Lost & found: silver screen gems rediscovered

Two recent NPR stories caught my attention for how they speak to a pervasive problem plaguing organizations like mine: loss of organizational history.

One story is about “Bruce,” the name given to the three giant fake sharks used in the movie Jaws. After the filming concluded, all three models were lost and most likely destroyed. After all, you can’t keep every movie prop for sentimental reasons, right? Of course, hindsight is 20/20 and so, years later, the efforts of a determined journalist finally paid off. After coordinating tips from a dedicated Jaws fan community, a fourth shark made from the same mold as the movie models was found in a California auto yard. Used as a prop at the Universal Studios Theme Park in Hollywood, this 25-foot-long behemoth was sorely weathered. But Jaws fans can finally rejoice that a key piece of Americana has been found.

A similar story revealed that 75 silent films were recovered from the New Zealand Film Archive. One such film is a 1927 feature called Upstream by four-time Oscar-winning director John Ford. These early American movies were sent to remote areas of the globe late in their lifecycle. The physical films degraded quickly and, since they were shipped in heavy metal cans, distributors in the States thought it financially wise to abandon them rather than pay to ship them back. However, projectionists and collectors thankfully protected them until they found their way to the vaults of the New Zealand national archive.

Both of these stories are examples where the value of something – films and film props – wasn’t realized until years after they were lost. And, while I can understand how financial limitations prevented preserving a giant shark and dozens of classic films, the same doesn’t apply to expert knowledge and experience. These types of “artifacts” are easy to preserve, especially with the availability of social enterprise tools like blogs.

So I have two questions for you

Can you think of a project or area of expertise you worked on years ago that has since been lost because the knowledge wasn’t captured properly?

What can you do – today – to prevent repeating this mistake?

The Reality of Social Networking [make sure your kids see this video]

I’m one of the last people to raise the paranoia flag, but as a social networking enthusiast and social software trainer, I have a certain obligation to investigate the privacy issues around such web sites. Recently, I’ve been talking with folks, reading, and thinking a lot about privacy.According to a colleague (and a character in the latest episode of House), privacy as we define it today is “a recent invention that started with urbanization.” In other words, when we all lived in small communities, personal and family privacy was impossible; everyone knew everything about everybody else.

Now, we can go from our house to the garage to our car to the garage at work to our cubicle…and reverse that in the evening. Hence, the “expectation of privacy” most people have come to demand. With the advent of social networking web sites, blogs, Twitter, and the rest of the read-write web, we have seen this model challenged, however. Technology has enabled us to broadcast aspects of our lives in myriad ways.

I think social networking sites offer the potential for everyone to maintain and develop relationships they would not have been able to before. But I also have four kids who will only know an internetworked world and “Internet of Things” (hey, I encourage all of the kids to play with my iPod Touch and get on the Web…under supervision, of course).

But allowing children – or, in many cases, parents and grandparents – free reign on these sites without helping them understand the implications of their action is irresponsible.

Leave me a comment after you watch the video about how you protect yourself and your friends and family online. And you may want to revisit your Facebook privacy settings just in case…

Have compassion for neo-Luddites during the holidays

3005591006_8b62706d43Over the Thanksgiving weekend, I ran into an issue that I haven’t had to deal with for a long time: blatant hostility towards technology. Since I work in a tech field, most of my daily encounters are with the geek crowd. And when I get home, my wife is very sympathetic to geek-kind (or at least she pretends really well!).

Here’s the scene: I’m out with some family members (who shall remain nameless) at a restaurant and I’m having a great time. I decide to update my Twitter (and Facebook) status from my mobile phone. Later, at a nearby coffee shop, I do it again, for a total of three digital distractions during our visit (technically, one didn’t count since I was showing one of my family members how an application worked on my iPod Touch).

A bit later, one of my family members asked what I was doing on my phone earlier. When I told him/her (anonymity is crucial here), he/she asked me, “Well, could you not do that while you’re visiting with us?”

Wow. I didn’t really have a response to that. I was taken aback due to two things: 1) this individual is relatively tech savvy and 2) social media is so integrated with what I do that being asked not to do it seems downright rude.

After thinking about him/her a bit more, however, I realized that “tech savvy” is not the same as “digital native.” This individual is someone I’d call a “neo-Luddite” in that he/she is comfortable with technology as of about five years ago: using a PC, email, and general Internet searches. But when it comes to the increasingly integrated nature of technology in our lives, this person just doesn’t get it (yet). He/she still has the misguided idea that as long as he/she doesn’t do much on the Internet, that his/her privacy will be guaranteed.

In fact, later I learned that this individual prefers not to have any identifying photos or content posted about him/her on the Web. Whoops. For years, I’d been posting photos of him/her and his/her entire family on my personal web site’s photo gallery.

Now that I’ve had time to think about it, though, I realize that I need to be a bit more sensitive. I began to think that just as I wouldn’t drink alcohol around a friend who is a recovering alcoholic or serve peanut butter to someone with a peanut allergy, maybe I should be proactive about finding out about the technology preferences for those around me. Especially when it concerns posting photos of them or their kids on my web site, Facebook, etc.

This will be especially important when, in a few weeks (I hope) I start using an EyeFi card in my digital camera (courtesy of this awesome deal from Google). I’ll need to be vigilant of how I set up this card to avoid posting photos publicly until I’ve had a chance to sort through and filter which ones I want to publish.

What do you think? Will you be around anyone during the holidays who might prefer that you “check your tech at the door” or even be offended if your use of tech encroaches on their life? Leave your stories and suggestions in the comments!

The new Facebook privacy settings suck

If you haven’t heard by now, Facebook recently modified the default privacy settings for all accounts. I paid this little heed, since, when I was prompted to, I merely accepted my previous privacy settings. Which were pretty good.

Unfortunately, I didn’t realize that Facebook had removed some items out from my control. The one that bothered me the most is that I no longer have an option to control who sees my friend list. Now, I’m no paranoid recluse, but I think this change is an affront to my privacy. Plain and simple.

Fortunately, the “crowd” was there to help. A quick Google search led me to hundreds of pages of people asking the same question:

“With the new privacy settings, how do I prevent others from seeing my Facebook friend list?

A short and sweet comment on Yahoo! Answers gave me what I believe is the only solution under the current privacy rules. On your profile page, scroll down to your friend list. Look for the pencil icon and click it. Modify the settings to suit your privacy needs (the screen capture below shows what I decided was best for me).

new fb privacy friend settings

What’s a shame about having to do this is that now nobody (even friends) can see my friend list. This eliminates the ability for one of my friends to find new contacts based on my friend list. But this is a necessary casualty of what I hope are temporary limits on Facebook’s privacy controls.

Update: I also discovered that CNET published a blog earlier today with similar instructions.

Hacked!!! [lessons learned]

I’ve been a web hobbyist/enthusiast since the mid-90s and in all that time, I’ve maintained a fairly high level of trust mixed with a healthy amount of skepticism. That balance shifted recently my personal web site was “hacked.”

pirate flagLet me explain what happened: My site is designed to keep family and friends up to date on what’s going on with our family (mostly the kids). When I first launched it and for many years, I kept the commenting wide open. After all, who would take the time and energy to vandalize a little-visited family web site?

About a year ago, I was forced to control and monitor comments a little more closely. I changed the WordPress settings to require someone to register first or have a previously approved comment before they could comment. But I set WordPress to auto-approve new user accounts. After all (uh-oh), who would go through the trouble to set up a user account just to vandalize a little-known family web site?

I found out this past week that even these measures were woefully inadequate. Apparently, within the span of a few hours, “someone” (presumable a bot) created several user accounts, then used those accounts to leave comments on my posts with links to “badware” sites and embedded script code. Google immediately flagged the site as “distributing badware.” That’s when the fun began.

A Slashdot article provided insight into what Google did:

In an effort to promote the ‘general health of the Web,’ Google will send Webmasters snippets of malicious code in the hopes of getting infected Web sites cleaned up faster. The new information will appear as part of Google’s Webmaster Tools, a suite of tools that provide data about a Web site, such as site visits. ‘We understand the frustration of Webmasters whose sites have been compromised without their knowledge and who discover that their site has been flagged,’ wrote Lucas Ballard on Google’s online security blog. To Webmasters who are registered with Google, the company will send them an email notifying them of suspicious content along with a list of the affected pages. They’ll also be able to see part of the malicious code.

What happened to me specifically was:

  • If anyone attempted to get to my site, they’d get a warning page saying the site was flagged by Google.
  • If they chose to click through, they got a version of the site rendered without CSS or images (i.e., horribly ugly).
  • If I, as the admin, tried to log in to WordPress, I merely got looped back to the login screen, preventing me from logging in.

After a few exchanges with my web hosting company (MidPhase), I realized that the onus to fix the problem fell to me. While I’ve been a tinkerer, I’m no PHP expert. That means that while I can install and configure applications like WordPress and MediaWiki, I don’t really know everything that’s going on under the hood. That means that I have no idea what’s supposed to be there and what isn’t. How the heck was I going to fix this?

After panicking for about a day, I came to a solution. I scoured the database tables looking for rogue user accounts and comments and deleted them. I then archived my WordPress files, replacing them with a fresh install. I scrapped my theme (in the event it was outdated and adding vulnerabilities) and installed a recently published theme.

I then submitted a request for Google to reevaluate my site. After one unsuccessful “rescan,” they finally cleared my site with a clean bill of health.

While it caused me to miss nearly an entire night’s sleep on Sunday (as well as hours of time that I would preferred to have spent with my kids…), it seems like everything is back up and running.

A few lessons learned:

  1. Google is quick to protect, slow to educate. I’m glad Google flagged “badware” on my site as I was unaware that someone had hacked it. This was done to protect the general Internet public from being infected. However, while Google blocked my site very shortly after discovering the malicious links, I would have appreciated more information on the pages that were affected. Instead, I got an abbreviated list and a  vague description of the problem.
  2. Security is, indeed, everything. Bad people are out there. I know that now. Why would someone care to hack my measly personal web site? Most likely to simply spread malware. Because of this, I had to tightly restrict commenting on my site. I now require users to get approved for an account on the site before they can comment. This additional hassle will probably stem the already meager flow of comments, but I simply don’t have the time to go through this mess again.
  3. I need to be more cautious. I’ve been somewhat recklessly installing plugins and extensions for WordPress and MediaWiki without attempting to understand how each one works. Some of these pull in information from other sites. Were those sites to be affected/infected with badware, it would instantly stream to my site. By removing these plugins, I hopefully will increase my security, clean up the visual appeal of the site itself, and speed up the web site load time.
  4. Separate your domains. In addition to the main site, I had also created a sub-site for my wife to keep daily records as she homeschools our kids. This site was blocked along with the main site. I have since used another URL for her blog to isolate the two and prevent future collateral damage.
  5. A webmaster’s job is tough. I admit that maintaining this site is just a fun hobby. That said, it’s times like this that make me appreciate the job of a webmaster who must maintain 24/7/365 vigilance over the security of a web site. While I had the potential to lose years’ worth of stories, photos, and personal interest information, this is nothing compared to the personal, financial, and other sensitive data that is at risk every day on millions of web sites around the world. My hat is off to you folks!

Two faces of SharePoint [clarification]

In my last post, I stated why I think SharePoint should not be considered “enterprise 2.0.” I specifically did not say it should never be used, just that it should not be considered the foundation platform upon which a transformational collaborative tool suite (and culture-shifting initiative) is built. However, some colleagues of mine educated me on the difference between SharePoint and “SharePoint.”

Which of the following sites would you guess was built with SharePoint?


forge.mil (DoD version of SourceForge)


Dell Computer's Ideastorm


Accenture consulting

If my sources are correct, all of these sites are built on Microsoft’s SharePoint.

The difference is that SharePoint is used to refer to both the out-of-the-box implementation that many organizations deploy and a highly customizable content management system that can be made to do almost anything. The out-of-the-box version is the one Microsoft tends to sell as the panacea to all collaboration needs. It is typically deployed on an intranet and offered as a way for teams to quickly create a site to share documents and create conversations. Often, they can also create sub-sites with unique levels of access control.

It’s not fair to compare these two. One of the goals of social software – web 2.0 and it’s cousin enterprise 2.0 – is to put content creation and distribution in the hands of the masses (leveraging the “wisdom of crowds”). In an organizational context, this ability (or perhaps even responsibility) should be distributed to the widest possible audience.

As I mentioned in my earlier post, SharePoint is inherently designed to restrict who can participate and contribute in a site. And my observations of the functional limitations of the typical SharePoint site still stand. Designing a custom SharePoint site requires a level of technical expertise that is rare even within the realms of technologists. On the other hand, creating wiki pages (with whatever wiki software you choose) or setting up a WordPress-MU (multiuser) blog gives you complete control within the range of what the tool can do. Better yet, these platforms are designed to be open by default and users can easily create interlinkages between them.

Do you mentor using social media? [call for help]

I have been asked to provide a one-hour talk on the potential uses of social software for mentoring in September. I’ve come up with a few talking points, but I’d love to get input from “you” about ways you’ve impacted (or been impacted by) the use of technology in formal or informal mentoring relationships.

My tentative speaking points…

  • Overview and demonstration of social software: Wikis, blogs, profiles, bookmarks
  • Discussion of applications to mentoring: Traditional, reverse, group, “stealth”
  • Generational, cultural, & technological considerations
  • Creating a strategy: Choosing the right tools, piloting the idea, integrating with existing strategy

What am I missing? What examples can you provide that support the benefits and challenges of using technology to enhance mentoring programs?

Using a “big shovel” to drive Enterprise 2.0 adoption

In a recent post, Seth Godin describes the concept of using a “little shovel” to gain acceptance of an idea. In it, he asserts:

If you want to dig a big hole, you need to stay in one place.

If you walk around town with a little shovel, you’ll just end up digging thousands of little holes, not one big one.

As a trainer focused on teaching the hows and whys of using collaborative/ enterprise 2.0 tools, I take this advice to heart. In some of classes I teach, I see a wide range of individuals from across the organization. This provides opportunities for students to share widely diverse strategies and thoughts on using the tools. But sometimes this seems like using a little shovel…

My team also frequently reaches out to specific groups to arrange “bulk” training for a team to quickly get up to speed together. By continuing to push on teams that indicate some receptivity, we often find we’re able to gain some decent ground. Staying still and using a big shovel digs a deeper hole.

What strategy have you found works best? Going broad to get a smattering of committed folks across the organization (i.e., in a grassroots manner) or going deep and pursuing more wholesale adoption with teams and groups?

“How blogging almost got me fired” [remorse]

Today’s story is courtesy of a friend of mine – I will call him “Jack” to preserve his anonymity and spare him further problems. I’m going to tell you Jack’s story and lessons learned (sans details) as a caution about engaging in social media.

Let me start by giving some background about Jack and his situation. Jack is a smart guy. He’s been in his current field over a decade and is well-respected by his company, “Smart Guys, Inc.” and his clients. He maintains a professional blog on a network that is shared between a sort of consortium of  different organizations. The time he spends writing to this blog is directly tied to his client work and they in fact encourage him to blog (and cover his time to do so). He typically writes about his area of expertise in order to share his knowledge and insights with a large community of users. Due in part to his blog, Jack is known and respected among a large audience, most of whom he’s never met in person.

bart_chalkboardRecently, Jack got in hot water because of a post he wrote. Frustrated with two products from another organization (“Megacorp”), he wrote a post criticizing these products but omitting nearly (key word) all details. It is important at this point that you know that Megacorp provides client work to Smart Guys and that Smart Guys, Megacorp, their clients, and many others in the consortium can all read his blog.

In a writing style typical of many blogs (and reflective of his personality), Jack started with a punchy, sarcastic introduction, then laid out a logical and thoughtful critique along with his recommendations for a better solution. His post received many comments within the span of a couple of weeks.

Jack is a careful blogger with plenty of experience. He goes through a “best practices” checklist before posting a new article. This includes tests such as:

  • Would I say this to a person/people face-to-face? Check. Jack realized that while his sarcasm might be received differently in person, the objectivity and thoroughness of the post would demonstrate his intent to provide constructive criticism.
  • Am I being objective? Am I sticking to the facts? Check. While his post contained anecdotal, personal experiences as well as hypothetical data, the key points of his argument were objective.
  • Is what I have to say meaningful and constructive? Check. Jack addressed an issue of wasting people’s time and recommended alternative solutions, both of which were worthy of attention and input from the wide audience on the blogs.
  • Is this topic pertinent to my job/role/client? Check. The products Jack criticized were similar to those he creates for his clients. With his depth and breadth of experience, he is well-qualified to speak to the matter.

Author’s note: I had the opportunity to read Jack’s post in its entirety so I can speak first-hand of its contents.

Once past this personal blogging gauntlet, he felt confident publishing the post.

And so began his troubles. Ironically, the same transparency that helped him build his reputation also helped open a huge can of worms.

Megacorp – the organization set in the cross hairs of Jack’s criticism – happened upon the post nearly three weeks after it was published. Even though Jack had sanitized the details, enough details remained to lead someone at Megacorp to deduce that they were the subject of his post (Author’s note: Probably a guilty conscience and a bruised ego). Based on key phrases Jack used in the post, Megacorp concluded that the post – in and of itself – could be used as a basis to launch an investigation of their company (a major legal deal). And since his blog is tied to his user account, it took a minimum of detective work to piece together who he was and what his connection was to Megacorp.

There were not happy.

At some point as it shot up Megacorp’s chain of command, Jack’s leadership was contacted and a demand issued for his termination along with a threat of a lawsuit against Smart Guys.

Author’s note: This response is a testament to the game-changing nature of social software and a fundamental shift in paradigms that requires individuals and organizations to change. This change includes putting ego aside in favor of direct and candid feedback.

Within less than 24 hours, the following events then transpired:

  • Megacorp big-wig contacts Smart Guy big-wig.
  • Smart Guy big-wig sends emergency email down the chain to Jack’s supervisor.
  • Jack’s supervisor defends his intentions and integrity while agreeing that a mistake was made. According to Jack, the actions of his manager probably had the single greatest impact on the resolution of this incident.
  • Jack meets with his supervisor to discuss the gravity of the situation. They agree that the post should be removed and a letter of apology issued to the Megacorp big-wig.
  • Jack removes the post and drafts an apology which is reviewed by Smart Guy big-wigs before sending to Megacorp.
  • Megacorp acknowledges the measures taken and realizes that there was no malicious intent.

Jack knows this incident will impact his “hall file” (unwritten reputation) for a long time to come. This is unavoidable, but he hopes to restore his reputation through continued high quality service to his clients and by educating other Smart Guy staff about the “dos” and “don’ts” of engaging in social software platforms.

Lessons learned

  • Watch your tone. Blogging is an art form. It requires a writing style that is both entertaining and engaging, but it should also be authentic and respectful. Jack crossed the line in some of his comments.
  • Avoid inflammatory words. In a face-to-face conversation, sarcastically saying someone is a “fraud” might be seen as humorous (and there’s no official record). In a blog post, it could be seen as libel or defamatory. And it is a written record which, in some cases, could be used as evidence to support an official investigation of wrongdoing.
  • Do not use details if they are not necessary. Jack realized afterward that he could have made his argument with as much impact without including details that could implicate Megacorp.
  • Do not let your ego destroy your career. While Jack could have stuck to his guns, it would have cost him a job that he has enjoyed more than any previous jobs. By removing his ego and pride, Jack was quickly able to apologize and help resolve the situation.
  • Do not bite the hand that feeds you. In other words, unless it is over a ethical or legal issue, do not pick a fight with those cutting your paycheck. Jack might have been fine if his target was another company that Smart Guys did not do business with.
  • Learn from mistakes, but do not be afraid to make more. Another person might be tempted to abandon all forms of self-expression after experiencing this conflict. Jack is not one of them. He plans to continue blogging and following his new lessons learned.

As a blogger myself, I take these lessons to heart. There is definitely a balance to engaging in social software sites. That balance is even more critical when using enterprise (internal) social sites.

Do you think Jack made the right decision? Should he have blogged what he did in the first place? Should he have defended the assertions in his post? Do you know someone who has or could make a similar mistake? Please share stories and tips in the comments!