Clouds, Crayons, and SaaS

Back in the pre-SaaS, pre-cloud days, applications tended to be rather uniform, monolithic, and limited.  Certainly work got done and everyone tended to now exactly what to expect in each and every situation.

Things are sure different now!  Suddenly, we’re no longer limited to an premises application that we purchased, installed, and (sometimes) kept updated.  The crayon box got much, much bigger, in a very short time.

For example, my first Tweet was sent from a quite austere Twitter site.  Today, on the PC I use Hootsuite web version about 90% of the time and Seesmic web or desktop for the rest.  For the iPad, I use Hootsuite’s app nearly 100% of the time.  On my Blackberry, I tend to read Tweets with Ubersocial and post with Hootsuite, because the latter allows me to schedule posts for a future time and neither Ubersocial or Seesmic can do that for that platform.  Lots of choices, right?

Before the advent of the cloud and browser based applications, I could have never afforded the money to buy all these applications.  Plus, the pain of installing, configuring, tweaking and making sure they didn’t collide with each other in my production environment would have been a killer.

The age of SaaS, cloud, and browser based applications gives us more choices than we could have dreamed possible only a few years ago.  I can remember a conversation with a very technical gentlemen who’ll remain nameless.  He proved to me, beyond any doubt, that non-premise software was of extremely limited value.  Oh sure, maybe for some simple games or a few specific utilities, but for word processing, databases, CRM, photo editing, etc., local installation and local data storage were absolutely necessities.  And I believed him.

Fast forward about five years and you’ll find both our nameless friend and me, deeply involved in SaaS, the cloud and all that comes with them.  Being able to change your mind and change your course is critical in a fast moving industry.  If you don’t, you can bet on ending up like any other evolutionary dead end.

I can’t predict the future, but I know that no matter the size, shape, or form my crayons take, I’ll be coloring for years to come!

MySql.com Hacked by Their Own Carelessness

What would you say about a firefighter who casually tossed a still lit match into a waste can full of wood shavings and gasoline?  How about a heart surgeon who dined every meal on butter, eggs, and pork chops?  You’d probably say they were were foolish, bordering on criminally stupid. 

Between you and me, I don’t think the flamed firefighter or the suffering surgeon can even come close to the folks over at Sun and MySQL.com.  According to Sophos’s Naked Security site, MySQL.com was hacked today.  “OK”, you say, “hacking is a fact of life.  It could happen to anyone.”  That’s true, but the reason they were compromised was a SQL vulnerability on their site!  If anyone in the world should have known better, it should have been them.

Had the story ended there, this would have been a humiliating, face palming moment for them, but it gets worse.  The attackers published user names and passwords from MySQL and what do we find?  The Director of Product Management has a WordPress password that is four digits long—maybe his ATM number?  Other users have passwords such as, “qa”.

I’m sure we can expect yet another, dreary, predictable, corporate spin-doctor, PR release explaining how they “regret any inconvenience this unfortunate incident caused the community,” and how they are “working around the clock with authorities to track down the people who did this.”  They will then assure us that they have taken all precautions to prevent it from happening again.

Bull****.

This is 2011.  The first SQL injection attacks in the wild were in November 2005.  Simply typing the phrase into Google yields nearly four million hits.  This is not some zero day attack.  Any halfway competent DBA or web designer knows, or should know, about SQL injection.  The fact that this occurred is inexcusable.

Here are my suggestions for dealing with the problem:

1.  Hire some knowledgeable people and scrub every, single, line of code on every page of every site under their administration, as well as run whatever protocols necessary to secure the place.

2.  Get in touch with the people at LastPass and put some decent password control in place.

3.  Fire whoever should have found this vulnerability. 

4.  Fire the supervisor of #3, above.

5.  Let every user on their systems know that the next time a weak password is found, they will be terminated on the spot.  No explanations.  No second chances.

6.  Issue a statement explaining exactly what happened and why it will not happened again.

I understand I sound draconian, but after the first few dozen times seeing major sites compromised, I get a little irritable.  Did I miss any steps they should take?  Am I over reacting?  Sound off and let me know!

Telemarketers, Read This Before Calling Me

Telemarketers, let’s get something straight.  I don’t hate you.  I respect that you have to make a living and understand that the phone is a powerful tool.  What I want to do is lay out the ground rules for effectively selling to me.  While I’m just one guy, I suspect most people will respond favorably to these rules too.

1.  Respect my wishes.  Call me at work and unless the data center is on fire, you will probably get a polite, if not cordial reception.  Call me at home in violation of US do-not-call laws and I will make you cry like a Libyan pilot in a no fly zone.

2.  Have a reason for calling.  “Just checking in” is not a valid reason unless I’m your parole officer.  I stopped what I was doing to talk to you, now make it worth my while.

3.  Understand who I am.  At least have a vague notion of the type of customer I may be.  Don’t be like the woman who recently called me to see if I was interested in buying the same type of software that my employer sells.

4.  Speak. Clearly. And slowly enough that I can understand you.  This is going to sound harsh, but if your grasp of English is so weak that every call is like climbing Mount Everest, get another job!  You don’t see me trying to sell you something in Hindi, do you?

5.  If you don’t reach me and decide to leave a voicemail, see #4 above.  Leave me a clear, concise message and for the love of God, speak your call back number slowly and distinctly.  By the way, don’t try to leave a “mysterious” message or one that implies it is an emergency.  I will likely call you back quickly, but when I find out you tricked me, I will devote large amounts of time and effort to making your life miserable.

6.  Be confident.  Don’t mumble.  Don’t be bashful.  Tell me why your product is the absolute best.  Be able to defend yourself when I tell you we use the competition.  I will give you a fair hearing, but if you just fold like a sheet of paper, I will end the call.

7.  Be human.  I get that you have to read from a script sometimes.  Be willing to deviate when I ask you a question.  That usually means I’m interested.

8.  Ask for the appointment or sale!  I can’t count the times that the call has gone pretty well, I was interested, and then the salesperson just drifted off with a timid, “Well, I’ll just call and check in again in six months.”

9.  Keep honing your art.  Never stop learning how to be more effective.  Personally, I've taken the sales course offered by my friend, Art Sobczak and recommend it strongly.  Take a look at his site: http://www.businessbyphone.com/

Friends, don’t be ashamed of what you do for a living, just do it well!

Twitter! Facebook! Quora! Danger!

What if a company spokesperson said this to you:

“Well, we did install some telephones and we like the way we can call folk and tell them about new products and sales.  Now and then, some of our customers and even prospects call us, but we just let ‘em roll to voice mail.  If someone thinks about it, we tell one of the interns to check voice mail every couple of weeks.  Funny story; sometimes even our competitors check the voice mail and answer our customers!”

You would think they were absolutely the most incompetent, negligent, company on Earth, right?  You might even say, they were asleep at the switch.  Guess what?  Many firms, from small one man shops to giant multi-nationals are doing exactly that in the realm of social media.

Anyone active on Twitter or the other sites has seen it.  There’s the account, blabbing out PR releases, loud and proud from @AcmeWidget (by the way, I just made that name up, in case @AcmeWidget is actually someone’s account!).  Soon, customers start asking questions, paying complements, or Tweeting complaints, tagging them with @AcmeWidget or using a hashtag of #acmewidget.

What follows is silence; deafening silence.  Or much worse, a competitor over at Superior Widgets jumps in the conversation and steers Acme’s $7,000,000 account to them. 

My friends in marketing and sales, if you don’t ignore the phones, don’t ignore social media!  It needs to be someone’s defined job to monitor all social media streams that you participate in, as close to 24/7/365 as you can physically manage.  Nature and business both abhor a vacuum.  If you don’t provide the answer, someone will, and you may not like what they have to say.

Social media gives you the chance to shine and look like a hero.  It also affords you the opportunity lose customers, offend prospects, and destroy a brand.  In future installments, we will look at not only the need to respond, but how to do so without inserting the corporate foot into the corporate mouth!

Anyone want to share either company’s that do it right or those that don’t?

“Do Social Media” Without the Snake Oil

There are certain things that simply make me want to knock people down and drizzle boiling lava on them.  In no particular order:

1.  “I’m a social media guru.”  Unless you’re from India and you teach meditation, knock off the guru stuff.  You do not have devotees.  No one is sitting at your feet, waiting to learn how to send a Tweet.

2.  “I’m a social media expert.”  Your ability to use Hootsuite does not make you an expert any more than my ability to follow a cookie recipe makes me a baker.  Just because you ignore your real job to post on Facebook all day does not qualify you as a thought leader.

3.  “I’m building my personal brand.”  Coke is a brand.  IBM is a brand.  Kleenex is a brand.  You are a person.  You can make yourself more visible in your family, community, or industry, but unless you are Charlie Sheen, you are not a brand.

4.  “I have 14,553 followers and have made 34,863 updates to my Twitter account.  I am a legend.”  No, most likely you paid some service that netted you 14,553 followers who are also looking to build a huge following.  Most of them, along with you, are constantly Tweeting and no one is listening to anyone else. 

5.  “I greet each new follower with an automatic DM (direct message) on Twitter to welcome him and offering my newest, WEB 2.0 sales technique special, plus links to my affiliate websites.”  You are a DM spammer.  Die spammer, die.

6.  “I want to be everyone’s Facebook friend, even people I have never met or spent any time talking to.”  You are either promiscuous or a stalker.  Maybe a promiscuous stalker.

Here’s the thing.  Social media—Twitter, Quora, Facebook, and all the rest—is new and the rules are in a state of flux.  Still, we need to apply the basic rules of humanity that have served us well for the last 10,000 years.  I’m no guru, but here are Paul’s Guidelines to being a Decent Human in Social Media:

A.  Always provide value.  Don’t post just to jack up your numbers.  If you have nothing to say, shut up.

B.  Be considerate.  That means, be kind to new users.  Be thoughtful and giving toward your community, both in real life and on the net.  Don’t waste people’s time.

C.  Constantly remind yourself that this is not real life.  Social media is a means to an end.  We use it to promote a political view, engage experts, sell products, and to have fun.  The end is not to have the most followers or the highest Klout number.

Have I offended you?  Do you want to follow me @paulmyoung_net just to have the pleasure of unfollowing me?  Go ahead, but first leave me a comment and tell me why I’m wrong.

Pepsi’s Chrysler Moment

When I saw the Tweet from @pepsico, I was puzzled.  “when sailors go on shore leave, they don’t use e-harmony #frothornot #pepsicostage”  When I checked the Twitter profile and found that @pepsico was the official, verified voice of a major, multi-national corporation, I was doubly puzzled.  Did someone compromise their account?  Was this some part of a marketing campaign?  Were they having a Chrysler moment?

Shortly after I Tweeted my confusion, @pepsico responded dismissively that it was a funny quote from a panel discussion.  I’m not entirely sure why, but that really got under my skin.

Understand that I’m not a flag waving, right wing sort of guy, but I do respect the women and men who put their lives on the line so that I can sleep in peace, comfort, and freedom.  To stereotype them as carousing on shore leave seemed like a stupid comment to be made at the water cooler and a particularly dumb sentiment to be expressed by a huge company.

Not being present for the entire discussion, I’m going to cut them some slack.  Perhaps in the context of the larger exchange this was some sort of nuanced, ironic, metaphor.  Just the same, I think it was wildly inappropriate to throw out in the context of 140 characters of social media. 

@pepsico, no worries; I take no personal offense.  I just wonder how much of your product the US Department of the Navy purchases?  Might be a good time for the Coke representative to call on them, don’t you think?

SFDC Job Postings and the Purple Squirrel

We’ve all seen them or been contacted by recruiters regarding them.  The requirements call for 30 years of Salesforce experience, ability to code in MUMPS, Java, and VisualForce, willingness to travel 102% of the time, multi-lingual in English/Cebuano/Liturgical Latin, and with a minimum of a PhD.  Position is a 1099 contract paying $40 per hour, with no benefits, requires relocation to East Nowhere (at candidates expense), and will last six months.

Take a look at some of these actual requirements for a low level, moderately compensated, job in Manhattan, NY for a global corporation with 19,000 employees.

* Possesses both strong and some tactical Salesforce.com skills to understand how changes may impact entire universe

* Work with sales training management team to develop and update training materials and communications to the user group

* Become the “voice” of the user community to represent to management commonly requested and needed changes to the application

* Conduct training of SalesForce.com to users

* Work with SalesForce developers on system extensions, customizations and integrations

* Respond to support requests and solve issues for Sales Reps and Managers

* Integrate with vendor partners and design optimal solutions for integration

* Provide on-going support and system administration to quickly fix production issues

* Act as the primary point of contact for Salesforce users

* Conduct training of SalesForce.com to users

There are 32 more requirements plus they demand a minimum of a BA in Finance and preferably a minor in Computer Science.  Oh, and at least five years experience.

Seriously??

Listen to me carefully, businesses.  Stop copy and pasting generic requirements from the internet.  Stop looking up twenty SFDC administrator postings, culling the unique requirements from each, and making one, hideous amalgamation.  You will never find the purple squirrel, waste much time looking for her, and turn off qualified hires.

How should a company compose their hiring requirements?  First, talk to your Salesforce sales rep and/or customer success manager.  They know what has worked for other, similar companies and will be happy to guide you.  If you are using a consultant, ask her.  She has done this dozens of times and will gladly share her knowledge of what to look for.  If neither of those appeal to you, here are a few pointers to get you started.

1. Certification is not vital, but if you don’t know what you’re looking for, it’s a good place to start.  Just be willing to be flexible if you come across a SFDC god with no papers.

2.  Go to a conference (DreamForce or CloudForce) and talk to attendees and vendors.  Make contacts.  Pump them for information.  Hire them!

3.  Email me and I’ll do my best to help you flesh out your requirements.  If it’s just a quick phone call, I’ll do it pro-bono, and if more, we can discuss cost.

By the way, why the “purple squirrel”?  It’s a recruiter term for the unobtainable position or candidate.  Just say no to purple squirrels!

CloudForce NYC 2011 Part 2

As my three, loyal blog readers may remember, I wrote a post last April called SFDC Cloudforce 2 NYC—a Review.  In that review, I praised them for the good and then gigged them like a frog on a harpoon for the bad and the ugly.  While I take zero credit for the turn around, SFDC managed to correct nearly every challenge.

A constant complaint—so widespread that it became an inside joke—was that nothing SFDC ever sponsored started or finished on time.  In particular, the keynotes were notorious for starting 15 minutes late and running 25 minutes over, throwing everything following hopelessly off kilter. 

This year, the “warm-up” mini interviews got the crowd settled 10 minutes prior to the start time and Marc kicked off the main even nearly to the second it was scheduled.  Pacing was superb, with a good mixture of humor, announcements, tightly scripted demos, and case studies.  And it ended on time. 

Many of us have groused year after year that the physical plant where Cloudforce was held was grossly inadequate.  This year, it was at the Javits Center and we had enough room to land a plane!  It was such a joy to have space to walk, space for the vendors to spread out, and space to keep the noise level down to a mild roar.  Oh, and plenty of restrooms!

Part one of this review spoke in broad terms about the content of the convention.  On a more granular level, the breakout sessions this time were nicely focused and the three that I participated in were very well orchestrated.  I saw a sense of purpose that was lacking in years past.  I was also very happy to see a greater emphasis on audience questions.  Good job!

That’s the good.  Two things stuck out that could still use some work.  First, the minor one.
This may not be in the control of SFDC, but they need to address with the Javits Center the complete lack of taxi cabs.  After CloudForce ended, I joined a group of people who tried without success for 30 minutes to hail a cab.  Not a single one stopped.  How can you have a convention center with no cab stand?

The major challenge that absolutely, positively, must be addressed is WiFi and cell coverage.  Marc spoke much about smart devices and how they are changing the world, but without a signal, they’re little more than costly paperweights.  I understand that it’s hard, but without fail, there has to be adequate WiFi and cell coverage available.  I don’t care if I have to pay something to use it.  It’s hard to describe how frustrating it was to not even be able to send a Tweet at times because of no cell or WiFi signal.

Overall, I give this DreamForce an A-.  What do you think?

CloudForce NYC 2011 Part 1

All the way on the two hour NJ Transit bus ride back to my bucolic home in the Garden State, my mind buzzed with thoughts of CloudForce NYC 2011.  I fully intended to write this entry as soon as I got home.  Once however, I showered the stink of the city off me and relaxed, I realized that like a fine box of $9.00 wine, my thoughts needed time to chill.  Now, a few days later, I think I’m ready to uncork my musings.  The first part looks at the content of the conference and the second, the physical aspect of it.

To do a level set, it was 24/7/365 Chatter.  As in Chatter.  And then some more about Chatter.  Did I mention that Chatter was featured?  Chatter.  Was it overboard on Chatter?  No.

At various points in our evolution as a civilization, we have reached pivot points.  These are the points at which history took an unexpected turn and the direction of our movement veered, sometimes for the better and sometimes for the worse.  While no one can say with certainty until long after the moment, CloudForce NYC 2011 could well have been the most definable pivot point for the way technology moves.

The earliest technological advances were solitary.  Some nameless primitive figured out how to use a stick to reach a honeycomb.  Much later, an iron plow let a farmer till more ground in a day than his father could in a week.  The PC gave a mediocre writer the ability to crank out blog entries at a rate that would make a medieval monk copyist, swoon.

Chatter has turned the isolated, knowledge worker paradigm on its head.  Suddenly, email is slow and text messages are disjointed.  The new way forward provides a smooth, documentable flow of information that is semi-automatically routed to the best person (“node”)—sort of like the way information flows on the internet itself.  I understand people’s skepticism, I really do.  I was the same way until I started using it and now I couldn’t imagine not having Chatter.

As useful a tool as it is, there is an even greater aspect to the pivot point and that is collaboration.  If I had to give an overarching theme to CloudForce 2011 NYC, it would be that:  Collaboration.  Chatter happens to be the spear tip, but a myriad of other technologies were in evidence, too.  A quick check of the non-consultant vendors revealed that the idea of linking users loomed large.

One example is Seesmic.  Founded by my session co-presenter Loic Le Meur, Seesmic is a Twitter client.  Well, that’s like saying a jumbo jet is a chair because it has a place to sit.  Seesmic, which I will soon talk more about, is the Swiss army knife of collaboration clients and as such perfectly encapsulated the conference for me.  It is something that is privately developed by a small team of fanatically driven people and it is poised to help the world pivot.

I’m curious to see how this pivot plays out in the coming months leading up to DreamForce 2011.  My suspicion is that this only the very beginning of a shift in the way we work, play, and view our world.

Coming soon:  The physical aspect of CloudForce NYC 2011 or, “Did they finally get more restrooms?”