Office Document Strategies Blog

Connectivity Means Competitive Advantage

Posted by Lee Kirkby on Wed, Nov 15, 2017 @ 07:11 AM

Virtually every business today has some sort of need for connectivity for its computer and IT needs.  Whether it is using cloud based applications to process data and transactions or using a cloud based data backup strategy the ability to get on line safely and quickly is almost a given.  

Unfortunately not all locations are equal in providing competitive options for businesses to get this needed connectivity.  The greater the need and the more intensive the connected traffic then the more the locational decision for a business can be impacted.

In a couple of articles over the past month ITbusiness.ca has shown how cities and their partners are starting to look at these issues.  The focus of these articles are on Toronto and the announcement about the Google neighbourhood announced for the water front and also on a plan to rate buildings in Toronto on their connectivity capability as a means to build competitive advantage.  

Read More

Topics: IT network, Canadian IT, Canadian Pricing

Lessons From AWS S3 Outage

Posted by Lee Kirkby on Wed, Mar 8, 2017 @ 07:03 AM

Anyone who spends any time watching news reports about technology issues is aware that there was a significant outage of Amazon Web Services (AWS) last week.  There were many major organizations who experienced outages as a result of the failure and it was a little time before news got out to tell us what happened. 

Amazon has been forthright in saying that it was an error in their system combined with some long time format issues which caused the problem.

"Removing a significant portion of the capacity caused each of these systems to require a full restart. While these subsystems were being restarted, S3 was unable to service requests. Other AWS services in the US-EAST-1 Region that rely on S3 for storage, including the S3 console, Amazon Elastic Compute Cloud (EC2) new instance launches, Amazon Elastic Block Store (EBS) volumes (when data was needed from a S3 snapshot), and AWS Lambda were also impacted while the S3 APIs were unavailable."  

What started out as a fairly routine maintenance activity escalated into a systems delay which had a major impact on a large number of organizations.

How a single typo brought the internet to its knees

Fat finger: Typo caused Amazon's bigcloud-computing outage

Just a couple of the hundreds (maybe thousands) of articles which have been written to deal with the outage.

What Might We Learn From This Situation?

In spite of the overall reliability that such large IT systems offer there are a few things that any IT operator might learn from the situation that Amazon experienced and that led to some uncomfortable hours for many of their customers.

  • No matter how rigorous your design and procedures are unforeseen actions can and will happen when you are dealing with IT systems.  Understanding how to deal with them by thinking ahead about what is most vulnerable in your operations is critical planning.
  • Even large well resourced organizations can be caught out by not continually understanding how their systems have grown over time.  Amazon says in their explanation that one of the things which contributed to the problem was the growth of their systems built upon older components that had not been restarted for a long time.  When the restart was needed to deal with an unplanned occurrence it took much longer than expected. How vulnerable are your systems to this kind of delayed response?
  • Sometimes it is hard to find out what is happening when your systems go down.  For many of the organizations and the world of users there was a break down of information about what was happening and where the problem was.  Isitdownrightnow.com one of the sites which is commonly used to identify individual site issues was itself affected.  It was through Twitter that many people learned about the outage and that the problem was an external one.  What information tools do you have to finding out if problems are localized or widespread?  Have you articulated a well planned checklist so resources are not wasted if the fault is not internal? 
    • Personally I was trying to use an online News aggregator which I check daily and got an "No Content" message from their page.  Unfortunately for them I thought the problem was caused by a push they had on to encourage users to upgrade to a new version of their service they were promoting.  I totally misread the situation and for a few hours was really frustrated by their service and support.  Wrong response from me as they were impacted by something that was beyond their control.  This should be a caution for us all as we can easily come to a wrong conclusion about what is happening in an IT situation when we don't have the facts.
  • Know what systems, services and organizational needs are affected by each and all of your IT structures.  Is your VOIP affected by something you are not aware of due to its need for Internet connection?  Could you financial systems be affected if your bank connection was not available for an extended period?  How many people would be idled if you lost a 'cloud' connection to key software?  How much would the downtime cost/ What customer related activities might suffer?

Having answers to these types of questions is an important part of any business plan.  In our highly digitized world it may be necessary to maintain some analog systems which could keep you functioning if the digital infrastructure has to be shut down.

I know of one local company that actually maintains a paper based 'emergency' system for all of their order desks so that customers would not be totally inconvenienced if the electronic systems they normally rely on got shut off.  They have a formalized recovery procedure on how to capture the data from the paper system into the electronic one when it is again back on line, without creating duplication, or inconveniencing their customers.  Can your organization says they are this prepared for a failure?

Luckily, IT systems are very robust normally, and system administrators take the need for security, backup, redundancy and planning seriously.  This means that for most organizations they can operate each day without a threat of disaster hanging over their heads.

However, as the recent AWS, S3 issue has shown even the top professionals in the space can be caught out and even with a pretty quick recovery there can be a large amount of inconvenience, confusion and disruption.  

Lee K

Read More

Topics: digital tools, cloud computing, IT network

Auto Everything Is Becoming A Common Thread

Posted by Lee Kirkby on Wed, Jan 11, 2017 @ 08:01 AM

The CES show in Vegas is the annual event which sees much of the showcase for current and future trends in technology.  As its name implies (Consumer Electronics Show) the focus is at first on consumers but much of what appears here has implications for the commercial and business market as well.  

Read More

Topics: IT network, digital tools, automation

Incremental Change May Not Reflect 2017 IT Issues

Posted by Lee Kirkby on Wed, Jan 4, 2017 @ 07:01 AM

As the new year starts off it is common to look at what the researchers are saying about the newest trends in IT, technology in general and what may be the flavour of the coming months. 

Read More

Topics: IT network, IT connectivity, Canadian IT, Canadian Pricing

4 Top Data Security Practices | IT World Canada Video

Posted by Lee Kirkby on Wed, Sep 28, 2016 @ 08:09 AM

Data security is an issue for every connected company in Canada.  Figuring out what to do to help you keep your critical information safe is a challenge for everyone but probably even more of one for the typical business professional without solid IT background. 

This recent video published by IT World Canada offers some helpful insight through a Data Security Consultant's eyes which can assist business managers to focus some of their attention in the right places.  In most instances it will take the assistance of someone with a solid IT security technical background to set up your operations to carry out the suggestions made in this video, but it can go a long way to help you ask the right questions and perhaps determine who could be the right fit for your needs.

In summarizing the video, CSO Digital: Security Situations series editor Ryan Patrick highlight four things:

  • Implementing effective security awareness for all in your organization, new and old employees
  • Maintaining the right levels of access to data of each type, with privileged access only to those who need it
  • Protection of data at source, as close as possible to where it resides, internally or in the cloud
  • Implementing threat hunting practices to help identify activity on the network which is outside of the norm

 

Read More

Topics: data security, IT network

Cloud Document Management Fights Crypto Ransomware

Posted by Lee Kirkby on Wed, Apr 27, 2016 @ 09:04 AM

One of the most insidious kinds of spam and malware that is currently active around the world is what is known as Cryptoware or Ransomware.  This attack gets users to open a type of malware which starts working on the user's workstation to attack files with extensions from common document type software.  

Read More

Topics: docucapture, IT network, IT Scams, digital filing

Train Your Employees On IT Network Security

Posted by Lee Kirkby on Wed, Jan 20, 2016 @ 08:01 AM

Most business managers have concerns about their computer networks getting compromised either due to direct hacking or the inadvertent impact of someone downloading malware.  This just makes sense.  On the other hand how much time is spent teaching their users about how to avoid problems and what to do if they suspect there is an issue?  

Recently, PricewaterhouseCoopers reported in a global study that Canadian information security budgets had a significant increase over 2014 but fewer than 57 percent indicated their organization offered security training and awareness programs.  The participants in this study will be larger, more formalized firms so we can safely assume that with so many Canadian companies being SMBs (Small Medium Businesses) the percent taking the time to educate their people will be even lower.

PwC's report indicates that Canadian cybersecurity incidents increased by 160 percent year over year which shows that the problem is not going away.  There is some good news in the report in that Canada is actually doing better than other world wide jurisdictions.  This means we are not the worst at dealing with this kind of business risk but the percentages indicate there is much more than could be done.

One are identified as being problematic is the impact of connections to in house systems made by partners.  This could be the visiting technical or sales person who connects to the office network and introduces a problem by mistake.  Simple isolation steps through guest logins and isolated IP ranges can help to mitigate this kind of intrusion and most organizations could have this basic security provided.

Of course the more depth of access a user or guest has the greater the risk to the business so proper security planning and policies (if enforced) can help to protect from these challenges.

Basic to all of this, however, is making sure that employees understand the importance of IT security to the business (it could be a survival issue if the intrusion is serious enough) and that they are trained to be able to identify how they can participate in a protection regime.  The solution starts at the hiring stage as IT policies are spelled out, the consequences of violations explained, and the steps to be taken if a problem is experienced outlined.  

Read More

Topics: IT network, network security

LIFI May Replace WIFI In Some Locations

Posted by Lee Kirkby on Wed, Dec 2, 2015 @ 09:12 AM

In 2011 a UK Professor, Harald Haas, demonstrated how using a simple LED light and a photo receiver it is possible to transmit data without any radio or hard wired connection.  Using subtle changes in the light intensity data is transmitted quickly and securely to a receiving device.  This design has been designated LIFI. 

A startup company based in Estonia is bringing the technology to market to enable it to support the wireless data needs in an office.  Here's the founder showing how it works.

Some of the benefits of this technology can be the security by retaining the light source and receiver within one location without leakage to surrounding rooms as with WIFI.  The transfer is faster and uses much less energy as well.

The inventor of the LIFI system presented a more detailed explanation of how it works at a recent TED talk and demonstrated how current LED infrastructure combined with available solar cells could potentially be used to become part of a LIFI system.  One of the big benefits of this use is that there is less need for new installations and thus a lowering of the power requirements for supporting data transmission.  The solar cell used as the capture station for the LIFI can continue to be used as a capture source for the energy it holds as well.

Here's Professor Haas showing how this all works and explaining how he sees it impacting the needs of our future wireless and internet environment.

 

Read More

Topics: IT network, WiFi

Windows Server 2003 Support Ended

Posted by Lee Kirkby on Wed, Jul 22, 2015 @ 08:07 AM

The date has come and gone for the end of Microsoft support for Windows Server 2003.  July 14th was the announced last date for security patches to be provided for this highly successful server software.  It has been predicted that as many as half of Canadian firms still have at least one server operating with the 2003 server software.  

With the end of regular security releases the potential for some sort of breach on these servers to occur increases over time.  The warnings have been out for some time but now action is needed. Those players who seem to take joy in finding ways to hack people's systems or who wish to attempt penetration for nefarious purposes will put greater effort into find vulnerabilities in the Server 2003 platform since they know that those vulnerabilities can be long lived without regular corrections.

Since 2003 was such a popular installation the numbers of potential targets are still large, unless companies (you?) take action now to replace the 2003 Server with an alternative.

Of course this becomes a time for upgrade.  Given that 2003 Server is over twelve years old, a lot has happened since its release and therefore there are many potential gains to be had with installing newer server software to be the backbone of your systems.

Probably the best bet if you are able is to jump to Windows Server 2012 R2 the current release of Microsoft.  There are many robust new features available in this platform that you can use to enhance your operations.  Of course one of the first things you need to know is whether your other line of business applications are supported on the platform.  If not then you may have to consider other solutions.

It is still possible to install Windows Server 2008 which was the release after 2003 but obviously it is not going to offer all of the latest enhancements nor will that installation likely have as long a life cycle as moving to the more recent release.  The one benefit is that many more line of business applications are going to have been rewritten to match up with this version of the server software simply because it is so much later in its life cycle.  Most currently offered packages will have been upgraded to this level for some time now and any bugs or issues should be well ironed out.

The biggest challenge for some companies may be if they have custom developed packages requiring the 2003 server software and there may be the need to reprogram or find new alternatives to be able to move on.  Given the inevitability of eventually having to replace the server making the changes now as soon as possible makes a lot of sense rather than investing more effort in anything based on running Server 2003. Of course doing this is not going to be easy but it can be accomplished with effort and planning.

Part of the challenge for migrating is making the decision on what to go to.  For many companies this involves a decision on whether to remain on their own servers or to move to a hosted or cloud environment.  both of these options have value but bring a whole new set of concerns to address before final changes are made.  When the decision makers are less comfortable with IT needs or lack in house skills to conduct assessments it makes it even harder to decide.  Servers have become the core of many business operations and no one wants to gamble on their operation.  This is where knowledgeable help is often needed.

If your decisions are not made by now, you are already behind the curve and will have to put some real effort into catching up.  Unlike workstation operating systems, server operating systems have a much larger overall impact on a business and it is much harder to isolate them from the network environment. When XP support was ended some systems might be taken off the network and still used for a while.  For a server this is almost impossible since the whole reason for a server is to facilitate centralization and interaction between users on the network it supports.

Windows Server 2003 has done its work for a long time and with great reliability and results for thousands of users. Its time has come.  It is time for it to have a rest and be replaced.

Lee K

Managed Print a better way

Subscribe For Notice Of Each Article

Photo:  Windows Server 2003 logo trademark of Microsoft Corporation.

 

Read More

Topics: server software, IT network, network security

IT Security Remains A Key Issue For Canadian Business

Posted by Lee Kirkby on Wed, May 27, 2015 @ 08:05 AM

One of the publications I follow regularly is IT World Canada.  Regular readers of this blog will know that I refer to some of their articles frequently, partially because they take a broad view of what constitutes I.T. and that helps me to see a wide variety of issues which can affect office environments. 

Read More

Topics: IT network, network security