Hector to be guest presenter at a workshop on social media marketing strategies

I will be a guest presenter at a social media workshop on April 7 in Denver. If you are struggling to figure out how to integrate social media into your marketing tool-kit or could benefit on a technology primer on security and data ownership issues, this workshp might be of interest to you. This workshop will provide you with actionable strategies and tactics in support of attaining your marketing goals and will not waste your time with basic tutorials on social media basics such as setting up a Twitter account.

Details

  • Title: “Social Media Strategies for Your Business Brand – A Marketing and Technology Primer”
  • Date: April 7
  • Time: 8:00 am – 12:00 noon
  • Place: Denver Athletic Club
  • Cost: $295 (includes light breakfast, and 12 page comprehensive resource guide). Group rates available.
  • On-line registration: http://www.idiaz.org/Workshop/

Topics include:

  • How to decide which social media tools can grow your business
  • Blogging to meet your business goals
  • Optimizing social media for search engines so you are found by qualified customers
  • How social media can provide market research, generate leads, and create customer advocates of your brand
  • Time management and social media. How much, how long?
  • Where is my data? Who can see my data? – Privacy
  • Who owns my data? – Terms of use
  • Is my data safe? Who can read my e-mail? – Security/Privacy
  • Is e-commerce safe? – Security/Authentication
  • Banking and on-line purchases, accepting payments on-line

For more information on the event: www.idiaz.org/Workshop .

The workshop will be led by Lisa Diaz of iDiaz Marketing. Lisa is a Denver based social media marketing expert. Lisa has over 20 years of experience developing strategic marketing communications, direct marketing, and branding solutions for small, medium, and Fortune 500 size companies. She started iDiaz Marketing in 2009 as a marketing training company designed to help small businesses grow with the knowledge to develop cost-effective, marketing programs.

Please share this announcement with anyone you think might benefit from attending this workshop.

No comments | Trackback

Using VeriSign Digital ID Class 1 Certificates on a Mac

Back in October I recommended getting a free personal e-mail certificate from Thawte for e-mail security. Thawte stopped offering Personal Email Certificates on November 16, 2009. I decided to take up Thawte on their offer of a free one-year VeriSign Email Certificate (Digital ID Class 1). Here are some things I learned — the hard way about using a VeriSign Digital ID Class 1 on the Mac environment.
I followed the instructions on the e-mail from Thawte and downloaded my certificate from Verisign using Safari. It got loaded to my keychain and I thought I life was good. The Mail application could not find the new certificate associated with the my e-mail address.
Here is what I found out: Modern browsers have crypto tools which generate public/private key-pairs. When signing up for a certificate with an authority (as with VeriSign), their website should trigger your browser to create a key-pair and then upload the public key, which is then certified and returned to you. This certificate is in a file format called .p12.
Using Safari, the certificate I got from VeriSign was a .p7c file, which has no copy of your private key.
The only way I was able to get a proper .p12 file was using Firefox on my Mac to access the VeriSign certificate tools to renew my certificate (which essentially revokes the old one and generates a new one).
Once the certificate was installed in Firefox, I exported it to a .p12 file which I then imported into my keychain after deleting the useless certificate that had been previously imported.
Problem solved.

Back in October I recommended getting a free personal e-mail certificate from Thawte for e-mail security. Thawte stopped offering Personal Email Certificates on November 16, 2009. I decided to take up Thawte on their offer of a free one-year VeriSign Email Certificate (Digital ID Class 1). Here are some things I learned — the hard way about using a VeriSign Digital ID Class 1 on the Mac environment.

I followed the instructions on the e-mail from Thawte and downloaded my certificate from Verisign using Safari. It got loaded to my keychain and I thought I life was good. The Mail application could not find the new certificate associated with the my e-mail address.

Here is what I found out: Modern browsers have crypto tools which generate public/private key-pairs. When signing up for a certificate with an authority (as with VeriSign), their website should trigger your browser to create a key-pair and then upload the public key, which is then certified and returned to you. This certificate is in a file format called .p12.

Using Safari, the certificate I got from VeriSign was a .p7c file, which has no copy of your private key.

The only way I was able to get a proper .p12 file was using Firefox on my Mac to access the VeriSign certificate tools to renew my certificate (which essentially revokes the old one and generates a new one).

Once the certificate was installed in Firefox, I exported it to a .p12 file which I then imported into my keychain after deleting the useless certificate that had been previously imported.

Problem solved.

No comments | Trackback

Own your data!

There have been recent reports of permanent data loss for folks that kept their data on “the cloud”. As an IT professional, these are my recommendations:

Use a for-pay e-mail service that keeps your messages in a server and a local cached copy of all you data on you local PC or Mac. There are hosting companies that will manage Exchange servers on your behalf. You can connect to an Exchange server with Outlook from any PC. If you are away from your PC, you can still access your files from any web browser on any other PC or Mac with an Internet connection. For Mac users, you should look at MobileMe from Apple. Either one of those solutions allows you to have a local, cached copy of your e-mail AND your calendar and contacts. BTW, the mail, calendar, and address book applications that come with Mac’s latest OS (Snow Leopard) can talk natively to an Exchange server as well. An added bonus is that these setups will synchronize your data to your smartphone or iPhone as well.

Here is a good example of what can happen when you trust your data to a service provider: It has been reported T-Mobile just lost all data for their Sidekick smart-phone users (contacts, calendars, pictures, …).

Keep local backups, do not rely exclusively on off-site backup services. An external hard disk drive and some backup software are cheap insurance against a major disaster. Back up stuff you cannot afford to lose on CDs or DVDs and keep those off-site.

Contact me for specific recommendations.

Comments (1) | Trackback

Free Personal E-mail Certificates from Thawte to end soon

Not too long ago, I recommended getting a free personal e-mail certificate from Thawte for e-mail security. It has now come to my attention that Thawte will stop offering Personal Email Certificates on November 16, 2009. This is now posted on the Thawte web-site. According to their web-site, Thawte is offering a free one-year VeriSign Email Certificate for each active Thawte Personal Email Certificate you own as of 24 September 2009. If I remember correctly those normally go for about $20 US.

No comments | Trackback

Internet Security Sense for Mere Mortals

I was just interviewed by Lisa Diaz of iDiaz Marketing. The subject of the interview was: “Internet Security Sense for Mere Mortals”. The whole interview was conducted on-line using the “Tweeterview” service which uses the Twitter micro-blogging service. You can follow Lisa on Twitter at: @lisadiaz and you can follow me on Twitter @diazconsulting.

This was an interesting experience as each question and answer was limited to 140 characters. Here is a link to the actual transcript at tweeterview.

Here is a transcript of the interview.

LD: Hello, I’ll be interviewing Hector Diaz of Diaz Consulting.

LD: Hector will be telling us about how trust for e-commerce is established through passwords, digital certificates and encryption.

LD: He will also tell you how you can get a digital certificate to secure your e-mail.

LD: Hi Hector, can you tell us about your background?

  • I am an IT executive w/extensive experience running multiple data centers in international environments. That includes internet security.

LD: Where have you worked in the past?

  • 21 years at Hewlett-Packard/Agilent Technologies and most recently at CaridianBCT, a medical technology company.

LD: OK, so why is security important?

  • Trust is a necessary pillar for commerce and in particular electronic commerce. You have to trust the identity of the parties involved.

LD: Interesting. Any other thoughts on trust?

  • Yes, you must trust the transaction to be private, that is safe from prying eyes.

LD: Like credit card information?

  • Right, credit cards, bank account numbers, SSN numbers and other such data must be kept private and secure.

LD: How do you go about establishing trust? Can anyone do this or is it just for the big companies?

  • Basically by setting up the ability to conduct e-commerce that allows for authentication, privacy, and non-repudiation.
  • This applies to big companies, small companies, and you as an individual. I’ll explain shortly.

LD: Good! First, how do you define those terms you just used?

  • AUTHENTICATION is all about proving you are who you say you are. This applies to both vendors and customers.
  • PRIVACY has to do with keeping sensitive information (like credit card numbers) safe from prying eyes.
  • NON-REPUDIATION keeps buyers/sellers from lying about legitimately placed orders/shipments. An electronic fraud-prevention paper trail.

LD: About non-repudiation. Do you mean proving you really meant to purchase or transact?

  • Repudiate is to deny. A vendor should be protected from someone ordering goods and then refusing to pay claiming they did not place the or..

LD: OK, that helps. Thanks! so, how do you establish your identity on the web?

  • Web-sites use digital certificates to establish their on-line identities. They verify identities of individuals upon account creation.
  • Vendors buy digital certificates from companies like VeriSign. They provide a branding logo for your site.
  • Individuals “prove” their identity when they supply a password. They too can get for-pay digital certificates from VeriSign.
  • Free digital certificates are also available from companies like Thawte. They require showing an ID to a notary.

LD: I send emails and make purchases all the time. Why would you want to go through the trouble of doing that as a consumer or vendor?

  • W/ a digital certificate you can “sign” your e-mail to prove it actually came from you and was not forged (authentication, non repudia..
  • W/ a digital certificate you can encrypt your e-mail to keep it from prying eyes (privacy).
  • Modern e-mail clients like Outlook and Mac Mail allow you to use these certificates to secure your e-mail.

LD: So, if I want to send an email to someone with a password, I should consider this authentication system. Right?

  • Yes. I would use e-mail encryption to send someone a password in an e-mail.

LD: And if I’m not encrypting my e-mail, does that mean anyone can read it if they know how to hack my email?

  • In a nutshell, Yes. No hacking required. System administrators at any site your mail goes through can read your e-mail.
  • You should NEVER assume e-mail is private unless it is encrypted.

LD: So, to send encrypted emails, get that taken care of at a site called Thawte?

  • At Thawte you can get a digital certificate that will allow you to sign all your e-mails and encrypt e-mails to users who also have certs.

LD: Cool. What is the link to Thawte

  • http://www.thawte.com/

LD: Thanks. One more question about purchases. Does that mean I need a digital certificate to buy with confidence or do e-banking?

  • No, those transactions are encrypted “on the fly” Look for a small padlock or other indicator on your browser.

LD: Thanks. So, the security takeaways here are: “thawte” for emails, “security lock” or “https” for purchases and “Verisign” for vendors. Is ..

LD: ..that accurate?

  • Yes. A small clarification, I’d say encryption for e-mail. In order to encrypt, you need a digital certificate. Thawte is a source for that

LD: Thanks for clarifying. And thank you for taking the time for this Tweeterview.

LD: This digest will be posted on the iDiaz Blog at http://www.idiaz.org/Blog/?p=96 and at the Diaz Consulting Blog at http://hdiaz.org/Blog.

LD: Thank you everyone! This concludes the Tweeterview.

I was just interviewed by Lisa Diaz of iDiaz Marketing. The subject of the interview was: “Internet Security Sense for Mere Mortals”. The whole interview was conducted on-line using the “Tweeterview” service which uses the Twitter micro-blogging service. You can follow Lisa on Twitter at: @lisadiaz and you can follow me on Twitter @diazconsulting.
This was an interesting experience as each question and answer was limited to 140 characters. Here is a link to the actual transcript at tweeterview. http://www.tweeterview.com/published-tweeterview/4d544131
LD: Hello, I’ll be interviewing Hector Diaz of Diaz Consulting. Hector will be telling us about how trust for e-commerce is established through passwords, digital certificates and encryption. He will also tell you how you can get a digital certificate to secure your e-mail.
Hi Hector, can you tell us about your background?
I am an IT executive w/extensive experience running multiple data centers in international environments. That includes internet security.
LD: Where have you worked in the past?
21 years at Hewlett-Packard/Agilent Technologies and most recently at CaridianBCT, a medical technology company.
LD: OK, so why is security important?
Trust is a necessary pillar for commerce and in particular electronic commerce. You have to trust the identity of the parties involved.
LD: Interesting. Any other thoughts on trust?
Yes, you must trust the transaction to be private, that is safe from prying eyes.
LD: Like credit card information?
Right, credit cards, bank account numbers, SSN numbers and other such data must be kept private and secure.
LD: How do you go about establishing trust? Can anyone do this or is it just for the big companies?
Basically by setting up the ability to conduct e-commerce that allows for authentication, privacy, and non-repudiation.
This applies to big companies, small companies, and you as an individual. I’ll explain shortly.
LD: Good! First, how do you define those terms you just used?
AUTHENTICATION is all about proving you are who you say you are. This applies to both vendors and customers.
PRIVACY has to do with keeping sensitive information (like credit card numbers) safe from prying eyes.
NON-REPUDIATION keeps buyers/sellers from lying about legitimately placed orders/shipments. An electronic fraud-prevention paper trail.
LD: About non-repudiation. Do you mean proving you really meant to purchase or transact?
Repudiate is to deny. A vendor should be protected from someone ordering goods and then refusing to pay claiming they did not place the or..
LD: OK, that helps. Thanks! so, how do you establish your identity on the web?
Web-sites use digital certificates to establish their on-line identities. They verify identities of individuals upon account creation.
Vendors buy digital certificates from companies like VeriSign. They provide a branding logo for your site.
Individuals “prove” their identity when they supply a password. They too can get for-pay digital certificates from VeriSign.
Free digital certificates are also available from companies like Thawte. They require showing an ID to a notary.
LD: I send emails and make purchases all the time. Why would you want to go through the trouble of doing that as a consumer or vendor?
W/ a digital certificate you can “sign” your e-mail to prove it actually came from you and was not forged (authentication, non repudia..
W/ a digital certificate you can encrypt your e-mail to keep it from prying eyes (privacy).
Modern e-mail clients like Outlook and Mac Mail allow you to use these certificates to secure your e-mail.
LD: So, if I want to send an email to someone with a password, I should consider this authentication system. Right?
Yes. I would use e-mail encryption to send someone a password in an e-mail.
LD: And if I’m not encrypting my e-mail, does that mean anyone can read it if they know how to hack my email?
In a nutshell, Yes. No hacking required. System administrators at any site your mail goes through can read your e-mail.
You should NEVER assume e-mail is private unless it is encrypted.
LD: So, to send encrypted emails, get that taken care of at a site called Thawte?
At Thawte you can get a digital certificate that will allow you to sign all your e-mails and encrypt e-mails to users who also have certs.
LD: Cool. What is the link to Thawte?
http://www.thawte.com/
LD: Thanks. One more question about purchases. Does that mean I need a digital certificate to buy with confidence or do e-banking?
No, those transactions are encrypted “on the fly” Look for a small padlock or other indicator on your browser.
LD: Thanks. So, the security takeaways here are: “thawte” for emails, “security lock” or “https” for purchases and “Verisign” for vendors. Is ..
LD: ..that accurate?
Yes. A small clarification, I’d say encryption for e-mail. In order to encrypt, you need a digital certificate. Thawte is a source for that
LD: Thanks for clarifying. And thank you for taking the time for this Tweeterview.
LD: This digest will be posted on the iDiaz Blog at http://www.idiaz.org/Blog/?p=96 and at the Diaz Consulting Blog at http://hdiaz.org/Blog.
LD: Thank you everyone! This concludes the Tweeterview.
No comments | Trackback

Internet Technology Primer

Have you ever wondered:
  • Why your browser is not displaying what someone else is telling you they see on their screen?
  • Why your browser seems to stall accessing a site but instantly gets the page by hitting refresh?
  • Why are your friends getting e-mails from you you did not send.
  • Is e-commerce safe?

Don’t miss the August Denver Athletic Club’s (DAC) Web 2.0 event on August 14. Join us for an informative primer on Internet technology. This one hour session will translate the technical jargon and explain the workings of “the Web”. This is intended for people who want to make better use of the technology, either as a customer or as a provider or web-based services. Link will take you to registration details.

We will cover the following topics:

  • What is the Internet?
  • Who “owns” the Internet?
  • Who “manages” the Internet?
  • How does it work?

Hector Diaz of iDiazMarketing will speak from his 20 years of technology management experience at companies that include Hewlett-Packard, the Communications Satellite Corporation, and a Silicon Valley technology startup in the electronic design automation industry.

No comments | Trackback