Why Mobile App Developers Need Situational Awareness to Manage Risk
|Charley Rich in Enterprise Wednesday, August 27, 2014|
As organizations in healthcare, finance, heavy industry and ecommerce increasingly rely on mobile technology, the stakes of cascading failures become tremendous. When the Apple App Store launched in 2008, people downloaded novelties like PhoneSaber, Flashlight and Bump – failure was an inconvenience without business risk.
Now, application failures in a myriad of devices can cripple entire enterprises. If innovation continues to outpace our risk management abilities, disasters will occur. A mobile “Internet of Things” will become unwieldy at best and life threatening at worst. What happens when the systems behind self-driving cars or a fleet of drones fail? How do mitigate this type of risk?
To avoid catastrophes, we must evolve from a siloed risk management approach to unified performance analysis (UPA). We can model this strategic shift on “Situational Awareness” (SA), a model of thinking favored by military strategists.
How the Coast Guard Manages Risk Through Situational Awareness
The U.S. Coast Guard Team Coordination Training Student Guide defines Situational Awareness as “…the ability to identify, process, and comprehend the critical elements of information about what is happening to the team with regards to the mission. More simply, it’s knowing what is going on around you.” SA is used in the Coast Guard and other military organizations because it detects problems before they threaten lives. The model is ideal for IT risk management because it acknowledges complex, unpredictable systems.
SA training teaches Coast Guard team members to detect when something is amiss. Standard operating procedures are at the core of this process. Deviation from standard procedures always indicates that SA has been compromised. Team members share knowledge of everyone’s goals, tasks and responsibilities in order to recognize these deviations. Everyone is responsible for identifying, analyzing, communicating and addressing abnormalities – regardless of their specialty or rank.
In the Coast Guard world, SA is binary – either you have it or you don’t have it. As the training manual reports, analysis of navigational mishaps for cutters and boats found that 40% were due to a loss of situational awareness. That is why the SA process is 24/7 and continuous for the length of the mission. “Data” must be collected, analyzed and, if necessary, acted upon rapidly.
Deriving Unified Performance Analysis from SA
In the Coast Guard, every team member is responsible for maintaining Situational Awareness. Currently in IT, responsibilities for monitoring and diagnostics are siloed. It is like a military base without any radios. Each watchman looks out into the distance from a separate guard tower, and when danger appears, he can’t communicate it to his brothers-in-arms. They will only discover the danger when it reaches their geographical areas. Without consolidating information from multiple sources, no one can see the overall picture. To adapt SA to IT risk management, we need to embrace a unified performance analysis strategy (UPA).
Similar to SA, UPA is a way of surveying data from multiple sources to form a coherent picture of application performance. It’s the difference between looking at individual puzzle pieces versus the finished whole. UPA allows a devops practitioner to see the entire system and evaluate each part in relation to all others. Like SA, UPA doesn’t care who or what collects the data. Coast Guard SA cannot function without continuous data collection by every team members, and SA doesn’t discriminate by rank, location, age, gender or paycheck. In UPA too, instrumentation is abstracted from the analysis of information.
Essentially, we have schema of standard operating procedure for every IT system, and when reality deviates from this narrative, we know the system is misbehaving. To get back on track, we just have to look at the abnormality the way a doctor looks at symptoms. The problem is not, for example, a fever or headache, which are just symptoms. The real problem is strep throat. IT currently studies symptoms without ever making diagnoses. UPA can address this problem.
IT: Be Heroic
To evolve IT risk management and mobile disasters, IT should emulate Situational Awareness through unified performance analysis. UPA will minimize the risks of cascading failures and improve business availability by reducing the regularity and duration of outages.
As we rely more on digital and mobile technology to ensure security and enable transactions in dozens of industries, IT’s burden will only grow. They will be responsible for distinguishing all the false alarms from genuine risks. By holistically addressing problems, rather viewing symptoms through a microscope, IT can detect early indicators of a problem long before a cascading failure begins.
Instead of monitoring individual technologies with individual toolsets, let’s survey situations propagating across networks, servers and applications, and thereby eliminate silos. By algorithmically analyzing events across all sources, IT will identify patterns that actually narrate the situation. The way traders continuously monitor market data and live news from multiple sources, IT will absorb and use all the data at its disposal. IT heroes will prevent catastrophes rather than clean them up after the fact.
Risk management is a strategic art form and will always depend on human judgment. In the digital world, we just need better ways to exercise that judgment if we are to preserve all the benefits of an interconnected world.
Read more: http://www.nastel.com/
This content is made possible by a guest author, or sponsor; it is not written by and does not necessarily reflect the views of App Developer Magazine's editorial staff.