Why the Department of Defense Failed to Secure Our Computers

Every day, new viruses emerge that compromise the security of millions of computers – both personal and corporate. As government agencies increasingly rely upon commercial software for Top Secret computer systems, they found themselves facing a difficult dilemma: continue using their 80’s era software or upgrade to the latest commercial systems, while exposing themselves to the security vulnerabilities that plague everyday users.

From 1999-2001, Robert Meushaw, the director of the NSA’s Information Assurance Reserach Laboratory (NIARL), and his team worked on a solution that coul dgive hte best of both worlds. The system he developed, codenamed NetTop, uses a “sandbox” technique whereby inherently insecure software (such as Microsoft Windows and MS Office) is granted access to a limited portion of the computer. Even if one of the insecure applications was infected with a virus, it is unable to spread beyond the specific machine.

Unfortunately, the results were disappointing. Two crucial missteps ultimately led to its slow adoption within government agencies and by the general public.

The first problem was that NetTop compromised security for functionality. By being neither 100% secure, nor 100% functional, security experts were unsatisfied, and users were frustrated.

The second problem was around cost. Each “virtual” system required its own licenses. Thus, Top Secret computers that accessed six separate networks would require 6 licenses for Microsoft Windows on a single computer! Furthermore, the virtualization component was developed by a for-profit startup named VMWare (now publicly traded NYSE: VMW). As VMWare grew larger and more successful, Microsoft started to tamp down the competition by restricting its licensing terms to make virtualization even less cost-effective.

The end result has been another expensive government project with limited application and a dim future.

Three Things Every Business Should Do in a Recession

Change begets opportunity. Given the current economic situation, here are three things that every company should do:

Renegotiate vendor contracts. This is not to say that you should squeeze all profit out of your vendors. Business relations should always be mutually beneficial. However, contracts that were negotiated a few years ago when things looked rosy should be carefully reevaluated. For example, one small business was able to renegotiate their contract with Verizon Business and cut their bill in half.

Foster employee loyalty. Employees are more likely to stay at their jobs now, if they feel the jobs are secure. The good news is it’s easier to retain employees. But don’t be lulled by this. Unhappy employees being forced to work harder and longer hours will not stick around once the economy turns. Now that employee’s expectations are lower, do small things to increase job satisfaction and make people feel appreciated.

Do more for your customers. Much advice centers on how to maintain price discipline and avoid doing work at (or below) cost. There’s a different opportunity, however. Given that your customers are likely facing a new environment, they may be open to help in new, adjacent areas. For example, a company that downsized may now be shortstaffed in certain areas and happy to have a vendor provide managed services. Look for these areas, and propose solutions for your customers’ problems.

AnythingResearch.com – Industry Analytics and Research

AnythingResearch.com has released 2009 research reports on over a thousand industries providing instantaneous access to market size, typical financials (e.g., income statement, balance sheet), salary benchmarks, etc etc.

The goal is to shed light on  small businesses in “main street” industries by providing accurate and detailed statistics.

http://www.AnythingResearch.com

.

Earth Cancer and Global Warming

Weather is complicated. Many scientists (plus Al Gore) strongly believe that Global Warming is already wreaking havoc on weather patterns.

The havoc, they say, may take many forms: warm winters, wildfires, hurricanes, flooding, cold summers, cold winters, and the list goes on….

Sadly, these scientists made a critical error. A marketing error. They called this havoc “Global Warming.” For the average Joe, a cold winter does not feel like global warming. A rainy summer doesn’t feel like global warming. A severe hurricane does not feel like global warming. As the theory became more intricate, the story got confusing – and the message got lost.

If only the scientists had called it Earth Cancer, or Extreme Weather Mutation, the news every night would focus on the issue. “This is the third coldest April 17th since 1991,” a weatherman would report with grave concern. “This is the second rainiest April 18th since 1989,” might be the following day’s breaking news. From a statistical standpoint, anomalies can be found everywhere – yet they would all be attributed to Earth Cancer – since the name would seem consistent with any weather anomaly.

Fragmentation in the Department of Defense

A recent article described a problem of drug-resistant bacteria infecting wounded troops in Iraq. As specialists attempted to track down the cause of infection, “reforms ran into a major obstacle: each link in the evacuation chain was owned by a different branch of the DOD.”

The lack of coordination within the DOD evacuation chain hearkens back to a similar issue within the Intelligence Community. As Mike Wertheimer, a senior DNI official, describes:

“I am unable to send email, and even make secure phone calls, to a good portion of the Intel community from my desktop because of firewalls.”

Fragmentation within government agencies is due in part to the principle of Unity of Command, a management concept in which each member reports to only one supervisor. This leads to clear and linear control structures and operational effectiveness within a small organizational unit; however it limits interaction at the outer edges of the command chain, where an individual at an outer branch is unable to coordinate (and in some cases even communicate) with individuals at another branch.

Going digital: video surveillance and pulling teeth

Industries have moved into the digital age at different speeds. As information capture becomes digital, a massive amount of data goes “live” and can be parsed and analyzed in real-time. This leads to a host of new possibilities. Here are two examples:

First, in the world of physical security, digital video recorders (DVRs) are a relatively new phenomenon, only gaining mainstream support within the last five years or so. Initially, it was only large, sophisticated security companies that could develop such systems – for example, airport security could track individual passengers as they move throughout the terminal. (And can even detect if a passenger abandons a bag!) Now that digital systems are becoming more commonplace, startups such as Agent VI are able to enter the market as well and leverage the vast data made available by modern digital systems.

Second, the field of dental laboratories is about to change dramatically, as technology moves from physical casts of teeth (for crowns, implants, etc) to digital imaging and CAD/CAM fabrication technology.

The move towards digital technology leads to a wealth of information, which in turn enables secondary, value added services.

One reason YouTube succeeded where others failed

A recent WSJ article mentions that when YouTube tested “pre-roll” ads (i.e., ads that play before the video launches), more than 70% of viewers abandoned the site.

Consider two startups entering the business of sharing videos:

Startup A has a lot of financing, and has not chosen a “revenue model” yet – first it plans on building dominance in the market. Then it will figure out how to monetize the traffic.

Startup B cannot afford to pass on revenue for very long, so it offers an ad-supported service. However, as in the above statistic, pre-roll ads deflect 70% of visitors – and many may switch to Startup A.

If Startup A had a plan for making money, it would have caused them to shrink and fail like Startup B. However, a day will come when Startup A must also make money – and then it will discover that its market share is only the result of its ad-free environment – as soon as it advertises it will lose viewers, too.

The difference between YouTube and most other “Startup A’s” -is that YouTube has a thousand brilliant minds at Google who spent ten months trying to find a solution. Most startups are not that fortunate.