www.PenandCamera.com: Writing Samples: 2007 About | Clips | Photography | Photo/Visual | Writing | Updates
Writing Archive: 2007

Writing Archives: 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003

Complete stories by date:

December 2007

IT Job Growth Seen Through 2016
Despite the increase in outsourcing, government figures point toward robust job growth for many technology occupations.
Dice (December 26, 2007)

Changing Risk: Enter the CRO
What you don't know can kill you -- or sink the company. As executives and boards of directors demand an integrated, enterprisewide view of risk, they're turning to chief risk officers (CROs) to provide it. Where should CROs fit inside an organization, and do they have the authority and oversight to really make a difference? Learn how to make a CRO succeed.
IT Compliance Institute (December 18, 2007)

Learn to Work Safely with Web 2.0
Developers want their Web sites, intranets and internal apps to get the Web 2.0 makeover. Yet snappy design often outpaces security. Here are tips for approaching Web 2.0 projects safely.
Dice (December 12, 2007)

Is Software as a Service Ready To Kill Microsoft Office?
Is now the right time for small and midsize companies to adopt software-as-a-service (SaaS) replacements for Microsoft Office and workplace collaboration tools? With encouragement from Google, Adobe, Zoho, and even Microsoft, some companies are saying "Yes" to cheap -- or even free -- online, on-demand alternatives.
bMighty.com (December 4, 2007)

November 2007

Intranet Information Architecture (IA)
This two-volume, 1,293-page report details numerous IA best practices, including how to structure your intranet, how to create a highly usable navigation system, and the process of shepherding the information architecture from design to delivery. Includes 744 color screenshots of real intranets and their navigation design and elements, and profiles the actual information architecture of 56 organizations' intranets, as well as generalized analyses and best-practice recommendations derived from the many case studies. Organizations featured include BT Global Services, Capital One, Cisco, the City of Edinburgh Council, IMS Health, McDonald's, Vodafone, and Zeiss. Read the summary, or purchase the full report on intranet IA. (Co-written with Amy Schade and Jakob Nielsen.)
Nielsen Norman Group (November 22, 2007)

Own Your Identity: 10 Best Practices for Role-Based Access
In many companies, IT maintains the access controls, security defines roles, business managers assign these roles, and auditors review what users actually do. As that suggests, an effective approach requires careful coordination. Learn the 10 best practices for identity and access management collaboration.
IT Compliance Institute (November 20, 2007)

The Rise of Nice
Learn about the shift from tough-love management techniques to something decidedly more Type B.
Dice (November 13, 2007)

GRC Solutions: Tips for Tipping False Idols
New platforms and tools promise to solve companies’ governance, risk, and compliance (GRC) challenges, but managers should beware the hype. Ad hoc frameworks, narrow solution scopes, and too-tactical functionality often characterize so-called enterprise solutions. Experts offer insights to help you navigate the GRC hype.
IT Compliance Institute (November 13, 2007)

October 2007

Fixing the PCI Encryption Problem
Fines and fees are looming after the September 30 PCI compliance deadline. Still, less than half of merchants report full compliance with PCI security requirements, and encryption failures contribute to four out of five failed PCI audits. Why can’t companies get encryption right? Here are five key steps for overcoming encryption hurdles.
IT Compliance Institute (October 23, 2007)

Surviving the Workplace of Tomorrow
Holographic user interfaces, 128-bit-encrypted passwords which can be hacked in 30 seconds, "mission control"-style workspaces, and death-dealing robots with excellent coding skills. Based on popular media portrayals of the future — in films such as Minority Report and Swordfish and television shows like 24 and Battlestar Galactica — how many of us could really expect to last a day in the office of tomorrow? Maybe more than you'd think.?
Dice (October 16, 2007)

Getting a Job in Social Networking
How do you land a job at a social networking site or online community? We turned to their hiring managers to find out.
Dice (October 3, 2007)

September 2007

Experts Flag 10 Emerging IT Security Trends
Security threats and defenses must constantly evolve to keep up with developing threats. We asked security experts to identify the top information security trends that will affect small and midsize businesses over the next three to five years.
bMighty.com (September 27, 2007)

Ten Skills for Project Management Success
Companies need more dedicated project managers, as well as technologists savvy in shepherding projects along. Here are 10 ways to improve your PM aptitude.
Dice (September 20, 2007)

Reconciling with Records Management: Top 10 Requirements
Records management, in the words of the related ISO 15489 standard, is the "creation, receipt, maintenance, use and disposition of records." An increasing number of regulations have driven companies to put their records management programs in order. Learn the top 10 best practices for ensuring the integrity of your records.
IT Compliance Institute (September 18, 2007)

10 Ways to Mitigate Your Security Risks
Time is money, and when it comes to small and midsize businesses, both are in short supply. So we got security experts to share their top tips for mitigating information security risk while using minimum resources.
bMighty.com (September 13, 2007)

August 2007

Ten Ways to Write Cleaner Code
Experts share their top 10 tips for writing code that compiles more easily, performs optimally, plays nicely and sidesteps known vulnerabilities.
Dice (August 29, 2007)

July 2007
Top 10 Spreadsheet Compliance Risks and How to Avoid Them
One of the biggest threats to compliance isn’t rogue insiders or hackers, but a trusted tool: the lowly spreadsheet. Its life is unstructured, untracked, and unsecured—control challenges that can run afoul of everything from SOX to federal accounting rules. Learn to recognize top spreadsheet risks and what you can do to reduce them.
IT Compliance Institute (July 24, 2007)
June 2007

Changing SOX: Redefinition, Refinement, and Reform
Compliance experts say that vague guidance and lack of bright-line definitions led to an era of expensive, ultra-conservative audits. As a result, and under the advice of their auditors, many companies are now reining in their SOX efforts. What’s changing? Experts detail the latest SOX guidance, new accounting standards, and optional risk-assessment methodology.
IT Compliance Institute (June 26, 2007)

Data Breach Kit: Five Steps to Help You Survive the Inevitable
Fact: Information systems are porous. Most companies will, despite their best efforts, allow some level of data exposure during the next year. Are you ready? Learn the tools and processes you need in place now to control data-breach damage, perform digital forensics, and gather the evidence required to recover and reduce risk.
IT Compliance Institute (June 19, 2007)

May 2007

Under the Hood: The New ITIL V3
Are you ready for version 3 of the IT Infrastructure Library (ITIL)? After 10 years, the leading best practices IT service management framework has been updated with an official launch scheduled for May 30, 2007. Learn what’s behind the changes, and what they mean for organizations looking to improve IT service management as well as their IT compliance effectiveness?
IT Compliance Institute (May 30, 2007)

Ten Procrastination Avoidance Techniques for Techies
PC or peril: your workstation provides state-of-the-art productivity and development tools, IM and videoconferencing to stay in touch with distributed project team members, project management applications, e-mail notifications, and blinding fast Internet access, not to mention the potential for quick downloads of the latest Battlestar Galactica and Lost episodes plus networked Unreal Tournament frag-fests. How’s an IT staffer supposed to meet deadlines? Learn 10 procrastination avoidance techniques for techies.
Dice (May 8, 2007)

Hot IT Skills Shift Towards Project Management, Security and Architecture
A new survey of CIOs reveals which IT jobs are hot, and which types of training will best advance your IT career. Know what to pursue and what to beware of in the evolving IT job market.
Dice (May 1, 2007)

April 2007

Top 10 Compliance Forums on the Web
When it comes to laws and governance frameworks, conventional wisdom can prove much more useful than oblique “official” guidance. These 10 online forums offer immediate answers to IT compliance questions, practical implementation advice, and been-there-done-that insight into CobiT and ITIL.
IT Compliance Institute (April 17, 2007)

Threats, Compliance, and the Human Condition
Blame human psychology: when it comes to information security, we’re simply not built to intuitively rank actual risks. Learn how building threat models can help companies rationalize the biggest security and compliance risks they face.
IT Compliance Institute (April 10, 2007)

March 2007

Access Control: 10 Best Practices
Properly implemented, access controls only give employees access to the applications and databases they need to do their jobs. At many regulated organizations, such controls are too often manual, outdated, and largely ineffective. Here’s how to overhaul your access control program.
IT Compliance Institute (March 27, 2007)

Beyond SOX and Endpoint Security: Six Emerging Trends in Compliance
Last year, Sarbanes-Oxley (SOX) dominated companies' compliance efforts, organizations increasingly adopted endpoint security, data breaches grew epidemic, and experts warned companies Microsoft OS Vista would be no silver bullet for compliance or security efforts.
IT Compliance Institute (March 20, 2007)

The Rise of the Enterprise Architect(ure)
Increasing numbers of firms are utilizing enterprise architecture programs, driven by “enterprise architects,” to boost IT effectiveness and efficiency by coordinating application utilization across the entire organization. Payoffs include streamlined software needs, lowered licensing costs, and easier IT management. Learn what it takes to become an enterprise architect, and how to introduce and drive acceptance for an enterprise architecture program in your company.
Dice (March 19, 2007)

Achieving IT Process Nirvana with ITIL
Does your company tap the IT Infrastructure Library (ITIL)? Organizations are increasingly embracing ITIL, a pragmatically focused IT framework, to improve the efficiency of their IT operations while reducing IT costs. Learn how ITIL can help your organization.
Dice (March 13, 2007)

February 2007

Learning Linux with Ubuntu
Nothing screams “geek cred” like Linux knowledge on one’s resume. Haven’t had the time, help, or inclination to learn Linux? Then consider Ubuntu, perhaps the preeminent Linux distribution written for absolute beginners.
Dice (February 2007)

The Dangers of Testing with Real Data
Do you test using real production data? Beware using sensitive data for any application development or testing purposes, since lost or stolen information can trigger costly data notifications, regulatory sanctions, and customer fallout.
Dice (February 2007)

Seven Strategies for Compliance Change Management
Driven especially by SOX, companies are turning to change management to provide needed discipline for changes to IT infrastructure and systems. To ensure the integrity of systems storing regulated data, as well as the attendant IT policies and procedures, companies are increasingly adopting change management practices.
IT Compliance Institute (February 6, 2007)

IT Compliance Trends to Watch in 2007
What's in store for companies struggling to comply with regulations in 2007? Here are seven IT compliance trends to watch.
IT Policy Compliance Group (February 2, 2007)

January 2007

Rise of the Mutant Malware
The latest generation of malware is mercurial—able to adapt to defeat the latest detection and eradication measures. Who’s building the better mutant, and how is IT security taking this more “liquid” malware into account? Learn what’s being done to stop this evolved malware, and how companies are protecting themselves.
IT Compliance Institute (January 30, 2007)

Ten Best Intranets of 2007
This 373-page report, with 215 screenshots, reviews the designs and usability of the world's 10 best intranets for 2007. The winners: American Electric Power, Comcast, DaimlerChrysler, Dow, Infosys, JPMorgan Chase, Microsoft, National Geographic Society, the Royal Society for the Protection of Birds, and Volvo Group. Read the summary, or purchase a copy. (Co-written with Kara Pernice and Jakob Nielsen.)
Nielsen Norman Group (January 15, 2007)

Previous writing archive: 2006

Mathew Schwartz