Here’s the latest update from Research In Motion, the Ontario-based telecommunications company whose BlackBerry products have been having issues for the past few days across the world:

“BlackBerry subscribers in the U.S. may be experiencing intermittent service delays this morning. We are working to resolve the situation as quickly as possible and we apologize to our customers for any inconvenience. We will provide a further update as soon as more information is available.”

As of this morning, RIM blamed the outages on a failed switch and no backup.

As always, if you have any questions, please call our help desk at 206-762-5100

It has been a couple years since “the cloud” arrived on the IT scene, yet some IT leaders still talk about it with breathless reverence. Even non-IT executives still proudly announce that they’ve “put that in the cloud” when any technology-related topic arises.

The fact of the matter is that the cloud is just another make vs. buy decision.

What is “the cloud”?
Definitions of cloud computing abound, but it has been overly complicated.

Essentially, the cloud is little more than “stuff outside your company.” That “stuff” could be processing power, storage, networks, applications or any other bit of technical wizardry. When the CIO says she’ll “put that in the cloud,” all she is really saying is she will take something that was done in-house and do it with someone else’s “stuff” (outsource it). Any aspect of internal “stuff” can be put into the cloud, from raw data that is stored on another party’s storage systems, to an internal application that is run on someone else’s hardware. Often, the cloud refers to a third party’s applications, analogous to the enterprise equivalent of gmail or hotmail to employees.

Conceptually, all the fancy cloud talk could be applied to anything a company does outside its walls. The toilet paper purchased from an outside vendor effectively comes “from the cloud,” and the same decision making process used to choose that vendor applies to making the decision to move into the cloud – or not.

Mysticism has “clouded” the process
A frightening part of the over-hyping of the cloud is that it has muddled the decision-making process for determining if the cloud is appropriate for a particular IT function. Mysticism seems to creep into any cloud-related discussion, obscuring the fact that deciding to move something into the cloud is merely a simple make vs. buy calculation. If email is under consideration for being moved into the cloud, the process is simple: Tally up the costs of the various servers, software and support, divide by the number of users; Compare that to the per-seat fees from various cloud vendors. Factors that denote reliability, security and support of the vendor can also be figured into the equation.

This process sounds amazingly similar to the process that Operations goes through when selecting vendors for critical components and parts. In companies that produce physical products, supply chain and purchasing groups are likely loaded with experts in this type of process and can assist in making an exceptionally thorough analysis of the various cloud vendors, and apply appropriate rigor to the process.

While those in IT may quip that those buying physical commodities could never understand the subtle nuances of the cloud, remember that the supply chain deals with production and design secrets all the time, and reliability is obviously a central concern since a critical vendor could hamper the ability to actually produce products.

Presenting the cloud in these terms can bring internal purchasing expertise onboard to help make better decisions and inspire more realistic discussions with peers. Rather than the cloud offering a voodoo-like panacea to every internal problem, all executives can approach it as a way to cut maintenance and administrative costs, or a way to allow IT to focus on more valuable activities than maintaining email servers or commodity functions and applications.

As with most emerging technologies, the cloud’s near-magical properties will soon wear thin. A rational look at cloud-based services and straight-forward analysis of the decision to utilize them just as any other third party vendor clears away the haze around the “cloud” and makes its use a far more practical solution.

Questions and confusion abound although the cloud concept is not new. Call Responza’s experts for assistance in implementing or tweaking a cloud strategy that meets your requirements and fits your specific needs.

Most companies don’t satisfy every major segment of their customers.
This isn’t just true for certain types or sizes of companies but is a trait that can be seen across all companies. Its impact is obvious in how information, products and services are offered on websites. Typically, companies set their sites up in ways that make sense to their need instead of considering how their potential customers actually make buying decisions.

Most companies fall prey to the trap of using an array of general keywords for pulling traffic to their sites. What has been learned in recent research is that potential customers can’t be lumped into a single group – their needs and desires must be specifically articulated. This is especially true with websites and the search engine marketing (SEO) strategies that are applied to them.

Getting specific about the segments where potential customers shop is the best way to ensure that buying customers are attracted by keywords and that they go to the best places on websites to make their purchase decisions.

For example, instead of trying to attract people shopping for “automobiles” or “cars”, dealerships should name the types of vehicles people want to buy in their marketing strategies. Applying this to SEO, the dealership would use SUVs, crossovers and pick-up trucks instead of the more general terminology as the keywords that attract and guide visitors to their sites.

This takes more than guesswork. It takes an understanding of where website visitors go and where they spend the most their time. Website analytics (such as Google Analytics) should be used to gather this information. A comparison of analytics information to what is actually sold by their own businesses and by competitors provides a good measure of where their keyword attention should be focused. This can even help establish product or solution gaps and open up potential for new successful revenue streams.

Examinations of websites should work in tandem with keyword exercises. It is just as important to align website pages to correlate with the categories that appeal to customers as it is to identify and use the best keywords. Once visitors are on websites, they will leave if they can’t quickly find what they’re searching for.

Going back to the car dealership example, keywords of SUVs, crossovers and pick-up trucks should link to pages that are all about those particular vehicles – not a general automobile listing page.

It is also more effective to use keywords matching up to the search terms that customers would actually use. How many people use “automobile” terminology? In reality, they talk about “cars” and when they are shopping for one of their own they use the specific terminology for what they want to buy. Tools are available that help in targeting terms that are more likely used in searches (such as the keyword grader available to Google Adword users). These tools help to bucket keywords into segments so they can be appropriately applied to correlating website pages.

Developing a plan for SEO actually makes website development easier, not harder. There should never be any question about what needs to be created, expanded, or edited when the research is in hand to show what people are looking for.

Two new studies have raised concerns about the transmission of private data by some iPhone and Android apps.

Last week, researchers from Duke University, Pennsylvania State University, and Intel Labs released the results of a study on 30 popular third-party Android apps. Using TaintDroid, a tool which the researchers created, they discovered that 20 of the studied applications exhibited “suspicious handling of sensitive data” and that 15 of the applications “reported users’ locations to remote advertising servers.”

In addition to location information, the researchers discovered instances of applications transmitting a device’s phone number, IMSI code (unique code that identifies a user of a GSM or UMTS network), ICC-ID (unique SIM card serial number), and IMEI number (unique identifier for an individual device). They found that one application transmitted information each time the phone booted.

“While this application displays a terms of use on first use, the terms of use does not specify collection of this highly sensitive data. Surprisingly, this application transmits the phone data immediately after install, before first use.”

Not only are applications transmitting information that could be used to personally identify an individual, they are also sending geographic location data. The researchers found that 50 percent of the studied applications “exposed location data to third-party advertisement servers without requiring implicit or explicit user consent.” And while two of these 15 did display a EULA when first run, neither EULA indicated that such data would be collected and sent to advertisers.

A second paper, written by Eric Smith, Assistant Director of Information Security and Networking at Bucknell University, raised similar privacy questions about iPhone applications. Instead of creating a tool to track transmitted data, Smith analyzed the network traffic sent from an iPhone through a specially configured wireless network.

“Packet captures were recorded using tshark12, the console-based libpcap capture utility. The resulting files were then analyzed using a suite of open-source tools including Wireshark, ngrep, and the Perl Net::Pcap libraries13 in order to determine what, if any, personally-identifiable information was being shared with third parties.”
Smith also analyzed browser cookies placed on the device by applications.

Of the 57 applications Smith evaluated, 68 percent transmitted the iPhone’s UDID (a unique device serial number), “to a remote server, owned either by the application developer or an advertising partner.” Some applications encrypted the data using SSL, but others transmitted the UDID and user’s name (either the logged-in user’s name or the iPhone’s user-assigned name) in plain text.

Applications were also found to place “extremely long-lived” tracking cookies on the iPhone. These cookies aren’t set to expire for several years. According to Smith, “these long-lived persistent cookies could allow for third parties to link UDIDs from old, discarded phones to individuals’ new phones as they upgrade to the newest iPhone model every few years.”

Choose apps wisely
In response to the Android study, a Google representative pointed out that users must approve the access when an application is installed. CNET quoted the representative:
“On all computing devices, desktop or mobile, users necessarily entrust at least some of their information to the developer of the application,” the representative said. “Android has taken steps to inform users of this trust relationship and to limit the amount of trust a user must grant to any given application developer. We also provide developers with best practices about how to handle user data…We consistently advise users to only install apps they trust.”

Under Apple’s latest iPhone Software License Agreement, users have already consented to having their location information collected.
“By using any location-based services on your iPhone, you agree and consent to Apple’s and its partners’ and licensees’ transmission, collection, maintenance, processing, and use of your location data to provide such products and services.”

What is the lesson here? Be VERY careful about the applications you install. If an application asks for access to information that doesn’t seem relevant to the application’s function, you might think twice about installing it. If you do allow an application to access your private data, know that the information may be used in ways you didn’t intend. William Enck, one of the Android researchers, made this point to CNET.

“Right now users have to be more diligent with the apps they install, look closely at the permission screen, and assume that that information may be misused.”

Adobe has acknowledged a critical security flaw in its Reader, Acrobat and Flash Player software. Adobe says the vulnerability potentially enables hackers to take control of affected computer systems and that users running Windows, Macintosh or Linux might all be open to attack. The company is working to fix the problem. In the meantime, users of Reader, Acrobat and Flash are advised to ensure their anti-virus software is up to date. “It doesn’t really get any worse than a vulnerability like this,” said Graham Cluley, senior technology consultant at Sophos, a security software company. He said that hackers could create a “booby-trapped Flash animation, or PDF” that would give them access to a person’s computer, potentially allowing them to harvest personal information or use the machine to send spam messages. In recent years, PDFs have become a popular means of sharing documents that are not easily altered by the recipient.

In a security advisory, Adobe said: “There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat”. Whilst it works to fix the problem, the company suggests upgrading to the latest versions of their software, which appear to be less vulnerable”.

Alternatively, the company said that advanced Reader and Acrobat users could delete or rename the “authplay.dll” file on their system but that doing so means users will experience a non-exploitable crash or error message when opening a PDF file that contains Flash content. Keeping anti-virus software up to date will also help to avoid problems.

If you feel that your network is at risk or that your PCs may have been affected by this vulnerability, call Responza at (206) 762-5100 for advice and support.