Enterprise 2.0

Enterprise 2.0 is the use of social media and social networking tools in a business setting. Sounds easy enough but Enterprise 2.0 is so much more than this. The term was purported to by first used by Andrew McAfee (a professor of IT at MIT and Harvard) in the spring of 2006, although there are others that are sometimes credited with coining this term. Whoever first defined and used Enterprise 2.0, the main idea is to encourage employees to exchange ideas, learn from each other and become more independent learners. Some of the tools used in Enterprise 2.0 are blogs, wikis, and in-house social networking sites (similar to Facebook).

Legacy systems, i.e., the internet or web, impose structure prior to use by employees, where Enterprise 2.0 encourages use over structure. Before continuing to discuss Enterprise 2.0, it is beneficial to know what Web 2.0 includes, as Enterprise 2.0 is often contrasted with Web 2.0. Web 2.0 is defined as the development of applications to allow information sharing and collaboration on the web, i.e, it allows internet users to interact with one another rather than just passively viewing information.

Enterprise 2.0 vs Web 2.0

Enterprise 2.0	Web 2.0
Internal facing	External facing
Behind the firewall	Open to the world
Business	Social
Knowledge capture	Sharing random things/thoughts
Wiki, blog	Websites
Productive & Efficiency	Time consuming
Reduction of email	Email producing
Collaboration

The emphasis with Enterprise 2.0 is collaboration and information sharing within the business or organization. Some possible uses of Enterprise 2.0 are: profile pages for products, an online community within a business used to find someone within the business with a particular knowledge or skill, RSS feeds to keep employees informed, and wikis for company documentation.

The most important aspect of Enterprise 2.0, in my opinion, is keeping everything behind the firewall, i.e., the documentation is not available to the world. This is especially important to keep intellectual property protected. Another important thing is to be sure the information and documentation sharing within the business/company is correct. This requires someone within the business to actively monitor and edit the wikis to be sure the information available is correct and accurate. If employees use the wikis or blogs as a resource for information to provide to customers/clients then this is especially critical. And if I am honest in my evaluation of Enterprise 2.0, I don’t see it taking the place of more structured processes and documentation because of the risk of working with inaccurate and/or misleading information. I think using blogs within a business as an informal way to seek opinions or subject matter experts would be one of the more common uses of the tools included in Enterprise 2.0.

In our MIST7500 class, we talked about and used several of the tools included when talking about Enterprise 2.0. Most notably are: aggregations, blog sites, wikis, social media, and application programming interfaces (APIs). We had class assignments to set up and use aggregations, whether RSS feeds or news aggregation tools. We also had to establish a blog that we used to share our experiences in the MIT program in the Terry College of Business. We also used our blogs to share research and to share interesting information with other classmates. This is similar to how a blog would be used within a business, I imagine. We also used Wikipedia many times when researching different topics during class discussions. And when I have to research something I often begin with Wikipedia and then search blogs for additional information, especially for internet technology topics. Even though I use many of the Enterprise 2.0 tools, I don’t always trust the information, you might say I use the information but I verify, verify, verify.

The end of the semester

My goodness, where did the time go. It seems only 2 weeks ago that we were entering Room 108 for the very first time, some people knew each other but most did not. I was very nervous because I don't have an IT technical background, I have a business background. I have managed programmers and you do pick up some bits and pieces of programming but not enough to "talk the talk".

What a difference a semester can make. Now I can "talk the talk", most of the time. One of the most amazing things was the willingness of my class mates to help me get up to speed in using the software and techniques needed to accomplish the tasks assigned in the Internet Technology class. My class mates are awesome! I hope I will be afforded the opportunity to repay their kindnesses when the business and project management classes come around.

Java

This past week in both my classes we discussed and/or used Java. I was very nervous going into this because I have not used Java since finishing my introductory classes about 4 months ago. And in the course of my work day, I don't have the opportunity to use any programming language other than HTML. But to my surprise, I was familiar with just about everything that was discussed. This is a big deal because for everything else we have done this semester, I am the one that has brought up the tail end (basically I have been clueless). But I on this I think I know what is going on!

Another interesting thing I learned about this past week is Google Wave. Right now it is by invitation only and I sure wish I would be invited. Google Wave is "an online tool for real-time communication and collaboration." Some of the suggested uses of Wave include; organizing events, group projects, photo sharing, meeting notes, brainstorming, and interactive games. Basically, it is an online realtime product to be used any time you need to collaborate or communicate with someone whether they are in the next cube or across the country. Several of my classmates were invited to "join the Wave" and we had a brief demonstration. To me it was similar to a webinar but more interactive. I really like this product from Wave, and as I said before, I can't wait to use it!

Net Neutrality

I had not given the concept of net neutrality much thought, only giving it a minimum of consideration because of possible Congressional intervention in the internet. Don't get me wrong I am all for everyone having the same opportunity and access to the internet. However, I am very much against the enactment of laws with the creation of agencies to give everyone the same internet access. The proponents of such legislation argue that without laws the internet providers will increase the costs to use the internet based on your usages. I don't find this to be a big deal. Right now I pay for electricity, water, and natural gas the same way. I don't expect to be given something without me having to do something is return, in this case pay a fee. If I can't pay, I won't use it.

Another thing I am concerned about is how and who will pay for the oversight required for net neutrality. I don't think the people in Washington have given this aspect of et neutrality. Ultimately, the people will be the ones footing the bill for this through increase in taxes, or if internet providers are required to provide access to everyone then the costs of this will be passed on to the customers. Either way we pay.

Bottom line, I don't like government intervention into more of my private life. With net neutrality, the government could monitor my internet usage and at the same time read my emails and see what sites I am looking at. It scares me because this is what happened in the old Soviet Union, government monitoring and intervention. Don't get me wrong, I don't have anything to hide and if you ask me I will tell you what I do. But don't snoop, just ask.

iPhone Development

In this assignment we are to look for sites that discuss the best practices for developing Web sites for viewing on an iPhone. This sounds easy enough until you begin the search. The most obvious and one of the better sites for this is the iPhone Dev Center. I realize this is sort of cheating but when looking for best practices why not go to the source. And in the process I discovered that the Apple Developer site is a really good site. It has information on working with viewport (what is viewable on the iPhone screen), CSS for good iPhone pages, Webkit and iUI. And the surprising thing is that Apple, more times than not, will give you the code to use to make your web site viewable on the iPhone. But using only Apple for iphone development best practices is probably not the smartest thing because it is only one view of how things should be, admittedly, it is one of the most important sites but it shouldn't be the only site to use.

Viewport is not specific to iPhone development although I thought it was when we first started working with it. Basically it is a tool to be used to mimic the viewable screen to display for whatever you are developing and it is used in many other types of software, i.e. CAD. I couldn't find a site I thought was useful other than the Apple site for working with viewport. I am still new to coding so I have yet to learn which sites are reliable and which sites are full of baloney.

I was successful in finding a blog about CSS for good iPhone web pages, www. cssdiscussion.com. The information is interesting but dated (last updated in 2007) and this may be due to the amount of information available at the Apple site basically for free. And there were several sites that proffered CSS design tips and best practices but you have to pay for their services, not something I want to do.

One of the interesting things I was able to find was that several search categories in Google combines CSS, WebKit and iUI into one search. WebKit is the development tool you use for iphones. iUI is short for the iPhone User Interface. Most of the sites I found were fee based sites and I didn't bother to look at most of them because I was able to find the information I want on the iPhone Dev site. And I realize I am beginning to sound like a broken record but if it's not broken don't fix it.

There are so very many sites available for iPhone development, some good, some great, and some you are better off not paying any attention to. The trouble comes when trying to determine which is which. Once of our first assignments in our Internet Technology class was to sign up and participate in a news aggregation site. I chose Google Reader and then by some stroke of luck I added a site to my subscription called 'iPhone Development Tutorials'. This is one of the best sites for learning what others have done with iPhone development, what worked and what didn't. To me, this is a great beginning point for new developers to learn about best practices.

Findability

Findability-defined by Peter Morville in 2005 as the ability of users to identify an appropriate website and navigate the pages of the web site to locate what the user is looking for. Basically, knowing what you want to find and then finding it. Simple enough of a concept but putting this concept into use is a bit trickier.

Search engine optimization (SEO) works to position a web site at the top of search results in a search engine request, and being positioned as high in the search engine results is the goal of SEO.
The higher a web site is listed in the search results the higher the probability a user will go to the site. Going back to the definition of findability, a web site has to anticipate the words and phrases a user will use to search and then incorporate these words/phrases into the web site (search engine optimization), simply said SEO enhances findability. This works only is the user knows what they are looking for on the internet.

How does a web designer, developer or writer determine what does or does not enhance findability? This involves several interrelated things. The site has to be designed to be useful, usable, accessible, and credible. All these add to the findability of a site. And findability is not static, because users are not static. This means that a web site must not remain static. This means that the developers and designers have to continue to monitor the web site through testing any proposed changes to see if the changes increase or decrease the findability.

Search Engine Optimization

The assignment for our midterm paper required us to research and write about search engine optimization and search engine marketing (SEM). So for the most part, our class has a basic understanding of what these terms mean but having the opportunity to talk with someone who does this every day is invaluable. And last Thursday we had this opportunity when we had a guest speaker come talk with us who has several years of experience in using search engine optimization (SEO). Not only is David knowledgeable but he was willing to share tips, insights and best practices for us to use when designing web sites so that they are positioned as high as possible in search engines, i.e., Google, Bing, etc.

Without going into much detail, SEO uses keywords and images on web pages so that search engines will list the site at or near the top in search results. I always thought that SEO and SEM where opposites when dealing with web site. However, as David pointed out search engine marketing is a broader term that encompasses search engine optimization and pay per click (PPC). Search engine optimization is called "organic" because it uses the keywords and tags on the web site for placement in the search results, where pay per click (PPC) is just that, the web site owner pays for placement on a search engine page and the cost is based on the number of times the web site link is selected (clicked).

There were three things that stand out from listening to David and his wealth of knowledge; (1) when deciding what keywords or tags to use, if at all possible, run a comparison between possible choices to see which one will work the best for you (or your client's) website; (2) be very specific in choosing keywords, often times a plural of a word will cause the web site to be placed lower in the search results; and (3) to have more specific search results use quotes ("") around the search phrase. These three things all seem to be "no brainers" to veteran web designers but to me they are a big deal and probably I would not have thought of them on my own.

I wanted to be part of the current MIT class to learn how to manage internet technology projects and programmers. However, the more I learn about the internet and how it works the more excited I become. I want to be part of this technology, hands on, not just an a manager. The guest speakers we have heard in our classes have been awesome! I still have such a long learning curve ahead of me especially in the coding side of this program but I am definitely up for the challenge.

MIT Class

It has been a very busy week in our MIT program. In our Internet Technology we used the JavaScript to write a small application to run on the ebiz server and display on our iPhone. I am not that good with Java but I could follow along with what we were supposed to do. And surprisingly, my JavaScript worked. However, I did learn several things to do when working with Java, or any programming language.

Java uses opening and closing tags (so does HTML & XML) to tell the program running the code what to do. And you have to use the tags in a set or your code won't compile and run (it will have errors). In my Java classes I always left off the closing tag, not always the same closing tag but I would leave off a tag. In last week's class Dr. Piercy told us that when working with tags, brackets or parens, always put the set (opening and closing) tags and then put your code in between the tags. This way you don't have to worry about missing a tag and you won't spend time looking for the error in your code. Trust me, this will save you an enormous amount of time looking for errors. This tip to add the tags as a pair rather than one at a time is very basic and something that I would have never thought of myself. In the Java classes I was so intent on getting the methods right that I didn't even think of how to minimize my errors. My goodness, I love this tip.

And the most important thing I learned in class this past week is that I can write code and it will work. It is such an amazing thing to be able to write code, compile it, and then it actually works. It is so satisfying!

Best Practices for Videos on the Web

This is not the definitive list for best practices on video on the web, however, it is a good start. As I continue to learn more about web development this list will evolve.



Best Practices Checklist for Production and Distributing Video on the Web


1. Know your primary users
2. Determine the primary purpose of the web site and the video
3. Make sure the video will play on the most popular versions of all browsers and
bandwidth
4. Use streaming so that a file or codec is not needed
5. Keep the resolution of the video relatively low to allow of faster download speeds
6. Make sure each video serves a clear purpose and enhances rather than
distracts from the site
7. Be sure captions are provided for each video used
8. Be sure download time and playing time for the video are indicated
9. Be mindful of any copyright rules and regulations
10. If using a video on a web site be careful where the video is placed within the site
11. Be very careful if you choose to have the video begin automatically when the page
is accessed, make sure this is appropriate for the situation. If you choose to
have the video auto start, the volume should set so that it is not be too loud or too
soft. The video player should also have volume controls available for the user.
12. Don’t construct barriers to viewing the video, i.e., ask the viewer to download a
special software, register for the site, or log in before the viewer can view the
video
13. Provide the viewer control over the video, not only of the volume, but fast-forward,
rewind, pause, and playback size

Midterm

Google Docs vs. Zoho

I have played around with both Google Docs (http://docs.google.com/#all) and Zoho
(http://docs.zoho.com/index.do)but I don't know that I have enough information to accurately compare the two applications. If you do the comparison based on the listing of the options available with each one, it appears that Zoho is the more robust of the two. I also found it interesting that you can sign up to use Zoho by using your Google log in. You can also upload documents from Google Docs to Zoho but I could not determine if the reciprocal was also true.

From the main screen in Zoho you can access and share the following: word documents, spreadsheets, presentations, pictures, music and videos. On the Google Docs you can access and share: word documents or pdf documents, spreadsheets and presentations. You also can access and share your pictures, music and videos but you have to leave the Docs application and access another application and this seems a bit cumbersome compared to Zoho.

Both Zoho and Google Docs have size limitations, Zoho offers 1GB storage for free and then it costs depending on how much storage space you need. Google Docs has size limitations at the individual document level. Granted the sizes in Google are very large and will not impede how most people use the application, however, I don't know of very many non-tech people that really pay attention to the size of an individual document, spreadsheet or presentation.

And this leads directly to probably the deciding factor in which application to use-Google Docs is free and there is a cost to use certain parts within Zoho (in addition to the storage pricing). Free beats not free most every time especially if the differences in the two applications is minor. I think more people are aware of Google Docs and will be more at ease with the way this application works. Google Docs help screens are straight forward with backup documentation. The Zoho help screens are also straight forward but with a little less information on the screen, however, this is augmented by a database for additional help topics.

I would probably choose to use Google Docs because it is more well known of the two and is more likely to be used by my peers and cohorts. However, my preference would be to use Zoho because of the greater number of options within Zoho. And of these two, because of the Google name I believe Docs will be the most successful.

Death comes to the Television industry-or How video broadcasting on the web came to rule the world

I chose to watch Dr. Horrible's Sing Along Blog (http://www.hulu.com/watch/28343/dr-horribles-sing-along-blog) mainly because it is the one Dr Piercy suggested in our assignment. As I watched this video I was amazed at the clarity of both the audio and video especially since I was watching it using a wireless internet router, and I don't have the most up to date laptop or software. I watched this video on my laptop exactly when I wanted to and when I had to stop to take care of something I just paused the video, took care of the task and came back to my laptop. There were a few commercial breaks, 3 I think, that totaled no more than 30 seconds each which to me is a tolerable amount of time. Afterward, I thought about which TV shows I would now watch using my laptop rather than the television set. What will be the implications to the television industry of having the ability to watch video broadcasting on the web especially if people like me (middle aged woman) turn to the web rather than the family tv set.

The generalization can be made that teens and 20-somethings are less patient and more ego-centric. Basically, they want what they want when and how they want it and if it doesn't fit with their neighbor's wants and needs, then too bad. Video broadcasting plays right into this mindset. It allows the end user to download a movie, television show, video blog, etc at the end user's convenience not when a television executive determines a show should air based on demographics, advertising dollars, or whatever. And the end user is not tied to the television set. As long as there is internet access you can watch a video.

From the end user, or consumer, perspective the advantages of videos via the web are the convenience factor as mentioned above. If you have a computer and internet access then you are set. Also, this type of viewing is relatively low in cost and there is no (or very little) content oversight. The lack of oversight can also be a disadvantage if you happen to have children in the house. However, there is no guarantee that the use of the internet will remain 'free'. Some industry executives believe within the next five years we will be paying for content received via the interest (http://news.cnet.com/8301-1023_3-10364141-93.html?part=rss&subj=news&tag=2547-1_3-0-5). As television revenue decreases the search for other revenue streams will intensify and the likelihood of assessing fees on internet content will be one of the first to be explored.

From the perspective of the producers of internet videos, this is a low cost (relative to television) media and offers small and/or independent film makers the opportunity to showcase his/her work. Also, the lack of content oversight is another advantage over television. As long as the producers of the videos continue to provide what consumers want to see, then advances in the delivery mechanisms will continue (increase bandwidth, faster delivery speed, sharper video & audio) and consumers will continue to use the web and will continue to demand more content which will decrease television usage further ultimately, forcing the television industry to rethink it's current model. What this model will be in the future, I do not know.

Rich Web Technologies

During class last Thursday we discussed rich web technologies and a few of the available software applications that can be used to deliver content in a more meaningful way to end users. I found it interesting that most of the products we discussed were rolled out to the market place at about the same time. But, the products vary greatly in the features available. The application used most frequently appears to be Adobe AIR and I imagine this is because it is free, works outside the browser and works with all platforms. But most of the other applications we discussed also worked with all platforms, and with the exception of one, work outside the browser, and several of them are also free. So what gives? I don't have the answer but I think the fact that Adobe AIR works with Adobe Flash has a great deal to do with it's popularity. I am aware that other applications also work with Flash but an Adobe application working with an Adobe application is probably a big draw when it comes to choosing which one to use.

I also found it mildly interesting that JavaFX is a late comer to this party. With the popularity of Java I thought the JavaFX application would be one of the major players in the rich media technologies arena. But JavaFX is almost an "also ran" product. By this I mean it came to the market place well after several of the other applications and it is lacking many of the bells and whistles of the others. Because of this, relative to the other applications available, JavaFX is not used by very many developers.

E3 - Twitter Tools

One of the nice things about Twitter is the Twitter API. The Twitter developers provide code so that other application developers can easily incorporate Twitter into their applications. And the code is free, how awesome is this. Because of this largess there are hundreds of applications that you can use to access Twitter or data mine Twitter. Here are a few of the available applications.

1. Twitpic-this application allows a user to easily upload pictures to Twitter. This is especially helpful for businesses that are marketing new products, or want to set your Twitter site apart from all others. www.twitpic.com
2. TweetDeck-this is a desktop and and iPhone application (iPhone available June 2009) that allows you to filter and group tweets, both the user's own and other's tweets. This would be an effective application for a small business to look for new marketing opportunities. www.tweetdeck.com
3. EarthTwit-this is a web based application that you can use to update your location and/or share places on Twitter using Google Earth. This is a wonderful application that a business (especially a small business) could use to mobilize delivery people or monitor sales personnel. And another use could be a parent keeping track of a teenager, which doesn't say too much about trust between the parent and child. www.twitearth.com
4. BallsAndTweets.com-this is a Twitter baseball directory, all things baseball. A fantasy baseball team owner's dream site. www.BallsAndTweets.com
5. Twibes-a website you can use to group Twitter users based on their interests and hobbies. This can be used by businesses for target marketing, research, and many other uses. Not to mention this is a really cool name. www.twibes.com

E2 - Twitter Uses

Some of the ways a business or organization use Twitter are down right creepy, almost like the George Orwell novel '1984', Big Brother is watching.

Businesses follow what is being said about it on Twitter and respond to the Tweeter to provide customer service or enhance it's image. Businesses that monitor Tweets include Dell, GM, Whole Foods and JetBlue. These businesses have recognized the size of the potential audience and are using this social network to promote the business' brands. Not to mention Twitter is free and can handle an issue when it occurs rather than several months after the fact. However, some people become concerned by a big business following them and may actually turn to a competitor because of Twitter.

Many businesses use Twitter to conduct research both on how it's brands are being used and what the competition is doing. By following customers the business can alert customers to new products, offer coupons, etc. But these companies have to be very careful to not mis-use the trust a of a customer when it allows a business to follow it on a social network.

Small businesses are using Twitter as a marketing tool (and some big businesses too). A customer can follow the corner cafe and it's owner. Twitter is a free network, a business can communicate with customers at little or no cost to tell them about new products, sales, store hours or special events. Because Twitter is more of a person-to-person application than a business-to-business one. This means that a customer is more likely to follow the cafe owner than the business.

These are only two of the many ways a business can use a social network like Twitter. Businesses and organizations alike use Twitter to push information out to followers (or potential followers), whether this is information such as the news, or information about upcoming events.
But businesses have to be very careful not to over saturate the market with stuff and need to have a plan on what the goal of the tweets will be whether it is marketing, customer service, or research.

However, businesses have to be very careful about how and when they use Twitter, or any social network. They have to use this powerful tool carefully and wisely. Tips for a business in using Twitter include:
Know what you want to say and be concise because Twitter allows only 140 characters.
Don't Tweet too much or too little. It is important to find out what the magic number of
tweets might be so that the potential audience will reap the benefits intended
Learn how to use the Twitter search functions, this will become your friend in using the
the data available in Twitter.
Don't worry about followers. This is like the movie 'Field of Dreams', if you build it they will
come.
Look at the tweets, sort what you find, and then tweet some more.

E1 - Twitter

Setting up a Twitter account was extremely easy. I have a unique last name so I didn't have to go through several iterations trying to find a user name. Thank goodness for that. Then I went to the Help page and was a bit disappointed by what was there. I like to have help topics that detail the whys and hows of whatever the Help topics cover. But I did learn a few things about Twitter and how it works.

Things I learned from Twitter Help
1. There is more than one way to find a person on Twitter. You can search by: a name; something you are interested in such as a movie or hobby; a location; or a company name. If you want to search by location, you can search for people within a certain distance of a specific location.
2. You can enhance the chance of someone finding your Twitter entry by adding a hashtag to the beginning of the word you want a search to hit upon. For example, if I want search engines or other Tweeters to hit on the word appraisal, I would type #appraisal.
3. There are limits to the number of Tweets you can have, these are called follow limits. You are limited to: 1,000 updates a day, 250 total direct messages (sort of an instance message) per day, or 150 API requests per hour. Twitter does this to stabilize the environment and hopefully, enhance reliability.
4. You can block someone from viewing your Tweets and from sending you messages providing your profile is public rather than private.
5. There are several things that you can't do in Twitter and they are adamant about these two things.
A. Domain squatting-this means you snag a name such as ChevyCars when you don't have
anything to do with GM or Chevrolet.
B. Impersonation-this means you have the Twitter name of ChevyCars and you say you
are GM.

Cloud Computing and PCI Compliance

I get emails from various sources that relate to our MIT program. I received the newsletter below from a vendor we use and I thought it was timely since we had a class presentation on Cloud Computing.


TrustWave News Letter

News and Analysis On the Horizon: Cloud Computing Cloud computing has, of late, been a popular buzzword in the IT and business communities, largely because it is an inexpensive way to increase IT resources. IDC, an analyst and research firm, predicts that spending on IT cloud services will hit $42 billion by 2012. As more businesses look to adopt cloud computing services, more questions are going to arise. Not only about what kind of services can cloud computing offer and is it as cost effective as purported, but also more focused questions like those pertaining to security and compliance. What is "cloud computing"? Cloud computing is generally the use of hosted, Internet-accessible servers for a variety of computing needs. It can be dynamically scalable and is usually a virtualized resource. Cloud computing is primarily used in four categories: Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Virtualization Technology. SaaS is a model of software deployment where an application is licensed for use as service on demand. PaaS is when a company uses another company to host all of their applications. IaaS is a computer infrastructure delivered in a virtual environment. Virtualization Technology is the ability to transform on-premise data centers into their own clouds. Google, Microsoft, Amazon, Citrix and Salesforce.com are just a few company's offering some or all of these cloud computing services. Cloud computing is, so far, very cheap. By "renting" computer usage from a third-party provider, companies avoid capital expenditure. Cloud computing services are typically "pay for what you use," which is ideal for organizations that may have one or two busy months (e.g., holiday season) and need a larger platform just for that time of the year. To purchase cloud computing services, all one may need is a credit card. For example, The New York Times took its archive dating from 1851 to 1922 representing more than 15 million articles, and put this fully searchable content "into the cloud" using Amazon's cloud services. What does cloud computing mean for PCI DSS Compliance? The cost savings a company achieves with cloud computing could potentially be offset by additional security measures that might be necessary. Debate is ongoing as to whether cloud computing services are able to meet regulatory compliance requirements. No hard rules or standards currently exist, although the Cloud Security Alliance (CSA), a non-profit organization promoting best practices for providing security assurance with cloud computing, has issued an ongoing "Security Guidance for Critical Areas of Focus in Cloud Computing." Some of CSA's best practice recommendations for compliance with payment card transactions include: Classify data and systems to understand compliance requirements Understand data locations, in particular the copies of data that are made and how they are controlled Maintain a right to audit on demand as your regulatory mandates and business needs may change rapidly Perform external risk assessments, including a Privacy Impact Assessment However, while these recommendations may be valid, it should be noted that the Payment Card Industry Security Standards Council (PCI SSC) has not issued formal guidelines for cloud computing as it pertains to payment card applications or data. Cloud computing in practice Several companies offer resizable and configurable compute capacity, paid for by the hour or in multi-year terms. While cost and ease of use are attractive to many businesses, cloud computing may not automatically meet enterprise compliance requirements. Cloud computing systems are not inherently PCI DSS compliant, and storing sensitive credit card payment information on such systems can lead to compliance and other risks. In a recent article at Data Center Knowledge, Amazon provided information into the issue of compliance and cloud computing, reaffirming that PCI DSS compliance is dependent on how the merchant uses solutions such as cloud computing. Reaching out to customers to address compliance concerns, Amazon spokesperson Kay Kinton stated, "Under the PCI Data Security Standard, merchants regardless of their size are independently responsible for complying with PCI when they collect, process or store credit card information. When using a shared hosting service, like AWS, where the merchant controls what credit card information touches the service, the merchant is responsible for using the services in a manner that permits them to be PCI compliant, such as the proper use of encryption and key management. Therefore, it is possible for a merchant to use Amazon EC2 and Amazon S3 and meet PCI compliance standards depending on their specific implementation." However, other cloud providers are claiming to be certified as PCI DSS compliant, or offer PCI solutions. The authenticity of these claims at this time is not certain; therefore businesses enter into cloud computing at their own risk. Conclusion Potential security and compliance problems with cloud computing abound. Because of the ability for a cloud service to reside anywhere in the world, it is difficult to know exactly where the data resides, or even if the cloud provider is meeting the physical security requirements of the PCI DSS. Most cloud providers do not allow onsite auditing either. Cloud computing is an evolving IT experiment, and not necessarily an enterprise-ready environment. While being PCI DSS compliant does not automatically make a company safe from security threats, it does help businesses ensure appropriate security measures and practices are in place to prevent and deter, as much as possible, security compromises and data theft. Therefore, for the time being, it may be a best practice to not handle any credit card transactions on a cloud infrastructure. » Trusted News Home

Trustwave Accredited in MasterCard's POS Terminal Security Trustwave has been certified to perform compliance evaluations against MasterCard's Point-of-Sale Terminal Security (PTS) program. MasterCard's PTS program applies to Point-of-Sale (POS) hardware and applications that transmit card data across an open Internet Protocol (IP) or wireless connection. Payment terminal manufacturers seeking PTS compliance validation can now engage Trustwave to perform evaluations to verify that the POS conforms to standards set forth by MasterCard.

Trustwave News 09/23/2009 Members of Trustwave's SpiderLabs to Deliver Briefings at SecTor 09/22/2009 Trustwave Accredited in MasterCard's Point of Sale Terminal Security 09/16/2009 CUPDATA Validated PCI DSS Compliant by Trustwave » More Press Releases

Trustwave Events PCI SSC September 22-24 Las Vegas, NV cPanel October 5-7 Houston, TX » More Events

Opera Browser

I was not aware of a browser by Opera until we discussed it in one of our first Internet Technology classes. I did a little half-hearted searching to find out about the company but not much about the the browser. Then in preparation for our guest speaker, Molly Holzschlag, I did a little more searching and I was richly rewarded.

The Opera software developers have done a magnificient job of looking to see what is currently available, listening to end users and trying to anticipate the needs of future users and have developed a browser that delivers. I am (now was) an IE user, don't know why, I guess because it was there. Slow and cluncky come to mind when I think about this particular browser. I probably don't need to also tell you that I am a PC user too, you probably already figured that one out on your own. Since IE was slow I thought all browsers were slow and unreliable. This is not true. The Opera browser offers so much and I especially like the 'Turbo' feature that will compress the data for a more efficient download with a slow download speed is encountered.
As I read more about Opera software and the company behind it I am amazed at the increasing number of people that are downloading the desktop browser software, something like 10 million downloads of the new Opera 10 happened during the first week it was available (in early September 2009). That many people can not be wrong.

And Opera is not your typical company, they have an Education section which wants to help others involved in web, whether in development, teaching, or using the web, to learn about web standards and foster a basis for students to learn about the web and the internt industry. Of course, the Opera employees will discuss Opera products but that is not the motivation for this outreach. The company is truly interesting in providing information on web standards and the rewards of adhering to them.

Opera is the leading supplier of web browser software on mobile devices in the world. And then Molly told us that all mobile devices currently available use the Opera mobile software, not most but all. This is truly awesome. I had no idea. I previously had a Blackberry and was happy but now I know what I was missing and I will ask better questions the next time I go looking for another mobile phone with internet capabilities.

Fifth Week of Class

It is hard to believe that this week is our fifth week of MIT classes. To say I have come far is an understatement. One of our weekly assignments is to write something about what we have learned relating to our MIT courses during the previous week. I sometimes find this to be extremely difficult to do. And I wonder why. Just about everything we discuss is new to me, especially the technical stuff. I just don't think like a programmer yet. I say yet because I continue to hold out hope that something will "click" in my brain and I will switch from business to technical. When we have discussions in class about a particular programming language, for example, and there are problems or issues I always go through the project management check list in my brain to try to determine where the process "got into the ditch". Was it a rush to market, was it poor requirements gathering, was it cutting costs to the detriment of the product, and it goes on and on. The old adage goes, given enough time, effort and money the product will be perfect; now which one are you willing to forego.

In Tuesday's class we are learning about data management. This past Tuesday, we talked about using databases to track employee productivity. In tracking productivity you have to determine the work effort (how many people will it take to do x job, and how long will it take them to do it), and then allocate the work to the employees based on number of total hours, number of hours per day, etc. This is what I have done in my professional career for the past 15 years. Never once in all this time did I think about the behind the scenes data management needed to track this. Wow, now I have an example in my reality of how a database should perform. It makes a big difference when you can relate something to a personal experience. Before this revelation, database management was this huge thing I was trying to learn all at once, now I understand the process better and am more willing to take tiny bites to conquer it. I am amazed.

This entry in my blog is more journal for me than educational for a reader, and I apologize for this. But sometimes you just have to go where the thoughts take you. I promise to find something more interesting to write about next time.

Editing Wikipedia

The hardest part of this assignment was determining what subject I have enough knowledge/expertise in that would enable me to edit Wikipedia. After many hours (it seemed like) I finally realized I have knowledge about credit cards, from the issuer and the acquirer perspective. Then came the arduous task of reading what has previously been written and deciding if the content is correct, almost correct, worth the effort to correct, or just plain incorrect. And I am surprised to say, that for the most part the information contained in the article on credit cards is accurate. It is obvious some authors are more knowledgeable than others as evidenced by the author discussing the discount fees (a percentage of the transaction amount) but does not directly address the interchange fees. Basically, a discount fee is assessed to the entity that has the lesser risk in receiving payment and given to the entity with the greater risk in receiving payment. Typically, the acquiring bank pays the fee to the issuing bank because the credit card associations pay the acquirer which is pretty much a guaranteed thing while the issuing bank has to be paid by the customer which, especially in these times, is not guaranteed. An interchange fee is what the card association charges to send the transaction from the merchant to the issuer and back again, sort of a processing and handling fee.

Once I determined what I could/would edit it was a very easy process because my edits were minor. My minor edit was available real time after I clicked the 'Save' button. I had previously registered with Wikipedia so once I logged in I was set to go. I am not brave enough to attempt a major edit even though I feel I have the knowledge base, I don't have the requisite citations to go along with the major edits.

Here are the before and after shots of what I edited.

BEFORE
For each purchase, the bank charges the merchant a commission (discount fee) for this service and there may be a certain delay before the agreed payment is received by the merchant. The commission is often a percentage of the transaction amount, plus a fixed fee. In addition, a merchant may be penalized or have their ability to receive payment using that credit card restricted if there are too many cancellations or reversals of charges as a result of disputes. Some small merchants require credit purchases to have a minimum amount to compensate for the transaction costs.

AFTER
For each purchase, the bank charges the merchant a commission (discount fee) for this service and there may be a certain delay before the agreed payment is received by the merchant. The commission is often a percentage of the transaction amount, plus a fixed fee (interchange rate). In addition, a merchant may be penalized or have their ability to receive payment using that credit card restricted if there are too many cancellations or reversals of charges as a result of disputes. Some small merchants require credit purchases to have a minimum amount to compensate for the transaction costs.

News Aggregation and Its Long Term Effects

It should be aggravation rather than aggregation. Trying to determine which blogs/feeds to follow can be tedious at times, informative most of the time, and occasionally you run across someone who thinks s/he has something worth reading but it is really just a self-promoting venue. And the only way to determine which feeds are worth your time is to read them.

I think I have chosen some good ones that will help me as I try to learn good web design and web programming. I come from a business background not a technical one, so I like the business aspects of the internet but knowing the technical side is a plus that can do nothing by enhance the business side.

I want (probably need) to move away from my "comfort zone" regarding the business side of internet technology. This means I will have to embrace the technology and run with it. Who knows I might just like it. There are certainly many people in my class who are proficient in this technology, I am in awe at times at the depth of their knowledge and skill. Slowly, I am learning the language so I can join in the discussions.

Internet Technology

I participated in an internet scavenger hunt last week. I had no idea exactly how it all started. There is so much information and so little time. There is so much to learn regarding the Internet. HTML, Java, XML, and on and on. It is almost overwhelming. Just when I was ready to give up, my HTML code actually worked and I got something to display in my browser. It was so rewarding to actually see something that I coded actually worked! It makes me want to go do something else to see if I can get that to work. It can be addicting.

HTML for a Dummy Like Me

The HTML tutorials are slow but if you take good notes and don't let the slow going get to you, you will learn HTML. Some times I have lost focus but the tutorials have a replay button I have used quite a few times. I use several of the HTML tags in my job and often times it was just trial and error. But now I actually know what the basic HMTL tags can do. I can't wait to put my new found knowledge to use.

Why start a blog?

I would not normally consider creating or using a blog. I didn't see the benefit I would receive (isn't it always "what about me"?). However, being a new grad student and wanting to complete course assignments, here I am doing just that, creating and using a blog. I plan to use this blog as a way of tracking my journey through my MIT course work, especially as I learn about the Internet and what opportunities it holds for me and my fellow students. I don't know where this journey will take me, if I will like where I go, if I will even know where I am when I get there, or who will be travelling with me. But, I like to travel so here I go . . .