Nigel Gibbons ~ Welcomes you

BYOD / Bring Your Own Device (Disaster) – Convenience before Compliance

April 13, 2012 1 Comment

BYOD (bring your own device) refers to employees who bring their own computing devices to the workplace and they are permitted (or pull rank) to connect to the corporate network.

It is at this point that many CIO (Chief Information Officers) or their counterparts will draw the line. For others they will see this as an evangelical moment to engage the latest and greatest consumer devices.

As stated above most BYOD are ‘Consumer’ grade devices, and either lack the management tools to allow a business to manage them and ensure policy and compliance adherence, or more to the point struggle with the demarcation lines on private ownership and mixed use mode exercised by the owners.

What only a few years ago would have been unheard of is now the norm. Corporate information being held on personal devices residing alongside the Home Banking mobile application and Angry Birds game, all residing on an unencrypted devices that would take an amateur 5 minutes to hack. It doesn’t stop at Smartphone’s and Tablet devices, personal computers abound are as likely to be used today as the more prevalent mobile device. That does not make them a safer option for businesses.

Much blame is placed on ‘Generation Z’, the 16 to 24 year olds enter the workforce demanding and expecting such adaptability and flexibility in device use. Well let’s put that one to bed straight away:

Computacenter carried out research that produced clear results that this is not the case. Quote Barry Hoffman, HR director: “The idea of this always connected, socially mobile and technologically demanding generation entering the workplace is something of a myth.”

Despite which or perhaps complicated further by such contrary insights, this remains a veritable minefield for business large Enterprises let alone SME’s (Small Medium Enterprises) without the investment budget of their larger brethren.

If large Enterprises are struggling with the management and control of these devices then smaller companies should reflect long and hard on their risk exposures if they venture forth.

A recent survey by Document Lifecycle Management Specialist firm Litéra Corp, Mobile Device Users Survey, makes the size of this issue frighteningly clear. Quote:

“96% of business professionals polled are using mobile devices to store, access and send sensitive material, and the majority are doing so without e-mail encryption or metadata removal, thus posing significant security risks to their organizations.”

Forget the brand war or whose device is more secure or better managed. Although it is worth stating that devices running the Google Android operating system are regarded as a veritable malware platform that leaks data, and Apple iOS devices cannot be cleanly wiped without destroying them. Highlighting just a fraction of the challenge facing businesses.

The reality is few organisations are even confronting the issue objectively let alone containing it. If they don’t then it will be only a matter of time before there is a data breach that will impact customer confidence and trust. When this hits the bottom line even senior exec’s will have to wake up to their gross oversight.

In many organisations the trend started with senior executives. The fact that much of the hard work in organisations to meet compliance and policy obligations is now being undermined by the very office holders who prescribe policy and are obliged to ensure compliance is an interesting reflection of what technology is doing to society. It is the senior executives who started the rot in many companies with their demands, which few IT departments could say no to, for access to corporate information resources with consumer convenience devices before the business could evaluate the risks and implement correct adoption procedures, if at all.

This does not mean these devices cannot bring benefit to the business, the issue is business is increasingly putting convenience before compliance.

So what can businesses do?

Risk analysis – At least evaluate the risk so you know what you are getting yourself in for.
Only use devices that can apply Policies to at least ensure these devices can be – Password protected with minimum of an 8 digit password and Remotely wiped enablement.
Have a data/device breach response plan in place (it will happen so at least be ready).

For SME’s (Small Medium Enterprises) even these basic measures will sound like a challenge. But they need not be. If you are using and so dependent on mobile devices then you should be considering a proper business grade messaging and information management system. Microsoft Office 365 E3 plan represents a cost effective solution that would go a long way towards remedying this. For example:

The ability to manage r emote devices as per Action B above is a few clicks away.
Document access controls can become a simple exercise.
Disaster recovery and business continuity is built in.
Communications are encrypted.

Oh yes and you get a copy of Microsoft Office thrown in, with home use rights so you can protect your business by running up to date office applications which then gives you access to third party tools that can further strengthen your Data Lifecycle Management.

As with the old analogy, there is little point in shutting the stable door once the horse has bolted, so action is needed now. For most companies they are living on borrowed time as the preverbal horse or horse thieves have yet to notice the door is open. That is just a matter of time.

The frightening thing is though for many companies they will not even know that their horse has already bolted.

Filed under Computers and Internet, Mobile, Security, Small Medium Enterprise (SME)

Business Climate Change Alert – Cloud heralds Summer Monsoon

April 11, 2012 Leave a comment

Headlines abound as the UK Government looks to promote more agile ways of working to make-up for policy makers prevarications over transport and communication infrastructure upgrades in the run up to the Olympics.

· Headlines ‘Read all about it’ UK tests home working to beat Games gridlock

Political sniping aside the real story here is an unavoidable high impact scenario on the horizon that will drive an accelerated shift in Business operational behaviour for better or worse.

The ‘Better’ is crystal clear to those businesses alert enough to what is going on in the market. In the fifty plus years since there has been an IT industry, Cloud Computing is only the third such shift, centralized and client-server computing being the two previous ones. As happened with the web enablement of legacy applications over the last decade enterprises and vendors will be cloud-enable their legacy IT infrastructures and application consumption in the next. But with Cloud this goes broader and deeper, with Business Process and workforce cultural and behavioural impact.

Could this be the first nudge to UK SME’s and Enterprises, helping them to open their eyes to the potential (and inevitable), strategy shift that unlocks the value of a new business and offers an economically scalable environment for all stakeholders?

The ‘Worse’ is where the unavoidable shift to being ‘Out There’ is going to impact businesses. Corporate assets, employee’s and most critically information or in its simple for DATA.

Corporate environments taking on a virtual extension that goes beyond the physical boundaries of traditional physical, formal places of work. The Corporate office becomes an airport departure lounge, a train or coffee shop. In fact the corporate office is no longer a wholly private domain, which makes a joke of the security of office buildings, when in fact with a bit of patience any budding malfeasant only has to wait for an executive to step out into their ‘Virtual Corporate Environment’ (and very Public) to facilitate a compromise with frightening ease. A compromise that would not necessarily require much imagination – snatch and grab of a mobile device (Notebook PC, SmartPhone or Tablet).

The event horizon of the Olympics means time is short and the inevitable fallout, business exposures are going to be high at a time of delicate economic recovery for many.

Let me put that past you again ….. Business exposures ARE going to be high.

Corporate assets can be tracked and tagged; it is hard for a computer or phone to go missing without it being immediately flagged up. The increasingly tethered nature of our working means we are also inextricably evolving to an ‘always on, always available’ state of existence. An existence that allows employees to still be ‘Virtually’ in the office in an available and collaborative sense of ‘being in’.

But DATA is another story, it is ethereal and more of it is out in the public domain out with corporate policy or compliance than even the companies themselves know. A recent survey by Document Lifecycle Management Specialist firm Litéra Corp, Mobile Device Users Survey, makes the size of this issue frighteningly clear. Quote:

Data is where the rest of the corporate asset security risk management starts to pale into insignificance when placed alongside the nuclear grade fallout a data breach can have on a company.

Data or Information is the hidden intangible asset on the corporate balance sheet, the Achilles heel in corporate security and risk management.

Information is the life blood of EVERY business today, irrespective of type, and if you don’t think so then I would class that attitude as negligent. All business are subject to loss of consumer confidence and declining reputation and these always impact the bottom line, data breaches are the equivalent of corporate dirty washing in public or publishing corporate secrets for your competition to see.

“There is now enough evidence to prove that security is a business risk which must be accounted for in every organization’s enterprise risk management plan.” Experian Report – How Data Breaches Impact Bottom Lines.

Information and data security may be well understood but as all the evidence attests, with public notices abound of high profile data breaches from Military, Government and Corporates, it is largely poorly managed.

The sad truth is there is NO EXCUSE for poor data management. If business would apply tried and tested solutions, form experienced vendors, experience that is freely available and willingly shared. Many such solutions already baked into product companies already own, all they have to do is enable it! And where there is a cost, a business only has to evaluate the alternatives of not making that investment.

So why do so many business go skydiving without a parachute! Dramatic, yes, inaccurate NO.

If a 2011 survey from Experian is anything to go by 82% of organizations have a data breach involving sensitive or confidential customer information, on average, 2.7 breaches in the past 2 years. 76% had a significant or moderate impact on reputation, and that is assuming they are even aware of it!

So what can a business do?

A. A good defence is an Offence.

B. Have a data breach procedure in place.

Applicable to any organisation keep it in context, start by reviewing the PCI Compliance Guide at:

http://www.pcicomplianceguide.org/databreach/databreachguide.html

It’s not fully proof, but it’s better than many of your will probably have right now!

Filed under Cloud Computing, Mobile, Security

Guide – Advanced eMail Routing in Microsoft Office 365

April 4, 2012 Leave a comment

For many organisations the use of additional email handling services for compliance (metadata cleansing or advanced archiving) or simply cosmetics (adding email stationary) is a requirement. This How-To provides a quick heads up and signpost to resources that will I hope answer many of your questions.

Also available as a PDF download at – ‘NRG Advanced eMail routing with Microsoft Office365 Guide‘

For many SME (Small Medium Enterprise) and even large enterprise customers the challenge of a new set of skills to integrate with Office3365 can be a barrier to adoption of real benefits from this platform. For many scenarios we are dealing with technology professionals who have deep expertise with, or attachment to, on-premise computing for whom this can be a blocker.

In fact Office 365 like the majority of Microsoft products is highly interoperable despite what some sectors of the technical community may believe. The following focuses on how to enable Advanced Email Flow Scenarios in Microsoft Office365.

Microsoft Office 365 uses Microsoft Forefront Online Protection for Exchange (FOPE) providing you with the ability to implement several advanced email flow scenarios. These scenarios can be extended with the use of Microsoft Windows Azure, but that is beyond the scope of this Guide. Some Microsoft resources that expand on these scenarios can be found at:

· Overview of Complex Mail Flow Scenarios in FOPE

· Outbound Smart Host Scenario for FOPE Connectors

· Configure Messaging with a Regulated Partner and Forced TLS in FOPE

· FOPE 11.1 New Features

To use FOPE fully the caveat is you have to be subscribed to the Microsoft Office 365 for enterprises, Live@edu, or former Business Productivity Online Suite (BPOS) dedicated cloud hosting service versions of Microsoft Office 365.

Remember we are now into Cloud Software as a Service (SaaS) and this is the world of subscription based consumption. As with the genre of Cloud product solution managed service models Microsoft Office 365 has a tiered structure that provides increasing functionality at variable price points.

The FOPE functionality likewise varies depending on the Office365 subscription. This is unlikely to be an issue with the class of customer looking for advanced services/product email integration as they are likely to be in at the Enterprise Plan levels but please start here to check if you are subscribed at the right level:

· ‘Feature Set Comparison for FOPE Deployments’

Assuming you are at the right level, or would like to check that you can do what you want before upgrading to the right Office365 subscription level I would suggest looking at FOPE user guide at:

· ‘Using FOPE Connectors to Configure Advanced Email Flow Scenarios’

And last but not least assuming all the above is in order and you now want to actually access FOPE for your Office365 subscription then you want to head over to the FOPE administration URL at:

· FOPE Administration Portal

If you have not yet set-up a user account on FOPE, don’t panic, there is a link from your Office 365 Outlook Web Access Account (assuming you have administrative rights for your Office 365 subscription). Or through the Office 365 Admin Portal by following these simple steps:

Step 1 – Login

Login to your Office 365 Admin Portal with an account which has administrative rights at https://login.microsoftonline.com/

Step 2. Exchange Management

Under the Admin Overview link on the left you will be presented with links in the main window with links to manage Office 365 server systems. Click on the ‘Manage’ link under the Exchange option.

Step 3. Manage Organisation

Make sure you are managing your organisation and not yourself individually. In Exchange Management at the top left of the screen mouse over the ‘Manage My Organisation’ menu item and you will get a pop-out that will give you menu options, select ‘My Organisation’:

Step 4. Mail Control

Once you have confirmed you are managing your organisation select ‘Mail Control’ from the left hand menu.

Step 5. FOPE Access

Once you are into the ‘Mail Control’ section you will see on the right ‘Additional Security Settings’ and a box with a text link in it ‘Configure IP safelisting, perimeter message tracing and email policies’. Something like the image below:

Step 6. FOPE Portal

Clicking on the link as directed above will take you into the FOPE administrative portal where you have all the glory of the FOPE reporting and administrative tools.

Please review the FOPE help is you are not familiar with this environment BEFORE you start making changes.

NB:

Remember you are on a subscription service now and new features and updates are coming online on a regular basis, please ensure you keep up to date so new features do not impact any external services you may be linking into.

Filed under Computers and Internet, Office 365 and Azure

UK Government – Openly Disconnected!

March 21, 2012 Leave a comment

Anyone who has ready my earlier views on ‘Open Source a Misguided Fervour’ will know that I believe Open Source ICT solutions are not an ICT ‘Silver Bullet’ or practical as an exclusive policy directive.

So reflecting back on the UK Government’s record where it first set out its policy on the use of open source in 2004, was restated in both 2009 and 2010, I can now probably add 2012 with the recent soap box antics on Twitter from our Cabinet Office. Then and now it appears its ICT strategy is and remains “Where appropriate, Government will procure open source solutions.”

It is encouraging to see the commission here in Europe openly supporting the level playing field between Open and ‘closed’ source software by advocating that solutions and product must stand on its own merits Quote: ‘The Commission is technologically neutral and does not require European Union member states to prefer a particular category of software or business model over another’.

So discordant is the voice from Westminster with the mature balanced tone from Europe that I wonder if this is the first signs of a wider agenda to distance ourselves from Europe. One can only hope so, but on this subject I fear it is woefully misguided.

I regret that on all the evidence it is simply a reflection of how much unhealthy influence the large intellectual property-based organizations that hide behind the aprons of the Open Source Community have on Westminster. They have their claws in at the highest level’s, it is no surprise when you reflect on the influence Steve Hilton has who is married to Rachel Whetstone, Google’s European head of communications and apparently gives unbiased aide to Cameron.

The disillusion as to the benefits of Open Source are further championed in ignorance by Liam Maxwell, Cabinet Office director of ICT futures as he seems to imply it will support SME’s. In fact it has been proven across the European OSS debate that quite the opposite is the case. The vast majority of SME’s succeed and fail according to traditional market forces and economics, that’s what the banks and investors demand. Investors expect security in the form of Intellectual Property in their investment and banks expect to see something tangible to lend against.

The disillusioned view that Open Source is laughably similar in its detachment from real world economics, if it were not for the realities, to the recent view of the largely publicly owned Royal bank of Scotland when its CEO asked to be treated like a commercial organization. If the RBS had been treated like a commercial organization, a reality facing all SME’s in the market, it would have been allowed to go BUST. Instead it is paying bonuses out of taxpayers funding, even in a year it makes a multimillion pound loss. The same poor judgment will incur taxpayers money in a policy that drives state ICT down an OSS one way street. It is a cul-de-sac, that Europe has had the foresight to backhaul out of, a lesson Westminster is insistent on ignoring.

As for the Open Source Community, the invidious reality is how they are being taken for granted. The ‘Gift Economics’ behind much of their voluntary time and effort is little more than Digital Enslavement (see my earlier blog on which expands this them in a social media context). Where all title and ownership is denied to them for the productivity of their communal efforts. Economic value that finds its way into the hands of a few – Red Hat, IBM, Google, and Facebook amongst others. This is no egalitarian outcome but the concentration of wealth in large commercial businesses built on the shifting sands of goodwill, not the sound economics of commercially prudent investors and SME’s.

Maxwell needs to revisit his thinking if he still believes that Open Source is the sole answer for Government to move away from what he calls "black-box" contracts involving big IT vendors to more agile systems delivered by small and medium sized enterprises. His view seems to point to the actual issue, "black-box" contracts, or interpreted as an inability to negotiate a sound commercial agreement!

A pity some of these people do not spend more time in the SME trenches before they are let loose in political life!

Filed under Computers and Internet, Small Medium Enterprise (SME)

ACTA – Legislating for Anarchy

February 8, 2012 Leave a comment

The debate on Internet freedom of speech and data regulation rumbles on to its next chapter. No sooner have the US attempts to weasel control over the Internet been quashed than the spotlight swings across the pond onto Europe.

Up comes ACTA (Anti-Counterfeiting Trade Agreement). Or should I say, ACTA’s long gestation in closed sessions, has come up against strong opposition in Europe which is hoped will derail what is a pernicious piece of Trade Negotiation. The European Parliament may be the last hope to reign in ACTA (Anti-Counterfeiting Trade Agreement).

Anti-Counterfeiting, sounds all good stuff and something the good guys of the Net would likely support. But for the fact that this has been an initiative conducted behind closed doors, and by a group of parties that gives a frighteningly distorted representation of all the parties who should have a voice in such discussions. Driven largely by commercial interests, both directly in open voiced support as well as through the shady world of high stakes lobbying.

ACTA can be synthesised into a simple sentence – The empowerment of corporate interests to police Internet content and impose penalties that extend to the restriction of an individual’s freedom if a large intellectual property-based organizations feels their business has been harmed.

This is not confined to the EU, ACTA is planned for adoption across the US, EU and other countries including Australia, Canada, Japan, Morocco, New Zealand, Singapore and South Korea, as a precursor to global roll-out. Furthermore this has been on a slow burn now for almost 4 years!

I am not going to relay the details of the agreement; you can read a good potted history and the salient elements on the venerable Wikipedia at http://en.wikipedia.org/wiki/Anti-Counterfeiting_Trade_Agreement

The impact this will have extends beyond just the freedom of speech the Internet has become a bastion for, but the more practical economics’ that the Internet is stimulating and risks supressing innovation as well as imposing an onerous overhead on an already distressed Small Medium Enterprise community. The ability for SME’s to manage their online activities will become a minefield, for many this could mean cutting off liberal use of a rich information resource, at a cost to their full potential.

Whilst we all recognise that the digital network realm is challenging the traditional laws on Copyright, Intellectual Property and Trademark protection, the ACTA approach is counterproductive as a practical solution. It is regressive in its thinking, instead of encouraging these large intellectual property-based organizations to adapt and innovate in the face of these challenges to the betterment of their own shareholders as well as the global user community at large, the agreement is taking a silo approach. Trying to build walls on crumbling foundations of a state of being that the world is moving on from.

The Internet ‘gift economy’ has already suffered extensive compromises to the good faith and trust of a global audience without the help of regulators. (See my earlier blog on Digital Enslavement ) As the freely given time and resources of users that fostered the term ‘gift economy’ is being harvested by large corporates such as Google, Facebook, Twitter and Flickr amongst others, far from the egalitarian impact potential hoped for. It has instead inadvertently accelerated the concentration of wealth in the hands of large intellectual property-based organizations. Organisations that are now with their Billion Dollar war chests hooked deep into policy makers and clawing for greater control.

We need to support the converse; it would be more beneficial to global economic regeneration to relax the rules that give large intellectual property-based organizations such power. To cut away at the Intellectual Property ‘thickets’ that restrict innovation and tie up creativity. For Magic happens here……….

Filed under Legal, Security, Small Medium Enterprise (SME)

Internet Giants show their true colours – Brazen at best

January 26, 2012 Leave a comment

The EU has hardly heard the echo’s fade from its announcement to redress the imbalance of data harvesting and controls enjoyed by the likes of Google, Facebook et al to the cries from these self-same organization.

Organizations that only yesterday were crying foul, that it is not necessary, then demonstrate arrogantly to us precisely WHY these changes to the law are so overdue:

1. Facebook risk their members privacy by forcing user profile changes that will expose millions of users previously private data and life events when they switch on their Timeline.

2. Google collapse all their data across all their divisions into a single resource.

For Facebook this is par for the course. It has always put its own interests and the use of its member’s data first before the wishes of their users. This action is a blatant challenge to regulatory authority in the face of the new EU regulation proposal that state users will have a ‘right to be forgotten’. Such a basic right challenges and strikes at the heart of the Facebook business model, placing the rights firmly back into the hands of the individual where they belong.

For Google it rips away the pretences of fair play in their handling of the huge volumes of personal data as they give unilateral access to it across all its divisions. Flying in the face of best practice they demonstrate a crass arrogance, this is not just the merging of one or two associated lines of business but 70 different service streams. The pretence that this has been done in the best interests of users would be laughable if not so serious and assault on users trust. The truth is it will add value to Google and their marketing/advertising engine and blend users data without recourse.

As I said only yesterday in my blog ‘New EU Data Laws’ commending the EU announcement for its bold step in which I champion the regulators to withstand the prospective onslaught to their authority and ultimate credibility that is coming from Commercial interest and to see these proposals into legislation. Law’s that will need teeth to tame the feral business models and cash cows like Google and Facebook.

Filed under Cloud Computing, Computers and Internet, Legal, Security

New EU Data Laws – Free Lunch over for Google and Facebook et al

January 25, 2012 1 Comment

What you need to know – http://www.zdnet.com/blog/london/european-draft-data-law-announced-what-you-need-to-know/2609

The European Commission has put forward suggestions for changes to EU data laws, championing the privacy of European citizens. http://www.bbc.co.uk/news/technology-16721546

Other articles are less objective as the depressionists come out in force crying down the new plans by the EU with scare tactics that they will cost business Billions. Running like a pack with showboating lawyers getting their 15 seconds of fame in the media columns frightening all and sundry with spurious legal scenarios.

My Blog back in November 2010, ‘Digital Enslavement’, touched on the impact on individuals that this regulation is going to redress. Better late than never it should stimulate a much needed maturing of the pernicious business models that have taken advantage of a ‘Wild West’ Internet frontier and innocence of individual participants.

As with any new frontier, the days of free for all are coming to an end I commend the EU for taking a first tentative step and a brave lead in making the beneficiaries of individual’s data truly accountable.

This legislation is an Internet and community maturity test as well as a much needed correction in the power balance of who controls individual’s data. If successful it will herald a new way of working, where individuals have the potential of full control and anonymity when disclosing their data and Corporatocracy will have to change their attitudes to cherish the granting of access to individuals data rather than the converse. My Blog Last October ‘A New age of data ownership’ takes one view on how this can be readily implemented using technology that has been in place for years, this is not rocket science and well within the capabilities of operators, individuals and legislators to realise today.

My word to our legislators is HOLD FIRM, you are on the right road. it is going to be a long road to member state ratification, possibly not till 2014 or 2015, during which you will need to hold fast to your principles to avoid having the core tenants of this legislation eroded by pressure from commercial interests.

The reality is the regulation blows away Billions of Pounds worth of cost and simplifies the regulatory landscape, albeit putting the burden on the Corporates who have been building their business models on the premise of free data at almost zero cost. Now they need to dip into their cash piles that they squander so readily, and become accountable and responsible at last.

The immediate reaction we are seeing is more than the conventional resistance to change. We must maintain a candid guard in the face of the messaging pouring out from Big Corp press machines who are having a field day protecting their sponsors, Google and Facebook leading the pack. Why? Simple they wish to continue the data feeding frenzy that has fed their balance sheets and business models without check for too long.

With Facebook due to IPO shortly this could not come at a worst time. For the populous who have in blind trust allowed their data to be consumed and mined by such entities with little regard for the owners privacy or reward, it has come possibly just too late for yet another entity to cash in on individuals data.

We have a long way to go yet, but I for one am optimistic there is a positive change in the air.

Filed under Cloud Computing, Computers and Internet, Legal, Security

The future is Brand – It’s a Trust thing.

November 16, 2011 Leave a comment

Having finished another product strategy meeting with a large IT software company I am spurred to reflect on the core underlying value proposition that much of the debate was blindly flailing around and not quiet pinning down.

Brand – The organisational or product Identity, the interaction with and use benefit off which in the eyes of the consumer fosters Trust. Some earlier thoughts on Trust – Trust in Digital Life Theme for 2011.

Brand and market Trust are floating to the top of the corporate asset pile, as challenging intangible assets off balance sheet. The deployment of which is going see the rise or fall of many organisations in the IT marketplace as they head inextricably closer to their individual event horizon with Cloud Computing.

IT ecosystem engaged Companies have an opportunity today, even the big behemoths that have not shown the agility of their more nimble SME counterparts should be looking to Cloud Computing as a way of breaking the mould and capitalising on their Brand value.

For ISV (Independent Software Vendor) product companies the focus tends to be on how to engage services and for service companies it is how they can become the next generation CSV’s (Cloud Software Vendors).

This is not without foundation as many traditional IT software products with niche market dominance are being challenged by new start-ups ‘Born in the Cloud’. The only warning these traditional companies get is when their annual support and maintenance contracts don’t get renewed! Then it is too late.

The traditional Trust that companies have developed with their customers is going through transition with Cloud computing. Some customers simply do not see their traditional suppliers as Cloud Companies and therefore are not even engaging them in a cloud discussion. As such they will be out shopping with new Cloud ready organisations. Others swill allow the traditional trust to drive new Cloud offering from these vendors, but they will be less tolerant of failure. As such new world Cloud Trust has to be seen as re-investment for organisations and the starting point is TALK TO YOUR CUSTOMERS about your plans. DO NOT cut and paste Cloud across your websites and marketing material, the market awareness is developing fast as to what real Cloud means, this is a short term win with a high risk factor medium to long term on your Brand Credibility.

History has some interesting lessons to share….

Coca-Cola is always heralded as THE Uber Global brand. I would dispute this. It is a one trick pony that has established singular dominance in a niche fizzy drinks sector. Virgin on the other hand is the antithesis, having shown a truly mercurial ability to transmute its consumer loyalties across multiple vertical market sectors the speed of which the success has come can only come down to Brand awareness.

Brand value and consumer trust in a brand does not come easy or cheap. There are few short-cuts to replace the years of investment developing product quality and or service delivery, establishing a track record of consistently exceeding the consumers’ expectation. The sadness is this can all be thrown away in an instant.

The king of the Brand Crash was and he still holds the crown I would suspect – Gerald Irving Ratner. He administered the preverbal Head Shot to his Ratner Brand of Jewellery stores with the truth!

The £500m question was "How can you sell this for such a low price?" The Ratner answers:

· "because it’s total crap."

· "cheaper than an M&S prawn sandwich but probably wouldn’t last as long."

Over £500m was wiped off The Ratner Groups value almost overnight.

What was this saying? Apart from a suicidal honest Chairman, it was demonstrating how the Ratner Brand had the confidence of its market despite the reality of its product’s.

Then we have what I call the identity egotists’. New Chairman or CEO’s who come into organisations and feel obliged to apply their ‘mark’ on the company. What better way (or not) to do this but to re-brand!

Failures abound across both the private and public sectors include:

· UK Royal Mail – Consignia. Who in their right mind throws out a Royal association with a brand that is simplicity in declaring purpose as mail delivery? The national outcry and pride in the Royal Mail brand was instrumental in returning this to order.

· British Airways – The removal of the National Flag from the tail of their planes and replacing it with obscure art. Again did anyone thing how symbolic the National Flag was to the very visual identity of this airline? It too Richard Branson declaration to adopt the flag instead on Virgin Planes for BA to re-adopt the flag.

Less disastrous brand assassinations include

· Scottish Telecom > THUS. Despite the up swell of customer objections, THUS remains, and has resigned the company to a Global Nomad orphaned from the international credibility of the Scottish Brand.

Read on for the Top 10 Brand disasters of 2010 (yes just in one year!)

· BP – Losses $20billion. Largely due to its handling of the oil disaster.

· Dell – Losses $7billion. Illegal market activities with Intel.

· Goldman Sachs – Losses $6Billion. Compensation practices and questionable trading activities.

· Sony – Losses $5Billion. Lost its leading edge in video game market to Microsoft & Nintendo.

· Adobe – Loses $3billion. Lack of agility in response to challenges to its Flash technology.

Etc…..

The main culprits here are the Brand and marketing agencies who on the face of the above are looking no further than their own betterment. But then I have never known such a fickle industry that ebb’s and flows with the prevailing mood. Or maybe that is what they are meant to do and we as business leaders should be demonstrating clarity by saying NO and not treating them as the definitive on our brands.

After a brand dies, what remain are a name and the memories in consumers’ minds, and in many case I suspect a somewhat shocked group of shareholders!

Filed under Cloud Computing, Computers and Internet, Security

Power to all my Friends – A New age of data ownership

October 17, 2011 1 Comment

Once again sitting around a dinner table immersed in the conversational euphoria of many great online experiences shared amongst friends the threads of a more invidious undertow weave a sobering reality. The horror stories of data that has been compromised, band details exposed, Facebook images that went public without permission, disconcertingly targeted advertising appearing on webpages and even phone calls from unknown vendor call centres offering unwanted services.

As a technologist and security specialist I frustrate at the cavalier attitude that many organisations take to individuals data. From ecommerce entities that do not comply with basic PCI-DSS (Payment card Industry Standards and Data Security Standards) to social media and search sites that return questionable value to the individual when balanced against the against the risk the retention and data mining of that data will have.

Technologies exist and practices are already well developed that can empower users to enjoy the Internet and third party services AND keep control over their identities and data.

There are many permutations and tools out there to achieve this, but let me take one blend by way of illustration which is by no means exhaustive in detail but will demonstrate that there is a better way. A way that I predict, in not to dissimilar form, will one day become prevalent, be it once legislators finally say ENOUGH in the face of public outrage and force the initiative, or as I would prefer to think the industry would lead by best practice and self-regulate by adoption. Call me a cynic but I regret that the former rather than the latter is likely the case based on current attitudes of the Google and Facebook’s of this world.

The concept I would suggest would go something like this:

a) Principle establish = individual’s data is owned by the Individual.

b) Principle established = title/ownership of individuals data can never be perpetually transferred to a third party; it can only be grated for a ‘term’.

c) Principle established = On the expiry of a ‘term’ grant of any data by an individual that data will expire automatically and be ERASED.

d) Principle established = data can only be used by the entity it is granted to.

e) Principle established = data can only be used for the purpose it is granted.

f) Adoption of an authentication standard that is well established across multiple platforms and can integrate with multiple vendor solutions.

g) Adoption of an authentication model that allows fractional disclosures of data that can be controlled by the data owner wither anonymously or identifying the individual.

h) Adoption of an orchestration system that can ensure users data is held

i) Websites should have a mandatory rating that categories content to allow better protection of the innocent and to lend some degree of legitimacy.

· Claims based authentication meets the authentication ideals noted above, it is already built into many operating systems, from Windows to Mac and Linux.

· The principles suggested are no more than what individuals already assume when they disclose data.

· Document records management and retention systems already automate the archiving and expiry of data in corporate systems.

· Compliance practices and Trustmark programs already exist to ensure data management is of the highest standards.

· Regulatory penalties exist for non-compliance, but are poorly implemented and policed.

· Many well established and accepted rating systems exist. These can be aligned to websites and automated so browsers respect a user’s elected or policy enforced filters.

Finally I would support a special measure to protect our children. Our children should be allowed to safely explore the online realm without laying down a virtual shadow that can come back and haunt them into their future. As in the physical world children need to understand boundaries and develop their own identities safely, they do this by pushing back and sometime through over exuberant expression. Recruitment agencies are already delving into social network sites and profiling individuals with historic discretions that would otherwise have been forgotten as the expressions of an adolescent.

All we need is a will, the way is already paved, let’s take the journey willingly as the alternative is a force march.

Filed under Cloud Computing, Computers and Internet, Home Computing, Legal, Security

Windows 8 – Premature aging!

September 28, 2011 Leave a comment

Windows 8, well at least they have not tried to go all marketeee’s on us with another ‘Vista’ nomenclature.

That having been said there are far too many similarities to Vista’s early on-ramp messaging for comfort. For those of you who remember the Vista pre-launch marketing and launch events you will recall the predominance of UI frippery and consumer eye candy at the expense of enterprise features. That by no means mean there was any absence of great enterprise functionality, it was there en-mass. The parallels I am seeing are primarily the blinkered focus on the Metro UI in much that I read on the Microsoft blogs and in the press. Microsoft if you are reading, reflect on the Vista faux pas and do not neglect the enterprise for the sake of eye candy. I know few enterprise customers who are comforted by Metro at this stage of its evolution, regarding it as another control surface that needs to be managed to align enterprise users to purpose.

the Windows 8 Metro interface can be summed up as the adoption of all the inefficiency in design of the WM7 Tiles and side scroll nightmare of Apple’s iOS in a design and motion exercise that is already looking dated. This does not bode well for how it will look come the spring/early summer or whatever launch without significant changes.

For my part I believe Metro should be breaking the mould. In 12 months’ time when Windows 8 is into market its current interface will I believe be already dated. There needs to be an evolution into some 3rd Dimensional aspects of UI design moving off what is a very flat and passé 2D Graphic User Interface genre. There are many interfaces technologies available today that uses depth and prioritization amongst other parameters to allow more information and context to be presented intuitively as a fluid spacial experience.

If I was to take one scenario that is going to be well matured in 12 months’ time and that is the Kinect like experience that will positively yell out for 3D UI’s that a user can veritably swim at!

As for now we have an OS that is distinctly bi-polar, pulling users in two different directions with very different intents and characteristics. In some areas the technical functionality comes to blow’s and is clearly conflicting, this may be a Pre-BETA issue, but none the less these issue are likely to echo into release-ware. For now we have a conflict of interests in what has been presented and there needs to be greater clarity of purpose for Metro IF it has a place alongside the desktop.

The challenge is the form over function. Yes the market is driving the cross platform single OS concept and the practicalities are abounding for a vendor supporting multiple devices with one code base. I have used a tablet now for over 2 years now and I have NEVER travelled without my notebook for the proper business of computing, albeit 48 hours in London to give the experience a real test, it failed.

Despite many advocates of the Tablet revolution as a notebook replacement it is not. For middle to high demand users a tablet is not a current option. I cannot see on the horizon a Windows Tablet that is much more than a keyboard-less notebook with all the cumbersome weight and bulk that is demanded to deliver the computing power with sub 8 hour battery life. The Samsung pre-release freebie given out at Microsoft’s Build conference is going in the right direction.

In summary, I can understand the temptation to get the OS into the wild for real-world feedback on the UI and take a temperature check on the fundamental structure before the functional creases are all ironed out. The problem is It may have been self-defeating as the Metro UI feels clunky and ‘stuck on’ to what is perhaps a desirable evolution, not revolution, of the desktop. For now the temperature check is reading tepid and cooling.

Filed under Computers and Internet, Home Computing

← Older posts