COLUMN – Ownership of the Collaboratory and its Security
March 8, 2014 - In our education sessions in New York one clear component of every successful energy integration project was a team of champions who asserted ownership of the projects collaboratory.
By Ken Sinclair
Another observation was that the projects were truly morphing into a dynamic collection of people, things, and internet interactions; a collaboratory not just a project.
“A collaboratory is more than an elaborate collection of information and communications technologies; it is a new networked organizational form that also includes social processes; collaboration techniques; formal and informal communication; and agreement on norms, principles, values, and rules” (Cogburn, 2003, p. 86).
Hence it became obvious that the theme of this column should be the issue on everyone’s mind, the “Ownership of the Collaboratory”. The importance of keeping our data free inside the collaboratory was also highlighted; a lesson we learned in the past but somehow have to keep relearning over and over. The data not only needs to be free it needs to be named and organized in a predicable agreed on format.
In Jim Young’s article, BIoT – Building Internet of Things, he provides a great graphic (be sure to click on it to enlarge so you can see the many details) that shows some of the components of the collaboratory of the BIoT. Inside the “O” in the background letters I B c o n which is his next Realcomm event in Las Vegas, Nev., are these words “Scalable / Robust Time Series Database Business Rules Engine” Why are these words inside the “O”?
Does the encasing “O” stand for Ownership? Open? Opportunity? Or all of these? Or simply the second letter of Conference and let’s just talk about it?
What is Open Ownership for Opportunity?
From this article last month, A Cloud Data Collection Platform for All – Rav Panchalingam of Bitpool, came these words:
A cloud data collection platform. As a platform, its key feature is simply to provide the infrastructure for people to start pushing HVAC and any other building data into the cloud.
Connecting commercial buildings into the cloud is still something which must be championed by ambitious and technically savvy people who are acting in the interest of the building owner – mainly consultants or switched-on real estate managers, who have a good grasp of what they want to use the software tools for. There are definitely some very good software packages in the market right now, but they are selling themselves as exactly that, a one-size-fits-all package. Once you buy in, you’re seemingly locked in, which is ironic since the software world is supposed to be all about freedom of choice.
And more in this follow-up article, Yes, we want to ‘own’ your data too:
In closing words; the amount of data in the world is growing exponentially every day. The value of this data is governed by the professionals who know what to do with it. In many cases, these professionals happen to be the providers of cloud platforms and services and therefore, in order to get the most out of your data experience, you need to be willing to allow them ownership over your data. In saying that, you too need to ensure ownership of your data so as to provide the accessibility and security to that data when needed.
Why do we need to own our collaboratory and its database? Because we have no idea of how we will use our data. Trust me on this, did anyone have any idea how smart phone apps would redefine our lives by using existing data to locate us on google maps etc. Shared ownership is something we cannot avoid because data is used by many for different reasons. The most obvious shared relationship for us is utility data. I believe shared ownership is workable as long as we understand the rules of who owns what and how we both can use it.
The point I am trying to make is the cloud is being populated by others for their purposes with our data and we need to assume ownership or at least understand the how and why of that. We also need to understand how this data will be kept safe and secure with our freedom of access for purposes we have not yet defined.
We are hoping to open up some great discussion on this at this event in Vegas: realcomm.com/ibcon-2014.
The March issue of AutomatedBuildings.com speaks in many articles, columns, and interviews to the complexities of the rapidly evolving collaboratory. Networks appear out of thin air and are being linked seamlessly to the cloud. Hardware evolution is morphing to IP devices that are able to bring existing wired based standards such as BACnet, Lon, and other’s easily in to the cloud. Cloud generic web service interfaces like oBIX, Haystack, and OSCRE are rapidly evolving to help guide conversion, interaction and naming of our real time data to a useful format for use by all in the owned Database.
Read our reviews of these two evolving generic web service interfaces
New technologies like LED lighting are bringing their own flavour of IP networks and ask the question:
Will the confluence of the Internet, Wireless Technology and LED Lighting create the perfect storm that opens up the opportunity for the Internet of Things (IoT) to rapidly establish itself in buildings?
And of course how do we secure our own collaboratory?
In this article, We Can Learn From the Target Incident – Marc Petock of Lynxspring and Connexx Energy comes this wisdom:
Owners and facility management don’t overlook the security of your supply chain providers. Cyber-attacks can come through third parties and a breach in one partner’s environment can easily propagate across today’s connected systems. Have steps in place to supervise provider activity within your network and ensure that appropriate security controls and procedures are in place.
As companies connect to each other, they should be aware of what the other is doing with regard to security; otherwise, they may be opening themselves up for a major breach. Any company, when asked, should be able to verify and document how they manage information security, including password policies, patch management, hardening systems, network management, and audits, just to name a few.
The Target incident does have an upside; we can learn from it and be more diligent moving forward. Maintaining a strong security posture is vital. We should take action and whether you are an integrator, contractor, building owner, in facility management or IT, ask yourself, “is a cyber incident worth the risk?”
My message, take ownership of your collaboratory and keep it secure.