Anthony Ricigliano Business Blog

Just a few years ago, both large and small IT departments thought nothing of purchasing expensive equipment at the drop of a hat. A healthy economy and well-funded budgets meant that additional storage space was never a primary concern. In the current business climate, the situation has come full circle. IT departments are pinching pennies just like every other business unit, and aging equipment is beginning to cause concern. Instead of purchasing or leasing new resources that could be outdated within a short period of time, companies of all sizes are considering cloud computing services as an affordable alternative. Although there are considerable benefits to taking this step, security is a major concern that can’t be overlooked.

The Need to Evaluate The Benefits of Cloud Computing
The “cloud” has definitely turned into the hot new buzzword of the IT industry. In the same way that “green” has become a standard operating procedure in other areas, an enterprise can be perceived as outdated and out of touch if it doesn’t use cloud computing in some capacity. In order to save money and stay on top of new technology, many IT professionals are being charged with evaluating the use of cloud computing in their specific areas of responsibility.

Benefit 1 – Only Pay for Actual Usage
Cloud computing’s biggest selling point is that it reduces technology costs for IT departments of all sizes. Compared to purchasing enterprise-level servers for data warehousing, the startup costs are low, and this expenditure now moves from capital expenses to operating costs that can be charged off in the same year. In addition to these financial benefits, the pay-by-usage fee structure means that each month’s bill is as low as possible.

Benefit 2 – Scalability is Quick and Easy
In a traditional infrastructure, increasing or decreasing capacity isn’t quick or easy. If more disc space is needed, it usually means buying additional hardware or upgrading existing devices. Even if a system has extra capacity onboard that is only restricted by licensing, obtaining a new, working key isn’t always as simple as it sounds. In the meantime, most cloud computing solutions allow the IT department to instantly scale the capacity up or down within minutes using a simple user interface to modify the settings.

Benefit 3 – Reduces the Need for Upgrades and Maintenance
Similar to buying a new car, most hardware devices begin to depreciate as soon as they’re plugged in. In addition to that sunk expense, upgrades and maintenance are required on a regular basis. This drives up payroll costs and diverts attention from other projects. With cloud computing solutions, upgrades and maintenance are no longer a concern. Clients rely on the third-party service providers to handle the majority of the hardware issues without worrying about obsolete equipment.

Benefit 4 – Internet Based Means Easy Access
Depending on the application, remote access goes from complicated to simple with cloud computing. Because this technology can be accessed via the Internet, both internal and external users could be given authority to work with the company’s information from any computer with an online connection without the need for any additional infrastructure changes.

Security: The Biggest Concern
In a time when hacking and identity theft have reached historic levels, companies are more cautious than ever when in comes to data security, especially when storing their customers’ or employees’ personal information. A breach in this area can result in a damaged reputation, lost business, and other penalties. At first, many IT shops were very skeptical about allowing any third party to store their information on external devices, especially when access occurred over the Internet. The pressure to cut costs has forced most to take another look.

In the meantime, cloud-computing providers have reengineered their security protocols to ensure the safety of the data stored on their servers. Depending on the level of security used at the client’s location, many companies find that their enterprise-level data is safer and more secure in the cloud than on their own servers.

Of course, all third-party providers of cloud computing services don’t offer the same security measures. As part of the evaluation and selection process, every IT department should take a close look at the security features in addition to pricing and storage capabilities before making a final decision when choosing a cloud-computing vendor.

The Business threat from Spyware
Anyone who uses a modern computer today is aware of spyware. To most people, spyware is a petty annoyance generated by less-than-ethical advertisers, search engine designers, software distributors and hardware manufacturers. Spyware is used to track, record and report activities of interest to third parties, usually without the consent or knowledge of the persons being monitored. Casual home computer users rarely need to worry about spyware; however, in business applications, spyware can be used to devastating effect by the competition’s corporate spies and analysts.

Spyware Identification and Some Simple Solutions

Spyware is generally encountered in three major distinctive forms: Hardware, firmware and software. All three types have various characteristics which can make defeating spyware difficult.

Hardware Spyware

An example of hardware spyware is the unique identification number of an Intel Pentium or later class of CPU. This number can be used to specifically identify any CPU. When combined with appropriate software, this number can be directly linked to an IP address and the precise location – if not the exact user – can be determined. The solution for this problem is using computer motherboards with BIOS setting that are capable of disabling access to those numbers. The solution for hardware devices can be complex, as most firmware and hardware is designed not to be detected nor disabled.

Firmware Spyware

Firmware spyware is semi-permanent software running at the machine hardware level. The BIOS CMOS chip is where it usually resides. Most is relatively innocuous; however, someone with malicious intent can replace the BIOS with a custom-made copy which can contain code to enable access to the computer. The best defense is to use factory-authorized and distributed firmware.

Software Operating System Spyware

Software spyware can exist in either the operating system or in applications. An example of operating system spyware was the recent disclosure of an operating system file that was inaccessible to casual users that recorded the GPS locations of where the device was physically located through its existence. The Apple iPad tablet and other similar PDAs used similar technology. After the spyware was brought to the public’s attention, the manufacturer quickly released a patch to the operating system that disabled the file.

Applications Spyware

This is code embedded within a program which can track and report a user’s activity. Typically, a file is generated within the application’s limited access areas, however, cookies can also be generated such that when the device is online, the recorded data – often in an encrypted form to hide its nature – can be accessed with ease. In theory, the EULA is supposed to disclose any use of data derived from use of an application, however, the legal wording is tedious to follow and it is almost universally ignored by the user installing the application. There are a number of spyware scrubbers available for retail sale that can clean up residual traces of activity and help ensure some modicum of privacy. But, as with any other software backup system, it is only good when it is regularly and routinely run.

The Business Challenge

Awareness and education are the critical components of fighting spyware. It is insufficient to simply install a software application and rest assured in the knowledge that the computer is protected. It is not. It would do absolutely nothing to prevent a spy from installing a wireless hardware keystroke logger into a keyboard and downloading a complete log of all of the keyboard activity on demand and by remote control. Passwords, account numbers, sensitive corporate data all would be compromised. Physical security, situational awareness and constant vigilance are a business’s best and only adequate defense.

Because companies today conduct more and more of their core business functions across the Internet, it’s rare than any employee doesn’t have full access to the web. While it’s easy to restrict access to certain sites that contain specific content, it can be hard to keep employees from visiting other places that not only waste valuable work hours but also eat up bandwidth and other computer resources. One of the most damaging results of this unregulated browsing is the installation and execution of unauthorized software on company-owned devices.

The Security Risk of Unauthorized Software
Although most users think that running a self-discovered piece of software is harmless, it can expose the company to viruses and hackers. Freeware may appear to offer valuable tools, but hackers often hide malicious code behind a useful program. It’s true that the user may receive some benefit, but it will be overshadowed by the spyware running behind the scenes that eats company resources and searches for confidential information. In this case, the best scenario could be that the original offender’s machine eventually grinds to a halt. The worst thing that could happen is that a hacker accesses the company’s internal files. Several public relations disasters have made the national news when companies allowed their entire customer database containing personal financial information to become compromised. Not only did this ruin the company’s reputation, it also cost a pretty penny in paying for credit protection for the affected individuals.

What Are Workers Downloading Anyway?
In some cases, employees are downloading tools that they feel they need to do their job. It’s often difficult for non-IT workers to know how to request new software tools, and decreasing budgets are making it harder to purchase new licenses even when the enterprise realizes new software is needed. Whether it’s out of ignorance or out of desperation, some workers feel that they have no choice but to look for free programs to meet their needs. In other cases, employees are using their spare time to continue activities they may enjoy during their off-hours. If they’ve been using peer-to-peer programs for messaging or finding free music at home without a problem, they may not see an issue with loading it on their work machine. The same goes for various browser plug-in and video games. However, this wide-scale practice of installing unauthorized software comes at a steep price to the company. Even if security isn’t breached, these programs often conflict with company-authorized code becoming a maintenance nightmare that only increases support costs. The bandwidth that is used for non-business purposes can even interfere with a customer’s ability to reach the corporate website and result in decreased levels of customer service.

The Need to Lockdown Desktops
Any security-conscious organization should make locking down user desktops to prevent the installation and execution of unauthorized software a high priority. Without using automated methods to prevent these actions, users can risk the health of legitimate applications. This can result in the diversion of valuable resources from revenue generating tasks and quickly impact the bottom line. As a result, customers could be lost and jobs could disappear.

Lockdown Methods
Depending on the needs of the business and the types of desktops in use, several methods can be used to lockdown each machine. Here are a few of the recommended lockdown methods:
• Restricting User Rights
• Setting Software Restriction Policies
• Creating Certificate Rules, Hash Rules, and Path Rules
• Installing Scanning Software that Monitors Programs Installed on any Computer connected to the Network
While each method has pros and cons, security experts are hard at work developing new methods to help IT departments control the actions of their users to protect the core system and reduce costs.

In order to protect company resources, every business, both large and small, must implement a network access policy to secure both confidential information and core computer systems. If this task is ignored, the net effect is to implement a network access policy that grants full permissions to anyone who connects to the system. As each organization defines their network access policy, decisions should be based on a variety of attributes that identify each user who is allowed to connect to the network including their role, the connection device, and their location.

Network Access Policy Defined
While most system professionals understand the need for network security, they may confuse the network access policy itself with network access policy tools. The policy is separate from any tool that is used to implement, enforce, or monitor the rules. In addition to identifying users, devices, and locations, the network access policy should also specify exactly which resources each user can access and at what level. For example, only a small number of employees should be allowed to access human resources or payroll information, and an even smaller number should be able to modify the data. Network access policies should also define the expiration timeframe for user passwords, whether or not users can unlock their own accounts, and rules for new password creation. The network access policy should include strict rules for on-site connections, but even stricter requirements for remote connections. A company policy on connections to outside resources, like the Internet and ftp transfers, could also be included in the network access policy, as well as the virus protection software that must be used by each device. Without defining the network access policy, evaluating and choosing a tool that fully meets the needs of the enterprise is a difficult task.

Improved Network Visibility
While a secure system that prevents unauthorized access is the goal, network access policies should never be so strict that they prevent the efficient use of the system. In some cases, IT shops have locked down their company’s electronic recourses to the point that even the developers could not do their job effectively. By using network access tools, the IT group can expand their network visibility to improve security, easily comply with system security regulations, and enable both the system and users to work together in an efficient manner to achieve the ultimate goals of the individual business model.

Flexibility is Key
When evaluating new network access policy tools, the IT team must look for flexibility. If the new tool does not integrate with existing business processes, customized applications, and the current network infrastructure, the evaluation team should discard it as a potential solution and continue their search. Regardless of the included features or expected value, redesigning the entire enterprise to meet the needs of a new network access policy tool would be cost prohibitive. Even when a specific tool comes highly recommended by another organization, each IT department must decide if it fits their specific needs. Because no two IT shops are exactly the same, each one requires a unique solution to meet their security needs. Of course, the tools with the most built-in flexibility will be able to fit the widest range of system specifications.

Cost Reduction is Another Goal
In addition to a flexible product, the evaluation team should identify ways that a proposed network access policy tool can reduce company expenses. The tool should allow the IT security group to easily and quickly locate and authenticate both users and devices within the network. If security personnel find the new product to be clumsy and slower than their current method, the implementation team will face resistance to its use during installation and training. In addition to ease-of-use and security team buy-in, the network access policy tool that is ultimately chosen should also provide extensive information about each user’s identity and location to reduce the time dedicated to IT support and troubleshooting while minimizing the risk of security breaches to the enterprise.

In today’s business world, the use of Wireless Local Area Networks (WLAN) continues to grow. As users perform more and more of their day-to-day responsibilities through wireless connections, a reliable, secure WLAN is mission critical for the modern mobile business. Although the implementation cost for robust WLANs continues to drop, the operational expenses for maintenance, security, and troubleshooting are on the rise.

Operational Challenges
Because WLANs use a license-free radio signal for connectivity, the operational challenges of keeping the network running issue-free are very different from supporting a traditional wired network. The following list details the key wireless performance issues that affect WLAN deployments:
• Coverage and Capacity – Because signal strength weakens as the distance from the transmitting device increases, many buildings experience coverage holes and fading signals. Poor connections or the inability to connect at all can be frustrating and negatively impact productivity. Bottlenecks in the system can affect throughput as Access Points (AP) are overloaded or specific users consume excessive network resources.
• Noise and Interference – Because many other devices, from microwave ovens to Bluetooth devices, use the same type of frequency as the WLAN radio signals, ambient thermal noise and interference can create intermittent problems that are hard to detect. Although equipment does exist to detect these issues, the price tag is usually cost prohibitive leaving many IT departments to guess about the actual source of their WLAN problems.
• Connectivity Problems – When a user reports they are having problems connecting to the network, the list of potential problems is long. On the user’s side, it could be user error, an incorrect security key, or a bad driver. The AP could be having hardware or configuration problems, or the gateway on the wired network could be having a problem.
• Roaming Issues – As a wireless client moves, or roams, it switches from one AP to the next. If the switch doesn’t go smoothly, the user may experience latency or jittery connections. Instead of using a laptop analyzer that makes troubleshooting a connection to a single AP easy, a distributed monitoring system is required to find roaming problems.

Security Risks
The same radio waves that make WLANs convenient and easy to implement create a way for hackers to attack the system. With the growth of identity theft rings, malware attacks, and other internet threats, it’s critical that businesses address the security issues related to WLAN use. There are three primary ways that hackers take advantage of WLANS:
• Denial of Service – The hacker floods the network with signals that impact the availability of resources.
• Spoofing – The hacker assumes the identity of a valid user to steal sensitive information. An attacker may even disguise their connection as an AP.
• Eavesdropping – Because WLANs radiate network traffic into the open air, it is possible to collect this information from a remote location. Hackers are sometimes able to intercept confidential data in this way. Because the information also reaches its original destination, unprotected businesses are often unaware that this has occurred until it is too late.

Best Practices
Every IT department should research the industry’s recommended best practices to manage and mitigate both the operational challenges and the security risks that come with WLANS. Some of these methods include:
• Use APs as network monitors. Within special AP firmware, promiscuous mode can be set so that specific APs serve as sensors to continuously monitor the network for performance issues and security violations. This allows network administrators to research wireless issues from anywhere with access to the WLAN.
• Take advantage of automated tools. Because WLAN use is increasingly prevalent, software development firms are developing new WLAN monitoring tools every day. Evaluate several to find the one that best fits your IT department’s needs to reduce the time needed to troubleshoot operational problems.
• Encrypt wireless traffic. By using protocols like Wired Equivalent Privacy (WEP) or standards like 802.11i, data transmitted across the WLAN is encrypted. Unless the receiver has the correct encryption key, the information is useless.
• Change the default SSID. Because the Service Set Identifier (SSID) works as a password when devices make a connection to the WLAN, it must be changed regularly to maintain high security levels.
• Use Virtual Private Networks (VPN). A VPN provides a secure, encrypted connection to the WLAN from a remote location so that hackers can’t use intercepted information.
• Minimize WLAN radio waves in non-user areas. By restricting radio transmissions to the inside of the physical building as much as possible, hackers will be less likely to attack the system from the parking lot or street.

While most companies have several security defenses in place to guard against threats, such as firewalls and antiviral software, a very important question is still left on the table: Exactly how effective are these measures? Although it is a deceptively simple question, every company must find their own answer to this essential question. Without this critical information, your organization could be left wide open to incoming threats because of unknown vulnerabilities. Let’s investigate a few ways to effectively evaluate your organization’s data security:

Penetration Tests
A penetration test, or pentest, is basically an attempt to hack into the system from outside the network. This simulated attack analyzes the system for any potential vulnerability points that could result from configuration problems, hardware or software defects, or poor operational procedures. A penetration test will typically look for vulnerable points not only from outside attackers, but also from the inside. If an employee can view unauthorized data, it can be just as dangerous as allowing a hacker to gain access. Penetration tests can be classified as either Black Box, the tester knows nothing about the system, or White Box, the tester has complete knowledge about the system infrastructure. Of course, some installations have used modified rules and referred to it as Grey Box testing. Every system that connects to the internet or allows access from any other external source should use penetration testing on a regular basis.

Network Discovery Assessments
A network discovery assessment analyzes your network’s infrastructure to identify every device that is connected to your network and search for configuration weaknesses. By clearly identifying each machine within a continuous IP address range, the system engineers can detect any new or unexpected devices that are connected to the network. While an unknown machine usually occurs because an incorrect IP address was assigned or a cabling error was made, a network discovery assessment will also point out any truly unauthorized computer, such as a hacker, that is connecting to your company’s network.

Network Sniffing
A network sniffer can be either a hardware device or a piece of software that intercepts and logs traffic passing over a network in order to capture information about each packet’s final destination. Some network sniffers have the ability to generate errors within the system to test for the ability to handle error conditions. Depending on the capabilities of the individual network sniffer, it can be configured in the following ways:
• Wired Broadcast LANs – A network sniffer can monitor traffic traveling across either the entire network or on specific parts of the network from one machine. To minimize a potential bottleneck, ARP spoofing or monitoring ports can be used.
• Wireless LANs – A network sniffer can monitor the traffic on one specific channel.
• Promiscuous Mode – If the network sniffer supports this feature, the network adapter can be set to promiscuous mode to allow the sniffer to monitor multicast traffic sent to a group of machines that the adapter is listening to.
• Monitor Mode – This is a step up from promiscuous mode. It allows the sniffer to process everything that it could in promiscuous mode plus packets for other service sets.
In terms of information security, network sniffers provide value by detecting network intruders, discovering network misuse by internal and external users, and isolating exploited systems. On the other side of the coin, hackers can use network sniffers to learn information to effect a network intrusion and to collect passwords or other sensitive information.

Checking Password Security
Because most users will choose a password that’s easy to remember, instead of one that’s hard to guess, password security is critical to overall information technology security. After all, once a hacker has a valid user id and password, much of the system is readily available. Passwords should be encrypted within the system, and rules should be put into place to reflect the potential security risk of an individual system. If the risk is low, it might be enough to require the user to create an eight-byte password with at least one character and one number that expires at 30 days. At the other end of the spectrum, the password should expire every week and require the user to use a mix of upper case, lower case, numeric, and special characters while restricting the use of any word found in a standard dictionary and consecutive keyboard characters.

Checking Wireless Security
Wireless access is a growing trend in today’s business world, but it comes with huge risks for security vulnerabilities. As long as a hacker is within the zone of your company’s wireless signals, they can connect to your system and attempt to login. If a wireless network adapter isn’t configured properly, it can leave the door wide open to attacks, and the hacker may be able to get in with a simple admin/password sign on. In addition to securing each known wireless access point, the network should be searched for unauthorized wireless ports that may have been leftover from testing, set up by accident, or created with malicious intentions.

Spam, named after the canned meat that has been the butt of many jokes, is the mass sending of unsolicited emails. It clutters email inboxes, makes it hard to find legitimate communications, eats bandwidth, consumes mass amounts of storage, and irritates the computer user. If the computer user makes a mistake and opens the wrong email or clicks on the wrong link, their computer can quickly become infected with a virus or spyware. Spam is considered so detrimental to normal communications that the Federal Trade Commission (FTC) has passed the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act aimed at preventing spam.

Spam Statistics
The numbers related to spam are staggering. To illustrate how large this problem is, take a look at the following numbers:
• Globally, unsolicited spam emails account for 14.5 billion messages each day. This represents 45% of the total email volume.
• The largest volume of spam originates in the United States, with Korea following close behind.
• The top three spam categories are advertising at 36%, adult-related material accounts at 31.7%, and financial material at 26.5% of all spam emails.
• Although spam is annoying, only 2.5% of all spam is fraudulent. Identity theft, or phishing, makes up the majority of fraudulent emails.
• Annually, it is estimated that spam costs the business world over $71 billion each year in processing time and lost productivity. That number is expected to grow to $257 billion per year if spam is allowed to continue at its current growth rate.

New Generation of Email Risks
Spam isn’t just annoying, it brings many larger problems. Spam is one way that hackers can access your system. If they can convince an unsuspecting user to click on a link, they may be able to install malware on your system. Certain types of malware will provide the hacker with a backdoor into your network that they can use to access valuable information. Other types of malware will capture specific types of information and send it back to the hacker. Using these methods, your private company information or the private financial information of your customers can be easily compromised.

Another way that tricky spammers can impact your business operation is by impersonation. They will create emails that appear to be from your organization and send them to millions of email addresses hoping that someone will believe their masquerade. To take this fraudulent hoax a step further, they may even create a website that resembles the official landing page. In this way, they could trick your customers into revealing important financial information and compromise your reputation.

Your company’s reputation could also be damaged if spam gets past your defenses and infects your system with a virus. The virus could use your email system to send out malicious spam to people in your address book which could also infect their systems. They will blame the original creator of the virus, but they will also blame you and your lax security procedures.

In addition to compromised reputations, other impacts represent real dollar amounts. Anti-spam technology costs businesses of all sizes a substantial amount of money in software and hardware solutions. The lost productivity experienced as employees deal with spam email translates into a major payroll expense. Wasted storage and bandwidth combined with increased internet connection costs run the spam bill up even more.

Impact on Small and Mid-Sized Business
Small and mid-sized businesses are often impacted more severely than larger businesses. They often lack the resources to implement counter-measures to detect and quarantine spam which leaves them open to risks. In addition to the loss of productivity caused by spam, the threats listed above are a larger threat to smaller businesses. Just like larger companies have the resources to fight spam, they also have a larger budget to recover from any damage done to their reputation by compromised personal information. In contrast, small to mid-sized businesses face the potential to lose a large portion of their customer base due to problems caused by spam.

Detection Methods
As new security protocols are put into place to combat spam, creative spammers are working equally hard to find a new way around them. This trend of increasingly sophisticated security threats is causing electronic security professionals to rethink and bolster protective measures. While it is fairly easy for a human to determine if an email is spam, it’s not as easy for a program to do the same. If a legitimate email is identified as spam based on a security program’s inspection criteria, it is referred to as a false positive. While there is a certain amount of risk involved with missing important messages, most spam blockers rely on identifying spam by inspecting the contents of the email.

Additional methods are being developed. Some companies rely on DNS-based blacklists where a third-party service identifies spammers and maintains a list of sites that are known to send large amounts of spam. Another method quantifies the “alienness” of strings. It analyzes the incoming email and identifies it as spam if it has a substring that has a high degree of alienness when compared to the rest of the message. Security software developers continue to try to stay ahead of the spammers and hackers, and new detection methods can be expected in the future.

Amthony Ricigliano

By Anthony Ricigliano: Many small businesses get to the point where going outside their four walls to have someone else tell their story sounds like it might make sense. In many cases it does, and in some it probably doesn’t. The key here is in knowing the difference. This is the first issue to sort out in terms of deciding whether you should hire an outside public relations firm or not. Let’s start out by eliminating a couple of business types which either won’t benefit by hiring outside PR or which could get their story out in a more efficient manner.

* Businesses with a local or regional target market – A PR firm might help here but there are a number of other ways to highlight your company. Local search is becoming so specialized at search engines like Google that you can probably engage a firm to search engine optimize your business at a fraction of the cost of a PR firm.

* Businesses with a highly technical product or service that a PR company simply isn’t going to get. PR from a firm that has no idea what you do is probably going to do more harm than good.

* Companies which have just gone public and are listed on the pink sheets or the bulletin board. Brokers can’t recommend your stock, trade mags aren’t going to be happy with ”buy our stock” solicitations, and going direct to the public can be prohibitively expensive.

The types of companies which can benefit are those with national markets, branding objectives, and the ability to stick with a marketing strategy for the long term. Once the decision has been made to hire a PR firm, there are several actions you can take to maximize the relationship. These include:

* Making sure that the company understands your products and/or services.

* Defining your target market and your marketing strategy so that the firm understands what your objectives are.

* Do not let the PR company take you in a direction you don’t want to go.

* Controlling your company’s message. It’s amazing how often a line like “Trust us, we’re professionals” neuters a business owner to a point where the PR firm starts defining the company from the inside out.

* Demand measurable results. Hiring a PR firm is about getting a return on your investment. Make sure you’re getting results.

Most relationships fail with PR companies due to poor planning and insufficient communication. Don’t expect miracles from your PR company. In fact, they’re really going to be only as good as the direction and guidance you give them as they roll out your campaign. Plan on participating in the process and you’ll stand a much better chance at having a successful relationship with your PR firm.

Advice By Anthony Ricigliano

In 2008, the Interactive Data Corp (IDC) predicted that 75 percent of the U.S. workforce will be mobile by 2011 with other countries closely approaching that number in the same year. The new tech-savvy workforce is demanding balance and flexibility as part of their day-to-day job description. No longer do they want to be tied to a desk from nine to five, day after day.

While corporate America may not be as excited about this idea as their employees, they will have to provide mobile solutions if they expect their current staff to support critical systems in the new global marketplace that is active 24 hours a day, seven days a week. In the past, if a system experienced an outage during off-hours, it could often wait until the next morning. If it was critical, the developer might have to come into the office to correct the problem. This was an unpopular, but acceptable, practice that every IT shop followed.

With recent advances in technology, most of these tasks can be completed from a remote location just as easily as if the developer was on-site. This makes it very hard for any reputable company to justify waking someone up in the middle of the night to come into the office when they could sign-on from home. It becomes even harder when more and more systems must be kept running every moment of the day and night, and the number of critical calls continues to increase with each new system.

A company that is unprepared to meet the mobile support needs of their employees may find that they will lose their most qualified workers to other companies that can provide a better method for remote work. After all, this becomes a win-win solution as the Information Systems department gets better support from more satisfied employees, while the individual worker has the flexibility to spend time with their family and still perform well at their job.

To support a mobile business model, the Information Systems department will need to make several infrastructure changes. They should address security to make sure that they don’t open the door to hackers, viruses, or any unwanted connections. Once security is in place, they will need to install a server that resides outside of the company firewall for external connections and user id authentication. Many companies use Citrix software or Virtual Private Networks (VPNs) to enable their employees to connect to the internal network.

On the employee’s side, they will need access to a Wi-Fi connection or aircards to connect through a cellular provider. Equipment can vary from desktops to laptops to smartphones. In today’s world, almost any electronic device that can connect to the internet can be used for mobile support. The Apple iPad can use apps that will allow remote connection and control of any desktop device via the internet. In theory, this could allow support personnel to work from anywhere in the world just as easy as from their desk for less than a $600 investment.

In addition to providing much needed support around the clock, allowing employees to perform their support tasks from remote locations will lead to a more satisfied, and more productive, work force.

By Anthony Ricigliano

Technology News by Anthony Ricigliano: Voice over Internet Protocol – a.k.a. VoIP – is taking the business world by storm. While larger companies are slower at shifting their communication departments to the technology, the much more agile small business owner has embraced VoIP as a solution for increased productivity at cut-rate costs.

Understanding VoIP Features

To the technological novice, VoIP is a bit of a mystery. Telephone calls are made and received via the Internet; that being so, there are ample technological advantages that heighten connectivity avenues. For example, VoIP Review (1) underscores that one of the most desirable tech features is the desk-to-desk calling ability that allows for instant connectivity of offices the world over.

Providers of the service also offer business applications more commonly associated with traditional voice and telephony technologies. These include the popular conference calling abilities, hold music and also a programmable automated attendant. Unlimited local and long distance calls, no need for long service contracts, faxing capabilities and even online training webinars are just some of the benefits offered by VoIP business providers vying for the company business.

Possible Downsides of Voice over Internet Protocol

It would be foolhardy to assume that all VoIP providers are created equal. Although their overall services may mimic one another, differences in voice quality vary, usually depending on the Internet connection and also equipment utilized. This has prompted business VoIP providers to issue quality of service guarantees, which assist the commercial customer in differentiating between the industry giants and the wannabes.

Dropped calls are virtually unheard of although they can happen, especially if the Internet experiences particularly heavy traffic at a given time. Not surprisingly, a quality of service guarantee offered by the various companies here, too, separates the heavy hitters from the up and comers.

Business Advantages of Using VoIP

Although traditional telephony services appear to have a very slight edge when it comes to voice quality and dropped calls, they fail to shine in the areas of long distance rates. Depending on the long distance carrier with which the business contracts, these charges can be prohibitive. VoIP networks frequently provide these calls free of charge or – if they fall outside a predefined network – at very inexpensive rates.

Maintaining a VoIP network is downright cheap. The business owner, who relies on traditional phone service, in large part subsidizes the cost of copper wire maintenance and line upgrades by the big telephony carriers. Infrastructure requirements of VoIP are virtually nonexistent. Not surprisingly, there are no costs that need to be passed on to the commercial client. This in turn greatly reduces the cost of the overall service.

Fad or Here to Stay?
There is nothing faddish about Voice over Internet Protocol. In fact, the United States’ Social Security Administration (2) has committed to changing its entire nationwide field offices’ – the number currently stands at 1,526 – phone connectivity to a centrally directed VoIP system that is integrated with the organization’s data network.

Callers to the agency may remember that initially the phone system was a conglomeration of patch-worked systems that consisted of moved lines and dead ends, all of which contributed to callers’ frustrations over dropped calls and dead air. Since VoIP can send more than one call via a broadband hookup, it lets the agency increase its usage without needing to add costly to install – and maintain – lines.

This flexibility makes it highly desirable not only to the United States government but also to the business community that is recognizing a shift in the way of doing business. A global marketplace is changing where business is done, and inexpensive connectivity and down-home flexibility are quickly becoming the hallmarks of the VoIP-powered business that can roll with the punches and adapt to rapid changes.

By Anthony Ricigliano