Arvind Ravichandran, Associate Software Engineer
Bosch Engineering and Business Solutions

If you guys have read my previous article, I would have emphasized on the term IPSR, the most essential four letter word that is utilized to arrive at an End-End architecture. Once you have arrived at an architecture that suit your needs by benchmarking and selecting the right tools and databases, IDDT is the next thing to look at.

In simple words, IDDT is giving life to your architecture by bringing what is on the paper to reality. Planning the infrastructure, engineering the software development, practicing devOps and testing your system to make it resilient and robust is the essence of the IDDT approach. Rather than going too technical and deep, I will keep it simple by detailing about my experience in implementing this approach.

Infrastructure

Being in this industry for a while, I am suddenly witnessing a massive shift or interest inclining towards cloud and cloud-based solutions (Even the numbers prove it – Microsoft hitting $100 billion in annual revenue for the first time and Amazon, 2nd company to hit $900 billion valuation). This is obviously a win-win for everyone – the developers, the clients and of course the cloud providers. There are plenty of articles circulating the web since ages on the advantages of cloud and I won’t be repeating them here again. Personally, I love cloud as it is extremely quick to provision whatever I need, experiment on it, shut it down if I don’t find it suitable, and all this can be done in a matter of hours. I still remember my initial days where I spent weeks installing Cloudera Hadoop distribution. Also, it is never easy to arrive at an on-premise infrastructure sizing as you would be estimating it in advance. However in case of cloud, you can easily scale as you grow.

There are three main cloud service models viz IaaS, PaaS, SaaS. Here we developers, must decide on the model that best suits our use case in terms of time to develop, resources, cost and maintenance. To understand the three cloud models, let’s take an example of running a restaurant. If you need to run a restaurant, providing just the building is IaaS, giving you space in a shopping mall’s food court is PaaS and giving you a ready made KFC shop is SaaS.

Deciding on the right services to be utilized in the cloud is an art, as there are various metrics to be considered in choosing a service over another. We as architects, brainstorm together on getting the right mixture of cloud services considering various factors that include security, application type, storage, time to develop, ease of provisioning etc.

Development

As the infrastructure is getting ready and provisioned, the development team will start building their codes in parallel. The core area for any development team would be its data processing layer where the data load is heavy, resources are utilized to its maximum, complicated logics and algorithms are designed to work in parallel using distributed processing frameworks, ML models are built by understanding the data, feedback pipelines are designed for the ML models and the list goes on.

Pierre Nanterme, Chairman and CEO, Accenture and Jean-Michel Blanquer, Dean

and President of ESSEC Business School

We are in the midst of an unprecedented revolution that is disrupting the economy and management at lightning speed. Today, the major challenge for all companies is digital transformation. And indeed, the changes underway are radical, rapid and profoundWe are not witnessing just one digital revolution, but multiple digital revolutions that are taking place as technologies reach maturity (e.g., interactive marketing, big data, cloud, 3D, artificial intelligence, blockchain). Other technologies will certainly follow.This is not just a concern for a few specialists, but for everybody, because all sectors, all activities, all corporate functions and, therefore, all jobs are affected. This is true not only for companies but for society as a whole. It’s why this digital revolution has been called The Fourth Industrial Revolution by the World Economic Forum.The first wave of the digital revolution was around eCommerce and customer experience: design thinking, interactive marketing, mobile solutions and data analysis all allow for an increasingly personalized multi-channel customer relationship. The second wave is the digitization of corporate functions to enhance operational efficiency and cost flexibility, such as IT management in the cloud and process automation.The next and most transformative wave will be the digitization of operations: Internet of Things, artificial intelligence, blockchain, which will allow new productivity gains (e.g., predictive maintenance of machines by analyzing embedded data, augmented reality support for technicians) while creating new services, such as autonomous cars and connected cities.At the heart of these transformations, new professions (e.g., data analysis, cyber security, customer experience) are emerging and, above all, new ways of working and interacting, new economic and organizational models, and new levers of innovation are being created.In a world that is at the same time open, complex and uncertain, the major challenge for companies is to understand all the implications, especially managerial, of these digital revolutions. Therefore, the managers’ responsibility is to create, structure and disseminate within their teams a digital culture, which should be a unifying element and a foundation of the company of tomorrow, much like its mission and values.In this context, younger generations have a special role to play in companies: they need to be the spearheads of the digital transformation and the champions of this new culture.For the company, this means listening to and understanding the concerns and expectations of younger generations, and adapting accordingly so that they can express their talents, creativity and value. The current development of “EdTech” owes a lot to young people who have recently graduated from school or university.The digital revolution has also created a path for new educational models. Students entering higher education must therefore prepare themselves to become agents of change. From now on, acquiring a digital culture must be at the core of all types of higher education, be it engineering school, management education, medical school, artistic disciplines, or even the human and social sciences, as the societal implications of the ongoing changes are considerable. This also applies to technical and vocational training.To meet this challenge, ESSEC Business School has transformed its educational offerings by creating specialized training courses, such as the Accenture Chair in Strategic Business Analytics, and through the evolution of its MBA program. This new top-level program, offered in both France and Singapore, is resolutely focused on the challenges of business transformation, with a choice of six majors corresponding to broad fields of activity: Finance, Strategy and Management, Entrepreneurship and Innovation, Luxury Brand Management, Hospitality Management and Digital Business. The program enables young professionals to acquire a strong digital culture and merge it with their professional skills as they look to the future.

This combination is the key to creating value for business and building a successful career. And indeed, designing an academic program and a diploma to answer the most important questions of our time is the most fundamental task of an educational and research institution.

Sriram Ranganathan, MBA,
Managing Consultant, Capgemini

The upcoming GDPR implementation deadline – May 25, 2018 – is making organizations within Europe lose sleep over compliance, data breach protocols and rights of individuals regarding collection and use of their personal data.This article focuses on a (perhaps) unexpected consequence of the upcoming regulation:

Enhancing an organization’s security capabilities just got more difficult because of the panic being generated by the GDPR.

GDPR – With great power comes great responsibility

(Personal) Data protection in Europe has always been a relevant topic. History shows they have been enacting directives and regulations regarding this since the end of World War II. Now with the GDPR, a level of accountability is directly placed on the shoulders of data controllers and processors by defining uniform guidelines and protocols around collection and handling of personal data, right of individuals to participate (or not), data transfer across countries and obligations of controllers and processors to be transparent towards customers and regulators. All organizations are, in one form or other, data controllers for their own data and potentially data processors for the data of others. In that sense, the GDPR potentially touches 100% of organizations doing business in Europe today.

Link with technology (Cybersecurity / Information security platforms):

The best way to handle a data breach is to not have one in the first place. Not only does it make perfect sense to avoid having your business data (and your reputation) on the street for all to see and exploit, but in several countries, security compliance (ISO 27001) is a regulatory need for operating certain businesses. In a virtual game of cat and mouse, organizations are investing heavily in cybersecurity technologies to build “impregnable” walls around their data assets while cyber criminals are finding sneakier ways of gaining access to data.

Intelligent firewalls, encrypted laptops and mobile devices, mobile device management, network vulnerability scanning, next-generation / intelligent anti-malware, identity and access management tools, threat intelligence tools, SIEM solutions – organizations are using multiple technologies to protect their data against theft and leakages.

The problem (Project Manager’s perspective)

The cost of these technological solutions can often run into millions, depending on the size of the organization. Both from a ROI perspective and to actually have their information assets protected, organizations are naturally keen to have these platforms operational as soon as possible. That is where – with my Project Manager’s hat on – the GDPR just made my life more difficult.Our friend, the DPO (Data Protection Officer), has a very different view on organizational priorities than the CISO (Chief Information Security Officer). By the very nature of the beast, security platforms are highly intrusive platforms. They look into computer systems, mobile devices and networks, sniff data at rest or as it passes through the network, run analysis algorithms to detect anomalies and store tons of data – including personal data – for advanced analysis and threat intelligence. This helps them fight a war with cyber criminals where the rules of engagement change regularly. Technology changes, hackers launch newer attacks everyday with newer weapons and these platforms must guard the organization against (yet) unknown threats.From a security viewpoint, the highly intrusive behavior is (IMO) logical and required. From a privacy viewpoint, this smashes a key element of the GDPR (data protection) regulations – the rights of data subjects to be informed clearly regarding what data is being collected, for what reason, and how they can opt out if required (and any related consequences). Having once informed the data subject, the data collected must not be used for any other purpose without another round of informed consent. With a typical organizational security landscape comprising multiple security platforms from multiple third party vendors – and with the internal engineering of the platforms as a black box – this has all the ingredients required to give the DPO a big headache.

Typical questions asked by a DPO are:
What personal data is collected, where is it stored, for how long? Can we not “not collect” this data and still achieve our objective, or minimize it or anonymize it in any way?Has an informed user consent been taken w.r.t. collecting personal data? Can users say no or opt out later (tricky, tricky question)?Can the data be used for profiling purposes (even if it is not collected for that purpose) and what could be possible consequences of such profiling?Where is the vendor located? Does the vendor have access to this data? Does the vendor have non-European subcontractors who have access to the data?

Have the organization’s legal eagles signed off on the respective DTAs and DPAs?Remember, here we aren’t talking about application development where the PM has complete control over changes required to comply with GDPR requirements. Security platforms are (mostly) specialized software developed by specialized vendors, and while you can always configure the platform parameters, the ability to radically change the behavior of these platforms is highly limited. These are black boxes, often with their crime fighting intelligence shrouded in intellectual property, and supported by product documentation which is (to put it kindly) not ready for the GDPR world.

In the new GDPR world, till satisfactory answers can be provided for the above – and many other questions in similar vein – forget going live and operational. The Project Manager will spend the majority of his time trying (not) to strangle the DPO who will steadfastly point to provisions in the well intentioned GDPR to stop the PM from achieving his project objective (which is the CISO’s objective, which in turn is the organizational need – at least, that is what the Project Brief said).

Is this a new problem?

The concern for Privacy is not new within Europe. Most mature organizations have long adopted “privacy by design” as a regular part of the requirement and design process.

Technology platforms being intrusive is also not new; talk to security professionals over a cup of coffee and they will tell you stories that would make your hair curl. Take Google as the most simplest of examples of how our internet behavior is so well profiled. Another simple example would be trying to access unsuitable websites from your office network. And the Android and iOS apps on our phones that run constantly in the background… Let’s stop already!Of course, “they” can track your IP and see everything you do on the internet. Of course, you didn’t given an informed consent despite the 100 pages of tiny text you accepted. Of course, you cannot say no and still receive the same level of service.

So this problem isn’t new but the strengthened focus on the PIA (privacy impact assessment) findings is new ever since the GDPR became a household name. Traditionally, privacy impact was a check box that needed to be ticked but it wasn’t sexy enough to be a project showstopper. Everybody tried their best to comply with guidelines, and good enough was often good enough. Well, not any more!!!

So why the panic now?

Coming back to security platforms, while tracking and collecting of (personal) data isn’t really new, till now 100% compliance was largely ignored due to security being seen as a greater need. With the WannaCry, Locky and Petya ransomwares gaining wide notoriety and with Russia, North Korea and the US confusing the world over who hacked who – businesses needed to protect themselves, everyone understood that!What changed is the GDPR bringing in various categories of financial penalties as part of a controller’s (or processor’s) liability w.r.t. violations. In the GDPR world, these penalties can be virtually business ending penalties, with a maximum possible fine of €20 million or 4% of annual global revenue, whichever is higher.

Data Protection complexity is extrapolated many times over when you consider country specific regulations for companies operating in multiple EU countries. The GDPR is the minimum required, the country specific regulations come on top.

The DPO has an unenviable job on his hands. With a hugely understaffed team and GDPR regulations that are verbose and interpretative in multiple ways, he must evaluate every project that comes in, with the threat of that €20 million (or 4% global revenue) penalty hanging over his head. Try explaining to the CXO why you are being fined for non-compliance with a EU wide mandate which has been tom tom’ed from the high heavens since last year (still too late, IMO, but that is another story).Give a green signal to these security platforms that poke and peek into everything? Forget about it!

What can you do (as a PM managing security rollouts)?

Stephen Orban

Over the last eight months, I’ve written a series of posts detailing several best practices for enterprises using (or considering) the cloud. These are practices I encourage any technology executive or professional looking to transform their business and/or career to consider. They were first inspired by my time as CIO of Dow Jones, from 2012 to 2014, where the cloud quickly became the second most impactful means by which we changed technology’s role within the company (the first most impactful being the amazing team of people that made it all happen). Since then, I’ve had the opportunity to continue refining them through my work with other technology professionals, many of whom come from the largest companies in the world and all of whom are at various stages on a similar Journey. Over the last several weeks, I’ve found myself sharing links to individual posts as a follow up to some great conversations. I believe these best practices will lead to better results when they’re practiced in concert, so rather than continue to share links one-by-one I’m hoping that this post will serve as a useful table of contents into all the best practices I’ve written about.

Preface: The Journey

I wrote about meaningful cloud adoption being a Journey — an iterative process that allows organizations to move faster and devote their resources to the things that matter most in their business-in this post in September of 2014. Then, in December of 2015, I created this post as a kick-off to a more in-depth series examining some of the best practices that enterprises employ on their Journey. The “chapters” that follow contain links to all the posts I’ve authored on each of the best practices.

Best Practice One: Provide Executive Support

Today’s IT Executive is a Chief Change Management Officer
Today’s CIO on Merging Business with Technology
What Makes Good Leaders Great?
Great Leaders Make New Rules

Best Practice Two: Educate Staff

You Already Have the People You Need to Succeed with the Cloud
11 Things to Consider When Educating Your Staff on Cloud

Best Practice Three: Create a Culture of Experimentation

Create a Culture of Experimentation Enabled by the Cloud
4 Dos and Don’ts When Using the Cloud to Experiment

Best Practice Four: Engage Partners

Accelerate Your Cloud Strategy with Partners
The Future of Managed Services in the Cloud

Best Practice Five: Create a Cloud Center of Excellence (CCoE)

How to Create a Cloud Center of Excellence in Your Enterprise
Staffing Your Enterprise’s Cloud Center of Excellence
Common Responsibilities for Your Cloud Center of Excellence
Your Enterprise’s Flywheel to the Cloud

Before I wrote the CCoE series, I wrote a series on DevOps in your enterprise, which has a lot of relevant points to the CCoE model

Considering DevOps in Your Enterprise?
Two Reasons Customer Service is Key to Enterprise DevOps
Enterprise DevOps: Why You Should Run What You Build
Enterprise DevOps: What to Expect When You’re DevOps’ing

Best Practice Six: Implement a Hybrid Architecture

Three Myths About Hybrid Architectures Using the Cloud
A Hybrid Cloud Architecture Ah-Ha! Moment

Best Practice Seven: Implement a Cloud-First Strategy

What Cloud-First Looks Like

For Kristin Deyle, President & Founder of Unity Wellness Group in order to become a successful entrepreneur one needs a combination of passion and perseverance that work orders of magnitude together. “Believing in and being passionate about your venture and the product and service you offer is key to achieving success,” says Kristin. “But you also have to be driven to bring your vision to market – stay positive – work hard – and persevere. In other words, you can’t be a quitter when unanticipated bumps occur. Instead, you need to adjust and press on.” Being a compassionate person by nature, Kristin cares about people, and has been deemed as a problem solver. “Building a wellness business fit my care model in helping people and filling a gap I was seeing in the marketplace.”

“Building a wellness business fit my care model in helping people and filling a gap I was seeing in the marketplace.”

Kristin has always had a tendency to envision outcomes, and used to do this to stay motivated but have realized these visions are very important to achieving anything. “While having a vision is important, excellent execution is equally important,” she adds. “It was during one such envisioning outcomes that led to the incorporation of Unity Wellness Group. The company was developed specifically to address the stress I saw in the workplace throughout my career.” But it was much bigger than that—it was part of a solution to proactively address the healthcare epidemic that was happening in 2008 and still is—the healthcare system treats the sick rather than focusing on maintaining health or preventing disease. However, mind-body prevention and good self-care are key to being healthy. Most people weren’t taught wellness practices in life or effective stress management skills or practices.

The most recent 2019 stress surveys show work as a leading source of stress, with 53% of employees also believing companies don’t care about their work balance or state of mind. Stress is a common theme in the work place and therefore the focus of most popular modules over the past 12 years. “We have dozens of stress management modules, because stress is very individual – and what is stressful to one person may not to another and it is important to understand what is perceived as stressful and where it comes from to effectively manage it,” says Kristin. It can be workplace stress due to environment or colleagues or workload where time management and team communication and emotional intelligence seminars make sense. Or, it can be personal stress based on life situations or simply the way you think. “What we see through our post surveys is these modules work and people change their lives with mindful awareness and better self-care habits. It works!”

The company’s programs and services are constantly evolving as a result of their client workplace needs. Kristin and her team encourage clients to survey the workplace and in order to provide customized solutions. “We are a customized wellness solution provider, and develop programs based on exact wellness needs of a school or workplace population.”

Presently affected owing to the Covid-19 pandemic, Kristin has ensured to migrate all her modules online. Unity has always had this capability but growth and rebounding today means communicating this as an obvious option. As per the steadfast leader, employees need these programs more than ever now and they can all be done online even incorporating exciting digital challenges that gamify, include team participation and track progress. “We have always offered webinar and digital wellness options but only 10% client workplaces have selected this option. Today it is a more likely selection as more virtual work teams exist, and we are here for just that,” says Kristin.

I also run a marketing agency of all-female marketing specialists called Unity Marketing Group. Unity is an incredible group of talented ladies and their combined talents allow them to offer full-service marketing across all channels and disciplines. “I have believed and witnessed throughout my career that smaller seasoned teams can be more effective than larger ones. We are a great example of this. We go head to head with agencies 4 times our size and deliver better faster results.” Entrepreneurs and business owners comprise 80% of the Unity Marketing client list. IE

Stephanie Stevens, Owner & CEO of Bell Gate Farm, is the mastermind behind a state-of-the-art event venue built into a historic & rustic bank barn in Pennsylvania’s beautiful Lehigh Valley. She is truly the design, marketing, and creative force of a relatively new business which generated reputable accolades instantly.

“Bell Gate Farm is by no means boring and with Stephanie’s production background she works directly with clients to come up with imaginative ways to make their event stand out. “

She was told it couldn’t be done. But prior to the inception of Bell Gate Farm, Stephanie worked her way up, in a record 3 months, from Receptionist to Account Supervisor in New York City at one of the top advertising firms in the world.

It wasn’t until a touch of fate in a Manhattan bar one night, that Stephanie landed her dream job of Executive Producer in the Experiential Marketing world, which at the time was a new phenomenon, that had the power to reach a large portion of a consumer base and hold attention for an average of 12 minutes as opposed to traditional marketing’s 60 second media buys. It was a game changer for the marketing world.

She held the privilege of creating and producing the experiential marketing plans for some of the most reputable and respected blue-chip companies in and around the world: American Express, Microsoft, Virgin Mobile, Johnson & Johnson, and Marriott to name a few. Their demand for innovative initiatives to reach their consumers tasked her with producing events never done before. As such, she was introduced to extremely talented artists like Sting and Lady Gaga, and had the extreme pleasure of working on a team with some of the greatest minds in the marketing business to execute seemingly impossible events like: taking over the entirety of Times Square for the Microsoft Kinect launch; which featured 500 perfectly choreographed pop up dancers and a live performance by Lady Sovereign and Ne-Yo, a Grand Opening Sale for Toys R Us at midnight, a VIP afterparty at the Hard Rock Café, the largest ever media buy on the giant screens and the first ever non Toys R Us advertisement on theirs, a Media Event with Mark Wahlberg, and Modular House Build Outs where consumers and media alike could experience the product. All of these were happening at the same time, on the same day, in the most traveled and difficult to permit area of Manhattan with just 3 weeks of prep time. A producer is responsible for every element, every line item, every budget number, every staff member, absolutely everything, and Stephanie rose to the occasion every time. It takes a great deal of courage, ability to multi-task, and just enough crazy to pull off. 16 years based in New York and travelling around the country to produce events like the one mentioned above, taught Stephanie that anything is possible. Any splendid result can be done, at any time, with the right experience and the ingenuity of the perfect team.

“In my years in experiential marketing, I became an expert in creating something out of nothing. If we needed a stage in an empty field, I was the one who was relied on to know the proper regulations, supplies needed and how to flawlessly execute that event on time, on budget, and with great satisfaction to my clients and their consumers. A large part of executing an event is by thoughtfully considering the ‘what ifs,’ and being ready to tackle potential problems head on,” says Stephanie. “I translated this knowledge into Bell Gate Farm from the start by being prepared for any kind of event from major headliners to kids birthday parties. We have built in speakers and enough power both internally and exteriorly to ensure there are no issues for 3rd party vendors. The space can be turnkey, or a blank slate based on the vision of the client. We can, have, and will host every event imaginable.” Stephanie wanted Bell Gate Farm to be a place where the seemingly impossible was possible, at a more affordable price, and with more value than her competitors.

Too often, specifically in the wedding industry, which has become our most often held event, prices are hiked solely because of the word “wedding”. She knows, because she personally tested it. The market is notorious for over charging clients and being so restrictive in their services that clients feel boxed in, like their event is cookie cutter, or unimaginative. Bell Gate Farm is by no means boring, and with Stephanie’s production background she works directly with clients to come up with imaginative ways to make their event stand out.

One client with an affinity for Blue Man Group held a birthday party and Stephanie created an enclosed tent with UV lights inside so guests could don a painter’s outfit over their party gear and splatter paint every which way to their hearts content. After the party, the canvas used as the tent, was a beautiful take away for the birthday girl. It’s not uncommon to drive down Bell Gate Road and see a myriad of large glamping tents set up in Parker’s Pixie Hollow. This area was a nod to a client with an affinity for the Gilmore Girls. Unique and one of a kind events is what Bell Gate Farm does best. “You don’t just sign a contract and walk away until event time here,” says Stevens, “we are working with clients right up and through event day because we want them to show up and feel just as relaxed as a guest.”

Stephanie’s experience as an Executive Producer also taught her a lot about humanity and corporate America. She wanted to create a business model no other company has quite figured out how to do; a true non-hierarchical organization where staff feel like family and have a genuine work life balance. Every ad agency in the country has a page in their new business presentations which highlights that very idea, but in Stephanie’s experience, it wasn’t ever implemented, not really. Instead it was more of a rallying cry. She was going to change that.

In fact, Stephanie puts both her staff and clients top of mind in everything she does. In a business world where “being nice” is often frowned upon, it is the sole tenant to Stephanie’s philosophy, one she won’t apologize for or compromise on, and it is the reason Bell Gate Farm has seen such a tremendous amount of success so quickly. Awards like Best Event Venue in Bell Gate’s infancy, and every year since, were not as exciting to her as the award for Best Small Business to work for and Most Creative Venue in her hometown, the Lehigh Valley.

At the start of Bell Gate Farm Stephanie took an insanely small marketing budget of $1000 and turned it into a media buy valued at 20 times that by using her real-life story as a way to create buzz. At that time, Stephanie had suffered several tragic and monumental life changes in just six months. The loss of her Mother whilst pregnant, the dissolution of her months-old marriage, raising a beautiful baby essentially as a single parent, no real income coming in, and the prospect that her childhood home could be lost within a few years if she stood by and did nothing. Instead of bowing under that pressure, she used that intense emotive grief to tell a personal story, and it not only worked, but it also helped others in similar or same circumstances stand up and say, “all is not lost, I too can triumph in the face of adversity”. Stephanie is proof that a successful business can also be personal.

An ardent supporter of philanthropy like her parents before her, Stephanie supports small businesses like Yoga Lab, Sonnie Glass, and Family Made Soaps and Such by offering the grounds at no charge for sales or class purposes. Through donating the space, she has helped local non-profit organizations raise over 2 million dollars in the last three years. Organizations include: Truth for Women, VAST, The American Cancer Society, The Leukemia Lymphoma Society, and multiple animal shelters to name a few.

Stephanie transformed her childhood home into the business that it is today by being innovative, hardworking, hands on, and determined. No woman is an island. Stephanie realizes that everyone who has touched her professional career from mentors to employees is part of her great success and she thanks them whole heartedly.

Thus, Stephanie is able to maintain the property and farm out the 233.3 acres it sits upon so it can remain open space as her father intended, precisely because she used adversity to her advantage. By all accounts, Bell Gate Farm is a love story. It is an homage and a monument of sorts to the love Stephanie had for her parents, and the new love she found within her beautiful daughter, Parker.IE

William Gamble, Owner, EMS

Kayla has a new friend. CloudPets produces a toy that talks. It talks with the voice of ‘friends’, hopefully parents, who can send it to the toy. When the toy receives the message it’s little heart blinks. When the child squeezes the toy’s paw it plays the message. Another squeeze and the child’s message gets recorded and delivered to the friend. Cute.But like Kayla (Cayla) a real security, privacy and legal nightmare. CloudPets are joining an ever-growing set of internet of things (IoT) that get personal information, much of it personally identifiable information (PII) and even sometimes Personal Health Information (PHI). Worse CloudPets, Kayla, Hello Barbie, and VTech collected information about children and sometimes lost it. VTech breach lost the records of a reported five million people.Like some of the other toys CloudPets recorded children’s voices. The data was stored in an audio file on the web. Worse, the system used to store the kids’ information was a DBMS, Mongo DB that was in a publicly facing network segment without any authentication required. The database had been indexed with the search engine Shodan. There are simple queries that anyone can run via search engines like Shodan that will point to all of the open MongoDB databases out there at any given time. The amount of information exposed was 821,296 records of registered users including passwords and 2,182,337 voice recordings!Obviously the IoT industry and especially the toy part of that industry has some way to go before they are able to make these things secure. But what are the legal consequences of Cloud pets? Not good. I will start with state consequences, in this case California. Then move on to US federal laws and finally discuss the EU GDPR jurisdiction in the next article.

US State Privacy Laws

Just the name ‘CloudPets’ sort of says it. This product is aimed at children. If the buyers of these stuffed animals had anything like my children’s preferences, the product is aimed at children under the age of 13. Marketing over the web to kids younger than 13 puts you under the jurisdiction of the Children’s Online Privacy Protection Act, (15 U.S.C. 6501–6505, 15 U.S. Code § 6501) known as COPPA.COPPA is administered by the FTC and its regulations can be found at 16 CFR Part 312. In general, the law requires the operator of a website that collects personal information from children below the age of 13 must include a privacy notice, a privacy policy and how if obtains consent from parents for collecting this information. According to 16 CFR 312.4 (c)(iv) the operator’s website must contain a “hyperlink to the operator’s online notice of its information practices”. As far as I could see the CloudPet website did not have any hyperlink. At the bottom of the web page it had is the following statement “All use of this website is governed by the CloudPets.com Terms of Use, including the CloudPets.com Notice of Privacy and Information Security Practices.” Since this is not a hyperlink to anything, CloudPets appears to violate this rule.The other issue with CloudPet is that by storing the children’s personal information and voices in a insecure web facing data base it violated 16 CFR 312.8, which states that the operator of the website shall “maintain reasonable procedures to protect the confidentiality, security, and integrity of personal information collected from children.”But what is the penalty? Fines under COPPA are levied by the FTC are theoretically $16,000 per violation, but a review of 11 settlement show that fines are rarely that high. The largest settlement to date was for $3,000,000 which worked out to be about $2.45 per violation. So from a risk perspective COPPA presents a liability of about $1.6 million.

US Securities Law

In fact, the largest danger to CloudPets or any other firm has nothing to do with privacy laws. The real problem, at least for public companies, will be securities laws.A major breach will often trigger notifications to those affected. But what might most be affected will be the company’s stock. In August of 2016 the company responsible for CloudPets, Spiral Toys (STOY) had a market price of $0.85. By March 3 2017 it closed at $0.0035, a fall of 99%. So basically, the failure of CloudPets has meant the failure of Spiral Toys, although it must be admitted that Spiral Toys had many other severe problems. An investigation by the SEC would simply have made things worse.The jurisdiction of the SEC comes from the famous or infamous Rule 10b-5 (17 CFR 240.10b-5 Employment of manipulative and deceptive devices.) The rule makes it unlawful for any person or firm to make an untrue or fail to disclose a material fact. Certainly, a major breach or a known security flaw in a product is material. If the owner of the firm intentionally withheld this fact they could be subject to fines and sanctions from the SEC and for losses from private part who were damaged in the purchase and sale of the firm’s stock. Needless to say, these costs could be higher than many of the other damages.

Conclusion

Regulatory compliance for IT is never simple. Rather than a comprehensive system like the new EU GDPR, the US has laws that provide for specific regulations depending on what service or product you are providing and to whom. The penalties for violations of these regulations often are greater than anything a cyber thief could dream of. But you cannot stop with just the regulations concerning IT, health care or privacy. There regulatory environment is far greater than that and there are various agencies like the SEC whose bite is far worse than the FTCs. Remember it is not about compliance, it is about risk.

Kristen Brock, CFO of LEL Home Services is an out of the box thinker, creating diversified funding sources, developing new companies, currently five, while structuring the companies to benefit LEL. Kris has been tremendously effective serving LEL Home Services, LLC. (LEL) and paving the way for Growth! Prior to her arrival LEL was paying in excess of a .25M for accounting services and billing less than $200,000 per week, with only 525 Individuals Served. The company was not able to provide benefits while 95% of its work force was females many whom were single moms with children. The company was being penalized for not providing benefits to those employees and there was no plan for change. The incoming CEO asked Kris if she could bring accounting in house and if benefits were foreseeable in the near future. Kris identified that the excessive amount of money being paid to the external accounting department would need to stop and then benefits could be provided, which would also help the tax debt. In less than nine months LEL was providing a benefits package that ranked in the Top 1%. All accounting practices were brought in house. Kris hired and developed an entire accounting department and Human Resource Department and obtained state of the art technology. The change was very successful and enabled the organization to focus on increasing the number of Individual Served and the quality of their service. LEL experienced a 300% growth and has never looked back.

” LEL is serving individuals in 85 counties in Indiana, Albuquerque New Mexico, and is now approved to serve individuals in 3 counties in Ohio.”

Being individual, family and extended family centered is at the core of what LEL does to enable care. Their model, “Family and Friends,” is built on identifying family and extended family who have given care to individuals, as well as hiring, training, and equipping them to deliver quality care. By blending natural and paid supports, they can focus on personal preference and meaningful life goals. LEL is serving individuals in 85 counties in Indiana, Albuquerque New Mexico, and is now approved to serve individuals in 3 counties in Ohio as well as purchasing an Adaptive Inclusive Play Center for Kids.

As per Kris, in the developmental disabilities field, there is a great focus on compliance as well as the health and safety of individuals in service. While this is, obviously, important, she and the other Officers’ believes to meet those standards is to be average. “We are pushing the standard beyond compliance to quality. Our focus is working with individuals and families to identify valued roles for individuals in pursuit of their best life,” she adds. “LEL is a world leader in the industry and is recognized by other providers, state and federal governments as a leader. We raise the bar as soon as we have met the previous bar, we aim to increase our customer service so that each of the individuals we serve has a ‘good Life’.” LEL has been able to understand the regulatory guide lines which govern over the work they do, but LEL has realized that those standards are less than what it takes to become a world leader, therefore LEL presses on raising the standards, advocation for new rules and regulations which speak to the work that needs to be done.

This year alone LEL has stuck to its guns about how people should receive services and 3 standards have changed because of it. The change in these standards allow LEL to lead in a Care Model that delivers every time. LEL is currently working to help streamline the service model in New Mexico so that the emphasis is not only on medical needs but a more holistic approach which helps a person who isn’t whole become so. These challenges help the individuals that are served lead a greater life, take less medication and have less restrictions. Recently the Officers and Executive Directors came together to work on a three-year Strategic Plan and identified an aggressive Individual Focused and Growth Plan. “As our Individuals Served live and work in an environment where there is commitment and buy-in, they too will feel the same, and by word of mouth they will tell their friends and family who will also come to the LEL Family for their services,” adds Kris.IE

LEL Home Services

Management

Kristen Brock
CFO of LEL Home Services

Description

We understand the difficulties associated with finding quality care for a disabled loved one because Edith Glover, our founder, discovered a shortage of quality caregivers during her family’s journey. Due to this shortage, when the longtime caregiver of her son Lyle was no longer able care for him, she decided to end her 35 year nursing career to provide the appropriate care for Lyle full-time. Along the way she became aware of many other families in similar situations and began LEL Home Services as a support network to share knowledge she had acquired.

Careen Mancuso, COO at Bell Gate Farm, LLC, an MBA graduate from Boston College’s Carroll School of Management with over 10 years of experience in finance and sales, has had an eclectic and creative professional career. She began as a bank teller in Massachusetts, working through her undergraduate and graduate education. Always exhibiting the spirit of an entrepreneur, Careen started her own theater company at 21 years of age. The company rented theater space at The Boston Center for the Arts and made a profit on their first production. When the opportunity to grow with a small bank in Belmont, MA presented itself Careen did not hesitate and joined the rapidly growing institution as a Banker. Never one to be boxed in by her job description, Careen was essential in designing the new bank sales philosophy, pioneered the opening of three new branches, was promoted to Assistant Manager and went on to write and implement a bank wide training program that spanned over 800 employees in less than three years. She found that a well-defined on boarding process that makes new hires feel valued ensures consistent positive results from employees. “The base ingredients of every business foundation are the same, it is the mix that needs to be tailored for each particular industry,” she shares. “Banking needs a more stringent checks and balance system while the events world requires creativity, and empathy with only a dash of “best practice” rigidity.” When Careen and her husband were moving to Pennsylvania, she joined Bell Gate Farm as their COO and brought her MBA and theater background together in an entrepreneurial framework. At Bell Gate Farm, a five-star, luxury, award winning event venue, Careen, and the Bell Gate Team have created repeat customers through an almost guaranteed consistent customer experience.

“Bell Gate went under it’s first major interior and exterior renovation.”

Bell Gate Farm’s philosophy has always been people first, and Careen along with the Bell Gate team including Owner and CEO Stephanie Stevens, strive to create a place where people want to come to work rather than “must” come to work. “We have a network of volunteer part time event staff whose dedication to our clients stems from genuine enjoyment of their responsibilities rather than expectation,” she adds. “Bell Gate’s focus as a team is primarily the client and our reviews can attest to how successful we are in creating magic for our couples, but this success comes from ensuring that our team is running well to begin with. Self-care for successful client care.”

Bell Gate’s team dynamic is what sets it apart from the rest. “It is clear that we have fun and love working together,” says Careen. The team strives to create a space where employees are comfortable coming to work, voicing their needs and being successful in their roles. Client’s enjoy the “Bell Gate Experience” when they have an event which is what truly sets Bell Gate apart from the others. The team ensures they are there for the client all day long making sure they are never searching for assistance. “Our marketing strategy depends heavily on client word of mouth, online reviews and organic growth. I believe this has created a more successful close rate for walk throughs because guests have already heard amazing things from friends or family when they arrive for their tour,” says Careen.

According to Careen, the COVID-19 pandemic has been the greatest challenge anyone could imagine. “How do you continue to generate business when you have been forced to stay at home? As a venue it is nearly impossible to strike the imagination of a potential client from your living room,” she explains. “I used the time to create a stunning video tour of the space and encouraged our team to continue to book client inquiry meetings via Zoom.” Through some creativity Careen and the team have been able to continue booking events through the pandemic creating new revenue. Bell Gate also decided to take advantage of any available government programs so Careen wrote a grant application that gained them access to a larger loan than what would have normally been approved. Once restrictions had been lifted and employees were able to come back to work, Careen took the unusual free time as a blessing and invested in their spaces to ensure every inch of the venue was event ready. “I have always kept a list of projects that I wish we had time to do and during the pandemic we almost completed all of them which will set us up for success in the years to come,” she adds. “Bell Gate Farm strives to become an all-inclusive luxury resort in the next five years. Guests will have the opportunity to pamper themselves and their guests before, during and after their big day truly creating a home away from home.”IE

Bell Gate Farm

Management

Careen Mancuso
COO Bell Gate Farm

Description

Bell Gate Farm was once one of 3 of the largest farms in Pennsylvania, and visitors would travel hundreds of miles to visit these pastoral lands. Situated and nestled at the bottom of a Valley further reinforces what we know historically about the property. Built upon a spring would have given the occupants plenty of water and the resources needed to survive the daily structure of life like cooking, smoking meats, and keeping perishable foods cold.

Being a marketing leader is one of the most rewarding positions in business but it’s not without its challenges. It requires consistent self-motivation and drive to make yourself better, make your team better, make your company better, and ultimately leave a positive impact on your industry. For Christina Cravens, Chief Marketing Officer of ResMan, a Property Management Software Company, this comes from a deep passion, pride, and desire to deliver beyond expectations and inspire young marketers as they grow their careers. However, self-motivation is only one aspect of being great at what you do. Cultivating and growing a great team is critical, requiring a keen intuition about people. It’s more than knowing whether or not a person is qualified — Christina has a knack for bringing together the right people that can play off each other, support each other, push each other and thrive. She’s consistently motivated teams to perform at higher than expected levels to make extraordinary things happen. Today’s CMO requires openness and desire for change, and Christina’s skill for consistently reimagining the roles of marketing and sales so that the organization can emerge even stronger, allows her to build data-centric teams that can leverage the full power of insights and technology at their disposal. They are modern marketers in every aspect, with new skills, new processes and new ways of looking at customer relationships. Most importantly, these marketers understand the value of continuous engagement and learning and leveraging customer intelligence behind all marketing programs.

“ResMan was designed by property managers. We employ a listen-and-lead attitude to understand and anticipate the needs of our users and give your team the confidence and control you need to most effectively manage your mixed-asset portfolio.”

Just like the role of the CMO has changed to adapt to an increasingly digital world, the multifamily landscape is rapidly changing. This has rendered once tried-and-true marketing, leasing, and communication methods obsolete. Owners and operators are being forced to adapt or lose residents and revenue. Residents expect to search for apartments online, apply online, tour online, pay online, and even communicate with their property managers via SMS. ResMan was born in the cloud, and recently released new products to their platform that powers the virtual leasing office. ResMan’s Marketing suite offers beautiful, modern websites built to convert prospects into residents through interactive 3D site maps and the easiest to create virtual tours in the industry. ResMan Leasing products offer the most advanced online leasing solution, and bi-directional SMS resident communication is less than three clicks away from anywhere in ResMan. “Our open architecture and world-class partner network allow ResMan to scale with our customers. This creates one source of truth for their business,” says Christina. “When on-site staff, corporate, and owners can work from one platform, manual processes are eliminated, efficiency is gained, and time is saved.”

Christina is proud to help lead a company driving forward progress in its industry. “Being an innovator is about embracing change, listening to our users, and challenging the status quo. At ResMan, it’s in our DNA,” she says. “We were built by property managers to directly solve business problems faced by property owners and operators.” ResMan’s user-centric approach and listen and lead attitude have led to a platform that feels more intuitive, comfortable, and incredibly easy to use. From the Boardroom, their interactive and customizable dashboard to the award-winning property websites, and everything in between, the company continues to set the standard and direction for how a property management solution should look, feel, and perform.

Customers at ResMan are a #1 priority, and Christina believes that every customer deserves a proactive, personal approach to communications, which goes a long way in terms of customer retention. “If you supply your customers with valuable content regularly, they’ll develop a natural interest in and loyalty to your brand,” says Christina. In addition to continuous communication and educational content, it’s important to pair outreach with a customer loyalty program. The company launched ResMan Champions to incentivize a variety of behaviors, including conducting a reference call, providing a case study or video testimonial, sending referrals, and more. “We reward our customers with gifts, ResMan Edge User Conference tickets, referral payments, product discounts, and more,” adds Christina.

In today’s challenging environment, Christina and her team of experts continue to innovate their work environment, business processes, and products to benefit the customer base. These include creating new product bundles by segment (SMB and Mid-Market), adding deeper discounts for products that enable virtual business, and launching new solutions that address the specific changing needs of the property management market. “We’re building a more robust library of educational resources in multiple formats, for example, and streamlining options for customer support to drive real-time engagement,” says Christina. “We aim to assist our customers in the best possible way.”

Over the years, Christina has found that by taking the time to thoughtfully communicate with customers and prospects with the right message and offers in the right way companies in the SaaS space see greater customer engagement, growth in the customer base and increased customer satisfaction.IE