Thank you for responding to my blog post Alex! I believe that you have missed the point of my rant — but you have given me a little insight into your goals and attitude.
You do not need to take my advice that your registration form is poorly written and your PFO letter extremely confusing. You can also gloss over my question as to whether Identity Management is even on your team’s radar as a valid subsection of Information Security. If all you want is massive quantities of copy going into your registration processes with an expectation of massive quantity of copy coming out the other end, you can stick with your mathematical formulas, page ranks, and technorati rankings.
If however, you grok the idea that sometimes, one person talking to 100 people can mean more than a broadcast blogger talking to to hundreds of thousands, maybe you’ll understand why I think your formulas are wrong. In my mind, bloggers are not just about publicity. The are about starting and continuing conversations, of all sizes and all impacts, with insights unique to their community. If you want to properly use bloggers in your conferences, you can’t look for the cost centers. You need to look for the hearts.
At least, that’s my belief. I’m sure you won’t take my word for it; perhaps you’ll find someone who matches your strict journalistic standards who thinks so too.
Thanks,
Pamela
Alex’s comment is printed below, dear readers, so you can see what I’m replying to.
Pamela,
I’m Alex Kirschner and I wanted to respond to your post about RSA Conference. In registering the 300+ media that attend RSA Conference over the years, we have put a standard process in place that encompasses bloggers, traditional media journalists and industry analysts. Anyone receiving a press pass must be able to demonstrate that they are being read by an audience invested in information security. Because we are making a significant dollar investment in each press person who attends, we are committed to reviewing each request with equal scrutiny to ensure those receiving a pass meet our strict journalistic standards.
Therefore, bloggers that are registered as press must meet the same criteria as traditional media. If an IDG publication is responsible for several stories a day while attending RSA Conference, we expect our bloggers to have the capacity and editorial focus to do the same or similar. As a blogger, the direct link you provide the press registration team will in fact be reviewed for its information security content and frequency of posting. We also use additional information, such as Technorati ratings, number of hits/page views and comment history to verify the credibility of the blog.
In reviewing your blog, we did not see enough posts regarding information security, a high enough number of comments, track backs or page views that would have qualified you for a press pass.
Please let me know if you have any further questions regarding our registration process.
Thanks for your analysis of my blog post on RSA James – I have the greatest respect for all of the things you do in this community, and for your work with OWASP!
That being said, in this case I’m going to have to go right ahead and quote Marge Gundersen on you: I’m not sure I agree with you a hundred percent on your police work, there, Lou.
Everything you said in your analysis was correct. Yes, conference pass revenues are tiny next to vendor booth revenues. Yes, the conference makes the same amount of money regardless of whether the sessions are brilliant or they show the same rerun of the Muppet Show in every room.
It is absolutely true that fiscally speaking the conferences are all about the vendors and the movers and shakers. Except that the only thing that can ATTRACT the vendors and the movers and shakers is the plentiful plankton in this economy: the attendees.
Most attendees don’t get to expense airfare to San Francisco just to walk the expo floor. They aren’t chosen from their department to attend parties. They don’t know the phone numbers of all the “right people” to text them and get them to meet at the Thirsty Bear for a drink.
The attendees are the ones that care whether they can go home to their managers and say that they professionally benefitted from the week. They are the ones whose interest convinces the vendor to spend money on a booth next year. They are the ones who have the problems that all of us really want to help to solve. And when they can’t find solutions to their problems at RSA, they will simply stay home next year, and the entire value proposition will collapse.
Until you I read your piece James, it hadn’t occured to me what price I paid for staying off the conference floor – I did not meet any attendees. What a price to pay, but what a price for RSA too. Perhaps not in an immediate, punch in the wallet way, but instead, in a slow, painfully diseased way. When the plankton are gone, the whales move on. So I strongly suggest that the best way to keep the plankton around is to value the quality of the sessions, find ways to keep people who are engaged in the quality of the content inside the building, and to do whatever it takes to ensure that even someone who did not walk the expo floor or go to a single party can still take a positive story home to their bosses.
Every time I attend an RSA conference (or any other conference for that matter) I write up an analysis of the conference, mentioning what I liked and did not like, what I found effective, what I found inspirational, what events were exciting in the Identity community, and what learnings I took away from the experience.
You won’t like the learnings I took away this time.
I didn’t purchase a conference pass — frankly, I couldn’t, I have just started a new business, and the fiscal reality involved in that activity forced me to be thrifty. I thought that perhaps, I could bridge this gap in my ability to be a paying member by applying for a blogger pass – after all, I have been blogging for a long time, and while I’m not exactly engadget-prolific, I think that my contribution is enough that the idea wouldn’t make anyone in the Identity community laugh out loud.
Let me be blunt: Your press registration workflow is a DISGRACE. You should be ashamed. You provided a single input box asking me to link to my most recent piece of writing, and then forced me to click on a radio button identifying me as a blogger (one of six generic types). Within the text associated with that radio button, you informed me that I needed to have posted a minimum of 2 security articles a week for the last 3 months.
First of all, somebody ought to pull you aside and point out that not every track you offer is about security anymore. Second, if you ask ANY BLOGGER to provide a single link to the most recent thing they have written, they will send you to the front page of their blog. What else would they do?
As such, I was pretty surprised to receive the email I did (shown at the end of this post in its entirety). My favorite part was the part that said:
PLEASE NOTE: You have been asked to provide a direct link to your latest written article or report. The press team will not search a Website for your article and publication home pages will not be accepted.
So. Let’s get this straight, shall we? You have rejected my blog URL without ever visiting it, but expect me to produce a single URL which will allow you to determine that I have written 2 blog posts a week for the last 3 months. About security only. Without searching the website.
Right. How could I have presumed to inconvenience the team so? Obviously I was barking up an empty tree. I registered for an expo pass and shrugged it off.
Here is the part that you really won’t like however, and it is the true reason I’m writing this. Obviously you have the right to choose who you waive fees for at this conference. Being on the outside, however, taught me that while the tracks were inside, the PEOPLE weren’t always, and that in fact by ditching any illusory pretension to education, taking advantage of the Concordia workshop for which entrance only required an expo pass, walking the expo floor, and attending the parties, I didn’t miss the expensive & time-consuming sessions.
I hope I don’t have to go into much further detail to have you guess just how dangerous my conclusions are for your organization. I am usually the most avid attendee at these things, asking a lot of questions and generally participating enthusiastically (ask anyone). I have to say that the chances of that happening in the future at this conference has lessened dramatically. I’m sure this doesn’t have you crying in your cheerios at the thought of the loss; but I suggest you examine the trend it represents; it is why you want the movers and the shakers *inside* the conference hall, not outside, as often as possible.
“Always wear clean underwear in case you get in an accident”
It’s good advice, really. The goal is to have a little foresight, and plan in advance such that you can retain your dignity in the case of an unforeseen event. It used to be that the worst indignity that your Mom could imagine was having the doctors and nurses see you in dirty holey underwear, but what is the bare minimum in dignity preservation today?
I realized what the modern equivalent was while watching the news. Somebody had been killed in my hometown, and the news program gravely displayed a picture of a smiling, happy face captioned with the following words: “Image courtesy Facebook”.
In the case where your ‘accident’ is notorious enough to be newsworthy, but not so notorious that the Facebook admins immediately take down your account, your easily searchable social media photostream is likely to supply the images that everyone will associate with whatever it is that you’ve done (or ceased to do) forever more. As such, I think that it is time for Moms everywhere to update their adage:
“Always keep one clean photo on Facebook in case you get in an accident”
After all, do you really want the last image of you to be shown or surfed on this planet to be that one time when you were really drunk and your buddy took pictures of you with beer coming out of your nose as you tried to drink from that stupid beer bong? Or worse, your photo album was empty, but somebody else took a group photo and tagged all the names (including you), and it turned out you were “scratching” your nose just when the picture was taken? Imagine that group photo on the news, with everyone else greyed out, and your nose-pick in bas-relief.
Of course, you could also say that the original advice is more true than ever; perhaps the two could be combined to say that you should always wear clean underwear in case you get a picture put onto facebook that gets shown if you have an accident. Laugh if you want, but take a look at your photo album and ask yourself which facebook photo of yours would you want shown in the case of your untimely demise? If there isn’t one, perhaps you need to show a little foresight, just like your Mama would want.
You’ve already heard my thoughts on the value proposition for conferences like TEC 2009 – but I didn’t get into details of the conference itself. Each of the tracks had a different feel – Directory Services was very mature, with most people in the audience having up close and personal experience with some form of the technology. Federated Identity consisted of more forward-looking content, and therefore the relationship between the audience was more theoretically founded. The ILM track was by far the most complex audience-presenter relationship. Some folks were diehard MIIS-era folks with already existing deployments. Others were new to the technology and looking to learn prior to the release of ILM2.
When the news broke that ILM2 was no longer expected to go live in 2009 there was a lot of disappointment, but I think that the backlash was much more muted at TEC than it would have been had the news come out at any other time, because the attendees couldn’t help but see that the most disappointed of anyone was the ILM team themselves; at the same time you could also see that in spite of their eagerness to RTM the product, they felt it was the right thing to do to hold off. Everybody was wearing their personal investment on their sleeve – the program team, the vendors whose dependent release dates were affected, and the customers who had rollout dreams for 2009. The ecosystem can’t be any more rawly exposed than this – yet the spirit of learning in the sessions stayed positive.
I did a session called the “Survivalist’s Guide to Identity Management”, which went really well I think – there was a lot of spirited discussion at the end, which is always my metric for whether the topic was interesting. I think this was my most popular slide:
Can you guess what #1 was? Ah, but that is the topic of another post :)
I think the best session that I attended was put on by Patrick Harding from Ping Identity. His presentation was an excellent big picture summary of federation as seen through the perspective of the different players – what the trends are, and also which trends had big red flags associated from various perspectives. His big picture encompassed federated provisioning too – something I believe that more people need to start paying attention to, and fast. For a first time TEC presenter, I think he definitely fell right into the spirit of TEC – digging to the heart of the overall problem with the belief that truth begets loyalty 100% more reliably than marketing shlack.
Lastly, I can’t finish a TEC wrap-up without talking about the Wook Lee Pro/Am Memorial Challenge – last year was a visual challenge – this year, the challenge was auditory. We chose to accept the challenge from Stuart Kwan to communicate the attendees’ top 10 feature requests for the next version of the federated identity suite – through the medium of an Elvis song.
Two days and a few alcoholic beverages later, we were ready – and the Quest multimedia gurus were there to make sure we could never ever live this down. Just remember – these are all highly respected members of the tech community – make fun of us too much and your implementations might mysteriously develop problems :) We had a blast putting this together, and we hope you all enjoy this in the same spirit as we did.
I have great memories of sgi. With their purchase today by Rackable, the company may be gone, but my fondness will always remain. I worked for Silicon Graphics while earning my computer science degree, slinging demo boxes and configuring memory & graphics boards for the Systems Engineers. When I got there, I was as green as it gets; I will never forget the time I put a non-functioning $50,000 graphics board in to a machine and everybody told me it was going to come out of my pay — they had me going, I was sweating bullets :) .
The environment at the time was electric – people were having a fantastic time selling and supporting a brilliant product. Times were good, and although I was around to see things begin to slide, I’ll never forget what it was like to be part of that team of people at the height of success.
My only real physical memento from that time is a screwdriver or two from the SGI graphics board upgrade kits. That silly little screwdriver makes me smile anytime I have the occasion to put it to use.
So Adios SGI. You were a shining star at a time of my life when such things could make lifelong impressions.
