Simon on: ITCM – Should we be using virtual reality in the events industry?

Hotel chain, Marriott recently introduced its new ‘Vroom Service’ which offers guests room-service delivery of a virtual reality (VR) kit, taking them to places including Rwanda and Beijing via a Samsung Gear VR headset.

But does this kind of technology really have a viable place in the events industry, or is it simply another gimmick which people will try only once out of curiosity?

To find out my thoughts, read the whole article as featured on ITCM by clicking here.

TalkTalk's pathetic attitude to security

Over the past few days it has emerged that TalkTalk have been subjected to a "sustained cyber attack" if you believe the way it's told in the news.

That may be superficially true but rest of the story may be a little less appealing for TalkTalk and it's customers. Based on a number of different security sources I've read, it appears that the site was actually attacked using a mechanism called "a SQL injection attack". The first thing to say about that sort of attack is that it is an incredibly basic attack that ANY website that uses a database should protect against and protecting against it actually isn't difficult.

The next important thing to know is that this isn't an isolated incident for TalkTalk. The rather incredible fact is that this is the third time they've been hacked and lost data in the past 12 months that we know of! For the most serious of those hacks (in terms of quantity of data lost) to have been because of some really poor programming proves that nobody at any level of their organisation is taking data security seriously enough and heads should definitely roll.

Based on data leaking out onto the internet, it looks like TalkTalk didn't actually encrypt much (if any) of the data - in fact there are already plain text passwords coming out in data that is reported to be from the attack. Given that the majority of people take a terrible approach to passwords mean that a very large percentage of those customers will have used the same password for other websites and that's where the real pain can start.

TalkTalk said "a distributed denial of service (DDoS) attack - one that overwhelms a website with traffic, taking it offline - was used as a smokescreen for the attack" - the thing I find strange about that statement is that a DDoS attack is highly unlikely to have any effect on whether a SQL injection attack was possible so that explanation seems itself to be a smokescreen for the press and public.

The last bit of this whole situation that's bothering me is that the Institute of Directors have called for "urgent action to tackle cyber-crime" which the press seem to be reporting as if the Government need to do something. I don't know how the IoD actually meant it but it's actually businesses that need to protect themselves. 

This attack is like TalkTalk leaving the doors to their headquarters unlocked while the premises are empty all night and then being surprised when they return in the morning to find they've been burgled. There are definitely things that all businesses should be doing to protect themselves but if they can't get the absolute basics right then they're all screwed!

Simon on: Periscope - friend or foe for meetings?

Twitter’s acquisition of the live video streaming app, Periscope earlier this year seems to have caused quite a fuss within the industry – so I thought I should explore the facts.

I recently attended a presentation on the subject, where the speaker was adamant that the industry ‘must take the step with hybrid meetings.’ 

Hybrid events have been with us since the 1970s. The vast majority of events are now using video to engage a virtual audience and so should therefore be described as ‘hybrid’. The practise is in fact so commonplace that we need to lose the term ‘hybrid’ and start calling these events, simply, ‘events’.

Rant over, Periscope and its live streaming capabilities is a gimmick that I haven’t yet fathomed a tangible use for - especially when you consider that YouTube launched its own live streaming channel back in 2008, and look at the impact that had on the industry.

There are two possible avenues to take; the official route whereby organisers use it to stream live footage of their event, and the non-official use by members of the audience. 

Savvy organisers will not spend money on anything unless it enhances their event and I can’t see how live streaming will do that. It’s too late to use it to attract more delegates and it’s a fair-sized investment in time and money just to ‘create a social buzz’. 

Some people may bemoan that delegate use will flout privacy and copyright issues but the tools to film an event have been in audiences’ hands since the first smartphone was launched in 2005, yet we don’t see many delegates filming then posting conference content on YouTube. 

There are other drawbacks too. Periscope is currently only viewable on a smartphone – so is a delegate really going to watch an entire conference (or even one whole session) on a tiny screen? And videos created via Periscope disappear after 24 hours, so anyone who misses the original broadcast may miss out on the meeting entirely.

For those championing the idea of driving awareness through the app – if you saw a snippet of a meeting’s content online, would you really remember it and be inspired to attend the following year? Probably not. 

But if the organisers filmed the event, posted it on YouTube and used all their channels to promote it throughout the year, then maybe it may influence you.

Before we all get excited about this new shiny tool, let’s use the tools we already have to much better effect.

Originally published in M&IT

Simon on: The importance of online security

News of the Carphone Warehouse and Ashley Madison hacking incidents has confirmed that online security is still coming up short - something that was further proved by a recent study, which found that the data scrambling systems used by millions of web servers are much weaker than they should be.

But continuous occurrences like these only highlight what the key message is here – make sure security is reviewed by people who know what they’re doing rather than just accepting that it’s okay.

This on-going issue of online security is unfortunately just an afterthought to almost everyone, from consumers to major companies and even whole industries.

I believe that one of the main factors in this problem is that companies tend to have a team of developers who are usually managed by people who just don’t know enough about security.

Of course something like ISO27001:2013 show which companies are taking data security more seriously. As we hear more about the breaching of businesses who handle our data, I think security standards such as these are a must have.

At the very least, I think it’s high time people take an informed interest in online security and make the conscious effort to actually protect their data properly by asking some basic questions of suppliers and systems.

Originally published in Conference News

Simon on: Stand Out - Time to think about the security of wearable devices

Wearable devices have been hailed as the latest must-have tech with more and more smartwatches cropping up in the events industry.

While some are discussing their value, a study by Hewlett-Packard has uncovered some shocking issues as most of the current popular devices were found to have ‘poor’ security features.

To read my warning to the industry, click here.