A Business Technology Place

Right Sizing Advertisements

Advertisement cat-and-mouse.

For the record, I use an advertisement blocker extension in Google Chrome already. I don’t mind advertisements, because I realize they are necessary to promote products and services that drive the economy (the 4 Ps!). But let’s be honest. The placements of advertisements can be annoying when they disrupt the content of a broadcast, web page, place, or event. This is why I started using an Ad Blocker extension on my web browser several years ago. I wanted a smoother flow of content on the pages I was reading.

Creating guidelines.

In March 2017, the Coalition for Better Ads released some guidelines entitled Initial Better Ads Standards. The document is based on consumer research to identify the types of ads that promote poor experience ratings and create a greater propensity for consumers to adopt third party tools to block advertisements. This is the first step towards creating guidelines for internet ads similar to governing provisions of the CAN-SPAM Act of 2003 for email.

Now, Google will start enforcing the “Better Ads Standards” by automatically blocking ads formats that fall outside the boundaries for acceptable-use. This is a big deal for several reasons:

  • Influence – Google Chrome is the most popular web browser in recent years according to multiple reports and studies from web traffic use.
  • Business Impact – The revenue model for some businesses will fall outside the boundaries of what is acceptable. Businesses will have to adjust to maintain revenue.
  • Industry Position- About $3 of every $10 on digital ads goes to Google according to this report in the Wall Street Journal. Is there a conflict of interest and will Google’s stance ultimately drive more revenue for Google?

A step forward, let’s take another one.

The Better Ads guidelines are not focused on what advertisers says, but how they say it. That’s a great start to bring some decency guidelines for how advertisers insert themselves onto my screen.

A few of the ads Google will block: Pop-up with Countdown, Sticky, and Auto-play Video with Sound (Source: Coalition for Better Ads)

The next thing I would like to see is a way for consumers to filter ad content based on their preferences. Perhaps the Better Ads group could designate ad content areas that could be objectionable such as alcohol, gambling, pornography, etc. Many publishers and ad servers are already making great strides in this space as they serve ads based on the content of the page or based on past searches. This is ad relevance and is a primary factor in driving clicks from consumers.  I have experimented with Google AdSense on my personal blog and Google allows me to exclude certain topic categories from displaying (Kudos Google).  My point is most of the decision power today is in the hands of the site owners and advertisers. I’d like to see the consumers have a bit more say in what type of content is displayed in the advertisements they see. Let’s keep right sizing this topic…..

Onward and Upward!

Targeted ads and your privacy

A large portion of my time at work managing Information Technology is spent handling security and availability of data. The number of compliance controls has sharply risen in recent years as a direct result of the publicity of data breaches and high profile data theft. Quite frankly, security and availability compliance is a bit chaotic right now with new job creation, changing standards, new standards, and individual company risk assessments.

A recent article in the Wall Street Journal from Christopher Mims about targeted ads left me thinking about the availability of my personal data spread across servers and data stores all over the internet. We all know about internet browser cookies leaving trails of our activity as we use the internet for research, shopping, reading, and entertainment. Mims discusses the rise of Amazon’s ad business and how it offers distinct data points that may differ from other internet giants like Google and Facebook. All this data sharing is governed by privacy policies, terms of use, and partner affiliates. But I still find it creepy when products I have researched appear on other sites I visit as recommended buys. As I mentioned my job makes me prove how I don’t share customer data. But retail and social media businesses are monetizing my data by selling it.

I performed a simple test this morning to how browser privacy settings affected my experience with some internet sites. For all these tests I used the Google Chrome Browser. Other browsers have similar features.

Note: There are so many variations for privacy settings across sites that this can quickly become a complex subject. Businesses rely on cookies in your browser but also have the ability to track your history on their site in their databases which is governed by their privacy rules. My simple test was to see how I might increase some of my privacy by adjusting a couple of settings on a browser.

Test One – Eat all the cookies

Setup:

  1. Select the three vertical dots in the upper right corner and then select “settings” or go to chrome://settings/ in the browser address bar.
  2. From the settings bar scroll to the bottom and select advanced
  3. Under Privacy and Security select content settings
  4. Next select cookies
  5. Turn on the setting to keep local data only until you quit your browser
  6. Close and reopen the browser
  7. Go to Amazon, eBay, and Facebook

Results:

This setting allows the sites visited to set their tracking and information cookies. But each time the browser is closed all of the cookies are removed.  Automatically clearing cookies means it is necessary to log into the websites each time the site is revisited. Clearing cache files causes websites to load more slowly after a browser restart. Are the performance downsides worth the small increase in privacy?

I checked sites Amazon, eBay, and Facebook and targeted ads were not there across different browser sessions. But I did have to reauthenticate.

Test Two – Eat some cookies

Setup:

  1. Select the three vertical dots in the upper right corner and then select “settings” or go to chrome://settings/ in the browser address bar.
  2. From the settings bar scroll to the bottom and select advanced
  3. Under Privacy and Security select content settings
  4. Next select cookies
  5. Turn off the setting to keep local data only until you quit your browser (revert Test One)
  6. In the section Clear on Exit add sites that may serve targeted ads. I chose
    • [*.]Facebook.com
    • [*.]Amazon.com
    • [*.]eBay.com
  7. Close and reopen the browser
  8. Go to www.google.com
    • Search “new tires”
    • Search “printer toner HP”
    • Search “Keurig k cups”
  9. Go to Facebook browse and look for ads
  10. Go to Amazon browse and look for ads
  11. Go to eBay browse and look for ads

Results:

I didn’t find any in-line ads for tires, toner or coffee initially. I noted that I had not clicked on any search results; I just searched and viewed results. I went back and researched on Keurig k cups. Then I clicked on a result from Amazon. When I did this, the recommended buys from Amazon completely filled with k cups.  I closed the browser and the recommended buys changed back to something I had purchased in the past. But the site still showed items I had recently browsed.  Since I cleared cookies I had to re-authenticate for my account.

eBay only filled a section with recently viewed items which gave me the impression they were only seeing activities performed on their site. Since I cleared cookies I had to re-authenticate for my account.

Facebook had no advertising in-line but did serve ads on the right-side of the page under the title “recommended for you nearby”. The ads I saw didn’t match tires, printer toner, or coffee. Since I cleared cookies I had to re-authenticate for my account. Advertisers buy targeted ads based on specific interests. I guess my timing wasn’t right for my three tests.

A few more settings of interest:

Facebook:

In addition to the web browser, Facebook is also tracking your account activity and selling that data to advertisers. Turn off some of the Facebook targeted advertising by doing this:

  1. From your Facebook profile, click on the small upside-down triangle in the upper-right side.
  2. Select Settings
  3. Select Ads from the left-hand side of the page
  4. Facebook selects Yes as the default option. Change the permissions to No.

Google:

  1. Go to page https://myaccount.google.com/activitycontrols
  2. There are various sections for activity tracking by Google (search, devices, YouTube, location, etc.) Read each section and designate if you want Google keeping that information.

My thoughts:

Unless I go off the grid or completely stop using the internet, it’s not possible to stop all monitoring of my activities by my internet provider, merchants, search engines, etc. Playing with the browser settings may limit some of the trails I leave and give me a sense of a little more privacy. The settings can certainly reduce the size of my electronic footprint but not eliminate it. As I mentioned before, it’s up to the individual to weigh the trade-offs of privacy with usage on the site.

Onward and upward!

Photo credit: Surlan Soosay via creative commons.

The local library and my reading habit

Alexandra Alter wrote an article in the NY Times this week about technology and our reading habits. Alter’s piece does a good job of reviewing differences between print and electronic readers as well as some changes in recent years in the publishing industry.  Like Alter, I prefer eBooks because of the convenience, searchability, and portability. But the base audience in her article is people who buy books not borrow them. She didn’t make one mention of the public library.

Generally speaking, I search my local library first when I want to read a book. I’ve used print, electronic, and audio versions of books in the past. I know library borrowing isn’t for everyone but here are a few reasons why I prefer it:

  1. I rarely go back and read books of fiction or non-fiction twice. So owning a copy on my bookshelf at home or in an eLibrary doesn’t provide meaningful value to me. If I borrow the book and want to take notes then I use a service like Evernote.com to keep thoughts and learnings.
  2. When I read for leisure, I don’t have to have the book right at the moment when I want to read it. I don’t mind waiting until I can either go to the library or when a copy becomes available in the eLibrary. It’s just not an urgent matter.
  3. The eBooks from local library are available through the Amazon Kindle reader or through another eReader app on my tablet. Checking-out an eBook or audio book is as simple as buying it.
  4. If the physical copy of the book is at another branch in the library system not close to me, then they will deliver it to my local branch for free.
  5. There’s no buyer’s remorse with library books. I’ve started a few books that I didn’t like because of the story-line, characters, or writing style. Since I didn’t pay for the book, it was very simple to stop reading and move-on to the next book.

To be fair, borrowing library books does have some frustrations. Availability is limited by the number of copies purchased by the system and number of borrowers ahead of me. This means popular books can have wait times for over a year. If this happens, I have to decide if I’m willing to wait, if I want to purchase it, or if I should search for another book. I usually just search for another book. There are lots of stories to be read.

So technology has altered my reading habits somewhat. I prefer an eBook but will read the paper version without issue if that is what is available. I should also mention that taking an eBook to the beach makes me nervous because of the sand and water around the electronic devices. This is one setting where I prefer a paper book.

Onward and Upward!

 

The data we see

What we see

When I was an intern in college I worked as a desktop service technician for computer support. I remember an internal financial auditor on the fourth floor of my building that I would occasionally help. Reese was much older than me, but took time to talk to me about life as I fixed his computer. I wish I would have appreciated it more at the time, but I was young and learning my way in a corporate environment.  I thought about him recently because the world of auditing and compliance is changing rapidly in the areas of security and availability of data. While Reese was making sure our company followed GAAP for our financial books I wonder what he would think about compliance controls for information security.

Our news feeds are filled with incidents, thefts, and breaches of company assets involving personal and protected information. A whole new generation of auditors is here to check compliance with controls for how we protect data like credit card numbers, health records, and education records. Identity thieves and hackers have created a gold-rush in recent years to steal data bits that when assembled correctly tell them about you and me. Digital gold.

What we do with it

Today, I have to answer the auditor’s questions about controls in the audit. Unlike my time with Reese, I’m no longer part of the auditor’s day to fill time with a nice break and chit-chat. When I am answering an audit, I often try to really understand the basis of a control or as I as the “spirit” of what the control is trying to achieve (auditors don’t always like this, they’re often a bit stiff).

But here’s my take. The essential question behind the myriad of compliance controls is “what do we do with and how do we protect the data we see in our jobs?”  The intention of the controls is to modify our behaviors to take greater care of the data we see. To do this we have to modify our behavior to treat the data we see like our personal accounts. That means we have to consider who has access to the data. We have to consider the classification of the data we see (confidential, private, restricted, public, etc.) and take action to protect the data in storage and transit.

Thieves rely on our inconveniences to be successful. Restricting access to data in storage and transit is rarely convenient. It requires we think, classify, and take action. It could mean we need to password protect a file, use a secure site for sending a file to a customer, or check to make sure the network folder is only accessible to people in our immediate workgroup. But it doesn’t stop there; sometimes we need to challenge people asking for information.  Tailgating and phishing are made possible because it is uncomfortable for us to challenge people.

Behaviors worth changing

One thing is certain. We are stewards of the data we see each day. Our customers expect us to treat the data with confidentiality and care as if it were own personal data. Forming good habits in data security is worth a little bit of hassle. So here are some practical steps I can offer to help us be better stewards of the data we see each day at work:

  • Take the annual Information and Security Awareness training seriously. Much of the information will repeat each year, but it serves as reinforcement for good habits and the tactics used by thieves.
  • Be cognizant of the data we handle. Classify the data and treat it accordingly. This may mean marking the data classification on documents, storing data in secure places, or using encrypted controls for transferring data to others.
  • Challenge others who ask for access to data. Make sure they truly need access to the data to complete their assigned job function. Make sure they understand the classification of the data.

It’s rarely convenient. But it’s worth the effort.

Onward and upward!

Photo credit: Robert Couse-Baker via creative commons

Password Management System

How do you manage your passwords?

Electronic password managers were created with the goal to help all of us have a more structured approach to storing and retrieving our passwords. But not everyone uses electronic password managers because they don’t know about them, don’t trust them, or because they require extra steps when it is time to authenticate with a service. Many people still rely on sticky notes and paper notebooks.  

I’m convinced passwords are one the largest nuisances in life for most people. It’s easy to see why. Different sites have different password rules and modern password complexity rules require us to use with specials characters, numbers, and capital letters. We can’t reuse password, they have to be a minimum length, and they can’t contain parts of our name or email. I’m dizzy already.

There are two problems with this system:

  1. The rules are not our natural way of processing language and thinking. Result? Passwords are not easy to create and not easy to remember.
  2. To keep up with passwords effectively we all need a system. Sticky notes by the keyboard are not accepted.

Password managers; the good and the bad.

One system to use for credentials management is an electronic password manager tool. There are numerous tools available on the market. Some of them are locally installed on a computer while others are cloud based.

The good

  • Easily searchable
  • Accessible from wherever you are
  • Encrypted text
  • Password auto-creation to match site complexity rules.
  • Accessible only those with whom you share or that have your credentials.

The bad

  • One key to rule them all
  • Cloud based services are targets for attack and exposed to more thieves on the internet
  • The security of electronic sites and applications are frequently exposed for new weaknesses

Don’t lose site of what is at stake.

Regardless of how you feel about electronic password tools compared to a paper based system, don’t lose site of the importance of having a secure system. It’s your data and your life. Identity theft is both harmful and disruptive. Having a password management system can be a time saver too. When you need access to your data you don’t want to spend time looking through drawers and notebooks.

It appears password complexity rules may be changing in the near future as research is showing password length is better than complicated rule sets. So making passwords longer without special characters is a win for both usability and security. In the meantime, make sure you create a safe system.

Onward and upward!