The Industrial Internet of Things is Like Football

Russell Wilson

The Industrial Internet of Things is a lot like football. Sensors relay data to devices like a center hikes the ball to a quarterback.

Devices send telemetry to IIoT platforms like a quarterback passes the ball to a receiver. IIoT platforms ingest data like a receiver catches a pass. I think you get the idea.

Is your company enjoying positive outcomes through the use of an Industrial Internet of Things platform?

Connect > Collect > Analyze > Act

It’s Time for one Mobile Database to Rule Them All

WashingtonDC

Migrate Win32 applications using a mobile database like FoxPro, dBase, Access and SQL Server Compact to SQLite across all mobile devices.

If it weren’t for desktop databases and learning SQL, my career as a developer may never have launched. I learned dBase for DOS in college, moved on to Paradox when Windows arrived on the scene and then fell in love with Access. I want to take this moment to say “I’m sorry” to all the IT departments that watched in horror as workgroup-level Access databases spread like wildfire on NetWare, Windows for Workgroups and NT servers to take over the corporate world. Employees who weren’t developers or DBAs were empowered to build their own solutions.

When devices for the mobile enterprise arrived in the late 90s and early 2000s, new databases like Sybase SQL Anywhere and Microsoft SQL Server Compact picked up where their desktop forbearers left off. These tiny relational engines brought serious business apps to life with built-in data sync with server databases. Today, platforms like iOS, Android and Windows are the biggest game in town and the only mobile database that runs on all of them is SQLite. From a pragmatic standpoint, this open source, cross-platform database with ACID (Atomicity, Consistency, Isolation, Durability) support should be your choice to give enterprise mobile data apps the broadest reach. Don’t worry about SQLite just being the database flavor of the week. It supports SQL-92 and works with most programming languages. It has a public domain license and has been around since the year 2000. It also happens to be the most widely deployed database in the world.

Improve user productivity and increase revenue by using a mobile database that works with every device and keeps your apps working with or without connectivity. Which desktop, mobile or embedded databases are you currently using?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Keep your Mobile Data Safe when Apps Talk to Each Other

Miami

Convert Win32 applications using local interprocess communications (IPC) to mobile apps that securely send data to each other via contracts.

In the 90s, platforms and programming languages allowed developers to call functions that were increasingly farther away from the calling code. Calling into subroutines gave way to instantiating classes to call functions. Calling exported functions in separate C DLLs gave way to using Object Linking and Embedding (OLE) to call functions in separate programs. You could even embed the UI of a different program like Excel inside your app.

Developers went nuts with this stuff and started calling functions or passing messages to other local apps using Named Pipes, Mailslots, shared databases, TCP, UDP, message queues and shared files. On Windows Mobile, point-to-point queues were used with multiple executables to get around app memory limits. The problem with IPC is that security took a back seat and apps were just asking to be hacked as they listened for incoming connections like little web servers.

Today’s modern mobile platforms don’t allow this. Platforms require things like contracts, intents and extensions. They declare API interactions and what information can be shared between two apps as well as the files they can open. Users are prompted to give their permission to this type of interaction between apps which prevents data leakage at the device edge.

Reduce risk to your business by migrating your apps to a more secure method of data sharing between app sandboxes. What is your organization doing to secure app data sharing?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Reduce Business Risk by Enforcing Security Policies on Data with Digital Rights Management

Denver

To enforce data security policies directly, get an EMM solution with digital rights management to protect data where it flows & rests.

So far, our EMM journey to secure corporate data has dealt with the issue by broadly securing the entire device via MDM or more narrowly securing the apps that deliver the data using various MAM techniques. The application of security can get narrower still.

The use of digital rights management (DRM) allows IT departments to apply policies directly to documents keeping data secure no matter where it flows or resides. Sometimes DRM is clumped-in with the broader mobile content management (MCM) component of EMM. This security applied directly to data is an effective method of DLP using a combination of enterprise directory services, encryption, user identity along with server and client software to keep information in sensitive files from being viewed by the wrong people or systems.

Imagine the scenario where a confidential business document is uploaded to an Internet file sharing provider or emailed to a competitor. Traditional corporate security mechanisms like firewalls or file server access controls lists won’t save you in this situation. If DRM encryption and security policies were previously applied to this document, it would be unreadable by anyone who tried to open it. This is arguably the most difficult of the EMM security components so not many vendors will offer this.

Reduce risk to your organization by keeping sensitive data secure no matter where it travels or where it rests. What is your company doing to protect its critical data?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Improve User Productivity by Utilizing Cloud Services to Better Serve Mobile Employees

Mobile employees working around the world are best served by globally distributed cloud services + replicated data with low network latency.

Your organization may have customers and employees distributed all over the world. These people have neither the time nor the patience to wait for data to travel great distances over land or though undersea cables. If your business is currently serving your constituents via an on-premises network or a regional data center, you’re not being responsive to their needs.

Take advantage of services provided by top-tier cloud providers with data centers distributed throughout the world. Narrow your list based on analyst and other trusted reviews of Platform as a Service (PaaS/Cloud development) and Infrastructure as a Service (IaaS/Virtualization) capabilities. Further narrow the list based on network capacity, redundancy, disaster recovery, data handling, support your existing server operating systems, databases, programming languages, and connectors to line of business systems.

Whether lifting and shifting existing systems or building new ones in the cloud, you must go beyond just load-balancing within one or two data centers. Your websites and APIs must be distributed globally so customers and employees are automatically directed to the nearest data centers for the best performance. Additionally, the databases that power these systems must be replicated everywhere so everyone is looking at the same data. One word of caution I’d pass along is to be cognizant of data sovereignty requirements that may limit data flow to a particular region or country.

Improve user productivity and increase revenue by providing fast and reliable access to corporate data to employees anywhere in the world. What is your organization doing to support its global workforce?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Mobile Strategies for Business is Now Available

Book Cover

I’m pleased to announce that my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform Your Business” is now available.

Mobile Strategies for Business is the first book to clearly explain how executives can digitally transform their organization through a simple, step-by-step process.

The mobile tidal wave has permanently transformed the consumer world and now it’s washing up on the shores of the enterprise. This drives the need for an enterprise mobile strategy to mobilize existing applicationsmodernize infrastructuresbuild new apps for employees and customers, and bring order to your environment via enterprise mobility management. Mobile Strategies for Business guides you through this transformation and drives positive outcomes including reducing expensesimproving employee productivityincreasing revenueboosting user engagement and reducing risk.

Based on the top 50 most important enterprise mobility concepts spanning four major topic areas, Mobile Strategies for Business is the first book to clearly explain how to digitally transform your business through a simple, step-by-step process.

You’ll learn how to address the following organizational challenges:

  • How to transform IT infrastructures that are wholly unprepared to deliver on the promise of Mobile and IoT for employees and customers. Learn how to enhance performance, scalability, bandwidth and security to support today’s mobile and cloud workloads.
  • How to reconcile the convergence of the Bring Your Own Device (BYOD) phenomenon and the need to keep corporate data secure. Learn how to support the flexible work styles of your mobile employees while keeping everything safe.
  • How to migrate the millions of out-of-date, insecure and unsupported desktop and Web 1.0 apps that currently run global business to run on modern mobile platforms. Learn how to unchain your line of business apps and web sites from the desktop and move them to the mobile devices your employees actually use.
  • How to rapidly build mobile enterprise apps that run on any platform and work with data from any backend system. Learn how to mobile-enable your existing systems and data to empower your mobile employees and reach out to your mobile customers.

Back Cover

Mobile Strategies for Business is a project plan and an implementation guide allowing your organization to digitally transform so it can ride the mobile wave to employee and customer success. Along the way, it builds a future-looking foundation that prepares your organization for successive technology tidal waves that will impact your business, workforce and customers.

What is your organization doing define and execute on a mobile strategy? It’s time to empower your mobile workforce.

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Getting Started with Azure IoT services: Securing Event Hub Telemetry with SAS Tokens

Azure Security

To prevent the Internet of Things from becoming the largest attack surface in the history of computing, security at scale is paramount.

Any company that wants to be taken seriously as an IoT platform player has to provide cloud-scale telemetry ingestion while also delivering security to millions of events per second without skipping a beat. This is no easy task and therefore narrows down the field in this space dramatically. Microsoft Azure IoT services accomplishes this task through the use of Shared Access Signatures (SAS). They provide delegated, limited access to resources such as Event Hubs for a specified period of time with a specified set of permissions. Of course it does this without having to share the account access keys you created in the previous Event Hub article. You might remember creating a Shared Access Policy with Send permissions. You gave that policy a name and were given a connection string that includes the account access key which you used to test out a .NET IoT client. Good for testing. Career-limiting for production. That’s why you’re reading this article.

In regards to securely sending telemetry to Event Hubs, IoT devices and field gateways claim access to the Event Hub by presenting a SAS token. This token consists of the resource URI being accessed, and an expiry signed with the account access key. Basically, a URL-encoded string that is passed along every time telemetry is sent. Each IoT device needs its own distinct SAS token and that’s what you’re going to learn today.

To more easily create SAS tokens for your IoT clients, I want you to create a simple app to do the work for you. Launch Visual Studio and create a new C#, Windows Forms application and call it SASToken. From the Solution Explorer, right-click on References and select Manage NuGet Packages…

In the Search Online box type Azure Service Bus and install version 2.7.5 or later. Since you’ll be using the SharedAccessSignatureTokenProvider class to create a shared access signature for your publisher, add using Microsoft.ServiceBus; above the namespace with all the other using statements in the default Form class.

The next thing I want you to do is create a function called CreateSASToken() inside the Form class as shown below:

Create SAS Token

This function simplifies the creation of a SAS token by inputting values found on the Azure portal for your Event Hub. Let’s walk through the parameters of this function and where you can find the required values:

  • EventHubUri: This is found on the Dashboard page of your Event Hub under Event Hub URL. Don’t include the last part of the URL after the final dash /
  • EventHubName: This is found at the top of your Event Hub Dashboard page.
  • Publisher: This is a unique name you get to create for the IoT device that’s sending the telemetry to the Event Hub.
  • PolicyName: This is found on the Configure page of your Event Hub and is the name of the shared access policy you created with Send permissions.
  • PolicyKey: At the bottom of your Event Hub’s Configure page is a section called shared access key generator. Select the correct Policy Name from the dropdown box and copy the Primary Key in the text box below it.
  • Expiration: Enter the number of minutes you want your token to be valid. This TimeSpan code can be changed so you can use days or hours as well.

With the function up and running, you can now create unique tokens for each of your Publishers rather than insecurely using the same connection string for all of them. This also means that your Event Hub can prevent individual Publishers from sending telemetry if any of them have been compromised. To make better use of this function, follow along and build a simple data entry form.

Load the default Form in the Visual Studio and add the following UI controls and associated properties:

  • Label: Text = Event Hub Uri:
  • TextBox: Name = txtEventHubUri
  • Label: Text = Event Hub Name:
  • TextBox: Name = txtEventHubName
  • Label: Text = Publisher:
  • TextBox: Name = txtPublisher
  • Label: Text = Policy Name:
  • TextBox: Name = txtPolicyName
  • Label: Text = Policy Key:
  • TextBox: Name = txtPolicyKey
  • Button: Name = btnCreateSAS  Text = Create SAS Token
  • Label: Text = SAS Token:
  • TextBox: Name = txtSASToken

In order to bring things to life, create a click event for the Button and add the following code:

Create SAS Code

The code calls the CreateSASToken() function you created and passes in the values you type or paste into the TextBoxes. I hard-coded in 60 minutes but you can make that any number you like and you could even add a NumericUpDown control. The function returns a SAS token as a string and displays it in the TextBox at the bottom of the Form.

At this point, go ahead and run the app you just built. Type in or paste the appropriate values from the Azure portal into the TextBoxes. I called my Publisher 007 but you can call it anything you want. Click the button and you should get a SAS token as shown below:

SAS Form

While you now have an easy way to create SAS tokens, this won’t suffice at large scale. You’ll need to use what you’ve learned here to build a secure, on-premises or cloud-based token service to support deployment to thousands or even millions of individual IoT devices.

With your unique SAS token in hand, it’s time to modify the the app you created in the previous Event Hub article. Load the ContosoIoTConsole solution in Visual Studio and get ready to make a few changes.

Just like you did with the SAS token app, add using Microsoft.ServiceBus; above the namespace with all the other using statements in the Program class. Next, delete the first two lines of code inside Main() where you previously created a connectionString and an EventHubClient. In place of the deleted code you’ll declare a string called sasToken and paste in the long SAS token string that was generated by the Windows app you just built. Next, you’ll declare a connectionString and use the ServiceBusConnectionStringBuilder along with your Service Bus URI, Event Hub name, Publisher name, and SAS token to create it instead of reading the account access key from App.config like the previous article. In the final, new line of code, you’ll create an EventHubSender based on this new connection string. Every other line of code below stays the same. Your updated ContosoIoTConsole app should look like the code below with your Event Hub values substituted for mine:

Event Hub Sender Code

All that’s left to do is try it out by running the console app and then checking your Event Hub Dashboard a few minutes later to see if a new message arrived.

By following the directions and code in this article, you’ve made the leap to getting an IoT client to send telemetry to Event Hubs more securely. While Event Hubs has always required transport via TLS, by presenting a SAS token, Event Hubs knows who the IoT client is and what permissions it has. A SAS token’s ability to gain access to Event Hubs doesn’t last forever due to the expiration limitations you place on it when creating a new token which is a good thing. Furthermore, Event Hubs give you device blacklisting capabilities by revoking individual publishers based on the unique name you gave them. Expired tokens and revoked publishers will result in errors being thrown in the client code when a publisher attempts to send telemetry to an Event Hub. Keep in mind that when you do a mass deployment, your IoT clients and field gateways won’t have this information hard-coded like the example we just walked through. It must be encrypted and will often be baked into the hardware silicon as the IoT devices are being manufactured. Stay secure!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

How to Create In-Memory Database Tables in SQL Server 2014

SQL Server 2014

Getting data off disk drives and into RAM is the biggest game changer for relational databases in decades and SQL Server 2014 brings it to the masses.

RAM is cheap and it’s finally time to reap the benefits of 64-bit computing.

SQL Server In-Memory OLTP, also know at Hekaton is here and it’s ready to transform your business.  Unlike other recent entries to the in-memory database space, SQL Server 2014 integrates this new technology directly into the database engine instead of being a separate add-on. Additionally, existing SQL Server DBAs and developers will feel right at home building memory-optimized databases with same SQL Server Management Studio they’ve used for years.  Not having to retrain your staff is pretty cool.

Benefits to using SQL Server 2014 include:

  • In-memory execution for low-latency data retrieval vs. disk-bound I/O
  • Elimination of contention (locks, latches, spinlocks) from concurrent data Inserts and Updates due to optimistic concurrency control (row versioning without using TempDB)
  • Disk I/O reduction or elimination depending selected data durability (more on this later)
  • 5x – 25x performance improvement and the equivalent throughput of 5 – 10 scaled-out database servers

Create a Memory-Optimized Database

  • Create a normal database in SQL Server Management Studio

Create Database

  •  Add Memory Optimized Data Filegroup to ensure data durability

Memory Optimized Filegroup

  • Add a FILESTREAM Data file type with Unlimited Autogrowth/Maxsize

Filestream Data

Create Memory-Optimized Tables

  • Right-click on the Tables folder of the database you just created and select New | Memory Optimized Table… to get a starter SQL script
  • Create and execute CREATE TABLE scripts to create one or more tables where MEMORY_OPTIMIZED=ON (example in a sec)
  • Set DURABILITY=SCHEMA_ONLY for staging tables to prevent transaction logging and checkpoint I/O (this means only the schema but no actual data will be saved to disk in the event of a server restart)
  • Set DURABILITY=SCHEMA_AND_DATA for standard tables (this saves the schema and in-memory data to disk in the background with the option to delay durability for better performance by not immediately flushing transaction log writes)

Here’s an example of a SQL script to create a memory-optimized Customer table with an Id, FirstName and LastName column:

USE TechEDNZ2014
GO
CREATE TABLE [dbo].[Customer] (
    [Id] uniqueidentifier NOT NULL PRIMARY KEY NONCLUSTERED HASH WITH (BUCKET_COUNT=1000000) DEFAULT (NEWID()), 
    [FirstName] nvarchar(50),
    [LastName] nvarchar(50)
) 
WITH (MEMORY_OPTIMIZED = ON, DURABILITY = SCHEMA_AND_DATA)
GO

Create Natively-Compiled Stored Procedures

Just when you thought performance couldn’t get any better, SQL Server 2014 rewrites the book on stored procedures.  Your T-SQL code now compiles to C DLLs which minimizes code execution time to further boost performance and scalability.  Furthermore, they significantly reduce CPU usage on your SQL Server box due to the need for fewer instructions to execute.

Here’s an example of a SQL script to create a natively-compiled stored procedure to retrieve data from the memory-optimized Customer table you just created:

USE TechEDNZ2014
GO
create procedure [dbo].[CustomerSelect]
with native_compilation, schemabinding, execute as owner
as 
begin atomic with
(
    transaction isolation level = snapshot, 
    language = N'English'
)
    SELECT [Id], [FirstName], [LastName] FROM [dbo].[Customer];
end
GO

I’m hoping by now you’re feeling the need for speed.

I’ve heard plenty of reports from companies that upgraded from previous versions of SQL Server to SQL Server 2014 that they instantly doubled their performance.  This is before converting disk-based tables to in-memory tables which is pretty incredible and well worth the upgrade on its own.  Just knowing that you can jump from a 2x performance increase to anywhere from 5x to 25x is mind boggling.

Most of you know me as a mobile strategist, architect and developer.  Being a mobile guy doesn’t mean I don’t think about the server.  In fact in all the large-scale enterprise mobile solutions I’ve designed for Fortune 500 companies, I figure I spend more than 70% of my time ensuring that servers are fast and can scale.  With SQL Server 2014 being the heart of most enterprise systems, just imagine how delighted all your mobile users will be when their apps become dramatically more responsive.

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Empower your Demanding Mobile Line of Business Apps with SQLite and Offline Data Sync on Windows

Presenting at TechEd in Houston, watch my session: “Empower your Demanding Mobile Line of Business Apps with SQLite and Offline Data Sync on Window.”

Most mobile apps require the ability to store data locally to deal with the realities of a disconnected world where ubiquitous wireless networks are non-existent.  While many consumer apps get by with saving light amounts of information as small files, the data requirements of mobile line-of-business apps is significantly greater.  With Windows 8.1 and MSOpenTech’s Portable Class Library for SQLite, .NET developers can build structured data storage into their apps.

In this video, I walk you through creating local databases and tables and show you how to work with offline data.  I also demonstrate a new data sync capability in Microsoft Azure Mobile Services which uses SQLite for local data storage and change tracking.  It even detects data conflicts during a sync so your can resolve them either programmatically or interactively.  There’s no faster way to build robust mobile apps to meet your most demanding enterprise needs.  If you know me, you know that I’ve been in the mobile data sync business for well over a decade and I’ve designed and developed many of the world’s largest architectures.

Where you may have used SQL Compact in the past, now you can use SQLite.  Likewise, where you’ve used the Sync Framework or Merge Replication before, take a look at Azure Mobile Services today.  It might be time to move your mobile enterprise application platform to an mBaaS architecture.  Either way, you still sync data with SQL Server.  I’m really excited about the next chapter in this journey where SQLite runs across all mobile platforms and synchronizes with cloud and on-premise data stores via Azure Mobile Services.

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany