Central Desktop: Security and Privacy in the Cloud

Logo for Central DesktopMyths perpetuate, but your internal processes cause the biggest risk in cloud services

Another guest post went live at Central Desktop yesterday. This time looking at the misconceptions around the security of cloud services. It’s often thought that the cloud solutions is inherently insecure, but it’s much more likely that the security breach will occur through lax processes or simple human error within the client organisation.

Here’s a short extract:

Cloud services: the future of computing and service provision or simply one more headache? If you read enough press, you’ll be convinced that both are true. In reality, when you remove the opinions and biases, the truth is in between, but probably not in the way that you would expect.

Read the full article at Central Desktop.


Scribd – the wrong way to use Facebook personalisation

Scribd – Where the World Comes to Read

Scribd is the world’s largest social reading and publishing company. We’ve made it easy to share and discover entertaining, informative and original written content across the web and mobile devices. Our vision is to liberate the written word, to connect people with the information and ideas that matter most to them.

Or, alternatively:

Scribd – Where the World Comes to Look at Your Facebook Data.

Just a few weeks ago I wrote a post about how data was the future – and the past – of the internet, and how it could be used to really improve the user experience. Sods law states that just days later I’m faced with an example of how to use it to destroy the user experience.

I read articles every day, everything from white papers to blogs to news stories. It was only a matter of time until the document I wanted to read was hosted on Scribd. I don’t have a problem with that, and initially it all seemed pretty good. Yes, I needed to log in to get hold of the document, but Facebook Connect was available and that should have eased the process. All cool so far.

It was here that things seemed to take a stroll downhill.

First, there was the odd policy of having to upload a document before I could download a document from the site. At this point I didn’t have anything ready to share, so I declined and decided to read the document online instead. A bit like SlideShare. Odd, usually you would give users an opportunity to try a service before deciding to participate in it, but not a problem.

Scribd – I get a few emails

Then came the emails. 9 emails. All telling me that I was being followed by someone. Impressive I thought… for approximately two seconds. My next thought was ‘unlikely’. Unlikely that two of my Facebook friends happened to be online at the same time and had both seen me join the service. My spider-senses were tingling.

An hour later they were deafening. Especially as my wife was following me on Scribd. She is on Facebook, she also writes a blog, but she most definitely wasn’t on Scribd. Being inquisitive, I clicked to view her profile. Apparently she joined in January 2011 – before I did.

Scribd – Julie’s ‘profile’ – note the joining date

So not only is Scribd grabbing my friend’s information from my profile, its also creating accounts ready for them. It’s just plain wrong. That’s their data, not mine, and they haven’t given permission for Scribd to hold their data; I’ve given Scribd permission to hold and use mine. And yes, I do see their name and picture being used in conjunction with an account as being a breach of that trust. They are associating their service with someone who they don’t know and have not had any interactions with.

And at no point have I had the option to opt-out of this happening.

Being kind, very kind, I can see a reason why they might act this way. After all, if you’re a Facebook Partner for the Personalisation product, you want things to look good. But if your service only has a small user base then the chance of a group of people you know stumbling across your account  – or even more unlikely, a group of people you don’t know stumbling across your account – and choosing to follow you, is very small. I can imagine the product brainstorming meeting that morning: “Hey, I’ve got a great idea, let’s just create a load of accounts every time someone logs in using Facebook! Brilliant! That’s thinking out of the box!”. Unfortunately, yes, it is out of the box, and for all the wrong reasons.

I’m not the only one who has had a similar reaction to this behaviour. Rohit Mishra made similar points in his blog post in February; although he found out what was happening in a different way. They’ve also got called out in Wired last September. You would have thought that they had learned their lesson by now, but obviously not.

Data sharing – executed correctly – has the ability to create immersive and rewarding social experiences. I think we should all take a look at Scribd so we know exactly how not to do it.

**** UPDATE 29th September 2011 ****

It was brought to my attention by a tweet from Laurence Buchanan (below) that Scribd isn’t the only site in Facebook’s Instant Personalisation program. Rotten Tomatoes also takes the same approach. You can find out more at Techcrunch about the initial partnership.

To check the veracity of the claims, I visited the Rotten Tomatoes site. Without logging in or creating an account (this will become important in a moment) I did see my friends movie likes and dislikes. Imagine my surprise when, upon visiting the application settings page in Facebook, I was greeted with the following.

Rotten Tomatoes application setting in Facebook

I really don’t remember giving them permission to do anything…

If you want to read more about this, I’ve looked further into Facebook Instant Personalisation here.


Making sense of it all – Part 1: the consumer

Wasn’t it nice in the days before social networking, before intelligent spam filters and privacy concerns? You could just send out a few thousand emails and watch them land on the virtual desks of the people in your bought list. Everything was so much simpler then, there was even the slight possibility that someone might open your email and take a look because they didn’t have 500 emails sitting permanently in their inbox, looking for a home.

Okay, I’m being facetious, but there’s no denying that our job as marketers have got more difficult in the last few years, and it’s going to get worse.

Let’s put ourselves in the shoes of the consumer, it shouldn’t be difficult, as let’s not forget, we’re consumers too.

In this digital world we have more information than we could possibly ever want. Whether it’s videos to watch – 24 hours of video are uploaded every minute on YouTube – or articles to read – 25% of all tweets contain links and your average user receives approximately 40 tweeted links per day – we are flooded with information. Some of it will be important and some of it will be rubbish, but the challenge remains to be able to filter the good from the bad.

Automatic priorotisation of your messages
Image taken from Google's video introducing Google Priority Inbox

As a result of this information glut, especially the glut of messages, companies such as Google and Facebook are starting to introduce technology to help their customers manage their inbox.

Google Priority Inbox works out which mail is important to you using a combination of factors, including if how often you’ve emailed the sender before, Whether you have opened messages from the sender before (or just deleted them), whether the email contains keywords similar to those in emails you have read previously, and finally, whether you’ve replied to them before. Message that it deems are important get given priority billing at the top of your inbox, pushing unimportant mails down into the main bulk of email. Users can help train the system using the ‘Important’ and ‘Not Important’ buttons. Interestingly, early figures are showing that, on average, users are spending 15% less time each day reading email, and a significant 43% more time reading important mail compared to unimportant. These figures are compared to Google Mail users who haven’t enabled Priority Inbox, but they still give an insight as to how reading habits will change.

Facebook Messages is yet to roll out, but is grabbing a lot of attention. Their approach is to combine all communications into a single conversational view, so that email, chat and SMS all appear side by side. Using this paradigm, all messages would appear side-by-side in a single fluid conversation. For the user it’s a simple experience, for Facebook it’s a great lock-in tool. A key element of Messages is the ability to filter incoming messages, in much the same way as Google Priority inbox. However, Facebook has the added advantage of being able to see which senders you are friends with by looking directly at your friends list, not just your previous activity. Any messages received from sources outside this list get automatically moved to a separate folder that isn’t visible by default, and in some cases, will be automatically bounced back to the sender.

In the desktop space, Microsoft has included their Outlook Social Connector built in to Outlook 2010 (although it also works in 2007 and 2003). This add-on connects your Outlook to your social media accounts, and supports Facebook, LinkedIn and others. Although this is currently used simply to add contextual information to your contacts, it’s a simple jump for Microsoft to start using this information to prioritise and filter your email based on your relationship to the sender.

Although these technologies are all in relative infancy at the moment, there is no doubt that they will improve, and the fundamental idea behind them – that your social circle, personal and business, is the most important group with which you communicate – will be realised more effectively.

A few days ago, a B2BM Blog posed the question: Email is dead, email is not dead, arrgh! Which is it? Well, it’s neither. As with all things, it evolves over time. Communication systems that were once distinct (telephone, IM, Email, SMS) are merging, through the use of portals such as Facebook, Google and Outlook, into a single communication system. And with that convergence the rules that govern those systems will also merge.

So, as marketers, where does this leave us?

Put simply, we are going to have to make friends. Moving forward, to maximise our ability to engage and communicate with our customers across all touch points, we must become part of their social circle, and that will require a very different approach. Social Media will have to take the lead as we become more responsive, more personal and, ultimately, more human in our marketing activity. Those brands that can pull consumers to them (rather than push at them) will find themselves well set, taking on the affectations of web celebrity and gathering followers around them. Hopefully creating a strong group of brand advocates.

That’s enough for now. In part 2, I’ll look at how we can manage our clients growing social landscapes effectively and harness the relationships we build.