Skip to navigation
   
Simon Bisson & Mary Branscombe's Blog
RSS

Is your information management as good as Amazon?

By Simon Bisson & Mary Branscombe in Editorial

Posted in Server, Security on July 19, 2009 at 7:23 pm

Permalink | Author Profile

Amazon’s withdrawal of ebooks by George Orwell seems positively Orwellian; ‘owners’ of the ebooks on Kindle woke up last week to discover that they should have read the small print. All they had was a licence for the ebooks and when it turned out that the publisher didn’t have the rights to sell that licence to Amazon to sell on to customers , Amazon revoked the licences and issued automatic refunds. A seamless if disturbing experience that proves that one cheap ebook reader from Elonex does not a mass market make. But if you needed to update a company price list or redact internal guidelines, could you do it with anything approaching the same efficiency?

A rich permissions-based licence system (as opposed to a simple encrypted, here’s one key and don’t lose it DRM system) gives content owners a lot of control. A writer could give away a free chapter with a discount code, give away a 3-month ready copy that you had to pay to keep or have their backlist turn free for a month every year or whatever incentive model they wanted to try out – and they could change it if it didn’t work. Can you even block last month’s price list from being sent out by accident?

The Windows Rights Management service in Windows Server is a start, coupled with Office and SharePoint (one of the reasons Google Docs isn’t as scary to Microsoft as the free Office 2010 Web apps might make you think). Keep pricelists in a SharePoint library set to expire after 30 days and people will have to go to a lot more trouble (extracting and resaving the information) to use out of date prices than to get current ones. Sure people can photograph the screen or read the document out to an accomplice over the phone. At that point you’re dealing with malicious behaviour rather than the simple desire to do your job that is responsible for the majority of information leaks and technology isn’t the right solution. But if you’re doing modern security and reperimeterisation (the perimeter isn’t gone, it’s just around the data itself), you need to think about information in terms of rights and licences, not bits and bytes and firewalls.

-Mary

12345
Not yet rated
Loading ... Loading ...

Previous Post | Next Post

 
 
Comments
This article has no comments yet.

Make a comment

* required

* required

We stop spam using reCaptcha.
Type the words below and click Submit Comment.

   
Tag cloud

accelerator hp microsoft research exchange server augmented reality Quest social networking Tripit macbook netbooks Vista screen consolidation Acrobat Pro M&A windows server 2008 r2 965 flash drive Numenta Safari Dopplr vmware semiotics traffic lawsuit Ask.com hierarchical temporal memory Asus CUDA spam fighting Enterprise 2.0 O2 mobile data tariffs WPF Pal Embarcadero Protected View case disk space beta docking station pixetell productivity CERN MRDA mobile ofcom network data Girl Geek Dinners installer GPS Wimbledon gameboard bandwidth keyboard moscow pre-boot disaster recovery regulation mobile network fingerprint MAX setup OpenID xT9 meaning 2009 SapphireSteel Verbatim hard drive display AskEraser green printing microsoft security essentials Windows 7 vs Windows Vista collaboration WWW task bar Fire Eagle verdana Jeff Jones BlackBerry pgp EMC open legislation thin client forensics etech RBL Delphi demo09 Netscan advertising tablet mobile working Lenovo windows 7 privacy Salesforce macro magic laptop Tom Hogan business evernote switch maps virtualisation hardware mysql WinHEC Internet email Apple wildfire support ipsec nvision08 sun netiquette encryption SSD icons twitter london machine learning RAZR AuthenTec gabriola media MING QWERTY ipv6 hdmi Web 2.0 radeon Crossfader migration electricity price congestion charge robot HTML 5 Smartbook WEI aws search direct access Google IO wireless USB Mozilla Wyse power cuts ruggedized IT value education workflow media center calit2 HP Mini-Note smartphone wave Trend Micro identitity geocaching Reqall utility Intel geneva rc BitLocker enterprise TSA flex information VSSAdmin android html g-1 Previous Versions geek tourism conference wifi CPU patent MIX fibre AIR EEE history data loss security storage green IT SMB 2 Windows Server patch Tuesday anti-trust GPL iPhone parallel computing Credentica hyper-v dual boot g-2 Bing uninstall transcoding NAS Live Mesh Bill Cheswick camera NexT benchmark innovation DSL ultraportable venture capital Magny-Cours Seagate RSS search database codec RIM Google Spreadsheets catalyst disk thermo open source mobility Adobe flash Loki 64-bit d2c LHC anti-virus Treo Pro office politics social engineering troubleshooting accessories logitech griffin multiple monitors greenplum GPU Windows Server 2008 dual display cold fusion Opteron offload virtual desktop DLP Express Gate credit crunch dvi whitelist designer isps downturn Nuance cosmic rays information cards police atom business model MacBook Air Google LiveID people web2expo HSDPA system center Moonlight identity theft Internet Explorer 8 CIO network battery life MWC T-Mobile power saving bug lockdown voice recognition beta test Xobni no signal NVIDIA hacking Firefox TechEd 2008 adfs context data loss prevention Opsware ClipMate winhec2008 Tablet Kiosk terabytes Qualcomm user experience Trolltech mobile national museum of computing amherst ikea competition 2.0 ec2 system management security paradox Gartner routing enterprise architecture Microsoft citrix installation mainframe turing SKU Toshiba Portege R500 processors HMT Large Hadron Collider streaming media safend wes it pro AMD oracle annotation goview Skyfire Frauenhofer bbc iplayer identity metasystem anti-patterns bolt windows Linux mobile Linux christmas emulator market share Windows Mobile microsoft research cisco OEM conferences ucsd utilities Silverlight Tablet PC Location Motorola connectivity lost server bugs deperimeterization usb netbook Hugh Thompson Itanium RIA performance project Eee PC Netscape gaming business technology optimisation navteq office cloud development IM hibernation TouchSmart Barracuda appstore exabytes mapping colossus SBS international roaming fonts Tombstone Objects private cloud amazon wubi yahoo web 2.0 expo BBC navigation iPass spam apps OFCOM Secunia video teched remove back HTC screencam active digitiser CardSpace business intelligence pen computing bea licensing DisplayLink UMPC future in review cellcrypt webkit mythbusters instant messaging natural interface .NET IO Bill Gates DOS acquisitions Vodafone training service oriented enterprise Visual Studio Active Directory geotagging tennis networks CES desktop. PC Ray Ozzie distributed computing old software isp power supply power ATI Trampoline Palladium monitor BT Sony target Hp 2710p regulations Nokia design business technology automation infrastructure interoperability images Opera city Xen outlook IDF vulnerabilities deborah adler user interface Palm fire business continuity developer security theatre culture ribbon appzero MIX08 data centre ballmerbot todo list IIW2008b legacy data tariff FUD trends bletchley park how do I get the back off? biometrics i-mate moblin relocation Greasemoneky management control panel IBM visualisation mash-up data centre transformation OQO upgrade cloud computing cam Clear RX HSPA mscape claims analytics Ruby merger Java IT policy phone management clean install Mercury browser eu Facebook fingerprint scanner MacWorld 2008 server sprawl october Chrome DOSBox fault toshiba Mono co-processor mms 2009 numbers backhaul futura Gears bombe tele atlas applications T9 p2v politics secure cables phone settings IT transformation high performance computing rtm SP1 demo ports Jeff Hawkins information rights management gamer Corsair NGSCB ANR quiz BES application compatibility Beacon web drivers Internet Explorer mobile broadband office 2010 Mark Hurd ubuntu optical interconnects O'Reilly virus Google Sets rich client ADFS 2.0 3G Windows Live malware cloud service google online applications telecoms cracking CTO IT automation Ruby On Rails Tim Berners-Lee Dell software community hold music RSA 2008 ontier insert SIM firewall public cloud Volume Shadow Copy Istanbul timezones voice ProCurve
Advertisement

   
Archives

   
Most commented posts

   
Highest Rated Blog Posts

Advertisement