Outlining enforcement rules and penalty for organizations, the proposed framework seeks to protect consumers' personal data through regulating the collection, use, disclosure, transfer and security of such data.

The data protection bill, however, excludes the public sector. As ZDNet Asia blogger and Singapore lawyer, Bryan Tan, points out, an "eye-catching point" is that government use of consumer information isn't covered in the proposed law. The government's rationale for this is that public sector rules already offer similar levels of protection for personal data as the proposed data protection bill.

I wonder, however, if these "rules" also outline measures citizens can take should the government leak, as a result of weak IT security systems or practices, confidential personal data it collected.

I wonder also if these public sector rules apply to affiliated government agencies and their subsidiaries that may, or may not be strictly involved in national policies and related matters. And that's the question returning Tech Podium guest blogger, Ngiam Shih Tung, asks in his post today.

An engineering manager for an aerospace maintenance, repair and overhaul (MRO) company, Shih Tung is a Singaporean who has been closely following data privacy issues in the country and had urged in his previous blog for the public sector to be included in the data protection law.

While I understand the need for some government entities to be exempted from such legislation, for instance, to facilitate the sharing of essential data such as electronic medical records to provide better healthcare services, this "privilege" of exemption should be applied sparingly and only when it concerns citizens' welfare. And by welfare, I most definitely do not mean information-sharing for marketing purposes, promotional events or customer loyalty programmes that any affiliated government organization may be involved in, and certainly, not some dating service agency that targets university graduates.

Like Shih Tung, I doubt our government would reconsider its stance and include itself in the final data protection law. But I am hoping that with sufficient, and persistent, public feedback, Singapore's lawmakers will eventually realize the need to do so and make the right decision to stand alongside its global counterparts that have already done so.

My company recently decided to send its leadership team for a team-building activity organized by Outward Bound Singapore (OBS), and we were required to fill in OBS' course registration form which contained the usual disclaimers. Buried in the consent clause was this statement: "I also authorize the Outward Bound Singapore to disclose my personal information to its employees/agencies as it is necessary for official purposes in connection with the People's Association (including PAssion Card) Programmes."

Why should I give my personal information to the People's Association (PA) as a condition of taking part in an OBS programme? A bit of background here: OBS is the licensee of Outward Bound International in Singapore and is operated by the PA, which is a government agency that was set up to promote racial harmony and social cohesion. It does this through a network of Community Centres, so-called "grassroots organizations", and even a discount card programme, the PAssion Card, which was referred to in the disclaimer.

In my previous post here, I speculated that the public sector would be excluded from Singapore's proposed data protection (DP) law and unfortunately, I was proved correct when the Ministry of Information, Communication and the Arts (MICA) released its consultation paper on the proposed regime. According to the ministry, the public sector should be excluded from the law because "public sector rules accord similar levels of protections for personal data as the proposed DP law".

Insofar as they apply to the private sector, MICA's data protection proposals do appear to be consistent with international norms such as the OECD Guidelines and APEC Privacy Framework. Among the principles MICA has accepted is the principle of consent, stating that organizations must gain the consent of individuals before processing that person's data. Quoting MICA's consultation paper: "An organization may not, as a condition of supplying a product or service, require an individual to consent to the collection, use or disclosure of personal data beyond what is necessary to provide the product or service."

How then is it necessary for OBS to release my personal data to PA and the PAssion Card programme just to enroll me in a one-day team-building activity? There also was no check-off box for me to agree or disagree to the disclosure of my data to third parties--there was just a single omnibus consent clause.

The Singapore government has never revealed its internal rules for handling personal data but suffice to say, either OBS is not following the rules or the government's rules do not in fact provide the same level of protection as the DP Act is intended to provide in the private sector.

In any case, I struck off the part about disclosing data to PA and wrote in an additional "NO DISCLOSURE TO PA" for good measure on the form. We shall see whether I'll start receiving promotional mailings or phonecalls from PA anyway, despite my admonition to OBS not to disclose my data to PA.

In an interview with local English daily The Straits Times, PA's former head Tan Boon Huat admitted that grassroots leaders may be given access to the profiles of PAssion Card members. In the Singapore context, "grassroots leaders" refers to some 30,000 office-holders in grassroots organizations around Singapore.

While grassroots members are officially volunteers, they have close ties to ruling party Members of Parliament and their children receive preferential admission to schools in their district. Tan says that grassroots leaders have to follow the same confidentiality rules as PA staff but the fact is that grassroots leaders are volunteers--there is no contractual relationship between the PA and grassroots members. Hence, whatever rules PA may have are not legally binding on the grassroots leaders. Furthermore, because there is no employer-employee relationship between the PA and grassroots volunteers, PA is not legally responsible for the actions of a grassroots leader. According to the PA's Web site, there are 1,023,258 PAssion Card members today.

Quite apart from this specific case, there is a broader problem with the government's claim that its internal rules provide sufficient protection for personal data. The basic fact is that internal rules are not the same as legislation. They can be changed at any time and even if the government were to break its own rules, affected individuals would have no legal recourse.

Internationally, in a survey of 78 countries in Privacy Laws and Business International Report, all but Malaysia and India either included the public sector in their DP laws or had separate legislation for the public sector. The United States and Thailand do not have comprehensive privacy laws for their private sectors, but have privacy laws covering their public sectors.

Singapore, therefore, seems to be out of step with international trends in excluding its public sector from the country's data protection legislation.

I am not optimistic that the government will change its mind for this first iteration of the DP Act. However, I expect there will be enhancements to Singapore's DP regime in the future, and we can continue to urge the government to extend coverage of DP legislation to the public sector in Singapore in the near future.

Whether or not we all agree social networking use in the workplace negatively impacts staff productivity and introduces security risks into the company's network, it's a trend that's here to stay. So instead of whining about it, IT managers need to reassess their organization's social policy and security posture.

That's the message Kostas Anagnostakis, founder and CTO of Niometrics, discusses here as a guest blogger of Tech Podium. Founded in 2009, the Singapore company was born out of research initially conducted at the Institute for Infocomm Research which looked at ways to detect "unhealthy" applications such as file-sharing systems that can overload networks.

Today, Niometrics touts an application recognition engine that analyzes network traffic the application layer, which it believes is the most effective way to monitor and manage a company's security policy.

Kostas has kindly agreed to answer questions from readers. E-mail your query and ZDNet Asia will feature selected questions in a follow-up report.

With the consumerization of IT and the prevalent use of social media tools at the workplace, the tide has changed. It is time network administrators look for better ways to control and secure their networks.

As Hollywood makes a quick buck on movies such as The Social Network, IT administrators fret and get increasingly worried about the potential security implications for their enterprise networks. Take for example malware laden "hot" links that capitalize on trends such as the deaths of Amy Winehouse and Osama bin Laden, social media is yet another avenue, among a long list, being used to propagate malware online.

Not that such fears are unfounded, or that security breaches are things only large companies need worry about. In fact, cyber criminals are oblivious to business size as every network represents a fair challenge for the hacker and their army of bots.

Last year, an Information Security Breaches Survey revealed that 83 percent of small businesses in the U.K. had experienced a security breach and damages on average might reach 55,000 pounds (US$85,978). No such study has been conducted in the Asia-Pacific region, but it should not be any surprise if similar results are found, especially among digitally-enabled economies such as Singapore, Malaysia, Korea, and Japan.

Aside from having to battle threats from the "outside", danger emanates equally from within the enterprise.

With the consumerization of IT, employees are eschewing their company-issued BlackBerries and replacing them with personal devices, and running on them, hundreds of thousands of unapproved, backdoor-sy and potentially dangerous applications. Remote backup, remote access tools and file-sharing clients are just the stuff security nightmares are made of.

Even desktops and laptops that have been locked down and patched can be circumvented by the latest malware equipped with the latest exploits. Increasingly, we see malware authors using a sophisticated combination of techniques, called advanced persistent threats (APTs), which include social engineering, spear phishing and rootkits, to compromise and steal data from companies--some as large as Sony and RSA.

IT administrators, thus, need to be prepared for the worst-case scenario and prepare for when Trojans and bots enter their fortified enterprise networks. They will have to deal with ever increasing risks even as upper management ignores their pleas and jump head-on into social media, BYOD (Bring Your Own Devices) and freely available applications in the search for more business opportunities, lower costs and better productivity.

Instead of griping, IT administrators should look to newly available security tools that will help them regain some semblance of control over their networks. There has been one small piece of good news in recent years with the development of network technologies operating at the application layer (or Layer 7), which basically refers to the unique way all programs communicate. This is important as all malware or applications, regardless of platform or operating system, need to communicate, sending and receiving data and instructions.

If your enterprise is only concerned about controlling browser access to Facebook or YouTube, it's time to rethink your IT strategy. Many of these Web sites are accessible using standalone applications on a wide variety of devices, for instance, Dropbox and YouTube. Most of these are designed to circumvent rudimentary firewalls and aging Web filters that control access to a network, simply by restricting port numbers or URLs. Imagine allowing everyone through airport customs if they are over 2 meters tall, or with the surname Tan!

Application control at Layer 7 removes this ambiguity by scanning all network traffic and identifying all applications communicating over the network. With close to perfect detection rates, network administrators will be able to harness this technology to fully understand and control their networks.

The important lesson going forward for any enterprise network administrator is to think about how they can embrace new trends such as BYOD, social media and cloud computing, and manage the associated risks as we move toward an increasingly app-centric world.

My advice would always to be on the lookout for new technologies to help build upon the many layers of network security, and to be proactive in deploying tools that provide real-time capabilities to constantly monitor and mitigate threats that (will) occur.

And at the risk of sounding cliché, unless you are a visually impaired Japanese master swordsman, a "blind" network is essentially a broken one.

Given the tools available, I wonder if both teacher and student would have had an easier time breaking the communication barrier and whether Keller would have achieved even more than she had in her lifetime.

ZDNet Asia's senior journalist, Kevin, is back with another post this week where he discusses how we can tap the advancements technology has made over the past decades, to help the disabled forget their disabilities and be able to participate in society alongside their abled peers.

Have you ever stopped and wondered how people who are deaf and blind go online to browse the Web or login to social networks to stay in touch with family and friends? Even sending out text messages or making a phone call would be a problem for many of them.

This particular issue, which is something I think about regularly, recently came into the foreground when I had to look into how communication technology was developing--offerings such as mobile videoconferencing or enterprise collaboration.

After all, the act of communication is, fundamentally, how people interact with one another. This then got me wondering how people with disabilities participate as more conversations shift to the mobile and digital arenas. Are they even given the tools to do so?

Thankfully, countries such as New Zealand and Singapore have put bridging the gap with their physically impaired citizens as a priority.

Steven Joyce, New Zealand's minister of information and communication technology, announced in July that an expanded range of communication services would be rolled out progressively from Oct. 1, 2011, to benefit the deaf, deaf-blind, speech and hearing-impaired community.

Services such as captioned telephony, which allows people to read live captions of spoken phone conversations, and establishing relay contact centers to make local and international calls, are examples of what the New Zealand government has initiated. It also aims to lead the world in the area of video-assisted speech-to-speech relay services.

Joyce explained the decision: "The deaf, deaf-blind, speech and hearing impaired community will have a full suite of telecommunication services that suits individual circumstances and needs. We are committed to providing all New Zealanders with the benefits that new telecommunication technology and innovation can offer."

Tariana Turia, the country's minister for disability issues, added that accessibility was a "huge priority" for her, and for the disabled and their extended family. This was why the announcement marked a step forward for the entire community. "The great thing about captioned telephony is that it will enable far better access for disabled people to keep in touch with family, to assist with learning and open possibilities for employment," she stated.

In Singapore, the Society for the Physically Disabled (SPD) runs the Infocomm Accessibility Centre (IAC), which acts as a one-stop venue for people with disabilities to equip themselves with IT knowledge and skills as well as learn how to utilize online services. The center is supported by both public-sector agencies such as the Infocomm Development Authority (IDA) and private-sector stakeholders, according to a joint statement made by SPD and IDA.

Interestingly, the IAC also houses the "first ever" assistive technology loan library in Asia. The library is stocked with over 700 types of assistive technology equipment which users can loan to learn how to overcome barriers in accessing a computer as well as assess the suitability before buying similar equipment, a spokesperson for both organizations pointed out.

Both New Zealand and Singapore might have different ideas and perspectives on how best to equip their people with physical impairment but, to me, the importance is in recognizing that technology isn't just for business enablement or personal entertainment and convenience. It has to be more than that.

As many of us turn to various mobile gadgets and online services to keep in touch with one another, let's also think up ways to help bring those with physical disabilities across, and into, the current digital age.

If you're unlucky, you may very well end up being a case study in an episode of Crime Watch.

But, what happens when the online misfortune extends into the private confines of your home?

My colleague Kevin Kwang is back on Tech Podium this week to highlight the perils of opening your home to temporary tenants sourced online from bed-and-breakfast social networks. As one American found out, being sociable was the last thing on her guest's mind.

Mi casa es su casa. This Spanish phrase for "my house is your house" is commonly used by people to express welcome and a sense of friendship and closeness to invited family and friends.

However, following an incident in June which saw San Francisco resident EJ's house thrashed by a tenant she got to know through online bed-and-breakfast (B&B) marketplace, Airbnb, it appears the phrase is now tainted with a negative modern-day connotation. And technology, coupled with human fallibility, played a major part in it.

You see, EJ had earlier entrusted her home to a paying lodger, Dj Pattrson, whom she had "met" online through Airbnb only to see her home, and life, thrashed. She wrote in her blog: "I returned home from an exhausting week of business travel to an apartment that I no longer recognized. To an apartment that had been ransacked. With heart pounding and stomach churning, I slowly swung the door open as both a pungent odor and the full realization of what had occurred washed over me: this wasn't just a random break-in. My home had been burglarized, vandalized and thoroughly thrashed by a 'traveler' I connected with via the online rental agency, Airbnb.com."

What ensued was a series of back-and-forth exchanges between Airbnb customer service staff and executives, ongoing police investigations and negative press for the nascent social media-based B&B market.

Why am I bringing this incident up, you might ask. Well, as a somewhat frequent traveler and keen social media user, the business model intrigued me.

Would I be willing to open up my home--something I've paid good money for and painstakingly refurbished--to strangers whom I barely know and met over the Internet?

Yes, each owner and his or her home will be "curated" by people who had previously rented from them before, and this is fundamentally the premise of social media-based commerce--trusting in the collective experiences of past and present customers.

Yet, the idea of opening my doors to strangers is simply counter-intuitive and contrary to everything my parents and moral education teachers have drilled into my head from young.

From the looks of things, though, there are people more willing than I am to put their trust in companies such as Airbnb, as well as rivals such as Wimdu and funding rounds of US$112 million and US$90 million, respectively. Their investments, however, were put forward before the San Francisco thrashing made light.

Obviously, there are kinks to be worked out, as seen in EJ's case.

Bryan Tan, a Singapore-based lawyer and director of Keystone Law, notes that operators such as Wimdu and Airbnb act as agents authorized by homeowners to advertise their properties for rent online. These agents need to act according to the terms agreed upon by both parties and cannot "act in a manner where they benefit to the detriment to homeowners", he stresses.

What's tricky is that each operator has a different set of terms and conditions put in place. For instance, Wimdu states that its duties extend from the matching of landlord to tenant, to verifying--within the confines of the Internet--the tenant's registration data. It is, however, not responsible for verifying the legitimacy of the property put up for rent and resolving disputes between landlord and tenant during and after the conclusion of the contract, Tan notes.

To prevent another homeowner from falling victim like EJ, the lawyer suggests it is in the homeowner's interest to take up the recommendation put forth by such marketplace operators, and request additional conditions to be added to the contract between landlord and potential tenant.

It remains to be seen whether the model of these social bed-and-breakfast marketplaces will thrive beyond markets such as Europe and the United States, given the propensity for people to rent, rather than buy, their homes.

Personally, I believe mi casa es su casa should remain a phrase reserved only for loved ones and friends that we know beyond the online realm. What do you think?

The increasing reliance on cloud underscores the role data centers play in ensuring services delivered over the Web are available and accessible at all times.

I invited this week's Tech Podium guest blogger, T. Rajan, to provide some insights on what goes on behind the scenes in managing a data center.

Rajan, technical director at Basis Bay Properties, is a certified electrical engineer and has over 20 years of experience in building services design and consulting. He has spent the past five years specializing in data center design with Basis Bay, helping to design, build and operate the company's Tier III and Tier IV data centers in Cyberjaya and Glenmarie, Malaysia.

Established in Malaysia in1996, Basis Bay currently has direct presence in 11 locations across Asia-Pacific and Europe including Singapore, Hong Kong and the Philippines. Its clientele includes organizations from the financial services industries such as banks and insurance companies. The company operates several data centers including the 70,000 square feet, Tier IV facility located in Cyberjaya, which offers network operation center (NOC), co-location and disaster recovery services, among others.

The day-to-day running of a data center in the present economic situation is challenging enough to push the capabilities of managers and administrators to the maximum and ensure that the facility is operating according to industry best practices.

The emergence of competitors and new data center players in the Asian region has pushed the efficiency bar further a notch to keep data centers operating and delivering at the optimal level. Expectations are as high as operating a five-star hotel.

My experience in managing Basis Bay's data center facility starts from my involvement in the construction of the data center from ground zero through to the management of its operations. There is a fine line that separates IT and facilities management, and sometimes they do occasionally overlap, causing confusion. Hence, it is best to identify and segregate upfront tasks related to IT from tasks related to facility management prior to starting your business operations.

The existence of standard operating procedures (SOPs) for operating a data center must be in place for all who are involved in the operations. Emphasis should be on providing maximum security with regard to entry into the facility by identifying every customer--internal and external--vendor, contractor as well as employee that has this access. Accessibility to the data center itself should be monitored separately from the facility and privy only to the designated resources.

The daily operations involve managing individual SLA (service level agreement) that has been committed to customers, be it internal or external, and making sure that power to IT equipment is monitored 24-7 with the proper management tools such as the building management system, environmental monitoring system and central monitoring system. The consumption of power is crucial to determine that power to the IT equipment is sufficient under any circumstance, and this is easily done by performing a quick daily, weekly and monthly threshold reading of available power from the UPS (uninterruptible power supply) and the utility company.

Cooling the data center environment is equally important and like power consumption, it must be monitored round-the-clock and ensured that the operating temperature and humidity are within the acceptable range. Hot spots are a real challenge and without the proper tools it is not possible to identify them all.

At Basis Bay, we ensure that the "hot aisle/cold aisle" configuration is deployed at all times to maximize cooling of the servers. We also check that the access floor is free from obstacles that may be preventing the necessary cold air from being delivered to the respective IT equipment. We encountered these problems recently and performed some minor adjustments to eliminate this problem, both above and below the raised flooring.

High density racks need to be treated differently, as they require more cooling than the standard low-density racks, via the deployment of higher-percentage perforated floor boards with damper control.

It is also advisable to check the air-flow coming out through these floor boards simply by placing a measurement object over the board and raising it slowly to see how far the air is blowing up into the racks.

The issues I highlighted are different from other data centers as I discovered during my assessment of our other facilities in the region where, for example, "hot spots" might be caused by other factors and require additional monitoring such as checking whether the CRAC (computer room air conditioner) unit is working to its maximum capacity.

The facility team has to conduct preventive maintenance on all mechanical and electrical equipment on a regular basis, while ensuring that the data center is managed properly. The cooperation between the IT and facility departments must be seamless while, concurrently, executives at the management level including the CIO, CFO and CEO should be advised accordingly.

I remember writing about the government's plans to digitize medical records and its dreams of a paperless healthcare system, where private clinics and major hospitals can easily share a patient's medical data and establish a single consolidated view of that patient's healthcare history.

That was 10 years ago. Today, most private clinics still rely on paper and I'm pretty sure most still lack the relevant resources to tap into a patient's hospital records with a mouse click.

Granted it's not an easy path, to take an industry that has one of the longest histories--hence, biggest legacy issues--and completely revolutionize it, digitally. But, if done right, the benefits would be ginormous.

Singapore celebrates its 46th year of independence next week. I must state upfront I'm not the patriotic type--I forget when was the last time I watched the National Day Parade or wore red and white to celebrate the occasion, and I had to think for a good minute to recall how many years the country has been independent as I began this post (and don't even try to suggest my math is bad). I've have my fair share of grouses about the rising cost of living, inconsiderate dwellers and sardine-packed trains during peak hours.

Nonetheless, I am certainly proud of how much the city-state has achieved, especially for a tiny nation with a short history. I truly believe we have one of the most, if not the most, efficient and comfortable airports in the world. If I were stuck in an airport because some volcano which name I cannot pronounce disrupted air traffic in Europe, being at Changi Airport would ease the pain--a lot. And while we're at that, Singapore Airlines also has one of the best reputations in the world, notwithstanding a recent dent due to a Web site revamp gone wrong.

Healthcare, and its related pharmaceutical and biotechnology industries, is also another area that makes me pink with pride (pun intended).

Although there have been serious concerns about affordability to the extent that some elderly folks grumble it's better to die than be sick, the country is making good progress as a biomedical hub and at the forefront of medical innovation.

But if I could make one wish for this sector, it would be that the country's vision to have a single, integrated digital record for each patient was a reality.

Twice in the last several months, my GP (general practitioner), who still relies on paper records, had prescribed medications that were unsuitable for nursing even though he makes it a point every visit to enquire about my young daughter.

The first time it happened, I casually asked the clinic assistant--while making payment--to check back with the doctor as I realized he had failed to mention to me that the meds he was prescribing were safe for breastfeeding (he normally does). I had expected to be chided for my paranoia and that these pills were indeed baby-friendly, but to my horror, they instead were changed.

The second time, the same lack of "don't worry, these medicines are safe for breastfeeding" utterance by my family physician triggered a mental alarm in spite of my grogginess. True enough, one of the meds had to be replaced, again.

This experience made me wonder, how many people ingested wrong medication because they simply assumed that the doctor would prescribe appropriately? You might think it's probably not a big deal since any misdiagnoses that lead to serious consequences usually make the news and we don't hear about them often. But when a pregnant woman, for example, takes meds that are too strong for her fetus, the effects may be subtle or worse, only show up in later generations.

While doctors can be held accountable for negligence and lack of professionalism, they are humans, after all, and mistakes are inevitable. Technology has the ability to play a crucial role here, where important data will always be displayed prominently and built-in controls will trigger off system alerts of inconsistencies.

For instance, my husband is allergic to a group of drugs known as NSAIDs (non-steriodal anti-inflammatory drugs). When he goes to a GP, he or she should be able to know this immediately by looking at his e-medical record. Better still, if a doctor tries to prescribe him Ibuprofen, the system will automatically flag a problem and the dispensary will not receive the prescription.

Of course, it would be simplistic to conclude that having everyone on board or complete digitization will lead to an error-free healthcare system. There are other factors such as whether inputs are clear and detailed, and the possibility of system downtime. But if there is a way where mistakes due to human carelessness can be avoided, let's have it now rather than later.

And so, there is the all-important question of when.

The actual completion of Singapore's multiple-year e-health journey is still nowhere in sight, yet, even though the National Electronic Health Record system was launched in June. The Ministry of Health (MOH) told me in an e-mail that access to the NEHR is progressive, starting with public healthcare institutions under SingHealth and NUHS (National University Health System). "By June 2012, all public healthcare institutions, selected community hospitals and GPs should be on the NEHR system," an MOH spokesperson noted.

No GP I've visited in recent months has made the leap to digital records. And with private practitioners forming 80 percent of the country's primary care providers, I very much doubt that the June 2012 timeline can be met. Still, I am hopeful, for this is the Singapore that prides itself on progress, among other qualities embodied in a pledge that its people faithfully recite every year on Aug. 9.

To all our Singapore readers, happy National Day!

But, many businesses today still fail to understand how customer relationships should be managed in an era of viral messaging and social communication, where transparency is more relevant than ever.

In this week's blog, another member of my team, Kevin Kwang, discusses why reticence isn't always a good thing in the business realm, especially when angry customers demand answers not only in a timely fashion but that directly address the root of the problem.

With social media and networking sites thriving, communication devices such as Apple's iOS and Android-powered mobile devices flooding the markets--both consumer and enterprise--and global data traffic expected to hit 8,000 petabytes this year, it can be said that our human society has well and truly entered the Information Age.

But despite the myriad channels and sophistry of communications available to them, some companies continue to follow the adage of "silence is golden", to their detriment.

Taiwanese PC maker, Acer, for one, did not respond well when its Packard Bell server in Europe was hacked on Jun. 3 this year. The hacker group Pakistan Cyber Army took credit for stealing personal information of 40,000 Packard Bell customers, which included their names, addresses, phone numbers, e-mail addresses and the devices they had bought. Screenshots of the stolen data were also posted online.

The crux of the matter here lies in the post-crisis communications, or to be more precise, the lack thereof. One of the earliest comments from the company came from Lisa Emard, director of media relations for Acer America, during an interview with ComputerWorld, but it was a non-statement saying that its U.S. operations have no information on the breach and is trying to get a response from its European counterparts. Ten days later, the company verified the content of data stolen matched those reported earlier and added that no credit card details were compromised and that investigations were ongoing.

These updates, however, were not enough for one of its customers who wrote in to ZDNet Asia to complain about the lack of transparency from Acer and of efforts to reassure customers regarding the breach and who were affected.

Joseph Chuah, an IT professional in Singapore, related in an e-mail that after learning about the breach, he sent a total of three e-mail messages to Acer America's technical support to find out if his personal information had been compromised during the attack, but the company did not reply. Chuah subsequently followed up with an e-mail to Acer's privacy officer, but also has yet to receive a response.

Acer's inaction has left him disgruntled. Chuah said: "Even with the security breach, I might not have blacklisted Acer products. But because of its poor customer communication, I strongly doubt that I would purchase an Acer product in the future and will ensure that when asked, my opinions would work against Acer."

When quizzed, an Acer spokesperson reiterated the details of the breach that had been reported earlier, only adding that Packard Bell is commercially available only in Europe and the company is still looking into the matter.

The Taiwanese PC maker, however, is not the only tech company that has shown tardy customer communications in recent times.

Japanese electronics giant Sony's reputation took a huge hit earlier when its Playstation Network went down after hackers from Anonymous breached its barriers in April. The attacks continued through the month of May as blackhats hit back at the company's efforts to clamp down on people jailbreaking its consoles. CEO Howard Stringer, in particular, was singled out as going MIA (missing in action) in the early days when news of the security breach broke, leaving the responsibility of disseminating updates and fending queries instead to his subordinates--Kazuo Hirai, chairman of Sony Computer Entertainment, and senior director of corporate communications, Patrick Seybold.

He finally issued a statement on May 6, offering his apologies and giving more details about the identity-theft monitoring system it offered to affected users to make up for its security lapses.

But these gestures did not placate irate users who took to the forum boards and Twitter to express their dissatisfaction. One of them, British professional footballer Jay Bothroyd who plays for Cardiff City in the U.K., reportedly said in a tweet: "This playstation network is getting ridiculous now might go to the dark side!!!!" The "dark side" Bothroyd referred to is, presumably, Microsoft's rival console platform, Xbox.

The common refrain among consumers in both situations mentioned above was how poor communications had made a bad situation worse. This leads me to wonder if companies truly understand the global nature of social media and how negative comments go viral at the blink of an eye. If they do, have they recalibrated their customer response mechanisms to better cope with crisis when they inevitably crop up?

Silence may indeed be golden in some situations but during crises, timely updates and transparency, as well as a sense of empathy, will go a long way to retain customers' trust and loyalty.

In her blogpost, Vivian looks at the takeaway lesson from recent incidents that resulted in damaged property and personal data being leaked simply because the organizations involved committed a couple of basic oversights.

The discussion is timely reminder that we can deploy the most high-tech equipment and tools, but if we forget to employ some basic common sense as well, even the best and most expensive implementations will serve little purpose.

A common refrain these days is "common sense is not so common". While this, of course, is dependent on the individual--I don't want to over-generalize--the fact is that technology has made our lives easier, so much so that we sometimes don't use the wonderful organ--up there--that we have been blessed with.

Why do mental sums when you can tap the calculator function in your mobile phone? Have trouble spelling "supercalifragilisticexpialidocious"? Fire up that app or browser, type a few letters and...voila! Information literally at our fingertips has indeed made my peers and the generation after us somewhat lazy.

Will this mentality lead to our downfall? I honestly hope not but I suspect we might already be heading there.

Sony, which has been making headlines for the wrong reasons, is a frightening reminder of how a company cannot afford not to put more thought into its processes and operations. The Japanese consumer electronics giant has, to date, leaked personal data including names, snail- and e-mail addresses and passwords of over 100 million customers. At least one Sony subsidiary, Sony Pictures, did not bother to encrypt sensitive information--which is common sense, really--stored on its networks, the attackers claimed.

Here in Singapore, national water agency, Public Utilities Board (PUB), had a, in Internet speak, facepalm moment last week when it revealed that an SMS flood-alert system had been poorly calibrated.

Using sensors located in drains and canals, the system would trigger an alert to buildings susceptible to floods when water levels reached 75 percent and 90 percent. But, in an unusually intense flash flood last weekend, water levels at a particular location hit 100 percent--which had not been factored into the system. As a result, two buildings--a shopping mall and a six-star hotel--along Singapore's shopping belt were not notified, were caught unaware and suffered significant damage.

To employ a system which job is to set off warning signals when a certain tolerance level has been reached, wouldn't it be logical to use a minimum level approach such that any reading beyond that will definitely trigger off alerts? Yes, except that common sense isn't so common after all.

Sure, these incidents are not life-threatening but put on that paranoid hat and you can easily conjure up scenarios of loss of body parts, or worse, unnecessary deaths--all because someone failed to consider something so basic.

With technology becoming such a pervasive part of our lives, there is increasingly little room for carelessness in how IT should be applied. Technology is superb but if processes are not well thought through, we end up shortchanging our investment, and ultimately, ourselves. Do we have a common understanding here?

It's a regime I look forward to and one that's a long time coming. In a January 2008 blog post, I discussed my concerns about whether governments put sufficient care in ensuring that the data they collect about citizens--locally and globally--is sufficiently secured.

The U.K. government, for example, lost the personal details of 25 million individuals in 2007. I wonder if citizens can hold their governments accountable when incidences like these occur, or whether I can do likewise should the U.S. government leave unprotected the details of my fingerprint--which is required of any foreigner who visits the country.

Data protection or privacy legislation can ensure safeguards are in place to protect people's data, and remind businesses to be vigilant about how they use customer data.

But, as today's guest blogger highlights, the Singapore government may eventually be exempted from adhering to the country's proposed data protection legislation.

An engineering manager for an aerospace maintenance, repair and overhaul (MRO) company, Ngiam Shih Tung is a Singaporean who has been closely following data privacy issues in the country. Shih Tung points out that a parliamentary discussion last month reveals the enforcement of the nation's Spam Control Act, passed in 2007, does not involve government ministries and statutory bodies.

In his blog post, he highlights that while there are instances--for national security and law enforcement purposes, for example--in which governments should understandably be exempted from data protection legislation, they should still be held by the same standards as private organizations.

He raises a concern that, like the Spam Control Act, the government may exempt itself from enforcement when data protection legislation is enacted.

I absolutely agree, especially when a 2007 report unveiled that governments around the world were increasingly invading the privacy of their citizens with surveillance, identification systems and the archival of private data. Governments must be measured against the same standards and legislation as the private sector, and must face the same penalties if security breaches occur due to a lack of technological safeguards.

And like Shih Tung, I too hope the Singapore government will also realize that.

Last month, after years of resisting calls for data protection legislation, Singapore's Minister for Information, Communication and the Arts (MICA), Lui Teck Yew, announced the government would be enacting legislation to provide a baseline standard for data protection in Singapore. While this is a welcome change of heart by the government, the government itself may actually be exempt from the proposed legislation and much remains to be seen on how the law will work.

Thirty-one years ago, the developed nations' club, the Organisation for Economic Co-operation and Development (OECD), adopted a set of data protection principles. As far back as 1989, the Law Reform Committee of the Singapore Academy of Law recommended that Singapore adopt a data protection regime covering both the public and private sectors. However, that call fell on deaf ears and it was left to Hong Kong to be the first Asian country outside of Japan to adopt data protection legislation in 1996. It even appointed a Privacy Commissioner with powers to enforce Hong Kong's Personal Data (Privacy) Ordnance.

Still, better late than never, and one of the advantages of starting later is that we can benefit from the experiences of other jurisdictions.

One area of concern, though, is that even though MICA has promised to consult stakeholders, its definition of stakeholders comprises only "public, private and people sectors". Where are individuals in this discussion?

It is very ironic that MICA is proposing privacy laws and, yet, individuals are not considered to be stakeholders. Possibly, MICA considers organizations that will be regulated by the proposed legislation as stakeholders but does not consider the people whom the legislation is supposed to protect, to be stakeholders.

In civil service speak, the "people sector" doesn't refer to real people but rather to Voluntary Welfare Organisations (VWOs) and similar bodies. These organizations are included presumably because the government wants to integrate public and private databases of welfare recipients.

A question was raised during a parliament session last month regarding the data protection model. In his reply, even though the public sector was identified as a stakeholder, Lui implied that the proposed law will only apply to businesses that collect data. That is a very glaring omission. The OECD principles recognize exemptions for national security and law enforcement purposes but apart from that, government databases are held to the same standard as private ones.

If anything, I would argue that government databases should be held to higher standards of transparency and security. The reason is that while telemarketers may be a nuisance, they can't cause you real harm, but incorrect data held in public databases could cause real harm. In many cases, we also do not have the choice of not giving our information to government agencies.

So much remains to be seen as to the details of the proposed data protection legislation, and while the government must be applauded for accepting the idea of data protection legislation, the signs are that this will only be a tentative first step in Singapore's progress toward implementing a comprehensive privacy protection regime.

That the Internet can never be 100 percent secure should, by now, be a foregone conclusion. In fact, I believe that any form of risk management should not be focused on prevention but on mitigation. However, that's easier to manage if you own the data you're trying to protect and oversee the policies that govern how the data should be handled.

With online social platforms, your personal information is managed by the social networking site. Here, how your data is managed depends largely on the site's privacy policies and governance.

Facebook, for one, has made frequent changes to the way it handles user data. This is something I feel strongly about and have discussed in my previous blog post.

There's no doubt that Zuckerberg's team has constantly tried to introduce new innovative ways to improve the site and enhance their users' online social experience. However, that sometimes means user data can be used in a way it wasn't intended to be used when the user first agreed to provide the data.

The most effective way to protect your privacy on Facebook, or any other Web site for that matter, is to assume responsibility for it.

I invited today's guest blogger, PeekYou CEO Michael Hussey, to highlight how we can better safeguard our online social identities. He founded the company in 2006 to provide a "people" search engine, providing search results that identify users and summarize their online footprint. The engine searches and indexes people the same Google does with Web sites.

Michael believes that everyone should understand and maintain their online identity in the same way, and with the same care, they manage their offline identity. He talks about that here and stresses the importance of taking due diligence to protect our own identity.

You might be asking, when even Mark Zuckerberg has his Facebook profile hacked, is anyone safe?

I personally suspect that human error was behind that hack--that someone must have seen him log into one of his accounts, furtively gleaned his password, and whispered it to others. Facebook's general security protections were probably not to blame.

Even so, the incident would prompt many Facebook users to fear for their privacy on their favorite Web site.

But, there are many things you can do yourself to protect your privacy on Facebook. For one, set your Facebook privacy settings to suit your desired degree of discretion. If you do so, you are right to expect that the data you share on Facebook should remain private and only viewable by people you have allowed access to. In this regard, Facebook has done a very good job in creating flexible privacy controls that suit most users.

However, be cautious when using Facebook Connect with third-party Web sites. Understand that your Facebook data is being passed to the owners of these sites whenever you use Facebook Connect to log in.

Facebook Connect is a useful tool that makes it much easier to join and participate in trusted third-party sites outside of Facebook, but its use should be limited to sites you trust and which make it clear what they do with the personal information they collect about you. This is a general rule of thumb: you should never join a site that doesn't have a clear privacy policy or terms of service.

Because of tools like Facebook Connect, it is now simpler, faster, and more common to join new Websites, so just be careful. You wouldn't invite someone in your home without first getting to know them…and you shouldn't join any Web site without first learning a bit about who they are and what they do.

Also, beware that unless you choose the very strictest privacy settings, some generic information about you will still be visible to everyone. Facebook calls it "Everyone Information"--and search engines like Google and PeekYou use it to identify people who have a Facebook profile. If you don't want to be indexed by search engines, but still want your friends, family and colleagues to be able to find you, make sure you choose appropriate privacy settings.

And, as a matter of course, try to keep different passwords for each different Web site you log into. Keeping track of them all is getting harder and harder as the number of Web sites to create accounts for grows and grows. So if having a different password for each site is impractical, then at the very least, keep a different set of passwords to protect truly important information such as your online banking, other financial information, and so on.

And especially, if you are using Facebook Connect across lots of sites, make sure you change your Facebook password frequently and make sure it is secure.

Also, never forget that the Internet is full of publicly available information.

Beeconomic began operations this year with a fundamental idea: create a platform on which consumers looking to purchase the same product can come together and put in a bigger order, so merchants can offer the item at a better discount. It's win-win for both the buyer--or in this case, buyers--and seller.

Such group-buying sites aren't exactly a new concept. They've been around since as early as the turn of the millennium.

It builds on the same business model e-marketplaces, which once touted similar cost benefits from economies of scale and common component sourcing.

While such B2B platforms never quite took off despite the hype in the early 2000s, group-buying sites appear to be enjoying a resurgence of sorts in the U.S., led by sites such as Groupon, and we may just see the same happening in this neck of the woods.

And sites like Beeconomic have a few things going for them that their forefathers didn't have, specifically, the emergence of viral marketing and social networks. Both elements are key in any business that relies on word-of-mouth and consumer participation.

Karl Chong is the founder and managing director of Beeconomic. I invited him to take centerstage on Tech Podium this week and explain his company's business model, as well as discuss the role of "social" in driving an organization's social media strategy.

Karl worked in various organizations, including in New York and Sydney, as an investment banker and financial analyst. It was in the Big Apple that he latched on the group-buying concept and promptly saw through that vision with the inception of Beeconomic.

Many businesses assume that social media can bring them more exposure and sales. However, setting up a Facebook Page or Twitter account is only half the journey--it gives you exposure but may not lead to new sales.

We started Beeconomic to help promote local businesses and fill the gap between having a social media presence and leading paying customers to their door.

Beeconomic is an online city guide that features a daily deal on something cool to do, see or taste in Singapore. The model is simple: a deal is offered to our subscribers for 24 hours but is only available if a minimum number of people sign up for it. If not enough people sign up, the deal is off and no money is exchanged.

I came across the concept of collective buying when I lived in New York. A friend of mine forwarded me an e-mail from a group-buying site (GBS) that offered an indoor rock climbing deal at 75 percent off. The offer was hard to resist so I bought the coupon. It didn't take long for me to realize that the model would eventually be a huge trend in Asia. So I left my Wall Street job and co-founded Beeconomic, Singapore's first GBS.

When we started negotiating deals with businesses wanting to be featured on Beeconomic, our value proposition was clear. We could offer a risk-free way to reach out to thousands of new customers without any upfront costs. We only take a portion of coupon sales so we only win if businesses win.

We use social media to not only give the featured business a presence but also to spread the word virally. Our homepage has easy to use links to be able to share the daily deal on Facebook, Twitter or via e-mail. People are encouraged to spread the deal through our $5 referral credit system. This is one example of how social media can be harnessed to lead to a viral effect.

While we are in business to make money, one thing we are very careful about is not to use social media as if it's just another billboard for monologue marketing. If you do that, then consumers will give it the same disregard as they may with traditional advertising on print, radio and TV.

What makes social media different is that it's more about the "social" and centered on how people interact within a community. Any Facebook Page should be treated as a living room where dialogue is transparent, questions are answered and consumers are encouraged to interact. If you can use social media to develop relationships with consumers, then you can go a long way tapping this platform for your business.

For us, the results have been pretty amazing. In just ten weeks since our launch on May 2, 2010, Beeconomic has saved its subscribers over S$200,000 (US$145,519) and sold almost 3,000 coupons. We intend to continue to invest money in improving our subscribers' experience and customer service, and plan to expand into other Asian cities this year.

From conversations with industry contacts and friends, I've been told that the Chinese market isn't easy to penetrate--several foreign businesses have tried, and failed. Oft-cited reasons for the failure include how businesses deals in the country are inked based on relationships (or guan xi), so if an organization is new to the local community it'll face a tough time getting contracts. Others also cite the vast difference in culture and workstyle.

Here, Tech Podium guest blogger Chong Yew Meng discusses her experience working in China and is refreshingly frank as she reveals the challenges she faces in the country.

Yew Meng is product and solutions consultant at Singapore-based software integration company, In-One Technology, where she is also a co-founder. She is responsible for the development of product concepts and for managing software development projects. The company's range of services include Web app development and software testing and quality assurance.

The draw of China's lucrative software market holds true also for In-One, and Yew Meng has worked with software developers in the country on several projects.

It is through such collaboration that she realizes working with Chinese developers requires a change in mindset, where even the definition of "quality" as she's used to, is starkly different from what her peers in China are used to.

With that, I'll let Yew Meng take it from here.

A lot of companies happily venture into China with plans to tap one of the world's biggest software developer markets. Developing software at a fraction of their native country's costs and using Internet to deliver the software beyond physical boundaries seems to be a perfect business strategy.

But, the plan often falls apart--software quality seems to be non-existent. Even with the best project managers on-site to monitor the team, the project still falls apart in terms of quality.

So why does that happen?

I've worked with developers and testers from China and it took me years before I realized that apart from all of us sharing a few physical attributes, the similarity ends there.

We think differently, we act differently, we communicate differently. I had assumed that being bilingual, I would have an advantage over my American counterparts because I'd be able to "communicate" in the language Chinese developers and testers were familiar with.

However, being able to talk and write in Chinese does not mean I can understand my team from China any better than my American counterparts. In fact, I think it creates more misjudgment because I'll wrongly assume I know them.

So what is "quality"? I once asked the director of a well-known testing company why he still conducts most of his critical application testing in Singapore. Why not perform the tests in China as it is much more cost-effective? He replied: "Quality is taken for granted there."

It is common for the China team to conduct quality tests for software, so the issue isn't that there tests aren't being carried out. Rather, the definition of "quality" is different. Most Chinese software teams define quality to be "as long as it meets the positive workflow required by the requirements".

Hence, it is common for software to pass internal tests with flying colors, but fail miserably during production.

Different definition of "work completion" Chinese developers want to deliver quickly, while others are trying to fight to deliver higher levels of quality at reasonable time.

For many Chinese developers, software is considered to be completed as long as the software runs without major problems. The goal is often to complete as soon as possible--speed of development seems to be the key. Program codes may be messy, where performance can actually be further optimized, but as long as the program runs without major problems, it is considered "completed".

Our local team tends to view a piece of work as completed only if the internals are developed neatly (even if it is not visible to the customers) and the optimum performance is achieved. At times, we may be viewed as "perfectionist" (probably a more polite way of saying we are too fussy) by our Chinese counterparts, while we see our Chinese team as being too laid back on "work completion".

Hence, we are always in constant conflict with our team in China when it comes to definition of "work completion".

Developers decide what final software should be When I first started working with Chinese developers, I'd thought that after providing clear functional and design specifications, I would be able to relax and wait for my system to deliver in the shape I expect it to be.

However, instead of receiving the system according to my specification, I received one that had deviations from my requirements. I wasn't informed that the team had encountered technical difficulties implementing the specifications I wanted, resulting in the need to change the requirements to work around the technical issues.

It is common for developers in China to make unilateral changes to specifications without informing the person who stipulated the requirements. At times, it seems as if they made their decision on what the final software should be.

This can introduce an unquantifiable amount of risk, and companies have to guess where software performance may have been affected as a result of the changes.

Keeping quiet about problems It is common not to hear about any problem from your development team in China during the implementation phase, but this may not be necessarily so.

Developers that produce software often know where the problem lies with their software, but they may not provide that information to their project manager or customer.

The rule seems to be "tell you the good news; but keep the bad news". However, it's important to know the bad news so the situation can be remedied.

Hence, a lot of projects fall apart at the last stage because it is simply too late to resolve the problems by then.

So is there a future for software collaboration? I believe that every developing economy must first make junk before it can produce a quality product.

With more Chinese developers being educated overseas--to more mature markets--and returning to China to work, the situation should improve as they'll bring back the "quality" concept.

And with companies training local developers through numerous interactions on software development, the quality problem will only get better, not worse.

Most important, companies that want to operate in China should learn to understand how to work more effectively with local developers. Chinese developers are brilliant in terms of creativity and if deployed correctly, this creativity can produce brilliant software offering the best quality at low cost.

It was only after countless failures and much frustration that I realize we're "not the same".

It was only after spending time to understand how my China team thinks and why they act in a certain manner, that I started to see the puzzles fit and when we were able to deliver quality projects.

Needless to say, it requires guts and gumption for someone to decide they're willing to risk potential failure and strike out on their own.

To help startups and aspiring entrepreneurs better equip themselves for the cutthroat business world, the National University of Singapore (NUS) set up a unit to cultivate entrepreneurial spirit and offer incubatory services. NUS Enterprise espouses to be an incubator "without walls", and aims to provide education based on real-life industry experience and initiate engagement between startups and industry players.

Lily Chan heads the enterprise unit as CEO, and oversees NUS Enterprise's strategy and programs to promote business ventures and industry collaboration. Before joining the university, Lily was managing director of investments at Bio*One Capital, which is an investment arm under Singapore's Economic Development Board, where she focused on developing the country's biomedical sciences sector. She also has over 20 years of relevant experience that includes spearheading venture investments and mentoring biomedical entrepreneurs.

She also has a doctorate in microbiology and immunology, and currently holds two U.S. patents in viral detections that have been applied in commercial products.

I asked Lily to contribute a post here to provide some insights on the local entrepreneur scene and what it takes to be a successful startup.

Starting up a company is known to be risky, with the majority of startups ceasing operations within their first five years. What more can be done to help young companies grow and succeed? Can we create the right environment for entrepreneurship to flourish? Why is entrepreneurship so important in the first place?

Let us start with the last question first. Entrepreneurship plays a key role in a young and dynamic economy, like Singapore, where it's responsible for creating more jobs, innovative products and services, and even new markets.

High-tech startup companies help drive technology commercialization, often translating work from research institutes or universities into tangible benefits for the public. Startups also support the growth of local industry clusters. With the buzz surrounding entrepreneurs and startup companies, it is not surprising that many organizations--NUS Enterprise included--have taken a strong interest in supporting these young firms.

In order to create an environment conducive for entrepreneurship and to groom future business leaders, NUS Enterprise established a holistic incubation ecosystem. Known as an "incubator without walls", this not only supports startups but also creates new entrepreneurial companies. This incubation ecosystem involves three key thrusts: experiential education, entrepreneurial support, and industry engagement.

We organize many programs that aim to infuse a spirit of enterprise into our students' overall educational experience. One such program is the NUS Overseas Colleges (NOC), where students venture overseas to entrepreneurial and academic hubs around the world. They spend a year taking entrepreneurial-related courses at associated universities and also intern at high-tech startup companies within the area. With six overseas colleges, located at Silicon Valley, Philadelphia, Beijing, Shanghai, Stockholm and Bangalore, our NOC graduates return with a global and entrepreneurial outlook.

Other experiential educational programs include NOC's local equivalent, the Local Enterprise Achiever Development (iLEAD) program, as well as Start-Up@Singapore, an eight-month long business plan competition. While the latter began as solely a business plan competition, it has now evolved into a springboard for entrepreneurs looking to translate ideas into feasible businesses. The recent winner of the 2009 Start-Up@Singapore developed an automatic roti (a form of flat bread) maker, which is positioned to become the Indian version of the rice cooker!

Why startups fail Over the past several years, while at NUS Enterprise and my previous job within the venture capital (VC) industry, I have seen hundreds of startup companies get into problems and close down.

Why do companies fail? There are many reasons and common ones include an inexperienced management team, lack of market research, not addressing market needs, poor product differentiation, underestimating financial needs, excessive market competition…the list goes on! Typically, I group these problems into two key categories: lack of in-depth domain knowledge and experience, and insufficient funding.

To address the first challenge, NUS Enterprise's incubator established a pool of experienced mentors and incubator managers. These include serial entrepreneurs, business angels and industry experts. Mentors help guide and advise startups by shaping their business plans, sharpening their strategies and introducing them to the right contacts. NUS Enterprise's incubator also provides funding support, linking incubatees to an extensive network of VCs and angels, or helping them secure grant funding. Since the start of 2009, we have assisted our incubatees raise over S$8 million in funding.

NUS Enterprise also provides physical incubator facilities and business resources. This allows incubatees to leverage shared services and benefit from close proximity to other technology startups. They can also receive support when applying for intellectual property rights to protect their technologies, or assistance in licensing in or out new technologies to the industry.

This brings me to the third way NUS Enterprise supports its incubatees--through building up partnerships and managing industry relations. We're positioned to identify possible research collaborative partners and assist in negotiations. Furthermore, coming from a traditional university setup, NUS is already recognized as an institution with strong research and technology capabilities. This allows NUS Enterprise to act as a catalyst and translate technologies from the university into beneficial products and services that are developed by young entrepreneurs.

Although these three thrusts remain distinct, the entrepreneurs within them do not. The result is a melting pot of exciting business ideas, innovative talents and dynamic startup companies, all leveraging the NUS Enterprise incubation ecosystem. For example, we are seeing our NOC students and NUS graduates starting up their own companies, entering the NUS Enterprise incubator where they are mentored, before going on to raise external funding. There are also instances of NUS Enterprise helping the university faculty spin off their research into a new startup, which can then tap the iLEAD program to gain access to entrepreneurial interns.

Through our various initiatives, we hope more talented graduates with entrepreneurial mindsets and high tech ventures will emerge from or be facilitated by NUS. At the same time, we want to create the right environment that will attract VCs and angels to NUS, together with other world class R&D investments. These in turn will draw in more top researchers and students to work and study here. The end outcome is that NUS will play a pivotal role in the high-technology economy, both in Singapore and the global arena.

Before introducing the next guest blogger for Tech Podium, I thought I'd help set the stage a little to explain why this issue is relevant to the underlying infrastructure that supports the World Wide Web today.

I've been closely following the debate over whether the Internet Corporation for Assigned Names and Numbers (ICANN) should remain under the purview of the U.S. government or be handed over to an international entity.

Established in 1998 as a nonprofit organization, under the U.S. Department of Commerce, ICANN oversees the infrastructure that matches URLs to their corresponding numeric IP addresses. The organization coordinates these identify-and-match tasks to enable anyone, anywhere in the world, to locate and access a site via a decipherable Web address, rather than a string of numbers.

There've been numerous calls, as early as 2005, including from the United Nations and European Union, for the U.S. government to relinquish ownership of ICANN so it can be empowered by a more global voice. On Sep. 30, 2009, the U.S. government finally did just that.

I've long supported the notion of a more global ICANN, particularly since the Internet is no longer contained within the walls of military research labs and universities.

But, while I had expected the U.S. government to eventually have to concede it can no longer hold on to ICANN, I had not anticipated this day to come so soon. As a non-U.S. citizen of the global online community, I welcome the move. However, there are still crucial issues that have yet to be properly addressed, mainly, questions related to funding and decision-making.

Now that ICANN is no longer under the care of any one specific owner, who or what will be responsible for ensuring there are sufficient funds to support the organization? Also, now that ICANN, in theory, belongs to the world's Internet community, who or what gets to have the final say in the decision-making process? ICANN's Paul Levins says that now, "everyone has an equal voice", but that also means we'll run into a deadlock if there are opposing views on what direction the organization should take.

I applaud the U.S. government for taking this necessary step to "globalize" ICANN, but I wished it had first looked to ensure the right processes were in place to better support this obviously significant change in ICANN's core organizational structure. It's almost as if the U.S. government lifted its hands, shrugged and said: "Hey, you guys said you didn't want us to have it, so here, take it."

Amid the heated debate leading up to Sep. 30, the Coalition Against Domain Name Abuse (CADNA) had campaigned for ICANN to review its processes and provide more transparency in how the organization manages its affairs. CADNA President Josh Bourne had described ICANN as "broken" and sorely lacking in accountability, and it is a view CADNA maintains today--despite ICANN's increased autonomy.

I asked Josh to discuss his views here and highlight some of the concerns he has about ICANN's new organizational structure. He explains why the new agreement doesn't provide the necessary authority and accountability to ensure ICANN is able to fulfil its responsibility.

Two weeks ago, on Sep. 30, the Joint Project Agreement between the ICANN and the U.S. Department of Commerce expired. This agreement was replaced by a document titled the Affirmation of Commitments (AOC), which extends the relationship between ICANN and the U.S. government but also gives ICANN a greater degree of independence and autonomy, effective Oct. 1, 2009.

ICANN's mission, as set forth in its bylaws, is to "coordinate...the global Internet's systems of unique identifiers, and in particular to ensure the stable and secure operation of the domain name system...preserving and enhancing the operational stability, reliability, security, and global interoperability of the Internet".

Many are praising the AOC because it seems to provide more opportunities for international participation and influence over ICANN and its policies. Governments and other stakeholders from all over the world will be tasked with reviewing ICANN.

But, the truth is that no government--not the U.S. government nor any other government on the newly established panels--will be able to actually exercise any sort of oversight over ICANN under the AOC.

This is a fundamental problem with the AOC. Despite the inclusion of foreign governments and a larger number of stakeholders, this new agreement fails to create meaningful accountability for ICANN. The panels and review committees that the document calls for will not have the authority to effectively keep ICANN in check, and hold it to the promises it makes or the initiatives it undertakes. Moreover, this structure perpetuates a problem inherent in ICANN.

As a captured regulator, ICANN is incapable of admitting it is wrong, that it needs to change course or that it needs to reform. A prime example of this fact is found in the history of ICANN's plans for new generic top-level domains (gTLDs). TLDs are the last three letters in a Web address, like ".com", ".org" or ".mobi".

Expanding the number of new extensions by increasing the options for gTLDs will have frightening commercial implications, complicate the Internet for the average user, and ultimately have cybersecurity consequences. Very little has been done by ICANN to address the concerns that already have been voiced about this poorly considered policy. The public, concerned with these issues, has spoken out and asked ICANN to review its decision regarding the manner in which it thought to implement the new gTLDs.

Unfortunately, ICANN's policymaking body, which is structured to allow those with financial interests in domain name sales to dominate, essentially ignored these pleas. Rather than slowing down the process, the organization has continues to insist on a relentless march forward in order to reap profits as soon as possible.

Clearly, the AOC's failure to provide for meaningful accountability will allow ICANN to maintain the status quo--as a captured regulator, it will continue to produce policies that benefit those with financial interests to the detriment of the rest of the Internet community.

Those areas that are currently experiencing the most growth and expansion of Web use should particularly be concerned about how ICANN continues to operate in the future.

The Asia-Pacific region is one of the fastest growing regions in terms of individual Internet users and companies engaging in e-commerce and other Internet endeavors, and will have to increasingly contend with the negative effects of ICANN's policies.

One Singapore startup, Socialwok.com, decided to tap this market opportunity and offer what it calls, an on-demand enterprise social platform. Its CEO and co-founder, Yong Ming Guang, says the company aims to help enterprises tap social messaging tools to better collaborate and communicate across their organization.

Ming and his friends formed Socialwok in May this year, and spent the following month running beta trials with several businesses. The company is scheduled to officially unveil its platform next month.

In this post, Ming also reveals plans to integrate Socialwok's service with Google Apps, which he says is missing a social layer needed to enable businesses to more intuitively share data and documents. The Singapore startup is hoping to fill this void, but you'll have to read on to find out how.

The company's interest in Google is not incidental since Ming is also a member of the organizing committee for the Singapore Google Technology User Group, which will meet for the first time this weekend.

I read past Tech Podium posts like Donut Empire's Steven Chiew or Razer's Ryan Chua, and realized both companies are advent users of social media tools like Twitter and Facebook to do online social media marketing. They tweet on Twitter, build a fan community using Facebook pages or post brand videos on YouTube. Interestingly, Razer mentioned a significant increase in online sales following the launch of their social media marketing campaigns.

Personally, I see the growing importance of social media in everyday life as more people join Facebook and Twitter. I also see increased newspaper coverage on social media; like using LinkedIn for your next job search. Enterprises and organizations will have to grapple with the reality that their next customer and next employee are comfortable with social media. I see this as a great opportunity for forward-looking enterprises to embrace social media technologies, for both internal group collaboration and online marketing, to gain a competitive edge in their respective industries.

I started Voiceroute in 2007 as a Web application company specializing in open source unified communications with two college friends, Navin Kumar and Vikram Rangnekar. All of us use Facebook quite heavily and Google Apps, such as Google Calendar and Google Docs, for our online business productivity tool. It seemed to us that if we could use feed-based status updates to keep in touch with friends all over the world, as well as Google Apps for group collaboration, we could definitely use the same social collaborative technologies to improve communications within our company and customers. That was how Socialwok was born in May 2009.

Enabling Non-Profit 2.0 We opened Socialwok to over 80 organizations for closed beta trials in Jun 2009. One of the more interesting deployments involves the non-profit Singapore charity event, Run For Hope. To be held in November this year and organized by the Four Seasons Hotel and Regent Singapore, the annual charity run aims to raise funds to fight cancer. The beneficiary of the charity run is the National Cancer Centre Research Fund (NCCRF).

The event's organizing community of 30 people comprises volunteers. Traditionally, they communicated during weekly meetings and via e-mail and phone. They often shared large files that are blocked by e-mail filters or rejected due to the size. The organizing committee chairperson also had to use a numbering system in all e-mail correspondence to keep track of conversations and ensure everyone is on the same page.

With Socialwok, they were able to create different feeds for topics like marketing, Web site development, volunteers and so on. We helped them archive all conversations related to each topic in individual feeds, making it easy for a new committee member to get to speed quickly. They were also able to do file-sharing within the group by posting rich-media updates. In sum, they were able to organize their processes more effectively with less face-to-face meetings, and keep different aspects of the charity event progressing and every member of the organizing community on the same page.

On the marketing side, the organizing committee previously depended on traditional media like newspapers and press releases to get the word out on the charity run. Given the economic downturn, they wanted to identify more cost-effective ways to get the word out. The marketing committee used Socialwok as a group publishing platform for Twitter and Facebook feeds.

Integration with Google Apps The next exciting chapter for Socialwok is our integration with Google Apps. There are over 15 million users from 1.5 million organizations, ranging from small businesses to large enterprises, currently tapping the online office productivity service from Google. Google Apps include different products like Google Mail, Google Calendar, Google Docs, Google Sites and Google Talk.

One of the missing elements in Google Apps is a social layer, where users within an organization can more intuitively share information, calendar events and documents with other members, instead of having to go through e-mail as they do now. Socialwok aims to add this missing social layer by offering a feed-based collaboration service that integrates with Google Apps. This will allow users with existing Google Apps accounts to sign up and log into Socialwok, and immediately be able to create different feeds within their organization to share information, files, docs, calendar entries, and etc.

We are very excited about unveiling this aspect of Socialwok to the global community of Google Apps users, and will be giving a sneak preview of this feature in Singapore at the first gathering of the Singapore Google Technology User Group this weekend. We will also formally unveil the tool in San Francisco next month at Techcrunch 50, as well as the Silicon Valley Java User Group meetup. It's going to be an exciting Sept 2009 for Socialwok!

Now in its third instalment, the conference and exhibition for all things games aims to be a business and networking vehicle for developers, publishers, distributors and manufacturers in the games industry. Last year, the GCA drew over 92,000 visitors.

I asked Jorg Zeissig, managing director of the show's organizer Leipziger Messe International (LMI) Asia, to contribute a post on Tech Podium and discuss what visitors can expect at this year's GCA.

Singapore has always been a business hub and, therefore, will always be an excellent business location. We are trying to drive this business focus forward to really create value here out of Singapore, create intellectual property (IP), and so on, and distribute it into the region and beyond.

So what is going to be different this year at the Games Convention Asia 2009? We'll be bringing in more international high-level people who are looking for investment and co-production, and who are willing to share knowledge with others in the region at the GCA conference, which will run alongside the exhibition from Sep. 17 to 18.

So, we're bringing in people from various countries out of the region, and at minimum, I would say 15 to 20 countries will be connected at the convention. We are also bringing in international export out of regions that are really strong in the games industry, including North America, Europe, and of course, Asia-Pacific.

It is not just about quantity but also quality, and that is what we continuously look to further develop. That applies to the business angle of GCA 2009.

On the side, of course, there is always the gamer--the "final client". For gamers, we'll run a couple of tournaments, such as the One Asia Cup, which is Asia's largest e-games tournament organized by Infocomm Asia Holdings, the publisher of Fifa Online.

Besides games, there will also be contests to allow people to be connected to characters in games, such as the Asia-Pacific Cosplay Championship 2009. The winner here will fly to Perth for the grand finals of the championship to be held in October.

The GCA differs from most of the game shows in Asia. We are not just a consumer-driven show. For us, it is about bringing together various components in the whole value chain into a single event. The game developers will have their own platform at the GCA conference. The publishers, producers, investors and distributors, will find their place in the business center and connect with potential business partners in the matchmaking area. And the casual, as well as hardcore, gamers can also enjoy the latest games and the excitement in the exhibition hall.

So why did we decide to run such a show here? There are several reasons why we think Singapore is the perfect place for GCA.

First, we feel that Singapore's government has been very supportive to the video games industry and has put in place a long term strategy. It has good intellectual properties protection, reliable technological infrastructure and stable economic situation.

Second, Singapore's games industry and market is quite universal, which means that both Western and Eastern business models work here. For the Western games model, Singaporean gamers play all types of consoles and online games, and buy their games at retail shops or download it from the Web. As for the Eastern games model, online PC games, especially the free-to-play games, is also established quite well here.

Third, there are no language barriers for international business people, and a number of global video games companies have set up their offices in Singapore for both publishing and distribution, and development purposes. It shows the importance of Singapore for the region's video game industry.

In order to grow the regional games industry, it is also necessary to support the young talents who want to enter the industry. There is a bunch of companies here in Singapore that are currently hiring, even amid the economic downturn.

The games industry is developing, and career opportunities are broad, very broad. This is due to the diversity within the games industry. We are talking about graphical animation. We are talking about painting. We are talking about 3D-Animation, which can be supported by 3D-Web, and all that.

The games market also delves into the digital arts, the sciences, and sit is about story telling. The whole value chain of the games industry is so complex that there is everything available for the youngsters.

At GCA 2009, we will have a career fair as well as a Students' Day. The organizers aspire to bring in and share knowledge and expertise. Again, it is a business platform for people who want to do business and who are already in the business. It is also an opportunity for those who are not as yet in the industry, but are trying to think about somehow getting involved in the games industry.

I hope to see you all at the GCA!

Razer manufactures games peripherals, including mice, keyboards and built-for-gamers mouse pads. Its high-end mouse Mamba, sports seven independently programmable buttons, 3.5G laser sensor capable of 5,600 dpi and 1,000MHz polling rate--which, I think, means the mouse is able to relay to the computer 1 million instructions per second.

I've known Razer's Singaporean CEO for several years now, and would describe him as young, brash, highly ambitious and goal-oriented. Once he identifies his targets, he knows what needs to be done to achieve them and does what it takes to attain them.

These are necessary qualities particularly for a company like Razer, which products cater largely to a young crowd and which customer base is more likely open to new ideas. The CEO often relates excitedly about how the Razer brand is gaining momentum as a "cult", with followers who would gladly brand themselves with a tattoo inked with the company's logo.

Ouch.

So when I asked if Razer would like to take a guest spot on Tech Podium, he was keen to have his marketing guy, Ryan, discuss the company's use of new media tools to extend the company's brand and reach.

Razer's marketing strategy is probably not going to be suitable for every company--I doubt if every business in Asia would want their customers to get a tattoo of the company's logo or would challenge their clients to a virtual duel.

But, Ryan dishes out several relevant points about what it takes to create a corporate brand, how new media tools can be properly utilized to extend a company's reach, and why engaging the customer is also about "attitude".

It's worth a read so do check it out. FTW!

What do tattoos and cakes have in common? Nothing much to be honest, and to bring it all in a mix and say it improves sales online to your boss, would be quite a kind of a pitch that would get you packing your belongings into a brown box at your office door.

But, what makes it so interesting at Razer is that it works like gangbusters. Period.

Online sales of our products have seen a 140 percent increase over the past year due to our social marketing campaigns that have reached out to engage customers, and by spreading the word via online forums, instant messengers and on Twitter. With close to 50,000 fans and an additional 100,000 fans by end of the year on our Facebook page (btw, here's a shameless plug to check out Razer's Facebook profile), we're in a great position to share that we do have something interesting going on there.

Building a cult Twitter, Facebook and the latest fandangled new generation "social media" tools can be all the rage (and there's even more on the horizon). However, they still just remain simple tools and platforms if your company doesn't utilize it as a true communication platform to bridge the gap between just having a browsing visitor, customer and a converted brand addict.

If we look deeper into cult brands that get fans all emotionally riled up each time there's a new product release, it's clear to see the customer has more than just a relationship with a specific product, or the company itself.

So first, what makes Razer so different from other corporate companies out there? We speak to our customers differently. We know who they are, what they want, and what they're into. We don't speak the "corporate" or use cringingly bad "marketing" talk, or hide behind corporate policies or structure our words carefully to prevent customer backlash. Our community managers are also not afraid to use words and games-only phrases (e.g. FTW!) that most other HR directors would greatly frown upon or wouldn't understand in the first place.

Have an attitude We are not afraid to single out a customer, one-on-one, on our Twitter page and challenge him to an online duel just to see who wins in the next frag map in QuakeLive.

It's much more than just the "engagement" factor, it's also the attitude that you portray to your customers that determines whether you are truly understand them, or whether you're just trying to keep them entertained so that you can market a new product to them. It's a clear distinct difference between the two, and your customers can smell it a mile away.

March to a different beat against your competitors and you'll find that by engaging your market in a tone that is in tune with them, and your brand equity will resonate deeply much more than any marketing tagline or campaign can. And yes, there's absolutely no need to try too hard to be different.

Promote your social channels everywhere to get your fans to join in the fray. There's no use hiding a link deep down in a submenu simply because doing otherwise would drive Web visitors away. At the end of the day, it's for a greater good if it allows you to directly info-educate your customers on their own turfs and personal profiles. Share your company's profile on every channel you possibly can, and keep your users constantly updated with what's going on, inside and outside of your business.

Take the bad with the good Run contests and giveaways to get them to take notice, sign up and join in the conversation. And yes, you will get tough questions and even unhappy customers from time to time--it comes with the territory. However, you can use that to your advantage by showing others you actually care about their experience with the company by listening to them and resolving the issue immediately.

Using your personal voice to talk constantly about current trends and related industry information works just as well, even if you're not talking about your products or services--just don't talk incessantly about your family pet or mum-in-law. You can leave that out.

Always recognize and reward the contributors and brand ambassadors to your company (and it doesn't have to be about money or free products). A common example is that for every fan that sends us a set of photos with a Razer tattoo on his or her body, we immediately announce and broadcast it globally to all of our fans and tell everyone around us.

It's really not hard to tell we are extremely proud of our fans and not afraid to show them off. Heck, even more recently two of our fans even made Razer-themed cakes for us and we posted that news through our six-figure e-mail database of customers as well as on our corporate blog.

Did people unsubscribe from our list? Sure. But, hey, no biggie. We have always rewarded and encouraged our customers to have a voice, and we're always surprised to find that our fans respond in kind, ten-fold.

Don't hesitate to determine your own social attitude, brand ethos and start converting your customers into fans today.

And that he did.

Since we last met, Hock Sun has secured work as an IT consultant with the Youth Olympic Games, which Singapore will be hosting next year.

Over the years, he has accumulated experience as an IT infrastructure consultant in the real estate and hospitability sectors.

In his free time, Hock Sun enjoys discussing issues related to IT security. So, it's only fitting that his debut in Tech Podium revolves around tips on how to safeguard data in anticipation of any potential laptop theft.

According to the FBI, one of the most common places to lose a laptop is the airport and most of the laptops were never recovered or returned to the rightful owner. Also, statistics obtained from Datalossdb.org showed that 21 percent of data loss was contributed by stolen or missing laptops.

Three basic must-do steps Since the chance of getting back your precious laptop is almost zero, the most basic steps one must take are:

1. Backup, backup, backup. Regularly back up the data into another media (CD-ROM, flash-based storage drives or portable disk comes in handy here) and store it safely. 2. Encrypt the data with a proven commercial tool. This will prevent sensitive and personal data being leaked to the wrong hands or the Internet (think Edison Chen). 3. Dump that standard laptop bag. Invest in a laptop carrier that does not indicate that you're lugging a laptop. But, stay away from popular brands that, by now, are easily recognized to contain a laptop compartment.

Make laptop hard to reuse when stolen Since the goal of a laptop thief is to steal the data or sell the laptop for a quick buck (think recession), one should make the laptop almost un-usable to the "new" owner.

1. Personalize the laptop. Paint it bright or put some decal of your choice that doesn't come off easily. 2. Set up the BIOS password. This is simple, yet effective, solution that is often overlooked. It will, at least, make it harder for thieves to reboot your laptop and gain access to it immediately.

Trigger the alarm Create a commotion when the thief tries to make a quick getaway with your laptop. There aren't many such solutions out there but there is one, Syfer.com, which offers an application that sounds an alarm when certain parameters are triggered. The downside, however, is that the laptop will never go into sleep mode once the software is running.

Protect, track and manage This last category is really hard to justify if you are securing a personal laptop, and is more suitable for a company that wants an enterprise-level solution. However, most of the solutions listed below may only work in the States and may be unsuitable here.

1. FailSafe Technology. A solution provided by the BIOS maker, Phoenix. 2. Computrace. The technology is licensed by Absolute Software from LoJack, the technology that is touted to prevent car theft. 3. Intel's vPro Anti-Theft. This solution sounds promising although I have yet to come across any organizations that have deployed it company-wide.

The first two solutions can still be circumvented by re-flashing the BIOS or removing the CMOS. However, it's unlikely to be easily carried out without some technical expertise. Having said that, if you subscribe to the earlier statement that most laptops will not make their way back to their owner, companies need to ask themselves if it make sense for them to invest in these solutions?

Conclusion The risk of losing a laptop have many undesired consequences that is not only economically painful, but you can run the risk of identity theft, particularly if you keep a lot of personal details in the hard drive.

Ultimately, what solution or approach one should take really depends on how the laptop is being utilized. The more you depend on your laptop to do your daily chores, the more thought and money you need to invest in carving the right solution for your personal need.

Unfortunately, no one solution fits all.

Their company has now grown to become Singapore's largest donut chain, with 13 outlets across the island-state and plans for regional expansion that includes Malaysia, Dubai, Indonesia and India.

Aptly named Donut Empire, the company bakes egg-free donuts that feature over 34 flavors, including its best-seller Typhoon Oreo, and others like Mocha Madness, Latte Hill and Almond Pit.

I met Steven, who's also the company's executive director, a couple of months back to discuss his interest in blogging for Tech Podium. Technology is unfamiliar territory for the guy, but he's more than willing to try new tools that he thinks make business sense for the company.

Whilst I munched on my Typhoon Oreo during our conversation at the Donut Empire caf, Steven talked enthusiastically about blogs, Facebook and the prospects of how these new media tools can help his company better connect with customers and gather key consumer information.

Alright, enough said...read on to find what Steven has to say about IT in general.

Given our limited knowledge and capability, the approach we took was to engage and outsource our IT infrastructure strategy to external consultants. The key fundamental issues we face include implementing an office tech infrastructure and Internet policy to prepare ourselves to succeed in the F&B (food and beverage) industry of the future.

We need to use whatever that is available to create that much needed awareness, interest; and eventually, we will see a greater demand for our products and services. Technology and the Internet help to smoothen communication between us and our customers, and we even have a Facebook group for our fans where they can communicate to us one a more informal basis.

We also upload interesting Donut Empire videos on YouTube as it reaches out to millions of users daily. On our official Web site, we allow our customers to place donut orders online which is convenient for them. This helps to boost sales because Web sites are available 24 by 7, and hence, customers can place orders any time of the day without having to drop by our outlets.

Our corporate blog is another avenue for our customers to keep in touch with our updates. It is another tool for us to keep in touch with our consumers, who are perhaps not active users of Facebook. In our blog, we touch on more business-like updates and we include our media features in it. We do get featured in newspapers and magazines regularly, hence, our blog is an avenue for us to showcase our media features and more business-oriented updates. Our blog also lends a personal touch to our Web site, which makes it easier for our customers to relate to us.

As Donut Empire's clientele is largely made up of youths, including young professionals, we use social networking tools such as Facebook to reach out to our customers. Most of Facebook's users are under 35 years of age, hence, Facebook is perhaps more helpful for businesses that target the youths. Our target market spend a lot of time online hence, reaching out to them via Facebook is a logical step. Through our Facebook group, our fans can keep in touch with us, find out new products we've launched, and communicate with us openly through a fun platform. We upload photographs of our recent events on our Facebook group, which allows our fans to download those photos and relive the moments they've experienced at our events. It's a great way to keep in touch with our fans and moreover, Facebook is free.

The older generation may prefer traditional Web sites and blogs to get their information, hence, having all three means of reaching out to consumers (Web site, blog, Facebook) is highly effective in raising awareness for our business.

Initially, we were torn as to whether Facebook is necessary for our business, since we already have a Web site for our consumers. Some of our staff were concerned that Facebook is not a proper channel to raise awareness for our business, as it is informal and is more geared toward social networking. However, I believe we have to follow IT trends and work smart. If our clientele are active users of the Internet, why not leverage Facebook for our business? On the downside, Facebook gives our fans the freedom to write anything they wish on our message boards and comment on the photographs we uploaded. This may pose a problem if our fans abuse this freedom, but so far, this has not happened.

If there are more social networking tools such as Facebook, available in the near future, we will make full use of them. To create a more effective platform for communication, we will also leverage on the "Community" and the "Forum" functions of our Lotus Connection site. Social networking tools are helpful and help form a bond between us and our customers and also add a personal touch to companies.

All in all, I would advise entrepreneurs to be more open to IT and new tech developments as more often than not, they are beneficial to business, if used correctly.

Having a good corporate Web site is essential these days and add-ons such as blogs and Facebook, can raise awareness for one's business. These social networking sites also allow your consumers to interact with you informally in a relaxed setting, which creates better customer relations.

I would encourage businesses to first of all, have an informative Web site as a business Web site is almost similar to having a sales promoter who promotes your products or services 24 by 7.

For Donut Empire's Web site, we have to make sure the information featured is accurate and up-to-date. Many consumers and even the media obtain information from our site and a minor misprint can lead to misunderstandings. Accurate information is important.

We also provide a downloadable delivery form for our customers, such that they can place their donut orders any time of the day. E-commerce is definitely in the pipeline to make online purchases easy for our customers. Right now, we are aiming to make full use of available technology to help us in our business as well as provide convenience to our customers.