The unintended “open book” company … opens a can of worms.

Transparency is usually considered a good thing. But when it means your company is an open book, it’s gone too far.

Unfortunately, some companies are making far too much of their information visible to the world without realizing it. Clean laundry, dirty laundry – the works.

One of these instances came to light recently when vpnMentor, a firm that bills itself as an “ethical hacking group,” discovered an alarming lack of e-mail protection and encryption during a web-mapping project regarding an international piping, valve and fitting manufacturing organization.

I’m going to shield the name of the company in the interest of “discretion being the better part of valor,” but the company’s data that was found to be visible is amazingly broad and deep. Reportedly it included:

  • Project bids
  • Product prices and price quotations
  • Discussions concerning suppliers, clients, projects and internal matters
  • Names of employees and clients
  • Internal e-mail addresses from various branch offices
  • Employee IDs
  • External/client e-mail addresses, full names and phone numbers
  • Information on company operations
  • Travel arrangements
  • Private conversations
  • Personal e-mails received via company e-mail addresses

Basically, this company’s entire business activities are laid out for the world to see.

The vpnMentor research team was able to view the firm’s “confidential” e-mail communications. Amusingly, the team saw its own e-mails it had sent to the firm warning about the security breach (that the company never answered).

“The most absurd part is that we not only know that they received an e-mail from one of the journalists we work with, alerting them to the leak in this report, but we [also] know they trashed it,” as one of the team members noted.

The company in question isn’t some small, inconsequential entity. It operates in 18 countries including the biggies like Germany, France, Germany, the United States, Canada and Brazil.  So the implications are wide-ranging, not just for the company in question but also for everyone with which they do business.

The inevitable advice from vpnMentor to other companies out there:

“Review your security protocols internally and those of any third-party apps and contractors you use. Make sure that any online platform you integrate into your operations follows the strictest data security guidelines.”

Are you aware of any security breaches that have happened with other companies that are as potentially far-reaching as this one? It may be hard to top this particular example, but if you have examples that are worth sharing, I’m sure we’d all find them interesting to to hear.

Yahoo’s Terrible, Horrible, No-Good Month

ybb

Aren’t you glad you don’t work at Yahoo?

Where to begin … For starters, the Associated Press is reporting that Yahoo disabled its e-mail forwarding service effective the beginning of October.

Yahoo has a rather benign statement in its Help Center “explaining” why the service has been disabled:

“Automatic forwarding sends a copy of incoming messages from one account to another. The feature is under development.  While we work to improve it, we’ve temporarily disabled the ability to turn on Mail Forwarding for new forwarding addresses.  If you’ve already enabled Mail Forwarding for new forwarding addresses in the past, your e-mail will continue to forward to the address you previously configured.”

This hardly passes the snicker test, of course.

Disabling the auto-forwarding feature for new forwarding addresses came at the same time it was revealed that a 2014 hack of Yahoo’s platform resulted in the theft of ~500 million e-mail accounts including information on addresses, phone numbers, passwords, security questions and answers, plus birthdays.

It doesn’t take a genius to conclude that the reason Yahoo disabled its automatic forwarding function for new forwarding addresses was to deter concerned or frightened Yahoo Mail users from making a mass exodus to rival services.

But this is only the latest in a string of stumbles by the company in just the past few weeks.

For one, Yahoo is now defending a class-action lawsuit accusing the company of security negligence in the wake of 2014’s half-billion e-mail accounts theft.

There’s also a report from Reuters that for the past 18 months, Yahoo has been scanning all incoming Yahoo Mail messages for a wide range of keyword phrases — all on behalf of our friends in the federal government.

And if those weren’t enough, the much-ballyhooed announcement this past summer that Verizon was planning to acquire Yahoo for $4.8 billion has devolved to this: Verizon is now asking Yahoo for a $1 billion discount on the purchase.

It’s little wonder some people are calling the company “Whowee” instead of “Yahoo” these days …

Criptext: When a recall actually looks pretty good.

Criptext logo

I doubt there are many of us in business who have never inadvertently sent an e-mail to the wrong person … or sent a message before it was fully complete … or forgot to include an attachment.

In such cases, it would be so nice to be able to recall the e-mail — just like we used to do in the days of postal mail simply by retrieving the letter from the outgoing mail bin.

Recent news reports reveal that this capability is actually a reality now.

In the fast lane?  Criptext principals just completed a successful round of investment funding.
In the fast lane? Criptext principals just completed a successful round of investment funding.

A start-up firm called Criptext has just raised a half-million dollars in private investment funds to help it perfect and expand a product that allows any sent e-mail to be recalled — even if the recipient has already opened and read it.

According to a report from Business Insider, Criptext is currently available as a plugin and a browser extension for the popular Outlook and Gmail email services.  It operates inside of the email, enabling the sender to track when, where and who has opened emails and/or downloaded attachments within them.

In addition, Criptext also enables the sender to recall emails, and even to set a self-destruct timer to automatically recall emails after a specified length of time.

Viewing a screenshot of how Criptext works (in this case with the Gmail service), things look pretty simple (and pretty cool, too):

Criptext activity panel example

I thought it would be only a matter of time before some developer would figure out a way to “unwind” an email communiqué once the “send” button was hit.  And now we have it.

Of course, time will tell whether Criptext can live up to its billing … or if it turns out to be more of a nightmare of glitches than a dream come true.

It would be great to hear from anyone who may have first-hand experience with Criptext — or other similar email functionalities.  Please share your experiences and perspectives pro or con with other readers here.

Big, brawny behemoth: Google’s Gmail email service reaches 900 million active users.

Google GMailIt’s been several years since Google gave us an official report on Gmail’s user base.

But now we have a new announcement from one of Google’s senior vice presidents,  reporting that Google’s Gmail service has now reached a new milestone of 900 million active users.

Three years ago — the last time Google commented officially on the Gmail active user base — the company had reported ~425 million users.

… Which means that in the past three years alone, Gmail’s active user base has more than doubled — and doubled from an already strong baseline figure.

In fact, Gmail had already become the most popular email service in America by 2012.

Despite the fact that most other email services have failed to report newer stats since then, it’s a safe bet that Google remains King of the Hill when it comes to the number of active users of its Gmail email service.

[Related to this, the same Google spokesperson is also reporting that three out of four active Gmail service users are accessing their accounts on mobile devices.  I’m sure this doesn’t come as a surprise to anyone.]

The continued robust growth in Gmail users may explain why Google hasn’t been making significant changes to the service or the user interface.  Any service that’s the largest one out there can’t risk irritating or alienating large swaths of its users.

Indeed, even when an email service isn’t the biggest or most important one in the market, making changes can still be a risky move.  Just recall the howls of protest from users (and even some of Yahoo’s own employees) when Yahoo made sweeping changes to its e-mail service about 18 months ago.

No doubt, Yahoo has lost a certain number of subscribers who simply couldn’t abide the changes.

Google InboxIn Google’s case, what it’s doing is using Inbox, which Gmail users see on top of the Gmail platform, as an area to experiment with new email features and such — without upsetting satisfied Gmail users who may have little appetite for those changes.

Inbox is an email app by Google for Android and iOS, along with web browsers Chrome, Firefox, and Safari.  In a hint at things to come, Google has now made Inbox open to all users.

Google claims that its Gmail and Inbox services serve different functions and needs, and that it will continue to work on enhancements and updates for both.

But it’s pretty clear that Inbox is where the bulk of Google’s developmental effort and energy are being directed these days.

E-mail response time expectations: “The faster the better.”

e-mail inbox managementEver since the advent of e-mail communications, there’s tended to be a feeling that correspondence sent via this mode of delivery is generally more “pressing” than correspondence delivered the old-fashioned way via postal mail.

After all, people don’t call postal mail “snail mail” for nothing.

At the same time, one would think that the proliferation of e-mail volumes and the today’s reality of groaning inboxes might be causing an adjustment of thinking.

Surely, most of the e-mail doesn’t need a quick response, does it?

If 80% or more of today’s e-mail is the equivalent of the junk mail that used to fill our inbox trays in the office in the “bad old days,” why wouldn’t we begin to think of e-mail in the same terms?

But a new survey of workers appears to throw cold water on that notion.

The survey of ~1,500 adults was conducted by MailTime, Inc., the developer of a smartphone e-mail app of the same name.  The survey found that a majority of respondents (~52%) expect a response to their work-related e-mail communiqués within 24 hours of hitting the send button.

Moreover, nearly 20% expect a response in 12 hours or less.

While the survey encompassed just users of MailTime’s app, the findings are likely not all that different for office workers as a whole.

Why is that?  I think it’s because, in recent years, the e-mail stream has become more “instant” rather than less.

Back in the early days of e-mail, I can recall that many of my work colleagues checked their e-mail inboxes three times during the day:  early in the morning, over the lunch hour, and as they were wrapping up their workday.

That’s all out the window now.  Most people have their e-mail alerts set for “instantaneous” or for every five or ten minutes.

With practices like that being so commonplace, it’s little wonder that people expect to hear a response in short order.

And if a response isn’t forthcoming, it’s only natural to think one of three things:

  • The e-mail never made it to the recipient’s inbox.
  • The recipient is on vacation, out sick, or otherwise indisposed.
  • The recipient is ignoring you.

I think there’s an additional dynamic at work, too.  In my years in business, I’ve seen e-mail evolve to becoming the “first line of contact” — even among colleagues who are situated in the same office.  Younger workers especially eschew personal interaction — and even phone contact — as modes of communication that are needlessly inefficient.

Of course, I can think of many instances where e-communications can actually contribute to inefficiencies, whereas a good, old-fashioned phone call would have cut to the chase so much more easily and quickly.

But even with that negative aspect, there’s no denying the value of having a record of communications, which e-mail automatically provides.

And here’s another thing:  MailTime estimates that around two-thirds of all e-mails are first opened on a smartphone or tablet device — so message deliverability is just as easy “on the go” as it is in the office.

It’s yet another reason why so many people expect that their communiqués will be opened and read quickly.

I agree that e-mails are easy and convenient to open and read on a mobile device.  But sometimes the response isn’t nearly so easy to generate without turning to a laptop or desktop computer.

So as a courtesy, I’ll acknowledge receipt of the message, but a “substantive” response may not be forthcoming until later.

… And then, when others don’t show a similar kind of courtesy, I think many of us notice!

Some larger companies with employees who are more geographically far-flung have actually adopted guidelines for e-mail etiquette, and they’ve applied them across every level of the company.

It seems like a good idea to get everyone’s expectations on the same page like that.

Incidentally, the preferred scenario for responding to personal e-mails isn’t really all that different from work-related expectations, even though personal communiqués aren’t usually as time-sensitive.  Respondents in the MailTime survey said that they expect to receive a response to a personal e-mail within 48 hours.  For nearly everyone, waiting a week is far too long.

Time spent online daily: 2.5 hours and growing.

Lots of time spent onlineIf you’re wondering what happened to all of the community volunteer activities people used to do – not to mention the popularity of participating in group social or recreational activities like softball or bowling leagues … you might look at the time Americans are spending online as one possible explanation.

The evidence comes in the form of research the Interactive Advertising Bureau did when they contracted with GfK Research to conduct an extensive online survey as part of a larger behavioral analysis of American adults.

Fielded in late 2013 with participation from ~5,000 adults between the ages of 18 and 65, the IAB/GfK survey revealed that Americans are spending an average of 2.5 hours of every day online.

Add that on to the average ~5 hours per day spent watching TV – a figure that’s hardly budged in years – and it’s little wonder that the Jaycees, Shriners’ and other service organizations are finding it more difficult to recruit new members … or that “old faithful” group social and recreational activities are in danger of becoming less relevant.

The IAB/GfK survey also revealed which types of online activities are engaged in the most.  The chart below, created by Statista from the IAB/GfK report’s data and published in The Wall Street Journal, gives us the lowdown:

Online Time (average per day)

 

I wasn’t surprised to discover that social networks chew up the most online minutes per day.  Online video viewing and search time seem about as expected, too.  And who doesn’t enjoy a nice game of Spider Solitaire or Internet Spades to wind down after a long day?

But at ~30 minutes per day, the e-mail average seems on the high side.  People must really be struggling with managing personal inboxes stuffed with marketing e-mails.  (But if work-related e-mails are part of the equation, the half-hour figure seems more expected.)

Comparing these results to similar research done in prior years, the most recent survey charts an increase in online video watching; it’s doubled over the past four years.

Other activities that are on the rise include online gaming, and listening to online radio.

Adding it all up, total time spent online is continuing its inexorable rise thanks to mobile connectivity and the “always-on” digital environment in which Americans now live.

Perhaps the way to stem reduced interest in group social activities and volunteerism lies in giving people free reign to “multitask” even as they participate in the local bowling league or Ruritan Club meetings …

What are your thoughts on the time people are spending online – and if it’s crowding out other forms of daily activities?  Please share your thoughts with other readers here.