Blog

Protect Documents Outside Your Four Walls
Secure collaboration

In a recent Computerworld article suggesting that IT update its information security programRobert Whiteley points out that with the widespread adoption of cloud computing, organizations don’t own their data anymore.  Users are uploading documents into GoogleDocs, Facebook, Slideshare and a hundred other repositories outside of IT’s control.  This shift in ownership will continue as employees embrace new SaaS and Web 2.0 technologies.  It’s important to secure your documents, since they are the most likely source of information leaks.  The recent problems that Twitter had when someone stole confidential documents is an example of what can happen.

Indecent exposure
Data breach Insider threat

Indecent exposureWhile visiting with a client last week they were discussing an upcoming company cruise that will be taking place this October.  The event includes over 500 employees and their spouses.  The company sent an Excel spreadsheet to each employee that requires information such as Passport number, Social Security Number and credit card information.

After completing the form one of the employees mistakenly hit reply all and his information was instantly sent to over 500 people, most of whom he does not know.  Without a way to revoke the rights to the file his personal information was exposed.

Another client’s Human Resources department had a new administrator access an Excel spreadsheet from the department’s network directory.  The visible cells showed the employees’ names and phone extensions.  Thinking this would be helpful information for company employees the administrator emailed the file to all employees. Little did he know that the hidden cells contained salary, stock option and other confidential information.  Not sure what happed to the administrator but needless to say the company had significant issues to deal with.

SaaS makes you more competitive too
Secure collaboration

recent post by Peter Cohen of Practical Advice on SaaS Marketing talked about building a comprehensive case forSaaS.  If you just focus on price, someone will always undercut you.  In a post I wrote a few months ago, I talked about SaaS being more than cost cutting.  In this difficult economy, everyone is looking to save money and people will pull the price card as the first reaction.  

First family safety compromised
Privacy

This morning I read an article about sensitive documents leaked from various government sources through peer to peer (P2P) networks.  In this circumstance the culprit was LimeWire, but it could have been any of them.  Details on a safe house for the first family in the event of a national emergency was just the latest in a string of leaks. Previously the routes of the President’s limo were leaked.  In January sensitive details about the President’s helicopter were leaked through a P2P network. 
  
This prompted Representative Edolphus Towns (D-NY) to call for a ban of P2P software on all government and contractor computers.  Others are calling for investigations of the makers of P2P software as enabling illegal activity and unfair trading practices.

Applying the Long Tail to SaaS
Secure collaboration

I recently read Chris Anderson’s book The Long Tail.  For those who have not read it, the long tail is a mathematics term that helps describe how a business can maximize their sales by catering to niches rather than focusing only on hits, or popular items.  By selling smaller amounts of more items, you generate larger sales because you can meet more people’s needs.  Doing business on the Internet makes this easy because it lets you lower inventory and distribution costs, allows 24/7 shopping, provides a very large inventory and enables differential pricing; all items Chris discusses in his book that are key for the long tail.  Companies like Amazon and NetFlix embody this principal by offering millions of items online rather than the thousands available in their brick and mortar competitors.  Since product information is just an entry in a database, customers can tag and sort items as they see fit and find exactly what they want.  It’s easy to slice and dice an inventory into limitless categories and present that to customers in a way that makes sense to them.  This helps make sense of the limitless quantity and fuels the sale of niche items.

Hospital establishes electronic medical records protection system
Data security

The healthcare industry will undergo significant changes in the coming months and years ahead. The transition to Electronic Medical Records offers tremendous cost efficiencies, reduction in serious errors and protection of confidential data. Despite all of the advantages over paper based systems, EMR applications still have several areas where sensitive data can be exposed to unauthorized sources.

Fun and Communication
Secure collaboration

This morning I woke up and found a message from my daughter on our Upwords game.  If you aren’t familiar with it, Upwords is like Scrabble, but you can also stack upwordsletters to make words; my family is addicted to it.  My daughter and I started doing this a few days ago.  I thought with all the high tech ways we have to communicate, sometimes its fun to do things low tech.   We are still getting across the information we want to convey.  It’s easy to do and keeps me interested because I can’t wait for the next message.

Shouldn’t all our communication be like this?  When I write a blog post or send out an email newsletter or deliver a document that gives someone information, they should anticipate the next message.  With all the blather on the Internet and in our lives, sometimes a unique, fun message can give you what you need.  And if spelling out letters on a game board does the trick, why not?  Sometimes simpler is just better.

The Desktop OS may be Obsolete
Secure collaboration

With Google’s announcement of a Google OS I started thinking that the desktop operating system as we know it may be on its way out.  Many people have talked about this for years, but I think its time may have come.  When I think about how I use my PC I notice that I spend a lot of time in a browser or in applications that directly access cloud or SaaS applications.  I use GMail and Office Live for my email.  I use DimDim for web conferencing.  I use a SaaS time & billing system.  I use Twitter, Facebook and LinkedIn for communicating with people.  My website is the communication hub for my business.  I use Google Reader for news, YouTube to share and watch videos and the list goes on.  And how about my kids?  Most of what they do is in a browser, whether it’s games or school work.    

Is a SaaS infrastructure just one big operating system?
Secure collaboration

In his recent article Pod-Scale vs Warehouse-Scale Computing, Phil Wainewright talks about the differences between how Oracle and Microsoft view cloud and SaaS computing infrastructure and how Google views it.  Oracle talks about tailoring instances of their on-demand applications to different customers, time zones and functions.  This sounds like the old ASP model to me.  Google views their services as components of a global operating system.  Their data centers are their versions of my desktop or server.  The operating system uses a single file system, database and number crunching system.  The difference is that Google uses thousands of machines as their virtual computer where I use one.  The services have been distilled into a single homogenized set of primitives that are distributed.  When Google updates one component the whole system benefits, hence all customers benefit.  This is one of the great advantages of SaaS and using a multi-tenant, single instance approach.  Oracle and Microsoft still think about separate systems tuned for separate applications.  This looks like a way to maintain their legacy. 

Major company is victim of document breach
Data breach

Insider threats continue to represent a major concern for all organizations. We were recently made aware of a situation where a major company was responding to a large Request for Pricing (RFP).  The company uses FileNet as their Content Management application and has developed strict procedures to ensure the confidentiality of their files. Unfortunately, one of the staff members that worked on the RFP had a friend who worked for the competition. The employee saved the file to a flash drive and sent it  to the friend at the competition. That person used the information to under bid the other company and ultimately won the business.  Eventually, the theft was uncovered and the individuals involved were fired and the RFP was cancelled. There is no way to determine the cost of litigation but it is safe to assume that legal costs and fines will exceed a million dollars.