Blog Posts

When Access Control Systems Fail or are Absent,

May 27, 2012 2:13 AM by Anil Saldhana

you can have squatters at your company. And they are not in camp sites in your parking lots or dressed differently - they mingle and coexist with your legitimate employees. How cool is that. :)

Examples: 

1.  19 Year Old Kid builds a startup squatting at AOL.
2. Young Steven Spielberg squatting at Universal Studios for 2 months.

The story of Steven Spielberg claiming that he squatted for 2months/years is rebutted in the media. It is a possibility. :) (http://www.anecdotage.com/index.php?aid=14372)

Another example of studio squatting http://en.wikipedia.org/wiki/Daedalus_Howell#Controversy


So, give some love to access control systems. :)

Growing need for Social Intelligence

May 23, 2012 2:24 PM by Anil Saldhana

In the past, there were firewalls, employee agreements and corporate training to inculcate proper corporate etiquette in employees. As an employee, you were told that

• when you are in public, then sensitive corporate information was not to be uttered.
• when you were sending an email outside the organization, your language/tone had to be watched.

Companies needed to maintain vigil and dilgence to safeguard their secrets, brand and Intellectual Property. Ok, that was the 90s.

Then came the world of blogging. Wikipedia became the de-facto encyclopaedia of the world. Then came LinkedIn, Twitter, Facebook, Foursquare and your-favorite-social-network-or-location-or-web2.0-application came into existence and started getting popular. Of course, I did not forget Pinterest and Instagram.  The iPhone revolutionized mobility. Who has not clicked a picture of a place or product or something and published on twitter/facebook?  Instagram makes that easy.

This is the 21st century I am referring to.  Companies started to get involved in social media to maintain brand recognition, marketing and customer outreach.Nothing wrong with that.  Many companies encouraged their employees to embrace openness and use social media.

Things seem to be going well for everybody. I am sure we will see some employee crossing the line and mistakenly sharing private confidential information on the internet. Remember congressman Anthony Weiner 's episode of forgetting to use "D" at the beginning of his tweet. Rather than the tweet going as a direct message to one of the twitterers, it got shared with the world. The rest is history.

Reading Network World's latest bit on security and social media, I strongly feel that there is a need for Social Intelligence.  Rather than people monitoring the social media to see if private information is getting divulged, we need intelligent software that can monitor the social world to flag rumours and threats to corporate brand.  I believe many a times, employees step the thin line. not because they want to harm their employer, but because they do not know where the line starts and where it ends.

Let there be Social Intelligence not to monger fear but as a valuable tool in safeguarding corporate brands and IP. Companies should not take the knee-jerk policy of banning social media from the enterprise. What you end up doing is lowering your employee morale, in this brave new world. Just manage your brand better via social intelligence.

Obfuscate your maven settings passwords

May 7, 2012 3:48 PM by Anil Saldhana

If you still have cleartext passwords in your settings.xml, then it is time for you to mask/obfuscate them.  It will not be fool proof but definitely better than having your passwords in the open.
https://community.jboss.org/wiki/MavenSettingsxmlMaskingPassword

View more blog posts