Five Content Strategies for Advocate Marketing

Partner, Sensei Marketing
Partner, Sensei Marketing

Sales & marketing veteran with almost 30 years’ experience and now 1800 digital projects to his credit for clients including Morgan Stanley, AOL, Hyatt Gaming Management, Snyder's of Hanover, Hitachi, the Home Depot, Kraft Foods, Drees Homes, American Idol, and hundreds more, including leading agencies around the North America.     ...

Read more

1

Marketers have long accepted the fact that successful content is that which is helpful to the business’s audience and not overt brand advertising. We know that if the content we produce is to be consumed and shared, it must entertain and inform our audience, instead of simply selling to them. As more and more businesses produce such useful content, however, making your content more relevant has become a new challenge.

Drew Bernard, the founder of Facebook app development firm Action Sprout, recently shared his “lessons learned” on content creation and how to make it more appealing (and thus viral) for advocate marketing. He says not only must content be relevant and informative to its audience, it must be “something that fans want to be personally connected with as it becomes part of their online personal narrative.”

Below are the five content strategies for advocate marketing he recommends to do just that.

1. Bring a smile

While we all love a post that makes us smile, marketers often feel pressure to stay on message. This often translates into being serious because organizations fear that making light of something could cheapen their brand. If you’re creating content for an organization with a serious mission, look for tasteful ways to inject humor into your Facebook posting regimen and you will find that overall reach and engagement will go up.

2. Be Inspiring

Look for content that will inspire hope or other positive emotions. Inspiring content consistently does well because Facebook users want inspiring content to be part of their personal narrative. One way to inspire people is to celebrate success.

The Sierra Club’s “Thank the California Fish and Game Commission Protecting the Gray Wolves” posts celebrate success and inspire hope while providing fans a way to inspire their own friends. As this post performed well organically, Sierra Club chose to promote it as well, which resulted in a very high return on investment: more than 1600 people signed up to receive email communication from Sierra Club from this post.

3. Help your fans become a trusted source of information

It’s long been known that one of the best ways to build a large and loyal network on Facebook is to be the trusted source of information on a topic which people care about. The real magic here is about fans wanting to be the trusted source of information to their friends, which leads them to share your content with their network. Infographics with interesting facts and figures are a good example of posts that typically outperform average content as they help fans show their friends they are a trusted source of information.

4. Empower people

Roughly 10% of people who engage with a given Facebook post that includes meaningful content are willing to do something beyond like, share or comment. Because fans almost certainly view your organization as working to bring about change they want to see in the world, they are willing to take an action that results in greater viral sharing and, in the process, sign up for email communication.

Posts that empower people to make a difference help them show others who they really are. Simultaneously, these posts work to deepen relationships as people sign up for future direct communication.

5. Run special offers that align with your mission

Contests and draws are proven strategies to boost engagement. To avoid engaging with people more interested in the value of the offer than your organization’s mission, I recommend offering the potential to win by taking an action (whether it’s simply clicking like or signing a petition) to tap into the power of offering something of small monetary value (e.g. your organization’s t-shirt) while still keeping it relevant. This keeps both engagement and quality high. The most effective of these campaigns make your fans feel like they are doing their friends a favor by inviting them to participate, too.

The practice of advocate marketing must become a more subtle science. Consumers have become less likely to share brand or product information – however useful it is or however much they love the product – if it does not align with their personal brand narrative. That’s the common thread in this list: Content marketing that goes viral isn’t just about good content but the audience’s perception of how sharing that content will influence their personal brand among THEIR audience.

We’ve all become conscious of the fact that our social media posts form the basis for the world’s perception about us as individuals – professionally or personally.  Your consumers will share more of your content if it elicits a more positive impression of them or if it more closely aligns with their personal values.

Sam Fiorella
Feed Your Community, Not Your Ego

The post Five Content Strategies for Advocate Marketing appeared first on Sensei Marketing.

Marketing Transformation Chief Marketing Officer

Event Report: The Storify #CCE2014 TweetStream On #DigitalTransformation #DigitalBiz

R "Ray" Wang

Principal Analyst and Founder
Constellation Research

R “Ray” Wang is the CEO of Silicon Valley-based Constellation Research Inc. He co-hosts DisrupTV, a weekly enterprise tech and leadership webcast that averages 50,000 views per episode and blogs at www.raywang.org. His ground-breaking best-selling book on digital transformation, Disrupting Digital Business, was published by Harvard Business Review Press in 2015. Ray's new book about Digital Giants and the future of business, titled, Everybody Wants to Rule The World was released in July 2021. Wang is well-quoted and frequently interviewed by media outlets such as the Wall Street Journal, Fox Business, CNBC, Yahoo Finance, Cheddar, and Bloomberg. Short Bio R “Ray” Wang (pronounced WAHNG) is the Founder, Chairman, and Principal Analyst of Silicon Valley-based Constellation…...

Read more

Constellation’s Connected Enterprise Brings The World Of Digital Transformation To Life

• Consumerizaiton of IT
• Data to Decisions
• Digital Marketing Transformation
• Future of Work
• Matrix Commerce
• Next Generation Customer Experience
• Technology Optimization and Innovation

Figure 1. The Storify Tweet Stream from #CCE2014

 

 

Resources

The post Event Report: The Storify #CCE2014 TweetStream On #DigitalTransformation #DigitalBiz appeared first on A Software Insider's Point of View.

 

Data to Decisions Future of Work Marketing Transformation Matrix Commerce New C-Suite Next-Generation Customer Experience Tech Optimization Innovation & Product-led Growth Connected Enterprise Event Report AI ML Machine Learning LLMs Agentic AI Generative AI Analytics Automation B2B B2C CX EX Employee Experience HR HCM business Marketing Metaverse developer SaaS PaaS IaaS Supply Chain Quantum Computing Growth Cloud Digital Transformation Disruptive Technology eCommerce Enterprise IT Enterprise Acceleration Enterprise Software Next Gen Apps IoT Blockchain CRM ERP Leadership finance Social Healthcare VR CCaaS UCaaS Customer Service Content Management Collaboration M&A Enterprise Service Executive Events Chief Customer Officer Chief Digital Officer Chief Executive Officer Chief Financial Officer Chief Information Officer Chief Marketing Officer Chief People Officer Chief Procurement Officer Chief Supply Chain Officer Chief Technology Officer Chief Data Officer Chief Analytics Officer Chief Information Security Officer Chief Operating Officer Chief Experience Officer

2014 SuperNova Award Winners Announced!

Constellation announces the winners of the 2014 SuperNova Awards at Constellation's Connected Enterprise.

Last night at the SuperNova Award Gala Dinner, Constellation announced the winners of the 2014 SuperNova Awards. 

The Constellation SuperNova Awards are the first and only awards to celebrate the leaders and teams who have overcome the odds to successfully apply emerging and disruptive technologies for their organizations. The SuperNova Award winners demonstrated great leadership in selecting, implementing, and deriving business value from disruptive technologies. Please read about their projects below. 

All applications were evaluated by the SuperNova Award Judges, comprised of industry thought leaders, and then put to a public vote. 

And the winners are....

Consumerization of IT & The New C-Suite - Robin Jenkins, RMH Franchise Corporation

Data to Decisions - Steve Schnur, MGM Resorts

Digital Marketing Transformation - Janelle Donovan, ServiceMax

Future of Work - Jason Grady, Northeast Georgia Medical Center

Matrix Commerce - Sanjib Sahoo, tradeMONSTER Group, Inc.

Next Generation Customer Experience - Ian White, Rackspace

Technology Optimization & Innovation - William Cooper, University of California Office of the President

 

The Rewards

All SuperNova Award Winners win:

• One ticket to Constellation's Connected Enterprise 2015

• One one-year subscription to Constellation's research library

Congratulations to the winners! Continue to be brave, innovative, and disruptive!

Data to Decisions Future of Work Marketing Transformation Matrix Commerce New C-Suite Next-Generation Customer Experience Tech Optimization Chief Customer Officer Chief Digital Officer Chief Executive Officer Chief Financial Officer Chief Information Officer Chief Marketing Officer Chief People Officer Chief Procurement Officer Chief Supply Chain Officer

SuperNova Award Winners Announced Tomorrow

The winners of the SuperNova Awards will be announced tomorrow at the SuperNova Awards Gala Dinner on October 29, 2014 in Half Moon Bay, California. The gala dinner takes place on the first night of Constellation’s Connected Enterprise innovation summit.

Check back tomorrow to see who won! 

The Constellation SuperNova Awards are the first and only awards to celebrate the leaders and teams who have overcome the hurdles of technology adoption to successfully introduce emerging and disruptive technologies to their organizations.  

SuperNova Award Finalists

CoIT & The New C-Suite

Robin Jenkins, Regional Marketing Manager, RMH Franchise Corporation
Sanjib Sahoo, Chief Technology Officer, tradeMONSTER Group, Inc.
Gordon Smith, Supervisor, Client Hardware Engineering and Mobile, Intermountain Healthcare
Jason Grady, NGMC Regional STEMI Coordinator & Paramedic, Northeast Georgia Medical Center
Jeff Trom, Chief Technology Officer, Workiva

Data to Decisions

Chris Frye, Director of Innovation, Crate and Barrel
Dave Berman, President, RingCentral
Dr. Joel Dudley
Graeme Aitken, Vice President of Business Controlling, DHL Express
Steve Schnur, Director of Merchandise Planning & Analytics, MGM Resorts

Digital Marketing Transformation

Heather McBrien, Digital Marketing Manager, AAA Carolinas
Janelle Donovan, Sr. Director Of Marketing, Demand Generation, ServiceMax
Scott Loft, VP of Ticket Sales and Retentions, The Oklahoma City Thunder
Todd Wilms, Head of Social Business Strategy, SAP

Future of Work

Bob Hernon, Vice President of Finance & Treasury, Aéropostale, Inc.
Chris Salles, Director, eLearning, Guitar Center
Rob Wavra, President, Sentinel Applied Analytics
Gordon Smith, Supervisor, Client Hardware Engineering and Mobile, Intermountain Healthcare
Jason Grady, NGMC Regional STEMI Coordinator & Paramedic, Northeast Georgia Medical Center
Robin Jenkins, Regional Marketing Manager, RMH Franchise Corporation

Matrix Commerce

Darrell Haskin, Director of IT, Delta Air Lines
Larry Sibilia, Head of Merial’s Information Management Group, Merial 
Sanjib Sahoo, Chief Technology Officer, tradeMONSTER Group, Inc.
Travis Morrison, IT Director, New Belgium Brewing

Next Generation Customer Experience

Ian White, Manager of Support, Rackspace
Liz Pedro, Director Customer Success Marketing, Mitel
Darrell Haskin, Director of IT, Delta Air Lines
Michael Landauer, Digital Communities Manager, The Dallas Morning News
Steve Hilker, Dell Product Manager, Dell
Tom Wyland, Program Director, Paid Services Engineering, AOL

Technology Optimization & Innovation

Ed Martin, IT Director, UCSF
John West, Owner, Image Uniforms
Jonathan Feldman, CIO, City of Asheville IT Services
Kenneth Seeton, Central Plant Manager, California State University, Dominguez Hills
Marcel Chiriac, Group CIO, KMG International (Rompetrol)
Rick Taylor, Vice President of IT & Supply Chain, Youngevity
Wade Sendall, Vice President of IT, Boston Globe Media Partners, LLC
William Cooper, Associate Vice President and Chief Procurement Officer, University of California Office of the President (UCOP)

Data to Decisions Future of Work Marketing Transformation Matrix Commerce New C-Suite Next-Generation Customer Experience Tech Optimization Innovation & Product-led Growth AR Executive Events Chief Customer Officer Chief Digital Officer Chief Executive Officer Chief Financial Officer Chief Information Officer Chief Marketing Officer Chief People Officer Chief Procurement Officer Chief Supply Chain Officer

My Thoughts On Jive Software’s Jiveworld 2014

Alan Lepofsky

Vice President & Principal Analyst
Constellation Research

Alan Lepofsky - VP and Principal Analyst, Constellation Research. With almost two decades of experience in the collaboration software industry, Lepofsky helps organizations improve the way their employees work together to get their jobs done. Lepofsky’s primary research area The Future of Work, focuses on: integrating collaboration and business processes (Purposeful Collaboration), structuring work via Social Task Management, leveraging analytics and digital assistants to work more productively, the strategic impact of mobile computing on business transformation, and measuring workforce culture based on Digital Proficiency instead of age. Twitter: @alanlepoLinkedIn: https://ca.linkedin.com/in/alanlepo     , Title: Big IdeasIntelligent Collaboration: The Intersection of…...

Read more

Last week in Las Vegas Jive Software held their annual JiveWorld conference.  In front of around 1600 people Jive talked about how their products and services enable people to "Work Better Together".

Below is my analysis of some of the key announcements, including:
- Google Apps and Microsoft Office 365 integration
- A new view for "Top and Trending" in the newsfeed/activity stream
- The introduction of Jive's WorkTypes tool
- Analytics and insights, including a look at their future "Chord Diagram" feature

---

Future of Work Next-Generation Customer Experience Data to Decisions Innovation & Product-led Growth New C-Suite Tech Optimization Chief People Officer Chief Information Officer Chief Digital Officer Chief Experience Officer

First Take - IBM Insight Day 1 Keynote - BigData, Analytics, Content, Watson and… glue

Holger Mueller

Vice President and Principal Analyst
Constellation Research

Holger Mueller is VP and Principal Analyst for Constellation Research for the fundamental enablers of the cloud, IaaS, PaaS and next generation Applications, with forays up the tech stack into BigData and Analytics, HR Tech, and sometimes SaaS. Holger provides strategy and counsel to key clients, including Chief Information Officers, Chief Technology Officers, Chief Product Officers, Chief HR Officers, investment analysts, venture capitalists, sell-side firms, and technology buyers.  Coverage Areas: Future of Work Tech Optimization & Innovation  Background: Before joining Constellation Research, Mueller was VP of Products for NorthgateArinso, a KKR company. There, he led the transformation of products to the cloud and laid the foundation for new Business Process as a…...

Read more

We have the opportunity to attend IBM Insight currently happening in Las Vegas, with over 12k+ attendees, Insight is the largest IBM conference, centering on BigData, Analytics, Content and of course Watson.

 

Data to Decisions Tech Optimization IBM ML Machine Learning LLMs Agentic AI Generative AI AI Analytics Automation business Marketing SaaS PaaS IaaS Digital Transformation Disruptive Technology Enterprise IT Enterprise Acceleration Enterprise Software Next Gen Apps IoT Blockchain CRM ERP finance Healthcare Customer Service Content Management Collaboration Cloud CCaaS UCaaS Enterprise Service Chief Information Officer Chief Technology Officer Chief Information Security Officer Chief Data Officer Chief Executive Officer

The worst privacy misconception of all

Steve Wilson

Former Vice President and Principal Analyst
Constellation Research

Steve Wilson is former VP and Principal Analyst at Constellation Research, leading the business theme Digital Safety and Privacy. His coverage includes digital identity, data protection, data privacy, cryptography, and trust. His advisory services to CIOs, CISOs, CPOs and IT architects include identity product strategy, security practice benchmarking, Privacy by Design (PbD), privacy engineering and Privacy [or Data Protection] Impact Assessments (PIA, DPIA). Coverage Areas: -  Identity management, frameworks & governance-  Digital identity technologies-  Privacy by Design -  Big Data; “Big Privacy”-  Identity & privacy innovation Previous experience: Wilson has worked in ICT innovation, research, development and analysis for over 25 years. With double…...

Read more

I was discussing definitions of Personally Identifiable Information (PII) with some lawyers today, one of whom took exception to the US General Services Administration definition: information that can be used to distinguish or trace an individual's identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual". This lawyer concluded rather hysterically that under such a definition, "nobody can use the internet without a violation".

Similarly, I've seen engineers in Australia recoil at the possibility that IP and MAC Addresses might be treated as PII because it is increasingly easy to link them to the names of device owners. I was recently asked "Why are they stopping me collecting IP addresses?". The answer is, they're not.

There are a great many misconceptions about privacy, but the idea that 'if it's personal you can't use it' is by far the worst.

Nothing in any broad-based data privacy law I know of says personal information cannot be collected or used.

Rather, what data privacy laws actually say is: if you're collecting and using PII, be careful.

Privacy is about restraint. The general privacy laws of Australia, Europe and 100-odd countries say things like don't collect PII without consent, don't collect PII beyond what you demonstrably need, don't use PII collected for one purpose for other unrelated purposes, tell individuals if you can what PII you hold about them, give people access to the PII you have, and do not retain PII for longer than necessary.

Such rules are entirely reasonable, and impose marginal restrictions on the legitimate conduct of business. And they align very nicely with standard security practice which promotes the Need To Know principle and the Principle of Least Privilege.

Compliance with Privacy Principles does add some overhead to data management compared with anonymous data. If re-identification techniques and ubiquitous inter-connectedness means that hardly any data is going to stay anonymous anymore, then yes, privacy laws mean that data should be treated more cautiously than was previously the case. And what exactly is wrong with that?

If data is the new gold then it's time data custodians took more care.

New C-Suite Digital Safety, Privacy & Cybersecurity Security Zero Trust Chief Information Officer Chief Information Security Officer Chief Privacy Officer

PKI as nature intended

Steve Wilson

Former Vice President and Principal Analyst
Constellation Research

Steve Wilson is former VP and Principal Analyst at Constellation Research, leading the business theme Digital Safety and Privacy. His coverage includes digital identity, data protection, data privacy, cryptography, and trust. His advisory services to CIOs, CISOs, CPOs and IT architects include identity product strategy, security practice benchmarking, Privacy by Design (PbD), privacy engineering and Privacy [or Data Protection] Impact Assessments (PIA, DPIA). Coverage Areas: -  Identity management, frameworks & governance-  Digital identity technologies-  Privacy by Design -  Big Data; “Big Privacy”-  Identity & privacy innovation Previous experience: Wilson has worked in ICT innovation, research, development and analysis for over 25 years. With double…...

Read more

Few technologies are so fundamental and yet so derided at the same time as public key infrastructure. PKI is widely thought of as obsolete or generically intrusive yet it is ubiquitous in SIM cards, SSL, chip and PIN cards, and cable TV. Technically, public key infrastructure Is a generic term for a management system for keys and certificates; there have always been endless ways to build PKIs (note the plural) for different communities, technologies, industries and outcomes. And yet "PKI" has all too often come to mean just one way of doing identity management. In fact, PKI doesn't necessarily have anything to do with identity at all.

This blog is an edited version of a feature I once wrote for SC Magazine. It is timely in the present day to re-visit the principles that make for good PKI implementations and contextualise them in one of the most contemporary instances of PKI: the FIDO Alliance protocols for secure attribute management. In my view, FIDO realises PKI 'as nature intended'.

"Re-thinking PKI"

In their earliest conceptions in the early-to-mid 1990s, digital certificates were proposed to authenticate nondescript transactions between parties who had never met. Certificates were construed as the sole means for people to authenticate one another. Most traditional PKI was formulated with no other context; the digital certificate was envisaged to be your all-purpose digital identity.
Orthodox PKI has come in for spirited criticism. From the early noughties, many commentators pointed to a stark paradox: online transaction volumes and values were increasing rapidly, in almost all cases without the help of overt PKI.

There were many practical problems in "big" centralised PKI models. The traditional proof of identity for general purpose certificates was intrusive; the legal agreements were complex and novel; and private key management was difficult for lay people. So the one-size-fits-all electronic passport failed to take off. But PKI's critics sometimes throw the baby out with the bathwater.
In the absence of any specific context for its application, "big" PKI emphasized proof of personal identity. Early certificate registration schemes co-opted identification benchmarks like that of the passport. Yet hardly any regular business transactions require parties to personally identify one another to passport standards.

"Electronic business cards"

Instead in business we deal with others routinely on the basis of their affiliations, agency relationships, professional credentials and so on. The requirement for orthodox PKI users to submit to strenuous personal identity checks over and above their established business credentials was a major obstacle in the adoption of digital certificates.

It turns out that the 'killer applications' for PKI overwhelmingly involve transactions with narrow contexts, predicated on specific credentials. The parties might not know each other personally, but invariably they recognize and anticipate each other's qualifications, as befitting their business relationship.

Successful PKI came to be characterized by closed communities of interest, prior out-of-band registration of members, and in many cases, special-purpose application software featuring additional layers of context, security and access controls.

So digital certificates are much more useful when implemented as application-specific 'electronic business cards,' than as one-size-fits-all electronic passports. And, by taking account of the special conditions that apply to different e-business processes, we have the opportunity to greatly simplify the registration processes, user experience and liability arrangements that go with PKI.

The real benefits of digital signatures

There is a range of potential advantages in using PKI, including its cryptographic strength and resistance to identity theft (when implemented with private keys in hardware). Many of its benefits are shared with other technologies, but at least two are unique to PKI.

First, digital signatures provide robust evidence of the origin and integrity of electronic transactions, persistent over time and over 'distance' (that is, the separation of sender and receiver). This greatly simplifies audit logging, evidence collection and dispute resolution, and cuts the future cost of investigation and fraud. If a digitally signed document is archived and checked at a later date, the quality of the signature remains undiminished over many years, even if the public key certificate has long since expired. And if a digitally signed message is passed from one relying party to another and on to many more, passing through all manner of intermediate systems, everyone still receives an identical, verifiable signature code authenticating the original message.

Electronic evidence of the origin and integrity of a message can, of course, be provided by means other than a digital signature. For example, the authenticity of typical e-business transactions can usually be demonstrated after the fact via audit logs, which indicate how a given message was created and how it moved from one machine to another. However, the quality of audit logs is highly variable and it is costly to produce legally robust evidence from them. Audit logs are not always properly archived from every machine, they do not always directly evince data integrity, and they are not always readily available months or years after the event. They are rarely secure in themselves, and they usually need specialists to interpret and verify them. Digital signatures on the other hand make it vastly simpler to rewind transactions when required.

Secondly, digital signatures and certificates are machine readable, allowing the credentials or affiliations of the sender to be bound to the message and verified automatically on receipt, enabling totally paperless transacting. This is an important but often overlooked benefit of digital signatures. When processing a digital certificate chain, relying party software can automatically tell that:

• the message has not been altered since it was originally created
• the sender was authorized to launch the transaction, by virtue of credentials or other properties endorsed by a recognized Certificate Authority
• the sender's credentials were valid at the time they sent the message; and
• the authority which signed the certificate was fit to do so.

One reason we can forget about the importance of machine readability is that we have probably come to expect person-to-person email to be the archetypal PKI application, thanks to email being the classic example to illustrate PKI in action. There is an implicit suggestion in most PKI marketing and training that, in regular use, we should manually click on a digital signature icon, examine the certificate, check which CA issued it, read the policy qualifier, and so on. Yet the overwhelming experience of PKI in practice is that it suits special purpose and highly automated applications, where the usual receiver of signed transactions is in fact a computer.

Characterising good applications

Reviewing the basic benefits of digital signatures allows us to characterize the types of e-business applications that merit investment in PKI.

Applications for which digital signatures are a good fit tend to have reasonably high transaction volumes, fully automatic or straight-through processing, and multiple recipients or multiple intermediaries between sender and receiver. In addition, there may be significant risk of dispute or legal ramifications, necessitating high quality evidence to be retained over long periods of time. These include:

• Tax returns
• Customs reporting
• E-health care
• Financial trading
• Insurance
• Electronic conveyancing
• Superannuation administration
• Patent applications.

This view of the technology helps to explain why many first-generation applications of PKI were problematic. Retail internet banking is a well-known example of e-business which flourished without the need for digital certificates. A few banks did try to implement certificates, but generally found them difficult to use. Most later reverted to more conventional access control and backend security mechanisms.Yet with hindsight, retail funds transfer transactions did not have an urgent need for PKI, since they could make use of existing backend payment systems. Funds transfer is characterized by tightly closed arrangements, a single relying party, built-in limits on the size of each transaction, and near real-time settlement. A threat and risk assessment would show that access to internet banking can rest on simple password authentication, in exactly the same way as antecedent phone banking schemes.

Trading complexity for applicability

As discussed, orthodox PKI was formulated with the tacit assumption that there is no specific context for the transaction, so the digital certificate is the sole means for authenticating the sender. Consequently, the traditional schemes emphasized high standards of personal identity, exhaustive contracts and unusual legal devices like Relying Party Agreements. They also often resorted to arbitrary 'reliance limits,' which have little meaning for most of the applications listed on the previous page. Notoriously, traditional PKI requires users to read and understand certification practice statements (CPS).

All that overhead stemmed from not knowing what the general-purpose digital certificate was going to be used for. On the other hand, if particular digital certificates are constrained to defined applications, then the complexity surrounding their specific usage can be radically reduced.

The role of PKI in all contemporary 'killer applications' is fundamentally to help automate the online processing of electronic transactions between parties with well-defined credentials. This is in stark contrast to the way PKI has historically been portrayed, where strangers Alice and Bob use their digital certificates to authenticate context-free general messages, often presumed to be sent by email. In reality, serious business messages are never sent stranger-to-stranger with no context or cues as to the parties' legitimacy.

Using generic email is like sending a fax on plain paper. Instead, business messaging is usually highly structured. Parties have an expectation that only certain types of transactions are going to occur between them and they equip themselves accordingly (for instance, a health insurance office is not set up to handle tax returns). The sender is authorized to act in defined types of transactions by virtue of professional credentials, a relevant license, an affiliation with some authority, endorsement by their employer, and so on. And the receiver recognizes the source of those credentials. The sender and receiver typically use prescribed forms and/or special purpose application software with associated user agreements and license conditions, adding context and additional layers of security around the transaction.

When PKI is used to help automate the online processing of transactions between parties in the context of an existing business relationship, we should expect the legal arrangements between the parties to still apply. For business applications where digital certificates are used to identify users in specific contexts, the question of legal liability should be vastly simpler than it is in the general purpose PKI scenario where the issuer does not know what the certificates might be used for.
The new vision for PKI means the technology and processes should be no more of a burden on the user than a bank card. Rather than imagine that all public key certificates are like general purpose electronic passports, we can deploy multiple, special purpose certificates, and treat them more like electronic business cards. A public key certificate issued on behalf of a community of business users and constrained to that community can thereby stand for any type of professional credential or affiliation.

We can now automate and embed the complex cryptography deeply into smart devices -- smartcards, smart phones, USB keys and so on -- so that all terms and conditions for use are application focused.
As far as users are concerned, a smartcard can be deployed in exactly the same way as any magnetic stripe card, without any need to refer to - or be limited by - the complex technology contained within (see also Simpler PKI is on the cards). Any application-specific smartcard can be issued under rules and controls that are fit for their purpose, as determined by the community of users or an appropriate recognized authority. There is no need for any user to read a CPS. Communities can determine their own evidence-of-identity requirements for issuing cards, instead of externally imposed personal identity checks. Deregulating membership rules dramatically cuts the overheads traditionally associated with certificate registration.

Finally, if we constrain the use of certificates to particular applications then we can factor the intended usage into PKI accreditation processes. Accreditation could then allow for particular PKI scheme rules to govern liability. By 'black-boxing' each community's rules and arrangements, and empowering the community to implement processes that are fit for its purpose, the legal aspects of accreditation can be simplified, reducing one of the more significant cost components of the whole PKI exercise.

Fast forward

The preceding piece is a lightly edited version of the article "Rethinking PKI" that first appeared in Secure Computing Magazine in 2003. Now, over a decade later, we're seeing the same principles realised by the FIDO Alliance. 

 

The FIDO protocols U2F and UAF enable specific attributes of a user and their smart devices to be transmitted to a server. Inherent to the FIDO methods are digital certificates that confer attributes and not identity, relatively large numbers of private keys stored locally in the users' devices (and without the users needing to be aware of them as such) and digital signatures automatically applied to protocol messages to bind the relevant attributes to the authentication exchanges.

Surely, this is how PKI should have been deployed all along.

New C-Suite Data to Decisions Next-Generation Customer Experience Digital Safety, Privacy & Cybersecurity FIDO Security Zero Trust Chief Information Officer Chief Information Security Officer Chief Privacy Officer

New Analysis - Amazon AWS spricht jetzt Deutsch - The cloud wars reach Germany - will European customers adopt the cloud?

Holger Mueller

Vice President and Principal Analyst
Constellation Research

Holger Mueller is VP and Principal Analyst for Constellation Research for the fundamental enablers of the cloud, IaaS, PaaS and next generation Applications, with forays up the tech stack into BigData and Analytics, HR Tech, and sometimes SaaS. Holger provides strategy and counsel to key clients, including Chief Information Officers, Chief Technology Officers, Chief Product Officers, Chief HR Officers, investment analysts, venture capitalists, sell-side firms, and technology buyers.  Coverage Areas: Future of Work Tech Optimization & Innovation  Background: Before joining Constellation Research, Mueller was VP of Products for NorthgateArinso, a KKR company. There, he led the transformation of products to the cloud and laid the foundation for new Business Process as a…...

Read more

Not as a big surprise – it was rumored for some time – Amazon AWS today announced that it has opened another AWS region, based in Frankfurt, Germany.

So let’s digest the press release in our typical style:

SEATTLE--(BUSINESS WIRE)--Oct. 23, 2014-- (NASDAQ:AMZN) — Amazon Web Services, Inc. (AWS, Inc.), an Amazon.com company, today announced the launch of its new AWS EU (Frankfurt) region, which is the 11th technology infrastructure region globally for AWS and the second region in the European Union (EU), joining the AWS EU (Ireland) region. All customers can now leverage AWS to build their businesses and run applications on infrastructure located in Germany. As with every AWS region, customers can do this knowing that their content will stay within the region they choose. The newly launched AWS EU (Frankfurt) region comes as a result of the rapid growth AWS has been experiencing and is available now for any business, organization or software developer to sign up and get started at: http://aws.amazon.com.

MyPOV – Good move by Amazon, another continental European region was more than overdue. Ireland was a good start, but does not have the network capability like e.g. Frankfurt, which hosts one of the largest internet exchange points with DE-CIX. And that probably beat out Amsterdam, another popular European cloud data center location. Kudos to Amazon not just to announce the region to come at date xyz – but have it available for business today.

All AWS infrastructure regions around the world are designed, built, and regularly audited to meet rigorous compliance standards, including ISO 27001, SOC 1 (Formerly SAS 70), PCI DSS Level 1, and many more, providing high levels of security for all AWS customers. AWS is fully compliant with all applicable EU Data Protection laws, and for customers that require it, AWS provides data processing agreements to help customers comply with EU data protection requirements. More information on how customers using AWS can meet EU data protection requirements can be found on the AWS Data Protection webpage at: aws.amazon.com/de/data-protection. A full list of compliance certifications, and a whitepaper on how customers using AWS can meet BSI IT Grundschutz, can be found on the AWS compliance webpage at: http://aws.amazon.com/de/compliance/.

MyPOV – As usual AWS does a great job around security and data privacy concerns – which are always important – but even more sensitive in Europe and there Germany. Not surprisingly – the very first question to Andy Jassy came in regards of data security: What if the US government wants the data? Jassy responded that first of all customer need to encrypt, and only in the ‘rare’ case of a court order AWS will take action. Jassy says it has not been an issue today… Europeans will revisit and test that, I am sure. (See the link to the video below, Q&A starts at 15 minutes).

The new AWS EU (Frankfurt) region consists of two separate Availability Zones at launch. Availability Zones refer to datacenters in separate, distinct locations within a single region that are engineered to be operationally independent of other Availability Zones, with independent power, cooling, and physical security, and are connected via a low latency network. AWS customers focused on high availability can architect their applications to run in multiple Availability Zones to achieve even higher fault-tolerance. For customers looking for inter-region redundancy, the new AWS EU (Frankfurt) region, in conjunction with the AWS EU (Ireland) region, gives them flexibility to architect across multiple AWS regions within the EU.

MyPOV – A key move by AWS to right away start with two availability zones, taking away the potential next concern not to move load to the public cloud. By having two zones in Germany, AWS becomes right away viable for new (local) customers.

“Our European business continues to grow dramatically,” said Andy Jassy, Senior Vice President, Amazon Web Services. “By opening a second European region, and situating it in Germany, we’re enabling German customers to move more workloads to AWS, allowing European customers to architect across multiple EU regions, and better balancing our substantial European growth.”

Many German customers are already using AWS including Talanx, in the highly regulated insurance sector. Talanx is one of the top three largest insurers in Germany and one of the largest insurance companies in the world with over €28 billion in premium income in 2013. “For Talanx, like many companies that hold sensitive customer data, data privacy is paramount,” says Achim Heidebrecht, Head of Group IT, Talanx AG. “Using AWS we are already seeing a 75% reduction in calculation time, and €8 million in annual savings, when running our Solvency II simulations while still complying with our very strict data policies. With the launch of the AWS region on German soil, we will now move even more of our sensitive and mission critical workloads to AWS.”

Hubert Burda Media is one of the largest media companies in Europe with over 400 brands and revenues in excess of $3.6 billion. JP Schmetz, Chief Scientist of Hubert Burda Media, said of the announcement, "Now that AWS is available in Germany it gives our subsidiaries the option to move certain assets to the cloud. We have long had policies preventing data to be hosted outside of German soil and this new German region gives us the option to use AWS more meaningfully."

MyPOV – Always good if you can hit the ground running and having two known local customers and brand names as early customers. Will be great to see how fast existing German AWS clients will move to the German AWS region.

Academics in Germany were also quick to welcome the new region, “The arrival of an Amazon Web Services Region in Germany marks an important occasion for the German business and technology community,” said Prof. Dr Helmut Krcmar, Vice Dean of the Computer Science Faculty, and Chair of Information Systems at the Technical University of Munich. “We work with a number of DAX listed companies in Germany. Many have been holding off moving sensitive workloads to the cloud until they had computing and service facilities on German soil as this could help them comply with their internal processes. This new region from AWS answers this and we expect to see innovation amongstGermany, and Europe’s, companies flourish as a result.”

MyPOV – Always good to have academic endorsement in Europe, particularly Germany. If the professor says it…

More than eight years of growth

For more than eight years AWS has changed the way organisations acquire technology infrastructure. AWS customers are not required to make any up-front financial or long-term commitment. They can turn capital expense into variable operating expense, scale quickly and seamlessly by adding or shedding resources at any time, get to market much more quickly with new and critical ideas, and free up scarce engineering resources from the undifferentiated heavy lifting of running backend infrastructure—all without sacrificing operational performance, reliability, or security. This has led to many customers adopting the AWS platform in Europe and around the world.

As AWS has grown, the company has continued to focus on delivering cloud technologies to customers in an environmentally friendly way. The new AWS EU (Frankfurt) region enables customers to run on carbon-neutral power. This is AWS’ third carbon-neutral powered region.

MyPOV – Amazon has the know how to run carbon neutral, Frankfurt will be the 3rd carbon neutral location. Good move for the ‘tree huggers’ in Germany and raises the game vs. local competitors. Getting a carbon neutral stamp for cloud sites and ISVs is already a trend Europeans are looking for on web sites.

The new region adds to AWS’ existing cloud computing investments in Europe. The AWS business is supported by teams of Account Managers, Solutions Architects, Technical Support Engineers, and various other functions, helping customers in Germany, and across Europe use the cloud. Amazon also has Development Centers in Germany, Romania, and The Netherlands developing next generation technologies to support the AWS business.

>> MyPOV – Good presence by AWS, but it will need to do even more in terms of short term outreach, similar like the recently opened AWS Loft in San Francisco (I had the opportunity to attend the opening) and longer term with academic outreach.

Developers and businesses can access AWS from the new Frankfurt region beginning today, including Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Block Store (Amazon EBS), Amazon Simple Storage Service (Amazon S3), Amazon Glacier, Amazon Relational Database Service (Amazon RDS), Amazon Redshift, AWS OpsWorks, Amazon DynamoDB, Amazon Kinesis, AWS CloudHSM, Amazon Elastic MapReduce (Amazon EMR), Amazon Virtual Private Cloud (Amazon VPC), AWS Direct Connect, Amazon CloudSearch, Amazon CloudWatch, AWS Elastic Beanstalk, AWS CloudFormation, AWS CloudTrail, AWS Storage Gateway, AWS Identity and Access Management (IAM), Amazon Simple Queue Service (Amazon SQS), Amazon Simple Notification Service (Amazon SNS), Amazon Simple Workflow (SWF), Auto Scaling, and Elastic Load Balancing. More details on each of these services and specific pricing for each is available at: http://aws.amazon.com/products/.

MyPOV – Could head start on services – someone needs and will dig down into what is missing and why. And AWS will have to address when the service will be available in Germany.

A number of ISV technologies are also available to customers today from the new AWS EU Frankfurt region including: Canonical, Red Hat, SUSE, Trend Micro, Twilio, Acquia, Apigee, Bitnami, Esri, Infor, SAP, and Siemens. More details on running each of these technologies on AWS can be found at: https://aws.amazon.com/marketplace.

MyPOV – Very good point, as AWS enables ISVs to address the European / German market now and allows these partners to solve data residency, privacy and performance concerns.

Jassy and Geier at the launch webcast

Analysis Points

• Germany is popular – There have been a number of announcements to open data centers in Germany – see e.g. Salesforce.com this summer (why is always Munich the location of the announcements?). It will be interesting to see if it is competitive pressure, a slowing growth in North America or a readiness by European / German companies to put their load to the cloud – or a combination of al of them.
   
• Amazon AWS has moved the bar – With the entrance of AWS in the core European markets, there will be a increased pressure on the local providers to up services and lower prices. Germans love low general retail prices (and e.g. Walmart never was successful in Germany) – so let’s see if that can be transported to the cloud pricing, too. Amazon is expected to cater to that (compatible) mind set.
   
• The enterprise cloud is coming – As recently blogged, services for enterprises and concerns of cloud usage are being more and better addressed by providers. In the Amazon AWS context the recently announced AWS Directory Services is another proof point towards this trend. 

 

Implications, Implications

Implications for AWS Customers

This is very good news for AWS customers who get an AWS region in the center of the largest world economic region. Come to that, we have not seen prices for the region, but given AWS nature, they will be competitive. AWS customers running other regions have now more addressable market and will help AWS sell capacity in the region for similar reasons.

Implications for AWS partners

Very good news for ISVs, too – they are now viable in central Europe and in Europe’s largest market. From an enterprise perspective I am sure some execs at e.g. Infor will be ramping up growth projections in Germany.

Implications for AWS competitors

It’s time to get a central European, and maybe even German data center. Locality matters for the cloud both from statutory, regulatory, privacy and pure performance concerns. German enterprises will push prices and AWS will help, so the ‘good times’ for local providers with rich margins are likely counted. Amazon has done the (usual) good job on security, so additional local security certifications will not be a (temporary) barrier to entry or justification to keep prices up.

Overall MyPOV

A good move by AWS to open a region in Germany. Amazon will get some great load already by moving its own retail platform to the region. Not surprisingly (from the little we know), all product dependencies of Amazon running Amazon on AWS are addressed from its products available in the Frankfurt region right now. This could have performance advantages that Amazon may exploit, all the way to its Prime streaming offerings. So let’s not forget this is not only Amazon bringing AWS to cloud customers, but also bringing Amazon directly in the largest European market. I would not be surprised if Amazon will explore new products, services and best practices in Germany before the US, exploiting high internet penetration, very good network infrastructure and the affluent Germany buyer, who enjoys a lot of free time at their hands.

On the AWS side this is a key move for Amazon to position AWS into a similar market leading position like in the US. The next quarters will show how well AWS will capture European and German businesses – as the German AWS MD Marin Geier said ‘die Wolke ist in Deutschland angekommen’ (= the cloud has arrived to Germany). But it is one thing for the cloud to be in Germany, the next one is to get German / European enterprise load on it. But one step at the time, in the meantime a key date for the adoption of cloud in Europe / Germany.

------------
More on AWS

 

Tech Optimization softlayer infor Google IBM amazon SaaS PaaS IaaS Cloud Digital Transformation Disruptive Technology Enterprise IT Enterprise Acceleration Enterprise Software Next Gen Apps IoT Blockchain CRM ERP CCaaS UCaaS Collaboration Enterprise Service Chief Information Officer Chief Technology Officer Chief Information Security Officer Chief Data Officer Chief Executive Officer

Digital Business in Smart Cities using the Internet of Things

Andy Mulholland

Vice President and Principal Analyst, Constellation Research
Constellation Research

Andy Mulholland is Vice President and Principal Analyst focusing on cloud business models. Formerly the Global Chief Technology Officer for the Capgemini Group from 2001 to 2011, Mulholland successfully led the organization through a period of mass disruption. Mulholland brings this experience to Constellation’s clients seeking to understand how Digital Business models will be built and deployed in conjunction with existing IT systems. Coverage Areas Consumerization of IT & The New C-Suite: BYOD, Internet of Things, IoT, technology and business use Previous experience: Mulholland co authored four major books that chronicled the change and its impact on Enterprises starting in 2006 with the well-recognised book ‘Mashup Corporations’ with Chris Thomas of Intel. This was followed in…...

Read more

Not a glib title, but reality, though maybe difficult to see as the three topics tend to be treated separately. Digital Business usually means private sector, whereas Smart Cities even at the level of improved user access to ‘retail’ style services, is very much Public sector. As a result adding increased awareness through the Internet of Things, IoT, is usually focused around one or the other. Sadly this isolation has the makings of an expensive mistake as maturity brings the Internet of Things, IoT, and the resulting data access into wider, shared usage.

Research report now available: The Foundational Elements for the Internet of Things (IoT)

Common shared data definitions and discoverable catalogues are already being established, and your Digital Business needs to participate or your Enterprise will suffer in lonely isolation!

To illustrate this consider the terminology we unwittingly use, and consider the remark made by the Head of Digital Strategy and Economics at Future Cities a large UK Government program that is creating real working initiatives.

“We talk of The Internet of Things, but everything I see is An Internet of Things based on different approaches. This will ensure that the required ongoing up scaling and integration to increase awareness by using multiple devices will be difficult. We are already creating problems that will result in future values being restricted and limited”.

Stand back; look at the bigger picture that is developing of a smart city created around the smart ‘coordination’ of major resources used by any number of Digital Business and Citizens. Consider carefully the question of where, and how, an integrated Smart City gets its information to be ‘aware’. The city may have its own sensing, as will the private Enterprises, but surely they will need to share and integrate information as well? What happens to logistics as an example? Will distribution companies plan delivery routing based only on their data, or will it be dynamic routing based on up to the minute information from the city? Where do citizens fit in this in terms of their working, commuting, shopping and entertainment patterns? Surely all areas where any Digital Business will want to be equally ‘aware’ and integrated with data in order to be ‘smart’ in their responses.

Perhaps you doubt that Government and Private Sector have enough in common to result in the creation, and use, of any data of value. As the customers of Digital Business and citizens of a Smart City are most likely the same that’s not a bad starting point, but the following three positioning statements may make it clear that there is much more in common;

·      Digital Business uses technology for connectivity to, and the ability to use, a wide variety of information sources to increase its competitive capability in the eyes of its customers.

·      Smart Cities uses technology for connectivity to, and the ability to use, a wide variety of information sources reduce the cost and improve the perceived value in the eyes of its citizens.

·      Both are looking to delight their (shared?) customers/citizens and both see the increased awareness that Internet of Things, IOT, brings as a key element in gaining constant real time feedback of the environment.

Put this way its hard to see the difference in core drivers, and hence in core technologies, but there are key differences in focus, and investment, that should allow both public, and private, sectors to gain from each others efforts. There are short-term boosts and longer-term gains around ensuring that the Internet of Things, IoT, will develop as a singular shared environment, with common data. Any Business or Technology manager should have seen enough examples of investments that failed to pay off due to choosing, or not making a conscious choice, of what became the common standardized approach.

Start now to find and use standards, if you wait then further you are along a path the harder, (and more expensive), it is to get back to rejoin the mainstream.

Would your Digital Business on its path to add intelligence with the Internet of Things, IoT, make use of an appropriate standard if you knew of its existence and relevance? Perhaps introducing HyperCat, a rapidly emerging ‘standard’ way of making the Internet of Thing devices usable that has grown out of Government backed Smart City programs might provide the necessary encouragement.  Thinking of large scale city wide deployments by many different venders, and users, has led to the need to sort out the common data models at an early stage. This is an area where government investment in the Internet of things, IoT, is valuable, and for private sector Enterprises its difficult.

But its not just Government Smart City projects that are driving HyperCat, there are more than forty technology providers from long established players who are the global leaders, through to young start-ups that are changing the game with new capabilities. A good clear explanation of HyperCat is provided on a slide set to found here whilst for more on the HyperCat consortium including members see here.

Why adopt this for your Digital Business growth into, and deployment of, Internet of Things, IoT, devices? Four strong basic commercial considerations;

1.    Is it really in your budget to have to research how to do this area of the technology and then document your own definitions?

2.    When you manage a procurement for IoT, or increasingly likely when looking for access to sensors as services, how much purchasing time and expense will it save by using a Standard as a benchmark for bids?

3.    Perhaps most importantly of all, how much integration risk, cost and time will your enterprise save by ensuring that it is using, and operating to, a common defined approach?

4.    By definition IoT devices will be low cost and be deployed, or accessed and used, in huge numbers. It simply wont be possible to accept the level of system integration costs appropriate to internal IT. IoT, like the Internet and the Web, is a plug and play standardized environment.

You can rightfully challenge as to whether HyperCat is the right standards and what will happen if something better emerges in three years time. The truthful answer is nobody knows, but right now its formed enough, and supported enough to make it useable for many Internet of Things, IoT, pilots and deployments. What happens if something newer, and different does supersede your enterprise HyperCat deployment? Then it is likely to be better to have to implement a single gateway between HyperCat and the new environment rather than having to work out piecemeal integration for a series of devices and services.

Increase your knowledge of deploying, and reading data, from Internet of Things, IoT, devices and take the time to read up about HyperCat. Take a long look around to see if there are any other standards that you can use. Remember this is all about a common integrated environment and work on approaching your deployments with this in mind.

Just don’t treat it as a traditional IT project and extend your existing architectures and methods that suit a closed internal Enterprise IT project. There are too many differences to take into account!

Research report now available: The Foundational Elements for the Internet of Things (IoT)

Tech Optimization Data to Decisions Future of Work Innovation & Product-led Growth New C-Suite Chief Information Officer