Author Archive

  What is Cloud Computing?

I am frequently asked to describe what cloud computing is.  One of the problems with the term cloud computing is that the term is used loosely to describe many types of computing models.  Here I make an analogy comparing computing models to real estate.  Ready, here it goes…

Owning a home – this is like a traditional (on-premise) small business computer network.  The business owns the entire system and it is located on their premise.  They pay for the house and all of its repairs and maintenance.  The initial investment is high, but the owner has total control of the system and responsibility for its management.  Highest up-front costs, unpredictable ongoing costs.

Owning a condominium – this is hosting.  The business owns the equipment and runs it in a shared facility.  They are responsible for purchasing most of the equipment and pay monthly fee to cover major infrastructure costs that are shared with their neighbors.  While this still has the same high initial investment, the owner is no longer responsible for many of the maintenance or repair costs.  Management responsibilities are also delegated in exchange for condo fees which are shared.  High upfront costs, predictable ongoing costs.

Renting an apartment – this is Platform as a Service (PaaS) or utility computing.  This is when the business has a long term agreement to use someone else’s equipment and infrastructure.  The business will sometimes own soft assets like software and remote devices (think furniture and chachki), but the vast majority of the equipment belongs to someone else.  The key point to this is that there is a long term agreement for a fixed set of outcomes.  This model also reduces the initial investment.  There is no large up front capital expense and all management, maintenance, and repairs are delegated.  All in exchange for a monthly fee.  Low up-front costs, higher predictable ongoing costs.

Renting a hotel room – this is true cloud computing.  While the term is loosely used in the industry, it’s true meaning is short term and scalable.  Some of these are free (like the old youth hostels and YMCA’s), there are some on a budget, mid-priced, luxury, short stay, extended stay.  Regardless, in all cases, they are pure transaction oriented, pay for a night stay for a night.  They are designed to be flexible and address short term needs.  No up-front costs, highest on-going costs, short time commitments.

As you can see, no one model that fits everyone.  As these models continue to mature and the technologies evolve, they will become more clearly defined.  One thing is certain to me, technology will continue to move at an ever increasing pace.  We need to remain aggressively thoughtful and purposeful as we continue to develop our services.  It is very important that we match our Clients’ needs to the solution and not vice versa.

In email, a subject not only needs to be descriptive, it needs to be unique. 

 It all starts with a subject.   Subjects are so important to frame an email or a conversation. 

You start by offering a short description of what the conversation is about.  A good subject should frame the conversation and prepare the other party for what you are about to say.  A poor or missing subject leaves the other person struggling in the conversation to identify what the conversation is actually about.

With today’s technology, both email software and smart devices offer a feature called:

 ”Conversation View”. 

This is a great feature that groups messages by their subjects.  It is very handy for keeping an email box neat and tidy.  It also makes it efficient when managing long email threads.  It is so good it is almost perfect.  The technology works as designed, the problem is that people use the technology.  Missing or generic subjects cause the system to group messages that have the same subjects but are not related.  If someone sends me an email with no subject, it groups the message with the 500+ other messages I have with no subject and I get annoyed (don’t tell me I need to clean out my inbox because I have 23,466 messages, Randy Pausch says I can have as many as I want, that is what search is for).  Same if I get an email that says…

Info needed
Fyi
Re:
A Client’s name
A person’s name
Quote Request
Paperwork
The list goes on and on…

These are all bad email subjects.

You see, just about any one or two word subject runs the risk of being lumped it with other emails defeating the purpose of conversation view.  A little thought into framing the subject will help prepare a recipient for your message and allow for this powerful new feature to be extremely useful.

That was easy!

Bring Your Own Technology…

That seems to be the name of the game today.  Consider it the invasion of consumerism into the enterprise and business IT space.  It isn’t hard enough to integrate and support the business solutions in this space, now comes along consumer technology and everyone has the “business critical” device or application.  Rarely do integration issues get considered (why wouldn’t it work?).  Nor do support issues (how do you remote to them?).  Not to mention the security concerns.  These are some of the things we need to keep in mind when helping Clients incorporate these consumer technologies into their IT infrastructure.  Technology comes in cycles and this period we are in is no different.  It seems that the consumerism issue the industry is facing is the front side of the cycle.  There seems to be more entertainment than business in a lot of what is going on.  However, as the consumer technologies gain market share, you can see true business uses starting to percolate.  I have no doubt some of these technologies will stick and become a part of the typical IT landscape and many will end up on my window sill.  We will look back at the period we are in, laugh and say to the new young folks, “in the old days, we used to have to support all these…”

For now, we do the best we can to help educate our Clients on the front side to make good decisions, help them implement the decisions they make, and be there for them if anything goes wrong.

AS we consider BYOT, We remember our Core Value #1 – Attitude – WIT – Whatever It Takes.

When things don’t work out…

Yesterday, I got a call from a potential Client that was getting ready to part company (nice way of saying terminating) an in-house IT person (and the only IT person).   I do not know the circumstances, only that the manager was deeply concerned about what the IT person could/would do after the termination.  Here are a few guidelines I suggested…

• Secure the physical environment – do not let the IT person on or near the computer system.  Clean out their personal items for them (physical and electronic).
• Secure the electronic environment – disconnect the internal system from the Internet.  This prevents any unauthorized access from outside.
• Re-establish all security credentials.  This means ALL passwords.  To perform this task the original passwords are needed – this leads to the next and most challenging part.
• Knowledge capture – get the critical system information.  This will need to be part of the separation process (a proper network environment has this information documented – most networks do not).  Here is a list of some of the critical items.  The list is by no means complete, but is the basis of re-establishing control over the IT environment.
  • ISP Account Info
  • Firewall / router passwords
  • Administrator passwords
  • User account List / passwords
  • Email Account List / passwords
  • Email Service Settings & Mgmt
  • Domain Name Host & Mgmt
  • Website Host & Mgmt
  • Server Documentation & Media
  • Printer & Copier Documentation & Media
  • Copier Password
  • 3rd Party Vendor Contacts (all vendors will need to be informed)
    • Software
    • Copiers & Printers
    • ISP
    • Phone System
• LAN IP Scheme & Static List
• Managed Switch Overview
• Wireless – Security codes

 

This is typically an unpleasant event for all involved.  Proper transition of the IT assets and responsibilities to the next person or organization is in the best interest of everyone.

How to manage computer use in a small business…

It is becoming increasingly important to effectively manage technology assets in a small business.  Over the last couple of decades, computer based technologies have become the backbone of many businesses.  They provide the foundation for employees to manage and deliver products and services.  As time goes on these systems become more and more mission critical to the organization and managing them and the people that use them improves the reliability of the systems and the efficiency of their users.  As the technology platforms have developed, they taken on many roles.  This is a good thing when it comes to being able to expand business processes and applications; however, there is another side.  The computers that are used in business today are the same types of computers that users use for their personal computing. Their use in the company can easily blend business and personal use.  There are many concerns the small business has with business computers being used for personal use.  The most obvious is that people spending company time on personal computing wastes company assets, the Internet and social media outlets are easy distractions form the company mission.  Another area of concern is system disruptions, a user who takes it upon themselves to install a program or system modification for personal needs can unintentionally disrupt the integrity of the system both for themselves and others (we see these issues on our Help Desk way too often).   Lastly, popular personal use Internet sites are notorious for the spread of viruses, malware, spyware and a host of other security concerns.  In today’s Internet based world, security is at the forefront of the business Internet concerns, having users with unrestricted, unmanaged Internet create risks that are unacceptable.

What to do…

Create a computer use policy:  Describe in easy to understand terms what is acceptable and unacceptable use of company technology assets.  A good computer use policy should mirror company values and culture.  Make this a fundamental part of the company policy manual and adhere to it.

Implement the basic security technologies:  Implement a solid endpoint security strategy (what used to be called anti-virus software – this term no longer covers all the facets that need to be protected).  A standard strategy covers the gateway (the connection of the company network to the Internet), the computers, notebooks and servers, and last but not least, email (this should cover SPAM too).  In addition to endpoint security, backup all critical systems and data.  Lastly, maintain the latest security updates for core operating systems and software.

Monitor Internet Use:  This has historically been a sensitive issue for many small businesses, no one wants to play big brother.  With the growing uses of computers and the Internet and the continued increase in dependence of technology and Internet connectivity, un-monitored and un-managed Internet connections are no longer tolerable in companies of any size.  Monitoring and managing Internet usage reduces system disruptions and increases system performance and user efficiencies.

There are more elaborate methods, tools, and techniques to manage computer use in a small business, however, this is the base that all companies, not matter how small, can start with to increase the reliability, predictability, and efficiency of their computer systems.

Here are the tools we use and recommend to our Clients…

Endpoint Security – Vipre
Internet Security Appliance – Fortinet
Email Security / SPAM – Google Postini
Internet Monitoring Appliance – Cymphonix

Start with the basics.

DR/BC planning in small and mid sized businesses (SMB) always starts with the basics.  These are the things that every business should do, regardless of their size, mission, regulatory compliance, or business strategy.  These are the easy things that don’t require gobs of money or consultants to tell you how to protect your business from a debilitating interruption.  When the basics are done well, any business can recover from any unexpected event and / or situation.  The variable is how long and how much effort it will take to recover.  This simple concept is lost on many who pursue BC/DR plans, they focus on the “how long” before they focus on the “if”.  The basics provide the “if”. 

Here are the basics:

Sound Design: A sound design consists of planning for a long lifecycle, selecting the proper technology balancing needs, training and supportability, keeping the setup as close to industry best practices as the business needs allow, and keeping it simple.

 Utilize and test security tools:  Security issues are the most common of technology business interruptions.  Use industry best firewalls, monitoring, backup, and malware tools, follow industry best practices, and test regularly.

 Document it:  Trying to figure out how a broken system was setup wastes valuable time in a technology failure.  Having thorough system documentation in place will allow for better long term planning, faster troubleshooting, and provide a roadmap for recovery in the event of an event.

 Build it to last:  Implementation is the variable that will determine the reliability and predictability of a well designed system.  A well planned and executed implementation will usually run better and longer than a haphazard one.  Good habits, industry best practices, attention to detail, fit and finish are some of the traits that make for a solid implementation.

 Support it well:  If it were a car this would mean keeping the tires properly inflated and rotated, changing the oil, keeping it clean, following the manufacturer’s maintenance schedule, watching the gauges and indicator lights, staying aware of how the car performs through your senses.  Technology is no different; routine maintenance (light and heavy), monitoring, and awareness keep the well designed and implemented system running well through lifecycle.

 If the basics are done well, the organization should have a system that is less susceptible to disruption and have the ability to recover in case that they do.  These steps are generally within reach of any organization.

 The next logical question is how long does it take and this is where the conversation starts to get complicated and people start to get lost in the weeds.  Once the basics are in place, this may be the point to call in the outsiders to assist.