The importance of keeping up-to-date IT Documentation (as well as Disaster Recovery plan/policies)

When going in to a new potential customer one of the biggest problems we always run in to, is that the customer has absolutely no documentation for their IT environment, no disaster recovery plan or policy, and no documents explaining licensing (licenses, licensing agreements, details, etc…).

In a healthy IT environment, one of the most important things you can have is documentation. Documentation provides the people who need to know with the information they require to operate, maintain, support, deliver, and protect your IT infrastructure and investment. This also allows anyone with proper skills/knowledge to perform those services in the event your usual provider may either be unavailable, terminated, switched or for some other reason can’t service you.

And No! We aren’t talking about listing usernames and passwords and calling it a day, we are talking about real documentation and a small investment in time. Below is a list of some fundamentals you should have documented:

Please Note: ALWAYS protect your documentation as it is a key to access your entire network. Very few copies should exist, however the ones that do exist should be located in separate locations which are SECURE, and only protected by someone who has a vested interest in the companies well being and future.

Administrative Credentials – Most importantly, record the main master domain Administrative account (username, password, and domain), and any other administrative accounts. If any users are provided with special administrative privileges, be sure to list them as their access needs to be revoked if they are ever terminated or leave the company. If not, you are leaving a major security hole open. I’ve seen some companies leave administrative full access accounts open for users years after they left the company, this isn’t good!

Contact Information – Be sure to list contact information for various roles inside the company. Contact information for decision makers, and technical people should be recorded (along with after hours contact info) to make sure that if in the event something major occurs, a decision maker can be reached on the phone. The last thing you want is an emergency to occur, and it not being resolved since an IT person can’t get someone on the phone who can authorize a hardware purchase…

Server Configuration – Your server configuration should include all types of information (no matter how trivial). This includes networking information, administrative account details, details about Active Directory (ex. Domain name, WINS configuration, DNS Configuration), computer name, and built-in service that may be enabled (ex. DHCP, DNS, WINS, RDP, RRAS, RIS, etc…), even DHCP reservations. This provides the technical picture that shows how things were set up, and what base services are set up and providing your network by your servers. Don’t forget to include information on your server hardware. You should list all information on your server hardware, such as model numbers, serial numbers, warranty information, along with contact information on how to initiate warranty cases. Disk configuration, RAID configuration, firmware info should also be documented. This documentation should allow someone to re-setup your servers from scratch if required.

Network Documentation – Your networking documentation will provide the reader with how devices are dynamically configured (whether DHCP, BootP), how many devices are on the network, what networks they sit on, who has access to RDP, VPNs, how those services are accessed (IPs, hostnames), and details on how standard network services are delivered throughout your network. This documentation should provide information on how your network functions and how data goes across it. And just like your server, be sure to include models numbers, serial numbers, warranty information, and location of the hardware as well. This will provide the blueprint in the event the network requires repair, or needs to be rebuilt from scratch.

Network Shares – Document Network shares, file system location on the host, permission types, and description of the purpose of the share. It’s best practice to present network shares to a group of users using the same letter network drive, document this as well so it can easily be managed, or re-setup in Group Policy of required (automatic drive network mapping).

Workstations – Your workstations should be somewhat generalized and centrally managed. Most computers should be running the same software, based off similar hardware, and configured in the same generalized fashion. Be sure to document the process for initial configuration, required software, software configuration, and any other special options that certain users may require. It’s always good to record model numbers, serial numbers, and warranty information so it can be found quick when needed.

Users – Be sure to keep an activate list of users, along with group information, department, and types of access they require, e-mail addresses, and e-mail distribution lists they may be a member of. NEVER record users passwords as this is a security concern. Any work ever required by an IT professional should be easily accomplished with the Administrative credentials, even if the administrator is required to sit down with the user.

Printers – Be sure to record all printers, MAC addresses, and DHCP reservations you have configured for your printers. As always with all hardware, record models, serials, and warranty info. It also never hurts to record driver versions you have installed just in case it may assist with troubleshooting.

Licensing Information – Be sure to keep information on any major licensing agreements you have in place. Also be sure to document URLs, usernames and passwords for any licensing systems that are managed online (such as Microsoft eOpen Online Licensing, Symantec, Astaro, etc…). It’s good practice to record all licensed products, keys, and invoice numbers for the purchase of the license. In the event you may get audited, require a license key for re-installation, etc… this information will be invaluable to get it resolved quickly. This document will also clearly let you know how many licenses you have, who is using them, and what versions of software you are running.

Firewall Configuration – Firewall setup and configuration should be documented, along with licensing keys, port forwarding configuration, and firmware versions.

 

A separate document that should exist is your documentation for “Disaster Recovery”. This documentation goes in to detail as to what your backup and restore policy is, how you back up your systems, how to restore your systems, and what to do in the event of a total failure where a recovery from scratch is required. If you can’t create a document that provides a step-by-step process to completely restore your businesses IT infrastructure then you are in trouble! Either find someone who can create the documentation, or implement a disaster recovery solution that can be properly documented. This documentation also allows you to test your disaster recovery solution, which you should be doing from time to time to make sure you can recovery from a failure, and that the documentation is correct!

While everything above is a good starting point for small businesses, feel free to add any other information you feel could benefit your documentation. All information is good information as long as it is organized and easily readable! Happy documenting!

 

If you need help with your IT Documentation or IT Services, feel free to contact us!

Virus that only infects your RAM, uses no files, and is very hard to detect! Infects via Java Vulnerability!

We are writing you today to just re-iterate the importance of keeping your systems up to date. And when we refer to up to date, we mean all Microsoft Updates, 3rd party updates, Java Updates, Adobe updates, etc…

Today we became aware of a new virus that ONLY infects your computers memory, using absolutely NO files on your hard drive. Since the virus only infects the RAM and uses no files, it’s very hard (maybe impossible for some anti-virus scanners) to detect and remove the virus. This virus is being distributed via an Ad network, that when viewing legitimate websites that carry an Advertisement containing the malicious code, infects your computer.

Good news is, when you restart your computer, you are no longer infected. Bad news is, since you won’t be aware of where you got it, or even the fact you got infected, you are very likely to get re-infected by visiting the same, or similar sites.

The virus infects your computer by presenting code in an advertisement which contains Java. If your Java is not up to date, this code will exploit a vulnerability in older versions, resulting in infection.

This is why it’s always important to keep your software up to date, it doesn’t hurt to have a firewall (like the Sophos – Astaro Security Gateway) which can also intercept virus’ and malicious code before it causes an infection.

 

RDP Vulnerability – Update your Microsoft Windows Servers ASAP

Microsoft is urging companies to install a Microsoft Security Update.

MS Security Bulletin MS12-020 is marked as critical and patches a security vulnerability in the Remote Desktop Service. Remote Desktop Services (RDP) is used by both users and IT admins.

IT admins use RDP to connect remotely to a Windows Server. Users (you) use RDP to remotely connect to your work computer.

We recommend to install this as soon as possible. A Proof of concept hack was already released, and it is expected that this vulnerability will widely be utilized by hackers and bots immediately since there is such a wide range of businesses that use RDP, and do not actively keep their system up to date with security updates.

 

You can install this patch by running Microsoft (and/or Windows) update on your workstation and server, or by visiting the MS bulletin linked above in this article.

 

What does your remote access solution do for you and your company?

One of the biggest mistakes I see these days are companies implementing horrible remote access solutions. Almost 90% of the time, the customer doesn’t have the proper infrastructure in place, and that’s why they are looking for 3rd party remote access technologies. Keep in mind, these 3rd party solutions often are a pain to maintain, keep up to date, keep secured, and even use.

Why not do things right in the first place? One of our spotlight solutions is Microsoft Windows Small Business Server. This solution powers your network, provides you with many technologies such as data, backup (disaster recovery), file sharing, e-mail, collaborative technologies, Sharepoint, the list goes on! One of the most awesome features in Microsoft Windows Small Business Server is the Remote Web Workplace (RWW).

 

Remote Web Workplace is a beautiful web interface that allows you, and your employ’s to access tons of information, e-mail, and even access your desktop computer at your office! All my client’s love and live by it, and it’s great to see such a simple yet powerful interface that utilizes technologies that are integrated and come with Microsoft Windows Small business server. It in itself is a great reason to upgrade to Microsoft Windows Small Business Server.

 

Let’s take a quick peek at the RWW remote access solution:

To login, from any computer that has internet access, simply open up Internet Explorer and point your browser to your companies web internet address:

Login screen

The Small Business Server RWW Login Screen

 

 

 

 

 

 

 

 

 

 

After you log in to the interface with the same credentials as you use to log in to your work computer, you are presented with these options:

The main Remote Web Workplace interface

The main Remote Web Workplace interface

 

You’ll notice that you can:

-Check E-mail

-Connect to a computer at the office

-Access your internal intranet website (Sharepoint)

-Perform tasks like change your password, access the server if your an admin, and configure Outlook Anywhere

 

 

 

Let’s say we need to send an e-mail to the boss with a Outlook contact we have that he needs, no problem. We select the “Check E-mail” option in RWW:

Exchange Outlook Web Access (OWA)

Exchange Outlook Web Access (OWA)

 

Notice that we have access to these features:

-E-mails (Including all folders: Sent, Junk, Deleted Items, etc…)

-Calendar (Yes, you have access to your Outlook Calendar at the office through this interface)

-Contacts (Yes, you have access to your Outlook Contacts at the office)

-Tasks (Yup, don’t need to say it!)

-Documents and Public Folders (Even share files)

 

 

So we opened the contact, and e-mailed it off to boss. That was easy!

 

Now, let’s say your home at sick, the boss calls and needs a report from Quickbooks or Simply Accounting, again no problem! Just connect to your computer at the office using the “Connect to a Computer” function inside of RWW:

Connect to a Computer - Remote Web Workplace (RWW)

Connect to a Computer – Remote Web Workplace (RWW)

 

Once you connect to your computer, you control it remotely through a fast and efficient interface. You can open any program, application, and even print to the printers at the office.

 

Now for that report! Connect to your computer, open your accounting application, generate the report. Either send it off through Outlook, or print directly to the printer on your bosses office! Your done!

 

 

 

 

As you can see it’s a very simple and efficient interface!

Interested in getting your own? Contact Digitally Accurate today to implement your own Remote Web Workplace with Microsoft Windows Small Business Server

 

Tagged with: , , ,

The Cloud… Where is IT leading you?

Let’s face it, everywhere we go these days we hear the term “The Cloud”. But what does it mean? What does it do for us? Is it for home folk to use to store their music? Or is it something viable a business can use to enable information flow and utilize it to do business faster, cheaper, and ultimately better?

Well I’m hoping to shed a bit of light on this topic. Let’s start with what “The Cloud” is exactly…

Original Definition: The Cloud is a group or collection of resources which are available to users on demand. Traditionally this didn’t mean just through the internet, but rather over different types of networks. Basically it was accessing data from a pool of resources which were allocated to provide the data. From the get go you can tell it’s a very loose definition, which can cover technologies that existed before “The Cloud” even existed, odd huh?

Today’s Definition: A means to deliver a software, service, or platform from a cloud of resources available, sold by a reseller or provider. Usually sold on demand by the number of seats (or users), and by the time used.

 

In the beginning

In the beginning, there was a company that was pioneering a new technology called virtualization. This virtualization technology allowed a physical server to run more than one operating system simultaneously. Ultimately this technology allowed a server, to actually be 10, 20, essentially numerous servers packed in to one physical server. All of a sudden, we created a pool of servers, inside of one server. In a datacenter, there could be numerous physical servers, each running numbers virtual machines (virtual servers). This is where the term “The Cloud” originally started being used.

IT staff could create servers, move servers, re-organize servers in “The Cloud”, and the services and data on these servers inside of this cloud would be provided to users. Essentially you’d be using “The Cloud” of servers.

Virtualization has become an amazing technology which in our opinion is mandatory for any company with multiple servers. In a way you could say it’s a next-generation technology that’s available today!

And let it be said we fully agree with and support these technologies. Digitally Accurate specializes in virtualization, and this virtualization technology helps businesses every day perform business faster, better, and more effectively.

 

Then what?

Over time as more companies adopted virtualization, the term “The Cloud” caught on more and more.People were doing more and more things with making information available anywhere, whether it was music, business data, pictures, you could access it from anywhere!

Now fast forward to the recession. At this time, lot’s of large corporations minimized their IT budgets, and the majority of Small to Medium sized businesses virtually eliminated their IT budgets. IT Solution and Support providers were no longer making sales, or selling solutions that cost what was now considered a fortune. IT providers in the interest of self-preservation had to find a new way to make money and the providers who were still doing well during the recession, needed to find a way to target small to medium sized businesses with their new budget limitations. With the expertise in these technologies and understandings of the way they worked, IT providers started to figure out that their potential clients were more interested in penny pinching, then looking at the bigger picture. Why not develop a solution for these companies that allowed them to pay small amounts monthly, which was secured by a long-term contract (that’s inescapable), and that allowed the IT companies to provide the services to a customer that would normally be provided by the customers own infrastructure.

This allowed the IT provider to provide services from their own servers to multiple clients, essentially squeezing out every ounce of performance possible from equipment. The re-occurring revenue secured their existence, and the length of the locked-in contracts made sure clients couldn’t leave once they were drawn to the low setup costs and monthly costs of the service.

Often, the client’s weren’t sold everything they were looking for and since they were locked in to a contract they couldn’t change providers after being duped. Essentially, they would have to pay more and more to actually get the services they thought there were getting in the first place. This allowed the IT providers initial quotes to remain low, look cost-effective, but open the door to major profits once contracts were signed.

Over time this model caught on, a whole industry was created, from the companies that owned the servers in the data center, to the companies that setup, managed and maintained the physical servers, to the companies that applied “The Cloud” or “Software as a Service” model and provisioned the cloud, to the company that ultimately resells the services.

 

Fast Forward to Today

Businesses are often lured in by the cheap setup costs and cheap monthly costs thinking they are getting everything their businesses need. The moment a business signs off on a contract to implement these services, they are usually immediately passed off to another company up one tier in the Cloud industry I mentioned above. Usually all support, maintenance, and other services are provided by an entirely different company than the one which you signed the contract with.

The reseller has officially made their profit off your signature and can now walk away. In some cases you won’t hear from them unless you need to purchase more services, licenses, etc… Ask yourself, is this a business relationship? Or more like a door-to-door salesman?

Most companies aren’t told that all their information they will be accessing from a server in who-knows-where requires a lot of bandwidth. If you have people accessing simple things like e-mail, word documents, etc… if you have numerous users doing this, it can halt all your productivity to a stand still unless you of course upgraded you internet connection to handle this (wow, there’s some more additional costs).

But wait, what if the internet goes down? Well, you’ll need a redundant connection or you won’t have access to any of your data (wow, more costs???). If you don’t have that redundant connection, you won’t have access to your data. Be sure to make sure it’s fast too, so you don’t have people waiting 30 minutes to open an Excel spreadsheet.

What about disaster recovery? Do you know if the company is actually backing up your data? Do you know what their policies are on recovering that data? In this industry, it’s about signatures, and profits. Pushing clients through the pay door, do you think their main focus is backing up your, and all their other clients data precisely?

Where is your data being stores? Lots of cloud providers actually use data centers in the United States. Do you need to be concerned about the patriot act?

Have you heard all the news about the shutdown of the “MegaUpload” service? That was a cloud based service. It got shut down, do you think paying customers were given the opportunity to retrieve their data before it was taken offline? And wait, you mean the same server that is hosting your data, might be hosting illegal content?

What about security?

 

What if, what if, what if…

 

The Cloud… Where is IT leading you?

I leave you with this thought…

Cloud based services to share music, pictures, and dumb personal stuff? Great, awesome technology, simple, etc… Nothing too important. If it goes down, who cares.

Cloud based services for your business, confidential information, intellectual property, financials, mission critical information? Wait a sec, this reminds of of Russian Roulette.

 

Is a SAN out of your budget? Think again!

With many businesses entertaining the idea of said technologies such as virtualization and/or high availability clustering, often what holds them back is the cost of implementing a SAN.

A SAN for those of you who don’t know; is a “Storage Area Network”. The network and equipment contained in it provides “shared storage environment” often required for SQL 2008 clustering, virtualization (for features such as High Availability and Live Migrations), etc…

Lately, on my personal blog I’ve been going in to quite a bit of detail regarding emerging iSCSI target technologies and way to minimize the costs of implementing a SAN. While most of my focus has been on Lio-Target A revolutionary linux based iSCSI target, a new player has entered the field, the “Microsoft iSCSI Target Software” which as of now is free!

While I’ve done extensive testing with Lio-Target and found it to be fully functional, promising, and extremely stable (and as of recently is now a part of the mainline linux kernel), I’m interested in what Microsoft has to offer. For those of you who are looking at purchasing/building a SAN, this now offers a second choice.

This is great news that will help alot of companies re-evaluate their decision not to implement a SAN due to cost.

More Information on Microsoft iSCSI Target for free at: http://blogs.technet.com/b/canitpro/archive/2011/04/05/the-microsoft-iscsi-software-target-is-now-free.aspx

El Fresko Technologies launches next-generation archiving and data protection solution

Digitally Accurate Inc. as a proud partner (and reseller) of El Fresko Technologies, is happy to pass on the following press release:

March 9, 2011

El Fresko Technologies launches next-generation archiving and data protection solution

MagnaStor® FS Archiver creates a compelling managed service opportunity

El Fresko Technologies is pleased to unveil MagnaStor® FS Archiver, an archival storage solution that ensures the long-term preservation and integrity of digital information to protect organizations from corporate, legal and compliance risks. Ideal for small and medium-sized businesses, MagnaStor FS Archiver has a robust set of features, including WORM data capture and secure, real-time replication to the cloud. With automated migration of static data from more expensive primary storage systems to archives, organizations can also improve backup and recovery efficiencies by up to 90% as static data is eliminated from repeated full backup cycles.

“Business data volumes are growing exponentially as organizations of all sizes embrace new online tools to connect and communicate. As a result, vital business data has evolved beyond simple documents and now includes vast amounts of static unstructured data in web sites, blogs, online chat logs and call center recordings. It is imperative that companies have an effective data management strategy in place to protect themselves against unanticipated corporate, legal or regulatory challenges,” said Mark Fowlie, CEO of El Fresko Technologies. “With MagnaStor FS Archiver, it is simple and cost effective to implement a next-generation solution that protects all of a company’s digital information and ensures that it is always available, non-alterable, searchable, verifiable and recoverable.”

“MagnaStor FS Archiver represents a new opportunity for managed services providers like Digitally Accurate and we are excited to make the product available to our customers,” said Stephen Wagner, President of Digitally Accurate, a leading provider of managed services and IT solutions. “As business communications evolve and generate ever-increasing volumes of data, we see a very real need for improved information management both in terms of storage efficiencies and to reduce corporate, legal and compliance risk.

Archives and backups are complementary

Backups are essential for disaster recovery, but can consume significant IT resources to properly manage, especially when data is scattered across multiple workstations, servers, and distant networks. Industry surveys show that up to 90% of the data produced daily, and subsequently backed up, is rarely changed or accessed after being at rest for more than a few days. By automatically consolidating this static data to a MagnaStor archive, the efficiency of backups and recovery procedures for the remaining 10% of active production data, is greatly improved.

“Confusion still exists for many end-users when it comes to the different roles of backup and archive. An archive solution such as El Fresko’s MagnaStor FS Archiver can provide critical compliance with industry regulations, corporate governance, legal e-discovery, or ‘just’ long-term data retention and availability. Both backup and archive remain key components of an organizational data protection policy, but mistaking one for the other can prove costly,” said Dave Pearson, Senior Analyst, Enterprise Storage & Networking at IDC Canada

Some of the key benefits of MagnaStor FS Archiver include

  • WORM protection on magnetic media ensures all content is preserved and unalterable
  • Data is always online, fully searchable and cannot be delete
  • Real-time, secure and encrypted replication to the cloud eliminates risk of data loss while satisfying strict privacy regulations
  • MagnaStor Timeline records the details of every file update and allows all files or any individual file to be reviewed or recovered to its exact status at any point in time
  • Policy-driven data governance follows the data wherever it is located; even privileged users cannot disable or circumvent controls
  • Background health and integrity monitoring with automated self-healing procedure
  • Digitally signed audit history enables non-IT personnel and/or external auditors to verify the chain of custody of any file

Pricing and Availability

MagnaStor FS Archiver is available immediately. Additional information and pricing is available from El Fresko.

El Fresko Expands Partnership Opportunities

El Fresko is expanding its partnership program and intends to join forces with a select number of companies in all global regions. Organizations interested in becoming MagnaStor FS Archiver resellers are encouraged to contact El Fresko directly.

Providing trusted data archiving solutions for more than 20 years, El Fresko is an innovative provider of archiving, data protection and compliance solutions in a cloud environment. With MagnaStor FS Archiver, managed service providers can leverage existing cloud infrastructure to offer high-value, tiered storage that strongly complements existing data backup services. Benefits to end-user customers are wide ranging and include continuous data protection and preservation, an embedded compliance policy and a complete audit history of archival data.

Further Information

El Fresko media/analyst contacts
Phone: +1.416.489.0092
Email: media@primorisgroup.com

El Fresko sales, pricing and reseller inquiries
Phone: +1.403.265.5727
Email: sales@elfresko.com

Original Link: http://www.elfresko.com/News/03-09-2011.aspx

Set your new Windows Phone 7 up for e-mail from Microsoft Exchange and/or Microsoft Small Business Server 2008

Well, the new Windows Phone 7 has arrived! And with it, comes a new generation of devices from Microsoft that STILL (thankfully) support Exchange Push to the phones. You die-hard Windows Mobile users know what I’m talking about!

A few new things have changed however. Due to the new limitations of not being able to access the filesystem, you have to find a new way to get your corporate certificate on the device.

This can be accomplished two ways.

1) You can setup one of your free e-mail accounts on your phone (such as Windows Live, Hotmail, or Gmail) and then e-mail yourself the certificate (tap to install).

2) You can upload your certifcate to a website, navigate to it on your phone, and install it that way.

After you have the certificate installed, configuration is the same as before, be sure to know your server address, username, password, and domain!

Have fun with your new phone… We are sure you will like it!

We are pleased to announce a new partnership with El Fresko Technologies

El Fresko provides proven, scalable and cost-effective long-term data storage and compliance archiving solutions to protect businesses and preserve their critical data. MagnaStor™, the company’s patent-pending software solution, offers continuous data protection for long-term file storage while leveraging the high performance of magnetic disk.

El Fresko is a company based in Calgary, Alberta Canada.

We are pleased to announce a new partnership with RisingTide Systems

RisingTide Systems is the leader in development of open source commercial grade iSCSI storage solutions and services. Numerous products featuring their software currently hold the “VMWare Certified” stamp for compatibility with VMWare vSphere 4.

Top