Platt Perspective on Business and Technology

Leveraging information technology to revitalize mature industries and marketplaces 5: adding the underlying business model into this discussion 3

Posted in business and convergent technologies, strategy and planning by Timothy Platt on February 1, 2014

This is the fifth installment in a series in which I discuss and analyze businesses as information management systems, and in which I characterize their competitive strength and marketplace capabilities in corresponding information technology implementation terms (see Ubiquitous Computing and Communications – everywhere all the time 2, postings 273 and loosely following for Parts 1-4.)

I moved outside of the internal operations of the individual business organization in Part 4 to discuss information sharing with supply chain partners, and for when participating in other business-to business-collaborations. The issues of selecting secure mutually agreed upon information sharing channels and compatible tools for these types of information transfer are largely business model-agnostic, as most of the time and for most business-to-business purposes technology selection for this would be made from among standardized, repeatedly security tested and vetted systems, and would be implemented using standard online connection and data transfer protocols as vetted by organizations such as the World Wide Web Consortium (W3C) and I add information technology oriented security companies and groups like The Open Web Application Security Project (OWASP).

And this brings me to the matter of what information would be so shared, and that is both the topic of this posting, and the point at which this discussion firmly connects back to the business models in place.

• When you view and analyze a business in terms of its information management processes as a map of its overall operational system, the most logical way to view supply chain systems entered into is from an information systems compatibility and security perspective.

Then the issues that you have to characterize here, all deal with efficiency and risk management due diligence concerns, and include:

• Determination of specifically what data to share with what partner businesses,
• Mutually agreed-to determination of what they can use this information for, and who in their system can see and use it with that generally established on a job title and responsibility basis,
• Mutually agreed-to determination as to how long this information can be held before being deleted from a receiving supply chain partner business’ systems,
• And mutually agreed-to systems for monitoring and managing this, to ensure that practices as followed match practices as agreed to. This system would be set up so as to meet specific legal due diligence requirements, as for example for maintaining confidentiality of customer personally identifiable information.

As a general rule, business intelligence should only be shared outside of a holding business when specifically required by law when for example responding to court orders, or when meeting specific and clearly defined and delimited business needs that enter into agreed to supply chain processes.

• This means determining what is needed from the providing business and by its information receiving supply chain partners, so as to meet both of their sets of strategic objectives for entering into these business-to-business relationships.
• It means determining and risk management evaluating what these information receiving partners businesses would need in the way of transferred information in order for them to operationally carry out their part of any agreed to supply chain process.
• It means learning from them, and where possible learning about them from outside sources (e.g. outside regulatory agencies and review sites), what their information management and information security processes and practices are, and if they have experienced security breaches or other mishaps in those processes and systems or in their execution.
• And overarching all of these considerations, this means knowing what legally mandated requirements are in place for selecting information to so share, and for transmitting it, receiving it, storing, using and deleting it. And this means robustly meeting these requirements, operationalizing them for compliance as functional parameters in developing practices in place.
• And as a final consideration here, this means only providing business intelligence to specific outside businesses, and under terms of legally contractually binding agreements that preclude their in turn sharing this information with anyone else outside of the explicit terms of their access contracts.

I am going to continue this discussion in a next series installment where I will turn to consider the issues of innovation and competitive advantage, from an information management perspective. In anticipation of that installment I note that this can and should be considered both from an internal-to-the-organization perspective and from an externally connecting supply chain perspective too. Meanwhile, you can find this and related postings at Business Strategy and Operations – 3 and also at Page 1 and Page 2 of that directory. You can also find this and other related material at Ubiquitous Computing and Communications – everywhere all the time 2 and at the first page to that directory.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: