Google improves itself yet again...

On Friday, Google attempted to make their search engine even better with the launch of Google Suggest. Now when you begin to type in your search query, Google gives you a drop down menu that matches the words you use with similar queries that were previously used by others.  Therefore, if I typed the word “Merry,” it would give me a drop down list of suggestions such as “Merry Chirstmas”, “Merry Maids”, “Merry go round”, etc.  Within this drop down list, it also shows the number of results that will display with each option so as to save time in typing in a query that will produce zero results. Ironically, I actually read about this on Google’s company blog, which goes to show that blogs are indeed becoming a great place to get the most up to date news.

Blogonaut: Hail to the Victors: So, I stand corrected...

Link: Blogonaut: Hail to the Victors: So, I stand corrected....

A previous firm that I worked for used a method similar to what you described in terms of multiple people being able to check out copies of the of the same master document, make revisions, and then replicate with the master in the end. So long as everyone didn't try to replicate at the very same time, this method worked well, provided that they verbally collaborated ahead of time about which section they were going to edit. Is this what you're referring to with CVS and subversion? In commenting on Justin's idea, I was under the assumption that he was talking about a program that would allow multiple people to edit the same document in real time. So, if the person sitting next to you deleted a sentence in the same document that you had open on you screen, the change would happen on your screen in real time, right before your eyes. Is there any type of program that currently does this and furthermore, is this even practical?

So, I stand corrected...

So, I stand corrected… there is a controlled, central data sharing repository after all. Per Mike’s post and Scott Moore’s email that was sent out this week, IFS and CTools are two possible alternatives to the R-drive. I like the notion of the CTools option, but I have to argue that using our public FTP spaces for file sharing is pretty much the same as using the R-drive, except the whole university can view your files vs. just the business school. In checking out the capabilities of CTools, I found that loading files is actually pretty easy, and the best part is that you can control who can read, revise, delete, and post files on your space by hitting the ‘permissions’ button on the ‘resources’ tab.  In further exploring CTools, I also found that the ‘news’ tab has RSS capabilities and you can customize this section to have any RSS feed that you want appearing on the page.  It’s amazing that all this was in front of me all semester long, and I had no idea.

 In response to Justin’s post about real time revision collaboration, I agree that the notion is appealing, although it may cause more trouble than its worth. If two people were working off of the same file and were in disagreement about something, one of them could go and delete parts of the file without the other person having any record of the original version. However, I’ll give you that it would be really efficient.

DocuShare

After experiencing a nightmarish week with multiple classes culminating in final projects being due, I am convinced that the way we work is completely and utterly inefficient. All of our classes require group work to complete some sort of deliverable, whether it be a paper or PowerPoint presentation, and the easiest way of tackling this is usually splitting up the work. This, however, yields the problem of document version control. 

If six people write 6 different sections of a paper, that means that in the end, six different versions of the paper exist until they all get aggregated. However, as soon as this aggregation takes place, we’re now left with the problem of six people gathered in front of one computer screen to make all further edits. Of course, no one wants to do this so we end up e-mailing out the preliminary aggregated version to everyone in the group, at which point we’re now back to having six different versions of the same paper.  Everyone then makes changes on their own personal version, and in the end, we’re left with no way of tying it all back together.

From this past week alone, I probably have at least 10 versions of my paper in my email box, an additional 5 versions on my memory stick, and 4 more on my hard drive. Multiply this by the 6 other people in my group, and it is a version headache. The R drive used to combat this problem by keeping group files in one central location for all to access, but there were no controls surrounding who could view the files on the drive and this led to a “free-for-all” opportunity for cheaters. Bub-bye R drive.

In talking about this with my Dad this weekend, he showed me one of the products that he uses at work to eliminate this problem.  It is called DocuShare, and like the R-drive, it allows documents to be stored in one central location. The difference is that it contains the proper controls so that the entire free world can’t view your work. Instead, you can choose who is able to view and edit your files. It also has a version control built in so that it prevents two people from duplicating efforts by editing the same file at the same time. If a file is in use by another person, the second person attempting to access it can only open a “read-only” version and cannot make any edits to the master until it is checked back into the system by the first user. This eliminates all sorts of problems such as group members forgetting to send out the most recent version of their work while others are wasting time making edits to old versions that have become obsolete.

If the Business School expects to continue facilitating a group-work friendly environment, there needs to be one central, controlled data sharing repository, and something like DocuShare may be the solution.

Comply or else...

This post is a bit outside the scope of this class, but it is definitely relevant to the information technology world and anyone who is currently investing in or plans to invest in the market.

As of yesterday, Sarbanes Oxley 404 compliance went into effect for all public companies with a market cap over $75M.  For those of you not familiar with Sarb-Ox, in many ways it is a corporation’s worst nightmare and an auditor’s dream come true. Instead of focusing an audit solely on numbers and the resulting financial statements, Sarb-Ox forces companies to pay attention to the systems and the processes that their numbers are flowing from. You can audit numbers backwards, sideways, and upside down, but its not going to matter if the processes and systems that generate the numbers do not have integrity in themselves. As a result, companies must now pay careful attention to the effectiveness of their internal controls on an ongoing basis. To provide some perspective, this means that the design and operating effectiveness of the key controls embedded within hundreds of business process that could affect financial statement assertions must be documented and tested. Not only is this incredibly time consuming, but it is also incredibly costly from a labor and accounting fee standpoint. According to this article posted on CFO.com, companies will spend an average of $5.1M on compliance efforts. Worst of all, this must be completed before every corporation’s next fiscal year end, and as of now, many are lagging severely behind in process. Since two additional audit opinions in relation to Sarb-Ox are to be issued along with the traditional opinion, companies who fail to comply or correct material control weaknesses in a timely manner could receive a bad opinion. This in turn could negatively impact the markets if stock prices begin to fall as a result of weakening confidence in the transparency of accounting practices.

From an IT standpoint, this is relevant because the audit of these internal controls is wrapped around computer information systems. All processes taking place in the data center and pertaining to either logical access/security, program development, or program changes must be thoroughly documented and tested. Essentially, this means gaining comfort over everything IT: disaster recovery plans, back-up procedures, batch processing, password maintenance, operating system security parameters, database settings, etc.  In addition, companies are also spending large amounts of money on technology to aid them in their compliance efforts. This article gives a decent breakdown of what this entails.

Who ever thought that misclassifying expenses as capital expenditures and manipulating special purpose entities could lead to all of this legislation? WorldCom and Enron sure weren’t betting on it.

Additional source

Blogs as the catalyst for promoting bottom-up change

I am currently working on a very large project for another class that involves analyzing a factory. One component of the project involves analyzing the information flows through the factory and assessing whether or not to invest in a computer information system. As I have been turning this over in my mind for the past couple of days, I started thinking… if blogs are an effective means of letting professors know what students are thinking and help them to gage whether or not students understand a particular topic, wouldn’t they also be effective in the business world as a means of direct communication between front line workers and top management? Many companies have suggestion boxes in either the physical sense or in the email sense. But, the downfall to suggestion boxes is the fact that only one or two people get to read and evaluate them. If employees were to utilize an internal blog, it accomplishes two things: 1) many people get to see the suggestions, including co-workers who may add additional value to preliminary thoughts in development 2) higher end management can gain a better understanding of what is happening at all levels of the organization. Additionally, blogs could help companies better institute bottom-up change by giving front-line workers a larger voice in identifying and remedying common problems they encounter on a daily basis. These employees have a great deal of knowledge about product development, scrap, customer preferences, etc.

In doing some research… companies seem to be slowly getting on board with the idea of using blogs to better connect with their employees from an internal standpoint, and to better connect with their customers from an external standpoint. This website talks about using blogs in a business context as a method of inter-company communication.

Blog feedback/rating system...

In reading the Morgan Stanley article by Mary Meeker, she mentions that if blogging is to continue into the future, “an aggregated rating/feedback system could expand the markets for the most serious bloggers.”  I could not agree with her more in this respect.  Presently, people often judge the integrity of a website based on the company who is sponsoring it.  A person is more likely to trust information from the official “American Medical Association” website versus information slapped together sloppily on the “Jack’s medical advice” site. If we are to use blogs to derive information in the same way that we derive it from websites, there needs to be some way to decipher the author’s credentials. This poses somewhat of a problem given that most bloggers use pseudonyms and publicity is garnered via word of mouth. However, if something similar to E-Bay’s user rating system was initiated in conjunction with blogs, it could help people to differentiate credible authors and content.

Also, this is totally unrelated, but as I was looking through some of the syndicated guest blogs, I ran across this post by Scobleizer and think that this is really cool for anyone who tracks the stock market. It’s an RSS feed called Earnings Cast that contains the audio conference calls associated with companies’ quarterly earnings releases.

 

Class Blogs in Google Search Results

After reading Justin's post on Google, I started wondering what their competitive advantage really is. Up until coming to college, I always used Yahoo as my primary search engine. I always seemed to find things quicker than I could on any other search engine site. However, when I came to U of M freshmen year, I remember a librarian telling me that Google was the "smart" search engine. But, what does this mean? What is the real underlying difference betwen these two competitors? In trying to find out, I ran across a website that allows you to type in a word and then run the search simultaneously in both Google and Yahoo so that you can compare the results. After running random searches to see how the results differ, I decided to type in my name. To my surprise, I discovered that Google is now recognizing our class blogs where as Yahoo is not. It is definitely interesting to see the differing results.

Yay! No more pop-ups....

Upon reading multiple posts and seeing it used in class, I decided to give Firefox a try.

Over the summer, I made the mistake leaving my computer with my family members while I went out of town for two weeks. About a week into my trip, I received a call from my mother asking why Internet Explorer wouldn't work anymore and why the online casino kept popping up.

Upon returning home, I discovered 150 adware programs running in the background, similar to what Alex references in his Spyware blog. I found the same thing to be true on our two other laptops as well. After buying more security software, downloading Spybot and Ad-aware, manually cleaning, and then updating my Virus scan to the latest version, I think that I finally fixed everything. Too bad that there isn't a way to be entirely sure. After reading some additional articles posted about IE, I now have a batter understanding about why this happened.

So far, I like Firefox, especially since it blocks pop-up ads (especially that annoying pesky little one on the Weather Channel website). I also really like the tabs feature. My only complaint is that it gets cumbersome when some webpages are displayed differently than they are in IE and not all of the features work. I suppose maybe I just need to fix my security preferences though.

Open Source Code Security

As I was sitting in class this week listening to the discussion of MySQL and the advantages of open source code, I couldn’t help but wonder what the downside was. I understand the benefits in terms of cost and the fact that it is probably better to have multiple eyeballs reviewing the code so as to identify bugs. In theory, this seems legitimate, but what about the issue of security?. Why would any company want to buy a program to store proprietary information knowing full well that the code is available for the whole entire world to view? It is almost like having a rare jewel in your house and publishing the floor plan on the Internet so that any potential robber would have ample time to review and formulate their plan before attacking.

When I got home, I looked a little further into this issue and found that my initial reaction was not entirely accurate. While there are a variety of arguments as to why open source code is a vulnerability, there are overriding factors as to why closed source code is a bigger threat. First, hackers don’t need to be given source code in order to gain access to it or do damage. According to the article "Security Model of Open Source Software,” hackers can utilize decompilers, black box testing, and reverse engineering to identify security holes. Secondly, when a company purchases software, they must take the developer’s word that there are no back doors. There is no way to verify this other than to actually look at the code. As a result, when we hear about vulnerabilities in the closed source world, it usually takes more time to come up with a fix because the problem must be funneled back through the developer, where as in the open source world, vulnerabilities are fixed in a shorter time period because more people can begin analyzing the problem immediately.

For other arguments in favor and against open source security, see the article “Is Open Source Good for Security.”

Any opinions on this?