out in public channels? Who can extract value from our personal data? Who owns the analysis of the data, or the connections and inferences that can be drawn from it? These are big questions that haven’t been answered. Someone suggested we may see new laws and regulations – which is probably true – but the details are still unknown.
As regulations were discussed, a participant mentioned that attempts to protect privacy could be a threat to innovation. This sparked a discussion that led to questions around the difference between privacy and identity. A woman from the Internet Society said that internally they refer to big data as identifying data – and that there’s no real way for data to remain private. There’s just too much out there that can be connected in too many ways.
The idea that there’s a value exchange – access for information – was also discussed. The problem is that this exchange is not explicit. Consumers may be getting things they want and value – or ads and offers that are relevant to them – but there’s not direct or clear connection to their personal information. There’s an opportunity to change that in ways that could empower consumers by giving them a chance to offer their data to marketers – at a cost – when they’re looking for specific products or services.
This led to a discussion about user-centric identity management. An interesting idea but many wondered if this is something the average citizen should have to worry about. Several people suggested there needed to be some places – and some types of data – that are private. Medical information, for example.
As part of this discussion, a participant mentioned that there are already ways to function anonymously online, even ways to shop without giving out too much information. The Electronic Frontier Foundation was suggested as an important privacy resource. It’s good to know there are resources out there since the conversation ended with some extra-creepy examples from participants of ways data is being collected and used:
- At Fenway, a fan that made his way from the luxury boxes to the Monster Seats to the grandstands and back to the luxury boxes was approached by security because facial recognition software had identified him in multiple places.
- At Zuccotti Park, facial recognition was used to identify apparent Occupy leaders for “tactical extraction”
- As Brazil prepares for the World Cup and Olympics, police officers are being equipped with helmet-mounted cameras, heads-up displays in their face shields and augmented reality capabilities to identify with icons people that may be problematic.
The panel ended on these dystopian notes – but also with the hope that people can exercise some control over their data and privacy. As long as it isn’t already too late.