Back again

After somewhat of a hiatus and much soul searching I’ve decided to resume writing on this blog. As I get older, more mature (debate able) and more experienced I have been itching to get writing again.

My business, having gone through its fair share of ups and downs, is now safely in growth mode. It is my responsibility to ensure that the business remains focused, which includes reviewing my own ambitions and assessing where my strengths lie.

We live in increasingly interesting times. In terms of information technology it seems innovation, new use cases and new ideas are constantly appearing and evolving. I watch with fascination as the world around me is constantly changing.

This blog was always meant to be educational as well as fun. It was also a personal soap box for my various rants and idle observations. It occurs to me that I shouldn’t kick the opportunity and habit of writing, as I believe my contributions can be useful and in many ways valuable.

I will try to focus and raise the bar on quality – more thoughtful and intelligent debate. In the meanwhile I just need to rekindle the desire to write. This is day one.

Setting users’ Home page to a HTTPS page

I’ve been working a fair bit on setting users’ homepages within business recently. First temptation was to point directly to the secure Extranet page, but more recently I’ve come to the conclusion this is a bad idea:

– For security reasons you probably want authentication on this page … even the basic authentication dialogue box takes a little while to load on slower systems. If the user wanted to do something else (normally go to Google…) this is nothing but an annoying interruption.

– Secure pages take longer to load than insecure pages. Any startup delay is simply irritating.

– The user may be in a non-private location or presenting something where displaying sensitive Intranet information is unwanted and could potentially be damaging to the business.

– Public wireless networks often redirect users to a sign-in portal. When this redirection occurs with HTTPS pages the user is often presented with a nasty and concerning security warning as the redirection system cannot interfere with HTTPS pages.

Thus, if setting users’ homepages I now prefer to create a non-secure landing page with basic tools such as Google search box and links to useful sites (including Intranet and webmail – these are, after all, secured resources)

By the way, if you’re using cookie-based authentication on your Intranet/Extranet don’t forget to ensure your cookies are set to be. secure. That way, they won’t leak on to an insecure network.