government

Oct 1 2008   8:03PM GMT

Financial Crisis & Technology Accelerators

Posted by: Troy Tate
administration, homeland security, financial analysis, government, website, Metrics, threshold, risk, awareness, blog, Wall Street, analysis

We all know that things in the US economy are bad right now. Looking back we wonder if anyone was thinking ahead and thinking “what-if” and managing the risk. Apparently no one was doing that and here we are today with the government working on a $700 billion bailout for some critical financial organizations to ensure the world credit market does not collapse.

Speaking of looking back, I was recently reading the book Good to Great by Jim Collins. This is a easy to read business management book with some very good nuggets. It was written in 2001 and focuses on several companies and what it took for them to exceed the general market and become what the researchers considered great companies. Some of the companies mentioned include Abbott, Circuit City, Fannie Mae, Kimberly-Clark…

Wait, did I just say Fannie Mae? Isn’t that one of the companies that is being bailed out by the US government? Why yes it is! Interesting… before 2001 Fannie Mae was considered a great company according to Mr. Collins and team. You are wondering how I am relating this to IT or technology. Well, one of the chapters in the book is titled “Technology Accelerators”. This chapter focuses on how do “good-to-great organizations think differently about technology?” The book says that Fannie Mae:

“Pioneered application of sophisticated algorithms and computer analysis to more accurately assess mortgage risk, thereby increasing economic denominator of profit per risk level. “Smarter” system of risk analysis increases access to home mortgages for lower-income groups, linking to passion for democratizing home ownership”

As we have seen, something must have changed since 2001. Fannie Mae is no longer considered a great company since it is in need of so much taxpayer help due to poor risk management. What did the company do with the technology that made them so great before 2001? Did they just modify some Excel spreadsheet and change the threshold so some cells that were red are now yellow or even green? Did they ignore the idea of managing mortgage risk to ensure that people could have the “dream come true” of home ownership?

I cannot answer that since I am not part of Fannie Mae or any financial institution. I just ponder what if they had continued to use technology effectively in addition to making less risky decisions if they would still be considered a great company.

One thought I want to leave you with is one of the unexpected findings by Mr. Collins and his research team about technology accelerators:

“The idea that technological change is the principle cause in the decline of once-great companies (or the perpetual mediocrity of others) is not supported by the evidence. Certainly, a company can’t remain a laggard and hope to be great, but technology by itself is never a primary root cause of either greatness or decline.”

Aug 21 2008   8:08PM GMT

IT Equipment search & seizure at the US borders

Posted by: Troy Tate
administration, Networking, forensics, Security, Monitoring, reporting, internet, CIO, Mobile, DataManagement, IT education, WAN, intellectual property, Data security, government, Policy, design, online identity, risk, research, policy enforcement, awareness, blog, data loss

I have recently been hearing some rumblings about this issue. I work for a firm with international locations and have travelled out of the country myself. So, this is a personal issue.

What I am referring to is the situation described in this article by David Jonas of The Transnational: Airport Laptop Seizures Debated in Washington. I know that I should have nothing to worry about if I do nothing wrong like any law abiding citizen of the world. However, what about the risk to an organization’s intellectual property?

Look at the comment …the laptop seizure policy is not analogous to physical searches of persons and belongings at airports: “Not only does the government get access to an unprecedented wealth of material with a laptop border search, but the government now has the ability to copy, store and analyze that information at its leisure. In traditional border searches, travelers carried their suitcases with them once they cleared customs. With laptop border searches, the government can keep everything in the computer in perpetuity.” So, who is responsible for the data once it is out of the traveller’s hands? What is the care & duty of the government with regards to a company’s intellectual capital?

This issue seems like a bureaucratic (and maybe totalitarian leaning - think “Big Brother”) nightmare! Who would be considered the appropriate person to review the data on a device? What is their liability if the device or data is damaged during their review?

I know I don’t have an easy answer to these nagging questions and it will take much better minds and skills than mine to work through the protection and liability issues for an organization. What mechanisms do you use to protect equipment and data during travel? Maybe this situation is a boon to shipping organizations. More people may be shipping their gear ahead of them when travelling across the border or use equipment at a remote site and transfer data across a network.

This situation is definitely one to watch and be concerned about as world citizens.

Thanks for your time. Let’s be good network citizens together & practice safe networking!

Apr 18 2008   1:16PM GMT

Did you see this? - Georgia requires security metric reporting

Posted by: Troy Tate
Security, Monitoring, reporting, DataManagement, NIST, Data security, government, Metrics

I saw this news release recently and wondered what standard metrics Georgia government agencies will be reporting and how they will be gathering the information. Are there any Georgia readers out there? How are you addressing this activity for your agency?

News Release

Gov. Perdue Signs Executive Order Strengthening Georgia’s Information Technology Security

Mar 20, 2008, News Report

Gov. Perdue today signed an executive order to protect state data by standardizing information security reporting.

“This executive order is a critical part of the larger plan I announced in December 2007 to transform the state’s technology and shore up the underpinnings we found lacking,” said Governor Sonny Perdue.  “As I stated then, technology is the foundation of a well-run, modern-day enterprise.  This action will go a long way toward addressing our security gaps and giving the state the secure IT infrastructure it requires to responsibly serve Georgia’s citizens.”

==============================================

Thanks for your time. Let’s be good network citizens together & practice safe networking!