This may seem like a simple post (and it is). However, this took me a while to figure out.

Renaming a View in CRM 2011 isn’t obvious. When you click on ‘Change properties’ it changes the properties of a column, not the View itself. Therefore, you would think that the ‘View properties’ would just show the column properties. Not so.

To rename a View ….

• Navigate to Settings/Customizations/Customize the system/Components/Entities
• Click on the Entity whose View you want to change
• Click on ‘Views’
• Double click on the View you want to rename
• Click on ‘View properties’.
• Rename the View as you wish and click OK.
• Click on ‘Save and Close’
• Remember to publish your changes.

I hope this helps someone.

Some Cloud services providers are finding that firms aren’t running to them at full-speed to migrate their infrastructure to the ‘new cloud world’ and for some reason, they are delaying decisions. Why might that be?

There are many articles written that suggest security and supplier stability is the biggest barrier, but I think there is another factor  to consider.

Many firms have already invested in their in-house technical infrastructure, often running a virtualised server and storage (SAN)  environment (referred to as a ‘private cloud’). These firms will need a ‘step change’ to help ‘push’ them to a cloud service.  What could a step change be?

• Current data centre runs out of space or requires significant investment. For example, air conditioning replacement, new UPS or a new fire suppression system.
• Current technical infrastructure requires a significant upgrade or replacement due to age, capacity or performance.  For example, if a firm is still operating separate physical servers with no virtualization, migrating to a cloud service would be a good opportunity to reap the benefits of virtualization.
• Premises relocation, which would require an in-house hosted data centre to be rebuilt in a new location.
• Additional premises capacity required by the business, forcing the data centre to move out of the firm’s premises to a hosted service.
• Segregated infrastructure. For example, suppose a firm only hosts and operates systems that are used in-house with no external client access. If a new requirement was to offer Internet facing services, there would be a strong argument to physically separate the different infrastructure.
• Introduction of disaster recovery services.

So that is some of the step changes that would make it the right time to consider cloud services. However, there are situations when a cloud service might be unattractive.

• When the computing capability can be sourced by simply upgrading the current infrastructure.  For example, if additional storage and processing capacity is required, it could be achieved by a relatively low incremental investment in additional disk for a current SAN and an additional virtual server host.
• When the infrastructure that would be replaced by the cloud service was purchased and not fully depreciated. For example: Let’s assume that the firm’s depreciation policy is five years, that the infrastructure cost £100,000 when purchased and has been used for two years. A financial ‘write-down’ of £60,000 would be incurred (the remaining depreciation amount). In many  companies this would be added to the project cost – making it an unattractive proposition financially.
• When the infrastructure that would be replaced by the cloud service is leased and not at the end of the lease period. As with  the previous point regarding depreciation, the remaining lease costs and sometimes an early termination penalty could be added to the project cost – making it an unattractive proposition financially.

I’m not arguing against cloud services – far from it – I am a cloud advocate.  I am suggesting some reasons why firms haven’t rushed to migrate everything to the cloud.

For some Cloud providers, the best marketing strategy could be to ensure prospective clients understand your service capability, then wait until the time is right.

With Cloud based services becoming commoditised, will the smaller players will be able to compete against the likes of Salesforce.com, ProofPoint, Microsoft’s Azure, Office365 and Amazon’s EC2 ?

Last week, we saw the launch of a new and powerful IaaS service (vCloud) from Foreshore (Jersey).  Why would you choose to host your Cloud based services with a supplier who will undoubtedly charge more than a big player such as Microsoft?  It may seem a bizarre question, so here are my thoughts on things to consider before shipping your data to a different location in order to reduce (immediate) costs.

What’s a jurisdiction?

• A jurisdiction is more than just a location. For example, knowing that your Internet transaction processing system is hosted in the USA isn’t enough – you need to know which state(s) it is in and understand the legal and tax implications of those states.
• You need to look at the legal and tax implications of all the relevant jurisdictions, including where you and your business are located, where the hosted servers physically are (including any disaster recovery facility) and also where your hosting provider’s headquarters are.

Client perception

• Where do your clients think their data physically is?
• Do your clients actually care where their data is ? For example, a Trust client may take a keen interest in data jurisdiction, whereas a client of an online shop probably takes no interest as long as their data is secure and their goods are delivered.
• How would your clients react if their data was hosted in a different location to where they thought it was?

Client agreements

• Do any of your client agreements specify the physical location or jurisdiction of their data?
• If you haven’t repapered clients recently and sought their agreement to the changes (if required), you may be bound by legacy client agreements.
• If you have ‘click-wrap’ agreements, this may be easy for you. In other words, if you have the ability to change your agreements and simply republish online for them to become effective.

Legal and regulatory

• Have you ensured that the jurisdiction you are considering for hosting has data protection, regulatory and legal standards at least as high as your current location? For example, would you want to be associated with a non-white listed OECD country by hosting your data there?
• For example, Singapore does not have one unified data protection law. Instead, it is subject to over 140 disparate and  sector epecific statutes that regulate the use and disclosure of personal data.
• Some jurisdictions could have more stringent laws than your current jurisdiction. For example, Germany currently has some of the most onerous data protection laws in Europe. This may place more demands on your organisation.
• How will you maintain compliance across multiple jurisdictions? For example, the storage and processing of payment card data.
• If the relationship between you and the hosting provider turns sour, are you comfortable with the legal process in their jurisdiction? You may need to use it.
• Does your regulatory regime require you to physically inspect the data centre used?
• Microsoft, being a USA company, have confirmed that their European data centres are subject to the USA Patriot act. Are you comfortable with this?

Tax

• Have you taken taxation advice about the jurisdictions, to determine if you will need to pay tax there? You need to think about where you are, where your company’s operations are, where your clicnts are and where you are hosting.
• If you host a transactional website in the USA, it can create a taxable presence for USA federal income tax purposes. Just storing data would not usually be deemed to be conducting business for USA tax purposes, however the activity can be treated as the conduct of business if the non-USA person stores data for the account of others or allows clients or other third parties access to the data. Click here to read an interesting document regarding the USA tax implications - it’s written for Australians but the principle is the same.
• If you are considering hosting in the USA, don’t forget that the USA has fifty states (hence it’s name!), each with it’s own laws and taxation regime. Make sure you know which state(s) your data will be in and how that state’s laws and taxation will impact you. Click here to read about the Amazon challenge on a new California tax as an example.
• If you host a transactional website in Singapore, you could be liable for Singapore tax if it is deemed that your Singapore presence is deemed a permanent establishment – ie you have a fixed place of business in Singapore and you carry-out your business activities wholly or partly through that place. You can start to see that a hosted Internet transaction website could be deemed as taxable in a jurisdiction other than where you may be located. Click here to read an interesting document regarding Singapore tax implications – it’s written for Australians but the principle is the same.
• Is there a double taxation agreement in place between your business jurisdiction and the hosting jurisdiction? You don’t want to pay tax twice !

And finally ….

The message here is that all that glitters is not necessarily the most appropriate for you and your business. An apparently low cost solution may not be the best solution for your business. If all you need is e-mail and Microsoft Office type functionality, then Office 365 could be good for you and your organisation. If you need transaction processing capability, look before you leap to an apparently lower cost supplier and different jurisdiction.

Also read this

• Clouds and data jurisdiction
• Cloud service provider due-diligence
• Real-life advice for adopting private Cloud technology

LinkedIn, ‘Facebook for business people’, changed their terms of use to allow them to use your photo and name in third-party advertising.

It’s easy to see why LinkedIn would want to do this, as it appears as if you are endorsing the advert. However, therein lies the problem, as it could appear that you are endorsing the product.

LinkedIn have introduced this feature with the ability for you to switch it off – and that’s what has caused the furore, because the default is for you to be opted-in. There is even a view that LinkedIn may have broken Dutch privacy law and European Data Protection laws by changing these privacy settings.

How do I opt out of this ‘feature’?

1. In your web browser, go to https://www.linkedin.com
2. Log-in using your e-mail address and password.
3. In the top right-hand corner of the screen, move your mouse over your name and ‘Settings’ will appear. Click on ‘Settings’.
4. On the ‘Settings’ page, click on the ‘Account’ tab (near the button left-hand side of the screen).
5. Under the ‘Privacy controls’ heading, click on ‘Manage social advertising”.
6. Un-tick the check-box that says ‘LinkedIn may use my name, photo in social advertising’.

That’s it !

Also read this ….

LinkedIn’s Privacy Slip-up Draws Legal Scrutiny [PCWorld]

There’s no denying that Cloud Computing is the latest buzzword, but is it just another way of selling outsourced services?

Firstly, some definitions….

• Outsourcing – this is the contracting out of a business function, normally one previously performed inhouse, to an external provider.
• Cloud Computing service – for this article. I am not referring to a ‘Private cloud’ hosted in a firm’s building. I am referring to a Cloud type service that is hosted outside a firm’s premises – whether that be a Public Cloud or an externally hosted Private Cloud.

There’s no getting away from the fact that if you are using a service provided by a supplier, it is either an outsourced service or very close to being so. However, a Cloud service is so much more than that.

Why would you outsource?

Outsourcing occurs for a number of reasons, typically:

• Supplier can provide a better quality of service
• Supplier can provide service for lower cost.
• The function isn’t the outsourcing company’s core focus. I.e., don’t try and be the best at everything.

Why would you use a Cloud service?

Firstly, it depends on what type of Cloud service you use. Let’s look at two examples.

IaaS (Infrastructure-as-a-Service) services include Microsoft’s Azure platform. and Jersey Telecom’s OneSource. Typical benefits include:

• Avoid upfront investing capital into hardware and software.
• Avoid building Data Centre(s) in your firm’s premises.
• Access to computing resources when your need it – e.g., you may have very spikey/seasonal traffic, such as ticket sales.
• Ability to reduce total computing power, as the multi-tenanted servers will be better utilised than the traditional model of one server=one role.

AaaS (Application-as-a-Service) services include Google Docs, Gmail, Google Calendar, Xero Accounting, Microsoft’s Cloud-based Office365 and Dynamics CRM. Typical benefits include:

• Avoid an upfront investment of capital into hardware and application software.
• Avoid installing bespoke technology for just one system and avoid training technical staff.
• Geographic coverage due to the providers coverage.

You can see from just these two short examples that there are far more benefits to be had from Cloud computing services, than the traditional outsourcing of IT services.

So, getting back to the question….

…. is Cloud Computing just another selling opportunity dreamt-up by the marketing team in a bid to repackage and sell outsourcing services?  The answer is ‘no’ – Cloud computing is far more than that.

There is no doubt that utilising Cloud services is a form of outsourcing, however Cloud computing is a paradigm shift from the traditional hosting model. Don’t dismiss Cloud computing as ‘the latest fad’ or just a ‘passing trend’. Whichever Cloud model is used, there can be many benefits derived when compared with the more traditional outsourcing of IT services.

It’s a a common occurrence – a server is needed very quickly and a virtualized environment allows for the fast deployment.  In fact, some organisations are decentralising the deployment and management of virtual servers out of the IT function and in some cases to ‘super users’.

Beware – although this may speed-up the deployment of a platform, it will come back and bite you if you don’t manage it effectively.

A virtualized server may not need its own racked hardware, power and cooling, but it needs all the other maintenance, management and TLC that physical servers need.

Deployment

Virtualized servers are much quicker to deploy that a physical, but make sure you have a process that is followed by everyone that is able to do it.  This will ensure standards are kept to such as naming, licensing, anti-virus software and updating of the inventory.

Management and control

Aside from the physical aspects, a virtual server needs just as much management as a physical server. Make sure you maintain an inventory of all virtual servers as you would with all physicals. Perform a regular reconciliation between the inventory and the actual VMs that exist.

Do not allow yourself to get into VM-sprawl, otherwise you will have a headache in trying to get on top of the situation.

Backup

It’s all too easy to roll-out a new VM and forget about backing it up. You may have a replicated SAN for your storage – but replication isn’t a backup. Make sure that arranging backups is part of the deployment process.

Patching, Anti-virus and Protection

Here’s another reason why you need to manage your virtual servers. Don’t create a VM and handover management and control to someone who won’t keep it up to date with software updates (WSUS if Microsoft), anti-virus, application software patches etc.

If you don’t ensure VMs are patched, they will rapidly become a significant gap in your infrastructure security and protection.

Licensing

Don’t get caught out by software licensing. If you are only running open source software you may be covered, but you will find that other licensable product licence terms sometimes don’t fit well with a virtualized world.

Microsoft’s Data Centre licence, although expensive, is a method of ‘buying your way out of a problem’, as it allows you to run multiple instances of their Server operating systems on a virtualized server.  Take specialist licensing advice to ensure you understand how you need to be licence with regard to the number of processors and multiple physical VM hosts.

Don’t forget other software that is installed on the server. Even though a non-IT member may have installed it, you may be responsible for licensing in your firm.

Also, make sure you understand the licensing implications of software on a VM that is copied ‘for testing’ or for ‘safe keeping’. Different software vendors have very different views and many software contracts were written before the days of VMs.

And finally ….

Don’t get me wrong – I am fully supportive of virtualized environments. The message here is to manage them as thoroughly as if they were physicals. A virtual server that isn’t managed properly could become a chink in your security armour or a legal liability if not licensed.

Manage those VMs !

At the time of writing this, RSA are being very cagey about their communication into the public domain. Some commentators fear the issue is worse than RSA are letting on.  Information released so far from RSA confirms there was an issue, but then lists the basic security safeguards that clients should have in place anyway. This is leading people to speculate that sensitive information has been stolen – if that is the case, it can weaken the effectiveness of the SecurID token.

Background

• Typically, Internet based systems such as Internet banking use RSA’s SecurID as one of several layers of security.
• With SecurID, the client/user has their own (personal) PIN that they use in conjunction with the auto-generated number on the SecurID token.
• If, as some are speculating, SecurID token serial numbers and seeds have been stolen, it would mean that a hacker could potentially simulate a client’s SecurID token without having the physical token in their possession.  Therefore the hacker would only need to obtain the user’s PIN in order to gain access.
• RSA have an estimated 40 million SecurID customers.

What should you do now?

• Firstly, don’t panic.
• If a client/user of a SecurID device calls and wants their token PIN reset, make sure you can positively identify them.
• Keep a log of all calls and PIN changes.
• Make sure there is a written procedure in place that describes how you positively identify someone and how you reset their PIN.
• Make sure that all staff follow the procedure !
• Monitor your network and your SecurID infrastructure. Look for unusual patterns in usage and traffic.
• Monitor your SecurID infrastructure and produce reports to show failed authorisation attempts, SecurID token lockouts and activity out of usual hours.
• Ensure your client/user records and SecurID records are kept secure.
• Ensure you don’t send SecurID token to clients/users in an active state.
• Do not use the SecurID feature to allow a PIN to be auto-reset after a number of failed attempts.

Positively identifying someone on the telephone

• Call the client/user back on a pre-agreed telephone number.
• Set-up specific secret phrases or key challenge/responses between you (the provider) and your client/user. This could be set questions/answers or questions about recent account activity.
• Do not accept an email request – emails are very easily spoofed to look as if they have been sent from someone else.
• Do not rely on the sound of the callers voice.

What do I do if my SecurID service is provided for me?

• Firstly, ask your provider why they haven’t already advised you of the potential risk to your business !
• Ask them what monitoring they are performing on SecurID usage and unusual activity. Ask for copies of these reports so that you can evidence them.
• Ask your supplier to keep you informed of any developments.

What should I tell my client/user

• Remind them of the importance of not divulging their PIN.
• Supply written instructions of what to do if they lose their SecurdID token and/or PIN.
• Remind them of the importance of not divulging personal information on social media sites such as Facebook.
• Reassure them that your systems have not been compromised and that their data is safe.

What is a key-logger?

A key-logger is a small device that connects in-line to a keyboard connected via USB or PS2 style plug. It is small and looks like a ‘fat’ adaptor.

These are small hardware devices that work with no installed software – unlike the software key-loggers that are either installed by virus/malware or yourself to typically monitor your children.

It contains memory that records all the keystrokes of a keyboard – that includes your user name, password and any other details you type. Just imagine all your details being recorded when you logon to your Internet banking website.

The device can be removed later when you are not near the PC and all the captured key strokes displayed.

.

Are they really a risk ?

Most definitely ! Click here for a news story of how they were used in a public library in Manchester UK.

In 2005, Sumitomo Bank in London had multiple hardware key-loggers installed by cleaning staff. The attackers attempted to steal GBP£220m. Read here for further details.

.

Here’s the bad news

• They can be easily concealed at the back of a PC.
• They look like a standard USB or PS2 adaptor.
• They avoid detection by software – this includes ‘end-point security’ type software.
• They don’t leave any trace of their activity.
• Even if you have a Citrix/Thin client environment, they still work.
• They will record all keystrokes made on the keyboard and replay them on demand later.
• Even if you restrict USB devices with storage capability, a USB key-logger will still function because it is independent of the PC.
• As long as the keyboard is connected by a USB or PS2 style connector, the key strokes will be picked-up for any operating system running on the PC, Mac or Unix/Linux device.
• Key-loggers are relatively inexpensive (from around £20) and are readily available.
• There are now wireless versions available.

.

What can you do?

How to avoid being recorded by a key-logger

• Firstly, check your PC yourself every time you use it. A quick look at where your keyboard is plugged in – make sure the keyboard lead is plugged directly into a port on the PC.
• If your PC is in a public place or isn’t yours (for example, in a library or Internet cafe – always check it first.
• Use an on-screen keyboard for entering sensitive data such as your user name and password. The on-screen keyboard uses a mouse to select characters instead of the keyboard.
• Use a one-time password device such as SecurID. This means that even if the password is recorded when you enter it, it will have changed on next use, rendering the recording of no value.

How to prevent key-loggers being used?

• Have a regular visual check of all PC type devices. This won’t necessarily find a key-logger if it is connected and removed between checks, but it is still well worth doing.
• Educate staff to be vigilant and perform their own visual checks.
• USB key-loggers tend to show on a PC as a generic USB hub – sometimes a Texas Instruments one. It would be possible to monitor for such changes, but there is no guarantee that all key-loggers will behave in such a way. If you are still using PS2 attached devices, this won’t help you either.

What do I do if I find a key-logger

One option is to set-up a ‘sting’. The key-logger device needs to be retrieved in order to be read. Therefore, keep watch or set-up a webcam to wait and watch for the device to be retrieved.

.

And finally….

Hardware key-loggers are a real risk to you and the business you work for. Be vigilant.

Application-as-a-service (AaaS)

This is typically a specific and often specialised business system that is delivered over the Internet to a user, typically accessing the application through a browser. While many people associate Application-as-a-service with ‘vertical’ enterprise applications such as Salesforce, office automation applications are also Applications-as-a-service, such as Google Docs, Gmail, Google Calendar and Microsoft’s Cloud-based Office365 or Dynamics CRM.

Also read this article.

Data as a service

It could be argued that this service has been with us for some time now – for example Interactive Data’s pricing services.  Data/Information-as-a-service provides data on-demand using well defined interfaces such as an API.

Data-as-a-service is typically provided to a company by an external service provider. However, large corporations can benefit from scales of economy by aggregating data and disseminating it within it’s ‘child’ companies.

There are two types of Data-as-a-Service; private data and public data.

• Private data is typically paid-for access to valuable data that isn’t readily available in the public domain. Examples include live stock price information, address and post code/zip code validation, and credit reporting. This type of service is not new and has been provided for years by companies such as Interactive Data.
• Public data is a newer service and is typically formatted data in the public domain. For example, the Google Public Data Explorer allows you to incorporate demographic data with your company’s sales figures to perform powerful statistical analysis.

Data Centre-as-a-service

Refer to Infrastructure-as-a-service.

Database-as-a-service

This provides the ability to use the services of a remotely hosted database, sharing it with other users, and having it logically function as if the database were local. Different providers have different models, but the advantage of this service is to be able to use database technology that would typically be a significant cost in hardware and software licenses if hosted in-house.

Desktop-as-a-service (DaaS)

Also referred to as ‘virtualized desktops’. A large cost for firms is the purchase, deployment and subsequent management of desktop PC devices – especially in remote offices. Desktop-as-a-service can help alleviate these costs and headaches, by offering a virtualized desktop that runs ‘in the Cloud’.

There are operational considerations, such as the fact that the users need physical devices to access the Cloud-delivered desktop. However, these can be low-cost, low-maintenance locked-down thin clients.

Also read this article.

Governance-as-a-service

Refer to Management-as-a-service.

Hardware-as-a-Service

This term seems to have faded out of use now. It referred to the ability for companies to avoid purchasing hardware when they could ‘rent’ services from cloud platforms such as Amazon’s EC2.

Identity-Management-as-a-service (IMaaS)

This is an area that has the potential to grow significantly. It covers the identification of users and ensuring they receive only the access levels that they should have. That sounds easy, but how do you know that a remote user is really who they say they are?

This service  provides access control and audit capability for multiple SaaS, Public Clouds and Private Clouds, whilst at the same time giving users the benefit of single-sign-on (SSO).

An example of a service in this area is Symplified.

Information-as-a-service

Refer to Data-as-a-service.

Infrastructure-as-a-service (IaaS)

This is also referred to as Data Centre-as-a-service, this is the ability to remotely access computing resources. In essence, you lease a physical server that’s yours to do with as you will, and for all practical purposes it is your data centre, or at least part of a data centre. The difference with this approach versus more mainstream cloud computing is that instead of using an interface and a metered service, you’re getting access to the entire machine and the software on that machine.

In short, it’s less a packaged solution and more akin to ‘traditional’  hosting.

Also read this article.

Management-as-a-service and Governance-as-a-service

This is an on-demand service from a Cloud service provider that allows the management of one or more Cloud services.  Typically, these are simple things such as systems topology, resource utilisation, virtualization management and up-time management.

management/governance systems are now becoming available, such as the ability to enforce defined policies on data and services and report on SLA and service metric compliance.

Platform-as-a-service (PaaS)

This is a complete platform that is delivered through a remotely hosted (Cloud) platform to subscribers. It can include application development, interface development, database development, storage and testing.  It is based on the traditional timesharing model and modern Cloud Platform-as-service providers provide the ability to create enterprise-class applications for use locally or on-demand for a subscription price or free that is typically less than hosting it in-house yourself. An example of this is Microsoft’s Azure platform.

Also read this article.

Process-as-a-service

This refers to a remote resource that can aggregate many resources together, such as services and data, whether hosted within the same cloud computing resource or from separate providers, to create business processes.

You can think of a business process as a Meta application that spans different systems, leveraging key services and information that are combined into the correct business sequence to form a process. These processes are usually easier to change than applications, and thus provide agility to those who use these process engines that are delivered on-demand.

Security-as-a-service

As the incidence of viruses, malware, attacks and email phishing increases day-by-day, the job for the IT team to protect a firm gets more and more complex. Security-as-a-service is starting to become an attractive proposition, as it’s a method of outsourcing a headache for management by experts.

For this to work, all Internet connectivity for the firm needs to be routed through the service provider. Failure to do this could result in an unmanaged ‘unlocked back door’ into your firm.

Examples of Security-as-a-Service providers are McAfee, Zscaler and Symantec’s MessageLabs who have been providing this service for some years.  Click here for a high-level review of service offerings.

Software-as-a-service (SaaS)

Refer to Application-as-a-service.

Also read this article.

Storage-as-a-service

Also known as ‘storage on demand’ or ‘disk space on demand’.

This is the ability to use storage that physically exists at the remote Cloud service provider but logically appears as local storage resource to any application that requires storage. Apple’s MobileMe iDisk service is an example of Storage-as-a-service..

Testing-as-a-service

This is a service that allows the testing of local or Cloud-delivered systems using testing software and services that are remotely hosted by the Cloud services provider. Note that while a Cloud service requires testing itself, Testing-as-a-service services can test other Cloud applications, Web sites and even internal enterprise systems.  They do not require a capital investment  in hardware or software within the enterprise, for something that may only be used for a limited period of time.

What I like about the Kindle

• At 241 grams, the Kindle is lighter than most paperback books. This is really important when travelling with airline weight allowances. Amazon claim that it will store upto 3500 books.
• I get a lot of PDF documents at work – technical datasheets, overviews etc. I can send them to my @free.kindle.com address and then read them on the Kindle. This saves having to print them out to read them later.

Make sure you use the @free.kindle address and not the @kindle one – otherwise you get charged a 3G usage fee. You can always transfer documents direct via USB but they won’t be converted to the Kindle format.

• The built in dictionary is great. Position the cursor at the start of the word and the dictionary tells you the definition of the word. At the touch of a key a more detailed explanation is available.
• If the dictionary isn’t enough information for you, you can search Wikipedia. This is really helpful for research but remember you need an Internet connection for this.
• It has a basic web browser – but you may be charged for 3G traffic. It is slow and clunky but does the job.
• You can have an American female or male voice read text to you. It’s a bit robotic but quite listenable.
• At a cost you can subscribe to newspapers, magazines and blogs. You can read this BLOG on the Kindle – click here !
• You can download free ‘classic’ books from Amazon and other places – and some very low cost ones.
• You can download free sample chapters from Kindle books – some of these have had the info I needed in which saved me buying the book !
• Battery life is very good – Amazon claim a one month battery life if you turn off wireless. I am getting less than a week with wireless switched on.
• The E-Ink screen is very readable. It isn’t backlit, but then neither is a paper book. You will get used to the screen being ‘always on’ – even in screen saver mode. The E-Ink technology only uses power to change the screen image, not to keep it displayed.
• You can annotate books and documents and share the annotations with others.
• The PC/MAC/iPhone/Android versions all synchronise with you Kindle account, meaning you can read your Kindle books on other devices. I can’t read my newspaper subscription on the PC version – only on the Kindle itself.
• It looks smart !

What you need to know

There aren’t any show-stoppers for me. However ….

• The PDF and MS Word to Kindle conversion is a bit iffy – but good enough to read.
• You can download MP3s to it and play them as background music. However, the quality isn’t awesome and you can’t change the tone so it won’t replace an iPod type device.
• You can’t upgrade the memory so more music means less books.
• It doesn’t come with a case. To protect it, I got the Amazon black leather one (without a light). It looks great – and so it should at the cost. The case folds back for one hand holding.
• There’s a slight pause and flicker when turning pages. It doesn’t bother me but other people have moaned about it.
• You can create folders to file your books in, but you can’t have sub-folders. Sounds daft but when you get a lot of books and documents on it and want to create more 9 folders, you can’t see new additions and updates without going to the second page.
• Amazon have released a larger version (9.7″ instead of the 6″) in the USA – have a look at Amazon.com

Summary

If you want a colour device to browse the web, but a tablet device. If you want a small and very portable device to read books and documents then the Kindle is better.

I think the test is if I lost it, would I replace it? The answer is a definite yes!