Mash-Ups Coming soon to a desk near you

Once firmly in the domain of IT departments and systems integrators, a new more nimble form of data aggregation will be popping up at a desk near you. In his latest column, Ian Gotts looks at the rise of the Mash-up, how the value of a data is proportionate to its level of aggregation and why businesses should be concerned.

A new word has entered the technology lexicon – mash-ups. The concept is simple – take 2 or 3 streams of data and put them together and the sum is greater than the parts.

I was speaking at a recent CIONet event in Amsterdam and was asked after the session for my prediction for the next 5 years. I declined to make predictions but pointed out that I got off the plane at Schipol, checked my calendar on my iPhone, clicked on the address in the event item which launched GoogleMaps. The iPhone knew my location and I asked for directions by public transport, which was served up including the time of the next train and walking directions from the railway station. In one click it enabled me to see a picture of the building I was aiming for.

As little as 12 months ago all that would have been sci-fi.

This is a classic example of a mash-up and as more and more data is made publicly available via a web service or URL these mashed-up apps have become more powerful. They are changing the way we think, live and work. I couldn’t leave home without my iPhone – not for its value as a phone, but for functionality such as GoogleMaps, TripIt or Shazam.

But the concept of a mash-up is not new. Mash-ups are called systems integration inside the IT departments of corporations. The difference is just that most enterprise applications have not been designed to expose data so easily so the task of integration is far more laborious. But that is changing with a concept termed SOA (Service Oriented Architecture).

A lot can be read into to the terms; mash-up suggests chucking things together and stirring them up. Not elegant or structured, but effective. I.e. Bangers and Mash; Service Oriented Architecture sounds like it is planned and thought through and is done right, more like a Scallop soufflê.

And therein lays the problem. Mash-ups are making their way into corporate world as part of the Stealth Cloud (i.e. cloud computing that sneaks into your business quietly, unseen and unnoticed). It describes how business users are finding and using applications or services delivered over the internet without the knowledge, permission or support of the CIO and the IT department.

So what is the problem? Surely this is the business driving innovation? The problem is that business users, focused on business benefits doesn’t realise that they are putting their businesses at risk; security, compliance and reputational. The issue is that the aggregation multiplies the issues by some sort of power law based on the number of feeds.

A number of years ago, well before the internet was even thought about I was working on the logistics IT strategy for an air force. They had disconnected systems – islands of automation – and wanted an IT strategy which would give them an integrated view.

So they had a maintenance system which showed the aircraft maintenance schedules. They had systems for resource scheduling – pilots, air crew, support staff. They had systems for tracking munitions. Each system had a security clearance level. Each had a business value.

But collectively things changed. An integrated system which could show the readiness of aircraft to take off fully armed has significantly more strategic importance. It was deemed so important that very few people had the correct level of security clearance to use the systems. It also opened up other opportunities to drive new levels of effectiveness from the collective assets of the air force and therefore had significantly more value than the sum of the individual systems.

Roll the clock forward to today and you have internal systems integrated by IT departments and SI consulting firms. The data, for the most part, stays within the corporate firewall and with the CIO worrying about security accreditation, business resilience and ROI.

But probably none of these are factored into the minds of those creating mash-ups. Remember the name – "mash up".

Certainly the business users who are using these services aren’t even aware of the issues that need to be addressed. The beauty of mash-ups is that they are often using hosted data which is what makes them easy to create and deploy and therein lays the challenge.

For instance, somebody comes up with a cool way to mash up TripIT data about people’s travel schedules, their phone location services to work out where they are along with Google Maps and then add a little information about the individual such as their home address. Suddenly we have an application which tells me when any individual is travelling and not at home. Sounds like the perfect app for thieves to case your home and then turn up and empty it. If you could add your Amazon purchases to the mash-up the thieves could even plan what they were going to take beforehand.

Now that doesn’t mean that applications that aggregate data shouldn’t be used. It is just that the value and security associated with using them should be considered more carefully. For the business user that may mean consulting with the IT department.

And don’t worry, there is a now an app which combines the IT Dept’s system outages, their coffee intake and hormonal patterns to determine the best time to go and talk to them.