Tag Archives: Remote Support

Windows Intune Overview

Posted on by

Windows IntuneLet’s face it, security is not sexy. Fear doesn’t sell and someone built that network and has very strong reactions to any suggestions of vulnerability. For most IT departments, it’s a struggle just to service the needs of users. Monitoring and updating systems is a distant last after the next 2 dozen things that are infinitely more fun and supposedly important. The problem is that everyone is struggling with the same issue: users are often more mobile and not getting back to log into the network and even if you have an update system, it’s either neglected or is just another thing not being maintained.

Enter Windows Intune, cloud based PC management. You see if you add up the cost of workstations (hardware, software, support, and training) you’ll come to the often startling realization that the big money isn’t in servers, storage, or related equipment. What’s more is that everyone knows that workstations are just the beginning of cost and usage challenges with the addition of tablets and smartphones. So Windows Intune offers a device client and cloud portal. In a nutshell for $11 per month, Intune includes the following:

  1. Forefront Endpoint Protection anti-virus client.
  2. Security update and software distribution policy enforced anytime users are connected to the web, including those pesky Adobe and Java updates.
  3. Built-in remote assistance for end-users regardless where they are located.
  4. Mobile device PIN security and wipe capability for Windows, Android, and Apple.
  5. Hardware and software asset tracking
  6. Upgrade protection for the next Windows OS

Your gut reaction may be that the price seems high. However, just add up the cost for a new Windows OS, much less the systems for remote assistance, updating, anti-virus, asset tracking, and mobile administration. As usual, you heard it here first. Contact us about a demo or try a Windows Intune free trial for 30 days.

About these ads

Windows XP BITS Pandemic

Posted on by

It’s amazing how many computers are still running Windows XP, which was released in 2001. Typically, the Microsoft product life cycle is 5 years standard support, plus another 5 years of extended support in which no major enhancements are released (10 Years total). The OS was so wildly popular that Microsoft extended the deadline, so that Windows XP Support ends in 2014. In comparison, the Mac OS X 10.0 Cheetah of 2001 was only supported through 2002 as is the standard 1 year support policy from Apple today.

In recent months, customers that utilize Windows Server Update Service to centrally managed and update workstations (something Apple also hasn’t done for Mac in the last 10 years) have begun to notice that some Windows XP machines are not getting updates. Even when you try to run Windows Update locally, you may receive an error message that contains the “0x8DDD0018” code or the “0×80246008” code when you try to download updates from the Microsoft Windows Update web site. While there seem to be various causes, it appears the OS may be so old that new policies change permissions for the Background Intelligent Transfer Service that must be running to download updates.

To fix problem Windows XP workstations, run the following locally or create a login script or group policy (does not affect Windows 7 workstations):

  1. Click Start and Run, type cmd, and then click OK.
  2. Type the following  command, and then press ENTER:
    sc sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
  3. Then type net start  bits, and hit ENTER.
  4. Close the cmd window.

As of this writing, you have less than 18 months before XP is not supported – but at least you’ll have current updates. See http://support.microsoft.com/kb/910337 for the long version.

Technology Tax

Posted on by

Whether you have a full-blown audit or simply get profit and loss information for the accountant, it’s time to reflect on last year and seek advice going forward. You’ll look at your top expenses and evaluate business goals while trying to get the most tax breaks possible.

But who is checking your technology, advising you on trends, and helping you to lower costs? Technology is your #4 business expense after salaries, taxes/benefits, and rent. Just like everything in your business it’s time to cut the fat and stop repeating the same old mistakes.

Your IT Department is obviously trusted, but they are paid to maintain systems and keep users happy. New things are always on the back burner and the technology is constantly changing. To make a sharper point, do you provide your IT an annual budget, regularly certify them on the latest technology, and measure their cost or performance to the financials? No.

We generally find companies have:

  1. Inadequate documentation for maintenance, disaster recovery, or business evaluation.
  2. Too much hardware and mis-matched software.
  3. Minor to significant system configuration problems and pending failures.
  4. No understanding of pending or future needs and associated costs or risks.

A regular review of systems and network security prevents businesses from flying blind and prevents IT conflict. This review should be done by a qualified IT firm rather than an Accounting firm. It should include a breakdown of the top business/technology categories, specific issues for resolution by system, and immediate to future recommendations.

Be prepared to hear some things you may not like, but it’s better to know and react than remain oblivious. You also should be open to new ideas to lower cost like managed services, virtualization, cloud computingremote monitoring, and online backup. Your IT likely needs help and would much rather have expert input and focus on helping the business than mundane maintenance tasks. If you chose to do nothing, you’re resigning your business to regularly paying a high technology tax.

Technology Vendor Selection

Posted on by

Who’s the greatest? Muhammad Ali of course. So why do most vendors seemingly have the same bluster?

In the technology industry, you better believe your own story, but there are things that all customers should ignore or move onto another vendor when they hear:

  • We’re the best or most experienced.
    Summing the ages of all employees and significant others is an obvious ploy. Also, a lot of advertising doesn’t make you the best.
  • We’re certified.
    That dated MCSE, archaic command line knowledge, and that on-line open-book hardware test don’t mean much today.
  • We want to be your trusted advisor.
    Who doesn’t?
  • We do good work real fast.
    Speed is fine, but it doesn’t rank in the most important aspects of technology implementation.
  • People like us.
    The inflated testimonial quote from a buddy and your girlfriend on your own website are transparent. That LinkedIn recommendation from your best friend about how honest you are doesn’t help either.

Generally, the younger the company the more repetitive and outlandish the claims. Before the feeds and speeds and myriad sales presentations, here are some points to quickly qualify the true professionals from the pretenders:

1) What is your need and their motivation? 
Start with your specific needs, preferably not  more than 6-10 concise and quantifiable phrases. It’s amazing how many clients don’t do this first step in helping to eliminate the bulk of vendors and focus on just a few. Then while you’re Googling, a dated and poorly done website is an initial warning sign. Other warning motivations include “doing it all for any and everybody” unclear focus, slogans beginning with their profitability first, and myriad logos of manufactures signaling an invested reseller pitch regardless of need.

2) How long have they been in business?
Much like restaurants, most technology and consulting firms fold in 3-7 years. This question will cut to the bone for many vendors and should be one of your top disqualification factors, as you’ll generally want a minimum 5  year solution. While that LLC startup may sound hip, you should ask how they are funded and true business background in addition to technical.

3) How did their business start?
The vast majority of technology companies start under less than honorable circumstances. Some of the stories are harrowing: individuals stealing company brand and tag lines and representing as their own, selling services for their new startup while working for their previous employer, downloading employer documents and processes for their new venture, and disparaging their employer and utilizing trade secrets to solicit existing clients and break contracts. Litigation is $50K to start and there is little protection for employers via law for such piracy, with only lawyers reaping the reward and offenders simply going bankrupt and starting again. Remember that the companies you pick have a great deal of access to your information and you do need them to be trustworthy. Ask for contact information for their previous employer and if that employer would hire them again. When you don’t hear from them any more or you get the real story from the previous employer, know that you dodged a bullet from making a big mistake.

4) What are the credentials of the owners?
Another dirty secret of the industry is that most principles have no degree. That former cable installer and PC assembler who got a MCSE in 2003 via their previous employer may be touting consulting experience, but with no formal training you’re taking a big risk. Knowing how to install software and hardware are drastically different skills from business process, planning, and understanding. This point comes back to the issues of credibility and longevity.

5) What is under the covers?
Throughout the selection process, you should be asking and evaluating what the vendor uses to do their job. Is the offering open and can you check it or are you restricted from even accessing your own systems? Is that Microsoft vendor really using a Linux box for monitoring? Why is the service provided by two or three companies? Do you want a foreign system from India and phone support transferred there? Finally, visit the offices. Lease space is cheap and many startups have a fake office and a few 1099 contractors working from home. You’ll know it when you see it as the office will likely be in a retail strip, have a plain black and white sign, and an odd wall facing the entrance protecting the view of largely empty space.

Throughout the selection process, it is a glaring mistake not to tell the vendors the other players who are competing because things you may have missed will be identified by competitors. Also, after selection let the short list candidates know who won and why.

Mailbox Upgrade

Posted on by

Microsoft Exchange 2010 was released last month. If you’re still running Exchange 2003, this would be a good time to break that old arbitrary rule about always staying one version behind:

  • Those ever-increasing requests and associated problems concerning e-mail archival and retention are now built-in with much more capability than previous versions and without third-party software.
  • Voice mail preview may delay or lessen that upcoming phone system upgrade as a new unified messaging feature.
  • New information protection features gives you much more ability to prevent leakage of confidential information.
  • Exchange 2007 is on year 3 of 5 for standard support and leaps in technology are now happening every 18-36 months.
  • The x64 hardware requirements are nearly identical and corresponding x64 server software is well beyond being mainstream.

Now each user can have their own archive mailbox with retention automatically defined by the organization and that is also available from Outlook Web Access. You have much better ability for compliance and legal hold. The web accessibility is just one example of improved user self-service. The new Role Based Access Control can allow users the ability to do their own message tracking. Mailbox resiliency as a whole is much better with Database Availability replacing Continuous Replication and the capability to move mailboxes without taking users off-line.

While you still must implement Rights Management for full information control, administrators may automatically notify users of potential confidential leakage and receive alerts of such actions. Windows Mobile 6.1 users will also receive new conversation views.

As with most line-of-business applications today, Exchange 2010 requires x64 hardware and operating system. Active Directory may be 2003, but the Exchange OS should be Windows Server 2008 and a Domain Controller role is not supported. Exchange may be readily virtualized, but this configuration is not supported with Unified Messaging and there may be some performance decrease when using advanced networking like ISCSI because large packets are not supported by virtual interfaces. Purchase only Standard Client Access Licenses, unless you will utilize Microsoft Exchange Hosted Mail Security. Exchange was never meant to be a document repository, so you’ll either need to move public folders to resource mailboxes or file shares.

Even though the media hypes Google as a threat to Microsoft, Gmail is still geared toward individuals. If you are a small business and haven’t investigated, Exchange On-line will offer the new 2010 features with much more capability than Google at about half the price per year ($24 vs. $50 per user per year).

Channel Changes

Posted on by

Every so often the whole technology industry changes and 2010 will be one of those years. If you are responsible for purchasing or evaluating technology products or services, much of what you’ve learned and utilized to make decisions has already or is in the process of changing. You know your needs have changed as everyone has had to tighten their belt. If there’s been little budget spent in the last few years at your organization on technology, then the following are things to consider.

Being in the middle of the country, local understanding and adoption of current technology often lags the rest of the nation by 18 – 36 months. Making legacy decisions on current technology could cost your organization more, while positioning behind competitors with little hope of recovery. The four main areas you should begin to understand are 64bit, virtualization, remote access, and unified messaging.

64bit means the processing speed doubles as well as the amount of memory, but you don’t have to buy “enterprise” software. Servers and associated platforms and applications are now generally all 64bit compliant. Unless your line of business application (like accounting) is 64bit compatible, this is not the year to get 64bit operating systems on desktops as most productivity software like Microsoft Office does not have a 64bit version.

If you have four or more servers, it’s time to leverage virtualization. This simply means an application is running that runs several servers within one box. If this sounds risky, consider that you often run multiple things on a server with no concern. The difference with virtualization is that you can have a second server or host to copy the virtual server image files or have running in case of a failure. So recovery is in minutes rather than days for a traditional server failure. Microsoft Hyper-V is recommended instead of VMWare for no cost and little difference in functionality. Common mistakes to avoid are only purchasing one server host and not considering storage which should be a Storage Attached Network (SAN) box and not a legacy slow and costly Network Attached Storage (NAS) box.

Why are you using that VPN? It’s difficult to connect, often down, and slow. The time is now to see a demonstration of gateway services. You can use a browser for access, have a personal desktop, and even copy files without all the hassle. Most customers are choosing Microsoft 2008 Gateway services over Citrix to save the licensing cost. Be sure to ask your software manufacturer for compatibility.

Do you love your Blackberry and e-mail? Well, Blackberry now trails the market versus iPhone, Windows Mobile, and even the new Android devices. Blackberry devices require additional server hardware and licensing, so while they started mobility remaining viability is questionable. Likewise managing e-mail consumes tons of time for little business return. Organizations that implement instant messaging/presence often see a 30% reduction in e-mail immediately and get some time back to do real work. Use Office Communicator for roaming presence and integrated security versus free clients like Windows Messenger lacking these features. Add a camera and you can do everything but reach out and shake hands.

The major manufacturers themselves are changing, all rushing to offer more integration and hosted services to change forever the relationship with customers, partners, and resellers. We’ve all been taught over the years that multi-vendor solutions offer best-of-breed and better security, but many of the major players including Microsoft have been quietly adding integrated products like anti-virus and backup. You can’t really argue when an offering is by the manufacturer, for the manufacturer’s products, and does more and costs less than third-party offerings.

Microsoft has changed the Partner Program to the Partner Network, so there will shortly be no more undiscerning Gold Partners with some having high competency and the majority with the same designation simply selling software or having customers respond to a questionnaire. Further, individual certifications have all changed to specializations like Technology Specialist in Messaging or Enterprise IT Professional, so that MCSE from 2003 no longer has meaning. Hardware manufacturer’s like Dell are following suit, recognizing that the on-line open book 30 minute test is not a discerning certification. Established players spend significant dollars for their own infrastructure offerings and have teams of sales and technical people trained in current technology for an organization Enterprise Certification. Thankfully, soon gone are the days when a cabling contractor and PC builder can tout themselves as experts with no degree or current credentials, duping customers by marking up commodity products and adding no real value while wearing more logos than a race car.

Hardware Firewalls Lacking

Posted on by

A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. Since their creation, a battle has raged between those who believe a hardware or software firewall is better. In truth, even the hardware devices utilize some type of software and every product has its own strengths and weaknesses.

No matter what your opinion, the fact remains that Microsoft Internet Security and Acceleration (ISA) is the best protection for a Microsoft environment. The reason is because ISA authenticates access at the edge of the network rather than allow traffic to penetrate the firewall and access a server directly. For Outlook Web Access, Terminal Services Gateway, or SharePoint, ISA authenticates logons before any servers are accessed. For hardware devices, the appropriate port and URL is opened and direct access is provided to the server through the firewall. Conceptually, once you have access to the server it’s much easier to do harm.

Typical arguments tend to follow:

ISA is not a real firewall.
It has more than a 10 year history of use in all sectors including high security Government and Financial customers with highest certifications in the industry.

Windows has too many vulnerabilities.
Every system has discovered flaws and Windows/ISA has no more than any other offering. Further, ISA has Microsoft Update for security patches and enhancements while hardware updates are manual.

Hardware firewalls are faster.
Server processor, RAM, and NICs all offer higher performance and more expandability.

Hardware firewalls are cheaper.
Like everything in technology, it depends upon the offering and configuration on what is more expensive. Microsoft software generally has a 5 year standard and 10 year extended life cycle with servers warranted for 4 years. Most hardware firewalls have a warranty of 3 years with annual maintenance, so total cost of ownership over life of the equipment tends to be higher.

If you prescribe to the notion of having two firewalls from different manufacturers, you can put a hardware firewall in front of ISA and still enjoy the edge authentication and perks like Active Directory integration to filter by user/group instead of just IP address. If you must have a box to put in the rack, then purchase an appliance that has ISA. In 2010, ISA runs on Windows Server 2008 with more features and a new name of Forefront Threat Gateway.

Business Without Walls

Posted on by

We strive to stay abreast of trends and lead with knowledge for our clients. As a Microsoft Gold Partner, we received advanced licensing of Windows 7 Enterprise and upgraded this month. Since 2006, we’ve run Vista and had no issues even though it was much maligned by the media – swaying the general public.

The following are some recommendations and tips:

Windows Server 2008 and Vista/Windows 7 go together. The main reason is the networking for both has been rewritten from the ground up and provides much more speed. There is no issue in mixing desktops or servers to access Windows Server 2003 or 2008. Note, that Windows Server 2008 R2 has the Windows 7 interface and the plain Windows Server 2008 has the Vista interface.

Seasoned administrators who manage environments with Group Policy will quickly recognize that folder redirection is done for “Documents” and not “My Documents” as in Windows XP.

For most, you’ll want Windows 7 Professional on new hardware if you currently have Windows XP or you can upgrade from Vista in approximately 30 minutes. Stay with the 32bit version unless you have applications that support 64bit.

The quickest way to find a program is to start typing on the find menu, rather than the slow and tired Start/Programs/etc. of Windows XP.

Learn to pin common shortcuts and programs to the jump list for quick access and you can preview a Window by simply hovering over it in the taskbar.

If you have to provide directions often, use the Snippet Tool and you’ll be amazed.

Try the XP Mode if you have a legacy application that doesn’t seem to run, but we haven’t found one yet.

Do you remember 2001? Well that was when Windows XP was released. In terms of technology, that’s a lifetime. Mac/Linux may be as vocal and witty as ever, but they still have tiny market share because of mainstream incompatibility, lacking manageability, significant learning curve, and emerging security issues. Give Windows 7 a try on your next PC.