All posts by zorro

Is Your Network Ready for Cloud Computing?

Cloud-based based computing adoption is increasing among many businesses.  According to the Computing Technology Industry Association (CompTIA) Annual trends in Cloud Computing study, 60% of business owners reported having 30% or more of their IT Systems in the cloud.  Additionally, research firm IDC predicts cloud-computing solutions to total $24 billion by 2016.

Why Cloud Computing?

CompTIA research reports that of those businesses adopting cloud technology, 49% have experienced the ability to cut costs. Popular uses of cloud-based applications include business productivity, cloud-based email, virtual desktop, HR management, and financial management.

Taking Advantage of Cloud Computing Cloud Computing Why Now?

Cloud Computing Growth and adoption is driven by a number of trends in IT, including affordable broadband, Internet, virtualization, and mobile computing.  Businesses find it easier than ever to reliably and securely connect to cloud-based infrastructure.  Cloud providers use virtualization to share computing resources, which helps keep costs down and aids in migration and upgrade of hardware platforms.  Mobile users expect cross-platform connection of smart phones and tablet computers to corporate applications and their data.  These factors combined add to the appeal of cloud computing

Cloud computing Deployment Scenarios

Most cloud-computing deployments use public-cloud, private-cloud and/or hybrid-cloud platforms.  Selecting the right cloud architecture depends on a number of factors, including industry and regulatory compliance requirements, integration with legacy applications, security, and other considerations.  It is equally important to consider your network reliability and availability to ensure a smooth of cloud computing.

Most industry analysts agree that cloud computing is here to stay.  Cloud computing is becoming an increasingly important component of IT infrastructure, and companies adopting cloud computing are deriving a variety of benefits.  To ensure a smooth transition to cloud-based computing, having a plan will ensure an easy, secure, and compliant migration to the cloud.  Consult your IT Service Consultant to get the most from your cloud-computing resources.

5 Things You Need to Know about Privacy Breach Notifications

Recent high-profile data breaches, such as those that occurred at Neiman Marcus and Target, have brought privacy breach notification laws into public debate.  In the event that your company’s secure information is compromised, it is important to understand privacy breach notification laws and standards.

Privacy Breach Notification Regulations are Under Review

Across the world, privacy breach notification laws are being updated and amended to keep up with the times.  In the United States, for example, federal standards are being discussed, but  each state may also have its own rules.  Furthermore, some states do not even have their own regulations, and laws and procedures regarding privacy breach notification standards vary depending on where your business is located. Be sure to know the regulations and standards for your own country or state.

What is Privacy Data?

This private information that your company may posses includes customer names, in combination with, account numbers, driver licenses, or social security numbers, although this changes from state to state and from country to country. Most laws require your business to inform customers, employees, and other stakeholders when their private information has been compromised. What is considered private information, and the timeframe in which customers must be informed of the breach, varies in each law.

A Privacy Data Breach Has No Borders

Many companies collect data from customers across the globe.  If a privacy breach crosses state lines or international borders, your company may need to comply with multiple standards. Failure to comply may lead to fines and penalties, in addition to customer disapproval. California laws, for example, impose fines up to $3,000 for failure to comply and criminal penalties for companies that try to conceal privacy breaches.

Privacy Breach Notifications is a Local and Global Issue

From the European Union to Australia, governments are working to address the issue of Privacy Breach Notifications.  For example, the United States federal government is currently reviewing national standards, and the Senate has proposed the Data Security and Breach Notification Act.

How to Minimize the Risks of a Privacy Data Breach

Due to the variety of standards and regulations regarding privacy breach notification, it is important to know the guidelines or to contact an IT Security expert in the event of a privacy data breach. Rapidly detecting the data breach and having a protocol to inform those affected by a security breach promptly are some good first steps if a privacy breach does occur. Another option is to contact your IT Service professional to put a plan in place to minimize the risks of a privacy data breach.

Avoiding Downtime by Having a Business Continuity Plan

Companies small and large are increasingly reliant on their IT systems and infrastructure. Having a Business Continuity plan is a proactive way of avoiding unnecessary downtime due to a disaster, human error, or security breach. Not only may downtime cause data loss, but also according to Gartner Research, a conservative estimate of the  cost of downtime for a computer network is $42,000 per hour. For a small business without a Business Continuity plan, such downtime could have long-term crippling implications.

In case of natural disasters or IT outages, it is important to be able to calculate risks and financial losses caused by downtime in order to best allocate IT resources to get your business back online quickly. Below are suggestions for putting downtime for your computer network in perspective.

Downtime of your Computer Network and Your Business Continuity Plan

There are many factors that contribute to losses caused by downtime. These factors include employee productivity, financial losses, fines, legal fees, loss of revenue, and loss of goodwill. Whether it is inventory sitting on trucks, invoices that don’t go out, or cash registers that stop ringing, it is important to understand which applications and data are most important to bring back quickly. By identifying the systems that are most important to keeping your doors open, you will quickly realize where the highest risk of downtime is in your business.  Also note that losing sensitive data, such as credit card information, may attract heavy fines and loss of reputation in addition to lost revenue.

How to Avoid Downtime With Your Business Continuity Plan

To avoid the disastrous effects that downtime can have on your business, having a business continuity plan is crucial. A business continuity plan is a set of guidelines, systems, policies, and procedures that are designed to set your business back on track in the event of a disaster. These plans should include details on backing applications and their data with an emphasis on system recovery.

Downtime may not only result from a natural disaster but also from hardware failures, human error, or cyber attacks. Because of the many causes of downtime, it is important to periodically test your backup and recovery scenarios to make sure you can bring your systems up in a timely manner.  For disaster scenarios, also consider training employees on protocol in an emergency situation.

Understanding the effects that a disaster can have on your company is extremely important. In order to prepare your business for a disaster, it is necessary to analyze the costs and risks associated with downtime of your critical applications and their data. Having a proactive business continuity plan will save your business money, and may save your business.

 

Heartbleed Bug: What a Business Owner Should Know

The name Heartbleed OpenSSL Vulnerability (aka Heartbleed bug) is as scary as it sounds. Some reports say up to two thirds of all secure websites (e.g. those with a web address starting with a green https://) are using OpenSSL.  It has been reported that Google was first to discover the Heartbleed bug  that compromised sites including Yahoo, Tumblr, Flickr, Amazon, and other websites relying on OpenSSL for security.  This security breach may provide hackers access to accounts, passwords, and credit card information.

Heartbleed and Your Systems

Business owners using OpenSSL for their email, website, eCommerce applications, or other  web applications should take action to prevent data loss or theft.  The fix for the Heartbleed bug should be installed on your operating systems, network appliances, and other software to ensure that confidential information is protected.  Consider having your IT professional test your public web servers to determine if they are safe.

Heartbleed and Your Employees

Your employees may have used websites that were exposed to the Heartbleed bug.  This means their username and password combinations may have been compromised by hackers tapping into what was supposed to be encrypted communications.  Employees should be reminded to reset passwords within the guidelines established by your company.  There are plenty of resources on creating a secure password.  Microsoft offers tips for creating a strong password on their website.

The Need for IT Security

Because the Heartbleed bug is pervasive, most internet users need to change passwords on sites like Gmail, Yahoo, and Facebook.  The Heartbleed bug is a wake-up call to the importance of having an IT Security policy that includes strong password policy, employee training, and systems compliance.  As applications get more complex, more issues like Heartbleed can be expected.  The Heartbleed OpenSSL Vulnerability highlights that applications have security risks, and it is just a matter of finding them.

Mobile Security: Does Your SmartPhone need a Kill Switch?

Many Smartphones and Tablet computers have access to corporate applications and their data through Bring Your Own Device (BYOD) policies and corporate-sponsored mobility strategies.  Mobile Security has become a popular topic for good reason.  According to CIO Insights, mobile data traffic is expected to increase eleven-fold by 2018. Because of increasing data traffic on mobile devices, some government agencies are looking at legislation to require manufacturers to add a smartphone kill switch to remotely wipe a mobile device if it is lost or stolen.

Keeping in mind that a four-digit iPhone passcode could be hacked in minutes, this begs the question:

Does your Smartphone Need a Kill Switch?

Having a smartphone Kill Switch may give a sense of false security.  Adding a kill switch to protect your privacy and corporate information is reactive, rather than proactive.  If not done properly, you could wipe your employees’ irreplaceable information, such as family photos.  A Kill Switch may also make the phone entirely unrecoverable.  This means you will surely need to replace the device once the remote kill switch is invoked.

Proactive Mobile Security

Before you hit the Kill Switch consider proactive mobile-security measures. Smartphones and Tablets are great innovations that allow your employees to stay in touch and work anywhere.  Access to email, operational data, financial information, and customer information through a mobile device can empower your employees and increase their productivity.  Access to this information should be password-protected at all times.  Additionally, any corporate data should be encrypted in transit and at rest. Only approved applications should be allowed on the mobile device and personal data should be stored in a separate “container” from company information.

Beyond Mobile-Device Management

In addition to protecting the information stored on and accessed by a mobile device, you should take the time to train employees on your mobile-security policy.  Your mobile security policies and training should touch on topics such as what is an acceptable use of a Mobile Device in the workplace, why mobile security is important, and how to report a mobile-security incident.

Requiring manufacturers to include a Kill Switch in a mobile device does not go far enough to protect your company information assets.  Having a comprehensive mobile security plan, however, will go further to prevent data loss in the long run.

Will Smartphones and Tablets Kill the PC?

With Windows XP support ending soon for millions of PCs, many companies are considering a variety of replacement strategies.  The adoption of smartphones and tablets is clearly on the rise.  According to IDC, PC shipments are expected to decline by 6% in 2014, and that trend is expected to continue.  Meanwhile, shipments of tablets surpassed shipments of PCs in 2013 and are expected to outpace shipments of PCs by 2015.  Does this mean death to the PC?  Likely not, here is why…

The Case for Smartphones and Tablets

The portable form factor of smartphones and tablets allows users to access corporate applications and their data at home, while traveling, and out in the field.  Because of the touch-screen interface, they are operated easily without the need for a keyboard or mouse.  This makes smartphones and tablets ideal applications for employees who are standing or travelling without access to a desk.  Because these devices typically connect via WiFi cellular network and run on battery power, they don’t have the wires, cables, and plugs associated with a PC.  Tablets and smartphones find their way on retail counters that may have limited workspace. They may also be easier to clean when they may be exposed to biohazardous materials, dust, or dirt.

Smartphones and Tablets vs. the PC

If you require a large monitor to view spreadsheets, create powerpoints, or edit documents, a PC may be right for you.  While many touchscreen smartphones, tablets, and convertible PCs connect with a keyboard by using a variety of interfaces, such as bluetooth, there are clear design tradeoffs for office productivity and mobile productivity.  PCs and laptops, combined with keyboard, mouse, and monitor, increase the productivity of your workforce while in the office.  Accountants, writers, and designers will quickly choose a Desktop PC or Laptop with a monitor to get their work done efficiently and effectively.

Because Windows XP support will quickly end, millions of PCs will retire in the coming months.  Many cash registers, factory controllers, and other industrial devices running Windows XP may quickly be replaced by tablet computers.  Other laptops and some desktops may be replaced by tablets, smartphones, or convertible PCs with touchscreen interface.  Some workers may find themselves with multiple devices that connect to one another via Cloud Computing.  This trend may not accelerate the growth of the PC to the heights of smartphones and Tablet PCs; however, expect both the desktop computer and tablet to have a place in our IT infrastructure for a long time to come.

Windows XP Updates to End on April 8

According to Microsoft, support is ending for Windows XP after April 8, 2014.  Technical assistance, including automatic updates that help protect your PC, will no longer be available after this date. Microsoft will also stop providing Microsoft Security Essentials for download on Windows XP.

When Microsoft withdraws support for Windows XP updates, many businesses will need to migrate to Windows 8.1 or modernize their IT Systems to another platform.  With Cloud Computing and Mobile Computing, there are a variety of options available.  For those who choose to stay on Windows XP, here are some considerations:

Windows XP Updates for Security Discontinued

Microsoft’s discontinuation of automatic updates and security patches for Windows XP may leave you vulnerable to Malware and viruses, which may cause IT Security risks for your PC and network.  Remember: your network is only as secure as its weakest link.

ISV and Software Support for your Popular Applications

The latest versions of your applications may not be available for Windows XP.  Web conferencing applications, office productivity applications, and other business applications may not be supported by the software developer when Microsoft discontinues its XP support.

Maintaining Compliance on Windows XP

After April 8 your Windows XP machines will no longer have O/S patches. Without O/S patches, your ability to comply with your IT policies and procedures for industry and regulatory requirements, including PCI and HIPPA, could be compromised.

Consider these tips to keep your IT Systems up-to-date and keep your business running in a secure and reliable manner.  Migrating from Windows XP with the help of an IT Service & Support Professional can help you get the most out of your IT Assets while avoiding IT security risks.  Don’t hesitate to contact your business technology advisor for strategies to migrate from Windows XP.

Why You Need a Bullet Proof Computer Network

Your Computer Network is the information pipeline of your business. But what if your network goes down?  If your computer network is not operating properly, you may lose access to critical applications and their data.  If you are using mobile applications, software as a service, or other types of Cloud Computing, your computer network needs to be highly reliable and readily available. While reading this article, you will learn about information technology trends that impact your Computer Network.

Cloud Computing and Your Network

With Cloud Computing, your employees require consistent and reliable bandwidth over the internet to connect with the most popular cloud applications.  As Cloud Computing is becoming more important in business, it is becoming increasingly necessary to protect your network. Cloud Computing is an undeniable trend.  Most industry analysts forecast strong growth for The Cloud.  From a September 2013 forecast from International Data Corp., worldwide spending on public IT cloud services is predicted to reach $107 billion by 2017, an increase from $47.4 billion in 2013.   This trend in cloud computing is driving mega deals, such as the acquisition of Time Warner Cable by Comcast, as cable is a popular option for business class internet.

Is your Computer Network ready for Mobile?

A WiFi network is a practical way to connect laptops, convertibles, tablet PCs, and smartphones to your business.  However, mobile devices can tax your computer network performance and security.  To ensure smooth and consistent network connectivity, your computer network needs to accommodate the additional bandwidth requirements of those mobile devices.  Additionally, mobile devices may be a source of virus, Malware, or phishing schemes on your computer network.  Remember that your network security is only as strong as its weakest link.  Keep your mobile devices up to date with the latest Anti-Virus and Anti-Malware updates.

Ensure Network Security

Network SecurityCyber Criminals and hackers put your network security on the defense.  It is important that you protect your network with intrusion prevention, firewall, anti-spam, Anti-Malware, and web-filtering capabilities.  These necessary defense mechanisms help prevent unauthorized access to business applications and other data attached to your network. It is also a good idea to monitor and scan your network periodically to detect any unauthorized access that may have made it past your first line of defense.

Your Computer Network is the lifeline of your business for Cloud Computing, mobility, and employee productivity.  To get the most from your IT investment, your network needs to be bullet proof.  If you believe you can get better performance from your network or are unsure about your network security, contact your computer network professional today.

Avoiding Pitfalls to Cloud Computing Migration

It seems a majority of companies are adopting Cloud Computing as a significant portion of their IT infrastructure.  According the Computing Technology Industry Association (CompTIA) 4th Annual Trends in Cloud Computing, sixty percent of companies surveyed, reported they rely on Cloud Computing for at least thirty percent of their IT infrastructure.

Transitioning to Cloud Computing?  Here’s How to Avoid the Turbulence.

There are number of implementation challenges to cloud computing deployment.  As a result, it is important that your cloud computing deployments are carefully planned and part of a holistic information technology roadmap.

According to CompTIA, integration with existing technologies, changes required to IT policy and the learning curve of the cloud model top the list.  Less than half of those surveyed cited, cost overruns, justifying the  return on investment and transitioning from legacy systems as issues.  In fact,  the majority of business reported performance and availability levels were as expected from their cloud provider.

What can a Business do to Avoid the Pitfalls When Transitioning to the Cloud?

Challenges of Cloud ComputingCloud Integration

There are a number of issues that can impact the success of your cloud computing deployment.  Software as a Service applications (SaaS) rely on Application Program Interfaces (APIs) for integration.  It is important to ensure your SaaS suppliers use common APIs so they can easily integrate with one another  Understanding your requirements is key to identifying when integration can become an issue.

IT Policies and Cloud Computing

Keeping your IT policies and procedures up to date is also an important component of a successful Cloud Computing Deployment.  Cloud Computing solutions can be rapidly deployed so it is easy for your IT Policies to become quickly obsolete.  Make sure you include time and budget to update your policies along with your cloud implementation.

Network Bandwidth and Cloud Computing

When companies adopt Cloud Computing as part of their IT infrastructure the servers their employees access are no longer on premise.  Connecting to your applications and their data can put additional strain on your networking infrastructure.  To avoid network bottlenecks it is important to asses your network readiness for cloud computing before you deploy.

Determine the Business Value of Cloud Computing

To ensure a successful transition to the Cloud, it is also important to have clearly defined business objectives related to your cloud deployment to ensure you maximize your return from your cloud computing investment.  Make sure you have aligned your business objectives with your technology investment.  Keeping the business objectives in mind will help you navigate the pitfalls of a cloud computing deployment.  Contact your Cloud Solution Provider to ensure your technology plans include a smooth transition to the cloud and avoid unexpected turbulence.

Mobile Security: Why Should I Care?

Mobile security is top of mind when it comes to concerns for IT Managers.  According to the Computing Technology Industry Association (CompTIA) risk of loss is the number one concern related to Mobile security. For the first time last year, more smart phones and tablets shipped than PC desktops.   It is no surprise that mobile devices are the target of mobile security threats.

Chances are most people in your company have a smartphone, tablet or both.  In some cases these devices connect to your company network using WiFi.  It is equally likely that these devices access company information via email, mobile applications or file synch to company data.  Now that these devices are universal, it is important to have a plan if they are lost or stolen. Keep in mind, your four digit password may be the only thing between an intruder and your data.  Here are some additional considerations for mobile security.

Mobile Security Policy

While you can remotely wipe a Mobile devices when it is lost or stolen, this may not be enough.  That four digit passcode can be easily hacked in minutes.  It is important that employees know how to report a lost or stolen device immediately.  Also consider, there may be personal information on the device that is property of your employee.  This data may not be backed up and could be impossible to recover. There may be local laws that prevent you from wiping this type of data from personal devices.  If your employees access your corporate systems, be sure they sign and acknowledge your company policy for acceptable use, including policy for reporting lost or stolen devices and mobile device policy for storage of personal data on a company owned mobile device.

Mobile Security Training

Some social networks are designed to harvest contact information that may be synched with corporate contacts.  Publishing privacy data without consent may be considered a data breach.  Train your employees on the importance of mobile security policy and the related mobile security risks.

In addition to mobile anti-virus, mobile anti-malware detection, device management, mobile phishing protection, your knowledgeable employees are one of your first lines of defense against the threat of a mobile security breach.  If you feel your employees need training or your mobile security policy is not up to date, contact your mobile security professional today!