This week at Interop Las Vegas, I met Dusan Vitek, vice president of worldwide marketing at Kerio Technologies Inc., who said, “I feel guilty whenever I send an email with an attachment.” I actually laughed out loud because I feel exactly the same way. Somehow, an attachment feels a bit like littering to me, but that might be because I, like Vitek, know that email attachment risk is a real threat to your company.
It’s been 16 years since the Multipurpose Internet Mail Extensions — or MIME — standard gave us the ability to attach documents within an email. It seemed like such a little life convenience back then — no more long lines at the fax machine!
But what we didn’t know then is that the email attachment changed everything. Email systems were never designed to handle binary attachments, and now a single file could be replicated internally hundreds of times just by the simple inclusion of another person on a copy of an email, forcing IT to invest in deduplication technology.
Every one of us knows the pain of a 10K limit on our inbox when we’re getting files that are half that size in a single email blast. We also had to start worrying about malware making its way on emails posing as “investment opportunities,” or even humorous videos from your maiden aunt, not to mention the concern about industrial espionage or proprietary information leaving your company without anyone ever realizing it. And of course, there’s the obvious annoyance of document version control that usually ends up with someone handing a mess of a document to an intern, along with 16 different versions of changes and hoping that the intern can make sense of the madness, which I only wish wasn’t a true experience that I’ve had or witnessed more times than I can count.
When it comes to your network’s health, the innocent little email attachments are death by a thousand cuts.
This month we’re looking at content management and project and portfolio management tools, and one thing that strikes me is that many midmarket companies consider collaboration tools “nice to have.” OK, everyone’s got shared drives, but how many people are actively using them for frequently changing documents? Just like water always runs downhill, teams are almost always going to go with the easiest solution when no one’s looking — they’re getting by with sharing documents in email and a few rogue project managers have admitted to me that they are turning to Google Docs in defiance of their company policies.
While benefits from collaboration tools are difficult to measure in bottom-line dollars, a reduction in email attachments is plucking low-hanging fruit. Innovation can be borne from constraint: Whether it is by using a widely adapted collaboration tool like SharePoint, Google Docs or Cisco Quad, or by inventing your own solution, as Vitek did with Kerio’s Workspace, I challenge you to make a serious procedural reduction in corporate email attachments or risk drowning your network in your own duplicated memos, PowerPoint decks and PDF files.
Back in the day, the must-have feature for technology products was “Internet-enabled.” (Remember when Windows became Internet-enabled? It meant sticking the browser in.) It got kind of sickening to hear it over and over. Now we take it for granted.
Now it’s “cloud-enabled,” and as much as I am already a little tired of hearing it, the fact is new cloud-enabled applications are rolling out every day, and pretty soon, we’ll take the cloud for granted. Microsoft bought Skype this week. Why? Because Facebook was bidding on it? Yes, but also because it’s all about the cloud.
These are all natural extensions to existing applications. Making them cloud-like is a matter of virtualizing the resources they use and creating on-demand functionality.
What’s next? How about the cloud-enabled automobile? Sure. The cloud-enabled bicycle computer. The cloud-enabled refrigerator. The cloud-enabled fill-in-the-blank. The sky is the limit.
It started with a from Keith Urbahn, chief of staff for former Defense Secretary Donald Rumsfeld: “So I’m told by a reputable person they have killed Osama Bin Laden. Hot damn.” Then it picked up steam: People responded, retweeted and then, just like that, was experiencing a huge flow of traffic. The site reported a record data spike of 5,106 tweets PER SECOND in the moments before President Obama addressed the nation with the official news.
We didn’t know it for sure at the time, but even before confirmation, the hive mind of social media had certainly reached a huge landmark in information technology. Contrast that with Sept. 11, 2001, when most of us heard about the attacks in New York and Washington the old-fashioned way: over the cubicle wall or via breaking news on the television. But what is really striking is this — way before Urbahn’s tweet that launched a thousand retweets, evidence of the military action was being revealed by Twitter user Sohaib Athar in Abbottabad, who commented on the explosions and helicopters in a series of status updates and then tweeted later “Uh oh, now I’m the guy who liveblogged the Osama raid without knowing it.”
While I doubt that Athar’s tweeting had much affect on the outcome of Sunday’s raid, it should serve as an important lesson when it comes to social media risks and matters of your own information security. What might seem like innocent observations to your staff might actually tip off your competitors to new projects or a vulnerability in your system. When it comes to the almighty dollar, if knowing exactly what your employees are blasting on their Facebook pages and blogs can have competitive advantage, a prudent capitalist would be foolish to ignore the feeds. Who needs corporate espionage if people are just giving it away for free?
Of course we can’t reasonably prevent our teams from participating in Facebook and Twitter in their personal time, but it’s prudent to make everyone aware that our immediate access to the periphery of daily life has turned the global village into a very nosy little neighborhood, and there are certain topics that need to be kept off the social networks.
Last month, our experts Nelson and Danielle Ruest wrote about social media risks and and had great advice for the midmarket CIO: “Assigning active personnel with the responsibility of updating and maintaining a presence on the social network and ensuring that this personnel is aware of information that is ’‘ — or verboten for the masses — is the only way to make sure your organization will take advantage of the benefits of these networks without risking its own internal secrets. Be careful how you use them, but use them to your advantage.”
While Athar is making jokes about staying alive, no one wants to be the guy who fed insider information to the other team. Just another reason why a rock-solid social media policy protects both you and your team.
My colleagues and I in the CIO/IT Strategy Media Group have spent much of the first half of 2011 talking with CIOs about innovation. So much time that I think I might go crazy asking another question about CIO innovation. But happily, I’m always surprised by the answers we hear.
The latest sampling came from the CIOsynergy Chicago 2011 conference I attended last week.
One CIO, Paul Cottey of Accretive Health, talked about innovation not as something that has to be forced but something that will happen naturally, given the right environment. “Expect innovation to occur,” despite a bad economy or fewer people doing more work, he said. Not everybody can be an innovator, but it may be enough to enable others to be innovative. “I got out of the way,” he said.
Others said that innovation may simply be a matter of recognizing an opportunity and seizing when it comes along. “One person’s ceiling is another’s floor,” said Greg Goluska, CIO of DSC Logistics.
What keeps coming through for me is that to be truly innovative, solutions need to be put in place and be ready before the occurrence of the problem for which the solution was designed. In other words, IT innovation isn’t about keeping up with the business; it’s getting ahead of it. That does not have to be accomplished through some magic trick or guessing game. It comes from developing an understanding of the business as well as anyone else in the company.
Another week, another major hack. It seems these things go in cycles. There was a major breach at email provider Epsilon earlier this month. But the recent attack on the PlayStation Network is unprecedented, in many ways. And most of it does not have to do with gamers.
First, with more than 70 million users affected, the PlayStation Network breach could potentially be the biggest identity theft event in history.
Second, and I think more egregious, is the incredibly slow response from Sony. As of this writing, the breach is a week old and the network is still down and could be for another week.
Third, Sony, a noted technology vendor, visionary and pioneer (and also perpetrator of the infamous CD digital rights management scandal a few years ago) should be ashamed of the scope of exposure to its network.
But there is a ray of hope. For the millions out there who are addicted to the PSN multiplayer versions of Call of Duty: Black Ops and the new craze, Portal2, as my two sons are, there is a rare opportunity for a respite from the virtual world and a chance to face reality.
Time for Sony to do the same.
Mondays have a reputation for being the least favorite day of the week for many people. Normally I disagree with that feeling, but this Monday at 9 a.m., my laptop started acting a little hinky. I knew something was up, but then 10 minutes later, Windows warned me that it had blocked some strange ISP traffic. Yep, I’d been hit by a Trojan.
Because I’m remote and didn’t want to involve the help desk unless I had to, I spent a day running antivirus software, then another day playing phone tag with the help desk, all the while I was rebooting again and again and again. Whatever demon got hold of my machine was very, very good, because even after a clean scan and blessing from my antivirus software, the system would continue misbehaving. It was clearly time to hand the machine over to our tech support folks. Slight problem: I’m in Wisconsin and they’re in California.
While my machine is in the shop, I’m living the Bring Your Own Device dream. I’m an incognito Apple fan girl and while I always thought the BYOD ideal was preferable, I’m now seeing how difficult it is to manage while I try to re-create my work environment on my Mac. Some programs aren’t playing nice together– some processes won’t even speak to each other, which I’m still trying to figure out – but overall, I am adapting to this process a lot faster than I would a loaner machine simply because it feels like home.
In an ideal BYOD shop, I could have just plucked from a menu of apps and data governed by IT, installed them myself regardless of OS and gone on my merry way. Mick Hollison of Citrix Synergy advocates the BYOD model, calling it “people-centric computing.” He feels it drives employee satisfaction while enabling IT to have a more strategic focus, freeing the help desk from having to, say, support three-month-old laptops that are infected with mega Trojans like mine. Citrix doesn’t even have to deal with purchasing: They just give employees a stipend and say, “Go buy yourself a little something.”
The stereotypical response from Mac fans is that if my work laptop had been my choice of a MacBook Pro, I wouldn’t have gotten a Trojan because Macs aren’t targeted by these programs, but that is not entirely true. However, I have to admit that rather than playing phone tag with the help desk, I probably would have just gone down to the Apple store that’s less than a mile from my house.
Sure, same end result whether it’s a BYOD or not: Someone else has to fix my problem. And while I can’t say that it would have been resolved faster with a BYOD paradigm, I know for a fact that my laptop won’t even be in California until next week. If I had the power as a user to self-support my own device, it would have been in a tech’s hands on Monday by 10 a.m. From where I’m sitting, that’s a pretty huge argument for BYOD.
First, I have to admit, even as a Cisco Flip camera owner, I had no idea that Cisco owned the product, but it has since 2009. Guess I missed that one.
Second, everyone seems to understand that the death of the Cisco Flip camera is because of Apple Inc.’s iPhone and other HD video-ready smartphones. But, as New York Times technology columnist David Pogue points out, the actual number of multitasking smartphones out there is still relatively small compared to the number of phones that only offer voice services. So discontinuing the product (and, in the process, laying off more than 500 people) seems pretty premature.
Third, if Cisco really wanted to get some return on its investment, why not try to find a buyer for the Flip camera? Or give management an opportunity for a buyout? Crazy.
But given Cisco’s history in the consumer (small-business?) products space, it’s buyer beware the next time Cisco starts to take its eye off the enterprise
I live in a relatively modest 1,500-square-foot bungalow. It was built shortly after World War II by the first owner, a man who wanted his house to withstand possible mortar attacks from a resurgent Axis Alliance. Embedded within its very walls is a steel mesh that is great for stability but turns simple home improvements into a nightmare. It also means that we live in a form of a Faraday cage.
Our smartphones go from five bars to maybe two the minute we step inside the door. We also need to have two Wi-Fi hubs. They’re maybe 40 feet apart, but the signal just can’t make it through — literally — three walls of steel. Of course, old buildings being quirky is nothing new: A friend works in a rehabbed warehouse space, and deals with the constant issues caused by his overworked HVAC system not being able to chill the servers due to lousy insulation on the outer walls.
So, you move your operations to a new structure and problem solved? Maybe! Or maybe your problems are just beginning.
Modern builders employing green building methods tend to wrap the building frame — from floor to rafters — in insulated membranes like Protect TF200 Thermo or gold foil TyVek wrap. It’s a reflective surface, which is great if you want to prevent lost heat and cooling, but it might not be so awesome if you rely on wireless connectivity. And the worst part is that it’s already in the walls when you sign the lease on your new space, and you’ll never realize that you’re in a Faraday cage until your team logs onto their iPads and BlackBerrys.
Features Writer Laura Smith wrote last month, “IT may own the blueprint of the future, but facilities owns the blueprint of the building, and that usually determines where pipes and cables are laid, as well as where vents and access control points are located. IT’s involvement at the beginning of a data center consolidation and virtualization project helps eliminate the need for expensive retrofitting later.” You can’t really do anything after a building has been wrapped in environmentally friendly construction materials, but this is the kind of information that the facilities manager might not realize will impact the CIO’s bottom line. Sure, another AirPort Extreme isn’t going to kill anyone’s budget, but an unexpected 1,000 extra AirPorts and a need to change a telecom strategy most definitely will have an impact.
You never really know what you don’t know, especially when it’s bricked up inside the walls. Great CIOs have always been able to roll with surprises, whether it’s an unexpected system outage or a lost radio signal; but this is just one more reason why a CIO needs to establish a great relationship with her facilities manager.
My wife and I started getting the emails April 4. Best Buy. Our bank. Other e-commerce sites we had shopped. The impact of the Epsilon security breach was far and wide.
My first thought was that at least companies are getting less squeamish about putting out breach notifications. By now, businesses understand that a security breach doesn’t necessarily mean that they will be put out of business, which we learned with the TJX data breach.
But what is different in the wake of the Epsilon attack is that cybercriminals don’t necessarily have to get all of your personally identifiable information anymore to be able to get an edge on the consumer. Here, they just got names and email addresses. But that may be enough: A mere notification may be enough to spur someone to reply to a phishing email and inadvertently give away much more information than the original breach garnered.
Just as companies all have to have security and privacy policies, so do individual consumers when dealing with cybercrime. The same rules apply, however — awareness, diligence and taking the responsibility to know with whom you are doing business.
The first “mobile computing device” that I used was a 30-pound IBM “luggable” PC. It cost more than $4,000 and boasted the Intel 8088 microprocessor running at a blazing 4.77 MHz and ran off of two 5 1/4-inch floppy drives. There really wasn’t anything mobile about it, and not much computing was to be had, though it helped get me through college.
Today I am writing this on a 1 GHz dual-core Apple A5 “custom-designed, high-performance, low-power system-on-a-chip” (as described by Apple) — an iPad — which costs $500 and weighs only 1.35 lbs.
IT has taken the economy and productivity in most industries to new heights in the past 30 years. Health care has stubbornly stayed on its own course, sometimes fitfully trying to play catch-up. It was only about two years ago that my doctors first started bringing laptops into the exam rooms instead of paper charts.
Now, with mobile technology devices like the iPad, tablet PCs, the iPhone, the Droid phone, BlackBerrys and a host of new remote home monitoring technologies and services, it’s time for health care to make the great — albeit delayed — leap into the Information Age.
I spent this week at the Institute for Health Technology Transformation’s conference in Atlanta, “Health IT in Practice: Strategies for a next generation health care system.” Based on what I saw and discussed with attendees, it seems that health care could now even be in the HOV lane, speeding by other industries.
The requirements of security, privacy, multiplatform capability and usability are pushing health care developers to create truly revolutionary apps for patient care. The difference this time is that these are technology answers to crucial questions being driven by health care reform and other electronic health care mandates, rather than whiz-bang technologies trying to change things.