Inside The Mind

Why do I obsess so much about backups?

They’re the single most important thing you can do to protect your business data. From anything:

• Careless user deleted files? No biggie. Recover from your latest backup.
• Malicious user deleted files? No biggie. Recover from your most recent backup before they messed with things.
• Server crashed and corrupted the accounting file? Take a deep breath then recover from your most recent backup.
• Virus copied itself onto all your files? I’ve seen worse. Rebuild the machine then recover from your backup.
• Windows Update killed your system? Reinstall…and…you guessed it, recover from your backup!
• Hurricane destroyed your office? Make sure all of your people are okay, then guess what? Recover from your off-site backup!

A properly-planned and executed backup routine acts as insurance for your business. No matter what goes wrong…if we’ve got a good, tested backup we can bring you back to a “known good” point.

Which is not to say that other protection is not important; we don’t want to get infected with viruses, encourage poor internet control, or allow physical abuse of the computers.

If these things happen, though, we need to be able to recover recent enough data to keep you in business.

I noticed the other day that my blog wasn’t accessible via RSS feed. The problem is corrected. Evidently I put some “extra” characters in my posts that weren’t handled by wordpress.

Look for much better posts on a more regular basis, starting later this week!

I see a lot of computer systems compromised by virus, malware, or other nasty stuff. One of the first questions people ask me as a “tech guru” is WHY?

Why do people work so hard to hack, write malware, and compromise our systems?

Why to we need to work so hard to patch, install antivirus programs, scan, update, and protect our systems?

It’s one of those questions that requires some thought, and investigation into several major global problems. There are a few common threads, though:

Most hackers are outside the US. They live in places where law enforcement has a difficult time with basic protection, never mind keeping some American company’s information safe.

Because of this there’s the chance of a (relatively) big payoff with very little risk. If they can find a credit card and charge $200 worth of stuff it’s worth it.

While the first generations of hackers were concerned with notoriety, the newer groups tend to be much more practical, and are often connected with more traditional organized crime.

They target social security numbers, credit card numbers, bank account numbers, and username/password combinations. There have also been some reports of hackers stealing dental or medical records to attempt insurance fraud.

The value of a computer “under control” can escalate very quickly along several steps:
-infected computer under hacker’s control can be used to launch attacks against other computers
-scan for credit card numbers, SSN, bank account routing numbers
-scan for usernames/passwords to banking sites
-scan for usernames/passwords to popular internet sites
-scan for data that looks like financial records
-scan for data that looks like medical records
-install a key-logger and “sniff” for anything matching the above

Through the last few years, the “WHY” has become much easier to explain. It’s about feeding money to the criminal ring.

Coming next week, Part 2: Threat Overview.

I have a few clients who have learned the hard way about tech “gotchas”

• Windows Vista Home can’t be easily upgraded to work with an office network
• Small Business Server isn’t as easy to set up as they make it sound
• Phone company techs don’t always know what they’re doing with networking and computer gear
• Cell phone salespeople will tell you ANY phone will work with ANY office messaging system, will cure cancer, and ensure world peace.

It makes me money, sure, but it also ticks me off because there are better things to worry about than Windows upgrade paths or supervising One Communications techs. (Or Verizon, Comcast, or Charter…they’re all in the same boat).

I hate when incompetent people mess things up for the rest of us. I hate having to tell a client, “This isn’t going to work with your office systems.”

If you call (or e-mail or whatever) for a few minutes of cheap advice before you buy that snazzy new iPhone I can explain what you need to get business e-mail on it.

If you call (or e-mail or whatever) for a few minutes of cheap advice before you buy that snazzy new notebook PC I can tell you what it needs in order to connect to your office network.

Let me give you the facts to make an informed decision about tech stuff. Otherwise we’re crying over spilt milk in a very expensive way.

I’m a big fan of the new Lotus Foundations Start small-business server product. This is the old Netix product that IBM bought a few months ago.While the folks at big blue seem to be pointing to the product line as something for operations with no server, I see a good market for small businesses who want/need a reliable, low-touch server that doesn’t need constant “care and feeding,” particularly in markets where they need to be more cautious of security and privay concerns. Frankly, I’m not sure I trust the “cloud” vendors with my entire business and personal data. But that’s another story.This makes it a natural fit for businesses that are (or will soon be) looking to update their aging SBS2003 servers. I’ve done some searching and have not found much for resources specific to the LFS product line.

I’m starting with the IBM “Migrating from Microsoft Exchange 2000/2003 to Lotus Notes and Domino 7″ guide from IBM http://www.redbooks.ibm.com/abstracts/SG247777.html?Open , as well as the techdoc on “How to Migrate users and their mail files from Exchange to Domino using the Domino Migration Tool” http://www-01.ibm.com/support/docview.wss?rs=899&uid=swg21178441

I’ll post updates as I find more info. 

I’ll be continuing my “Disaster Planning in a Month” postings later this week. -Greg C

What are you afraid of?

I’m afraid of clients who haven’t done backups. They generally don’t have any plan or clue what to do when bad things happen. A few minutes of planning now can literally save your business if a catastrophe occurs.

Not a tech thing

Disaster preperation is NOT a technology thing. It’s a business process where you figure out what you need to continue to do business in the face of different circumstances. Then you figure out how to “make do” with the resources available.Hard drive crash? No power? No Internet? Damage to the office? Widespread disaster?Think of this as First Aid training for your business. With a little forethought you can stay in business during the worst of times.

Start planning. Now.

You never know when bad things are going to happen. Or exactly which bad things are going to happen, in what order. You need to be able to adapt your business processes to whatever situation comes up. This is a lot easier with a few basic pieces of info and mini-plans.

Take Stock.

Get a 1″ looseleaf binder. Label the binder “Disaster Operations Plan.” See? You’ve already made a start!Grab a notepad. During the next two weeks, write down the critical bits of info that you need to run your business.Who are your contacts? Where are your orders? What can’t you work without? How do your employees get paid?Remember that this will be a “living” document that you’ll be updating on a regular basis.Next time, we’ll look at where our most important stuff is kept.-Greg C

Over the weekend I was talking with everybody I met about my new business venture, and I heard the same basic ideas many, many times:

• there are lots of talented people who are out of work or very afraid for their jobs
• many of these talented people don’t expect to find full-time employment any time soon
• lots of them can make $50+ per hour doing consulting or other part-time assistance for other small businesses
• many small industries can get along just fine without extensive travel or office costs. I don’t need to see my lawyer face-to-face every time and my accountant can usually use remote access to look at the books.

I foresee many of these people being “locked out” of the conventional workplace for some time, well into 2009. Although they will not have big IT budgets, as they start to grow and turn profits they will start to need help in several areas. I think that 2009 will see the rise of millions of tiny home-based professional businesses. The challenge? lend a helping hand to them while protecting our current business relationships and making sure we get paid. This looks like a great time for IBM’s Lotus Foundations servers.

Big news is coming the week of 12/8/08.It’s time for a major business and life decision.Stay tuned.

One of my business partners asked me a question last month. She asked me what value I bring to very small clients (1-3 computers). Knowing that “anyone” can set up a network that simple with reasonable success, I didn’t have a good answer at the moment.

After thinking about it, though, it’s the same concept as my bigger business engagements. To paraphrase Karl Palachuk (a small business tech guru):

I don’t mess with things I’m not able to fix. 

I’m trained, certified, and experienced. I’ve set up dozens of small-to-medium-sized networks so I know how to do things. I follow industry-standard best practices to ensure that networks are secure and stable. I have see what can go wrong and know how to mitigate it. It’s amazing how many “computer consultants” try to implement the same solution no matter what the customer needs…or specify software that’s not properly licensed, and still charge full price. I have access to Microsoft and “community” support so I can get through problems quickly.

I’m professional. I’ve been in business with the same phone number and e-mail for more than ten years. I have a reputation as an expert in the field and work to maintain that. I have liability insurance in case things go wrong. My customers know that although planned maintenance sometimes drags out and gets rescheduled, when they have a major problem I’m generally able to give it my full attention within hours. I arrange for coverage during vacations so that my customers’ needs are met.

I’m trusted. Over the years I’ve built strong relationships with many of my clients. They know that they can trust me to provide the highest level of service. If I make a mistake I will admit it and make it right. They don’t need to go to Staples or Circuit City and hope they come out with the right stuff. One call, one appointment, one check to me and their needs are met. There are no “gotchas.” The experience and training? That’s given me the knowledge to develop spreadsheets and checklists to make sure we’re looking at things like disaster recovery, antivirus, licensing, and power protection.

I am independent. I have several different technologies available. I help my clients choose the one that’s best for them…not for me or another vendor. 

In short, I take care of the technology so that my clients can take care of their business.

The downside, and the challenge, is that many people have basic computer skills. But the same argument works in many other areas:

  -anybody can take pictures, why would I hire a professional photographer? Because a pro doesn’t have out of focus shots with distracting backgrounds and red-eye.

  -I don’t need professional training…I can buy Video Professor for $49. He won’t answer my questions, through.

  -My nephew is a Toyota mechanic; he’s going to rebuild the transmission in our company’s Mack truck next weekend.

Although there are certain kinds of prospects that seem like a more natural fit, the same concept works no matter what business size. If the job needs to be done quickly and correctly, with up-to-date security and using best practices, then I’m your guy.

Whatever our business we need to remember why our customers come to us and what value we bring to them that others can’t.

These are the answers that are going to help us stay open in any economic client.