Years ago, when the Internet was in its early stages and High Speed was the “New” thing many of us relied on a “dial-up” connection for backup. And as HS became more stable and the need for dial-up lessened we dropped our dial-up lines and thus our backup. Not really a good thing, however, today’s network would barely survive if we had to use a dial-up connection. Mainly it doesn’t support a fast enough bandwidth to support today’s internet needs. However, as the HS race continues, we are faced with troubling times when there is an outage. And often, the outage has nothing to do with us, or even our Local ISP from which we get our service. Internet traffic flows along the www highway between many nodes. If some some reason, one of those nodes goes down. So might our traffic. And if the node is close enough, it might bring out entire internet down. Now, this may be infrequent, but, should it happen can you survive without, and for how long. If this is a concern for you, then you need to employ failover technology to your network. Usually, this requires the need for specific failover routers which allow the connection of multiple internet providers. Obviously, this would require two ISP accounts and thus a costly one, but, how much is lost if you go down. Some of today’s devices also allow for the use of Wireless Aircards (cell phone carriers) for the failover or backup.
If downtime is a concern, or already a problem, don’t wait til it happens again.
Because, what was safe a year or so ago is no longer safe. Many of us relied on remote access programs such as PC Anywhere, Remote Admin and even Remote Desktop to connect to our computers while on the road. However, unless we have a strong username, and an even stronger password it might not be enough as the hackers know all the tricks and looking for the easy ins.
Having a VPN, usually proprietary to the MFG, coupled with strong UN/PW provides a much greater firewall against the ‘hacker’. A VPN connection not only requires a VPN sharedkey password, it requires the users UN & PW. However, the drawback to that is if your computer or laptop is stolen, then it becomes imperative to change the Shared Key immediately. The VPN also provides encryption of the data through the tunnel so if by some means the stream of data is compromised, your data is fully encrypted.
Another form of VPN, which eliminates the need for a VPN client being installed on a desktop or laptop is the SSL VPN. The SSL, short for Secure Socket Layer, is the same protection that is utilized in e-commerce and financial transactions on the web. As you hopefully know, https (vs http) is what you see (URL) when on an SSL connection. Basically it means that a secure connection (Shared Key) has been made and all traffic is encrypted. An SSL VPN connection allows the client to use any computer with web access (Internet Browser) to make a VPN connection via SSL.
Another advantage of either VPN method, is that it allow you to further secure your firewall by sealing an open port. And the less ports open, the better your odds of someone hacking in.
The other day I had a referral call as they were having issues with their network and needed some quick help. Within just a few minutes of surveying their network I had my answer. I didn’t know what the problem was, or how bad it was, but I was quite sure I knew why. And it is probably one of the biggest, and equally, one of the most common problems out there.
The old adage, that the strongest chain is only as strong at it weakest link. Well, utilizing a ‘consumer’ grade router for a network and then having the wireless setup so that employees/customers can get online is a DISASTER just waiting to happen. And so it did for this client and so many others. Just cause it works at home or a friends, is by no means reason to trust it for protecting your business. Most of the time when I explain that in this scenario that any wireless user has access to your entire network they look bewildered. — Well, what else would you expect! And if you are saying “I have a password”, just as my new client stated, wake up! Think about it, now your patients, clients, employees or any of their friends now have it too. And betting bottom to dollar, it will be one of them that hacks you. Scary huh!
If you must rely on ‘consumer’ grade routers or products for your firewall protection. Then additional hardware, configuration and setup is 100% necessary if you also want to provide secure wireless. Even if it is for your employees! An unhappy employee is just as likely to give you something to remember as is your run of the mill hacker.
Your data and your network are your livelihood. Is it worth the risk. And sadly, this won’t be the last time I see it happen. No matter how many times I say it!
About a month ago I dropped my cell phone while running and it broke — so I was now forced to get a new phone. I had test drove the Sprint Instinct when it hit the market and returned it. Even with all it great features, it did less of what I wanted then my flip phone. But, now I had no choice and settled the HTC Hero. Can’t say I truly love it, as it has some serious issues. But, it get’s the job done. Yes, there are some cool apps, but about the only plus it has over the old phone is the ability of getting and viewing my emails. However, that is not the purpose of this post.
I had also recently purchased a Netbook, for portability. As for workability (actually doing work on them), they are pretty bad. Any who, the introduction of this device created a new problem in that it does not have a slot for my wireless air card – not good.
Now, I could have purchased a new USB air card and swapped between the two, but opted for the ‘cooler’ toy the Sprint MiFi. The MiFi is an air-card and 5 user wireless router all in one tiny package. So, using my current data account, I can now share a wireless (Wifi) connection for upto 5 devices. Now, I can have both my laptop and netbook online – all at the same time.
No more plugging in a usb device into the laptop. No more applications to run. Simply connect to a Wifi account an you are good to go. And now you can share the signal if needed.
The device is about the size of a credit card and slips into my top pocket. Takes a few seconds to go from on to broadcasting the Wifi SSID. The only drawback is battery life, and the more users or bandwidth used, the faster it drains. I usually only need it for short durations, but towards the end of a day it is wasted. Unfortunately, you cannot plug the USB into the laptop and keep it charging while using it. You can plug the ac adapter in, but that doesn’t do much for you one the road. I did discover that you can keep it chaaring by plugging it into a 12V usb car adapter via a usb cable.
So, for all you mobile air card users, the MiFi is the way to to go….
In the past, I maintained a backup of my primary working drive on my laptop, so that when I was mobile I had what I might need. However, I had to change my way of thinking, and operation as I feared the day that I would lose or my laptop would get stolen and all that data would be compromised. So, I had to change how I did things.
Now when I travel, I maintain no uncompromisable data on my laptop. If I do need to work on a file, or get something, it takes only a few minutes to securely connect my laptop to my network and away I go.
This same connection provides me full UTM protection as I would have from my office. The downside to this is that I have to have an internet connection and it takes a few extra minutes to get connected. The upside is, that the most I will ever lose is the laptop, and they are replaceable. Certainly a good excuse to upgrade.
So, if you are one of those mobile workers, and you keep private data on your laptop, this might be a good time to consider changing the way you do things.
There is a great deal to consider when you take your office on the road. Pretty much the same issues that you have in the office, but with added problems. Security, Data Protection and UTM.
How do you protect your laptop from attacks, viruses and threats when you are mobile. What is the best means of keeping your data safe and/or out of the hands of someone else should the unthinkable happen and your laptop is lost or stolen. An how can you securely communicate with your home or office when on the road and using public hot spots and untrusted Wifis.
For those of you who currently hit the road with your laptop without addressing all of the above, hate to say it, but it is only a matter of time. And in all honesty, the chances are actually greater of something disastrous happening when you are mobile.
Utilizing a full featured firewall can provide you the peace-of-mind of being safe and secure while on the road.
UTM stands for Universal Threat Management. In today’s market we are no longer in fear of viruses as they are now only a small part of the threats against us and our computers. Let’s take a look at some of the key threats; gateway and network anti-Virus (GAV/NAV); anti-Spam (AS), Phishing (AP), Intrusion Protection (IP), Application Intelligence (AI) and Content Filtering (CF).
How do we manage all of this? If you have a business or even a small home office with more than one computer you address these threats at the point of attack. Each computer. And the more computers you have the more UTM applications you have running. As the number of computers grows, so does the number of application and along with it, yearly renewals to keep it up to date. And as you increase this number, you magically increase the chance of something going wrong. And the last thing you want is an unprotected device.
Wouldn’t it be nice if we could take the UTM from each device and put it in one place and have it protect the network instead of the computer. That is primarily what a Firewall Device is designed to do. Not only does it greatly reduce the overhead of maintaining UTM on each device, it centrally controls it. It also increases the security level of your network as now as any would be attacks are now at the firewall device rather than your computer.
Part of having good Managed Services network is to employ the right equipment. This goes beyond having a sophisticated router to protect your network and data. Having UPS (Uninterpretable Power Supplies) on you equipment is surely a MUST. But one thing so many people miss is all the additional hubs and switches we may have within our LAN(s). Once again, I see so many ‘consumer’ grade product out there that I shutter. These devices might be good for the home or home office, but, they can really do an injustice when mixed in a large LAN. They are like dead ends. Aside from them not being designed for ‘commercial’ use, they do nothing for helping your IT personnel in troubleshooting a problem.
Then answer is simple, Managed Switches. These are switches with a lot more brains. Let me step back and quickly define the difference between a hub and switch. A hub routes all traffic to all ports. Thus any data coming in to the hub is output on all ports. Whereas, a switch is a little smarter in that any incoming data is deciphered and the data is then placed on the proper output port. Thus, reducing the overall traffic flowing within the device. A Managed Switch is a switch that can be managed, or addressed. It has an IP similar to any other device on the LAN and can be probed for status and operation. Thus, an IT person can see if a router is up and running just like they can a workstation or server. There are many other features that can be found on a Managed Switch (Later Post), but the key is that it can be tested.
Last week countless hours were saved at one of my Managed Sites as I was able to within just a few minutes track down and resolve an issue where a number of workstations went offline. Although the device (Managed Switch) had not failed, I was able to determine that a wire was either out or bad. I ended up the former and the whole mess was cleaned up simply by pushing the the plug back in. All of this was done remotely, minimal downtime and a satisfied client who is happy I had him invest in Managed Switches.
Welcome to the new yourimage.org site. Out goal of this site is to keep it updated with new information, technologies and solutions. As we move into the new era of Managed Services, away from the traditional “Break-Fix” way of life we need to keep up with the times and provide a means of defining the many benefits of taking a pro-active approach.
In addition, we have purposefully migrated our website design and support on the Content Management System model. This has proven itself over and over from both an end-user and support aspect. So, in keeping with the ‘new’ and to practice what we preach, we have built the new site accordingly.
As the new site get off the ground, we will be doing our best to keep it fresh with new content. We hope to see you soon.
The old saying is “if it ain’t broke…don’t fix it”. But, when it comes to that box that is now the heartbeat of your business fails, we go into a tail spin. And you have now stepped into the world we know so well as Break-Fix! How long and how much is always the question. And the answer is never pretty.
Is there an answer, or solution, to breaking away from this way of operation? Of course and it is called, in technical terms, Managed Services.
Can it help and benefit you? If you could monitor the status of your network and computers and address an issue before it becomes a problem – wouldn’t that be a great asset.
Don’t wait for the next meltdown to find out more.