A thousand points of light

My hometown newspaper, The South China Morning Post (SCMP), recently went live with a reader driven mashup site dedicated to reporting environmental damage. The SCMP calls the site Citizen Map. It looks like it’s gaining traction. The public responded with more than 20 tip-offs in the first few days.

Mashups are nothing new. Typical examples include real estate listing databases married to neighborhood maps and school district information, sites that track epidemic outbreaks around the world and geo-location restaurant guides.

But most mashups are meant to broadcast a single author’s voice, or at least a single group’s message. What the SCMP has done looks a little different. The paper has put together a number of services, some commercial, some open source, that let other people generate the content around a theme. Arguably, user generated content is nothing new either. Think Twitter or Facebook.  But Twitter and Facebook cater to everyone, or at least try to.

I would guess that the SCMP has no idea where this is going to go but the framework is clear: the SCMP has created a point solution (in contrast to an enterprise or utility solution) to aggregate community generated information on environmental damage. Individual postings might lead to follow-up investigations, government responses (one hopes), name and shame reporting or public debate.

Synergy 2011

We just finished our start-of-the-year meetings in Hong Kong, Synergy 2011. Our resellers, who showed up in force, came from all over the world (you can find a list of NetDimensions resellers here).

Our resellers are a powerful, variegated group with clients large and small and up to the minute insights. They had a lot to say. I’ll share a couple of points that impressed me and give you a heads up on what our community is doing today and planning to do for the rest of the year.

In no particular order of importance:

The revolution has begun

mEKP_logo_finalRecently we introduced a new product, mEKP. It’s different. mEKP gives you the power to carry gigabytes of technical documentation, learning, career and personal development support, licensing and certification records, podcasts, video and a whole lot more — all in your pocket.

It’s secure. It’s multi-platform. It is, as Brandon Hall says, disruptive. This particular revolution began quietly but make no mistake, it’s already making waves. Think of this scenario — 2,500 teachers in a poor country, each with a mEKP stick giving her or him a year’s worth of professional development training, daily lesson plans, class handouts, various kinds of support collateral — all without Internet connections to the schools.

Change happens. We think (we hope) we’re contributing to some good change in the world.

Click here for more.

An analyst states the obvious (finally)

Cute but cold comfort and no guarantee of security
Cute shield but cold comfort and no guarantee of security

We have always maintained that SAS 70 Type I and II certifications, though a great make-work program for U.S. accountants and required under some companies’ SOX programs, are next to useless if you want to know whether or not a hosted service provider has adequate security controls in place.

The list of problems with using SAS 70 documents as “security certifications” is long, too long for this post. Though of course, coming from a vendor, any complaints about the abuse of a certification certain competitors rely on can end up sounding like carping.

But Gartner has now stepped up to the plate and agreed with us. Here’s the money quote from Gartner Research Vice President French Caldwell:

“Chief information security officers (CISOs), compliance and risk managers, vendor managers, procurement professionals, and others involved in the purchase or sale of IT services and software need to recognize that SAS 70 is not a security, continuity or privacy compliance standard.”

The press release is here. You can buy the full report here.

There are several useful security standards, including ISO 27001, which is the gold standard and probably what you want to demand from your hosted service vendor.

But one piece of paper you won’t want to be relying on is a SAS 70 certificate.

Organise your content; there may be a need for librarians

If Only . . . Cover

The extended quote below is from a great book, O’Dell and Grayson’s If Only We Knew What We Know: The Transfer of Internal Knowledge and Best Practice:

“For example, a manager who has just tried out a new sales technique has “tacit” knowledge of it. If he writes it down and posts it on his company’s intranet site, some of that knowledge has become captured and “explicit.” Next, another sales manager reads the description and uses the technique on her next sales trip (hence turns it into “tacit” once more). Knowledge has been captured, exchanged, and created (see Steps in the Knowledge Transfer Process, below). The learning process hence involves the continuous “intersection” of these two knowledge types and a never-ending, closed-loop transformation process.

“Other organizational experts, such as Leif Edvinsson of Skandia, further divide commercial knowledge into individual, organizational, and structural knowledge. Individual knowledge is solely in the minds of employees. Organizational knowledge is the learning that occurs on a group or division level. Structural knowledge is embedded in the “bricks” of the corporation though processes, manuals, and codes of ethics. At any one of these three “states, the knowledge can be either tacit or explicit.

“Knowledge is broader than intellectual capital (IC). Whereas some writers have chosen to expand IC to include practices and processes, in its purest form, IC refers to the commercial value of trademarks, licenses, brand names, formulations, and patents. In this view, knowledge-as-intellectual-capital is an asset, almost tangible. Our use of knowledge is broader: we view knowledge as dynamic — a consequence of action and interaction of people in an organization with information and with each other.

“Knowledge is bigger than information. Our organizations are awash in information, but until people use it, it isn’t knowledge. While you can’t have too much knowledge, you can certainly have too much information. Indeed, many organizations have already discovered that information, carried faster and in greater volumes by electronic media, leaves employees overwhelmed, not overconfident. Fumbling rather than focused. Paralyzed rather than proactive.

“Hence, our simple working definition: Knowledge is information in action. In the organizational and commercial context of this book, knowledge is what people in an organization know about their customers, products, processes, mistakes, and successes, whether that knowledge is tacit or explicit.”