Security in Enterprise 2.0: Building a case for Security 2.0

While reading up on the security concerns highlighted in this article from the NY Times, I could see many E2.0 evangelists shaking their head in despair. The recent attack on Google /Orkut's network that compromised close to 400,000 users within a few hours is going to scare people even more.

Web 2.0 and Enterprise 2.0 is all about 'opening up', sharing information, communicating and collaborating. While the latest breed of techies are seeped in blogs, wikis, chat programs, Google docs and social networking sites, traditional firms continue to rely on the good 'old' trusted means of 'securely' disseminating information via emails and file attachments. The idea of sharing company documents that may have client names, sales figures on websites (yeah, Wikis are glorified websites) appears appalling to the senior management. Security concerns are always brought up when someone talks of adopting an Enterprise 2.0 outlook and many cases, these concerns are justified.

My attempts to Google the term "Security 2.0" bought up an interesting post which talks about the author's attempt at Googling 'Security 2.0" in October 2006 and his thoughts on what security 2.0. I can tell you that on today's date, my Googling attempts did not give me much either. Around the same time, Symantec spoke about bringing out Security 2.0 products but to me, the vision looked a lot like anti-virus packages bundled up in a new name.So where are we with Security 2.0?

The secure Enterprise 2.o forum and the ongoing E2.0 conference are good starts towards fostering dialogues between the participants of E2.0. Currently security in an Enterprise 2.o setup is limited to policies and mainly role based authentication but unless some convincing protocols are not established with regards to securing information management in an E2.0 setup, Enterprise 2.0 will not attain its goals of 'open communication and collaboration'.

Seeing God in Doing His Work

This morning, I was blessed to hear from Pastor Russel Ames, a very powerful and interesting insight on "Seeing the face of God". I have interspersed Pastor Ames's message with some of my own thoughts and the result is as under.

Being a Christian and having professed my love for Christ, I have sometimes wondered what it would be like to 'see' God face-to-face. Moses saw the Glory of God but before his time, Jacob saw God face to face. He wrestled an entire night with God and for what? He wanted God to bless him. He fought with God for a blessing. And this was the same Jacob, who had taken the birthright of Esau. The same Jacob who was returning to meet his brother, fearful of his wrath, fearful of death and while he was mentally tormented with visions of what would happen the next morning, he wrestled with a man, whom he believed was God. And he does prevail. He receives his blessing. God puts his hip out of joint and in this deformity, he is blessed as he is recognized.

The next morning, Jacob sends his cattle, his wives, his sons and his servants in front of him as he approaches his brother Esau. Why? He is petrified that his brother will rebuke him and might even kill him. His is a peace offering but how does Esau react. Esau ran to meet him, and embraced him, and fell on his neck, and kissed him: and they wept. (Genesis 33:4)

Esau forgives Jacob and refuses his gifts saying that the LORD has given him enough. To this Jacob answers, ".. Nay, I pray thee, if now I have found grace in thy sight, then receive my present at my hand: for therefore I have seen thy face, as though I had seen the face of God, and thou wast pleased with me.(Genesis 33:10)"

Jacob said that He saw the face of the LORD in Esau's face. What did he really mean? How can you see the face of the LORD in the face of your relatives or friends. Ps. Ames explained this using the example of Mother Teresa and her service. In every destitute that she served, in every tear that she wiped, she saw the face of the LORD. She saw the face of Jesus. Indeed she did as these verses from Mathew Chapter 25:35-36 testify...

"For I was an hungred, and ye gave me meat: I was thirsty, and ye gave me drink: I was a stranger, and ye took me in: Naked, and ye clothed me: I was sick, and ye visited me: I was in prison, and ye came unto me."

Serving Jesus can only lead to one thing in a physical world.Pain, suffering and rebuke but looking beyond the boundaries of a physical world, there is much more to be achieved. Yes, in serving Jesus there is the one real chance to see HIM and to meet HIM, face-to-face and to be in HIS presence forever and that would be really something worthwhile.

Speaking of India..Spelling names right

I recently happened to browse through Craig Storti's Speaking of India:Bridging the Communication Gap When Working With Indians and while I must applaud Craig for his attempt to explain the difference between Indians and Westerners and how they perceive each other, he appeared to have missed out one key point that is Westerners don't always catch and Indians never let go off and that is 'Spelling names right'.

In the book, Craig quotes the CEO of Infosys, one of India's largest, globally recognised software power house as follows
"India has always been seen as a country of promise and potential,” notes Mamdan Nilekani, CEO of Infosys"

All good in the above sentence except Mamdan is actually spelt Nandan. A big blooper and not the best way to put your foot forward in India or in any country for that matter. Yup, when it comes to communication. Indians are as touchy as the rest of the world.

Connecting Infomation Dumps

I work for a traditional management consulting firm which is just beginning to embrace Web2.0 and its principles of blogging and Wikis. Today was a momentous day in the sense that I was involved setting up the corporate Wiki space where we (or rather projects) could create pages and collaborate using the functionality offered by the Wiki. Some of the managers I discussed the Wiki with, were skeptical about using the Wiki to blog about projects, upload documents and collaborate. The reason for their lack of enthusiasm was the presence of other traditional collaboration tools that have been used by previous projects to maintain project documents and track progress and there was not one but several such tools. As a result, there were several silos of information that were isolated and to a certain extent unusable as not everyone knew about their existence.

Reality check time.Information will continue to exist on File Servers, Email folders, Intranets, Wikis, Content Management Systems and local file systems . A good part of this data will be duplicated, redundant and even in some cases, out-dated. How does one connect these different sources and make data usable and easily manageable. Google Enterprise piggybacking on a Google search appliance can make finding information inside an organization easier but a search solution is not the key. The key is manageability.

While moving information out of every source into a central repository and forcing the workforce to use the central source is out of the question, it brings to the fore front, the need for pluggable interfaces that can connect information across these silos based on content and more importantly update information across several sources when information in one source changed is the need of the hour.

Such a system while in essence would be a Content Management System (CMS) that would manage content held by other CMSs, File Servers and other similar sources, it would need to identify and group together 'similar' data. In such a scenario, Tagging could act as a glue between these disparate sources of data. Moving one step forward, a bookmarking software such as Scuttle could be used to tie in various sources and formats of 'similar' data.