Stand up laptop thief.

Laptop theft is a serious problem. The guy in this video may come across as being over the top, sanctimonious, threatening, obsessive and well just plain scary. If every laptop theft victim had his attitude it is likely that the incidence of stolen laptops would drop quite significantly. I wouldn’t like to be the target in the class.

The speakers failures however would appear to be in the areas of encryption and data backup. If these two issues were addressed correctly his data would not get in the wrong hands and would be available to him.

Conclusion?

Having the attitude, diction and power of a lecturer and having your target trapped in the room just doesn’t compare in effectiveness with having your data encrypted and backed up.

If he had an account with Backupanytime, not alone would he have his data, we could assist in retrieving his laptop. How can an online backup service provide a stolen laptop retrieval service? See here, http://www.backupanytime.com/blog/2008/10/21/backupanytime-stolen-laptop-retrieval-service/

Data loss is only one component of data breach.

In years gone by, the main (even sole) concern which business had regarding data was the direct consequences to themselves of losing data. The questions they asked themselves centred around an inward looking theme.

What data do we need to retain to ensure survival?
How will data loss affect us?
How long will it take us to get backup and running should we lose data which is backed up?
Will we be able to get back up and running if we lose data which is not backed up?

These are all valid questions but every one of them miss the main concern which has always existed but has come to the fore in the past few years.

How will if affect other people and organisations?

Just to bring some clarity to inward looking people, the above question also equates to the following.

Will we be sued, prosecuted or shown in the media to have compromised client data?

This changes the perspective and adds a whole new required functionality to the issue. We are now moving up from basic backup to actual data protection.

So, a manual drag and drop of files to an external pen drive or hard drive which is bandied about in a directors car at night may to a small degree offer an element of simple backup. It does on the other hand however very likely significantly increase the risk of data loss. This is not recognised by companies and individuals who are only interested in retaining a copy of data for themselves. If they look beyond this blinkeed and recklessly narrow focus they will see that the net effect is to place copies of client data in dangerous situations.

Ask yourself this.
Would I be satisfied if every company I have ever dealt with had personal and identifiable information pertaining to me being driven about in staff cars overnight?

Absolutely not. All this does is increase the number of potentially available copies of this information for the companies involved and also increase the risk of breach to those about whom the data relates.

So, simple backup is too narrow a focus. Offsite only helps if it does not as a consequence of being offsite increase data protection risk factors.

The next time you consider the importance of a file, don’t just consider how much you need that file. Also consider how much others need that file (and any other versions of it applicable to you) protected from public release.

Irish SEO expert competition winner.

Congratulations to Paul Savage of blackdog.ie who won the highly coveted Geansai Gorm Irish SEO expert competition. Well done also to the organiser of this great event, Damien Mulley fame. The rules of the competitionproved at times too strict leaving some entrants disqualified. There are no sour grapes however as Paul’s Entry was not just the top placed viable entry but indeed the top placed entry of any type. The time span this competition ran over, allowed for some fun and games with some entrants sailing a bit too close to the wind. There were instances of entrants being banned by Google. One fictitious albeit well humoured web press release made the newspapers fooling experienced print journalists.

On a serious note, this competition was entered by experienced SEO players. Their ambition was to win. The competition results provide an insight in to the working of search engine optimisation for those who can follow it. In addition, entrants used link skills, social media, engaging or amusing content and more to surpass each other.

This competition was also fair. One very important rule was that all entering domains had to be new. This prevented domains with links, prior media exposure or history from being used. This competition was followed and reported in quality Irish blogs. Some took up the gauntlet and chose one or more entrants to support giving a real community feel to the competition.

Damien Mulley has announced that for Web Awards 09 he will include a practical SEO section.

So, now you know who the blue jumper of Irish SEO is. If you need help getting your site seen or want to be found for specific search terms you can contact Paul as per the Blackdog.ie website.

Backupanytime content being stolen.

I have “Backupanytime” set up as a Google alert term so I receive notifications about mention of Backupanytime on the web. Being a small business, many of these relate to content on our own site and I am familiar with them before Google alerts me. Some of them relate to our blog being added to someones blogroll (and this is appreciated) while others are as a consequence of a blog post somewhere by us or about us.

I received one today of a totally different type. I recognised the content. Indeed I wrote it. The location was not known to me. The location was http://onlinebackupsolutions.blogspot.com
I had a look at it. Realising that there were other incidents of our content on the site and that they in the main linked back to a competing online backup company I had a very close look indeed.
Here are some examples of what I found.
http://onlinebackupsolutions.blogspot.com/2008/12/features-and-limitations-of-backup.html
Supposedly Posted by Rachel Joseph at 3:24 PM

The above is not just like original content from our site but even has “Backupanytime” in the content! It comes from http://www.backupanytime.com/blog/2008/07/16/50-things-you-should-know-about-online-backup/

Here is another example.

http://onlinebackupsolutions.blogspot.com/2008/11/compression.html
Posted by Rachel Joseph on 21 November
This originally comes from http://www.backupanytime.com/blog/2008/07/16/50-things-you-should-know-about-online-backup/
They must like that post.
And here is another one
http://onlinebackupsolutions.blogspot.com/2008/11/encryption-and-its-importance_17.html
is also taken from our original content on
http://www.backupanytime.com/blog/2008/07/16/50-things-you-should-know-about-online-backup/
and again Posted by Rachel Joseph, this time November 17th.  She must know this original Backupanytime blog post off by heart. It is indeed a long but apt and interesting post which took considerable time to complete. Rachel has a much more efficient approach. She just steals my content and splits it up to make multiple posts. Content theft is despicable. It is so mean.
They all in the main lead back to http://sosonlinebackup.com/

I called that company and got an answering machine. I left a detailed message.
I will follow this up no matter what it takes.

I am also reporting this to blogger and I am reporting the adsense account. These reports involve snail mail. I assume this is to avoid misreporting. I expect therefore that these reports (especially since mine is detailed and undeniable) will be taken very seriously. Data protection is difficult to apply to data you want to make public througha website but which you want to be attributable to the correct  source. They are real costs in producing content. Why should someone else have reduced I.T. costs through plagiarism? There are no acceptable circumstances I am aware of. If someone wants to enlighten me, feel free.

I would appreciate any assistance on this.

In addition I want to track Rachel Joseph. Firstly to see if she actually exists and secondly to see if she has posted our content anywhere else.

Any comments, advice or opinions welcome.

John

3 Ireland win national broadband contract.

Three.ie or simply “3″ have won the government contract to provide broadband which will connect the unconnected in Ireland. This is one part of the national broadband scheme. The department of communications reckon that circa 10% of Ireland is outside of any broadband coverage. This does not address however much of the remaining 90% which can avail of broadband of low speed, high contention and very high cost.

The system to be used by “3″ is their own HSDPA 3G solution. There are critics (as with all systems) but my experience of this system (I have limited experience of using it on the move) suggests that while it is obviously inferior to cable it is at worst very usable, not expensive for general browsing and simple to configure to the point of being almost self configuring.

One of the benefits of using the service in isolated areas (where it worked) was the lack of contention due to low user numbers in said areas. This must be a concern as any success in increasing uptake numbers will increase contention.

The communications minister, Eamon Ryan has been quoted as saying broadband availability is ‘central to our economic recovery.’ It is a clear case of fattening the pig the day before the market (maybe even during the bidding) but any progress is welcome. The lack of urgency with which broadband availability, speed and contention has been addressed has been a great cause of confusion amongst business people for some time. Broadband has the power to assist with decentralisation, reducing the rush to under serviced cities and allowing green, sustainable enterprise to flourish in rural areas.

I have looked for information on subsidies, scope and time-lines for this contract but have failed to find anything clear-cut regarding any of these questions. I will add or track-back when further information becomes available.

All in all, this is good news. A plan is in place. A suitable service and provider have been identified and selected. The deciding factors regarding the success of this contract will be the level of service, the strength of support, the extent of the subsidy and the passing on of this subsidy in full to the consumer.

We hope this gets more coverage for all the right reasons.

Recent visitors may be familiar with our latest poll which is still running. Far from scientific, the current poll which was started on Monday of this week may run for a number of weeks before Backupanytime review the results. Rather than have the current poll results reviewed prior to the last poll we are therefore prompted to review the July poll results here and now.

In July we ran an online poll in order to determine the level of understanding of online backup which was attributable to our visitors. This was a visitor survey, not a test and therefore results are not scientific, are from a small sample and dependent on the respondents understanding of the questions and honesty in answering. All results have been rounded to the nearest digit. Backupanyime in reviewing the results found them somewhat limiting in scope of visitor knoledge assessment but of potential use from a web analytics viewpoint.

The Backupanytime review of the poll results are interesting.

The following are the main findings.

Visitors to our online storage blog are more technical than visitors to our online backup website.

This is not too surprising. The main site is kept simple intentionally to assist non technical owner manager visitors in making decisions regarding data backup. The blog however has a much wider focus and we allow a greater level of technical online backup information and increases topic roam in blog content.

Visitors to our data storage white papers are the highest qualified visitors we have.

Somewhat of a contradiction as the white-papers area is on the main site. Add to this that many of the white papers are of the ”for dummies” type and we can only venture that these technical visitors are reading from a common selection of technical documents. 

Most people visiting the data backup FAQ area are not Backupanytime clients.

This points to online backup frequently asked questions being used as a pre-purchase research tool as opposed to post purchase self learn documents. Most FAQ writers would find this interesting.

Almost half of our blog visitors are in a competing or complementary I.T. business.

Our target audience is the online backup end user and indeed the intended online backup end user but while the large number of trade visitors could be a concern, we are flattered that they find the site interesting.

Less than 40% of visitors are in Ireland or the UK.

This is a concern for us as our focus is primarily the UK and Ireland. Given that 60% of our visitors are based outside our target audience we will need to have this examined by experts. We provide services to clients outside of the UK and Ireland but to date this is minimal and support for UK and Ireland is uniform in time zone and language whilst being very close from compliance and legal viewpoints.

Almost twenty five percent of visitors had been on the site before.

Nice to see they are coming back. Not sure what this figure should be.

40 percent said they would visit again, half of those frequently.

I think that should be considered satisfactory.

How do these figures compare with Google analytics?

Some can not be compared such as user computer education and experience. Other data may be compared but does not colate at all. Our analytics figures show our home page to be the most popular starting point. The survey does not lean in that direction. Analytics shows a higher return visitor rate and a relatively high German and USA visitor rate which does not come through in the poll. Analytics also shows “Is tape dead?”  to be our most visited page outside of the home page. This does not feature in our poll at all.

In conclusion.

The numbers are not big enough and the period not long enough to draw any specific conclusions. We are however satisfied that visitors are finding the site for the intended search queries, are satisfied with the content, likely to return and often do. What about conversion you ask. Most of our clients hear about us through word of mouth. Only a handfull of clients per month avail of our services as a consequence of a web search. We believe however that the website is used by interested parties who found us through other mediums and have a look at specific pages such as the Backupanytime online backup review and testimonial page before calling.  In short, a small prcentage of clients find us because of the website. A large percentage sign up as a consequence of it after finding us.

Online storage, movers, shakers, mergers and closures.

With all the talk of anticipated consolidation in the online storage market due in 2009, it is important to be aware that so far 2008 has not been bereft of position grappling.

xdrive to close (Data backup planned closure)
As detailed in an earlier post, xdrive is to close in early January. This is a planned closure by a giant parent company. This most unusual move sees clients being urged to avail of competing services before the closure date. Not good for the online backup industry. Once bitten, twice as reluctant to give scarce funds and absolute trust to another provider.

Barracuda enters the market (Online backup shaker)
Barracuda online backup will be product and service based. Unlikely to be satisfied with a nich, Barracuda Networks will need to literally change the industry to encourage clients to shell out for online backup specific devices which become client property are are only useful while the service is being used and subscription is maintained. This may sound like a big ask but Barracuda have a history of success with this approach, specifically with their excellent anti spam product and service solutions which we can recommend.

Amazon diversification continues. So does Amazon downtime. (Online storage mixed bag)
Cloud giant Amazon continue to rewrite the online storage book and bring options and confusion to the market with their multiple service offerings, transfer charges and increased interoperability of support for both simple online storage and online backup for wholesalers. Fanfare aside, Amazon downtime this year moves it outside the gold standard.

MediaMax aka The Linkup closed. (Online backup unplanned closure)
Horrible outcome. A scase of clear client data loss becoming a complicated story. If you want to know about online backup horror stories, read the Mediamax online backup failure story.
IBM, acquire Arsenal Digital Solutions. (Online backup mover)
Big blue puts a little footprint in the online backup arena. This story is actually from December 2007 and is interesting not alone because it was felt at the time that big blue would want to become the number one player but also because this didn’t happen. This acquisition may not have created the monster it was expected to but it could happen yet. IBM must want to make the cloud blue with the IBM cloud. See IBM Online Backup.

HP launched its’ online storage product last April. (Online backup mover)
The UPLINE service is based on Opelins’ Titanize and is effectively the HP cloud. UPLINE was a most unfortunate name for the service which was used to make catchy negative media headlines when it went down. See HP Upline goes down.
RBS online backup launched their consumer product for online backup providers. (Online backup mover)
This product is Amazon ready and offers low per licence costs (given large licence quantity purchases) to online backup providers wishing to enter the consumer online storage market. The RBS software backbone is the strong point of this plan. The Amazon component brings potential cost reduction based on quantity and user activity but also the potential Amazon related downtime as detailed above. RBS will continue providing and supporting their award winning online backup software for service providers which in the main is not used as part of an Amazon service. This continues to be their major offering and has grown in success despite many new entrants.
VEMBU TECHNOLOGIES cloud compatibility. (Online backup shaker)
Since we interviewed Sekar Vembu, his company Vembu Technologies which is behind Vembu StoreGrid has announced cloud compatibility for VEMBU software which increases the storage options from VEMBU clients. VEMBU pricing for service providers is based on subscription (or annual renewal) rather than perpetual licensing. Many providers shy away from this model due to concerns about a reduction in ability to reduce fixed and per user costs should the market dictate this is required. It is likely however that such circumstances would dictate a reduction in VEMBU charges which would negate this issue.

Asigra sues Robobak. The “he said, she said” of online backup.
Legal confrontation is the online storage business is not unusual. Most such cases however centre around patents, intellectual copyright, copyrights and even trade names. This case case however is based around one company taking umbrage at the marketing approach and in particular some specific claims in online backup reviews and press releases said to be made by the defendants about Asigra. We stress that this does not relate to a Backupanytime review. We did however interview Ben Puzzuoli in September of this year and found him to be a thoroughly nice fellow.

EMC remain the most respected Giant in online storage. (Online storage Whale and shaker)
EMC already had status on the world of data management. Then they bought some in the form of three significant acquisitions. These being Retrospect backup, MOZY and Iomega external drives. EMC have very cleverly managed to utilise the EMC blue chip name and these acquisitions without prostituting the EMC name or courting controversy.
http://www.backupanytime.com/blog/2008/07/17/emc-corporation-merge-acquisitons/

By the way, 2007 is not over yet. There is more to come. We will report back.

In summary.

It doesn’t matter if you consider 2007 to be pre recession or post boom. It has so far been a busy year for online storage in just about every possible way. Next year will likely see more failures, more acquisitions and lower acquisition prices. What does this spell for the consumer? A dirty mix or risk and value. The bottom line therefore is to seek value for money. Any plan to avail of the cheapest online storage or online backup service will be a short race to partner with the weakest vendor.

All visitors are welcome to participate in this poll. Please be aware that any results only relate to those who participate and are not meant to be representative of any macro usage or opinion. Data may be reviewed by all users.

The above poll uses the following variables:

Security, Confidentiality, Data retention period, Price, Support, Interface and usability, Open file management, SQL and Exchange compatability, Frequent (free) software updates & Same region data store.

Findings may be published for this and other Backupanytime polls as Backupanytime review the results.

Constructive comments generally and comments regarding any recommended features for future polls are welcome.

Twitter backup. How to backup twitter.

Twitter is huge and unlike many things in the world today, it is on the up. If you don’t know what it is you shouldn’t be reading a post on how to backup twitter. So, now that you are still here, lets assume you not alone know what twitter is but you arrived here because you were looking for information on how to backup twitter.

Why would you do this?
The obvious answer is to protect your list of twitter followers and the list of people you are following. Not specifically to protect them personally but to protect the database of contacts you have built up over a prolonged period.

A much less considered but arguably more important reason is the real need to keep an accurate record of what you and those representing your organisation say and what is said to and about them. Why? Your own attitude to free speech and the balance between positive banter and a professional company profile are important. The attitudes of others and the legal interpretation are issues you have no control over and therefore, to protect yourself you need not only to agree on comment type but to retain a record of you tweets.
This may smack of censorship and overbearing monitoring but regardless of your attitude and the level of freedom you attribute to your own tweets, it is hardly a negative approach if you are simply retaining a record of your own communications.

Is this really necessary?
It may not be. Your own attitude however has no bearing on those in your twitter communities. A large twitter community of any type is likely to include litigious individuals who have rights which must be upheld. You are better armed to protect your name and business if you can review and if necessary reproduce content applicable to you  twitter account.

Ideally however you should avoid “bitter tweets”. Many real conversations however both on and offline are bound to contain an element of “tweet and sour” and it is for this reason primarily that you need to protect yourself. Keep in mind that the legal framework is complicated as you followers and those you follow could be from any worldwide jurisdiction. In our case, our leaning towards the legal and ethical behavior guidelines which are commonplace on Irish blogs may offer little relevance to twitter community members from other Countries.

How do you do this?
Thankfully there are a number of applications and services which can assist you. You may depending on personal preference and infrastructure to run with twitter online backup or twitter off line backup
I like twittersafe which is in Beta release at present but does what it sais on the tin and promises more on the twitter safe beta release page.
Another solution is to do it your self as advised on tweetcrunch.

Given the popularity of twitter and it’s increased uptake and heavy per user usage you will see more and more such solutions being released. If you know of one please comment so the information can be shared.

Online backup was initially the domain of University communities, then the military, soon afterwards major corporates. Large companies were still the greatest online backup uptake category in late 2007. This year however has seen significant advances in the adoption of online backup by small and medium sized business.

An online backup industry article from byte and switch dated 19th June 2008 quoting researchers In-Stat explained that firms with over 100 people on the payroll were three times more likely to utilise online backup than say a small business. What this article did not address however is that this disparity shows not only a reduction in the uptake differences between small and large companies but also a significant acceleration in the uptake of online backup on the part of small business. Large companies generally have greater uptake level in new technology anyway so the comparisons regarding online backup do not differentiate significantly from other technologies.

Additionally, many very large companies will implement and manage their own online backup system whereas small to medium companies will in the main not do this. This leaves small to medium sized business as the main focus of online backup providers.

This is further evidenced in reports from online backup providers as gathered and detailed by highbeam research. While major corporates will remain a target audience for online backup companies, most of the focus here will be partnerships or divisional services. The major focus continues to be small business and increasingly medium sized companies who need online backup services as an end solution on an outsourced basis.

Online backup market research is limited in usability as a point in time excersice as the market is continually in flux. General, ost believe near global consenus is that the trend for the vast majority of businesses is away from both local and self serviced data backup to online and outsourced.

Geansai Gormgreatest hits (with updated worm discovery information)

Password protection removed.

Why? Cause there are only a few days left ’till the album release.

What’s new? Well quite a bit actually. The main development is that a new variant of Geansai worm has been discovered. We are not talking here about the Spam snake. No, he was banned by St. Patrick quite recently and won’t be allowed to compete for a worm fest position on the first of December.

The newly discovered Geansai worm is a variant of the Germanic blue species. A formal name has yet to be agreed by the EU endangered species register. The man who discovered the worm is naming it Gansus Gormus merging the likely latin naming convention with the original Irish blue jumper translation Geansai Gorm. This informal name however he explains may stick but will not be accepted as the formal name as each species is named formally as a sub species and with a name derived from the genus. Most creatures, large, small, tame, wild, endangered and protected are not formally named with anything like the conventional names we use in ordinary speech.

Professor Ymiritindis of the endangered species ‘r us political HQ in Brussels has visited Berlin personally to view the new worm. We were unable to interview him there as his visit was short and for a specific purpose. We do however believe that we caught up with him in Cork. The man with the untended facial hair, cheap imitation wide rim designer plastic framed glasses, brown cords, blue untucked shirt and steel tipped loafer shoes was surely he. This however was denied and despite repeated probing for information regarding his discovery all he would say was “Ger=man? Wha di ya mean Ger-man. I’m from Toher ye tool”. We have no little doubt that this was actually the great man and that his sudden departure the wrong way up a dual carriageway in a blacked out, clapped out Honda Civic was in reality a guise to fit in with the local community.

Have you seen the Professor? Could you worm your way in to his confidence? Let us know if you can.

The content below may or may not be factually correct, is likely total rubbish, should not be taken seriously or acted upon and is not intended to be offensive but if any is taken that is an added bonus.

Geansai Gorm greatest hits (Top ten presented here, complete list on geansai gorm)

1. Where’s me Geansai

2. I’m blue (jumper)

3. You reap what you……. well er, knit

4.  Eye of the needle

5. Got a wool lotta lovin’ to give.

6. River gorm.

7. Might as well jumper.

8. I gansai anything since you poked me in the eyes.

9. I chased Jack Duckworth and I gorm in Rovers.

10. Roses are red and Geansai is blue.

I would be very interested in seeing anyone else’s top ten. They must be Geansai Gorm originals. No covers or wannabes please.

All the rest (70s, 80s and 90s viewable on geansai gorm)
The greatest hits album will be released on December 1st 2008. Join the queues at your local music shop early. Soup and sandwiches available to early queuers (I can’t spell that and either can wordpress) at selected venues. Queue tickets issued to protect early birds. You are required however to keep your place.

This post will be updated twice weekly or thereabouts between now and December 1st

Comments are welcome. You are not permitted to share the password “geansaigorm” for this post unless you really, really want to. No exceptions bar you. Please direct complaints somewhere else unless they are funny.

On a serious note, comments from competing entrants will be allowed link juice of they add to the overall silliness of this post without harming anyone.

Keep passwords safe wcith password safe.

From an end user viewpoint, the key to any secure system is indeed managing the key. As an online backup provider, a major concern for us is that clients retain their encryption details and do so in a safe manner and on a different system (and also in paper format) to the online backup source computer.

These same clients will have numerous other non online backup passwords and authentication details which they will also need to retain. Singular password usage for multiple applications is not good practice and therefore even occasional computer users will likely have a considerable number of passwords to retain. These will range from critical passwords to the seemingly mundane. If a password is required the associated application is likely to be confidential in nature.  This can be online banking, system logon, email, forum membership, host management and a wide variety of other applications.

if you need guidance on choosing passwords you should read the Bruce Schneier penned guide in the Guardian.

The crux of this post however is keeping passwords safe after you have chosen them.
An excellent application to assist with this is Password Safe. (supervision by Bruce Schneier) Bruce is a world renowned expert in data security. Password Safe is actually a free application. PasswordSafe uses TwoFish (block cipher by Counterpane Labs) technology.

You can download Password safe from Sourceforge. The very short faq list for this app is testament to the simplicity which has been successfully applied to the user experience inherent with this far from simple technology.

Great app. No strings. No cost. No adds. No compromise.

If Microsoft was a bank its’ products wouldn’t crash!

Two things everyone knows.
1. Microsoft is a huge (understatement) worldwide software company.
2. World banking is in a horrifying state of flux (understatement no.2) at present.

Two things you may or may not know.
1. Microsoft has a finance division aptly if unimaginatively called Microsoft Financing.
2. They are at present in limited circumstances providing 0% financing!

Whats the catch? Here it is.
You must be a new purchaser of specific Microsoft Customer Relationship Management and Dynamics solutions. The financing period will be three years. You must take the offer some time between today (19th November 2008) and 20th March 2009. You must be credit approved. Your purchase must be a minimum of  $30,000 and a max of $1,000,000.

Katrina Braund, (Microsoft Finance dev. manager) will be better placed to give the green light to finance applicants than many major financial institutions. Indeed the financing division of Microsoft which doubled business in the past year is likely to do more so in the next twelve months despite the common near closing of books at traditional finance sources.

The Microsoft finance division (and finance divisions at other major software and software as a service providers) originally came about as a consequence of a reluctance of mainstream finance houses to finance these offerings.

Microsoft are obviously well positioned to offer finance for their own products given the considerable markup which reduces risk. This will remain welcome in the software market. Could it tempt Microsoft to expand it’s finance offerings beyond it’s own products? Not likely but always possible.

Barracuda Bitleap takeover

I have been a satisfied Barracuda customer for some time now. They provide email management products and services. They have been at the top of their field for some time. Other services have reduced the gap in recent times but I think it would be fair to say that Barracuda are at least one of the best if not the best specialist anti-spam service providers in the world. Many end users will not be familiar with Barracuda as they provide their services to support their own hardware. Their hardware is not cheap and therefore tends to be the domain  of smaller service providers or companies at least large enough to have a small I.T. department.
Today I received an email from Barracuda inviting me to join a Webinar. I (and probably most people in the data business) receive these emails from various providers and third party companies all the time. I hadn’t participated in a Barracuda webinar for some time and had a close look at the email. The gist of the invitation was that the webinar would present and discuss products and opportunities as a consequence of a recent acquisition by Barracuda. I was hooked. Who did they buy? The email didn’t say. I went on to the barracuda website. No big secret. Straight off I could see there were two recent acquisitions.

The most recent was that of 3sp. The 3sp website, 3sp.com redirects to Barracuda. This will allow Barracuda to offer security solutions in the SSL VPN market.
The second one was of more interest to me. Barracuda have acquired Bitleap. So now Barracuda will be in the data backup business. Yes, but in a different guise. Barracuda are in product and services industries. Their antispam solutions require the purchase of a product and the maintenance by subscription of ongoing services. Barracuda will provide online backup for a monthly fee if you buy a box from them.

This actually makes sense from a number of viewpoints but limits potential uptake due to initial costs and the requirement to make physical network changes. For just about any other online backup service provider, this could represent a well intentioned and brave move with the consequence of near zero uptake. For Barracuda, things could be quite different.
Barracuda and their clients are more than familiar with the business model of combined product and service solutions. In a nutshell, Barracuda does things differently.

Many online backup providers (including ourselves) have considered and to a point ventured in to product and service solutions for online backup. A limited number of our clients have hardware solutions provided by us specifically for the purpose of backing up online. Barracudas brave move allows no middle road. If you don’t buy the box you don’t get the service. They applied this to anti spam services bar the facility for end users to get the service from third party I.T. providers who bought the box. This won’t work in online backup due to storage protection costs so it will (outside of ground breaking technology advances) be a no product no servie offering.

If they apply this with online backup and do it successfully, they could literally change the industry. A player like Barracuda could open the door for all of us by making online backup product purchase a normal pre service procedure. Given the choice, most providers would prefer this for the following reasons.

Uniformity of client hardware.
Simple replacement.
Hardware scaled to backup requirement.
Client less likely to move provider (hardware may also be useless should they do so)
Remote support made far less complicated.

I don’t actually know if the webinar is about the 3sp acquisition or the more interesting (for me) Bitleap takeover. Will I report back after the Webinar? Of course I will.

Data security for dummies

There is much misunderstanding of data data security. This applies not just at end user level but also quite generally at overall small business level. Much of this is attributable to an ever growing and widely misused information technology vocabulary. Much of this vocabulary is brought about by intended use of trade and company names by interested parties  when producing instructions, guides and white papers.

For this reason, an understanding of data security may only be obtained by reducing the factors affecting and important to information security to micro or atom level. This has been approached by many. Here we are interested in the work of third party academics and not interested business parties.

Three classic data security components are Confidentiality, integrity and availability.
They are known as the CIA triad. CIA being the combined first letters of the three terms and triad being linguistically synonymous with the number three. The CIA triad was later added to in what is now known as the Parkerian hexad. Parkerian because it was proposed by Donn B. Parker and hexad because the number of elements was increased to six.

The six elements of information security (in our case, data security) according to the Parkerian hexad are as follows.

1. Confidentiality
2. Possession or Control
3. Integrity
4. Authenticity
5. Availability
6. Utility

A list can serve to prompt incorrect assumptions so lets take a closer look at these data security principles. You may not want to get in to the academics but someone in or representing your organisation needs to have  a clear insight so you can actively avoid data breach as against simply protect against data loss.

First off, why these six elements? Surely there are thousands of terms applicable to information. These six elements are widely agreed among data academics as being at micro or atomic level. They are considered to be essential and non overlapping from the point of view of information security.
Confidentiality deals with the who in data. Information which is available to nobody is essentially useless and it is therefore agreed that no matter the level of confidentiality required that there must be a default exception list with at least one entry. The confidentiality of data is therefore measured by comparing the required access with the actual access allowed.

Possession and control may seem to an extent to represent an overlap with confidentiality but it is agreed to be a component in it’s own right. An example would be a letter addressed to you arriving to someone else. They may not open it but regardless possession and control have been breached.

Integrity of data deals with state of data and the effect on it of any modification intended or otherwise. Integrity therefore not only applies with point in time condition but potential modifications by users, software and incidents.

 
Data authenticity is not only different to integrity but has a broader focus. Authenticity deals with labeling data. This applies not only to intended managed data store but data introduced to the organisation through communications. An example would be a communication which is received from party claiming to be from an origin different from the actual one. If this is ignored, the recipient may not be the victim of any intended crime but in real terms, just not knowing of the intention regardless of the failure or the perpetrator is in itself a breach. Another more innocent example would be a form filled out incorrectly in which an applicant or respondent accidentally places an email address in a name input box. Any failure to validate this is a data authenticity issue. 
Data availability deals not only with the possibility of accessing required information but any time lag in availing of information in normal and data outage circumstances. Nanosecond delays in normal circumstances may be a technical availability issue but not a concern such as that brought about by an hours delay, a full day delay or total outage scenario. 

Utility of data deals with the practical area of the benefits of data stored. How useful is the data? This applies also to the ability to read the data in so far as to the format it is stored in and any conversions applied or required to read. Even encryption can be said to affect the utility of data due to any time required to decrypt before reading. This is not to say that encryption is not recommended. Encryption is absolutely necessary in most business environments. Utility can be confused with availability. It is however quite distinct from availability. An example highlighting this would be data converted to generate a graphic display. Despite how well matched mathematically and helpful from a human viewpoint a visual display may be, this represents a utility modification.

In summary

Data security represents a process not a task. Data security is never 100% certain. Innocent  parties may suffer a breach despite the best will of the data administrator concerned. All this said, risk reduction is a clear responsibility for which clear steps must be taken. The consequences for everyone should business not make acceptable efforts are also clear as is the distinction between those who tool action to protect data and those who did not.

House of Commons data debate 12 November

This House of commons debate is quite fresh being dated 12 November 2008

I follow UK blogs and Irish blogs. A few click away from a regular UK site I read I fount the following.

Want to have your say in a house of commons debate on data management? The one I am following deals specifically with not alone the Governments handling of data but their subsequent handling of the situation arising from handling data badly. The opposition may have ulterior motives but this aside they are good at voicing public concern when it suits.

You can have a read and even join in this house of Commons data debate. You can even have your say. If your comment picks up enough following you may even end up influencing Government action. OK, that may be unlikely but is a possibility. Your post could at least tutor the opposition.

This is a far cry from watching the Irish Government dillydally late at night and hours after the event with one way communications only. Maybe someone will post explaining that a similar Irish service is running. That would be nice.

All in all, the UK Government are being forced to take data (privacy, responsibility and legislation) seriously and this has to be a good thing.

Some of the comments on the theyworkforyou site are also quite good and demonstrate a keen insight in to the importance of data management by the British public.

The participants (mostly male) can be bitchy but with a surprising amount of hidden and readily available ammunition. David Heathcoat-Amory hits hard. Not the type of man you want outside the tent shouting in. Being a conservative he is about as far outside the tent as people have wanted the conservatives for quite some time. So, enlighten me. What Irish service along these lines have I been missing?

I follow a few Irish politics sites and the Authors on twitter and despite a high standard I don’t know of anything with the time or resource to run at this standard.

Geansai gorm. What did I learn?
I wouldn’t consider myself a fan of Damien Mulley. If you are in Ireland and blog you will know all about him. He is ubiquitous in Irish blogs. Anyway, where was I. I am not a fan. Indeed I have found Mulley strangely unavailable (even to answer a repeatedly asked question) to amateur bloggers like myself but quick to pull the verbal trigger should someone dare to venture an opinion which differs from what he has freely spoken. I consider much of his commentary (such as the Hardwood Restaurant review) to be abrasive and damaging even when people genuinely try to engage and communicate in a positive manner. So much so that I expect many of his apologetic respondents wish they didn’t reply at all. People however are complicated and dismissing them entirely on the basis of specific events or differences of opinion can serve only to exclude yourself from some positives. He can actually be generous of spirit and use his blog to point to social wrongs. God forbid however that the same woman in this story should on the day she received the H.S.E. letter happen to serve up a meal to Mulley with an attitude, in a manner or above a timescale which wasn’t acceptable. An example of something I like about Mulley is his fresh thinking. I much prefer this to his belief in free speech applying to aggressiveness of speech. This fresh thinking coupled with his blog following can (on occasion) be conducive to producing web marvels. An example of this is the Geansai Gorm competition.

This competition interested me as I had never come across an SEO race with a level playing field. The key was the requirement of a new domain and in addition the need to use keywords which up to then would be uncompetitive.

Granted, some entrants will have contacts for links and even control over powerful domains but these tools combined with the knowledge of when and where to use or not use them are surely part of an entrants skill set from a potential client view point.

The results so far are interesting. I considered joining for a while for fun and chickened out. Not because I feared I would not come first. I knew that I wouldn’t win. But because I didn’t like the idea of coming in below midstream. Somewhat akin to lining up against the wall as a kid to be picked for football, not expecting to be picked first but praying you would be ahead of centre. I now regret not entering as any knowledge I gain from the competition is third hand and I can’t engage in any trial and error.

I did however join in to a limited extent by supporting one of the entrants. I showed my hand early on with regard to my support for Paul Savage. My reason for supporting Pauls Geansai Gorm website was his work in resolving a problem I had with Google some time back.

Anyway, less about Paul and Mulley. This post is not to thank Paul. I have already done that and it was a commercial transaction. This post is not about exacerbating or resolving my own issues with Mulley. I want to be neither “Mulleycoddled” nor “Mulleyfied”.

This post is about what I have learned from the competition and a call to SEO experts, participating or otherwise to assist with putting the list of tasks in an order of importance or weighing the relationships between specific tasks or indeed removing them from the list and adding others.

Here (in no particular order as of yet) are the SEO factors I believe to be important.
The individual list entries may be short and brief. This however is no reflection on the amount of work they require.

1. Good content (original)
2. Prevalence of keywords in domain
3. Number of words in domain.
4. Domain extension.
5. Number of links in.
6. Quality of links in.
7. Location of hosting.
8. Use of Google maps.
9. Proper implementation of site maps.
10. General use of Google Webmaster tools.
11. registration with major search engines.
12. Age of domain.
13. Frequently updated content.
14. Correct meta and alt descriptions.
15. Well managed keyword usage.
16. Blog implementation.
17. Use of social media.

I am beginning to wonder if near complete overall SEO is a financially viable option for small business. Realistically, even with strong management it is very hard to put time weights on these factors as they relate to each other regarding any order of importance.
Even after a generous once off investment one could spent near unlimited time on any of a number of these factors. It would appear to me that strong SEO management from a cost management viewpoint has to be about outcomes and not activities.
In other words, an ambition to achieve a specific page rank for specific keywords may be provided at a reasonable cost but a requirement to keep a site in perfect condition is an ongoing time consuming process rather than an event.

Also (and I am meandering now) is there an example of a “near perfect website” from an SEO viewpoint which most web developers can agree on? Is the measure of SEO simply achieving that number one spot at all costs or are there examples of tacky number one achievers which a worthy web marketer would not be proud of?

I would really appreciate some expert feedback on this. Apologies also for the general usage of the term SEO as I am sure many will see this as one factor and not relevant to many list entries as they may relate to SEM etc. I know I put much of this incorrectly but you know what I mean.

In short. Can you add to the list? Would you remove from the list? Would you dare attempt to list all or some of this list in order of importance?

Go ahead, that’s what I am hoping you will do.

Thanks
John

xdrive stop charging customers

There has been much talk and speculation about X-Drive for some time now. As of one week ago they stopped charging clients and those same clients have until January 12th to remove their data.

The biggest question is: What happens to clients who do not know about or react in time to the closure?
The official xdrive answer is this.
“After January 12, 2009, you will no longer be able to access your Xdrive account. All files and data will be permanently deleted and you will no longer be able to retrieve your files.”

This is unbelievable. Need it from the horses mouth? Here, see question 3 on xdrive will delete client data.

This is hardly the level of data protection one would expect. This is not the level of data availability which would have been considered acceptable at sign-up. As for data loss, well this looks to be a future data loss story for some. Having an online store (Thinking you have an online data store) could cause recklessness at the client end and while this may be questionable from the clients responsibility viewpoint they can hardly be responsible all on their own.

An obvious and far from well though out response to the horror of this would be to say that a closing entity can not and should not keep client data. A little more client concern would surely result in at the very least a far longer zero charge period. Notice during the paying period does not equate to giving something to those clients who are inconveniencedand may be ruined by the closure. Realistically, any inability to directly communicate the details of the intended closure with verified response from every single client should be seen as of absolute importance. Logs of verified client end account closure could provide a list of accounts which have not been closed. A good communications campaign should result in a short list of accounts pertaining to uninformed or unresponsive clients. These accounts could then be kept open or at least the data retained for a far greater non billing period than two months.
After all, many providers will give a two month trial. If this can be offered to potential clients, many of whom will never pay, surely a far greater period could be given to actual clients.
This all blows smoke in the face of the real question. Why close xdrive?
The answer has obviously to do with financials but the proximatecause of this type of result generally has more to do with aggressive client acquisition through weak cost benefit analysis.

This is common in the data storage industry. You the end user are offered much space and limited functionality and support on the basis of economies of scale and guesstimates about data transport cost.

If the provider gets it wrong, ie the other clients don’t join and behave as anticipated this makes your online storage “data non gratis” and at risk of suffering the plight of the xdrive client.

The moral of the story is that you get what you pay for. If this was lucrative for AOL this would not be happening. If it was considered viable by outside entities (and this does not require it to be lucrative) it would be bought. There will however be no buyout or merger honeymoon for xdrive clients. For most it is provider divorce. For some it may be data divorce.

IRISS Launched today

Irish Reporting and Information Security Service launched today

Brian Honan of BH Consulting launched IRISS today. IRISS is an alerting service which will provide alerting, reports, guidelines and facilities to report information security issues.

The service is new but has been an ambition of Brian’s for some time. For those not familiar with Brian or indeed the concept of IRISS, allow me to elaborate further.

Brian is an information security industry expert. He is a member of the following organisations. The Information Systems Audit and Control Association, the Information Systems Security Association, the British Standards Institute, the Irish Computer Society and the Business Continuity Institute. He is a Certified Lead Auditor BS7799 Information Security.

IRISS is new to most of us. The idea is essentially the establishment of a regional WARP for Ireland. WARP stands for warning, advice and reporting point. More info from the WARP website.
The WARP register describe IRISS as a provider of “early warning notifications to businesses and organisations, primarily in the SME sector, in Ireland on potential cyber threats to their business”.

WARP register recognition and listing are not easily achieved and this is testament to the status, ability and intentions of Brian with regard to IRISS.

Who can join? I am not sure. I tried to register today. While registering I had to fill in a box giving a valid reason for joining. I was not sure what this meant and simply typed in that data is our business and membership of an Irish early warning system is something we would welcome and recommend to our clients. I did not get an application received result and do not know if the application was received. Time will tell. I am hoping that membership is not intended to be exclusive and that the absence of an “application received” result window today was simply down to a temporary glitch in a very new system. Time will tell.
All in all it is a great idea and in very capable hands. We want in. We recommend the same of all parties interested in increasing the security of Data in Ireland and the community ability to respond quickly and effectively to threats.