Big Data Analytics – Acquire, Grow and Retain Customers

Start of this year in Jan 2013, I had discussed in my blog Is Customer the King? In Retail, Analytics Say “Yes” about how Retail industry can leverage big data insights to optimize and personalize customer interactions, improve customer lifetime value, improve customer retention and satisfaction, improve accuracy and response to marketing campaigns. In an article by The Wall Street Journal last year, WSJ said that Big Data refers to the idea that companies can extract value from collecting, processing and analyzing vast quantities of data about their customer experience. Businesses that can get a better handle on these data will be more likely to outperform their competitors who do not. Kimberly Collins, Gartner Research vice-president stated that big data, will be the next major “disruptive technology” to affect the way businesses interact with customers.

In this new era of big data, companies need to create team of customer relationship management experts that can understand the psychology and buying behavior of their customers, apply their strong analytical skills to internal and external data and provide a personalized and individualized experience to their customers. In addition, companies will also need to apply futuristic insights using predictive and prescriptive models that will help steer innovation in the industry. Steve Jobs and his company created a need. Nobody knew they needed an iPhone or iPad but today it’s a need for millions of users. Companies need to reorient themselves to 21st century thinking, which unequivocally involves applying big data analytics to their customers (clients, employees and other stakeholders).

Today, companies have access to data unlike they have ever had before from internal systems and external media. This includes all structured data and unstructured data. And now companies have access to advanced modeling and visualization tools that can provide the insight to understand customers and even more powerfully, predict and prescribe behaviors.

Ironically – athough the retail industry is under tremendous pressure to stay competitive – the industry as a whole lags behind other industries in its use of big data analytics. A report from Ventana Research suggests that only 34% of retail companies are satisfied with the processes they use to create analytics. According to a recent infographic from marketing optimization company Monetate, 32% of retailers don’t know how much data their company store. And more than 75% don’t know how much of their data is unstructured data like call center notes, online forum comments and other information-rich customer data that can’t be analyzed in a database.

In one of the recent industry case study, CMO of a retail company convened a group of marketing and product development experts to analyze their leading competitor’s practices, and what they had found was the competitor had made massive investments in its ability to collect, integrate, and analyze data from each store and every sales unit and had used this ability to run myriad real-world experiments testing their hypothesis before implementing them in real world. At the same time, it had linked this information to suppliers’ databases, making it possible to adjust prices in real time, to reorder hot-selling items automatically, and to shift items from store to store easily. By constantly testing, bundling, synthesizing, and making information instantly available across the organization—from the store floor to the CFO’s office—the rival company had become a different, far nimbler type of business. What this customer had witnessed was the fierce market competition with effects of big data.

Retailers that are taking advantage of Big Data’s potential are reaping the rewards.  They’re able to use data to effectively reach consumers through the correct channels and with messages that resonate to a highly targeted audience.  Smart retailers are using advanced revenue attribution and customer-level response modeling to optimize their marketing spends Although there are obvious benefits, many retailers are surprisingly still failing to act on these trends. This delay is largely due to a dependence on siloed information, lack of executive involvement and a general trend among marketers to fail to understand analytics. Without advancing internal structures, gaining executive support or educating internally, jumping on these Big Data trends is nearly impossible.

The new IBM/Kantar Retail Global CPG Study of over 350 top CPG executives revealed that 74 percent of leading CPGs use data analytics to improve decision making in sales compared to just 37 percent of lower performing CPGs. By the same token, the new IBM study of 325 senior retail merchandising executives, conducted by IBM Center for Applied Insights in conjunction with Planet Retail, reports that 65 percent of leading retail merchandisers feel big data analytics is critical to their business compared to just 38 percent of other retail companies.

The two independently developed studies found interesting trends:

• Sixty-three percent of top retail merchandisers have the data they need to conduct meaningful analytics while 33 percent of other retailers do not.
• Thirty-seven percent of leading CPG companies make decisions predominately on data and sophisticated analytics versus 9 percent of lower performing CPG companies.
• Eighty-three percent of leading retail merchandisers are focusing more on the consumer, compared to just 47 percent of lower performing retailers.
• Forty-three percent of leading CPG company’s sales organizations are highly focused on the consumer versus 28 percent of others.
• Sixty-nine percent of the marketing departments of top retail merchandisers are highly collaborative vs. 39 percent of other retailers.
• Forty-four percent of leading CPG companies report a “robust partnership” between marketing, sales and IT versus only 20 percent of their competitors.

For retailers like Macys, the big data revolution is seen as a key competitive advantage that can bolster razor-thin margins, streamline operations and move more goods off shelves. Kroger CEO David Dillon has called big data analytics his “secret weapon” in fending off other grocery competitors. Retailers are moving quickly into big data, according to Jeff Kelly, lead big data analyst at Wikibon. Big retail chains such as Sears and Target have already invested heavily in reacting to market demand in real time, he said. That means goods can be priced dynamically as they become hot, or not. Similar products can be cross-sold within seconds to a customer paying at the cash register. Data analysis also allows for tighter control of inventory so items aren’t overstocked.

To stay competitive, retailers must understand not only current consumer behavior, but must also be able to predict future consumer behavior. Accurate prediction and an understanding of customer behavior can help retailers keep customers, improve sales, and extend the relationship with their customers. In addition to standard business analytics, retailers need to perform churn analysis to estimate the number of customers in danger of being lost, market analysis to show how customers are distributed between high and low value segments, and market basket analysis to determine those products that customers are more likely to buy together.

Retail Banks such as Wells Fargo has gathered electronic data on its customers for decades, but it is only in the past few years that the fourth-largest U.S. bank has learned how to put all that information to work. JPMorgan Chase, Bank of America, Citigroup and Capital One are also taking advantage of the big data opportunity. Big banks are embracing data analysis as a means to pinpoint customer preferences and, as a result, also uncover incremental sources of revenue in a period of stalled revenue growth. Smarter banks will increasingly invest in customer analytics to gain new customer insights and effectively segment their clients. This will help them determine pricing, new products and services, the right customer approaches and marketing methods, which channels customers are most likely to use and how likely customers are to change providers or have more than one provider.

Banks, Retailers and CPG companies that are applying big data analytics to better understand consumers and adjust to their needs are outperforming their competitors who don’t, according to a pair of studies released by IBM. Advanced Big Data analytical applications leverage a range of techniques to enable deeper dives into customer data, as well as layering this customer data with sales and product information to help retailers segment and market to customers in the ways they find most compelling and relevant. Historically, retailers have only scratched the surface when it comes to making use of the piles of customer data they already possess. Add social media sentiment to the mix, and they can access a virtual treasure trove of insights into customer behaviors and intentions. The timing couldn’t be better, because these days’ consumers award their tightly held dollars to retailers that best cater to their need for customized offers and better value. The ability to offer just what customers want, when they want it, in the way they want to buy it requires robust customer analytics. The opportunity is now: It’s critical that retailers step up their customer analytics capabilities as they transition to an all-channel approach to business.

http://thebigdatainstitute.wordpress.com/2013/09/20/big-data-analytics-acquire-grow-and-retain-customers/

 

Government’s New Mobile Code of Conduct: PIIs Get Noticed

You know those short notices that pop up right before you install a mobile app? That’s the splash screen that provides some information about what functions are being accessed and, in general terms, what information is being collected from users. After studying this matter for about a year and getting input from the usual stakeholders (industry, privacy groups), the US Department of Commerce  just issuedvoluntary guidelines covering the information app publishers should include in these notices. While this code of conductwill not satisfy everyone, it’s clear that personally identifiable information or PII will now be getting higher billing.

If you install an app on your Android or iPhone, you might be told the software will “Read contact data, read your profile data” and perhaps that it has access to “fine GPS location”.  At least that is what the mobile version of Twitter informed me, right before I decided against using it. But if an app publisher were to follow the new Commerce Department guidelines, they would need to explicitly state the PIIs and user content being collected from the following set:

• Biometrics (information about your body, including fingerprints, facial recognition, signatures and/or voiceprint.)
• Browser History(a list of websites visited)
• Phone or Text Log (a list of the calls or texts made or received.)
• Contacts (including list of contacts, social networking connections or their rphone numbers, postal, email and text addresses)
• Financial Info (includes credit, bank and consumer-specific financial  information such as transaction data.)
• Health, Medical or Therapy Info (including health claims and other information used to measure health or wellness.)
• Location (precise past or current location of where a user has gone.)
• User Files (files stored on the device that contain your content, such as calendar, photos, text, or video.)

We have had previous clues from other agencies, but it’s becoming more likely that the US regulators will be taking a more expansive view of PII in the coming years. The inclusion of biometrics, browser history, and geo-location means that quasi-identifiers are now on equal footing with traditional or classic PII—phone number, name and financial data.

If you’ve been following our HIPAA posts, this list shouldn’t be too surprising. The healthcare sector has had to deal with a far longer list in the form of the Safe Harbor rule, which includes most of the above items and quasi-identifiers for a grand total of 18 PII (or PHI as it’s referred to in HIPAA). Hospitals and other health networks have additional obligations, of course, to protect these medical PIIs through a series of mandated data security and privacy controls.

Unlike healthcare and financial companies, the Internet economy has mostly escaped—if you exclude COPPA—US data regulations. In other words, under the current model, even with these new guidelines, mobile app makers have no legal requirements to protect private consumer data. They would likely want to for obvious business reasons, and you can read the specific terms of service of your favorite mobile software to see what they’ll try to do.

Where is all this heading? A “Consumer Privacy Bill of Rights” has been talked about in Washington for years.  And you can read the latest iteration of this policy idea here. Even if a comprehensive data privacy law covering all companies doesn’t become law, regulators will be enforcing existing rules more tightly and consumer expectations for data security, especially in light of recent events, will only head upwards.

For organizations that want to stay ahead of the consumer data privacy curve, the above PII list from the Commerce Department is actually a good starting point: can your IT department guarantee that this small list of identifiers are secured from hackers and protected against unauthorized use?

Mobile ads GPS study: How far will you drive for a deal? (infographic)

We’ll drive 2.8 miles for a sandwich, but 7.1 miles for a great Italian restaurant. And while we may only go 3.6 miles for a coffee shop, we’ll easily go almost nine miles for just the right mall.

Nagivation services company Telenav knows a little bit about what people will drive for — and when it’s worth showing hyper-local ads to them.

Powering navigation apps like Scout for iPhone and running its own advertising team gives Telenav billions of monthly data points on ads and services that people will drive for. The company has summarized that data in a new report, unveiled today.

“Location is an extremely powerful tool for targeting mobile ads, but most advertisers are still applying a one-size-fits-all approach when it comes to location targeting,” Eli Portnoy, Scout Advertising GM said in a statement. “For example, I live in Los Angeles and it makes no sense to show me an ad for coffee in Pasadena because I will never drive the nine miles it would take me to get there. That would take me over an hour.”

One size especially doesn’t fit all when you look at different cities.

While shoppers in Dallas, Seattle, and California’s Bay Area routinely drive between 7-8.5 miles for shopping, New Yorkers and Chicagoans drive few than five. And in San Diego, car owners travel on 2.7 miles for gas, while Houston drivers almost need a top-up station on the way to the gas bar, driving 7.1 miles, on average, to fill ‘er up.

All of which data needs to inform your local marketing strategy.

Here’s all the information, in visual form:

Read more at http://venturebeat.com/2013/04/16/mobile-ads-gps-study-how-far-will-you-drive-for-a-deal-infographic/#fOJHa7Ec1DVMKaq0.99

Big Data Promotes a Culture of Data-Informed Decision Making and Adaptive Marketing – Antony Young-Mindshare

Big Data is quickly being catapulted to the top of Marketing’s agenda, but it remains a challenge for many companies in preparing for this shift. According to a survey conducted by IBM, less than half of CMO’s feel prepared to cope with this increasing amount of marketing data over the next 5 years, with the data explosion cited as their #1 headache. The problem isn’t obtaining data, it’s figuring out how to turn it into marketing magic. I’m seeing a growing list of exceptional cases of marketer’s shifting their organizations to adopt a higher level of data-informed decision making, often with astonishing results.

It’s not so much big data, but smart data used at scale

Last week, I had dinner with Joe Rospars, founding partner at Blue State Digital, who served as Obama’s Chief Digital Strategist for his 2008 and 2012 campaigns, and asked him about big data. He responded, their approach “wasn’t so much big data, but smart data used at scale.” To win this election, they needed to get very granular in their targeting. By extracting voter files and collecting information via the tens of thousands of polling calls made to homes every night, they were able to identify by household individual voter likelihood, and then determine the communications they needed to deliver.

The Obama campaign expertly targeted via online advertising, email, door to door and phone canvassing very personalized messaging. They cleverly extended this strategy via social media. Nearly a million supporters that ‘liked’ the Obama 2012 page also allowed access to their profile data via Facebook Connect. This enabled Obama’s people to identify their Facebook friends in battleground States, cross tabulate with their own databases, which they then asked supporters to email or even personally call their friends that fit likely Obama voter profiles, to remind them to register or vote early.

Data is the engine for Adaptive Marketing

Data is allowing brands to move quicker and more decisively to gain a market advantage by dynamically informing their messaging and media.

Samsung a big investor in data, worked with insights firm Networked Insights, to use real-time social listening to help them keep a finger on the pulse of consumer sentiment and adjust their communications to capitalize on the web discussion about brands.

Within a couple of hours of Apple’s Tim Cook revealing their iPhone 5, Samsung reading the reaction in social channels, drafted new print, digital, and TV ads. The following week as the iPhone hit the stores, they aired TV ads mocking Apple customers queuing up for the new phone and some of its less flattering features. The commercial was a hit, and received more than 70 million views online.

They also used social listening as a real time guide to evaluate how effective their ads were with consumers by measuring what people are saying about them and what effect they’ve having on competitors’ brands. Stressing the importance of data in informing their marketing, Brian Wallace, the former VP of Marketing at Samsung, (who recently moved to Motorola to a global marketing role) said, “The data guys lead these conversations. Not the creative guys. Not the sale guys. And it’s not just analytics — it’s analysis.” He added, “[data] does not crush the art of advertising. It simply informs it — and ultimately improves it.” Samsung’s shift to a strategy of employing social data at the center was one of the key factors that assisted them to move from the number 4 mobile device manufacturer to pass the mighty Apple.

Creating a more personalized customer experience

I’m seeing a focus on data enabling marketers to create smarter, more engaged customer experiences.

I recently chaired a panel which included Sandra Zoratti, co-author of the book Precision Marketing. She cited Caesar’s Entertainment as a marketer that centralized data to better formulate its approach to marketing. They identified 0.15% of their customers that contributed to 12% of their casino revenues. This led to them employing Good Luck Ambassadors to monitor these customers. If they weren’t having a good night on the tables, they offered complimentary tickets to a show or dinner based on their known preferences to ensure they left their casinos with a positive experience.

Building a fluid organization that can capitalize on the data

Shifting to a fast moving data marketing organization isn’t just about software and strategy. It requires a shift in how the agency and clients teams work.

The Obama campaign quadrupled their data team from the previous election campaign, adding data technologists, behavioral scientists and mathematicians to crunch the data and help interpret them into actionable marketing insights.

According to Rospars, to improve speed of activation, they established a persona playbook on how the brand should speak, to allow them to delegate decision making down.

Personally, I love this shift to data-informed decision making. It is creating more adaptive, more relevant and more commercial marketing programs. We are barely scratching the surface, but it’s clear that going forward, data will be an enabler of more potent marketing.

Thanks to Brand Media Strategy

[Tech] It’s Official: Google Glass Is Here!

While Apple iWatch rumors continue to slog their way through the blog-o-sphere, Google has upped the ante. Google’s Glass is not a rumor, it’s real. In addition (according to Google) you can get one by the end of 2013 by entering and winning a special contest.

At least, Google calls it a contest. There are some unique rules. First, you have to pay $1,500 for your Glass, if you win. Also, you have to travel to New York, San Francisco or Los Angeles to pick your prize up. (UPS is not available.)

If that isn’t enough, you have to come up with a really creative idea about how you will use your Glass. If you need help coming up with ideas, Google has released a video entitled How it Feels [through Glass] that provides a behind-the-lens view of the Glass experience.

Google hasn’t specified how many “winners” there will be – supposedly, that will depend on the number of “really creative ideas.”

CNET reported that Glass will be able to connect via Bluetooth to both Android phones and the iPhone, while pulling data from Wi-Fi and using the 3G/4G feeds from the connected phone. Glass will not have its own cellular radio.

Comscore study on mobile retail shopping

Key findings –

– 4 in every 5 smartphone users – 85.9 million in total – accessed retail content on their device in July.

– Amazon Sites led as the top retailer with an audience of 49.6 million visitors, while multi-channel retailers including Apple (17.7 million visitors), Wal-Mart (16.3 million visitors), Target (10 million visitors) and Best Buy (7.2 million visitors) also attracted significant mobile audiences.

– Among both iPhone and Android users, Amazon ranked as the top retailer attaining a reach of 43 percent among iPhone users and 55 percent among Android users, with visitation to the Amazon Appstore largely accounting for the higher reach among Android users.

– Apple commanded a much stronger and expected 33.5 percent reach among iPhone owners compared to 7.3 percent among Android users.

– Females accounted for a higher share of time spent on retail destinations at 53.4 percent of minutes on desktop computers and an even greater share of retail minutes on smartphones at 56.1 percent

– 70.7 percent of smartphone retail visitors under the age of 45 compared to 61.1 percent of desktop users

– Among smartphone audiences accessing retail destinations, nearly 1 in every 3 had a household income of $100k or greater, with this income segment driving a comparable 31.2 percent of minutes spent on retail sites and apps.

http://www.comscore.com/Press_Events/Press_Releases/2012/9/Retailers_Carving_Out_Space_in_the_M-Commerce_Market

Related articles

• Mobile Commerce On The Rise As Amazon AppStore Tops Nielsen’s List Of Fastest-Growing U.K. Android Apps (techcrunch.com)
• Apple Continues To Dominate Android In US Smartphone Sales [Report] (cultofmac.com)

What retail is hired to do: Apple Inc. vs. IKEA

Had to post this article the information is amazing, you can check it out at:

http://retail-analytics.quora.com/What-retail-is-hired-to-do-Apple-Inc-vs-IKEA

This is one of those “Wow!” articles that has all the stats and figures that you could ever dream of wanting!  Sooooo Good! – http://f4il.co/JJuTix

“Within five years after discount retailing pioneer Korvette’s opened its first store in 1957, over a dozen copycat discounters had emerged. In contrast, the giant discount furniture retailer IKEA has never been copied. The company has been slowly rolling its stores out across the world for [close to 50] years; and yet nobody has copied IKEA.

Why would this be? It’s not trade secrets or patents. Any competitor can walk through its stores, reverse engineer its products and copy its catalog. It can’t be that there is no money to be made: its owner Ingvar Kamprad is the third richest person in the world. And yet nobody has copied IKEA.

Our sense is that the other furniture retailers have followed the positioning paradigm and defined their business in terms of product and customer categories, which are readily copied. Levitz Furniture, for example, sells low-cost furniture to low income people. Ethan Allen sells colonial furniture to wealthy people.

IKEA, in contrast, has organized its business around a job to be done: “I need to furnish my apartment (or this room) today.”  When this realization occurs to people anywhere in the developed world, the word IKEA pops into their minds. IKEA is organized and integrated in a completely different way than any other furniture retailer in order to do this job as well as possible.”

Integrating Around the Job to Be Done

IKEA is the world’s leading furnishing retailer and an amazing success story. As Christensen points out the success is all the more perplexing because it seems perfectly defensible. Nobody has tried to duplicate or undermine IKEA.

Positioned around a clear job-to-be-done it integrated design, manufacturing and distribution (including warehousing) as well as “big box” retailing as an experience.

This may sound familiar.

Apple’s entry into retail depended on a clear job-to-be-done, design, carefully selected merchandise and retailing as an experience. Similar to IKEA, Apple also became a dominant player in its segment and even achieved seventeen times better performance than the average US retailer in terms of sales per square foot (http://f4il.co/JJvLUa)

At first glance they seem to be similar businesses in terms of strategy or “architecture” but how do the actual businesses stack up? Can we find data to support any claim of similarity.

Let’s first have a look at the geographic focus of both companies. The graphic below shows that Apple’s retail operations are focused on North America with 74% of its 365 stores in the USA and Canada. By contrast, and maybe as much based on its origin, 73% of IKEA’s 325 stores are located in Europe[2].

Unlike Apple however, IKEA has grown much more slowly. IKEA’s first store was opened in 1958 and had 6,700 sqm (72,110 sqf). The first two Apple stores opened in May 2001. Since then the number of Apple stores grew significantly faster (CAGR: 46%) and surpassed the number of IKEA stores in 2010.

The other difference is in sales growth. In 1954 IKEA’s revenue amounted to approximately $1 million but has grown steadily (note in chart below that first five bars represent decades). In contrast, Apple has grown more rapidly and is also more profitable in terms of margin.

Part of the difference in growth is that Apple was able to subsidize its entry: Apple’s retail operations were loss making for the first three years while IKEA had to rely on financing from its own cash flows.
Eventually, Apple retail became self sufficient and is now more profitable than IKEA. The following charts provides an overview of the economics of Apple’s retail operations and IKEA side-by-side:

While Apple’s revenue per store is still growing, IKEA’s business seems more mature and stable. This makes sense because furniture prices are stable and the number of products (SKUs) depends on available area per store which cannot grow. Apple on the other hand is limited only by traffic issues. Its products take little space and can even be stored off-site.

Speaking of traffic, with 655 million visitors in 2011, IKEA had more than twice as many visitors in its stores compared to Apple. However, each visitor spent about $27, while Apple’s store visitors purchased for almost twice as much.
The same story applies in employee productivity. IKEA has three times the number of retail employees, but Apple’s revenue per employee are 1.5x bigger than IKEA’s.

The largest difference is in the efficiency of real estate. In terms of total sales area IKEA’s operations have more than 30 times the sales floor of Apple.

As much as these numbers tell a story, they don’t help us understand the cause of success. The two companies have completely different operations and their metrics seem at odds to one another. What works for one could never be applied to the other.

The fact is that there is no magic economic formula for disruptive retail. For example, by measure of sales per square foot, IKEA would not even make the top 20 list of US retailers.

However, there is one major thing they have in common: a clear formula for positioning your retail operations. Both operations are positioned around a job-to-be-done that has a high priority in people’s life. As mentioned in the opening quote, In IKEA’s case it is “I need to furnish my apartment (or this room) today” and in Apple’s case Tim Cook said it best:

“Our retail stores provide the best buying experience and the best customer service anywhere. And while that’s important for a buyer of a Macintosh, in some ways it’s even more important for a buyer of an iPad or an iPhone or another post-PC device because these devices are new to many people. There needs to be a place to discover them, to learn about them before they are purchased, and learn how to get the most out of them after they’re purchased.” Tim Cook, March 2012

Apple offers a place where people can discover and get answers about technology without the pressure of making a purchase. The job is to simplify that which is complex for a price premium.
IKEA offers a place where people can get exactly what they need exactly when they need it. The only downside is that “some assembly is required”. In a way, their job is to introduce some complexity in exchange for convenience and a discount.
In the end, they both get the job done and are amply rewarded for it.
—
Notes:

1. Including 13 in Russia.
2. The acquisition of UK-based furniture retailer Habitat in 1992 is the only exception.

Determining the Root Cause of a Data Breach With “The 5 Whys”

The jarring sound of an iPhone vibrating against a mahogany nightstand at 3:15am.  This can’t be good.  Server down?  Much worse: 50,000 sensitive files have been stolen from a poorly permissioned file server.  First, damage control.  Next, investigation.

Problem: 50,000 files were stolen.

Why?  The files were accessible to everyone in the company, even guests.

Why?  The folder’s access control list was configured incorrectly.

Why?  Chuck the intern configured that file server in 2007 and it hasn’t been reviewed since.

Why?  We don’t have a process to review file system permissions.

Why?  Because manually reviewing every folder’s ACL for problems is like searching for a needle in a haystack…and THERE’S ONLY THREE OF US AND A THOUSAND FILE SERVERS! SHEESH!

This fun little question-asking technique is called The 5 Whys.  It was developed by Sakichi Toyoda at Toyota to determine the root cause—and solution—to any given problem in the manufacturing process.  The technique has been borrowed by coders, sysadmins, and startup founders alike.

See, behind every technical problem is usually a human problem.

On the surface, it seems like the above fictional security incident was technical in nature – the ACL was configured incorrectly.  Deep down, however, the problem was the company’s non-existent entitlement review policy.

The 5 Whys technique encourages us to address the problem on multiple levels: fix the ACL, stop letting interns configure important systems by themselves, and institute a system for performing periodic entitlement reviews.

Sometimes it’s not feasible to immediately address every single problem uncovered, but 5 Whys suggests that if you make a proportional investment in the solution every time an incident occurs, you’ll eventually get to a point where you have an optimal level of protection against a given problem.  In our example, maybe you’d start by piloting entitlement reviews with a small business unit, or review just the super sensitive data sets.

The 5 Whys is an excellent technique for determining root cause so you can take reactive steps to ensure a problem doesn’t happen twice.  In my next post I’m going to talk about a new model for holistically evaluating your company’s risk profile so you can make proactive improvements.

Determining the Root Cause of a Data Breach With “The 5 Whys”

The jarring sound of an iPhone vibrating against a mahogany nightstand at 3:15am.  This can’t be good.  Server down?  Much worse: 50,000 sensitive files have been stolen from a poorly permissioned file server.  First, damage control.  Next, investigation.

Problem: 50,000 files were stolen.

Why?  The files were accessible to everyone in the company, even guests.

Why?  The folder’s access control list was configured incorrectly.

Why?  Chuck the intern configured that file server in 2007 and it hasn’t been reviewed since.

Why?  We don’t have a process to review file system permissions.

Why?  Because manually reviewing every folder’s ACL for problems is like searching for a needle in a haystack…and THERE’S ONLY THREE OF US AND A THOUSAND FILE SERVERS! SHEESH!

This fun little question-asking technique is called The 5 Whys.  It was developed by Sakichi Toyoda at Toyota to determine the root cause—and solution—to any given problem in the manufacturing process.  The technique has been borrowed by coders, sysadmins, and startup founders alike.

See, behind every technical problem is usually a human problem.

On the surface, it seems like the above fictional security incident was technical in nature – the ACL was configured incorrectly.  Deep down, however, the problem was the company’s non-existent entitlement review policy.

The 5 Whys technique encourages us to address the problem on multiple levels: fix the ACL, stop letting interns configure important systems by themselves, and institute a system for performing periodic entitlement reviews.

Sometimes it’s not feasible to immediately address every single problem uncovered, but 5 Whys suggests that if you make a proportional investment in the solution every time an incident occurs, you’ll eventually get to a point where you have an optimal level of protection against a given problem.  In our example, maybe you’d start by piloting entitlement reviews with a small business unit, or review just the super sensitive data sets.

The 5 Whys is an excellent technique for determining root cause so you can take reactive steps to ensure a problem doesn’t happen twice.  In my next post I’m going to talk about a new model for holistically evaluating your company’s risk profile so you can make proactive improvements.

An Enterprise VP Engineering’s Thoughts on Developing Software for the Mac

Varonis’ VP of Engineering David Bass shared his thoughts and opinions on the Mac development ecosystem and how it compares to Windows and .NET.  David and his team recently developed a Mac client for the company’s popular new DatAnywhere product – a secure, private cloud file syncalternative to Dropbox.

Q: Why did Varonis decide to develop a Mac client for DatAnywhere?

DatAnywhere is an application for business users, and as we’ve all seen, there’s been a big shift within enterprises – employees want secure access to data from any place, from any device.  We want to give our customers what they need and we heard them loud and clear about the importance of Mac, iOS, Windows and Android support, so we’re committed to building on each of these platforms.

Q: What was your overall experience like in developing on the Mac platform?

Since Mac OS X is based on the NeXTStep operating system which is a UNIX-like operating system based on the Mach Kernel and BSD, you might expect that the development environment would be very barebones.  The opposite is true – we have been extremely pleased with the maturity and robustness of OS X, Xcode, Objective C and Cocoa.  The developer community is really active and passionate, too. We have everything we need to build the kind of applications our customers have come to expect from us.

Q: What should someone coming from .NET development expect from Cocoa?

Cocoa is at least as powerful as .NET, if not more powerful in some aspects.  As in .NET, support for common things like UI, file management, localization and multi-threading are built into the framework and are very easy to make use of. However, with Objective-C, should you wish, you have greater control on the underlying framework – you can manage your own memory and easily change existing interfaces’ (Objective-C terminology for C++/.NET classes) functionality using categories. Additionally, the dynamic nature of Objective-C—everything you do is essentially sending a message between objects—makes it a very powerful language and certain programming tasks are easier than with .NET.

For instance, with Cocoa’s method swizzling you can easily replace the function of an existing method with a new implementation. This technique is particularly useful in cases where you don’t own the interface or don’t have the source code of the interface method for which you would like to change implementation.

Q: What are some of the resources your team used when developing DatAnywhere for Mac? 

Our development team is multi-disciplinary and can adjust quickly to any language.  In the end, writing code is writing code—regardless of the language.

A great resource we found very useful is the Objective-C Guide for C++ programmers by Pierre Chatelier (PDF here).

Q: How would you rate the API documentation?

The docs were very good for the most part (CoreData could use a little more documentation, though).

Q: How would you rate Xcode as an IDE?

Xcode is very good. I’d consider it to be on par with Microsoft Visual Studio.  It’s very full-featured and has everything a developer needs.

 Q: Apple has a reputation for not wanting to let software developers compromise or change the Apple experience (e.g., no flash on the iPhone).  Did you run into any road blocks or annoyances because of this?

Since DatAnywhere does drag-and-drop file synchronization between your Mac and your organization’s file servers, we had to integrate with the Finder app.

Our goal was to provide the user everything they need without having to leave the Finder or open an external app. For that we needed to add icon-badging (similar to MS shell icon overlay functionality in Explorer) and context menu options, which required a few workarounds.

Q: What does your Mac developer setup look like?  What hardware do you use?

We use Mac Minis for development with the latest OS X Mountain Lion 10.8.2 and Xcode 4.5.2.

In our QA environment we use OSX VM’s on VMWare ESX infrastructure.

Q: How can someone check out DatAnywhere?  Is there a free trial?

Just visit http://www.datanywhere.com and click on the big “Join the Beta” button.  Our engineers will help you or your IT department install the server component (it takes about 15 minutes) and then you can download any of our clients and start syncing data across Mac, iOS, Windows, or Android.

Thanks David!