Thursday, November 22, 2007
Content Security: Are you insecure?
I just wasted valuable time reading a report entitled: Content Security: At the Fulcrum of Innovation and Risk which is published by AIIM...
This study of 600 end users (performed in September 2007) found that a majority of organizations have either begun or are in the throes of establishing a content security strategy, but that vision suffers from lack of awareness and outdated perspectives.
One of the perspectives and lack of vision many enterprises have is in reading such useless information gathered via surveys. For example, Figure 38 asks what is your budget to implement Content Security which is a bulhits question in that if you happen to be a user of open source and aren't required to spend lots of money, it doesn't mean that security isn't important to you.
Consider all of the questions that they didn't ask. For example, imagine if they asked customers would they like to see Alfresco, Stellent, Documentum and Nuxeo implement the XACML specification, I bet the respondents would be a resounding majority. What if they had enough courage to also ask those who have taken the survey whether ECM systems should have their own user stores? I bet you get the point.
Lots of facts doesn't mean lots of insights. It is clear that AIIM is owned and controlled by the software vendors who have no vested interest in solving for anything related to solving customer issues. No mention of what areas need standards or even security standards such as OpenID, SAML, WS-Federation, CardSpace, etc that could be leveraged in the ECM domain.
I wonder when AIIM will figure out that pretty much every other technology domain has pattern catalogs including BPM, SOA, CRM,etc and that someone needs to document Enterprise Content Management patterns. I bet this is too challenging for many in the ECM community since the vast majority don't come from a software development background....
| | View blog reactionsThis study of 600 end users (performed in September 2007) found that a majority of organizations have either begun or are in the throes of establishing a content security strategy, but that vision suffers from lack of awareness and outdated perspectives.
One of the perspectives and lack of vision many enterprises have is in reading such useless information gathered via surveys. For example, Figure 38 asks what is your budget to implement Content Security which is a bulhits question in that if you happen to be a user of open source and aren't required to spend lots of money, it doesn't mean that security isn't important to you.
Consider all of the questions that they didn't ask. For example, imagine if they asked customers would they like to see Alfresco, Stellent, Documentum and Nuxeo implement the XACML specification, I bet the respondents would be a resounding majority. What if they had enough courage to also ask those who have taken the survey whether ECM systems should have their own user stores? I bet you get the point.
Lots of facts doesn't mean lots of insights. It is clear that AIIM is owned and controlled by the software vendors who have no vested interest in solving for anything related to solving customer issues. No mention of what areas need standards or even security standards such as OpenID, SAML, WS-Federation, CardSpace, etc that could be leveraged in the ECM domain.
I wonder when AIIM will figure out that pretty much every other technology domain has pattern catalogs including BPM, SOA, CRM,etc and that someone needs to document Enterprise Content Management patterns. I bet this is too challenging for many in the ECM community since the vast majority don't come from a software development background....
