Monday 29 September 2008

The right to software?




Here is a quotation from a blog by I read the other day about Saas versus open source; Michelle Murrain writes: "SaaS based on proprietary software violates the basic software freedoms". The author goes on to indicate what these freedoms are, namely the ability to see the code, change the code, release the code to others. Well I have two problems with this. Firstly, Michelle seems to be defining Open Source software, but I don't see 'Software as a Service' as being necessarily open source at all. Secondly, the implication of this piece is that we should be moving to a world in which all software is Open Source.

Let's deal with SaaS first. A good example in fundraising software terms is eTapestry whose home page even features a link to Software as a Service. It works like this: the client signs up, enters details about their charity and the services they require, and within moments has access to an online database where they can store donor details. In etap's case, its free up to 500 records and then you pay according to service usage. Its not surprising to me then that the Wikipedia definition of SaaS says "From the software vendor’s standpoint, SaaS has the attraction of providing stronger protection of its intellectual property and establishing an ongoing revenue stream". True, there are some SaaS services which are free at the point of use, and some which are Open Source, but most will start charging at some point, and as such will very much not be Open Source for the reasons stated by the Wikipedia article.

Would it be a perfect world in which SaaS was open? The trouble is, how do you finance Open Source software? You can't charge license fees for something which changes all the time and which you don't own. As a client, how do you hold your software service provider accountable? Sure we just expect Google to work, but if you are going to run your charity on a database, you are going to want someone to fix it when the emailing doesn't work or when the reports are all wrong.

The thing is, the phrase which really jars with me is 'basic software freedoms'. It reminds me of the debate we had back in the miner's strike about the 'right to work'. We all want to work, and we all want software to be available and bug-free, but we cannot expect this to be available as a 'right' - you have to earn it, whether by writing it, or paying for it, but it won't just turn up on your plate, not now, not ever.

Wednesday 24 September 2008


How safe is your Donor Data?


Had just sent off a piece to our marketing department on data security when I received my invitation from the Institute of Fundraising Technology Group to attend their session on this very topic (Sign up here)- so seems this is an issue on a few people's minds. I had started my piece by describing a cartoon I saw in a national paper recently, which showed one commuter saying to another ‘I never buy the Times anymore – there’s always those secret papers to read on the train these days’.

I sometimes wonder if stories of data loss is like those shocking crime statistics, that when you investigate them a bit further, you find out it was always going on but just not reported in the same way. Surely, in the days before the Data Protection Act we were always leaving large volumes of personal data lying around in some form or other? Well, maybe so, but actually we were constrained by the technology. For my first ten years in this business, all our client data was stored in Oracle databases on Unix platforms. Its not easy to leave that kind of stuff around on the train.
However, data sticks with Excel spreadsheets are a totally different proposition, especially now Excel 2007 has the 64000 row limit removed. We should not be surprised by the spate of recent embarrassments. The MOD, the HMRC, and the DVLA have all been in the news for the wrong reasons - I dread the day when a national charity features in one of these stories because the knock on effect for donor confidence could be severe.


So how do we minimise the risk of that happening? The key is to ensure that users can access their data, and move it around without removing it from the network. Let’s look at some scenarios. If data needs to go outside the organisation, perhaps to a mailing house or database supplier, there are two safe routes – you can encrypt it using a tool such as Private Crypto before emailing it, or you can copy it to an FTP site with a secure user-friendly utility like Filezilla. If you need to use data at a branch for a local event or mailing, most database packages will allow browser-enabled access to your central database across the Internet. If you need to share a report which contains thousands of rows of name and address data, and you don’t have a database with easy remote access, or it is not appropriate to grant access to the target audience, why not upload it to a secure document sharing site such as Microsoft’s Windows Office Live which is a freely available cut down version of Sharepoint? The IT For Charities site also has a number Internet Resources for UK Charities which should give you a few more ideas.

Of course as with all IT issues, the management side is just as important as the technical aspect. Database packages now make it easy to export data to spreadsheets, and from there to data sticks. Guidelines should be clearly set then, so everyone understands that when dealing with large volumes of personal data, leave it on the network or the Internet where it can easily be secured, not on the train next to the MI5 secret papers!

Monday 22 September 2008

First posting



Well, this is me and my first blog. I don't suppose many persons will read this first instalment, in fact I'd rather they didn't but you have to start somewhere.

Or do you? Why do this at all? Why inflict my second hand and/or half baked thoughts onto an undeserving blogosphere? Well, pretentious as it may sounds, for professional reasons. Oh yes. The more I research the web on behalf of my dear employers to find out how people in my sector are exploiting the web in innovative ways, the more I find that the answers come from people like me blogging. Previously, I would have had to attend a seminar or workshop to pick up the latest trends and ideas that are now constantly available on the web. The problem is the overload. I now get far too much from the web - I've got feeds from Twitter, delicious, yahoo groups, not to mention the normal email lists I subscribe to, and I need to understand more about how it all hangs together so that I can become a more efficient harvester of this information. Then I need to apply it one step further and work out how this world interacts with my normal professional world, which is donor databases. And they surely are related, but not as obviously as you might think. So I will be coming back to that later, which relieves me of the need to explain that now.

Now, if you look at the leading exponent of this game, you'll fine that they include about three hyperlinks in each sentence, be it to other areas in their own blog, or other sites on the Internet. This apparently ensure a much higher visibility for their Blogs, but I have to admit, it is seriously irritating. If you were to follow every link, it would take you hours to read each posting. Its like following all the 'QV' marks in Brewer's Dictionary of Phrase and Fable except not nearly so interesting.

So I am not going to include any hyperlinks in this article at all, but be warned gentle reader, I will succumb.