Sales: 678.967.3854
Support: 866.252.6363
Iris recognition
To get a good sense of technology of the future, think back 20 years. You probably already had computers in your office. But if you needed even the smallest shred of information in the middle of the night, you had to drive back to your office or you were stymied. If that ever happened to you, at the time you were probably thinking that you were better off when everything was stored in a paper folder in your briefcase. Well, we’ve made a lot of progress since then, but with so much progress, with so many products and devices sitting on real and virtual shelves, that it’s hard to know what’s best for your company.
Among these advances are Virtual Private Networks (VPNs) that gave you access to your information from your home computer. Now that capability has expanded and we can access all our data through a phone or tablet…assuming your network is set up properly. And thanks to Microsoft, we can also use Word, Excel and PowerPoint on these small devices. But this can be a potential problem as our devices tend to morph into each other…laptops, tablets, phones, cameras…many are performing the same functions. We have to be careful that in the future, this convergence into simper devices and/or more advanced applications doesn’t come back to bite us.
Here is an example of how this can happen if companies are not prepared for this convergence:
There are companies that went straight from Windows XP to Windows 10, bypassing Windows Vista, Windows 7 and Windows 8. There is nothing wrong with making that transition providing the company provides proper and adequate training on the upgraded application. For those companies that did not, workflow came to a screeching halt. While it can be expensive for a company to always upgrade to the latest version of Windows, it is much easier on employees to move to each new version (baby steps) as it is released. (As an aside, as an IT Support provider, this is one reason we recommend Windows 365, which functions online and is always updated automatically with the latest and greatest, at no additional cost.)
Looking towards the future, we expect that the day will come when your data is in the cloud protected by encryption that can only be unlocked by your DNA or a chip that is actually embedded in you. It can already be done through iris recognition and retinal scanning.
Because of these advancements in primary technology, we will also see tremendous improvements in supportive technology. For example, early laptops came with about 30 minutes of battery power. Not much compared to the eight hours some provide today. But expect batteries that will last days, not hours.
Internet speeds have grown from your old dial-up of 56kb to up to 1 GB (not actually available yet, but coming). That’s 18,000 times faster. There are already 20 MB business internet speeds available. That’s still 3,600 times faster than dial-up. And soon you will be able to recharge your devices without having to plug them in. Wait! You can already do that with some simply by laying them on a charging pad. But you will soon it won’t be necessary to do even that. The electric power will flow through the airwaves.
As a managed IT support provider, we keep on top of all these developments, sometimes long before they are available so we can be prepared to prepare you. Over the next few months, we will be posting blogs about upcoming technology in many fields, so keep on reading!
Managing the IT Workload
It seems that all but the largest cyber-attacks are now fading from the news. It’s certainly not because there are fewer attacks these days – the number of cyber-attacks are increasing both in number and severity. As a managed IT Support company highly focused on cyber security, we keep on top of these things, but the reason you aren’t hearing about the increased volume or severity is simply that we, the public, have already heard so much about cyber this and cyber that, that we tend to become desensitized so the media stops reporting. That’s unfortunate because the fact is, virtually every business is at risk.
Somewhere between 43% and 91% of cyber-attacks are against small to mid-sized businesses (depending on how you calculate “small to mid-sized business”.) In spite of this, a recent Better Business Bureau report shows that 70% of small to mid-market (SMB) owners believe that they are not likely to be targets of cyber-attacks (stealing banking credentials, ransomware, etc.) although these are the companies in cyber-criminals’ sights.
It’s the old “it may happen to someone else, but not to me” syndrome. It’s a disconnect from reality. And this same BBB report showed that 80% of these same business owners were aware of the disastrous potentials of cyber-attacks, but, of course, it couldn’t happen to them! The report goes further to explain why the lack of urgency and why the commitment wasn’t there:
Lack of Cyber-Education
On the surface, cyber-education is easy to understand, but when you start to dig deep, the complexity really shows. Most small to mid-market companies do not have the trained IT professionals they need to properly protect themselves. Hiring an IT staff is a big step and continued training of these individuals, while critical, is expensive and time-consuming. Retaining the services of a managed IT support company is a great option, but selection is difficult because, quite frankly, most of the people within an organization who make the IT support selection, as intelligent and experienced as they may be in business, simply do not have the background to make the very best choice. Selection may be left to choosing which ever company offers the best price. (See our article on Has Managed IT Support Become a Commodity?)
If you have an in-house IT department, on-going cyber security education is a must. It should also be required for every employee.
Lack of Resources
A recent article in Forbes stated, not surprisingly, that many small to mid-sized businesses lacked the resources to implement the level of security precautions that they require. Also, not surprisingly, cyber criminals know this and that’s why they attack small businesses. Their “reward” for breaking into a large corporation may be substantial, but difficult to achieve, so why not go after a large number of smaller prizes?
But there are many things an SMB can do.
1: Education – there are a great number of online resources that can help with cyber security education. Use them
2: Be on the lookout for malicious “phishing attacks”.
3: Avoid bookmarks and shortcuts. Criminals can actually modify these.
4: Never use public WiFi. The hotspots at cafes and coffee shops are not as secure as you would like to think.
5: Use spam filters, content filters, and email encryption.
6: Have an in-depth conversation with a Managed IT Service provider, whether to managed your entire IT infrastructure or to provide valuable assistance to your in-house team (learn about DynaSis Co-Managed/Co-Sourced IT Assistance.)
Lack of Time
No one doubts that running a small company is very time-consuming and we understand that overlooking something that’s “invisible” like cyber security is easy to do, especially when it’s not high on your comfort level scale. But consider this: the most basic goal of cyber security is to keep criminals out. Would you leave your office for the night without locking your front door, even if you were pressed for time? Think about this: going back to the BB report, 80% of consumers would not make a purchase, even though they wanted the product, if they suspected their data was not protected. This is why a large percentage of SMBs whose data is compromised go out of business within six months of a cyber-attack, especially if it is reported in the media.
Learn More
If you want to learn more, check out our Managed Security webpage and White Paper, or give us a call at 678-373-0716.
The right VoIP business telephone system is a powerful business building tool.
Switching to a modern, feature-rich VoIP business telephone system can be a big plus for your business, adding significantly to your bottom line. But this only happens if your people understand the benefits of the system and are willing to learn how to use it. VoIP telephone systems do not require any technical expertise, but they do require VoIP telephone training and practice. The best systems offer features that can speed operations, add sales power, and assist with customer service, but this takes training and employee buy-in, so it’s important to involve your people at all levels of selection, as well as at deployment, to get them excited about the switch-over, rather than fearful and resistant.
Involving Your End-Users in the Selection Process
When management makes decisions that affect the entire company, they often forget to involve those people who are going to be most affected by those decisions on a day-to-day basis: the employees. Executives tend to mull over costs vs. savings, features that can improve the company’s functionality and solve current operational problems, etc., etc., while leaving out this important step. Your staff will be living with your decision every day, hands-on, and while the decision will ultimately be yours, you will actually be better equipped to make the best decision if you do bring your people into the discussion and listen to their concerns and suggestions.
Arrange Meaningful Training Sessions
Suddenly and unexpectedly changing a telephone system can be disconcerting even to the most level-headed and stable employee, making VoIP Telephone training important. Pre-installation overview sessions that explain general features is a good idea. Post-installation sessions that cover features in detail are critical, especially for non-technical types who tend to freak out when asked to learn anything of a technical nature. You know, the ones still using flip-phones.
If you are in the Atlanta Metro area and are looking for a new business telephone system that can be a huge business benefit, give us a call. In addition to custom VoIP systems and plans, as a managed IT support company, we set up well-defined training sessions that are based on specific goals and objectives that you set.
Sell the “Sizzle”: Focus on the Benefits Each End-User Will Experience
Each employee, particularly those that are neither technologically adept, nor bottom-line focused, will buy-in much more quickly if they can get their arms around those features that will benefit them by making their jobs easier. While you may understand the cost benefits and the positive sales and service implications the VoIP phone system brings to your business, not everyone who works for your company has the insight to see things that way. “How will affect me?” This should be a major goal of both pre and post-installation VoIP telephone training.
If you want to learn more about how modern VoIP business telephones can have a positive impact on your business, read our white paper “Your Telephone System as a Business Building Asset”. For a no-obligation discussion on VoIP cost vs benefit, call Chas Arnold, DynaSis CIO and Principal, at 678-373-0716.
As an IT support company, we occasionally hear about slow running PCs with Windows 10. You already checked for viruses…none there…and aside from running like molasses, everything seems to be fine. Could be that your PC just has too much clutter. Clutter jams up the memory and can restrict performance to the point where everything just gets frustratingly slow. We’ve identified 5 kinds of “clutter” that can be doing this, along with ways to clean it all up.
Five kinds of clutter and how to clean them up.
The first thing you will probably notice in this post about slow running PCs is that the fix for items #1 and #5 is to Refresh Windows. For items #2, #3 and #4, it’s to Reset Windows. In Windows 8, there were two different buttons to click on and you had to decide whether to Reset or Refresh, the major difference being whether or not you would go all the way back to factory settings, deleting your apps and files, or save them. Windows 10 gives you a single Reset button, which options as you proceed so you can make choices that best suit your needs. As an IT support provider, we’ve included the terms REFRESH or RESET after each type of clutter to help you determine which track you should be following.
1: Pre-installed software. This is the stuff we refer to as “bloatware” or even “crapware”. These are the apps that software manufacturers pay the PC manufacturer to load into the computer. It’s advertising. It presents some security risks, but most importantly, it takes up RAM and disk space and uses up CPU capabilities. REFRESH
2: Windows Updates. Now, we are not telling you to not install Windows updates. These can be important. The problem comes because sometimes these updates do not download correctly and you can end up with corrupted and unusable files. Windows will remove some of them on its own, but some will remain there unless removed. RESET
3: Bloated Registry Files. Every time you do something in Windows, it gets recorded in the PC’s registry. This includes files and apps you have deleted, and sooner or later everything gets slowed down with all these repetitive and unneeded entries. RESET
4: Error Files. Windows also keeps a complete log of processing errors and crashes and these, too, accumulate over time. Unless you are having consistent recurring errors, there is really no point in keeping these. RESET
5: User Created Bloat. How many old files are you keeping that you don’t need anymore, including those that aren’t properly organized? REFRESH
Decluttering Windows
As you see, you have two choices: Reset or Refresh. When Resetting, a new, clean copy of Windows 10 is installed returning your PC to the original factory state. When you Refresh, your PC reinstalls Windows 10 free of any bloatware.
IMPORTANT: Both tracks will delete your Windows 10 apps and your personalized settings, so think about what you want to backup and what you want to keep notes on. Both tracks will give the option of keeping or deleting old files, so again think about backups. FYI, we ALWAYS suggest full backups before performing functions like this.
If you would like to read an article about slow running PCs with detailed instructions on fixing them: http://www.tomshardware.com/faq/id-2871133/reset-refresh-windows.html
or
https://www.pcmag.com/article2/0,2817,2477704,00.asp
Need a little more help? Your Atlanta managed IT support provider should be able to help…or give us a call.
Yes, it’s true. Those of us in managed IT support have our own language and we love to use it...and it can be confusing. Remember when "On" and "Off" become "Power Up" and "Power Down"? So here are some buzzwords that have become popular over the past few years with simple (we hope) explanations. Note that we have included basic information to help you in general conversation. In every case, however, we have included links to resources that provide in-depth explanations should you care to dig a little deeper:
1: _____as a Service (XaaS). First of all, the “X” is just a placeholder for things like SaaS (Software as a Service), or IaaS (Infrastructure as a Service), and PaaS (Platform as a Service)…they go on and on. These terms reflect the cloud based services that many companies today are taking advantage of. For example: IaaS – Infrastructure as a Service – simply means that instead of having your own IT infrastructure on your premises, you are using the cloud based infrastructure of a service provider, such an an IT support company, and for that service, you are paying a monthly fee. Of course, this eliminates the need for you to have expensive equipment, which must be serviced, monitored and updated.
2: Actionable Analytics: There is sooo much data available today and with the use of digital technology, businesses are gathering more and more. Not all of this data is useful. In fact, most of the time, only a small percentage of this data can actually be translated into valuable information in terms of improving your business. The portion that can be useful, and thereby can be put into action, is called “actionable data”, or “actionable intelligence”, or “actionable insight”.
3: Artificial Intelligence (AI): Forget Terminator or The Matrix. That’s not what real Artificial Intelligence is all about. What it really is, in reality, is the use of computers that can process a vast amount of data coming from many sources and actually making inferences about what it all means, then using that information to grow your business. Pretty cool. This includes things such as speech recognition, problem solving and planning. The computers “learn” as they accumulate more data.
4: Blockchain Technology: We’re going to give you a simple explanation of what can be a rather complicated, though ingenious, concept. Blockchain started as a method of controlling virtual currencies such as Bitcoin, but has grown to encompass many other areas. It provides for encrypted and secure logs of changes made to all types of files. Say you have a Google document that requires changes by numerous people in numerous locations. Every edit made by every person is recorded and encrypted in a separate log that cannot be changed. For things such as legal or medical records, it means that no one can ever go back into a file and change its history.
5: Chatbots: These clever pieces of software are able to translate in real time conversations that are either spoken or written (typed). You can actually have a virtual meeting with someone who speaks a language completely different than your own and have the chatbot translate for you. But simple translations are only the beginning. Chatbot’s versatility has grown to make them valuable for many other uses.
………………………………
That’s it for now, but next week we will cover a number of others. If you find these terms and the concepts behind them interesting, use the links above to learn more.
At DynaSis, we have spent the past 25 years as a managed IT support provider keeping our clients and their employees safe and secure. Our more than 55 IT Professionals are experts in virtually every aspect of Internet security, both in the office, at home and on the road. Contact us at 770.569.4600 or visit us at www.DynaSis.com.
Stealing WiFi Signals
While the Summer vacation travel season has pretty much come to an end, this is the time of year when business travel starts to move into high gear, and since on-the-road mobile device security is an important part of managed IT support, we thought we would share some insights as to how to keep your Internet usage safe when on the road. (Some of these suggestions apply just as well to vacation travel.)
Mobile Device Security - Free Public WIFI
There is almost no end to the number of ways to screw up. Sorry about that, but it’s true. Using free public WIFI at a coffee shop or restaurant is one. Don’t assume that they are providing adequate protection. Instead, assume that someone sitting nearby in the same establishment is “sniffing” around collecting the information that you are passing back and forth, including your email, bank accounts, etc. Capturing that information is not that difficult when proper protections aren’t in place and these people can walk away with your login info, account numbers, email contacts, etc. If you’re working on business documents, they can also be grabbed. (The Federal Trade Commission (FTC) provides some great cyber protection insights on their website.)
This writer’s email account info and contacts were once stolen and I received an urgent email message from a dear friend stating that he had taken a last-minute weekend vacation trip to London and in a terrible misunderstanding, he had been arrested and needed $2,000 for bail. There was no way to call him, but he provided the routing number and account information for an international money transfer. In an odd twist of fate, this dear friend had passed away just two weeks before and, if he ended up in “the bad place”, no amount of bail money was going to help him! So, no, I didn’t send the money. But there are bad people committing cyber-crimes every minute of every day.
Securing Your Internet Traffic on Public WiFi.
By using a Virtual Private Network (VPN) every time you log in to a public network, you are protecting yourself. And it’s easy. CNET’s VPN referral page is a great resource for finding a VPN you can use. (CNET is a great technology referral source, in general.) Once this is done, all your traffic, both in and out, will be encrypted. You can also check with your internet provider.
Another step in protecting yourself is to make sure that the sites you use are visiting are “padlocked”…look for that little green padlock. These sites have enabled HTTPS for “secure socket layering”.
Geo-Tagging Travel Photos
While geo-tagging is a bigger problem while traveling with the whole family, you can still get in trouble when traveling for business. The photo of the great restaurant you took a client to, or the cute doggie your five-year-old would love, can also tip off strangers that daddy (or mommy) is not home. And the incredible images of that family of tigers can tell criminals you are in Africa and away from the house for two weeks. Wait until you get home to post photos from your travels.
Leaving Phones, Tablets, and Laptops Unattended
Just turning your back for a few seconds, or walking away just a few feet, even in a “safe” neighborhood, can give an accomplished professional thief the opening he/she needs. Devices that are used for business, even those that are privately owned, should be managed by a Mobile Device Management program and through Multi-Factor Encryption. Multi-Factor Encryption makes it much harder to break into your device and Mobile Device Management enables your office back home to wipe your device clean of sensitive company information if it is lost or stolen.
Safe Travels!
Yes, following these mobile device security protocols can be a royal pain in the butt, but only a tiny fraction of the pain and anguish you can go through if you get caught up in one of these schemes. Be smart. Be safe.
At DynaSis, we have spent the past 25 years keeping our clients and their employees safe and secure. Our more than 55 IT Professionals are experts in virtual every aspect on Internet security, both in the office, at home and on the road. Contact us at 770.569.4600 or visit us at www.DynaSis.com.
Red Chalk Group, a Chicago based telecommunications consulting firm, tells us that 5G wireless is nearly ready and that it will mean major changes in the way people consume media on their mobile devices. If you have a teenager in your house, you probably find they prefer using their smartphones to tablets or laptops. While you and I may not be happy watching a major motion picture on a 2.5” x 4.5” screen (and that’s about the largest cellphone screen out there), the folks who will soon be young adults are very happy to do so. These people will also be very happy to learn about 5G because it will change the way their smartphones, and other mobile devices, interact with the entertainment world.
and from a technical standpoint (although exact technical standards have yet to be determined), it means a greater number of mobile broadband users will be able to user the same network at the same time, with each having much greater download and upload speeds.
Although we are still waiting for exact tech specs, Nelson Granados of Forbes believes that we will be seeing dramatic advances:
“Download speeds are bound to increase at least tenfold compared to 4G, and for true 5G standards, it could be up to 100-fold. So, if an HD movie takes six minutes to download in a 4G network, with 5G it could take a handful of seconds. Also, in the era of user-generated content, photo and video upload speeds will improve, fueling social media content.”
In addition to faster download speeds, with 5G wireless the quality of streamed media will also see a huge boost, which is a big plus for live events of all types, including concerts and sports. It is expected that the quality you will see on your mobile device will be the same as you get at home, and buffering will be a thing of the past.
But while better video quality while steaming is a big plus, the super-fast download speeds will also make downloading and saving movies, TV shows, etc., more practicable. Since you will be able to download in six seconds what it would have taken six minutes, and with increased storage capacity, why risk streaming, especially while traveling, and worrying about erratic coverage? Expect streaming services such as Spotify, Amazon and Netflix to offer more downloading purchase and rental options.
DynaSis has been serving the technology needs of the Atlanta small to mid-sized business community for 25 years. In addition to our complimentary IT Network & Security Assessment, we also offer a 15-minute one-on-one webinar to explain how your technology can become a powerful force, driving your business forward.
Check Out These Email Subject Lines. Would You Click on Them?Over the past few years, we’ve all been taught to be careful not to click on suspicious looking emails, right? The problem is that cyber thieves are working very hard at coming up with new ways to trick us, and they succeed at an alarming rate. Chances are, if you received an email subject line that seemed to be a security alert from Bank of America, but you weren’t a client of theirs, you would know better than to click on it. But what if you were a BofA customer and you received that alert? Chances are pretty good you just might click away. And then compound the problem by clicking on something within the email once you opened it.
Sending out false emails with email subject lines that look real is called “phishing” and is described by Wikipedia as a “the attempt to obtain sensitive information such as user names, passwords, and credit card details (and, indirectly, money) often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.”
One of the top providers of email security awareness training, KnowBe4, recently published its “Top 10 Global Phishing Email Subject Lines for Q2 2017”. While it did find that people generally were more likely to fall for subject lines relating to business, they also clicked on non-business subject lines with scary regularity.
Here are the Top 10 Phishing Subject Lines their research turned up:
*Capitalization has been kept as it was found in their research.
How many of your employees would pass up reading an email that said, “Revised Sick Time & Vacation Policy”? If they do click, they can be opening up your entire IT infrastructure to all types of malware, including ransomware demands. (As a side note, your infrastructure needs to be protected from ransomware by having advanced data backup and recovery systems in place. This is critical and should be an integral part of any managed IT support program.)
On a personal level, while no-one (at least very few people) will ever again fall for the plea of a Nigerian Prince looking to hide his family’s fortune with your help, a whole lot of people will click on fake emails that look they are coming from a financial institution, or a package delivery service that they often use. (The cyber-criminal does not need to have the customer list from the bank or delivery service. They just send out millions of emails with the expectation that some small percentage of the recipients will be customers of that bank or delivery service.)
For both your business’ sake, or to protect themselves, your people should understand that banks never request personal information through email. Certainly, these emails should never be the trigger for transferring funds.
Here at DynaSis, we have been in the business of providing full service Managed I.T. Support for 25 years, and we have seen it all. In fact, we have been at the forefront of developing cyber security techniques now in use across the USA. Among these are in-house security training for the employees of our clients. In you would like to learn more about how we can secure your I.T. network, please contact us by visiting our website or call us at 678.967.3854.
Part 1 of this series (click here) dealt with servers and the computers that host them, and how and why we keep them running at maximum performance. In Part 2, (click here) we discussed “virtualization” and the “physical hosts” that contain “virtual machines”, as well as Data Structure and Storage. This final piece deals with hardware including mobile devices, applications, email messaging and physical security.
Group/Machine Policies
Screen Locking – Are your machines set to lock after a certain period of inactivity? This prevents people who are not authorized from using computers and possibly exploiting them.
USB Storage – You should be restricting USB storage devices from being connected to your workstations. Two reasons: Attaching USBs to a workstation is one way for viruses to get into the computer, then possibly into your entire environment. Second, this is a way for proprietary information to be copied and stolen.
Power Settings – Your workstations should go into sleep or hibernate mode after a certain period of inactivity. This conserves power and may extend the life of the unit. (Updating and patching can still be done when the workstation is in this state.)
Hardware Protection & Replacement
Specifications – By now, you should have replaced all hardware that has less than a 2GHz processor or 4GB of memory. This is what we consider baseline right now. However, when buying new equipment, even higher standards should be considered because as technology continues to evolve, current standards may not run updated applications.
Warranties – All your hardware should be under warranty. If any piece is not, extended warranties should be investigated. Machines not under warranty may be problematic if parts are needed and may be costly to replace if not readily available. We have tools that can check this factor, or you can check online at the manufacturer’s website by entering the service tag into the warranty section.
Surge Protection – Power surges are still a problem and hardware not plugged into surge protectors are at risk.
Acceptable Use Policies
Do you have one? – This should cover employees’ use of personal email, Internet usage (surfing), and remote access for laptops. Most cyber intrusions start with employees.
Endpoint Protection
Endpoint protection refers to a system for network security management that focuses on network endpoints, or individual devices such as workstations and mobile devices from which a network is accessed. The term also describes specific software packages that address endpoint security.
Endpoint protection may also be called endpoint security.
www.technopedia.com
Administrative Rights – Administrative rights should be carefully considered and only necessary levels should be granted to users. Most software needs administrative access for installation and by restricting these rights, you are also lessening the opportunity for people to install personal applications, which may affect workstation performance, licensing, or employee productivity.
Anti-Virus – In today’s world, active and centrally managed antivirus, with provisions for both scheduled and real-time updating is crucial. This is the backbone of endpoint protection. While there is no single answer to complete protection on all your devices, this is an important part of network security and is highly recommended.
Anti-Malware – As above, a centrally managed anti-malware is very important and today’s malware has increasingly become a productivity killer. And as above, while there is no single solution, this is another important part of your protection.
What is the difference between Virus and Malware? In simple terms, a virus is a piece of code that can replicate itself and travel from computer to computer, much like a flu virus can replicate itself and travel from human to human. Malware is more of an umbrella term that refers to a wide variety of malicious software, including viruses, as well as Trojans, adware, worms, and ransomware. In other words, all viruses are malware but not all malware are viruses. Exactly how each of these performs is beyond the scope of this piece, but the most commonly known of these recently is ransomware, with which a cyber-criminal will encrypt, or lock down, a company’s data files, demanding a ransom before releasing them.
Web Filtering – Another part of an overall security suite. This prevents a workstation from becoming infected by being redirected to a website that installs malicious software.
Patching – Patches are applied to fix bugs, remediate security risks, and make use of applications easier. It is important that this is centrally managed so that all applicable machines are updated.
Authentication – We believe in two-factor authentication. An example of two-factor authentication that we use every day is the use of both an ATM card (one factor) and a PIN (second factor) at the bank’s ATM. For computer use, an example might be the use of both a password and PIN. This provides an enhanced level of security.
Remote Management – Workstations can often best be managed by use of a remote management tool. For example, DynaSis’ client's devices need to be accessible by our management tool to take advantage of our endpoint security functionality.
Thin Clients
Definition: A Thin Client (or “lean client” or “zero client” or “terminal”) is a small computer that relies heavily on remoting into a server for processing. Unlike a “fat client” which is a typical desktop PC and if necessary can handle all required functionality, the thin client is limited to essential applications.
Spare Terminals: because of the low cost of these units, it is suggested that spare terminals be kept on premises in the event of failure.
Firmware: Many problems can be corrected through the use of the latest firmware. This is particularly true of devices such as these because of their basic nature.
This is a significant topic unto itself. If you want to learn more, you can watch our video, or read one of our recent blogposts.
Device Policy – Do you have a mobile device policy that clearly outlines screen locking, password protection, email, etc., as well as use of employees’ own devices?
Installation Documentation: Are step-by-step installation instructions readily available for all of the applications used in your business? This is important when building a new work-station, or reinstalling applications. This is particularly important if your company uses a large number of applications, or applications that have been developed for and/or by your business.
Licensing: Are licenses easily available when installing for new employees? Is someone familiar with the licensing process?
Support Contracts: Are valid and active support contracts in place with all 3rd party vendors? This can be important if you require direct support from a vendor, particularly in emergency situations. Vendors are more likely to respond to regular clients than they are to companies that only call them in emergent situations.
Version/Release: All your applications should be up-to-date with the latest releases as this makes trouble shooting easier, as well as providing you with the latest improvements and security updates.
Approval Policies: Employees should be well-aware of which applications are allowed and which are prohibited. (You may prohibit all applications which have not been specifically approved, however, some there should be a policy on asking for approval of apps that may not be in wide usage throughout your company. Some employees may want/need other applications that make them more efficient in their work.)
Automated Policies: An automated policy can restrict the installation of applications that have not been approved.
Email platform: The Microsoft Exchange platform provides a high level of business class collaboration as well as security features that may not be available in other platforms. If your company is not using Exchange, you should consider migrating.
Archiving: Emails should be archived. It is not uncommon for a company to have need to retrieve emails that are several years old, whether to enforce contracts, show time sequence, or satisfy government or civil subpoenas.
Encryption: This provides a significant level of cyber-protection.
Continuity: In the event of an outage, there should be a plan in place for email continuity.
Environment
Dedicated Area: Best practices dictate that a dedicated room should be set up for your servers and networking equipment.
Temperature Control: Properly controlling the temperature of your server room can prolong the life of the equipment. High temperatures can be very destructive.
Physical Security: This should be a secure room with very limited access. There should be a door as opposed to an open entrance, and we prefer that there be no windows to the exterior.
Fire Suppression: A fire suppression system that can cause minimal damage to the equipment is highly recommended.
Electric: Your server room should have a dedicated electrical circuit so that electrical issues in the server room cannot be causes by problems elsewhere in your building.
Monitoring and Alerts: When server/equipment rooms are properly monitored and alerts properly functioning, reaction times are faster in the event they are needed. We recommend:
Labeling: This may seem rather basic, but proper labeling helps your onsite people work with third parties in identifying troublesome equipment, especially when working with third parties.
That said, you should understand that this was a broad look at our STR – Strategic Technology Review. There are many topics that are covered in our real-life review such as Power Management, Rack Management, Backup, Disaster Recovery, Business Continuity, Networking, Telephony, Remote Users, Password Protection, and others, that we have not mentioned. Below are links to white papers we have written on some of these subjects:
Data Backup & Disaster Recovery
Your Telephone System as a Business Building Asset
Mobile Device Security & Employee Training
Multi-Factor Password Authentication
Here are links to Part 1 and Part 2 of this series.
Questions? Please feel free to contact us at 678.373.0716 or www.DynaSis.com.
Part 1 of this series (click here) dealt with servers and the computers that host them, and how and why we keep them running at maximum performance. In this article, we continue on and discuss “virtualization” and the “physical hosts” that contain “virtual machines”, then we will discuss Data Structure and Storage. Let’s start with some basic definitions (there will be other definitions throughout this piece, formatted like the two below.
Virtualization & Virtual Machines: Virtualization in I.T. terminology means effectively creating “virtual machines (aka virtual computers)” by splitting the resources of a single computer into multiple sets of resources that function independently of each other. For example, we can take the resources of that single “machine” and divide them into three separate units, each functioning independently of each other, and we have three “virtual machines”, aka “VMs”. Why would we do this instead of buying three separate computers? Primarily the cost. It is much less expensive to buy a single large computer than three separate smaller ones. This savings is magnified by the fact that for some operations, the three VMs can share resources, plus the configuration can be changed as resource requirements change, meaning that the requirements for the three VMs is less than for three individual computers.
Physical Host: The computer that has been virtualized into two or more VMs is called a “physical host”.
VM Sizing: The first thing we look for relative to virtualization during the STR is the sizing of the VMs. In other words, have sufficient resources been allocated to each VM? If not, this can lead to poor performance or even server failure. We do this by observing the utilization of the resources and the performance of the applications. This is a high priority.
Warranties: Are the servers used in virtualization under current warranty? Having active warranties is essential when we need to obtain parts or speak with the manufacturer for support. If out of warranty, we determine if extended warranties are available. If not, it is often a good time to consider retiring the older machine in favor of a newer version. (If it has reached this state, it is probably pretty old.)
Hypervisor: The term “hypervisor” comes from the word “supervisor”. The hypervisor is software that runs (or supervises) the virtual machines on the host computer. This hypervisor software also creates the ability to simultaneously run multiple types of operating systems. For instance, with a hypervisor, you can run Windows, Linus and MacOS on a single physical host. Each VM could use any of them.
Operating System: The main program in a computer that controls the way the computer works and makes it possible for other programs to function. (Merriam Webster)
Operating System: Is the operating system being used licensed and is it still being supported by the manufacturer?
Software Licensing & Support: Again, we want to know that the licensing is up to-date-and support is still available.
Specifications: Have the VMs been appropriately sized for the applications that are being hosted on them. To determine this, we observe their utilization and performance. We are then able to determine what, if anything, needs to be improved. This is important because if the VMs do not have proper resources available, it can seriously affect performance.
Monitoring & Management: We believe all servers need to be monitored and managed to ensure that patches and anti-virus software are always up-to-date. As you can imagine, in today’s cyber-crime environment, this is highly important.
Administrator Accounts: We want to see that all administrators have their own dedicated accounts and that each has a unique login. When accounts are shared, it is often impossible to determine who was responsible for errors or omissions, hence, corrective action and retraining becomes more difficult.
Web Security: We want to see that Internet security has been properly installed and is up-to-date. This includes items such as Internet Explorer Enhanced Security, OpenDNS, and browsing policies. Servers should never be used for accessing the Internet except for legitimate admin purposes such as downloading new software or updates.
DNS (Domain Name Server): An often-used analogy to explain the Domain Name System is that it serves as the “phone book” for the Internet by translating human-friendly computer hostnames into IP addresses. For example, the domain name www.example.com translates to the IP addresses 93.184.216.119 (IPV4) and 2606:2800:220:6d:26bf:1447:1097:aa7 (IPV6). Unlike a phone book, DNS can be quickly updated, allowing a service's location on the network to change without affecting the end users, who continue to use the same host name. Users take advantage of this when they use meaningful Uniform Resource Locators (URLs), and email addresses without having to know how the computer actually locates the services. (Wikipedia) (Note: IPV4 and IPV6 are the protocols under which IP addresses are created.) Think of it this way: would you rather email your friend Joe by sending the message to his email address: Joe@hiscompany.com, or by sending the message to his email address: 2606:2800:220:6d:26bf:1447:1097:aa7? Try remembering a few of those!
OpenDNS: OpenDNS is a company and service which extends the Domain Naming System (DNS) by adding features such as phishing protection and optional content filtering in addition to DNS lookup, if its DNS servers are used.
The company hosts a cloud computing security product suite, Umbrella, designed to protect enterprise customers from malware, botnets, phishing, and targeted online attacks. The OpenDNS Global Network processes an estimated 100 billion DNS queries daily from 85 million users through 25 data centers worldwide. The company was acquired by Cisco in 2015 for $635 million in cash. (Wikipedia)
There are a number of other items for which we check that are the same or similar to those covered in Part 1 of this series: Redundant Power Supply, UPS, Hardware Naming & Labeling, so see Part 1 for this information.
Structure – Location: We check to make sure all data storage is properly configured, meaning they are centrally located and each location has been properly named. This is important for proper backup and becomes important in the event of recovery. Instead of digging around and trying to figure out where sets of data are, or where they belong, everything is in its proper place and easy to locate and/or restore.
Structure – Shares: We are always concerned with permission management. In other words, we want to make sure that the right people have access to the data they need…but only the data they need. We check to see that data is segregated into company-wide, department-wide, and individual-only compartmentalization. This way, everyone in the company from the CEO to the newest entry-level employee has access to all the information they need to do their jobs, but only that data.
Structure – Permissions: Once we have determined that data is properly segregated, we check to make sure that permissions are properly structured and disseminated so that effective data protection and allowed sharing is achieved. Every company must decide who has access to what data. This varies greatly in importance depending on the industry. For example, organizations that work with personal financial information, or health records, are under strong legal obligations. While the legal obligations may not be there for other companies, they may still have sensitive customer information, or internal trade secrets, or their own financial data that should not be available to all who work there.
Storage – Data Location: All too many companies, often unknowingly, have end-users (employees) whose data is stored locally rather than on a server. This means that the data is stored on the desktop, and, thereby, subject to loss in the event of a hard-drive crash or virus. If the desktop computer goes bad, files, often many years of work, can be lost forever, since these files have not been backed up on a server. We have seen situations where people assumed their data was being backed up, only to discover too late that it was not. As an alternative, individual work stations can be backed up, but this is a “second best” solution.
Storage – Configuration: We check to see if the RAID configuration is appropriate. RAID is in place for redundancy of file storage and different situations require different redundancy levels. We want to make sure that the level we find works for that business and, if not, make adjustments.
RAID (redundant array of independent disks; originally called redundant array of inexpensive disks) is a way of storing the same data in different places on multiple hard disks to protect that data in the case of a drive failure.
Part 3 of this series will cover hardware such as desktops and laptops, “thin clients”, and mobile devices. In addition to this series of articles, you can find a wealth of I.T. knowledge and information at www.DynaSis.com/the-latest, where we have posted White Papers, Articles, Case Studies and Blog Posts on a wide variety of technology related subjects designed for the C-Level executives of small to mid-sized companies. For more technology information that we find and share, follow us on Twitter (@DynaSisIT) and LinkedIn (DynaSis Technologies).
© 1993-2022
(Privacy Policy)
DynaSis HQ
950 North Point Parkway
Ste 300
Alpharetta, GA 30005
24x7x365 Technical Support 866-252-6363
Sales Inquiries 678.504.6486
U.S. based Data Centers
Alpharetta (Atlanta), GA
12655 Edison Dr.
Alpharetta, GA 30005
Brentwood (Nashville), TN
7100 Commerce Way #25
Brentwood, TN 37027
