Feeds:
Posts
Comments

Archive for the ‘social media’ Category

On 15 January 2014, George Osborne stated at the Open Europe Conference, “Europe accounts for just over 7% of the world’s population, 25% of its economy, and 50% of global social welfare spending.” The Right Honourable George Osborne, MP, is the current Chancellor of the Exchequer in England, the equivalent to the Treasury Secretary in the United States. On the surface, this seems like a typical politician’s claim and subject to doubt. But it is likely true.

According to Eurostat, the 27 nations that make up the European Union account for around 7.2% of the world’s population. If you include European nations that are not part of the EU, then it rises to 10.5%. Also according to Eurostat, the EU nations make up 25.8% of the world GDP (about 30% if you include all European nations). So if Mr. Osborne really meant the EU, he is spot on for the first two claims. The last number is a lot harder to pin down. Mr. Osborne credits German Chancellor Angela Merkel for the claim, but fullfact.org has not yet received an answer from the Chancellor’s office. In 2012 the World Bank published a report that Europe accounted for 58% of the world’s social welfare spending. This number included 36 countries as “European,” which includes the 27 EU members. So maybe the 50% number is reasonable for the EU.

Is it any wonder that the millions fleeing from the Syria, Afghanistan, Iraq, Kosovo, Albania, Pakistan, Eritrea, Nigeria, Iran and the Ukraine head to Europe? They are certainly not heading for Africa or Russia, even though Russia has a lot of empty space to house hundreds of thousands of refugees. Just as for many of the people who cross into the US from Mexico and further south, many of these people steaming into Europe are really economic refugees. On average in 2015, each EU country had 260 applicants for each 100,000 in local population, but of course it was not eevnly spread among the EU countries. Hungary had 1,799 applicants for each 100,000 in population, while Spain had 32.

Clearly the majority of these immigrants are fleeing terrible conditions where their lives are at great risk. In my view, these people are refugees that the receiving countries have some responsibility to deal with. But we see in the daily pictures from Europe, many able-bodied 18-35 year old men and women with no accompanying children. These people have no pride in their own land; they are not willing to stay and fight for their country and their culture. How much investment will they have in their new country?

This war-fed migration pales when compared with the fleeing masses during and after World War II. Some estimates put the European component of fleeing refugees at 60 million, with over a million of them still trying to find a place to settle five years after the conflict ended.

Perhaps the biggest difference between then and now is that this war still goes on. ISIS and other organizations still want to take over the world by any means. This migration provides the perfect opportunity for ISIS to infiltrate hundreds of fighters and organizers into Europe, and no way for the European countries to verify the identity and background of any of these people.

Another importance difference between now and just after World War II is the ability of these migrants to communicate. In some cases, and for really good reasons, these migrants are being given smart phones. They are an easy way for the authorities to provide information on where to get help and what options are available, and for the migrants to communicate with family members already in Europe. It also provides a way for the few invaders to communicate among themselves and with any sleeper agents or groups already in place.

The last word:

The US government created the Transportation Security Administration, with an annual budget of more than US$7 billion. The main result of this expense is to inconvenience the more than 800 million passengers in the US each year, adding wait hours to every passenger just to get on the plane. Based on the absence of any “we stopped this attack” information from TSA, it seems that actual attacks are stopped by passengers or crew, not TSA. TSA does provide a weekly report that, on average, reads like found six “artfully concealed prohibited items,” about a dozen weapons (mostly small pen knives), and arrested about a passenger a day for “suspicious behavior” or fraudulent travel documents. There is no indication that any of these incidents actually posed a threat to passengers. Rather, the long queues at checkpoints create clusters of people that are prime targets for those wishing to do us harm.

Comments solicited.

Keep your sense of humor.

Walt.

Read Full Post »

Over half of the emails I get are spam and potentially contain malware. A few CIO’s have told me that up to 80% of the email that is sent to their company’s email server is spam. Email is the most popular way for cybercriminals and cyber terrorists to get malware into your company’s IT infrastructure or your own personal computers.

MetLifeI recently received an email apparently from MetLife Insurance, complete with Snoopy and the same copyright notices and disclaimers that you would expect to see on a legitimate offer from the company. But it was from Romania.

How did I know it from Romania? The “from” field in the email said “MetLife – Life Insurance”, but when I checked, the actual email address ended in “.ro”, the Internet country code for Romania. Unless you know someone in Romania or do business in Romania, never open an email from there. Romania has many quaint villages and towns, among them Râmnicu Vâlcea. The economy of the 120,000 people who live there is centered around cybercrime, specializing in ecommerce scams (like this MetLife email) or malware attacks on businesses, like yours. The economy is good: lots of expensive BMWs, Audis, and Mercedes, new apartments buildings, gated bungalows, new nightclubs and shopping centers. The US Embassy in Bucharest estimates that Romanian cybercriminals steal US$1 billion from Americans each year.

emailaddressIt is easy to see the actual origin of an email. In most email programs, simply click on the “from” name. Usually to the right of the name will be a triangle symbol. Click on that and you should see something like this, showing the actual email address and giving you options like “Copy Address.” In this case, the email address belongs to linkedin.com so the probability of it being legit is very high. The Met-Life email I received ended with “.ro”.

Another automatically suspect country is The Netherlands (.nl). At least 75% of my spam emails come from either .ro or .nl. If you are curious about an Internet country code, just enter it with the leading period in Wikipedia (e.g., “.no”).

One country has legitimately cashed in on its country code. Tuvalu is a Polynesian island nation midway between Hawaii and Australia that gained independence from the United Kingdom in 1978.   It’s population is less than 11,000. It’s Internet country code is .TV. The domain is currently operated by dotTV, a subsidiary of Verisign. The Tuvalu government owns 20% of dotTV. The net result is that every quarter, the Tuvalu government receives US$1 million for use of the .tv domain. Verisign has been marketing the .tv top-level domain name for rich media content.

What does a very small relatively poor ($3,400 per capital GDP) country do with this predictable income? With its first quarterly payment, it paid the $100,000 it takes to join the United Nations.

But you can receive dangerous emails that look like they are from a friend and actually has your friend’s email address. If you get an email apparently from a friend that has just a link and something like “check this out” do not open it. Check first with your friend to verify that he or she really sent it.

If you are tired of receiving dozens of these emails every week, resist the temptation to respond or click on its “unsubscribe” link. If you respond you simply verify that your email address is valid, and the sender will give or sell that information to other cybercriminals. The “unsubscribe” link is likely to also be a malware installer, immediately infecting your computer. The only thing you should do with a suspect email is to delete it.

Be especially wary of business-like emails that come from generic email addresses like aol, Comcast, gmail, Verizon, or yahoo. For Verizon and Comcast, emails from the companies themselves come from Verizon.com and Comcast.com; emails from subscribers come from Verizon.net and Comcast.net.

If you get an unexpected email that seems to be from someone in your company or a partner that is asking for customer or employee personal information, financial information, or any proprietary information, verify who actually sent it. At a minimum, check the email address and make sure it came from a company email address. I recommend that you call or text the person to make sure the request is bona fide. No one will be unhappy that you “bothered” them to make sure you were not about to cause the company a serious and possibly very expensive problem.

The last word:

Remember that the IRS or Social Security will never ask you for any personal information in an email or over the phone. Unless you initiated the call, do not give Social Security numbers, account numbers, or any other personal or financially sensitive information over the phone. Never put them in an email. And never give passwords to anyone over the phone or in an email.

Comments solicited.

Keep your sense of humor.

Walt.

Read Full Post »

2014 has been a very bad year for data security. Many of these attacks have made the news, starting with Target and ending with Sony. Unfortunately, the majority of data breaches never make the mainstream media. If you ever think that data security is improving, check out Hackmageddon.com. They put out a fortnightly report on worldwide cyber attacks. The November 16-30 report, for example, lists 36 attacks in just those 14 days. To me, some of the more interesting attacks:

  • ISIS social media is hacked, replacing a threatening message from the group’s leader with a song along with a logo similar to that of the Egyptian military.
  • The US State Department is forced to shut down its unclassified email system.
  • The entire City of Detroit database was encrypted, and the hackers demand a ransom of 2000 bitcoins (about US$800,000). The database is still down.
  • The hacker group Anonymous had a busy fortnight: they deface the City of Ottawa web site, take down websites of the Supreme Court of Canada, Ottawa Police, several police organizations in Italy, and the City of Cleveland.
  • The Syrian Electronic Army redirects the Internet traffic of a customer identity management platform to its servers. Among the many sites affected are CNBC, the Canadian Broadcasting Corp, and the Boston Globe.

Do not expect 2015 to be any safer. Websense Security Labs recently published their 2015 Security Predictions. They list eight areas of increased concern in 2015.

  1. Healthcare will see a substantial increase of data stealing attack campaigns. Attackers are after the medical records and patient data. These records contain personal information including links to insurance and financial accounts that can be used in additional attacks and fraud. I have recently posted about this issue in general and how the shift to electronic medial records is actually increasing the risk. Websense expects these attacks will rise in frequency and success in 2015.
  2. The “Internet of Things” refers to the increasing connection of almost anything to the Internet: you are probably aware of your car; your house including appliances and security devices; individual and government security cameras; and electric and other utility meters. The real danger is not your personal gadgets, but the devices that control our electrical grid, oilrigs, dams, water supplies, traffic lights, and manufacturing lines. Websence expects increased attacks from multiple sources on these devices. For your business, this is the next attack opportunity phase after your BYOD (bring your own device) initiatives.
  3. Credit card attacks will continue, but as the value per card decreases due to increased security by the card processors, Websense expects these cybercriminals to expand the information they steal, and aggregate that information for individuals from related sources like loyalty programs and medical information. Then they can sell complete personal identity dossiers.
  4. Your smart phone and tablet will be attacked, but not for stealing the data that is on the phone, but rather to gather information for later credential stealing and authentication attacks to all of the data you have access to in the Cloud. As more and more of us use the mobile device as part of our authentication process when we access the Cloud, Websense expects attacks involving malware that intercepts the authentication elements turning your device into a man-in-the-middle attack, perhaps even enabling the cloning of your mobile device. The result: the cybercriminals will have the same access to the personal and corporate data that you do.
  5. Newly discovered vulnerabilities in old code. We have recently seen examples such as Heartbleed that take advantage of vulnerabilities in open source code.   There are probably hundreds of similar vulnerabilities, and many are probably already known to hackers. There are probably thousands of vulnerabilities in proprietary code such as Windows and the huge supply of legacy code still in use, some of it decades old and written in an entirely different security landscape in a pre-Internet era. Little of that code has been properly checked from a security perspective. Websense expects at least one major breach of confidential company data based on “undiscovered” old code vulnerabilities.
  6. Email threats will evolve to a new level of sophistication.   Websense expects a general decline in the amount of spam, but the new spam will increasingly get through your corporate or ISP spam filters and reach your mailbox. These new messages may not contain a link or even some form of obviously spam message, but are actually the first reconnaissance step in a continuing attack.
  7. As your company increases its use of Cloud and social media tools, like Google Docs, these approved cooperative tools will become part of the attack structure. Cybercriminals will migrate their command and control infrastructure into these approved channels thus escaping detection by your company’s network monitors. Websense expects these compromised approved site to hide data-security attacks.
  8. New players will join in the current Cyber War. Unlike existing measures designed to limit access to strategic weapons (like the nuclear non-proliferation treaties), there is nothing to limit the ability of countries, rebel groups, and others with nationalistic interests to engage in cyber war. Even potential future international treaties, which may have an effect on some countries, will have no effect on organizations like ISIS or rogue countries like North Korea. Because it is relatively inexpensive to organize a cyber-terrorism or cyber-warfare organization, it does not require a large First World country to support such activity. Websense expects one or more cyber-warfare attacks from countries with high forecasted economic growth in order to protect and advance their growing influence.

All in all, it appears that 2015 will be a very interesting time in cybersecurity.

The last word:

When your company is attacked, are you ready? Can you afford not to be ready?

At an absolute minimum, keep your operating systems and malware software up to date. Microsoft’s December Patch Tuesday contained seven security updates including three critical security patches ending a year of far too many serious flaws in Microsoft software.

Are you still running Windows XP? If so, make a New Year’s resolution to get completely off XP by the end of 2015. It is far too dangerous to keep running it.

Comments solicited.

Keep your sense of humor.

Walt.

Read Full Post »

It is strange what an insignificant comment can start.  Or maybe I’m just strange.  A while ago I noticed a statement on the “Years Ago” page of the November 2011 Scientific American magazine.  In November of 1911, “it has been estimated that, for each minute of time, the civilized world strike three million matches.”  It went on to note that matches were a lot easier to carry and faster than the flint and steal that had been used before.  Then just last week a friend pointed out some old marketing films from Burroughs Corporation in the 1960s.  They showed a lot of history and some people I knew from back then, but the thing that jumped out at me was people smoking cigarettes and, in one case, a pipe in a computer room.

The Chinese had a “fire inch-stick” in 577 A.D. that required a spark of your own devising.  The friction match was invented in 1826 by John Walker, an English chemist.  He dipped a small wood splint in a paste composed primarily of sulfur and potassium chlorate.  To light, simply pull it through a fold of sandpaper.  It did have one minor problem: it tended to drop flaming balls to the floor, setting carpets and dresses on fire.  It was banned in France and Germany.  Sulfur was replaced with white phosphorus, which unfortunately had very bad side effects, afflicting those who made the matches with serious bone disorders.  There was enough white phosphorus in one pack to kill you.  Eating the heads of matches became a “popular” suicide method.  An International agreement in 1906 banned white phosphorus in matches.  Meanwhile, in 1898 two French chemists patented a match based on phosphorus sesquisulfide and potassium chlorate.  In 1899 two Englishmen developed a safe way to make commercial quantities of phosphorus sesquisulfide.  The Diamond Match Company obtained the rights to manufacture the chemical in the US in 1900.  In 1911 at the request of President William Howard Taft, the Diamond Match Company released the patent “for the good of mankind.”

All of these matches were “strike-anywhere” matches.  Suzy remembers her great-grandfather striking a match on his shoe to light his pipe, and I think we’ve all seen the smart alecks who could strike a match with their thumbnail.

“Safety matches” can only be struck on the rough side of the box or pack.  That is because the two reactive agents are separated: one on the match and the other in the rough surface on the container.

By the end of World War II, Diamond was making ten million matches a day, and they were just one of many matchmakers in the US.  In 1951, Diamond Match Company had over US$100,000,000 sales in matches.  They still make matches, but also toothpicks (obvious expansion), straws (hollow toothpicks?), and disposable cutlery.  They are now part of a conglomerate, Jarden, which does not break out revenue or sales by components.

There has been pressure against matches.  Zippo started manufacturing lighters in 1933.  You can get your very own 80th anniversary edition.  BIC was founded in 1945 to manufacture parts for fountain pens and mechanical pencils, and launched the BIC lighter in 1973.  Their lighter sales grew 25% from 2009 to 2010.  Perhaps the most significant pressure has been the 2% a year decline in smoking in the US since 1998.  Perhaps the least significant pressure has been the surge in battery-powered candles for tables and other decorations. The 1980’s saw the collapse of the American match industry, caused primarily by rising production cost along with decreasing demand.  Diamond is now the only remaining US matchmaker.

Diamond Match Company AdIn reality, Diamond was not selling matches.  They were selling advertising.  They made a lot of their money by selling matchbooks with company logos and messages.  Almost all of Diamond’s advertising was to sell these ads to business, not to sell matches to consumers.

Are matches an important product?  Sure.  Like the World War II c- and k-rations and the MCI (Meal, Combat, Individual) used in Korea and Vietnam, the current US military’s MRE (Meals, Ready-to-Eat) each contain a couple of matches.  We still buy matches, usually the package of ten boxes of 32 matches each from Diamond every five to ten years.  Does it make sense to add matches to your product line?  Probably not.  Are matches unique in having a declining market caused by factors outside of the manufacturers control?  Also probably not.

Demand for products grow and shrink influenced by events and influences outside of our control, resulting in chaos for many businesses.

But there is even more chaos for businesses.  In 2010 Chris “Spence” Spencer, an IBM Emerging Technologies Strategist, published some interesting numbers about the amount of data that we all create.

The world is complex, and the amount of data that is generated every day is growing. In 2010, that number is expected to exceed 988 exabytes of information. It’s as if every man, woman, and child on the planet wrote 294,620 novels. This year. It’s also more than every grain of sand on every beach on the planet. In fact, it’s about 131 times more.

That was back in 2010. A petabyte is 1,000,000,000,000,000 bytes, or a thousand terrabytes.  An exabyte is a thousand petabytes.

We send about 200 billion emails every day.  There are a billion people on the Internet every day.  There are nearly 4 trillion RFID events every day.

The Internet is capable of handling over 65 exabytes every day, the equivalent of every person exchanging six newspapers every day.  Google alone processes about 24 petabytes every day.

There is great potential value in all this data.  That is, after all, how Google increases their power and revenue, by combining and interpreting all of that data.  Like Diamond, Google is in the business of selling advertising.

Your customers can watch their kids come home, turn on the lights, shut the garage door, and lock their car all over the Internet.  They watch TV, read books, and have video conference calls with their far-flung family on their phone. The tablet, or more appropriately, the user interface of the table will soon replace the current desktop and laptop computers.  Look at Apples new Lion OS X – a desktop / laptop operating system with many of the user interface capabilities of your smart phone.  In their private lives, people are more connected than ever before.  They can “talk” to their friends and family at any time.  They know where they all are.

Does your company fit into these new models?  Can your customers “talk” to you anytime they want?  Can they reach you from their smart phone?  Are you part of their social media network?

Most companies are growing their internal storage requirements at around 20% a year.  I have worked with one organization that is growing their data at 20% a month – they will increase their storage needs by a factor of 8 this year.

How can you keep up with demand and the new technologies?  For most companies, the only viable answer is the Cloud.  The Cloud can grow to exactly match your storage and processing needs.  The Cloud can keep your business running 24/7 through its disaster recovery capabilities, at far less cost than you could do it yourself.  Events like Katrina can impact locations 500 miles apart.  The Cloud can allow you to get into new geographic markets with a “local” presence, enabling you to compete with local companies.

The last word:

Do you periodically check your product lines for matches, a product or service with declining demand?

Do you periodically look at how you can take advantage of the new technologies your customers have to give yourself a competitive advantage?

Have you figured out how to take advantage of the Cloud?

Comments solicited.

Keep your sense of humor.

Walt.

Read Full Post »

Many companies are trying to prevent the BYOD revolution.  In this case, BYOD means “Bring Your Own Devices,” where your employees are connecting their own stuff to the corporate network.  This all started late in the last millennium with some employees using their own laptops in order to work from home or on the road.  Back then, some companies had not figured out that if their employees could work on an airplane, in a hotel, or a customer’s office they could be more productive.  For many people, spending a day at the home office can be much more productive than fighting the constant interruptions that can occur in the corporate office.  Even when companies issued laptops, they usually did it with the same four or five year update schedule they used with desktops.  Back then, a four-year old laptop was fairly useless as it probably did not support the latest versions of software that corporate IT mandated.  Most companies have figured this out, with many going to a “subscription” mechanism where the company pays the employee so much a year and gives the employee’s the authority to get whatever the employee wants.  The employee still has the responsibility to adhere to corporate security and IT standards.  In most cases, this is a real win-win situation.  The corporation still controls the expense and the employee has the needed tools.  Currently, most company IT organizations have figured out how to secure the data and access with laptops.

Then along come smart phones and tablets.  As I wrote back in August, the laptop is likely to completely become just another size for the interface model developed by RIM, Apple, Android and others for the “telephone.”  It was in 2003 that Research in Motion released the first smartphone Blackberry as a Personal Digital Assistant.  RIM had used the name “Blackberry” back in 1999 with a two-way pager in Germany.  In a decade, the concept went from “who needs that?” to “how can you live without one?”

Most companies react very slowly to innovation driven bottom-up by the employees.  IT departments especially are very reluctant to give away any control.  This is with very good reason, as the horror stories of lost or stolen data, or worse passwords from unsecured smart phones are many.  Yet the pressure from employees and especially senior management can’t be ignored, nor can the benefit to the company from allowing their people to be always connected.

Cisco Systems recently surveyed 1,500 IT managers and executives in the Canada, France, Germany, Spain, U.K, and U.S.  Some of those results:

  • 48% of global survey respondents say their company would never authorize employees to bring their own devices to the office for work.
  • 57% of respondents say some employees use personal devices for work without consent.  In the US, it is 64%, which is the highest of any nation.
  • 51% of survey participants say the number of employees bringing their devices to work is on the rise.
  • 75% of IT managers in the U.S. say new rules are needed with regard to security and device usage.
  • 64% of survey participants say access to company servers and lost or stolen devices are “huge problems” caused by using personal devices for work.
  • 44% of IT managers say dealing with personal-device issues distracts from other important projects, their “real job.”
  • 48% of all IT managers worldwide feel access to company applications should be restricted for all employees.
  • Globally among IT departments, there are three smartphone requests from employees for every tablet request.
  • 21% of the workforce in the U.S. requests a tablet from IT – tied with France for first worldwide.

However, viewed from the other side, Symantec surveyed over 6,200 IT managers world-wide about their plans and attitude around mobile devices.  Some of those results:

  • 73% of businesses have achieved increased efficiency through mobile computing.
  • 59% of businesses already run line-of-business applications on mobile devices.
  • 51% run sales force automation or CRM tools on mobile devices.
  • 63% run task and project management applications on mobile devices.
  • 71% of businesses have plans to deploy custom mobile apps in the near future.
  • 66% have implemented, are implementing or are discussing rolling out private app stores where employees can get supported apps.
  • 48% indicated that mobility is somewhat to extremely challenging, with 41% identifying it as one of the top three risks by 41 percent of organizations, above Web 2.0, virtualization and cloud computing.
  • 71% of organizations reported that they at least break even on the risks versus the rewards of mobile deployments.

As with Social Media, companies are not going to be able to stop the use of mobile devices.  Even if companies decide to embrace the concept by providing employees with “approved” devices, employees will still BYOD.  Matching the variety of form factors, capabilities, connection options along with your employee’s personal preferences is an impossible task.  Your employees also need to be connected to their family and friends which influences device choice.  If IT imposes too many restrictions it will just increase the number of employees who decide not to care about the company’s policy, which will lead to even more security dangers.

Those IT managers that understand that they can’t stop this revolution, and instead embrace it and meet the challenge successfully will position their companies, and themselves, to thrive. “Mobile workers and virtual workspaces are here to stay,” says Tom Puorro, director of product management, IPCBU, Cisco Systems. “But so are the demands on IT to continue to ensure enterprise-grade security, manageability and interoperability. IT leaders are a critical component in unleashing innovation and enabling organizations to take advantage of the next wave of business growth and opportunity.”

Mobile devices are critical to an organization’s success.  “We’ve crossed the tipping point in mobile adoption and mobility in business,” says CJ Desai, senior vice president of the endpoint and mobility group at Symantec. “What’s startling is how quickly that’s happened. With PCs we’ve built quite an ecosystem to support enterprise infrastructure that allows us to be productive and secure. The problem with mobile is that it has come up so fast that people are trying how to get from zero to sixty in no time and have that entire ecosystem there and ready.”

Mobile computing is inherently part of the Cloud, and can take advantage of the location independence and reliability of the Cloud.  When you take data off of the laptop and put it in the Cloud, as most Software as a Service (SaaS) provide, you make the loss or capture of the device less critical; there is not much data there to steal.  With standard office word processing, spread sheet and presentation capabilities available as SaaS, documents can be accessed from almost any device from anywhere.  Your traveling employees can carry just a small smart phone, then pick up a tablet from the rental car company or hotel, and access the presentation just updated on another continent.

The last word:

Expect to see the rise of MaaS (Mobility as Service).  Companies like Centrify Corporation are announcing Cloud-based services to allow an enterprise to centrally secure and manage mobile devices, in most cases using existing data center access management services, skill sets and processes.  If your company tries to stay in the pre-mobile world, it will find it very lonely and not very profitable.

Comments solicited.

Keep your sense of humor.

Walt.

Read Full Post »

Actually, more of a flood.  Your personal and corporate data is leaking and leaking badly.  And it is going to get a lot worse.  It used to be that if you wanted to spy on somebody or a company, you actually had to go outside and spend boring hours just watching.  You have all seen the police story TV shows with the detectives sitting in a dark car drinking bad coffee and talking about their strange personal problems, all to watch a door.  They still drink bad coffee and talk about their strange personal problems, but they now sit in a comfy office as they simultaneously watch dozens or even hundreds of doors and people both now and in the past.

Almost two years ago I wrote about John Nolan’s book Confidential: Business Secrets – Getting Theirs, Keeping Yours.  It was all about keeping others from finding out your business or personal secrets, and some ethical and legal ways to find their secrets.  Since he wrote that book the world has changed, and nowhere more than in the leakage of your data.

Smart electric meters allows the government and almost any company with a few dollars to find out when you are home, when you turn on any unusual equipment at your company or operate at unusual hours, or when you are burning the midnight oil in the office because of a new project or major problem.  Since these meters communicate wirelessly, and probably not very securely, it is available to pretty much anyone. The electrical industry wants to install these on every home and most businesses in the US.

Car insurance companies now want to install gadgets that monitor your driving – where you go, where you stop, how fast you are going and how much braking you do. Some car rental companies are doing the same thing.

Your cell phone knows where you are and how you got there, even without turning on the GPS option.

Governments, from local police to national agencies, can and in some cases are already using this information.  New York State wants to collect DNA from even misdemeanors to add to their database.

You may not be able to do much about the smart meters, insurance companies and all of the surveillance cameras out there, other than remember there is an election in the US this November.  However, you can avoid contributing to your data leakage yourself.

Friends of ours are on a fabulous vacation.  Their friends on Facebook are getting an almost day-by-day depiction of this dream trip.  That is a lot of people who know they are not home, and not likely to be back for a while.

Did your CTO just announce that the merger talks are going very well when she posted on Facebook or LinkedIn that she and your CFO are off to Boise?  LinkedIn has a “My Travel” application that allows you to easily share your upcoming trips and current location with your network.  Most professionals have a hundred or more connections on LinkedIn.  It is possible that one of them does not really like you or your company.

Facebook, just eight years old, has 845 million active users, 483 million of them active daily.  You have all heard the stories of Facebook postings that perhaps should not have been made.  One law firm in the US indicated that Facebook plays a role in 20% of divorces.  How many businesses have been damaged by inappropriate, perhaps only in hindsight, Facebook postings?

Google knows where you are planning to travel to and how you probably are going to get there.  Are your Google searches broadcasting what is interesting to you or your company?  Are you using Google to search for new partners, suppliers, products or people?

Google’s new privacy policy, effective on March 1, combines data from all its various services to create a highly detailed profile of individuals.  These services include Gmail, Picasa, Google Plus and YouTube.  Google advertises that this will improve your experience across these sites. The real reason, of course, is it makes it easier for Google to tailor ads “just for you” and therefore charge their corporate advertising customers more.  It wrote about this in “Beware the Googlenet.”  I think it is a problem if Google pops up some ads on your work computer based on a job search you did the night before at home; or if your son has trouble getting health insurance because he did a search on cancer for a school project.

The European Union regulators, led by the French privacy watchdog CNIL (Commision Nationale de l’informatique et Des Libertes), are “deeply concerned” about Google’s new policy, and have strong doubts about its compliance with the EU and individual European countries data protection legislation.  Google’s response to a request from EU regulators to delay the introduction of the new policy was essentially “No.”  Peter Fleisher, Google’s global privacy counsel, wrote shortly before the change went into effect, “As we’ve said several times over the past week, while our privacy policies will change on 1st March, our commitment to our privacy principles is as strong as ever.”  That makes me feel so much better.

While Google makes promises to guard data about you, it is legally bound to respond to subpoenas and other requests from any government. That is also true at Facebook, Yahoo, LinkedIn or any other social media site. In the US, those “requests” under the Patriot Act are themselves classified and even talking about a specific order can be a criminal offense.  Last August, Google admitted that it handled over European data to US authorities under the Patriot Act, as did Microsoft earlier in the year.  The EU certainly has every reason to be concerned about the security and privacy of their citizens’ and companies’ data.

What to do about Google?  You have some options.

  1. Don’t ever sign in to Google.  This is a problem for Gmail and Picasa since you have to sign in for them.  Even if your company email does not end in @gmail.com, it could still really be Gmail.  Many small- and medium-sized companies use Gmail as their email provider.
  2. Use different products like Microsoft’s Bing for searching and Yahoo’s Flickr for photos.
  3. Use separate browsers for different functions.  Use Google’s Chrome to sign in to email.  Use Firefox to sign in to Picasa.  Use Internet Explorer to search the web with Google, without signing in.  Now you look like three different people to Google and it won’t link your activities.  Google’s ad manager is specific to each browser.
  4. Create separate Google identities for different functions.  You then, of course, have to keep that straight.
  5. Sign in to the Google Dashboard.  Go through each service to make sure it is correct.  If you enabled a Google feature called Web History, you might want to turn that off or at least delete some of that history.
  6. You can review what Google thinks you are interested in, and remove or edit categories, in the Ads Preferences Manager.  You can even turn off targeted ads. You still get ads, they are just not targeted “just for you.”

You might be surprised what Google guessed as your age and gender.

If you want to be completely anonymous, you can use a service like Tor to mask your Internet address.  Requests to retrieve email or get search results appear to be coming from a different computer (IP address).  They can, however, slow down your access to the Internet and may be prohibited by your company.

Depending on your point of view, things will get better or worse in the future.  Increased dependency on mobile media like smart phones and tablets will increase the desire for and the danger from all of this data integration.

What you don’t do is tell your employees to not use social media or Google, even in the office.  What you should do, however, it make appropriate use of social media a part of your new employee or contractor onboarding process and annual security and ethics training updates.  Make sure they understand that a casual posting on Facebook or LinkedIn can have serious repercussions to the company, and maybe to them personally.  Just because someone trusts their Facebook friends with their personal secrets does not mean they have the right to trust them with your business secrets.

The last word:

Social media is important to individuals and businesses.  If you are not yet embracing social media in your business, I suggest you look at SocialSteve’s blog.  He explains the “why” and “how” of incorporating social media successfully and productively in your business.

Comments solicited.

Keep your sense of humor.

Walt.

Read Full Post »

Recently, a friend of mine described someone as “flicker-minded.”  He meant someone who was always jumping from one task to another, one idea to another, but never actually accomplishing anything.  Often the flicker-minded person is interrupt driven – any interruption takes immediate control of his mind, and he spends time up to the next interruption dealing with it.  Often there is enough time to get an email out, thus potentially triggering other flicker-minded individuals to, well, flicker.  We live in a very connected world, which is another way of saying we live in a world with constant interruptions.  Phone calls.  Email.  Tweets. Text messages.  Facebook postings.  Even the old fashioned knock on the door.

Humans have been genetically engineered to take interruptions seriously.  If you are busy knapping a rock to make a stone tool and you hear a nearby growl, it is critical that you literally drop everything and make an immediate fight or flight decision.  Fortunately, the mind does not take the time to put everything carefully away so it can later easily pick up where it was.  There might not be a later if there is a delay in taking action.  When you have dealt with the bear, you look around for the rock and knapping stone and take the time to figure out exactly what you were doing and where you were in the process before resuming the task.

As a result, humans are not very good at multi-tasking.  We have all been in the phone meeting where you hear unrelated side conversations, the constant clicking of multiple keyboards, and the usual, “I’m not sure I understood the question” from someone who was specifically named in said question.  It really means, “Ah, I was busy doing something else and didn’t pay any attention to you.” I get really annoyed when I get an email from someone in the same meeting I’m in about an entirely different topic.  Now both of us are distracted, although part of that is my fault for allowing my own flicker.

Last Wednesday, the Washington Post published an article with some supporting stats:  Twenty-eight percent of traffic accidents in the US occur when people talk on cellphones or send text messages while driving (based on a report from the National Safety Council).  That translates to 1.4 million crashes each year caused by phone conversations, and 200,000 blamed on texting.  That is a lot of pain, lost time, and financial loss caused by easily avoidable interruptions.

Everyday, you have to be ready to react to the dumb driver and all of the other hazards in daily life.  The same thing happens in the office.  You get a phone call and you immediately switch your attention.  How many times have you hung up the phone, and not been able to remember what you were doing, and what was that great idea you had that has now flickered away?

As an aside, when was the last time you actually “hung up” the phone, or “dialed” it?  The younger generation has no idea where those terms come from – just part of the strangeness of us old folk.

Brick Lane, London (2008)

People talk about walking and chewing gum at the same time as difficult.  Walking and texting is almost impossible, as proven by the almost daily YouTube examples.  East London’s Brick Lane wrapped lampposts in fluffy, white rugby goalpost cushions due to the number of walking while texting accidents there.  The cushions were soon removed.  Even the British have a limit to absurdity.  The latest studies I could find showed about 1,000 walking while texting accidents resulting in emergency room visits in 2008 in the US, double the number that occurred in 2007 which was almost double the 2006 count.  In 2008, we in the US sent only about 1 trillion texts.  In 2010 we sent 2.1 trillion texts.

If you can’t walk and text, you can’t pay attention to someone else and text.

For most of us, you can ignore the interruption in the office.  You don’t have to answer that phone, read that email or text message right now.  You can, in fact, turn it all off while you are concentrating on an important task.  You might be surprised what you can do in an hour without any interruptions.  Even a nap is better uninterrupted.  Those messages will all patiently wait.

The same goes when you are the interrupter.  Do you need to make a call, or can you just send an email?  Don’t send an email, then text 30 seconds later because you didn’t get a response.  You can probably wait even an hour for the answer.  And maybe get in some good concentration time.

Face time with a real person should always have priority over a piece of electronics, even if that “face time” is over the phone.  Interrupting a conversation to read and even respond to an inanimate object or take another call is not only exceedingly rude, but is now wasting that other person’s time.  It sends a clear message: this interruption is more important than you are.

The last word:

I am not a believer in New Year’s resolutions.  In fact, the last one I made was to not make any more, and I have actually kept that resolution.  But just for the fun of it, periodically turn off all of the interruptions.  Just concentrate on the task at hand.  Start with just ten minutes and work up to an hour or two at a time.  You might just be amazed.

Comments solicited, especially from the under-30 crowd.

Keep your sense of humor.

Walt.

Read Full Post »

Older Posts »