Skip to navigation
   
Simon Bisson & Mary Branscombe's Blog
RSS

Is your information management as good as Amazon?

By Simon Bisson & Mary Branscombe in Editorial

Posted in Server, Security on July 19, 2009 at 7:23 pm

Permalink | Author Profile

Amazon’s withdrawal of ebooks by George Orwell seems positively Orwellian; ‘owners’ of the ebooks on Kindle woke up last week to discover that they should have read the small print. All they had was a licence for the ebooks and when it turned out that the publisher didn’t have the rights to sell that licence to Amazon to sell on to customers , Amazon revoked the licences and issued automatic refunds. A seamless if disturbing experience that proves that one cheap ebook reader from Elonex does not a mass market make. But if you needed to update a company price list or redact internal guidelines, could you do it with anything approaching the same efficiency?

A rich permissions-based licence system (as opposed to a simple encrypted, here’s one key and don’t lose it DRM system) gives content owners a lot of control. A writer could give away a free chapter with a discount code, give away a 3-month ready copy that you had to pay to keep or have their backlist turn free for a month every year or whatever incentive model they wanted to try out – and they could change it if it didn’t work. Can you even block last month’s price list from being sent out by accident?

The Windows Rights Management service in Windows Server is a start, coupled with Office and SharePoint (one of the reasons Google Docs isn’t as scary to Microsoft as the free Office 2010 Web apps might make you think). Keep pricelists in a SharePoint library set to expire after 30 days and people will have to go to a lot more trouble (extracting and resaving the information) to use out of date prices than to get current ones. Sure people can photograph the screen or read the document out to an accomplice over the phone. At that point you’re dealing with malicious behaviour rather than the simple desire to do your job that is responsible for the majority of information leaks and technology isn’t the right solution. But if you’re doing modern security and reperimeterisation (the perimeter isn’t gone, it’s just around the data itself), you need to think about information in terms of rights and licences, not bits and bytes and firewalls.

-Mary

12345
Not yet rated
Loading ... Loading ...

Previous Post | Next Post

 
 
Comments
This article has no comments yet.

Make a comment

* required

* required

We stop spam using reCaptcha.
Type the words below and click Submit Comment.

   
Tag cloud

pen computing flash drive VSSAdmin data centre battery life network geek tourism HTC OEM direct access DLP task bar national museum of computing webkit Tripit mobile network Apple anti-trust phone management SP1 griffin amazon ATI AIR O2 drivers vmware cloud culture it pro flash Hp 2710p user interface GPS visualisation p2v connectivity Tablet PC Opera exchange networks Bill Cheswick windows server 2008 r2 mobile data tariffs colossus mms 2009 security NAS Nuance cam LiveID camera GPL encryption Windows Server 2008 remove back goview media SBS ipv6 Palm RAZR Windows Mobile history mobile broadband robot winhec2008 social networking Wyse system center thin client dual boot amherst numbers beta test Asus NVIDIA advertising virus information cards Express Gate html SapphireSteel atom MING Enterprise 2.0 vulnerabilities clean install Visual Studio gamer utility citrix Xen hibernation M&A Acrobat Pro TouchSmart WinHEC navigation mobile working BBC hierarchical temporal memory phone settings disaster recovery BlackBerry cisco O'Reilly Tim Berners-Lee malware Moonlight 2009 MAX bandwidth Tablet Kiosk icons media center bletchley park mainframe ikea rtm aws HSDPA installer offload Firefox Ruby On Rails software deperimeterization security theatre virtualisation T-Mobile mobility AuthenTec nvision08 quiz mobile ofcom network disk space keyboard system management credit crunch Windows 7 vs Windows Vista open screen bugs Seagate lockdown maps Java Salesforce 965 DisplayLink EEE RSA 2008 spam green IT service oriented enterprise business technology automation legacy SSD wave wireless USB Internet Explorer case MIX upgrade futura Windows Server MIX08 web2expo CERN Opteron flex performance hacking web migration microsoft research Ask.com smartphone installation Windows Live storage Mono Itanium Fire Eagle backhaul virtual desktop 3G Crossfader Silverlight ballmerbot lost server isps WWW turing emulator safend deborah adler mapping Istanbul disk Mozilla fire rc DSL gameboard Location Bill Gates Vista meaning catalyst ANR Mini-Note support CES collaboration HMT target IIW2008b cosmic rays Internet Explorer 8 analytics accelerator Jeff Hawkins accessories privacy Hugh Thompson ruggedized office 2010 MacWorld 2008 fonts context microsoft security essentials Google Spreadsheets wildfire verdana office politics ProCurve ipsec toshiba magic community evernote g-1 adfs OQO moblin processors terabytes Skyfire display hyper-v .NET greenplum sun traffic Google IO dvi Protected View netiquette NexT business intelligence workflow pixetell images mash-up Previous Versions power cuts HP SKU designer anti-patterns consolidation conference private cloud SMB 2 isp eu oracle Large Hadron Collider ontier EMC Tom Hogan regulations 64-bit optical interconnects cables CardSpace Live Mesh Corsair spam fighting hp microsoft research mysql Gears fault international roaming gabriola appstore christmas people Motorola hdmi utilities acquisitions congestion charge Greasemoneky mobile QWERTY MRDA telecoms public cloud Linux Internet london fingerprint scanner infrastructure Beacon identitity Smartbook switch Active Directory voice recognition BitLocker apps training Frauenhofer demo09 innovation BES Trampoline BT IT value RIM Magny-Cours rich client Barracuda Safari hold music distributed computing Nokia control panel business model mythbusters application compatibility cloud computing multiple monitors police NGSCB legislation Sony routing semiotics Xobni CIO merger beta macro Bing RBL WPF Tombstone Objects logitech twitter power supply timezones venture capital OpenID enterprise architecture ADFS 2.0 Trolltech politics Delphi project teched city MacBook Air power saving lawsuit no signal Ray Ozzie Web 2.0 fibre LHC design i-mate geneva IM wifi cracking developer IT automation android data loss prevention Reqall cold fusion FUD biometrics Vodafone trends development augmented reality windows Girl Geek Dinners productivity Quest thermo moscow laptop high performance computing server sprawl business technology optimisation web 2.0 expo instant messaging docking station yahoo HTML 5 Mark Hurd enterprise co-processor iPhone parallel computing xT9 Jeff Jones Netscan social engineering cloud service google online applications office electricity price desktop. PC Opsware OFCOM Pal HSPA how do I get the back off? netbook database iPass Qualcomm data usb IBM Wimbledon future in review business Dopplr natural interface relocation Clear RX dual display d2c MWC radeon annotation TSA Volume Shadow Copy wes bombe firewall streaming media insert SIM ec2 identity theft data loss appzero UMPC monitor macbook hard drive DOSBox TechEd 2008 data centre transformation AMD fingerprint Credentica codec server green printing etech netbooks regulation Verbatim tablet Loki wubi security paradox bea Google october video Google Sets identity metasystem downturn Embarcadero windows 7 Gartner information rights management geocaching outlook Adobe Netscape geotagging business continuity DOS screencam ultraportable Palladium gaming RSS search AskEraser Mercury setup troubleshooting todo list interoperability T9 claims Numenta Treo Pro competition patent IDF Intel navteq old software conferences g-2 data tariff applications active digitiser anti-virus pgp bug hardware information patch Tuesday bbc iplayer ucsd browser GPU Trend Micro Microsoft exabytes management bolt open source whitelist calit2 IT transformation tennis ClipMate uninstall email Ruby ubuntu Dell Toshiba Portege R500 transcoding voice WEI cellcrypt licensing market share IO user experience forensics education mscape demo Facebook ports Secunia Eee PC CTO ribbon 2.0 RIA tele atlas Chrome IT policy benchmark power machine learning Lenovo CPU pre-boot secure search CUDA mobile Linux
Advertisement

   
Archives

   
Most commented posts

   
Highest Rated Blog Posts

Advertisement