Twitter, Google and TechCrunch – User Education is Key

I just finished reading a great article by Eric Lundquist – “10 Lessons IT Execs Should Learn from the Twitter and TechCrunch Document Dustup” that apparel in eWeek on July 17, 2009, and would like to reiterate and clarify some of the issues both IT and business executives face when making decisions around cloud-computing.

According to eWeek “…A hacker apparently was able to access the Google account of a Twitter employee. Twitter uses Google Docs as a method to create and share information. The hacker apparently got at the docs and sent them to TechCrunch, which decided to publish much of the information…”

To my knowledge, the account in question was hacked using a combination of common or “simple” user IDs and password, which is not uncommon. As silly as it may sound, a hacker simply guessed user ID/password combination. To minimize the risk, Google Apps Premier edition offers Advanced Password Settings that also contain password strength and monitoring tool for domain administrators. If the password policy was enforced and monitored, the system would have been much more difficult to penetrate.

What I disagree with is the fact that media keeps referring to the above event as if an attacker found a “hole” in Google Apps, an entire Google infrastructure or was able to figure out how to hack the Cloud, which is simply ignorant. I would like to clarify that there is no magic when it comes to getting into someone else’s user account. As an administrator, you must enforce user account password policies ensuring that user passwords are nearly impossible to guess.

I do agree that it is more complex to gain access to an on-premise based infrastructure simply because most of the time, access to your office computer is not visible to the general public, or detectable from outside your network. A hacker needs a lot of information in order to gain access to logon screen(s), to then start guessing passwords. In case of Google Apps, a logon screen is available on the Web and could be easily guessed if not disguised by an administrator using unique domain names etc. By the way, use of unique domain names must be encouraged by the SaaS vendors such as Google and Microsoft. It is their job to make sure that both IT executives and administrators are aware of security risks and educated enough to make informed decisions around protection of sensitive information.

While it isn’t possible to secure your environment 100%, be it on-premise or in the Cloud, the most important exercise is to constantly train and educate your end-users, as the weakest link, sharing stories and reminding them how important information security is for them personally and for the business they are in.

Until next time,

Steve E. Driz

Visualizing Storage or What is Petabyte

Source: Mozy.com

How many times have you sat in a meeting discussing IT related topics, not understanding data storage related lingo. From bits to bytes, and finaly to terabytes and petabytes, people at Mozy.com  – an online backup services provider, figured out how to visualize data storage. Enjoy!

Visualizing petabyte

Google Chrome OS – What’s Next?

Today, Google has finally shared its plans to develop and introduce Google Chrome Operating System (OS). Taking into account that over 30-million people already familiar with Google Chrome browser, I should note that Google Chrome OS is entirely different project even though in the end, the new open-source operating system will include Chrome browser.

While the idea of developing Web OS is not new, Google most certainly has the capacity and the expertise to make it a reality and finally compete with and beat Microsoft. According to the Official Google Blog the all new Google Chrome OS will be available to the public in the second half of 2010.

“Google Chrome OS is an open source, lightweight operating system that will initially be targeted at netbooks. Later this year we will open-source its code, and netbooks running Google Chrome OS will be available for consumers in the second half of 2010. Because we’re already talking to partners about the project, and we’ll soon be working with the open source community, we wanted to share our vision now so everyone understands what we are trying to achieve.

Speed, simplicity and security are the key aspects of Google Chrome OS. We’re designing the OS to be fast and lightweight, to start up and get you onto the web in a few seconds. The user interface is minimal to stay out of your way, and most of the user experience takes place on the web. And as we did for the Google Chrome browser, we are going back to the basics and completely redesigning the underlying security architecture of the OS so that users don’t have to deal with viruses, malware and security updates. It should just work.

Google Chrome OS will run on both x86 as well as ARM chips and we are working with multiple OEMs to bring a number of netbooks to market next year. The software architecture is simple — Google Chrome running within a new windowing system on top of a Linux kernel. For application developers, the web is the platform. All web-based applications will automatically work and new applications can be written using your favorite web technologies. And of course, these apps will run not only on Google Chrome OS, but on any standards-based browser on Windows, Mac and Linux thereby giving developers the largest user base of any platform.“ Read full story.

So, what’s in it for you and your business? While Software as a Service (SaaS), and Cloud Computing are gaining momentum becoming mainstream, not that far down the road web OS will be all you’ll ever need to run your business. Consider this; at present, many small and medium businesses have legitimate concerns around business continuity and disaster recovery planning to ensure that the business survives during natural disasters, pandemics etc.

Business owners are concerned because majority of businesses are tied to a particular geographical location, i.e. “the office” Hypothetically speaking, if you were to move all the existing business application to the “Cloud”, you won’t need a full-blown Windows operating system to successfully operate your business or even for your home computer. You won’t even need to keep Windows disk images or own any Windows servers simply because Google Chrome OS might run directly off a memory stick or your computer connected to the Internet will simply boot into the web OS.

The idea I have been toying with for the past 4-5 years is to develop an operating system that is small enough to fit on the smallest available thumb-drive, and has a Firefox browser (remember, Google Chrome wasn’t available 5-years ago). One of the key reasons it never materialized is that even with the web OS, you still need an always on mobile broad-band connection and some sort of hardware that’s truly portable. As a logical continuation of events, Google introduced Google Apps, and then Google Chrome. Today, I can say with 100% certainty that the time for the web OS is NOW!

However, considering wide adoption of mobile computers, specifically netbooks, it’s ridiculous in this day and age to be tied down by a specific OS simply because all you really need to access and manipulate your information is a simple web browser.

For example, my company is powered by Google Apps Premier, and personally, I hardly use any other features of the pre-installed OS other than Google Chrome browser. In all honesty, at times I do use Internet Explorer and/or Firefox but only when I have to. I even tried Safari on the PC, and while it’s a great browser for MAC platform, it does not even compare to Chrome and Firefox on PC. But that’s another story.

Don’t get me wrong, I do listen to music, actively participate in social networks, watch movies, edit photos, play games etc. But all these activities are done online.

There are companies and individuals that over the years have developed Linux-based operating systems that can be named true web OSs today. There are even virtual appliances that allow you to safely the web using Firefox browser. How Google Chrome OS will distinguish itself, time will tell.

We look forward to reviewing Chrome OS and sharing the experience with our dear readers and customers. For further information, or to subscribe to our newsletter, please contact us.

Until next time,

Steve E. Driz

Good Bye Beta – Welcome Google Apps for Enterprise

Just in. According to the Official Google Enterprise Blog, beta label came off Gmail, Google Calendar, Google Docs and Google Talk. With this move, Google sets new standard and shows the business that it’s cloud offering is mature enough for the Enterprise beyond reasonable doubt.

“Google Apps has always been a compelling offering for small and medium sized companies, and they’ve accounted for much of our growth to 1.75 million businesses. Large enterprises can also get great results with Apps, as Fairchild Semiconductor and the dozens of other big companies that have Gone Google have discovered. Still, we appreciate that there have been some boulders along the road to adoption for the largest businesses in the world.
Since the beginning of the year, we’ve focused on making it as easy as possible for those large enterprises to switch to Google, and offline access, BlackBerry and Microsoft Outlook support, and enterprise contact management were the dynamite that cleared the road to Apps.

Today we’re paving the road. We’re taking the beta label off of Gmail, Google Calendar, Google Docs and Google Talk to remove any doubt that Apps is a mature product suite.

We’re also launching a tool that will be particularly useful to administrative support staff to screen and send email on behalf of others – a feature called email delegation. And to help customers comply with regulations that may exist specific to their industry, we’re adding email retention so that IT administrators can set up policies to determine when email will be purged. Both retention and delegation are in testing with customers, and will start rolling out to all Premier edition domains over the next weeks.”

New email and admin features are a big step forward considering that Gmail is delivered as a web-client. Read full story.

As always, over the next several weeks our team will test new fucntionality, and will share its findings with our valued readers.

Until next time,

Steve E. Driz