Thursday 20 August 2015

5 Tips to Search Properly

How many times have we said to ourselves or to a coworker “I need the memo Joe sent last week on the 2Q numbers.” Now, is it still in email? Did you file it in Dropbox from your mobile device? Or is it a desktop file?  Before you start searching for the file, take a minute to think about the best way to do so.  These tips should help to make your searches more productive and convert a search into a FIND.

1.     Prepare to search: Make sure you know what you’re looking for. Going back to the memo from Joe, do you in actuality call it a memo? How can you find what you’re looking for if you can’t remember the specifics? Try and think of a unique word that will help narrow down your results. Joe is keen on using words like extraordinary, which will reveal fewer results than all emails from Joe, 2Q, which will yield a quarter’s worth of files.

2.     Use search to narrow your search: Don’t be scared to use more than one search to get your results. Search within your results to keep narrowing your list down. In this case, we start with extraordinary results, which yields files from every quarter and early quarter estimate from the past 5 years. The second search adds the name of the newest and biggest client signed in 2Q, which reduces the number of results.

3.     Learn search syntax: Using quote marks on your keyword search terms or use search terms such as NEAR, AND, OR to significantly  narrow the accuracy of your returned results. Try “extraordinary results” Joe NEAR “big, new customer’s name” and we’re getting closer.

4.     Organize your search by dates: Narrow your results by narrowing down the timeline  We know we want 2Q results, which are always released 2 weeks after the close of the quarter so narrow the search to July 1, 2015 and more recent and voila, you found the results file. Obviously, I wrote these tips to build on the one previous, but you can without a doubt, skip or combine steps to find exactly what you need without involving your neighbor in the next cubicle, your assistant or make Joe resend the file  so it’s at the top of your inbox.

5.     All the above apply to a web search plus a final one. i.e. try a different search engine. If you always use Google, try Bing, Yahoo or Dogpile and your results may vary.

While search implies carefully or thoroughly seeking something, would you not prefer to find what you need more by happenstance and ease? This can happen to you if you understand the best way to search for needed documents and other files.  Happy Finding.


Monday 10 August 2015

4 Tips to Proactively Protect Your Data

Most people are a bit contradictory in the way they think about security. We rush to lock our front doors and password-protect our PCs, but we leave the keys under the mat and prominently place sticky notes with the computer passwords above our desks. The time has come for us to take responsibility for network, data and application security. Here are some tips on how to do that.
  1. Know your network: Think about who you share your data with. Be conscious of who is on your network and what you share. An email sent to your HR person with personal information can easily be shared whether intentionally or accidentally—we’ve all hit “reply all” when we only meant to reply to the sender.
Another important aspect we don’t often consider is where we access data from (i.e. Public Wi-Fi). It’s rather simple for someone to intercept your data in a man-in-the-middle attack by first setting up a network and naming it “Free Wi-Fi;” ask restaurant and airport staff the name of the network. Better yet, learn how to tether your phone and turn it in to your personal hotspot. Also keep in mind when traveling —if you sync your phone to the rental car system, remember to wipe it before returning the car rather than trusting that the rental company.
  1. Set permissions on your data: Learn how to set up permissions to keep others out of it.
You ultimately have responsibility for your data. If your bank account is hacked, you may need to prove your password was protected and you did what was necessary to guard against a breach. You must also be careful of the apps you download and if these apps require a password, don’t regularly repeat the same one. When picking a new password, use common sense and don’t check “Remember Me.” It might be easier, but doing so gives the site or application a cookie that is open to misappropriation.
  1. Less is more: Keep your most sensitive information on the fewest number of different computers or cloud-based tools as possible.
Having fewer copies of your most sensitive documents helps protect it. While the cloud provides convenience and ability to access information from multiple devices, are you really going to need to access all your bills, bank accounts, and investment statements from everywhere? Disable Remote Desktop (RDP) unless you require these features. Additionally, it is best not to enable remote connections to your PC unless needed at the time. Instead, enable the remote connections when needed, and disable them when you’re finished.
  1. Encrypt your data
Add an extra level of security to your sensitive data. In our mobile world, this will especially help as your data goes back and forth in the cloud. While encrypting files can be a little difficult, it’s like anything else —practice makes perfect and once it becomes a habit, it is easy. Better yet, automatic authentication frees us from even thinking about it. Full data encryption solutions encrypt the entire hard drive from the operating system to all applications and data stored on it. As information is read from the disk, it is decrypted and then any information written to the disk is encrypted in turn. Without the encryption key, the data stored on the disk remains inaccessible.
The number of data breaches occurring each year, month, day even, is continuing to grow. Hopefully the above tips will help you combat some of these security breaches and enable you to take measures to keep your personal data protected.


Thursday 14 May 2015

Why Search Matters

Last week, while taking discussing SearchYourCloud’s technology, I was asked by a potential customer, "While I understand your focus on Security, why does Search matter?"

Why indeed!

The asker of the question could understand why locking down content at the document level is critical. There has certainly been enough fallout from privacy breaches on the news to make its importance clear. But they were confused about how Search is related to and important for a privacy solution.

Algorithms Are Our Friends

Search matters because even if you secure documents, if you can't locate them easily, they aren't very useful. If you lock content down, but then can't access it quickly, what is the point?

Even when we set privacy concerns aside, with the growing amount of content we all generate and use on a daily basis, it can be challenging to find what we need in the ever growing data pool. Add to it the fact that we store and share content in multiple clouds, on mobile devices, in email programs, and on desktops and the task of finding something quickly becomes impossible.

That is why Search matters. So we can locate what we need, when we need it. And get the job done.



Wednesday 11 March 2015

How to Avoid Drowning in a Data Lake


So what exactly is a data lake? And how does one avoid drowning in it?
An excellent questions and one that on the face of it is relatively easy to answer. According to Gartner:
The growing hype surrounding data lakes is causing substantial confusion in the information management space, according to Gartner, Inc. Several vendors are marketing data lakes as an essential component to capitalize on Big Data opportunities, but there is little alignment between vendors about what comprises a data lake, or how to get value from it.”*

Gartner sums it up quite well. A data lake is a marketing spin on Big Data. It is another term for basically the same thing (i.e. lots of data), although those talking about lakes would say that they are more contained and easier to manage than Big Data. I suppose this could have some element of truth, if it were not for the dollar sign that has just been placed before the term! To sum up: A data lake is another Big Data term, but generally used for a smaller chunk of Big Data. But still a lot of it! So data lakes really are Big Data. I hope that has not confused the issue!

Now on to the more pressing issues around Big Data and data lakes. How do you manage them so that you are not overwhelmed with the amount of material at hand?

Over the last two years there has been a lot of hype around Big Data use. Hype that says all of this data can allow you to grow market share, help you build more responsive systems, or can even help predict the rate of flu virus spread. But, this has only has been found to be true in a very few cases.
Generally the hype around all of this data has been just that, hype. The promised land of sales growth or better customer experience has not manifested. Instead, we have a large number of organizations paying a river of cash to a smaller subset of suppliers for statistics from data that is in essence useless because it’s in the form that the statistical model dictates and has additional data points added. This is not to say that the data itself is useless. Rather, that how we have so far been using it, has little or no practical application use to the purchaser due to its format.

Remember the old adage, “You can make statistics mean anything you want?” Well, add millions or even billions of data points and then create your statistics and they will say whatever you like. Set your proof points to be ‘x’ and you will get enough of them to prove it. Whatever pattern you are seeking will appear because the data universe is so large. This is when you have truly drowned.
I believe the best way to manage and use this data is to make it in to bite-sized chunks. Let us leave lakes well behind and start to talk “puddles.” A data puddle is easy to manage. When was the last time you heard of someone drowning in a puddle?

You have massive amounts of data – yes. But your customers are individuals.
The true power of your data lies in the small puddles about individual customers or users. Those pieces of data that can say, “Last week Jim used 140% of his allocated resources.” And lets us discover “Why did Jim’s use spike? Does he need an upgrade? Or is it a one off?”
Now we can go back and look at some historical data on Jim and create a smaller set of information about Jim and maybe those others that are directly associated with him or her. Once we have this data, we can start to see if there is a pattern. And then we can start to harness the information that we have.

Instead of imposing patterns that may not exist, it makes more sense to extrapolate from smaller patterns to larger trends. By analyzing smaller, more relevant sets of data, we’re putting our data to better use and using it to increase our bottom line.

So to sum up: I believe the best way not to drown in a Data Lake is not to have one. We have masses of data at hand, data that is really important. Data that is Big and data that takes up Terabytes of storage. To truly harness this data and not drown in it, we need to start from the basics of what we are looking for and seek it in smaller, simpler sets of data, not take it all and try to fit it to what we or someone else wants us to see.

* (Gartner Press Release, Gartner Says Beware of the Data Lake Fallacy, July 28, 2014, http://www.gartner.com/newsroom/id/2809117)

Lock Up Your Data and Throw Away the Key Store


Our passwords, credit cards, and email addresses are under siege daily as cloud store security breach headlines continue to hit the news.
In a lot of these stories, the data in question was encrypted. Not just hashed but truly encrypted with keys, presuming that unless the thief also manages to access the key store then your information is safe.
But safe from whom? If a thief, then yes. If your keys are themselves secured, then your information should be safe.
However, in my experience, most hacks seem to come from an internal source, such as from an unhappy employee, an ex-employee who was sacked this morning, or an employee who has an axe to grind. The disgruntled employee can use inside knowledge to share a virus, share documents with rivals, or misuse company and personnel data. If this organization is a cloud store or service provider that also holds and owns your encryption keys, then in any one of these cases your information is far from safe.

The recent stories about the sharing of celebrity nude photos and emails has caused individuals and companies to wonder about the security of data stored in the clouds and ask such questions as: Is the data encrypted at the server, while in transport? What level of encryption is used and how much authentication is performed?

As that employee could also have access to the keys to the cloud store, and then your data is no longer encrypted. This is not as far-fetched as it may seem. This has been the case for many breaches over the past few years. It is, however, hard to substantiate that statement as the industry resolutely refuses to talk about breaches “for security reasons!”

And what about those scenarios when a government or legal authority decides that they need access to your corporate information? This is not necessarily theft, but it can be unwanted access. According to the US’s Communications Assistance for Law Enforcement Act (CALEA), a communications provider of any size must allow government agencies access to data. The service providers are not told why the data is needed, only that they must comply.

Government should have the right to do this. In fact, I believe them when they say that having this right has secured us all from many security threats. The question here though is one of accountability. If your supplier owns your security, then they are obliged to pass over not just the documents, but also the keys that allow this information to be decrypted without your knowledge.

The issue is not that the government has access; the bigger threat is lack of knowledge about where corporate data is headed. If you had ownership of your security, then the government department would come to you directly, giving you the opportunity to directly pass this information across with full knowledge and the accountability that goes with that.

In summary, if you pass your security to a third party, and they own and store your encryption keys, then you have lost control of your information. It is imperative that you own and store these separately from your cloud suppliers. If you do not, then your information can be stolen or subpoenaed without your knowledge. This in turn could cause you both monetary loss and possible customer embarrassment.

How to Avoid the Most Common Mistakes of Implementing Big Data Solutions


Ok, we agree that you don’t have a Big Data problem, but you do need to manage and extract value from your ever-growing data sets.

And we agree that unnecessarily complex approaches to dealing with data hinder our ability to create value. We don’t benefit from complicating the solution.
Big Data solutions can leverage enterprise data to build market share, develop more responsive systems, and conduct more effective research, among other things.

So when you find yourself in need of purchasing a “Big Data Solution,” what can you do to minimize the risks and maximize the opportunities afforded by the project?
Here are my top 6 recommendations for avoiding the most common mistakes of implementing Big Data Solutions:
  1. Choose the correct partner – Whatever solution you choose, the technology will outlive the tenure of the team choosing it and the CIO blessing it. For the investment to bear long-term gains, you need to consider the solution that can best adapt to future needs and uses.
  1. Fully plan the project before implementation – It may sound basic but it bears repeating, plan the project in advance. This allows you to identify project owners within the organization and address project risks in advance. You can consider current needs and uses, but also consider future applications. It helps you choose the right partner (see above) and it helps ensure a successful roll out.
  1. Remember: Big Data is NOT just about the analytics – When choosing a Big Data solution, there are considerations beyond the analytics that often get left out of the decision process. Beyond analytics, it is important to plan for data capture, search, sharing, storage, transfer, and privacy, to name just a few considerations.
  1. Account for live data AND historical data – Know which of your project stake holders require access to live data and which will need to work with historical data so you can plan accordingly.
  1. Keep the data accessible – Your data is only valuable to you if you can access it readily and work with it easily.
  1. Remember to secure the data – Yes, you need to access the data easily and readily, but if it’s not secure you risk exposing enterprise assets. Is any of your data being stored in the cloud? If so, is the data encrypted and at what level? Are the keys secured? These are important questions to answer as you plan the project in order to ensure the security of your enterprise information.
Good luck!

Searching For Productivity


People use cloud storage for their work documents because it makes working remotely and sharing documents easier. Period. They generally don’t consider the security of the documents in the cloud store, or if they do they probably consider the potential for loss to be small and a reasonable risk given the benefits to their workflow.

This is why, as a TechCrunch article recently described, the cloud isn’t going anywhere. (Why the Cloud Isn’t Going Anywhere by Arsalan Farooq, is it the end of the cloud as we know it?)
While the article describes a number of solid reasons that the cloud isn’t going away as a work tool, even given the recent highly publicized security breaches, I think the main reason is because it streamlines workflow and makes work life easier. It does this in the same way that finding the exact information you are looking for, at exactly the moment you need it, streamlines your workflow and saves time.

We use search because it is so much more efficient than seeking a document manually. It only stands to reason that applying Federated search to the post-cloud work environment, where we have files stored in multiple places, is the next step in increasing work productivity. Federated search is a natural fit for working remotely and from various computers and devices, especially when some of the content is stored in the cloud.

Federated search, or the ability to search multiple sources, organically supports workflow in the manner that we work today. If we increase the accuracy of our search and search within files and emails that are housed all across our cloud, even better results and increased efficiency results. Search becomes an even more powerful tool for simplifying workflow, just like using the cloud. Bringing the two together makes the cloud work for us.

But we ought to address the privacy issues raised by using the cloud, especially since the cloud isn’t going away. We shouldn’t accept that a risk to our privacy is a small price to pay for increased efficiency. We should enable both elevated security and powerful search to both increase efficiency and protect our digital assets when working in the cloud. This is why an integrated search and security tool makes sense given the way we work today. Not only is this not the end of the cloud as we know it, it is the beginning of an era of encrypted search that protects our assets and streamlines our workflow.