Archive for RB

| December 18, 2012
Comments Off on VC’s Take on Ed Tech

VC’s Take on Ed Tech

VC's Take on Ed Tech  at GigaOM reports on an open online course on entrepreneurship in education called Ed Startup 101. During the course, Fred Wilson, a managing partner at Union Square Ventures, gave a little insight into how venture capitalists view opportunities in education technology. Union Square Ventures has invested in education social network Edmodo, Skillshare, Codecademy, and Duolingo.

skip over institutional buyers to target teachers and studentsVC Wilson said that education’s, notorious reputation for bureaucracy and long sales cycles have traditionally turned off VC’s (full video available here). But as startups have attempted new models that skip over institutional buyers to target teachers and students, investors have steadily warmed to the sector, including K-12 education. The blog cites data from GSV Advisors, a Chicago-based investment firm that specializes in education, which says that transactions in K-12 education climbed from just $13 million in 2005 to $389 million in 2011. Funding has been so strong that some have already started asking the inevitable question about whether an ed tech bubble is brewing.

Takeaways from the video

VC's Take on Ed TechConsumer tech offers plenty of models for freemium ed tech startups –The venture capitalist gave several examples in which consumer startups with a free service eventually found a path to profitability after years of venture backing, including Dropbox and Twitter. In those examples, he said, venture capital played a key role in helping them reach the scale that would make a freemium model work.  As the ed tech market expands, he expects models of all kinds – from those supported by advertising to those with enterprise licensing models – to emerge. Both Dropbox and Twitter are problematic to an enterprise network.

  • Someone, PLEASE give me a long-term educational reason to give students on-network access to Twitter that outweighs the distraction and cheating factors.
  • Dropbox is a potential data theft tool if allowed. We have seen 600 – 800 Mb of Dropbox space on user shares, then they complain when they can’t save their work to the network. Dropbox’s network behavior is annoying. Dropbox wants to check in with the mother-ship thousands of times a day. On our network, we block file sharing with the content filter. When a user installs a Dropbox client on their workstation (don’t get me going about local admins) we have seen 60,000 attempts to connect to the Dropbox mother-ship over the course of a week. Dropbox could improve their product by throttling their checking in – the longer it doesn’t connect throttle down their phone homes.

Sell to the learner first, not the institution

Work-aroundMr. Wilson says that ed tech firms should bypass traditional education sales channels. “We should compete with the existing education system as opposed to sell to it,” Wilson said. He thinks that entrepreneurs can make faster progress by bringing their tools straight to the learners and the teachers providing instruction. That’s the way Edmodo has gained its strong traction and the approach Codecademy has taken with its after-school program targeting students in schools without computer science instruction. As students and teachers adopt new platforms, Wilson said, the institutions will come around.

Gee I don’t know, sell to the end-user and then force the entire enterprise to change to accommodate a new toy, how very Apple of him. But VC’s don’t have to do the work. Maybe if he had to make AppleTV work on a network or get iMac‘s to regularly log in to Active Directory.

Vendor exclusivity is a bad thing

Vendor lock-inAs more companies turn their attention to online learning and digital education, Wilson said universities shouldn’t standardize with just one vendor but support the range of tools that faculty members choose. Exclusivity, he said, makes vendors “fat and happy” and less incentivized to innovate.  “I don’t think there’s any benefit anyone would get by standardizing on one platform,” he said.

I agree with him here, the perfect example is Blackboard. They don’t seem to want to make our life easier. The restoration process is stupid. Bring on Moodle.

Other areas of opportunity in ed tech

The VC says that his firm also thinks there are ed tech opportunities include:

  • Credentialing (Grades) Now that plenty of platforms offer courses and instruction, the next step is figuring out whether students are actually mastering the skills and knowledge that they’re setting out to learn.
  • He also said he thinks there are opportunities in peer-to-peer platforms, which leverage online communities to reduce the cost of creating curriculum and learning content,
  • Vertically focused startups, such as those similar to Codecademy and Duolingo.

rb-

freemiumIt’s not only my opinion that the freemium model is a bait and switch scam. It sucks users into a product and then does a switch at some time in the future to a pay model. But that is a VC’s take on Ed Tech, what is yours?

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| December 11, 2012
Comments Off on Disposal Dummies Cause Privacy Problems

Disposal Dummies Cause Privacy Problems

The article Disposal Dummies Cause Privacy Problems, posted at  SecureWorld Post by Rebecca Herold lays out the privacy problems caused by dumb disposal policies. The article claims that trash-based breaches are worse than ever.

Disposal Dummies Cause Privacy ProblemsThe oldest security and privacy problem, unsecured disposal of personal information, is prevalent today as it was centuries ago reports the author. She says because of the rapidly growing amount of data, in which EMC (EMC) and IDC claim that data is doubling every two years, along with print information, there are even more ways in which disposal-related breaches are occurring. Here are just a few instances I found:

The blog outlines some of the most common egregious information disposal dummy security and privacy mistakes:

  • DTrash canonating print documents with personal information on them to outside groups, like pre-schools and community groups, to use as scrap paper.
  • Selling computers, smartphones, copiers, fax machines, and other computing devices, to recoup some of the investment, but not irreversibly removing the data before the sale.
  • Putting digital storage devices in the trash without first irreversibly removing the data.
  • Putting print documents containing personal information into unsecured dumpsters, and not shredding them.
  • Never throwing away no-longer-needed hard copy and digital devices; letting them accumulate in storage areas, with inadequate or no security, allowing them to be taken by anyone who happens along.

Data disposal is important because breaches caused by poor disposal activities are getting so bad that the article states there are growing numbers of laws explicitly covering disposal, and bills are being proposed at the state and federal levels. The Disposal Rule (part of the Fair and Accurate Credit Transactions Act of 2003 (FACTA) has been in effect since 2005. The blog says FACTA has many very specific requirements that basically all types of businesses, of all sizes, that do most types of credit checks must take when disposing of information in all forms.

In Michigan, data destruction requirements are covered in IDENTITY THEFT PROTECTION ACT MCL Section 445.72a. where destruction of data containing personal information required; violation as misdemeanor; fine; compliance; “destroy” are defined.

MichiganBesides the fact that secure information disposal is now a legal requirement for most businesses, it makes sense to dispose of information securely to prevent privacy breaches. By having effective disposal policies, procedures and supporting technologies in place businesses demonstrate reasonable due diligence.

Ms. Herold argues that all organizations, from the smallest to the largest, need to follow proper information disposal practices or they will experience significant privacy breaches and non-compliance penalties. She presents an action plan to get started:

  • Assign overall responsibility for information security and privacy compliance to a position or department within your organization, which will include responsibility for the disposal of information in all forms.
  • Perform a disposal risk assessment to find exactly how your organization really disposes of all types of information.
  • Create information disposal policies and procedures, or update existing ones, based upon the results of the disposal risk assessment.

The policies and procedures need actions:

  • Locate, inventory, and gather at the end of their business useFilingcabinetfulness all types of digital storage devices, including CDs, DVDs, USB drives, external drives, tapes (yes, many organizations still use them), microfiche (yes, these too), and any other type of storage media.
  • Inventory all types of computing equipment, including not just the “traditional” computers, but also devices such as printers, fax machines, copiers, smartphones, MP3 devices, and any other types of devices that do computing activities.
  • Define acceptable shredding methods and locations for paper documents. Finely cross-shredding hard copy information is recommended, as well as ensuring any contracted shredding company does such shredding on-site.
  • Define acceptable methods of irreversibly removing data from computing and digital storage devices. Degaussers are still often used, in addition to contracted services to wipe storage devices clean.
  • Make sure you include information backups, and all types of information archives, in your disposal procedures. These items are typically overlooked, and many breaches have resulted from such items.

Data destructionThe bottom line for all organizations, the author argues is: You need to make sure there are proper safeguards for information, computing, and storage devices, during the disposal process.

The author concludes with some recommended resources and articles to aid you with improving your own personal, and organizational, disposal practices:

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , ,
| December 6, 2012
Comments Off on Tablet Info

Tablet Info

iPad thefts from Cleveland Heights-University Heights middle school students prompt community soul searching

iPad thefts from Cleveland Heights-University Heights middle school students prompt community soul searchingCleveland.com reports that iPad thefts from middle school students in the Cleveland Heights-University Heights school district is causing an iPad re-think.

The school district gave 1,300 Apple (AAPL) iPad tablets to middle school students at the start of the school year. The report says students were permitted to take the iPads home as a continuing educational tool.

The experiment lasted less than three weeks because the students became targets for thieves. Between Sept. 26 and Oct. 13, a dozen middle school students had their iPads stolen while on their way to and from school, Cleveland Heights police chief Jeff Richardson said.

Since mid-October, the district has collected the tablets at the end of the school day and students no longer could take them home.

More than 130 people attended a meeting seeking answers about how to go ahead and whether crime will win out over education. The reporter writes that the meeting was meant as an information-gathering session. Police, principals, and other officials wanted to decide if the district could safely revive the “Take home iPad Plan” sometime in the near future.  The crowd reaction was mixed about how to proceed.

Related article
Superintendent John Deasy’s $17.5M request for computer tablet funds nixed

Superintendent John Deasy's $17.5M request for computer tablet funds nixed

The Los Angles Daily News reports that the panel that oversees the spending of Los Angeles Unified’s bond revenue refused Superintendent John Deasy’s request for nearly $17.5 million to jump-start the purchase of computer tablets for every student. The Bond Oversight Committee voted 7-3 for the plan, but that was one vote short of the eight needed for passage, officials said.

The $17.5 million would have funded the first phase of his long-range technology program. The plan included the tablet pilot project at 14 secondary schools. Mr. Deasy said the tablets are needed for the district to start the new curriculum known as Common Core State Standards taking effect in 2014.

Ultimately, he wants to buy tablets for all 650,000 LAUSD students, a project estimated to cost upwards of $400 million.

Related article
  • LAUSD Superintendent Warns Of Shorter School Year Due To Budget Crisis (losangeles.cbslocal.com)
IDC Figures Show Samsung and ASUS Challenging Apple’s Grip on the Tablet Computing Market

http://www.stripersonline.com/t/628984/check-out-what-im-doing-tonightMIT’s Technology Review pointed out new data from IDC suggest that Apple’s dominance of the global tablet computer market may be giving way. Competing tablet makers, led by Samsung (005930), gained substantial ground during the third quarter of 2012.

Apple‘s (AAPL) market share dropped from 65 percent in the second quarter to just over 50% in the third quarter. Meanwhile, Samsung’s share doubled to 18%, and Amazon (AMZN) and ASUS (2357) each saw their share rise from under five percent to around nine percent.

2012 3Q Worldwide tablet shipments

As is clear from the graph above, TR concludes that it’s too early to tell how quickly the market is diversifying. Apple’s lag was at least partly due to rumors about its plans to release the iPad Mini, which led some consumers to hold off on buying a new iPad, according to IDC. Now that the Mini is out, analysts expect Apple to have a strong fourth quarter.

The iPad Mini’s $329 starting price, however, is well above that of many Google (GOOG) Android tablets, which is why IDC’s analysts believe there is “plenty of room for Android vendors to build upon the success they achieved in the third quarter.”

Android-powered smartphones are already more popular than Apple’s iPhone in the U.S. as well as in other countries, like China

Related article
Tablet Makers Pursue Public Schools

Tablet Makers Pursue Public SchoolsSchools are a large and growing market for Apple’s iPad. Teachers claim that tablets help students with lessons, improve memory and language skills, and cause them to act more independently. The excitement among tablet makers is almost as great. Tablet makers like Apple are pursuing public schools for more sales.

MIT’s Technology Review brings us data from IDC which says global shipments of tablets will reach 177 million this year, and 11 million of them were purchased by businesses or government of those, IDC analyst Tom Mainelli says, the “vast majority” were sold to schools.

Mr. Mainelli thinks that within a few years all U.S. students will have some access to a tablet at school. With 55 million students in the country’s schools, that’s a lot of potential sales. The article says it’s not just a one-time product push: beyond selling tablets to schools and districts, tablet makers see a chance to set up future sales by establishing brand loyalty with young users. “All these guys see huge opportunities here,” he says.

The most successful tablet maker in the education market is Apple (AAPL). In its July 2012 quarterly report, the company said it sold one million iPads to schools. TR notes that Apple hasn’t reported education numbers since then, but it did unveil a smaller, cheaper model that it expects will also appeal to students and educators: the $329 iPad Mini.

Amazon (AMZN) also highlighted its interest in the education market with the debut of Whispercast, a service to manage its Kindle e-readers en masse. Jay Marine, vice president of product management for the Kindle, the company sees the education market as “a meaningful business opportunity.

Smaller companies are making tablets aimed specifically at the education market. Two firms are CurriculumLoft, which makes the Kuno tablet, and Brainchild, which sells the Kineo.

Brainchild CEO Jeff Cameron claims his company’s $299 tablet, which runs on Google‘s (GOOG) Android software is better than mass-market devices because it was built for educational use. TR says that, unlike most tablets, the Kineo has a replaceable battery, resulting in a longer lifespan. Its touch screen is meant to withstand spills, and it has more physical buttons than an iPad.

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Tablet computing | Tags: , , , , , , , , , , , , , , , ,
| December 4, 2012
One comment

Is Cloud-Based Anti-Virus Ready?

Is Cloud-Based Anti-Virus Ready?Cloud computing technology is one of the most disruptive technologies in recent history. Xath Cruz at CloudTimes argues in a recent article that cloud computing is also disrupting security software such as anti-virus and he asks how effective are cloud-based anti-viruses?

malwareThe article, How Effective are Cloud-Based Anti-Viruses? claims the demand for cloud-based anti-virus software has gone up steadily as more cloud-dependent computing devices have invaded the market. Cloud-dependent computing devices like iPads, Nooks, iPhones, and Galaxy’s are as susceptible to malware as their big desktop brethren.

In order to fight the malware threats to cloud-dependent computing devices, cloud-based anti-virus has evolved.  Cloud based anti-virus works differently than popular cloud-based document editors like Google Docs, where you only need a web browser and internet access. The blog post explains that cloud-based anti-virus software can’t function if it’s only in the cloud, since your PC won’t easily give the right kind of administrative access needed by antivirus software to programs hosted remotely, as that would leave your PC at risk of being intruded upon by other programs.

small native app that runs on the deviceIn order to protect a PC, tablet, or smartphone, a cloud-based anti-virus software requires a small native app to run on the device. When downloaded, the app acts as the anti-virus, with its database and heuristics data being hosted on the cloud. There is also cloud-based anti-virus software that use web browser extensions or Active X and Java to gain proper access to your PC.

Like any technology, cloud-based antivirus software has specific pros and cons when compared to native anti-virus suites, Mr. Cruz lays out some of the pros and cons of cloud-based anti-virus:

Cloud advantages

cloud based anti-virus1. No Installation Required – The first advantage of cloud-based anti-virus is that there’s no need to install them on your PC. Cloud-based anti-virus does not eat up hard disk space, with its storage and memory footprint being a fraction of what local anti-virus need. Additionally, you can get them up and running immediately, and there’s no likelihood of messing up the installation (which usually results in a non-working antivirus or corrupted file volume).

2. No Updating Necessary –  With cloud-based anti-virus, there is no need to update data files, since it’s hosted on the cloud, and will automatically be patched or updated by the provider. This will offer the latest in protection when it becomes available.

3. Double Security Layer – With cloud-based anti-virus software, it is possible to run a locally installed anti-malware app and run another different cloud-based antivirus without worrying about conflicts or PC slowdown. Different anti-virus software are better able to catch or inoculate different viruses.

collective intelligence4. An advantage of cloud-based anti-virus software the author missed is collective or community intelligence. SearchSecurity reports that when a system identifies malware, it’s able to give feedback to the cloud anti-malware provider, thus providing a wider surface area for rapidly detecting 0-day attacks.

Cloud disadvantages

1. Won’t Run in the Background – Cloud-based anti-viruses are not effective against viruses that run on startup. Cloud-based anti-viruses are not TSR (terminate and stay resident) programs and only run on an as-needed basis.

2. Limited Scan – Cloud-based anti-viruses risk missing dormant viruses in unopened or archived files. Windows’ security protocols will prevent some cloud anti-viruses from scanning the computer. They will only be able to scan core windows files and what’s currently loaded in the memory.

Network connection3. It Requires an Internet Connection – Cloud-based anti-virus is useless without access to the Internet. This is a problem for portable device users who can’t be connected 24×7. Without an Internet connection viruses will be free to do whatever they want.

rb-

The author concludes for the best protection your PC can get, you need to use the services of both a locally installed anti-virus software and a cloud-based one.

The main concern I have about cloud-based anti-virus apps is downtime. Cloud providers like Microsoft, Amazon, and Amazon have had issues lately providing their services. Downtime at the upstream ISP on the LAN can also play havoc with cloud-based anti-malware apps.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| December 1, 2012
Comments Off on I Think Therefore I Login

I Think Therefore I Login

I Think Therefore I LoginForgetting a password could become a thing of the past according to the ZDNet article Brainwaves as Passwords; Secure and Near-Reality. John Fontana at Identity Matters says the technology to do so could be here as early as June 2013. Interaxon, which develops thought-controlled computing, is releasing the Muse headband sensor device that is designed to use brainwaves to login.

Brainwave sensors

Muse headband sensor device that is designed to bring brainwaves into computingThe slim plastic Muse headband fits against a person’s forehead and slips over the ears. The band houses four brainwave sensors. There are not any authentication applications that work with Interaxon’s Muse headband yet. The article notes that the company has a software developer’s kit (SDK) for anyone who wants to do it. However, company CEO Ariel Garten says such an app is reasonable and possible.

“The user could create a specific brainwave signature or a password they would never have to say out loud or type into a computer,” said Ms. Garten, who spoke at the Blur Conference in Broomfield, CO. According to Mr. Fontana the CEO demonstrated thought-controlled applications and the Muse headband.

Brainwave login passwords

government can read their pin numberWhile brainwave passwords might conjuror up thoughts of being snatched off the street and having a brain drain, Ms. Garten said the technology isn’t mind reading. “People might think the government can read their pin number, but we can’t read your thoughts or images in your head.” Muse, which talks to devices via Bluetooth, is an electroencephalograph (EEG) that records brainwaves and reads the brain’s overall pattern of activity to detect certain states such as relaxed or alert explains the article.

The brainwaves are turned into binary data and the translated waves are used to control anything electric. Users can learn to manipulate brainwave patterns, like flexing muscles. “This builds your brain like doing bench press reps in the gym, Ms. Garten claims.

laptops can be controlled with the mindApplications that run on smartphones, tablets, or laptops can be controlled with the mind according to the article. Ms. Garten believes the technology is set to take off, she is quoted in the article, “In 25 years, interacting with technology using your mind will be as ubiquitous as a gesture is today.”

rb-

This seems like a cool idea, maybe Sony or Nintendo will take it over. This is not a panacea for passwords.

With the small real-world experience with biometrics in the enterprise (Thinkpad T61p laptop) it worked adequately for local machine access, but what about when you have to scale this to 10s of thousands of users? Just imagine the HR issues involved with obtaining employee’s fingerprints or as the article suggests brainwaves.

In my environment, where I think biometrics makes sense, there is all the political baggage that comes with biometrics and children and the anti-education, anti-efficiency, and religious groups. I wrote here about a Texas school distinct facing the wrath of these groups for RFID cards, not biometrics.

Then there are the technical issues with any password (character string or biometric) system. The hashed password or brainwave needs to be stored somewhere in binary form. If your AD is compromised you still have a problem.

swilson, one of the commenters at ZDNet wrote: “all biometrics are the same! It doesn’t matter what trait they come up with, the same core biometric challenges remain. The challenges he sees are:

  1. How to stop replay attacks?
  2. How to secure centrally stored templates that are needed to support ‘federated’ biometric access control from multiple points?
  3. What is the real-world sensitivity/specificity trade-off i.e. quantified False Positive and False Negative Error Rates? Knowing a bit about brain physiology, I am very skeptical that anyone can measure a highly distinctive brain wave with better than 90-95% accuracy.
  4. Most basic problem: revokeability. What’s to be done in the event of a compromise, when you cannot cancel and reissue a brain wave, or fingerprint, or iris, or genome?”
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , ,
« Older Entries   Recent Entries »