I am in Disney World.  My 4 year old daughter crashed in the hotel room after a non-stop day of fun.  It’s a happy place. I’m happy.   I quickly check my email and what do I get?  Blog spam.  Lots of it.  Ok, good, I’m happy I’ve got a bunch of readers now.  For those of you who leave comments email me directly, thank you.  I enjoy the feedback, positive and otherwise, as long as it is thought out.  

But 50 blog spams?  Ouch, I didn’t sign up to be an administrator and a human spam filter.  (please oh experienced bloggers out there, tell me what you do to avoid this.)

The blog spam gave me an idea.   It is a cool one.  I have often received spam at my private email address even though it is one I never have given anyone.  This private email I use to register for sites that I never intend on using again.  (newspapers, register for white papers, etc). The strange thing is that the spam I get in this email account has nothing to do with sites I registered for.  Someone is selling my information.  Are they breaking the terms of service for their site?  I don’t know.

 A discovery process. Here is what I am going to do:

Step 1:  Setup

-create a fictitious company
-register a new domain. 
-not use my real name & make whois information private
-add phony names, titles & emails to the site.  VP of sales, Director of Marketing, etc
-add some basic content to the site and make sure the search engines can find it. 

Step 2:  Seeding

-Register for as many sites as I can.  For each site, I will use a unique email and name that is not printed or listed anywhere for the fictitious company domain.  In addition, I am going to save the privacy terms of each site in a database.
-Save every email for each unique email address.  Each email should only be getting email from one source.
-Let the experiment run for a period, it might be 6 months to a year.
-I will make sure to include all the major email services (Google, Yahoo, Hotmail, etc) and I will always select “NO” to share my information with partner companies (when that option is available)

Step 3: Publish

-all sites registered for
-dates & sources which each unique email received email from

Who is breaking terms of service?  What is the implication of registering on various dot com sites?   It should be an interesting experiment.   If something like this has been done already.  I would like to see the research.

hmm, on second thought, this seems like a darn good deal of work. 

Now  I think I’m looking for an intern who wants to do a research project.  Anybody have a referral?  I’ll give them full access to the Broadlook set of Internet research tools.

To many ideas, too little time.  Daughters awake, back to the magic kingdom. Time for fireworks!

Over the past few weeks, I’ve been asking every new prospect and client, how many Internet passwords they have to remember.   The question has several levels.

“How many places on the Internet do you log into on a regular basis”, I ask

Usually the answer is 4-8.

“What about associations, alumni sites,  facebook, myspace, LinkedIN…sites that you may not access every day?”

Usually the answer is “another 10 sites”

“Ok, what about sites that you have signed up for, but may only need to log into once in a blue moon.  Examples,  account management for your cell phone provider, your 401K account,   sites like classmates.com, etc”?

Usually the answer is “10 or more”

“Lastly, what about sites you signed up for and you do not expect to return to in the next year.  Althought you still may need to access the it in the future to update account, billing or contact information?”

Typically I get 20, 50, no idea, or “lost count” 

This is when the average sales rep or recruiter realizes they have anywhere from 25-100 (or more) places they have have passwords to.  (Personally, I have well over 200 and I’ve lost count).

Then it gets fun. 

“Do you use the same password?”  I ask

95% of the time I get a …….YES.

This is a security nightmare.  What happens if facebook or myspace or one of these well trafficed sites gets comprised?   Then someone has YOUR password to all the other sites you use.  

Yes, there are password managers.  I am not a fan of them.  You can’t take them everywhere and computers do crash.  Today, I present a humanistic solution to password management.

It’s a simple concept I call password schemas.  It starts with picking a core password and then modifying it based on the attibutes of the place you are using.  I am going to use my dog’s name as an example of a core password.  Her name is Captain Janeway, so the core password is CaptJane (for those of you thinking it…no, I don’t use my dog’s name).

Password schemas, used badly, can be dangerous.  You could expose all your passwords should someone figure it out.   However,  using a schema is far superior to using the same password everywhere.   The more creative you get with the schemas, the better your protection is.

Here are some schemas:  (I just made up names for these). For each schema I am going to use mail.yahoo.com as the site example 

Alpha front/end:  using the first letters of a site in front or end of your core

            yaCaptJane            CaptJaneya       ( “ya” comes from first letters in “yahoo”)

Syllable front/end:  use syllables of the site in front or end of your core

            yhCaptJane              CaptJaneyh     (”yh” from first two syllables in “yahoo”)

Keyboard replacement:  In the password below, I used the key above each of the letters “CaptJane” on the keyboard.   Example:  the “D” key is above the “C” and the “q” key is above the “a”, etc.     Downfall here is that may need the keyboard in front of you to remember your password.

           DqmbUqhc

Alpha front/end + keyboard replacement.    Combining schemas

          yaDqmbUqhc          

Vowel replacement:  replace  O with 0, replace A with @, replace E with &

         C@pJ@n&

Keyboard wrap:  if the site name starts with a “y”, start with y and use the next 7 additional characters to the right.   If you hit the last letter, wrap around to the other side of the keyboard.

       yuiopqwe    (yahoo)
       ghjklasd       (google)
       hjklasdf        (hotmail)

These are just a few ideas of password schemas.   One of my favorites is to replace vowels with full words:  example  A=Alpha, B=Bravo, C=Charley.    The key thing is to sit down with a paper and pen and create your own.   Be creative, have fun and come up with something that you will remember.  Make sure it would be hard for someone to guess your password by looking at a few examples.  The combinations are endless. 

Captain Janeway & Donato
(she thinks she is a lap dog)

I’m taking a redeye back from San Francisco after attending Salesforce.com’s  tour de Force and the rollout of force.com.   We are all familiar with the Software as a service model (SaaS).  Many of the successful ATS vendors in the recruting market have grown their businesses with the SaaS model.  Salesforce.com is now taking SaaS to a new level.   They call it Platform as a service or PaaS.  Salesforce.com has a new development environment that allows developers and companies to base applications on the same infrastructure that salesforce.com is built from.  This is significant event, here is why.

With the Force.com framework, you can build applications that look nothing like salesforce.com or you can create “mashups” that combine salesforce.com,  Gmail, Yahoo Maps, etc.  I have seen many email systems from ATS vendors, some are very very good. But none of them come remotely close to Google’s Gmail.  

Ok, what am I getting at?  Imagine this:  An army of developers writing bolt on applications.    Job posting mashups,  resume parsing mashups, search engine aggregator mashups,  objection-response mashups, etc, etc.  Basically, an entrereneur can now create a complete ATS system and not have to worry about core software, hardware and datacenters.    Most of the basics are covered by salesforce.com and Google applications.  Yes, the workflow and business logic will have to developed, but taking a job order is not that complicated.   I should mention that there is even an open source ATS system right now,  CatsOne, see it here: CATS. 

The playing field has been leveled.   APEX, the salesforce programming language is similar to JAVA.   Salesforce has over a million users.

Why was I at tour de force?  Broadlook is salesforce.com’s latest partner.  We just launched our Contact Capture for salesforce.com on the salesforce appExchange.  We use our Broadlook Universal Exporter (BLUE) to send data to Salesforce.com.  What that means is that ALL Broadlook applications, now work with salesforce.com.  So if any company or entrepreneur want to create their own ATS system,  it will be 100% compatible with all Broadlook applications day 1.  

This is a trend we will continue to see over the next decade. Barriors of entry being continually reduced.  Exciting stuff.

If is also amazing that this idea of mashups came up recently on the recruiting animal show.  Someone said that the company that creates it will make a zillion.  Well the platform is here, salesforce is the first mover in the space, but I predict that we will see additional offerings from other vendors, google, microsoft, etc.  The end result is that everyone wins. 

While salesforce is the first mover, they will not be the only mover.  The real message here is

1.  PaaS will distrupt Saas, due to ease of entry

2.  The barrier of entry for someone to create a SaaS model has been significantly reduced and it will continue to become easier.

3.  Look for PaaS from multiple vendors.  (ie Recruitingblogs.com is based on Ning.com) another example of PaaS.   This was not available 2 years ago. 

Massive online databases vs. individually siloed data…lets take a look.

There is a movement going on, right now.  Companies are starting to abandon large subscription databases and building their own silos of data.  Why?

Lets first examine the general trend of technology.  When a new technology first gets introduced, it tends to be (1) more complex, (2) more expensive and (3) centralized.  Job Boards for example. First there were the large boards like headhunder and Monster.com, next niche job boards, and then large corporate job boards.  Now even small recruiting firms post their own job postings on their own web sites.   The trend once a technology matures is (1) less complex (2) less expensive and (3) ubiquitous and decentralized.  Less complex because the technology is streamlined and reengineered and less expensive and decentralized due to technology improvements and economies of scale.

Watching this trend has been one of my hobbies, it’s universal like the 80-20 rule.  It’s time to give it a name.  Expensive-Niche-Decentralized or E-N-D. 

An entire series of technologies that follow the END trend.  Web based CRM is also starting to follow this curve.   Salesforce.com = the early days of monster.com.  In the last few years, many new CRM’s specific to vertical markets have sprung up.  Recently there is a movement to self-hosted web based CRM.  SugarCRM is open source and Microsoft CRM can be hosted in-house.   CRM, even web-based, is decentralizing.

Ignoring this trend is eqivilant to putting your head in the sand regarding Moore’s law, Kryder’s law, or Nielsen’s law.

What are the variables that will cause data siloing to follow END?

Read the rest of this entry »

I was going to avoid the Black Friday lines and go online to do some shopping at sears.com.  When my browser reported a “404″ error (page not found), I assumed my home Internet connection was down.  How could Sears.com be offline on one of the busiest shopping days of the year?  Quickly checking Google.com, Yahoo.com, Broadlook.com…all online, I ruled out me having a bad Internet connection.  So I tried Sears.com again and got this page:

For those IT recruiters out there: someone could use a new webmaster.

Now I am forgiving, I tried every 15 minutes and I got into the site 2 hours later.  I was catching up on emails so I had time.  I am curious how many sales they lost?  I was looking for replacement parts for my grill, so I was locked to sears.  Those people who might have been comparison shopping, I can’t see them waiting around.

This made me think about a webmasters role.  What should it be?  Should the person that let this happen be fire?  Did they get hacked? I’ve seen cases and experienced it personally when a webmaster is a hindrance to getting things done.  A webmasters role should be to execute the vision and orders of executive management.  In the case of Sears.com, I would think a good shopping experience would be paramount. Oh, and no down time. Period.  “Look kid, we go down and your fired.  This is Chicago kid-o,  lose me a million and it’s cement shoes for you.”

Downtime for a retail organization is equated to loss of business and perhaps death of business. 

The role of a webmaster at a company like sears is not all that different from a small company like Broadlook.  However the “webmaster” at sears is most likely an entire team of people.  I’ve noticed some trends.  The single and small operators maintain tight controls over their websites.  The messaging is usually concise and it reflects the founding philosophy of the company.   As a company grows to the size where a second level of management is introduced, I’ve noticed those companies move away in their core messaging.  This is to be expected, that first level of management is removing some workload from the founding executives.  There are many areas that would be better served for middle management.  Messaging is not one of them.  Later, as a company grows to have an experience executive in charge of messaging, the web messaging moves reflects the original vision or even improves on it.

Until now, I had no idea where this sears post was going.  I do now. It is sort of a self autopsy on working with my own webmaster, past and present. For me, each of my blogs is a personal journey of discovery. If they were not, then I am writing for everyone else and not myself.  I am not that giving.   This blog is for me and my discovery process, first and foremost.   If others read and get something out of it, great.  If they don’t, that’s ok because I’m learning here. 

Regarding my working with a webmaster, in the past, I failed.  My autopsy tells me that it is management’s role to convey with clarity what is expected of the webmaster and the website.  I did not do this.  That was my mistake. The same mistake that I see happening at many growing companies.  Time to change.

Read the rest of this entry »