Archive for January, 2006

The Basics of Telecommuting

Wednesday, January 18th, 2006

Trying to imagine how to run an office in Los Angeles, New York City and London (with thoughts of Paris)? Well, there are a whole host of products looking to make your life easier. The hard part is figuring out which ones work best for each and every specific environment. Usually it boils down to matching your company’s business logic to products that are offered with an emphasis of working within your budget while attaining goals set forth by senior management.

Typically, the most paramount need businesses have with Remote Access Services (RAS) is file sharing. From Word and Excel documents to Final Cut projects, sharing files means sharing budgets, pictures, correspondence and other digital assets. It becomes increasingly important for individuals to be able to share files the larger an organization grows Ð and increasingly important to ensure that it’s done so securely.

There are technologies today that allow for the efficient sharing of large files.

Companies with file servers know that a central repository (or a server) has many benefits, but when opening branch offices, special considerations must be given to the access that individuals have to the place where everyone’s data resides. Companies that haven’t yet encountered a need for a server may find that it is essentially required in order to share data between remote locations. Sometimes, files that are easily shared locally on one server, become difficult to share between remote locations due to size or motion video issues.

Virtual Private Networks (VPNs) are the most common method in securely connecting multiple offices or locations. This is often handled within a company’s gateway (router). VPNs send data over the public Internet through encrypted “tunnels.” Using a VPN to connect two or more networks is also a way to help ensure ease of use, which becomes paramount in organizations that are increasingly complex from a technical point of view.

VPN Encryption ensures safe delivery of your data.

The second most common type of data for sharing between multiple locations is contacts, calendars and schedules. This type of sharing is often called “groupware.” Cross-Platform groupware products include Microsoft Exchange and Now Up-To-Date/Now Contact.

Groupware means workflow automation.

Exchange, a centrally managed groupware solution, allows staff members highly configurable access to items that other staff members or workgroup members are working on. With the release of Office 2004, most of the Exchange features available for the PC are now available through the Mac. Sharing calendars, emails and contacts is what Exchange is all about. However, the product is still a little limited in what it can do on the Mac.

Many cross-platform companies still have the need for this detailed level of sharing, and have turned to products like Now Up-To-Date and Now Contact. With Now Up-To-Date it is possible to view schedules across networks easily. One use of this has been to use a key to specifically switch between the calendars of Editors in London and editors in Los Angeles. This allows one person to handle schedules in multiple offices, and everyone to see live scheduling data.

The same goes for contacts. Using Keywords or categories (two different options), users can find contacts quickly based in whichever city they choose. Using the notes feature of Now Contact, it is possible to track correspondence, meetings and phone calls on a per contact basis. This way, each person that talks to a client is able to see who spoke to him or her last, when they spoke to them and what it was about. This enables companies to rely on the data as opposed to the people, allowing business processes to occur out of any office they choose.

Internet Security 101

Monday, January 16th, 2006

“We’re not a high profile target.” We’ve heard it countless times before, but that argument just doesn’t hold up any more. There are malicious applications out there that scan entire chunks of the internet for computers that are vulnerable to specific attacks.

Most small businesses hold the position that because they are not a “high profile target”, such attacks do not represent a threat to them. In terms of modern security, the attitude of “We’re not NASA, and therefore our information is not confidential enough to protect”, just doesn’t hold up.

The security attacks described in this article are sometimes less about your competition covertly gaining access to your trade secrets or client/job data, and more about random entities exploiting your precious technology resources. In addition to stealing confidential data, Internet hacks can compromise the performance of your technology assets with Bots and other Spyware as well as use up most if not all of your Internet bandwidth. all of these potential symptoms cost business in lost productivity and the direct costs of having to resolve these performance issues.

No device that’s open to the web’s protocols is secure

Nearly every router and firewall, from consumer grade to professional grade has the option to create what is called a Demilitarized Zone, or a DMZ. DMZs offer the ability to quickly split an Internet connection to many computers while still moving all incoming traffic into a specific computer. Often, the standard setup is to DMZ a server in a small office that has one server. This is especially common when this server is being used for multiple purposes (such as a web server, FTP server, mail server, etc.). Each one of these services uses a specific port to differentiate incoming requests. For example, web traffic typically uses port 80. When selecting ports coming into a network, it is important to remember that the less traffic that comes into a network, the better. However, when using DMZ, all ports are open, giving attackers a virtually limitless amount of ports to scan, infiltrate, and exploit.

Selectively granting access is now a must.

Attackers are also using Google to find unsecured stations that accidentally get crawled (a book on hacking with Google was just released ). If one of your systems is compromised by a hacker and used to launch an attack on another computer, then those victims have every right to sue you for damages in court.

Another excuse that doesn’t hold up any more is, “It’s a Mac, and they’re secure.” It’s true that Mac OS X has been labeled the “most secure” OS on the market. However, the MOST secure doesn’t mean FULLY secure. Macs are going to become higher profile targets in that more and more attacks can be launched from them, even if there are still fewer people attacking them than Windows.

Since nothing that’s open to the web is secure and most every business relies on open connections to the Internet to remain competitive, Three18 recommends that our clients keep as many copies of everything important in as many locations as they can, as well as having routine security audits and port scans.

Rotating redundant offsite backup solutions are critical.

The best way to protect your data is to back it up. When evaluating the costs, ask yourself how much money one day’s data is worth to your company. A week? A month? An hour? Then, make decisions on how often to back up based on the backup cost vs. the cost to recreate the data.

Protecting your assets requires a plan for both your perimeter and your data as well as your technology assets.

Now having said all of this, the real cost of security is inconvenience. The rule of thumb is that the more security is applied to an environment, proportionally the less convenient access to that environment becomes.

More often than not, the cost of 100% security is too high for two reasons: it limits the convenient access of a company’s data both internally and remotely, which often is required to support a company’s business logic as applied to technology; and it simply costs too much money to implement.

The best analogy is that of the homeowner who chooses to get an alarm system and put high quality locks on all the doors of his/her home, but opts to leave all of the windows on the home’s first floor without bars. In this case, the home is safe from the typical entry points, but at the price of maintaining a nice view through the windows, the home is vulnerable at the same time.

Sometimes less than 100% is good enough.

Security, as with most business decisions, is a risk-based decision. Factors of costs, convenience and liability must all be considered to fully understand the implications of business security.