Welcome!

Cloud Security Authors: Elizabeth White, Pat Romanski, Zakia Bouachraoui, Yeshim Deniz, Liz McMillan

Related Topics: Agile Computing, Cloud Security

Agile Computing: Blog Feed Post

Social Media: Change, Control and Security

Facebook’s scope and ambition is also the source of its security complexity

As I write, Facebook is in the process of executing the biggest IPO in US corporate history. Yet, its security model is so involved, and changes so frequently, that not only have people found it necessary to publish sets of guidelines on how to maintain and update Facebook’s security settings, (http://www.facebook.com/note.php?note_id=10150261846610766 ) but also found that they have their hands full keeping these guidelines up to date. At this point, I must admit I’ve never had an account on Facebook; when they launched here in the UK I was invited to sign up by a number of early-adopter friends, but after a good hard look at their security and privacy policy, I said “you have got to be [elided] joking”.

Facebook’s scope and ambition, is also the source of its security complexity. By trying to be “the aggregation point of everything”, for its users – photo albums, bio and status details, blog, IM, music player, games console, etc etc – as well as attempting to tie it all together into the much-discussed “social graph” and using this to attract an income stream from highly-targetable advertising, I believe it has become sufficiently encumbered by having to deal with such a number of diverse entities with different vested interests that the problem of constructing a security policy which will “please a working percentage of these entities, a working percentage of the time” has become effectively intractable.

This may also be why Google+ seems to be controlling its features carefully. Also, I think Google are taking a very interesting approach in unifying their security, privacy and use policies across their offerings; kudos to them for taking that challenge on.

So, I’ve taken to considering where social media will go, from here; as well as seeing what’s happening at Facebook, I’m also seeing a bunch of people writing about how social media is another tech bubble all set to burst. While I firmly believe social media is here to stay, it’s going to get more Darwinian; as with the earlier tech bubble there’lll be casualties, but the result will be a more business-focussed industry.

I think the pendulum of control over information and its sharing is going to swing back, and much more control is going to be placed in the users’ hands; and this has to happen via a mechanism much more straightforward than Facebook controls. Here’s how I think it’s going to work.

What users are going to do, rather than look to a Facebook to host and aggregate all content and present a unified view of it, is run content aggregators locally. I can see these looking something like the Flipboard app for iPad (of which I happen to be rather a fan). From a UI perspective, I’d have a virtual “book of stuff” per friend, which would have pages, articles and photos aggregated from all the data sources they’ve chosen to share with me. I’d need my address book to be extensible to take URLs (and where applicable, passwords) for all these sources, per friend, but that’s not exactly hard.

When I want to share something with a friend, I post it to the appropriate site, using the most appropriate account I’ve given them access to. There’s no more need for fiddling with access controls, people who want to “share stuff” can just create a new account for sharing with particular people or groups of people. It’s all a bit retro, but it means that the account is associated with the group of people involved, not uniquely and verifiably me as an individual; therefore, I get to dictate whatever identities I want to use, wherever I want to use them. There’ll be a bunch of account info to keep track of from the sharer’s end too, but this is a solved problem.

This will also work if the pendulum swings far enough that users start hosting content on their own servers and devices, as some have predicted.

Therefore, the sites I think will do well out of this are those which do one or two things only, and do them very well, by facilitating sharing of a particular kind of content, under various easily-created accounts which are not tied to a single “real” verifiable ID per user. So Blogspot, Flickr, Wayin et al can breathe easy.

However, the flipside of the idea of returning a bunch of control to the users in this way, is that it becomes more difficult for a site to construct a business model; unless all the sites set cookies and users have to accept them it ceases to be possible to construct a useful social graph (which from a user privacy perspective, is A Good Thing), and as users would be consuming something like an RSS feed, it becomes difficult to insert revenue-generating advertising except at the point where users get to add content to their feeds.

So, the outstanding question for a more user-controllable social media, becomes how to monetise it. It could be that this halfway-house between social media-hosted content and local aggregation won’t wash, and the only  way in which people can make money involves letting the pendulum swing completely the other way by social media companies charging end users subscriptions to host their own individual micro-sites on a cloud infrastructure; whatever happens, it’s not going to be dull…

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder of Crucial Point and publisher of CTOvision.com

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...