Recommended Practices: How to update technology

This is a multi-part series on recommended IT practices for organizations and their end-users.  Additional parts will be included in upcoming newsletters.

The psychological impact of an IT upgrade is significant:  Most employees are excited to receive new equipment (larger monitor, faster PC, better tablet), but often balk at a significant change – like introducing a new version of Microsoft Office – since their daily, tried-and-tested routines might shift, and not always for the better.  Also, these changes could impact their ability to get things done, even if for just a few hours during the cut-over.

In general, various groups involved might have different perspectives:

  • CEOs and C-level executives see IT as an influential asset that should increase operational efficiencies or provide a competitive advantage – either through data analytics or by enhancing the customer experience – but they don’t want the pace of technological change to inhibit growth.1
  • Professionals might be more willing to accept the changes (and the pain) that go with new technology, particularly if they see how these changes will help them succeed in their roles within the organization.
  • Middle management wants things to work the first time, every time. They are glad to have new equipment, but are concerned with keeping their direct reports functional and happy.
  • Office workers have the most to gain (or lose); some might be excited by the prospect of bigger-better-newer, but none want to lose what they had, whether it was an icon pointing to a specific file on their desktop or an older, label-printing application. To many, IT can be confusing and frustrating.
  • Line workers view technology primarily as a tool; when it is broken, replace it, but make sure the new one works the same as the old one or show me how to use the new one.

The strategic objectives of an organization also play a role in the process:

  • A growing organization will want improvement, but with a strong emphasis on planning to ensure that the direction taken is suitable, now, into the near future, and beyond.
  • A stable, slow-growing organization might focus more on replacement rather than on change, preferring to avoid the pain of a significant upgrade.

Typically, the management team develops the technology plan, either internally or with an IT partner like Bryley Systems.  (See how we helped Fourstar Connections through our Virtual CTO service.)  Needs filter up through the organization, typically during the budgeting process.  The implementation then filters down through the organization.

For technology planning and implementation, we recommend these steps:2

  • Define needs and requirements
  • Assess and select
  • Implement
  • Train

Define needs and requirements

Identify what you have before you decide what you need; a full inventory of all IT assets can remove the guesswork and point-out critical issues.  (We use Kaseya, our remote-monitoring-and-management tool, to inventory existing clients.  We also use Network Detective from Rapid File Tools to audit and assess new clients.)

Knowing what you need simplifies the decision and timing; having a good handle on where the organization is now and where it is going is critical, but also defining what constitutes success, and how to measure it, are important.

Consider these needs from the context of the different groups above; try to permit these groups to define their individual requirements within the overall plan.

Requirements can be as simple as counting new PCs or as complex as determining the best-fit solution to permit a quick recovery after a disaster.  Requirements should be recorded, categorized, prioritized, and then monetized.

Assess and select

We at Bryley Systems tend to err on the side of caution; we’re rarely early adopters and we don’t want to be far in front of the pack, but we do try to keep up with the well-tested tools and hardware that will improve our efficiency, particularly when this technology impacts our clients.

We also favor these technology-selection principles:

  • Business-grade (rather than consumer-class) equipment and software,
  • Well-known, USA-based manufacturers with time-tested credentials,
  • Available updates and ongoing support, and
  • Green and ergonomic (where appropriate).

Price should not be the overriding selection factor; a long-term investment should consider all impactful areas, including:

  • Going Green
  • Length of service

Going Green

In technology, going Green is mostly about reducing energy consumption:

  • Virtualization techniques can cut energy costs by efficiently using on-premise servers to house multiple platforms, both for server-based applications and for end-user access.
  • Tablets, Ultrabooks, and small-footprint PCs with SSD drives consume less electricity than traditional PCs with internal fans and moving parts.
  • Inkjet printers use significantly less energy than laser printers.

However, other Green factors can also apply:

  • Printers that print two-sided (duplex), reduce costs and paper use.
  • Multi-purpose printers that fax, copy, and scan increase efficiency.
  • Fewer components, each with higher value, simplify recycling.

Length of Service

Most technology decisions have a span of three to five years; newer, virtualized platforms and Cloud-based options can be significantly longer.  Due to the rapid pace of change, planning horizons are typically only a few years, but consideration should be given to the longer term.

Implement

Implementations work best with planning and preparation; knowing what to expect and being prepared to deal with anomalies can shorten deployment time and minimize user disruption.

A solid, reliable series of backups should be completed and verified before starting.

We try to schedule our automated deployments to occur overnight or over the weekend, often arriving early the next business day to sort-out any issues.

Train

Often overlooked and usually under-budgeted, training should be considered, particularly when deploying a software change that introduces a new interface to the end-users.

Training often occurs during implementation, usually by the implementer showing the end-user what is new.  However, pre-implementation training on any new technology platform will facilitate a successful transition.

For large-scale deployments of new technology, we recommend initial group sessions followed by refresher courses for those greatly impacted.

Sources:

  1. Dennis McCafferty of CIO Insight What CEOs expect from IT investment on 4/17/2015.
  2. Brian J. Nichelson, PhD, of About Money Keeping up with Technology – Four Steps and some Resources, undated.
  3. Susan Ward of About Money Information Technology Makeover, undated.

Bryley’s Client-Service Portal

Bryley has made significant investments in our business systems and infrastructure to enable real-time communications regarding the timeliness and quality of services we deliver. A result is that client-service requests (with resulting service tickets) may now be added, viewed, or updated through our Client-Service Portal.

This real-time environment is available 24 x 7 at www.Bryley.com by selecting “Login” from the upper-right corner of our home-page.  Registered users may perform these functions:

  • View the current status and details of their service tickets
  • Enter new service requests
  • Review invoices
  • View reports

To use this capability, please contact us at 978.562.6077 to setup a username and password.  Training is also available at no charge.

Bryley Basics: Current PC configuration for office use

Recommended configuration

We recommend brand-name PCs (HP is our preference, but Dell is also a US-based company with good products) with Intel processors and these minimum features:

  • 8Gb (or more) of RAM
  • A 250Gb (or larger) fixed-disk drive
  • DisplayPort video with two monitors

We typically deploy Windows 8.1 (or downgrade to Windows 7 upon request), but Windows 10 is slated to be released this summer.  Microsoft Office 2013 is the current version; Microsoft Office 2016 will be available in late 2015.

Favored options

We like these options:

  • SSDs (Solid State Drives) – SSDs are memory-only drives with no moving parts, which makes them durable and fast. They speed-up the boot process and work well for those that store large files.  Though they have dropped in price, they still add about $100 to the price of most PCs, but pay-off for high-end users.  (We don’t always quote these because of their higher price, but the boot-up speed is significantly faster.)
  • Ultrabook – Ultrabook is a thin, light, durable, high-end sub-notebook with reasonable battery life. Combined with a docking station, it’s a great, mobile alternative to a desktop computer.  Due to their sleek physique, most do not have internal DVD drives and have few external ports.

Most of our staff have an Ultrabook with a docking station, which works well for the field technicians and account executives.  Many of our newer PCs have SSD drives.

PC Refresh Schedule:  We recommend developing a PC-refresh schedule, one that meets the budget and objectives of the organization.  For example: Bryley Systems replaces at least one PC each quarter, which gives us a maximum replacement-PC cycle of about four-and-½ years for our 18 employees.

Email Best Practices

Recommended practices – Part 4:  Email use

This is a multi-part series on recommended practices for organizations and their end-users.  Additional parts will be included in upcoming newsletters.

Email is still the primary business application, although alternatives like texting and social media are gaining ground.  Most business people email to clients, prospects, vendors, stakeholders, etc. on a regular basis; they also accept emails from those in the outside world, occasionally with unforeseen consequence.

Organizations should consider email use in these areas:

  • Inbound – Email received by the organization’s end-users
  • Outbound – Email sent from end-users to others outside the organization
  • Etiquette – The appropriateness of the email’s message and content
  • Archiving – The ability to store and retrieve historic email

I’ll describe the specifics and offer IT solutions to manage each area.

Inbound email

End-users constantly receive email, usually without incident.  However, one misstep in responding can lead to a malware outbreak (or worse).  Plus, failing to block inappropriate email content, even unknowingly, can lead to legal repercussions.  (For example:  An employee could object to receiving an email with explicit pornography and decide to pursue legal recourse.)

Most email-based attacks occur via an attachment; the attachment holds malware designed to activate, usually without fanfare, when the attachment is opened.  Often the email message is enticing, in-disguise, or just plain compelling; the end-user believes that opening the attachment is the right thing to do.

Basic rules for opening an email:

  • Do not open email from an untrusted source; when in doubt, check it out
  • Do not click on an attachment before verifying its integrity
  • Always ask for help if uncertain

The best tool is an email-filtering service or device; a service sits outside your organization (Cloud-based) while a device typically sits inside (on-premise).

A Cloud-based, email-filtering service can improve Internet performance by reducing incoming traffic; all emails are captured by the service before they enter the organization’s Internet connection.  Some services (i.e.: McAfee SaaS Email Protection and Continuity™ or MEPC) also offer email continuity, which provides the ability to receive and respond to email even when your email server or email service is unavailable.  Most email-filtering services are billed monthly on a per-user basis, requiring little or no up-front expenditure.

An on-premise, email-filtering device requires upfront expenditure, but can provide a cost-advantage solution at organizations with many users.  To calculate the true cost per user, you would figure the annual cost of the device, add the annual maintenance fee and support costs, and divide by the total number of users.

Both offer advantages; pick one or use both.  (We offer McAfee Email Protection and Continuity and our Secure Network™ as service options, but also deploy, on-premise, Barracuda’s Spam Filter, Cisco’s IronPort, and WebSense.)

Outbound email

Outbound email should be secure; you don’t want to expose confidential details to an outsider.  However, email is typically sent via open-text format; the contents of the email are unencrypted and can be pieced together by others.

Email typically flows in this fashion:

  • Sender composes the email; this might be on a standalone application like Microsoft Outlook or on a web-based interface like Google Gmail.
  • Sender sends the email, which ships it to the sender’s email server/service.
  • The email server/service addresses the email according to the recipient’s email domain and then forwards it to the email server/service within the recipient’s email domain.
  • Email server/service within the recipient’s email domain receives the email, verifies that the recipient exists within this domain, and then forwards the email to the recipient.
  • Recipient receives the email.

Email within an organization’s email domain via an internal email server is usually secure; an external email service must be examined to ensure messages are encrypted between the sender, service, and recipient.

Security can be enforced through encryption, which offers levels of enforcement.  For example:  You can be forced to encrypt any email with the words “social security number”, but not encrypt other emails.  Likewise, you can encrypt all email from the Accounting team while not encrypting emails from the Marketing team.

Email encryption is available via external services (we recommend McAfee SaaS Email Encryption™) or through an on-premise device (Cisco IronPort or WebSense).

Email etiquette

You should consider what you are saying and how it might affect the recipient.  Even more important, for legal reasons, you should block inappropriate content and malware from being emailed by end-users within your organization.

Outbound policy enforcement and management is available as an external service through McAfee SaaS Email Protection and Continuity, which monitors outgoing email for inappropriate content and malware.  Both Cisco IronPort and Websense provide this capability on-premise.

Beyond the basics listed above, email etiquette extends to these areas:

  • Sending – Always verify grammar, spelling, courtesy, and content
  • Formatting – Don’t type all CAPS; use a white background for readability
  • Forwarding – Don’t forward emails unless relevant and desired by recipient
  • Attachments – Zip large attachments and virus check before sending
  • Privacy – Hide recipients email address when sending to a group

My favorite rules (which I sometimes break):

  • Don’t say things in an email that you would not say verbally to the recipient.
  • If your email is emotionally tinged, sleep on it overnight before sending.

For tips on email etiquette, please visit http://www.101emailetiquettetips.com/.

Email archiving

Archiving is all about reliable storage and quick retrieval; you never know what you might need to bring back to life or when it will be needed.  Saving tens or hundreds of thousands of emails can be challenging; finding the right email can be virtually impossible, but might be required at a moment’s notice.

Archiving can reduce management and storage costs while satisfying e-discovery and compliance requirements.  Archiving can also simplify requests for email histories during litigation.

We recommend these archiving options:

 

Bryley Basics:  Print from your mobile phone

CNet has a video demonstrating how to setup printing from your Android phone at http://www.cnet.com/how-to/print-from-your-android-to-any-printer-cloud-print/ using Google Cloud Print; we tried it and it works!

Turns out there are also options for iPhone users.

wikiHow offers these three methods to print from your iPhone:

  • Use AirPrint with an AirPrint-supported printer
  • Find a third-party printing application via the iTunes apps store
  • Send document to an alternate device (ie: Windows-based PC) and print

View the article at http://www.wikihow.com/Print-from-Your-iPhone.  Or, visit

http://www.cnet.com/how-to/how-to-print-wirelessly-from-your-iphone-ipad-or-ipod-touch/ for CNet’s video on setting up the first method listed above.

3 Simple Steps To Secure Your Mobile Device

Three simple steps to keep your mobile device secure:

  • Turn off the Wi-Fi capability when not using it
  • Turn off GeoLocator when not needed
  • Logout and lock when finished

See Ray Ramon’s article at http://www.smallbiztechnology.com/archive/2014/02/3-simple-ways-to-be-secure-no-wifi-no-geolocation-logout.html/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Smallbiztechnologycom-SmbNewsAndInsight+%28Smallbiztechnology.com+-+small+biz+tech+news+and+insight%29 for more information.

Bryley Basics: Encrypt your iPhone

iPhones, versions 3GS and later, offer hardware encryption; it is activated through the data-protection feature by enabling a passcode:

  • Tap Settings > General > Passcode.
  • Follow the prompts to create a passcode.
  • After the passcode is set, scroll down to the bottom of the screen and verify that “Data protection is enabled” is visible.

Note: Your encryption protection is only as good as the passcode; try to make this difficult to guess and keep it hidden.

You should also encrypt your backup for added security.  Check the “encrypt local backup” in iTunes if you back up to your computer.  If you back up to iCloud it is automatically encrypted, but be sure you have a really good iCloud passcode.

Maintaining your dynamic website

Guest writers: Al Morel, Carlos Ramos, and Dan Rouse of www.CommAreUs.com

Your car, house, and most things in life, take some amount of maintenance. Add to that list your website. A website can be comprised of thousands of files working with all kinds of tools and underlying code.

The days of ‘static’ websites, i.e. built with just HTML, is essentially over for most organizations. This article will speak to the steps to take when using a Content Management System, CMS, such as WordPress.

Your essential strategy is: BackupandUpdate.

Backup

This is your ‘get out of jail free’ option. Even if your website gets totally hacked, you forget to pay your hosting bill, the data center in Utah gets hit by a meteor, you should still be able to roll back and get your website back up.

With a dynamic site, it’s a little trickier because you have the site files such as the HTML and images, graphics, etc. And then there’s the database files, which in the WordPress scenario, starts at several thousand files.

The traditional method of backing up a site involves the lengthy process of manually backing up all your site’s files, exporting your database, and finally moving everything somewhere safe. There are software additions (called ‘plugins’ in the WordPress world) that will simplify this process and even automate it for you.

We add a plugin with all of our builds that lets you quickly backup, restore, and migrate a site – often times with only a single click. Most backup plugins will offer two different types of backups: full and database. Full covers all site files and the database, the database option only includes the database. The full backup is the safest bet and is generally the recommended option, however the database only backup might be more appropriate if you’re simply experimenting with settings on a plugin, or some other activity that only involves the database.

One key feature and advantage over manual backups, is that using a backup plugin allows you to set up an automatic backup schedule. For example, we recommend our clients schedule a weekly backup of the database and a monthly full backup. Manual backups can also be performed whenever needed.

In addition, most plugins have the capability to back up the site to your hosting server and to another source as well. So you can have redundant backups to a third party service such as Amazon S3.

 

Update

It is critical to schedule regular updates of your website as well. In WordPress, there are regular updates to the core code and also plugins. Your administrative interface or ‘dashboard’ will tell you when to update.

It goes without saying that no update (WordPress or Plugin) should be done before a full backup has been made.  Your dashboard will go to great lengths to tell you to backup first, so don’t ignore them! Although we haven’t seen many updates go wrong, it can happen.

Generally, we recommend to our clients that updates be applied as soon as they are available for security and stability reasons.

Once you have your backup completed, proceed to the Updates screen in the WordPress Dashboard. From here you can update WordPress, plugins and your themes. If you have an update to WordPress and plugins waiting, perform the WordPress update first, then proceed to update your plugins.

It’s worth noting that in recent WordPress releases (security and maintenance related) are installed automatically to promote better security.

 

Google’s ChromeBook – A realistic alternative to a Windows Ultrabook?

Google introduced its Chromebook in 2009; sales have increased and it can be considered a low-cost alternative to the pricier, Microsoft Windows-based Ultrabook, but Chromebooks have significant limitations.  Some also say that a Chromebook can replace a tablet, but comparison1 suggests otherwise.

Chromebooks run Chrome OS, Google’s Linux-based operating system integrated with Google’s Chrome web browser.  (Chrome was recently ranked the number one Internet browser used in the US with 31.8% of sampled traffic, followed closely by Microsoft’s Internet Explorer at 30.9%; reported by ADI, a marketing research branch of Adobe Systems.2)  As such, they are designed to be used primarily when connected to the Internet and are closely linked to Google’s Cloud-based services like Google Drive, Google Apps, etc.

Reasons to buy3 include:

  • User interface – Intuitive; easy to use and simple to navigate
  • Offline – Works best online, but supports some offline activity
  • Platform agnostic – Can access all Cloud-based data
  • Fast boot-up – Access the Internet within 8 seconds
  • Security – Google Rewards for bug notification
  • Apps – Growing application options
  • Price – Starts at just under $200

Primary disadvantages of a Chromebook:

  • Thin client that gets its best features only via an Internet connection
  • Offline mode requires setup and has severely reduced functionality
  • Fewer compatible apps and games than Windows-based devices
  • Limited connections to printers, scanners, and mobile devices
  • Low-end processor not built for intensive use

My take:  A Chromebook is a good, low-cost option under these circumstances:

  • You do not use processor-intensive applications (i.e.: games),
  • You use Google Apps for content creation and review,
  • Your data is completely based in the Cloud,
  • You do not connect to other devices, and
  • You always have access to the Internet.

Note:  Google dominates the search industry and makes its money through Google AdWords and other advertising programs.  The core emphasis of all of their efforts is to drive consumers to their advertisers.

Visit http://www.eweek.com/pc-hardware/slideshows/chrome-os-features-to-look-for-in-current-chromebook-crop.html?kc=EWKNLEDP06112014A&dni=132495452&rni=25374491 for an informative overview by Don Reisinger of eWeek.  And, visit Microsoft’s take on Chromebooks at http://www.scroogled.com.

REFERENCES

1Please see http://blog.laptopmag.com/chromebook-vs-tablet for the article “Chromebook vs. Tablet:  Which should you buy?” by Cherlynn Low of LAPTOP.

2Visit http://redmondmag.com/articles/2014/06/06/chrome-surpasses-ie.aspx for details on browser rankings from Kurt Mackie of Redmond Magazine.

3Visit http://blog.laptopmag.com/chromebook-buying-advice to review the article “Should I buy a Chromebook?” by Dann Berg of LAPTOP.

5 Facts About Malware

One of our folk compiled this brief list on malware issues:

  • Vulnerabilities in Java are the #1 exploited vulnerability.  (Java is a popular, computer-programming language used in web-based applications.)
  • One of the main causes of malware is “Drive-By Downloads” where all you have to do is browse a website or click on a website from a search engine (Google, Yahoo, Bing, etc.) and you are downloading an infection.
  • Sales, R&D, HR, and other, multi-user email-boxes are targeted by malware distributors since these recipients are the most customer-facing employees; they typically have busy mailboxes and are accustomed to receiving a lot of email and opening it.  They are also accustomed, as part of their jobs, to regularly downloading attachments (resumes, pdfs, etc.).
  • 88% of attacks are on non-government (private) entities.
  • Small businesses with less than 250 users are the most-targeted group.

Are you curious about how to avoid any of these common vulnerabilities?  A member of our staff would be more than happy to discuss the steps you can take to secure your data.