|
Horse Sense #62
In this issue:
Tips--Secure Your E Mail, Shop
Safely
If you have your own e mail server
and want to do your part to cut down
on spam, take a look at these
recommendations from the FTC that are
widely used by ISPs worldwide:
http://www.ftc.gov/bcp/edu/pubs/articles/naps08.pdf
Here are some tips from the FTC for
safe on line shopping:
Toys for Techs
It may not be the time for Christmas
presents, but any time of year is a
good time to give "Toys for Techs."
A "Toy" must do something for the
business. A "Tech" could be anyone
who is using your computing
resources and thinks they see a way
to get more out of them, not just
the geeks (like me!). You can make a
substantial improvement in your
business and motivate people by
letting them take a project and run with
it with management support. Be open
to new ideas. Who would have
thought that you would have an e mail
address 20 years ago? Now many
businesspeople find it
indispensable. Consider these "Toy" suggestions:
-A "Toy" to bring the future alive:
Speech recognition software and a
microphone. For those who don't type
well or who have motor
difficulties, this software could
dramatically improve their
productivity. The amount of training
and the learning curve have gone
down as the accuracy rate has
improved.
-A "Toy" that shows how the world
works: Practically any form of
training. We would suggest security
training for the organization, but
you might also benefit from
specialized application training or network
administration training. Typing
tutor programs don't hurt. Language
tutoring software might be a good
idea as well. Few tools work well in
untrained hands.
-A "Toy" that stretches the
imagination: A network security and business
analysis. It sounds like a luxury,
but that's the point of a toy.
Something that sounds like a luxury
can still produce many desirable
results. Have Iron Horse look at
where you are and have been and then
point you towards a more profitable
and desirable future. "Toys" need
not be physical. What is more fun
than imagining a better day and
knowing you can make it a reality?
-A "Toy" that uncovers what was
previously hidden: I have written about
the Cymphonix network appliance
before.
While this appliance starts at
$2000, I've had two customers tell me
it paid for itself in less than one
day! We will be happy to tell you
the stories. This "Toy" can find and
manipulate to your advantage what
otherwise would be invisible.
-A "Toy" to keep up with the other
"Techs": You may not get Microsoft
Windows Vista, Exchange 2007, or
Office 2007 right away, but someone
should know something about it. Or,
maybe you need to see what another
piece of software, a new dual
processor system or a modular notebook can
do for you.
-A "Toy" that fixes other stuff:
Utilities can keep your computers
running smoothly or restore them to
their former glory. After removing
unnecessary software and files and
using Diskeeper disk defragmentation
software I have seen 400%
improvements in speed!
-A "Toy" box to keep your toys safe:
Buy a better backup solution than
the one you have now. Disk to disk
backup, disk imaging, continuous
data protection, and automatic remote
backup are available now. Are you
using them or are you putting all
your work at risk?
-A "Toy" that is fun to watch, but
often ignored as it lets you enjoy
other "Toys" in peace: Little kids
like to watch bug zappers. The
network equivalent of a bug zapper is
antispam. Is your antispam
working well? Could it work better?
Do you need a different solution?
Or, does your current solution just
need some fine tuning? We can
tell you about a client who went from
babysitting their antispam servers
to almost ignoring them after some
changes we recommended.
-A "Toy" that lets you view the world
differently: Large high
resolution flat screen monitors are
proven productivity enhancers. They
can also lower electric bills and
save desk space.
-A "Toy" that brings your ideas to
life: New color printers are
inexpensive and capable. You can now
sell your ideas more effectively
with color.
You get the idea. If these "Toys"
are not for you, we can help you pick
out other good ones. Who says toys
can't be fun and make your business
better?
When Should I Delete an E Mail?
The US Supreme Court amended the
Federal Rules of Civil Procedure last
These rules cover all federal civil
(non-criminal) litigation. State
courts will likely soon follow their
example. Every business in the US
must now make a "good faith" effort
to disclose "electronically stored
information." Practically, this
means all organizations will need to
have policies about how their
electronic information is to be stored
and/or deleted. Litigants are likely
to request this information to
support their case. Organizations
without proper policies, procedures,
and technologies in place may face
sanctions. They will also face
higher costs in complying with
documentation requests. Companies will
also need to know how much effort it
will take to produce requested
information. Disclosure rules take
into account how onerous and
expensive it is to provide requested
information. However, that means
you still must know where the
information requested would be and be able
to give figures on how much it would
cost to get to it.
E-mail is now considered a corporate
document, so organizations will
have to have policies on how long to
keep e mails, when they should be
deleted, and how and where to store e
mails so that they may be viewed
later. Any company with a delete all
email policy or a 30, 60, or 90
day retention policy for the purpose
of destroying smoking guns ought to
consider whether its policy would
stand a court test of good faith. You
will need to develop a document
retention policy and stick to it. If
your employees regularly flout the
stated policy by saving e mails older
than the stated corporate standard
policy of 90 days, then your company
"policy" could be considered whatever
the employees are doing because
those files will be available in
corporate systems as well and subject
to electronic discovery.
Be warned. When a company has to
produce electronic documents, it may
not be able to follow its regular
document destruction procedure. That
means that even though you have a
policy of destroying old e mail, as
soon as the discovery process for
those e mails starts, you cannot
delete them.
There are no hard limits written into
these procedures. It took decades
for the IRS to decide that 7 years
was a reasonable limit for record
retention. This new rule and the
corporate accountability laws passed
by the US Congress over the past few
years have placed a heavy record
keeping burden on companies. For
some, it may have been a driving force
to go private or stay private. These
are "best efforts" or "good faith"
type laws. It means the standards
can continually change to fit the
time and the particular situation,
which is good. It also means that no
one knows what "best effort" or "good
faith" means until it is actually
tested in court.
For more information see these links
or call Iron Horse:
<Link died, removed 1/15/2012>
Some companies now attempt to "keep
everything forever" to defend
against lawsuits. Most organizations
need not take on this massive
expense. The value of a piece of
information flowing through your
business, its method of storage, and
its age sensitivity determine its
availability. You want to design
your business not around the fear of
litigation but around your need to
manage information. We can help you
design data protection systems that
make sense for you. In fact, these
rules seem to support keeping records
as long as they can be expected to
be relevant to the business. Less
relevant materials are expected to be
harder to get to or unavailable. For
example, accountants have lists of
different types of documents and how
soon you can get rid of them based
on their relevance and your liability
to taxing authorities.
As a side note, expect more and more
e mails to have lengthy disclaimers
attached to them so that companies
feel safe in deleting these records
from their systems. You may even see
some saying "The following e mail,
by company policy, may be permanently
deleted after 90 days unless you
reply to us saying that it needs to
be kept for a longer period. If you
do not do so, this e mail may be
deleted with your permission and you
warrant that it will not be needed
for discovery in civil litigation
after that date." I expect to see
many variations on this theme. I
would bet these disclaimers would
fail the "good faith" test in court.
Call Iron Horse and talk to us about
your needs to manage your
information. We have many excellent
products and services that can
help, especially with e mail.
Spam Realities
Recently, when a communications cable
crossing the Pacific got cut, spam
volume decreased around the globe.
Unfortunately, most of your spam
comes from the US. Spammers want to
use large numbers of machines with
access to high bandwidth Internet
connections near their targets to
maximize their ability to send mail
quickly. Spammers also are
selective. It is useless to send
offers in US dollars in English to
Russians. Spammers often use
machines that have been compromised.
Literally thousands of these machines
may be directed by a single
control point to deliver spam to
millions of people. Spam is not about
annoying you. It is about making
money. Almost all spam is directed at
a person rather than an
organization. Offers that sound too good to be
true, usually are. Stock tips that
come unsolicited over the Internet
are not a sure fire way to make
money.
Many criminals use e mail that
appears to be from legitimate sources to
get you to disclose confidential
information they can use to steal from
you later. These e mails look VERY
real. I have even seen US Secret
Service agents who investigate
financial crime on computers fall for
these ploys. DO NOT respond to any
request for personal information or
update requests in e mail without
first calling the company. Do not
trust the phone numbers in the e
mail. Use the number on the back of
your credit card, on your bank or
brokerage statement, etcetera. Do not
click on suspect e mail links. The
delete key is your best defense. If
it is REALLY important, companies who
handle your personal finances will
not count on e mail as a way to
contact you. And, because exposing
health related information can result
in civil and criminal liability,
anything involving your health is
unlikely to be sent by e mail.
Not all mail is spam. You may get e
mail from a perfectly legitimate
company that you were not expecting.
Do not complain to your overworked
help desk or Internet Service
Provider (ISP) about it. Legitimate
companies will make it very easy for
you to verify their identities and
to sign off their mailing lists.
They usually will provide multiple
ways to do so. Most business to
business solicitation, newsletter, and
marketing e mails will be from
legitimate companies. By law, these e
mails are not considered spam. And,
many organizations, including every
government entity I know of, has a
policy mandate to open up their
procurement to all qualified
sources. In effect, those rules ask
companies to try and get in touch
with people who might need what they
have to offer.
Signing off legitimate mailing lists
should be easy. These companies
will have valid return e mail
addresses, postal mail addresses, and
phone numbers prominently displayed
in their e mails. Legitimate
businesses want to make it easy for
you to contact them. It may be
annoying to get marketing e mails,
but it is not in their best interest
to make you any enemy. They will
sign you off their mailing lists if
you ask. You may have to ask more
than once, especially if you call
them again or order something because
they can make the logical
assumption you want to do business
with them. Relax. A marketing e
mail is a lot less intrusive and
onerous than a phone call, fax, or even
a piece of postal mail. Sign off
again or delete the message.
Avoiding Costly Computing Errors
When working with your IT providers,
use these tips that I have learned
from over 20 years as a computer
consultant to save money, time, and
headaches. If you have a favorite
tip or story, please write us about it!
Be Willing to Accept an Unexpected
Answer!
Help your consultant or salesperson
to understand what you want to do.
Begin with what you want to do, find
software that will help you do it,
then get the hardware to help you run
the software.
Partner with service providers who
will work to give you the answers you
need. Do business with those who
under promise and over deliver. Do
business with those who freely admit
what their solution will not do
well. Do not be afraid to ask this
question: Can you think of a better
way to handle this?
Some Unexpected Answers I Have
Delivered to Customers:
-----I often tell people that they
already have what they need. I often
get the question, "Should I upgrade
my computer?" I will ask some
questions and end up replying, "No.
A faster computer will not help you
as there is no difference between
instant and faster instant." They
wonder why I might turn down a sale.
I am not turning down a sale. I
am building a relationship of trust
so that I can work with them long
into the future.
-----Sometimes, the answer is not
what you want to hear, but correct.
One client could not decide between a
small hard drive and a costlier
larger one. I told him that if he
even asked the question, he should
get the larger one because if he ever
needed the extra capacity, he
would have a very expensive retrofit
on his hands. Even if he never
used the extra space, the most he
would "lose" would be the cost
difference between the two drives.
In my experience, people fill up all
the storage space they can find
anyway. He bought the bigger drive. A
few weeks later, he started a new
project. He needed much more storage
space than he originally thought,
which would have overfilled the
smaller hard drive causing an
expensive upgrade at a very inconvenient time.
-----Fairfax County Public Schools
came to us requesting new keyboards
of a specific brand for their
machines. We asked why. The kids were
removing the caps on the keyboards
and making them completely
alphabetical, losing them, etcetera.
We asked if they would consider an
alternative. We found a better
keyboard for them. The caps could not
be removed. It had three times the
warranty. It was less than one
third of the price. Finally, it
would also work with other machines
they had so they could use one
keyboard as a replacement for nearly all
their equipment, when they used to
have to stock multiple keyboard
varieties.
-----The US Department of Energy
wanted to enhance some highly secure
networks so different sites could
share lots of classified information
safely. The project manager was
presented with a design by her internal
network engineers. She then called
on Iron Horse to review the design.
We discovered unnecessary
bottlenecks and unneeded equipment which
would save the DOE $360,000 in
purchase costs and over $25K per year in
maintenance costs. The project
manager was happy with that result until
we pointed out that the data did not
have to be moved in the way they
thought it did, exposing potential
savings in the millions of dollars.
Our cost to the DOE for the analysis
was $1100! Maybe we should have
asked for a percentage of what we
saved them?!
-----It is often a terrible idea to
buy software from a manufacturer and
have it preloaded on a machine. The
software licenses supplied on these
machines are "locked" to these
machines (OEM licenses). You are
prohibited from moving that piece of
software to another machine. It is
much more difficult to create a
standard image for desktops and have it
load up with the correct license keys
if you are using licenses that
lock you into individual machines.
OEM licenses often have no support
from the software manufacturer. The
software manufacturer "forces" the
machine builder to provide that
support to you (good luck with that).
Even the free software preloaded onto
a system can cause real problems.
You can see enormous performance
improvements on some machines by
removing preinstalled software that
you will never use. Sometimes
preinstalled software causes
incompatibilities or crashes or makes
installing other pieces of software
more difficult. The time it takes
to reconfigure a new machine to fit a
user may not be that big a deal
for the home user. In a business,
however, you want to be able to drop
a machine on a desk and be able to
produce something on it right away.
Any additional amount of
configuration and maintenance time will raise
your support costs and keep your
users from working (another cost).
Rather than rework a preconfigured
machine that doesn't fit your needs,
you may want to purchase a machine
with a blank hard disk. Computer
manufacturers can also load a
reference image you give them so that most
of the software configuration is done
when it reaches you.
The lesson? Take the time to listen
to other inputs. Rather than
buying SOMETHING, consider buying
something different, doing something
different, or (knowingly) doing
nothing to arrive at your best answer.
|