Looking Ahead to 2014

December is coming to a close and with it 2013 — a new year is nearly upon us. Looking forward to 2014, I wanted to make everyone aware of some changes that will be happening over the next few months here at Jacobs and Company B.I.T.S. First of all, I am excited to announce that we will be rolling out a new set of managed services. Our managed service offering is designed to simplify the IT environment and to provide a more efficient means of supporting you, our customers. Many of you may be familiar with managed services provided by other IT companies where your only contact is through some automated service call system. That’s not what’s happening here. We will still provide you with the same level of personal service you have come to expect of Jacobs & Company B.I.T.S. I will be sending out more information in the coming weeks about this new service and how it can benefit you. As part of the managed service offering, we are partnering with some of the top names in antivirus, security, and monitoring to provide the next best thing to having an IT staff in your office, us keeping an eye on your computers and network every day. Also, many of you might not be aware that not only do we install, repair, and maintain IT equipment but we also provide consulting services to help you determine the best way to use technology to help your business. You can think of us as a virtual CIO, dedicated to helping you align your technology with your business and processes.

In addition to rolling out our new managed services offering, we will be changing our rates this year. We will be raising our standard hourly service rate from $110/hour to $125/hour for all service calls not covered under the managed services agreement. This rate increase will take effect January 1, 2014. I will be sending out a reminder letter to all current clients shortly after the New Year.

The coming new year also brings with it the end of Windows XP. On April 8th 2014 Microsoft will no longer support the venerable operating system which has probably been the most popular operating system Microsoft has ever released. Why is the end of support for Windows XP such a big deal? On April 8th 2014 Windows XP will officially be the biggest security threat to any network still running computers with the operating system. Any new security holes found by hackers will not be patched and so the Windows XP machines become gaping security holes with no way to close those holes. Also, to a lesser extent, Office 2003 will also become a target because it will no longer be supported. It is important to get machines upgraded or replaced as soon as possible so that they are not left exposed. I recommend Windows 8.1. Windows 7 is an option; however, Mainstream support ends January 13th, 2015. What this basically means is that the only support available from Microsoft will be security updates and paid service. No patches or hotfixes will be released to improve or fix broken functionality after that date. So I will say it again — now is the time to upgrade to Windows 8.1 to get the most longevity out of your new systems.

2013 was busy and filled with excitement. I look forward to a continued relationship with all you in this coming year. I hope to continue to provide you with excellent personalized IT service and to help you get the most out of your technology in 2014 and beyond.

Building Your Private Cloud

The public cloud is growing every single day. New services and vendors are popping up all over the place. It is a veritable developer’s playground. The cloud is a big sand box, and you might not be ready to jump all the way in. Maybe you are only comfortable testing the waters with services like Cloud based backup. You know though your employees want and need access to company data and systems no matter where they are, so it is up to you to roll out a private Cloud for your minions — I mean employees– to work and collaborate from wherever, whenever, and on whatever device they want. In this article we are going to build on my Cloud Strategy article from last month.

Server 2012 is a great place to start building your private cloud, but not before deciding how cloudy you want things to be. What do employees need access to? Email…sure, documents…why not, applications, printers, fax machines, copiers, staplers, and the coffee maker?!?! Slow down there buckaroo! It’s easy to get carried away by the Cloud. I recommend we take it a step at a time. Maybe you have decided to put your email out on the public cloud — that’s great. In fact, email and backup are two services you really don’t want to have to worry about managing yourself. There are too many things that can go wrong when you are a small organization trying to build your private cloud. Let’s see if we can get everyone access to the documents they need on the file server. Direct Access in Windows Server 2012 gives you a way to have your devices securely connected to the network when they are away from the office. In the example of a Windows laptop or tablet, access would give consistent connectivity to file servers and mapped drives anywhere the device goes as long as it is connected to the internet. This on demand VPN connection secures the transfer of data over the internet using SSL encryption technology. A traditional VPN is also an option and may be supported by more devices. Here we would just get a router that supports client VPN connections or use RRAS on a Window server and after some simple configuration employees are connected to the network the same as if they were sitting at their desk. So we are connected from outside — now what? Windows laptops and tablets have the ability to browse windows networks. They come with the required interface to browse a traditional Windows file structure. What about iPads and Android tablets? There is an app for that, quite a few of them actually. I haven’t used one that is perfect, but they do the trick. Looking at this VPN solution and supporting mobile devices you might just be tempted to throw in the towel…don’t, it’s worth the work. There is nothing like not being on vacation but feeling like you are as you sit in a coffee shop working, not missing a thing.

Ok so you want to keep going. What about applications. I will tell you that from my experience running a network connected application over a VPN is in almost all cases a recipe for disaster. I mean it is so slow and frustrating for the user that they really want to just throw the computer out a window and forget the entire thing. The exception here is a well written web application. So what now — my xyz software is the heart and soul of you entire operation. Well I am a huge fan of Remote Desktop Services, and I have written about it several times. We could set up a RDS server and install the applications on that server and the problem would be solved. But what if I want my desktop, the same one I have at my desk…I like to see my cat every time I minimize my apps! Well we could talk about virtual desktops or if you have a physical desktop at the office that employees use at their desks we could simply turn Remote Desktop on their office computer, allowing them to have that same desktop experience in the office and out.

Creating your own private cloud is not beyond the reach of smaller organizations. In fact, almost everything I talked about in this article is available and nearly pre-configured for you in Windows Server Essentials. Windows Server Essentials is limited to only 25 users in most cases, which will not work for offices with more than 25 users. The important thing to note here is that planning is key when developing your private cloud. It is a good Idea to determine a few key items to make available in your cloud then decide the best way to accomplish that task by determining what methods and devices you will support for access to your new fluffy white cloud.

Next Generation Firewalls

What is a “Next Generation Firewall?” Well, in the simplest of terms it is a firewall that is more than just a firewall. The Next Generation Firewall is a firewall that is smart and evolves as new threats are discovered. Gartner describes Next Generation Firewalls (NGFW) as “deep packet inspection firewalls that move beyond port/protocol inspection and blocking to add application level inspection, intrusion prevention, and bringing intelligence from outside the firewall.” (http://www.gartner.com/it-glossary/next-generation-firewalls-ngfws) What a mouthful.

So here is the technically non-technical breakdown. The internet is made up of addresses; each address is like an apartment building with lots of apartment numbers for different services on the internet to use to communicate back and forth. These are known as ports. When ports are open, messages can get in or out. The firewalls of old could open and close ports and could define rules as to what could access those ports. Kind of like a guest list at a hot night club. Hackers are smart, so they learned how to get around these lists by hitching a ride with people on the list, and right into the club the hacker goes. Suddenly, firewalls aren’t enough. So devices like Intrusion Detection systems were built to sit in line with the firewall then other devices that looked at the application information that was being sent and the data in the packets and layers were added until the network edge looked like a complicated electronic onion.

The NGFWs integrate all these layers and add intelligence. Rules called heuristics that look for known patterns of attack and are updated frequently to reduce the time the attacker has to use a new attack. Sometimes this intelligence is updated within hours of the first report of a new attack. This functionality allows the firewall to sometimes filter viruses users have clicked on even before it makes it to the user’s computer to be dealt with by the antivirus software.

NGFWs are an important part of a solid security plan, and if you haven’t looked at your firewall in the last few years you are way over due for a checkup. It is incumbent upon you to keep your customers’ and employees’ data safe, and the firewall is on the front lines. If your firewall doesn’t fit Gartner’s description of a Next Generation Firewall, it’s time to start evaluating a new firewall as soon as possible.

The Digital Wallet

Anyone who has ever watched or read fiction set in the future has likely come across the concept of credits. Electronic currency accepted everywhere in the galaxy. In these stories, your credits are often tied to either some personal computing device or can be summoned up using a hand print or retinal scanner or some such biometric device. In the future, only scoundrels , rogues, and villains use physical currency because it is harder to track. Well here, we go down the rabbit hole again because fiction may be becoming reality sooner than we think.

Bitcoin has made recent waves in the news. Bitcoin is an experimental, open source, universal payment system. It is also a kind of digital economy like a global electronic version of the euro. Bitcoin represents a desire to shift currency from national economies to an open global economy. The value of the Bitcoin rises and falls like any other currency in the world though it is not tied to any one country’s economy but to the economy of its users. It is very volatile and a lot of countries refused to exchange Bitcoins for varying reasons. Bitcoins are cool, high-tech, Sci-Fi things, but they are flawed and the openness of the system leaves too much of the security up to the user.

While Bitcoins may be too far out there for most folks, the idea of the digital wallet seems to be catching fire. A few years ago the hot cool tech everyone wanted was a phone with NFC (Near Field Communications) capabilities. NFC would allow you to store your credit card info on your phone then when you were ready to pay all you did was wave your phone over the scanner and the transaction was done. It didn’t really seem to catch on though with vendors. This is probably due to the fact that they would have to buy new machines to process the transactions. Recently, a new technology has caught my eye. Taking the idea of a digital wallet on your phone and bridging the gap between the digital wallet and the existing card swipe systems. Coin as it is simply called allows you to load your credit cards, bank cards, even your gift cards onto your phone then transfer them all to a single digital card that is compatible with credit card machines out today in the marketplace. A single button allows you to scroll through your cards to select the one you want to use to pay. Simply hand the card to the clerk to swipe, and you are good to go. It even has a nifty security feature. It can pair with your phone via Bluetooth, if you separate the two the card locks and the app on your phone alerts you that you may have left your coin behind. These neat little guys are due to start shipping in the summer of 2014.

While Bitcoin is a great experiment, it is a little like jumping into the deep end of the pool to see if you can swim. Coin however may be the first real stab at consolidating all our methods of payment and may also harken the digital death of physical currency.

Developing a Cloud Strategy

I have written a number of articles talking about the power of The Cloud. I realized recently that, like most of the other articles on the Internet about The Cloud, my articles have had nothing to say about how to use The Cloud.

How do I use The Cloud is a pretty open-ended question that can only be answered by another equally open-ended question. How do you want to use The Cloud? As we have discovered, The Cloud is really just the Internet, and you can do just about anything over the Internet these days. With so many possibilities, a plan is required so you don’t lose yourself in the possibilities.

Start by identifying things you do or would like to be able to do either yourself or across your company that can be done using one of the types of services we have explored in this newsletter previously. Any cloud service, from easier off site back up to document collaboration can be a starting point for your cloud strategy. Now it is time to begin working on a plan to implement this new cloud service.

Let’s use document sharing and collaboration as our example. How many users do you need to license? Will you be sharing these documents with users outside your company? Now that the ‘who’ is out of the way, let’s look at some more questions you should consider as you plan to make the move into The Cloud. How will you teach employees to use the new tool? Will you require them to use the tool as part of your daily work flow for working on documents or is it optional, available as needed?

The next thing to ask is simple, “What next?” What is next for a document once it’s finished being collaborated on. Are you going to archive the document on the cloud service until it’s lived its useful life? Can the cloud service be used as an archive for a growing document library? Can it operate in a document archive capacity? Will you instead move each document to another system for the rest of its useful life, to a system designed for document archive? Will this archive system be hosted in The Cloud or locally?

I am going to stop here with the questions. Hopefully by now you can see that there are enough questions to warrant some serious discussion between business and IT about the who, what, when, where, why, and how of planning your strategy for using The Cloud. Remember that while The Cloud is many things, magic is not one of them. It is important that you have a clear vision and goal for your cloud strategy. You might be able to get away with pushing this planning off until tomorrow, but tomorrow is coming and sooner than you may realize. Every day I see more companies pushing the applications they provide my clients into the cloud while still supporting existing on site systems until cloud adoption tips the scale and it becomes too costly to support the onsite solutions. The day these companies get it all working right in the cloud is coming, and embracing this change will be your only choice. It’s time to be proactive with IT and to evaluate the cloud based solutions that support your business needs. It is time to start making the transition today before your competition does.

Holiday Gadgets are Coming

Christmas is right around the corner and that means lots of new electronic devices will be invading the office. Are you and your IT team ready for the onslaught? Here are my predictions of what is likely to be under the tree. If you haven’t found the perfect gift for that tech lover in your life this list might be just the ticket you need to stuff that stocking.

My wife asked me this year to find the top toy on the market for my sons this year, you know this year’s Tickle Me Elmo. I was not at all surprised electronics topped the list just about everywhere I looked, for nearly every age group. Consistently finding a place on these lists were smartphones and tablets, even for the elementary school ages of our boys. I wasn’t really surprised, these devices have taken over every aspect of our lives, and of course our kids want them too.

Starting off with phones we have the iPhone 5s. This phone needs no introduction. It is fast and has everything you have come to expect from an Apple iPhone. In the realm of Android devices the Samsung Galaxy S4 is still a solid contender with its large screen, multiple processor cores and Android jelly bean. This is a great device for the Android lover in your home. The Sony Xperia Z Ultra is a beautiful device with staying power. It advertises up to 16 hours of talk time and also runs the Android jelly bean operating system. I would be remiss if I didn’t mention at least one Windows based phone and in my opinion the only one worth the mention is the Nokia Lumia 1520. This phone is solid and sleek. It boasts 24 hours of talk time and multi core processor. The Lumia 1520 runs Windows Phone 8 with all the cloud integration that you find in Windows 8 plus Microsoft Office is built right in. For work or play any of these smartphones are sure to make a great gift and will certainly be showing up in the office after the holidays.

Moving on to tablets I see many of the same contenders. Devices running iOS, like the iPad Air and the iPad Mini are sure to be on someone’s Christmas list. The iPad Air is light and thin and deceptively powerful for its petite exterior. The 64 bit A7 chip is a powerhouse tucked away in the thinnest, lightest tablet I have ever held. If you are all about books, movies, and games the Kindle Fire HDX is a fantastic tablet for consuming all of your digital content. It is fast, easy to use and has a beautiful high resolution screen. If you want to take full advantage of the Android operating system and the Google ecosystem the latest Google Nexus 7 is worth a look. It is fast, fluid, and guaranteed to give you access to the latest features of the Android OS by allowing you to upgrade to the latest version as soon as it is available. Something you don’t always get from other Android devices. Last but not least is the Surface Pro 2 from Microsoft. This isn’t just a tablet, it has all the functionality of a Windows 8.1 laptop. It can run full Windows applications and is chock full of awesome. If your laptop can do it so can the Surface Pro 2.

I am sure your IT people will be more than happy to “borrow” any of these new devices from you when you bring them in to have your work email set up. Be aware that we may need several hours to ummm, test the performance of the device before it is returned to you. Seriously though these new devices will be coming into the office, they will be connecting to your wifi and using your internet bandwidth so before the holiday season is over you might want to talk to your IT people about whether or not your WiFi and internet can handle the new devices or make some adjustments to your BYOD (Bring Your Own Device) policy.

Pass-Phrases are the new Black

In the 1983 movie “A Christmas Story,” Ralphie sends away for a secret decoder ring so he can decrypt the secret message at the end of his favorite radio program. Ralphie was very disappointed in the message he decrypted, but hackers would be more than happy to decrypt your passwords. Passwords like Ralphie’s message are somewhat disappointing in their ability to protect our important data. Pass-phrases are a much better method when used with something called a cypher key like Ralphie’s ring. I will show you how to create a cypher and encrypt your pass-phrase to use to protect your data and accounts.

Let’s begin by choosing a phrase. For this exercise our phrase will be “The new black”. Now we need to determine how to encrypt the phrase. One fairly simple way is to replace certain letters with numbers and symbols. For example, all of the letter “a” will be replaced with the question mark. The letter “e” will have the dollar sign substituted for it. Spaces will be numbered using odd numbers starting with 3. The rules I have chosen to encrypt my pass-phrase were chosen fairly randomly and are fairly simple. Let’s have a look at our new pass-phrase now:

Th$3n$w5bl?ck

The phrase looks nothing like what we started with. If you use this new string of characters as your password, an attacker would have a very difficult time figuring out the password. You can record your password unencrypted under your keyboard where we all know you hide it any way, and it would be just as safe as if it were in a high security vault as long as the cypher for encrypting the phrase is not close by. You can even send your password by email to someone who knows your cypher without fear of it being stolen in transit. I’m not saying you should be posting your password on Facebook, but if you protect your cypher you probably could and still sleep soundly at night.

Like with your old passwords, it is important to change your pass-phrase regularly. You should also change your cypher, maybe not as often though. I would recommend changing your phrase once a month and changing the rules for your cypher about once a year. One last piece of advice, you should have more than three rules, but the rules shouldn’t be so complicated that you can’t use them. Find the balance that works for you and run with it.

Virtual Desktops

Virtual desktops are not new. I have talked about them before and about new software that makes virtual desktops and applications more seamless for employees. No virtual desktops of one sort or another have been in use since the days of the old green screen terminals that ran sessions on massive mainframes. I find though that I see more and more value in virtual desktops today for smaller businesses than I did just a few years ago.

The mobile revolution has spawned the use of the tablet. Tablets are great on their own. Tablets can run powerful applications and are mobile yet highly connected. People are buying tablets for personal use and bringing them to the office or using them to bring the office home. People are setting aside their old laptops in favor of the comfortable, light weight, instant-on appeal of the tablet. New tablets like the Surface Pro 2 allow a full laptop experience in a tablet form. Storage space in my opinion is a bit of a concern to me still in these new devices not to mention security and control. Enter the virtual desktop.

The virtual desktop can be built from scratch or from an image of an existing physical computer.

You also have the ability to quickly create new virtual machines from a template with all the apps an employee will need already installed and configured. The best part is you have full control over the environment without needing to manage your employee’s new phone, tablet, or laptop. With a virtual desktop you and your employees keep the work part of their technology separate from their personal part. Using virtual desktops can even save you money. If you provide hardware for your employees to use at their desks you can use lower cost hardware for longer periods of time without having to upgrade them. Upgrading the virtual desktop is as easy as changing some settings to allocate more RAM or processor cores from the server to the desktop. If your employee uses their personal device to access your system you might not even need to purchase a desktop for your employee, saving even more money. The BYOD (Bring Your Own Device) trend can be used to work in your favor. Now that Microsoft has released remote desktop apps for Android and iOS based devices you can now connect remotely to your virtual desktop from just about any device on the market. Because Windows 8.1 is touch enabled the Microsoft Remote Desktop app passes touch gestures from your device right through to the virtual desktop, giving you a native Windows touch experience. Your Virtual Desktops don’t have to be Windows 8.1 but there are certainly some advantages if you are connecting to them from touch enabled tablets or laptops.

Setting up virtual desktops doesn’t require a lot of hardware or software. At a minimum you need a server running a hypervisor like Microsoft HyperV or VMware ESX and licenses for Windows. Hook the server up to your network, build some virtual machines, and join them to your domain. Assign the virtual machine to an employee and give them access through remote desktop and you are off and running. I would not recommend this set up for more than a very few users or for testing purposes but at the most basic level that is all you need to get started. Some evaluation of hardware requirements for the server and additional management applications may be needed to scale this solution out to larger numbers of employees.

Microsoft and VMware both have solutions for managing virtual desktop infrastructures (VDI). Microsoft had an add on license for software assurance license customers called the Microsoft Desktop Optimization Pack which includes usage rights for the Microsoft Virtual Desktop Infrastructure. This solution also relies on the use of another Microsoft product called System Center Configuration Manager which is used to manage the configuration provisioning of the virtual desktops. The VMware Horizon Suite is a suite of products that similarly helps to manage and provide access to virtual desktops allowing employees to access their business environment virtually from almost any device. These solutions for VDI come with some upfront cost that is not insignificant but is well worth looking into if you are interested in making the move to a virtual desktop environment and empower your employees to be productive on any device, anytime, from anywhere in the world.