I had a grand plan, but something happened. I was going to automate my little hobby henhouse. I created a video and a blog post where I reached out to all of you for support. And you responded: you sent me comments and blog posts. Henrik Söderqvist went as far as creating a video response. I am so grateful for all this support, but I have not been able to implement anything yet. A security backlash stopped me before I even started.
Hear me tell the story:
A change in leadership…
Do you remember Edward from the first video? Under his leadership, the flock never strayed far from the henhouse. That was nice. Just let them out and they would stay put. But Edward had a flaw: he was always a little cocky. He didn’t get milder or more civil with age. At the end, he was so agressive that I had to find a replacement.
…triggered a change in performance…
Enter Plato, not as loud, not as agressive, not as cocky but a much better leader — confident, curious and civil. Under his leadership, the flock increased their range. They no longer stayed in the back yard. Pretty soon, they started foraging in the front yard as well. I was worried that they might get attacked by loose dogs so I put gates back in the gateways. Gateways that had been left open for years now had barriers. A bit like what’s happening with the open borders backlash in the EU Schengen area. Pure coincidence, I’m sure.
…bringing balance back…
I felt pretty good about this. As the flock foraged throughout the whole yard they were going to restore balance to the galaxy. Sorry, I mean restore ecological balance to the garden. Like most gardens, mine also suffers from an infestation of snails. Hen don’t eat snails, but they do eat their eggs. I was looking forward to a summer with far fewer snails.
…but then came the security backlash!
Plato was not satisified with staying inside the walled garden. Under his insistent coaching and coaxing, the flock started jumping over the wall or through or under the gates. At first, it seemed like they didn’t want to stay on the road. They went back inside quickly even if there were no cars or pedestrians or dogs. With time, their confidence grew and they started foraging across the road.
Exhortations versus barriers
If they had been people, I could have educated them about the dangers of the outside word. I could have told them about dogs and cars and the red glade who would all kill a hen and not blink. If they had been dogs I could have taught them that they cannot leave the yard without permission. But they are not people and they are not dogs. There was no way I could keep them safe through exhortations to be careful. There was no way I was going to invest in IoT in the henhouse when I wasn’t even sure they were going to survive that long. (Watch out for the upcoming video where I discuss security training versus security mechanisms with Maxwell Keyte.)
Why did this happen to me?
How did I end up in this situation? I know I am not the only one who had to revisit IoT plans because of a security backlash. But what were the specific reasons for my problems? Had I fallen into the trap of thinking that things (the flock) will stay as they are (in the backyard)? Was it because I thought that leadership was less important than followership? Maybe I should have followed my own advice to grow teams organically? Perhaps my mistake was that my security focus was on the wrong things? The very thing I discussed with Jesper Kråkhede in an episode of Architecture Corner.
Security is about risks, all risks
I know, you know, we all know that security is a major concern for any IoT implementation. But usually, we only discuss cybersecurity. What happens if someone hacks cars or intersections or planes? Often cybersecurity is the elephant in the room. Outside the room and outside the house is a whole band of ferocious dinosaurs. And everywhere else is an armada of bacteria and germs who do not even have the capacity to care if we live or die. Security is supposed to be about risk management and risk minimization but we often fall in the trap of focusing on certain risks and ignoring others. Operational risks get far more focus than strategic risks. I guess that’s what happened to me. I focused to much on the operational risks of the temperature being too high or too low. I focused to little on the strategic risks, the life and death dangers that waited outside the walled garden.
A chain link fence
The real solution would be to put additional fencing around the entire garden. That would allow the flock to forage securely everywhere in the garden. But doing that would be costly and take long time. I needed a quick solution. I needed a minimum viable product. I elected to reinforce the existing fence between backyard and the frontyard with chain link. Doing this was easy and relatively cheap. After a few hours of work and 100€ of materials I was ready to call it a day.
The next day, it didn’t take many hours before the flock was in the frontyard again. I still don’t know how they were able to do it. Did they fly over the fence? Did they crawl under the fence? Did they take a long detour behind the sheds? I still don’t know. I have to solve this problem before I can do anything about the home automation in the hen house. IoT cannot thrive in the middle of a security backlash!