Saturday, May 29, 2010

Fortune 500 and Symantec

On May 3, 2010 Fortune Magazine released the Fortune 500 list. The volume (161, Number 6) is a heavy one; weighting more than any other magazine published this month, and more than any regular night time fiction novel.

On page 15, opposite to the “Welcome to the 2010 Fortune 500” Letter from the Publisher, the full page ad reads:
Are you prepared to face today’s biggest IT risks?
- Confidence in a connected world (S) Symantec.

Then from pages 211 to 237 (or F-1 to F-26) each footer ad is a Symantec one. Some of the main messages from those mini-ads alternate the following two sentences; along with brief paragraphs that contain and highlight these points:

PUT SECURITY FIRST –data loss prevention –encryption –Web security –endpoint protection –virtualization management

CONTROL YOUR DATA –archiving –deduplication –disaster recovery –green IT –storage software –Symantec Hosted Services

It is obvious that Symantec sponsored the list. For those of us not around technology names or new to the IT world; know that Symantec is the company that bought/merged with smaller and diversified ones that produced and sold products such as Norton Antivirus, System Works, WinFAX, Veritas Backup, pcAnywhere, and many others.

The Symantec Corporation now focuses exclusively on services, software and devices that have only one purpose: secure data (PUT SECURITY FIRST and CONTROL YOUR DATA).
The company is ranked 353 in the Fortune 500, and number 3 as a software company after Microsoft (36) and Oracle (105). Its 2009 revenues were US$6,150,000.00.

If a company of these qualifications is trying to -finally- convey the signature on each of those ads: Confidence in a connected world message to readers of such publication; what should we take from it?

The Confidence in a connected world translation is simple: Self- Assurance in an Internet based environment.
Or, using trendy words: Security (your data) in a Cloud-Computing environment.

Is it just coincidental that Computotal CSI has been focusing on Total Data Security for the past 15+ years?

Proud to be part of such a futuristic enterprise.

Monday, May 24, 2010

Secure your Data

Where does your data reside? Do you carry it with you? How? Is it instead somewhere in what some people call “servers”? A combination of these?

Is your data important? Could you survive without it?


Wouldn’t it be nice not to carry your data around on laptops or storage units, and instead know exactly where it is and be able to access it at anytime from anywhere?

We’ll get there soon. Actually, some companies are already there: from documents to full databases to email and more, there are a lot of providers that already offer all kind of services for us to have all of our data –and processes- living “on-the-cloud”. This is, Cloud-Computing or SaaS: Software as a Service.
Some of us are still reluctant to do this, or we are worried about the fact that we could lose control over our data not knowing exactly where it is. Or rather, we are so used to “feeling” our data in our hands that the simple thought of not having it with us is like not having it at all.

So, in this “felt” scenario we are also used to backing our data up to even more physical devices so that we sleep well knowing our data is safe.
Until the day comes when we make the mental switch and convince ourselves that the cloud is more secure than our portable devices, we will continue to have the need to back it up, either to more devices (or to the cloud!)


In brief, until all our data resides on the cloud, it is necessary to save it and keep it secured.

There will also come a time when it will be cheaper to replace than to fix laptops, whether those are Windows based, Macs, Linux based, iPads or Blackberries. It will be as common as replacing cellphones was by the end of last century.

Some of us already interchangeably use a smartphone, a laptop or any computer’s Web browsers to access our email. As simple as it is now to do this, it will also be to access the rest of our data: whether it is proposals, spreadsheets, diagrams, movies or books. calendars, to-do lists and contacts too. All we need is a device that connects to the Web and presto! We are productive. No need to carry data, no need for briefcases, no need to be in the same cubicle every day.


So, before we make the full move to a Cloud-based business, we still have to protect our data. How?

Here is a very basic summary of the most important data protectors in your office:

1. UPS. But not the delivery company. UPS stands for “Uninterruptible Power Supply”.
If you have servers, you certainly have UPSs around. What these units do is protect equipment from electricity spikes, low and high voltage changes and even outages.

2. Computer storage redundancy/resiliency. Most common in desktops, workstations and (mandatory in) servers than in regular laptops, hard drives and storage units are mirrored so that if one of them is damaged, the other makes the whole system operate normally; the idea is to replace the damaged unit as soon as possible so that redundancy is attained again.

3. Operating System: MS Windows, Mac OS X, Ubuntu Linux, Google Chrome OS… whichever makes your computer/device be able to run software such as calendars, email programs or Web browsers is an OS. The newer it is and the more bits it operates on the better. For example, Windows 7 (version is 6.1! -not 7.0-) is better than Windows Vista (version 6.0) and even more than Windows XP (version is 5.1). And Windows 7 64-bit is better than Windows 7 32-bit.

4. Encryption. Barely used for its many “complications”. We only tend to encrypt very specific and important files and/or email messages. It is getting easier to implement and use, and nowadays we can encrypt not only individual files, but also entire folders; and even external memory units and hard drives, both internal and external.

5. Internet Security Suite. Of paramount importance: what most of us still refer to as “anti-virus” is most of the times a combination of anti-virus, anti-spam, anti-spyware… in brief: anti-malware.
Most suites also offer depending on vendor and package acquired a firewall, some kind of identity protection, browsing advisor features, et cetera.

6. VPN. Or similar technologies. So that whoever connects remotely to your network does so in a secure way. VPN stands for Virtual Private Network: there are no direct lines connecting offices or individual computers, rather the Internet is the conduit: by compressing and encrypting the information traveling so that prying eyes can’t do much to interpret what is being sent over “open wires”.

7. Email access. Local vs. Web based… this is getting complicated now: it is very likely that your company email is not in your physical servers. It might be, but it’s becoming easier, cheaper, faster and more ubiquitous to simply connect to the email servers on the cloud than having resources put in place to manage company’s email. Anyway, the more on-the-cloud email services you have, the better.

Are we there yet?

8. Data Backup (its main purpose: data recovery). Fortunately for all of us, on-line data backup is mature enough so that there are many options nowadays, and so are the different levels of services attached to those. From pricing to likes to features. There was a time long ago when we used to back up our data with no encryption and awkward compression using external devices such as Hard Drives, Disks, and –believe it or not- tape cassettes!


Go over the list again. Please bear in mind this is in reality an oversimplification of the terms and technologies around each of the points listed. However, if any of these is missing in your environment, better to start asking your IT department questions.

Sunday, May 23, 2010

UPS

But not the delivery company. UPS stands for ‘Uninterruptible Power Supply’.

If you have servers, you certainly have UPSs around. What these units do is protect equipment from electricity spikes, low and high voltage changes and even outages. They contain a battery that helps equipment continue to operate when there is no electricity power on the grid, communication between the UPS and the server/computer allows to shutdown properly when a certain minimal battery threshold is reached, so that damage is minimized.

Do invest money when selecting a UPS for your main equipment; a couple hundred extra might make the difference between business continuity and business closed.

Because your main equipment is the original repository of data, it is of paramount importance to protect it.

Computer storage redundancy/resiliency

Most common in desktops, workstations and (mandatory in) servers than in regular laptops, hard drives and storage units are mirrored -or in a similar arrangement- so that if one of them is damaged, the other(s) make(s) the whole system operate normally; the idea is to replace the broken unit as soon as possible so that redundancy is attained again.

There are many ways to achieve redundancy in the internal storage units on servers and networked storage devices. The main point here is to make sure that hardware does not become an issue for keeping our data safe. Power outages and current spikes, heat, regular wear and such could cause such damage.

Obviously, the better the storage units’ quality, number of them, and array type will secure data better.

Saturday, May 22, 2010

Operating Systems

Microsoft Windows, Palm-OS, Mac OS X, Ubuntu Linux, Google Chrome OS… whichever makes your computer/device/smartphone be able to run software such as calendars, email programs, telephone, contacts lists or Web browsers is an OS.

The newer it is and the more bits it operates on, the better. For example, Windows 7 (version is 6.1, not 7.0!) is better than Windows Vista (6.0) and even more than Windows XP (5.1 or 5.2).

And Windows 7 64-bit is -obviously- better than Windows 7 32-bit.

An OS is in reality a program. One that functions as a container of smaller ones, a huge package that allows other programs to be installed and work on top of it.
For example, Notepad is a program embedded in Windows, while Adobe’s Acrobat Reader can be installed and used on it.

Easy! Isn’t it?

Data Encryption

Barely used for its many “complications”. We only tend to encrypt very specific and important files and/or email messages. Have you ever done it?

However, encryption is getting easier to implement and use, nowadays we can encrypt not only individual files, but also entire folders; and even external memory units (USB Flash Drives) and Hard Drives, both internal and external.

In fact, we do not need to acquire third party products for encrypting anymore; business editions of Windows 7 and the latest OSs and email programs offer it “out of the box”.

Some technologies implicitly offer encryption: wireless routers, VPN systems, email servers, and some more.

Encryption offers a very high level of security for data protection, the only caveat would be that we lose the key: then we are in deep trouble. However, the scale will always tip to the positive and many advantages of encrypting and therefore securing our data.

Friday, May 21, 2010

Internet Security Suite

Of paramount importance: what most of us still refer to as “anti-virus” is most of the times a combination of anti-virus, anti-spam, anti-spyware… in brief: anti-malware.

Most suites also offer -depending on vendor and package acquired- a firewall, some kind of identity protection, browsing advisor features, data backup and recovery, parental controls, et cetera.

While some products are better in one or more categories, others are in different areas. However, depending on real needs and type of organization, there are many studies, reviews and comparisons between the many different products, versions, and variants.

Also important is the fact that we need to be cognizant that what worked a few years ago, might not do it as well anymore. The threat landscape changes with the ways and at the pace technology does. Your chosen product could have been top-performer half a decade or just a couple of years ago; better to check its effectiveness today.

A good way to know where our selected suite stands is to check often independent third party organizations that test and qualify these products. For instance, for SOHO and consumer-based products visit http://anti-virus-software-review.toptenreviews.com/small-business-antivirus/ and read articles such as http://techtalk.pcpitstop.com/2010/05/13/the-state-of-pc-security/

For business applications, these two sites offer the best testing and reviews:
Virus Bulletin: http://www.virusbtn.com/vb100/rap-index.xml

AV Comparatives: http://www.av-comparatives.org/images/stories/test/ondret/avc_report24.pdf and
http://www.av-comparatives.org/images/stories/test/ondret/avc_report25.pdf

Virtual Private Network

There are many articles, Blogs and books related to VPNs: from the very technical and complicated ones, to blank and purely theorizing, to businesses oriented.

VPNs or similar technologies allow whoever has proper credentials to connect remotely to your network in a secure way. This obviously allows remote users to access information and utilize programs without the need to be physically present in your premises. There are no direct copper or fibre optics cables interconnecting offices or individual computers, rather the Internet is the conduit: by compressing and encrypting the information traveling from the office to the remote worker, so that prying eyes can’t do much to steal and much less interpret what is being sent over “open wires”.

There are also new technologies taking place (MS’s Direct Access) that will replace the need to install more devices to our wiring closets or packages on our over-loaded servers. These are already being implemented today, and will surely make everybody’s life easier.

A complete and very good –although technical- explanation of VPNs can be found here: http://en.wikipedia.org/wiki/VPN

Thursday, May 20, 2010

Email Access

Exchange, Gmail, Web-based, Outlook, Thunderbird, POP, Evolution, Domino, IMAP, Lotus Notes, Blackberry, Windows Live Mail… confused? Me too.

It would require many pages or perhaps an entire volume to list products and differentiate the many and every time more techniques required for making email work. What is definitely true is that the local vs. Web based email system implementation battle has been won by the latter.

By local I mean having a dedicated server or computer run the main email program inside our offices, so that we can quickly and easily access email. It is also more expensive to do this, so if by any chance your company holds an Exchange, Domino or similar product; tell them to evolve. The financial department will thank your input.

It’s easier, cheaper, faster and more ubiquitous to simply connect to the email servers on the cloud than having resources put in place to manage company’s email. Basically, the more on-the-cloud email services you have, the easier and better it is.

You for sure know that Google offers Gmail along with some other Cloud-based products, but it is not the only company doing so. Big Blue has started already, there are plenty of dedicated ISPs and MSPs already on-the-cloud, and even Microsoft is “All-in” now; offering partial integration with existing products, and definitely fully integrating with the new generations: Office 2010, for instance.


By the way: what you receive aside from knowledge when you attend school or take a course is a diploma or certificate. You do not acquire “education”. Education is a concept the same way Email is. So, what you receive and send by using email is messages. You do not receive “an email”, you receive “a message”.
If you still tell your acquaintances “I will send you an email” you are lying. Nobody has ever been nor will ever be able to send email.

Data Backup

The main purpose of the existence of data backup is data recovery. Fortunately for all of us, on-line data backup is mature enough to the point that there are many options nowadays. There are also many different levels of services attached to those: from pricing, to likes to features.

There was a time long ago when we used to back up our data with no encryption, awkward compression and very complicated interfaces using external devices such as Hard Drives, magnetic media cartridges, CD/DVD Disks, and –believe it or not- tape cassettes!

Real data backup compresses the data and encrypts it so that nobody but the owners of such data can access it. Copying data is not really a backup, rather a simple copy.

Big organizations replicate their data between cities and in doing so have an easy and fast way to recover in case of disaster, using a variety of methods and devices to accomplish this. For the rest of us, from big vendors such as Dell to small dedicated companies such as Mozy and Carbonite, they all offer a huge variety of on-line DBU products.

We of course would recommend ecBackup and SOS Backup. You are probably already using one of these.

Wednesday, May 5, 2010

Of higher wages and similar evils

Overhearing a conversation about someone that has “so many” responsibilities now. He was not complaining about the higher pay he's getting simply because his role now is higher than before. But incredibly quick to condemn the new tasks “imposed” on him.

Shouldn't that be that way? Accountability and performance matched to pay and position. Simple.

I could rant on and on with plenty of examples and explanations. Today I will say just this: man, if you don't like your new title, or were happier with the previous job description, get back to it and leave this one for somebody who will feel alright with that new role and pay.

Tuesday, May 4, 2010

Dream Team

One of my teammates was bitterly complaining that sometimes he felt the entire team, or most of it, needed to be replaced. He is very competitive and sometimes leaves his own tasks and duties to help others, so that they achieve deadlines and quotas. However, it does not always happen so.

We see this scenario even in “professional” sports: two or three stars meet most of the qualities required for the team to be close to perfect. However, when the rest of them are not as good, or simply make mistakes, or do not execute according to plans; it is very likely that such team will lose the game.

In business is quite the same: we would love some times to have a Dream Team in our department or the whole company, but being realistic that would be close to impossible to achieve. The same market demands would prevent it from ever happening.

So, what do we do? As I explained to Theo, all we can do is give our best every time. Whatever we can achieve individually and as a team, should carry implicitly our 100% best effort. The market will notice, eventually. The best part is, as individuals, we will always be able to sleep well knowing we are doing the best we can. We cannot demand nor accept less from ourselves.


Are you the star in your team?