Sunday, March 24, 2002

Dyson's Divination Redux

Some of you may remember my brief write-up of the iBreakfast event last week. We were unable to present the full context of the morning's event due to a few circumstances. However, this week EDventure Holdings' Esther Dyson got back to me with some of her thoughts on the "next big things" while in Ghana working with ICANN on sundry issues.
You can learn more about Esther's divinations at her respected conference PC Forum: "Back to the Future" www.pcforum2002.com (March 24 to 26) and via her newsletter Release 1.0.

Overall, the promising areas she sees development are in enterprise software; personal identity management, including things such as spam filtering, "presence" management (who may reach me and how); and, of course, security. She also sees huge opportunities in emerging markets outside the US.

Esther states that "enterprise software is like AI. It loses its visibility once it comes into widespread use." This is where the web will come in handy: as companies get more complex, they will need to keep track of various groups of people and data across multiple organizations. "The web will allow for more seamless interchange not just of data but of functionality across different technical and business environments."

However, "right now customers are more focused on cost savings than on exotic new applications." Because companies want to manage more familiar objects and cut their costs, the enterprise marketplace is now one of longer selling cycles and shorter projects. Corporations also aren't buying anything that will take longer than several months to be implemented and show a return. Nor are they willing to buy from cute little start-ups on faith, the way they used to. Furthermore, a lot of the business done in this area is retrofit (ie. "make these two systems work together").

Esther concludes that "corporate systems still have a long way to go in terms of using internal employee-facing systems to serve their customers."

Esther's next area of focus is personal identity online. If you saw the movie "The Net" with Sandra Bullock you watched how a woman lost, and then fought to regain, her identity. It was "stolen" via computers and was a great way to scare the uninformed citizens around the world as to the beauty of the Internet. (Please note my sarcasm.)

"While enterprises are being encouraged to take more responsibility for their own security, new digital identity services should give individuals more control over their data. Most consumers want to keep their data in several places rather than putting all their eggs in a single basket." Esther feels "we need better rules and better customer control over what happens to their data. After all, it is theirs!"

Both Microsoft and the Liberty Alliance have solutions. Microsoft has its .NET initiative and the accompanying Passport identity system for end-users. Sun Microsystems developed the Liberty Alliance in response as its identity project.

"In the end, businesses want systems that work and, in the realm of digital identity, standards for trading and managing information securely. What we need, in a sense, is a better market for data practices, where people can make their own choices about what happens to their data. We don't need a one-size-fits-all law. We need an environment where you can trust the people who say that they're keeping your data secure and where you have some recourse if they don't."

A big part of a company's digital identity is their domain name, which is another area where Esther and ICANN spend a lot of time discussing who owns these little chunks of digital turf and who should manage them. The Liberty Alliance is also addressing such issues, but ironically, their domain name suffers from one of the very aspects they're working on identifying. It's not at www.libertyalliance.com, where you'd think it would be. It is at: www.projectliberty.org.

Another area where Esther is focused is security. Since September 11, security has become a big topic. But it's not a product you can buy; it depends on everything from the carefulness of employees to the legal climate of liability for damages. "On the user side, it's relatively easy to secure data as it travels over the Internet. The challenge is figuring out who gets access to it and who controls it at either end. A computer system will do only what it's told to do. If an employee leaves a machine unattended but in available mode, and a janitor who isn't really a janitor walks by, the technical sophistication of your system becomes irrelevant."

Esther feels we must move beyond firewalls and secure systems. Firewalls are designed to keep out the supposed bad guys. But what if the bad guys are on the inside? We need a detection system that will track bad behavior, not just bad people. She feels we need to create incentives that will encourage people to really care about security; passing a law isn't enough. Esther's solution is to bring enterprise security to the financial markets' attention by way of the Securities and Exchange Commission. "If all public companies were required to disclose their level of information security in their SEC filings, companies would waste no time in hiring an independent firm to conduct a security audit. Ultimately, the financial markets (including insurance companies) would reward the companies who take security seriously."

As our networked world evolves despite the tech-industry's snag in 2001 with the stock market, developments in enterprise software, personal identity management, and security offer hope in terms of identifying areas where true development is needed and is, thankfully, occurring.