Effective immediately, I am no longer a Certified Records Manager (CRM). If you should happen to see an announcement for a presentation that I am making and it shows me as a CRM, that is no longer the case, so please disregard the designation.
I suspect that I may overlook a few places here and there and there is no intent to mislead anyone or disrespect the credential or the ICRM. After 20 years, it became something of a habit, so I have to unlearn that.
Monday, March 18, 2013
Wednesday, October 31, 2012
ATR: iPad, uPad, We All Pad...
As Apple announced the next iPads recently, it dawned on me that I'm a year into my personal experience with the iPad. Interestingly, that iPad2 has already been put two generations behind, plus there is a new size. Gotta love technology. I'm also now up to iOS 6, which means I have done two OS upgrades since I first opened the box. It feels like 1992 all over again.
The number of folks with iPads in the office has increased modestly. I'm not certain that most are as geeky about them as I have been, but they get plenty of use.
For this one year anniversary post, I thought that I would noodle a bit about the state of BYO (Bring Your Own) and the smartphone / tablet revolution. I'm mainly going to set out some of my observations and analysis.
Trend: Fewer employees have company-issued smartphones. Like company paid Internet access, it seems that many companies are phasing out paid cell phones. While this can be a risk relative to information security and e-discovery, the cost savings are driving this, plus employees can buy whatever phone they desire rather than settle for what the company supports.
Trend: Tablets will represent the general limit for most organizations with BYO programs. While there are companies experimenting with computer / laptop BYO programs, integrating and monitoring unmanaged computers is hard. Virtualization is expensive and often doesn't work very well. HR and Legal have concerns about litigation and acceptable use. Tablets generally don't get onto the company network, have limited storage capability, and represent less risk across the board.
Trend: Smartphones and tablets will see increased security threats. With employees generally becoming smarter about threats to their computers, attackers will turn to smartphones and tablets to gain access to corporate data and networks. Antivirus / anti-malware software is immature and few users utilize the software that is available.
Trend: Monolithic vendors (i.e. Apple and RIM / Blackberry) will tend to become more sanctioned for office use. Android will lose share for devices used for business purposes. Windows will be driven by Microsoft's commitment and security patch velocity. More on this below.
Trend: Laptops will become more tablet-like. For all of Microsoft's efforts to get acceptance of Tablet PC, the real limiter wasn't the OS so much as the hardware (weight and battery life). With extreme thinness in, we're seeing laptops that aren't much bulkier than tablets, yet allow greater functionality. The new Dell Ultrabooks with the convertible touch screen refresh an older design in a thin package. That form factor should be the winner over the long haul. The next question deals with the ability of Microsoft to deliver an OS that is nimble.
A significant factor, as I mentioned, is the increased security threat represented by smartphones and tablets. Android devices will be at a significant disadvantage here. My 18 month old Atrix is no longer going to see its OS updated. That means, until I buy a new phone (which, because of subsidy contracts, means at least another six months), I'm not only stuck with an old OS, but I'm stuck with its foibles and vulnerabilities. Imagine that your PC was limited to Windows XP, and then only to the updates from 2003. Now look around your office. How many PCs are still running XP? Quite a few, I'll bet. The security issues with XP would be unmanageable if it wasn't continually patched. Eventually, Microsoft stops patching, but generally at a point where the risk is diminished.
The challenge with smartphones is twofold: hardware and carriers. Each manufacturer builds several different phones each year for each carrier... globally. That could mean several dozen new models every year, tweaked for the numerous cell phone carriers around the globe. And each manufacturer likes different chipsets and other hardware features. That means that "Android" has to be written to the specific phone and carrier, then tested on that network. And the carriers like to enable and disable certain features, as well as add their own bloatware.
Monolithic manufacturers like Apple and RIM control their own destinies a bit more. They are still at the mercy of carriers, but they can manage code updates far better than the Android crowd. This means more frequest OS refreshes and potentially longer life for the underlying devices. That said, smartphones and tablets appear to be destined to have much shorter lifetimes that the current generation of laptops and desktops. That very much parallels the experience of computer users 20 years ago. The computer OS and software changed at very high frequency and computers became more and more powerful with each new chipset, requiring frequent upgrades, replacements and software purchases. Somehow, Microsoft managed to ensure that DOS and Windows could support multiple generations of hardware from disparate vendors. This is what Google has to be able to do with Android at some point.
Corporate support for the BYO world is largely going to be dependent upon security down the road. Right now, the devices have to connect and not mess up the corporate network or cause networking issues. If they don't increase support calls, they are good. That's a given. But at some point, BYO devices will be vulnerable to a new generation of malware and frequent enough targets that enterprise IT will have to insist on protective measures. Otherwise, the noise level just gets crazy and the risk increases.
If I look at my own BYO behavior and computer usage, I would expect that within five years, I will revert to a desktop computer at work from my present laptop. My iPad will either have increased capability or I will switch to a convertible tablet / laptop device that allows for a full keyboard. I will have some sort of corporate-sanctioned cloud storage, and, that convertible device will likely have greater cellular telephone capability (I would expect that there will be some ability to answer calls from your tablet and switch from smartphone to tablet with ease so you don't have to carry around multiple devices). If I need to remotely get on the corporate network, I'll use a virtualization tool via VPN.
It's kind of fun to be an old dog being taught new tricks. Maybe I'll even buy a Mac for my home computer.... nah.
The number of folks with iPads in the office has increased modestly. I'm not certain that most are as geeky about them as I have been, but they get plenty of use.
For this one year anniversary post, I thought that I would noodle a bit about the state of BYO (Bring Your Own) and the smartphone / tablet revolution. I'm mainly going to set out some of my observations and analysis.
Trend: Fewer employees have company-issued smartphones. Like company paid Internet access, it seems that many companies are phasing out paid cell phones. While this can be a risk relative to information security and e-discovery, the cost savings are driving this, plus employees can buy whatever phone they desire rather than settle for what the company supports.
Trend: Tablets will represent the general limit for most organizations with BYO programs. While there are companies experimenting with computer / laptop BYO programs, integrating and monitoring unmanaged computers is hard. Virtualization is expensive and often doesn't work very well. HR and Legal have concerns about litigation and acceptable use. Tablets generally don't get onto the company network, have limited storage capability, and represent less risk across the board.
Trend: Smartphones and tablets will see increased security threats. With employees generally becoming smarter about threats to their computers, attackers will turn to smartphones and tablets to gain access to corporate data and networks. Antivirus / anti-malware software is immature and few users utilize the software that is available.
Trend: Monolithic vendors (i.e. Apple and RIM / Blackberry) will tend to become more sanctioned for office use. Android will lose share for devices used for business purposes. Windows will be driven by Microsoft's commitment and security patch velocity. More on this below.
Trend: Laptops will become more tablet-like. For all of Microsoft's efforts to get acceptance of Tablet PC, the real limiter wasn't the OS so much as the hardware (weight and battery life). With extreme thinness in, we're seeing laptops that aren't much bulkier than tablets, yet allow greater functionality. The new Dell Ultrabooks with the convertible touch screen refresh an older design in a thin package. That form factor should be the winner over the long haul. The next question deals with the ability of Microsoft to deliver an OS that is nimble.
A significant factor, as I mentioned, is the increased security threat represented by smartphones and tablets. Android devices will be at a significant disadvantage here. My 18 month old Atrix is no longer going to see its OS updated. That means, until I buy a new phone (which, because of subsidy contracts, means at least another six months), I'm not only stuck with an old OS, but I'm stuck with its foibles and vulnerabilities. Imagine that your PC was limited to Windows XP, and then only to the updates from 2003. Now look around your office. How many PCs are still running XP? Quite a few, I'll bet. The security issues with XP would be unmanageable if it wasn't continually patched. Eventually, Microsoft stops patching, but generally at a point where the risk is diminished.
The challenge with smartphones is twofold: hardware and carriers. Each manufacturer builds several different phones each year for each carrier... globally. That could mean several dozen new models every year, tweaked for the numerous cell phone carriers around the globe. And each manufacturer likes different chipsets and other hardware features. That means that "Android" has to be written to the specific phone and carrier, then tested on that network. And the carriers like to enable and disable certain features, as well as add their own bloatware.
Monolithic manufacturers like Apple and RIM control their own destinies a bit more. They are still at the mercy of carriers, but they can manage code updates far better than the Android crowd. This means more frequest OS refreshes and potentially longer life for the underlying devices. That said, smartphones and tablets appear to be destined to have much shorter lifetimes that the current generation of laptops and desktops. That very much parallels the experience of computer users 20 years ago. The computer OS and software changed at very high frequency and computers became more and more powerful with each new chipset, requiring frequent upgrades, replacements and software purchases. Somehow, Microsoft managed to ensure that DOS and Windows could support multiple generations of hardware from disparate vendors. This is what Google has to be able to do with Android at some point.
Corporate support for the BYO world is largely going to be dependent upon security down the road. Right now, the devices have to connect and not mess up the corporate network or cause networking issues. If they don't increase support calls, they are good. That's a given. But at some point, BYO devices will be vulnerable to a new generation of malware and frequent enough targets that enterprise IT will have to insist on protective measures. Otherwise, the noise level just gets crazy and the risk increases.
If I look at my own BYO behavior and computer usage, I would expect that within five years, I will revert to a desktop computer at work from my present laptop. My iPad will either have increased capability or I will switch to a convertible tablet / laptop device that allows for a full keyboard. I will have some sort of corporate-sanctioned cloud storage, and, that convertible device will likely have greater cellular telephone capability (I would expect that there will be some ability to answer calls from your tablet and switch from smartphone to tablet with ease so you don't have to carry around multiple devices). If I need to remotely get on the corporate network, I'll use a virtualization tool via VPN.
It's kind of fun to be an old dog being taught new tricks. Maybe I'll even buy a Mac for my home computer.... nah.
Wednesday, September 5, 2012
OTR: Citizenship
One of the proudest possessions in my home is a piece of paper. It hangs on the wall in a simple frame. The paper is creased and worn, the ink faded, but legible. It is a document 156 years old. It is my great-great-grandfather's Naturalization papers -- his citizenship.
I sit and shake my head when I hear the various arguments about how requiring identification to vote disenfranchises people. I look at that worn piece of paper and see the folds. It is clear to me that my great-great-grandfather carried that document with him from time to time, folded in a pocket. I suspect that he needed it when he applied for a job and likely when he registered to vote. It was likely a very prized possession, yet one that was frequently carried and used by him. It was so prized that it was saved and framed by a later generation and passed down to today. I don't think that I have a photograph of the man, but I have his citizenship papers. Funny how that old piece of paper can survive, but people today can't seem to be bothered to use modern technology to get a simple piece of identification.
Funny that today, people want to be handed the privilege of United States citizenship just for crossing a line on a map. Or for overstaying a visa. Yes, people want to come to this country. They always have. They want better lives. I'm sure my great-great-grandfather wanted that for himself -- and he worked hard to achieve that life. But today people want to come here and never renounce their allegiance to their former country. They expect driving tests to be given in Polish or Spanish. They expect their children to be taught in their native tongue. It bothers me to ride around the Chicago area on Polish Constitution Day or Mexican Independence Day. I see foreign flags flying more than I see American flags. I can't imagine being free to do the same with an American flag on the Fourth of July in Krakow or Mexico City. People should celebrate their heritage and be respectful of their heritage, but many seem determined to never let go of old allegiances. The beauty of America is the melting pot... that a generation after coming here, the Sullivans and the Schmidts and the Kowalskis and the Perezes and the Roncallis all can speak the same language. They can share the same understanding of what it means to be an American. But I fear that is no longer always the case.
One hundred fifty six years ago, a man named Cunningham renounced his allegiance to Queen Victoria in Geneva, Illinois. He would follow the railroad to Boone, Iowa and be buried less than 20 years later in a prominent place in the Catholic cemetery. His ancestors would carry his family name and hold on to a simple piece of paper. We have pride in our heritage -- a heritage that is Irish and German and French... and likely more than that. But it is first and foremost American. That old creased paper reminds me of that every time I look at it.
Citizenship is a privilege and must be earned. It must be protected and held in high regard. It is not an entitlement or a "right" to anyone who wants to use it. Citizenship, like freedom, is never free.
I sit and shake my head when I hear the various arguments about how requiring identification to vote disenfranchises people. I look at that worn piece of paper and see the folds. It is clear to me that my great-great-grandfather carried that document with him from time to time, folded in a pocket. I suspect that he needed it when he applied for a job and likely when he registered to vote. It was likely a very prized possession, yet one that was frequently carried and used by him. It was so prized that it was saved and framed by a later generation and passed down to today. I don't think that I have a photograph of the man, but I have his citizenship papers. Funny how that old piece of paper can survive, but people today can't seem to be bothered to use modern technology to get a simple piece of identification.
Funny that today, people want to be handed the privilege of United States citizenship just for crossing a line on a map. Or for overstaying a visa. Yes, people want to come to this country. They always have. They want better lives. I'm sure my great-great-grandfather wanted that for himself -- and he worked hard to achieve that life. But today people want to come here and never renounce their allegiance to their former country. They expect driving tests to be given in Polish or Spanish. They expect their children to be taught in their native tongue. It bothers me to ride around the Chicago area on Polish Constitution Day or Mexican Independence Day. I see foreign flags flying more than I see American flags. I can't imagine being free to do the same with an American flag on the Fourth of July in Krakow or Mexico City. People should celebrate their heritage and be respectful of their heritage, but many seem determined to never let go of old allegiances. The beauty of America is the melting pot... that a generation after coming here, the Sullivans and the Schmidts and the Kowalskis and the Perezes and the Roncallis all can speak the same language. They can share the same understanding of what it means to be an American. But I fear that is no longer always the case.
One hundred fifty six years ago, a man named Cunningham renounced his allegiance to Queen Victoria in Geneva, Illinois. He would follow the railroad to Boone, Iowa and be buried less than 20 years later in a prominent place in the Catholic cemetery. His ancestors would carry his family name and hold on to a simple piece of paper. We have pride in our heritage -- a heritage that is Irish and German and French... and likely more than that. But it is first and foremost American. That old creased paper reminds me of that every time I look at it.
Citizenship is a privilege and must be earned. It must be protected and held in high regard. It is not an entitlement or a "right" to anyone who wants to use it. Citizenship, like freedom, is never free.
Saturday, July 7, 2012
OTR: Why are Phishing Messages so Lame?
I was taking a quick troll through my spam folders this morning to make sure nothing of importance got stuck there before I flush them. I find that Yahoo! does a decent job of catching spam and phishing messages with few false positives, but Google seems to catch a lot of legitimate messages (btw, Google, if I have a rule that tags a message, that should override the spam filter,... just sayin'). I'm easily amused by a lot of the more obvious phishing messages. I've been of the opinion that the people writing these things ought to invest in native English speakers for more effectiveness. But they keep coming, so obviously they are working on some people.
I read somewhere recently, that one theory about why lame phishing messages continue to be sent is that they work. If someone actually bites on one of these, they are clearly not too bright and if they aren't too bright (and usually greedy to boot), they won't overthink the messages that come next. I guess that is one theory. I suppose another is that there are more than a few people who are either naive or extremely trusting souls and they get hooked fairly easily. These are generally the same folks who fall in with con artists and withdraw money from the bank in exchange for an envelope full of stacked newspaper.
At the Day Job, we see the more advanced phishing messages. These are targeted and are called "spear phishing" messages because they tend to selectively target individuals with "bait" indicative of some knowledge of the individual. There's another class of phishing messages referred to as "whaling", which targets high value individuals -- we haven't seen much of that. But even some of the best spear phishing messages are lame. Seriously, why would a C-level executive send you an email from a Yahoo! account? But people clicked away on that because it was "signed" by that exec. It was a low number, but still... and the funny thing is that the phisher could have done a few simple things to disguise the message, but didn't. So I have to think that even the spear phishers are looking for people who are either too harried to really look at email or simply aren't bright enough to realize that they are being phished.
So for today's lesson: Stop. Think. Connect.
I read somewhere recently, that one theory about why lame phishing messages continue to be sent is that they work. If someone actually bites on one of these, they are clearly not too bright and if they aren't too bright (and usually greedy to boot), they won't overthink the messages that come next. I guess that is one theory. I suppose another is that there are more than a few people who are either naive or extremely trusting souls and they get hooked fairly easily. These are generally the same folks who fall in with con artists and withdraw money from the bank in exchange for an envelope full of stacked newspaper.
At the Day Job, we see the more advanced phishing messages. These are targeted and are called "spear phishing" messages because they tend to selectively target individuals with "bait" indicative of some knowledge of the individual. There's another class of phishing messages referred to as "whaling", which targets high value individuals -- we haven't seen much of that. But even some of the best spear phishing messages are lame. Seriously, why would a C-level executive send you an email from a Yahoo! account? But people clicked away on that because it was "signed" by that exec. It was a low number, but still... and the funny thing is that the phisher could have done a few simple things to disguise the message, but didn't. So I have to think that even the spear phishers are looking for people who are either too harried to really look at email or simply aren't bright enough to realize that they are being phished.
So for today's lesson: Stop. Think. Connect.
Subscribe to:
Posts (Atom)
