It’s been a week since Apple debuted its latest operating system, called Leopard, and the initial reactions by users and analysts is, well, not good. At all.

According to numerous reports, security researchers believe Leopard’s firewall is actually worse than Apple’s previous OS, Tiger, “having more holes than its namesake cat has spots,” as eWEEK put it yesterday. Ouch.

Having not had the chance to check out Leopard myself, here’s a sampling of opinions I’ve come across in the last day or so:

“The first security hole is that Leopard’s firewall turns itself off by default on installation — even if a user had the firewall turned on before upgrading. … Security researchers are also chagrined that Leopard only allows a choice between allow all, deny all, or pick by application, and that it completely hides the firewall rules in a black box that isn’t user accessible.” - eWEEK

“Leopard introduces a number of important security features to the Mac, but they are often incomplete, leaving users vulnerable to attack, said Thomas Ptacek, a researcher at Matasano Security.” - IDG News Service

“Leopard’s sprint out of the gate could slow if Apple is unable to solve some major installation problems encountered by early adopters. Among other things, thousands of users said their Macs froze up and displayed the so-called blue-screen-of-death after they attempted to install Leopard.” - InformationWeek

You’d think so many negative reviews would put a damper on Leopard’s early sales figures. You’d think that, but you’d be wrong.

As InformationWeek reported, Apple says it has sold more than 2 million copies of Leopard since its Oct. 26th debut. If Apple wants to keep up this brisk pace, though, I suggest it waste no time in responding to users’ security concerns. After all, what good is a leopard if it has no bite?

I’m writing this blog post from my home office, and there’s a good chance you’re reading this blog post from your home office. That’s good news for mobile IT vendors.

With mobility becoming an increasingly important IT priority, investments by SMBs in smartphones and virtual private networks (VPNs) could rise by as much as 44% and 32%, respectively, over the next 12 months, according to a recent report by CompTIA.

The report, which was conducted in conjunction with AMI-Partners and surveyed 518 North American SMBs, found that the average SMB has 7% of its workforce telecommuting one or more days per week, while 75% of SMBs have at least one employee who works from home.

“With a growing portion of their workforce either mobile or remote, SMBs need to provide cost-effective, safe and secure remote access for these employees,” said CompTIA president and CEO John Venator in a statement. “This suggests there is a sizeable market opportunity associated with productivity-enhancing solutions such as virtual private networks (VPNs), smartphones and other applications.”

Sounds like good news for smartphone vendors like RIM and Palm. Who knows, maybe even the iPhone will find its way into more SMBs. So far, though, I’m getting along just fine with my “old school” mobile phone. It doesn’t have many cool features, but it gets the job done. Not that I’d complain if TechTarget handed me a BlackBerry (hint, hint).

As for my VPN, I’d be in a world of hurt without it. Sans VPN, instead of using Outlook, I’d have to access my email with our Web-based email service, which is far from the easiest application to work with. And that’s being kind.

So look for the ranks of mobile workers to continue to grow in the coming months and years and, with it, opportunity and profits for mobile IT vendors.

Here we go again.

Not Your Average Joe’s restaurant announced today that credit card information of up to 3,500 customers was recently stolen by hackers (or a hacker … the company isn’t sure how many crooks were involved). The data breach took place between early August and late September, the company said.

In response, the Massachusetts-based chain said it has hired an outside “forensic analyst” to identify the cause of the breach, taken steps to tighten its security operations, and is working with credit card companies, local authorities and even the Secret Service to root out the perpetrator(s).

“We take this issue seriously, and want our customers to understand how they may be impacted,” the company said in a statement. “If a customer had fraudulent charges placed on his or her card, he or she would not be held responsible for those charges; the problem can be resolved by calling your credit card company, reporting the issue and cancelling the card.”

Not Your Average Joe’s said the data breach affected only its Massachusetts customers. The company operates 14 restaurants, all in Massachusetts save one located in Leesburg, Va.

According to The Boston Globe, the breach was discovered when officials at a Cape Cod bank notified police that a number of customers had reported unauthorized charges on their credit card statements.

Not Your Average Joe’s spokesperson Diana Pisciotta told the Globe that no unauthorized credit card activity has been reported since Sept. 29, adding, “We’re fairly confident that a customer walking into one of our places today could use their credit card safely.”

Fairly confident? Call me a cynic if you must, but I’m less than reassured by that declaration. Following the TJX data breach (which continues to get worse and worse by the day), you’d think that businesses would have gotten the message by now that customer data security should be priority A-1. But I guess understanding the importance of data security and actually securing your data are two different things.

Google is riding high these days. Its stock price is up over $600 a share and it holds a commanding lead in the Internet search engine wars. And thanks to its customizable homepage, users can manage virtually every aspect of their lives via Google RSS feeds, email, stock quotes, weather, etc.

But all those Google tools have a downside. Scanning my monthly copy of Wired magazine last night, I came across this piece by Seth Mnookin. Needless to say, I can relate to Seth’s problem, and I’m betting many of you can, too (emphasis added):

So I set up a Google homepage. After that it seemed silly — stubborn, even — not to put a Google Toolbar on my browser. And since I had a Google Toolbar, I figured I might as well use Google Bookmarks and add on Google Reader. Oh, and Google Scholar. And Google Books. I set up a Google Calendar, ignoring the fact that it doesn’t sync with my Treo (at least, not without some kludgy third-party app). I quit using del.icio.us and started using Google Notebook.

When my fiance came home from work each evening, we’d ask each other how our respective days had gone. She’d describe the small frustrations and victories that punctuate office life. I’d say something along the lines of “Today I spent three and a half hours organizing my Google Bookmarks” or “You’d be amazed at what you can turn up if you play around with Google US Government Search.” Then we’d both laugh. It took a couple of weeks before I finally noticed the concern in her eyes. Then she asked: “What else did you do?”

That’s when I realized I wasn’t actually accomplishing anything. My campaign to increase productivity had become yet another distraction — and a significant one. Suddenly I needed to time-manage my time management. So last week I installed a timer on my desktop (and, no, it’s not a Google Timer) to help me limit how long I spend on Google-related sites. I allot myself a half hour a day; after that, I force myself to quit optimizing how I get things done and start actually getting things done. Of course, I still check the Links to Google Services tab on my Google homepage every day. How else will I know when one of the whizzy new tools will be just the thing to make my life easier?

Thanks, Google. You’ve turned me into the most efficient time-waster ever.

Now, if you’ll excuse me, I have to go check my Google homepage for Bart Simpson’s Phrase of the Day. Then maybe I’ll add a language translator or a currency converter to my page. The possibilities are endless. Damn you Google!

Slowly but surely, SMBs are increasingly turning to unified communications (UC) technologies to improve productivity and shorten response times of businesses-critical decisions, according to a new report by AMI-Partners.

Still, AMI says that SMBs are only just scratching the surface of UC, picking and choosing individual UC components rather than realizing its full potential as an integrated technology.

“Whether using Skype on their smartphones, or installing in-house IP-PBXs or using Web conferencing services, SMBs are clearly signaling their desire to utilize all available communications and collaboration solutions,” says AMI Partners VP Sanjeev Aggarwal in a statement. “However, SMBs are not familiar with the notion of unified communications, nor are they aware of the various platforms being cobbled together through acquisitions in the IT space.”

The fact that no one, fully integrated UC platform has emerged as a market leader is the single-biggest obstacle to widespread UC adoption at SMBs, the report said. AMI identified Cisco, Microsoft and “possibly” Google as the likeliest vendors to do so in the coming months and years.

Another reason SMBs may not be wholeheartedly jumping into UC, in my opinion, is the difficulty in determining ROI. At SMBs especially, justifying a quick ROI on any new technology is critical to getting management on board. ROI is even more important for a technology so potentially disruptive to traditional, deeply entrenched communications technologies, as UC is.

The ROI of UC, however elusive, is not unattainable, at least according to UC vendors. At VoiceCon in August, I attended a session by reps from INX, ShoreTel and Microsoft, all of whom had some good advice on calculating ROI of UC. The vendors said it is important to understand there are different ROI criteria for different types of workers and that the first step in evaluating UC is to quantify likely “hard” savings.

Check out the full post I wrote back then summarizing their recommendations here. And for those of you who’ve already launched an integrated UC solution, share the wealth. How did you determine likely ROI and, more importantly, were your forecasts on target?

 This story pretty much speaks for itself, but here’s a brief setup.

Jammie Thomas was sued by the Recording Industry Association of America for sharing a couple of dozen songs she illegally downloaded. Thomas’ defense in court was that someone spoofed her IP address and it was actually that person who downloaded and shared the songs.

CNET News Blog picks up the story from there:

In the interview with Wired’s David Kravets, [juror Michael] Hegg, a steelworker, said that during deliberations, the jury concluded after only five minutes that Thomas was guilty … “Spoofing? We’re thinking, ‘Oh my God, you got to be kidding.’ She’s a liar.”

Needless to say, Thomas is appealing, hoping to draw a slightly more tech-savvy jury next time around.

In defense of the tech-illiterate juror, the IT industry does have a lot of ridiculous terms and acronyms that you can’t expect nontechies to understand. But still, couldn’t Hegg just have looked it up on the Internet? I guess the jury room didn’t have wireless access.

SAP, the mammoth German software maker, has agreed to acquire business intelligence vendor Business Objects S.A. for around €4.8 billion (that’s around $6.7 billion U.S., assuming the dollar didn’t dip even further against the Euro today.)

SAP intends to integrate Business Objects BI software into its own ERP offerings, the company said in a statement, helping companies make sense of the often vast amounts of data they collect on customers, partners and themselves.

The acquisition is just the latest development in a booming, though quickly consolidating, business intelligence market. IDC reported that the worldwide market for business intelligence software grew by nearly 12% in 2006 to $6.25 billion, and Business Objects rival Cognos is a likely next acquisition for some big-name vendor.

During a conference call on Monday, Business Objects CEO John Schwarz said the merger makes strategic sense, helping the combined companies increase sales to the SMB market, according to CMP Channel. Each company has nearly 3,000 channel partners that do business with SMB customers, CMP Channel reported Schwartz as saying.

SAP has been courting the SMB market lately, most recently with the launch of SAP Business ByDesign, a full suite of business applications delivered through the SaaS model, as Shamus told you about last month. SAP expects to win 10,000 customers for Business ByDesign by 2010, according to Computerworld. With the acquisition of Business Objects, SAP hopes to add even more SMBs to that total.

Web 2.0 has made its way into a preponderance of enterprises, but most companies still aren’t adequately protecting themselves from Web 2.0-related threats, according to new research by Forrester Consulting.

Ninety-seven percent of the 153 IT pros surveyed said they considered themselves prepared to handle security threats posed by blogs, wikis and other Web 2.0 technologies, yet 79% still reported suffering frequent malware attacks. That’s because, or so says the survey, less than 5% have “comprehensive” Web 2.0 security plans in place.

The problems with these findings, as I see it, are that the study doesn’t say what percentage of malware attacks were actually related to Web 2.0 (as far as we know, most of the attacks could have been due to more traditional IT threats) and it doesn’t explain just what makes a Web 2.0 threat different from a conventional IT threat. I’ve sent an email to the PR guy to get some clarification on this and I’ll update you if I hear back.

The one interesting, though incongruous, finding of the study, which was sponsored by security vendor Secure Computing, is that 96% of respondents said their enterprise has already found value in using Web 2.0 applications, but 57% believe denying employees access to social-networking and “rich media” sites would “visibly” increase productivity. So most IT pros see the potential value of Web 2.0 technologies but aren’t sure its positives outweigh its negatives.

The study concludes that IT departments need to re-examine security policies and update them to take Web 2.0 into account, and should educate users about what is and what isn’t responsible Web 2.0 behavior. Sounds like good advice to me.

Just a quick note that SearchSMB.com is currently accepting nominations for Products of the Year. There are five categories of products being evaluated: security, storage, networking, CRM and content management.

We’re accepting nominations from both readers and vendors, but (and this is a big BUT), only products that are designed specifically for SMBs are eligible. In other words, a CRM product that was originally designed for large enterprises but can be jury-rigged to work for an SMB would not be considered.

The deadline for nominations is November 9 and winners will be announced in January. Click here for all the details and here to access the nomination form. And good luck!

Google’s dominance in the online search realm is well documented, as are Yahoo’s hitherto unsuccessful attempts to reclaim the search crown for itself. Unfortunately for Yahoo, its 23 percent share of the search market is still less than half of Google’s formidable 56.5 percent share, according to the AP.

But Yahoo, like the little engine that could, just won’t give up. (Ok, with revenues in excess of $6 billion last year, perhaps comparing Yahoo to a make-believe, little blue train with the engine power of a Dodge Dart is a bit of a stretch, but you get my point.)

Today, Yahoo announced the debut of Search Assist, what the company says is “the most advanced assistance technology available on the Web.” Essentially, with Search Assist enabled, users are offered suggestions as they type search terms on Yahoo’s home page.

For instance, when I began typing New England Patriots, — who demolished the Cincinnati Bengals Monday by 21 points, in case you missed it — into Yahoo’s search field, by the time I finished typing just New E, a number of suggestions popped up below. They included new era, new edition and, of course, new england patriots.

But that’s not all. Yahoo also announced search results will now include content of all types, including video, audio and photos. Hmm. Where have I heard this before? Oh yeah, Google started doing the same thing four months ago, calling it Universal Search. Better late than never, right Yahoo?

But I kid. Actually, Yahoo adding integrated search results four months after Google did the same thing is pretty good time when you think about it. Remember the Panama delays anyone?

So does this mean Yahoo is on the verge of toppling Google? Not exactly, but it should at least get people talking about the company again. As Standard & Poor’s equity analyst Scott Kessler told the AP:

“Is this (upgrade) going to be very important in terms of market share? I’m not so sure. But it probably will help them in terms of mind share,” Kessler said. “One of the reasons that Google has captured the imaginations of so many people is they have been doing so many different and interesting things.”

Put another way, Yahoo has an image problem. Over the last several years we’ve witnessed some truly remarkable technology developments in the form of Web 2.0, from the rise of social networking sites (i.e., MySpace and Facebook) to the emergence of cloud computing (a.k.a. Software as a Service). The result? Web 1.0 companies, like Yahoo, seem quickly old and out of touch.

You can argue that such a perception is wrong or shortsighted, but it nonetheless exists . For Yahoo to become relevant again, it needs to take bold steps to prove it “gets it.” Search Assist and integrated search results are moves in the right direction, as was the recent acquisition of Zimbra and its open source online office suite. Yahoo still has a long way to go to catch Google, but if it keeps this up, it might just turn this thing around after all.