I'll have a pepperoni, with extra predictive analytics...
One of the great things about vacation is that it allows me to dicsonnect - or at least unwire - from technology. I find a great many things, though, that speak to technology issues, no matter where I am, or what I am doing.
I offer as an example of this the humble pizza, and its carry-out cousin, the Chinese dinner. When you have had a hard day of driving and fun, sometimes there is not enough energy left in your body to handle eating out. On such occasions, there are about two types of food that will deliver - pizza and Chinese. The two couldn't be more different, though, and I'm not just talking about the types of food.
When we ordered pizza one night, it came with one accessory - a box. It was exactly what we ordered, and nothing more. When we ordered Chinese, it came with napkins, extra sauces, plates, forks, and another menu.
Consider that for a second - which of the two places was more likely to make a future sale to us, the one that provided just what we asked for, or the one that provided what we asked for, plus some of what we needed, in a way that it allowed us to better consume what we purchased?
For the pizza, we had to tear up the boxes to create plates, and that meant that we had nothing to use to contain the crusts and leftover pizza, which I'm sure was a bad thing for the maid. We tried to be neat, but there was too much for the small trash cans in the room.
When we ate the Chinese food, we laced it on plates, ate with silverware like civilized people, and, when we were done, the box it came in was perfect to do the waste disposal in.
You may question what this has to do with knowledge management, but the concept of a simple take-out order has quite a lot of parallels to efficient use of information. Suppose that every time we asked for data it was useful to us - really useful - how much value would that add? A lot! True knowledge management is packaging core information within environmental, contextual, functional and perpetual data so that its value is enhanced.
I'm currently in New Orleans, a city that has seen what the effects are of accurate, but situationally-isolated data. I'm struck by how many potential disaster situations have either happened, or might happen. Would the mortgage crisis have been averted by the surrounding data showing tax rates, raw materials costs, insurance rates, debt-to-income rations and other, affiliated information, rather than just what each individual's assessed home value was so that 125% of that value could be loaned out? I'd say possibly, especially with the knowledge that taxes are based on assessed value, and so when the need arises to raise funds, there is no 'easier' way for that to happen than for the taxing municipalities to re-assess with an eye toward 'maximizing value' and other factors.
Responsible KM is more than delivery, it is also forecasting, defining and cataloging. We as practitioners must be careful to provide it properly, and thoroughly.
Subscribe To
Posts
All Comments
Monday, July 14, 2008
Sunday, July 06, 2008
This posting is a couple of days late, due to some extremely challenging travel/housekeeping issues going on. Also because of a very low-tech issue involving a 15 year-old boy, overeager to help, and a phillips bit through a hand - but that would be a different diversion altogether.
I am currently in Chicago preparing for a training to help me be a more efficient and skilled technician in the realm of mainframe security. This brings to mind a framing of security in the grand scheme of things.
One would assert that security is an important thing to have on top of data, especially data, and on the surface I would agree. I argue, though, that a separate security functionality on top of data is hampered and half-way executed as well. To be truly effective, security must be part and parcel of the data that is extant in any system.
As an example of this, security has the ability to interrogate and allow/deny access to data, but there is no qualification property to it, by and large. When you seek access to data and it is granted, what security is there behind that? An attempt to obtain information is successful when access is gained to that data. If someone gets access to data, and improperly uses it, it is generally left until a forensic function to determine what was done, how, and by whom.
Truly effective security will include a predictive and analytical functionality so that access may be granted for 'honest' pursuits, but may be denied for those that are not so honest. As an example, if someone is a file clerk and suddenly requests information about staff salaries, as well as staff names, then a red flag could be run up to tell them that they need one, or the other, but not both. Technically they would have access to both types of information as a legitimate portion of their duties, but the combination would give them things that are actually outside the scope of what they do.
I wonder how many systems are technically protected, but forensically exposed. I wonder how much it would be worth for someone to develop an algorithm and taxonomy for data that would allow this type of predictive security. The details are somewhat difficult, but if you succeed in creating such a thing, you may dispatch the royalty checks to my address. All kidding aside, for us to truly protect ourselves, we need to protect against not only content, but also leveraged capability.
As a side note, we also see the problem of needless security. As an example of this, I submit Indiana University. As a public institution, all the financial information there is available to any researcher with the time and energy to track it down through government publications, etc. So, they just opened up the floodgates. While I would not feel comfortable in doing that totally, I do need to give them kudos for realizing that this is an option. Just because our buildings are box-shaped doesn't mean that we can't go outside them.
I am currently in Chicago preparing for a training to help me be a more efficient and skilled technician in the realm of mainframe security. This brings to mind a framing of security in the grand scheme of things.
One would assert that security is an important thing to have on top of data, especially data, and on the surface I would agree. I argue, though, that a separate security functionality on top of data is hampered and half-way executed as well. To be truly effective, security must be part and parcel of the data that is extant in any system.
As an example of this, security has the ability to interrogate and allow/deny access to data, but there is no qualification property to it, by and large. When you seek access to data and it is granted, what security is there behind that? An attempt to obtain information is successful when access is gained to that data. If someone gets access to data, and improperly uses it, it is generally left until a forensic function to determine what was done, how, and by whom.
Truly effective security will include a predictive and analytical functionality so that access may be granted for 'honest' pursuits, but may be denied for those that are not so honest. As an example, if someone is a file clerk and suddenly requests information about staff salaries, as well as staff names, then a red flag could be run up to tell them that they need one, or the other, but not both. Technically they would have access to both types of information as a legitimate portion of their duties, but the combination would give them things that are actually outside the scope of what they do.
I wonder how many systems are technically protected, but forensically exposed. I wonder how much it would be worth for someone to develop an algorithm and taxonomy for data that would allow this type of predictive security. The details are somewhat difficult, but if you succeed in creating such a thing, you may dispatch the royalty checks to my address. All kidding aside, for us to truly protect ourselves, we need to protect against not only content, but also leveraged capability.
As a side note, we also see the problem of needless security. As an example of this, I submit Indiana University. As a public institution, all the financial information there is available to any researcher with the time and energy to track it down through government publications, etc. So, they just opened up the floodgates. While I would not feel comfortable in doing that totally, I do need to give them kudos for realizing that this is an option. Just because our buildings are box-shaped doesn't mean that we can't go outside them.
Subscribe to:
Posts (Atom)