Networking « Vectrocon IT Consulting News

Archive for the ‘Networking’ Category

US-CERT Issues Security Guidelines: Small Businesses Laugh

Friday, July 22nd, 2011

The US-CERT (United States – Computer Emergency Response Team), in response to the sudden increase in popularized computer network penetrations within the United States and abroad, issued a bulletin summarizing what their experts consider to be reasonable security guidelines. Most small businesses, if they really had to do what CERT is asking, would simply start to laugh. Is it because the recommendations are poor? Of course not, they’re all great recommendations that should be followed by everyone. The reason small businesses would laugh is that implementing some of these things is difficult or impossible for them.

Some of it is easy and intelligent: use strong passwords, make sure that the average user has at least an 8 character password, etc. Some of it is intelligent, but not as easy. Change your password every 60 to 90 days. This is good advice, but a lot of users would change their passwords and immediately forget them, or change them and write them down where they could be easily picked up again. Not the result you want. Change the administrator passwords to 15 characters. For most admins in small business, this won’t happen because the admin is also the finance guy, the sales girl, the operations guy, or otherwise has to have the password to do work, but it isn’t the core work to be done. Also, changing administrative passwords usually has consequences beyond the immediate, so it often requires a trip from consultants like us, and that means cost.

Some of the suggestions just won’t be followed. US-CERT advises implementing an intrusion detection system (IDS). There are certainly freeware versions of these, and managed switches have become inexpensive, so you can’t complain that you need to invest a lot of money in a smart switch to use an IDS. However, who’s going to monitor the results? Who can rule out false positives and maintain the system?

As we’ve also noted, the biggest problem for small businesses is patching 3rd party software. Microsoft is easy, but if your users don’t have administrative privileges to their own computers, they can’t install updates for Oracle’s Java; nor Adobe’s Flash, AIR, Reader or other software. If they do have administrative privileges, you’re opening up another potential problem and you have no guarantee that end users will patch their systems as they should.

Overall, the US-CERT message is a good one, but one that small businesses will largely ignore. They’ll evaluate the risks and decide almost immediately that it’s a bad insurance policy. What we really need are better ways to patch common software. If anyone’s built a better mousetrap in regards to this, we here at Vectrocon would love to see it, because so far we haven’t found a reasonable solution for our clients, and both we and they would love to have one.

Posted in Network Support Patches, Networking, security | Comments Off

Rootkit infection requires Windows reinstall, says Microsoft – Computerworld

Monday, June 27th, 2011

Rootkit infection requires Windows reinstall, says Microsoft – Computerworld.

This will be a nightmare for those of us who provide technology support for small businesses. If your Windows computer becomes compromised by this exploit, we will be required to completely rebuild your PC. This is the type of thing that truly makes hardened operating systems like Google’s ChromeOS and iOS so attractive.

Although iOS can be hacked, Apple’s tight fisted control of what can easily be put on it, which they seem to be extending to MacOS X with its soon to be released Lion update, makes it much less likely that you will obtain malware on your computer. If you can’t get it at the app store, where Apple engineers have had a chance to review it, you can’t get it at all, or you’ve gone so far out of your way to get around it that you must be an expert, and those who live by the jailbreak die by the jailbreak. The average user, however, benefits from the added protection.

This really brings the value of another technology, desktop virtualization, to the fore. It also begs the question of whether this malware could be installed on a terminal server. If so, any user of the multi-user machine could doom everyone. Patching Oracle’s Java and Adobe’s ubiquitous products just became must more of a pressing issue, as if it wasn’t already important enough.

People talk about the rise of mobility, smartphones, notebooks, tablets and the like being the reason for the coming end of the PC era. I’m beginning to think that it’s security, the true 800 pound gorilla in the room, that’s going to rend the PC into oblivion.

Tags: MBR, no remediation, rebuild, rootkit, security, small business
Posted in Networking, Product and Company Commentary, security | Comments Off

Use Skype? A Security Researcher Claims to Have Revealed It’s Internal Workings

Friday, June 3rd, 2011

According to an article in Information Week, a security researcher has broken the protocol, or method of operation, used by Skype to conduct its communications. Whether this was done legitimately or illegally remains in doubt, as do the ramifications of the disclosure. However, it certainly seems that the very proprietary Skype protocol, which is a large part of what Microsoft is in a deal to acquire for a paltry 8.5 billion United States Dollars, is now available to the public.

As usual, the technical particulars are less important to our clients than are the effects that this might have on them. One thing that comes to mind is that quite a few small businesses use Skype as a poor man’s videoconferencing platform. In the short run, this probably doesn’t affect any of our small business clients’ use of the Skype technology. Clients in Fort Lauderdale can still videoconference on demand with colleagues in New York City, or Miami and Edison, NJ, or Spring Lake and Palm Beach. The security risk is no greater or worse than it was yesterday — however, that may change, even as soon as over the weekend. If people with good intentions can use this information to create stronger privacy controls, people with bad intentions can certainly subvert the information for their own ends.

Tags: protocol disclosure, security, Skype, small business communications, small business technology
Posted in Networking, Product and Company Commentary, security | Comments Off

Microsoft unveils touch-oriented Windows 8 – Computerworld

Thursday, June 2nd, 2011

Microsoft unveils touch-oriented Windows 8 – Computerworld.

Apparently the latest version of ”code name” Windows 8 adopts a radically different, and phone and tablet friendly, interface. From the descriptions, this interface is much more of a departure than the Ribbon Bar that Microsoft introduced with Office 2007. It will be interesting to see if adopters prefer the new interface, or revert back to a traditional style, or if Microsoft automatically adjusts the style based upon form factor of the device and then lets you choose.

I must admit curiosity about how well the new system will fare on ARM based equipment as well. It makes perfect sense that Microsoft moves beyond Intel, since Intel doesn’t own the tablet or phone space like they do PCs and general servers.

I’m still curious though, whether you need, or even want, a full Windows 8 on your phone or tablet. As I’ve mentioned in this blog before, what really made the iPad work was that the engineers used Blue Ocean Strategy as part of their product design. Enhance some things and eliminate others to generate a new product for which there was no competition. I’m not sure that adapting Windows 8 will achieve the same goal. Chromebooks may, but that’s such a radical departure that I’m not sure it will work, either.

In the next year, the concepts will get a chance to prove themselves in the theater of the market. In the end, it’s the only venue that matters. At the same time, we here at Vectrocon will need to modify our services and service delivery methods to accomodate these new devices and the new ways our clients will use them.

Tags: form factor, it support for mobility, mobile operating systems, tablet, Windows 8
Posted in Mobile Devices, Networking, Product and Company Commentary, Vectrocon Services | Comments Off

Chromebooks and Virtualization: The Secure, Do Anything Computer?

Thursday, May 12th, 2011

Google announced that Samsung would be using its ChromeOS in a computer called the Chromebook that will debut in June. If you haven’t heard, Google’s ChromeOS is essentially a linux variant with the Chrome browser welded to it in such a way that the browser is the only interface to the computer. The advantages should include much lower administrative overhead and very high security, because you can’t use peripherals with it, and all applications run in the cloud.

Interestingly enough, however, Google announced that it was going to allow VMWare and Citrix to load their VM clients so that you could essentially run enterprise applications in your datacenter on ChromeOS through a virtualization receiver. Think of it as a special type of remote access to a virtual PC at your company. You click on the virtual PC icon and are able to use any application installed on the virtual PC. In this way, software that is not web based can still be accessed.

The problem for our small business clients is that the infrastructure required to do this may exceed the value of the security provided by the Chromebook. We have had clients that use terminal services in this way for years, but “dumb terminals” rarely fit the bill for our clients because the capital cost is excessive, and the long term support savings from the terminals is offset by the increased costs of maintaining the back end infrastructure. Such a tradeoff poses a problem for small businesses with less than 20 PCs, especially if those PCs perform different roles (that is, they’re not all identical machines running one or two applications).

We will monitor the costs of these machines and the cost of the backend infrastructure, and if it makes sense for our clients, we will begin deployment.

Tags: benefits, ChromeOS, Cloud, detractions, small business, technology, virtualization
Posted in Mobile Devices, Networking, Product and Company Commentary, security | Comments Off

Microsoft Buys Skype for Unified Communications

Tuesday, May 10th, 2011

Microsoft has long had very strong unified messaging credentials. Although many people ignore them, Sharepoint, Office Communication Server (now Lynk) and Exchange integrate with each other and with voicemail and fax systems. Many pundits have already panned Micrsoft’s acquisition of Skype, but to our thinking, this is a major strength for Microsoft in its small business and cloud plays.

Microsoft attempted to add voice and video communications for years with minor success. What this acquisition would really do is add a lot of capability to its unified communications strategy. If Microsoft can execute a successful product integration, small businesses would be able to perform webinars, voice communications, videoconferencing, instant messaging, shared calendaring and email all from within one interface. Additionally, these various communications mediums would be “aware” of each other, allowing someone to know whether someone is available for a meeting, in an instant messaging conversation, on a voice call, at a meeting, in a webinar, on a videoconference, etc. You could leave video messages in someone’s email inbox. It could all be done from inside Outlook or a complete web client. It could all be encrypted and secured. It could be on premise or in a public or private cloud or a combination as needed.

Generally, the potential value of the acquisition looks good. But, like all merger and acquisition deals, the realized value will only be achieved if the cultures and the products can be quickly and inexpensively integrated.

Tags: collaboration, Exchange, OCS, Office Communication Server, Sharepoint, unified communications, videoconferencing
Posted in Networking, Product and Company Commentary | Comments Off

Small Business Technology Effects of Verizon’s LTE Outage

Thursday, April 28th, 2011

According to a report in Computerworld, Verizon has suffered a complete outage of its vaunted LTE high speed wireless network. Although Verizon claims to understand the issue, they still seem to have quite a bit of work to do to restore service, which they claim they will be doing

Vectrocon thought that this network, built on a stable technology and deployed in a lot of large metropolitan areas starting last year, heralded the ability of true mobile computing. The speed was high enough to give you cable modem speeds to your mobile device, making browsing, downloading or creating virtually any kind of content possible from outside your office. Unfortunately, with this type of widespread problem, it appears that a stable, reliable version of this technology, and the benefits that it would provide, remains a ways off.

We wouldn’t dissuade our small business clients from adopting the technology, because the worst that has happened during the outage was to revert to the speed you received from the old technology anyway. The usage cost between the technologies is not dissimilar either, so there’s no cost penalty for early adoption (and if there is, it’s not significant). However, adopters should note that early adoption means that reliability may not prove to be what you might expect. If you’re performing a major presentation that you require a solid, high speed connection, plan for a contingency, like giving the presentation where public WiFi or an accessible private WiFi connection is available.

Tags: adoption, adoption advice, cutting edge, fail, LTE, technology, Verizon
Posted in Mobile Devices, Networking, Product and Company Commentary | Comments Off

Technology Support: Windows 7 Market Share Finally Exceeds Windows XP in the US

Monday, April 11th, 2011

Unfortunately for Microsoft, I’m not sure that this means that XP is well and truly dying. I still have several clients that insist we purchase new computers, buy downgrade licenses and then reformat the new machines and install Windows XP on them to meet “global requirements”. Essentially, it costs double what it should for these computers due to the extra work and licensing involved (from our understanding and that of the computer manufacturers we have discussed this with, OEM Windows 7 cannot be downgraded to Windows XP legally).

What’s worse about this is that Windows 7 is simply more stable and less prone to virus attack than Windows XP. We have seen fewer malware incidents on Windows 7, and when we have seen them, the malware just doesn’t seem to get embedded into the system as deeply as on Windows XP. That, to us, is reason alone for small and medium businesses to migrate their information technology infrastructure to Windows 7. Forget all the other features, and there are many. Security alone should be enough of a selling point.

We’re wondering when OEM’s will begin to stop providing (or even producing) Windows XP drivers. That will be the final nail in the XP coffin. Now that market share for Windows 7 exceeds that of XP, OEMs might start saving the cost of producing XP drivers. Once that happens, new machines will need to have Windows 7 installed — regardless of policy.

Tags: information technology planning, information technology refresh cycle, operating system version, upgrade
Posted in Networking, security | Comments Off

Verizon 4G LTE MiFi Available: Take Your Office With You

Friday, April 1st, 2011

As a technology consultancy, we’re always looking at both short term technological changes which are tactical in nature, such as the latest notebook designs or application, and long term technological changes such as the rise of social networking or mobile computing which are strategic in nature. Every once in a while, you get a single device that affects both theaters simultaneously.

Verizon announced that it now has a MiFi device, essentially a mobile wireless access point that up to five devices can connect to, for its new LTE network. Verizon has long had these devices, and in fact that is how you connect an iPad without built in 3G to the Verizon network. The new LTE device can automatically detect whether it has a 3G or 4G connection available and operate accordingly. On the LTE network, download speeds have been recorded as high as 25Mbps. As more devices use the network, speed will most likely come down, but that still gives you double the speed of a cable modem and nearly the speed of basic FiOS. It’s upload speed is not as strong, but it still represents multi-megabit speeds, which approximate cable performance. Even if the speed goes down, you’re still getting phenomenal amounts of bandwidth for an individual or a small workgroup.

This, by my reckoning, is what makes this a tactical representation of a strategic technology. One of the main limitations of web based applications and storage when connecting remotely is that bandwidth is a big problem. If you are storing large files outside of a local office LAN, speed becomes a major issue. If, however, you can now access these files at speeds approaching what you would get on an internal LAN from a low end storage server, this becomes a non-issue. Also, adopters of cloud based storage routinely felt that if their Internet failed, they would lose access to their files. If you are able to use a 4G device like this as a backup, or a router with a 4G USB card in it as a backup, this argument against cloud adoption becomes moot. Furthermore, if you operate in our Fort Lauderdale, Miami or Palm Beach markets, hosting your information technology in house always raises the spectre of a data wipeout should a major hurricane strike. By outsourcing your infrastructure, which now can include just about everything you might need in house, you can earn yourself a built-in disaster recovery plan at an extremely attractive cost. Certainly it’s much cheaper than trying to replicate your infrastructure across multiple offices.

If you’re a road warrior, accessing the corporate network, especially if it has been transplanted to the cloud, becomes simple. No more need for VPN connections, plus the bandwidth is amazing.

We know that this works, because Vectrocon already outsourced just about all of its systems to the cloud. Our Exchange and Sharepoint sites are hosted, our telephone is VOIP. The only infrastructure we have locally are one dekstop computer, wireless access points, our notebook computers which are also our field computers, some external monitors and printers. The desktop computer hosts our Quickbooks software, which we would like to move to the hosted version as well. However, so far Intuit’s hosted version of the software imposes certain feature limitations that we cannot live without, so we have retained that in house. We could outsource that to Amazon’s EC2 and S3 systems, but the cost outweighs the benefits. We do backup that system using our Technosurety backup service to the cloud, so we don’t have any tape or other drives. When I went to Florida earlier this year, I disconnected my land line services, including Internet, and simply used my Verizon 3G wireless card. I could do everything I needed. With an LTE version, I am absolutely certain that I could do this not for one week, but permanently. That’s a game changer.

For Vectrocon, this means our job as a network support and technology support firm will change.

Tags: cloud computing, Computing Flexibility, Eliminate Local Infrastructure, LTE, mobility, Remote Office
Posted in Backup and Disaster Recovery, Mobile Devices, Network Support Patches, Networking, Product and Company Commentary, Vectrocon Company Information | Comments Off

Small Business Technology Problem: Data Archival

Tuesday, March 22nd, 2011

We’ve found a new problem among our small business clients. They have increasingly large amounts of data, and they expect, or in some cases are required, to retain that data. These requirements stem in some cases from regulations, in others from the continued digitization of information formerly kept in paper form and in some cases just from owners wanting to be able to look back further in time for comparative purposes. From a support standpoint this poses something of a problem.

Following the latest trend, technologists push small businesses to online backup for more cost effectively preventing loss of data than the venerable tape drive. In many cases, the experts (ourselves included) provide good advice on this score. We supply and support online backup and it allows us to review and verify that backups have taken place, eliminates the need to purchase hardware and reduces both capital expenses and ongoing expenses for supporting the backup system.

Unfortunately, most of the vendors that supply this service either do not allow their customers to retain data forever (some online backup systems, including Vectrocon’s own Technosurety Backup, remove data after 30 days), or are not cost effective for storing data indefinitely, or can be expensive to store. This is one area where tape drives or removable hard drives still make sense to use for archiving.

If you have requirements for long term storage of your data, for example if you need to be able to retrieve data that hasn’t been modified for say five or ten years, you need to consider an archival strategy. If you only need to archive once per year to satisfy requirements, a removable hard disk drive probably makes sense. If, however, you need to be able to retrieve data from set points further in the past, you might need to consider a a tape backup drive. Alternatively, consider using online storage or determining whether your backup vendor already performs archiving, or can include archiving as part of their solution. We provide consulting services on means of achieving the least cost archival technology that still meets clients’ needs.

Tags: data archival, data storage, information technology, limits of online backup, online backup limitation, small business, technology problem
Posted in Backup and Disaster Recovery, Networking | Comments Off

Vectrocon IT Consulting News