Nathanael Boehm has provided more details on what may be the first official joint Commonwealth/State/Territory government blog in Australia.
In Government Blog: blog.training.gov.au, he talks about the purpose behind the site and how it was constructed, using opensource technologies to deliver a fast, cheap and secure solution.
This achievement is a great example of how a great deal of value can be delivered within government without the need to invest in high-cost and complicated infrastructure.
Friday, July 11, 2008
Probably the first official Australian Commonwealth and State government Blog: blog.training.gov.au | Tweet |
Participate in the World Usability Challenge - 1 August 2008 | Tweet |
This is a very worthwhile event with a simple theme.
As described on its website, what you need to do on 1 August 2008 is:
Will you be participating in the World Usability Challenge?
- Find a usability problem - it could be a poorly designed toaster, a confusing or redundant letter from your bank, or even a problem with your experience boarding, flying and disembarking an aeroplane.
- Design a solution - solve the usability problem, and write your solution down, sketch it up or (if you're feeling particularly keen) make a quick prototype of the improved product/service.
- Share it with a person who can solve the problem by implementing your solution - write to the toaster designer, call your bank manager, or talk to a stewardess. Hand him/her your idea. Encourage them to implement it. Be persuasive! and don't forget to post what you've done on the Google Group or the Facebook group.
Web browser security - what is an agency's duty of care to customers? | Tweet |
Google recently released a report on web browser security, conducted in June 2008, which found that more than 630 million internet users were not using the most secure version of their chosen web browser.
Mainly this reflected Internet Explorer use - 577 million users were not using the most secure version of the browser - largely represented by those using Internet Explorer 6 (rather than upgrading to IE7, which was released in October 2006).
My agency also still uses Internet Explorer 6 as our default web browser.
Fortunately, as a large organisation. we do not rely on our web browser to provide network security. Our IT professionals employ a series of firewalls and other safeguards to mitigate the risks in using an older and more vulnerable browser.
However the majority of our customers do not have access to this level of IT skills and resources.
Home users either do not use firewalls, or rely on either the basic Windows firewall or one that came with their modem. Sometimes there isn't a robust anti-virus product in use either.
Based on our website statistics, about 27% of visitors still use Internet Explorer 6 and another 3-4% use old versions of other web browsers.
This means that more than 30% of our website users are more vulnerable to security risks than they need to be.
My question is, what is our agency's duty of care towards these people - 0ur customers?
I've identified the following options.
- No duty of care - it's a jungle out there, our job is to deliver government services not take on responsibility for the web browser choice of our customers.
- Warn - we should actively let people know that they should use the most current version of their web browser to protect their own security, but take no action to enforce the use of current browsers.
- Warn and inform - we should both actively warn people and show them visibly when they are not using the most secure version of a web browser, with a path to upgrade if they choose.
- Warn, show and take action - we should first warn and then block anyone not using the most secure browser versions, forcing our customers to upgrade.
Which is the best option?
I tend to disregard the first option - doing nothing is a poor solution when customer security is at risk.
The last option, take action, is a dangerous path to walk. For customers accessing our sites from within corporate environments there is generally no option to upgrade their browser. Forcing an upgrade would simply stop the sites being usable for these people - including our own staff (who use IE6).
We currently apply the second option - telling people they should use the most secure web browser, but stopping short of telling them whether they are using the most secure version. The shortcoming here is that many people do not know how to check if their web browser is the most current version, so may place themselves at risk unknowingly.
The third option - warn and inform
The report from Google recommends the third option - both warning the customer about the risk and telling them whether they are using the most secure version - with a path to upgrade if needed.
This approach is the most satisfying for me. It covers the duty of care I feel our agency has and supports customers who are not technically literate.
Which approach does your organisation take, and why?
Thursday, July 10, 2008
US campaign to allow congressmen to use social media launches | Tweet |
Following from my post yesterday regarding the US senate debate over the use of social media by congressmen, several congressmen have launched a campaign to remove restrictions on internet use by the US congress.
The campaign is entitled Let Our Congress Tweet and, as you'd expect, makes extensive use of social media to put across its views.
How do you judge if a government intranet is a success? | Tweet |
I regularly struggle with how to best evaluate the success of my agency's intranet.
In generaly there are six different sets of metrics I use, grouped into 'hard' and 'soft' as follows:
Hard (numerical)
- Statistics - traffic (visits/pageviews),
- Content (age/timeliness/findability),
Soft (subjective)
- Design - usability/accessibility/attraction (task completion, screen reading),
- Development - standards (code validation)
- User satisfaction (what do staff, contributors and managers tell us formally?),
- Word-of-mouth (what do staff, contributors and managers say informally?)
Overall I'm happy with our intranet's performance.
However I don't have a consolidated measure that combines these measures into a single number I can track over time as an Intranet Success Index.
How do you go about rating your intranet's success?