Posts Tagged ‘social media’

Over half of the emails I get are spam and potentially contain malware. A few CIO’s have told me that up to 80% of the email that is sent to their company’s email server is spam. Email is the most popular way for cybercriminals and cyber terrorists to get malware into your company’s IT infrastructure or your own personal computers.

MetLifeI recently received an email apparently from MetLife Insurance, complete with Snoopy and the same copyright notices and disclaimers that you would expect to see on a legitimate offer from the company. But it was from Romania.

How did I know it from Romania? The “from” field in the email said “MetLife – Life Insurance”, but when I checked, the actual email address ended in “.ro”, the Internet country code for Romania. Unless you know someone in Romania or do business in Romania, never open an email from there. Romania has many quaint villages and towns, among them Râmnicu Vâlcea. The economy of the 120,000 people who live there is centered around cybercrime, specializing in ecommerce scams (like this MetLife email) or malware attacks on businesses, like yours. The economy is good: lots of expensive BMWs, Audis, and Mercedes, new apartments buildings, gated bungalows, new nightclubs and shopping centers. The US Embassy in Bucharest estimates that Romanian cybercriminals steal US$1 billion from Americans each year.

emailaddressIt is easy to see the actual origin of an email. In most email programs, simply click on the “from” name. Usually to the right of the name will be a triangle symbol. Click on that and you should see something like this, showing the actual email address and giving you options like “Copy Address.” In this case, the email address belongs to linkedin.com so the probability of it being legit is very high. The Met-Life email I received ended with “.ro”.

Another automatically suspect country is The Netherlands (.nl). At least 75% of my spam emails come from either .ro or .nl. If you are curious about an Internet country code, just enter it with the leading period in Wikipedia (e.g., “.no”).

One country has legitimately cashed in on its country code. Tuvalu is a Polynesian island nation midway between Hawaii and Australia that gained independence from the United Kingdom in 1978.   It’s population is less than 11,000. It’s Internet country code is .TV. The domain is currently operated by dotTV, a subsidiary of Verisign. The Tuvalu government owns 20% of dotTV. The net result is that every quarter, the Tuvalu government receives US$1 million for use of the .tv domain. Verisign has been marketing the .tv top-level domain name for rich media content.

What does a very small relatively poor ($3,400 per capital GDP) country do with this predictable income? With its first quarterly payment, it paid the $100,000 it takes to join the United Nations.

But you can receive dangerous emails that look like they are from a friend and actually has your friend’s email address. If you get an email apparently from a friend that has just a link and something like “check this out” do not open it. Check first with your friend to verify that he or she really sent it.

If you are tired of receiving dozens of these emails every week, resist the temptation to respond or click on its “unsubscribe” link. If you respond you simply verify that your email address is valid, and the sender will give or sell that information to other cybercriminals. The “unsubscribe” link is likely to also be a malware installer, immediately infecting your computer. The only thing you should do with a suspect email is to delete it.

Be especially wary of business-like emails that come from generic email addresses like aol, Comcast, gmail, Verizon, or yahoo. For Verizon and Comcast, emails from the companies themselves come from Verizon.com and Comcast.com; emails from subscribers come from Verizon.net and Comcast.net.

If you get an unexpected email that seems to be from someone in your company or a partner that is asking for customer or employee personal information, financial information, or any proprietary information, verify who actually sent it. At a minimum, check the email address and make sure it came from a company email address. I recommend that you call or text the person to make sure the request is bona fide. No one will be unhappy that you “bothered” them to make sure you were not about to cause the company a serious and possibly very expensive problem.

The last word:

Remember that the IRS or Social Security will never ask you for any personal information in an email or over the phone. Unless you initiated the call, do not give Social Security numbers, account numbers, or any other personal or financially sensitive information over the phone. Never put them in an email. And never give passwords to anyone over the phone or in an email.

Comments solicited.

Keep your sense of humor.


Read Full Post »

VoteIn addition to being a huge source of interest, amusement, annoying commercials, robo-calls, and anguish to all of us in the US, the 2016 election cycle is likely to drive cybercriminal and hacktivist activity. The Forcepoint 2016 Cybersecurity Predictions Report describes some interesting possibilities.

As an individual, expect to be targeted. By the 2012 election cycle, social media was an important method of getting a candidate’s message out, gauging voter interest, collecting donations, and promoting engagement hopefully leading to a vote. For some candidates, social media is at least as important as the traditional new media. Attackers will use the intense interest in this election cycle to create highly effective email lures and misdirects to push malware to the unsuspecting public.

Some of these attacks will be advanced cyber attacks against specific organizations unrelated to the election, potentially including your company. The cybercriminals will target individuals pursuing election-related information, with the expectation that the cybercriminals can gain access to personal or company information for financial gain or negative business impact unrelated to the election.

The candidates themselves, as well as the news media, will become vulnerable to attacks on their social media sites. These attacks may be by opponents, foreign governments, or hacktivists with a specific political agenda. Expect to see these attacks used to spread inaccurate messages and information. Even if a candidate can quickly correct the information, the false information lives forever and may impact the outcome of an election. In the US political circus, the message is critical.

These attacks on a candidate’s social media could also impact the data the candidate is collecting on probable voters and donations. Corrupting that data could have a huge negative impact on a candidate’s ability to run or fund a campaign.

InfoSec Institute published “Which Top 5 Presidential Candidate is Most Likely to Be Hacked?” back in October, 2015. The only candidate with an “A” rating was Ben Carson (remember him?), largely because he outsources donation and volunteer services and does not have an on-line store; he has a very small attack server. Hillary Clinton and Donald Trump got a “B,” Bernie Sanders and Jeb Bush got a “C.” Several of these candidates are using unsecured or only partially secured WordPress sites that may leak internal usernames and other information, making them relatively easy targets. While she did get a “B,” Hillary has the largest attack surface based on a quickly built custom application. Her development team’s motto is “ship early and often; done is always better than perfect.” Security may not be high on the team’s priority list, and security testing is likely to be a low priority task.

As the Forcepoint report points out, “Technology decisions made by candidates during their tenure can expose them to data theft attacks (as seen by Clinton’s use of a private email server).” It is also likely true that technology decision made during a campaign may give a hint as to how that candidate will behave relative to data security when elected. If you see a candidate reacting to incorrect information on their web site or social media, then expect that their concern about data security is very low. Put that on your scorecard as one factor as you decide how you will vote.

It will not be just the candidates’ web sites and social media sites, but also those of the hundreds of issue-related websites that represent PACs and other special interest groups.

The bottom line is that you need to be very careful. Before you click on a link in an email or on a website, carefully look at it. Even if you know the sender of an email, if all it says is something like “check this out” or some other short message, be careful: the email may only appear to be from a friend or co-worker. The safest way is to copy the link (right-click on the link and select “Copy Link Location”) and then paste that into your browser’s URL line and make sure you recognize the web site.

The last word:

SEAIf you think it unlikely that a foreign government would attack a candidate, consider the Syrian Electronic Army (SEA), a group of attackers supporting Syrian President Bashar al-Assad. Beginning in 2011, the SEA targeted political opposition groups within Syria, western news organizations (including the BBC, Associated Press, and The Washington Post) and human rights groups. The SEA has managed to send false tweets from Twitter accounts for 60 Minutes, Reuters, Associated Press, ITV News London, and many others. It has defaced the web sites of Forbes, NBC, CBC News, and hundreds of other sites including the National Hockey League.

Of course, the SEA is only one potential government sponsored hacktivist organization, and in my view, not the most dangerous by far. There is a reason why the US and China agreed to a pact to not use cyberattacks to steal company records for financial gain. Of course, China does not admit to ever having done anything like that. A careful reading of the pact indicates that the pact does not bar cyberattacks for other reasons such as political.

Comments solicited.

Keep your sense of humor.


Read Full Post »

Electronic Arts, founded in 1982, is a leading global interactive entertainment software company. EA Sports Madden Football is one of their premier products, first released in 1988.  It is a very high quality simulation game that allows you to be an actual NFL player.  It supports 1-4 players using game platforms like Xbox 360, PlayStation 3, Vita, and Wii.  EA estimates that the series has five to seven million dedicated fans, including NFL players, who typically play as themselves.  Several active players have given the game some credit for their skills – playing the game for hours and hours seems to be a reasonable training ground, without the risk of heat exhaustion or concussion.

The NFL reportedly considers the game series as their 33rd franchise.  Each week during the season, EA Sports receives the same film database of every play that the 32 real teams receive.  The game is the NFL’s second largest source of licensing revenue, after apparel.

EA Sports had been very profitable, but their last profitable year was 2007.  For their 2012 fiscal year their net revenue was more than US$4 billion, but they had a loss of over US$250 million.  This was their “best” year since 2007.

While Madden Football does require Internet access to get player statistics and other updates, when you are in the game you are playing entirely “in the room.”  You are interacting with people you can see and touch and the game is physically running on your game platform.

What happened to make Electronic Arts turn from extremely profitable to struggling?

In 2004 Blizzard Entertainment released World of Warcraft (aka WoW).  WoW is a massively multiplayer online role-playing game (MMORPG).  According to Blizzard, it had over 10 million active players at the end of 2011.  It is the world’s most subscribed and, according to Guinness World Records, the most popular MMORPG.  Like Madden Football, in WoW you are a character in the game whose actions you control.

WoW does not require any special game platform, just a Windows or Mac computer and an Internet connection.  The game is actually driven from Blizzard servers scattered around the world.  WoW is in the Cloud.  Much of the WoW play involves the completion of missions, usually called quests.  Quests allow your character to gain new skills, in-game money, and tools; as well as explore new areas.  When your character completes a quest, new quests become available.  While you can play as a single character interacting with a huge number of computer-controlled characters, some of the quests require groups of a handful or more human-controlled characters.  These groups form just like groups form in real life: people you know either in-game or in the real world, or characters you meet in the game who are looking to run the same quest.

Usually, you do not know much about the members of your group.  You know a lot about their character, but you may not know their gender, age, or even what continent they are on.  On the other hand, I know of at least one married couple that first met as WoW characters.

According to a skilled WoW player, in any group of 10 or more18-30 year old males in the US, at least one of them will be a WoW player.

There is at least a coincidental correlation between the growth of WoW and the decline in EA Sports.

Yawn, why should I care?

As I wrote about last time, your customers are in the Cloud.  They are interacting through the cloud with their relatives and friends.  I have a cousin who consistently sends at least 10,000 texts a month – I think that is her primary means of communication.  It doesn’t matter where her friends are; she stays connected.  I expect the actual technologies of social media to significantly change, but I believe that whatever it morphs into will be even more important in five years than it is are today.

More critically, I think there are some significant ways to take advantage of this trend, or at least should be considered.  As my friend SocialSteve says, it is time to shift from Social Media to Social Marketing.

  1. Should you do product placement in some of these very popular MMORPG?  Advertisers have found that product placement in TV shows and movies may be a less expensive and more effective form of advertising than the typical 30-second ad.  Would companies like Blizzard be interested in having sponsored quests, possibly with real world links and prizes?
  2. You probably have a customer advisory board, a group of your “best” customers who get access to pre-releases and product plans and who give you their opinion of those plans and products.  Instead of bringing them to your HQ for a few days every year, why not establish a private LinkedIn, Facebook or Google group for the purpose.  You could easily allow, restrict and manage almost any number of members. You can use these groups to set up discussions on your new product roadmap, or on their ideas for improvements.  You could use private YouTube videos to demonstrate your new ideas and products.  Let you best customers be a bigger part of your product development, reducing the opportunity for creating engineering-led updates that don’t meet real customer needs and probably making initial acceptance better.  You also do not have to wait for the next customer advisory board meeting.
  3. Embed you support teams in social media like LinkedIn and Facebook.  Let your customers rant where you can listen and quickly respond.
  4. There are a number of companies who are using games to train their staff.  While not necessarily MMORPGs, these games can help staff develop skills in support, facilitation, and other interactions.  A few universities and large companies are investigating the possibility of using these game technologies to set up real-world problems and allowing teams to come up with solutions.  Even the US Army is using these types of games for both training and determining a candidate’s suitability for specific assignments.

The last word:

Over the years I have played games like EA Sports Madden football, first-person shooter games where you wander around mostly destroying things, and what you see is from your character’s point of view, and games like WoW.  In the last two categories, your character is constantly changing direction as it moves through the virtual environment of the game.  Based on a very unscientific study, I think there are at least two types of people: those who can automatically keep track of where they are in the game and those who can’t.  I have seen people running through these environments for an hour while constantly being distracted by other characters trying to do bad things to their character, and yet they always know exactly where they are and which direction is their final destination, even if they have never been in that part of the virtual world before.

That is not me; after five minutes in a virtual world, I am totally lost.  In the real world, I rarely get lost.  When wandering through a new city, I almost always know the direction of my final destination, even if I don’t know which roads might take me there.  This works whether I am driving, or off walking in the wild, even on a cloudy day with no visible sun or shadows.  I think it is because when you play a game, you do not change physical orientation.  While playing a game, you are physically sitting in the same place and always facing the same direction in the real world, no matter what you character is doing is the virtual world.  There are no physical acceleration clues to help your mind figure out where you are.

Most of those people who I have observed who always know where they are in the virtual world get easily lost in the physical world.  Take away their GPS and give them a destination 100 miles away, and they are likely to head north instead of south at some point.

I’m not sure what do with this observation.  Maybe ask for a million dollar federal grant to study it.  But the important point is that people are different.  Social Media will work for some, not for others.  Do not abandon your legacy marketing methods and always make sure your customers or prospects can actually get to a real person fairly easily, even if they aren’t connected.

Comments solicited.

Keep your sense of humor.


Read Full Post »

Where are your customers these days?  Unless you are providing a product or service that actually requires close proximity, you may not actually know or care where all of your customers are.  Even if you do have to be close to your customers, like a dry cleaners, manicurist, barber, or medical professional, your customers will still want to interact with you from anywhere by any means.  As your customers’ interface to the Internet collapses to a single interface (see Death of the Laptop?), they will want to determine your hours, schedule an appointment, look for a coupon, order a product, make a complaint or provide a complement from their phone, tablet, laptop, desktop or Internet-enabled TV.

Your customers really want on-demand self-service from anywhere at anytime.  That sounds a lot like the definition of Cloud Computing.  They want you to at least appear to be in the Cloud.  They want you to be available 24/7.  Have you made it easy for your customers to contact you when and how they want?

Does that mean you need someone to monitor your web site or watch for phone calls or text messages all the time?  Probably not.  But it does mean you have to have the processes in place to ensure that someone is checking text messages, voice mail, email and web inquiries every business day and reacting to them promptly.

These processes are critical if you are using social media.  Just having a Facebook page, Twitter account or blog does no good if you never update it or react to incoming messages.  An unwatched social media will quickly fade away from your customer’s thoughts.  If that has happened to you, I suggest you take a step back and decide why you want that social media presence.  What are you trying to accomplish?  Do you have measurable goals?  Then build a plan to create the initial content, keep it updated, and more importantly monitored.  Then re-launch that social media presence with as much splash as you can.  Periodically review hits and other activities and your progress towards the goals.  Change you plan as appropriate.

Everything above applies to your partners as well.  They also want to be able to place orders or give you updates from anywhere at anytime.  If it easier to communicate with you competitors than with you, your partners will drift away to them.

Do not forget your employees.  I wrote recently about BYOD, bring your own devices, where your employees will want to use their own phones and tablets and even their own homes as their office.  Some of your employees will use their own devices; you really can’t stop them.  If you make it hard, then they will find somewhere else to work.  Instead, you should get in front of this issue and view it as an opportunity.  You will find that many of your employees are used to checking social media periodically, and reacting to text messages, email and voice mail at all hours.  Expect to get a periodic message that one of your team made a sale or solved a customer problem during a commercial of their favorite TV show.  This is very satisfying to your employee and your customer, and to you also.

Your customers, your partners and your employees are in the Cloud.  You do not need to be in the Cloud to support them there, but it can help you provide that 7/24 presence that they all expect.

The last word:

I recently had a business trip to Fort Huachuca in Arizona.  While not related to why I was there, one of the labs in Fort Huachuca tests equipment for compromising emissions, mostly radio frequency, that might enable someone to figure out what is going on in a computer system by “listening” to it.  Several decades ago I saw a demonstration: we sat in a van on the street outside of a government building, and printed in the van exactly what was being printed inside the building by picking up the compromising emissions from the printer.  Around 1980, one of our salesmen came to me and said he wanted to bid our commercial terminal for a Department of Defense project.  I knew this terminal would never pass the testing – it had no shielding of any kind.  In spite of my objection, the salesman sent the terminal out for testing, and it passed!  I was astonished.  I called someone I knew at the lab and asked why they had passed it.  He said they had several long conversations amongst the engineers before they passed it.  It turns out the terminal generated so many emissions that it was impossible to pick up any usable data.

The US Department of Homeland Security was forced by a Freedom of Information request to reveal the list of words it monitors on social networking sites and online media for signs of terrorist or other threats against the U.S.  It is an interesting list with over 300 words and phrases.  It includes, for example, “Transportation Security” – one of the reasons why I always refer to TSA by the more descriptive “Terrorist Support Agency” since none of those words are on the list.  The list includes “Cloud,” “Security,” “Breach” and even “Tucson,” where I flew into to get to Fort Huachuca.  It includes “Power,” “Leak,” “Recovery” and “Flu.”  It includes “Prevention” and “Response.”

I suggest you get this list, not to avoid the use of any term on it, as that would be almost impossible, but to make sure you include a few of them in everything you write.  Virtually every posting in this blog includes a dozen or more of them since I write a lot about the Cloud, Cloud security, and breach prevention.  Let’s make the world so noisy that Homeland Security (another phrase on the list) rethinks what they are doing.

Comments solicited.

Keep your sense of humor.


Read Full Post »

It is strange what an insignificant comment can start.  Or maybe I’m just strange.  A while ago I noticed a statement on the “Years Ago” page of the November 2011 Scientific American magazine.  In November of 1911, “it has been estimated that, for each minute of time, the civilized world strike three million matches.”  It went on to note that matches were a lot easier to carry and faster than the flint and steal that had been used before.  Then just last week a friend pointed out some old marketing films from Burroughs Corporation in the 1960s.  They showed a lot of history and some people I knew from back then, but the thing that jumped out at me was people smoking cigarettes and, in one case, a pipe in a computer room.

The Chinese had a “fire inch-stick” in 577 A.D. that required a spark of your own devising.  The friction match was invented in 1826 by John Walker, an English chemist.  He dipped a small wood splint in a paste composed primarily of sulfur and potassium chlorate.  To light, simply pull it through a fold of sandpaper.  It did have one minor problem: it tended to drop flaming balls to the floor, setting carpets and dresses on fire.  It was banned in France and Germany.  Sulfur was replaced with white phosphorus, which unfortunately had very bad side effects, afflicting those who made the matches with serious bone disorders.  There was enough white phosphorus in one pack to kill you.  Eating the heads of matches became a “popular” suicide method.  An International agreement in 1906 banned white phosphorus in matches.  Meanwhile, in 1898 two French chemists patented a match based on phosphorus sesquisulfide and potassium chlorate.  In 1899 two Englishmen developed a safe way to make commercial quantities of phosphorus sesquisulfide.  The Diamond Match Company obtained the rights to manufacture the chemical in the US in 1900.  In 1911 at the request of President William Howard Taft, the Diamond Match Company released the patent “for the good of mankind.”

All of these matches were “strike-anywhere” matches.  Suzy remembers her great-grandfather striking a match on his shoe to light his pipe, and I think we’ve all seen the smart alecks who could strike a match with their thumbnail.

“Safety matches” can only be struck on the rough side of the box or pack.  That is because the two reactive agents are separated: one on the match and the other in the rough surface on the container.

By the end of World War II, Diamond was making ten million matches a day, and they were just one of many matchmakers in the US.  In 1951, Diamond Match Company had over US$100,000,000 sales in matches.  They still make matches, but also toothpicks (obvious expansion), straws (hollow toothpicks?), and disposable cutlery.  They are now part of a conglomerate, Jarden, which does not break out revenue or sales by components.

There has been pressure against matches.  Zippo started manufacturing lighters in 1933.  You can get your very own 80th anniversary edition.  BIC was founded in 1945 to manufacture parts for fountain pens and mechanical pencils, and launched the BIC lighter in 1973.  Their lighter sales grew 25% from 2009 to 2010.  Perhaps the most significant pressure has been the 2% a year decline in smoking in the US since 1998.  Perhaps the least significant pressure has been the surge in battery-powered candles for tables and other decorations. The 1980’s saw the collapse of the American match industry, caused primarily by rising production cost along with decreasing demand.  Diamond is now the only remaining US matchmaker.

Diamond Match Company AdIn reality, Diamond was not selling matches.  They were selling advertising.  They made a lot of their money by selling matchbooks with company logos and messages.  Almost all of Diamond’s advertising was to sell these ads to business, not to sell matches to consumers.

Are matches an important product?  Sure.  Like the World War II c- and k-rations and the MCI (Meal, Combat, Individual) used in Korea and Vietnam, the current US military’s MRE (Meals, Ready-to-Eat) each contain a couple of matches.  We still buy matches, usually the package of ten boxes of 32 matches each from Diamond every five to ten years.  Does it make sense to add matches to your product line?  Probably not.  Are matches unique in having a declining market caused by factors outside of the manufacturers control?  Also probably not.

Demand for products grow and shrink influenced by events and influences outside of our control, resulting in chaos for many businesses.

But there is even more chaos for businesses.  In 2010 Chris “Spence” Spencer, an IBM Emerging Technologies Strategist, published some interesting numbers about the amount of data that we all create.

The world is complex, and the amount of data that is generated every day is growing. In 2010, that number is expected to exceed 988 exabytes of information. It’s as if every man, woman, and child on the planet wrote 294,620 novels. This year. It’s also more than every grain of sand on every beach on the planet. In fact, it’s about 131 times more.

That was back in 2010. A petabyte is 1,000,000,000,000,000 bytes, or a thousand terrabytes.  An exabyte is a thousand petabytes.

We send about 200 billion emails every day.  There are a billion people on the Internet every day.  There are nearly 4 trillion RFID events every day.

The Internet is capable of handling over 65 exabytes every day, the equivalent of every person exchanging six newspapers every day.  Google alone processes about 24 petabytes every day.

There is great potential value in all this data.  That is, after all, how Google increases their power and revenue, by combining and interpreting all of that data.  Like Diamond, Google is in the business of selling advertising.

Your customers can watch their kids come home, turn on the lights, shut the garage door, and lock their car all over the Internet.  They watch TV, read books, and have video conference calls with their far-flung family on their phone. The tablet, or more appropriately, the user interface of the table will soon replace the current desktop and laptop computers.  Look at Apples new Lion OS X – a desktop / laptop operating system with many of the user interface capabilities of your smart phone.  In their private lives, people are more connected than ever before.  They can “talk” to their friends and family at any time.  They know where they all are.

Does your company fit into these new models?  Can your customers “talk” to you anytime they want?  Can they reach you from their smart phone?  Are you part of their social media network?

Most companies are growing their internal storage requirements at around 20% a year.  I have worked with one organization that is growing their data at 20% a month – they will increase their storage needs by a factor of 8 this year.

How can you keep up with demand and the new technologies?  For most companies, the only viable answer is the Cloud.  The Cloud can grow to exactly match your storage and processing needs.  The Cloud can keep your business running 24/7 through its disaster recovery capabilities, at far less cost than you could do it yourself.  Events like Katrina can impact locations 500 miles apart.  The Cloud can allow you to get into new geographic markets with a “local” presence, enabling you to compete with local companies.

The last word:

Do you periodically check your product lines for matches, a product or service with declining demand?

Do you periodically look at how you can take advantage of the new technologies your customers have to give yourself a competitive advantage?

Have you figured out how to take advantage of the Cloud?

Comments solicited.

Keep your sense of humor.


Read Full Post »

Actually, more of a flood.  Your personal and corporate data is leaking and leaking badly.  And it is going to get a lot worse.  It used to be that if you wanted to spy on somebody or a company, you actually had to go outside and spend boring hours just watching.  You have all seen the police story TV shows with the detectives sitting in a dark car drinking bad coffee and talking about their strange personal problems, all to watch a door.  They still drink bad coffee and talk about their strange personal problems, but they now sit in a comfy office as they simultaneously watch dozens or even hundreds of doors and people both now and in the past.

Almost two years ago I wrote about John Nolan’s book Confidential: Business Secrets – Getting Theirs, Keeping Yours.  It was all about keeping others from finding out your business or personal secrets, and some ethical and legal ways to find their secrets.  Since he wrote that book the world has changed, and nowhere more than in the leakage of your data.

Smart electric meters allows the government and almost any company with a few dollars to find out when you are home, when you turn on any unusual equipment at your company or operate at unusual hours, or when you are burning the midnight oil in the office because of a new project or major problem.  Since these meters communicate wirelessly, and probably not very securely, it is available to pretty much anyone. The electrical industry wants to install these on every home and most businesses in the US.

Car insurance companies now want to install gadgets that monitor your driving – where you go, where you stop, how fast you are going and how much braking you do. Some car rental companies are doing the same thing.

Your cell phone knows where you are and how you got there, even without turning on the GPS option.

Governments, from local police to national agencies, can and in some cases are already using this information.  New York State wants to collect DNA from even misdemeanors to add to their database.

You may not be able to do much about the smart meters, insurance companies and all of the surveillance cameras out there, other than remember there is an election in the US this November.  However, you can avoid contributing to your data leakage yourself.

Friends of ours are on a fabulous vacation.  Their friends on Facebook are getting an almost day-by-day depiction of this dream trip.  That is a lot of people who know they are not home, and not likely to be back for a while.

Did your CTO just announce that the merger talks are going very well when she posted on Facebook or LinkedIn that she and your CFO are off to Boise?  LinkedIn has a “My Travel” application that allows you to easily share your upcoming trips and current location with your network.  Most professionals have a hundred or more connections on LinkedIn.  It is possible that one of them does not really like you or your company.

Facebook, just eight years old, has 845 million active users, 483 million of them active daily.  You have all heard the stories of Facebook postings that perhaps should not have been made.  One law firm in the US indicated that Facebook plays a role in 20% of divorces.  How many businesses have been damaged by inappropriate, perhaps only in hindsight, Facebook postings?

Google knows where you are planning to travel to and how you probably are going to get there.  Are your Google searches broadcasting what is interesting to you or your company?  Are you using Google to search for new partners, suppliers, products or people?

Google’s new privacy policy, effective on March 1, combines data from all its various services to create a highly detailed profile of individuals.  These services include Gmail, Picasa, Google Plus and YouTube.  Google advertises that this will improve your experience across these sites. The real reason, of course, is it makes it easier for Google to tailor ads “just for you” and therefore charge their corporate advertising customers more.  It wrote about this in “Beware the Googlenet.”  I think it is a problem if Google pops up some ads on your work computer based on a job search you did the night before at home; or if your son has trouble getting health insurance because he did a search on cancer for a school project.

The European Union regulators, led by the French privacy watchdog CNIL (Commision Nationale de l’informatique et Des Libertes), are “deeply concerned” about Google’s new policy, and have strong doubts about its compliance with the EU and individual European countries data protection legislation.  Google’s response to a request from EU regulators to delay the introduction of the new policy was essentially “No.”  Peter Fleisher, Google’s global privacy counsel, wrote shortly before the change went into effect, “As we’ve said several times over the past week, while our privacy policies will change on 1st March, our commitment to our privacy principles is as strong as ever.”  That makes me feel so much better.

While Google makes promises to guard data about you, it is legally bound to respond to subpoenas and other requests from any government. That is also true at Facebook, Yahoo, LinkedIn or any other social media site. In the US, those “requests” under the Patriot Act are themselves classified and even talking about a specific order can be a criminal offense.  Last August, Google admitted that it handled over European data to US authorities under the Patriot Act, as did Microsoft earlier in the year.  The EU certainly has every reason to be concerned about the security and privacy of their citizens’ and companies’ data.

What to do about Google?  You have some options.

  1. Don’t ever sign in to Google.  This is a problem for Gmail and Picasa since you have to sign in for them.  Even if your company email does not end in @gmail.com, it could still really be Gmail.  Many small- and medium-sized companies use Gmail as their email provider.
  2. Use different products like Microsoft’s Bing for searching and Yahoo’s Flickr for photos.
  3. Use separate browsers for different functions.  Use Google’s Chrome to sign in to email.  Use Firefox to sign in to Picasa.  Use Internet Explorer to search the web with Google, without signing in.  Now you look like three different people to Google and it won’t link your activities.  Google’s ad manager is specific to each browser.
  4. Create separate Google identities for different functions.  You then, of course, have to keep that straight.
  5. Sign in to the Google Dashboard.  Go through each service to make sure it is correct.  If you enabled a Google feature called Web History, you might want to turn that off or at least delete some of that history.
  6. You can review what Google thinks you are interested in, and remove or edit categories, in the Ads Preferences Manager.  You can even turn off targeted ads. You still get ads, they are just not targeted “just for you.”

You might be surprised what Google guessed as your age and gender.

If you want to be completely anonymous, you can use a service like Tor to mask your Internet address.  Requests to retrieve email or get search results appear to be coming from a different computer (IP address).  They can, however, slow down your access to the Internet and may be prohibited by your company.

Depending on your point of view, things will get better or worse in the future.  Increased dependency on mobile media like smart phones and tablets will increase the desire for and the danger from all of this data integration.

What you don’t do is tell your employees to not use social media or Google, even in the office.  What you should do, however, it make appropriate use of social media a part of your new employee or contractor onboarding process and annual security and ethics training updates.  Make sure they understand that a casual posting on Facebook or LinkedIn can have serious repercussions to the company, and maybe to them personally.  Just because someone trusts their Facebook friends with their personal secrets does not mean they have the right to trust them with your business secrets.

The last word:

Social media is important to individuals and businesses.  If you are not yet embracing social media in your business, I suggest you look at SocialSteve’s blog.  He explains the “why” and “how” of incorporating social media successfully and productively in your business.

Comments solicited.

Keep your sense of humor.


Read Full Post »

Two seemingly unrelated events.

  • Around 1900, my grandfather bought half a share of Princeton (PA) Telephone Company stock for around $10.00.  That has turned into, without any additional investment, over 1,300 shares of Verizon stock.
  • A couple of years ago we celebrated Bill Brown’s 50th anniversary with Unisys.  Even then a fairly unusual event with a large company, but not unbelievable.

While you toiled, the world changed (with apologies to an old set of Unisys ads).  To a large extent, the message in those old ads is the cause: the easy inter-connection of computers has changed everything.  For many companies, their “local” market is the world, their suppliers are everywhere and anywhere, and so are their employees. Except in many cases they aren’t “employees” in the traditional sense.  Many of them are contractors or outsourcers or work for partner companies.  Even senior executives are really just contract employees, with benefits, a fixed time frame and a parachute.

Companies are no longer loyal to their employees, and vice versa.  I’m not sure which trend came first, but don’t feel that your company thinks it owes you anything, unless you own the company.  That works the other way to.  If you find a better opportunity, take it.  Give your current employer appropriate notice, but not more than two weeks.  Take care of you.

For kids coming out of school looking for their first job, they can expect they will average only 37 months in a company. Thus they will have around a dozen different careers before they retire.  More and more people are moving towards what a friend of mine calls patchwork careers, also called portfolio careers: multiple assignments from multiple companies, often at the same time.  Changing jobs will become the norm, not the exception.  Expect it, plan for it, deal with it financially and mentally.  Most jobs are found through the people you know, not want ads or job boards.  Your network is critical.  Work on it, stay connected, especially while employed.  It is too easy to get lost in today’s crisis at the job.  Take some time for you and your network every week.

The IT revolution (all 60 years of it), the network revolution (all 30 years of it) and the social network revolution (all 5 years of it) have made location largely irrelevant.  The result of these two factors is vibrant and successful companies with no location and no employees.  Something important is gained by this model.  The company has easy access to knowledgeable and experienced people with widely diverse backgrounds that bring fresh ideas. The relatively short tenure of people means the organization is constantly getting new insights.  Contracting allows the organization to rent knowledge and skills for the short term.  This gives the organization immediate access to these skills instead of trying to train up someone already in the organization and paying the time and false starts that often causes.  Everybody gains in terms of faster time to market and in the ability to work next to a real expert – an excellent way to learn.

The younger folk have grown up using technology to communicate.  I’m sure you have seen the kids walking through the mall texting to the person walking next to them, or on a 45 minute phone call to a friend they have never met who is two time zones away.  Those of us a little more mature are used to the casual hallway conversation, sometimes called MBWA (Management by Walking Around).  We have learned to take advantage of the accidental lunch room conversation, the meeting at the water cooler or coffee pot, and learned how to arrange those accidental meetings when necessary.  So much has been designed at the white board with two or six people each with a different color marker adding and improving the picture. I keep a digital camera in my desk to capture the result of those invaluable sessions, but now it is also my phone, and calendar, and email, and ….

It will take us discipline to pick up the phone, use video IM, or text to folk just because we haven’t talked to them for a while.  We need to talk about the family, vacations planned and completed, sports teams, and all the “unimportant” things that bring people closer together.  We must create the virtual water cooler sessions.  We need to learn to use collaboration tools like Google docs and Microsoft Open Office.  They are far from perfect, but they do work and they are getting better almost daily.

One facet that will be lost is institutional memory.  Like everything else, it is a blessing and a curse.  We’ve all been in situations where we have tried to understand some process, and the only reason given for the existing process is “we did it that way last year.”  However, there is value in asking longtime Charlie “why” and finding out the really good reason why twenty years ago they did it that way.  There are so many new mistakes to make, there isn’t time to repeat the old ones.

Everybody is in a different place in their life and their responsibilities.  Find the place you want to be, physically, and get there.  That place will change over time, based on the arrival and departure of children, family needs, and the desire for a specific climate or environment.  My wife and I moved seven times because of my job and once to consolidate our aging family.  The future won’t be like that for most people.  Companies can’t afford to move a family, and there is largely no reason to do so.

If like many you work in your “home office” you have to watch for work creep, where you really never stop working.  I have a set of “rituals” that I use to frame my work day.  In the morning, I say “I’m off to the office.”  At the end of the day, it is come out of the office and say “Hey, Suzy, I’m home.”  That incantation transforms my “home office” into my “den” and it suddenly has a different set of allowable uses.

The last word:
The old Princeton Phone Company had just a couple of dozen phone lines.  Everyone shared their line with others.  My grandparents “number” was 32.  Three long and two short rings.  You soon learned to not “hear” anything but your ring.  When I was about six years old, I visited my Uncle John’s house.  He wasn’t there and I wanted to tell him something.  I twirled the crank on the phone on the wall and when the lady said “How may I connect you” I told her I wanted to “speak to my uncle.” I didn’t need to give either my name or his.  She said she just saw him walk into the hardware store, and connected me to my uncle.  Everything that is new, like cells phones that follow you everywhere, is really just a return to the past, only faster with more features, but not necessarily easier to use.

Comments solicited.

Keep your sense of humor.


Read Full Post »

Older Posts »