General

Pits, Traps and Windfalls of Open Source Software (For Business)

by

One of the things that I have often come across when consulting with clients is, obviously, the phenomenon of open-source software, and next week (17 May 2005) I will be presenting to the local CPA Australia IT discussion group on the topic of Pits, Traps and Windfalls of Open Source Software.

Now, I happen to think that open source software is better than the proverbial sliced bread on a picnic, but it does come with some real dangers hidden with its benefits. A real commercial issue is that, for software that is “free”, no purchase order is required and a business can find itself heavily reliant upon the open source software (and the skills of the person who knows how to use it) without any of the usual gatekeeper controls to ensure people understand what it’s all about (many businesses require a business case to purchase new software – but, no outlay means no business case means no commercial considerations are part of the decision).

And once you get out of the top five or ten open source projects in a particular software category, your ability to find someone that can actually use the software decreases markedly (which usually means that, once you find them, you’ve got to pay them quite well thanks very much). So fairly soon, and without any real red flags to indicate that it’s happening, the business can become very reliant upon the skills of one single solitary person (who may or may not be a good bloke, but is still susceptible to the all-too-common “hit by a bus” problem).

But, I use Open Office at home (fairly seamlessly for most documents) and we do sponsor open-source software such as DotNetNuke to our clients, as it’s a category killer in open source portal tools, and is based upon some standard technologies. I think it will always be interesting to run the numbers for clients and see which way they are better off. And this is exactly why I’m presenting next week on exactly this topic. So if you’re in the Brisbane area, please feel free to drop in and say “hi” by registering and perhaps discuss the finer points or two of this topic in the business context.

Information Systems, Security, and Fraud

by

I note that John Halliday (a colleague at BDO Kendalls – Director IS Audit) has written an overview article on information systems security and fraud. This is a good short article raising the link between IS security, governance structures, and organisational fraud. John is promising a series of articles in this newsletter, so I am sure there is more to come here.

From what I understand, this article also dovetails nicely with a seminar that was run on 18th April 2005.

Password Security and Caffeine Addiction

by

I note a completely unscientific study (by Verisign) – but it’s probably indicative – that indicates that 2 of every 3 San Francisco pedestrians were prepared to provide their passwords in exchange for a voucher for a Starbucks coffee. Which is a remarkably similar result to that found in a UK poll. I wonder whether you’d get the same results by offering a Caramello Koala here in Australia?

Due Care and Attention Before Sending That Document

by

Just saw this article on zdnet which talks about how the US Army kind of mucked up when it released a confidential report but didn’t convert it to PDF properly. So the censor’s pen wasn’t quite black enough – easier to see than holding it up against the light, I guess.

Of relevance to those of us not in the US military though – never (well, almost never) send a document to a client or external party with track changes on or with dodgy metadata in it (you’ll see dodgy metadata under /file/properties in your Microsoft documents – if you do that and it looks like something you don’t want a client to see, then change your templates). Better yet, do what I do and send them as PDF documents (try CutePDF) – just be better at that than the US Army is.