However, does it really matter?  The fundamental goal of email when it was invented decades ago was to enable people to communicate in a more efficient way.  That goal has never changed, but the tools that are available to corporate decision makers to enable that efficiency have.  For example, we now have social tools that can enable communication in a way that enables easier access to and analysis of employee and customer sentiment.  We have collaboration tools that make it easier for groups to work on a document instead of sending a file to everyone via email.  We have text messaging and instant messaging that enable bursty types of communication that are more efficient than email.

Spending time at Lotusphere last week reinforced my view that IBM, more than many other vendors, really understands the new paradigm.  To them it’s not so much about Notes/Domino losing share to Exchange (which, on a worldwide basis, is questionable anyway given that there are more Domino servers under management than at any time in the company’s history) or cloud vs. on-premise or social media vs. email.  Instead, it’s about how communications is evolving into a new platform that integrates social into the business fabric – integrating new paradigms with the old where it makes sense to do so.  It’s about a shift in corporate culture that doesn’t focus on siloes of information, but instead uses a variety of communication modes in a way that makes the most sense.  For example, email need not – and should not – succumb to social media, but instead evolve into a tool that enables integration of various communication types that makes sense given a particular organization’s culture, regulatory environment, today’s customer base, future customer base, the geographic distribution of its employees and other factors.

The bottom line is that email – and every other mode of electronic communication – is about how to let employees and customers communicate, collaborate, learn, change and act in a way that meets their needs and those of their employer.  Those who get caught up in the email vs. social media vs. Web 2.0 vs. cloud vs. on-premise vs. whatever else discussion are often missing the bigger picture:  this is much more about business and getting things done efficiently, and not so much about technology.

Although Mr. Strom is a very sharp guy, I respectfully disagree:

• I’m certain that the vast majority of the 10,000 organizations cited in Mr. Strom’s article care about the new release.
• Same goes for the 47 state governments he cited that use GroupWise.
• Ditto for the many third-party developers of encryption, archiving, security and other products that are designed for use in GroupWise environments.
• Even competitors will care, since some have made public – and not so public – their strong desire to move GroupWise-enabled organizations to their respective platforms.

Mr. Strom is right in that GroupWise has lost a significant portion of its customer base and the development of the platform has not kept pace with that of some competing solutions.  However, the new GroupWise has some noteworthy and interesting features as he pointed out, such as integration with Skype for presence detection and an iPad client among them, that will help to keep interest in GroupWise alive.  Moreover, given that migrating to a new messaging system is typically arduous and expensive, a new version with interesting new features might be enough to convince some decision makers that they can at least postpone the migration, if not put it off completely.

Does this mean that the new version of GroupWise will cause the platform suddenly to reverse its slide and start picking up new customers in droves?  Doubtful, but if this is the first in several steps focused on updating and improving GroupWise, predictions about the death of GroupWise may have been premature.

In a way, social media use in the vast majority of organizations is like email was back around 1997 – not much in the way of anti-spam, anti-malware, content filtering or archiving is in place to protect organizations from all sorts of harm.  Use social media today and – at least from the perspective of how protected you’ll be against spam and malware – you can recreate your email experience from yesteryear.

Should you be concerned about?  Yes:

• Facebook says that about 4% of its content is spam and Twitter said that 1.5% of its tweets were spam-like in 2010 (numbers not dissimilar to email spam figures back in the mid- to late 1990s).  However, Imperium estimates that 400 million Facebook are victims of social spam each day.
• Last week, malware stole login credentials for 45,000 Facebook accounts – a small proportion of the approximately 800 million accounts in use today – but 45,000 nonetheless.
• Imperium estimates that 40% of the social profiles in existence today are frauds.
• Our own research indicates that only a small proportion of organizations are archiving their social media content, despite the fact that some of this content is potentially actionable or might be subject to legal or regulatory scrutiny at some point.

Clearly, there is a problem: lots of malware and spam floating around, millions of tweets and posts that probably should be archived, and few companies doing anything about it.

We are in the process of writing a white paper that addresses these topics, and will be launching a major study within the week on how social media is used and perceived, and what organizations are doing to protect themselves.  Let us know if you’re interested in what we will be finding from the research.

2012 will be the year of social media management

Imagine letting your corporate email system be whatever your employees choose – Hotmail, Yahoo! Mail, Gmail, whatever.  Then let them say anything they want without any policy management, supervision or consequences.  Moreover, don’t preserve any email content, even if it contains actionable or important business records that you really should keep for legal or regulatory reasons.  Now, substitute “social media” for “email”, and that’s pretty much the situation you have in most organizations today.

Some industries and organizations get the important of managing social media.  For example, financial services firms – as a result of rulings by FINRA, IIROC, the FSA, etc. – understand that social media content must be managed.  Important content must be archived, tweets and posts need to be monitored, and policies need to be established and enforced.  The NFL gets it and has established specific guidelines for what players and coaches can post to social media before and after a game.  However, the vast majority of organizations don’t get it – they let employees say anything they want on Twitter, Facebook or other social media sites without establishing any policies or guidelines whatsoever.  If you’re unsure of the risk, search for “I lied to my client” or “my boss is stupid” on Twitter and see what comes up.

I believe that will change dramatically in 2012 as decision makers become more aware of their risk.  Unfortunately, I think much of that awareness will be of the two-by-four-upside-the-head variety as organizations are sued for sexual harassment or other actionable posts on social media.  Wise decision makers will get out ahead of the problem and a) establish acceptable use policies for social media and b) deploy technology that will manage and archive this content according to those policies.

RIM and Novell GroupWise will turn around

I realize that I’m in a pretty small minority here, but I believe that RIM and Novell will have a better 2012 than 2011.  RIM, because it will introduce some interesting new phones this year and because its robust security model still has lots of credibility in the IT space; Novell, because I think Attachmate will take the steps necessary to prevent the continued slide of the GroupWise brand and because GroupWise is still a pretty solid messaging platform.  While I don’t expect a massive turnaround in either brand, things will improve.

Apple will get serious about the enterprise

I really like Apple products, but the company has never taken the enterprise market seriously enough in my opinion.  Assuming that will change in 2012, I’m going to go way out on a limb here (hoping everyone who reads this forgets it if it doesn’t happen), but I think Apple will buy Parallels Holdings, the owner of the very popular Parallels virtualization platform as a means of moving the Mac into the enterprise as a robust Windows platform for enterprise applications.  That would enable decision makers to deploy Macs with their somewhat lower cost of ownership while not having to rewrite any of their enterprise apps in order to do so.  And, no, I’m not smoking anything!

Spam will make a comeback – with a vengeance

Spam volumes dropped dramatically in 2011 compared to 2010 because of the takedown of some key botnets and other developments.  For example, Symantec.cloud reported that from spam’s high of 92.3% of all email traversing the Internet in August 2010, spam fell to 72.8% in April 2011 – and it stayed relatively low through the rest of the year.

That said, I believe that spam will come back in a serious way in 2012 for two reasons:

• Traditional spam is still very effective and it’s incredibly inexpensive to produce, yielding extremely high ROIs even with very low clickthrough rates.  Products that produce such incredible returns simply won’t go away.
• More insidiously, spam – in the form of phishing and similar types of attacks – is an effective way to deliver malware into organizations.  Attacks that occurred at Oak Ridge National Laboratory and the International Monetary Fund are good examples of how good employee training or robust defenses can still fall prey to targeted attacks.  Bad guys love malware and are very motivated to deliver it in whatever way they can.

I’d appreciate your feedback on these predictions.

During the last week of December, the New York Times crafted an email for a few hundred people who had cancelled their subscriptions, offering them a big discount on a 16-week subscription.  Unfortunately, the Times sent this email to 8.6 million people instead.  After discovering the mistake, the Times tweeted that they had never sent the email, but shortly thereafter corrected itself.  To its credit, the Times honored the discount to anyone who responded, but only for a short while.

There are five lessons that all of us can learn from this episode:

1. Mistakes like this are fairly easy to make with email and other digital tools, so expect they will happen.
2. Plan for these mistakes by crafting policies about how you’ll respond as a company.  Make sure every employee knows what the policy is, why the policy is in place, and to whom they can turn if they have questions about it.
3. Don’t pretend you didn’t make the mistake.  In an age of social media, denying your mistake will work – for about 10 minutes.
4. To the extent possible, make sure you are the one that tells the world about your mistake first – if you don’t, there is a 100% certainty that someone else will discover it, tweet it to the remotest parts of the earth, and make a much bigger deal about it than it really is.
5. Eat your mistakes and suffer the consequences to the extent you can.  If that means you offered a discount in error, eat the cost and use that to your advantage.  A Times article with the headline “We Screwed Up and Saved You a Million Dollars” would have taken the edge off the incident and might have generated a decent amount of goodwill.

In short, give the press – or the tweeters or bloggers or Facebook posters – no place to go.

What reminded me of this was two things:

• We received an email this morning from someone who signed up to be on our survey panel 13 months ago.  As we do with everyone who signs up for the panel and provides us with a corporate email address, we send an email to verify their identity.  We received it and added him to the panel in November 2010.  This morning, in response to a mailing, he replied “That’s nice…I don’t give a ****”.
• Also today, there is an article about three staffers who worked in the office of a Washington-state US representative.  These staffers, probably not intending to get fired, did just that via Twitter.  Among their less-than-wise posts were “Dear taxpayers – I hope you don’t mind that I’m watching YouTube clips of Nirvana at my government job.  Thanks, you’re the best”, and “I really like DC, but I could have used another day away.  The silver lining is that I don’t have to see my idiot boss.”

Two really important lessons here, one for employees and one for employers:

• Employees:  your electronic words exist forever on tape, in archives, in inboxes and, in the case of tweets, in the Library of Congress.  They might come back to haunt you and, if they’re egregious enough, probably will as in the case of the Congressional staffers who were fired 70 minutes after their conduct was discovered.
• Employers:  monitor what your employees are saying via Twitter, email, etc.  A failure to do so can damage your corporate reputation, result in legal or regulatory sanctions, reduce your revenue, and leave you wishing you had deployed monitoring technology that is probably less expensive than you think.

• Data is uploaded from your local sources and divided into 64-megabyte segments that are protected using 256-bit AES encryption.
• Each 64-megabyte segment is then further broken up into one-megabyte segments.
• To each group of 64 one-megabyte segments, 32 one-megabyte parity fragments are added using a RAID algorithm.
• The 96 one-megabyte fragments are then distributed randomly across the base of Symform customers worldwide (although most are currently in North America and Europe, with a handful in Asia, South America and Africa).

When a customer pulls down data from the cloud, it’s gathered from these disparate sources and assembled into the file(s) that have been requested.  The 32 parity segments for each block of 64 one-megabyte segments adds 50% to the overall storage requirement, but makes the system highly redundant when local storage is corrupted, customers’ storage systems are turned off or otherwise unavailable, etc.

One of the fundamental advantages of the Symform approach is its very low cost: the first 200 gigabytes of storage is free, while unlimited storage for three users is just $100 annually.  The only “catch”, if you can call it that, is that customers must provide as much storage locally as they receive in the cloud, since they – in effect – are the cloud.  Symform’s goal in using this highly distributed model is to drive down the cost of cloud-based storage, making it comparable in price to local storage.

This model of cloud storage raises a couple of important questions:

• Are data protection laws obsolete, such as those that require data not to leave a certain geographic region?  Because data using the Symform model is encrypted, then broken up into small bits and then distributed all over the world, content stored in this manner is actually more protected against inadvertent or malicious interception than it is if data is stored traditionally in a “protected” geographic region.
• Can cloud storage be as inexpensive as local storage?  While Symform’s current pricing model makes cloud storage only modestly more expensive than local, it will be interesting to see if the model is sustainable (I believe it will be).

Symform’s innovative offering is very definitely worth a closer look if you’re at all interested in using the cloud to store some or all of your data.

Here’s the story: on November 11^th of last year, Mr. Nemeth sent an email to Marriott telling them he had been accessing their network for several months and had obtained confidential information as a result of his snooping around.  In the email he threatened to reveal this information publicly if he was not given a job as an IT staffer.  After Marriott did not respond to this threat, Mr. Nemeth then sent them some of the documents he had accessed, purportedly as a result of an infected email attachment he had sent to several targeted Marriott employees.

Marriott contacted the US Secret Service and created a bogus HR employee to serve as the contact for Mr. Nemeth in an effort to catch him.  He believed the ruse and continued the dialog with the agent/employee.  After several weeks, Marriott purchased an airline ticket for Mr. Nemeth who arrived in Washington, DC and was interviewed for the position he sought.  During the interview, he told the agent/employee that he had stolen Marriott data, sent the extorting emails, demonstrated his technique for infiltrating the Marriott network, and identified where in Hungary he was storing the stolen information.

Mr. Nemeth has pled guilty to two counts that could land him in federal prison for up to 15 years – he will be sentenced in February 2012.

Even though Mr. Nemeth may not have been the brightest bulb among those seeking a job at Marriott International, he had a major impact on the company’s IT department.  Marriott was forced to have more than 100 employees search across its network to figure out exactly what Mr. Nemeth had stolen and how he accessed this information.  Marriott estimates that it spent anywhere from $400,000 to $1 million in consultants, employee salaries and various other costs associated with this exercise.

That got me to thinking about how our communications has changed from mailed correspondence to fax to email to SMS and other very short modes of communication.  While the speed of delivery is certainly improving over time, I believe the primary driver for migrating to faster and shorter modes of communication is television.  For example, studies have shown that an increase in television viewing among children shortens their attention span, which I believe  translates into other realms, as well.  For example, the average sound bite in the 1968 presidential election was 43 seconds, but dropped to 9.8 seconds in the 1988 election and 7.3 seconds by 2000.  Moreover, television changes our mindset into believing that every problem on a funny TV show can be solved in 30 minutes, while problems on serious shows require a full 60 minutes (minus 16 minutes of commercials) to resolve.

If our attention spans continue to get shorter, what impact will this have on our ability to communicate meaningfully in the future?  Can you say enough about your product in 10 seconds to get people interested in what you’re selling?  Can your 140-character Tweet or 160-character text message really convey your actual meaning?  More importantly, can you as a business decision maker or voter or parent or consumer gather enough information in just a few seconds to make a well-informed and meaningful decision?

I’m not sure what the solution might be and welcome your thoughts on the topic, particularly in the context of business communications and how we will convey information in the future.  I think it’s an important topic to discuss.

My recommendation to those who are fearful of or resistant to the benefits of social media is to spend a day or two at the Enterprise 2.0 Conference.  I was there on Tuesday and – while I am already sold on the many benefits of social media – came away with a renewed appreciation of how important this technology will be in improving business processes, reducing costs, speeding decision making and improving overall corporate performance.  More on what was most impressive in another post.

However, for social media to work there are three important questions that decision makers in any organization need to consider:

• First, do you have a corporate culture that will enable social media to add value?  A culture that rewards information-hoarding or that encourages employees to build their own little fiefdoms within your corporate walls will simply waste money deploying even the most promising social technologies.  Because social media is about, well, being social, organizations in which employees trade information only to get brownie points or to establish their own reputation will simply be wasting their time and money.
• Second, will the social media technology that you deploy simply be another thing for employees to do, or will it integrate with existing business processes so that social media becomes a natural extension of these processes?  If the former, fuhgeddaboudit – it will simply be a waste of your IT department’s and employees’ time.
• Third, do you have a plan for social media?  If not, don’t bother – as one keynote speaker put it, “Social without a goal is a whole lot of noise.”

In short, make sure that your corporate culture, integration plan and goals for social media are set before you deploy the technology.  If you don’t, you’re probably better off not deploying social media in the first place.