Protecting Your Digital IP with Mid-Layers: Adding Value While Maintaining Flexibility with Third-Party Systems

In today’s fast-paced digital landscape, businesses often rely on third-party systems to enhance their operations, streamline processes, and offer innovative services. However, this reliance can expose companies to risks, particularly when it comes to protecting their intellectual property (IP). One effective strategy to mitigate these risks is to develop mid-layers—software layers that add value to your business operations while being loosely coupled to third-party systems. These mid-layers not only protect your IP but also provide flexibility, control, and a competitive edge. In this post, we explore the concept of mid-layers and how they can safeguard your business’s intellectual property.

Continue reading “Protecting Your Digital IP with Mid-Layers: Adding Value While Maintaining Flexibility with Third-Party Systems”

Is 2024 the year when travel gets personal ?

Identity Management in Travel: Evolving Policies and Innovations

In the ever-evolving world of travel, identity management has emerged as a critical component for ensuring both security and seamless customer experiences. Reflecting on the thoughts I shared in my previous blog post, “In the future, who will own my personal preferences?”, and after listening to some amazing talks in Barcelona. It’s evident that the landscape of identity management has undergone significant transformation, particularly within the EU and through initiatives spearheaded by the International Air Transport Association (IATA).

Continue reading “Is 2024 the year when travel gets personal ?”

Are APIs going to be a thing of the past ?

During the recent phocuswright europe conference, they discussed that LLMs would soon start talking to other LLMs effectively replacing the need to integrate, as each LLM would be able to exchange through language with each other., and this got me thinking.

The evolution of APIs –

As we witness rapid advancements, the conventional methods we rely on are continually being challenged and sometimes replaced by more sophisticated solutions. One such transformative shift is the potential for Large Language Models (LLMs) to replace traditional APIs (Application Programming Interfaces). This evolution could fundamentally alter how machines communicate with each other, opening up a new frontier where LLMs interact seamlessly with other LLMs.

Continue reading “Are APIs going to be a thing of the past ?”

Digital transformation: more human than digital.

Us humans are a funny lot! We’re quite stuck in our ways. We like to do things the way we do, we do not really embrace change even if it’s for the better.

Digital transformation is everywhere at the minute as businesses aim to become more efficient. But a digital transformation project isn’t a one size fits all plug and play solution.

Digital transformation requires the business to change, and that change is one of the biggests risks/success factors for a project.

A good team is one who can ask the right questions, determine un-biased answers to map out the essential parts of a system (systems theory) from the business stakeholders.

Then when suitable enabling software can improve a business, for it to be mapped against these goals and for the business to adapt for the benefit of the business.

The human engineering aspect is a larger hurdle than the technological one. People first, technology second. Strong leadership, guidance is essential.

Security Design patterns: CIA triad

CIA Triad

When reviewing systems, I use this model to provide useful context to ensure that applications/services have sufficient processing to ensure data security is managed and maintained.

Confidentiality – what level of secrecy is expected for this product or service, how do we protect it, how do we allow access to the data

Integrity – how do we protect the data, how do we prevent unwanted modifications, how do we maintain consistency, how do we know what changed and who changed it.

Availability – ensure uninterrupted access to the data

My COVID-19 challenges.

I manage a series of different teams, many of which were office based and desktop machine oriented when covid-19 lockdown occured in March 2020.

Before we had the 1st lock down in London, our India team were warned of a potential lockdown due to a nearby office having a case of COVID. We thought we had 2+ weeks, in reality we only had 1.

We’ve been embracing cloud for a while and many of our services and tools were already cloud based, but over 60% of my users were desktop based and our shared DBs were a mix of on-prem and cloud.

We have policies set around IPs and how our machines were configured which we didn’t want to circumvent.

We went about quickly establishing a new gateway VPN service in the cloud to act as our central point for remote workers. After a few challenges all our VPN tunnels were up and working. Annoyingly, most cloud don’t provide native SSL VPN solutions (server to client), so we used a combination of 3rd party appliance and cloud ipsec connections to deliver our solution.

For Desktop users, we were fortunate that most of our staff had personal laptops but these machines (a) did not have a corporate policy, so could be a risk to our network and (b) were not necessarily that powerful.

To support these users we wanted separation between the users own (un-trusted) PC and our systems, we implemented that via a new AWS workspace account. The workspace let us setup a base image and deploy it to our users quickly and it gave us confidence that the machines access our trusted LANs followed our policies and did not introduce any risk to our systems.

The more complex part was routing calls, we were fortunate to have a SIP based phone system, but with off-shore teams this is a little more complex as there is legislation over the use of SIP as well as challenges with quality. Fortunately we were able to bridge the networks through the perimeter gateway router and route the call back to the UK via the MPLS links. We were fortunate that local connectivity was good with regard to quality, so it only added a few ms to the round trip. We introduced a variety of softphones and wifi phones and quickly implemented a distributed solution. It wasn’t perfect as there was sometimes latency, but it was acceptable.

In 4 days we had a solution which was ready which was fortunate as both India and the UK entered lock down sooner than expected.

That infrastructure has been running now for 6 months and on the whole running well.

What did we discover;

Not all SIP softphones are the same.

In the UK we opted for Apple IOS Sip phones for execs. we downloaded from the app store and these worked great outbound but were a bit intermittent for inbound.

It turns out keep alive isn’t properly supported in IOS. For those who were using their phones it was fine, but those who didn’t were not able to receive calls. Not something that the vendors state on your page.

After some investigation its an intentional design decision by apple, however fortunately the makers of Groundwire designed a softphone built around push notifications, we switched to that and it works great.

AWS Workspace is good, but AutoStop isn’t what it appears.

I’d budgeted for AWS workspace, an additional but necessary expense, but what I didn’t realise was that an always on solution works out cheaper if you users are using for more then 4.8h a day (5 days a week).

Taking into account the machine is otherwise off you would expect that the resources could be shared, but apparently not. If you are using AWS with AutoStop enabled, you could be paying significantly more than you need to.

Power and Internet are not always reliable.

In India especially, floods cause interruptions, and power isn’t as reliable as in the west. Staff are impacted in various ways and face times when they’re off, so you have to be flexible.

A non-work environment isn’t great for everyone.

Extreme heat in some places can make working conditions difficult for those without AC at home. Lacking a quiet place for calls, not having a space where the staff feel happy to show on video are all challenges which we didn’t face in our office environments. Being flexible on hours and working pattern can help.

Zoom, Google meet, slack, and Microsoft teams are your friend but they can’t fully replace face to face.

Conference calls are essential, video on by default is hard to encourage. For me the whiteboard on Zoom is the closest to colaborating in person and I’m always using it. Your face can express much more than your voice. Discourage mute as much as possible.

Check for changes in productivity and morale.

Being away from the office can be isolating, it can also be disruptive. It takes self discipline and it’s easier for some than others. Keep a check on performance and have discussions if performance changes early to check-in and help.

What changes will I make when we’re allowed to return to the office?

As a remote worker myself, I think COVID has helped demonstrate that working remote is possible for a lot of businesses.

For some businesses there will always be benefits of being in an office for most of the time, but for developers and product people, I think there’s benefits of working from home. I think this comes down to trust and environment. Systems shouldn’t be the blocker.

I’m not an advocate of working from home entirely. It can be challenging. But I am an advocate for remote working. So for me, I’m happy for teams to continue working remotely, but I’d like to see teams meet up at least once a week (both professionally and personally), and as a whole for the business to get together once a month. Social interactions are essentials, a life behind the screen can get routine, and that isn’t human.

When it comes to systems, I don’t plan to remove the remote gateways. Previously my users requested Desktops over Laptops because Desktops are faster. Going forward I believe we will have a laptop workforce, with more of a hot desk approach.

Theme parks in covid, are we ready?

As the UK now starts to open up its services, my family decided it would break from the 3 month stuck at home cycle and venture to a theme park (Partially driven by an expired offer, which was extended by a few months).

For background; I’ve not been out other than some shopping and to spend some time outdoors. So the idea of being out all day was a little strange, but there comes a time when we need to returning to things we once did!

On 15th July, we visited Chessington World of Adventures (near London). On entering the park we were asked to socially distance in the queue and have our temperature checked. This was expected but there were a number of people who just didn’t appear to get it !

The park by their own admission was quite busy (apparently the busiest its been in a few weeks), but not full in any way.

Queues.

The park had set out yellow paw prints on the floor to separate people set at 2m, but it felt like 4! There were posters and announcements asking people to stick to i, but it was clear people didn’t want to keep their distance. ( I was fortunate not to have to ask people to move away! )

To note, although you’re keeping distances, the queues zig zag past the queue on the other side. So I’m not sure how useful keeping your distance is in reality because you’re going to be in contact with someone to your left or right (or both) at some point in the queue.

Park hygiene

All the resort staff were masked. Hand sanitiser was at the start and end of each ride (optional to use).

The rides closed every 30 minutes (for about 5 minutes) to allow for deep cleaning, but that was mostly someone spraying liquid over the rides, which was not then wiped or dried off. Being honest I’m not convinced the spray would catch all the virus, and had expected it to be wiped to cover the entire surface. With the spray not wiped down your presented with a sticky damp seat, and surfaces.

Every ride has some form of queue and hand rails – during my time I hadn’t seen anyone wipe these. During the queue, its inevitable your’ll be touching and leaning on these whilst you wait.

Some rides required masks, people obeyed and wore them as directed, but other than that most people were not wearing any form of PPE.

I think we were lucky, the people in front and behind left space, but on a good few occasions, queues were bunched up. Some people kept more apart, others however didn’t – (there were announcements).

The queue length was quite excessive at times (way longer than advertised – no doubt because their time systems can’t adjust to the rides being at reduced capacity, so provide misleading queue times)

Conclusion.

We had a good time even though it was weird. I’m not sure I’d do it again for a while though. Clearly not all guests are prepared to keep social distances, and thats always going to be an issue.

The park wasn’t too full, when we were not queueing there was space, but the queues made me feel exposed. Let’s hope the checks on everyone’s temperature is a reasonable and fair test to ensure that a asymptomatic carrier isn’t mingling amongst us.

Advice to Chessington: wipe down your rides when you clean them, wipe the hand rails rails, and probably at this stage make masks compulsory in your resort.

As flight prices are predicted to rise. Are vouchers for future travel a false promise?

In this COVID-19 world, airlines (and most other travel businesses) need a regular supply of profitable bookings to survive. Deposits and pre-payments for advance travel was and still is the norm (an up-front commitment in exchange for an advance discount).

For Airlines, a plane needs to operate at 65-70% full to break even and near full to make profit. Anything less is uneconomical.

Most long haul carriers (BA, Lufthansa etc) rely on travellers (mostly business) paying a premium for flexible fares and/or premium cabins with economy passengers filling up the remainder of the plane. Short haul needs a high percentage of profitable seats too, the low cost seats previously sold early at rock bottom prices are likely long gone (no more bargains under ÂŁ30).

As flights are being cancelled, airlines are forcing/encouraging customers to take vouchers. This behaviour is understandable as the airline wants to protect their revenue and you’re able to support the airline you booked with. However this voucher may be a false promise, this voucher is for a value, not a replacement ticket.

60% of recent travellers anticipate a return to travel within one to two months of containment of the COVID-19 pandemic but 40% indicate that they could wait six months or more

IATA Commissioned survey

Business travellers will initially travel less (businesses will have seen the opportunity for remote working and will no doubt reduce expense budgets to recover their losses), less premium travel will occur, resulting in less high revenue seats sold. The net result; an overall average cost increase across the board to bring the flight to a break even point and above.

For an airline to cover its costs, the price of the ticket will have no choice but to increase. For the next 6 months there will be fewer people flying, reduced seat capacity (for social distancing) and less premium cabins sold. This restart is going to be one of the airlines biggest challenges, especially low cost airlines (who will most likely struggle as their main consumers will likely have a ceiling price limiting what they can afford to pay).

For the world economies to restart, people need to make and spend money and travel plays a role in that. Passengers wont travel if it’s un-safe, and especially if their insurance doesn’t cover them for medical costs. The restoration of air travel to levels in 2019 will take time (most likely years) and this is mostly associated with consumer confidence and affordability.

My Advice: If you have travel arrangement booked and you can change your date to next year (for little or no fare difference), you are likely to be better off moving your flight now vs converting to a voucher (or cash) and waiting. If you already have a voucher, use it as soon as you can, don’t wait.

Prices wont suddenly sky rocket so high that its only affordable for only the elite! There will be deals, but those low low fares will be a bit higher. If you were lucky enough to buy a ticket at ÂŁ45, this might be ÂŁ60-90. That business fare you could occasionally get for ÂŁ1050 may be ÂŁ1250.

Note: Under normal conditions airlines have a change fee (a fee + fare difference) and cancelation fee (which on discounted fare is often 100%), by changing your flight you are entering into a new agreement. It’s not advisable to just pick a date assuming you can change it again later. Airlines have temporarily relaxed their conditions to help consumer confidence. Take care if you re-book, only really do so if you intend to travel on the revised date.

This is a really challenging time. Aviation relies on volume, without volume airlines cannot offer discounted fares without running at a loss. Perhaps the airlines need to offer some assurances for those who previously booked to provide a guarantee of some kind. Without this guarantee it’s likely those vouchers will trigger yet more refunds in 12 months time for vouchers which couldn’t be used.

Further Reading

economics of aviation – https://www.youtube.com/watch?v=BzB5xtGGsTc