Apple, Privacy, and Doing the Right Thing


Steve Jobs from a South Park episodeHere’s the deal. A Federal court has ordered Apple to comply with the FBI’s request to help break into the encrypted iPhone of one of the dead shooters from the San Bernadino shooting in California back in December. Apple publically refused in a well written letter that defended the importance of privacy and was signed by Tim Cook.

Who’s right?

It wouldn’t take a genius to determine that I might instinctively side with privacy and Tim Cook. I’m a big believer of ethical behavior in the tech world, the importance of firms protecting consumers from their own ignorance, and am proud that Tim Cook is a fellow Auburn grad.

But it isn’t that simple.

Continue reading

Box Makes a Huge Leap in Security


The Keymaster and Gatekeeper from GhostbustersI saw the Box’s announcement of their Enterprise Key Management (EKM) feature yesterday. This is a big jump forward for Box and puts them well in the front lines for cloud security among vendors with traction. Matt Weinberger had a good write-up about how Box’s EKM works complete with a Ghostbuster reference.

Chris Walker wrote about Box’s EKM announcement and quoted a tweet I made. The tweet follows but I encourage you to go read his post as it is a good one.

I wanted to expand on the quote up above in a comment on Chris’s post then I couldn’t stop typing. I decided to write it here.

Continue reading

Sony, Information Governance, and the Quest for Relevancy


Movie: The InterviewPeople have been writing for months about what could have prevented or lessened the impact the Sony hack. I’ve talked to many people in the information governance industry on this very topic. I’m a firm believer that even with proper information governance policies that were properly followed, the impact of the Sony hacks would be the same.

Of course, not everyone agrees. Lubor Ptacek asked if enterprise content management (ECM) could have prevented the hack. While his answer was not a definitive ‘Yes’, it did fall strongly on the side that it would have made a significant difference.

Lubor is a smart person so I’ve decided to visit his points in this post.  Before I start going point-by-point…

You Can’t Govern Stupid

Continue reading

Content Management Step 3, Control that Information


Auburn's Eagle FlyigAt this point, I’ve covered the first two Content Management steps towards achieving the proper Information Governance, knowing. The remaining steps are ones that the industry executes fairly well today, at least from a technical perspective. It just feels like a failure because we historically fail to Capture and Organize content properly.

The third step is Control. Control is something that most organizations have mastered, perhaps a little too well. If a piece of content gets into the system, locking it down is easy. The challenge here is not the technology, but the basic approach to controlling content.

Continue reading

Heartbleed is NOT an Open Source Issue


I was going to write a nice, calm post today when I came across Ralph Losey’s piece on the Heartbleed bug. It is a long piece and you can tell it was written by a lawyer. I have nothing against lawyers as two of my oldest and closest friends are lawyers. I’ve met and talked to Ralph before. He is a smart guy and general understands how technology can change the world. Ralph simply misses the point on Open Source.

Completely misses it.

This was a bug that was not caught before release, the same as happens in proprietary software. I know as I’ve released a few bugs in my day.

Continue reading

Have you Hired Snowden?


I have had a LOT of discussions with people over the past year about Edward Snowden, the NSA, and the impact on cloud adoption. My general response is that it would likely slow US adoption of the cloud by a few months and outside the US by a couple of years.

Well, it has be six months since this all started and I was starting to wonder about how this was panning out. Then Computerworld kindly published a piece stating that Chief Information Officers (CIOs) were sticking with the cloud despite the NSA.

While 20 CIOs are in no way a fair sample size, even if they are geographically dispersed, they did raise several excellent points.

Continue reading

What Constitutes a Cloud Product?


Yesterday, there was a pretty heated twitter debate between Ron Miller, Irina Guseva, Tony Byrne, and myself over what constitutes a Cloud Product. This was triggered by an article that Irina had published on the Real Story Group blog about what people should take away from the Adobe security breach (besides passwords).

I am not a big fan of how Irina portrayed cloud security as cloud systems are often more secure than many internal systems. Ron had more fundamental issues with the article.

Adobe calls this product Creative Cloud when it’s not a cloud product.

and

This had nothing to do with them being cloud. Adobe ID goes back years.

I tend to ignore most contradictions in a Twitter debate given the limits of the medium. I do want to counter both of Ron’s statements.

Continue reading