Web Services, Web 2.0 & SOA - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Web Services, Web 2.0 & SOA


10 Lessons IT Execs Should Learn from the Twitter and TechCrunch Document Dustup



 By: Eric Lundquist
2009-07-17
Article Rating:starstarstarstarstar / 3


There are 0 user comments on this Web Services, Web 2.0 & SOA story.


Rate This Article:
Poor Best
How to meld the Web 2.0 world into your corporate world without taking excessive risk.

Here's the background. A hacker apparently was able to access the Google account of a Twitter employee. Twitter uses Google Docs as a method to create and share information. The hacker apparently got at the docs and sent them to TechCrunch, which decided to publish much of the information. The entire event sent the Web world into a frenzy. How smart was Twitter to rely on Google applications? How can Google build up business-to-business trust when one hack opens the gates on corporate secrets? Can you define journalism as TechCrunch simply deciding to publish stolen documents? Whatever happened to journalists using documents as a starting point for a story rather than the end point story in itself?

There are also some lessons for business execs and information technology professionals in the Twitter/TechCrunch episode. Here are 10 lessons.

1. Don't confuse the cloud with secure, locked-down environments. Cloud computing is all the rage. It makes it easy to scale up applications, design around flexible demand and make content widely accessible. But the same attributes that make the cloud easy to access for everyone makes it, well, easy to access for everyone.

2. Cloud computing requires more, not less, stringent security procedures. In your own network would you defend your most vital corporate information with only a username and user-created password? I don't think so.

Resource Library:

3. Putting security procedures in place after a hack is dumb. Security should be a tiered approach.  Non-vital information requires less security than, say, your company's five-year plan, financials or salaries. If you don't think about this stuff in advance you will pay for it when it appears on the evening news.

4. Don't rely on the good will of others to build your security. Take the initiative. I like the ease and access of Google applications, but I would never include those capabilities in a corporate security framework without a lengthy discussion about rights, procedures and responsibilities. I'd also think about having a white hat hacker take a look at what I was planning.

5. The older IT generation has something to teach the youngsters. The world of business 2.0 is cool, exciting and full of holes. Those gray hairs in the server room grew up with procedures that might seem antiquated, but were designed to protect a company's most important assets.

6. Consider compliance. Compliance issues have to be considered whether you are going to keep your information on a local server you keep in a safe or a cloud computing platform. Finger-pointing will not satisfy corporate stakeholders or government enforcers.

7. Who do you trust? The emerging computing model of melding private and public clouds makes the most sense. Again, you need to have tight control over vital information. If you are going with a cloud vendor, how much control can you exert over the vendor's IT infrastructure? Can you tweak it to your specs or do you have to take what is offered?

8. Don't confuse consumer with corporate requirements. Google applications are great for sharing the little league roster and schedule or a list of your favorite BBQ joints. Those applications are not so good for sharing your corporate financial projections. Use the right tool for the job.

9. Learn from the mistakes of others. Your company is not Twitter, but that doesn't mean you are not a target of the hacking community. Your most important corporate information may be being shared right now on Web-based services. Do you know, have you asked the execs in your company if they are using Google and other shared cloud applications? I'll bet you'd be surprised by the amount of information going around the cloud.

10. Use strong passwords and change them regularly. Maybe you can't stop corporate information from leaking to the cloud, but at least give your co-workers some good advice in using strong passwords that are difficult to hack. Google has some tools to help in this and has sensible limits on the number of access attempts you can make before you are shut out. Use the capabilities that are present in the cloud community even if they are not up to your standards.

 



  Reader Comments: 10 Lessons IT Execs Should Learn from the Twitter and TechCrunch Document Dustup
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Web Services, Web 2.0 & SOA Articles          >>> More By Eric Lundquist
 


x}r۸j9km#dKbY^N"!c䐔/3g~u~|.KƳw-ݍFλ$9auE1>=zc[HRcgoM#s-GFgPSrD廚fw2'v=S;^> \?g#;Y| tjGt0.Rs2 ;s6!wesM/cߨ`&`1\m8lTA!j :a?h='@Ib(ݡh] ( )ww,8$ayc$aL$4ob QY ))Jd/B(?cs#=|'?<i@a `V黖v@F_N-G ,ȓ ۭBx1BP!"Bτ]ͻHݠL$Gd jI:`iTbb#9Q^]ݱ&R,RE͌iAw4Ԭ=kScG 7GCLH<~0[QMK.n4ZNfO,ӇqtRpB'lǦ,j؏`U[۾xisq@fr .8bc&)] Tw<-0;zt\a_dY33ML:o@֭ÂZ.jrX*Ji~/oMpn}˴w&.eםk޾TBAQE0> n84p;ZrrV(a*^w2 wq@ΰ{A Fb;}"@DeR)gI"0iէ6ttr:AHsEF j;j/ JPT\jzZzO`F%pbQUe>'SK|оd>>=O|bPB衂P(AtV?cSjquҺzꜷzW}rһ$qř{F0@qgs j__[v\? /mxw3P&ںa#j}IͽGb;|hi.>uIN,-A247QZh,s$db&RCX*V Q3oF5 x%{i":svfPy۬) RBŒmns@̀kifPXT`4R 9lb)6K .&7'M2Xʅ U >YtBF(0 .+J""xF3 qE KH@!}F!8N#8U%Ku}7p@WMCrNTW꒬2Sb{HK nϱ'vs"y~ K/364>pX.B2iK1pJjje?VV)CR}U95b(WZ`Lm41,Ltͭ y0贎;mF_{3jY}v"5d}4>ljACA4icŦ4N@ӧ&hC:ҋ:L [ͣPo]=': }PA}H z*z(4@ hA'r<kJMlLJ.??6  G`rnhk=D+wEGHAb1,{DE}vĆYz]2X.;s:GT[LKx GN s C|'s\(Lw^ {"= DEMi@(P!$5`r łQ>zZ.%rP.oz 6D ȸqa,Ce9J3v,˹ ڟd;'3JuѪI״& 'zqH /og+ Cđaް~Sc'B%DwUJm ̜ڥgbQIBm@uRIm(Xk::><}*O|Vx@̍ E . Z. H3m"T0|,U*Ut`n`R@@и٩%7].Dtl?`T{hBSݏP1gxyd.>3IZ+k(TT\=,j8++~~̻( Iߥ: r@W}~k`ޝ>4zxE+JCt :[ȓpe%s@B>ZZ5-PYJZpd(z&}G㇮ _P< Fd&*T~!\xYRzVΠ7/n2=1O~m\ev70pZ&#<=ܕ[2ec &scd{ W͝⠑83"vHcGyn_=A(Sc0'S A7GZ*EX!7I#̸y×hw' o@@B-5bIs ΚkY1a2I8K{aU%M-XƏ5@j,w U!ײZiT(֊Z{ =2a浕$}?v[FIOSI׺!g;.!WXy*?q놚1C:ɹT) %`jZ#0 隆c} ( JN-ݣ $d0JE?&ʠK Ś8`<&ьR!49~re!%[ ir2=UgapN++y48'ovvvw01A AA2@"JC߱?%r4F:w~ݕDw;?\uZR,ؓ@:iv;g_ kK;N0v >ο,ЇR)؝|ptޒ:6NeB dA $ȅ XMpk#fNju?Hmv>^ W2?lO4r z]ۼ9_>.uCr9oK^ Q\Cvyp~yU8B"DYy{ly\3amF 'EL_=8I]VPà@ c]ڗX9x?q!I'k&7]?\;_aߪ,$"0!WktvZE9{B*/Κ_ki9h9 `E/ԩ #aDrIGzRFdVwD$G1_vR-[I7c+d$c=^/8ʚ'=?VOju>!/+g>48r㿜y݇$M Pxc|.A)H7ܾJ: S0QJ"g8E;)~ڰ/KW(^Hc˹={v@Iu[=HTP6'in&.s5Kb.ȔRJ4:A2ZX=IҲYGi!M$_U'0㓘PV iwɂ/#'59۴< .t?l6V"#6 .VMG_8_`tgB HY)o8-yb}@N᪖}+ ŏy=Zc:M{? "r@N~A=VW%vLݛf0zߺ3^Ɠ`'q" he֩Ҋ<}uкŝB ?ݡMo5unBd5Qx.ves:S^>8Vc"NejGUKzgQH?'8F,J3 QL2U1gRj☱TKe2(lvec<= @ǁ6ERWĵ)XժZ_.WJJP_1:y St@DgL|% q8|4UmEU^̻7 TP&oea0Ȫ"a,/0LUwy9ZV3(OU!# a!WArOE-خdoJV"+ZZ;c'4oRd%JK]WJ18 "*깐ذ#UqS*=EEq$P4@[ϯ]6\J#bگ!UX,}P dEB#~ (^O!#*+?MpD Wa8ciRsLC2}؛`LivpfLWU J-$h@OB{,~"#J0د2_[a>9}6%T8M0 N|NcfiX*@% d0 d΁&Lzb~)r|vDظK Kyg/5 ]&p X33Tbч7!,py.pHZ ՇGشsnJY\Jٚ}Y\7 ~[g09"-x бyR\|% ~!Lyo{*aa_rG i +/׶skQcB  (J`Xi<ꆔlv$f&c~FN7} wJ/5!ia>|kΦ1 DA$0$H؋Pًk*oHsftXC[a31 >pIXKMP@-q )RN&2nR'j,ni.)sl< l{ t41 l1pЛ A ',TxnŗKAa pd| kmLAdbtlb\{鈎=9RT +ǻΐ {vckm Y-I2J ![ǸJW/u漏A5Rد5$ o9{OW"@6Ut!{@7g3H sGzJx& >/Uױaz#ͧkx!' /xwCH럎ACHZwSwSwSwSQf xU\ A8XhAXQw\kstCW7dcRkTav\cgi˝76:G]}gXSIܰVP@5Q/n/Ce'5:fY+R Kx ƿ2::8r_|k/vQ02Xh{ mYoa8FK3I"{iB!ߤPm†ű6qxV/W4ׅ dE kk97t)b۬\(d/dwbr,H˼v5Ղ= ʬkX$Q1 ƹ;jc:EX1̭[ gnGTP&j_E` =yW`Av|woױw1~ _-pnx@V*iS&p6]?r Ecچbkc6>i:^H0L;vCeꌡSٿe]S =T_ ӛhgP7 c%\kcʧ!i3Opl B^x~XPAft~Dy̢jSf i!:&M?ʼ1՟oG~RJq'zJd\ 4;8q'|l% j~d_<:?%8ȸQ>KBH5Q΅-PxwND-?e#~EZsʑmOKcOU3s䏅L7o/.qHjXy&GUR] sTeQOǝe$'zNUsJN(+aZ +I#샒=%hM? ,QxM)DsnN+?:(YX,oT-D]Ԓ3rh!d1g$-:s^`ci*pM[.{9YMtP/0ǏyXԾ1zΒLqʹG[VjYIva~X bx +'٦ l{Rp`7b:, <+sY%00وbmtI5\P] a,bF+ .o2FcS+AqeB!q"Q/@@L5F H 4w#L#P |B:C7݋OxRjQw>6<|mxwCw-u5b,@+>*N@ &^FS^&&MFo^oIdg_8}xxm@ "s?"IIRG $yA'-bWd"$@>_Ѿj?"=4;g}?k>ZxX2b/h;s&\`#oga "Ӡ?at `! ȅx .]Q=n6X^G\n|I7o8gkH0jCL9 _󾲯1 sA~b #:́ lnZv9F(<"mGg~q79i[ 45`A'x DxfxwIQ!9S":%L[lELNy9 KmE ^炱1rO T-C@a=Q#3(yW@BEt]\"@H>Q|נР??'~e O,)awSa/n ` 3 u|``yP0л;kLo?faP/nF@ 33g;.l9t:WeOLg>򳉑{ts9wsRS¤vxT+=<' .yHcI ^iN4_\U ޯֵ} >E;oJk%ꋲ3 dz1#+ȿMfF~{H-A O?' NqYiVF>?t3_ 3VF7c~0noO賛A]n}"g3?ӌ@?2ȇ=Ϙs 9;Ϙȟ^|eȗ /~.3gg7Ƞ _?}}ʠϐ9+9c|3wWY@W{_ewAɵN2!ofY7NOo\8G\(^YOY:?߇ yVQ ?^`ekxsfg{%;k?_;ǽVr_!4.5Pg޲giUviAưx.6Q^/TZ+ޤca.a 3l>VLY[lOмz'ϊJܓs+Z`~J\]ds+e|UfE+tjO1&ϋR<=swzP8xZLԸ"GpkQV =<5+{zY~8=e*Hy6h~hD{>'K*8uߜ:H4l?RK$A^̓޹O1%D -B}58]WiPp8w&%סf uDߑ:ɹT) % J\ܑN.0mzGS=ˈZUEVjro9 lKU|((R|F!e~iīQsoQ^ܵI N* Xm0 kQ{ԯbv'U"zOB:P'GǗX`w|,!G:9k.~YsZ?, ="_CPht'<:x6)ӅFx` tśD nǍQgśM ¾c F\ӧ2d s|L 1)IE[-ЧFFЯ 9 [*aѡ]n$lnD83i{ZN=PkmHn0#@7>^U:#k.϶{3[9!5ً+up)Հ`m[2}ݫW.2>w|1C8$" Ct9y&z_x D亂mKz=aL{~b\@p]5,HO>8#lOl,&#!)Tv$Q6ZԿug<95C}1L9 H|Q\k֊,!!1苄IMC Vj͙*q/wi᭟#n4!]?-89o%RJXHVKPsHf@-N5Nk.̿c_0E0 R[b s9Hkatѷkd9Hr%zU h&ΟZ _[ɗ?B>!p#R.Ȃ[/uG8C# ddo 1Қ1|5\}ee d|_ODx®~ axi%d閎F{dU(IU`i}^?hFq:lI ):x_+[ !J-ˬ>s¹":UXpHَ h,8/# ktǿƝMQ o.9,Bex Ϸ< v; s#+_<ҳE>v/-(G J^Q.u tleb @J >m7#T %` GYU` rǩVx{x ut+y!1v f(ɟzTq޶7(GL}ݴ(-` jk7EmYtAjA@`U3|f7ZЮs,MnSga+Ea2z(g,1Fw. Aiv! # *#f" ZL+bB؉ZsR.)C395E [}ɦGNԌnBar| jL$8 S3o|'/|A,rs*]_7;Nb‚>{PӞ_yPϸɅvѯ, !6ĊGNť?r^zk'o? I| 4/ܥ|hix0|m a%2(Wg_;N+{g,,MG.{[RXB^I2V; AHDc.VC ӳo 6N|>Goy6xTkuP)TN$7Eѓem.d_)ՊgvB[W셫QbmئdTi29J}) q˅46V[96aNw6~ȄM#^vec! (