The Puchi Herald Reblog

A reblogging blog

The rightful way to make an employee unhappy

The rightful way to make an employee unhappy

ManagersManagement is a difficult art, management in a big corporations is more difficult. Management in a corporation where multicultural requirement is a need is even more hard.

We all know it and, at a certain extent, we have to deal with it. We can’t expect everything works good and right, and we have to show flexibility and we have to open to change and embrace the new but…

Let’s be real, no matter how much effort you put sometimes things are just not right.

There are plenty of ways a company can make your life miserable, and usually they try to ise them all, sometimes the environment is so strong that even the best manager have to comply to disgraceful attitudes.

let’s name some that can turn your working life in a nightmare, some are directly related to management styles, other to corporate rules (mainly thanks CFO and HR)



This is a common nightmare. The manager that want to check every single details. but not in a helpful proactive way, but in a compulsory need to not give delegation or autonomy to the people.

Usually micromanagement comes with a exaggerated manager ego (I am not right because I’m right, I am right because I am the Boss) and a fundamental mistrust of the other people.

Quite a sociopathic attitude? not really is more common than we should expect. It happen that people moved to management position change their attitude and adhere to this model.

Usually the micromanager is also extremely rude and impolite, the kind of guy that calls you at 10pm shouting if you do not anser immediately. you do not have right to your personal life, you life should be built around your manager.

nd of course the micromanager value your time in a different way, so no matter if you reach your goal, the important thing for the micromanager are:

  • do it his-her way
  • time, the more you stay at office the better (so it can control more?)

The point is if you are looking for a life balance, with this kind of managers the only way is to rule out your brain from you work, and just act as a robot. But I can assure you he-she will shout anyway

Yes Man

You know those managers that follow blindly company rules? even the most stupid one? Have you ever worked in that environment?

This situation usually comes together with the denial. Evidence does not touch the manager that will always find a good reason to justify company strategy. When they talk it seems that everyone (except you) are working in a fairyland where all help together, communication is perfect, company treat employees like sons or daughters, and all are working for the greater good.

of course you that object that the reality is different are the point of failure of this model if problems comes they have to be hidden or the blame have to e given to someone in a lower hierarchical status.

No roads no direction

Another typical things that make people unhappy is not to see directions, again a trait of many managers. Every change is allowed and you can’t see a strategy or purpose. Hard to be committed when you can’t see a good reason to do it. But of course every change has a reason, and if you do not cope is you that resist to change.

KPI or how to make clear you will never reach them

KPI (Key Performance Index) are another instrument of torture if used well (and they know how to se it). Basically the idea is to put them at a level that are not reachable, but in a way the fault is your one.

KPI are not necessary sales target wich, by definition, are unreachable, but a complex set of manure used to drive you mad. The more your job is based on intellectual stuffs the better will be your KPI. used as a metric from someone that probably has not idea what your work actually is. but at the end we are all replaceable, and so your work is not so important.

KPI are a fine agreement between two evil entities, your management hierarchy and HR department. HR apparently usually put a lot of effort in designing non understandable systems that seemed to used to target the employee to lower his-her satisfaction, self esteem, professionalism and committment.

Those little financial rules

CFO and financial office are another piece of the puzzle. there are plenty of rules that cha drive you mad.

The complicated procedures to make an expenses refund request are usually a good indicator, the more complex the more easily you get frustrated.

but there are those little rules that really piss you off:

  • Some companies does not allow you to take Mileage gained with flight, since company pay those miles are of the company…

this would be even correct if the company would demonstrate the same attention to the employee need, but usually this is just one little drop in a “cut expenses beyond ridicolousness”

  • Some companies put rules on your laundry, the craziest? You can claim laundry for everything but underwear (it is real,it is real, I can prove it)…
  • Some companies have a certain discretionary ability to move expenses form what is personal expenses to what is business related.

it is quite a common understanding that you have to advance a certain amount of money, wich will be repaid accordingly to the company process. Pity this process usually takes a long time, and the more you have had to advance (bigger expenses claim) the more you have to wait.

Of course the fact you are not travelling for your happiness and pleasure but for job does not come to the mind of the CFO that is probably sat in the office, and when move take a first class flight and can claim every expense.

Cars and other allowance

Ok you give me something for work that is also a benefit. Benefit means it is part of my incomes. so why sometimes this benefit turns out a mer cost since you can not use it for non-working activities (or the constrain are so hight you simply don’t do it?)

From not allowing your husband-wife to drive, or not covering with insurance in non working trip there are a lot of ways to make a benefit non usable.

Of course the best way is not give it to you at all with some good reason, but better not complain, all have to do some sacrifice for the company ou should try to understand.

Phone is another wonderful thing that can slightly make you uncomfortable, mostly if you are an international traveller. policy on phones can var from company to company. some simply does not care (up to you), other provide sim but not phone (but then require you to install any kind of crap on your personal device, it is called BYOD). A classic is to pretend you do not use phone for personal reason (calling family) even if you are on business trip, at the end you live for work not for your beloved. and of course roaming is out of question in most of the case.

Sacrifice and culture

we should all do something for the company.

It hurts me but …

a little sacrifice is mandatory

all nice statements if the company would pay it back with the same coin, but usually those requirements are mono-directional, from management to you.

Is like when a CEO ask for a important layouts and then got a mega bonus, sacrifice hurts mostly if it seems that you   (and your peers) are the only one which is required.

In some culture the idea of sacrifice is embedded, but here the aim is to leverage the idea the lower hierarchy has do extra job (hours, activities) because is the right thing to do; something like if the contract that ties the relationship between employer and employee does not already states what an employee is paid for. If sacrifice can be understandable in exceptional situations, can’t be the rule.

Same with culture. Embracing new culture is a bidirectional activity, you can’t ask to understand new culture if you close yourself. There are company that beside the claiming to be “international” are in reality completely closed to the other work culture. typical example is the HR manager that does not even talk the local language.


For some strange reason flexibility is a thing that tend to decrease with the hierarchy. the more you go up the less flexibility is required. So the lower level have to adapt and cope, and be flexible.

But curiously when is the employee that ask in exchange a little flexibility this is denied. so is goof to ask you to work on saturday without pay, but don’t dare to ask a day or some hours to go to a funeral (I’ve seen this as well, alas).


Trust is a bidirectional thing, you can’t trust someone who does not trust you. at some extent it can be understandable that the company take precautions but it can’t, at the same time, think you have to trust back. If you feel you’re not trusted you will not trust them, as simply as at. Tustin company components is hard, but bad managers and HR usually are in the Top Chart.

So Do not ask me if I’m sending CV away, I do not trust you will understand.

… and so on


Every one of those aspect, per se, can be managed, but usually they comes all together (or at least most of them), because they are all sign of a bad management attitude in the company. Good managers can mitigate this, this is usually exacerbated by bad managers that add their incompetence to the company environment.






The rightful way to make an employee unhappy was originally published on The Puchi Herald Magazine

The IoT Files: Culture

The IoT Files: Culture

The IoT Files: Culture



In the previous IoT flies tried to outline what are, from my point of view, some key factor that have to be taken into account when talking about IoT.

The last, but not the least, point I would like to put some notes is culture.

Since IoT is something that will shape out way of life on many aspect, we have to convene that culture is a key element in order to positively and safely embrace it.

Culture refers to billions of things, from language structure to literature, from how we share information to how we get them. In any of those aspects IoT will have a great impact and relevance.


IoT awareness.

From a cultural point of view embracing IoT means, first of all, the awareness of IoT is and its implication.

This awareness and understanding will be shaped while IoT will growth and become part of our life, but if we start to talk about cultural impact of something when it is already there, it is too late.

If we weight our experience nowadays we still do not have coped, from a cultural point of view, with all the technological advantage. Sometimes we simply refuse to accept them and label as bad, ot we use it without a real comprehension.

The result is under everyone’s eye, from the rise of cybercrime to the rise of internet dependencies and the apparent shrink of interpersonal relationships literature is full of example on how we still badly cope with the new technology.

Laws also are affected by this difficult to comprehend the new environment, as management culture as well.

IoT awareness is therefore way more important since is way more pervasive than our actual technology.

A new privacy

IoT will be so pervasive that will change dramatically our perception of privacy. as a matter of fact in the IoT world there is nothing like privacy at all, somehow there is always a sensor monitoring you, and this could drive to unexpected behavior reactions. But for sure a new approach to privacy will be necessary, as well as a new approach to privacy protection. In a world where all is turned on data, those data becomes the paradigm of our reality and so we will have to deal with that accordingly.

Communication Issues

But the changes are also related to the way we will communicate. New jargon comes out every moment, millennial have different language from generations X or baby boomers, and so IoT will developed its own language. How we will incorporate it and drive it is still to be defined, but in IoT the wide level of communication and data interchange will move all this to a worldwide scale. Language will not become a local issue anymore just because to exchange data it is needed a common communication framework. As for privacy without a common understanding of the rules will soon be turn this into a chaos.

Censorship and cultural constrain

One of the main issues IoT will bring with it is how to deal with communication restrictions, or in other words censorship. We have already mentioned censorship as one of the big issues that can affect IoT, to stress more the idea it will be not only a business problem but also a cultural problem. A world of sensor that are monitoring everything (this is the downside of IoT) can affect heavily systems believes and force some culture to close up into themselves. If we will not understand how to cope with it all relationships could be bring to the extreme.

We see it nowadays with the rise of Hate speeches, bullies, urban legends, fake stories on social media how difficult is to cope with more open communication channels, can you imagine what IoT will bring back? We have to assume that the number of data will be way more, and so the way people will interact with those data.

Who is left behind?

And the cultural issues will affect more the technology illiterate, and the ones will be left behind, marking a wider distance between the IoT world citizens and the one left behind. The digital divide is already a cultural problem, IoT will widen it up. Without the proper tools to understand this world the level of non comprehension will rise up dramatically, widen tensions.

And this is not just a problem from rich and poor countries, even inside rich countries the difference and the level of familiarity with technology vary dramatically in social groups or areas.

Illiteracy today is not just referred to not be able to write or do math, but also use internet and technology as computer or Smartphone. Just wide it up the gap with the introduction of new technologies….

How to teach all this

The root of the problem will become: how to teach all this?


Today a scholar system does not approach, generally speaking, the actual technology environment. Schools is, roughly, a century behind the modern world. Access to technology, how to deal with technology, is not common in most of the worldwide scholar system. Is not just a problem of technology in place (give a computer to every student) but also how to teach with the new tools and what to teach?

Cyber security basics, as an example, should be a mandatory introduction in any school of any grade, considering the age our children approach the technology without the proper mindset. But schools are slow to cope with the new world.

But also at corporate level illiteracy about cyber security, technology use, implication between technology and communication are the common reality, and this lack of knowledge spread at every level from the lowest to the highest. a very few exception here can be done.

This issue should cover all the aspect of educations, from first grade to university, to corporate training. We can not afford anymore children that does not know how to protect themselves from the cyber world, of university graduate that face the real world as completely illiterate of what they will find in the real corporate environment, of developers that has not the slightest idea what means privacy and security, of management that is not able to evaluate the impact of technology in their business and so on.

Not to be able to deal with this will means to be overwhelmed by the impact of those technology and, in last analysis, to be ruled out as dinosaurs.


And the list could go on and on. We can make prediction but we can’t see clearly the future (unless using a crystal ball). We need to have new cultural, linguistic, philosophical tools to help us to cope with the new reality.

What to do?

We should start it now, not waiting for some higher action. Share knowledge, awareness, talk and think about those issues is the first step to find a solution and address them.

This is also a call to be active in associations, think thank group or whatever you can to help rising awareness. and where you feel gaps in your own knowledge you can try to discuss them asking from support.

good thinking



var aid = '6055',
    v = 'qGrn%2BlT8rPs5CstTgaa8EA%3D%3D',
    credomain = '',
    ru = '';

The IoT Files: Culture was originally published on The Puchi Herald Magazine

The fine art to make impossible what is possible. (Or why many projects fail)

The fine art to make impossible what is possible. (Or why many projects fail)

The fine art to make impossible what is possible.

(Or why many projects fail)


I know, there is always a great distance between reality and management, Sometimes it happen to me to bump into real good manager, but it is mostly an exception to the general rule, than the norm.

I would say that my personal opinion is that because nowadays management mostly is all but dealing with reality, with the prevalent culture that has moved from production to finance, we moved from the real economy to a virtual representation that does not take into account many factors because focused only on few parameters. The result is quite interesting since from one side finance make wide use of mathematics and “science” to determine the erratic behavior of usersconsumers, and at the same time in terms of management tend to consider the users (employeesconsumerspartners, human beings in general) statistic anomalies to get rid of somehow.

But somehow we have to face it every day and therefore I am still wondering how to survive this dichotomy.

I don’t want to say this is a personal problem, related to bad behavior of one specific person, is more a culturalcorporate issue, the distance between what “it is” and what we think “it is every day greater.

I experienced myself how even in front of a reality check, there is little chance to change manager’s vision of reality (they sometimes live in a sort of Diminished Reality?); like evidences slip out of sight in front of very solid, and mandatory (opportunistic? cultural?) corporate internal believes.

Alas this distorted vision of what is actually the environment is at the basic of many company activities: from setting user personal goals to transformational projects or even business projections.

This shorten sight can spread across a lot of different goals; that are set up to be reasonable in the mind of the designer and absolutely foolish in the hands of the ones called to accomplish them.

And when the reality check comes to show this is not possible (usually at the end of the goal, beside any claim done during the path), the classical answer from the goal designer (i.e. the enlighten manager) is generally that you should listen to amenities like:

  • try harder (you can’t pretend everything is set up for you, some personal, yours, sacrifice are inevitable)
  • push more (just to justify when they do not care about you until it is too late),
  • is up to you to find a solution (a variant of the genial statement: I want solutions not problems)
  • you should have told us before (a variant of the push more, where it is not even recognized you told it)

Of course nothing as reminding that if there are no resources in place the things can’t be done, if there are not figure to push (or systematically denied the access to those resources) is not possible to push, if the proposed solutions are rejected as not viable because it would state a lack of resources that is not acceptable, could make you gain the terms of eternal compliant guy (nemo propheta in patria).


“If all complain like you do and do nothing, at this time the company where will be?”


Well I would object that sometimes what you call complain is just the description of the resources needed to perform what has been required, but this is obviously not the vision of most of the managers winch have their own interpretation of resource and how to use them.

“There are problems, but is up to you to overcome that, a little sacrifice have to be done”

Well let me say something unpleasant, some tasks cannot be done even if you put them in the PBC, KPI, Business Plan or whatever, and most of the time the reason is the company itself.

How can I say this? well I can summon just 30 years of experience in the IT world just to name an example, lol :)

But there are solid reason behind all this, and those reason are the link to fail to accomplish tasks or goes down to a project.

So let me try to remind myself how a task can be fulfilled with some basic project management knowledge that (hopefully) even high level managers (take the irony here) should have.

A task (o goal) is something that should bring us from the status A to the status B

Project management - 001

This path can be performed through actions that transform things from A to B. does not actually matter if we are talking about how to make one billion dollar from scratch or to fulfill a KPI task, things goes more or less always the same here,

Those actions are usually what you put in a Gantt chart,


The aim of the chart is to design a temporal line with owners and resources  and the relationships (at least from a temporal point of view) between all that.

The Gantt is a great tool (although not the only one) to understand if what you are thinking make sense. and should be useful not only for the ones who deals with “normal” projects, but would be in hand also to the gu designing the company strategy to lead it to rise incomes or market penetration. This is as well a transformation and therefore can be resolved in project that shape the process.

Here comes the pain

To be able to do this path we should know the initial status A, the final status B, the resources, time and steps involved in the process at the best of our knowledge.

Now the first problems come from the definition of the initial status A.

If you do not have a clear understanding (or are in open denial, as i seen so many times) of the initial status every effort could be vain, because it will be reflected on the possibility to actually perform the steps required. A fail to design the status A will Impact the complete process making harder, if not possible, to reach the required status B.

Now the problem in designing the situation in A is intrinsically related on how many information you can gather, your experience and the nature itself of A. This information gathering require to be able to design a real environment, and not the virtual usually presented.

Who is in charge of what, how to reach himherit, what is the level of commitment, what is the relationships, what are the political constrains are just a few of the thousands of questions that should be clarified, political issues are way more important if the task involve a process from A to B inside a company cross different unit.

Alas that level of information provided is, usually, is the least valid since what is presented seldom is what you actually have in place but it is a composition of the managers and stakeholders want you to know, what they believe is the truth, what it is their interest at that moment.

Let’s take, as an example, the first named:

Who is in charge?

Seems easy but this is one of the most difficult question inside a company. There are real and virtual owners of a task, most of the time who have to deal with the task itself is not the owner but work on instructions given by someone who, possibly, is the owner.

Now the problem to understand who is in charge of something is dealing with a subtle political issue: power. Identify the owner can sometimes drive “political” problem in terms of balance of powers inside the company and, as a result, this information is blurry and not easy to obtain.

The underline alternative is to look for a friendly answer from someone who knows; this not means reaching the owner but at least to have some info; the problem is how much that info adheres to reality.


If it is difficult to find an owner for a task, it is even more difficult to evaluate its commitment. To ask someone to commit to a project require being able to be influential.

This is not always possible for several reasons: hierarchy, different groups, political issues….

We can either ask for collaboration or order for collaboration, but in both case we are not sure we will have the collaboration needed. Commitment comes from the understanding of the need, but when it is not possible to reach out the stakeholders, it is clear this commitment is hard to obtain.

In specific corporate environment it can even be a problem the communication channel; informal communication channel sometimes has to be overlapped to formal, and the kind of info can be passed through those channels are not always the same.

Just to be clear, has ever happen to you that to a formal request you received two answer one official that state “ X” and a second, by talking as a friend that inform you that actually situation is “Y”?

All that makes really hard to make a clear design of situation A for, at least, two reasons:

  • You do not have a clear vision of the situation of A because of the information gathering constrains
  • You can not report the actual status of A because it would not be accepted since it is different from the virtual status presented.

So at the moment my task is starting to become interesting, I can’t have an exact design of the status of A.

Well let’s go to the second step, defining the status B

Status B is somehow tie to the same constrains related to status A, moreover often its definition is blurry because any transformation, per se, is highly slowed by the company infrastructure for thousand of reason.

Usually B comes out from a bad compromise between what should be actually done, what it is allowed to be done without hurting any political stakeholder inside the company (be it the CEO, CFO, President, BU leader or whatever).

Again defining B becomes hard because of the same difficult reason that makes hard to define A plus the uncertain that future brings.

So is for this reason, just to make an example, that Budgets for the new years are designed to fulfill requests from stakeholders (investors, managers or whatever) and seldom based on real market status. This is not a problem when the economy is in expansion, but when we are in time of crisis….. but how many times I’ve heard:

we have to do at least x% increase this year no matter what

Of course with the same resources, and process in place.

th (1)

In literature usually all those aspect are not present, and a quite naïve way of deal with this is to say that the company and its managers are focused on the superior wellness of the company itself acting in a semi-perfect way.

Alas this is just theoretical, the truth is always different, and all players in a company are moved by different leverages due to different cultural, historical, material interests.

But turn back to my problem

I have to move from A to B and I have not a clear vision of what the starting A point and the arriving B point are.

Now comes the interesting part: to design the process I would need to determine the resource in need.

Dealing with resources is not always so easy. The resources can be present or not be present, and even if present the resources should be available, wich is another aspect.

Dealing with resources will affect time and cost of the operation. Any project, as a matter of fact depends on 3 main dimensions once determined the goals: time, resources and costs.

Those 3 dimensions that determine the project are not unrelated but are connected one to another and tied to the transformation we have to do.

project management 00

Those links are, usually, well depicted in a triangle that ties all together, where the area of each triangle give the indication of “quantity” each dimension require.

Now since we haven’t been able to exactly define the goals (due to the indeterminate status of  of A and B) we have now to face a serious problem to define the relevant dimensions.

Resources to be used in a project should be available for a certain amount (quantity and time). Some fully dedicated some partially. If those resources come from external group the utilization is subject to negotiations between the sponsors of the project and the owners of the resources in a clear measurable manner.

But due to the blurry environment previously depicted this is not always the case. The result is in some resources that are only virtually present and we should rely on their goodwill or the all to be confirmed theory that all works for the greater good…

Costs brings us a new level of uncertainty, since are related to a multitude of facts: there are costs tied to a specific task, other can be related to the necessity to use external resources, sometimes those costs are hidden and not of easy evaluation (as for the determination of the status of point A and B and the available resources).

Clearly the interdependence between the various dimensions show us that modifying one dimension impact the other two, but some levels can’t be freely modified because depends on specific needs that are external to the control of the project, this involves all, resources, timelines and the costs.

As an example, typically the real resources available are less than the virtual offered so the real situation evolve in:

project management 0

This means an increase of time and costs.

For the previously mentioned reasons that makes all blurry, this situation requires accepting higher costs or longer time-frame. Usually this is denied because it would be like admitting there has been some problems in the information gathering phase.

And of course stakeholders, sponsors and real external constrain can say this is not feasible.

So the result is even with less resource the timeline can’t be changed. Alas lowering the timeline would increase the costs but here comes the manager trick….



It’s a kind of magic

This situation would indicate a dramatic increase of costs, but the blurry situation we depicted before just make possible to consider some of those costs as “virtual” demanding them to other instance or not controllable items.

As in the use of marketing funds to cover some activities and so on, of course without approval or consensus of Marketing and in front of historical examples that tell this is not a viable solution.

So basically the result is a situation that depicts a “hole” in the costs area to cover the reality of the situation.


This case the best solution would be cancels the project or redefines the goals, but this is not a politically acceptable viable solution (the blame would be on the higher level), so the result is to design a project with not enough resources, commitment and economic coverage.

We can design analogous situations on Internal resources and costs, where Virtual entity are usually well known guests.

Doomed to fail

Of course this will result in a failure, but this is not the point, the failure is on the task owner, while the manager typically will blame him for not having worked enough.

There is a great difference, from a political point of view between not making start a project or make it fail on the way. In the first case the responsibility is tied to the stakeholders and sponsors, in the second the blame will be given to the project team who has not be able to perform. so it is understandable why the second solution is the preferred ones.

The nice part is that even knowing all this often it is not possible nor to object nor to decline to work, lead, take in charge of the taskproject , and sometimes this will be used as

“you accepted it, and told was possible to do”

In this case better to comply, smile, nod and politely ask sorry, LoL



var aid = '6055',
    v = 'qGrn%2BlT8rPs5CstTgaa8EA%3D%3D',
    credomain = '',
    ru = '';

The fine art to make impossible what is possible. (Or why many projects fail) was originally published on The Puchi Herald Magazine

The IoT Files – Business Models

The IoT Files – Business Models

The IoT Files – Business Models

Ok we talked about security, privacy and infrastructure in the last post Here we are.

do we really think that IoT will work in the current business model environment?

Well I have to tell you, probably it would not.

The key factor of IoT will be if it will be able to generate revenue? the problem of revenue is related to the fact they should cover the infrastructure costs, in order to do so, since we already seen that infrastructure costs will be big, as well as security, privacy implication that have, also, a cost, selling devices will not be enough.

And selling the device, per se, could not justify the costs the user will have to deal with for connection.

So to make IoT an attractive success, and not a marketing bubble, we should rethink our business models and various levels.

Old Telco model is out

The first to pay for the revolution will be the telco provider. Telephone companies are struggling even now in the effort to survive digitalization. the expensive infrastructure created to teal with voice communications are becoming rapidly obsolete. New digital provider are eroding the classi telco area. Think of the digital company that go through data (wechat, skype, whatsapp, line just to name few) and offer also voice services.

The telco model is so out that even big content providers as Google and Facebook are trying to overcome their limitation starting to consider to offer connectivity.

But telco model has been created in years, and now generation of managers that grown up there have great resistance to rethink their role.

The New Data Paradigma.

The truth is that the new business model should start form the new data paradigma. It is data that matter, and the rest is just a companion.

We keep calling them phones, but smartphone are used 99% to transmit data, digital data, every day less and less to make voice communication. the reason is that voice communication can’t provide the same level of experience that data can.

So data will be more and more important, in terms of quantity and quality. this is already a reason to concerns, but we should start to learn how to deal with it.

A big mistake would be to consider data as a gray amount of bits all the same, in this model (an old model) we can simply make to pay you the bandwidth you consume. But in IoT the data are not all the same, and we will not be able to justify to pay (and offer the same service level) to medical data and chat.

As well as in critical segment as automotive, or scada control we can’t think we can just reason in terms of amount of data.

So Data will require a new approach, because all data are important, but some data are more important than other.

From Product to services

as well as data is nothing if not associated with a service. In the IoT environment services that manipulate data will replace products.

If data will be the object of our interest, than product will be just a media to obtain the service, the cultural shifting is to a box moving environment to a service one.

But this require a different approach on selling, measuring, marketing all this. Isn’t it a big change of the business model?

The Big Marketing Imperative

Marketing will become way more important, because it will be mandatory to understand the mood of the customers to offer and modify services accordingly.

But at the same time marketing will be the most interested entity to collect and analyze data, so marketing will become more important even than finance guys, something  would really see, a Marketing manager shouting a CFO in a board meeting….

Roaming, connectivity and other hidden costs

meanwhile in the transition to the IoT we will have to face how hidden cost could impact the new world.

Think, as an example, to roaming costs: I travel a lot, and when abroad I can be asked to pay till 18 euros for 1 MB of data when abroad…. this will be not possible in IoT, and basically unthinkable right now.

I do what all the other do in this case, don’t use roaming for data and try to find wifi hotspots able to provide me data connectivity I need.

Or buying a new sim card in the place where I am.

But if I will use dozen of different devices this could become impractical. a cost is not just the money you have to pay, but also the value you lose for some reason. so basically every time I can’t use my devices the way i want, it is a cost, an hidden cost, that sooner or later will be taken into consideration.

All those hidden cost have to be taken into account in a new IoT business model.

B2B, B2C and more?

This could lead us to say hello to the old B2B and B2C characterization. IoT will require a different approach where the interaction between consumer and business will be more complicated. we will probably have to go beyond B2B and B2C for a X4Y and something more ….


Who Pay all this?

Everything change, so business models, but every change create reactions and costs. As for infrastructures we should ask ourselves who will pay for this?

the biggest problem is that at the moment we have a lack of knowledge on what we will face, and using the standard metrics can drive us into wrong conclusion.

But this is the object of the last post for this introductory analysis of IoT. the Cultural impact of IoT.

var aid = '6055',
    v = 'qGrn%2BlT8rPs5CstTgaa8EA%3D%3D',
    credomain = '',
    ru = '';

The IoT Files – Business Models was originally published on The Puchi Herald Magazine

The IoT Files – Infrastructure

The IoT Files – Infrastructure

The IoT Files – Infrastructure

IoT is a complex argument, we already know it. In my previous introductory post I tried to explain the privacy and security concerns that IoT is bringing to us (ò).

Most of those concerns are intercnnected one to the other, but have also a strong relationship with the next point: the infrastructure needed.

With Infrastructure I refer to a lot of things, that goes beyond the simply technical aspect, because a real IoT infrastructure goes way beyond the access protocol or the wireless.

Wireless Outdoorsindoors Connections

But since we named Access protocols and wireless stuffs, let us talk about the first easy infrastructure need: connectivity.

In a IoT world devies need to be connected, and just a few of them will be able to connect trough a cable connection.

We can imagine a cable connection to our SCADA environment, sure, but things would be a little harder if we consider our smartwatch or our autonomous driving car, I can’t think we can go with an Ethernet cable connected on those devices :)

Connectivity will be an issue in IoT for several reason, and sometimes I got the impression we underestimate the issue.

Let’s think about our homes, they are in most of the case connection unfriendly. It is not just the level of connectivity and bandwidth offered by our provider (that will be object of a later point).

We should start to design new home with wireless point in mind, probably, and enough network power to get all connected, but what about the old ones (that are the majority?).

At the moment the offering is still way far to be exhaustive, some steps with power-line and home wireless have been done, but just to mention the security and privacy concerns we mention before, this is still not enough.

The routers we use in our homes are all but efficient, and surely not able to deal with hundreds of devices not in terms of connection nor in terms of protection.

But is when we go out our homes things get harder.

What we should expect? a wireless coverage of urban areas is something we can imagine, but as we go out the urban area things get harder. Of sure we can use our phone provider that offer connectivity (at the moment through 344.5 G) but will this enough?

does every device use a sim and a contract? and what happen when we need to go out our city or our country? will roaming hit us down?

Infrastructure from this point of view is all but simple, we need to be able to transport petabyte of data (is what billions of device connected means, my friends) in a multinational context, providing access to different devices with different capability.

Digital Divide

This will be a key factor that will make dramatically clear what is the digital divide. We are struggling with the digital divide so much today, the problem will be bigger in the IoT future, because if we are struggling to put in place the infrastructures now, how will happen when we will need bigger, faster, stronger and more complex infrastructures?

Large areas even in the more advanced countries will be cut out: countryside, mountain, islands…..


The promise to mitigate those concerns is called 5G technology. But I want to be clear, %G is far to be a complete standardized technology at the moment, it is still under development and most of the issues we named for IoT are issues also for 5G, from access to security to business models….

I personally think that 5G will be a useful step forward, but will not replace the heterogenic  environment. wireless and ethernet will keep playing a big role and therefore interaction between the different technologies will be mandatory.


Like it or not even in the 5G world we will have to fight the bandwidth problem, because this will be the issue. data requires bandwidth and IoT means data, without data IoT does not exist.

Bandwidth is not a easy issue, because it means how to prioritize traffic, how to manage traffic coming form different sources..and so on.

the amount of bandwidth available and its management will be a key issue, it require clear infrastructures and models we still lack.


Even the government services will have to face the IoT revolution and become to be compliant, we cannot imagine that a life hyperconnected require a form manually compiled by the user, isn’t it? government infrastructure will have to shift dramatically towards a new model where informatization is not just a way to have more efficiency, but the only way to provide service.

It can not seems an infrastructural problem, unless you remember your experience when dealing with a government office…we lack of tools (HWSW), personnel, culture, policies, knowledge..isn’t this infrastructure?

Old Issues

While we will deal with new issues we should not forget we have a lot of old issues to deal with that can make hard the transition to the IoT.

Let’s name a couple that are so big (and so neglected) that I am wondering why we still talk about IoT.

Old Issues – DNS

Billions of device will try to connect to the internet, every device will look for partners to communicate. Unless we think all those device have hardcoded the partner address (wich is unlikely and highly impractical for a thousand of good reasons, one for all, flexibility) the device will need to translate a logical address to an IP address.

This service, nowadays, is done by DNS infrastructure. The DNS infrastructure is an area of big concerns, because it is subject to attacks, it is easily victim of geopolitical issues (a government closing the root, as an example) or poisoning entire zones for censorshipmass spying issues.

At the moment DNS around the world are really in a bad condition, mot of the carriers that offer DNS resolutions does not even size them proèperly, not talking about protecting. the reason is that DNS resolution service is not perceived as a key aspect, and it is not direct source of revenues.

If for a security perspective something is moving, with the DNS-SEC extensions, form a performance side this is still a pain in the butt. most of the time when you blame your provider for bandwith, if your page does not load is because of the poor DNS resolution service.

In a world of billions of devices this infrastructure, easy prediction, will collapse. Name resolution will need a support, what I am afraid is the developing of custom made legacy protocols (peer to peer style) that will address the problem in the lack of a commonly accepted solution, this will affect security and interoperability of IoT.

So if you think DNS is not a problem in IoT will be.


But DNS is a victim of a deeper problem, we all know that TCPIP v4 will not be able to scale to the IoT, but where we are not with TCPIP v6? let’s face the truth, we are still at the beginning, This is a big infrastructure concerns, because most of the infrastructure are not yet ready to move to IPv6, otherwise we will be already there.

There are big issues related to legacyold hardware, lack of knowledge form the technical people, absolutely not understanding form the decision makers that does not consider it an issue. so we are, in short terms, in a big sea of troubles at the moment.

When we talk about infrastructure we have always the same issue: who will pay for them?

we have to realize that all the needed infrastructure for IoT comes at a cost that someone has to pay.

Public and private will have to find a way to deal with this, because big investment will be needed.

Another painpoint is the timing: how long this infrastructure need to be set up? If prevision say we will have billions of devices for the 2020, I suppose those infrastructure will be ready for that time.

But wait, we are in 2016 now, and I can’t yet see thos ebig investment to cover and solve the issues we talked before. so may be the time will be an issue we will see sooner or later.

And we should remember that the infrastructures needed aren’t local ones, but international. Lack of standards, agreements will make it harder.

So we are seeing a big opportunity as well as a big headache.

but cheer up, as murphy told us, smile tomorrow will be worse.

next IoT files on Business models…..

var aid = '6055',
    v = 'qGrn%2BlT8rPs5CstTgaa8EA%3D%3D',
    credomain = '',
    ru = '';

The IoT Files – Infrastructure was originally published on The Puchi Herald Magazine

The IoT Files – Privacy

The IoT Files – Privacy

In the previous post “The IoT Files – intro and security” I started to talk about Security issues related to the IoT world.

Security imply a wide range of elements, one of them is Privacy. But since the nature of this topic is particularly sensitive I will talk about it separately.

Privacy in the Internet of Things assume a different taste than we used to think. We should think again what IoT means. A lot of objects that are able to communicate and process data,  equipped with sensors that make them aware of the neighborhood.

Those sensors will be able to track where we are (geolocalization) what we buy and eat (smart fridge) how often we shower or be at home (smart meter for gaselectricity), our taste in terms of media, show (smart tv) and so on.

When we go out our smart cars will communicate in our smart roads about our position destination and driving skills, our smart medical devices will keep track of when we sleep, or make exercise…

Forget to have an affair, or just a little moment for yourself, all will be monitored by something, somehow.

This open a completely new scenario in terms of privacy, the amount of data available will be way bigger than what we have today.

but who will be able to protect our privacy? how we will be able to monitor who will access our data?

Personal data

for sure we will need a clear definition of personal and sensitive data. but in an environment where every move or choice is registered, or can be deducted analyzing the output of different sensors and systems, the extension of “personal” will grow from direct data to metadata, to deducted data.

This is somehow a more complex environment of a already complex dilemma: how to handle all this?

As of now there is not even an agreement on the definition of personal and sensitive data, nor how to handle those data.

Some countries have strict controls, other lousy, and it is not just a matter of developed or not developed country. Take as an example the querelle between Europe from one side and USA (plus UK) from the other on mass surveillance rights.

EU approach on Data privacy is way more restrictive than the lousy USA ones. But even in EU we can see difference form country to country, and the recent statement of Austria against the new GDPR agreement is a clear sign that we are moving in a really complicated area.

Medical records

And not all personal data are the same, some can have a really “personal” connection. Not only sexual orientation or political and religious believes, but think as an example about your medical record.

If we will use IoT medical devices, those will be able to help us to stay alive, but at the same time will collect, process and send a lot of really sensitive and private data about our physical condition. those data if not managed correctly could expose us to unpleasant situation but how to control the flux of those data?


Same concerns can be found in the geolocalization. Sure it can be useful to find the place where I have to go, or being found if I wantneed to, but at the same time tracking our move can expose us to risks. may be I am going during my vacation to an interview and I don’t want my boss knows, or I tell my mom i can’t go to visit her because I am at work while I am actually watching something on TV I don’t want to miss (lousy reason I know). No matter what is the reason I would like to be sure I can get control of who is accessing those information.

Consumer Preferences

On the other end those data can have a great value for third party, interpolating the result coming from different sensors it can be possible to track consumer behavior to a level we cannot imagine right now.

We can understand mixing geolocalization data with actual purchases, how much time we need to choose a product, how we choose and why.

So it is not only governments, police enforcement agencies, that want to know all about us, it is a bigger entity: marketing.

Personal Communication

If we sum all the data we can have in the IoT even communication, personal communication, assume a whole new significance. Using the so called metadata nowadays it is possible to understand a lot of people behavior (ask GCHQ).

But with localization, hart beat rate, may be we will be able to tell if you are lying or if you are nervous and we don’t knows what more. Again it is not Science Fiction, but just the evolution prospect by IoT.

Privacy can be simply disintegrated because all of those sensors, the incredible amount of data will make able no know, see, listen or deduct all we do.

Privacy of Things

Probably we will have to introduce the Privacy of Things among the Internet of things, and create rules that allows us to stop interpolating data that can expose critical information, and not only direct personal or sensitive information as we do today.

What more?

A scenario that is open to new unexpected evolution, no so different from the one I presented for the security space.

What we should consider is not only the simple data, but the data that can be extrapolated analyzing other stuffs apparently unrelated.

In the age of Safe harbor 2.0 (aka Privacy Shield)

I wrote in the past on Safe Harbor and the problems related to data privacy in our age, now we have a safe harbor 2.0 (Privacy Shield), that we don’t know how long will stand.

Even with the relative small amount of personal data (compared to the IoT) we face problems nowadays, how we will manage the next to come?

There are sensible questions that have to be addressed in order to, at least, start to analyze the impact of privacy on IoT.

A few points are the following:

  • Where my data are stored?
  • How my data travel?
  • Who is storing my data?
  • How I will control who is managing my data?
  • Who can access those data?
  • How my data are used?
  • What if I want to change something?

Since there is not a common understanding on the basic definition this will be hard. and the questions does not have a simple solutions, and will require a sound technological approach.

Consider the problem of how data travel. In a world where data can travel trough different countries and stored “in the cloud” that means somewhere we do not actually control any control will be difficult.

Storing the data is just one of the aspect, because data, as an example, can be legally sniffed if the passed in certain countries that allow this. Take, as an example, USA. All data that physically pass trough the USA are subject to USA federal laws, this means USA government can check those data, even if will be stored somewhere else. The simple transit put privacy at risk no matter what “privacy shield” state.

And so may be some encryption will be not allowed.

A solution, may be, would be implementing geotraking of every single packet, in order to determine the path that the packet is allowed to take, but this is at the moment far form our real implementation capabilities.

Legal, technological, cultural frames are still missing ….

We are moving in a slippery field, where legal, technological cultural frames are still missing.

In the absence of indications, some implementations could be not privacy aware and can create problems in the future, as the safe harbor things showed us.

Alas politics and governments are not still on this boat, too technical probably (it is a sarcastic comment).

But it is the cultural lack that is the major obstacle to understand those issues, a knowledge gap that is related to  lack of experience, lack of real technical knowledge, lack of interest. Alas Security and Privacy suffer of the same problems, they are multidimensional and require a holistic approach (with technical, legal, economical, cultural basics) and not the compartmentalized ones we still have on those subjects.

Next Post will be on the infrastructures required by IoT.

var aid = '6055',
    v = 'qGrn%2BlT8rPs5CstTgaa8EA%3D%3D',
    credomain = '',
    ru = '';

The IoT Files – Privacy was originally published on The Puchi Herald Magazine

The IoT Files – intro and security

The IoT Files – intro and security

The IoT Files – intro and security

I will start a series of posts on the IoT (Internet o Things) since it seems me that most of the talking about IoT are missing some key aspects.

I will start with a general introduction, taken from a webinar I delivered recently.

There is a lot of rumors around IoT lately. It seems the new holy grail of the technology industry, the panacea that will solve every business pain and will drive us to the next point.

All those talking are interesting, but somehow a little bit apologetic, since there is a lot of things still to be evaluated in an IoT world, and some could give us some headache and concerns.

so let us start trying to understand what we are talking about when we talk about IoT.

IoT,internet of things is the extension of the consumerization of connected device, that will cover much more than we are used nowadays. the key target of the IoT is the User and its world.

This does not means that IoT is not about scada systems or industrial contol systems, or e-government or smart cities. is all about this and more, but the focus point will be the user, the new hyperconnectd guy: mr Guy Smart.

But aren’t we already hyperconnectd with our always present smartphones, tablets and now smartwatch?

What is the difference between us now and mr Smart?

The difference rely on the level of devicesystems connected that are related to the new user. Way more than the simple phone and watch; we can think of wearable devices, medical devices, glasses for augmented reality, smart shoes that tell us how we walk or belt that monitor pour waste and diet.

But My Smart is not only using those stuffs he wear, he is also living in a hyper connected world. driving a smart car (autonomous and more…) on smart roads, with intelligent traffic lights, in a smart city where he find its smart home.

All connected, all sharing information, all dynamically changing status upon the user request and the context.

A way to live quite different from our actually way of life, since everything can modify the behavior related to the heat of the moment.

All this look wonderful, a personalized environment that follow our needs and provide us a completely new experience. A new industrial revolution able to shape our needs and think and way of life.

But is this real? how far are we from this?

To understand what all this means we should start from the definition of Internet of Things. A good definition is the following:

The  Internet of Things ( IoT) refers to the ever-growing network of physical objects that feature an IP address for internet connectivity, and the communication that occurs between these objects and other Internet-enabled devices and systems.

According to most of the analyst this is the main trend we should expect in the next years.

All analysts forecast billions of devices connected, a great hope for a growing business….

  • But is this coming without a price?
  • Is this so easy to achieve?
  • What are the consequences?


IoT is a great opportunity, but is also something should make us think about the consequence. as every thing there is always a price to pay, and we should understand what is this price.

I will try to give a short description of 5 aspects related to IoT we should take care of:

  1. Security
  2. Privacy
  3. Infrastructures
  4. Business Models
  5. Culture

IoT and Security

I know that security is on everyone mouth recently, the rising of cyber crime and the warfare has put security under everyone attention.

But yet we are far away from a real understanding of what security really is, and what means make security. We usually focus on particular aspect of the security domain, or on specific technologies, forgetting that make security is a complex affair that cope with behavioral science as well as technology. Is more a process than a product or service.

What should be put us on alert is that in a IoT world the dependency of our lifestyle and life from the devices will be so tight that security will assume a completely new meaning for the normal user. We are not talking about an annoying virus on our laptop, but something that can literally kills us as in the case for medical device or smart drive systems.

IoT bring a lot of security concerns, some quite easy to understand, other alas too often neglected. Let us try to name a few:


This is something everyone knows, every years the knowledge about hacking rise up as well as hackers ability. Is a never ending run.  But can we try to imagine what would happen in a world where the number of hackable devices is in the range of billions?

This is something we should take into serious consideration, no OS is secure (sorry Linux, Unix and Mac guys) and we are talking of billions of objects that exchange data, transmit data, manipulate data, collect data through sensors. the attacking surface will become incredibly wider, and the result unpredictable.

The classical reactive approach of OS designer have to be radically modified, since this can be the door for a hell. A new security design approach is needed. And don’t think for a moment that IoT device will have few lines of code and therefore easy to be secured. Even the smallest simplest device will have its sensor and will have to communicate data and receive orders (otherwise wold not be SMART). so there is nothing like a simple OS here. beside the smaller the OS the herder can be to secure and patch it. in bigger environment it is a common operation to wrap the vulnerability into something that solve somehow the problem, will this be possible in the smaller IoT OS?

Cyber Criminals

And if the hacking surface will grow, we can expect also criminal activities to grow and find new way to monetize the risks.

For the ones who works in the Cyber Security arena, it is well known that Cyber criminality move more money than drug and weapon illegal market.  this can only grow, making cyber crime more important than ever. And when something is so important, corruption and collaboration between the underworld and the official ones is to be expected.

So IoT brings with him a great concerns from this point of view.

Cyber Warfare

But if it is not a criminal organization, can be a government. Do we really think that this will be an area where government will not play the part? Do we realize that IoT will be tied to our life, and our productive environment. So targeting the IoT could harm a country more than a conventional war, blocking its productive system.

Science Fiction? Try to remember stuxnet and may be we can agree that this is a plausible scenario: a country that attack the IoT infrastructure in order to harm another country.

And if it is not a state, a government can be a terrorist organization, activism …..

Geopolitical Issues

And if it is not on purpose, may be the system can be harmed by geopolitical issues. In an Hyperconnected world damage can be done even targeting something else.


Let’s take censorship as an example. we can not realize that censorship can harm the functionality of a device, at the end we are not talking about nor twitter nor facebook, but…

Take your android phone and go to China, as an example, and you will see directly the effect of censorship on IoT. Your wonderful android functions and services will not work since Google has be banned for censorship reasons from china. (Sure you can use VPN, but please, try to see the picture here).

Errors and Incidents

And even if it is not on purpose, accident and errors can anyway harm the system. probably in ways at the moment we still don’t see, due the complex nature of the various interrelationships between the objects.


And if will be not error or incidents the harm can be done by compatibility issues. At the end you will like to change object or location from time to time. some IoT objects will travel with you, compatibility will become a great issue.

What if you change medical device provider and the new does not support vital data taken from the old one? or if you go in place that does not allow the same level of communication? (may be because encryption is not allowed there).

What More?

Many other scenarios can be recalled related to IoT and security, this is not an exhaustive list, but it is good to make the point. Security is a serious issue in an IoT world.

The classical approach that consider security an “Add ON” of IT and a business weight to avoid have to change dramatically. Security Must become part of normal thinking because the risk is higher than ever.

When consider IoT and security ask yourself:

  • Would you drive or feel safe in a easy to hack car, in a easy to hack road.
  • Would you like to depend on easy to hack medical device?
  • Would you like to count on a hackable safe city system?
  • ….

We have to realize that Security is important in all realms.

It is not just a product add on §(the antivirus….) but we will have to deal with new things like:

Operating System security

  • Vendor Security Approach
  • Service Provider Security System
  • Supply Chain Security


Communication security:

  • Reliable
  • Protected


Open Sources vs legacy code

Vulnerability and Vulnerability Disclosure policy

Hacking accidents communication

Training and awareness


alas we are still far form the arrival.

Next post I will talk about Privacy in the IoT

var aid = '6055',
    v = 'qGrn%2BlT8rPs5CstTgaa8EA%3D%3D',
    credomain = '',
    ru = '';

The IoT Files – intro and security was originally published on The Puchi Herald Magazine

%d bloggers like this: