Tuesday, October 20, 2009

What is the cost of Social Network access to corporations?

Social networks are currently all the rage in the tech industry and one of the current debates is around whether “we should keep our data holed up in walled gardens or leave it open for developers to build upon”.  While having certain data freely available may help to drive new uses and new technology innovations lets not lose site of the fact that a significant portion of the American, and other, economies is driven by the proprietary use and manipulation of data.  While there is a certain information that companies may wish to freely share with the world such as marketing material, there is also a significant amount of information that they want to limit access to.  Companies such as Gartner and The Burton Group would not be able to stay in business if they made all of their information freely available.

Consumers would riot in the streets if all of the information health care companies, banks, supermarkets or even Google had on them were made freely available.  The big issue is about how to keep the things that need to be safeguarded secure and not expose them to unauthorized parties.  Corporations may be willing to give employees unfettered access to social networking sites IF they can ensure that the proprietary and customer information that their business is built on can be safeguarded.  In order to do that though, businesses that currently protect their data need to be shown the value that can be added via the use of social networks and that value has to be greater than the cost of modifying their networks to allow that access while still protecting their data.  For some that may mean building out new infrastructure that allows social network access to be isolated from access to business data. 

The amount of work related information that can cross a users desk in a single day can be staggering and when you add the real time flow from as few as 1 or 2 active social networks, all of this information appearing in multiple windows on a users screen, it becomes very easy to cut and paste or type information into the wrong screen.  One simple mistake by an employee can cause a significant amount of work to correct and a lot of bad press if word gets out, not to mention the lawyer bills associated with the the law suits.  If the firm the employee worked (yes the use of past tense is intentional) for is subject to any of the myriad state, national and foreign laws that govern requirements for notifying customers whose data has been disclosed the costs can skyrocket and mitigation costs such as a year of credit watch on the customer’s credit information could seriously damage, or even bankrupt a small firm.

Companies that handle consumer data need to weigh the risks and rewards of allowing Social Network access very carefully before allowing access by employees, and where the rewards outweigh the risks need to carefully consider which controls (preventive, detective, corrective, or perhaps all three) they need in place BEFORE allowing access.

 

 

music note While writing this, I was listening to "Bay Smooth Jazz (1.FM TM)" in iTunes

Monday, October 12, 2009

Commentary: Major bug in Snow Leopard deletes all user data

It looks like end user data loss is going to be a significant theme this week.  Over the weekend the news was about Sidekick users and Danger’s data center issues .  Now it appears that a problem in Snow Leopard can cause users to lose all their data when they switch to “guest” and then back to their user account.  The answer is backups (and not just one), performed on a regular basis.   You don’t need a complicated backup strategy for your personal data just an effective one.   Jochen Wolters of O'Reilly's digitalmedia blog published a set of straight forward Best Practices for Personal Backup.  Given the relatively low cost per gigabyte of storage devices today, and the breadth of available devices (Apple’s Time Machine, external USB drive) there is no reason not to have backups of your data.

It doesn’t require expensive hardware or fancy software.  My off site backups consist of 2 500GB Western Digital hard drives and a batch file utilizing Windows Robocopy to update my backups with new or changed files.  Every time I add new media or update a critical file I start my batch file before leaving my desk (I could also use  set up a scheduled backup using the Windows at command).   There is no reason in this day and age that a user should lose their data.

Major bug in Snow Leopard deletes  all user data

Technorati Tags: ,

music note While writing this, I was listening to "Original HOT 97.COM"

Sunday, October 11, 2009

blog/twitter utility test

blog/twitter utility test

Sidekick failure rumors point fingers at outsourcing, lack of backups

As an Information Security Professional I am always concerned about data, especially when it comes to storing it on the Internet or with a third party.  In Info Sec we are always concerned with CAI (Confidentiality, Integrity, Availability).  In this case Availability was/is a FAIL.  When it comes to YOUR DATA, its YOUR RESPONSIBILITY, to ensure it is being SECURELY BACKED UP.  My personal policy is to keep multiple on site copies and an additional copy stored offsite with a TRUSTED friend.

Sidekick failure rumors point fingers at outsourcing, lack of backups

Listening to: - - The Smooth Jazz Channel by 977music.com

Technorati Tags: ,,