StillSecure, After All These Years

Just wanted to give a quick shout out to Joe Webster, a security bloggers network member and until recently a great resource at StillSecure.  Joe just left StillSecure to pursue a tremendous career opportunity that he could not pass up. He wrote about why he left and his time and impressions of StillSecure here on his blog.

During his time here at StillSecure, Joe has been a great resource and team member in making Safe Access a best-in-class NAC product. He has also become part of the family partaking in and leading many social activities.  We are all saddened to see Joe leave the fold, but wish him the very best in his new gig.

Cover of Wall Street [Blu-ray]

Going back to the time I was in school, it seemed like the best and brightest aspired to a career on Wall Street. Yes you could go to medical school or law school, but many very bright and ambitious kids wanted to to go work for Goldman Sachs or Morgan Stanley or some other such Wall Street house.  Except for a brief period during the dot com bubble when the lure of stock options pulled some of them away our best and brightest were drawn to the bright lights and big city. President Obama says that this is going to change.

In a report on abcnews.com highlighting a NY Times interview, President Obama says that Wall Street is going to play a less dominant role in our economy and our lives going forward.  This will be due to more government regulation and less risk taking. This will mean less chance of excessive profits, so less extravagant bonuses. As a result, Obama says the some of the talent that has been attracted to Wall Street will seek other avenues like computers and engineering.

I think this would be a great thing for both the tech industry and our country.  However I have heard this before. When the cycle picks up will the call of Gordon Gecko, “greed is good, greed is what made America great” once again be a siren song for our best and brightest?  I guess we will find out soon enough.

I have read a lot this weekend from people whose business acumen I respect.  Brad Feld (here and here), Fred Wilson and Will Herman all published blog or twitter posts dealing with our present economic condition.  One of the great things about blogging though is if I don’t agree with them or want to express my views on the subject, I have my own bully pulpit. I may not have the 100K plus followers that Brad or Fred do, but that is OK, I can put my thoughts out there for the world to see.  So here goes:

First of all no one wanted the federal government to bail out any companies. The government certainly didn’t want to. It truly is an investor of last resort. But the alternatives are just worse.  You will not find many takers willing to raise their hand and say, “yes lets burden our children with the debts of our mistakes”, never the less, if we did nothing we may not leave them anything at all.  So I don’t buy into the - we all want to be socialist Swedes and that this is some how part of Brarak Obama’s plot.  Plain and simple we were in such a rotten place that we had no choice but for the government to step in to avoid such widespread upheaval that it could rock our foundations to its core.

Second, somewhere along the line it has been repeated enough times so that everyone takes as gospel that government can never do anything as well as private markets can.  It started with Ayn Rand for Brad and the gang, but for most of America it is textbook Ronald Regan.  But the fact is that for big projects like going to the moon, building an atomic bomb, winning a war – funding basic R&D, the government actually does a pretty damn good job.  It is not optimum, but the government is in a much better position to weather the storm and see us through to the other side in our current mess.

Next, there really is a case of being a hammer and everything looks like nails here.  Fred calls Citibank to task for taking out an ad in the NY Times. He says “old school companies sticking to old school approaches that don’t work anymore”.  Yes, if you invest in a lot of internet companies and closely watch the ad business on the net, you may discount the value of old fashioned print ads in the NY Times. But lets give the marketing and media departments at Citi and their ad agencies some credit here.  We are not talking about a couple of start up mark-comm folks who know how to manipulate Google Ad Words.  These are people who have been doing this for a living for a long time, have reams of data and no what they are doing.  It wasn’t Citibank’s marketing that got them in this mess. 

Brad jumps on this bandwagon calling it an idiot move, but cuts Citi some slack because they are doing some things he is aware of, but can’t speak about.  I don’t know what these things are but knowing Brad, they involve RSS or at least the web as a communication medium.  Again the hammer looks for nails.  Guys, it may not be the NY Times of the 1970’s we are talking about, but there are still a few of us who read the Times, including the ads. In fact if you guys did not read the Times, you would not know about the ad.  So in a way you prove the value of the ad in that it got your attention.

By taking public money we will have this scrutiny. Not a great thing, but not messed up either. That is the price to be paid for taking public money.  But think about it, as private investors, don't you Brad and Fred look at where money is being spent.  How did you feel about some of your investments buying Super Bowl ads a few years ago. I don’t remember you jumping up and down and calling them idiots while that was going down. Only with the harsh reality of the cold slap in the face of the dot com bubble bursting did many of the VCs of the era fess up to being taken up with “irrational exuberance”.

Brad then goes on to talk about “investment versus speculation”. Sure it is easy a VC who is investing in companies directly and sitting on their boards to be an investor in every sense of the word.  But the speculation of investors in the market is not something that is new or particular to our recent troubles. In many ways it is what fuels the market.  Most people don’t have the luxury of being a “qualified individual” or sitting on the board of a company. Most people can’t even afford the time and effort to go to a shareholders meeting.  They do their research, make their best choice and go with it.  There is more to speculators than the picture of the evil money changers who drove up the price of oil.  Speculation is essential to the market. It may not work for Brad, but for others it is the best they can do.

Finally, my friend Will Herman and his twitter post scared me the most.  Will is a big New England sports fan (Sox, Pats, Bruins and Celts), but I don’t hold that against him. Somewhere he just went off course in regard to sports because on most other things he is dead on. Will twittered about a NY Times article that talks about the new issue facing immigration.  Many highly qualified immigrants are choosing to leave the US and pursue greater opportunity in their native companies. I know many of you might be happy about that, but Will is rightfully upset about it. 

Our country has always been afraid about the next wave of immigrants taking the jobs of those who came before them.  First it was the Irish, the Italians, the Jews, the Hispanic, the African-Americans, etc.  But yet each immigrant group has wound up enriching our society and filling the pockets of those who came before them. We cannot afford at this critical time to be suffering a brain drain of people who have been educated here but are not helping us continue to build our base and add more jobs to the mix. We need this fresh blood, energy, innovation and intelligence.

It is a very telling statistic that these educated, intelligent people are picking up and leaving for greater opportunity elsewhere in the globe. When we can figure out who to reverse that, we will be back on track. In the meantime, I have not had the success that these guys have had in business. But that is the view from down here.

Image via Wikipedia

nCircle came out with a survey that showed the majority of workplaces do not have any policy at all regarding Facebook usage in the workplace. Andrew Storms, one of my friends at nCircle says that sites such as Facebook being so popular increase the chances that a worker may put confidential or company intellectual property up on the site and in doing so make it public.

OK, I don’t disagree with Andrew, but I think whether the employee is at home or in the office, the risk is nearly the same. So unless you are going to ban Facebook at home too, what are you guarding against.

In the article by SC Magazine on this a Forrester spokesperson also talks about potential security threats by 3rd party apps on Facebook and a loss of productivity by workers using it during working hours.  But as the article points out, a workplace ban on sites such as Facebook could deter young workers from joining the firm.  Somehow limiting access may be best.

I disagree. I think employers have to make lemonade out of these lemons.  You are not going to filter out Facebook usage.  That train has left the station.  You need to educate your workforce on what the pitfalls can be and how to stay away from them.  I think Facebook and similar sites can be used as a powerful tool for marketing and messaging. I think most companies have not yet figured out how to leverage Facebook, Twitter, etc. for the powerful marketing and other advantages they can offer.  Companies that do figure out how to use these type of sites for the positive and do a good job of educating their workers on how to harness it will reap the benefits.  Companies that simply try to avoid these sites and don’t let employees use them will go the way of the dinosaurs.

Image by JPhilipson via Flickr

My jaw hit the ground today reading this NY Times report on last months labor statistics. We lost over 500,000 jobs last month!  Unemployment is at 6.7% and that is a bogus number. The Labor Department says over 400,000 people "left" the job force, meaning they gave up trying to find a job.  Adding those 400,000 in would put us over 7%. There is every indication that this will be the longest economic downturn since the Great Depression. 

So what does this mean for information security?  Desperate times call for desperate measures. I think vigilance against internal incidents by desperate employees will be a big problem.  There will be many people looking to make a quick buck.  Stupid phishing scams and other types of scams will be more prevalent than ever. In this age of information technology, smart scammers will use the technology to assist them in their scams.  We need to be more on guard and wary of this type threat.  Of course we will probably have to do it with less resources and more responsibility.  All in all, it looks like rough sailing ahead on many fronts.

One of the cool things about the first dot com bubble was the "ebay millionaire". These were people who built businesses around selling goods at auction on ebay.  There has been much written and said about the methods of these people and certainly it was a big attraction to people selling on ebay.  I had an interesting plane ride home today where I met someone and discovered todays equivalent. I call it the StubHub millionaire. It  is a testament to American ingenuity and shows that given the tools, people will find a way to exploit and make money.

Up until fairly recently you bought tickets to sporting events and other entertainment from a box office or ticket agent such as ticketron.  The "after market" in ticket sales or scalping as it was called in NY was often times illegal.  There were though some legal ticket brokers that you could buy tickets from. Now with the advent of StubHub and similar type of ticket reselling outlets on the web though, the infrastructure is in place for anyone to sell tickets on line.  You would think that most of these people selling tickets were people who had either extra tickets to an event or perhaps a season ticket holder looking to unload some tickets to help defray the costs. Not the case!

There is a now a whole class of businessman who buys season tickets to multiple teams, sports and cities and than uses outlets like StubHub and others to sell these tickets.  The guy I spoke to today had season tickets to 6 different NFL teams, 3 major league baseball teams and multiple basketball and hockey teams.  Many of his tickets are sold months and weeks before the event. If any are left within 14 days of the event he puts them on ebay.  His average mark up is about 40 to 50% of face value, but by buying season tickets he pays below face, so his actual margin is closer to 60 to 70%. He keeps a few tickets for him and his family to go to a few games a year. 

This started as a hobby for him with Yankee season tickets, but he has done an analysis and compared to what he would make investing that money in the market, he has come out way, way ahead.  He thinks that on a 12,500 investment, he makes about 40k!  That is not bad.  This year when all is said and done he will make six figure income from the resale of tickets he bought.  Think about it, no office or anything.  Just list your tickets and let people buy them.  Take some of the money and buy more tickets.

So what the heck am I doing trying to show people why it is important that they put good security in place on their computers?  There has got to be a better way.

When I was a kid it was fashionable to think that your mother wanted you to grow up and be a doctor, a lawyer or some other such professional. A policeman or fireman was dangerous, a sanitation worker did not have much prestige. By the time I was in college, the smarter kids were going to work on Wall Street, instead of going to medical or law school. Later during the dot com bubble, many of the best and brightest were siphoned off from Wall Street to go into technology. It is obvious that bright young adults are going to follow the money. Well if that is the case, there is no alternative but to grow up and become a hedge fund manager according to this article in the NY Times today.

Several of the most successful managers made over 3 billion dollars each last year alone! That is not that their companies cleared 3 billion, they themselves made 3 billion. In fact to make it to the list of the top 25 hedge fund managers in terms of compensation you had to earn at least 360 million dollars last year alone. Think about that in terms of the median American family income was $60,500.00 dollars last year. So ask yourself, what are you doing securing networks or whatever you do. Stop wasting your time and go get into the hedge fund business.

Seriously, think about it. Hedge funds don't manufacture or make anything, they don't sell a product per se. They manipulate money and make bets on what will go up or down. Sort of the ultimate riverboat gamblers. They aren't teaching our kids to be better people, they aren't making the world safe or making the environment better. But the rewards for what they are doing are almost beyond belief. What message does this send as a society? When I see companies that won't spend a couple of dollars to make sure that your confidential information remains confidential and than see these kind of numbers, what does this society value?

But who am I to rain on the parade of these Titans of Wall Street. I am going to go home and start working on my sons to think about thier future. Like they told Dustin Hoffman in "The Graduate", just one word - Plastic HedgeFund!

Could you use an extra 2k? How about an extra 5k? Here is the best part, you don't have to do anything illegal and you will actually feel good about doing it!  Here at StillSecure we are growing again.  We have a number of openings up on our web site under the careers section. Every so often we designate certain jobs as "hot jobs".  If you refer someone for one of our regular jobs and they are hired, we pay you a thousand dollars on hiring. If they stay 6 months, we send you the other thousand!  If it is one of the hot jobs you get 5k instead of 2k.  How do you refer a potential candidate?  Easy, just have them send their resume to careers@stillsecure.com with a note saying you are the referrer and your email address, as well as the position they are applying for. Sound easy enough?  I think so.

Of course no offer like this is complete without the fine print. So here it is:

Candidates cannot refer themselves and only the first person or agency to refer a candidate that is hired will be compensated.  If a candidate is already under consideration at the time of the referral under this program, no compensation will be paid.  Referrers must complete a W-9 for tax purposes before compensation can be distributed.  This program will run through April 30, 2008 or until all open positions are filled, whichever comes first.  Specifically referrals must be provided by April 30, 2008 and referred applicants must be hired by May 31, 2008 to qualify. Don't miss your chance to earn some extra cash!

Just kidding, here are the details:

Candidates cannot refer themselves and only the first person or agency to refer a candidate that is hired will be compensated.  If a candidate is already under consideration at the time of the referral under this program, no compensation will be paid.  Referrers must complete a W-9 for tax purposes before compensation can be distributed.  This program will run through April 30, 2008 or until all open positions are filled, whichever comes first.  Specifically referrals must be provided by April 30, 2008 and referred applicants must be hired by May 31, 2008 to qualify.

If you have any questions or concerns regarding this program or our open positions, please contact our HR department at careers@stillsecure.com.  StillSecure reserves the right to alter or modify this program at any time by posting changes to its website.  Whether a referrer is entitled to compensation shall be within StillSecure's sole discretion and StillSecure's decision will be final.

Let me get right to the point. I hate paying headhunters.  StillSecure is looking for a killer sales person for the Northeast US.  If you are based in Boston or NY, this is a great chance to join our company at an exciting time in the market and our history.  If you think you have what it takes, drop me an email at alan at stillsecure dot com and lets talk.

No I am not talking about supporting the fight against breast cancer.  I mean pink as in pink slips. Dan Kaplan over on the SC Magazine News team blog (Dan does a great job on the blog by the way, but the SC folks have not joined the SBN, how about it guys?) has an interesting story up about potential big layoffs coming at Symantec. Dan notes that Symantec went through one round of layoffs back in March, but that the scuttlebutt on this round is that it is much bigger this time according to Valleywag. Supposedly the sales numbers especially in North America are not good. 

Will be interesting to see how it plays out.  Of course the whole economy may be headed to the hopper, including tech.  It may not be just Symantec that goes through some belt tightening.