The Hype Cycle and Cloud Adoption in Physical Security
Posted on Thu, Nov 18, 2010 @ 01:34 PM
Those of you who follow IT trends will already be familiar with the famous Gartner Hype Cycle, which posits that new technologies go through a predictable series of phases before becoming useful and then widely adopted. The model illustrates these phases in the curve below.
Source: Gartner, Inc.
In the case of cloud computing in the general IT community, we’ve lived through a good number of these cycles, and today there are many examples of great products and companies that have made it all the way into the final productive phase.
The physical security industry, however, typically lags the general IT industry—anywhere from a couple of years to five or ten, depending on the technology. This adoption cycle time lag is shown in the figure below, and it raises this question: Where are we now, where are we going, and what can the IT industry tell us about our path?
As soon as I started to think about this, it became obvious that there is no one answer to the question. That’s partly an effect of following a trend—some early adopters got off to a quick start while others are still mulling it over. Overall, though, I came to three conclusions about where the physical security industry stands on this curve:
① While no one doubts that as recently as 2009 “the levels of hype around cloud computing in the IT industry are deafening,” I don’t believe we have yet reached maximum hype level in the security industry. Certainly there has been a huge uptick in press, vendor announcements, conference agendas, and the like, but my prediction is we will continue to see these types of signals crescendo throughout the next year. So, I am placing at least a part of the industry on the first slope of the second adoption curve below ①.
② Among early adoptersthere is a trickle of stories out there about disillusionment with so-called cloud offerings that are actually just standard client-server offerings relocated to an external data center.
We’ve written about this before as “cloud washing” and “hide the server”, but now we’re hearing more such war stories from the field. They tend to fall into two categories. The first is about products that don’t work well through firewalls--an effect of trying to run a client-server application “backwards” through the corporate security perimeter. The second is about applications that restrict user control and access to data—usually a result of service providers trying to share a single-tenant application across multiple end user organizations, which means you can’t allow them full access to the application. Both of these observations support the notion that some parts of the industry have already landed in the “trough of disillusionment” ②, albeit mostly due to bad practices and false advertising.
③ Finally, we get to the “Plateau of Productivity” part of the curve, and we are seeing success here among what I am calling the “right apps”. These applications share several characteristics. First, they are natively multi-tenant, meaning they can support millions of users on a single instance of computing infrastructure. That’s important not only to get the access and security model right, but to provide the economies of scale that is the real promise of cloud computing. Second, they respect the medium. By that I mean they take advantage of the Internet’s ability to provide widespread connectivity across geography—say, for a retail chain that wants uniform access controls across many locations. But it also means not trying to do something dumb like just flat-out replacing 32-channel DVRs with hosted video storage and flatten your customer’s network—and wallet. So, for these “right apps” I place at least some of us in the industry at ③ on our curve.
So, there you have it. Let’s check back next year around this time and see how I did at predicting the future.
- Steve Van Till