Business Systems Support

88 posts

Systems Lessons To Learn From Core Strength for Cyclists

I like to bike and have biked for years. Anyone that bikes seriously will tell you how important one’s core strength is for performance and endurance. I’ve not seen a better group of core strength exercises than these from Tom Danielson and Allison Westfahl from their book, Tom Danielson’s Core Advantage: Core Strength for Cycling’s Winning Edge.

So, I decided to create this page to use as a visual workout guide. Since one video is worth thousands of words, check out the example from youtube.

You can grab a copy of Tom and Allison’s great book from Amazon.

What does core strength have to do with computer and network systems, you ask? If you want your systems to endure over time and perform at a top level, develop strength in your core systems management practices. Use high quality systems monitoring, state of the art mobility management and best practices driven systems management. One can accomplish all of that, even with disparate systems located in your office and in the cloud. If you’re wondering how, contact me.

Utilize Systems Monitoring To Meet HIPAA Requirements

Business Systems Support Cyber Security EMR Medical

All systems monitoring should be configured to facilitate HIPPA compliance. However, the first step dictates that one deploys systems monitoring to all devices resident on the health care providers’ network. This often forgotten area of technology management needs illuminating to help bring some order and methodology to deploying activities that keep your medical enterprise fully HIPAA compliant.

HIPAA Security Rules specifically outline US national security standards to protect health data created, received, maintained or transmitted electronically, also known as electronic protected health information (ePHI). The HIPAA Security Rules are divided into 3 distinct categories and below is a summary of each.

Administrative Safeguards. This section of the HIPAA security requirements is focused upon establishing a risk analysis process, with periodic reviews, assigning security management responsibilities, formulating security policies and procedures and establishing appropriate workforce security training.
Physical Safeguards. This section of the HIPAA security requirements is focused upon securely controlling physical access: to data processing facilities, workstations and devices as well as physical media which contains PHI (personal health information).
Technical Safeguards. This section of the HIPAA security requirements is focused upon establishing specific technical security controls which aim to protect PHI via the following key aspects: data access control, data & access auditing, integrity and transmission security.

Below is a detailed description of each HIPAA related configuration item and the required guidance towards a HIPAA compliant configuration. As per the HIPAA requirements, for items listed as Addressable the entity must perform one of the 3 options: 1) Implement the required control as stated 2) Implement an alternative control which meets the intent of the original control 3) If implementing either, they must document the technical and or business constraint which prevents them from doing so. For items listed as “Required” the entity is required to implement this control as stated.

164.308(a)(3)(ii)(C) – Terminating Access

Addressable

Have you implemented procedures for terminating access to EPHI when an employee leaves your organization or as required by paragraph (a)(3)(ii)(B) of this section?

» Recommendation: Utilize the systems monitoring dashboard to remotely remove terminated employees from all in-scope EPHI related systems.

164.308(a)(5)(ii)(A) – Security Reminders

Addressable

Do you provide periodic information security reminders?

» Recommendation: Utilize systems monitoring to push periodic reminders to the in-scope workstations.

164.308(a)(5)(ii)(B) – Malicious Software

Addressable

Do you have policies and procedures for guarding against, detecting, and reporting malicious software?

» Recommendation: systems monitoring provides managed antivirus services that guard, detect and report against malicious software.

164.308(a)(5)(ii)(C) – Monitoring Login’s

Addressable

Do you have procedures for monitoring login attempts and reporting discrepancies?

» Recommendation: Utilizing the systems monitoring dashboard, develop procedures to periodically review audit logs and login attempts.

164.308(a)(5)(ii)(D) – Password Management

Addressable

Do you have procedures for creating, changing, and safeguarding passwords?

» Recommendation: Via the centralized management capabilities of the systems monitoring dashboard, develop procedures to create, change and safeguard passwords.

164.312(a)(2)(i) – User Identity

Required

Have you assigned a unique name and/or number for identifying and tracking user identity?

» Recommendation: systems monitoring requires each user ID to be unique and tracks activity according to such. Further, ensure there are no shared user accounts within the client environments you manage.

164.312(a)(2)(iii) – Inactive Sessions

Addressable

Have you implemented procedures that terminate an electronic session after a predetermined time of inactivity?

» Recommendation: systems monitoring automatically times out inactive user sessions.

164.312(a)(2)(iv) – Encrypting EPHI Data

Addressable

Have you implemented a mechanism to encrypt and decrypt EPHI?

» Recommendation: systems monitoring mail automatically and transparently encrypts all mail archives with secure AES 256bit encryption, thereby protecting any EPHI information potentially contained within the archive.

164.312(b)(2) – Audit Reporting

Required

Have you implemented Audit Controls, hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use EPHI?

» Recommendation: User audit reports are dynamically generated by default and can be accessed at any time via the systems monitoring dashboard. Develop procedures to periodically review and investigate any discrepancies.

164.312(d) – Authentication to EPHI Data

Required

Have you implemented Person or Entity Authentication procedures to verify that a person or entity seeking access EPHI is the one claimed?

» Recommendation: Consult with your client and determine the appropriate level of security. Upon such, implement strong password authentication & for further security, configure the systems monitoring dashboard to validate source IP addresses.

164.312(e)(2)(ii) – Encrypt EPHI Data in Transit

Addressable

Have you implemented a mechanism to encrypt EPHI whenever deemed appropriate?

» Recommendation: Configure systems monitoring mail to only transmit email traffic via IMAPS (IMAP over SSL) as this will securely encrypt and protect EPHI transmitted via email over the Internet.

Dropbox Tops Inc’s List of Top 10 Apps Banned in the Office

Business Systems Support Cloud Computing

Inc Magazine recently included Dropbox in their list of top 10 apps banned in the office. That’s because, while it’s a valuable productivity tool, users aren’t usually aware of the security and control risks that it introduces.

If you’re having Dropbox issues, consider SecuriSync. It offers file sync and share that both employees and administrators will love. That’s because it’s built to meet both their needs, with easy file syncing and sharing that’s balanced by full admin control and direct integration. Contact me to learn more about SecuriSync, Exchange Mail and Hosted Telephone Systems.

QuickBooks Virtual Server

2 comments

Business Systems Support QuickBooks

I install a lot of software, sometimes on a very large scale. My software installation best practice requires that anytime I install software for a client, I review release notes and minimum systems requirements from the software manufacturer. It’s not uncommon that major changes occur between version updates that will impact an installation that I’m doing.

Recently, I encountered a situation that challenged my default server installation methodology to the core. This challenge will prove to impact the way I look at QuickBooks in the future.

My server installation best practice requires me to consider virtualizing any server environment before I consider using a physical server. Virtual technologies integrated with RAID storage arrays are mature and as common as Ford trucks. Only a few architectural instances dictate a physical server; an on site domain controller and a network fax server using multi port pots lines come to mind.

My back up and disaster methodology depends upon continual data protection, continually writing an updated virtual server image to local and offsite storage. CDP is pretty much the norm in the industry today.

My most recent QuickBooks installation environment revolved around the role Remote Desktop Services plays in reducing costs and increasing manageability. It’s almost a no brainer to build a thirty user QuickBooks Enterprise 13 set up with Server 2008 R2 Remote Desktop Services on top of VMware, using Acronis to write a virtual image into a datacenter. However, QuickBooks release notes and latest system requirements stopped me dead in my tracks.

First, I came upon QuickBooks system requirements and Intuit’s concept of “natively installed” splattered all over the Intuit QuickBooks Support Systems Requirements page. I had not seen these requirements in the past. Check these out:

Apparently, Intuit does not recommend or support QuickBooks installation on a virtual server. An IT person might say, “so what.” My experience tells me that only a fool will run a large QuickBooks environment without a yearly Intuit QuickBooks Support Contract. There are always reasons to get Intuit’s assistance to keep your QuickBooks operational.

Secondly, if the failure to support QuickBooks installed on a virtual server is not bad enough, Intuit states that “QuickBooks will work with systems running RAID (Redundant Array of Inexpensive Disks) but this is not recommended because performance issues may cause QuickBooks to operate slowly.”

Essentially, Intuit prefers that the two pillars of server technology, virtualization and RAID be completely avoided, to the extent that Intuit will not support you if you deploy virtualization and RAID. This strikes me as a large problem or a great opportunity.

How might this situation effect you?

Cloud Resources Offer Profound Advantages

Business Systems Support Cloud Computing Data Center

Jim Ditmore recently published an excellent article over at Information Week titled "Hard Truths About Cloud Differences" where he clearly articulates the necessity for medium to large sized company business people to understand the differences in cloud computing approaches and pitfalls.

Try as I might, I find it very difficult to articulate business need in the language of cloud computing folks. So, I tend to look at the most cost effective solution to achieve an end. Fortunately, cloud computing resources fit my requirements nicely, facilitating me to speak in terms of growth and performance.

For you to achieve a robust and scalable business, partner with competent highly skilled people that get the details and understand the pitfalls. Jim Ditmore does a great job spelling out the pitfalls of cloud computing in his article.

Be very cautious if it’s a core business functionality. You could be locking away your differentiation and ultimate competitiveness.

Before you sign the contract, know how you will get your data back should you stop using the SaaS application.

Make sure you have ensured the integrity and security of your data in the application vendor’s hands.

Understand where the product is in its lifecycle (older products might not provide lasting benefits).

Anticipate the eventual migration path as the product fades at the end of its cycle

From a technical perspective, details make or break any IT environment, especially when utilizing cloud resources. Something as simple as when to have physical assets inside a business facility correctly mated with cloud resources can severely impact any business.

Wrapping my head around the details pays big dividends, as my business runs using cloud resources, freeing me to operate more effectively.

I’m forever amazed at how far we’ve come in twenty years. I would have never imagined doing business the way I do business today. Utilizing cloud resources results in increased customer service, a high level of customer satisfaction and much improved operations manageability.

In spite of difficult deployment and integration, cloud resources offer profound advantages;

Reduced Cost: Cloud technology is paid incrementally, saving organizations money.

Increased Storage: Organizations can store more data than on private computer systems.

Highly Automated: No longer do IT personnel need to worry about keeping software up to date.

Flexibility: Cloud computing offers much more flexibility than past computing methods.

More Mobility: Employees can access information wherever they are, rather than having to remain at their desks.

Allows IT to Shift Focus: Organizations no longer have to worry about constant server updates and other computing issues; they are free to concentrate on innovation.

If computing performance and business growth interest you, lets continue the conversation.

Cloud Computing

Network Solutions Email Problems

Business Systems Support Communications Cyber Security

Just received this update from my Exchange service provider about email problems with Network Solutions.

Service Advisory: [my provider] has discovered a possible issue with certain Network Solutions name servers. When looking up DNS information for domains hosted on Network Solutions or when querying Network Solutions name servers, we have seen intermittent time outs. This issue was discovered when customer reported bounce backs for people trying to send them mail. People sending to domains hosted on these servers may receive similar bounce backs. After some research, we found reports of similar issues by other companies (outside of [my provider]) and reports from Network Solutions stating that there may be a Denial of Service Attack (DDOS). We will monitor this issue and provide an update when the issue has been resolved by Network Solutions.

Such a shame that a company the size of Network Solutions allows this to happen. Top shelf Dynamic DNS provider Dyn, aka Dynamic Network Services, Inc and DNS provider OpenDNS figured out DNS long ago.

If it were my business depending on email, I would think seriously about deploying excellent hosting from Bluehost with DNS from OpenDNS and Dynamic DNS from Dynamic Network Services, Inc

Bluehost consistently makes it into the top hosting companies acclaimed “the best and brightest of the hosting world” by WordPress.

Your Business Computers Need Flint Catchers

Business Systems Support Cycling

Flint Catchers come from a bygone era of English cycling when an afternoon sporting ride would take one along the dirt paths and gravel roads of the UK. Flint Catchers or Tyre Savers as they were called, came in all shapes and sizes, but they were all designed to remove rock chips, "flints", glass, nails and other road debris from the expensive flat prone bicycle tyres of the day. The more expensive Flint Catchers were hand crafted alloy or chromed steel.

Flint Catchers attached to the front and rear brake center bolts and would glide across the rotating tyre, removing their charges before subsequent revolutions of the tire embedded the debris into the tyre, flatting it. Less expensive Flint Catchers were made of stainless steel wire and rubber tubing. But, they all provided a basic level of protection for those expensive tubular tyres.

Today, a good set of road racing tubular tyres will set one back a couple of hundred dollars.

So, what do flint catchers have to do with business computers? It’s quite simple really. Think of your company’s network of computers, network printers/scanners and tablets/smart phones as those expensive tubular tyres that keep your business rolling along. And, think of proactive monitoring and security as your Flint Catchers, protecting every revolution of your expensive computer resources. Desktop and laptop security software, unified threat management at the Internet gateway and device monitoring comprise the three pillars of maintaining robust local network computing. Your business would be at risk to try to roll along without any one of these three pillars.

During your first quarter planning, consider addressing desktop and laptop security software, unified threat management at the Internet gateway and device monitoring. If you need assistance, contact me and come along for the ride.

If you’re interested in protecting your expensive bike “tyres”, search eBay for Flint Catchers.

cycling

Some Serious Backup

Backup Business Systems Support

We live and work in hurricane country, which incidentally, its season is right around the corner. The past several years have proven to be a profound test of our ability to execute business continuity. Some of us have not fared so well.

I’ve experienced business continuity failure because a business continuity plan was not in place and executed. Although I stood ready to bring up a DR Data Facility within hours, disaster recovery was completely compromised because of the lack of a business continuity plan.

If you would like a Business Continuity Plan template at no cost, head over to bakupz.com and download the template. It provides a great start for a small to medium sized business. Most importantly, go through the steps to make it real.

The most important part of successfully implementing a Business Continuity Plan is to understand that it is a team effort and not the responsibility of your IT guy. And, there’s more to disaster recovery than your tape backup. In my case, I had duplicated the primary line of business servers, segmented the network to facilitate turning up another data center and synchronized database servers. I understood the need for DR infrastructure.

In the past, my biggest enemy to pull off disaster recovery was time. Besides needing production ready servers, in time, one might download files from one’s online backup service or recover data from an archived tape, but you cannot use files and data if your infrastructure is damaged. What I would have given to have a production-ready virtual network for active disaster recovery and failover, with “active” production-ready infrastructure images, backed up at regular pre-determined intervals and in real time, and stored for use any time.

If you’re in IT or just very interested in IT, you need to watch this video. It shows how quickly server recovery can occur if the right disaster recovery technology is deployed. In the event of major system failures or hardware destructive disasters, simply fail over by switching your infrastructure to redundant production-ready images in the virtual network. Your systems are back online in minutes, enabling your business to recover and maintain its pace.

Watch Failover In Under Five Minutes From Doyenz

Family Internet Protection

2 comments

Business Systems Support Cyber Security

Easily Block Adult Web Content From Your Family’s Internet

OpenDNS, one of the world’s top DNS providers, created FamilyShield, a free tool to help your family secure your Internet connection from Adult websites that are unsuitable for children, malware and virus websites and phishing websites that steal your personal information.

You can protect your family by following several very simple steps.

Navigate to the OpenDNS FamilyShield page and locate Setup FamilyShield. Click on “Set up FamilyShield”

Enter your email address and click "Let’s Begin!" or, click "continue" to continue setup without signing up.

Select Router or Computer.

Follow the simple instructions for your particular setup and you’re done!

I’ve used OpenDNS as a least cost/first deployment tool for years. If you want to monitor Internet usage as well as block and unblock websites, try the OpenDNS Basic product, also free, but it requires some additional configuration.Combined with a computer security product, your computers and laptops will run secure for years. And, your family will be protected from the dark side of the Internet.

security

You Can Still Buy A New XP Pro Computer

4 comments

Business Systems Support QuickBooks

I published this article almost a year ago. I wanted to update everyone that might need an XP Pro computer. As of yesterday, I can still purchase a new XP Pro computer. There continues a need to have a physical CPU with XP Pro, necessary to run legacy applications, especially in the security and medical businesses that I’m most familiar with.

I’m still amazed at the number of times people inquire about purchasing a new XP Pro computer. I see no reason not to buy an XP Pro computer. I configured a new Dell business desktop computer today for a project I’m working on.

The Dell summary worksheet details my computer specs for a new QuickBooks server, a great deal considering it has 2gb memory, 3 year on site service and 3 year anti virus software. As a mater of fact, I will use this computer as a multi session terminal server designed for both local access and remote access from the CPA’s office. The entire project costs will come in under $1000 plus the QuickBooks license.

If you need a new computer, all the major players still sell Windows 7 Pro downgrades to XP Pro. It just takes a bit of effort to configure and purchase them. I continually need a steady supply of XP Pro computers for small businesses.

If you want to save a good bit of money, try searching Amazon for off lease desktop or refurbished desktop. Check the specs carefully for memory, hard drive size, dvd burner and the operating system to get a great deal.

They say one picture’s worth a thousand words. Check out this screen shot of my prototype QuickBooks terminal server on a shoe string. You can plainly see three users’ remote desktop QuickBooks Multi User sessions and an administrator desktop session simultaneously working on an XP Pro based terminal server. This stuff’s so much fun.