Wednesday, January 18, 2006

Combining work and personal calendars

For at least a year and half, my co-worker Olin has been bemoaning the state of calendaring. It is just way too difficult to do something that should be very simple -- coordinating work and family calendars. Recently, this topic has been discussed by some significant players, so maybe we will finally get some relief.

I'm a bit concerned that people working on this problem are trying to do to much. I believe that the needs of most people could be met with a relatively simple approach. The family calendar is the master calendar. Each person manages their own work calendar, which gets replicated to the family calendar. Don't be finicky. Just dump the whole thing in there.

So where does this master calendar reside? Certainly your typical geek could host his or her family's master calendar, but Steve Gillmor has the right idea:
Please please please Google ship the damn calendar app.

Google's competitors are welcome to get off the dime also.

Graphical passwords

Graphical passwords are an interesting idea. While they aren't for everybody, they might be a reasonable addition to the arsenal. The "icon triangle" option would probably be both more secure and a bigger pain than the fixed picture. My guess is that prompting the user to speak a randomly generated series of digits and using voice recognition would work better for more people.

The value of TiVo

I love my TiVo, even though I don't watch much TV. I have season passes for maybe five shows that I watch on regular basis, and those aren't on every week.

Where TiVo really shines is watching sports. I can set up season passes for the teams I care about. I can watch a football game in less than half the scheduled time with a much greater level of enjoyment.

However, I don't think I've ever read about the best thing about TiVo -- the disgust pause. Let's say you are watching something you care passionately about, like the Missouri-Kansas game Monday night. Let's say your team is down nine with about a minute left. Instead of stalking off in disgust and missing the incredible comeback victory, you hit pause, chill, and don't miss a thing.

Priceless.

Monday, January 09, 2006

My new role

Over the holidays, I transitioned from being an IT Architect to being a Business Analyst. To me, the roles are opposite sides of the same coin. Instead of being focused on applying a relatively narrow swath of technology across the enterprise, I am applying the full spectrum of new technology in response to the needs of one business unit.

I am excited about the opportunity to be more business focused and to be able to move more quickly. It has to be easier to convince one business unit to do something than fourteen.

In response to my new job and Guy's nudging, I have broadened our charge some, as reflected in the new tagline. However, implementing and using collaborative technologies will be a key to the success of my business unit. Appropriately securing these tools while facilitating their use is still important. While the edges may become more diffuse, the core will remain. Which is just how things are for business today, as the so-called perimeter gets ever fuzzier.

Wednesday, January 04, 2006

The Maturation of Identity Management

Proprietary mechanisms for individual application authentication (each corporation has their own unique set), RADIUS, VPN gateways, Active Directory, Vintella, RACF, RSA tokens, smartcards, biometrics, federation agreements etc ... are common examples of how it's done.

Strong authentication, while a good security practice, is not a cure all for electronic crime. It is expensive and often not user-friendly, so careful planning and realistic expectation setting are advised. Information Security pundit Phil Becker has made a name for himself with the claim: "Identity is Center." Let's respectfully agree to disagree with the simplicity of that assertion.

Who on what, both must be known, to combat today's sophisticated hacker threats. Signature-based deterents to identity manipulation are only effective at thwarting known attacks. Enterprises must focus on knowing first what is normal? - on their networks, on their database and server platforms, and on their workstations.

We believe the truth is closer to "Action is Center." Counter-intuitively, the heart of Identity Management is really applications, not people. Legacy apps have to change, to rely not on themselves but on central authorities to make action approvals. And those authorities must be behaviorally attuned. What you do, where you've been, the whens and hows ... these things matter far more than a match of ID with password, token, certificate, whatever.

Look at how credit cards and automated teller machines work for a good example to emulate. Each is more concerned with right behavior, far more than rigorous credential enforcement. Threat damages are comparmentalized (account separation, debit limits, historical profile), and overall design favors ease-of-use rather than total control.

Avoid the need for soviet style oversight of your information systems (by humanizing the interface and processes required for use). Technology should serve man, not vice versa.

Security design

Kim Cameron dispenses this wisdom:
...systems must be designed in light of the assumption that they will be breached, in spite of the security reviews. This may in fact not be true, but even knowing this, it is the best assumption one can make.
I concur wholeheartedly.

Tuesday, January 03, 2006

Great Expectations

Hello again. I've been dormant in this space for a lo-o-o-ng time. Not a premeditated decision, to go AWOL, but there's an explanation of sorts.

Some close associates (though we've never met) sent me the good book
(no, not that Good Book, this one)
at summer's end, and it has honestly changed the course of my life.

Initially, I was surprised and, in fact, quite disappointed. A heavy box comes insured 1st class to my door - totally unexpectedly - from a far off corner of the globe. What could it be? Egads, an impenetrable textbook ... yawn. Not my idea of a joke.

So, I connected the dots and sent out feelers to those I felt were likely suspects. My "benefactors" readily admitted their complicity and explained that some of the problems which I had posed to them were not unique at all. Only the language was different from the original - symbolic logic, pure mathematics. And that many have sought solutions to them, certain cases for decades and centuries, before any applied uses could be anticipated.

Motives varied, of course. As you might imagine, beauty and truth were key instigators; money altogether another. VAST sums, too; not the trifles offered by academia.

It has taken me months just to track down the resources and mentoring I needed to even begin getting up to snuff. Something had to give in that interval, and what it was was you, dear friends.

Anyway, my extended blogging hiatus may be over. Lots of interesting new things I'd like to present here (or somewhere), but it's getting harder to always cast my interests into a collaboration mold. Maybe Eric will loosen up this charter, now that he has embarked on some new pathways himself.

Happy New Year everybody !