Blog archive - August 2012

Health IT Needed to Transform Patient Care The provision of health services is an exceptionally data-intensive endeavor. Of course, other industries are also very data-intensive but the health care industry has notably lagged in making use of advanced information technology (IT) solutions to manage and process vast troves of data. Health care data includes clinical medical information collected at the point of care, financial information resulting from highly complex billing and claims processing, and voluminous administrative and demographic data required as a result of significant legal and compliance requirements--all of which provides a rich resource for gaining knowledge and insight into best practices. Unfortunately, in health care, disjointed data is collected across highly fragmented systems that are still often predominately paper-based or, if electronically-based, are not usually amenable to interoperability with electronic systems used by various payers, providers, or government agencies. The whole thing is mess and everyone knows it but the good news is that this situation is rapidly changing today with the new emphasis on all things health IT, particularly advanced EHRs and new methods of health information exchange. Over the past decade, especially during the last five years, health care providers, including hospitals, have considerably accelerated their use of clinical IT systems such as EHRs. Thanks in no small part to the strong push from the federal government in the form of financial incentives provided by the HITECH Act, hospitals are focused on installing new EHR systems and digitizing clinical information that has traditionally been locked in paper-based silos. The growing adoption of health IT is key to the government's goals to transform our health care system, as laid out in the ONC's Federal Health IT Strategic Plan for 2011-2015 and summarized in the following chart - Growing EHR Adoption Drives Analytics Evolution to Next Phase The growing use of EHRs is a very positive development on the road to health system transformation. In the next phase, newly digitized clinical data will be combined with financial and administrative data to yield new insights that will improve the quality, efficiency, and safety of patient care. Over the past 20 years or so, hospitals have steadily increased their knowledge and capabilities around digitally gathering and analyzing financial and administrative information. Thus, the digitization of financial and administrative data is further along in the hospital setting than is clinical data. Furthermore, the use of business analytics or business intelligence has been in place in most hospitals to some degree. Unfortunately, most hospitals have yet to adopt sophisticated analytic approaches to the data generated from their new EHR systems, and they particularly have not yet integrated clinical data with financial and administrative data. Installing EHRs so that clinical data can be digitized and shared is the first step towards transformed health care. As EHR adoption grows, hospitals will need to aggressively move towards new processes and strategies to leverage clinical, financial, and administrative health data for the benefit of individual patients, patient populations, and the nation as a whole. Health care reform, the move to accountable care, and the prospect of bundled payments, or value-based reimbursement, are key drivers for the need to derive advanced insights from all forms of digital health data. Gaining value and insight from health data requires advanced, cloud-based data analytics solutions that pulls in data from all sources to provide both real-time and predictive insights, unlike the traditional retrospective, business intelligence approach of the past that mostly focused on financial analysis. Health data analytics is really a whole new approach to the analytics process that will impact every aspect of hospital operations. It is clear that the future of health care will be increasingly driven by advanced health data analytics utilized at every point of care. We believe that the urgent need to transform our health care system will require hospitals to increasingly invest in advanced data analytics solutions to monitor end-to-end care delivery across a variety of settings as well as to provide comprehensive reporting on performance and quality measures to a variety of stakeholders. Understanding the key imperatives driving this phenomenon is essential. We take an in depth look at this issue in our new report, U.S. Hospital Health Data Analytics Market, 2011-2016: Growing EHR Adoption Fuels A New Era in Analytics, part of Frost & Sullivan’s Healthcare & Life Sciences IT Growth Partnership Service program.

Introduction The importance of cloud-based M2M platforms cannot be overstated. The "Internet of Things" (IOT) will be comprised of billions of connected devices across numerous verticals. Cellular wide-area networks (WAN) will play an important role in providing connectivity "either directly or indirectly" to a good portion of the devices that make up the IOT. The IOT itself will be designed as a Network of Networks. Various short- and long-range technologies have to co-exist in order to facilitate data communication between these connected devices and the enterprise backend. The current IOT environment is in a state of near chaotic change, with new hardware, interfaces, network access technologies, application protocols and technologies, and other individual components added or deleted quite regularly. This creates massive complexities for the M2M solution providers, who have to take all this fragmentation into account when designing, implementing, and upgrading their solutions. Adding large amount of connected devices will also result in significant amount of data ("Big Data") that needs to be stored, analyzed, reported, and archived. The current state of the industry is comparable to the early days of the Smartphone revolution, where hundreds of thousands of application developers are testing new ideas to develop the next big application for the connected world. However, many of these efforts run the risk of not achieving commercial fruition, largely because of the fact the early innovators do not have the required expertise, resources, or time to address the industry fragmentation. Unlike the Smartphone or other types of connected display devices that have standardized around a few main operating platforms, the M2M space continues to grow rapidly, with each vertical having its own set of platforms and pre-defined (and sometimes rigid) way of implementing M2M solutions. However, all M2M deployments send data either proactively or in response to a specific command to an application over a public or a private network. Exceptional growth in M2M will lead to exponential increase in the amount of computing power required to effectively manage all that transactional data coming in from connected devices. These are some of the reasons why the M2M cloud providers - that can provide the necessary resources to application developers to help them get started with M2M application development and deployments with relative ease - are expected to see significant adoption for their services. A well-designed and appropriately priced M2M cloud platform can certainly provide a cost-effective way to introduce new M2M applications to the market. In the past, M2M application providers have had little choice but to develop and manage the entire communication system on their own. This was a very costly affair, and clearly was not a very scalable approach. Cross-vertical communication between M2M applications (such as an electric vehicle and the Smart Grid) is important to help derive maximum benefits from the connected devices revolution. Security and compliance requirement are also evolving rapidly, and this places an additional burden on M2M solution providers who have to ensure that their deployments are in line with the key expectations of their customer and the regulatory authorities. In many cases, ongoing audits and certification requirements can place additional economic burden on M2M deployments, especially those that are custom built to serve the need of a one particular customer, industry, or a vertical. The application layer and the Infrastructure (or the platform) layer are the two main high-level components of M2M cloud platform deployments. M2M application developers should be able to focus on application development without having to spend too many resources on infrastructure. That is where the cloud-based M2M platforms come in. In many cases, M2M cloud platforms are designed to support hardware deployments of a particular module vendor (that may have a client agent pre-installed on M2M endpoints). However, in the long run, M2M cloud platform providers will have to extend their services to both in-house as well as to other industry participants’ modules by providing access to the necessary interfaces and on-device client software (if implemented as part of the connectivity architecture). Here is a profile of a company (Axeda) that has been a pioneer in M2M and has helped address many of the M2M application development and deployment challenges. About Axeda Axeda provides the leading cloud-based service and software for managing connected products and implementing innovative M2M applications — taking the cost and complexity out of connecting and remotely servicing the products of the world’s leading companies. Axeda customers use its M2M cloud service to deliver innovative M2M solutions and optimize their business processes with data from their connected products. By relying on the Axeda M2M Cloud Service to power their connected products, companies are literally transforming their business by improving customer satisfaction, reducing costs, and generating new sources of revenue. The M2M solutions behind these connected products range from remote service, fleet management, usage-based insurance, asset tracking, mHealth, and more. Key Offerings and Value Proposition The Axeda M2M Cloud Service provides an advanced cloud-based software for managing connected products and assets and implementing innovative M2M applications. The service provides companies with a secure and scalable M2M data integration and application development platform, connectivity over wired or wireless networks, and out-of-the-box device and asset management applications to reduce the cost and complexity of implementing M2M solutions. The Axeda M2M Cloud Service includes: Axeda® Platform, a secure and scalable data integration and application development platform with M2M application services and data management features for building and managing an M2M solution. Axeda M2M Connectivity, a family of software agents, libraries, toolkits and services for establishing connectivity between assets and the Axeda Platform, using a variety of communication methods (Internet, WiFi, satellite, and the AT&T network). Axeda Connected Product Management Applications, a suite of out-of-the-box web-based applications spanning remote service, remote access, and software and content distribution that enable companies to manage connected products and remotely identify, diagnose, and repair issues. Source: Axeda The Axeda Platform The Axeda Platform is a complete M2M data integration and application development platform with infrastructure delivered as a cloud-based service. With the highest levels of scalability and security as well as powerful development tools and flexible APIs, companies can quickly build and deliver custom M2M applications for the most demanding requirements and integrate M2M data into key enterprise applications and systems. The Axeda Platform includes: M2M Application Services – Allows developers to extend and customize the core platform functionality via a powerful embedded scripting engine and a rich set of Web Services for both SOAP and REST consumption. M2M Integration Framework – Accelerates integration with the Axeda Platform and enterprise systems with standards-based message queue technology. M2M Data Management – Processes and stores incoming M2M data; manages device and asset types, data items, locations, alarms, and files; and includes built-in security for managing users, roles, user groups, and device groups. Source: Axeda Axeda M2M Connectivity The Axeda M2M Cloud Service includes M2M connectivity services, software agents, and toolkits that enable companies to establish connectivity between their devices or assets and the Axeda Platform, while allowing them to choose the communication method and hardware that best suits their needs. As a result, companies can connect to any product using any device, over any communication channel (cellular networks, the Internet, WiFi, or satellite), for any application. Axeda M2M Connectivity Services includes three types of solutions depending on the class of device or asset that needs to be connected. Firewall-Friendly Agents - Software agents that run on Linux or Windows and install directly on assets or a networked gateway computer, connected to corporate assets. Wireless Agent Toolkits - A Java or ANSI C library for embedding Axeda connectivity into devices that can be compiled into a company’s own software and executed on a wide array of computing hardware and platforms. Device Protocol Adapter - A device communication server that connects to any M2M message protocol and can be extended with custom CODECs (coder/decoders) that translate the device’s native communication format into a form that the Axeda Platform can understand and process. Policy Server - A server-based software application residing on the customer’s network, Axeda Policy Server provides a comprehensive and granular set of permission settings that continuously governs Axeda Agent behavior for all devices at the customer location. Axeda Cloud Service As an advanced cloud-based software for managing connected products, the Axeda M2M Cloud Service is delivered as Software-as-a-Service (SaaS) via its ISO 27001: 2005-certified data centers, backed by complete security, scalability and infrastructure, and first-class operations and customer support. With Axeda’s on-demand service, enterprises enjoy all the benefits of the Axeda M2M Cloud Service without the challenges and overhead of administering and implementing the technology and infrastructure. Axeda’s on-demand service provides customers with a pay-as-you-go model that minimizes risk, and enables rapid deployment for faster ROI. Additional benefits include: Rapid and easy implementation - Reduce initial project implementation requirements as well as the struggle in gaining IT approval and ongoing support. Lower up-front costs and minimized risks - Take advantage of much lower upfront capital investment. An annual subscription fee enables companies to easily incorporate the on-going annual expense into planned budgets. Focused on the business, not IT infrastructure - Free organizations from supporting high-cost, time-consuming IT functions. These include purchasing, supporting, and maintaining the server infrastructure, equipment redundancy and housing, and the labor-intensive patch and upgrade process. Faster time-to-value - Reduce the time required to install licensed software and instead use Axeda’s first-class on-demand center that undergoes an annual SAS 70 examination to accelerate the solution deployment time. Greater end-customer acceptance - Enable end customers to preserve their own security policies and network protection. Security certified by a trusted third party, Axeda's cloud service gives the assurance needed to ease adoption of the solution by even the most security-focused customers. Enterprise security, availability, and scalability - Rely on Axeda’s secure and scalable infrastructure built on state-of-the-art hardware and software investments with its operational expertise. Ongoing management is performed by experts in the Axeda application, networking, security, hosting, data protection, and database administration. Custom application hosting – Companies can host the custom applications that they build and deploy on the Axeda Platform at Axeda’s on-demand center, simplifying the maintenance and administration of complete M2M solutions. Key Customers and Partnerships More than 150 of the world’s leading companies, including Abbott, Diebold, and EMC, rely on Axeda to get to market fast with their connected product solutions at the lowest total cost of ownership. A partial list of Axeda customers is available at http://www.axeda.com/community/customers/all/a The Axeda Partner Ecosystem includes a wide range of device/module OEMs, Mobile Network Operators, System Integrators, Enterprise Application Providers, Logistics Solution Providers, and others. A partial list of Axeda’s partners is available at http://www.axeda.com/community/partners/find-partner In January 2012 Axeda announced an exclusive multi-year U.S. reseller agreement with AT&T, which delivers the AT&T M2M Application Platform Powered by Axeda -- designed to help businesses and organizations get to market faster with innovative M2M applications. Final Word By providing end-to-end application development, connectivity, and service and support capabilities, Axeda has emerged as a major industry participant. There is tremendous opportunity in M2M, and companies such as Axeda will continue to see good traction for their offerings.

Security research wizard Rodrigo Rubira Branco discussed how his Dissect.pe Project can bring value to organizations globally. At the beginning of my sit-in, I learned that the security researchers were all from Brazil. I have to admit that I love Brazil due to its festive culture and their cuisine. It should definitely be on your vacation bucket list of ‘must-dos’. But what you must also know is that it possesses some of the most dedicated, highly intelligent security researchers in the world. Let's take a briefing on where malware stands today. Malware has been a huge thorn for the corporate world these days. According to Panda Security, malware has hit a record high of about 26 million new strains found in 2011. This is quite concerning, considering that corporations and government agencies are trending to bring-your-own device (BYOD) laptops, tablets, and smartphones for their employees. This is because organizations must harden security strategies to protect these BYODs against sophisticated malware or otherwise face a possible catastrophic loss of valuable IP data. But detecting these malware payloads is one of the key challenging aspects security intelligence analysts must endure. While attentively listening to the A Scientific (But Non Academic) Study of How Malware Employs Anti-Debugging, Anti-Disassembly and Anti-Virtualization Technologies lecture, I was delivered some fascinating, yet daunting results in the challenge of combating evolving malware. Security researcher Rodrigo and his colleagues, Gabriel Negreira Barbosa and Pedro Drimel Neto, discussed how counter-detection methods were being used extensively in millions of malware samples which have been analyzed under their Dissect PE Project. This project is a scalable and flexible automated malware analyzer engine that provides feedback to the security community. Dissect PE allows the security researchers to use ‘plugins’ that can use any computer language (C, Perl, Python, etc) to output malware analysis. This project is being made public and allows security researchers, the media, and partners to share their malware code analysis within this portal on a global level. Some interesting facts that I discovered: There are 10 dedicated machines located in São Paulo, Bauru and Germany It receives 150+ gigabytes of malware samples per day A total of 30+ million unique malware samples have been discovered so far So what? So why is this important? We already have companies like FireEye, Bit9, Websense, Symantec, Cisco, McAfee and Damballa performing malware analysis. Well, as it turns out, the recent results that Dissect.pe outputted showed that at least four different Anti-Reverse Engineering (Anti-RE) techniques can detect and even compromise software/hardware processes in order to evade malware detection. Let me briefly provide a definition for each one, as the lecture mentioned: Anti-Debugging - Techniques to compromise debuggers and/or the debugging process Anti-Disassembly - Techniques to compromise disassemblers and/or the disassembling process Obfuscation - Techniques to make the signatures creation more difficult and the disassembled code harder to be analyzed by a professional Anti-VM - Techniques to detect and/or compromise virtual machines Even more interesting was the fact that Anti-Virtual Machine detection (Anti-VM) techniques were the most common category discovered. This is because security vendors are commonly using virtual boxes to capture and analyze malware. So the big question to ask is: Will executives who have purchased commercial security solutions still be awake at night because of insufficient malware detection power? My answer is yes: If security companies are still under the impression that their dedicated malware analyzers are doing an adequate job in determining the presence of malware, then we are in big trouble. This is because malware authors are continuing to rewrite malicious codebases to adapt to these detection systems daily. And with Rodrigo’s findings, it seems the security intelligence community now has a two-fold job in malware analysis: Determining if the threat is malware and if that same malware package is trying to avoid detection by using the four listed techniques! I have to be forthcoming; I was extremely pleased and ‘sold’ on this project. The real value from using Dissect PE portal serves as a sanity check and as a means to double-check other malware findings on other systems. But as Rodrigo mentioned, there is much more work to be done, and asks other security researchers in the world to include their findings and add their improved algorithms into the project in order to continuously counter these malware evasion techniques. Rodrigo comically stated that “Brazilians are not that lazy” and they “missed a lot of parties” due to analyzing these millions of samples. But this is the passion that is needed to defeat this never-ending battle against malware.

Every once in a while, you read something that really blows your hair back. Few things are better than having a moment of enlightenment – having a new idea presented to you that helps you make sense of your world in a better, simpler, way. That’s what happened to me when I came across a book from the 1960s entitled The Structure of Scientific Revolutions. This book’s author, Thomas Kuhn, argued that periodically practitioners of a shared discipline find that the framework (or paradigm) in which they operate has been undermined by a series of events that cannot be explained by the prevailing paradigm. If they continue to accumulate, these incidents combine to create a state of crisis. Out of the crisis and the chaos come a revolution and out of that an altogether new paradigm – a new way of looking at the world, a new framework for working, existing, and thinking. What an incredibly simple, but sophisticated, concept: a period of stability, followed by a period of chaos, followed by a new order of things. I know the phrase “paradigm shift” is no longer new, but that didn’t make it any less earth-shattering to me when I first came across it. This idea has deeply, fundamentally affected the way I look at things, and it certainly affected my approach to writing the growth process toolkit for technology strategy, which I have discussed in my two previous blogs. We are living through a paradigm shift right now – each of us trying to make sense of the chaos and searching for clues of what the new paradigm will be. Funnily enough, my own life is in the midst of something of a paradigm shift itself. I’m already a mother to a wonderful two-year-old boy, and I am about to have a daughter. My stable world will soon, to quote myself, find itself in a state of chaos. What will the new paradigm look like? And what is my daughter’s paradigm going to be? How will she look at the world? What truths will govern it? I’ve been thinking about this a lot lately – what do I want to teach her? What do I want her to like (hint: old movies, Esther Williams, sparkles)? What do I want her to not like (hint: scary movies, New York Giants, sugar)? What things do I really want her to believe? At the risk of falling into platitudes, I thought I’d share a few of my lessons with you all (no guffaws or eye-rolling allowed, I don’t care if it’s cyberspace). Fred Astaire made it look easy. The lesson: the harder you work, the more effortless it will seem. There is no substitute for hours upon hours of practice, frustration, setbacks, and breakthroughs. Talent alone is one step above laziness. Find your brilliance. My dad used to tell me, you’re probably not going to be a genius at everything. But you might be lucky enough to be a genius at one thing. Have the courage to run at that strength with everything you’ve got. Use your words. The English language is a wondrous thing. Treat it with respect. Learn your grammar. Diagram sentences. Speak properly. Write beautifully. Read E.B. White and P.G. Wodehouse. Listen to Cole Porter. Daddy’s wrong about Mommy’s movies. Just because it’s old doesn’t mean it’s outdated. I know there’s something to be said for special effects, but could any technology of today improve upon Gone With the Wind? I rest my case. The past is a treasure trove of awesomeness. Every day is a happy day. Start every day believing that it will be better than the one preceding it. Never think you’ve peaked. What was the line from Anne of Green Gables? Each new day is a new beginning, with “no mistakes in it.” Isn’t that comforting? Anyway, this is sort of my blogging swan song, at least until November. So with that, I leave you all with a few thoughts: 1) I just recorded a podcast revisiting the concept of technology strategy (its opportunities and risks, success stories and cautionary tales), and I’d love for you all to take a listen. Please forgive my voice – I’ve been battling laryngitis. My husband says I just talk too much. 2) If the toolkits seem interesting to you, take note: There are 10 of them! You can see them all here. 3) If you’re not a member of Growth Team Membership, and therefore can’t access these materials but would like to, let us know. 4) Enjoy the Olympics! Enjoy Halloween! I’ll see you at Thanksgiving! As always, happy computing. Katherine Burns Katherine is the Director of Strategic Communications for Growth Team Membership, a premier best practices research group within Frost & Sullivan. You can follow her on Twitter: @KatherineSBurns.