The Bankwatch

Tracking the consumer evolution of financial services

A Sure Sign that we are at a Turning Point in Mobility and Use of Internet

I noticed an ad on CNN this afternoon, that really shows the gap that lies between old business and new business. The topic here is personal use of technology – how individual managers and executives use it. This reflects personal,and therefore institutional effectiveness. It reflects the difference in things happening over days, versus over months.

The ad was for GotoMyPC that “allows you to access your PC from anywhere in the word”. Its a funny ad that begins with a travelling executive who realises the information he needs is on his PC back at the home office, so he sends some carrier pigeons back to get his PC, and they forget the keyboard. Funny stuff, but there is much larger message here.

An no, the message is not get a laptop. That is a personal preference, and offers an interim solution, but does little for sharing the information, nor deal with hard drive crashes, or ensuring you have the latest version of the information. No this is a message about the ‘cloud’ and having the security of knowledge that you could be handed a blank brand new laptop today, and be up and running with everything you require in hours. That is security.

I have the good fortune to watch how developers use technology (new world) and compare it to the way bankers use it (old world). In both cases, the need is to share and co-operate on information. For developers the information is comprised of a large code base(s) and supporting requirement information. For business executives it comprises things like data, analysis, presentations, and plans.

First lets look at how this works and assume away from home office scenario:

Bank Executive preparing for a HQ meeting tomorrow:

  • opens laptop – can’t access hotel wireless network because of hardware security constraints on laptop. Eventually hooks up using ethernet cable although this forces him to sit on the uncomfortable chair, because the wire is too short
  • once online emails colleagues in different time zone to get the latest powerpoint after he realises his version on hard drive is probably not up to date. Also seeking the latest sales data because all he has is the end of August and now it is October. He has checked into SharePoint but it turns out the latest files uploaded are not the ones he assumed would be there and now he is freaking out.

Developer preparing to present to client tomorrow:

  • opens laptop, while in the comfortable seat, signs in (to laptop) and accesses wireless network. Hardware access security limitations not required because …
  • … he logs into github on the web (secure code repository) using SSH (secure keys) security through a secure tunnel. (incidentally, it is immaterial whether the developer logs in with Windows, Linux or Mac – same result – the consistency is at the code and network level, not the personal hardware level)
  • he pulls down the latest code base updated by developers from multiple locations, safe in the knowledge he has the latest version, and works on tomorrows presentation. Download is fast because it a series of text (xml data) which is not assembled into anything meaningful until on the laptop. Contrast with the bank experience that downloads actual large powerpoints, complete with large images etc.

Lets look at what happened there and the opportunity for business. In the case of the developer, the information base is completely abstracted from the individuals who manage it. Security is maintained through different access levels at github. The control lies in github. Different access levels in github provide some people access to send changes to git, while all can view. Not all can submit (“commit” in git language) those changes.

For the Bank executive it is all as good as he is at last minute changes, and in the hope that folks back in the other time zone get his last minute requests and whether he can integrate whatever he gets.

What is going on here? Well there are a few things at different levels:

  1. bank security is managed by licking down hardware and information. Hardware is locked down to become practically unusable, and often having the ‘smart’ executives use their personal gmail accounts to manage information exchanges (who will admit that method of keeping data in a handy cloud environment for access?)
  2. developer security assumes ant device could access the information, and security is managed by secure key exchanges and digital certificates.

Which of the above is the more secure? Which is more efficient? This is a fundamental question for bank CIO’s. It will turn out that 2) is the more secure, and also cheaper, but …. and I can hear this now … if it is cheaper how can it be more secure?

Relevance to Bankwatch:
Back to GoToMYPC. I hate to pick on them, and if fact they are providing a valuable service that circumvents many of the bank executives problems, but does not solve the intrinsic problem of securely sharing information.

The Github solution solves access, solves version control, and solves information management control. What if someone took the Github example and build a git for information, ie presentations, spreadsheets, documents, data access? Sorry SharePoint but from the moment you insist on proprietary Silverlight to enter you fail. Access must be open to alternative operating systems to access.

2009-10-04-154534_1024x768_scrot

A github type solution that retains latest and previous versions ‘in the cloud’ yet still secure would be powerful. Github is not an afterthought, but part of the development process. Developers create on their own desktop, then save to git as they progress. This two step process allows for efficiency of a local desktop but retention of latest information in the cloud.

There has to be a way to shift banks into this type of environment, rather than the current method employed by most that offers security by making it well nigh impossible to do anything.

The challenge for banks and information security suppliers is to do what developers did … go back to the fundamental needs of executives and managers, which at some level is not at all different than developers and revisit the strategy. Yes this will mean throwing out investment in expensive infrastrucuture but if the alternative is better, faster, efficient, and saves money then the opportunity of sunk licence costs is immaterial. Perhaps it is time to move beyond personal pride and seek a better world for all.

Thoughts and experiences of bankers welcome, and feel free to be anonymous on this, if you need to protect the innocent 🙂

Written by Colin Henderson

October 4, 2009 at 15:06

2 Responses

Subscribe to comments with RSS.

  1. Very, very interesting article here. I often think about the things you are discussing here. Its extremely interesting when I watch my parents offices and how they function with information and their computers.

    I find it especially interesting the way that different technological skills *view* information differently. So much so that I believe it constitutes a real competitive advantage in business. That is, some novice users think of data as large objects. Something akin to a book or a scrap of paper. Technically savvy users think of their data as.. well, data. As little bits of information that just happen to be in the container.

    For instance, I’ve often seen my mom put pictures into a Word file and then add some text and then email *that*. I’ve seen someone keeping financial records in Powerpoint when Excel was installed.

    Its both about a users familiarity with tools and about their own conceptualization of the information. The fact I can put it in Excel, export it to Google docs, make a chart and then upload that chart to facebook. Its all the same data, I’m just transforming it. A novice user might print out the data and keep it in a binder instead of letting it move around to where its most useful.

    I haven’t slept much, I hope at least some of that makes sense. 😉

    Hampton

    October 5, 2009 at 07:55

  2. Hampton, thanks for stopping by, and yes your point about data makes perfect sense, and thanks for amplifying that point.I feel certain there is a git type application for effective collaborative sharing of business information, documents, presentations and spreadsheets that manages version control, and simplifies people keeping up to date, yet still satsifies their paranoic fear of security matters. Maybe you can build an iphone version 🙂

    Cheers and hope all is well in jolly old ….

    Colin Henderson

    October 7, 2009 at 21:35


Comments are closed.

%d bloggers like this: