Sramana Mitra: Very interesting. You were a services and solutions company. It sounds like you have built this whole system from scratch. How is it that there aren’t off-the-shelf systems out there from the people who do retail enterprise software?
Michael Martin: There are and they’re coming. For us as an integrator, we’re not as interesting in being the sole provider of the technology. Our interest is either helping people figure out how to apply existing commercial technology to their business and being their integrator. We help them deploy in a secure manner and also to deploy it at scale.
One thing that we do to add value to customers is, we’re very good at doing projects that involve lots of people in lots of places touching lots of things. That grocer, for example, had hundreds of stores. Once they decide the technology that they want to deploy, they need help in actually getting it in their stores as quickly as possible in a predictable way. We don’t try to be the sole conceiver, constructor, and deliverer of the technology. We’re happy to assist whether we’re helping build it from scratch or helping them use commercial off-the-shelf solutions.
Sramana Mitra: I imagine, in rolling out this particular solution for the grocer, you evaluated what’s available off-the-shelf and what components you should integrate. What did you learn about the state of the union in the retail enterprise software space as it pertains to an IoT application like what you described?
Michael Martin: I think that’s the existing air gap. The concepts are fantastic. Finding a mature and secure solution that a retailer feels comfortable deploying at scale is still the hurdle. In the retail industry for example, everyone still has fresh memories of the data breaches like Home Depot. There’s a lot of reluctance to introduce new attack surface area into the environment. I think the process evolves quickly up to the point where it needs to be operationalized. When we explore, what I would call, the commercially viable elements of that type of solution, we’re not seeing somebody knock it out of the park yet and somebody emerging in a way that retailers are ready to adopt at scale.
Sramana Mitra: In the installation that you did in this particular use case, what security measures did you take?
Michael Martin: Just to be clear, we just did the prototyping. They haven’t actually selected a scale platform yet. We just helped them in that experimentation phase. As they do, we have to think about the security at the device level, at the communication level, and at the access level.
One thing that is often overlooked is the actual physical security. When you have people working in a retail environment, there have been high-profile cases of people showing up and impersonating people to work on various technologies. When we send a resource into a retail environment, how do we provide credentials to that resource so that the local store management knows that that person is there to do a specific thing. There’s a lot of security that goes into it, and not all of it is cyber security. There’s a lot of brick-and-mortar security that also has to be taken into account.
Sramana Mitra: I actually find it reassuring to hear that people are pausing and not mindlessly rolling out all these, as you say, surface areas that are amenable to breaches and violation. I think one of the things with Internet of Things and opening up any operation to this level of breach possibility is very risky.
Michael Martin: Without question, it’s a real risk. The technology landscape is still very fragmented. There aren’t unifying standards. There are emerging protocols that are becoming standard. They’re not completely homogeneous or final and people are still reluctant to go too far out on a limb. What we see a lot of people wanting to do is, prototype things at small scale and be very cautious about deploying something at a large scale.