Symantec and VeriSign; a new online trust powerhouse or some techno-Frankenstein built from mis-matched parts.

This little, nerdy, techie nichy type of article would normally go right over my head, but given my background in security (Computer Associates and Comodo), the recent news about Symantec acquiring VeriSign got me thinking. The deal, in a nutshell, means that Symantec, known for its security suite is looking to expand into the authentication business by buying VeriSign, a certification authority, whose core product, SSL certificates, is BTW shrinking.

Here’s the official Symantec spin:

The combination of VeriSign’s security products, services and recognition as the most trusted brand online and Symantec’s leading security solutions and widespread distribution will enable Symantec to deliver on its vision of a world where people have simple and secure access to their information from anywhere.”

Symantec and VeriSign actually have a lot in common. They both grew by acquiring technology (as an aside I think Symantec is good at integrating new companies into its line-up). Both are in a commodity business with real challenges in managing partners and pricing:

“With this acquisition, we extend our strategy to create the most trusted brand…The VeriSign check mark is the most recognized symbol of trust online… Symantec’s security solutions and the company’s Norton-branded suites protect more than one billion systems and users around the world. By bringing these security assets together, Symantec will become the leading source of trust online.”

But one is left scratching their head when you continue to read the Symantec explanation of why they are acquiring VeriSign. Here is clincher:

“Symantec plans to incorporate the VeriSign check mark into a new logo to convey that it is safe to communicate, transact commerce and exchange information online.”

You read right. While the clearly appreciate the power of the VeriSign icon – they intend to ditch it. Something does not compute.

What do I think is going on here? For my money, both companies needed each other as a defensive stance rather than as growth measure. Let’s start with VeriSign. Their product line has come under significant pressure from a wide variety of sources given the wide net of their largely unsuccessful acquisition efforts. Worse, in their core SSL business, there was no way to maintain a premium pricing structure given the success of value based alternatives such as GlobalSign or Comodo.

As for Symantec, they are frantically acquiring companies and the VeriSign deal was the third encryption-related purchase for Symantec in three weeks! Their land grab in the authentication space is necessary because; a) there little home grown technology to build from and b) as security solutions become utterly commoditized, the higher margin opportunities are left in authentication services.

I can only speculate on the net gain or loss for the shareholders of both companies, but Symantec’s sudden fondness for becoming “…the leading source of trust online” seems rather “Johnny come lately” especially given their current “confidence in a connected world” focus.

Becoming a “leading source of online trust” is not something you wake up to one morning and decide to do. It is has to be the central “why” to a company. It has to drive how you innovate, what you acquire and how you build your offerings. Have I ever seen that kind of intense commitment to online trust from Symantec? Nope. Can you say that the VeriSign is a brand that means some notion of online trust? Yup. Are either company known as a technology innovator? No and not in this lifetime.

That’s why when you add this acquisition to the other companies Symantec acquired, you start getting this vague techno-Frankenstein quality to its brand as though some “mad board of techno-scientists” tried to create a viable company from the parts other companies. Paying $1.3B for a company with about $400MM in sales seems a lot to pay so possibly some “trust” dust will cling to the Symantec brand. IMHO though – the math doesn’t add up.

But hey – don’t trust my opinion – I’m just a curious bystander.

Judy Shapiro

Is the Internet devolving into a segregated, class-based system?

In the real world, segregation by class or race or age is rightly understood as under utilizing the full potential of people in society. There is universal recognition that people should be free to achieve their highest potential based effort and talent – not on what money they were born with. And this ideal is what we all believe delivers the best humanity has to offer.

Now when the Internet was created barely 20 years ago – it seemed to emerge from a perspective of an open, “democratic” framework where anyone could achieve anything. It leapfrogged over our normal inclination to create a stratified society but allowed unfettered potential to anyone irrespective of class.

The promise of this egalitarian digital society fueled so much hope. In this digital utopia, the thinking went, small ecommerce sites could challenge the big guys. Or anyone from any corner of the world could enrich their mind with a mouse and an online connection. And closed societies could now be opened within this enlightened new world.

While the real world continually and relentlessly divides the world into the “have’s and have nots”, the Internet seemed to have sidestep that whole unsavory dimension of our human nature.

But as the Internet emerges from infancy into maturity, I sense a new dynamic that is subtly introducing segregation into the system. It started when the small ecommerce sites realized that it took more than digital pluck to get ahead in the online ecommerce world since SEO and advertising did cost money.

Then, when Microsoft introduced BING as a “decision engine”, it was another, subtle form of class division. After all, most of the time a decision is only required in a buying process not in true information discovery. And the recent news about Murdoch making his content invisible to Google continues the segregation momentum. No more can news be available for all – but only for those who can pay.

It seems to me see that our digital society is following the sad patterns of our real world societies of info “have’s and have not’s”. It is sad to watch. It is sad to contemplate that in the drive to monetize the Internet; our early ideals of the Internet seemed to have fallen by the wayside.

But there are companies who are fighting this trend and who continue to offer the promise of a free Internet and have innovated to generate revenue while maintaining this ideal. Some great examples include Comodo who offer the best in PC security for free and a social networking company called Houseparty who empower anyone to earn revenue from the Internet legitimately (and without any financial investment).

Can you spell R-E-V-O-L-U-T-I-O-N?

Judy Shapiro

“Privacy schmivacy”.

The history of privacy is full of public disclosure.

My Grandmother’s notion of privacy was quite different than my own. And my teenage daughter’s notion of privacy is, correspondingly, different than my version. So while the concept of privacy changes over time, within the public imagination, we all seem to cling to some gauzy, vague notion of privacy to mean we have control over what information should be kept private and how our information is distributed over the web.

This universally romantic notion gets universal support from government agencies, the media, websites, trade organizations – just about everyone.  Corporations world over struggle mightily with new, complex questions about how to assure privacy. And privacy advocacy groups vigorously defend this principle because they see privacy as the thin line in the sand that protects us against autocratic [fill in “evil” corporate or government name here] control.

So while you see a lot of lip service paid to privacy, there seems to be little concrete progress on how to execute privacy in today’s fluid information flow environment. Worse, I think all the privacy rhetoric has perhaps, imprudently, raised consumers’ privacy expectation to a level that is possibly not even achievable today.

It seems, therefore, that a recalibration of the notion of privacy is in order that strips away dogmatic devotion in favor of a real world, practical approach that can get the job done.

To gain insight about what a practical approach might look like, let’s go back a few thousands years and see how privacy has evolved. The first thing we notice when we look at this subject is that today’s concept of privacy as a universal right was simply not operative for most of civilized history (if you didn’t guess already, my early training was in history). One’s identity was assumed to be “public” and fully transparent because “people” were considered the “public assets” of the prevailing rulers. In virtually every society since ancient times, there was a rigid code for conduct and dress that clearly identified everyone by class and depending on variations of this code, by village or clan or family. Nor was privacy operative in “private spaces” since communal living was the norm.

Our modern idea of privacy really did not fully emerge until the middle of the 20th century. The massive expansion of the middle class post World War II “democratized“ lots of things like dress codes so identity became more cloaked (pun intended). The middle class could “pass off” as anyone and with that, the first modern sensibility of “privacy” was born. This budding notion of privacy was then buoyed by the new affluence of the middle class who started living in bigger homes which increased our appetite for privacy because it became a mark of success. Finally, during the paranoia of the Cold War when the government had aggressive wiretapping programs and the McCarthy black lists, our current notion of privacy hardened into the near sacred status enjoyed in our popular imagination.

This brings us back to today. Our understanding of privacy seems misaligned to the realities of today’s Internetworked world. This is why we have a confusing, ambiguous and inconsistent set of processes across the digital landscape. There are, for instance, verification companies selling web site seals to reassure visitors that the site has a privacy policy. Unfortunately for the site visitor, this privacy “trust” seal makes no judgment about whether the site has a “good” privacy policy since there are no real standards for a “good” policy. Then you have a confusing set of privacy practices and standards driven by trade organizations like the IAB, governments and even digital marketing vendors who all have different “best practices”.

Looking at it from an end user’s perspective, the view gets even more confused, (unless of course you have an advanced degree in electrical engineering plus about 10 years of hard core programming). Cookies are handy for end users but they are quite “invasive”, despite assurances from cookie crumb collectors that they only collect information, not individual user data. Or would end users consider a remarketing campaign as crossing the “privacy” line? And don’t get me started on how email privacy standards are violated shamelessly.

Now to add to the confusion, the rise of social networks raises new issues; should we assume the profiles we post in our social networks are private or public? Who should control where my profile is displayed? It’s not hard to understand why Sun Microsystems CEO Scott McNealy is famous for having said; “You Have Zero Privacy Anyway. Get Over It”.

I do see where he is coming from, but that is rather a draconian approach that undermines the value privacy does have in all societies – digital or otherwise. I would rather advocate we need to update our notion of privacy and build standards and processes with an updated vision of the concept. What I am proposing here are a few starter “how to’s” that can begin to pull us out of the quagmire we seemed to be stuck in.

First, for those of us who operate social networks, communities or websites, let’s start to apply a consistent “default public” set of business rules to reflect the general consensus that social network participation is acceptance of a public digital life. Similar to your phone listing in the phone book – you are “defaulted in” unless you opted out. That begins to shift the basic model that allows people to take full advantage of their digital social lives by helping them manage efficiently their public information. Be sure to recognize that the inevitable demographic differences in privacy requirements between groups means you will need to provide all users granular controls to keep everyone happy.

Second, it would be useful to create an industry-wide, standardized hierarchy of information sets which would have specific privacy practices appropriate to the risk factor. For instance, typical “low risk” information gathered by social networks can be handled one way whereas “high risk” information could be driven by a different set of processes. This data architecture and practices can be standardized across networks.

Third, the industry, I mean here social networks, corporations and media, need to better support the W3C’s noble work in this area. I was at a conference on Semantic technologies recently and I heard a fairly desperate appeal to help support continuing the work in this vital area.

Fourth, we need to create clear remediation processes should someone’s privacy be digitally violated. This is a place for the government to step in with clear remediation mandates similar to guidelines it mandated to companies in the case of data breaches.

Fifth, let’s accelerate development of new, Internet powered ad platforms that are consumer driven. A “pull” ad model solves many of the privacy problems that behavioral marketing programs fall prey to because it resolves the irreconcilable tension between marketers wanting to learn everything about prospects and consumers’ resistance to be so overtly “manipulated”. The Internet is incredibly well suited to this model. (A word to the IAB folks – this is a great initiative for you guys.)

Now a word of encouragement to those of us who have a fond, unabashed attachment to our privacy. First, it may be comforting to know that the fact that we ever had privacy as we know it (dare I say knew it), may have been a brief blip in history that we were lucky enough to experience. Second, I won’t tell you to get over it – but I will tell you to reverse your thinking about privacy. Shift your thinking from privacy concerns and onto how to manage what is public about you anyway.

Everything old is new again.

PS – I think the new Google Dashboard is a very positive step forward. See my YouTube video explaining why. http://www.youtube.com/watch?v=MXEiOlD7Y0I

 

Judy Shapiro

http://twiitter.com/judyshapiro

What might Twitter and Facebook teach Google Wave about market success?

It’s not what you think but you’ll have to “pull” the answer out of me.

Recently, I have become fascinated with the new academic work around the paradigm shift to the “pull” form of corporate management from the more established “push” business models. This notion, which has been kicking around for a few years as far as I know, has recently become quite popular, probably helped along by recent work on the subject. One excellent white paper entitled; “From Push to Pull; emerging models for mobilizing resources” from Deloitte, authored by Hagel and Brown provides a solid conceptual basis for the clear differences in these two principles.

Here’s a brief excerpt (but I encourage a read of the whole 23 pages):

The signs are around us. We are on the cusp of a shift to a new … model that will re-shape many facets of our life, including how we identify ourselves, participate with others, connect with others, mobilize resources and learn.

Over the past century, we have been perfecting highly efficient approaches to mobilizing resources. These approaches … share a common foundation. They are all designed to “push” resources in advance to areas of highest anticipated need.

This new approach, {however} focuses on “pull” – creating platforms that help people to mobilize appropriate resources when the need arises

The white paper goes onto to describe how when resources are tight, corporate “push” models dominate because they can control and optimize precious resource consumption. But with abundant resources, comes a different model – a “pull” model where users drive the rate of consumption of resources. I’ll also point your attention to the fact that this model is grounded in our very human need for “connectivity” as I will return to this theme shortly.

Now this is heady stuff because a pull model is nothing less than a 180 degree turn on how we think about the way to run businesses today. But what’s that to do with Twitter, Facebook and Google Wave? And what in heaven’s name has that got to do with corporate management theory?

Ah – not so fast – I said you would have to pull it out of me. In fact, I may stretch your patience even further by suggesting we go on a treasure hunt and the treasure we seek is nothing less than understanding why certain technologies succeed while others fail.

Our treasure hunt begins as most do with orienting ourselves on our treasure map. In this case, our orientation lies in having a compass to help us understand that technology breakthroughs rarely happen to the company with the best idea or the smartest technology or even the most deserving goals. Nope. Most often it happens in one definable moment – when the technologically breakthrough is symbiotically coupled to fulfilling a fundamental dimension of our humanity. Technology by itself is sterile.

Ok, now that we have our bearings, let’s follow our map to uncover our buried treasure.

If we follow the Internet’s evolution in the past 10 years, no one doubts that the Internet has become a highly dependent technology for people and business world over. It enables powerful communications and connectivity capabilities, but in its current iteration, the Internet lacks the basic building blocks for meaningful connectivity — like the technological ability to establish trust. (Tangentially, the issues of trust on the Internet are complex and well articulated by  Kieron O’Hara and Wendy Hall in their September 2008 paper;  “Trust on the Web: Some Web Science Research Challenges”; (http://www.uoc.edu/uocpapers/7/dt/eng/ohara_hall.pdf.)

So users started to “pull” trust into their Internet experiences partly through the creation of trusted communities like forums, blogs, review sites and the like. That trusted community concept was quickly embraced by the public so that now almost all of us engage in some digital social community or other (see Pew Institute research on the subject). The initial pull, to create trust in online interactions, spawned the great social networking revolution we are experiencing right now. I bet some future historian will pinpoint this moment as perhaps the tipping point moment propelling other “pull” corporate models.

Returning to our treasure hunt, though, let’s see where our map has led us so far. The Internet grew so fast because it expanded personal connectivity, which then created the need for trust within this new level of connectedness which then resulted in all forms (and variations) of “trusted” communities that were only possible because the new “pull” tech platforms let people utilize technology when they need it.

Still with me?

Ok – good and now your patience will be rewarded because here is where “X” marks the spot. The treasure we have been seeking is revealed in appreciating  that when technology truly serves humanity by fulfilling some basic human need or desire (like wanting to connect), it can become a powerful force that can move fast within the ecosystem, helped along by the emerging “pull” mechanism discussed above.

This is what Twitter and Facebook can teach Google Wave. They understood how to use “technology” to satisfy our very human need to be connected within a “trusted” community. In the case of Twitter, they innovated so anyone can have a “feed” to “their” network (a.k.a. community) and in the case of Facebook, they created a way for people to create their own trusted community. In both cases, (and many others too), we see that when technology is intrinsically woven in with satisfying a fundamental human need, like the deep need to be part of a trusted community,  with an effective dispersion model like our “pull” model, you have the ingredients for success.

Now I think Google Wave has the potential to be a technological milestone because it merges unified collaboration and communications (not new) within the fertile soil of a trusted community (this is new). “Pull” models coming online now enable this combination of dynamics to “gel” into a platform that can be vibrant and paradigm shifting. From anyone I talked to who has actually used the product, (I have not received an invitation yet, but I am a patient woman) there is an expectant hope for it – much like the expectation one might have at a party hyped to be cool but that just got started.

I hope Google Wave recognizes that people want to technology to power their trusted digital communities – and not so much their “communications and collaboration” (sounds pretty sterile doesn’t it?). I can see how this technology has the potential to truly expand our comprehension of what a trusted community can become.

The power of these converging trends – Internet, “pull’ models, trust and community – is the treasure any tech business can capture for themselves. I suspect that if anyone will know how to use this treasure it will be Google. I am rooting for them.

Judy Shapiro

http://twitter.com/judyshapiro

Top 5 reasons why social networks will drive how the next generation web will evolve.

                       

We’ve heard the buzz… Web 3.0, semantic web, smarter web (who knew it was stupid in the first place). But beyond the buzz, the idea of the next generation web is simple. How does the web evolve from a generic, impersonal place to a place where we can have a personal experience? How can I get information that is relevant to me? How can I use the web the way I want? How can I create a personal web for myself?

 

The answer becomes clearer when we put the human element at the heart of the conversation which this leads us to, you guessed it, our social networks. Nothing is more personal than our social networks so it’s best to start there in building the next web.

 

Now amazingly, technology that lets us create digital social networks and these social networks are growing like crazy. Companies like Facebook, Paltalk and Linkedin have spread so fast because they begin (mind you only begin) to introduce trust within our newly interconnected and now largely untrusted world.

 

That’s what today’s Paltalk TechNow interactive video event was about. It was entitled; Transforming the Web into YOUR web and it was about what will the next web look like. The show featured Melih Abdulhayoglu, CEO of Comodo and his point was that the foundation of the next generation web is built on trust delivered via an authentication layer. I believe he is right. And taken further, it’s useful to remember that trust is first and foremost a function of social networks. By putting trust at the center of the conversation this puts the emphasis where it belongs – on the human factor. We need trust and we need social networks to help permeate trust within the new web. .

 

And that is why I can make my claim about the critical nature of social networks in the next generation web. I can even back up my assertion with a top 5 list :

 

1) Social networks have begun to dominate people’s online activity. According to Neilson, already 1 in every 11 online minutes is spent in social networks (that’s a lot of time given how new the space is).

 

2) Social networks will become people’s new communications hub. It already provides a diverse set of options for connecting with more people than ever,,, in chat rooms, with IM and in real time broadcasts. This trend will only continue.

 

3) Information obtained via social networks is more trusted than non vetted information. Just like in the real world where I would probably ask my lawyer friend for legal advice, we will  begin our online searches first within our social networks.

 

4) Law of numbers … 2/3 of people use one form of social media or another and more than use email! (Source: Computerworld 3/10/09).  Social networks are becoming our filter into the big and sometimes overwhelming world of Google. Our networks will help us sort good information from bad information.

 

5) Social networks are where people will live more and more when they go online. John Burbank, CEO of Nielson Online said, “Social networking will continue to alter not just the global online landscape, but the consumer experience at large. Social networking isn’t just growing rapidly, it’s evolving — both in terms of a broader audience and compelling new functionality,”

 

So if you want to guess how the next gen web will evolve, look no further than your own networks.

 

Trust the human element. Trust your “peeps”. 

 

Judy Shapiro

What’s up?

            

It’s a common greeting among kids.  “Hey, what’s up?” they ask wanting to get the latest updates on what’s happening in their friends lives.

 

Now technology provides a way to let our connections perpetually know “What’s Up” with us – all the time, if we want. The new social networking platform has made the act of keeping up easy and far more powerful than ever before. But the new digital transparency raises some tough questions.

 

How do we keep our sensitive information out of the hands of fraudsters as we tweet publically about what we buy and where we are?

 

How do we know if a “friend request” is real or really some Trojan virus planted on a site?

 

How does security, identity management and social networking intersect to ensure a way to stay safe online?

 

Should there be standards for the social networking industry today? If so, who should drive it – the government, the industry or some other new standard body?

 

These are new and difficult questions that affect all of us. This is why I am pleased that Paltalk will be bringing a new series called TechNow where industry experts and you will discuss important technology issues of the day.

 

On Tuesday, March 3rd at 3pm EST we have two industry experts, Melih Abdulhayoglu, CEO of Comodo and Henry Blodget, CEO of Silicon Alley Insider, in a live interactive event entitled; Your Digital Identity – Manage It Or Lose It. They will delve into this compelling topic and I invite you to come along for the debate and share your thoughts, live.

 

To join the room when the event is on, March 3, 3:00 pm EST, please visit http://TechNow.Paltalk.com. To learn more about the event or submit a question, please go to http://TechNow.Paltalk.com/crashdummies

 

Now when you ask “What’s Up”, the answer can be just a click away. But are we too easy a mark? I want some answers. Join me as I get them.   

 

Judy Shapiro

 

Trust Me!

         

Nothing evokes more distrust than someone asking you to “Trust me”.

 

Yet that is what the Internet asks us to do every day! We must conduct confidential transactions online – yet we often have no way to verify the authenticity of the site. We want to share our lives with our trusted network of friends, yet we worry that in our transparency and our tweets to our colleagues, we risk our very identity to the bad guys. How do we balance our desire to go online with our need to know that we can trust sites, information and communications?

 

Can we ever hope that the Internet of today becomes the Trusted Internet of tomorrow?

 

These are questions we all confront as we conduct more of our lives online. Join two leading tech titans, visionary Melih Abdulhayoglu, CEO of Comodo and noted Internet commentator Henry Blodget as they discuss live on the Paltalk Network their ideas on the future of the Internet in a three part series entitled, “Are we the crash dummies of the new Internet age?”   

 

This live, interactive Internet event gives Melih and Henry a chance to share their thoughts with each and with the audience on a range of subjects organized in three parts. The first program, airing February 10 at 3 pm (EST), will cover, The Internet Today: Like Cars before Seatbelts. This talk will address the truth about where we are today and how the criminal elements may very well take over the Internet. The second program, scheduled for March 3 at 3 pm (EST) will focus on how much should we reveal about ourselves online. This show, entitled “Your Digital Identity – Establish it or lose it”  will discuss how do we continue to live online without risking ourselves. Lastly, the third program, entitled, Transforming the Web into Your Web, airing March 19 at 3 pm (EST) will challenge us to address how we navigate through an increasingly complex Internet while leveraging new powerful tools, such as our social networks, to carve out a personal web for each one of us. 

 

LIVE SHOW DATES & TIMES (Eastern Standard Time):

Tues 2/10, 3:00 PM

Tues 3/3 , 3:00 PM 

Thurs 3/19, (TBD) 

 

For more information about this groundbreaking series, please visit  http://TechNow.Paltalk.com.

Show link is: http://TechNow.Paltalk.com/CrashDummies

 

About Melih Abdulhayoglu
CEO and Chief Security Architect of Comodo

 

Melih Abdulhayoglu created Comodo in 1998 with a bold vision of making the Trusted Internet a reality for all. His innovations have challenged some of the largest corporations and his pioneering business model earned him Ernst & Young’s Entrepreneur Of The Year® 2008 Award in the Information Technology Software Category for New Jersey.  

 

Melih has led the industry in new digital security technologies for large enterprises, computer manufacturers and governmental organizations worldwide. This success has resulted in Comodo Certificate Authority, becoming the 2nd largest CA worldwide and Comodo’s award winning desktop security solutions are now one of most popular in the market today.

 

To learn more about the Trusted Internet, please visit http://www.comodo.com/corporate/manifesto.html

 

 

About Henry Blodget

CEO of Silicon Alley Insider

 

Silicon Alley is an online business media company based in New York. Prior to founding SAI in  May, 2007, Henry was CEO of Cherry Hill Research, an Internet research and consulting firm.

 

From 1994-2001, Henry was an investment banker at Prudential Securities and an equity analyst at Oppenheimer & Co. and Merrill  Lynch. As a Managing Director at Merrill, he ran the firm’s global Internet research practice and was the top-ranked Internet analyst on Wall Street. Blodget’s first book, The Wall Street Self-Defense Manual: A Consumer’s Guide to Intelligent Investing, was published in January 2007.

 

I hope you can join me for the pivotal live event. Bring your webcams 🙂

Judy Shapiro

%d bloggers like this: