This is my personal blog and anything I write here in no way reflects the opinion of Cisco Systems, my employer. If it does, it is only by pure coincidence :) Nothing here constitutes investment advice either, so you can't sue me.
The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions. NO MATERIAL HERE CONSTITUTES INVESTMENT ADVICE. The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are solely your responsibility.
About two years ago now (wow...) I wrote a post about my fragmented online identity, and all of the pieces of it scattered across the Internet. The list at that time was pretty big:
Since that post my online identity has only grown even more fragmented due to all of the different sites I have added to my roster. (Well, except for the Latigent account--that one's dead now, replaced with my Cisco email account.) I've since added a Twitter account, a Digg account, a Reddit account, a forex brokerage account, an options brokerage account, a LibraryThing account, a Jott account, and a Google GrandCentral account. And those are only the ones I use on a regular basis, not the throwaway accounts for checking out a service. If you add those into the mix I've probably literally added well over 100 accounts to my identity in the past couple of years.
Solutions like OpenID work great--when they're supported. I set up jasonkolb.com as my OpenID, and I LOVE it when sites support OpenID. I don't have to remember yet another account, I just plug in "www.jasonkolb.com" and I'm done. And it's linked to my permanent identity, so I can switch OpenID providers with NO problem at ANY time. Unfortunately, sites that support OpenID are still in the minority. Companies like to pay lip service to single sign-on by allowing their accounts to be used as OpenID's but not accepting OpenID's themselves. Bah, hypocrites. Two steps forward, one step back... such is life, I guess.
I still firmly believe that ultimately your online identity will revolve around a single URI that you own, and OpenID has made some great strides in that respect. This concept is still in the nascent stages, but you can certainly see where it's pointing, and that's exciting.
One aspect of online identity that I don't see discussed often is the intersection of personal and corporate identity. I think the technology is certainly available to make this happen, after all OpenID is nothing but a layer of abstraction that removes the authentication plumbing from the application. Enterprise apps could certainly just hand off to OpenID for authentication and companies could be rid of user provisioning altogether, except to turn access on and off. Creating an internal OpenID provider would be dead simple, using public OpenID providers gets even more interesting. It would allow people to use the exact same set of credentials when they're working and playing.
The only reason I can see why a company would NOT want to do this is for security reasons. When applications hand off user security to OpenID, they're making the assumption that the user's OpenID account is secure. In this scenario, the chain is only as strong as the user's OpenID provider. If the OpenID provider doesn't force the user to use complex passwords, change their password every 90 days, etc, I don't think this will fly in the corporate world, as nice as it would be.
The solution to this, however, is relatively simple, and I think presents an interesting business opportunity for a large company. A public OpenID provider that conforms to Sarbanes-Oxley security standards would be secure AND would certainly work as the employee's personal OpenID provider as well. For example, if Cisco were to offer a public, secure OpenID provider that enforces enterprise security I could simply redirect jasonkolb.com to that provider and bang I'm done. Cisco could even use its existing Active Directory to authenticate me, the only difference would be that I'd be using that account for both my internal AND external accounts. All of the sites I currently use my OpenID for wouldn't even know the difference, I could use my OpenID for internal secure applications, and the Cisco enterprise group policy would be enforced for every single application I used OpenID to authenticate against. Beautiful.
As I wrote before, there are some business opportunities only available to the big boys in the market who have something a startup can't buy--trust. This is one of those opportunities. Here is an opportunity for a large company to leverage its position as a trusted entity to both create a new market and move the industry as a whole forward in the process. Hopefully somebody will pick this idea up and run with it, because I'm sick of managing all of these accounts :)
Working at Cisco is a new experience for me, as far as the size of the company. Prior to Cisco the largest company I worked for was around 5000 people. Lately I have been thinking of the advantages of being a big, well-known company, and how those advantages can be leveraged in new ways. I have found that there are many things a startup can do that a larger company simply cannot because of size, but there are opportunities larger companies have to leverage their brand which are closed to smaller companies.
The one thing that a startup can't duplicate is company brand and history. Brand equates to automatic relationships and trust, especially from a business perspective. There's a certain amount of latitude and respect that you get automatically when people recognize and respect the brand of the company you're working for. That's been a very interesting thing to observe at Cisco.
There's one use case for this trust that I haven't seen explored much: Cross-business social analytics. Daydreaming about this, I can see some very interesting opportunities for a trusted intermediary to become a clearinghouse for metrics and industry insight. By having access to individual companies' data and being trusted not to share it, competitor data could be aggregated and individual companies could compare their metrics against the industry average, without anyone's data being exposed. The only thing required is that each of the individual companies trust the clearinghouse with their data.
Personally, I think it would be incredibly useful to see how my company's issue resolution rate compared to my competitors, what my conversion rate is compared to the industry average, etc. By consolidating this over time you could even look at industry trends against your individual metrics etc.
It would be interesting to see how open companies are to this. If it was actually successful I can see several interesting offshoots such as the clearinghouse becoming a "credit rating agency" for the industry, providing reports that verify that the company is in fact in the Top 10% for a given metric against the industry.
The one real drawback I can see is companies might become excessively metric-driven. For example, if software development managers started comparing a BS metric like lines of code to the industry average, that would be an extremely bad thing.
Notice that I say this is the question they must learn to answer, not what I personally am asking. That's because there is no answer that will work for everyone asking the question, and I already know the answer for me. People who want to evangelize this technology must learn to make the asker realize why this is not the correct question to ask. As I said before, it's a mindset problem.
You also need an elevator pitch for this answer. Something you can say in under 30 seconds. If the answer takes more time than that you won't be able to sell it.
One of the questions I'm being asked somewhat frequently these days, probably because I write about it a lot, is "what can the Semantic Web do for this product/idea/whatever?"
My reaction is always a brief pause while I realize that the person asking the question doesn't really understand what it's about. In the end, they're the one who has to figure that out. The short answer is "it depends on what you're building". It's like asking "What will learning how to read and write do for me?" It depends on what you want to do with it, trying to ask somebody else is pointless.
I think this is ultimately a mindset problem. Relational databases have placed limitations on software development that have been in place for so long that people aren't even conscious of them, they're just accepted. Like the earth being flat. Or the "fact" that man cannot fly. Software engineers have these limitations drilled into their heads from the time they're in high school until they graduate college, and then they perpetuate these ideas. When a couple of guys sit around drinking a beer and drawing flowcharts on bar napkins, they have the limitations of a relational database in mind without even consciously thinking about it.
People think of the Semantic Web/Linked Data Web as something tangible and easy to point at, like rounded corners, or AJAX, or software that runs in a browser. Or, more often than not, something "better than Google" in a nebulous kind of way. It's not.
In my brain, I think of it as a direct replacement for relational databases. This is from a programmer's perspective, of course. I view it as something that you will plug in in place of the relational database that used to hold all of your stuff. It is a means to let your applications use the Internet itself as its database.
I don't know what connections between your data and the outside world make sense, unless I'm involved in brainstorming the product. But if you use a relational database you can't make any of those connections, they're precluded by your platform. There's a ton of useful data out there for you to connect to, but it's up to you to figure out what you need. You must know where you're going in order to get there.
To me, the Semantic Web is a fundamental shift in software architecture. I've said this before, and I'm still convinced of it: I will never build another application on a relational database, even if I don't plan to use any outside data. Why would I consciously cripple my application?
UPDATE: Kingsley has reminded me that there is indeed a line that needs to be drawn between the RDF store and the old relational database. There is, already, middleware available that will facilitate mixing and matching RDF and relational databases in cases where the relational database is already entrenched. I have corrected the flowchart :)
I don’t believe that there is anything Yahoo could do at this point to further destroy their business that would surprise me.
I agree.
I now believe that I was correct. Microsoft (NASDAQ:MSFT) has assinated its primary competition for online portals in broad daylight, and everyone is mad at Yahoo (NSDAQ:YHOO) about it. If that was indeed the plan, it was executed flawlessly. (Pun intended.)
Bernard Lunn at ReadWriteWeb has an interesting post about the long-term role of LinkedIn as a business tool. He thinks it could replace Outlook and SalesForce:
Like all social networks, LinkedIn is under pressure to "open up." They
may be be able to push back on that front if they create enough value
so that biz people decide to live in LinkedIn as opposed to living in
Outlook and SalesForce or the equivalent CRM.
I disagree with the Outlook comment. I think trying to be an email client would be a dumb move into an overcrowded market owned by the best in the world. A CRM platform becomes a little more interesting, but I still think that it's not where LinkedIn needs to be long-term.
LinkedIn's value proposition, to me anyway, lies in its gigantic user base of business users and especially in the way that it validates people's claims to be who they say they are and that they actually do belong to the organization they say they do. It's a unique value-add that I don't see any other social network doing. And, from a business perspective, it's incredibly useful. When you look at my LinkedIn profile and see that I work for Cisco, you know that I actually do, in fact, work for Cisco, because as part of the verification process LinkedIn sends an email to my Cisco address. Same for professional groups within LinkedIn that I'm a member of, such as the OpenID group or the Business Intelligence group. I can't just join as many groups as I want to, because my membership has to be accepted by the group owner.
This, to me, is LinkedIn's true value, and one that I really do appreciate and value. It also makes LinkedIn recommendations valuable. They now have such a large base of validated professional credentials that they could conceivably be the credit rating agency of credentials. A broker for verified contact information.
This will become more and more useful as the Internet continues to decentralize. While the network itself flattens and becomes more distributed, LinkedIn has the potential to sit on top of it as a trusted source of verified contact and professional association information. This will be an extremely valuable role as time goes on because, to my knowledge, they are the only ones playing this role, and they are doing it well.
While you raise your kids to grow and protect their credit score so they can buy a car and a house some day, you may want to consider teaching them how to build their online reputation as well. As of today that means A) protecting their online identity (Google Juice) and B) starting a credible LinkedIn profile. A) has no signs of going away, B) remains to be seen as to its stickiness.
One of the sites I use, which shall remain nameless, is down today. I know for a fact that the person who runs it hosts it himself.
<whine> One thing that I simply cannot wrap my brain around is why in the world anyone, in this day and age, would even dream of hosting a live Web site themselves, out of their house. When you can put your site in the cloud at Amazon, or in the hands of a professional data center crew for under $50 a month, WHY oh WHY do people insist on hosting things themselves??? Is it pride? Ignorance? Refusal to face the fact that the server you bought for thousands of dollars five years ago is now next to junk status? I just don't get it... </whine>
Thought-provoking post from Confused of Calcutta about why people subscribe to things. Does a good job of capturing some of my recent thoughts about the value of freely and liberally syndicated messages, particularly in the enterprise:
[Syndication is about] the power of being able to subscribe
to the things I want to subscribe to. Very granularly. Out of choice
and not force. With no one else filtering or summarising anything at
all.
There is a lot of information out there that you need to see but can't, either because you're not aware of it or because it's lost in information overload. Subscription failure. The correct information sources will become available over time, as the tools emerge, but the task of subscribing to the correct sources is squarely on your shoulders.
2 comment(s)
