Microsoft

Your life online: You can run, but you can’t hide.

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , ,

Vetting Job Candidates OnlineRecently, a Microsoft-commmissioned survey conducted by Cross-Tab Marketing Services discovered that fewer than 10% of U.S. consumers believe information found online about them would have a negative impact on their ability to get a job.

How clueless. That same survey also queried ~1,200 recruiters and human resources personnel. It found that these professionals are highly likely to research the online profile and online activities of job candidates as part of their vetting and winnowing process.

Fully 70% of them reported that they’ve rejected candidates based on what they found.

Going further, the HR survey found that the majority of companies have made online screening a formal part of the hiring process, and the expectation is that online vetting will become even more important in the years ahead.

Fortunately, it’s not just negative information that counts, because ~85% of the HR respondents reported that discovering a positive online presence influences their hiring decisions at least to some degree … and the stronger and more relevant to the candidate’s prospective job responsibilities, the better.

When asked to comment on what types of online information was “appropriate” for companies to assess, consumer respondents’ views were at sharp odds with the HR professionals:

Viewing photo and video sharing sites: ~44% of consumers feel these are inappropriate to consider … yet ~60% of recruiters and HR professionals are busy checking them.

Looking at social networking sites like Facebook: ~43% of consumers (and ~56% of younger consumers under the age of 25) feel that these should be off-limits … but ~63% of the HR folks review them.

 Consumers are even more critical of HR personnel reviewing sites such as online gaming, classified ad sites like Craigslist, and “virtual worlds” … yet more than 25% of HR professionals are snooping around those types of sites as well.

And let’s not forget the search engines. Not only do many individuals “Google” their name to see what’s out there on them in Cyberspace, HR personnel do it as well. In fact, that’s the most prevalent online investigative tool – done by nearly 80% of the HR professionals who participated in the Microsoft survey.

Why are job candidates rejected? It’s for the expected reasons, including:

 Concerns about a candidate’s lifestyle (~58%)
 Inappropriate comments and text written by the candidate (~56%)
 Unsuitable photos, video and information (~55%)
 Inappropriate comments or text written by friends and relatives (~43%)
 Comments criticizing previous employers, co-workers or clients (~40%)

There’s nothing really new about this list – people have been passed over for jobs for reasons like these since way back before computers and the Internet. But today, it’s all out there – in plain view and just a few quick keystrokes away. That’s a huge difference.

And there’s one other important thing to remember: the stuff tends to live out there in cyberspace for a long, long time, and attempts to squelch unflattering information are usually fruitless.

Microsoft’s “next of Kin”? None, evidently.

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Microsoft Kin logoPeople say that today’s digital world has dramatically shortened the business and product development cycle. But even so, the amount of time it took for Microsoft to pull its Kin social phone off the market – a mere six weeks after its launch – has to be a record, or close to one.

For those who missed this eye-blink of a product introduction, the Kin was supposed to be a major component in Microsoft’s efforts to become a player in the mobile market, in response to the success of Apple’s iPod and iPhone, as well as a variety of new smartphones that are powered by Google’s Android software.

The New York Times has reported that this latest development “is the latest sign of disarray for Microsoft’s recently reorganized consumer products unit.”

Amazingly, for a product that was in development for several years and reportedly represented a resource investment of well over $1 million, Microsoft sold only a relative handful of units during the Kin’s star-crossed six-week introduction. Reports of sales volume vary – from a few thousand units on the upper end to as few as 500 on the low end. Either way, it’s a stunning defeat for a company that up until a short time ago, seemed well on its way to being an important player in the field.

What was Kin’s problem? In a nutshell, consumers didn’t like the product nor the way it was being sold. Verizon, Microsoft’s service provider partner, priced Kin service agreements like a smartphone – at ~$70 per month when combined with the mandated voice plans. But many people felt that the platform was mediocre and didn’t possess anything near the functionality of a smartphone. “A feature phone, not a smartphone,” was the common complaint.

Some people are wondering if there’s a bigger story afoot: whether or not Microsoft is still committed to its Windows Phone 7 platform. It’s fallen so far behind iPhone and Android, what are its chances of success now?

And that’s not all the bad news for Microsoft on the consumer side of the business. Gizmodo is reporting that Microsoft has also cancelled a project to develop its Courier tablet computer that would have competed with the iPad.

This is just the latest in a string of Microsoft consumer initiatives that have basically fallen flat – Money, Encarta, and now the Kin and Courier.

Once, Microsoft would have hung in there for the long haul. It doesn’t seem so today.

Computer security measures: A whole lot of heat … and very little light?

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , ,

Cyber-security ... how effective is it in relation to the all the effort?If you’re like me, you have upwards of two dozen sets of user names and passwords associated with the various business, banking, shopping and social media sites with which you interact on a regular or occasional basis.

Trying to keep all of this information safe and secure – yet close at hand – is easier said than done. More often than not, passwords and other information end up on bits of paper floating around the office, in a wallet … or in (and out of) your head.

And to make things even more difficult, if you paid attention to conventional advice, you’d be changing those passwords every 30 or 60 days, making sure you’re following the guidelines regarding creating indecipherable permutations of numbers, letters and symbols so as to throw the “bad guys” off your password’s scent.

Now, here comes a paper written by Dr. Cormac Herley, principal research analyst at Microsoft Corporation, that calls into question how much all of this focus on password protection and cyber-security is really benefiting anyone.

Dr. Herley’s paper is titled So Long, and No Thanks for the Externalities: The Rational Rejection of Security Advice by Users. In it, the author contends that the collective time and effort involved in complying with all of the directives and admonitions regarding computer security add up to far more cost than the cost of what is actually caused by cyber-security breaches.

[For the record, he estimates if the time spent by American adults on these tasks averages a minute a day, it adds up to ~$16 billion worth of time every year.]

Here’s a quote from Herley’s paper:

“We argue that users’ rejection of the security advice they receive is entirely rational from an economic perspective. The advice offers to shield them from the direct costs of attacks, but burdens them with far greater indirect costs in the form of effort. Looking at various examples of security advice, we find that the advice is complex and growing, but the benefit is largely speculative or moot.”

It would be one thing if this screed was written by some outré blogger operating on the fringes of the discipline. But it’s coming from a senior researcher at Microsoft.

To illustrate his point, Herley summarizes the whole area of password rules, which he contends places the entire burden of password management on the user. To wit:

 Length of password
 Password composition (e.g., letters, numbers, special characters)
 Non-dictionary words (in any language, not just English)
 Don’t write the password down
 Don’t share the password with anyone
 Change it often
 Don’t re-use the same passwords across sites

How much value each of these guidelines possesses is a matter of debate. For instance, the first three factors listed above are not consequential, as most applications and web sites lock out access after three or four incorrect tries.

Changing passwords often – whether that’s quarterly, monthly or weekly – is never often enough, as any attack using a purloined password will likely happen within a few seconds, minutes or hours of its acquisition, rather than waiting days. On the other hand, for users to change their passwords regularly requires time and attention … and often leads to frustration and lost productivity as people hunt around for the “last, best” misplaced password they assigned to their account.

And as for those irritating certificate error warnings that pop up on the computer screen with regularity, Herley contends that most users do not understand their significance. And even if they did, what options do people have when confronted with one of these warnings, other than exiting the program?

As it turns out, there’s not much to fear, as virtually all certificate errors are “false positives.” With certificates as well as so many other issues of cyber-security, Herley maintains that the dangers are often not evidenced-based. As for the computer users, “The effort we ask of them is real, while the harm we warn them of is theoretical,” he writes.

Herley’s main beef is that all of the energy surrounding cyber-security and what is asked of consumers is a cost borne by the entire population … but that the cost of security directives should actually be in proportion to the victimization rate, which he characterizes as miniscule.

An interesting prognosis … and a rather surprising one considering the source.

More Action on the Search Engine Front

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , , , , ,

Bing logo designWolfram Alpha logoDespite the fact that Google has proven itself to be all but immune from threats posed by competing search engines, hope springs eternal. Within the past couple weeks alone, two new challengers have emerged, accompanied by much fanfare in the business press.

Microsoft takes yet another swipe at Google with its new Bing search engine. Based on an earlier one called “Kumo,” some industry observers — though not all — believe it is a pretty good competitor. Reviewers are particularly pleased with the presentation of refined versions of search queries. Bing also features a rollover display of each link’s content, allowing you to see how useful it will be before clicking through to the site.

The search engine also appears to index more recent “breaking news” items, whereas with Google, those results are not shown unless you click through to Google News — an extra step.

The big question is whether Bing will be able to wean web users away from their habit of searching on Google as their default choice. Certainly, Microsoft is putting some serious promotional dollars behind the launch — upwards of $100 million according to Advertising Age magazine. But based on the tea leaves, a wholesale change in search behavior seems unlikely. Search habits aren’t going to change dramatically unless there is a dramatic improvement in the effectiveness and speed of search activity. Fom what we see of Bing so far, we’re talking about improvements nibbling around on the margin rather than big sweeping change.

But “big sweeping change” just might be the recipe for Wolfram/Alpha, the other new entrant in the search engine sweepstakes. That’s because W/A isn’t actually a search engine in the classsic sense. Instead, its developers refer to it as a “computational knowledge engine” that uses complex algorithms to search databases to come up with answers to questions, rather than presenting a list of sources where the answer might be found. It can report some really cool factual results just based on the user typing in, for example, a date range, several city names, or an animal species.

The key difference between Wolfram/Alpha and Google is that W/A does not index web pages. Instead, it draws answers from a wide range of information-packed databases. So if you want to know the number and magnitude of hurricanes hitting North America in the past 15 years, you’ll get a specific answer rather than being presented with a series of web links wherein you might find the answer to be hiding.

Some observers see the potential for W/A and Google to team up rather than compete against one another. After all, what they do isn’t directly competitive, but in more respects complementary. And in an interesting twist, it turns out that Stephen Wolfram, the ~50-year-old computer scientist and developer who created the software platform upon which W/A is based (called “Mathematica”), once supervised a summer intern by the name of Sergey Brin — who would go on to develop Google with partner Larry Page.

Sergey and Stephen teaming up once again would be quite the coincidence … or would it really?