|
Computers and networks are a necessary business expense. Read on to learn how to simultaneously keep these costs low and still enable your business to do more. |
|
It’s no secret that the cost of buying a PC for business is only a fraction of the total cost of ownership. Between desktop management, power, security, and end user support the total costs of ownership is at least 3 times more than the PC itself.
Now there’s a quiet computing revolution afoot. It’s called “thin clients”. Thin clients are a very small computer about the size of a paperback book. They can be this small because they typically have no moving parts and no hard drive. These thin clients have no internal storage and instead relay on the network and a server to start up and function.
End users still get a complete, desktop that behaves just like a normal PC. There is no change to the applications or desktop environment, no application sharing and no retraining required. Administrators can allow users to install applications, customize their desktop environment and use local printers and USB devices. Users also get better support because Help Desk technicians can perform tasks in the data center that would normally require an in-person visit.
These small devices completely replace a personal computer and bring several benefits. The hard costs are far lower for multiple reasons; Initial purchase price is a fraction of a PC; there is no need for constant hardware upgrades; and their simplicity means they are more durable and last longer. All the data is stored on the server so there is no need to backup files on the client. Security is greatly enhanced since the thin client cannot be used a way for hackers or viruses to attack the network. And finally, there is no need to constantly apply security patches to thin client like there is in a typical PC.
So it seems that thin client computing is the way of the future and will replace all personal computers of the future.
Not so fast. There are many cons to it also. Obviously this won’t work for road warriors that get most of their work done on planes and such. Although there are now mobile thin client machines, they still require a solid connection to the internet to function.
The most obvious downside of the thin client environment is it just doesn’t work well with many companies. Thin client technology wouldn’t work at all with CAD systems and desktop publishing or music editing or high end uses of PC. So it’s the best fit for users who never need to take their work home and perform mostly data entry tasks like point of sale solutions or word processing. For most companies, the right answer is a combination of thin clients and PCs.
Many companies that have been around for a while have legacy applications that they use all the time. Many of those just won’t work at all in a thin client environment. It’s a case-by-case basis and would be expensive to roll out.
In fact, that’s probably the biggest downside to thin clients is the startup cost. With a PC you can just buy a PC, stick it anywhere and the PC is working by itself and immediately productive. Thin clients require a back office foundation that can support hundreds of thin clients – even if you are only deploying one thin client. So there’s some break-even point where it might be more cost effective to buy 10 PCs than to build-out thin client infrastructure. You have to do the math for your situation to see where critical mass takes place. In any event, rolling out even one thin client will require a serious commitment by senior management.
What would be really sweet is a service that would host and manage the thin client infrastructure so a company that wanted even one thin client would only need to pay for that one client without making the large investments that are necessary today. Who better than Kinetix to provide such a service?
Stay tuned….
Yeah! The new iPhone is here. And Apple has clearly focused on making the iPhone 3G a viable enterprise device. I never thought I’d see the day that Apple is touting integration with Microsoft enterprise products on their home page.
Apple licensing Microsoft Activesync for the iPhone 3G is truly a huge deal. I blogged last year in “Apple in the Enterprise” that Apple will never be accepted in the enterprise until they embrace 3rd parties. The corporation is no place for non interoperability. Well, here they are interoperating with the giants of the enterprise Microsoft and Cisco. I think this represents a change in core values of the company. Maybe Steve Jobs has realized that Apple is not alone in the technical world and embracing the best of breed in competing technologies is how Microsoft got to where they are today.
The specific features I’m talking about is support for Microsoft Exchange Active Sync, Cisco VPN support, and centralized device configuration software. For me, those have always been the most important features of any the mobile device. Not the camera or how polyphonic the ring is but can it deliver the data that I need and can I manage dozens of them from one location? It looks like iPhone meets that criteria. It’s a device to seriously consider for the current Blackberry lovers.
Apple even provides checklists and sample deployment scenarios. The documentation details how the iPhone will fit in with an Active Directory network, and Microsoft’s Internet Security and Acceleration server. All very un-Apple like.
But for all its apparent love of the enterprise the iPhone is still a closed system. While developers can now develop applications for it, Apple maintains tight control of the developed software which can only be obtained through Apple’s App Store. The App Store hasn’t launched yet, but I’m very anxious to see the kinds of programs Apple (and presumably AT&T) approves of. For example, most smart phones can act as a high speed internet connection for your laptop using a Bluetooth PAN to 3G bridge application. You can be chatting on the phone and downloading movies at T1 speeds while sitting in a moving car.
No iPhone has supported that killer feature. Apple is declaring the iPhone is the best phone for business, EVER. If they provide a genuinely open development platform and support things like Bluetooth PAN to 3G bridge, they will have a point. Until it does, it will never be a viable phone option for me.
And don’t get me started on the whole cut/paste thing.
But Microsoft Exchange is the best messaging product available and if the iPhone natively supports Exchange then we are happy to support the iPhone. If you are thinking about rolling out the iPhone in your enterprise then give us a call.
A senior executive of a client recently lost a laptop. I say “lost” but really it was just stolen. While waiting at the airport someone sneaked it away while the client was reading the newspaper. He was devastated. There was critical business data on the laptop that he had no other copy of.
Now, most people know to backup their corporate enterprise database. Businesses, as a group, have gotten much better at doing this kind of thing I think lately. So they are comfortable that the corporate enterprise database is protected from loss. But what we’re seeing now is that key people – VIPs, CEOs, CFOs – keep enterprise critical data on their laptops and nobody but them knows it’s there, so nobody but them knows to back it up.
If they lose their laptop, damaged from a rainy day or stolen in an airport, (it happens all the time), then that data is gone forever. And, potentially worse than gone forever, it actually can be hacked by even the most casual hacker.
If anybody has physical possession of your PC there is virtually nothing that can stop them from getting all the data off of it. Password protected with a windows logon? Irrelevant! They don’t need your password, there are dozens of tools that can unlock a PC where the password was lost, and they can get the data off no problem. This poses a real problem because not only has your company lost the data and can’t get it back, whoever stole the PC now has the data. They can look up financials or whatever it is they want.
It doesn’t have to be this way. The solution is encrypting your data. State-of-the-art encryption ensures that no hacker will gain access to the data. Even if the hacker uses a hacking tool to reset your password.
There are excellent technologies built into Windows, specifically Vista, that A) allow you to encrypt the data that is on your laptop hard drive automatically and B) automatically synchronize this encrypted data with server to back it up. It’s all very elegant.
Say you modify a file while travelling on a plane. Those changes are stored on the laptop. Then as soon as you get in a hotel and connect to the office network (using a VPN presumably) then it synchronizes with the office server and that data is immediately backed up.
This is a perfectly executed solution to a real problem. Assuming your server is then backed up correctly you will not lose any data and it has no chance of falling into the wrong hands.
This can be enforced with a network policy that is applied to every user on the network. It is transparent to the user. So the real benefit is that the executives don’t need to always be on their toes about data on their PC.
This week the federal government announced they arrested 38 individuals for stealing personal security information over the Internet. These individuals were part of a very large and well organized crime group. There’s big money to be made in this type of crime, it’s relatively low risk with high reward--this problem is not going to go away. These guys stole millions of dollars from thousands of people. They impersonated hundreds of financial institutions like Wells Fargo, Citibank, and Paypal. They sent out fake emails that looked like they were from legitimate financial institutions to thousands of people. These emails would coerce ignorant readers into giving critical financial information to the criminals. The cyber criminals captured the information and used it to steal money from their accounts and credit cards.
Make no mistake; spam and phishing are organized crime activity and pose a serious threat. They’re more than just an inconvenience that fills up your inbox. The best approach to preventing this from happening to you or anyone in your company is with multi-layered spam filtering. And by “spam” I also include phishing.
There are 3 layers to an effective anti-spam strategy.
First Layer: Block the most obvious spam messages at the network gateway and prevent it from ever reaching the server. This layers uses lists of known spammers and automatically drops all mail from them. With the most obvious messages are blocked, your server and network have to work less and are better able to handle legitimate email.
Second Layer: A more intelligent spam filter on the email server itself, where the email server can look at the content of the email and perform intelligent filtering based on the action content. For emails in a grey-area, it can mark them as suspected spam.
Third Layer: The users email reader on their PC is the final gateway. The user can specify how strong they want the filter to be—high, medium, low—block the most obvious spam, let in only legitimate email.
The biggest hurdle with spam filtering is that it often blocks legitimate messages, and that’s not acceptable to most people. No spam filter technique is perfect because the spammers are constantly changing their techniques, so the filtering approach has to constantly change also. Consequently, legitimate emails will get incorrectly labeled as spam, and spam emails will get incorrectly passed on to the user’s inbox and not be labeled as spam.
That’s why this three-tiered approach works the best because all the obvious spam is blocked before it reaches any server, and then the user can fine-tune the filtering at a very close level to them, so personal preference plays a role here. If a user is more concerned about missing legitimate mail, or legitimate mail being incorrectly identified as spam, they can set their personal filter a little looser. If they’re more worried about getting a lot of spam in their inbox, they can set their filter to be a little more aggressive.
There’s really a forth filter; your skepticism. Be skeptical. Be very skeptical. The fact is that no reputable institution is going to ask you for what these phishing messages ask you for.
On Monday the Supreme Court upheld a 2003 federal law that makes it a crime to offer or solicit child pornography. The law was challenged as being overly broad because it applied whether the material actually exists or not, but the Supreme Court upheld it. This is yet another indication of how seriously the courts take these laws.
Many courts have even said that it’s the responsibility of businesses to monitor their computer systems for any wrongdoing, especially pornography. If the business owner suspects the employee of any wrongdoing, it’s their obligation to monitor their systems and then report to the authorities.
While these types of rulings are fringe right now, there is a clear trend here. The goal seems to be: Make businesses responsible in some way for any individual employee’s actions.
The companies who get into the most trouble are those that completely ignore these laws and take no steps toward monitoring or blocking employee internet use. The best way to show a reasonable effort is with 1) Have a policy 2) Make sure the employees know the policy and 3) Prevent access to pornography in the workplace.
1) Have a Policy: The business must have policies in place for what constitutes acceptable use of the computers, emails, and the network. Not having a written policy puts your company at serious risk.
2) Share the Policy: The policy must be communicated to the employees. Most mega-corps require you to acknowledge the computer use policy every time you log onto one of their computers.
3) Prevent access to pornography in the workplace: Or at least follow up on every report seriously. Failing to enforce the policy is worse than not having a policy. In some cases businesses have been held liable when the business knew that the employee had child pornography on the computer but did nothing about it.
Clearly the best course of action is for a company to continuously monitor their network to give them the best chance of stopping, or at least detecting inappropriate usage of their systems.
But even when companies do the right thing, it can cost them. In one case an employee was fired for downloading pornography at work after it was detected by the corporate IT department. The employee filed suit stating that it must have been someone else in the office sneaking onto his computer. The company did not have a good network security model and they weren’t able to show that it was definitely the terminated person who downloaded the pornography. So he won the suit against the company for unfair dismissal and the company had to pay damages.
This kind of market need to both monitor and verify the user has been answered by several new products that directly address these problems. A single inexpensive device can do this, and determine who in the office, is accessing what content, and when. These types of devices are also very useful for ensuring that your company network speed isn’t used up by people downloading music or playing online games.
You can set up rules on these devices allowing lunch-hour surfing. Or say if there’s someone in the company researching breast cancer, they can go to sites that other employees couldn’t. You can set it up by employee, time, computer, by day, and then see reports of usage. Another benefit of these types of systems is prioritizing the traffic on the network, so if you have an online payroll application that is more important than, say, listening to Internet radio, then the corporate application traffic will take priority over any other traffic.
No matter what technical solution you have in place – first have a written policy.
Short answer - plan for them.
Med answer - study them so you can plan for them.
Long answer - Over the years we've learned a lot about what causes computer problems. What's interesting is that regardless of the type of business our experience has been...
- We know that at least 80% of all unplanned downtime can be prevented with a proactive approach to monitoring and management
So enter Managed Services. Managed Services is the industry way of saying - we take the risk, and we pay for any problems. So we do our best to prevent any downtime. We make sure anti-viral us running, the patches applied, the backups done, etc. But the real value in managed services is preventing emergencies.
- Before a managed services approach 20% of all downtime is emergencies
- After a managed services approach has been implemented less than 3% are emergencies.
The goal of course is to have zero emergencies.
But you should know that this data is based solely on sub-500 person companies and they handle internal controls more... "flexibly" shall we say... than enterprises. That's why small companies have far more to gain from a managed services plan.
So what are you waiting for - one phone call to Kinetix means you can have only a few minutes of computer emergencies per year. Please forgive the blantant advert, but I'm so exited about our new service: Virtual Server-Room.
This represents a huge leap in what is possible for a small business.
Why?
Because the Kinetix Virtual Server-Room solves several large problems facing business today...
- The cost of mainting a secure, cool and save place for a server
- The cost of data loss
- The cost of server hardware
- The cost of support
Using our massive server hardware to run your Small Business Server means you never have to buy server hardware or user licenses. But the best thing is that you never need to worry about anything relating to your server.
We can provide a server to you that runs on our hardware at our data center. Our data center is more secure, more reliable, faster, and has less chance of downtime than any office environment.
The best part - it's only $200/mo over our regular Zero Downtime fees. That's AMAZING!
Lastly, a hearty "thank you" for the gacious clients that have beta tested this new service for the last several months.
I have this reoccuring dream where companies do not need to buy server hardware, or pay for wiring a new office space, or even have a phone sitting on every desk. It's going to be a beautiful day when all the capabilities of a strong IT infrastructure are delivered completely over broadband internet access directly to the PC.
It's closer than you think. Many companies already offer virtual phone switching equipment where all the voice mail and everything else phone-related is handled offsite.
Next month Kinetix will announce it's Virtual Server-Room product. Which allows companies to have all the power and performance of an enterprise-grade onsite server without any of the hassels or costs.
It is easily concievable that a company could give every employee a cell phone, use laptops with cellular WAN internet access, and the Kinetix Virtual Server-Room.
The result?
- No servers
- No wires
- Vastly less downtime
- Vastly cheaper infrastructure
- Employees that can work from anywhere
Come to think of it, I think my dream is coming true!
Why do many business people constantly choose to pay the least possible amount for services? Even when the difference in cost is minuscule!
News flash - you really do get what you pay for. Some examples...
Web Hosting-
You can host your corporate website for $20 a month or for $20 a year. Now some people might assume the $20 per month is a rip-off. But if your customers are worth more than $200 a year then the opposite is true. If you want your primary advertisement to embarrass you for $200 a year then by all means...
Another example is Domain Registrars-
GoDaddy, Register, etc sell domains at a loss. They are advertising companies. They make their money by quickly taking ownership of any domain as soon as the user misses a deadline or violates the complex policies. Then they show advertisements on the domain and thus take advantage of any marketing that has gone toward the site. Even their user utilities are filled with ads. This says nothing of the performance and support, which are both "bottom-notch".
And my favorite example is IT Consultants-
We moved from the hourly pricing strategy so this doesn't really apply to us anymore. But so many decision makers hired the consultant with the lowest hourly rate - not thinking that maybe that less experienced person would take more time to do the work! Or worse, would screw something up that cost far more to repair. I can't remember someone ever asking for references or certifications before they ask for the rates. That's backwards...
I feel strongly that paying per incident for any IT support service is exactly backwards. That's like paying a home builder for every window that leaks.
There is a beginning trend (of which we are a part of) that is charging a flat fee for unlimited support. That way it's in everyone's best interest that when a problem occurs that it doesn't occur again.
You get a virus, it's our fault, so we fix it for no extra charge. Somebody hacks your server, it's our fault and we make sure your stuff is backed-up because our company financies are on the line if it isn't.
If you are still paying your technology consultant to make mistakes - give us a call - we can help.
|
|
|
|