The Osterman Research Blog

Messaging-related mergers continue

2008-08-27T15:24:00.000-07:00

Today's acquisition of PostPath by Cisco for $215 million is the latest in a string of recent messaging-related acquisitions that include McAfee's acquisition of Reconnex, Proofpoint's acquisition of Fortiva, Sophos' acquisition of Ultamico, Symantec's acquisition of PC Tools, MessageLabs' acquisition of Fortium ICA Limited, and Quest's acquisition of Akonix, just to name a few of the recent acquisitions that have taken place. There is even talk of Cisco acquiring McAfee.

A new spam technique

2008-07-29T02:24:00.000-07:00

On Monday, Commtouch discovered an interesting spammer technique. This new approach sends an email that includes a link to a Flash file, not to an HTML page that includes an embedded Flash file. The .SWF file is hosted on a free image hosting site and, when clicked, simply redirects victims to a Canadian pharmacy spammer site.

More information is available on Rebecca Herson's blog at:

http://blog.commtouch.com/cafe/spam-favorites/flash-in-the-spam/

Online threats are more rapid than ever

2008-07-28T18:00:00.001-07:00

IBM will release the Internet Security Systems X-Force report that discusses the speed with which new exploits are released. Among the highlights:

- 94% of Web browser exploits are available within 24 hours after flaws are discovered. In 2007, that figure was 79%.

- 80% of PC vulnerabilities are exploited within 24 hours of their discovery, up from 70% in 2007.

How do you define "SMB"?

2008-06-18T08:17:00.000-07:00

I'm currently attending Trend Micro's first Analyst Day in New York. Steve Quane, executive general manager of Trend's SMB Business Unit offered a great way to define the small and mid-sized business market for security solutions: if you ask a decision maker in a company to define "hash" and they respond with either "breakfast" or "controlled substance", they're an SMB customer. :)

AOTA Summit

2008-06-04T09:22:00.000-07:00

Sitting in the first session of the Authentication & Online Trust Alliance (AOTA) Summit in Seattle as I write this. Fairly well attended and lots of interesting content expected. More to come...

NemX SecurExchange

2008-05-29T16:54:00.000-07:00

NemX announced today SecurExchange for Microsoft Exchange 2007. The company claims to be "the first vendor to offer a full
suite of rich, powerful and flexible email compliance functionality for the Exchange 2007 platform."

SecurExchange is an important offering, particularly in light of the growing importance of searching email and other electronic content for e-discovery and content scanning purposes. For example, SecurExchange can scan emails for concepts related to certain words instead of just the words themselves. As noted in the company's press release, when searching for the concept of "Confidential", the system will place greater weight on the word when used in the footer of a document than if it is used in the body text. SecurExchange will also scan strings of numbers not only for the presence of a 15- or 16-digit number that might indicate a credit card number being sent in clear text, but will also perform a checksum to verify the validity of that number.

Our research has found that email volumes are growing at roughly 30% per year. That means that the volume of email sent or stored will be roughly 3.7 times greater in five years than today. That will make the importance of tools that can intelligently scan email content ever more important.

MER Conference

2008-05-21T06:23:00.001-07:00

I spoke at the Cohasset Associates MER (Managing Electronic Records) Conference in Chicago yesterday and am attending the keynotes today, as well. This is a small conference (about 500 people) focused on records management, but there has been a great deal of discussion on email and electronic content archiving. I would highly recommend this conference to anyone interested in email archiving and the broader implications it has for overall records management practices.

How much money do Italians make?

2008-05-01T17:36:00.001-07:00

Now you can find out. The Italian government posted the earnings of every Italian on the Web. More information is available here:

http://news.bbc.co.uk/2/hi/europe/7376608.stm

While this was apparently legal according to Italian law, many were very upset by the decision of the outgoing government to post this data. For those countries in which posting sensitive information or other confidential data isn't legal, it points out the critical nature of deploying data leak protection (DLP) systems that will guard against intentional or inadvertent breaches. Our research shows that these types of systems are seriously underdeployed, making the breach of corporate data all too likely.

IT spending in 2008

2008-04-17T04:08:00.000-07:00

We have just concluded a large survey on email, Web and IM security among mid-sized and large organizations in North America and will be publishing a report on our findings shortly. One of the questions we asked was about overall IT spending plans in 2008 -- here's what we found:

48% of organizations will spend more in 2008 than in 2007
18% will spend less
28% will spend about the same
6% are not sure

Interact 2008

2008-04-08T16:24:00.001-07:00

I attended Interact 2008 in San Diego today and will be at RSA tomorrow. Interact offers a nice view into what Microsoft is doing in the UM and UC spheres, with lots of good information provided in a number of sessions, including some frank comments on areas in which Microsoft needs to bolster its UM and UC offerings.

Some observations:

- Microsoft views Exchange as a mature offering that, in some ways, will act as a "mentor" for OCS. OCS will steal some best practices from Exchange, such as the capabilities of Systems Center, improvement of the command line interface in OCS and working with common partners for both platforms. Microsoft's goal is to make both Exchange and OCS "look like they come from the same vendor".

- Exchange and OCS share some of the same architectural focus and engineering, but different business pressures force them to be "out of phase" with one another, although Microsoft anticipates coordinating Exchange and OCS to a greater degree in the future.

- Saw an impressive demonstration of Exchange UM in action; each server can support about 10,000 users.

- There are currently 71,316 users at Microsoft on Exchange UM.

In all, Interact 2008 was definitely time well spent even if San Diego was cold and windy today.

More changes in the hosted market

2008-04-01T10:17:00.000-07:00

mindSHIFT Technologies has acquired Collaboration Online Limited Company, owner of groupSPARK and AgileWave CRM. mindSHIFT is a managed services provider that offers a variety of managed and SaaS services. The acquisition will expand the company's hosted Exchange, hosted SharePoint and CRM offerings.

Analysts and the Al Gore Keynote Policy at RSA Conference

2008-03-31T17:05:00.000-07:00

From the organizers of the RSA Conference, a conference I hold in very high regard:

"Dear Michael:

For the last 17 years, RSA Conference keynote speakers have brought a wealth of knowledge and experience to Conference attendees. Continuing that tradition, we've recently announced that the closing keynote speaker at RSA Conference 2008 will be former Vice President Al Gore. In accordance with the agreement with Vice President Gore, members of the press will not be permitted to attend his keynote presentation.

RSA Conference offers industry analysts a free, all-inclusive press badge that provides full access to all resources, sessions and the press room while attending the show. Given that industry analysts are provided press badges, you will also be precluded from attending former Vice President Gore's keynote. Anyone with media credentials will be seated in a special press section for The Hugh Thompson Show on Friday afternoon and will be escorted out at its conclusion, prior to former Vice President Gore taking the stage. If Conference staff notices anyone with a press badge is found in the keynote room during Gore's speech, they will ask that person to leave immediately. We apologize for any inconvenience this may cause.

We are looking forward to seeing you next week."

Any theories as to why Mr. Gore doesn't want the press -- and anyone outside the live event -- to know what he will say?

DLP is getting interesting

2008-03-26T13:35:00.000-07:00

We've all heard of incidents of data theft from lost laptops, lost backup tapes, hackers getting into email systems, etc. But how safe is your passport information?

We heard last week that the confidential passport information of Senators Clinton, McCain and Obama had been breached. Now, there's news that the electronic passport information of perhaps 20 Americans has been breached.

I also read today that new US passports contain an RFID chip and an antenna designed to transmit information on the passport during screenings at the border. US passport production is outsourced to a company in the Netherlands that inserts the RFID chips, then passports are sent to another operation of the company in Thailand for the insertion of the antenna, after which the passports are sent to Washington, DC for final assembly. The company that assembles the passports revealed in October 2007 that someone in China had stolen its technology for the RFID chips used in passports.

Presence, corporate culture and personal preference

2008-03-23T12:13:00.001-07:00

Presence - the ability to know another's status - is an incredibly useful tool. It allows you to know when someone is at their desk and is likely available for interaction in real time. Presence can serve as a sort of informal time clock that allows you to know when co-workers have arrived in the morning. It can allow you to get questions answered quickly and easily using an instant messaging client, for example.

However, unlike store-and-forward technologies like email or voicemail, presence requires the right corporate culture and the right mindset for organizations to derive the greatest value from it. As most users of an instant messaging system will admit, receiving an IM at an inopportune time is usually more irritating than helpful, which has resulted in the ability to selectively provide presence information only to specific individuals or groups in a variety of clients.

More importantly, however, is the role of personal preference in the success of presence. For example, do you really want others to know your presence at all times - when you're at your desk, on a mobile device, when you've turned on your laptop, etc.? For those that resist the publication of this data, how do you convince them to embrace the benefits of presence?

What is the future of Novell?

2008-03-18T08:06:00.000-07:00

Novell develops some very good technology -- sitting in the Analyst Summit at BrainShare as I write this is testament to what they've done and where they want to go with virtualization, identity management, usability and a host of other initiatives. Plus, anecdotes about the ability to support very large GroupWise environments with very few FTE staff members abound, and downtime is often very low in GroupWise deployments.

That said, Novell continues to lose market share to rivals Microsoft and IBM in particular, but also to others. Why? Many have cited Novell's marketing efforts, others focus on Novell's heavy focus on administration and less on user interface design.

What's your take, particularly if you've migrated away from GroupWise to some other messaging or collaboration platform? Is it that IT departments are simply forced to migrate because senior, non-IT managers like Outlook and force a move to Exchange? Is there concern about the long term direction of Novell?

I'd love to get your feedback.

Disaster recovery plus

2008-03-11T16:32:00.000-07:00

I was just given a briefing by a company that has developed a very interesting technology that synchronizes Outlook content with the data store of another leading messaging system (I can't be more specific about the identities because the product has not yet been announced). The demo I received demonstrated very good performance, allowing email content, calendar entries, contacts, etc. to be entered into Outlook and then appear within just a couple of seconds in the other messaging system. Synchronization back to Outlook worked equally as well.

This client-side product will have a number of uses, but on the short list will be selective disaster recovery for individuals within a company without having to roll out an entire DR system, as well as allowing users to access their email without the Outlook client, OWA or an Exchange Server.

The offering is planned for announcement either later this month or in early April and pricing has yet to be determined.

I was quite impressed by what I saw.

Two more acquisitions today

2008-02-12T11:24:00.000-08:00

The acquisitions in the messaging space continue:

Dell acquired MessageOne for $155 million, continuing Dell's acquisitions designed to make the company a leading provider of SaaS services.

TeraCloud acquired startup archiving provider Estorian.

These acquisitions point to the growing interest in archiving for a variety of applications, from storage management to legal discovery to regulatory compliance. While there continue to be those who don't believe in the value of archiving, consensus will be coalescing around the growing need to archive messaging and other content.

Microsoft buying Yahoo!

2008-02-01T03:39:00.000-08:00

Just heard a report that Microsoft is willing to purchase Yahoo! for $44.6 billion. From a messaging pespective, this would give Microsoft a huge addition to its consumer email base and would give Microsoft Zimbra, a very nice offering that includes business-grade email, archiving and other capabilities.

IBM Announces Bluehouse

2008-01-21T15:18:00.002-08:00

At Lotusphere on Monday, IBM announced Bluehouse, a set of hosted collaborative offerings aimed at the SMB market. The offering is planned for rollout during the next three to four months.

More to follow...

What is 'unreasonable' in the Fourth Amendment?

2008-01-15T22:34:00.000-08:00

The following is not intended to be partisan in any way, and neither for or against any particular candidate, government official, etc. I don't share my political beliefs in these types of forums, so nothing of a political or partisan nature should be read into this post.

The Fourth Amendment to the US Constitution reads as follows:

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

While a case can be made that even a physical search of laptops, luggage, etc. prior to boarding a flight violates the Fourth Amendment, there are few that would want to fly on an airplane whose passengers' luggage was not searched. To me, airport security checks are a 'reasonable' type of search and are consistent with both the text and spirit of the Fourth Amendment.

However, the US Federal courts have recently ruled that anyone entering the United States is subject to a search of the files on their laptop computers or other mobile devices. Is this unreasonable? I think so. Such a search, without probable cause, is clearly in opposition to the intent of those who wrote the Fourth Amendment. While the upside of such searches is that they can catch child pornographers, the downside is that your confidential records are now subject to inspection by TSA, customs or other officials without any sort of probable cause, warrants or any other protections that used to protect you.

The easy way to avoid this kind of search is not to carry confidential files with you. While this is inconvenient, it does protect your data from searches, as well as from data loss in case you lose your mobile device. You can use hosted services or other remote data stores to house your data while traveling, but this is not always as convenient as having the files stored locally.

The FRCP and the Sub-Prime Meltdown

2008-01-04T11:04:00.000-08:00

Autonomy, which purchased ZANTAZ for $375 million last year, has just won a $70 million archiving contract with a bank. The deal, which is far bigger than any Autonomy had previously won, seems to be driven primarily by the new amendments to the Federal Rules of Civil Procedure (FRCP) that took effect on December 1, 2006. Some speculate that banks will be a key market for archiving technology directly as a result of the meltdown of the sub-prime market -- many lawsuits will be launched against banks and archiving appears to be a key technology to which banks are looking as they anticipate a wave of litigation resulting from the credit crunch.

More detail is available at http://business.timesonline.co.uk/tol/business/markets/article3129335.ece

Growing Interest in the FRCP

2007-12-14T13:42:00.000-08:00

The new amendments to the Federal Rules of Civil Procedure (FRCP) were passed about 54 weeks ago and they are starting to have a significant impact on the way that organizations view their electronic assets. However, that impact is still not reaching to all organizations that are at risk of heavy penalties for a failure to archive properly in support of e-discovery. Consider, for example, that Morgan Stanley had to pay a $15 million fine in 2006 for not saving email properly and paid $3 million earlier this year for not providing email and taking appropriate supervisory measure to preserve email content. Wachovia paid a fine of $2.25 million for not fully complying with SEC 17(a). In March 2006, paid a fine of $2.5 million SEC fine for not properly archiving email. In March 2004, Bank of America was fined $10 million by the SEC for its failure to keep email records regarding its recent merger and for taking too long to comply with regulatory requests.

While most of the judgments so far have focused on violations of regulations in the financial services space, FRCP will have a much bigger impact for one simple reason: it applies to virtually all companies that might be involved in litigation in the Federal courts. When individual states impose their own version of FRCP, the stakes will get dramatically higher.

Bottom line: establish good data retention practices and keep your business records that are contained in email and in your other electronic data stores. Failure to do so will hurt.

On Web conferencing and travel

2007-11-16T02:15:00.000-08:00

How much could an organization save if it used a Web conference to replace a four-hour meeting in a city that is a two-hour flight away? Consider the following:

Airfare: $250
Taxi: $40
Meal: $10
Time spent driving to and from the airport: 1h 30m
Time spent waiting for flights: 2h 30m
Time spent in flight: 4h
Fully burdened annual salary: $100,000
Hours worked per day: 10

Even if we conservatively assume that only one hour of the waiting and flight time is unproductive, that means that the total cost of a four-hour meeting in another city based on the assumptions above is $340. Would Web conferencing be a useful replacement for at least some off-site meetings? In many cases, absolutely yes.

Exchange Connections

2007-11-08T23:38:00.000-08:00

I attended the Exchange Connections conference in Las Vegas this week. I spoke with a large number of vendors, all of whom were quite favorably impressed with the booth traffic and the quality of the leads they were receiving. This may have been due, in part, to the significant number of attendees of the related conferences that were held concurrently, bringing in a larger number of individuals than might otherwise have been the case had the conference been held as a standalone.

However, I think it's due more to the very dynamic nature of messaging at this point and the growing uncertainty on a number of fronts: the impact of competing data retention strategies, the potential for migration to new messaging systems, the uncertainty being generated by a variety of vendors, the growing push by hosted and managed messaging vendors, and so forth.

Hosted Lotus Notes

2007-09-28T01:16:00.001-07:00

We hear alot about hosted Exchange, but less about hosted Notes/Domino or GroupWise. However, on September 18th, IBM announced a number of new capabilities and services, including a hosted Notes offering. The press release is available at:

http://www-03.ibm.com/press/us/en/pressrelease/22327.wss