Thursday, July 29, 2010

100m Facebook users' data listed

The news this week that “personal” information of 100m people, 20% of Facebook’s users, has been made available in a downloadable file on the Internet is interesting, but not surprising.
  1. Facebook is correct in responding that all of the information (Name, Username and URL) is already visible to Google and other search engines, as well as other Facebook users; and users have some degree of control over their privacy to make that information no longer public.
  2. However, the media hype and scare-mongering is part of a growing privacy concern with web-based applications as fears of data mining activities becomes more widespread.

What could go wrong? User names and profile page URLs are available in the download, so by following them personal information (address, birth date, phone numbers, etc.) can be viewed. Along with a list of their online friends. And their picture. What's more, friends of all those users that have opted to keep their information private - can now be found by clicking through the profiles on the list. And, statistically, it is likely that up to 10% (10k users) have an insecure password that is some variant of their name and/or date of birth etc so this list gives opportunity for great damage.

Social networking really took off in the public domain and now is being used by forward-thinking companies, but still lagging the leadership of the private sector. Once again the private sectore leads: expect privacy calls and an anti-web reaction to increase.

For more on this see this blog post. It's one reason why I recently committed Facebook suicide!

Tuesday, July 27, 2010

Is the cloud beginning to disperse?

"BlackBerrys present security risk" is the alarmist headline from the BBC, reporting that the government of the UAE is trying to crack down on data leaving their national boundaries to be stored on computer servers outside the country. (

Last year the UAE tried to impose a software patch to BlackBerry devices in the country, sending a copy of the contents to in-country servers, accessible to government monitoring.

Are we about to see the first moves away from fashionable "cloud computing?" On the one hand, governments are beginning to want to access and control the data within, and across, their Borders; on the other hand, users are becoming aware of this and increasingly unwilling to trust some of their data to a service in the cloud that they can't control.

As I looked at the faded keys on my laptop, worn away through over use, I thought back to one of the "forensic computing" investigations I once performed: I had found that 80% of one employee's emails sent on company time were not work-related. The lesson I learned is that the stuff we do with technology can be found out by anyone who has enough time, motivation and technical skill. Perhaps it's not just the cloud we should be wary of!

Friday, July 9, 2010

Stuck in time

Knowing that one of our sales people was about to become a Dad for the first time, I stepped into a sales situation with one of our prospects in the public sector. (Congratulations, by the way, to Kevin and Wendy who had a little boy of 8lb 2oz this week!)

What a depressing experience!

Some years ago I worked for IBM, a huge computer company. Back in those days we were selling big-ticket systems to an IT department that had a vested interest in buying from us: they could guard their headcount, justify yet more staff and budget, and enhance their personal marketability by training on our systems. And we were selling 100k+ systems with training, support and annual maintenance charges as well as implementation services. So we could afford to put someone on site, free of charge, for several days as part of the sales process.

If we didn't win the business, we'd apportion the cost of sale across rising annual maintenance figures spread across our customer base.

The world has changed. IBM has a very different approach to the market now. And so do we.

We sell the expertise of our people, and our time. We offer "Data Quality as a Service" so that our clients get what they need in an agile, timely fashion without having to buy or lease software and invest in training, support and annual maintenance.

But this means that we can't give away our insights at the start of an engagement before a contract is signed. And our approach won't work if they are trying to buy in the old way.

We faced a prospect that was putting effort into an investigation that currently lacks senior management sponsorship, budget and business case. I had to take a commercial decision to limit our cost of sale. When it became certain that they were choosing to buy in the old paradigm; we chose not to reveal our insights into their data, because we are never going to sell them a software solution that would let us recover the costs of that expert evaluation.

We are "tools agnostic" and prefer that our clients choose which hammer to use and let us help them decide which nails to hit, in which order and with what force; and how not to hit thumbs while doing it! We have several consultants assisting a client to make best use of the software tool provided by the vendor we are competing with; and we are equally comfortable with Business Objects, Informatica and others ...

We are tools agnostic precisely because all IT projects are not about the technology tools, but the people and the processes to support the business.

What have we learned? We confirmed a decision not to sell to IT, unless we're confident that they know how to buy in the new commercial environment.

Friday, July 2, 2010

Sports insight

I often say that my surname's "scorer" but I've never won a sports match. But it's been a summer of sports - English embarrassment at the World Cup; now the British hope at Wimbledon over; and today I met with Kevin, a South African colleague who financed himself through university on a golf bursary.

We were talking about the focus that's needed to excel. A golf game is never won on the first shot, though can be lost then. In a tournament, the truly great are the ones who focus on the end result and pace for what they need to achieve. Great golfers focus for the thirty seconds of each shot, then relax and move on to deal with the consequences of their last action. They take responsibility for their performance. They plan for what they have to do to get to their objective, quite literally in the shortest way possible.