Sales: 678.967.3854
Support: 866.252.6363
Managing the IT Workload
It seems that all but the largest cyber-attacks are now fading from the news. It’s certainly not because there are fewer attacks these days – the number of cyber-attacks are increasing both in number and severity. As a managed IT Support company highly focused on cyber security, we keep on top of these things, but the reason you aren’t hearing about the increased volume or severity is simply that we, the public, have already heard so much about cyber this and cyber that, that we tend to become desensitized so the media stops reporting. That’s unfortunate because the fact is, virtually every business is at risk.
Somewhere between 43% and 91% of cyber-attacks are against small to mid-sized businesses (depending on how you calculate “small to mid-sized business”.) In spite of this, a recent Better Business Bureau report shows that 70% of small to mid-market (SMB) owners believe that they are not likely to be targets of cyber-attacks (stealing banking credentials, ransomware, etc.) although these are the companies in cyber-criminals’ sights.
It’s the old “it may happen to someone else, but not to me” syndrome. It’s a disconnect from reality. And this same BBB report showed that 80% of these same business owners were aware of the disastrous potentials of cyber-attacks, but, of course, it couldn’t happen to them! The report goes further to explain why the lack of urgency and why the commitment wasn’t there:
Lack of Cyber-Education
On the surface, cyber-education is easy to understand, but when you start to dig deep, the complexity really shows. Most small to mid-market companies do not have the trained IT professionals they need to properly protect themselves. Hiring an IT staff is a big step and continued training of these individuals, while critical, is expensive and time-consuming. Retaining the services of a managed IT support company is a great option, but selection is difficult because, quite frankly, most of the people within an organization who make the IT support selection, as intelligent and experienced as they may be in business, simply do not have the background to make the very best choice. Selection may be left to choosing which ever company offers the best price. (See our article on Has Managed IT Support Become a Commodity?)
If you have an in-house IT department, on-going cyber security education is a must. It should also be required for every employee.
Lack of Resources
A recent article in Forbes stated, not surprisingly, that many small to mid-sized businesses lacked the resources to implement the level of security precautions that they require. Also, not surprisingly, cyber criminals know this and that’s why they attack small businesses. Their “reward” for breaking into a large corporation may be substantial, but difficult to achieve, so why not go after a large number of smaller prizes?
But there are many things an SMB can do.
1: Education – there are a great number of online resources that can help with cyber security education. Use them
2: Be on the lookout for malicious “phishing attacks”.
3: Avoid bookmarks and shortcuts. Criminals can actually modify these.
4: Never use public WiFi. The hotspots at cafes and coffee shops are not as secure as you would like to think.
5: Use spam filters, content filters, and email encryption.
6: Have an in-depth conversation with a Managed IT Service provider, whether to managed your entire IT infrastructure or to provide valuable assistance to your in-house team (learn about DynaSis Co-Managed/Co-Sourced IT Assistance.)
Lack of Time
No one doubts that running a small company is very time-consuming and we understand that overlooking something that’s “invisible” like cyber security is easy to do, especially when it’s not high on your comfort level scale. But consider this: the most basic goal of cyber security is to keep criminals out. Would you leave your office for the night without locking your front door, even if you were pressed for time? Think about this: going back to the BB report, 80% of consumers would not make a purchase, even though they wanted the product, if they suspected their data was not protected. This is why a large percentage of SMBs whose data is compromised go out of business within six months of a cyber-attack, especially if it is reported in the media.
Learn More
If you want to learn more, check out our Managed Security webpage and White Paper, or give us a call at 678-373-0716.
Two weeks ago, we gave you some IT terminology that have become popular among IT support technicians. As before, we included simple definitions, with links to more detailed explanations:
Datafication: We know that data is increasing at an amazing rate datafication is the process through which businesses take information from people’s every-day lives and turn it into useful business data. The use of social media is a great example. It has become fairly common for businesses to use social media to determine personality characteristics of potential employees, replacing the personality tests that have been in use for many years. The use of social media has been proven to be more accurate. The accumulation of this data is often best accomplished through the Cloud.
Decentralized Cryptocurrency: No, it’s not something you would find in a cemetery. And, yes, cryptocurrency has developed something of an “underground” reputation as a form of payment that is used for nefarious purposes on the “dark web”, (not entirely undeserved) but in actuality, they are virtual “currencies”, meaning there are no physical representations, like bills or coins. Think of it like this: when you pay your credit card bill online, no one is going to a bank vault and taking a pile of dollar bills and transferring it from your money shelf to the credit card company’s money shelf. It is all done electronically. If, however, you wanted to walk into your credit card company’s office and hand them a stack of bills, they would take it. Cryptocurrency is like this except there is no hard currency alternative. You do buy your cryptocurrency (e.g. Bitcoin) with real money electronically, but after that, all transactions only take place over the Internet.
Gamification: Every day, as more young people enter the workforce, a larger and larger percentage of the nation’s employed grew up with video gaming as a major source of entertainment. Many employers, especially those that tend to employ younger people, have discovered that setting goals based on gaming protocols, rather than standard targets, prove more effective. For example, every sale completed may result is the awarding of “experience points”, and upon receiving a certain number of points, the employee “levels up” (reaching the next plateau.) When reaching a pre-set level, a cash or other prize is awarded. In other words, this is the “gamification” of goal setting.
Machine Learning: Machine learning is a function of AI, or Artificial Intelligence. What this means is that a computer gathers data from a variety of sources and then creates algorithms that uses this data to develop reliable predictions. This can help a business learn more about existing and potential clients needs and, thereby, increase the likelihood of making the sale.
Microservices: Microservices come from a form of software architecture in which easy piece of functionality is created as a separate program so as to be effectively independent of the other pieces. If a software customer needs a single piece of software functionality, they can purchase just that program and tie it together with similar standalone programs created by other software developers to end up with exactly the total functionality they need without having to have unique software written for them.
Open-Source: Open Source programs are those that are free and modifiable, and that can be used by anyone who wants to build an application around it. The use of open-source programs make the development of custom programs for small businesses affordable.
We hope these posts on terminology has been helpful. If there are any other terms, or anything at all about IT solutions or IT support that you are curious about, please feel free to speak with one of our team members at 678.373.0716, or visit us at www.DynaSis.com.
As an IT support company, we occasionally hear about slow running PCs with Windows 10. You already checked for viruses…none there…and aside from running like molasses, everything seems to be fine. Could be that your PC just has too much clutter. Clutter jams up the memory and can restrict performance to the point where everything just gets frustratingly slow. We’ve identified 5 kinds of “clutter” that can be doing this, along with ways to clean it all up.
Five kinds of clutter and how to clean them up.
The first thing you will probably notice in this post about slow running PCs is that the fix for items #1 and #5 is to Refresh Windows. For items #2, #3 and #4, it’s to Reset Windows. In Windows 8, there were two different buttons to click on and you had to decide whether to Reset or Refresh, the major difference being whether or not you would go all the way back to factory settings, deleting your apps and files, or save them. Windows 10 gives you a single Reset button, which options as you proceed so you can make choices that best suit your needs. As an IT support provider, we’ve included the terms REFRESH or RESET after each type of clutter to help you determine which track you should be following.
1: Pre-installed software. This is the stuff we refer to as “bloatware” or even “crapware”. These are the apps that software manufacturers pay the PC manufacturer to load into the computer. It’s advertising. It presents some security risks, but most importantly, it takes up RAM and disk space and uses up CPU capabilities. REFRESH
2: Windows Updates. Now, we are not telling you to not install Windows updates. These can be important. The problem comes because sometimes these updates do not download correctly and you can end up with corrupted and unusable files. Windows will remove some of them on its own, but some will remain there unless removed. RESET
3: Bloated Registry Files. Every time you do something in Windows, it gets recorded in the PC’s registry. This includes files and apps you have deleted, and sooner or later everything gets slowed down with all these repetitive and unneeded entries. RESET
4: Error Files. Windows also keeps a complete log of processing errors and crashes and these, too, accumulate over time. Unless you are having consistent recurring errors, there is really no point in keeping these. RESET
5: User Created Bloat. How many old files are you keeping that you don’t need anymore, including those that aren’t properly organized? REFRESH
Decluttering Windows
As you see, you have two choices: Reset or Refresh. When Resetting, a new, clean copy of Windows 10 is installed returning your PC to the original factory state. When you Refresh, your PC reinstalls Windows 10 free of any bloatware.
IMPORTANT: Both tracks will delete your Windows 10 apps and your personalized settings, so think about what you want to backup and what you want to keep notes on. Both tracks will give the option of keeping or deleting old files, so again think about backups. FYI, we ALWAYS suggest full backups before performing functions like this.
If you would like to read an article about slow running PCs with detailed instructions on fixing them: http://www.tomshardware.com/faq/id-2871133/reset-refresh-windows.html
or
https://www.pcmag.com/article2/0,2817,2477704,00.asp
Need a little more help? Your Atlanta managed IT support provider should be able to help…or give us a call.
Red Chalk Group, a Chicago based telecommunications consulting firm, tells us that 5G wireless is nearly ready and that it will mean major changes in the way people consume media on their mobile devices. If you have a teenager in your house, you probably find they prefer using their smartphones to tablets or laptops. While you and I may not be happy watching a major motion picture on a 2.5” x 4.5” screen (and that’s about the largest cellphone screen out there), the folks who will soon be young adults are very happy to do so. These people will also be very happy to learn about 5G because it will change the way their smartphones, and other mobile devices, interact with the entertainment world.
and from a technical standpoint (although exact technical standards have yet to be determined), it means a greater number of mobile broadband users will be able to user the same network at the same time, with each having much greater download and upload speeds.
Although we are still waiting for exact tech specs, Nelson Granados of Forbes believes that we will be seeing dramatic advances:
“Download speeds are bound to increase at least tenfold compared to 4G, and for true 5G standards, it could be up to 100-fold. So, if an HD movie takes six minutes to download in a 4G network, with 5G it could take a handful of seconds. Also, in the era of user-generated content, photo and video upload speeds will improve, fueling social media content.”
In addition to faster download speeds, with 5G wireless the quality of streamed media will also see a huge boost, which is a big plus for live events of all types, including concerts and sports. It is expected that the quality you will see on your mobile device will be the same as you get at home, and buffering will be a thing of the past.
But while better video quality while steaming is a big plus, the super-fast download speeds will also make downloading and saving movies, TV shows, etc., more practicable. Since you will be able to download in six seconds what it would have taken six minutes, and with increased storage capacity, why risk streaming, especially while traveling, and worrying about erratic coverage? Expect streaming services such as Spotify, Amazon and Netflix to offer more downloading purchase and rental options.
DynaSis has been serving the technology needs of the Atlanta small to mid-sized business community for 25 years. In addition to our complimentary IT Network & Security Assessment, we also offer a 15-minute one-on-one webinar to explain how your technology can become a powerful force, driving your business forward.
Part 1 of this series (click here) dealt with servers and the computers that host them, and how and why we keep them running at maximum performance. In Part 2, (click here) we discussed “virtualization” and the “physical hosts” that contain “virtual machines”, as well as Data Structure and Storage. This final piece deals with hardware including mobile devices, applications, email messaging and physical security.
Group/Machine Policies
Screen Locking – Are your machines set to lock after a certain period of inactivity? This prevents people who are not authorized from using computers and possibly exploiting them.
USB Storage – You should be restricting USB storage devices from being connected to your workstations. Two reasons: Attaching USBs to a workstation is one way for viruses to get into the computer, then possibly into your entire environment. Second, this is a way for proprietary information to be copied and stolen.
Power Settings – Your workstations should go into sleep or hibernate mode after a certain period of inactivity. This conserves power and may extend the life of the unit. (Updating and patching can still be done when the workstation is in this state.)
Hardware Protection & Replacement
Specifications – By now, you should have replaced all hardware that has less than a 2GHz processor or 4GB of memory. This is what we consider baseline right now. However, when buying new equipment, even higher standards should be considered because as technology continues to evolve, current standards may not run updated applications.
Warranties – All your hardware should be under warranty. If any piece is not, extended warranties should be investigated. Machines not under warranty may be problematic if parts are needed and may be costly to replace if not readily available. We have tools that can check this factor, or you can check online at the manufacturer’s website by entering the service tag into the warranty section.
Surge Protection – Power surges are still a problem and hardware not plugged into surge protectors are at risk.
Acceptable Use Policies
Do you have one? – This should cover employees’ use of personal email, Internet usage (surfing), and remote access for laptops. Most cyber intrusions start with employees.
Endpoint Protection
Endpoint protection refers to a system for network security management that focuses on network endpoints, or individual devices such as workstations and mobile devices from which a network is accessed. The term also describes specific software packages that address endpoint security.
Endpoint protection may also be called endpoint security.
www.technopedia.com
Administrative Rights – Administrative rights should be carefully considered and only necessary levels should be granted to users. Most software needs administrative access for installation and by restricting these rights, you are also lessening the opportunity for people to install personal applications, which may affect workstation performance, licensing, or employee productivity.
Anti-Virus – In today’s world, active and centrally managed antivirus, with provisions for both scheduled and real-time updating is crucial. This is the backbone of endpoint protection. While there is no single answer to complete protection on all your devices, this is an important part of network security and is highly recommended.
Anti-Malware – As above, a centrally managed anti-malware is very important and today’s malware has increasingly become a productivity killer. And as above, while there is no single solution, this is another important part of your protection.
What is the difference between Virus and Malware? In simple terms, a virus is a piece of code that can replicate itself and travel from computer to computer, much like a flu virus can replicate itself and travel from human to human. Malware is more of an umbrella term that refers to a wide variety of malicious software, including viruses, as well as Trojans, adware, worms, and ransomware. In other words, all viruses are malware but not all malware are viruses. Exactly how each of these performs is beyond the scope of this piece, but the most commonly known of these recently is ransomware, with which a cyber-criminal will encrypt, or lock down, a company’s data files, demanding a ransom before releasing them.
Web Filtering – Another part of an overall security suite. This prevents a workstation from becoming infected by being redirected to a website that installs malicious software.
Patching – Patches are applied to fix bugs, remediate security risks, and make use of applications easier. It is important that this is centrally managed so that all applicable machines are updated.
Authentication – We believe in two-factor authentication. An example of two-factor authentication that we use every day is the use of both an ATM card (one factor) and a PIN (second factor) at the bank’s ATM. For computer use, an example might be the use of both a password and PIN. This provides an enhanced level of security.
Remote Management – Workstations can often best be managed by use of a remote management tool. For example, DynaSis’ client's devices need to be accessible by our management tool to take advantage of our endpoint security functionality.
Thin Clients
Definition: A Thin Client (or “lean client” or “zero client” or “terminal”) is a small computer that relies heavily on remoting into a server for processing. Unlike a “fat client” which is a typical desktop PC and if necessary can handle all required functionality, the thin client is limited to essential applications.
Spare Terminals: because of the low cost of these units, it is suggested that spare terminals be kept on premises in the event of failure.
Firmware: Many problems can be corrected through the use of the latest firmware. This is particularly true of devices such as these because of their basic nature.
This is a significant topic unto itself. If you want to learn more, you can watch our video, or read one of our recent blogposts.
Device Policy – Do you have a mobile device policy that clearly outlines screen locking, password protection, email, etc., as well as use of employees’ own devices?
Installation Documentation: Are step-by-step installation instructions readily available for all of the applications used in your business? This is important when building a new work-station, or reinstalling applications. This is particularly important if your company uses a large number of applications, or applications that have been developed for and/or by your business.
Licensing: Are licenses easily available when installing for new employees? Is someone familiar with the licensing process?
Support Contracts: Are valid and active support contracts in place with all 3rd party vendors? This can be important if you require direct support from a vendor, particularly in emergency situations. Vendors are more likely to respond to regular clients than they are to companies that only call them in emergent situations.
Version/Release: All your applications should be up-to-date with the latest releases as this makes trouble shooting easier, as well as providing you with the latest improvements and security updates.
Approval Policies: Employees should be well-aware of which applications are allowed and which are prohibited. (You may prohibit all applications which have not been specifically approved, however, some there should be a policy on asking for approval of apps that may not be in wide usage throughout your company. Some employees may want/need other applications that make them more efficient in their work.)
Automated Policies: An automated policy can restrict the installation of applications that have not been approved.
Email platform: The Microsoft Exchange platform provides a high level of business class collaboration as well as security features that may not be available in other platforms. If your company is not using Exchange, you should consider migrating.
Archiving: Emails should be archived. It is not uncommon for a company to have need to retrieve emails that are several years old, whether to enforce contracts, show time sequence, or satisfy government or civil subpoenas.
Encryption: This provides a significant level of cyber-protection.
Continuity: In the event of an outage, there should be a plan in place for email continuity.
Environment
Dedicated Area: Best practices dictate that a dedicated room should be set up for your servers and networking equipment.
Temperature Control: Properly controlling the temperature of your server room can prolong the life of the equipment. High temperatures can be very destructive.
Physical Security: This should be a secure room with very limited access. There should be a door as opposed to an open entrance, and we prefer that there be no windows to the exterior.
Fire Suppression: A fire suppression system that can cause minimal damage to the equipment is highly recommended.
Electric: Your server room should have a dedicated electrical circuit so that electrical issues in the server room cannot be causes by problems elsewhere in your building.
Monitoring and Alerts: When server/equipment rooms are properly monitored and alerts properly functioning, reaction times are faster in the event they are needed. We recommend:
Labeling: This may seem rather basic, but proper labeling helps your onsite people work with third parties in identifying troublesome equipment, especially when working with third parties.
That said, you should understand that this was a broad look at our STR – Strategic Technology Review. There are many topics that are covered in our real-life review such as Power Management, Rack Management, Backup, Disaster Recovery, Business Continuity, Networking, Telephony, Remote Users, Password Protection, and others, that we have not mentioned. Below are links to white papers we have written on some of these subjects:
Data Backup & Disaster Recovery
Your Telephone System as a Business Building Asset
Mobile Device Security & Employee Training
Multi-Factor Password Authentication
Here are links to Part 1 and Part 2 of this series.
Questions? Please feel free to contact us at 678.373.0716 or www.DynaSis.com.
Part 1 of this series (click here) dealt with servers and the computers that host them, and how and why we keep them running at maximum performance. In this article, we continue on and discuss “virtualization” and the “physical hosts” that contain “virtual machines”, then we will discuss Data Structure and Storage. Let’s start with some basic definitions (there will be other definitions throughout this piece, formatted like the two below.
Virtualization & Virtual Machines: Virtualization in I.T. terminology means effectively creating “virtual machines (aka virtual computers)” by splitting the resources of a single computer into multiple sets of resources that function independently of each other. For example, we can take the resources of that single “machine” and divide them into three separate units, each functioning independently of each other, and we have three “virtual machines”, aka “VMs”. Why would we do this instead of buying three separate computers? Primarily the cost. It is much less expensive to buy a single large computer than three separate smaller ones. This savings is magnified by the fact that for some operations, the three VMs can share resources, plus the configuration can be changed as resource requirements change, meaning that the requirements for the three VMs is less than for three individual computers.
Physical Host: The computer that has been virtualized into two or more VMs is called a “physical host”.
VM Sizing: The first thing we look for relative to virtualization during the STR is the sizing of the VMs. In other words, have sufficient resources been allocated to each VM? If not, this can lead to poor performance or even server failure. We do this by observing the utilization of the resources and the performance of the applications. This is a high priority.
Warranties: Are the servers used in virtualization under current warranty? Having active warranties is essential when we need to obtain parts or speak with the manufacturer for support. If out of warranty, we determine if extended warranties are available. If not, it is often a good time to consider retiring the older machine in favor of a newer version. (If it has reached this state, it is probably pretty old.)
Hypervisor: The term “hypervisor” comes from the word “supervisor”. The hypervisor is software that runs (or supervises) the virtual machines on the host computer. This hypervisor software also creates the ability to simultaneously run multiple types of operating systems. For instance, with a hypervisor, you can run Windows, Linus and MacOS on a single physical host. Each VM could use any of them.
Operating System: The main program in a computer that controls the way the computer works and makes it possible for other programs to function. (Merriam Webster)
Operating System: Is the operating system being used licensed and is it still being supported by the manufacturer?
Software Licensing & Support: Again, we want to know that the licensing is up to-date-and support is still available.
Specifications: Have the VMs been appropriately sized for the applications that are being hosted on them. To determine this, we observe their utilization and performance. We are then able to determine what, if anything, needs to be improved. This is important because if the VMs do not have proper resources available, it can seriously affect performance.
Monitoring & Management: We believe all servers need to be monitored and managed to ensure that patches and anti-virus software are always up-to-date. As you can imagine, in today’s cyber-crime environment, this is highly important.
Administrator Accounts: We want to see that all administrators have their own dedicated accounts and that each has a unique login. When accounts are shared, it is often impossible to determine who was responsible for errors or omissions, hence, corrective action and retraining becomes more difficult.
Web Security: We want to see that Internet security has been properly installed and is up-to-date. This includes items such as Internet Explorer Enhanced Security, OpenDNS, and browsing policies. Servers should never be used for accessing the Internet except for legitimate admin purposes such as downloading new software or updates.
DNS (Domain Name Server): An often-used analogy to explain the Domain Name System is that it serves as the “phone book” for the Internet by translating human-friendly computer hostnames into IP addresses. For example, the domain name www.example.com translates to the IP addresses 93.184.216.119 (IPV4) and 2606:2800:220:6d:26bf:1447:1097:aa7 (IPV6). Unlike a phone book, DNS can be quickly updated, allowing a service's location on the network to change without affecting the end users, who continue to use the same host name. Users take advantage of this when they use meaningful Uniform Resource Locators (URLs), and email addresses without having to know how the computer actually locates the services. (Wikipedia) (Note: IPV4 and IPV6 are the protocols under which IP addresses are created.) Think of it this way: would you rather email your friend Joe by sending the message to his email address: Joe@hiscompany.com, or by sending the message to his email address: 2606:2800:220:6d:26bf:1447:1097:aa7? Try remembering a few of those!
OpenDNS: OpenDNS is a company and service which extends the Domain Naming System (DNS) by adding features such as phishing protection and optional content filtering in addition to DNS lookup, if its DNS servers are used.
The company hosts a cloud computing security product suite, Umbrella, designed to protect enterprise customers from malware, botnets, phishing, and targeted online attacks. The OpenDNS Global Network processes an estimated 100 billion DNS queries daily from 85 million users through 25 data centers worldwide. The company was acquired by Cisco in 2015 for $635 million in cash. (Wikipedia)
There are a number of other items for which we check that are the same or similar to those covered in Part 1 of this series: Redundant Power Supply, UPS, Hardware Naming & Labeling, so see Part 1 for this information.
Structure – Location: We check to make sure all data storage is properly configured, meaning they are centrally located and each location has been properly named. This is important for proper backup and becomes important in the event of recovery. Instead of digging around and trying to figure out where sets of data are, or where they belong, everything is in its proper place and easy to locate and/or restore.
Structure – Shares: We are always concerned with permission management. In other words, we want to make sure that the right people have access to the data they need…but only the data they need. We check to see that data is segregated into company-wide, department-wide, and individual-only compartmentalization. This way, everyone in the company from the CEO to the newest entry-level employee has access to all the information they need to do their jobs, but only that data.
Structure – Permissions: Once we have determined that data is properly segregated, we check to make sure that permissions are properly structured and disseminated so that effective data protection and allowed sharing is achieved. Every company must decide who has access to what data. This varies greatly in importance depending on the industry. For example, organizations that work with personal financial information, or health records, are under strong legal obligations. While the legal obligations may not be there for other companies, they may still have sensitive customer information, or internal trade secrets, or their own financial data that should not be available to all who work there.
Storage – Data Location: All too many companies, often unknowingly, have end-users (employees) whose data is stored locally rather than on a server. This means that the data is stored on the desktop, and, thereby, subject to loss in the event of a hard-drive crash or virus. If the desktop computer goes bad, files, often many years of work, can be lost forever, since these files have not been backed up on a server. We have seen situations where people assumed their data was being backed up, only to discover too late that it was not. As an alternative, individual work stations can be backed up, but this is a “second best” solution.
Storage – Configuration: We check to see if the RAID configuration is appropriate. RAID is in place for redundancy of file storage and different situations require different redundancy levels. We want to make sure that the level we find works for that business and, if not, make adjustments.
RAID (redundant array of independent disks; originally called redundant array of inexpensive disks) is a way of storing the same data in different places on multiple hard disks to protect that data in the case of a drive failure.
Part 3 of this series will cover hardware such as desktops and laptops, “thin clients”, and mobile devices. In addition to this series of articles, you can find a wealth of I.T. knowledge and information at www.DynaSis.com/the-latest, where we have posted White Papers, Articles, Case Studies and Blog Posts on a wide variety of technology related subjects designed for the C-Level executives of small to mid-sized companies. For more technology information that we find and share, follow us on Twitter (@DynaSisIT) and LinkedIn (DynaSis Technologies).
About 18 months ago, our DynaSis team put together an extensive system review/planning program for our clients that we call our Strategic Technology Plan, or STP for short. We have always performed, and still do, complementary IT assessments for potential clients, but while these are extremely effective in determining weaknesses in a company’s IT network, the STP goes much deeper in highlighting very specific items that need to be addressed, and ranks them in order of priority: high, medium and low.
Over the next couple of months, we will be releasing a series of articles designed for the layman that are intended to provide a great deal of necessary education about today’s information technology, and we will do it in language the average C-Level business executive can understand.
Those of us involved in providing technology solutions to the business world are very often guilty of seeming to intentionally make everything related to technology very confusing. Some people in the technology world believe that this level of confusion helps their own business interests, assuming that if the prospect can’t understand it, he will feel more pressure to hire someone who does.
We don’t believe this. We do agree that technology today is extremely complex, but we feel that if we explain it in terms everyone can understand, the typical business-person will be more inclined – not less – to take appropriate actions to protect their businesses. We don’t expect the typical layman to intuitively know what a DRAC/iLO card is for, or why they should be using “virtual machines” or what a “RAID configuration” is all about. Similarly, if you had never seen a baseball game, would you understand the terms “slider”, or “squeeze play”, or “balk”, or “fielder’s choice?” So why would you understand technology terms when hearing them for the first time?
The topics we will be covering include:
Our goal is to make our clients and other readers aware of how and why we believe frequent checking and possible upgrading are necessary, and what the potential downsides can be for failing to do so. We are also going to break everything down into language that is understandable to most. One caveat: there can be many, many variations within each category and sub-category we are going to discuss, so to keep the information manageable, there will be times that we give you only the basics.
First, let’s understand what a server is. Many people think of a server as a large computer, but don’t really understand what it accomplishes. A “server” in fact, is not a computer, but rather a program that resides in a computer, and, yes, the computer hosting the server program is generally larger and more reliable than the typical desktop or laptop computer. A single computer of the right size can host multiple server programs. The server “serves” multiple “clients”, a client being the actual desktop or laptop computer. The server serves its clients by providing functionality, such as sharing data and performing calculations. The advantage is that all the files that would be used by the client are more safely stored in the server computer, plus the sharing of data, including the results of calculations, means that many people can benefit from colleagues’ work.
Here are the things we check on relative to servers during the STP:
Are the servers properly spec’d for the applications they host? We observe the utilization of the servers’ resources as it affects the applications and estimate anything that may need to be resized. Key factors are the processor, RAM and disc utilization. We do this because if the servers do not have sufficient resources for the applications, or for the number of users, it can adversely affect performance.
Is the warranty current and is the SLA acceptable? The SLA – Service Level Agreement – states the obligations of the manufacturer for replacement or repair in terms of guaranteed time for repair or placements, and for parts that may be necessary. We consider next business day the minimum acceptable for critical parts. We consider this to be of high priority.
Do all servers have redundant power supplies and are they plugged in? (We do find unplugged devices. Don’t confuse this with the UPS, or uninterruptable power supply – next topic.) The redundant power supply is internal, in other words, two power packs within the unit in case one fails.
UPS – Uninterruptable Power Supply. This is the box into which the computer is plugged and that then gets plugged into the wall. This is the device that provides temporary power when electrical power to the building goes out. Also to be noted is that the batteries in these units have a defined life span and need to be replaced periodically. This is a high priority item.
DRAC/iLO card installation and configuration. This may be a term with which you are unfamiliar, but this card provides your IT service the ability to log in and reboot a frozen server, which can result in faster problem resolution, the avoiding of dispatching a technician, and significantly reduced downtime.
Are the partitions set up in proper sizes for the operating system? This is important for maximum operating efficiency.
Is the version of the operating system that is installed on the server current? It is not necessary that the OS be the most current, but it is important that the version is still supported by the manufacturer in case support is required. We consider this high priority.
Are operating system licenses current? Microsoft does perform audits and can charge penalties for non-compliance, as do a number of other companies. Additionally, as a business executive yourself, you are aware that companies that develop the software upon which you depend have invested a great deal on time, effort and capital in the development of this software and are entitled to continuing revenue from its use.
Does each administrator have his/her personal login? We sometimes find that administrators share a default admin account. When this happens, it often becomes impossible to determine who is responsible for certain changes or for permissions that have been granted. As a security matter, we consider this to be high priority.
Is the company using security screen locks? The screens on all computers should lock if the device has not been used for a certain period of time so as to prevent unauthorized use. Computers left unprotected can be used after hours, before work, or during breaks when no one is around.
Is proper up-to-date web security in place? This includes Internet Explorer Enhanced Security, OpenDNS, as well as a company policy to not permit browsing from servers. Servers should never be used to access the Internet except for specific purposes such as software updates.
Are the company’s servers managed and monitored for patching? Servers that are managed have been shown to have better uptime and be less likely to be infected with malware.
Have the servers been patched with the latest patches? Patches fix vulnerabilities that enable cyber criminals access to your computers. The patches also solve problems with the software’s functionality, or add new functionalities. We are sometimes asked why software is released before it is “perfect”. Simply put, modern software is incredibly complex. It is estimated that Microsoft Office is made up of 40+ million lines of code. Although most software is tested and retested before release, it is impossible to test every possible situation that may arise when 100s of millions of people end up using it, along with thousands of very smart cyber criminals. This is a high priority item.
Is patching managed centrally? This allows for much more consistent and rapid updating, and, thereby, not letting the systems fall behind.
Are all anti-virus software and definitions up-to-date? It is critical that the latest versions of anti-virus software be installed as the newest versions contain the latest and best defenses against all types of malware, including ransomware that has become so widespread.
In it, we will cover virtualization, plus we will take a look at Data Structure and Storage, again, in layman’s terms. We will also discuss how we examine individual desktop and laptop computers to make sure they are secure, providing top performance, and lasting as long as possible.
The intention of this series to educate you so you can fully participate in important technology decisions for your company. If there are specific topics you would like covered, or if you have any questions on topics covered in this piece, please contact us at Info@DynaSis.com.
At DynaSis, we have been working with small to mid-sized businesses in the Metro Atlanta area for the past 25 years, so we speak with a lot of businesses about their technology needs. When we are asked to recommend new hardware, we always recommend business-grade computer equipment. Why? The equipment you would buy to use at home is simply not the same equipment you should buy for your business.
Is it tempting to buy the less expensive home-grade equipment? Sure. It seems to do exactly the same things and appears to be just as good. It’s not. The equipment you can buy off the shelf at your local retailer or big box store, or online at Amazon, etc., is designed for home use, not your office, but let’s look at the differences.
Operating Systems: A business-grade computer will come with a business grade operating system that will be better for business use because it will provide better security, better account control, and encryption tools that will do a better job of safeguarding your company’s data. A consumer-grade unit will also come loaded with “bloatware” that may take hours to remove. That cost of that removal can easily offset the cost of the higher-grade piece of equipment. But why not let the bloatware just sit there? (Some of it cannot be removed, anyway, due to manufacturers’ agreements with bloatware providers.) Much of this bloatware provides employees a great opportunity to waste time…and time is money.
More Robust: A business-grade computer, as well as firewalls and routers, are generally more robustly built, making them more durable, allowing them to be used for a longer period of time. Failure rates of business-grade computers is generally much lower than that of consumer units.
Support: Better quality machines generally come with better support, both from the manufacturer and from your IT support company. Spare parts are generally more available so, for all these reasons, and some of the above, downtime is usually considerably less.
Longer, Better Warranties: While home computers often come with 90-day to one-year warranties, business grade equipment generally come with three year warranties. You can add several years to your home-type computer, but that will offset most or all the cost differential.
Faster Repairs: If you buy a home-grade computer, you may find that you actually have to mail it in for repairs. Imagine the time that takes, not to mention the gigantic pain in the you-know-what. Some big box stores have on-site repairs, but that usually requires buying the longer warranties mentioned above.
Security: Many home-grade pieces of equipment, particularly firewalls and routers, have factory installed default passwords, which many people fail to change. These default passwords can often be found simply by Googling “default password” for the type of equipment and the manufacturer.
So, you may save yourself $100 to $300 by avoiding the business-class computer (which, admittedly, can add up when you are buying 10 or 20 or more), but our 25 years of experience as an Atlanta IT support provider has taught us that the extra cost of the better piece of equipment is money well spent.
DynaSis is in its third decade of helping small to mid-sized businesses with a wide range of IT support, from 24 x 7 x 365 help desk, to monitoring, managing and maintaining entire IT networks. We are also offer the DynaSis Business Cloud IT Solution, along with Microsoft Azure Cloud. For more information, please call us at 678-373-0716 or look us up at www.DynaSis.com.
“If it ain’t broke, don’t fix it!” Sound familiar? As an Atlanta IT support team, these days what we more commonly hear is, “If it’s working fine, why bother with patches (also known as updates)?” Computer hardware doesn’t seem to have a lot in common with the internal combustion engine and other working parts in your car. Changing your oil makes sense; replacing worn out tires makes sense; even vacuuming your car floor makes sense. But updating a software program or operating system that’s working just fine?
Yes, computers are very different from other chunks of machinery in our homes and offices, but think of this: the patches that your software vendors want you to install can be critical to the longevity of your software, the security of your data, and the productivity of your employees. Why, you may ask, are your operating systems not perfect when they leave the factory so that it is not necessary to constantly install these updates?
Consider this: The Windows 10 operating system consists of 50 million lines of code. How much is that? Well, if these lines of code were converted to a book, that book would have about two million pages. That would keep you occupied for quite some time. What happens is this: before a new version of an operating system is released, is it tested and retested extensively, but, simply put, until it is out there in the real world, it is just impossible to put it through every conceivable situation. 50 million lines of code and a single error in any one of them could lead to crashes and/or security vulnerabilities. Add to that (and this is a biggie) the fact that from the day the new operating system is released, cyber criminals are hard at work trying to figure out how to break in, so every time a new vulnerability is discovered, a new patch must be created and applied either by your in-house IT team or your IT support provider.
Network security is a big deal.
So is stability. Operating systems do not live in a world of their own. They share resources with many other programs and each has its own requirements and demands. Generally speaking, the needs of the operating system and each program are met with little difficulty…but not always. Sometimes programs conflict with each other. For the operating system to function properly, it must be able to deal with thousands upon thousands of different software programs (of course, not at the same time!) Sometimes the operating system and an application just don’t fit together just right and either the program won’t open, or data can’t be saved, or is lost, etc., etc., etc. This usually triggers an error message appearing on your screen.
Have you ever been asked if an incident that occurred on your computer can be reported to Microsoft? This is how Microsoft discovers these problems. When they learn of the problem, they create a patch to fix it.
Patches installed by your IT support team are also needed for the software that is running on the operating system. It’s hard to know exactly how many lines of code are in a program like Microsoft Word for two reasons: first, Microsoft doesn’t release this information. Second, there is a lot of code that is shared between applications. That said, it was estimated that the 2006 version of Word had 30,000,000 lines of code. Add in Excel, PowerPoint, and the other MS apps, and you can see how daunting keeping everything at 100% can be.
One more word – patches (updates) are different from upgrades, such as switching from Windows 8 to Windows 10, or from Office 2013 to Office 2016. Upgrades will include previous patches but will generally also give you more functionality.
At DynaSis, we have been providing IT support for small to mid-sized companies since 1992. Today, we monitor, manage and maintain computer networks 24 x 7 x 365 including the installation of critical patches. We also provide live help desk support around the clock and work closely with our clients’ in-house IT teams with co-managed support. Check us out at www.DynaSis.com or call us today at 678-373-0716.
Watch the video to learn more about our managed and co-managed IT Services.
You are Going to Be Hacked – It’s Not “If”, It’s “When”
Cloud computing in Atlanta and the rest of the world has spread extensively and now more than 90% of small to mid-sized businesses either are already using the cloud for some aspects of their business, or expect to be in the near future. Frankly, most of these businesses are realizing that it is difficult to remain competitive today without the cloud. The downside, however, is that while the good guys (“white hats”) continue to make positive advances for their client businesses, the bad guys (“black hats”) are rapidly progressing, as well.
But before you go off and determine that your company is more secure in the technological middle ages (2000 to 2010?) and give up entirely on cloud computing, consider two things. First, there were hacked security breaches of all types even before the cloud and statistically speaking, the ratio of before and since seems to be about even. So, the question doesn’t appear to be “to cloud or not to cloud”, but rather, how do we use the cloud as securely as possible? Second, you are probably using the cloud right now, way more than you realize.
Do you synch your photos from iPhone to your computer? Do you use Facebook or Uber? If you do any of these things, or thousands of others whether personally or for business, you are using the cloud. In fact, as early as the 1990s ADP’s payroll service was using the cloud on a large scale, and today, if your paycheck comes via ADP, PayChex, Intuit, or any of hundreds of smaller payroll/HR companies, you are using the cloud.
Cloud Computing Security
Cloud computing in Atlanta, or anywhere else, when done properly, utilizes a lot more than just “systems” to overcome being hacked. It uses real people, on duty and monitoring, managing and maintaining your system 24 x 7 x 365. Cyber criminals don’t take off overnight. In fact, many of them who want access to your data are halfway around the world, so your midnight is their noon. This real-time live monitoring, combined with an advanced crypto-containment system and other advanced algorithms and processes, can instantly pick-up on early warning signs of a potentially successful attack and shut it down while it is still an “issue” and not a serious problem. The software can detect when something out of the ordinary is happening…something that deviates from normal operating functions and patterns, it shuts down the infected files and alerts your IT security incident response team.
A Better Raincoat
Someone recently compared using older methodologies of data protection versus using the cloud to trying to protect yourself from the rain by wearing animal skins versus today’s raincoats made of 100% water repellent fabric. Both will keep you dry…for a while…but one will give you way better protection than the other.
Either way, you will be hacked. Count on it. The question is, how will your IT support team and your IT security network respond? We have seen networks “repel” literally tens of thousands of attack attempts, until one brand new piece of malware, that no one has seen before, breaks through. Is your system being monitored, managed and maintained in a way that will detect this intrusion and lock it out before any damage is done, or will it be allowed to run rampant through the night so that when your staff shows up one morning they find their files locked or, even worse, totally lost forever. It happens to someone every day.
For the past 25 years, we at DynaSis have been at the national forefront of Cyber Security…long before most people even heard of it. Our team of more than 55 IT professionals based in Atlanta have always focused on the IT support needs of small to mid-sized businesses. We still do. We also offer complimentary IT and Cyber Risk assessments. Give us a call today at 678-373-0716.
© 1993-2022
(Privacy Policy)
DynaSis HQ
950 North Point Parkway
Ste 300
Alpharetta, GA 30005
24x7x365 Technical Support 866-252-6363
Sales Inquiries 678.504.6486
U.S. based Data Centers
Alpharetta (Atlanta), GA
12655 Edison Dr.
Alpharetta, GA 30005
Brentwood (Nashville), TN
7100 Commerce Way #25
Brentwood, TN 37027
