The Cloud Scares Me, Why Manufacturing Should Think and Work More Like Microsoft!!!
Supply management and manufacturing is now about data, massive numbers of transactions created and shot through thousands of pathways around complex global information networks most wetware cannot, or would prefer not to imagine. Migraine city! Added to the ordinary business of running a company are the countless signals and communications around customer and producer activities – orders, IP such as drawings and concepts, RFQ’s, invoices, shipping documents, etc. It’s blinding, and it’s no wonder that so much fear surrounds the very word “Cloud.” In fact, that CIO of one of the top ten US insurance firms had this to say about the Cloud, “”Sure there is cultural and perceived security resistance to the Cloud, but the pure economics of Cloud will eventually hit all of these people in the head like a sledgehammer”
The Cloud – Good, Bad, Scary?
We asked Mr. Mike Opal (email@example.com, Microsoft Industry Market Development Manager for US Financial Services) to comment on where he sees Cloud vs. local strategies going given the clear parallels in manufacturing and supply chain between financial services operations. Just as we suspected, he confirmed that “people get very hung up on the so-called security aspect. It’s an emotional, a gut reaction.”
There are enormous costs associated with maintaining and upgrading traditional IT. “The other cost,” says Opal, “is the cost of NOT being a flexible agile business. If a company wants to ramp up the traditional way, they’ll have to buy hardware and software, install it, beta test, etc., etc. The time required is immense, but The Cloud is instantaneous. There is no question that we are all going to get there – it’s going to happen.”
Microsoft walks its own talk. With everything on The Cloud, the company has already done a lot of thinking about security. Their product is the code they create, and we know that pretty much any IP can be stolen. But for Microsoft to become a cloud company given the way they use the Cloud internally, they had to rethink how they protect and access information. What they came up with changes the way consumers work with their own data.
When people think cloud security now, they defer to their at work or mobile interface. But for many workers the line between inside the office and out on the road is no longer a hard distinction that doesn’t reflect the way people will work in five years because the workforce is infinitely more mobile.
“Let me give you an example,” says Opal. “I use my mobile device as an alarm clock. When it goes off, I roll over and scroll through emails, and I decide right now what to respond to. Europe is already ramped up, so I’ll probably respond to a couple messages before I get out of bed. Then I’m off to the train or my car, or my home office. The old approach of relying on a firewall won’t work anymore, because I’m everywhere. The firewall is an outdated mindset like the locked drawer or the locked door of an office. But the way Microsoft handles security, it’s about access.
Microsoft protects data two ways – the sensitivity of data and the way it arrives. Information is classified into three levels – high, medium and low business impact. Microsoft sorts all IP, including email, this way. “We can read the very highest level information, but our security system might, for instance, block that same critical information from being forwarded. And in fact the Microsoft system, which “knows” which devices are engaged, specifies which devices are authorized to read different types of messages. Rather than thinking firewalls and locked drawers and boarded windows, the company uses a smarter system that recognizes levels of access for devices, users and information type. This approach,” says Opal, “is much more geared for mobility, in fact it leverages the mobile device to create a layered and more secure system “
Cloud Adoption in Manufacturing and Supply Chain
Manufacturers may find added cost savings in The Cloud. For low business impact information that they may find more expensive to store and maintain, such as expense reports, it’s a no brainer to move that type of information to the Cloud. If businesses can start thinking about the type and levels of information that they use to run their own companies, they will find they can classify groups of data that will easy reside on The Cloud.
Here’s a current example. When Opal took his position at Microsoft, his boss sent out the usual email introduction to people with whom he would be working. When he forwarded that same message to his wife at home, however, she could not open it. When she read the subject line and clicked, she was denied access because she is not a Microsoft employee. Although the message itself was classified as “medium business impact,” it was also classified for company employees only, a new security protocol based on access.
Access is administered by device. When a Microsoft employee logs on to his Microsoft laptop, he is on the Microsoft system no matter what his location. This means that when he accesses email or files, the way he accesses info is the system needs to know, no matter the location, if the device, the user and the network are approved and secure. Simple log-in routines evaluate three access points, in addition to the user’s location. When one of these three points, or location, isn’t approved, or shows up in a previously unvisited geography, the system reacts and questions access. Rather than a single lock and key, access is designed to be multi-layer.
Opal notes that the Swiss, who are generally regarded as uber-skilled at protecting their banking operations, are working hard to maintain that same level of security in a world that has become less secure. Swiss banks have therefore “instructed” their networks to stop information from leaving Switzerland! In fact, their bank laptops can be programmed with locator technology so that a kill message is sent whenever the laptop crosses the Swiss border!
“This is, when you start thinking about this,” reiterates Opal, “a multi-dimensional picture, of who is accessing, and what kind of information is being accessed. By looking at both the person and the information, and the device and location they are access from, we get a much better picture of the person and of security, vs. when the door is locked, with the old mindset either you are in the building or you are not that simply will not work anymore” If Microsoft is all on The Cloud, which experts say it is, then the implications for the future of other companies’ data management systems is all laid out for us. Nevertheless, users continue to question its security. One gotcha inevitably arises – “Tell me about the most important information your company has. How about the email box of the CEO or the CFO – that inbox should therefore be the most secure because it contains the most critical IP a firm has but is the CEO allowed to access messages over webmail? If the answer is yes, you are already operating in the cloud. The User ID is probably the CEO’s email address, and hackers can get to the password, so although 90% of businesses use webmail, their systems are not secure.
“The solution,” reiterates Opal, “is to limit access to the CEO’s web presence by setting levels of access, maybe the CEO should have full access on his or her mobile device but not on a Starbucks Wi-Fi site, those are business decisions to be made but once you make them you can start to build a thoughtful security method. We used to say “what is your device, what is your mobile strategy?’ now it’s ‘what is your access strategy?’ Figure that out first, and then build the systems and business processes to support it.”
One other factor continues to drive this approach to IT security. The Consumerization of IT is a game changer and Apple’s iPad and iPhone have ushered this new era in . . . While a new employee would receive a work-issued laptop and a Blackberry from work, the iPhone changed all that – people bought and paid for the new Apple phone themselves and carried both the Blackberry and the iPhone, although the Apple product became their preferred device. When the iPad appeared, Blackberry’s future dimmed as professionals enjoyed the clear Apple advantages – full-sized screen usable keyboard, better operating system. But each new device handed corporate IT, still tethered to RIM Blackberries, a new security challenge. Opal believes that “The only way to address this change is to accept it – people will, even if they have to pay for them on their own, acquire the new, and better devices, forcing corporate IT to go the next level – location and geography – to manage security.”
Microsoft – Three screens and The Cloud is the future of the world
Is the future of corporate computing device-driven? Opal urges caution.
He’s sees business computing centered on three media:
1. The laptop or tablet/pad
2. Mobile Device
3. TV screen.
Imagine walking into a home whose high def TV hosts home as well as work emails, plus entertainment and visual communications options, all in one big readable device! Microsoft’s Xbox strategy is a leading to this game changing move. For every home that hosts an Xbox, the company sees a very powerful computer, connected seamlessly to the cloud, with all cabling and network interfaces in place for the next generation.
“This is a departure,” says Opal, “from the current preoccupation with devices. That’s the wrong way to think about it! There will be a steady flow of new, faster devices the device of the moment will come and go (i.e. BlackBerry just 4 years ago) it’s like what’s happened with cars – more electronics, more intelligence, and more systems. But don’t get hung up on devices. This is why Microsoft has always been about operating systems and infrastructure. With Windows 8 for instance, a user can buy one copy that to run his phone, tablet, and TV – you’ll have your entire life with you accessed through different screens. Don’t get hung up on devices. This is structural. We have a Microsoft Envisioning Center in Cambridge that allows us to experience the future, and it’s really not that far off! Location will be critical as users are tracked through their devices, much like air traffic controllers direct and monitor planes. The hotel Reception Desk will monitor your movement and arrival from home through the airport, right up to the Bell Captain. The hospitality business, like Disney, understands the value of personalizing their service from the moment a reservation is made until the last dollar is spent on the holiday experience. Disney and others are light years ahead of the banking institutions we talked about who need to rediscover the joys of memorably efficient and personal service, gloriously and quietly information-enabled.”
By Patricia E Moody
tricia@patriciaemoody, copyright 2012, with permission.