Members Only Logo  

or Subscribe by Email by entering your address below:

Powered by FeedBlitz
Learn about Subscriptions Follow me on Twitter!

The topics discussed here grow out of the bread-and-butter issues that confront my consulting and software clients on a daily basis. We'll talk about prosaic stuff like Membership Management, Meetings and Events Management and Fundraising, broader ideas like security and software project management, and the social, cultural, and organizational issues that impact IT decision-making.

Powered by Blogger

Friday, April 11, 2008

Social media and the Surveillance Culture

Living as I do right in the heart of D.C., things like this happen: I had lunch the other day with a friend who is very knowledgeable about the hacker world within in the so-called "intelligence community".

This is a world where it's common to get your secret clearance before you are old enough to buy a beer. And a sizable crew of these young folks are deployed to monitor - and participate in on behalf of the agency - all sorts of social media activity. Our conversation focused on Facebook, Second Life, and Skype.

"The Agency is deeply involved in Facebook," I was told. This includes both developing techniques to pierce the Facebook's security, and active communication with persons of interest. "Security and Privacy are non-existent on Facebook" my informant told me. The same with Second Life. Organizations hold meetings on Second Life, I put on a sexy female avatar with my breasts hanging out, and I'm just accepted. All the guys have learned to use female avatars and personae on the sites. People will tell you anything" More ominously, I was told they have had some success accessing the computers of people connected to Second Life.

As for Skype, the e-bay owned internet phone service: "There is basically no security employed by Skype. You can use an ordinary packet-sniffing software like any network engineer might buy to detect calls from a specific IP address and reassemble them. We've been working on editing them on the fly to change the content of an active conversation."

Just something to bear in mind, eh?

Labels: ,

Thursday, April 03, 2008

Control and Flexibility

Control and Flexibility. These might be two of your goals in in working with your personal trainer. But in configuring your network and key applications, there is always a tension between these ambitions. How much do you lock down to prevent error and occasional malfeasance? How much do you leave open so that each staff member has the greatest ability to work freely and serve your community without running into roadblocks? It's one of the key areas where we see organizational culture influencing Information System design

For example, board members and donors are hoping you keep good track of the comings and goings of their dollars. So there is a pressure to lock down access to financial records to one or two highly qualified individuals. On the other hand, if it takes the CFO to issue a five dollar refund check, you've created a real bottleneck. Somewhere between these two is your financial control balance point.

This fulcrum won't be in the same place for all organizations. For example, a YMCA with it's hectic point-of-sale environment and fifty or sixty part-time or volunteer front-desk staff will arrive at a different solution from a trade association with a full time staff of ten professionals.

The same dichotomy between control and flexibility arises when you start to push out e-commerce capabilities to your community. We see some organizations who are loathe to let a member change his own address. "Do you really work with organizations who do that? What if they make a typo or something?" And at the other extreme, there are organizations who say "If someone calls and wants to register for our workshop, we direct them to the website to enter it themselves. We genlty insist they do it themselves. Staff time is a scarce commodity". Again, your organization needs to find its own comfort point along this scale.

You should rethink this balance periodically though - it is not a simple issue. Too little flexibility and you weaken your staff, your donors, and your membership, diminishing commitment they bring into the organization. Too little control and time, money, and energy flow out the door.