Category Archives: technology

Technicity2013 Cybersecurity Panel: How Prepared Is Business?

Our afternoon panel was moderated by Pete Deacon of Blackiron Data (another conference sponsor), and featured panelists from private industry: Kevvie Fowler, forensic advisory services at KPMG; Daniel Tobok, digital forensics at TELUS; Jeff Curtis, chief privacy officer at Sunnybrook Hospital; and Greg Thompson, enterprise security services at Scotiabank.

Security breaches happen. And as Deacon reminded us, over 60% of those take months (or years) to detect, and are usually detected by someone outside the organization. What are the real cybersecurity risks, what are companies’ perceptions of the risk, and what are the challenges that we face? Fowler believes that since security is often a low-level IT issue, the security message isn’t making its way up the ladder to the C-suite unless a high-profile breach occurs that requires some sort of executive damage control. Curtis agreed, adding that hospitals are used to dealing with clinical risks right up through the executive levels but that IT security risks are a new topic for their executive risk management participants. Both noted that it’s important to have the right people to carry that message: it has to be technically correct, but integrated with the business context and goals. Thompson added that the message doesn’t need to be dumbed down for the C-suite: their board is very used to assessing complex financial risk, and is capable of assessing other types of complex risk, although may need to become versed in some of the cybersecurity language and technology.

The next topic was BYOD (bring your own device), and Thompson pushed the conversation beyond this to BYON(etwork), where people bring their own network, even if just through a smartphone hotspot. Companies are losing control of where people do their work, both devices and network, and solutions should be designed to assume that all endpoints and networks are potentially hostile. Business and productivity have to be balanced with risk in these cases: people will do what they need to do in order to get their job done, and if you think that you’ve avoided security breaches by locking down someone’s access on their corporate device, you can be sure that they’re finding a way around that, possibly on their own device. Curtis agreed, and pointed out that they have a lot of students and interns who come in and out of the hospital environment with their own devices: the key is to enable workers to get their work done and protect the data, not to hamstring their work environment, so they have a device registration policy for BYOD that is working well. Tobok works with a lot of law firms, and notes a recent trend of new lawyers using technology capabilities (including openness to BYOD) as a competitive criterion when selecting a firm to work for.

Moving on to security analytics, Fowler said that there are few organizations actually getting value from predictive security analytics, versus more straightforward data mining: it’s important to query the vendors providing predictive analytics on the models that they’re actually using and the success rates. Thompson agreed that predictive analytics is a bit of black magic right now, but sees a lot of value in historical data analysis as a guide to improving the security environment. In my opinion, in the next two years, predictive analytical models are going to start to become mainstream and useful, moving out of a more purely research phase; we’re seeing this in predictive process analytics as well, which I still talk about in the context of “emerging technologies”. This is all tied up with reporting and compliance, of course: business intelligence and analytics have played, and will continue to play, a key role in detecting breaches and auditing cybersecurity. Both Curtis and Thompson spoke about the regulatory pressures in their respective industries and the growth of analytics and other GRC-related tools; healthcare is obviously a highly-regulated industry, and Scotiabank does business in 55 countries and has to deal with the regulations in all of them. Auditors and regulatory bodies are also having to step up their knowledge about cybersecurity.

There was a question from the audience on investigations of security breaches in cloud environments: Tobok is involved in cybersecurity forensic investigations including cloud, and discussed the changes that have happened in the industry in the four years that he’s been involved in cloud security forensics in order to provide better traceability and auditing. Fowler added that forensic science is adapting for these type of investigations, and half of the work is just figuring out what systems that the data has been resident on since the typical cloud contract only allows a client to access their data, not the actual servers on which is resides. These can include a number of other factors, such as hackers that use compromised credit cards to lease space in a data centre in order to hack into another organization’s data in that same centre; obviously, these complexities don’t exist in breaches to a company’s own data centre.

There was a final panel with five of the vendors who are sponsoring the conference, but my brain was pretty full of security information by then (and I thought that this might be a bit more about their products than I care about) so I decided to duck out before the end.

Another great Technicity conference, and I look forward to next year.

Technicity2013 Cybersecurity Keynote: Microsoft’s Angela McKay

This morning at Technicity 2013, we mostly heard from academics and public sector; this afternoon, it’s almost all private sector presentations and panels, starting with a keynote from Angela McKay, director of cybersecurity and strategy at Microsoft, on managing cyber risks through different approaches to addressing uncertainty. Risk, and therefore answering the question “am I secure enough?”, are quite individual choices: different people and different companies (and cultures) have different risk thresholds, and therefore may have different cybersecurity strategies.

By 2020, we will have 4B internet users, 50B connected devices, and data volumes 50x those of 2010. As users evolved, so have cyber threats: from early web defacement hacks, to worms, to the present day botnets and targeted attacks. There is a spectrum of cybersecurity threats: crime, disruptions (e.g., DDoS attacks), espionage, conflict, war; there is a lot of technological development going on around these, but there are also cultural and policy issues, namely the expectations of consumers, companies and governments. McKay discussed the EU network and information security directive and the US executive order and presidential policy directive on cybersecurity, and the levels of new regulation that are coming.

Reducing the impact of cyber threats involves risk management, information exchange, and effective partnership (both public-private and between private organizations). You can’t do risk management without information, and this means that cybersecurity is a CIO-level issue, not just some technical plumbing. Information sharing, however, can’t be indiscriminate; it has to be focused on specific outcomes. [As an aside, I'm not sure that I agree with this in some situations: open data initiatives work because the "owners" of the data can't conceive of what anyone would do with their data, yet emergent uses happen with interesting results.] Private-public partnerships bring together the policies and goals related to public safety of the public sector, and the technical know-how of the private sector.

She spoke about the shared responsibilities for managing cyber risks: awareness and education, partnering effectively, driving and incentivizing cyber security, adopting best practices, building advancing capabilities, and developing a secure workforce. Furthermore, academia has to step up and start teaching security concepts and remedies at the college and university level, since most developers don’t have much of an idea about cyber risks unless they specialized in security post-graduation.

Microsoft is the premier sponsor of Technicity 2013, although to be fair, McKay’s talk covered very little about their products and services except for some generic discussion about automated cyberdefense at a machine level. Her slides used that ubiquitous font that we see on the Microsoft Windows 8 website, however, so probably some subliminal messaging going on. :-)

Technicity2013 Cybersecurity Panel: Is Canada Ready?

Andy Papadopulous of Navantis moderated a panel on the Canadian context of cybersecurity, with panelists Rob Meikle, CIO of City of Toronto; Ritesh Kotak, Operation Reboot (cybercrime initiative) at Toronto Police Service; Wesley Wark, professor at University of Ottawa’s graduate school of public and international affairs, and a specialist in national security policy; and Stephen McCammon, legal counsel at the Ontario Information and Privacy Commissioner.

They each spoke about their specific take on privacy and security in Canada:

Meikle: The interconnection and importance of data and technology, and how these are no longer just on computers inside our offices any more: in addition to cloud computing, we consume information on mobile devices, but also collect and process information from remote devices such as transit vehicles. He addressed the Toronto open data initiative, and how it is critical to look at data from a public citizen perspective rather than an organizational perspective: similar views would not go amiss in private sector organizations and their data.

Kotak: How TPS is having to redefine crime in the era of cybercrime, and how the police force is having to adapt in order to track down online crimes in the same way that they do with “real world” crimes in order to protect public safety. His experience in researching how police services are addressing cybercrime is that many of them equated it only with child exploitation (driven, likely, by the federal government tendency to do the same in order to justify their over-reaching anti-privacy legislation that we heard about from Michael Geist earlier), but there are obviously many other forms of cybercrime, from financial to hacking pacemakers. They identified a number of areas that they needed to address with respect to cybercrime: overt communication (e.g., social media), investigations, covert operations, and policies and procedures.

Wark: Cyberaggression and its impact on us, with five possible outlets: cyberwar, cyberterrorism, cyber covert operations, cyberespionage and cybercrime. He feels that the first two do not actually exist, that covert operations is an emerging area, while espionage and crime are well-established cyber activities. He maintains that the government’s focus on terrorism in general is a bit ridiculous, considering the lack of any evidence that this is occurring or even imminent (a recent US study showed that Americans are more likely to be killed by their own furniture than by terrorism); and that the government has a difficult time establishing their role and responsibilities in cybersecurity beyond throwing out some simplistic barriers around classified government data. We need to do more with private-public partnerships and education — starting with some simple sharing of best practices — in order to appropriately address all forms of cyberaggression. We need to decide what we really mean by privacy, then define the legal framework for protecting that.

McCammon: How to achieve the balance between privacy and openness. Usability is critical: it’s not just enough to have good authentication, encryption and other services to protect people’s privacy; those tools need to be easy enough for everyone to use (or completely and transparently embedded in other platforms), although Wark challenged that that was unlikely to happen. More information is being gathered, and will continue to be gathered, and analytics allow that to be integrated in new ways; there is no putting the toothpaste back in that particular tube, so we need to learn to deal with it in ways that protect us without requiring us to pull the plug and move to the woods. Trust is essential for privacy (although I would add that enforcement of that trust is pretty critical, too).

Good discussion.

Technicity2013 – Focus On Cybersecurity Michael Geist Keynote @mgeist

I can’t believe that it’s been a year since the last Technicity conference: a free conference hosted by IT World Canada, and sponsored this year by McAfee and Microsoft. Last year, the focus was on crowdfunding including some lessons from crowdfunding in the UK and a panel on legalizing equity crowdfunding; this year, it’s about cybersecurity. There’s a strong presence from the city of Toronto here, including an opening address from Councillor Gary Crawford, and the participation of the city’s CIO Rob Meikle on a panel; plus provincial government participation with Blair Poetschke, director of the international trade branch for the Ontario Ministry of Economic Development, and Stephen McCammon, legal counsel at the Office of the Ontario Information and Privacy Commissioner.

Ontario is a hotbed for technology development in Canada, with a large software development community in and around Toronto. Toronto has also been a relatively early provider of open government data and publish a catalogue of online data, which in turn fosters innovation. The G8 countries have now signed on to a full open data initiative, and this is a good thing: we, as taxpayers, pay to have this information collected, and as long as it doesn’t violate anyone’s privacy, it should be freely available to us. Although this conference isn’t about open data, an environment of freely-available government data is a good place to start talking about security and privacy.

It wouldn’t be a Canadian event about cybersecurity without a keynote by Michael Geist, and he delivered on the topic of “The Internet: Friend or Foe?” (a question that many of us ask daily). Although he started with the answer “friend”, he also immediately addressed the privacy and security concerns that arise from the recent news that the NSA has hacked pretty much everyone on the planet, and the ramifications of Edward Snowden’s revelations: it’s not just metadata (as if that weren’t bad enough), and there are a lot of governments and companies complicit in this, including ours. You can read more about this from a Canadian security perspective on Geist’s excellent blog; as a law professor and the Canada Research Chair on internet and e-commerce law, he has a pretty good perspective on this. Geist and others think that what has come out from Snowden’s information is just the tip of the iceberg, and that we have many more horror stories to come.

A big challenge in this environment is with cloud computing, specifically any cloud storage that is resident in the US or owned by a US company: many companies are now calling for local (and locally-owned, therefore out of the grasp of the US Patriot Act) storage from their cloud providers. It’s a small consolation that I’ve been asking about locally-hosted — or at least, non-US hosted — BPM cloud providers for a number of years now; finally, the general business public has woken up to the potential surveillance dangers.

Encryption is becoming a much more visible issue, whereas previously it was a purely technical concern: cloud providers (Google, Microsoft and Twitter, to name three) are ramping up encryption of their traffic in what is rapidly becoming a technology arms race against our own governments. Similarly, businesses and individuals are demanding greater transparency from cloud providers with respect to the disclosures that they are making to government intelligence agencies. Many international bodies are calling for control of internet domains and standards to be wrested away from US-based organizations, since these have been shown to include a variety of government intelligence and corporate sock puppets.

In Canada, our conservative government is busy sucking up to the US government, so we have seen a number of privacy-busting attempts at an online surveillance bill by positioning “lawful access” (i.e., the government can access all of your information without explicit permission) as “protecting our children” by tossing in a bit about cyberbullying. Geist discussed some of the dangers of this bill (Bill C-13, just introduced last week) in a post yesterday, specifically that companies have immunity against prosecution for violating our privacy and information security if they hand that information over to the government under the definitions of this bill. 

He finished up with a look at Canada’s anti-spam law that is coming into effect shortly; this includes making communication from businesses opt-in rather than opt-out, and also requiring consent before installing computer programs in the course of a commercial activity.

It was great to see Geist in person, he’s a great speaker, full of passion and knowledge about his subject. As always, he inspires me to help make Canada a better place for our online activities.

New Toys

For those of you who see me at conferences occasionally, you may see a new (and even smaller) setup in front of me next time: my Google Nexus 7 tablet (which I carry with me anyway as an ebook reader and general media device) and a new Logitech Tablet Keyboard for Android, plus the WordPress Android app for offline (or online) composition. Although the combined weight of the keyboard, case and tablet is probably about the same as the netbook, I am currently carrying both the netbook and the tablet when I travel, so this will lighten things up slightly. Also, it’s less bulky, and the keyboard can be tucked into my suitcase with the tablet in my handbag, meaning less weight over my arm rather than rolling along behind. One question is whether I will have to pull out the keyboard for separate security scanning at airports, where I currently have to take out my netbook but not my tablet.

The keyboard is really good: the keys have plenty of space — at least as big as my netbook, I think — and good feel and travel, so I can touch-type without a problem. The keyboard case, which protects it during travel, props up and doubles as a tablet stand. There are a few things I haven’t figured out how to do yet, such as moving forward/back by a word at a time rather than a character (shift+left/right arrow on a regular Windows keyboard), but everything else is in just the right place. Obviously, I can also just touch the screen to reposition the cursor.

The remaining challenge is what to do when I have to give a presentation, since I usually present from my own device to include any last-minute edits. Kingsoft Office (a free Android app for viewing and editing Office documents) seems to work fine for my travel writing needs including lightweight PowerPoint editing, with the added bonus that it integrates seamlessly with documents on Dropbox, where I keep my travelling files, but there’s no way to hook this baby up to a projector, as far as I know.

Legalizing Equity Crowdfunding In Ontario: A Panel

Following Darren Westlake’s keynote on equity crowdfunding in the UK, Cindy Gordon of Helix Commerce moderated a panel on whether equity crowdfunding should be legal in Ontario, with panelists Peter Aceto (CEO of ING Direct Canada), Brian Koscak (Chairman of the Exempt Market Dealers Association of Canada and a partner at Cassels Brock & Blackwell), Richard Reiner (partner at CC Stratus Capital), Adam Spence (Founder of Social Venture Exchange) and Darren Westlake (CEO of CrowdCube).

Blogging panels is always difficult, and I won’t try to attribute comments to specific people, but here are some of the points covered [my comments in brackets]:

  • Crowdfunding isn’t just for startups; it can also provide significant benefits to small businesses looking to expand or take on new initiatives.
  • Crowdfunding works well as seed funding to get a startup to the stage where it can be considered for larger funding sources such as venture capital.
  • The share structure will need to be considered fair to the early crowdfunding investors and to the later venture investors, in terms of control, returns and liquidity. [This is a major issue.]
  • Social and environmental companies have difficulties with access to capital, and may benefit greatly from crowdfunding. [Many small investors will follow their conscience in crowdfunding investments, as has been seen with Kiva microfinancing.]
  • Canadians are early adopters of financial technology (ATMs, web banking, internet-only banks) and are likely to accept equity crowdfunding quickly.
  • Social media, including some aspects of crowdfunding, encourage/reward transparency. [If you’re going to be successful in raising funds through crowdfunding, be prepared to willingly expose the inner workings of your company.]
  • Crowdfunding would make it feel normal to invest in startups, and tax incentives for small business crowdfunding would support this significantly.

There are some crowdfunding approaches already being tried out in Canada, including debt/bond/co-op structures such as with ZooShare, which provides co-operative investment into a plant that turns Toronto Zoo poo into biogas. ZooShare’s scheme requires that you join the co-op as a member, then can buy community bonds that pay interest over seven years. Obviously, allowing for equity crowdfunding will greatly expand the opportunities for investment, since not everyone want to join a co-op to buy bonds in order to invest in interesting opportunities.

We’re going to be doing a table exercise on benefits and concerns of crowdfunding, then the conference wrapup, so this will probably be the last post from this Technicity conference on crowdfunding. I’m not really an entrepreneur any more – I’ve done two startups in the past, but currently just operate as an independent – but I have a lot of friends with Canadian startups that could benefit from crowdfunding, and I’m fascinated by any intersection of social and business.

Lessons From Crowdfunding In The UK With @Crowdcube

Toronto is a hotbed of tech startups – ranked 4th best in the world (not sure what “best” really means in this context) – and innovative startups need innovative investment methods. Today’s half-day Technicity conference, sponsored by IT World Canada, is focused on the topic of innovating investment with crowdfunding, specifically looking at legalizing equity crowdfunding in Canada. The room is full of small business owners and entrepreneurs, crowdfunding platform companies, politicians and lawyers. And me. The day was moderated by Cindy Gordon of Helix Commerce International, who also chairs Invest CrowdFund Canada, an industry body helping to support the regulatory changes required to legalize investment crowdfunding.

We started with a brief address by the Ontario minister of economic development and innovation, the Honourable Brad Duguid, who sees equity crowdfunding as an essential measure to remain competitive. In an interesting coincidence (or maybe not), the Globe & Mail published an article this morning on how Ontario is looking to loosen crowdfunding rules, especially around allowing for companies to offer equity in exchange for crowdfunding, as opposed to treating those funds as donations as they must do currently. We also heard from Fawn Annan, president of IT World Canada, on some of the other international efforts on crowdfunding: earlier this year, the US opened up equity crowdfunding via the JOBS Act; Italy (through the Decreto Crescita) and Australia (through the Australian Small Scale Offerings Board) have recently put similar rules in place. In Canada, securities are regulated at the provincial level, not federal, meaning that each province needs to change the rules independently.

We had a keynote from Darren Westlake, CEO of Crowdcube, a UK equity crowdfunding platform. He discussed some examples of crowdfunding, including Kiva (debt-based micro-financing) and Kickstarter (donation-based crowdfunding, usually with some sort of perq offered in exchange if the project is successful). As he pointed out, the UK isn’t short on innovation: it’s short on commercialization due to restrictive securities regulations and lack of innovative funding methodologies. He developed Crowdcube to bring together investors and small businesses looking to raise funds, and they have raised over £4.2M ($C6.7M) in 31 deals, with over 24,000 registered investors since their launch in early 2011. The average investment is £1,800, with the largest single investment of £100,000 and the biggest overall deal at £1M.

Crowdcube vets the businesses that apply (rejecting about 75%), requiring them to have a business plan including financial projections, a video explaining their business and other information that will make them attractive and credible to investors. They do identity, money laundering and other checks, but don’t provide any guarantee that the company is going to do what they say they are: this limits their liability as a crowdfunding platform. They have an all-or- nothing funding model, where all funds are returned to the investors if the target is not met, and Crowdcube takes 5% of successful deals. They’re definitely not restricted to tech startups: their first deal was Bubble & Balm, a fair trade bodycare products company, and escape the city, a network . They’ve even raised money for themselves, raising £300,000 to expand their business.

Westlake went through the advantages of crowdfunding to both entrepreneurs and investors. For entrepreneurs:

  • New way to raise finance
  • Wider investor reach
  • Easier to promote
  • Cost-effective
  • Marketing effect
  • Crowd feedback

And for the investors:

  • Financial return
  • “Armchair dragon” for the fun of investing
  • Support friends and family
  • Participation
  • Lower/spread risk versus angel investing
  • Simple to invest

He discussed crowdfunding efforts in other EU countries, including the Netherlands, Belgium, France and Germany; the EU has a number of regulatory challenges to equity crowdfunding including the Prespectus Rule (European Directive), financial promotions (laws regarding what can be said to prospective investors), and public company limitations. He finished with his vision of the ideal environment for crowdfunding success:

  • Anyone can invest with relatively low barriers (mixture of high net worth and crowd)
  • Low investment level
  • Allow wide promotion via online or offline
  • Low/no imposed minimum document standards
  • Convenient, secure payment method
  • Authorization required for crowdfunding platforms

Definitely some guidelines for Ontario, and the rest of Canada, to take to heart as we open up our equity investment landscape.

Giving Technology Back to the Community

I’m a strong believer that technology can be a way up for those in financially disadvantaged circumstances: without some computer skills, kids can’t compete in school, and don’t meet the minimum requirements for many jobs. One way that I can help – and probably many of you reading this – is to donate to programs that provide access to computers and training to people who can’t afford to buy them. There are a number of ways to do this: you can give money, you can give used computer equipment, you can give your time, and you can promote the programs to others who might do the same.

This week, I replaced my mother’s old computer, and was left with a working (although underpowered, by today’s standards) computer with keyboard and mouse. I immediately thought of Little Geeks, a program that refurbishes old computers, provides them for free to kids in need, along with 12 months of internet access and some training on how to use it. They use reBOOT Canada as their drop-off depot; reBOOT is a charitable organization that “provides computer hardware, training and technical service to other charities, non-profit organizations and individuals with limited access to technology”. I headed off to reBOOT yesterday to drop off the computer, and had a chat with Nicholas (I believe this was Nicholas Brinckman, the Executive Director). He mentioned that they’re trying to get funding from the Aviva Community Fund to build 50 learning centres across Canada, in partnership with community centres and schools.

If you support this idea, go to the reBOOT project page on the Aviva Community Fund site and vote for their project (registration required). You can vote once per day until this round of voting ends in 11 days, and I encourage you to drop in there daily to cast your vote if you believe that this is an important initiative. They make it easy to link to the page on Twitter and Facebook, so use your social network for good. You can also help out by dropping off your old computer equipment – and encouraging your employer to do the same when they sunset old computers, printers and other equipment – or volunteering some of your time to help with computer refurbishment.

Windows 7 launch Toronto #CDNwin7

I was invited to the Windows 7 launch in Toronto today, where Steve Ballmer is here in person. Instead of being in the live presentation, I’m hanging in the press Tweet Lounge with my torcamp peeps @davidcrow and @AccordionGuy, watching it on a big screen; this gives a lot more flexibility in terms of walking around, chatting and getting coffee during the presentation. So far, I’ve had an offer from a Microsoftie to upgrade my HP Mini to Windows 7 on the spot, and I’ve heard that it will extend the battery life by another couple of hours, which is definitely of interest to me.

Ballmer is talking about the need for efficiency in the new economy; I’m thinking that this is a veiled reference to getting past the Vista bloat, especially when he quotes users who claim that it’s simpler and more responsive without actually stating the point of comparison for simplicity and response time. These issues are key for end user efficiency, along with the improvements in handling wireless, but there are also improvements in desktop security that make it more efficient for the IT people who have to manage large installed bases of PCs. There are new versions of the Windows Server (2008 R2) and Exchange Server (2010) products, too, particularly with respect to virtualization, although I try to make everything beyond my own keyboard as virtual as possible so don’t have a lot of interest in the server products: my mail, files and backup are in the cloud, not on a server in my office. That being said, Microsoft is launching a number of cloud-based tools, including the web-based Office suite (still very early and barely functional) and SharePoint Online to complement their Exchange Online offering; although they have some significant clients here, likely the biggest impact is that they are validating the cloud model for email and collaboration, which will benefit their competitors as much or more than themselves.

Windows 7 has had about 8 million beta testers since they released it for download several months ago, and have collected a huge amount of feedback from the early adopters: some are estimating a savings of $100-200 per person per year in reduced support and maintenance costs, although YMMV.

After a brief speech, Ballmer opened it up for questions, and the first one was about upgrading existing hardware to run Windows 7; he responded that any machine that runs Vista well will run Windows 7 (although I thought that the problem was the Vista didn’t run all that well on any platform, hence the crappy adoption rates), but those running XP may require upgrades or replacement. I think that it’s fair to say that a huge part of my customer base – the rather conservative financial services and insurance industries – haven’t even touched Vista, so that could mean some significant hardware investment to support Windows 7; Microsoft can expect to see widespread Windows 7 adoption rates in these industries only when XP support is cut off. Ballmer’s betting on people being excitedly motivated to move to Windows 7, not forced through XP end of life; I think that’s a bit delusional given that he admits that they’re still supporting Windows 2000 for some customers. In the last question, he stated that Windows 7 will not be the last 32-bit OS from Microsoft because of the recent popularity of the Atom processor.

They’ve moved on to the customer videos now, so I’ll wrap this up and wander around the demo stations (and the tea table). In the spirit of full disclosure, Microsoft fed me breakfast this morning but did not otherwise compensate me to be here. I’m still hoping for a free copy of Windows 7.

Update: Scored my free copy of Windows 7 Ultimate on the way out the door. Headed home to install on the netbook.

Size does matter: travelling light with netbook and iPhone

I love technology more as it gets smaller. I haven’t been travelling much this year, but the next two months will change that. For the first time in years, however, I’ll be carrying only my suitcase (a roll-aboard that fits in the overhead bin) and my handbag: no computer bag. That’s because I am the proud owner of an HP Mini netbook, which slides right into the back compartment of my smallish purse with room to spare. The screen is a bit small, but adequate – in fact for widescreen video viewing, it’s great – and the keyboard is large enough for comfortable touch typing. Battery life is 6 hours, which rocks. Disk is 160GB, leaving space for me to load it up with e-books and video to entertain me while away from home.

It runs XP, and I’ve loaded the following software:

  • Chrome as my primary browser – much cleaner and takes up less screen real estate, so good for the smaller screen.
  • Google mail/calendar with offline synchronization, since my email accounts are all Gmail or Google Apps; this means that my mail and calendar will stay synchronized between this computer, my office computer (which uses Outlook and Google Apps Sync), my iPhone and the web.
  • It has a trial version of MS-Office included, but I’ve also loaded Open Office and will see if that works for the relatively light editing needs that I’ll have on the road. If so, then I won’t bother to buy the license for Office when the trial expires.
  • Live Writer for blogging, since I do a lot of that while at conferences.
  • Dropbox for synchronizing working files to the web for backup, and back to my home machine (use this link to sign up for Dropbox if you’re interested, and we’ll both get an extra 250MB storage).
  • Tweetdeck for Twittering.
  • Flickr Uploader for uploading photos.
  • iTunes, since it’s required in order to use my iPhone for USB cable-based internet tethering.

I’ve been using the netbook instead of my usual computer off and on for the past two weeks, and I’m quite convinced that I’ll be fine for days at a time with this on the road. I’m missing my financial software and a whole raft of utilities, but nothing that I can’t do without for a while.

I also finally broke down and bought an iPhone 3GS, so if you saw me earlier in the year with my iPod Touch and a Nokia flip phone, those two gadgets have now been replaced by one: more room in my purse. There will probably be some short trips where I can make do with just the iPhone, and leave the netbook at home, since it has everything on there, including Dropbox to access documents. It’s not a great blogging platform, however; as a former Blackberry addict, I can authoritatively state that the iPhone keyboard sucks for any large amount of typing.

With my new technology in tow, I leave on Friday for Germany to attend BPM2009 in Ulm next week – watch for the live blogging from there – then spend another week having a bit of a vacation in locations yet to be determined, but likely a couple of days in Zurich and a trip through western Germany back up to Dusseldorf for my flight home. [For those of you who think giving this sort of information provides an opportunity for someone to break into my home and steal all my worldly belongings, rest assured that I leave behind my black belt hubby – and I don’t mean a Six Sigma black belt – and a pretty mean cat.]