Following from the previous two posts, today I will explain cryptography in the simplest way I can – in reality, it is more complicated. However, a basic understanding is useful to appreciate blockchain – which will be the final post on this topic.
Cryptography is the art/task of creating and solving codes. Messages have been sent in code from centuries, and you can read a good summary of some methods here. The basic idea of cryptography is to render communications unreadable to the human eye by mixing up inputs (e.g. letters) to give a different output. One of the more famous uses of cryptography was the Enigma machine used by the German armed forces during WWII. The Enigma worked by scrambling letters into other letters and relied on the sending and receiving machines being set up the same. The set up was from three initial letters, resulting in over 17,576 (26^3) combinations. As you may know, it took a computer and some captured settings to break the Enigma code.
Move forward 70 years and a lot of information sent today over the internet uses some form of cryptography. There are two basic forms 1) encryption and 2) hashing. Encryption is what the Enigma did, an original message was scrambled on one end, sent via morse code, and de-scrambled on the other end. Hashing only involves scrambling. It uses an algorithm to derive a fixed length string which is different from the original text. A good example is a password. Passwords are usually not stored on servers in their original form, but as a hash value. If you enter a password, it is run through the algorithm and if it matches the stored hash value, you’re in. A commonly used hash is SHA256, which has 2^256 possible combinations – let’s just say that is a big number.
Encryption, as mentioned above, is a two-way thing. While I could write a lot more, let me try to keep it simple and explain the most common form, which is asymmetric encryption. First though, let us remind ourselves that encryption means some form of setup or code is needed, which is usually referred to as a key. In asymmetric encryption, there are two keys, a public key and a private key. Here is a simple example of how this works. Let’s say I want to send you an encrypted message. Your public key is sent out to anyone who may want to send messages to you. To send the message, I use your public key to encrypt it, so the message is secure when sent across any networks. When you receive the message, your private key unscrambles it. Only the combination of these pair of keys can do this, making the system quite secure. An example of an asymmetric encryption protocol (or set of rules) is TLS (Transport Layer Security) which is embedded within most operating systems and web browsers. It also offers 256 bit security, which is 2^256 – see more about TLS here. The current agreed TLS version is 1.2, and below you can see it is embedded within my version of Windows.
So, to sum up, encryption is complicated, but it is commonplace in our daily lives and apps. So can it be broken/cracked? Yes, but it would take a long long long time. See a great infographic below which details how long it would take to crack the code/cipher used in AES 256 – which is used by the TLS protocol mentioned above.
So now you know a little about cryptography, the next post in this series will cover blockchain.
I hope to write a few posts on this topic in the coming weeks, as we hear so much about blockchain and bitcoin and how it affects accounting/accountants. Before I do, this article in a great primer. For example, it relays the fact that bitcoin (for now) is an asset not a currency in accounting terms. Have a read, more to come soon.
Have a look at a new book I joint edited – here is the link
The book is a collection of 22 chapters on many aspects of Accounting Information Systems. It gives an excellent summary of current research and thought on AIS. Enjoy
Recently, it seems United Airlines got themselves into a bit of a bad public relations scenario by ejecting passengers (with force) from a domestic US flight. I’ve never used United and based in this, I never will, as it seems they commonly overbook flights.
First, in the age of technology we live in, how the hell a system allows overbooking I cannot fathom. Maybe if a smaller replacement aircraft transpired in an emergency, I can understand, but this would not be an overbooking issue.
You can read an article about the event at the link above, but here’s a brief rundown:
- United over book
- They look for four volunteers
- They offer $400, then $800
- Nobody volunteers
- They forcibly remove four passengers
And all of this to get their own crew to a location for the next day – this alone says a lot about their ability to manage the business, not having a standard way to get staff, or reserving x seats for staff.
Back to management accounting, and we know that an avoidable cost is one which can be eliminated by not doing something e.g. close a production line. We also know that in the long term, all costs are avoidable. So what about the United story. Well, one thing that will no doubt happen is a string of expensive law suits – and I personally hope United get screwed. This is an avoidable cost, and surely are the costs associated with the apparent regular overbooking. I’d even have a wild guess that it may have been cheaper to charter an aircraft for the staff than what this will ultimately cost United. Even $5000 a passenger to entice volunteers would be cheap too, or maybe $50000. Regardless, United need to find a long term solution to avoid such costs. They have apparently now increased the offer to passengers to $10,000 to give to give up their seats.
This blog post appeared in my LinkedIn recently. Have a read. It’s basically claiming that British accountants are worse than their American counterparts because they don’t use technology as much as. Now, I’m a big fan of technology, but I’m also old enough to have worked before the internet and all other things which make our life easier (supposedly). The author of the blog should know that all technology is a series of instructions in some or other code, and that code is only as good as the person writing it! We are becoming way too reliant on technology and it’s no harm to do it the old way, or use less technology from time to time. If I were recruiting an accountant tomorrow, while their grasp of technology would be something I’d look out for, it’s not the only thing.
And to end, Irish accountants are best 😀
In my view, even though some accountants may not agree, big data will effect how accounting is done. This is particularly true for management accounting.
I was going to write an outline of my thoughts on big data and management accounting, but I found this great post on diginomica. It gives some really good practical insights. It notes how the following, for example, gets accountants interested in big data- it is being used to:
- Improve the quality of budgets, plans and forecasts
- Enhance top line revenue
- Reduce operational costs
- Detect fraud
- Assess the viability of a company as an on-going concern
Changes in technology is regularly a top issue for management accountants when asked. Of course in recent years, the pace of technology change has been so rapid compared to previous. How can management accountants deal with such change? An article from the CGMA provides some useful tips.
Big data has been the feature of many articles in professional accounting journals such as CIMA’s Financial Management. But what exactly is big data? Originally it referred to more data than information systems could process. But today we have systems capable of processing and analysing millions of transactions in seconds . So what does it mean now? Well, I think the answer to this question will depend a lot on who you ask. To me big data is still data analytics, with maybe some external or social data sources thrown in., with a defined purpose of adding value or saving resources (such as cash or time). This is of course a very broad understanding of what big data is, as value will not mean the same thing to all organisations.
I read an article on Forbes recently which has a similar approach to big data as that I suggest above. The key point the author notes is not to care too much about defining things like big data, but to remember “who cares”. To quote directly from the article “the goal should be to solve a business problem by using new analytics, not to worry about defining a term. That’s because definitions are a distraction from the simple question of “Does this data contain information that is valuable for my business?”
I am writing this post without using the software I mention, so apologies if I am incorrect.
Sage (a leading provider of accounts software) have recently extended their most popular product to the cloud. And they have done to in a way which seems to address a lot of concerns.
My experience of cloud accounting software is that while it is functional and easy to use, it does lack some of the capabilities that desktop accounting software offered. What Sage appear to have done is taken their best product for SME – Sage 50 – and retained the best of both worlds. The news release at the link above suggests a new product, Sage Drive, allows the user to retain the desktop functions but store data in the cloud. This has several advantages. First, the sharing capabilities of the cloud are available once the data is stored there. Second, existing functions are maintained and this may particularly suit the accountant users. Third, it may ease some security concerns accountants often mention with the cloud. From my understanding, only the data is cloud hosted. Some desktop software is still needed to make sense of the data.
I have written a few posts previously on cloud computing and how it affects costs, software and business models.
I came across a nice article in Forces which details how businesses like Instagram and Snapchat can use the cloud to grow very quickly at minimum cost. Once such businesses grow, they can acquire a large value (e.g. WhatsApp recently), without actually having much in terms of what accountants would associate with value i.e. assets.
You can read the full article here.
More and more, technology is used to help many of us do our job. I read an article a few months in the Wall Street Journal about how increasing integration of technology in NYPD police cars is helping officers fight crime. Of course, in-car systems are not confined to NYPD, and many European police forces use technology in patrol cars.
The article mentions a smart car, which is being trialed in one NYPD precinct. The car is equipped with number plate recognition, video cameras and even radiation detectors. All data collected is transmitted back to a central location, where it can be analysed at a high level if needed. The technology also allows officers make decisions while on patrol – for example, ignore a car with an outstanding parking ticket, but stop if if stolen.
So, where is the management accounting system is this police car? Ok, this is a trial, but it is likely to reflect what an actual patrol car will do in the near future. I define management accounting as the provision of information to make decisions. Using this simple definition, there are two ways we could describe the smart patrol car as part of a management accounting system 1) it provides officers with information to make decisions on the spot and 2) the information gathered may also be used to inform higher-level policy and strategic decisions.