In order for enterprises to realize the productivity gains factored into the investment decisions for those applications, IT Managers must explore options for enabling single sign-on for their users. In this post, we’ll outline a mobile single sign-on (mSSO) pattern for enterprise iOS applications.

Assumptions

1. Your company has a centralized single sign-on service exposed on the network – LDAP, Novell Access Manager, etc. This approach will work with a number of identity management architectures, but you will need to tailor credential management accordingly. For this demo, our service calls are simulated with hardcoded tokens.
2. Your company has a standardized credential timeout period or a way of dynamically distributing that value to applications. For this demo, we’ll use a static 30 minute timeout period.
3. You are able to sign and distribute builds to a device. This is important because keychain activities do not function in the simulator.

Implementation

Approach

Our approach will consist of creating three applications – two mock business applications and one logout application. Each application may contain its own logout functionality, but a single logout application makes the user’s activity of killing a session intuitive. In practice, the mSSO pattern would be implemented as a stand-alone library which could be easily dropped into each of your various enterprise applications.

The business applications retrieve a unique authentication token which is included with each service request. This token will be stored in the device’s keychain, which will be shared across our suite of applications. We will also maintain an ‘expiration date’ within the keychain so that subsequent requests from our various apps can (if required) preemptively prompt the user to authenticate.

Authentication for this demo may be simplistic, but existing patterns cover implementing authentication in a service-based mobile application. For example, the ‘store credentials’ logic presented in this example would live somewhere in that pattern’s “authenticateOperation”.

One possible extension of the mSSO pattern is to confirm that your credentials have not expired before issuing a call to the service. You would use the mSSO pattern to sign your network requests, but rely on the service and response handlers to inform you that credentials have expired. Checking credential expiration prior to making a service call limits unnecessary network traffic.

Configuration

There are two key steps that must be completed in order for your applications to share keychain access.

1. Each application included in your mSSO effort must share a Bundle Seed ID, which allows shared keychain access between our suite of applications. This is configured within the iOS management portal. We’ll configure our applications using the default ‘Team ID’ selection.




2. We also need to enable and add an entitlements file that specifies that this application should be able to access the shared keychain. This step is done after the Xcode project has been created.
• Select your app target in Xcode and choose the ‘Summary’ tab.
• Choose ‘Enable Entitlements’ at the bottom.
• Set the Entitlements File name to “mSSO” and hit return. Select ‘Create’ when prompted.
• Unless needed for your application, remove iCloud configuration settings.
• Add a keychain value titled “mSSO”, our Bundle Seed ID is prepended to this value for us.

Development

We’ll walk through how to create App1 in detail, and then let you work through App2 and the Logout application. Let’s start by opening Xcode and creating a single view application. Before we get started, add the Security.framework and create your entitlement files as outlined above. Here is a good primer for interacting with the keychain.

1. Add the custom mSSOUtils and DateUtils classes as outlined below. Make sure that you import accordingly. Due to changes in iOS related to ARC (developer account required), you will need to disable ARC for the mSSOUtils class. You can do so by selecting your target in Xcode and viewing the Build Phases tab. Expand the Compile Sources section and double click the mSSOUtils class to add the -fno-objc-arc compiler flag. You may need to clean and build.
   mSSOUtils:

   #define kmSSOKeychainGroup @"3Q4M6DQ9WM.mSSO" #define kAuthenticationServiceName @"com.captechconsulting.msso" #define kCredentialToken @"mSSOAuthenticationToken" #define kCredentialExpiration @"mSSOCredentialsExpirationDate" #define kExpirationTimeout 60.0 * 30 // 30 minute timeout   // *** PRIVATE METHODS DEF *** // @interface mSSOUtils (Private) + (NSMutableDictionary *) keychainSearch:(NSString *)identifier; + (NSString *) getValueForIdentifier:(NSString *)identifer; + (BOOL) setValue:(NSString *)value forIdentifier:(NSString *)identifier; + (void) deleteValueForIdentifier:(NSString *)identifier; @end   @implementation mSSOUtils:   + (BOOL) authenticateWithUsername:(NSString *)username andPassword:(NSString *)password { // for testing purposes, each call to this method authenticates successfully   // set the token - app specific - change this in your App2 implementation if ([self setValue:@"TokenSetFromApp1" forIdentifier:kCredentialToken]) { // token set, now set the credential expiration [self extendCredentials]; } else { NSLog(@"Unable to set token."); }   return YES; }   + (void) logout { // destroy token AND expiration date [self deleteValueForIdentifier:kCredentialToken]; [self deleteValueForIdentifier:kCredentialExpiration]; }   // credential management + (void) extendCredentials { NSDate *newExpireDate = [DateUtils dateWithTimeout:kExpirationTimeout]; NSString *newExpireString = [DateUtils stringFromDate:newExpireDate withFormat:kDateFormat]; BOOL success = [self setValue:newExpireString forIdentifier:kCredentialExpiration]; if (!success) { NSLog(@"Unable to extend credentials."); } }   + (BOOL) credentialsExpired {   // if no token exists, call credentials expired if ([self credentialToken] == nil) { return YES; }   NSDate *expirationDate = [self credentialExpirationDate]; if (expirationDate) { // check for expiration return [DateUtils dateInPast:expirationDate]; }   // if there is no expiration date, default to 'expired' return YES; }     // sign the request with current credentials - we'll add the token as an HTTP header field + (NSMutableURLRequest *) signRequest:(NSMutableURLRequest *)request { NSString *token = [self credentialToken]; if (token) { [request addValue:token forHTTPHeaderField:@"auth-token"]; } return request; }   // methods to retrieve credential information + (NSString *) credentialToken { NSString *token = [self getValueForIdentifier:kCredentialToken]; return token; }   + (NSDate *) credentialExpirationDate { NSString *expirationDateString = [self getValueForIdentifier:kCredentialExpiration]; if (expirationDateString) { // convert to date return [DateUtils dateFromString:expirationDateString withFormat:kDateFormat]; } return nil; }   + (void) displayAuthenticateView:(UIViewController *)vc { authenticateViewController *authenticateView = [[authenticateViewController alloc] initWithNibName:@"authenticateViewController" bundle:nil]; UINavigationController *nc = [[UINavigationController alloc] initWithRootViewController:authenticateView]; [vc presentModalViewController:nc animated:YES]; }   #pragma mark - #pragma mark PRIVATE METHODS + (NSMutableDictionary *) keychainSearch:(NSString *)identifier { NSMutableDictionary *keychainSearch = [[[NSMutableDictionary alloc] init] autorelease];   [keychainSearch setObject:kmSSOKeychainGroup forKey:(id)kSecAttrAccessGroup]; // inform the search that we're using the shared keychain [keychainSearch setObject:(id)kSecClassGenericPassword forKey:(id)kSecClass]; // set the type to generic password - other options are certification, internet password, etc   NSData *encodedIdentifier = [identifier dataUsingEncoding:NSUTF8StringEncoding]; [keychainSearch setObject:encodedIdentifier forKey:(id)kSecAttrGeneric]; [keychainSearch setObject:encodedIdentifier forKey:(id)kSecAttrAccount]; [keychainSearch setObject:kAuthenticationServiceName forKey:(id)kSecAttrService];   return keychainSearch; }   + (NSString *) getValueForIdentifier:(NSString *)identifier { NSMutableDictionary *search = [self keychainSearch:identifier];   [search setObject:(id)kSecMatchLimitOne forKey:(id)kSecMatchLimit]; // limit it to the first result [search setObject:(id)kCFBooleanTrue forKey:(id)kSecReturnData]; // return data vs a dictionary of attributes   NSData *value = nil; OSStatus status = SecItemCopyMatching((CFDictionaryRef)search, (CFTypeRef *)&value);   if (status == noErr) { return [NSString stringWithUTF8String:[value bytes]];; }   return nil; }   + (BOOL) setValue:(NSString *)value forIdentifier:(NSString *)identifier {   // check if value exists NSString *existingValue = [self getValueForIdentifier:identifier]; if (existingValue) {   if (![existingValue isEqualToString:value]) { // update value NSMutableDictionary *search = [self keychainSearch:identifier];   NSData *valueData = [value dataUsingEncoding:NSUTF8StringEncoding]; NSMutableDictionary *update = [NSMutableDictionary dictionaryWithObjectsAndKeys:valueData, (id)kSecValueData, nil];   OSStatus status = SecItemUpdate((CFDictionaryRef)search, (CFDictionaryRef)update);   if (status == errSecSuccess) { return YES; } return NO; }   } else {   // create new entry NSMutableDictionary *add = [self keychainSearch:identifier];   NSData *valueData = [value dataUsingEncoding:NSUTF8StringEncoding]; [add setObject:valueData forKey:(id)kSecValueData];   OSStatus status = SecItemAdd((CFDictionaryRef)add,NULL);   if (status == errSecSuccess) { return YES; } return NO;   }   return YES; }   + (void) deleteValueForIdentifier:(NSString *)identifier { NSMutableDictionary *search = [self keychainSearch:identifier]; SecItemDelete((CFDictionaryRef)search); }

   DateUtils:

   + (NSDate *) dateFromString:(NSString *)string withFormat:(NSString *)format { NSDateFormatter *dateFormatter = [[NSDateFormatter alloc] init]; [dateFormatter setDateFormat:format]; NSDate *date = [dateFormatter dateFromString:string]; return date; }   + (NSString *) stringFromDate:(NSDate *)date withFormat:(NSString *)format; { NSDateFormatter *dateFormatter = [[NSDateFormatter alloc] init]; [dateFormatter setDateFormat:format]; NSString *dateString = [dateFormatter stringFromDate:date]; return dateString; }   + (NSDate *) dateWithTimeout:(NSTimeInterval)timeout { NSDate *now = [NSDate date]; NSDate *timeoutDate = [now dateByAddingTimeInterval:timeout]; return timeoutDate; }   + (BOOL) dateInPast:(NSDate *)date { if ([date compare:[NSDate date]] == NSOrderedAscending) { return YES; } return NO; }

2. Within the generated ViewController, add two UILabel outlets/properties – token and expiration date – and a “Logout” button. You’ll need to add two custom methods: logout and a selector to handle the foreground notification we register to receive.

   - (IBAction) logout:(id)sender { [mSSOUtils logout]; [mSSOUtils displayAuthenticateView:self]; }   - (void) enterForeground:(id)sender { // reset labels as we've entered the foreground self.token.text = [mSSOUtils credentialToken]; self.expiration.text = [DateUtils stringFromDate:[mSSOUtils credentialExpirationDate] withFormat:kDateFormat]; }

3. You should only need to update two view lifecycle methods within ViewController – viewDidLoad and viewWillAppear. Within viewDidLoad, we register to receive a notification when the app is brought to the foreground that triggers our UI updates. The additions to viewWillAppear simply update our labels if there is data in the keychain.

   - (void)viewDidLoad { [super viewDidLoad]; // register for enter foreground notification to update labels [[NSNotificationCenter defaultCenter] addObserver:self selector:@selector(enterForeground:) name:UIApplicationWillEnterForegroundNotification object:nil]; } - (void)viewWillAppear:(BOOL)animated { [super viewWillAppear:animated];   self.token.text = [mSSOUtils credentialToken]; self.expiration.text = [DateUtils stringFromDate:[mSSOUtils credentialExpirationDate] withFormat:kDateFormat]; }

4. Add an authenticateViewController to your project. This will be displayed modally when the users credentials need to be re-challenged. This example simply has a login button, but this is where you would include typical login fields.

   - (IBAction) authenticate:(id)sender { // if authentication is successful, dismiss the view if ([mSSOUtils authenticateWithUsername:@"username" andPassword:@"hashedPassword"]) { [self dismissModalViewControllerAnimated:YES]; } }

5. Last up, we’ll need to update our application delegate to confirm our credentials are valid when the app launches or is brought back from the background. You’ll need to update the didFinishLaunchingWithOptions and applicationWillEnterForeground methods as noted below:

   - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions { self.window = [[UIWindow alloc] initWithFrame:[[UIScreen mainScreen] bounds]]; // Override point for customization after application launch. self.viewController = [[ViewController alloc] initWithNibName:@"ViewController" bundle:nil]; self.window.rootViewController = self.viewController; [self.window makeKeyAndVisible];   // credentials don't exist or are expired - display the authenticate view if ([mSSOUtils credentialsExpired]) { [mSSOUtils displayAuthenticateView:self.viewController]; }   return YES; } - (void)applicationWillEnterForeground:(UIApplication *)application { // credentials don't exist or are expired - display the authenticate view if ([mSSOUtils credentialsExpired]) { [mSSOUtils displayAuthenticateView:self.viewController]; } }

6. Now, rinse and repeat for App2. You can follow the same steps for the Logout application, but you really just need a single view that calls [mSSOUtils logout] on launch and informs the user their credentials have been terminated.

   - (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions { self.window = [[UIWindow alloc] initWithFrame:[[UIScreen mainScreen] bounds]]; // Override point for customization after application launch. self.viewController = [[ViewController alloc] initWithNibName:@"ViewController" bundle:nil]; self.window.rootViewController = self.viewController; [self.window makeKeyAndVisible];   // logout to kill credentials [mSSOUtils logout];   return YES; } - (void)applicationWillEnterForeground:(UIApplication *)application { // logout to kill credentials [mSSOUtils logout]; }

Here are a couple helpful hints while developing your solution:

• We’ve disabled ARC for the mSSOUtils class, which means you need to handle memory management yourself.
• When building your application, if you get a Mach-O Linker error, ensure that you’ve added the Security.framework.

Testing

Our testing won’t get too crazy, but at this point you should be all set to install our suite of apps on your device.

We’ll start by opening App1 and simulating an authentication call. Once the modal view is dismissed, our token and expiration date should be updated – expiration being now + 30 minutes. From here, jump to App2 where you should see the App1 token/expiration. Logout and re-authenticate within App2, which will update our token and expiration date. Now, we’ll wait 30 minutes and test whether our token expires. After 30 minutes, open App1, you should be prompted with an authentication view. Authenticate and then open the Logout app. Enter App2 from the multi-task tray, you should be prompted to authenticate once again.

The test sequence above has been captured in the screenshots below. Note: for brevity, I’ve excluded screenshots of each authentication view except for the final step.

Closing

This post presents a pattern for implementing single sign-on for your enterprise iOS applications. It should give you the foundation needed to begin implementing single sign-on in your applications. I’ve attached the source for App1. If you’ve got questions or are interested in additional source files, I’m @nathanhjones on Twitter.

I’ve held off publishing my review to ensure I gave my self ample time to review the different aspects of the service.  I will say that my final experiment (before publishing my review, that is) was performed on a Mac in the Google Chrome browser. I was greeted by a warning message that was essentially ‘browser not supported, proceed at your own risk’ but found no significant issues.  There were a few overflow errors (likely just CSS) but the service worked splendidly which excited me since Chrome is my browser of choice.

How I’m Looking at 12Sprints

So, I entered the experiment with limited exposure to Google Wave (I have an account but haven’t been that active) looking at 12Sprints purely from an enterprise operations standpoint.  How can the average enterprise use 12Sprints to succeed or make themselves better?  Four areas immediately popped into my mind with instant thoughts of SAP backend integration – purchasing, customer service, engineering and, of course, the executive suite.

Purchasing and customer service is probably at the top of everyone’s list.  The ability to collaborate across a multi-national corporation on large purchasing decisions or bounce a customers complaint around to different people in an organization with ease has incredible potential for the business and the consumer.  Combine the collaboration aspect of 12Sprints with integration to SAPs backend and the possibilities for process improvement are endless.  Ideally, I see purchasing and customer service being integrated with SAPs Records Management and Case Management solutions.

Engineering is something that may not make it to the typical list of use-cases but I think it’s important to call out.  An organizations ability to design products and reduce the overall time to market is a competitive advantage that I see 12Sprints impacting for the better.  Couple the collaborative nature 12Sprints with SAPs cFolders solution and I think you have a very interesting solution that will help reduce the time it takes for companies to hit the market introduction stage of a product.

Feature Set

12Sprints came loaded with a solid set of features for the typical enterprise.  Actions within 12Sprints are organized into what is called an ‘activity’.  Each activity can have any number of ‘tools’ such as agenda’s, responsibility matrices (ARCI, RACI, DACI and RASIC), Cost/Benefit and SWOT analysis, Pro’s and Con’s and even a decision tool that requires that you ‘lock in’ what was decided.

I think one of the really cool features is 12Sprints integration of the online note tool Evernote.  The process of adding content from my Evernote account was seemless and a huge draw for me personally.  I question it’s reach at the enterprise level right now (none of my clients are currently using Evernote) but at an individual user level I find it very useful.  User’s can also post content from their computers such as Excel spreadsheets,  PowerPoint presentations or that recently completed White Paper.

Missing Features

I think the biggest feature missing was the ability to chat with other members of an activity or your organization.  Collaboration on documents, decisions and the like is key (the major use-case here) so I don’t understand exactly why an embedded chat feature was left off the list.  My guess (hope) is that it is in the works for a future release.

Another feature that I’d like to see made more prominent is the services integration with various SAPs services.  Understandably, 12Sprints is still in beta (and I don’t have an SAP environment linked) but I couldn’t find any clues of it’s potential integration with an SAP backend system.

They do, however, have a call for developers looking to partner on the product so perhaps they’re attempting to build that ‘app store’ ecosystem where enterprises can purchase miscellaneous extensions to enhance the service.  I think it would be a great move to drive innovation and reduce the time it takes for 12Sprints to exit Beta.  It’s obviously too early to tell but given that the apps are the flavor of the day for platform roadmaps I wouldn’t be surprised.

All-in-all – two thumbs up so far and expect additional reviews as the 12Sprints team continues to enhance the service.

Now, onto the show – I watched the Mark Bittman interview.  I’m not really their target demographic which is why the “set” probably wasn’t what I expected.  I can’t really take it to them for that though, it’s what I would consider a pretty standard set for interview format shows.  Overall, the episode seemed pretty “early stage” to me in that Samantha didn’t feel totally at ease, maybe even a little nervous.  Maybe it was the new setting but some of that may have been Mark who, in my opinion, seemed a bit snarky.  I think he’s earned a little of that right and I still think he’s a very interesting man.  Anyways, I look forward to future episodes as they just off the jitters and I can’t wait to see what kind of guests they can swing.  Knowing the little I do about Gary I’m sure they won’t disappoint.

In closing, I think it’s great idea that has real potential and it’s a bold move into a new demographic for Gary.  I want to see how it plays out but like I said earlier, he’s conquered wine and is making a play to expand his media empire.  For that my friends, you have to respect him.  As Gary would put it, he’s hustlin’ and you can’t get down on someone for that!  Keep up the great work Gary and I look forward to the other stuff you plan on bringing us.

Well, after registering I didn’t get a confirmation email, a “thanks for registering” email or even a “you were rejected, better luck next time”.   I figured it was a good try, I guess I’m not getting that 5 minutes back.  Then yesterday, completely out of the blue, I get a note from QuickBase that  I’ve “been accepted into the Intuit QuickBase Developer Program”.  Ok, well that’s cool but you may want to communicate a little better next time.  I figured some server troll somewhere ate my application.  Good thing you didn’t make me submit my password when I initially signed up or I would have been in trouble.

Anyways, I’ve completed the registration and I’m going to begin poking around what they have to offer.  At first glance it seems functional but not as visually pleasing as something I’d expect from Intuit.  It is in Beta though so I won’t give them too hard of a time.

More to come on QuickBase in the near future.  Maybe if I can find a few hours I’ll get an example application up.

There is the obviously emphasis on collaboration and communication between team/project members. My ‘sales’ experience is relatively limited – I managed a newspaper in college and filling in for the occasional employee is about the extent of it – but the functionality seems practical.

One key feature I liked is the fact that email being sent (from the Gmail interface) can automatically be sent to a customers CRM account. This provides you with a worry-free audit trail and allows your boss or someone covering for you (if you’re out sick or something) to quickly pick up where you left off. Likewise, you can send customer emails directly within Salesforce. I also liked the fact that you can attach/create Google Docs directly from Salesforce. The uses for this are obvious and I think it will really be able to help the sales process. Everything from quote notes, sales presentations and final contracts can be created directly from the Salesforce interface.

It didn’t look like the interface was the same between the two systems which is disappointing but I haven’t signed up for a test account yet so that’s just speculation based on the tour. I think that offering a consistent interface between Google and Salesforce is a must and could help adoption among small businesses.

I don’t know much about Salesforce’s push for mobile but Google has mobile versions of Gmail and Docs and continues to improve them. I’m curious to see what kind of mobile sales/business applications they make available to their users. Anything less than full functionality is unacceptable, but that would be a pretty major project.  I’d also like to get some information on what the security architecture looks like.  ZOHO just announced an enhanced architecture as part of it’s enterprise CRM which is a little more inline with what I see as an SAP consultant.

Simply put, the decision makes sense – Google is trying to break into enterprise business, Salesforce has a great customer base (and from what I read a decent set of applications) and both are competing with Microsoft in some fashion. The partnership allows them to put the full-court press on Microsoft who has been slow to adopt a web-based business model.

It will obviously take time for larger corporations to make the move given the obvious security concerns (mostly on the Google front) and the fact that the majority of business users are still not comfortable with online applications. One thing that could help Google’s case for enterprise applications is the fact that Vista has had so many bumps along the way. The rate at which corporations have been moving to Vista has been slow at best. I work for a technology company and we haven’t even heard rumor’s of a potential migration.

Here’s a quick video tour of Salesforce for Google Apps:

Here is a few reasons this model is absolutely absurd:

1. Photos: Tons of people from all ages share photos online. One bummer about photos…they tend to do be kind of big files, unless you limit that on your camera or edit them, which is really going to eat up your bandwidth. More bandwidth = more money.
2. Music: Downloading music from iTunes does it’s damage to your bandwidth as well. With an average size (at least of my songs) averaging between 2.8 and 3.2 megabytes a piece you’re you could be looking at a pretty expensive internet bill if you’re an avid downloader of music.
3. TV/Movies: With the rise of the internet it’s inevitable that videos and TV will eventually be delivered via the internet. In fact, it’s already in the works. Apple (iTunes) and Netflix are already offering TV and movie offerings streamed directly to you over the internet.

I’m sure that part of the reason they’re looking into this is because of the rise in popularity of online video (YouTube et al) and photo sharing (pick any random website/social network and they probably offer photo hosting/sharing…) which taxes the service providers network. While I’d like to feel sorry for Time Warner (and other internet providers for that matter) and the fact that they feel their network is being used too much (what did they think would happen)…I find it rather difficult given the fact they (Time Warner Cable: TWC) made almost $2 billion in profit for fiscal year 2006. I hope everyone caught that hint of sarcasm.

I already have a problem with what cable companies are charging for ‘unlimited’ (even though it was discovered that Comcast wasn’t exactly net neutral) access to the internet and now they want to put limits or charge you more?!? What is going through the minds of these companies these days?!? Is that what a CEO that makes nearly $9.5 million dollars a year thinks up?

According to a Wall Street Journal article (quoting numbers from Inside Mortgage Finance), Countrywide and Bank of America controlled approximately 25% of the mortgage market during the first 9 months of 2007. That puts their market share at slightly more than twice their nearest competitor which is at a distant 11%. I’m curious to see if this plays out negatively as Bank of America seeks regulatory approval for the acquisition.

Given the state of the mortgage market, the acquisition will probably win Bank of America some bonus points as it teeters just below the 10% limit on U.S. deposits as regulators look to relax this restriction. Bank of America will also be getting a relatively large (I’m assuming some Countrywide members are already BofA account holders) base of potential new business – they’ll be able to offer their new members banking and credit card services which could be a huge selling point. I’ve also read rumors of tax breaks but nothing firm so far.

I think we’ll see some other large mortgage lenders at least enter into discussions, if not get bought out, by suiters. While the mortgage lending market doesn’t look great for most of America, it’s a prime acquisition target while prices are low.

That being said, here are a few email signature etiquette tips that I think everyone can take something away from…myself included. Yes, I’ve broken these rules before but over the past couple years I’ve refined my approach.

Signature Format the Nathan Jones Approach:

• Name: I think this goes without saying but I included it for good measure. If you want to make this bold or slightly (and I mean slightly, don’t make me regret putting this in here) larger than the rest of the signature that is definitely understandable.
• Company/Office: Many people would make this two separate lines within the signature but I don’t see the need for it. I think it should be combined into a single line with a separator such as a dash (-) or vertical line (|). It looks classy and it keeps the number of lines down.
• Contact Information:
  • Email Address: My thoughts on this are pretty to the point – it’s ok to have your email address listed on your ‘new email’ signature but it should not be present on your ‘replies’ signature. In Outlook you can create multiple signatures and assign different ones to different types of emails. If you are replying to an email it’s a given that the person already has your email address. If you use a mobile phone to send/receive that only allows one signature – including your email address is acceptable.
  • Phone Numbers: Where do I begin…I got an email the other day that had five different phone numbers in the signature. My first thought is that this person has way too much time, not doing work presumably, to create this signature let alone manage five different phone numbers. I think a signature should have at most – three. A desk/office phone number, a mobile phone number and a fax machine number. If you don’t have a fax then leave it off the signature and make the max two!
  • Instant Messaging Names: In today’s technology driven world I think it’s perfectly legitimate to place a single instant messaging address in your signature. I do a lot of communicating through instant messaging and it’s a quick way for people to get in touch with me. I’d leave it at one though – it makes sense that it be the name to the instant messaging client you use the most…but that’s obviously up to you.
  • Office Address: Unless you work in a job where clients visit your office on a regular occasion or you get a lot of mail sent to that address, I think it’s best to leave this address off your signature. If people need it they can always ask for it. More than likely the number of people that don’t need that address far outweigh the number of those that do.
  • Personal Websites: I think personal websites should be left off of your work email signature no matter what kind of personal website you run. Maybe you just run a blog (similar to this one) but of course there are/will be views expressed that could ultimately upset one of your clients or co-workers and that’s a situation that no one wants to be involved in. I think it’s fine to advertise your personal website on your personal email signature though – I do it!
• Color: I’m pretty open to colors in email signatures – they make them unique and can call attention to certain pieces of information. Mostly because most email editors these days will format your signature in HTML whether it needs to or not so whether you make your color bright pink (please spare me the pain) or a classic gray I don’t care either way (geek information: HTML color formats require the same amount of bytes for almost all colors). As for how it looks – I vote you stick with a classic color such as black, dark blue, green, gray or some company color if there is one. Personally, I would never look at your signature if it were bright pink, but that’s just me.
• Images: I don’t know how many times I have received an email with the company logo embedded in the signature but it drives me absolutely nuts. First of all, it takes up space. Normally it uses just a bit more space than formatted text but if you receive as many emails as me those extra bytes start to add up…quickly! My personal thought is that an image should never be embedded in a signature unless your company mandates it. By the way, if they do mandate an image I’d like to hear about it and whether they limit your email storage space.
• Mobile Note: If you send email from your mobile phone and have a signature set-up I think it’s a good idea to add a small note at the bottom of the signature that indicates that the email is being sent from your mobile phone. It will take up a little space but your signature should be smaller on your phone anyways and a note like this can go a long way in explaining why sentences may be more direct or the occasional misspelled word appears. Personally, I use “Note: This message was sent from my mobile phone.”.

Well, those are just some of my thoughts on email signature etiquette. In summary, keep it short and simple. If you’re a sales person or someone who relies on getting your contact information seen acted upon you can still keep it short and classy and just use a different color or bolded word to get your phone number looked at.

Recent investments in Facebook by technology powerhouse Microsoft value the social network at a mere $15 billion. Microsoft invested $240 million for an estimated 1.6% stake in the company. I know Microsoft has some extremely deep pockets and as the world moves to a more web-centric focus (online document processing, business management, personal productivity, etc) they needed to do something relatively drastic…but really?!?

I don’t know about you, but I consider investing in a company and ultimately giving it a valuation greater than the combined GDP of Iceland ($11.38 billion) and Greenland ($1.1 billion) pretty drastic. Of course the GDP is an annual number and Facebook doesn’t quite make $15 billion a year but the thought of it being valued that high blows my mind. Part of that may be because I remember using the site in 2004 just after it expanded beyond just Harvard students and wasn’t anything overly impressive and ‘social networking’ as we know it today was relatively young.

I understand that Facebook’s valuation still doesn’t place it in the company of the Google’s, Microsoft’s and Exxon’s of the world with market caps ranging from $210 billion to almost $500 billion, but I still think that it is just slightly over-valued. To put things in perspective, the GDP of Greece is $256 billion and the GDP of Sweden is $290 billion.

Well that’s it for now, I just thought I’d share my thoughts.