Another security hole worth plugging

There’s no pretty way to tell you this: Today’s topic is your fax machine.

Still with me? . . . Nice to know you have faith in my judgment.

Fax machines are the Rodney Dangerfield of office technology for good reason: Many of us rarely use them any more; many of us find them maddening when we do use them; and many of us who cover IT for a living would rather write about wastebaskets than fax.

Nevertheless, I find myself drawn to the story being told by a start-up called Link2it, which recently began shipping an appliance that promises to plug one of the business world’s most pesky security/privacy holes: yes, the fax.

“The most obvious security hole is one that everybody just assumes there is nothing you can do about,” says Larry Heimendinger, Link2it’s chairman. “I just don’t know if the people who run businesses fully understand how vulnerable the information in their business is when they have fax machines around. Everybody just trusts in the good graces of their employees.”

He illustrates his point with an anecdote about a bank that was testing his company’s appliance – without informing bank employees – and discovered that a previously trusted manager was sending and receiving faxes on a regular basis that to the untrained eye appeared written in code. The bank was sufficiently alarmed to confront the fellow, who immediately copped to using the fax machine to play long-distance chess. He told his interrogators: “I figured you’d catch me if I used e-mail, but thought I was completely safe using the fax machine.”

Little imagination is needed to envision a more serious breach, especially in this day of heightened federal regulation of privacy and security practices.

Link2it’s appliance, Fax2it (size: 13.4 by 10.8 by 2.4 inches), hangs off any fax machine and is attached to your network. It takes incoming and outgoing faxes and creates e-mail attachments of them that are then sent to dedicated inboxes. You need one appliance per machine, and at about a grand apiece they are not inexpensive – although Heimendinger argues they’re less costly than buying and running fax servers.

Fax2it won’t stop anyone from faxing anything, but it does create a repository of copies that will be easily searchable with software that Link2it has coming in the fall, Heimendinger says. It also will disavow employees – chess players and the more nefarious alike – of any notion that the fax is an unmonitored channel.

A number of issues promise to create rough sledding for Link2it: simple inertia on the part of customers, that price tag and the fact that privacy regulations such as HIPAA do not explicitly cover fax.

That could change in a heartbeat, though, the first time a company loses a lawsuit because it didn’t close this particular barn door.

It’s still chump change to George Steinbrenner

Here’s a classic good news, more good news, bad news story for those of us who have a vested interest in seeing paid online content become something more than a dream for publishers.

According to Media Metrix, about 51 million people – fully one-third of all Internet users – visited a sports-related site in January. Outstanding news if you run ESPN.com or the like.

The second bit of good news for content providers is that those visitors shelled out 300% more last year to access such sites than they did in 2001.

Now the bad news: Total spending on sports site content in 2002 was a pathetic $30.3 million, or roughly one-fifth of the New York Yankees payroll.

Care to comment? E-mail is preferable to fax. The address is buzz@nww.com.