The biggest privacy news lately has been about Facebook's Beacon program. The program was sharing information about purchases made on third-party partner sites with Facebook, even if the user was not signed into Facebook or had deactivated their account. Opt-ing out of the program was a challenge. Facebook, after several weeks has acknowledged their mistake (see above article). As more companies try new forays into online marketing, I expect to see more of these privacy insensitive developments. How can you prevent your organization from making such a blunder? Privacy impact assessments. All new business projects and plans that use or collect data in a new way should be reviewed with an eye for privacy. Ten out of 30 enterprises that I interviewed for research purposes, say that they do privacy impact assessments for all projects, but that still leaves 20 out of 30 who aren't monitoring their new endeavors. For an idea of what they involve, see how the US government has set up a privacy impact assessment program.
Please click on the graph below to see an enlarged version.
On 4 October 2007,The National Retail Federation (NRF) Chief Information Officer and Senior Vice President, David Hogan wrote a letter to the Payment Card Industry (PCI) Standards Council requesting that the card industry to stop requiring merchants to store complete card numbers.Currently, some merchants are required to keep credit card numbers for up to 18 months to satisfy card retrieval and dispute requests. The letter said, “"Instead of making the industry jump through hoops to create an impenetrable fortress, retailers want to eliminate the incentive for hackers to break into their systems in the first place." NRF proposes that credit card companies and their banks should provide merchants with the option of keeping nothing more than the authorization code provided at the time of sale and a truncated receipt, rather than requiring merchants to keep the data for an extended amount of time.
Business intelligence (BI) practitioners have always thought of the world as data-centric. Data integration, data warehouses, data marts, reports, and query builders were always about data. BI has traditionally excelled at answering questions like "what happened" or even "why did it happen" but always fell short on "what do I do about it" and fell short of the next logical steps which traditionally have been the realm of business process management (BPM) and business rules engines (BRE). This data-centric view of the world turns out to be plain wrong. The world is much more process and rules-centric. We run many processes every time we come to the office, these processes generate data, which in turn trigger rules, and in turn generate more data output that is being consumed by processes in an endless loop.
This week I had a 2 ½ hour conference call with one of our clients. Normally I wouldn't blab to the world who we work with. But I think it's necessary here in the spirit of full disclosure — I'm about to rave about a first-time experience I had during a meeting with Microsoft using a Microsoft product called RoundTable.
A couple of my Forrester colleagues and 6 or 7 people from Microsoft were in a conference room in Redmond, Washington and I was in my home office in Rhode Island. Microsoft set up a Live Meeting Web conferencing session and had a RoundTable audio/video conferencing device on table in the meeting room. During the meeting, I had a screen like this one on my desktop (see screenshot below). It showed the PowerPoint slide we were discussing as well as a panoramic video of everyone in the conference room and a close-up of whoever was making the most noise in the room at the time. If we had been using the voice capabilities of the RoundTable device, rather than a separate conference bridge, the video close-up would have switched to whoever was speaking at the moment (including me, if I had had a Web camera on my laptop).
first say that I haven’t actually spoken to Cisco on the topic, but I find the
news of the new CTO to be very interesting. It was recently announced that Padmasree
Warrior would be coming over from Motorola. And just a few days later, the
announcement came out regarding the change in its development
the changes? Well I can only speculate, but I think Padmasree can help in two
On December 6th, 2007 IBM announced its acquisition of Arsenal Digital Solutions, a major player in the online backup service provider market. Arsenal provides online backup services to customers directly but other service providers (particularly telecommunication providers) rebrand and resell Arsenal's online backup services as their own. So the company is both provider and enabler. Arsenal is profitable, cash flow positive and has not required funding since 2002. It has approximately 3400 customers. IBM did not disclose the value of the acquisition.
It is important to note that the acquisition was made by IBM Global Services (IGS), not IBM Tivoli or IBM System and Technology. This acquisition is not about filling in a product gap (although IBM is lagging in data protection offerings that support deduplication), it's about ensuring a foothold in a critical market. In fact, the engine of Arsenal's service is EMC Avamar - what Arsenal provides is a software as a service (SaasS) wrapper around Avamar, everything you need for SaaS such as multi-tenancy, billing, reporting etc. IGS is clearly indifferent to the technology; they care about a dependable, scaleable online backup service
I'm doing a lot of research on using virtual worlds for work these days and have been spending some time in Second Life. One of the characteristics I notice is that there seems to be a dearth of people (avatars) around. Does it matter? Well, it depends what your expectations are. If you think of Second Life as "sort of like the Web," where you can teleport alone (surf the Web) from island to island (Web site to Web site) then it shouldn't matter that most islands you'll visit are devoid of human presence. Think about audio and Web conferencing tools: an audio or Web conference is "vacant" until one or more of the expected parties join in, and we consider that perfectly acceptable. But if this is your expectation, it may freak you out more than a little bit if you see an avatar fly by you unexpectedly or an unknown avatar suddenly materializes next to you and addresses you via the chat window.
Why is BI TEI (Total Economic Impact) so elusive? Recently I reached out to all major BI software vendors and asked them to provide a customer reference who's willing to stand up and confirm a hard $ return on investment from BI implementation. Guess how many takers I got? None. Yes many are willing to point to expected savings and benefits, but no one's gone back and calculated the actual results. Why? It is definitely very complex. For example:
Make sure you account for both direct and indirect costs.
Direct costs are the obvious expenses and capital expenditures associated with BI software, hardware and consulting services. A good rule of thumb is to expect to pay $5-$7 dollars for system integration and management consulting for every $1 you pay for software. And don't forget to include the costs of training and on-going support.
Indirect costs are for software/hardware/services for non-BI specific components which are nevertheless necessary to achieve a successful BI implementation: data quality, master data management, metadata implementation, portals, collaboration, knowledge management and many others. The indirect costs are not as easy to quantify. For example, do you attribute the cost of implementing a data quality solution to the BI initiative? Most likely your data quality problems exist in your sources, so one might think it should be a separate effort. However, very often you identify data quality problems when you build your first BI solution, so there may be a tendency to bundle in these costs into the BI project. As a result, these indirect costs are notoriously difficult to identify and negotiate (with other stakeholders), but nevertheless they are a major component of the total cost.