Safe and secure
I was interested to read your article on single sign-on (A question of identity, September 2002) and the social engineering aspects of security, (September and October 2002). Both highlight that usernames and passwords cannot be relied upon to secure the network. If passwords are given freely to anyone who asks, what’s the point of having them at all? Add this problem to the fact that users are being provided with numerous passwords that they have to remember, and the value of usernames and passwords to the organisation diminishes. Even worse is the prospect of a single sign-on with only username and password: once this is breached then access to all systems controlled by single sign-on is compromised.
If organisations distribute stronger authentication tools to each authorised user, it eliminates the need to remember numerous passwords and can strengthen single sign-on security. In addition, the system cannot be accessed without physical possession of the device, making it a practical, secure option for both user and organisation.
Graham Peat
European marketing manager
Rainbow Technologies
A reader recommends
For those managing the email minefield, the experience often makes you feel like David facing cyber-Goliath (Danger zone, Information Age, October 2002).
That’s because recoveries on Microsoft Exchange databases represent a real nightmare for administrators. Even relatively ‘simple’ tasks, such as restoring a single mailbox or retrieving archived emails, can be laborious and time-consuming.
I would recommend PowerControls 1.0 from Kroll Ontrack [a data management and recovery subsidiary of law firm Kroll] to all those that face these tasks. It dramatically changes the process of restoring data as you simply take a copy of the database from the latest back-up, and restore whatever is needed. It also means you don’t need a separate Exchange restore server, so recoveries can be carried out from a workstation, if sufficient disk space and memory are free.
In short, it’s a tool that anyone who knows anything about the trials and tribulations of email management should use.
Göran Husman
MS Exchange consultant
Human Data AB
ASP advice
In your October 2002 Expert advice section on application service providers (ASPs), Ovum research director Katy Ring advised readers that ASPs are ‘only worth considering’ if they are ‘going to run in a fairly self-contained manner’. She suggested that they were not really viable where customisation or integration with other internal systems would be required. I would like to disagree with this opinion.
The problem is that she does not differentiate fully between ASPs running largely unsuitable, traditional software over an Internet connection, from the newer, web-native, ‘one to many’ ASP model. Our ASP software has been designed from the ground up using Enterprise Java with open web services standards such as XML in a tiered model, which simplifies integration and customisation.
By integrating older back office systems into a web-native ASP platform, users gain radically simplified access to new technological advances. Customers use our service as an enterprise integration platform to link older, stand-alone systems to a range of new applications including customer-facing and collaborative ebusiness, mobile commerce and communications. We provide a ready-made interface for the majority of legacy systems used in the transport sector and where there is none available, integration is little more than a few hours work matching up the proprietary data schema with our XML format.
As for customisation, this is where vertically focused ASPs can excel through their knowledge of their customers’ business. Prototype systems can be built in record times, and with our ‘pay-per-order’ charging model, costs are always related to revenue. ROI is best achieved through software that answers the problems and needs specific to the users¹ business, and can dynamically respond to a rapidly changing business environment.
If organisations combine a flexible application platform designed for integration and customisation, with an understanding of the business processes involved, it is possible to provide a genuine outsourced and flexible application service.
Becky Clark
Business development director
NetDespatch
Correction
In the Books section of the November 2002 issue of Information Age Book review, we published the incorrect URL for our free, downloadable report on business process management. This report can be accessed in the Industry Reports section of the site.