Unsecured Wireless

September 8, 2010

Like most office buildings, ours has a small custodial office located in a mechanical room off of the ground floor.

A few days ago I was having a brief chat with a building heating / ventilation contractor and commented that I have been seeing him here a lot – and that I hoped that there was nothing major that was wrong with the building!

His response?

He told me that the unsecured wireless network that someone in this building has was great for him to check his email.

The SMB Takeaway

If you have any wireless access points in your facility, and they are unsecured, it may not just be the HVAC repair guy that is accessing your network

Unsecured Wireless

Photo Credit verdammtescheissenochma via flickr

Advertisements

In many businesses, the importance of IT, just like that of your plumbing, can only be truly appreciated when it stops working.

However, in most cases there were signs that failure is just around the corner.

You miss these warnings when you do not take a holistic view of your IT services.

All the time.

Not just when something has broken and people’s work grinds to a halt.

Broken Plumbing

Photo Credit TumbleCow_old via flickr

If the power goes out?UPS- Protect From Power Surges!

Computers, servers, even your phone system dies.

Most small business are aware that having those little backup batteries called a UPS can keep things running for at least a short while if you lose power.

However, in many cases, we underestimate the benefit that these little things provide. So a common argument? if the power goes out for a bit, it will come back anyway. And if it is out too long that UPS battery won’t help for more than a few minutes, so why bother?

That is a perfectly logical, and a perfectly correct argument.

But let me tell you why those Uninterruptible Power Supplies are absolutely mandatory in your business

A question; how much did you spend on your phone system PBX?

OK, how about the dollar value of the servers, and the data on all your servers?

Forget Power Failure – How About…..

A quick story, I briefly lost power in my office this week.  Sounds simple enough – But……

It was not that the power failed.

It was that an electrical surge hit the building that overloaded and blew breakers.

And guess what.

The surge was strong enough that it partially melted the battery in the UPS that protects our phone system.

Read that again. The battery was melted!

If that UPS had not been attached to my phone system, that power surge would have just melted the phone system.

Maybe a hundred dollars or so for the UPS, versus thousands for the PBX system.

Go ahead and flip a coin.

In this case you lose with heads or tails.

The SMB Takeaway

Add uninterruptible power supplies to your must do first thing Monday morning list.

You can get updates to this blog by clicking the RSS icon on the Home Page!

Photo Credit oskay via flickr

When IT Abuses Trust

April 23, 2010

IT Theft

You follow every good practice in the book to ensure that your data is secure from prying eyes and security threats.

Then you find out the prying eyes are your IT staff.

Here is another incident reported by Mike Schaffner in this post titled; Keeping Data Safe From IT Snoops

Let me be clear: It is theft. And I am sure it happens more often than we realize.

Larger SME’s, you must play with the big kids on this one. Create, implement, monitor and audit your network and physical security policies.

For smaller organizations it can be harder due to lack of resources. But it is not impossible.

Along with some of the tips in the above article, I have some more in this post titled: IT And Ethics

Photo Credit  Kiwi-Lomo via flickr

It was back in late 1995. Basically my second junior position when I got into the technology field.

I was given a relatively easy task; on one of servers that stored everyone’s work data we were running out of space.  I had to make the space available bigger.

This process is not overly difficult, but it is destructive. Meaning you have to have a server backup first because you will be destroying everything while you recreate the spot for everyone’s data. (in tech speak, I was re-partitioning the drives)

Yes, I had done my backup of that server hard drive! – but I did not test it properly. And that was a failure on my part.

As you may have guessed,  I lost much of that data because the backup did not restore all the data to the new disk properly.

Lesson Learned – in spades

Backups are absolutely useless until you have tested your ability to restore them.

And to this day – I try to ensure I have more than one before that kind of destructive work.

The amazing part is that I was not fired.

(thanks Scott)

The SMB Takeaway

Backup is useless without testing the restore. So test that on a regular basis.

You can get updates to this blog by clicking the RSS icon on the Home Page!

As a growing business you have servers, you have applications, you have databases.

They all have one thing in common, they all have dedicated user accounts and passwords for administration, configuration and management.

You choose to keep most of your tools on-line? (SaaS) There are still passwords.

Do you know where these passwords are stored?

Do you know if your IT vendor or supplier just created ‘password’ as the administrator password on your customer relationship application?

Is all of that critical information located  in one secured spot?

Or is it missing in action?

If your IT staff or supplier left you today?

Ask your self if you could find that information.

The SMB Takeaway

I know that seems like a lot of questions. But if you cannot answer them, it gets really ugly trying to get that information back

You can get updates to this blog by clicking the RSS icon on the Home Page!

It is that easy.

A simple, quick little statement; I  can whip that up for Friday

We can talk of improving process, or getting a handle on where your IT dollars are disappearing to.

We can talk of the communication required, as well as the inherent complexity of IT.

But no matter how much we talk about it, if there is a discussion about an issue and a technology staffer states he or she can whip something up to solve that brief issue.

Then it is done. Chaos has started.

You see, here is what that little statement means.

It means that your work to date on improving your IT just took its first step out the window.

Bandages, scotch tape and baling wire with a dose of some piece of software or hardware that you don’t even know exists is going to be running some key piece of your business.

It will not be documented or backed up. Probably hiding under some techies desk. If that tech staffer leaves tomorrow, know one else will even know it exists.

The SMB TakeawayIs Baling Wire holding your IT together?

As a general manager in the SME space, if you hear a phrase like that.

Be very afraid, be very afraid.

If you hear that phrase, it is time to stop and re-evaluate what you were discussing.

You can get updates to this blog by clicking the RSS icon on the Home Page!

Photo Credit puregin via flickr