Tomorrow, for the first time in years,
I have to demo Domino.Doc on a customer site.  I only do this because
a *cough* large *cough* consultancy firm recommended this product to the
customer as it would fit their needs.  After a few phone calls with
the customer, I talked about a native domino solution, or Quickr, and the
customer agrees that they want to look at these, but also need to see Domino.Doc
as this was the recommended product.

As far as I know, Domino.Doc went on
a level of maintenance mode a number (5?)  years ago.  I know
there have been a few updates, and support is there for for Domino 7.0.x
but its more or less out to pasture.

Historically I liked Domino.Doc as long
as you didn’t screw with it.  If you tried to change anything serious
about the product, or its core code, it would bite you… hard, before
barfing over itself and exploding.  That, in some ways reminds me
of Quickr now.

But, for the younger generation (Christ,
I’m getting old) Domino.Doc did have some excellent features.  It
was a document management product, that had all sorts of security, folders
(binders), libraries, templates, check-in/check-out features.  It
even had an offline mode and the ability to replicate among multiple servers.
 Its browser interface, is dated by today’s standards…

 Quickr sure as hell looks better
in some areas, but Domino.Doc also had a few tricks up its sleeve…

Native Notes access

You could go into, and work with libraries
(databases) containing documents through the Notes client, and the browser,
as well as connectors.  Quickr is just for browser and connectors.

Speaking of connectors, it had
built in ODMA featuring a WAY more intuitive interface for MS office users
then Quickr.  Lets look at the Domino.Doc one interface with MS Office
when you save a document:

Compare that to the Lotus Quickr plug-in
tool in MS Office today.

Even the windows explorer connector
was comparable.  And this software is at this stage, officially old.
 I even know of a few sites that are refusing to let the product go
from their domain, citing it over Sharepoint, due to the Notes integration,
and over Quickr.  If Domino.Doc received the investment it possibly
deserved in the past, and QuickPlace never came on stream (or was just
integrated into Domino.Doc), would both products combined been better?
 Now I have Quickr competing against a Lotus product from the past,
as well as Notes itself, as well as IBM Content Manager if I got picky
(Filenet – not really… that’s just for massive scale).  Then Sharepoint.
 So products in the IBM family are competing with each other, with
limited people knowing about them all… and MS have a simple Sharepoint
message… which I know is horseshit when you consider the mish mash that
makes that turd fly…. but the buyers are never told it.  MS have
a "simple" single message in that area.  Lotus are fighting
ghosts from the past and cousins alive today.

With the great news on Ed’s promotion,
hopefully some product streamlining will come about in this space…

Ok, its an ASW title but I wanted to
see if I was alone.  Since I am doing a lot of work with Quickr….
I find myself typing the word "quicker" as "quickr"
all the time… instead of "quicker".  I added "quickr"
into my custom spell check dictionary so it would stop prompting me to
change it to "quicker" and boy am I regretting it.  I just
did it so I could get my work done quickr… DAMN!

Or… if you really want to piss of
Darren Adams, call it QuickR.

Over the past 12 months, this question
has raised its head a few times, and I would love to get some opinions
from the community on what they see in the IT world or what they think
is a good practice.

Scenario:

More and more frequently, information
is being dealt with outside of email.  A good working (browser based)
example of this is Quicr or Sharepoint, where people are collaborating
and sharing data using default templates.  Pretty soon, this will
be escalated as Activity servers get deployed.  As this is occuring
more and more frequently, a byproduct of this is the desire to allow external
people to your organisation access to this data.  The question follows…
what way is the best way to accomplish this?

You have 2 specific problems.  The
first problem how does mr external get access to the data you want him
to get access to.  The second problem is how do you verify if the
person is who they say it is.  A sideline problem of this is how do
you do this without tying yourself up with massive management overheads.

First problem – allowing mr external
access to your data

There are a few possible solutions to
this….

Solution 1 – Allow them inside.

Grant the external person access to
your network via VPN, Keyfob or whatever method you use.  This has
license implications and management implications.  However, the data
is still on your LAN always.

Solution 2 – Place some of the data
outside the network

It would be possible to replicate some
of the sites that ou want people to collaborate on to a DMZ, and grant
access that way.  This has a lesser management implication, and if
the data is on your DMZ, it is still with you.  Mr external can then
access it through a browser as needed.

Solution 3 – Place all your data offsite
in a data centre.

This is the "way out" soloution
(at the moment).  Place all your data in a location that is available
to all users, be them internal or external, and use your security levels
to allow/restrict access.  This is quite Web 2.0ish, but data protection
could have a lot to say about that.  Do you trust the data centre?
 Do you trust your security that much?  

Second problem – trusting that Mr
external is Mr external

Going with solution 1 above means that
each external person has an external account created in your internal domain,
which is secure and you can manage the account.  Assuming  you
add a vpn account or keyfob/cert this is secure by today’s standards.

But lets say you don’t do that.

If you want to maintain external users
effectively, you need to maintain them in an external directory.  This
is where their details are kept, including authentication information.
 In addition, this is what your external data would be used for authorisation
off.  Lets assume LDAP.  The directory contains account information,
including their password.  Microsoft and IBM use something along those
lines, with their passport sites (IBM’s has come a long way), and external
people enter their name and password on a SSL based site.  But the
question remains, is a user name and password enough?.  Typical answer
is "it depends on the data" so lets assume that the data could
hold sensitive information.  The IBM one already does for Business
Partners.  Is giving a person a user name and password enough to keep
corporate sites happy?  Do you also issue SSL certificates to the
browser?  Do you also require PIN number authorisation on top of name/password?

I would like to know what other sites
are considering good enough these days, especially ones that fall into
the above categories.

Yup… Rob
got there just ahead of IBM.  QuickR
ship date has been released.  On June 29th, the QuickR 8.0 product
(i.e. Next Generation of Quickplace) is available.  Actually, this
leads to a question on the eagerly anticipated FREE QuickR templates that
are being cooked by SNAPPS.  Are they all available on the same day?