Every larger organisation has strict rules on how to keep your IT services secure.

You know the one - "don't tell your password to anyone else", "don't let anyone else use your account", and all that.

And it usually seems as though nobody pays attention to them.

Remember that story about the death threat sent via mail that I posted here?

Well, it turns out that the email account it was sent from was being used by someone else. The owner of the account has, rightly but unfortunately, been fired.

She's a home worker, and the machine she was using for her work was also used by at least one other person. The other person - brother? husband? - has even posted a rambling confession.

After all these years of trying to get people to behave in a secure manner, people can still lose their jobs over the simplest of security requirements.

I find that both disappointing and disheartening.

In a world of VPNs, Blackberries, and other systems connecting us ever more to the corporate network regardless of distance, people need to be much more vigilant about their security.

Perhaps things are changing too fast. I doubt this is the first job lost to a basic security breach, and I also doubt it will be the last. Even worse, I doubt any of the others will even get any media coverage.

Maybe the technology is changing too quickly for people to cope?

When I first wrote about the death threat, I asked a question in the title - a lack of training, or a lack of intelligence?

I think the answer comes from Grandpa Simpson:

Joe Friday: Freeze! FBI! The jig is up.
Abe Simpson: All right, I admit it! I am the Lindbergh baby! Wah! Wah! Goo-goo! I miss my fly-fly dada.
Joe Friday: Are you trying to stall us, or are you just senile?
Grandpa Simpson: A little from column A, a little from column B...

A little from both columns indeed...

Ars Technica has an interesting article on Instant Messaging takeup in UK business.

Basically, it's poor.

It seems that neither SameTime nor Office Communicator have made a compelling case to most businesses - which is a great shame.

The actual report linked to is light on details of products, but does reveal that it's security fears that seem to be putting people off.

The Ars Technica article seems to think that keeping a copy of all IM traffic is mandated in the UK, by the way - very odd. Certainly the first I've heard of it, but maybe this is a misconception that's hampering IM takeup?

This is an area where I think IBM/Lotus should be pushing. I remember trying to sell SameTime within my previous employer, but they just weren't interested.

Which is odd, as they also had Blackberries, which would have integrated. And they had remote offices and plenty of homeworkers. It should have been an easy sell.

Still, this means that the market's wide open. All to play for, IBM!

The iPhone is out, and my what a fuss we have!

(Mostly still about Notes synchronising, of course.)

I tend to trust Ars Technica - they're a good bunch there, and rarely wrong. And their review says it's not up to Blackberry standards when it comes to the Enterprise side.

I'd be lying if I said I wasn't expecting that. This is the page of the review where they cover the Exchange Integration.

Apparently the synchronisation is better than a Blackberry Pearl's - changes came over faster, especially things like deletions and messages being moved to other folders.

Which sounds correct to me, as my understanding is that the Blackberry network prioritises new message alerts over routine synchronisation details - whereas ActiveSync seems to treat new email as a folder synchronisation message anyway, meaning every new email is effectively as reconciliation in Blackberry terms.

(That's got to be higher bandwidth, surely?)

But apart from that and basic message functions being OK, it goes downhill rapidly.

No searching of messages on the device.

No creating new meeting invitations from the device.

No task management from the device.

And I also hear that you can't copy and paste text. Blimey!

For business use, the 3G iPhone looks like a nice first try, but not really a competitor. Hopefully Apple will fix these things in later firmware updates...

What I'd say is that regardless of the interface, if I rolled out iPhones instead of Blackberries, most of the senior positions I've ever worked with would want a Blackberry back.

The lack of search and the inability to create a new meeting would be the main reasons - most "important" people aren't at their desk when they schedule follow up meetings, they're still in the current meeting!

I can see that happening across golf clubs everywhere once word spreads - an iPhone is whipped out, and some wag quips "nice phone - why don't you schedule some time with me to show it off?"...

For the future, the iPhone is important - but I don't think it's a Blackberry killer yet, nor has my mind changed that it's suitable for anything but the SMB space.

(And I remember when Blackberries were green/black monochrome screens and static images, whilst everyone else was colour and animated. Blackberries have come a long way since then, haven't they?)

I've just seen something amazingly dumb.

And as an administrator of an email/groupware platform, I'm wondering whether it's down to stupidity or a lack of training.

Some quick background - there's a guy named PZ Myers, who's a professor at the University of Minnesota. He's a prominent atheist blogger, and he wrote recently about a story in which the Eucharist was interrupted by someone stealing the sacrament.
Some prominent Catholics were offended by his writing, and began calling for his removal from the university.

Now, I don't want to get into the religious debate here. It's a distraction from my main point, which is that someone has sent him a death threat from their work address at 1-800-FLOWERS.

I just can't quite believe that in this day and age, someone would think it sensible to send a death threat from a corporate email address.

Not that it's ever acceptable to send a death threat, mind you. But if you're going to do it, then doing it from a newly signed up webmail account seems smarter.

Because right now, someone as 1-800-FLOWERS seems remarkably unaware that corporate mail systems are logging the emails that they send. Much less that there's a possibility that it may be being journalled for legal reasons.

I've long believed that, irregardless of how "easy to use" your mail system is, everyone should be trained in its use. Even if that training is "soft skills", such as when it's acceptable to reply to all, or how to avoid sending inappropriate emails.

Any company NOT doing that seems to just be opening itself up for some pretty nasty abuses of their email systems.

(And it doesn't have to be sit-down training. It could be a handout or an electronically delivered course.)

This is an extreme case, of course.

But as the old saying goes, ignorance of the law is no excuse. And ignorance of acceptable use should be the same. This particular threat will probably go nowhere, and hopefully it was just a heated moment of poor judgement.

But you've got to wonder whether it really was just stupidity - and whether or not a user trained to know that abusive emails should be reported might have had second thoughts about this.

I think we can all guess what my Show 'n' Tell Thursday this week might be:
Don't send death threats from your workplace.

I just can't believe that in 2008 someone might actually need that one spelling out to them...

If there's one thing I've found tedious in the Linux community, it's the odd assertion that if it ain't free, it must be worthless.

But that's slowly changing. Partly because more software is supporting Linux as a platform, and partly because the first wave of people that grew up with Linux as their primary choice of platform - often at universities, where they were poor - now have money to spend.

(Yes, yes, global recession and all that. Heck, that can only help Linux. Quit distracting from my point!)

As evidence, I submit this review from the Ubuntu Productivity blog, in which they look for software for RAW conversion for photographers.

Two commercial programs are evaluated alongside three free applications (only one of which is open source though!), and they're both received positively.

And given that the initial hypothesis is that he can't do photo editing on Linux - a reasonable assumption given its niche nature - it's nice to know that Linux came up trumps.

But it's nicer to know that Linux both has non-free software targeting it for development, and that the community is starting to understand that when you hit niches sometimes you have to get your wallet out.

This is important for the uptake of Linux in the future. If the attitude of "it must be free" is taken too far, it will actually scare some businesses and harm the uptake of Linux.

Like every other department, IT departments have budgets, which are carefully tended things. A lower software budget is good - it allows you to spend the money elsewhere, raising profiles and pleasing your colleagues and customers. But no software budget is bad, because it can encourage a lack of investment into IT solutions and services.

There's obviously a fine line to be walked there...

The odd idea that only free software has worth must die in the Linux community, to be replaced by the idea that free software is merely preferable in the long term.

But luckily, that's what seems to be happening already...

	Articles
	Blog entries
	Comments