Archive for April, 2008

No More Data Loss?

April 22, 2008 Leave a comment

Signs abound that the previously quiet realm of enterprise DRM is now making the must have list for enterprise security system vendors. This promises the potential for enterprises to gain full control of corporate information and data even outside the traditional security environment.

Like anything else in life it often takes a calamity to jumpstart what should have been an obvious requirement in the first instance. After last year’s data loss debacle, many public and private services organisations have had to take a fresh look at how to mitigate the risk associated with data loss. The upshot of this is the recognition of a need for information control even outside traditional corporate security perimeters, a problem that is neatly solved by enterprise DRM solutions as shown in the diagram below.

Although most organisations already have some form of perimeter security mechanisms (e.g. firewalls, data encryption and authentication), many have not bothered too much with the question of what happens if and when information leaves the premises on USB memory sticks or CDRs – a method frequently used by their own employees. However, it all looks set to change now as traditional enterprise security vendors are looking at including this level of control into their offerings.

Diagram showing Traditional Enterprise Security vs. Additional Enterprise DRM

Diagram showing Traditional Enterprise Security vs. Additional Enterprise DRM

(Source: The World Beyond Digital Rights Management, BCS 2007)

According to an article on DRMwatch, some enterprise content management vendors already recognised the need to control information in this way and acquired relevant companies and products into their portfolios. However, it has taken slightly longer for enterprise security solution vendors, who might be considered a more natural fit, to start integrating this capability into their solutions in order to create a holistic offering that delivers both internal and external control over enterprise data. The hope is that public and private sector organisations will jump on board and buy / implement these solutions with some alacrity, but enterprise customers just like ordinary consumers sometimes do the unexpected. We await further developments with eager anticipation.


Note: This post was previously published on my BCS DRM Blog, where you can find the original post, and reader comments, in the archives.


The Phorm Factor

April 7, 2008 Leave a comment

Personal privacy looks set to become a prime casualty in the march towards a brave new world of connected existence. Our online interactions and browsing habits are highly desirable data that can be used by online businesses to target advertising, but just how far should they go in getting this data?

Ever since BT and Phorm secretly tracked 18,000 customers in 2006 they, and other ISPs, have come under heavy criticism; and although BT has vigorously defended its actions claiming that ‘it was not illegal‘, the question remains as to whether it was prudent, or even moral, to secretly snoop on the browsing habits of their customers. In order to appreciate the points of view of the affected parties, it may be worth taking a look at some of the pros and cons of this debate:

  1. Online Business Models – On the one hand, online advertising appears to have become the mythical silver bullet or lifesaver for many Internet business models. Whether this works for every disrupted and disenfranchised industry sector, under every circumstance, is questionable.
  2. Consumers – Overall consumers stand to gain a lot from ad supported online business models which tend to deliver online services relatively cheaply, or even free, in many cases. However, these ad-supported businesses also need to deliver better conversion rates / leads / sales per impression hence the allure of consumer data for more targeted advertising.
  3. ISPs – Just like many other online business, ISPs are struggling to stay relevant in a rapidly changing business environment which seems intent on consigning them to the role of a utility service provider. In addition they are also under increasing pressure to take more responsibility for monitoring and helping stop illegal activities online.

It appears therefore that ISPs are really caught between a rock and a hard place with conflicting demands from their subscribers (for good service and discretion); from content providers and advertiser (for good service and access to user information); and from their stakeholders and shareholders (to evolve and maintain a viable business model). However the question remains whether this entitles them to gather information about users viewing/browsing habits without explicit permission?


Note: This post was previously published on my BCS DRM Blog, where you can find the original post, and reader comments, in the archives.

Categories: BCS, ISP, Privacy Tags: , ,