Managed Serivces Year End

2012-year-endIt’s that time of year again, when things seem to both incredibly speed up and slow down at the same time.  STOP … Take a deep breath and THINK. That almost constant e-mail notification can wait. Use the next 15 – 30 minutes and go down this list to close out the year and prepare for the next:

  1. Take stock in accomplishments. Most of you had 1-2 projects this year and eliminated a server with virtualization, escaped disaster recovery with cloud computing, or have simply forgotten the headaches and frustrations of the bad old days when you didn’t have managed services benefits.
  2. Budget and plan projects. If you haven’t had your last CIO Review or looked at the 5 Year Technology Forecast, there are still a few meeting slots open or we can schedule for next year and send the current budget information on file. What are the 3 technology projects that are holding the business back for next year? Remember, any software version 2003 or older is not supported by the manufacturer next year.
  3. Save on taxes. Let’s see you can pay more tax or many customers choose to take an additional discount and pre-pay a project or their Guardian Managed Services for next year. Obviously, if you need to replace hardware or software, shop for the best price and this is the perfect time to do it. Sorry Ghost Rider, the pattern is full to implement any new projects this year with Delta, but we can handle the required billing and install starting in January. It’s time to clear out and donate that old hardware and pitch the old software and manuals from 15 years ago too.
  4. Prepare for winter. We’re going to have another El Nino, which means another 2009 ice blast. Make sure you have a current hard and soft copy of your System Plan off-site along with DVD copies of critical software – not to mention the gun, bottled water, powerbars, or other parts of your disaster recovery. Just dipped your toe into Office 365 for unified messaging? Well, now is a good time to get serious about moving documents to SharePoint Online. Oh, and it’s never too late to start an Office 365 Free Trial for a disaster plan if you haven’t done anything else.

What are we doing? Well old servers and workstations are going bye-bye, existing servers and workstations have been upgraded to Windows Server 2012 and Windows 8 respectively. New versions of Insight Remote Monitoring and Recovery Online Backup are under-way. And we’re doing our board review near Christmas to continue the focus on lowering your technology costs and streamlining operations.

Windows Intune Overview

Windows IntuneLet’s face it, security is not sexy. Fear doesn’t sell and someone built that network and has very strong reactions to any suggestions of vulnerability. For most IT departments, it’s a struggle just to service the needs of users. Monitoring and updating systems is a distant last after the next 2 dozen things that are infinitely more fun and supposedly important. The problem is that everyone is struggling with the same issue: users are often more mobile and not getting back to log into the network and even if you have an update system, it’s either neglected or is just another thing not being maintained.

Enter Windows Intune, cloud based PC management. You see if you add up the cost of workstations (hardware, software, support, and training) you’ll come to the often startling realization that the big money isn’t in servers, storage, or related equipment. What’s more is that everyone knows that workstations are just the beginning of cost and usage challenges with the addition of tablets and smartphones. So Windows Intune offers a device client and cloud portal. In a nutshell for $11 per month, Intune includes the following:

  1. Forefront Endpoint Protection anti-virus client.
  2. Security update and software distribution policy enforced anytime users are connected to the web, including those pesky Adobe and Java updates.
  3. Built-in remote assistance for end-users regardless where they are located.
  4. Mobile device PIN security and wipe capability for Windows, Android, and Apple.
  5. Hardware and software asset tracking
  6. Upgrade protection for the next Windows OS

Your gut reaction may be that the price seems high. However, just add up the cost for a new Windows OS, much less the systems for remote assistance, updating, anti-virus, asset tracking, and mobile administration. As usual, you heard it here first. Contact us about a demo or try a Windows Intune free trial for 30 days.

Windows XP BITS Pandemic

It’s amazing how many computers are still running Windows XP, which was released in 2001. Typically, the Microsoft product life cycle is 5 years standard support, plus another 5 years of extended support in which no major enhancements are released (10 Years total). The OS was so wildly popular that Microsoft extended the deadline, so that Windows XP Support ends in 2014. In comparison, the Mac OS X 10.0 Cheetah of 2001 was only supported through 2002 as is the standard 1 year support policy from Apple today.

In recent months, customers that utilize Windows Server Update Service to centrally managed and update workstations (something Apple also hasn’t done for Mac in the last 10 years) have begun to notice that some Windows XP machines are not getting updates. Even when you try to run Windows Update locally, you may receive an error message that contains the “0x8DDD0018” code or the “0x80246008” code when you try to download updates from the Microsoft Windows Update web site. While there seem to be various causes, it appears the OS may be so old that new policies change permissions for the Background Intelligent Transfer Service that must be running to download updates.

To fix problem Windows XP workstations, run the following locally or create a login script or group policy (does not affect Windows 7 workstations):

  1. Click Start and Run, type cmd, and then click OK.
  2. Type the following  command, and then press ENTER:
    sc sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
  3. Then type net start  bits, and hit ENTER.
  4. Close the cmd window.

As of this writing, you have less than 18 months before XP is not supported – but at least you’ll have current updates. See http://support.microsoft.com/kb/910337 for the long version.

Social Integration

Social media is here to stay and every business must address security, reputation, and marketing. A management stance and strategy must be defined for each area. The bottom line is that many businesses will either adapt to changing business culture or parish.

Over the years, the largest productivity loss on the Internet has changed from pornography to shopping and now social media. If you’re not filtering and tracking e-mail and web browsing, then viruses, phishing, and leakage of confidential information will result in significant business loss. It makes no sense to set a policy without a way to enforce it. Remote monitoring and network security are more sophisticated and cost-effective than ever. While you may choose to block Facebook and Ebay, Twitter and LinkedIn will likely be necessary business tools.

Since the line between personal and business life continues to blur, it is a personal and business responsibility to monitor reputation. Whether it is Google Alerts or TweetDeck or a paid service, you should monitor: business name, keyword phrases, employees, and competitor names.

Social media should be a part of your marketing, sales, and business conversion. Define goals, tactics for a campaign, and simple measurements for success. Whether you are trying to track and increase website traffic or improve customer relationship management, the trend is shorter and more frequent and meaningful content. Those that provide something useful for free or solve common problems seem to draw the most interest. Avoid adding to the noise and simply tweeting famous quotes or blogging mundane definitions.

Finally, social integration in business is about new approaches and innovation. Those who continue to cling to archaic thinking and repeating tired processes will be pushed aside by forward-thinking incumbents or a slew of new market players. Are you embracing cloud computing and online backup or the costly upgrade/failure/maintenance legacy treadmill with on-premise systems and tape? Does your sales team spam the market with ineffective e-mail and voice mail or connect with LinkedIn and Twitter?  Winners now and in the future will have lower cost, faster communication, and a more relevant message.

Technology Tax

Whether you have a full-blown audit or simply get profit and loss information for the accountant, it’s time to reflect on last year and seek advice going forward. You’ll look at your top expenses and evaluate business goals while trying to get the most tax breaks possible.

But who is checking your technology, advising you on trends, and helping you to lower costs? Technology is your #4 business expense after salaries, taxes/benefits, and rent. Just like everything in your business it’s time to cut the fat and stop repeating the same old mistakes.

Your IT Department is obviously trusted, but they are paid to maintain systems and keep users happy. New things are always on the back burner and the technology is constantly changing. To make a sharper point, do you provide your IT an annual budget, regularly certify them on the latest technology, and measure their cost or performance to the financials? No.

We generally find companies have:

  1. Inadequate documentation for maintenance, disaster recovery, or business evaluation.
  2. Too much hardware and mis-matched software.
  3. Minor to significant system configuration problems and pending failures.
  4. No understanding of pending or future needs and associated costs or risks.

A regular review of systems and network security prevents businesses from flying blind and prevents IT conflict. This review should be done by a qualified IT firm rather than an Accounting firm. It should include a breakdown of the top business/technology categories, specific issues for resolution by system, and immediate to future recommendations.

Be prepared to hear some things you may not like, but it’s better to know and react than remain oblivious. You also should be open to new ideas to lower cost like managed services, virtualization, cloud computingremote monitoring, and online backup. Your IT likely needs help and would much rather have expert input and focus on helping the business than mundane maintenance tasks. If you chose to do nothing, you’re resigning your business to regularly paying a high technology tax.

Hardware Firewalls Lacking

A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. Since their creation, a battle has raged between those who believe a hardware or software firewall is better. In truth, even the hardware devices utilize some type of software and every product has its own strengths and weaknesses.

No matter what your opinion, the fact remains that Microsoft Internet Security and Acceleration (ISA) is the best protection for a Microsoft environment. The reason is because ISA authenticates access at the edge of the network rather than allow traffic to penetrate the firewall and access a server directly. For Outlook Web Access, Terminal Services Gateway, or SharePoint, ISA authenticates logons before any servers are accessed. For hardware devices, the appropriate port and URL is opened and direct access is provided to the server through the firewall. Conceptually, once you have access to the server it’s much easier to do harm.

Typical arguments tend to follow:

ISA is not a real firewall.
It has more than a 10 year history of use in all sectors including high security Government and Financial customers with highest certifications in the industry.

Windows has too many vulnerabilities.
Every system has discovered flaws and Windows/ISA has no more than any other offering. Further, ISA has Microsoft Update for security patches and enhancements while hardware updates are manual.

Hardware firewalls are faster.
Server processor, RAM, and NICs all offer higher performance and more expandability.

Hardware firewalls are cheaper.
Like everything in technology, it depends upon the offering and configuration on what is more expensive. Microsoft software generally has a 5 year standard and 10 year extended life cycle with servers warranted for 4 years. Most hardware firewalls have a warranty of 3 years with annual maintenance, so total cost of ownership over life of the equipment tends to be higher.

If you prescribe to the notion of having two firewalls from different manufacturers, you can put a hardware firewall in front of ISA and still enjoy the edge authentication and perks like Active Directory integration to filter by user/group instead of just IP address. If you must have a box to put in the rack, then purchase an appliance that has ISA. In 2010, ISA runs on Windows Server 2008 with more features and a new name of Forefront Threat Gateway.