“Jeff, what does Day 2 look like?”

That’s a question I just got at our most recent all-hands meeting. I’ve been reminding people that it’s Day 1 for a couple of decades. I work in an Amazon building named Day 1, and when I moved buildings, I took the name with me. I spend time thinking about this topic.

“Day 2 is stasis. Followed by irrelevance. Followed by excruciating, painful decline. Followed by death. And that is why it is always Day 1.”

To be sure, this kind of decline would happen in extreme slow motion. An established company might harvest Day 2 for decades, but the final result would still come.

I’m interested in the question, how do you fend off Day 2? What are the techniques and tactics? How do you keep the vitality of Day 1, even inside a large organization?

Such a question can’t have a simple answer. There will be many elements, multiple paths, and many traps. I don’t know the whole answer, but I may know bits of it. Here’s a starter pack of essentials for Day 1 defense: customer obsession, a skeptical view of proxies, the eager adoption of external trends, and high-velocity decision making.

True Customer Obsession

There are many ways to center a business. You can be competitor focused, you can be product focused, you can be technology focused, you can be business model focused, and there are more. But in my view, obsessive customer focus is by far the most protective of Day 1 vitality.

Why? There are many advantages to a customer-centric approach, but here’s the big one: customers are always beautifully, wonderfully dissatisfied, even when they report being happy and business is great. Even when they don’t yet know it, customers want something better, and your desire to delight customers will drive you to invent on their behalf. No customer ever asked Amazon to create the Prime membership program, but it sure turns out they wanted it, and I could give you many such examples.

Staying in Day 1 requires you to experiment patiently, accept failures, plant seeds, protect saplings, and double down when you see customer delight. A customer-obsessed culture best creates the conditions where all of that can happen.

Resist Proxies

As companies get larger and more complex, there’s a tendency to manage to proxies. This comes in many shapes and sizes, and it’s dangerous, subtle, and very Day 2.

A common example is process as proxy. Good process serves you so you can serve customers. But if you’re not watchful, the process can become the thing. This can happen very easily in large organizations. The process becomes the proxy for the result you want. You stop looking at outcomes and just make sure you’re doing the process right. Gulp. It’s not that rare to hear a junior leader defend a bad outcome with something like, “Well, we followed the process.” A more experienced leader will use it as an opportunity to investigate and improve the process. The process is not the thing. It’s always worth asking, do we own the process or does the process own us? In a Day 2 company, you might find it’s the second.

Another example: market research and customer surveys can become proxies for customers – something that’s especially dangerous when you’re inventing and designing products. “Fifty-five percent of beta testers report being satisfied with this feature. That is up from 47% in the first survey.” That’s hard to interpret and could unintentionally mislead.

Good inventors and designers deeply understand their customer. They spend tremendous energy developing that intuition. They study and understand many anecdotes rather than only the averages you’ll find on surveys. They live with the design.

I’m not against beta testing or surveys. But you, the product or service owner, must understand the customer, have a vision, and love the offering. Then, beta testing and research can help you find your blind spots. A remarkable customer experience starts with heart, intuition, curiosity, play, guts, taste. You won’t find any of it in a survey.

Embrace External Trends

The outside world can push you into Day 2 if you won’t or can’t embrace powerful trends quickly. If you fight them, you’re probably fighting the future. Embrace them and you have a tailwind.

These big trends are not that hard to spot (they get talked and written about a lot), but they can be strangely hard for large organizations to embrace. We’re in the middle of an obvious one right now: machine learning and artificial intelligence.

Over the past decades computers have broadly automated tasks that programmers could describe with clear rules and algorithms. Modern machine learning techniques now allow us to do the same for tasks where describing the precise rules is much harder.

At Amazon, we’ve been engaged in the practical application of machine learning for many years now. Some of this work is highly visible: our autonomous Prime Air delivery drones; the Amazon Go convenience store that uses machine vision to eliminate checkout lines; and Alexa,¹ our cloud-based AI assistant. (We still struggle to keep Echo in stock, despite our best efforts. A high-quality problem, but a problem. We’re working on it.)

But much of what we do with machine learning happens beneath the surface. Machine learning drives our algorithms for demand forecasting, product search ranking, product and deals recommendations, merchandising placements, fraud detection, translations, and much more. Though less visible, much of the impact of machine learning will be of this type – quietly but meaningfully improving core operations.

Inside AWS, we’re excited to lower the costs and barriers to machine learning and AI so organizations of all sizes can take advantage of these advanced techniques.

Using our pre-packaged versions of popular deep learning frameworks running on P2 compute instances (optimized for this workload), customers are already developing powerful systems ranging everywhere from early disease detection to increasing crop yields. And we’ve also made Amazon’s higher level services available in a convenient form. Amazon Lex (what’s inside Alexa), Amazon Polly, and Amazon Rekognition remove the heavy lifting from natural language understanding, speech generation, and image analysis. They can be accessed with simple API calls – no machine learning expertise required. Watch this space. Much more to come.

High-Velocity Decision Making

Day 2 companies make high-quality decisions, but they make high-quality decisions slowly. To keep the energy and dynamism of Day 1, you have to somehow make high-quality, high-velocity decisions. Easy for start-ups and very challenging for large organizations. The senior team at Amazon is determined to keep our decision-making velocity high. Speed matters in business – plus a high-velocity decision making environment is more fun too. We don’t know all the answers, but here are some thoughts.

First, never use a one-size-fits-all decision-making process. Many decisions are reversible, two-way doors. Those decisions can use a light-weight process. For those, so what if you’re wrong? I wrote about this in more detail in last year’s letter.

For something amusing, try asking, “Alexa, what is sixty factorial?”

Second, most decisions should probably be made with somewhere around 70% of the information you wish you had. If you wait for 90%, in most cases, you’re probably being slow. Plus, either way, you need to be good at quickly recognizing and correcting bad decisions. If you’re good at course correcting, being wrong may be less costly than you think, whereas being slow is going to be expensive for sure.

Third, use the phrase “disagree and commit.” This phrase will save a lot of time. If you have conviction on a particular direction even though there’s no consensus, it’s helpful to say, “Look, I know we disagree on this but will you gamble with me on it? Disagree and commit?” By the time you’re at this point, no one can know the answer for sure, and you’ll probably get a quick yes.

This isn’t one way. If you’re the boss, you should do this too. I disagree and commit all the time. We recently greenlit a particular Amazon Studios original. I told the team my view: debatable whether it would be interesting enough, complicated to produce, the business terms aren’t that good, and we have lots of other opportunities. They had a completely different opinion and wanted to go ahead. I wrote back right away with “I disagree and commit and hope it becomes the most watched thing we’ve ever made.” Consider how much slower this decision cycle would have been if the team had actually had to convince me rather than simply get my commitment.

Note what this example is not: it’s not me thinking to myself “well, these guys are wrong and missing the point, but this isn’t worth me chasing.” It’s a genuine disagreement of opinion, a candid expression of my view, a chance for the team to weigh my view, and a quick, sincere commitment to go their way. And given that this team has already brought home 11 Emmys, 6 Golden Globes, and 3 Oscars, I’m just glad they let me in the room at all!

Fourth, recognize true misalignment issues early and escalate them immediately. Sometimes teams have different objectives and fundamentally different views. They are not aligned. No amount of discussion, no number of meetings will resolve that deep misalignment. Without escalation, the default dispute resolution mechanism for this scenario is exhaustion. Whoever has more stamina carries the decision.

I’ve seen many examples of sincere misalignment at Amazon over the years. When we decided to invite third party sellers to compete directly against us on our own product detail pages – that was a big one. Many smart, well-intentioned Amazonians were simply not at all aligned with the direction. The big decision set up hundreds of smaller decisions, many of which needed to be escalated to the senior team.

“You’ve worn me down” is an awful decision-making process. It’s slow and de-energizing. Go for quick escalation instead – it’s better.

So, have you settled only for decision quality, or are you mindful of decision velocity too? Are the world’s trends tailwinds for you? Are you falling prey to proxies, or do they serve you? And most important of all, are you delighting customers? We can have the scope and capabilities of a large company and the spirit and heart of a small one. But we have to choose it.

A huge thank you to each and every customer for allowing us to serve you, to our shareowners for your support, and to Amazonians everywhere for your hard work, your ingenuity, and your passion.

As always, I attach a copy of our original 1997 letter. It remains Day 1.

Sincerely,

Jeff

Jeffrey P. Bezos

Founder and Chief Executive Officer

Amazon.com, Inc.

Click to read on link – 1997 LETTER TO SHAREHOLDERS

Investors, executives, and anyone who merely wants to be good at their job hang on the words of Jeff Bezos, CEO of Amazon.com. He published 1,782 of them Wednesday in his annual letter to Amazon’s shareholders. I recommend reading each one of them.

Bezos’s pearls of wisdom are repetitive, by design. He discusses similar concepts year after year, tweaking them for new realities. Delighting customers is a constant. The importance of being willing to reverse direction is another hearty Bezos perennial.

Monitor and adopt important external trends

I particularly liked two of his themes this year that constitute fresh material in the Bezos oeuvre. The first is his insistence that managers monitor and adopt important external trends. “These big trends are not that hard to spot (they get talked and written about a lot), but they can be strangely hard for large organizations to embrace,” he writes. “We’re in the middle of an obvious one right now: machine learning and artificial intelligence.” He goes on to discuss the visible and less obvious ways Amazon is utilizing machine learning and AI. But his notion that the important trends aren’t hard to spot is non-trivial. Too many organizations spend too much debating if something is going to be big. If you’ve spent that much time debating it, it’s probably too late.

Escalate during Misalignment

Bezos also shared his thinking on how high-performance teams should work together—including with their bosses and also when they disagree with each other. “Recognize true misalignment issues early and escalate them immediately,” he writes. “Sometimes teams have different objectives and fundamentally different views. They are not aligned. No amount of discussion, no number of meetings will resolve that deep misalignment. Without escalation, the default dispute resolution mechanism for this scenario is exhaustion. Whoever has more stamina carries the decision.”

For escalation to work, of course, a team’s manager has to be good and also has to be willing to be overruled. Bezos gives an example of his being overruled, though one senses his example is the exemption rather than the rule.

The point is that he demands fast action and quick resolution when people disagree. Exhaustion with disagreement is something anyone who works in a large organization can understand all too well.

Adapted from Adam Lashinsky newsletter

The Internet of Things (IoT) is occupying the attention of city planners, the ones in the medical world, the energy sector, more particularly, with no parallels in the recent past. The connected devices share a host of data covering many geographies. The questions often by-passed are related to security and if they are outside the clutches of hackers.

According to many research studies, including the Gartner analysis, there will be about 21 billion connected IoT devices by the year 2020. While we would like to quote this statistic with pride and look enthusiastically at the business opportunities this will give rise to, there is one alarming concern – IoT security. It stands to reason that more the number of smart devices, more the possibility of attack vectors.

Secure PCs, why not secure IoT products?

One of the reasons is that as the idea of networking appliances and other devices is relatively new, security is not always a priority during product design. IoT products often have old and unpatched embedded operating systems and software. Also, end users fail to change the default passwords on smart devices and usually don’t select sufficiently strong passwords. IoT devices are provided with unique identifiers and the ability to automatically transfer data over a network. Embedded sensor systems used in industrial machine-to-machine (M2M) communication, smart energy grids, home and building automation, vehicle to vehicle communication, wearable devices and other computing devices account for most of the IoT communication that happens. The frightening vulnerabilities found on IoT devices have therefore brought IoT security further up to the fore.

For example, research has found that a significant range of IoT baby monitors can be hacked and used to monitor live feeds, change the camera settings and authorize others to remotely view and control the monitor. Connected cars can be compromised, and hackers can take control of the entertainment system, unlock the doors or even stop a moving car. Hackers have been found to use the motion sensors embedded in smart watches to steal information or gather health data from fitness apps or health tracker devices.

Very soon, there will be consumers who own hundreds of connected devices. Hence, we need a fool-proof plan for installing security updates, which definitely cannot be manual. Proper safeguards are necessary to prevent updating interfaces from becoming security holes themselves or else we will end up with a scenario of the fence eating the crop. We need security at both the device and network levels for safe operation of IoT. The Artificial Intelligence (AI) that is the brain of the device which learns the preferences of the users and enables the device to perform accordingly must also be able to recognize and counteract threats. The measures that have proven enormously successful in IT networks will have to be substantially re-engineered if they are to address the device constraints.

Challenges

Most embedded devices are tiny and are designed for low power consumption with limited connectivity. The processing capacity and memory required to perform their tasks is also very limited plus some are low cost and essentially disposable. All these factors could prove to be an inhibiting factor in encryption and other robust security measures. With the enormous amount of data IoT devices generate and communicate back to the cloud for analysis, it would be unwise to assume that all systems can scale to accommodate the bandwidth, power, storage and computing ability needed to handle this load.

Manufacturers, as well as users of connected devices must spend time and try to understand what data their devices collect, what information is shared and with whom and how the data is transmitted and received. In addition, where the data is being stored is vital including how stringent are the privacy settings that need to be activated in accompanying the software. Just as with any other computer devices, it is essential to run the latest software and patch vulnerabilities as well as ensure all apps associated with the device are updated. For example, a smart meter that is able to send energy usage data to the utility services company for billing or real-time power grid optimization must be able to protect that information from unauthorized users. If this information can be hacked, thieves could figure out which houses are empty based on the decrease in power usage and burgle those homes.

About a decade ago, we had to protect only our computers and few years ago, our smartphones. Now we have to worry about protecting our home appliances, our car, our wearables, even our medical reports. Hackers can hack into any device, by being even in a remote place. The IoT devices manufactures & users have to start thinking from the point of the hacker and thus create products that make it hack-proof.

Solutions

When a device is being designed, security must be one of the primary components and must continue throughout the device lifecycle. The following could be a few ways to ensure secure connected products:
• When the device is first powered up, a cryptographically generated digital signature verifies the authenticity and integrity of the software on the device, i.e., only the software that has been authorized to run on that device and signed by the entity that authorized it will be loaded.
• Access controls built into the operating system limit the privileges of device components and applications so they access only the resources they need to do their jobs. The principle of least privilege dictates that only the minimal access required to perform a function should be authorized in order to minimize the effectiveness of any breach of security.
• When the device is plugged into the network, it should authenticate itself prior to receiving or transmitting data.
• The device must have a firewall or deep packet inspection capability to control traffic that is destined to terminate at the device in a way that makes optimal use of the limited computational resources available.
• Software updates and security patches must be delivered in a way that conserves the limited bandwidth and intermittent connectivity of an embedded device and absolutely eliminates the possibility of compromising functional safety.

The Internet of Things Security Foundation (IoTSF) is a non-profit body founded by a group of technology companies that will be responsible for vetting connected devices for vulnerabilities and flaws and will offer security assistance to technology providers, system adopters, and end users. There are many other companies working on setting up platforms that will enable large networks of IoT devices to identify and authenticate each other in order to provide higher security and prevent data breaches. There is also research being conducted to enhance IoT security through device and smartphone linking.