Productivity Portfolio

I think of my information as a type of data currency but the value varies. As example, I’m more protective of health and financial information and would require online services to use SSL. I’m not as worried about a service that manages my web bookmarks.

1. Who is behind the website?

Someplace on the website, there should be information about the people who run the site. This info helps build trust and often is a deciding factor for me as to whether I want to start using the service.

If I can’t find info such as an About Us page, I head to DomainTools. This site provides web registration data about the domain owner and the age of the domain. Some domains hide their ownership behind a proxy. There may be legitimate reasons for doing this, but I don’t like it for sites that safe keep my data. If I’m giving the site my data I should know who they are.

Another resource I might use is Archive.org which is also called the Wayback machine. Here you can see time slices of a website. This service may indicate whether the site’s focus has changed over the years. This isn’t necessarily a bad thing. If you look at early versions of this site, you’ll see it had a different focus.

2. What is the company’s privacy policy?

Sadly, not all sites have one. This is a big mistake if a site expects me to store information on their service. I do give some value to sites that abide by some privacy standards such as those from etrust.org.

Secondly, some privacy policies are loose with your information. You might see clauses that indicate the company has the right to share your data with 3^rd parties. I need to see info indicating which data is shared. I’m comfortable with a site sharing numbers with advertisers such as 16% of our users are between the ages of 35-44. However, it’s a different story if they tell them who I am or provide personally identifiable info.

I also like to see if there is a clause that talks about change of ownership and what will happen to my data.

3. Is there a Terms of Service or EULA?

I read and store these documents with EULAlyzer. While most of these are a boring legal read, they can contain some good nuggets such as the company address, relationships, and opt-out instructions.

The other reason I look at these documents is 99% of the time I’m required to check a box that states I read them. About 5% of the time, I hit a company that has broken links and you can’t see the page. I’ll always notify the site if I can find an email address. If I don’t get an acknowledgement to my email in a couple of days, I stop.

4. Is the site dependant on another vendor or service?

I’ve seen some cool services recently, but I’ve been reluctant to use them because of their dependencies. In some cases, the site is using an API from a service like Google, Yahoo!, Amazon and so on. In these cases, I’m comfortable as these companies make this developer information publically available so that other firms can create new uses.

Other services don’t use APIs, but use coding hacks. In these cases, I wonder whether some organization isn’t going to just make a code change and break the service or create a competing service.

Some services also need you to provide account information for other vendors. This is a case where I do a more thorough job of researching the site and people. I recall when I was doing the report on spam and there was a site that offered to filter your Hotmail account. The process was simple; you gave them your email address and password. People innocently gave that info before the service was shut down. You need to think about what else someone could do if they had your account info.

5. Is there a sustainable revenue source or funding?

Unless we’re talking about a big company, I like to see a subscription model or some funding source. While the online service may be free, vendors still need to get paid. Even reliable web host fees quickly add up.

6. Does the company ask for too much info?

A big turn off for me is when a service asks for too much information to open an account. I recognize that some services, like financial institutions, require info for regulatory reasons. If the site requests info that is not pertinent to the service, I stop. I’m skeptical of what else they plan to do with the data.

7. How easy is it to enter my data?

I’ve seen some sites that look to have a great service until I try to enter my data. If the service is replacing a function I do locally, such as storing my contacts or project management tasks, there needs to be an easy input method. I’m lazy and don’t want to do complex remapping of fields or file conversions. I appreciate it when sites address these issues and state the available input methods.

8. How easy is it to get my data out?

You always need an exit plan even if you fall in love with the service. I won’t become dependant on a service that doesn’t provide a means to export my data. This doesn’t mean looking for the export option, but using it to see if it works.

Corollary: I need to be able to delete my account and information.

9. How does the site handle password resets?

This one may seem odd, but it gives me an opportunity to test support systems. One item I do before entering my data is to change my password. This shows me the process flow and I can see the emails the company sends or doesn’t send. I’ve also seen these emails take hours to go out. Don’t assume all sites have this functionality.

If there’s a password authentication question, I also like to see what happens if I enter a wrong answer. I type gibberish. I’ve seen some horrendous error messages that are full of spelling errors or are cryptic. The cryptic ones are fun as I’ll take a screen snap and email support and ask if they can tell me what to do next. If I don’t get a response in 2 days, I’ll usually stop.

10. Who else is on the web server?

Some folks may think I’m going too far with this one. Just remember not all sites have good intentions which is why I like to scan the neighborhood. This doesn’t necessarily tell me there is a relationship between Site A and Site B, but it could mean your ISP or company may block your access in the future based on some bad site being on the same server.

Two resources which can tell you more about a webhost and the neighborhood are:

http://whoishostingthis.com/

http://www.yougetsignal.com/

YouGetSignal has a free Reverse IP lookup. One nice feature is they color code sites which are known to offer explicit content. The tool does have limitations such as if the domain has a dedicated IP address.

11. What do the users say?

Support forums can be a great way to find out what users like and dislike. This doesn’t mean the posts are always accurate. You may have both raving fans and those that will never be satisfied. The forums can help you spot trends such service outages or how long it takes the company to respond to issues.

Forums are also a good way to see if the service has issues with particular web browsers, smart phones, or operating systems.

12. Has there been press about service?

Many websites have a media or press link, but those items may be selective. To get other perspectives, I like to use Google and exclude the domain I’m researching. You can exclude the domain by appending –www.companyname.com to your search query.

Bonus: Is the company conversational?

I think it helps for a site to have a section where they blog about what’s going on with the service. I appreciate it when a company discusses a failure, provided it was done in a timely manner.

These evaluation questions are ones I use before fully committing to a site. Sometimes, this review reveals an issue which leads to an email exchange. The last thing I want to happen is to get dependant on a site only to have it fail. While few can predict success or failure with a high degree of certainty, these questions may reveal something you hadn’t considered. It all comes down to what would you do if the service failed and you couldn’t get your data?