Month of February, 2009

Gmail went down Tuesday...again.

Please don’t get me wrong, I do agree with cloud computing and we should move services into the cloud. However, services in the cloud, like Salesforce and Gmail, always have the chance of going offline. Users and developers are starting to realize this and solutions such as GeeMail are appearing to minimize the impact if Gmail goes offline.

We recognize that placing services in the cloud is insufficient to guarantee the accessibility of your information. It is important to provide the service to the user regardless of the status of the server in the cloud.

Therefore Content Circles enables users to work both online and offline. If the server in the cloud (which maintains user directory, stores content status, and handles email notifications) goes offline, users can continue to use Content Circles to share content with other members. Users can invite existing members to new circles, can add new documents or versions and synchronize with other members as long as the users are online.

When it is the user who is offline such as on an airplane, any changes they make will queue up in their local machine. Once the user goes online again, the changes will automatically be delivered to other members and the activities and emails pushed to the cloud. The Content Circles design eliminates the barriers for members to collaborate once they have established a trust relationship.

Without storing your content on the server in the cloud plus the ability to work offline and later synchronize changes back to other members once online, we believe Content Circles properly addresses the needs of content management for distributed teams. Members can continuously collaborate on their project, minimize wait time between versions, and have more time to focus on their actual business.

For the past decade, I’ve been working on content management systems (CMS), credit card payment systems (PCI), human resources systems, and customer relationship management systems (CRM). Most of them require a centralized server (either in the cloud or on an enterprise server), a thick client in some cases, and a series of technical requirements to make things secure. All these systems are trying to achieve a common goal – sharing information securely to allow collaboration.

In the CMS world (like EMC Documentum, Alfresco, and Xerox DocuShare) use SSL encryption to secure the transmission of the content. There are options in these systems to encrypt the content, but the content is still stored on the system. Eventually someone, such as a site administrator or content administrator, has access to the content and can potentially view the content. For instance, with a human resources management system, it is always a challenge for a manager to store employee information because the site administrator (usually not the manager) would have access to all the information.

In the credit card payment world, PCI compliance is strictly enforced - no customer credit card information can be stored. Every transaction in the payment system masks the credit card number, leaving only the last 4 digits, and ensures no one can get access to the credit card number. This is definitely a good solution for credit cards, but unfortunately it doesn’t work well if you want to share a secure word file with your insurance agent. It will not be human readable if we mask your presentation (well, unless your agent is a machine).

The common practice some users utilize nowadays is to zip up the content and encrypt the zip with a password. This makes transmission and storage secure, but the user still needs to send out the password (usually via email or IM), which is frankly the least secure of all. Or the user uploads the zip and encrypt content into the centralize system, such as Microsoft SharePoint. This approach involves multiple steps, and a user usually gives up using such a system to share information, switching back in few months with their favorite and most comfortable approach: email with attachments.

After more thought, we believe the most secure way is never store your content anywhere outside of your control. You only give specific people permission to your content and as long as you have secure transmission, the result is full control of your information - always.

A couple of colleagues and I have developed the best solution - Content Circles. We never store your content in the cloud and you have full control over who can access your content all the time. Your machine is source for sharing the files with other members of the circle. Sending large files or attachments is not an issue, because unlike email, the content is never stored on any server including the mail server. Content Circles also has connectors which help you to download, update, or publish existing content easily.

Agree or disagree? Please don’t hesitate to write a comment.