A few months ago I wrote about how every company is becoming a tech firm as a growing number of companies have to contend with digital information about their business or have to produce connected products and services.
Maybe I was wrong.
While every company does have to deal in tech, the idea that every business has to understand and manage the challenges of operating as a tech firm might put us all in danger. Nowhere is this becoming more apparent than in the area of security.
Expecting companies that have made physical products for hundreds of years to suddenly understand and build digital competence in their organization feels like expecting a restaurateur to grow its own food. Sure, for some special and expensive circumstances it might work, but for most, it’s ridiculous.
Instead, non-tech companies should take advantage of the work that has occurred in the technology industry to abstract the hard aspects of building a connected device and the associated infrastructure that goes with it.
Others seem to be coming around to this way of thinking, which is why Microsoft on Thursday said it would create a new IoT offering for companies.
Microsoft’s IoT Central is basically a layer above its Azure platform. Instead of having to piece together storage, computing and various database and analytics services for a connected product, Microsoft now offers everything pre-packaged for companies.
“Customers are interested in the business value of IoT, and we make it easy for them,” says Microsoft’s Director of IoT Sam George.
George says Microsoft will sell IoT Central to customers building connected products but also to systems integrators that might offer it as part of their own suite of products to get things online.
Microsoft isn’t the only one trying to make something that is difficult much, much easier. Last week when discussing the challenges of IoT security with Electric Imp’s Hugo Fiennes, he convinced me that securing connected devices was probably better done through an outside expert that manages a platform whenever possible.
His argument is that it is inefficient for each individual maker of a connected device to pay the ongoing cost of maintaining and patching their products. Instead of a medical device company and an appliance maker footing the bill, why not invest in a platform that handles those complexities and spreads the costs of security around to all of its customers?
In the case of Electric Imp, that means a customer puts an Imp module in their end product and pays a service fee each year.
As hacks related to inexpertly configured databases and unpatched older devices hit the news, I’m beginning to think relying on an expert that’s only dedicated to security is a smarter plan. Yes, then the platform becomes a larger target, but it is prepared to accept and face that risk.
If we accept this view of the world, then the question is really what aspects of building a connected product get outsourced. If security is hired from a platform provider which may or may not provide the connectivity and even underlying management and tech infrastructure, then what does the non-tech business offer? Another question is how the tech firms create alliances to offer these abstracted services to customers without compromising security or creating bottlenecks.
Right now, everyone is lurching toward the internet of things with varying stages of understanding about what it takes to offer a connected product over the long term. For most manufacturers used to producing cars or appliances, for example, connectivity offers a way to create an ongoing relationship with the customer and valuable data that can improve their products and services.
But it also offers them a chance to become big news if their products get hacked and an opportunity to spend chunks of money competing with the best in the tech industry for engineering talent. Those are chances most firms would probably rather not take. Why become a tech company if you don’t have to?