Newsletter – September 2015
Refresh Your IT and Refresh Your Business
Technology is expensive, so it’s understandable if you want to hold onto it for as long as possible. Yet because of rapid and ongoing improvements, it’s well worth regularly reviewing your infrastructure and upgrading your equipment sooner rather than later.
This may run contrary to what you think you know about capital equipment, but the key difference is that technology must be thought of not only in terms of the value it delivers, but also in terms of the costs it incurs. IT staff can spend countless hours fixing and upgrading old software and hardware, patching bugs in old versions of applications, and sourcing parts for outdated desktop PCs.
With that in mind, it’s not surprising that most companies buy equipment with planned obsolescence in mind. After several years (usually three) desktops and laptops are replaced even if they’re still working, just to make sure that productivity isn’t hobbled by the demands of looking after old equipment.
Manage your assets
The burden of regularly replacing PCs can be minimised by refreshing equipment on a rolling basis. To simplify the task, and as a matter of good practice, it’s beneficial to use an asset-management tool that can keep track of every device in your business, from computers and laptops to servers, printers, and network switches.
Strong reporting capabilities will allow you to quickly see which computers are better off being replaced. For example, you might have some machines with insufficient memory or old processors that aren’t up to the demands of the users in their department.
Other drivers for system replacement include lifecycle issues, such as whether a device is no longer under warranty; whether it has reached its ‘end-of-life’, making it hard to find support; or whether new computers are doing something in a way that enhances the customer experience.
It’s important to keep users in the loop when it comes to technology refreshes: give them plenty of lead time before an upgrade so they can remove personal files, and plan for a short downtime while you’re swapping over the equipment.
You should also consider interdependencies: if you shut down a server for upgrading, for example, make sure it doesn’t bring down any key business functions; if there is a potential impact, make sure you swap in the new system outside business hours.
By planning well ahead, you can keep regular equipment and software refreshes a fundamental part of your computing infrastructure. Careful asset management also lets you predict the costs of upgrades. This allows you to budget for new procurement in advance and makes everyone’s life that little bit easier.
back to top
Could Your Business Suffer a Hack Like Ashley Madison?
This July, a group calling themselves “The Impact Team” was able to hack into the infidelity website Ashley Madison and copy its users’ names and personal information. By mid August, it had been confirmed that more than 60 GB of user data had been released on the Internet. This is just the latest example of a business being compromised by lax security. The question is: could your business and your data be vulnerable to such an attack? The rules of data security are quite simple: if you store it, secure it. Here are five tips to get you started.
1. Encrypt your data
Encrypting your data is the single most important step you can take towards protecting it. Best of all, both Windows and Mac OS have encryption tools available (BitLocker in most versions of Windows, FileVault in Mac OS). So if you’re not using them, turn them on. This should be your minimum default security setup.
“Volume encryption” adds complexity, but if your hard drives have partitions that can be organised into volumes (for example, of financial information drawn from drives on several machines), then it adds another layer of protection.
Finally, encrypt any mobile devices that connect to your network, including USB drives. The major security software vendors (including Kaspersky, Norton, and McAfee) have suitable products. Or you can buy USB drives with hardware-based encryption (like the Aegis Secure Key 3.0 Flash Drive).
2. Secure your cloud
Cloud providers draw on their expertise and resources to provide state-of-the-art security. But this also makes their platforms desirable targets for criminals, so you should consider encrypting the data you upload.
While some providers offer secure upload services, you can also create your own “private cloud.” Many vendors, including Google and Microsoft, offer products and services to help you create your own cloud.
3. Manage your passwords
Passwords are often the weakest link in the security chain. They’re easily lost or forgotten, and it’s easier than ever for criminals to gather enough information to guess your password, answer your “reset question,” or even trigger a password reset request and intercept the reset email.
Password manager applications are a great solution. They store (and encrypt) all your passwords and will automatically log you into your websites and accounts, and they are available on all major platforms.
4. Consider multifactor authentication
Multifactor authentication uses more than one “factor” to control access to your information. This might be physical, like a “dongle,” or electronic, like an OTP (one-time PIN) code sent by text message.
Various cloud services, like Dropbox and Google Apps, offer multifactor authentication, and if you’re using them to store sensitive information, the modest extra cost to use them is well worth the peace of mind and security they provide.
5. Manage the human factors
Finally, make sure your human security is good. Criminals can gather information from your online presence to impersonate you and request password resets or even convince phone operators to give them access to your information.
The best remedy is awareness. Never give out your password over the phone; no legitimate organisation will ask for it. Be sure that any former employees return all equipment and change all the passwords they might have known. That’s not to suggest they’d be up to no good, but it protects you from potential harm and them from false accusations.