RealTime IT News

What's The Value of Your Data?

SAN JOSE, Calif. -- Reporter's Notebook: Attending the annual RSA Security Conference is like staying afloat in an ocean. You keep moving or drown in the information at the massive conference.

Then there are the big ocean liners that steam through carrying big-theme-cargo, like two-factor authentication, which clearly is a technology ready to break into wider use.

Another big steamer cutting through the waters: the trend among enterprises to adopt systemic approaches to security instead of bolted-on, best-of-breed systems that weren't designed to meet the systemic challenges of today's security threats.

Then there are panel discussions that bob along unnoticed, and others that stick out like a beacon.

Not to overwork the metaphor, but Dan Geer, chief scientist at Verdasys, a data security firm, shined some light on the value of data.

His talk was designed to get folks thinking about the increasing share of corporate wealth that data now holds.

Start with his basic premise. Data has value. And that it is a growing fraction of corporate wealth.

"If it is a growing faction of corporate wealth that means its value is growing faster than the net value of the corporations that hold it," he said.

And its volume is growing as well. Using the analogy of Moore's Law doubling chip power every 18 months, storage accessibility is doubling about every 12 months and bandwidth is doubling within every nine months.

"The magnitude of the value is a unit value and a volume value," he said. And of course, it's more mobile by the second, with every iPod, digital camera and smartphone device that flies off the shelves.

"A point I want to make is this: If data has value, then you want to extract that value, and not just being FTP-ed somewhere, but running, with people running lookups through it, or being indexed. Whatever it is, it's going to be used. If it's just going to sit there, write-once, read-never is no use."

The winners in all that data wealth, he continued, are the ones that make the most use of data -- but not too much. The losers? They're the ones making no use out of it at all, "or they let it escape their control and now it's out there."

It's about using data but not, well, drowning in using that data.

Look at it this way, he continued, "If there's no railing on my hotel, I won't use the whole balcony (or I'll only use the whole balcony at once I suppose)."

So maybe that spiffy smartphone device is what will drive more discussions about how to think about data and its value these days.

Some like to put it this way, Geer added: If it were not for data security, computing would be free (that's free as in free beer in this case, rather than the free speech variety).

National ID System? Discuss.

Bruce Schneier, CTO of security firm Counterpane, kept things lively during an attempted debate about whether a national identification system is feasible in the United States.

A gross infringement of privacy or a necessity in the new age of terrorist threats? He discussed.

First, when comparing European data laws with the U.S., remember that over there, he said, people tend to trust the government more and corporations less. In the U.S., "the reverse is true, which is why Europeans tend to allow more government intrusion" about national identification systems.

But remember, too, that Europe also has more stringent laws about how that data is used. Not so in the U.S., and it's the third-party, back-end use of that data, and the U.S. government's hands-off approach to tightening up regulations on using that data that make the debate lively in this country.

Schneier's point: there are other ways to verify who we are besides loading up our entire identity and data on a chip for the government to oversee.

Still, we need to have the debate about this now and discuss legislation -- because this is where tech is going.

When Journos Attempt Wireless Encryption

It's a technology security conference, so naturally, the wireless network access for attendees and press required to enable either 802.11x encryption or WEP encryption protocols on their laptops. So what did a good chunk of the journos there do?

They took the easy route and used the Ethernet cables to connect the good old wired way.

When the available cables were all taken, others just resorted to unplugging the cables from the connected computers that were provided. Kind of cruel joke for those journos rushing up to the heretofore networked computers to check their Webmail, or file a story.

Ah, well, when you're on deadline, and don't want to bother with encryption for Wi-Fi, journos do what they have to do, and try not to giggle when a rival is staring at a computer screen in dismay.