Happy Social Media Day! Today is the day "we acknowledge and celebrate the revolution of media becoming social. A day that honors the technological and societal advancements that have allowed us to have a dialogue, to connect and to engage not only the creators of media, but perhaps more importantly, one another."
As IBM Software Social Media Strategist, it's a true joy to work for a company who "gets" social media in the deepest possible ways--not only because it innovates creative social technologies and services, but also because it lives and breathes social as its business life force. During speaking engagements, I'm repeatedly asked about IBM's use, experience, and history in social media and social business. (Quick side note: See IBM SVP Mike Rhodin's blog entry on "Beyond Collaboration: Becoming a Social Business" for distinctions between social media and social business). In honor of social media day, I'm going to take a moment to document some of the factoids I often share:
As the largest consumer of social technologies, IBM is a role model and case study for the transformation into a social business, on all fronts - technology, policy and practice.
IBM has robust social media initiatives focused on enabling all IBMers to participate in social media.
Social Business @ IBM site for educating and enabling IBMers in external social media participation
Social Business @ IBM is an internal site with interactive, educational and social programs that are vital to IBM's social business transformation.
This is a resource for IBMers that aims to educate them about social media and various social initiatives taking place internally while enabling them to participate.
We host modules that provide the IBMer with an introduction to the social web.
They learn how to use social computing tools to foster collaboration, disseminate and consume news, develop networks, forge closer relationships, and build credibility.
As a result, they're better informed and prepared to take action.
By making these types of tools and information available, we're changing how the IBMer approaches social and, twofold, changing our culture.
Expertise Locator for finding IBMers and connecting with them on their blogs, LinkedIn, Twitter, and more.
People get to know IBM through our consultants, speakers, sales people and researchers.
Within our walls, we have huge stores of accrued expertise embodied in several Nobel laureates and thousands of doctors.
We're working to best utilize our most important asset, our people, helping to identify their strengths and expertise and then connecting them with potential customers, partners and the knowledge seeking public visiting IBM.com.
How does it work? When visiting ibm.com, finding an expert can be done through a Google search. For example, if someone is looking for expertise in smarter, they would type, "IBM smarter computing" into the search bar, and find a page that would have widgets showing how to connect with an IBM expert. Experts can opt for people to contact them by phone, LinkedIn, Twitter, their blogs, live chats or another channel. The result, an IBM brand experience where actual IBMers are helping the public make better decisions about how to make the planet smarter.
For 15 years, IBM has used social software to foster collaboration among 400,000 geographically-dispersed employees -- long before Generation Y became fixated with social networking sites like Facebook and MySpace.
In 1997, IBM recommended that its employees get out onto the Internet � at a time when many companies were seeking to restrict their employees� Internet access.
In 2005, the company made a strategic decision to embrace the blogosphere and to encourage IBMers to participate.
In early 2008, IBM introduced social computing guidelines to encompass virtual worlds and sharing of rich media. Later that year, IBM opened its IBM Center for Social Software to help IBM's global network of Researchers collaborate with corporate residents, university students and faculty, creating the industry's premier incubator for the research, development and testing of social software that is "fit for business".
According to Gartner, in 2010, only five percent of organizations took advantage of social/collaborative customer action to improve service processes. IBM sees social media morphing into what we view as a key requirement for "social business" -- as tools for organizational productivity and culture change, for engaging with diverse constituencies of clients and experts, and for spurring revenue growth and innovation for our global workforce.
IBM's social media activity dates back to the 1970's when its mainframe programmers started online discussion forums on the System 370 consoles. Today, IBM views itself as one of the most prolific users of social networking in the industry with one of the largest corporate-wide communities on social media sites.
Some examples of IBM�s internal social media footprint today include:
17,000 individual blogs
1 million daily page views of internal wikis, internal information storing websites
400,000 employee profiles on IBM Connections, IBM's initial social networking initiative that allows employees to share status updates, collaborate on wikis, blogs and activity, share files.
15,000,000 downloads of employee-generated videos/podcasts
20 million minutes of LotusLive meetings every month with people both inside and outside the organization
More than 400k Sametime instant messaging users, resulting in 40-50 million instant messages per day
Social examples of IBM's external social media footprint today include:
Over 25,000 IBMers actively tweeting on Twitter and counting
Over 300,00 IBMers on Linkedin
Approx. 198,000 IBMers on Facebook
Our social business initiatives have had a profound impact on IBM's business processes and transformation, here are just a few examples:
Jams are a catalyst to speak innovation, creativity and excitement from a defined audience for tangible results.
"Jams have helped change our culture and the fundamental way we collaborate across our business," Sam Palmisano, Chairman and CEO, IBM
2011 is the ten-year anniversary of jamming at IBM. During that time, the company has conducted 50 Jams both internally and externally for clients.
WhirlWind: Mobile app store for IBM employees
In today�s business environment, IBM employees need access to business information anytime, anywhere. To meet that demand, IBM developed WhirlWind � an enterprise mobile app store that manages and distributes smartphone applications for IBM�s population of over 400,000 employees in 170 countries. Its purpose is to help employees unleash the power and potential of their smartphones as a productivity tool.
WhirlWind is available through the �mobile tab� on IBM�s intranet. After employees register, they can access the store directly from their mobile devices. They can easily search, browse and find mobile apps; view the most highly rated and newest apps; comment on their experiences with a particular app; and contribute their own apps.
Since late 2010, more than 28,000 employees registered � over 85 percent of those with corporate managed or company-issued BlackBerrys � and more than 500 apps contributed.
IBM Human Resources utilizes social media for tech-enabled recruiting, employee education, sales training and leadership development.
For example, IBM relies on social media for leadership development from an employee's first day on the job. IBM's Succeeding@IBM makes new hires part of a social group for 6-12 months so they can get up to speed more quickly with other new hires, they network and acclimate more quickly
IBM's recent study of 700 Global Chief Human Resource Officers found that financial outperformers (as measured by EBIDTA) are 57 percent more likely than underperformers to use collaborative and social networking tools to enable global teams to work more effectively together and 21 percent of companies have recently increased the amount they invest in the collaboration tools and analytics despite the economic downturn.
Global Collaboration and Development
Generation Open -- Built around social business tools, processes and management systems, GenO creates instant communities of global teams to collaborate on projects and products.
Project managers, team leaders, consultants and IT architects post projects; people who are in-between assignments or have free time opt into these projects to add their talents and expand their skills.
Today, more than 130 communities of IBM professionals around the globe are collaborating virtually. This has reduced the time it would have taken to complete projects by 30 percent, increased re-use of "software assets" by 50 percent, and cut component costs by 33 percent.
How IBM is helping Small Medium Businesses embrace social media
Savvy businesses know that creating an online presence can heighten awareness and ultimately bring in new business. What�s often ignored, however, is that without a clear plan and direction in place before a company begins using social media, it can easily fail.
IBM has programs to help non-profits and our business partners, who at 100,000 strong are traditionally small businesses, embrace social media. For example, IBM hosts full day workshops, offers grants, provides toolkits and incentives and free education for our business partners on establishing and rolling out effective social media business plans.
We have many other examples, such as IBM's TAP program (Technology Adoption Program), a company-wide "open beta" where products are developed through crowdsourcing, and where we've created some of IBM's best-selling software products.
Below are some of our external videos on IBM Social Business.
My list of favorite links around IBM Social Business:
Did you Tweet today? Update your Facebook status? Check in on LinkedIn and Foursquare?
I did. All four.
Of course, it�s my job to do these things.
I�m glad it is. Because even if it weren�t, I�d still do it. Tweeting is fun. Facebook and LinkedIn keep me in touch with my friends. And, increasingly, they�re my way of knowing what�s going on in the world.
If you�re reading this, you�ve probably done the same, probably every day for quite some time now. No big deal, right?
Today is Mashable's second annual �Social Media Day,� a global celebration of the technological advancements that enable everyone to connect with real-time information, communicate from miles apart and have their voices heard.�
All of these activities are expected; none is really that surprising. So why is Social Media Day such a big deal?
I can think of three reasons:
Your connections are your currency. The more you have, the richer you are. On its own this isn�t new, but the ease and speed with which we can find each other, connect with each other and share with each other on a conceivably infinite number of topics certainly are. Help your connections make other connections and you'll be very rich, very quickly.
All media is social media. As a student of media history, I�ve never been keen on the term �social� media. All media are inherently social, for why do they exist if not to connect people? In a more pragmatic sense, just think: Where do more and more people go now for breaking news but Twitter? Where do 500 million people go to discuss politics and entertainment but Facebook? The site isn�t just taking a greater share of Web visitors every day, it�s taking share from other sites as well. This isn�t to say there�s no value in visiting CNN, BBC or CBC; but discussions about their stories often happen elsewhere. For Marketers and brand managers, too, an increasing number of clicks lead to Facebook and Twitter.
Data, insights, outcomes. There was a time when it was enough to run your business knowing a little about what happened last week. That was roughly the time when newspapers came in the evening and TVs still had antennas. Now, not only must companies anticipate the future, they must analyze and shape events that haven�t even happened yet. In this brave new world, historical data can help, but analytics-driven organizations need to tap into data that moves and changes a lot more quickly and tells a much more valuable story. To a great extent that data comes from Facebook and Twitter. Properly analyzed, companies can learn from this data what their customers like, what they don�t and what they�re likely to want next.
When we think about how the planet is evolving to become smarter, one of the most interesting places where we're seeing a lot of change is in energy and utilities and the SmartGrid. As a result of advancements in things like solar power, we aren't just taking power out of the grid, we're now putting energy back into the grid. We're investing in things like Smart Meters to help increase efficiency and we're doing more every day to make sure that less power is lost between power plant and light bulb. However, being able to confidently leverage all of the new advancements in grid technology means we are also going to need to understand more about the new challenges we face.
We are taking on new projects to increase the efficiency of the grid, and replace an aging and legacy infrastructure, because the grid's fundamental architecture hasn't changed much since its original conception. So, when we talk about solar panels adding power back into the grid, how do we make sure that these older systems are ready to take on these new inputs? The connected nature of the grid also raises significant concerns around the impact that would be incurred by a widespread attack against critical infrastructure. Stuxnet was targeted at industrial command and control systems. If people previously thought these types of attacks didn't, or couldn't exist, they don't think like that any longer.
As Jack Danahy mentions in the below video, when we introduce new technology, we also introduce new risks. That's a fact and it's not limited to just security. When we invented cars we also introduced the risk that people could be in a car accident. However, the benefit of cars was too great so we kept moving forward with automobile production, and as the market matured, and we covered some of the initial bases, like how to make sure the wheels don't fall off, we increasingly turned our focus to the safety of automobiles. Being able to protect people in the event of a crash became one of the most important features. We need to apply this same principle to new technologies, particularly when it comes to energy and utilities. Security needs to become an innovative aspect of the overall design. However, unlike automobiles, we don't release a new smart grid every year. We're building on the one we have and making it work better.
The launchpad we're announcing today features an overview of the issues, expert opinions and testimonials, as well as some demos and links to additional resources. For those of you interested in learning more about security for the SmartGrid, I encourage you to take a look at some of this content. You can find the demo by clicking here.
A core element of the AQ concept is a four-stage maturity model. The first stage is "Novice." In our new AQ White Paper, we describe the Novice stage like this:
At this first level, individuals or teams analyze their own data, typically using spreadsheets or basic query tools. Here, knowledge workers have only a limited historical view into past performance and must rely in large part on �gut feel� to make decisions about current or future performance. It�s at this early stage that that the negative effects of rudimentary or incomplete analytics are most acutely felt, as outcomes are often hampered by inefficiencies, delays, miscommunication and the pain of missed opportunities. Any one of these impediments can serve as the necessary �burning platform� that drives organizations to take their first step toward a higher AQ.
You can discover your own AQ right now with our new Web quiz. In addition to the new AQ White Paper and Web demo, we're also excited to introduce The AQ Chronicles, a new animated series. In this series, we'll follow a typical marketing manager as he progresses through a business analytics journey. Watch as in this first episode, he asks IT for some much-needed and not altogether unreasonable sales figures:
While most of what I know about art preservation I learned from watching Ghostbusters II, I do know that it is a difficult task. Art needs to be viewed/shared with it's audience and yet must be properly preserved so that it is not irreparably damaged and lost to future viewers.
Years of reading comic books has taught me that ink/paper tend to deteriorate at a rapid rate. It is very rare to find "Golden Age" comic books in pristine condition, and comic books only go as far back as the 1930's. So you can imagine what a difficult task museums have with paint/canvas that dates back into the hundreds (and even thousands) of years. Museum visitors line up every day to see these paintings. Up close and personal.
Art, like so many things, is stored in buildings and it is the environment of these buildings which must be regulated and controlled so as to properly preserve the art.
Which is why one of the coolest things to come out of our Smarter Buildings event on June 9th was how IBM is partnering with, "...Metropolitan Museum of Art to test a wireless environmental sensor network--dubbed, unsexily, the Low-Power Mote--in the museum's Cloisters, a section that holds 3,000 works of art from medieval Europe. The works, which include paintings, tapestries, and illuminated manuscripts, date from the 12th through the 15th century." (Fast Company).
Buildings are essential to a Smarter Planet and it's one of the areas we're focusing on with our industry solutions.
Using buildings to help preserve the art that they house is one way that our customers are leveraging Intelligent Building Management solutions, but we also had another great customer at this event.
Tulane University is another customer with whom we are partnering, and they are certainly at the forefront of helping to create a Smarter Planet with ...[their] first IBM project is helping to transform the home of Tulane's School of Architecture, the century-old Richardson Memorial Hall, into a "smarter building living laboratory," using IBM Intelligent Building Management while maintaining respect for its historic status. The school aims to arm a new generation of architects with techniques that will allow historic buildings to be more efficiently adapted for modern use.
Please comment below. Are you and your company working towards intelligent building management? Have you been following any projects similar to Tulane and the MET that you want to share with the community?
*yes, "Intelligent Building Management At The Museum" would have made more sense, but when have I ever bothered to make sense?
This week is the 17th annual Gartner Security and Risk Management Summit. There are lots of leading experts from around the world in attendance, including many IBMers, and we wanted to take this opportunity to make sure that some of the content was reaching folks who aren't able to attend the event. That is why over the course of the next several days we'll be bringing you highlights from around the conference. I am going to continue updating this single blog, even after the conference ends, and hopefully you find it to be a helpful resource regardless of whether or not you are in attendance.
I should mention that I am not personally at the event. The observations are that of a teammate of mine, Sydney S. Johnson. She is our acting security correspondent in the field. I should also mention that you can view IBM's agenda at the show by clicking here.
I will continue posting the most recent news at the top of this entry.
(6/22) David Pogue, Tech Columnist, New York Times
David spoke about how technology drives culture. 95% of cars today now come with an iPod adapter, but what he finds most interesting is not the technology itself, but rather how it changes us. Using the example of apps, David spoke about how you can quickly bring a new technology to the consumer market. Millionaires have been made overnight. David believed this factor was an important new characteristic of the way that technology is changing our lives and he believes that augmented reality is one of the next big steps we will see. David points out that new technology does not necessarily replace what came before it either. TV was supposed to be the end of radio. But radio didn't die, we just changed the way we interact with radio.
But the question is, what does all of this have to do with security? The answer, of course, is that is has everything to do with security. All of these cultural trends seem to be driving us online, and that trend sets up security to be an increasingly desperate requirement.
(6/21) 9:30 AM. Social Media and Security and Privacy
This session featured Marne E Gordan (@MarneEGordan), Regulatory Analyst, IBM Corporate Security Strategy. Marne began by talking about the enormous benefits that social media has brought. People are communicating, in real-time, in exciting new ways. Business are reaping the benefits because social media is inherently high in impact and low in cost. However, with emerging technologies also come new risks and challenges. This does not mean that we avoid new technologies (I am blogging about this), but rather that we take a strategic and thoughtful approach so we can more confidently use and embrace what's new.
Marne looked at a few examples where we can see why there are legitimate concerns about social media. We've seen online harassment, the leaking of private and corporate information and the scandals that resulted, questions around privacy and finally, how we control the convergence of our professional and personal lives. These are not easy questions to answer, and Marne used some statistics from Osterman Research (http://www.proofpoint.com/outbound) to illustrate this point. According to what Osterman learned, 30% of organizations have already seen a negative business impact due to social media, 47% of organizations reported not having a social media strategy and 53% are concerned about the risk of an information leak due to social media.
However, there are things that organizations can do to help mitigate these risks.
Strictly forbid illegal activity (no stalking, harassment, hate speech). You're not voliating employee civil rights to say that.
Encourage employees to maintain separate corporate and personal online identities and accounts.
Provide training on social media.
Warn first time offenders.
Seek advice of counsel.
Stay within NLRA parameters.
Marne concluded by talking about the 5 "must haves" organizations need to have when it comes to social media.
5) Have a contingency plan: If something is inappropriately communicated you should have clearly defined steps and actions you can take.
4) Personal Communication: When you are thinking about the way you are presenting yourself as an individual, always consider if you have identified yourself as a corporate spokesperson.
3) Corporate Communication: Getting approval for things that are questionable is not a bad thing.
2) Clearly define appropriate use: Make sure to be even-handed.
1) Have a documented policy: Enough said.
(6/20) 2:30 PM. The Future of Privacy
This was a panel discussion featuring Harriet Pearson (VP Security Counsel & Chief Privacy Officer, IBM Corporation), Bojana Bellamy (Global Data Privacy Compliance Lead, Accenture), Mary Ellen Callahan (Chief Privacy Officer, U. S. Dept of Homeland Security-Privacy Office), Robert Quinn (AT&T Services, Inc., Senior Vice President-Federal Regulatory and Chief Privacy Officer), Laura Riposa VanDruff (Attorney, Bureau of Consumer Protection, The Federal Trade Commission) and Heidi Wachs (Director of IT Policy and Privacy Officer, Georgetown University). The opinions expressed by the panel participants are their own and do not represent the opinions of the companies they represent.
This group of panelists were asked the question, in 2015, will privacy be over-regulated, appreciated or ignored?
The group began by addressing the first possibility, that privacy will be over-regulated.
Harriet begins the discussion by saying that the importance of privacy regulations is likely to vary based on the specific area of privacy. In certain areas, we may favor strict government regulation (ex. children's privacy), but there are other times when we expect that the private sector may have effective privacy best practices in place and government regulation could make privacy policies less efficient. Mary Ellen built on that idea saying that because we tend to be reactive in legislation, the legislative agenda might be behind the work going on in the private sector, and we need to be careful not to have government regulations that conflict with the efforts of the private sector, especially in areas where the private sector has demonstrated success and leadership. Bojana added that in Europe, privacy is regarded as a human right, and developing privacy regulations and policies in specific countries is an issue being complicated by worldwide convergence. Robert points out that his company's industry - communications - is, in his opinion, over-regulated, and has been for years. He believes this over-regulation stems in part in order to ensure that law enforcement retains access to information that they need. Additionally, he notes that one of the challenges that exists is that many of the data companies who generate and leverage data don't have an actual relationship with a consumer group. When there's a data breach, who's got the relationship with the customer to go and tell them that their data has been breached?
From there, they moved onto the second question. Will privacy be appreciated? Will people care?
Laura begins the discussion by saying yes, people will care. The more people understand how their information is being used the more attentive and interested they are going to be regarding questions of privacy. She notes that social media platforms do have privacy options, a comment that Harriet then builds on. Harriet noted that sometimes people understand the immediate impacts of new technology, while in other times they don't discover them until later. She said that organizations must make decisions regarding when/how they will adopt privacy models. She commented that a check-the-box approach won't get us very far because organizations need to look at themselves and make deliberate, strategic choices. Robert also made a point that location based services were coming and asked the question of how do we retain "best privacy practices" amongst applications? He believed it was the obligation of companies to get out in front of this.
Finally, will privacy be ignored considering the growing volume of other risk-related messages?
About 6 months ago the FTC proposed a privacy framework that would include, "Privacy by design," "Simplified consumer choice" and "Improved transparency." (This framework is still in the initial phases of recommendation and the team is working to improve based on stakeholder comments.) Questions were then brought up around whether or not privacy could be enforced. In response, Bojana closed by talking about, "Privacy by design," and her hopes that privacy will one day be built into every product brought to market, transforming privacy into business enabler.
Gartner ended the session by doing an informal audience poll. Of the audience members who participated, 43% think privacy will be over-regulated by 2015, 43% believe it will be appreciated, and 14% think it will be ignored.
(6/20) 10:16 AM. Michael Chertoff (Co-founder and Managing Principal, Chertoff Group) is the next to speak and he was the former Head of the Department of Justice Criminal Division and was also U.S. Secretary of Homeland Security. Given his background, he spoke about how to effectively manage a crisis and brought it down to three key elements:
1) Planning You will need to adapt and manage, but in the event of a crisis, you should never be starting from scratch.
2) Communication It is about both what you take in and what you put out. Situational awareness is critical as you must know what is going on in real-time, otherwise you become a hostage to media and hearsay. Communicate to the public in a way that is accurate, creditable, and succinct.
3) Decisiveness Acting on your plans.
During the course of his talk, Chertoff also focused on the relationship between government and the private sector as it pertains to the internet. As an example of the conflicting thoughts in this space, he mentions that there are people who believe the government should have an internet kill switch and others who believe the private sector should be completely in control. Chertoff suggests more of a balance and that we need to focus on defining the overall doctrine/strategy. In his opinion, it is important that we become clear on what is government's responsibility, what the responsibility of the private sector is, and what their shared responsibility is.
He also makes the suggestion that we should not try to fit this doctrine into the existing legal landscape. Chertoff believes that we should adapt the law as needed, and if done correctly, we should be able to preserve the essence of the internet while also retaining trust and security and fostering economic growth.
Cherkhoff also had some interesting thoughts on wanting to get more of today's youth involved in security by emphasizing that defending a system can be as exciting as attacking one.
Looking into his crystal ball, Chertoff felt that cybersecurity was going to be one of the two critical national security risks in the next decade (the other being biological warfare).
(6/20) 10:00 AM. Vic Wheatman is the managing vice president of Gartner Research and is part of the security and privacy team.
This is the 17th annual Information Security Summit and this year there are over 1,800 attendees and 93 solution providers. Vic makes a number of key observations around "Enterprise Security Intelligence" or ESI. He says, this is not a market so much as it is a concept. The concept is based on the integration of technology and information and about how analytics can be used to make better decisions. It's not just about being able to collect information (which organizations are doing a pretty good job at right now), it's about being able to apply that information in a meaningful way (an area where organizations have an opportunity to improve).
He also commented on the changing profile of attackers. We are seeing a revival of cyber attacks designed simply to humiliate.
Being able to simultaneously share and protect sensitive information is one of the biggest challenges today. We need to be confident that the right people have access to the right information, but we also don�t want to accomplish this at the expense of business agility. Our world demands that we constantly find new ways to move more quickly. Two weeks ago we announced some enhancements to our data redaction technology so we thought now was as good a time as any to talk a bit more about data security.
The below is a Q&A I did with Kimberly Madia of our Infosphere team.
Bryan: There's data everywhere, and being able to protect that data is more important than ever. However, not all data is the same, some of it is structured and some of it is unstructured. Why is it important to have solutions that can do both? Can you provide an example of a situation where this is important?
Kim: Companies are collecting so much information today, it�s really unbelievable. I can�t think of a retail establishment that doesn�t have a loyalty card or a public building where I don�t see security cameras. I feel like no matter what establishment I patronize, someone asks for email address or zip code. The increased usage of RFID tags, the massive success of Twitter and new uses for GPS data are some factors fueling this growth. Organizations are actively harvesting these new data formats in an attempt to derive more intelligence and earn a competitive advantage. This is in addition to data they collect via standard applications such as CRM and ERP systems which is stuffed into databases.
Even though these new data sources are unstructured, meaning they don�t fit into a column or row of a database, organizations are still responsible for proper handling of the data. If sensitive information is compromised, regulatory agencies don�t care that the data was in a PDF file or a database column, the consequences are the same and regulatory agencies demand accountability.
Recently, physicians at UCLA medical center were caught going through Britney Spears� medical records to satisfy their own curiosity, not because they were actively treating her. These medical records were in an unstructured format, not in a database. However, UCLA also has information on Britney Spears in their databases such as her phone number and address. This information must also be protected. Excluding one or the other only tells half the story.
Bryan: It's a balancing act simultaneously sharing and protecting sensitive information. Can you talk a little bit about why it needs to be easier to share this information, and how we can still ensure security behind the scenes?
Kim: Redaction simply allows you to apply a fine grained level of privacy to a document. Imagine you have a document which needs to be used by a clinician as part of a trial study. This document contains diagnostic information which can be used by the person running the clinical trial to gather statistical information. However, this same document can also contain sensitive information (SSN, name, address, phone number, etc) which is not needed by the clinician. He or she is not allowed, according to HIPAA, to see some identifiable sensitive information about the patient. Under the old model, you would encrypt and lock away this file because it could contain Social Security numbers and other sensitive information, and thus the pertinent clinical information would not be properly used.
With redaction, we can process this document and delete the information that the clinical trial worker is not supposed to be exposed to (SSN, name, address, etc), and still allow for the relevant information to exist in the file. HIPAA compliance and company reputation is maintained by not needlessly exposing personally identifiable information, and productivity is increased by allowing the valuable information in the document to be used by the appropriate parties.
Redaction actions can be inserted into many different places in any given ECM system. Documents can be redacted upon ingestion and stored for later use. They can be redacted at retrieval time, thus using the retrieving person�s credentials (role) to determine what needs to be redacted and what can be viewed safely by that particular person. Files can also be redacted in bulk as part of an eDiscovery case, where many thousands of documents are being submitted at once for privatization, ahead of sharing them with a wider audience.
Bryan: Manual data redaction has obvious problems with accuracy and efficiency. Is it possible to scale this process and simultaneously improve accuracy?
Kim: Yeah, you�re right. Manual redaction is out of the question. A person must laboriously comb through each document in the content management system and identify sensitive data. Next they must block out sensitive fields in some way � either using an actual or virtual black marker. The chances of a person missing something are high and the person�s sanity might also be at risk.
An automated redaction solution consists of five parts:
�Text extraction using OCR (Optical character recognition) techniques to first identify textual or image entities.
�Breaking apart and parsing data in a form/document. Text is fragmentized to enable the next step which is identifying sensitive data.
�Sensitive information is identified so that the tool can provide the user with candidates (suggestions) for redaction.
�Once the sensitive information is identified and recognized it is deleted and replaced with redacted sections (shown as black bars or any color user chooses).
�The document is re-created with the sensitive information removed. Note: the original document is still available, this is a copy of the original document, but now redacted.
Automated redaction handles documents differently, depending on whether the document is free-text or a structured form.
For free-text documents, the redaction engine automatically identifies and extracts relevant units of information. Using text patterns and dictionaries are not enough since homonyms can disguise meanings (is �bush� a plant or a former U.S. president?). Instead, it is necessary to combine regular expressions and dictionaries with a syntactic analysis of the text surrounding the relevant information.
Structured forms, on the other hand, require a different technique, in which the known form layout is leveraged for accurate redaction. This allows even low-quality scans with handwritten text to be processed; if they are accidentally skewed or resized, they can be straightened and aligned with a template. To accomplish this, a redaction system begins by redacting a sample form (for example, a blank) and marking the sensitive fields to be redacted, together with elements that identify instances of the form, such as the form title or identification number. This creates a template for subsequent forms. The software redaction solution matches templates to forms, eliminating the costly presorting of different form types. Next, it applies a template to each form, precisely deleting the marked fields based on their position.
Some input documents, such as Microsoft Word and many PDFs, carry text in them, but others like TIFF and some PDFs are pure images. For image files, the solution applies high-quality optical character recognition, and then processes the text. If there are any photographs or other graphics in a document, the solution preserves them as such.
Bryan: How can properly designed data redaction solutions help organizations to maintain compliance?
Kim: To take an example from the U.S. government: the Freedom of Information Act (FOIA) is intended to hold government organizations more accountable for their actions by making information about those actions available on demand. On the other hand, the same regulation requires that those ordering the documents must not see any sensitive personal or national security information. The public should know where wars are being fought and why, not exact locations of attaches of supply networks.
Similarly, the Health Insurance Portability and Accountability Act (HIPAA) is designed to enhance sharing of documents between physicians, hospitals and insurers while preventing the unauthorized disclosure of individuals� personal healthcare information. For example, consulting physicians need access to individuals� electronic health records, but they do not need to see billing information that is unrelated to their job duties.
Redaction can satisfy governmental regulations, including those in data privacy laws, without restricting the legitimate use of information�thus avoiding sanctions, penalties and costs associated with addressing compliance violations after the fact.
Take, for example, its earliest advertisements for tabulating machines and electric timekeepers - produced even before before the company adopted the moniker IBM. Few would argue that they're not far removed from the promise of our current business analytics solutions:"The Electric Tabulating and Accounting Machines analyze the facts of a business. They supply executives with the details of sales, costs and operating data, permitting the formulation of policies and assisting in the proper control of business. These machines compile data quickly and with a great saving in clerical expense, furnishing reports which it would be impractical to obtain by manual methods."
At first blush, progress often brings a positive connotation. It suggests forward motion toward an ideal; it suggests an outcome or result that is more desirable than the current state. For a technology company - particularly with a reach and portfolio as broad and diverse as that of IBM - the positive aspects of progress are near-paramount.
But not everyone sees progress - technological or otherwise - in the same light. Sometimes the effects of what some view as progress are not immediately apparent or understood. Sometimes the goals being pursued are poorly explained. Some view progress through the lens of loss.
How do we reconcile these two opposing views?
First, we should accept that technology will continue to evolve - and if you read Kevin Kelly's book What Technology Wants, there's no reason to suspect that it won't. If you accept that premise, then our response to its effects must evolve as well. To that end, I propose that we frame the discussion about progress in three ways:
First, progress must be meaningful. Improvements in efficiency, speed, and power must serve a purpose. Their effects must be designed with their effect on the planet and its people in mind.
Next, progress must be measured. Measurement brings clarity to ambiguous situations and provides us the means to understand tradeoffs, alternatives and possibilities.
Third, progress must be managed. Computers and the interconnected systems they drive exert an ever-increasing influence over more and more aspects of our lives. That is not to say, however, that they control our lives. Nor should they.
IBM enters its second century dedicated to progress - not only through its technology, but through the ideas and ideals that its technology is deployed to promote. As IBMers we have a tremendous opportunity - some would even say a responsibility - to pursue progress to make our world a better place. We may never agree on the precise nature of progress. But with the guidelines I've outlined above I hope we can make the discussion a productive and, dare I say, progressive one.
Thanks to IBM, tomorrow, I'll be taking the day off work to package emergency food supplies at the Phoenix St. Mary's Food Bank. When I was first considering joining the IBM team, I was impressed by IBM's commitment to make the world a better place through diversity, green thinking, and good citizenry.
I loved how IBM encouraged its employees to give generously to great causes and local community efforts, and even initiated the "Day of Caring" to encourage all IBMers to take a day off work to serve at a local charity or organization. IBM also created an On Demand Community portal to help IBMers find local service opportunities and the Employee Charitable Contribution Campaign to provide a payroll reduction service for IBMers choosing to fund charities and other organizations. Read more on the Smarter Planet blog.
During its centennial birthday year, IBM took it up yet another notch with the Celebration of Service: IBM's Celebration of Service honors our employees, retirees, families and friends in their commitment to volunteer service. It supports their efforts with resources, a program of new and expanded grants, and the opportunity to pledge their participation in a global effort during 2011 � with a special focus on June 15, when IBMers will bring their skills into thousands of communities worldwide.
One thing that IBM gets is that when its employees are happy, so is the workplace. What makes humans happy? Being able to make a difference. Contributing to a greater good. Learning and becoming a better person. The pictures below show lots of happy people getting to experience just these things.
For me, tomorrow, it's St. Mary's Food Bank, but in the coming months, I'll also be volunteering with the Habitat for Humanity, ValleyLife, and other Phoenix organizations. The opportunity to give goes well beyond June 15. Take a moment to explore the Celebration of Service site to find ways you can make a difference in your local community.
�You're traveling through another dimension, a dimension not only of sight and sound but of data; a journey into a wondrous land whose boundaries are limitless with business insight. That's the signpost up ahead � your next stop, theAnalytics Zone.� (Apologies to Rod Serling.)
IBMtoday unveiled �Analytics Quotient� (AQ), a measure of an organization�s readiness, ability and capacity to apply analytics tore-orientthebusiness, make better decisionsanddeliver better outcomes.
Simply put,AQ helps organizations of all sizes better assess how well they are using analytics. And, more importantly, how organizations can begin using analytics and take their first step on an analytic journey, or progress to a higher level of analytic proficiency.
For example, is your organization applying history and context from the past with the ability to make insightful forecasts, anticipate likely outcomes, and automate decisions? If so, you might be receive a high AQ score.
Just as with IQ (Intelligence Quotient) or EQ (Emotional Quotient), AQ is the hip, new way to determine just how smart an organization is at leveraging its data assets to make better decisions.
Business in the �New Normal�
Today�s organizations are dealing with greater uncertainty and risk, increased pressure from shareholders, new legislation, exploding data volumes and a proliferation of social networks and mobile devices unlike anything we�ve seen before. This is the new reality � the �new normal.�
Individualbusiness leaders are feeling immense pressure to outperform their peers and contribute significantly to their team�s and organization�s success. However, intuition and gut feel-fueled decision making informed mostly by personal experience is no longer sufficient.
Decision makers are demanding a broad range of business analytics capabilities to gain actionable insight that can help them better understand how their business is doing, why it is on or off track, and what they should be doing about it.
A recentstudyconducted by MIT Sloan Management and IBM�s Institute for Business Value indicates organizations that use analytics in the most mature ways are three times more likely to outperform their competitors than those that are just beginning to adopt analytics.
Similarly, the recentCFO studyfrom IBM shows that objective financial data validates that decision making supported by business insight contributes to enterprise outperformance, such as two times greater EBITDA growth, 36 percent greater revenue CAGR and 15 percent greater return on invested capital.
The Analytic Journey
The integration of business analytics within and across the enterprise is really a journey that may begin in one department in one business function, but with quick and tangible results adoption continues deeper and broader across the organization. Organizations on this analytic journey gain greater competitive advantage and higher and higher returns.
Therefore, the AQ measure was designed to show how far an organization has come to fully embrace business analytics. The more analytics is infused into the business, the more a business will outperform others, and the higher the AQ will climb � let alone revenues.
Hence, AQ was created to create a clearer path to value.
Every organization, team or individual is at their own point leveraging analytics to outperform. Some are masters, while others are just beginning. The maturity model illustrates the four fundamental steps to improve AQ. They include:
�Novice: Organizations have spreadsheets, but don�t trust them. They�re more reactive than proactive. They�re disconnected and want to do better.
�Builder: Organizations see current results and a little of what�s driving them. They�re sharing results with other teams in your department and they�re ready for more.
�Leader: The VP sets the strategy. Marketing and sales share metrics and plans. They�re predicting the future as well as reviewing the past.
�Master: Top-down goals meet bottom-up tactics. Insights flow freely across divisions and departments. Resources are allocated, risk minimized and outcomes maximized with equal ease and speed.
Are you ready for analytic freedom? Future success will depend on the ability to turn an ever-increasing deluge of data into better decision making. With the amount of data doubling every year, achieving a high AQ is imperative to outpacing the competition.
So, we invite you to take a trip to the Analytics Zone. No longer will you have murky insight into the business that undoubtedly leads you down the wrong path into the Twilight Zone.
Measure your AQ � Take the Quiz
Come to www.ibm.com/analytics/aq to take the fast, easy quiz. Answer a few questions to understand your AQ and see where you are on the journey to becoming analytics driven.
You�ll also be able to share ideas and connect with others who use their high AQ to outperform.
I can�t recall how many times I�ve said something along the lines of, �I don�t know all the ways this will eventually be used, but it seems like the right approach.� When Lou Gerstner made the decision to keep IBM together in the early �90s, he probably wasn�t quite so flippant in his decision making, but I imagine that there were elements of that reasoning. He saw value in a company that was able to solve large, complex challenges that feature products, services and expertise from all corners of the business. IBM was then, and is today (more so than ever before), a company capable of taking on big things.
We use the word �smarter� a lot these days and I promise it�s about more than patting ourselves on the back for our newest work. In a lot of cases we�re talking about a dramatically different approach to whatever it is that we�re calling �smarter.� This Monday we announced a brain for our Smarter Cities initiative and we�ve named it the IBM Intelligent Operations Center. With this announcement, we are taking a more centralized approached to city management, which is a task that brings in more than a few products and services from around the company.
I feel like a broken record talking about convergence because I�ve been writing about endpoint management so much recently, but this is another area where we�re seeing real value being derived from not looking at specific technologies in operational silos. When it comes to the endpoint we�re talking about systems management and security management, but when it comes to cities we�re talking about public safety, water, transportation, weather, etc. Let�s say a natural disaster were to occur in a city, the Intelligent Operations Center would enable people to identify the impact on the key elements of city infrastructure (such as the water system), deploy first responders to the most critical sites and then help coordinate with hospitals to understand where there are open beds.
It�s admittedly a bit bleak to put these new capabilities in the context of a natural disaster, but it�s one of the few times when a whole city is called to respond. IBM is helping people to make better decisions in these moments. That said, natural disasters are certainly not the norm, and on a more routine basis you might find people using real-time analytics to avoid traffic on the drive home from work.
You also might feel a bit safer knowing that public safety will be one of the first three focus areas of the Intelligent Operations Center. IBM has been in the business of public safety for quite some time with our managed security services team. We�ve used video analytics technology to do everything from tactical implementations that might only require a handful of cameras, to citywide deployments in places like Chicago.
This week�s announcement will enable local, state, federal and nongovernmental authorities to harness the intelligence derived from analytics fed by sensors, crime data bases, cameras and integrated communications to make smarter and more timely decisions. Informed decisions that can make the difference in people�s daily lives.
IBM's Video Correlation and Analysis Suite can be integrated with the Intelligent Operations Center to enable rapid response to physical security events through the real-time and historical analysis of multiple video streams. Not only does IBM help authorities to respond more quickly to incidents, but we�re also improving the speed and accuracy of forensic analysis.
I feel safer already.
For more information about IBM�s Physical Security Services go here
The alternate title to this blog was, "There's only one "i" in Innovate."
But that makes about as much sense as building services and not talking to the operations side of your organization.
One of the themes of Integrated Service Management is DevOps. It's a part of our "Design & Delivery" messaging.
RedMonk* analyst Michael Cot� got to sit down with IBMers Pete Marshall & Peter Spung for a fantastic video discussing this very topic.
Rational and Tivoli. Talking about solutions together. Cause that's how we do it in the I-B-M.
(and yes, that was as painful for me to write as it was for you to read...)
Seriously. If you build services and you're not working with Ops, you need to sit down and watch this video.
Here's the description of the video, followed by a link to the RedMonk site with the video:
The practices and technologies of DevOps have begun to spread into what I�d call �the mainstream,� which is fantastic: DevOps has a lot to offer to all IT organizations. IBM has taken notice and started getting involved. Here, while at the IBM Rational conference Innovate 2011, I talk with IBM�s Pete Marshall and Peter Spung about DevOps is and what IBM has to offer.
A little over fifteen years ago, IBM set out to change the face of the software industry by
bringing together a collection of high-quality software that would help clients solve their most
pressing business problems.
As customer needs changed, new approaches were adopted. Unique partnerships were formed. Dozens of acquisitions were signed. And inside software labs around the world, breakthrough discoveries were made.
This leads to where we are today, with all of IBM�s different software products and solutions working together as never before to help clients get to a smarter and much more efficient way of doing business � in whatever industry they fall.
As IBM Software has discovered, to get the most value for its own business and customers it needs to continuously reinvigorate its strategy and technologies through multiple, creative approaches and channels.
Through a series of interviews with Software pioneers and leaders, these two videos explore IBM Software's continuing pursuit of value and innovation across several decades.
Recently on the Integrated Service Management blog we�ve been talking a lot about endpoint management. It�s an exciting space and one that we�re invested heavily in. Instead of getting into a lot of depth, I�m going to attempt to summarize what we�ve been talking about in just a sentence or two. I�ve got the time, so I�ll write a short blog instead of a long one.
Basically what we�re talking about boils down being able to identify all of the endpoints in your infrastructure, and then not only being able to centrally define and deploy security policies across those endpoints, but also be able to manage the lifecycle, patch process and power management of that endpoint. The key here is convergence.
This is an example I typically use when talking about why convergence is so important, because it is one of the most common challenges associated with power and patch management. How do you deploy patches to endpoints that aren�t turned on? Security concerns are directly intersecting with operations management. The benefit of Tivoli Endpoint manager is that by managing everything centrally, under one dashboard, you can manage both security and operations, and in the case I mentioned above, wake the computer up, apply the patch and then put the computer back to sleep/turn it off completely. All of this is automated.
Of course this is not the only example of why convergence is important, but I did promise not to take up too much of your time. In any case, this is the value that SC Magazine could not ignore and yesterday they gave Tivoli Endpoint Manager a rating of 5 stars out of 5. A perfect score. I don�t want to put words in their mouth, so instead I�ll just direct you to the story, which you can find here.
For any of you that would like to learn more I�ll additionally point you in the direction of some of things that we�ve recently written about this product.
Here you can find a blog that Sandy Hawke, Manager IBM Security Solutions, wrote about a recent webcast she did (you can also find the link to the webcast there).
Here is the very recent announcement of Tivoli Endpoint Manager for Core Protection, an addition to the TEM family that leverages cloud technology to provide the most updated security to all of your endpoints.
Lastly, here is something we wrote about how academic institutions are using TEM�s power management solutions to save hundreds of thousands of dollars in energy costs.