Author: Paul Wallbank

Paul Wallbank is a speaker and writer charting how technology is changing society and business. Paul has four regular technology advice radio programs on ABC, a weekly column on the smartcompany.com.au website and has published seven books.

The Lulz are on us

What can we learn from the recent wave of security hacks?

Last weekend’s announcement that the LulzSec group of jolly hackers was breaking up was met with bemusement at what has been one of the most mysterious, albeit entertaining, chapters in the information wars of 2011.

It’s quite clear that 2011 is the Year of the Hack with organisations ranging from electronics company Sony who now appear to be the joke of the online security world through to major banks, the FBI and even Google’s Gmail service being the subject of serious online attacks.

That many of these attacks were successful is a reminder to all of us how important online security is and it is our responsibility to protect our customers’ and staff details by taking basic precautions.

Take security seriously

Many of the business hacks appear to have been because of slack security practices including out of date software and default passwords being used.

Even if you don’t have a server yourself, make sure your computers have all current updates installed and that strong passwords are in place.

Password Security

A basic precaution is to have robust passwords. A combination of letters and numbers is the best.

One nice little tactic is to use a phrase as a password and separate the letters with a character, for instance using “mary$has$a$little$lamb”, although you might want to choose a more intimate phrase.

Keep in mind too that strong passwords aren’t much help if an incompetent corporation leaks them onto the web, along with your banking details. So use a layered approach where critical passwords for bank accounts are different to those that you might use for an online game or social media site.

Restrict access

The real risk to our security lies with our own staff, many “hacks” are actually employees erasing or give away data, which could be deliberate or accidental.

Don’t give passwords or access to people who don’t need them, keep the business accounts away from your sales staff and lock employment records away from the IT folk. Private client information shouldn’t be shared around the office and particularly not with outside parties.

Backup, backup, backup

The DistributeIT debacle, which one is hesitant to describe as a “hack” as their complete loss of hardware, client data and backups sounds more like an internal problem than an outside attack, shows how important it is to keep your own backups.

As we move our businesses to online and cloud based services, we have to put a lot of trust into those who provide those products. It’s good insurance to have easily available copies of mission critical data in case a problem.

Invest in technology

We’ve all heard CEOs and ministers claim they will save millions in outsourcing their IT departments. Those savings come from somewhere and information security is one of those corners that’s cut when reducing operating costs.

Experienced tech workers have plenty of examples where management cries of “we’ve been hacked” have actually been hardware failures or staff mistakes bought on by poorly trained staff working with inadequate equipment.

Sony appear to have fallen for this, having reportedly sacked many of their security specialists before the hacks began.

Make sure you are making sensible investments in your technology and not going for the cheapest, or free, option simply to save a few pennies.

Obey standards

Nothing is more embarrassing than losing clients’ confidential data, particularly banking details.

If you are taking customer payments, make sure you are complying with the DSS-PCI standards for card payments by giving the work to a reputable payment gateway.

Have a contingency plan

“There but for the grace of God….” is a good phrase to keep in mind when you see another business affected by a hacker, hardware failure or any of the millions of other unfortunate things that could stop your business.

Even with the best planning in the world sometimes dumb luck just doesn’t go your way. You need to have a fall back plan to keep your business running if the unexpected happens.

Be honest

One thing that jumps out in a number of the stories is how some organisations are simply not honest with their customers.

The process starts with misrepresenting how they secure and protect customer data. When an outage hits, they hide behind a call centre and often lie, or at least understate, the effects of the problem.

In an age of social media, blogs and user forums trying to spin your way out of trouble is not the answer. If customers are going to trust you, they need to have confidence you won’t mislead them.

As consumers, the various data breaches we’ve seen so far this year should make us pause before we give valuable personal data to businesses. It’s quite clear that some don’t deserve our trust.

For businesses we need to show that we are worthy of our customers’ trust. The first step of that process is taking their privacy seriously.

LulzSec, anonymous and all the other various hackers, anarchists and general troublemakers on the web are reminding us that we need to take our online responsibilities as seriously as any other others.

Make sure you’re protecting your own business and your customers’ data.

Similar posts:

  • No Related Posts

ABC Nightlife: The Year of the Hack

How do we protect ourselves from online security problems?

It’s beginning to look like 2011 will be remembered as The Year of the Hacker as we see thousands of people affected by computer security problems at big corporations and government departments.

As we trust more of our data to online services like cloud computing applications and social media platforms should we be expecting these organisations to protect our private and financial information?

Tony Delroy and Paul Wallbank from 10pm on Thursday, June 30 2011 discussed what is happening to our valuable data in the online world.

Aspects included;

  • What exactly is hacking?
  • Who are these hackers?
  • Why are we seeing so many hacks happening?
  • How do these data problems happen?
  • Big corporations seem to be affected, is this something small business should watch out for?
  • What can we do to protect ourselves?
  • Should we be careful with social media platforms as well?

Listen now

If you missed the program, it’s available for podcast or download at the Nightlife Website.

Useful resources

If you’re concerned that your personal details have been leaked in the latest round of security, the Should I Change My Password site checks if your email address is on the available list of compromised accounts.

Removing malware

One of our callers, George, asked about a virus that was diverting his son’s computer to an unwanted web site that loads when the system starts.

The computer has been infected with what we call a page hijacker and it can be removed with the free Malware Bytes program.

Sometimes the infection can be a bit more persistent in which case we have instructions on Removing A Trojan at our sister IT Queries website.

Upcoming programs

The date of the next Nightlife tech spot will probably be August 4, but that’s to be confirmed. If you’d like to keep up to date with upcoming appearances, visit our Events page or Subscribe to our newsletter.

Add your views

If you’d like to  join the conversation with your on-air questions or comments are welcome, phone in during the show on 1300 800 222 within Australia or +61 2 8333 1000 from outside Australia.

The show goes to air across the Australian Broadcasting Corporation’s Local Radio Network. Tune in on your local ABC radio station or listen online at www.abc.net.au/nightlife.

You can SMS Nightlife’s talkback on 19922702, twitter @paulwallbank using the #abcnightlife hashtag or visit the Nightlife Facebook page.

Similar posts:

  • No Related Posts

Newcastle as a Smart and Innovative City

In today’s modern world, success is determined by our ability to come up with unique, smart and innovative ideas. It has become the key economic driver for cities and regions as they increasingly compete with other places for attention, investment, visitors and talent.

Newcastle City Council recently released their 2030 strategic plan to become a Smart and Innovation City to help Newcastle develop a healthy, diverse, creative and resilient economy.

But, how do you create a culture of new ideas? How do you attract smart people? How do you turn an Old World City into one the World’s Smartest Cities?

On June 29 2011, The Lunaticks Society of Newcastle will host some of the most creative minds in Newcastle from business leaders to content producers for an evening of thought provocative discussion, collaboration and lots of smart ideas on how to construct a Smart and Innovative City.

Speakers/Panelists

MC: Paul Wallbank – author, tech writer and radio presenter

Featured speakers include: Greg Hall – writer and movie producer, Simon McArthur & Jill Gaynor -Newcastle City Council and Carol Velduizen – Senior Research Fellow, Hunter Valley Research Foundation. More speakers to be announced…

Venue: Delany Hotel, 143 Darby Street, Newcastle

Date: Wednesday, June 29 2011

Time: Starts 6.30pm – Ends 10pm

Don’t miss this event! Book at the New Lunaticks website.

Similar posts:

  • No Related Posts

Carving up the web

What the new domain names mean to your business

As we discussed in 2008, there’s a new type of Internet address about to sweep into the online world. It may well change the web, but not quite in the way the promoters are saying.

On Monday ICANN, the International Committee of Assigned Network Names, approved the release of custom global Top Level Domain names. Organisations can now buy their own Internet addresses rather than adding a .com or .com.au to the end of their online business names.

For example Telstra can replace their telstra.com.au or telstra.com addresses with .telstra and offer sites like support.telstra or shop.telstra.

Some are claiming this portends the end of the dot com era as business drift across to these newer domains and abandon the addresses we’ve become used to over the last 20 years. Others say it will make data easier to find and consequently kill the search industry.

In truth, the immediate effects on business are going to be limited, but these new names are part of a much bigger change that is happening in the online world.

Take up will be slow

One of the first things to understand with these domains is they are mired in bureaucracy with ICANN itself estimating the approval process will take between eight and eighteen months.

Should an application be approved, there will also be a period where approvals will be subject to appeal, this in itself will prove interesting when conflicting claimants  decide to fight over a domain.

The arguments over who owns generic names will probably end up in the courts while geographic disputes say between Melbourne, Florida or Melbourne, Victoria over the .melbourne address will require some very tricky negotiation.

Costs are high

The application cost of one of these global Top Level Domains is estimated to be $185,000 US with $25,000 annual fees so this is a game for only the biggest players.

Even then, we’ll see many corporations not bothering. Given the current proposal includes strong provisions against cybersquatting, there’s no need for trademark holders to rush, it’s quite feasible that many will sit out the hype and wait for the prices to drop.

ICANN’s track record is not good

Over the last decade ICANN have approved 14 new domains ­– .aero, .coop, .museum, .name, .pro .asia, .cat, .jobs, .post, .tel, .travel, .biz, .info, and .mobi – the last three have been mildly successful but most of these names have been ignored, a precedent that doesn’t bode well for a corporation or government building their own domains

There are some useful network management reasons and possibly some branding opportunities with these names, but the risk of confusing customers or web surfers seems to be high.

In this respect, the argument that the new domains will kill search engines seems odd as more addresses is going to increase the demand for a reliable way to find things online.

The middlemen assemble

Already some are touting the new domain names as an opportunity to get more money out of businesses with the idea various sectors can be enticed to use industry or location specific names. However history isn’t on the side of those schemes as we’ve already seen the release of the .travel and .jobs domains being greeted with a yawn.

One effect we can expect is that we’ll be told over the next few years how important it is be to list our business names with a whole lot of new domains; musicians might be urged to sign up with .music or Perth based enterprises to lock in a .perth name. In many ways these ideas already seem to be an attempt to replicate the old directory businesses that the Internet has destroyed in the last decade.

Locking down the web

Along with being a cash grab by ICANN, the custom domain name is part of the attempt to divide the public Internet into a cluster of privately controlled fiefdoms.

We’re seeing with social media sites like Facebook – and we can be pretty sure .facebook will be an early candidate for listing – striving to lock users onto their service. These new domain names will help them do that and in turn protect data on their networks being shared on the wider Internet.

This is going to play out in a very interesting way over the next few years as the large players jostle for their slice of the web.

Some larger businesses, and gullible governments, are going to fall for this money grabbing exercise, while the majority of Internet users will be excluded simply by the cost and bureaucratic requirements.

This grab for the Internet is a game for big, well funded players and most of us will be spectators in this struggle. Have no doubt though that while watching the big boys fighting over their Internet turf will be fun sport it will be us that will pay for the results.

Similar posts:

  • No Related Posts

The boundary of success

Customer facing workers are not an organisation’s fringe

Management speak is fascinating in the way the language constantly develops new words and phrases. One term gaining currency right now is the “boundary worker”.

In its most charitable sense, a boundary worker’s job is client facing, being where the organisation meets its clients. Generally these are the salespeople, customer support officers, call centre workers and check in clerks.

There’s a common factor here, most of these people are considered dispensable by a modern management, with most of the job descriptions of “boundary workers” being those eliminated or outsourced when costs need to be cut.

A story in the computer trade press last week illustrated this attitude where an airline announced they were moving their boundary workers – their check-in staff, cabin crew and pilots – to a basic email service while keeping their office staff on the more sophisticated and richer IT platforms.

What jumped out of that story was the underlying assumption that these “boundary workers” are on the periphery of the organisation’s operations despite being the people directly responsible for getting passengers, otherwise known as paying customers, safely to their destinations.

This idea that anyone outside of head office is at best an irritating cost centre isn’t just confined to airlines, management focus on building bureaucratic empires while neglecting the organisation’s purpose is a malady that in many ways goes to the root of what ails the modern corporatist economy.

Australian governments suffer badly from this because “boundary workers” have largely felt the burden of the last two decades of public service cost cutting. This has stripped government organisations of any corporate memory or the skills to manage programs and people, which in turn has caused politicians much grief as they find they can’t execute promises.

The corporate sector is also guilty of this; a recent “digital business” product launch by a major telco directed prospective customers to a “coming soon” website. Despite this organisation having hundreds – if not thousands – of bureaucrats, it couldn’t effectively launch a product line around its core services.

Probably the best example of this syndrome was Nortel, the Canadian based telco that never recovered from the dot com bust after expanding aggressively through the late 1990s.

As Nortel’s finances suffered, the company responded by steadily shedding support, engineering and sales staff, locking the business into a death spiral as competitors’ sales staff tempted clients to better products with superior customer service.

The funny thing with Nortel was it was fairly rare to see senior managers be affected by lay offs, so the proportion of head office bureaucrats grew in relation to staff numbers. By the time the company sank into receivership, its manager to worker ratio wasn’t probably too dissimilar to a Soviet potato collective.

While it’s tempting to think this is just a big organisation problem, many smaller businesses face it too as owners and managers starve their enterprise of resources while spending up big on prestige cars and other expensive management treats.

On an IT level, it’s common to see the business owner proudly toting a new iPad while his secretary and staff struggle with temperamental ancient desktop computers. Not to mention the proprietor’s home Internet connection being five times faster and more expensive than that of his office.

In an economy where it appears that global corporations and major banks are protected from the consequences, it’s easy to think that we too can ignore our customers and indulge our managers.

If your business isn’t part of a market dominating duopoly then your entire organisation is on the “boundary”, don’t fall for the conceit of marginalising the workers your organisation depends upon.

Similar posts:

  • No Related Posts

The e-Business Book

Seven steps to getting your business online and making money

Is your business website a money pit? A source of frustration? A time waster?

Does your business even have an online presence?

It’s time to get your website working for you and making money.

The web and social media have become the new shopfront where customers, staff and suppliers look to find people to do business with. eBu$iness will help anyone who want to set up and maintain a professional web presence by showing you how to:

  • Choose and register an effective domain name
  • set up your own free or low cost website
  • use social media to your advantage
  • optimise your website so search engines and customers can find you
  • take advantage of free local listing services and much, much more

Whether you already have a website or you’re just starting out, eBu$iness gives you the tools and know how to save time and money and will help you grow your business and make a profit.

The eBu$iness book helps businesses and organisations of all sizes understand and use social media, cloud computing, e-commerce, web service and other Internet tools to make sure their business is successful in the online marketplace.

eBu$iness is available from all good bookstores from 1 July and you can place pre-orders with our online partner Booktopia.

Similar posts:

  • No Related Posts

Planning for change

In a time of change we need to be flexible

Last weekend’s ABC Radio spot looked at setting up a blog. There’s a whole range of reasons why you’d one to build one; to start a business, to publicise a charity or to show off your hobby.

We were lucky to get food bloggers Thang Ngo from Noodlies and Rebecca Varidel from Inside Cuisine calling in to tell their experiences of setting up successful websites.

One common factor for both was they had started off using the free Google Blogger service and then moved up to the more robust and scalable WordPress platform as their sites took off.

Rebecca and Thang’s journeys, which is common for many businesses and entrepreneurs, illustrates how our plans have to be flexible and the tools we choose must be able to adapt to changed circumstances.

The nineteenth century German general, Helmuth von Moltke, said “no battle plan survives first contact with the enemy”. The same is true of business plans; none survive first contact with the realities of the marketplace.

As our businesses adapt to the ever changing economy and the needs of our customers, we can’t afford to get locked into static tools and responses. Our choices have to reflect that we will make mistakes, assumptions will be proved wrong or our customers, suppliers and staff will change.

Being flexible and open to new ideas is essential to survival in the 21st Century economy. The days of doing things because they have always been done this way are over.

Similar posts:

  • No Related Posts