All posts by Paul Schantz

CSUN Director of Web & Technology Services, Student Affairs. husband, father, gamer, part time aviator, fitness enthusiast, Apple fan, and iguana wrangler.

…and now, for a little security

I resisted getting a password manager for the longest time. The promise of easily creating and actually using strong passwords for all the online services I use sounded great. It also sounded like a lot of work, because like many people, I have a ton of accounts scattered to the four winds of the Internets. Even though I knew the actual time invested in doing this is minimal and nearly all “up front,” I used that as a lame excuse to not do it. After reading Mat Honan’s “epic hacking” horror story and other security articles, I decided it was finally time to buckle down and get a handle on securing my digital world. After reading a number of reviews and talking to a few friends who use it, I purchased a copy of 1Password. The feedback for this product is overwhelmingly positive, and after using it for a few hours, I have to agree.

Purchase, initial setup of the application, the three supported browser extensions, and iOS installation to my iPhone and iPad took me close to an hour. Why so long? I take the time to thoroughly read documentation before diving into anything new. I don’t want to miss any steps on a tool that changes something I do repeatedly throughout the day, every day. I don’t mind learning something new if it’ll save time and make me more secure over the long run.

My main concern was securing the big stuff called out in Mat’s article, i.e. Facebook and Twitter. Setting up my first account (Facebook) took about 5 minutes, because I wanted to make darn sure I wasn’t missing any steps. After some careful copying and pasting (I chose “very secure” passwords of ridiculous lengths), I logged out. I held my breath slightly as I attempted to log back into my Facebook account by simply clicking the browser extension button and…it just worked. Frankly, it was a little anticlimactic. However, after setting up a few other accounts, this whole process started to feel a lot sweeter, especially with services where I have more than one account. Definitely easier than letting the browser manage them for you. You know that service you use every day that has that login form that’s pre-populated with one of several often-used usernames? The one where you only have to click the “submit” button to log into one of three possible accounts? Yeah, that random process is now replaced with a far more reliable and secure login.

Another cool feature 1password has is synchronization via dropbox. Since I already have a dropbox account, this only took about ten minutes to set up on my iPhone and iPad. Adding a password in one place made it available to all my devices. Very slick.

So far, I’m very pleased with 1password. Was it cheap? No. At $49.99 in the Mac app store, plus $14.99 for the universal iOS app (iPhone / iPod / iPad), it’s probably the most expensive solution of its type. However, it IS very easy to use and encourages creation of very strong passwords. In my opinion, $65 is super-cheap insurance, especially compared with having your entire digital life erased or stolen. If someone were to demand my Facebook or Twitter password at gunpoint (a ridiculously extreme example to be sure), I honestly couldn’t them what they are.

My biggest question now is “why on earth did I wait so long to do this?” I’ll update this post after I’ve spent a little more time with the product.

UPDATE 8/20/2012: One downside discovered today is that my wife could not purchase schoolbooks for one of her Masters classes using my Amazon account (the family shares my account). The phone call was a little funny: “why can’t you tell me the new password?” Me: “Because it’s a ridiculously long random string I can’t even remember!” Not really a downside, but an inconvenience. It’ll also be a pain in the butt to enter this new password on my TV for Amazon Video…

Good SEO practices are looking more like good business practices

I recently had an e-mail exchange with a long-term client who wants to drive more traffic to his web site with SEO, a perfectly reasonable desire for someone who wants to increase business in hard times.  Unfortunately, web site owners are often told by “SEO experts” that by following a specific recipe, they’ll have more new business than they can handle. Real SEO experts don’t make such claims.

 

My client’s marketing consultant provided me with copy and keywords to post, which I dutifully did.  Less than 24 hours later, I received an e-mail from my client asking why his pages were not doing better in Google and Bing.  Now, I’m not an SEO expert, and I’ve never held out as being one, but I think it’s fair to say that adding a new press release with some targeted keywords will not result in a #1 listing on a specific keyword search on a specific search engine less than one day after being released into the wild.

 

I haven’t follow the SEO scene for years, but there are a couple things I do know:

 

  1. Without research, it’s impossible to know why any particular competitor comes ahead of you on certain keyword searches.  Knowing why this occurs requires an intimate familiarity with your competitors and the online content they serve.  It takes time and effort to gain this knowledge, and it’s expensive…if only in the amount of time spent gathering it.
  2. The practice of SEO has been a sort of arms race between search engines that want to connect users to content they’re looking for, and businesses that want #1 rankings.  These objectives are often in direct opposition to each other (sometimes blatantly so).  In the old days, it was easy for SEO “practitioners” to get high search engine rankings through simple keyword stuffing, doorway pages, and other simple deterministic methods.  As search engines became increasingly sophisticated, so did the SEO methods used to game them.  The more elements and nuances that search engines took into account to determine content relevancy, the more that professional SEO began to resemble old-fashioned reputation management, positive word-of-mouth, and adherence to honest business practices.  The bottom line is that there are fewer and fewer shortcuts to driving traffic using SEO.
So what advice did I gave my client?

 

  1. Know what you’re passionate about.
  2. Know what services your business is best positioned to deliver.
  3. Know what markets you serve best.
  4. Review 1-3, and then reduce and focus your web content accordingly.
  5. Having trouble with 1-3? Be honest about assessing your strengths by asking yourself this question: what are the things I do that others in my industry would say I make look effortless?
Again, I’m no SEO expert, but I suspect that by focusing your SEO strategy on 1-5 above, you can effectively move the needle.  Basically, I advocate for a back-to-basics approach.

So what do you think…am I off-base?  Does my advice suck?  Would love to read your comments.

How to Tell if IT Hype is Good or Evil

Plenty has been written about the “Gartner Hype Cycle.”  It’s a solid concept you should already be familiar with if you’re in IT, but that’s not what I’m interested in here.  I’m fascinated by how people take advantage of IT hype and opportunistically use it for good or evil in their institution.  My definitions of “good” and “evil” are subjective:

  • Good hype = puts the hyped thing to work to solve a real-world problem
  • Evil hype = uses the hyped thing to further an agenda

At one end of this see-saw is 100% practical application, on the other is 100% pure self-interest.  How can you tell if the hype you’re listening to is good or evil?  Where the fulcrum lies depends on the motivation of the “hyper.”  In my experience, motivation is usually obvious.  As practiced by individuals, evil hype artificially inflates the perceived expertise of the speaker, and is used to influence (typically) uninformed decision-makers.  Another way to assess whether hype is good or evil is in how much it helps adoption of the hyped thing in the service of a real world problem; money may or may not be a factor, depending on the situation.

IT professionals are exposed to an enormous amount of hype.  The reality is that many technologies actually do live up to their hype.  It can provide visibility a new technology needs to grow by capturing the imagination of a broad swath of people.  It can drive forward a solution to a need that’s real, but hard to realize.  Hype can also make something seem more important than it ought to be, and needlessly waste everyone’s time and energy.  It’s important for IT professionals to maintain perspective, especially when we’re in a position to make decisions or advise those who do.

What do you think?  Do you have any examples of GOOD hype?

Dilbert Comic Strip from January 7, 2011

Getting Started

As the tagline suggests, this blog is going to be dedicated (at least initially) to my pursuit of a doctorate, along with some thoughts about my experience with technology in Student Affairs.  My first post – well, the post AFTER this one – will be about my decision to “go all the way” with a doctorate.

After 15 years of professional involvement with the web, you’d think I’d have started blogging sooner.  Should be a little fun (and cathartic) for me personally.  I hope that what I have to say may be useful to others who are considering going down this path.  I welcome your input.