In This Issue: 1. Editor's Note: A Data Bill Of Rights 2. Today's Top Story - Nightmare On Wall Street: Prosecution Witness Describes 'Chaos' In UBS PaineWebber Attack Related Stories - PaineWebber Systems Admin Faces Trial For Computer Sabotage - Security Cleanup Costs Much More Than Encryption: Gartner 3. Breaking News - Reliability Survey: Windows Servers Beat Linux Boxes - Microsoft Tackles Enterprise Messaging Security - Microsoft Live Labs Debuts Security Services - Intel Gives Sneak Preview Of Core Duo - HP Rolls Out First Dual-Core 64-Bit Notebook - Groups Protest Proposed AT&T-BellSouth Merger - Google Spreadsheets Set To Debut - Plastic Missed In Factory Cooks MacBooks - Press Releases More Popular Than Reported News - IBM Has The Tools For Digging Deeper Into Data - Yahoo Plans MyWeb Update - Venture Capital Companies To Acquire CRM Vendor Onyx 4. Grab Bag - Slide Show: Bidders, Beam Me Up (BusinessWeek) - Watching The Snoops (BusinessWeek) - The Browser: Truth And Rumors From The Tech World (CNNMoney.com) 5. In Depth: Oh, India! - Blog: How 6 Billion IBM Dollars Helped Chase Apple Out Of India - Blog: Everyone's Waking Up To The Importance Of India To IBM - Motorola Plans Manufacturing Plant In India - IBM To Invest $6 Billion In India To Increase Offshore IT Services Offerings 6. Voice Of Authority - Report: Windows More Reliable Than Linux, But Unix Beats All 7. White Papers - Event-Driven Services Fuel The Agile Supply Chain 8. Get More Out Of InformationWeek 9. Manage Your Newsletter Subscription
Quote of the day: "If people never did silly things, nothing intelligent would ever get done." -- Ludwig Wittgenstein
1. Editor's Note: A Data Bill Of Rights One of the biggest obstacles to fighting cybercrime is the corporations themselves. Never mind that many still don't heed the advice of their IT departments and make the appropriate investments in security. Once a crime occurs—be it hacking, identity theft, stolen equipment or logic bombs—these same companies notoriously tend to bury their heads, and the news, in the sand. Many don't tell the cops, they don't tell their partners, and they especially don't tell their victimized customers, employees, alumni, or applicants. They keep it very quiet for as long as they can.
The excuses are always like these: It costs too much to notify people, they don't want the bad publicity, or as in the recent Hotels.com breach, a couple of months are needed to figure out what was lost on the auditor's laptop. (Don't these companies back up their systems? Don't they know what their employees have access to?)
If a company is stupid enough to snail mail unencrypted drives containing sensitive data or apathetic enough to routinely allow employees to bring home laptops stuffed with sensitive data or unwilling to test its own system security or commits any of a dozen more breaches of common sense, then a little time spent squirming under the harsh glare of the spotlight might be just what it needs.
Which is why I was glad to see a judge reject UBS Wealth Management USA's transparent attempt yesterday to bar reporters from covering the trial of a disgruntled employee who allegedly brought down two-thirds of its network.
To the credit of UBS Wealth Management (PaineWebber to most of us), it did call in the Secret Service after a forensic team spent a couple of weeks working the problem and it became obvious that deliberate sabotage was involved. And it is working with law enforcement officials.
But there will be other similar trials, where companies with sloppier security procedures will try to prosecute, but from behind a curtain. Judges should not let that happen.
We should also be pressing for more immediate information when these breaches occur and for companies to do right by all potential victims. In fact, since we are in an age when A) more and more data is being collected by more and more entities—including the government—and shared with God knows whom, and B) data theft is accelerating, what we really need are two things:
A uniform bill of consumer data rights that covers what kinds of data can be collected, whom it can be shared with, what permissions are needed, and how long and where this data can be stored. This needs to be written in plain and simple English in readable type, and it needs to be accompanied by a reasonable, standard system in which consumers can quickly redress errors in their data.
A uniform agreement on best practices for companies and law enforcement to follow in the event of a data breach. When should alerts go out to the cops and customers? What kinds of follow-up services are reasonable? Who gets notified exactly from among a list of stolen data? What are customers owed?
Of course, we need to have some basic levels of security in place, too, but as it has become all too painfully obvious, we're not there yet. So we'd better get to work fast on figuring out the best way to deal with the increasingly ugly aftermath.
Related Stories: PaineWebber Systems Admin Faces Trial For Computer Sabotage The trial started for a former employee charged with building and planting malicious code that took down two-thirds of the company's network, hindering investment trading for several weeks and racking up $3 million in recovery costs.
Microsoft Tackles Enterprise Messaging Security Microsoft launches a line of enterprise e-mail security products for its Exchange server software as the company's first venture into corporate security since it bought Sybari Software 16 months ago.
Groups Protest Proposed AT&T-BellSouth Merger The American Civil Liberties Union on Tuesday urged the Federal Communications Commission to review the proposed merger with an eye to NSA spying complaints. Small telecom firms are also complaining.
Google Spreadsheets Set To Debut Google Spreadsheets will, at least at first, be able to read and write Microsoft Excel files, but will lack Excel's depth of features. It will, however, use tools like Google Talk for online collaboration.
----- The latest research, polls, and tools ----- Is Your Data Secure? Participate in InformationWeek's Global Information Security Survey and find out. Your completed survey also enters you into this year's prize drawing—worth in total $2,000!
Download PDFs Of InformationWeek's Top Stories Visit InformationWeek Downloads to get InformationWeek's biggest and best articles all in one place. Presented in an easy-to-read PDF format, they'll help you analyze and make purchase decisions for today's technology solutions.
Call For Submissions—InformationWeek 500 Participate in the InformationWeek 500! If your company has $500 million or more in annual revenue, register today for this year's InformationWeek 500. -----------------------------------------
4. Grab Bag
Slide Show: Bidders, Beam Me Up (BusinessWeek) Star Trek memorabilia is going where it has never gone before—Christie's auction block. It's time for Trekkers to bid high and prosper. Here's a peek at some of the items on the block and what they're expected to fetch.
For more great jobs, career-related news, features and services, please visit CMP Media's TechCareers. -----------------------------------------
5. In Depth: Oh, India!
Blog: How 6 Billion IBM Dollars Helped Chase Apple Out Of India In just the past two days, Apple Computer said it's cutting and running from a fledgling tech services operation in India, while IBM announced plans to invest a further $6 billion in the country over the next three years. These can't both be smart business decisions, can they?
Blog: Everyone's Waking Up To The Importance Of India To IBM The New York Times this week has an article highlighting India's importance to IBM, saying IBM now employs 43,000 people there, or about 13% of its total workforce. BusinessWeek recently ran its own take on this move. InformationWeek posted this storyline in March, when we also put it on the cover of our magazine.
Event-Driven Services Fuel The Agile Supply Chain Enterprise services are the new technology wave poised to dramatically transform supply chain and manufacturing execution systems in the next decade. The SAP NetWeaver platform has shown that open systems based on enterprise services are here to stay.
Note: To change your E-mail address, please subscribe your new address and unsubscribe your old one.
Keep Getting This Newsletter Don't let future editions of InformationWeek Daily go missing. Take a moment to add the newsletter's address to your anti-spam white list: InfoWeek@update.informationweek.com
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. Thanks.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.