The Book Expo America (31 May to 2 June 2017) in New York offers an excellent opportunity to meet with publishing software vendors and learn about new applications the book publishing software. [Read more…]
The 2017 London Book Fair (14-16 March 2017) offers an excellent opportunity to meet with publishing software vendors. [Read more…]
Ransomware is of increasing concern to medium and large publishers.
Ransomware is a type of malware that restricts access to the infected computer system in some way; usually by encrypting your files, and demands that the user pay a ransom to remove the restriction. If you don’t have a backup you have to pay the hackers to gain access to your data.
Sony Pictures is one media company that was affected by a ransomware attack.
Often a system is infected by a phishing attack where a user inadvertently downloads malware or inadvertently provides a hacker with their user ID and password.
Information on Ransomware
Advice For Large Publishers
At Kensai we recommend that large publishers consult with internet security specialists from E&Y or PWC. Very large publishers should consider Accenture.
- Ernst & Young Cyber Security: http://www.ey.com/gl/en/services/advisory/ey-cybersecurity
- Price Waterhouse & Coopers: http://www.pwc.com/us/en/forensic-services/video/cyber-security.html
Protecting a book publishing software system against such intrusions requires multiple levels of protection.
Staff should receive instruction in best practices for internet security. Over 95% of security breaches are caused by an employee inadvertently providing their user name and password to a hacker.
Backup your data
Restoring a backup file can often negate the extent of a ransomware attack.
Internet Security Software
It starts with ensuring that every workstation that accesses your system has internet security software running. Internet security products can deny access to clients (local or remote) not running internet security software. For small and medium sized publishers with security concerns we recommend using Symantec Endpoint Protection Cloud. Enhance this by also using Malware Bytes Endpoint Security. Malware Bytes; like Sophos Intercept X, is designed to detect and stop ransomware attacks.
Medium and larger sized publishers should consider products such as Sophos Intercept X. Intercept X includes technology that detects spontaneous malicious data encryption to stop ransomware in its tracks. Even if trusted files or processes are abused or hijacked, this technology will stop and revert them without any interaction from users or IT support personnel. It works silently at the file system level, keeping track of remote computers and local processes that attempt to modify your documents and other files.
We recommend cloud managed hardware firewalls. Hardware firewalls are harder for hackers to breach. A cloud managed firewall includes hardware that needs to be connected to the network. The firewall is managed through the cloud by a service provider. Managed firewall services provide 24×7 firewall administration, monitoring, and quick responses to any malicious attacks.
Your company should enforce secure password specifications. This includes minimum character length, the exclusion of dictionary words, and a requirement that passwords be changed periodically.
Two Factor Authentication
We recommend two factor authentications for all email access logins and system logins. In addition to a user name, and password a third identifier such as a passcode sent to the user’s phone or a smart card is required for system access. Two factor authentications for system administrator logins should be required because these users have access to all systems.
Segment Your IT Systems
We recommend that large publishers segment their IT systems so that hacking one system does provide access to all segments of their IT infrastructure. Ransomware attacks are often successful because obtaining a single IT administrators password provides access to the entire system. Best practices call for software (i.e. folder access rights) and hardware (server access) based system segmentation.
An example of system segmentation is storing royalty contract documents on a separate physical server. The hard drive is encrypted. Access is limited to those with a need to know. Out of 400+ users, only 30 users; including the system administrator have access to this server and the royalty contract files stored there. The system administration has a separate username, password and utilizes 2nd factor authentication for accessing this server. Country-blocking is activated so the server cannot be directly accessed by users outside the home country. The server is backed up daily using two online backup services and monitored by Sophos Intercept X.
Employee laptops should have encrypted drives. This will prevent unauthorized users from accessing data stored on a lost or stolen laptop. We recommend services such as Absolute LoJack for Laptops that allow the IT administrator to remotely erase drives on misplaced laptops.
Locate servers in secure rooms with keyed access.
Publishing is changing. Faced with an increasing digitize world publishers are becoming providers of content to third parties that repackage their content. Consumers can obtain content in chunks, as subscriptions, temporary access and via the traditional book purchase.
A recent article by Wolf-Michael Mehl; Executive Vice President of Klopotek, touches on several current and future challenges in publishing and explains what Klopotek can do to support publishers in these specific fields.
The highlights of the article are:
There is a trend towards books being purchased in smaller numbers, while the types of products offered has to increase in order to remaining successful….Keywords such as “lending” content and flat rates for access to content are becoming more and more important.
The Klopotek author portal; STREAM Application – Authors Online, allows authors and agents to access royalties, sales, rights transactions and royalty statements online. This reduces the work for the staff and emailing statements instead of mailing them saves the company money.
The STREAM Application – Rights Sales Manager, allows publishers to focus on the marketing of available rights. All the information regarding a title and its component rights are accessible via a single portal. The rights manager also tracks potential licensee’s topics of interests.
Klopotek tracks “chunk” products for each title. A “chunk” is a component of a title. Examples of “chunks” are a chapter, a table, or a form.” “In Klopotek, “chunk” variants can have individual titles, prices, and information on page number, so they can be sold and invoiced just like e-books.”
The STREAM Application – Permissions and Compliance Manager, contains all of the content, asset and license metadata that allows the publisher to ensure that any content sales are in compliance with the licensing agreements.
Klopotek O2C; order to cash, application supports traditional sales models along with online subscriptions, bundles, bundles that include a subscription product along with the sale of customized products.
In addition to the points listed above I would add the importance of content discovery functionality. Content chunks only sell if a consumer or potential licensee discovers it. Context oriented discovery engines such as Google Scholar or Microsoft Academic can help a user find the content that he is looking for. These search engines index the full text and/or metadata of each indexed article/book.
The 2016 London Book Fair (14-16 April 2016) offers an excellent opportunity to meet with publishing software vendors. [Read more…]
This 2014 hack of the Sony computer system has lead many larger publishers to examine the security of their royalty software systems. The requirements in recent RFP’s often mention security as one of their key criteria.
What is security for a royalty software?
From our point of view royalty software security is composed of three components:
- Data file encryption
- Document management system encryption
- User access rights
- Security monitoring / auditing
Data File Encryption
Most royalty applications are built on a MS-SQL server.
For these applications here is a listing of the ten SQL database security tasks. These tasks include implementing cell level encryption and encrypting the data that is transmitted between the app and the database.
Document Management System Encryption
The DMS (document management system) stores copies of royalty agreements. PDFs of scanned royalty agreements may be stored within the royalty application or in a separate location.
For document security, we recommend that PDFs be stored on an encrypted drive. Access to the documents should be limited to the royalty software. Only users logged into the royalty software can access these documents in their unencrypted state.
User Access Rights
Access rights controls which users can access the software. Many software intrusions result from the hacker breaking in with a user’s password. For greater security against this threat we recommend two factor user authentication for users accessing the royalty system.
Single factor authentication relies on the user submitting his user name and password.
Two factor authentication requires a users password and a PIN that is dynamically generated when the user attempts to sign in. This PIN may be created by a physical device that a user has access to or it may be emailed to the user’s mobile phone.
When an employee leaves the company their access rights should be immediately terminated.
Security Monitoring / Auditing
Third party IT security solutions and services can monitor access to the selected folders and files to prevent downloading and copying to unauthorized locations.
The London Book Fair (April 14 – April 16) presents an excellent opportunity to meet with book publishing software vendors and speak to their clients. [Read more…]
New publishers on a shoestring budget need software for accounting, royalties, title information and editorial project management to manage their operations. With these tools in place they can focus on acquiring titles, publishing titles, marketing and sales. [Read more…]
The Frankfurt Book Fair is the world’s larger book fair. In 2013 this fair hosted 7,275 exhibitors from 102 nations, 631 literary agents, about 9,300 journalists, 275,342 visitors and 170,664 professional visitors.
At the Frankfurt Book Fair you can meet publishing software vendors and their clients. There is no better way to talk to the representatives of many vendors at one time.
BooXtream, Hall 8 L133 – www.booxtream.com
- DRM watermarking for ebook publishers
Digimarc, Hall 8.0 L112 – www.digimarc.com
- DRM watermarking for ebook publishers
Jeux de Couleur, Ltd. (That’s Rights, Easy Royalties), Hall 4.0 J146 – www.thatsrights.com
- Royalty and rights management software for small to medium sized publishers
Klopotek & Partner GmbH, Hall 4.0 E9 – www.klopotek.com
- ERP solutions for book publishers – royalties, editorial, production management, sales, title information – for medium to very large publishers
knk Business Software AG, Hall 4.0 G7 – www.knk.com
- Microsoft Dynamics NAV solutions for book publishers for medium to large publishers
Publishing Technology, Hall 4.2 M35 – www.publishingtechnology.com
- ERP Solutions for book publishers – ecommerce, royalties, production management, sales, title information – for medium to very large publishers
Real Software Systems, Hall 4.0 C38
- Rights and royalty solutions for medium to very large publishers
Stison Ltd, Hall 8.0 A75 – www.stison.com
- ERP Solutions for book publishers
Virtusales Publishing Solutions, Hall 4.0 C31 – www.virtusales.com
- Editorial, production management, rights & royalties, title information solutions for small to very large publishers
An important criteria of any book publishing software purchase decision is the vendor’s area of expertise.
Publishing software solutions often focus their development in a few specific areas. While some vendor solutions excel in financial management others focus on title information management, production management, royalties & rights, sales order processing or ecommerce sales.
A vendor’s area of expertise can be identified by their software development roadmap, reading press releases to see what are the most commonly implemented modules are and viewing the vendor’s website to see what functionality receives the most emphasis.
Example 1: IBS Bookmaster is known for their sales order processing, distribution management and warehouse management along with integrated financials. Most of their clients operate have distribution and warehouse operations. A review of their website shows an emphasis on supply chain management and financial reporting.
Example 2: Klopotek is known for their production management, title information and royalty & rights management functionality. This is where most of their ongoing development has occurred.
Example 3: knkPublishing is known for their integrated Microsoft Dynamics financials. Publishers that purchased their software did so in large part because of their integration with the financial management modules provided by Microsoft Dynamics.
Example 4: Firebrand Technologies is known for their turn-key title information management.
Example 5: Easy Royalties is known for their powerful royalty solutions for small publishers.
Example 6: Publishing Technology is known for implementing ecommerce solutions for publishers and their order to cash solutions for publishers.
Example 7: Virtusales focus is title information management, production management and royalties. They do not handle sales nor offer integrated financials.