Tags: backup, Backupify, CA, cloud, Google Docs, IBM, Identity Management, Lotus Quick Rooms, wiki
I’ve written before in this blog about the difficulties of managing information across multiple computers and other devices, when you’re an independent consultant, looking to stretch your budget using (mostly) free tools. In those posts, I’ve speculated that at some point, I would need to resolve the problem of how to collaborate in real-time with colleagues. As it happens, it was after my recent return to the corporate world that the first real need came up.
I accepted an assignment to write a short document for an important customer. The document was to be co-authored by me and a colleague, with other members of our team making contributions or acting as reviewers. The problem was that we had a very short period of time to produce a first draft and it was unlikely that we’d be able to find much time working together in the same office – a clear case for online collaboration.
The nice thing about my current employer is that staff are actively encouraged to experiment with social media, collaboration and other tools. So in casting around for a solution, there were no shortage of suggestions. Keep in mind that:
- We didn’t have the time to be very formal in our approach;
- There was no clear demarcation on who should write each section – we anticipated that we’d all contribute to all of it;
- It was to be only a short (no more than 20 page) document.
Given who we work for, the logical first step was to try out Lotus Quickr. This web-based system allows real-time collaboration for teams and can work both inside and outside the corporate firewall. It was useful for building a library for the reference material we needed for our task, particularly with connectors allowing us to drag and drop files into the library on the Windows desktop and to use it from within email (Lotus Notes) and IM (Lotus SameTime). However, while it has all the facilities for managing collaboration on a document, they proved too formal for our requirements. Documents must be checked out for editing and then checked back in for review. That was just too slow (and single user!) for our purposes.
Our next attempt was to use a wiki. This allowed us to work on our document collaboratively, either in a simple markup language or using a WYSIWYG editor from a web browser. So far, so good. The problem came when we tried to simultaneously edit the document. Wikis are designed to be open for anyone to edit. The philosophy is that incorrect information, bad grammar or typos will be quickly corrected by someone else. This is fine, if you have the time to break your document into a series of hyperlinked pages. For us though, when we were both working simultaneously, the last one to save changes was confronted with either overwriting his coauthor’s changes or discarding his own.
Finally, my co-author (Identity and Access Management specialist Matt Kowalski) persuaded me that we should try Google Docs. We both use a number of Google services already (in my case, Buzz and Wave, as well as Calendar), so it was a simple matter to set up an account, import our existing draft from Microsoft Word and get started. Google Docs is like using the 50% of functionality in Word that everyone uses, without being slowed down by the other 50% that no-one uses. Even the toolbars are familiar enough to start working straightaway. You of course have control over who can collaborate and who can view, but within those boundaries, everyone can work simultaneously. This can be a little unnerving at first, seeing changes happen elsewhere on the page, as you’re typing.
Google Docs allows some collaboration apart from document editing. It provides an online chat window when collaborators are editing or viewing the document at the same time. However, it occurred to me that the whole idea of Google Wave is to provide more sophisticated collaboration tools. The downside of Wave of course is that you can’t create, edit or share documents. However, you can work around that by integrating the two services, using the Google Wave iFrame gadget. I know that Google Wave will be shut down at the end of this year, but for now, it seems worth taking the time to experiment. To me, it seems to work well, albeit in somewhat limited screen real estate.
Of course, if I’m going to consider using such a combination for real work, I need to consider security – that is after all my speciality. The first consideration is to be able to back up and restore anything I commit to Google Docs. For this, I turned again to Backupify. Sure enough, their free service includes backup of a single Google Docs account. I configured it and by next morning, I’d received an email confirming the first successful backup. To be sure, I accessed the archive at Backupify. I opened the archive, located my document and opened it, without any drama at all.
For a real commercial solution using Google Docs, it would be necessary to add further security. CA Technologies recently announced new cloud based capabilities for its Identity and Access Management (IAM) suite, allowing customers to provision users with credentials in Google Apps (including Google Docs) and also to enforce access through CA Siteminder and for business partners through CA Federation Manager. No doubt other vendors either have or are developing equivalent capabilities.
By way of a conclusion, we found a solution to our dilemma – a multiuser, real-time collaboration system, to edit and then publish a document. In practice, it was easy to use and the necessary security can be easily (and to some extent for free) added. Give it a try yourself – if you want to try it in Wave, then you’ll have to be quick.
Tags: backup, CA, cloud, iPhone, Microsoft OneNote, MobileNoter, smart phone
10 years ago, I was interviewed for a position within the newly formed eTrust security practice at Computer Associates (now CA). The Consulting Director who interviewed me asked how much I knew about the eTrust product set. I reeled off the list of products (I know how to research!) and explained which of them I had firsthand experience with. I concluded by saying “Oh, and we use Arcserve for all our backups.” The consulting director pointed out that Arcserve (CA had recently acquired Cheyenne) is a storage product, not a security product. My response “It is where I come from!” I got the job anyway.
The point of this anecdote is that security is based on that well-known triad Confidentiality-Integrity-Availability. In fact, Dorothy Denning makes a compelling argument for expressing both confidentiality and integrity in terms of availability. So, of course backup and recovery – the first line of defence for availability – are part of security.
More recently, as I was setting up Identigrate UK, my desktop PC suffered a catastrophic failure. Things rapidly deteriorated until I couldn’t even start the machine in SAFE mode. However, as a long-time paranoid security specialist (even paranoids have real enemies, right?) I had set up regular backups to an external eSATA drive (stored in a fire and water proof safe). I had also set up to backup critical documents (business plan, budget spreadsheets …) as they changed, using BT’s Digital Vault service. Finally, the PC manufacturer had had the good sense to configure a recovery disk, based on the excellent Norton Ghost. So, after half a day of hard work, my PC was restored, all applications re-installed and virtually all data recovered. It reminded me of a (somewhat cynical) definition of backup as “something you start doing immediately after your first hard disk failure”.
On 10 October, after a week of escalating outages, T-Mobile was forced to announce to it’s Sidekick users that their data had been lost and that recovery was extremely unlikely. For those that (like me) haven’t come across the Sidekick before, it’s a smart phone, manufactured by Danger Inc. Microsoft acquired Danger Inc in February of this year. The important thing is that the Sidekick doesn’t store data (contacts, calendars, to do lists, photos) locally, but rather stores it “in the cloud” or more accurately on Danger’s servers.
It’s still not clear what actually happened, but there’s speculation about a bodged SAN upgrade. However it happened, how can you possibly run any enterprise IT setup and not have fully functioning – and tested – backup and recovery processes?
Now, I use an iPhone, so could the same disaster befall me? Well, no. My iPhone stores most of its data locally on the device. When I connect the iPhone to my PC, it makes a backup on the PC (which is then backed up to the external disk). I do use cloud services with my iPhone – MobileNoter, Google Calendar and so forth – but these are just synchronising data between my iPhone and my desktop/laptop. So, the cloud data is not the only copy.
I suppose the moral of this story is that people are carrying ever more sophisticated computing devices in their pocket and they’re using them in conjunction with ever more complex cloud services. For many people, this is all new and bewildering, but that’s going to change. As Larry Dignan comments on his blog, “As we rely on the cloud more there will become a day when everyone will have some basic knowledge of IT management. Rest assured, Sidekick customers will know you’re supposed to back up your servers better. Gmail customers may learn a bit about scalability. And TD Bank customers certainly know that you can’t merge systems without a fallback plan if things go awry.”