Nick Kingsbury's Blog

I was CEO of Chronicle Solutions from 2006 to early 2007. The flagship product is netReplay, a Network Content Appliance that captures, indexes and replays all user communications in real-time. This blog reflects my interest in that area. www.linkedin.com/in/nickkingsbury nick@kingsburyventures.com

Thursday, June 14, 2012

how are you ?

just do it now  
I just got my favorate Iphone4s from here 
 :< ku2007.com >
best quality and fast ship 
i like it very much 
Come and see.
Sure you will love here. 

Tuesday, November 28, 2006

Monitoring is fine, but what do you do about what you find !

We have a couple of situations recently that have raised an interesting issue.

One prospective client on seeing netReplay’s power to reveal what people are actually doing visibly recoiled and made the comment that he would rather not know.

This not an uncommon reaction, but clearly can’t be the right one.

A new customer of ours is taking what I think is a better approach. They have run the system for a few weeks and have found things that are disturbing to say the least. Their approach is to incrementally revise and enforce their Acceptable Use Policy.

They are seeing where their problems lie and first off sending out general warnings. Then see what problems remain, and if necessary start warning individuals in an iterative process.

Along the way there are been disciplinary issues, but by taking a staged approach they have not had wholesale issues to resolve and the end result will be a much cleaner, compliant organisation.

Risk Manager 1, Threats 0 !


Nick Kingsbury

Labels:

Thursday, November 02, 2006

Survey on Employee Communication Risks Published

Survey Reveals High Level of Employee Communication Risks
And low awareness of company policies on use of non-corporate email and IM


We recently sponsored a survey of 140 office based workers has revealed that unmonitored technologies such as instant messenger (IM), MSN messenger and web mail are frequently accessed and used from company computers – leaving organisations vulnerable to legal action and regulatory infringements.

The key findings include:

  • IM and MSN messenger have been blocked/ banned at 29% of organisations
  • 71% of employees use IM at their place of employment to discuss work with friends and family
  • 36% have used IM at work to communicate with customers and business contacts
  • 43% of employees have received an IM or web mail message that they were upset or offended by
  • 21% of employees are not familiar with their organisations policies on IM and web mail use
  • A further 21% do not even know if such policies exist
  • 7% stated that there were no policies.


These days electronic communications have become the predominant method of communication in the work environment and offer significant benefits. However, an inability to control the use of IM, MSN and webmail has led to many organisations blocking their usage.

Such fears are justified by the high numbers of those who use IM and webmail at work to discuss work matters with friends and relatives – meaning vital information could be leaked and laws related to information protection and publication breached. More worrying still for organisations are the 36% who use such technologies to liaise with business contacts, including clients and partners. Anything stated in such communications cannot be proven or centrally accessed, meaning disagreements cannot be effectively resolved – and again the organisation could find itself facing legal charges from which it cannot defend itself.

The risk of facing accusations, either from internal or external sources is high – with a staggering 43% stating that they have received IMs and web mails that they were upset or offended by. In cases of sexual harassment, racism and sexism the organisations HR department may find it is unable to resolve the complaint and thus facing legal action itself.

We think it is becoming increasingly necessary for organisations to grasp the nettle of employee use of IM, web mail, gmail and other non-official methods of communication from work. Blocking may seem like an easy solution, and may have been accepted 3 or 4 years ago, but these technologies have also proven themselves to be invaluable in the workplace, and a must-have way of communicating for the internet generation.

The only effective way for organisations to protect themselves and their employees in the future is by monitoring such communications while clearly stating that to employees. And this ultimately benefits employees as anyone who has had to report a case of harassment to their HR function or has undergone an internal or legal examination based on what may have been exchanged on email, web mail or IM will be able to testify.

Nick Kingsbury

October 30th 2006

Thursday, September 28, 2006

News Item: Tackling cyber bullying head on

Chronicle Solutions and Crisp Thinking Announce New Technology to Respond to Government Call for Effective Measures to Deal with Rise in Cyber Bullying


For the first time, parents and schoolteachers will have a system that not only allows them to monitor exactly what their charges are viewing but also proactively alerts them to specified dangers.

The Child Protection Gateway - designed to provide effective control over interactions that children are experiencing online, both in schools and in the home - is the world’s first system providing robust internet protection at the network layer.

Government initiatives against cyber bullying underscore the urgency of new technology launched by Chronicle Solutions, author of the world’s leading enterprise-class Network Content Appliance: netReplay, and Crisp Thinking, specialists in the child protection space.

This initiative is particularly in tune with government guidelines announced to help tackle the growing rise in cyberbullying and recent calls to make MySpace a safe online experience.

New research published by the Anti-Bullying Alliance (ABA) reveals that one in five pupils have been bullied over mobile phones or over the internet. Online bullying is particularly crushing according to the government as it pervades the child’s entire existence both at home and at school.

Nick Kingsbury, CEO of Chronicle Solutions, stated: “Instant messaging has become one of the biggest communication tools for children, however, we need to monitor and protect against the serious and growing threat of abuse and circulation of inappropriate material. With this new system, parents and teachers will, for the first time, have visibility and control of the information that enters and leaves the PCs used by their charges.”

“The government is actively calling for ISPs to help address the growing problem of cyberbullying. Until now parents and teachers have been at the mercy of PC-based solutions which have severe flaws and can be easily circumvented. For the first time, the Child Protection Gateway provides real value-add by offering a robust solution that deals with the problem online and means that monitoring is real time and all-encompassing.” added Adam Hildreth, founder and CEO of Crisp.

Until now any online activity has been un-monitored. In the event of a bullying incident, this system will enable teachers and parents to see all communication and review a complete history of what has been seen by the child, over a period of time. Through artificial intelligence the system will look for inappropriate behavior patterns such as repeated requests for a phone number or to meet up and will understand and actively track these patterns. Custodians will receive an automatic alert once these patterns occur so that they can instantly review the chat, instant message or email trail.

netReplay captures and indexes all digital communications in real-time, whether email, web mail, IM, blogs or VoIP and is able to log and store vast amounts of data. No matter how long abuse has been going on, netReplay’s solution is able to track it. The system alerts in real-time any usage transgressions – enabling parents or teachers to be aware instantly of any banned material that is being viewed .


For further information please visit http://www.chroniclesolutions.com/

Friday, September 22, 2006

The Bad Guys, where are they and what are they doing ?

We are nice. We mix with other nice people. We are too nice.

We need to spend more time thinking about what we would do if we were really really bad. I hasten to add that this in not my idle thoughts on an alternate career (honest!), merely that if we are to thwart the bad guy we must do some alternate thinking.

I have had three particularly worrying, but interesting discussions in the last couple of weeks. No names and all that, but here they are.

1) A potential customer for netReplay employs a few thousand staff and currently has one (quickly former) member of staff in prison awaiting trial on terrorism charges. He (allegedly) was running a web site that was raising funds for a terrorist organisation. Now I wonder how much time he spent using his employers systems, networks, storage, bandwidth plotting to destroy his neighbor's families. The bad guy was in the next cubicle. Scary in the extreme.

2) A partner of Chronicle's has a customer whose internet traffic network they monitor. The customer is a metropolitan city council. The strange thing is that messages are regularly and systematically going to IP addresses in Eastern Europe. There is no legitimate reason why this should happen. They plan to use netReplay to log and replay the traffic and find out at least what's inside the messages. So think bad thoughts. Details of home owners and their taxation could be useful. Councils collect tax, and also give it back. Maybe there are a pile of false addresses claiming rebates. We shall see, once we have netReplay installed. The bad guy is miles away and he or she is stealing your taxes or getting information about you to steal from you. Hopefully we can help capture the forensic data to pin them down.

3) They are out to get you; yes you (singular). Some of my friends who deal with the more shady security services have told me of a new trend. We tend to think of internet crime as rather blind; a blanket blast to find a weak spot, and so long as you are not too dumb and have the latest patches you are OK, right ? Wrong. The bad guys are targeting individuals. Who is the chief designer for that electronics company; could be good to get his data. Who is dealing with the big M&A deals in an investment bank ? Early knowledge of a bid could is very very valuable. Who is on the bid team for the xyz deal ? If you are the competitor and have few scruples then well worth targeting the key individual. This has been reasonably well publicised, its even in wikipedia; check out Titan Rain ; talking to those affected the personalised nature of the attacks is really alarming.

So if you are bad, how do you find those key individuals ? Go through their trash ? No, dummy, use search engines, blogs and social networking sites. Much easier, and don’t get last nights dinner on your hands, and if you are smart (which they are), you can write software to do it for you.

The really scary thing here is that they will be absolutely determined to make sure you don't even know its happened. You won't even know the bad guy exists, let along where he is or what he is doing.

Hey, just then my laptop seemed rather too busy doing something in the background. I wonder….

Nick Kingsbury

Friday, September 08, 2006

eDiscovery in New York and Boston

.
(Picture taken on September 7th from the Acela train on the way into New York with a Sony Ericsson k750i camera phone)

I have spent a week in New York and Boston speaking with journalists and analysts and as well as marvelling at the food and networking that goes on over the lunch table (check out Michael’s on 24 West 55th Street, a who's who of the media industry on a dozen tables!), a couple of thoughts occurred to me.
First the whole issue of eDiscovery is really soaring up the agenda; the ability to be able to find documents and prove what was communicated easily is becoming strategic. The really key word here is "easily." Law suits have become arms races; if you have a good eDiscovery system the other side will not start shelling you.
If they know you have poor systems that result in costly and time consuming searches to find communication data, watch out.While one can argue whether this type of litigious approach is good for the economy, the fact is, that’s how things work; get used to it. Particularly in the light of the new legislation coming in 1st December.
There is a further point here, and it applies to many IT issues. Putting the important factor of cost aside for a moment, if the process of obtaining information is difficult, the end result will be less thorough searches, guess work, and possibly not bothering at all.
Secondly, the fifth anniversary of 9/11, together with the reports from England of the arrests of around 30 plotting to commit similar atrocities has reminded us all of the risks of assuming that everyone is doing what they should be doing and are thinking nice thoughts. I’m sure you’ve read, the people arrested were described as ordinary people. They held down regular jobs; they were not a foreign army, they were the guy in the next cubicle.The idea repels naturally, and we don't really like to think about in those terms, but without going over the top, employers should at least review their employee screening procedures and also for all our sakes, have some record of people's communication and surfing habits.
Have it there in case you need it. Maybe, just maybe that evidence can help support a decision to intervene sooner and before an act is committed. That sounds like pretty important "eDiscovery" to me.
As I write, I am on the Acela train from Boston approaching that altered New York skyline. Reminder enough.

Saturday, September 02, 2006

LinkedIn Profile

I am a fan of LinkedIn - click here to see my full profile

Uncontrolled Communication, and the need to "Chronicle"

I have landed in the position of CEO of a great company called Chronicle Solutions, and over the last few months have grown to believe that we are at the centre of an important shift.

First off, here is the core company pitch, it will help the reader understand where I am coming from !



Chronicle's netReplay product is the world’s first Enterprise-class Network Content Appliance, that in real-time monitors, captures and text indexes all user communications including email, web mail, IM, blogs and VoIP.

netReplay offers a unified approach where all types of digital communication are monitored and stored in a single system. netReplay
handles previously un- manageable volumes of data and allows user communication to be replayed as the user saw it, and allows suspect content to be visually tracked, and traced.


Customers are in medium and large highly regulated industries and government where netReplay helps mitigate risks and aids compliance with regulations on the recording of communication, and eDiscovery.

See www.chroniclesolutions.com


So that's what we do, why is this important?

We are seeing a storm of unrestricted, unmonitored, unrecorded digital communication expanding in every dimension. This is fantastic in many respects; ideas, feelings, knowledge shared across the world bringing people together for social, recreational and business purposes. In our personal lives, fantastic. In business too, great; the friction to doing business is reduced (a whole separate subject, more another time!).

However, for larger organisations this is becoming an issue and will be growing into a huge issue. Let's wind back twenty years. My office then had ranks of filing cabinets, with secretaries and filing clerks tending them, and if you wanted to know what was happening with a client, you pulled the file; it was all there. CC meant carbon copy - remember that?!? All inbound correspondence was logged in a register when the post was opened.

Wind forward again, and finding out what is going on with that client is pretty tricky. Yes, we have our CRM systems which try and address part of the problem, though normally those are more transactional. But is email integrated? What about IM? What about blogs?!?

This is important in the normal run of business, and becoming crucial when something goes wrong, such as finding some valuable design documents or customer information have leaked out, or finding that one of your staff has gone off the rails; what have they downloaded, what were they doing, what did they say to whom? There are good business reasons for capturing all communication, but also increasingly the regulators are demanding it. Technically it has been near impossible to do this; we now have a good solution in the form of netReplay and believe it to be the first enterprise class product in the industry.

Many organisations’ views are shifting. The needs to record all communication is clear and present. However, I am not sure we have thought through all the management issues here. People deserve and have a right to some privacy. This is countered by the organisation's responsibility to protect its staff from harmful material, and protect the assets of the business in the widest sense.

The leaders have policies around the use of systems, but firstly the issues are not well understood by staff at large, and secondly there is a clear need for Best Practice guidance here.
Balancing all of this – business needs, threats, litigation, regulations, privacy, policy – will be tricky, but it will need to be done.

Communication channels will continue to grow and become more complicated, and organizations will continue to be driven to the need to capture all of their digital communications…

Enough for now!

Nick Kingsbury