Scammers that call you

A little while ago on our facebook page we advised of a new scam which was doing the rounds. It seems to be ramping up and so we just thought that we would remind people about this latest nuisance.

The scam basically works like this:

1. Some one will ring you on your home or mobile phone and claim to work for a software company like Microsoft or McAfee.
2. They will tell you that they have detected a problem with the security of your computer and that they need you to install a patch or new program to protect it. They will help you do do this over the phone.
3. When you install the program (normally some sort of claimed "security software") it will then pop up lots of annoying reminders saying that you need to purchase it.
4. The software serves no useful security purpose, and between annoying you into paying for it, also seems to take the opportunity to embed itself into your system so you can't remove it.

So the short version is the bad guys con you into installing something on your computer which then annoys you until you pay it some hush money to make it go away. Needless to say the software is hard to uninstall - certainly beyond most people's skills.

At this stage all the reported cases we have heard about involved someone with an obviously foreign accent so that is one thing to keep in mind. But there is an overall message to consider here about scammers and the tricks they are using - when some person's or business's behavior doesn't line up with what you would think of as normal then you probably need to be more skeptical than usual.

In this particular case - have you ever had a software company call you to tell you that their software isn't working? If you've ever rung a software company to tell them their software isn't working you know they barely have enough people to answer the phone, let alone make outbound calls.

Lock Up Your VOIP Trunks

ZDnet is reporting that some businesses are losing thousands of dollars in attacks against poorly protected VOIP services.

The way the scam works is that the hackers use the Internet to break into a company's VOIP service, and then use the VOIP service to make calls to premium overseas numbers (pay per minute) etc. They collect the revenue from the pay per minute service while the company is left with a massive bill. It's yet another inventive way to use the Internet to try and rip people off.

The scam often works because it crosses International boundaries and because Telcos can be remarkably unsympathetic to the plight of customers who have quite obviously had some funny business happening on their phone system.

So - how does a business protect itself?

First things first - while VOIP is about telephones it's also just as much about computer networks - your telephone and network people need to work together.

Secondly - you need to take advice on which ports etc to leave open from your security, firewall and network people, not your phone people. No offence to the phone people but in general they know next to nothing about network security.

Third - if you are exposing your own hosted SIP service to the Internet it would be well worth getting some vulnerability assessment and assurance performed.

Finally - as always good operational monitoring provides the final backstop. Not only is there a good chance you would pick up the increased network traffic, but it will also help you manage your ICT more effectively.

Changing Our Minds

"The only thing more iritating than someone that changes their mind every 5 minutes is someone that never changes their mind"

Green Light IT has an almost unique problem among ICT service providers - our customers are with us long enough to see us change our minds and our positions on things like new technology and new approaches. As always these changes can lead to questions and concerns.

Firstly let's establish why our position has to change:

The IT industry is awash with new ideas and for the forseeable future likely always will be. And for every new approach/idea/gizmo/program (we are going to use the technical term "thing" for the rest of the article) that succeeds and goes on to establish a place for itself 10 "things" (or more) fail because of:

• Insufficient take up.
• Being all sizzle, no steak.
• Under-estimating the complexity of the problem.
• The cure being worse than the illness.
• Lacking reliability and sound support.
• etc.

So, to put it succintly there really aren't any silver bullets but every now and then a new approach/idea/gizmo/program arrives which is useful and thinking needs to change.

What Green Light IT customers probably don't realise is that by the time we announce a changed position to them we will have looked at the issue from every which way we can.

Here are some of the principles we try to use when looking at new "things":

1. Proven - Have enough people tried it and gotten the results they were expecting?
2. Cost Effective - Does it solve a real problem for less than what the original problem cost?
3. Reliable - Does it create a system that you can expect to work?
4. Longevity - Are the people that make and support the "thing" likely to be here tomorrow?
5. Utility - How well does the "thing" do what it should, and how else might it be applied?
6. Risk - Can the "thing" be tried at reasonably low risk? Is a back out position possible or is it all or nothing?
7. Security - Does the "thing" take a new and potentialy dangerous approach.
8. Unintended Consequences - What are consequences of using the "thing"? Does the customer understand and expect these consequences?
9. Inevitability - Is the "thing" going to become the new standard whether the customer likes it or not?

As you can probably guess by looking at the list of considerations "things" normally need to be around for a little while before you can assess them in the positive - this does tend to mean we don't recommend our customers getting on the bleeding edge. It's not like we aren't interested - we are always staying across new technologies/approaches (just the other day we had a heated debate about using Solid State Drives for a customer's database server), however we don't tend to change our position until we think there is a sound case for believing the new "thing" is better than the old "thing".

The upside to this for customers is that they get solutions that work. They might not be the latest solutions, but they are ones we know can be relied on.

Merger with Saltbush Group

This is old news for most of our customers, but Green Light IT is merging with the Saltbush Group.

Green Light IT will be forming the new service delivery arm of the Saltbush Group called Saltbush Solutions.

The Saltbush Group is a Canberra based, but Australia wide ICT firm providing services in Consutling, Security, Development, Assurance, and now through Green Light IT, Service Delivery. With over 60 consultants it is Canberra's fastest growing ICT firm.

We will be continuing to call ourselves Green Light IT, some of the time... the rest of the time we will call ourselves Saltbush Solutions. You can call us either - we don't mind.

The Ten Second Test That Will Save Your Organisation Thousands

As we go about helping organisations we see a lot of virtualisation being used to save money on server hardware. But we are also seeing plenty of virtualisation used in ways that is going to eventually cost more than it saves. In short we are seeing some organisations suffer the midrange explosion that we warned about in our previous blog post.

That is - the idea of "free" servers is sometimes leading to the deployment of servers for roles of dubious value.

"If the server is free what's the harm?" I hear some readers ask. The problem is it's not what the server costs to buy that matters, it's what it costs to own. Further, as you add more and more computer systems complexity can have an amplifying effect on the cost of ownership of systems deployed.

When an organisation has to pay for "tin" upfront this acts as a natural restraint on over provisioning. When servers seem to be free sometimes this restraint is absent.

So, here is the 10 second test that will save your organisation thousands. Before you add a new virtual server for any ongoing production role to your design or architecture ask yourself this question - "If I had to pay for the tin would I still design it this way?"

If the answer to that question is not a solid yes then you need to re-think your approach.

Christmas Trading Hours

Over Christmas Green Light IT will be taking a break will be closing on the 23rd of December, and re-opening on the 4th of January.

Feel free to leave us a message on the phone or drop us an email over this time. All the best for Christmas and we look forward to talking to you in 2010.

Why We Use NAS Rather Than Tapes

If you took a look at our last blog entry you might wondering what we use for backups if we don't use tape.

That's easy - we use Network Attached Storage (NAS for short).

Compared to tapes NAS have three major advantages:

1. They can keep up. Tapes are so slow that many in the industry now do what is called "Disk to Disk to Tape", where the backup is first done to another set of high speed disks, which can then slowly and ponderously stream that data to a tape drive. Getting rid of the "to Tape" bit is the next logical step.
2. Less External Dependencies. A NAS unit is a complete system that you can attach to your network and start pulling files off. A tape needs a tape drive, a semi functioning computer, driver software, backup software, and they all need to be accessible before you can start pulling off files.
3. Unlike tapes, which are a bit of an out sider from a mainstream technology perspective, NAS units use normal everday Hard Drives. So as the capacity of normal every day hard drives increase, the capacity of NAS units keeps pace. Tapes on the other hand are always playing catchup, and are usually around an order of magnitude behind in terms of cost effective storage.

Now if you are seeking a long term archive then tape is still your best bet, but that is not what most businesses are after in our experience, particularly once retention of data in programs like MYOB/QuickBooks etc is explained. Even then, NAS, which is powered up once every couple of years is probably just as good. Tape has the benefit that it can be just left to sit on the shelf for 10 years. Now, where did I leave that tape driver software...

5 Common Mistakes Business Make About Backup and Recovery

We are going to be talking about backups over the next few weeks - we are going to be talking about backups quite a lot. More precisely we are going to be talking not only about backups, but the other less frequent but oh so important bit - recovery.

The problem with the way most businesses approach backup is that they might take some backups (might) but they have never given a whole lot of thought to the other side of the equation - recovery. And there are some sobering stats here - probably the most sobering I have come across is this one:

"93% of businesses that loss access to their critical data for 10 days or more file for bankruptcy within 1 year. 50% of them file for bankruptcy immediatelly" - US National Archives and Records Administration.

So it's not only if you can get access to your information again, it's how quickly you can do it. And that is where things start to get interesting.

To get us started on our month of DR (Disaster Recovery) here are 5 common mistakes that businesses make about backup that means when push comes to shove they can't recover:

1. As long as I have my data I'm okay

Wrong.

Access to your data is contingent on a number of other pieces of infrastructure being in place. Sometimes this is a simple as a computer with say Microsoft Office installed in which case provided you can find a computer you are probably okay. But sometimes it relies on an application server, which has had 100 patches applied to it, which no one exactly remembers, and there was some bizarre tweak that someone had to give it to make it work etc.

Can you get access to the data again - probably. Will you get access to the data again before you are out of business? Much harder to know.

2. An Online Backup Over The Internet Is Our Best Option

Usually Wrong.

Online backup solutions are targeted at home users, and small businesses. They provide handy interfaces to help you see which files you are backing up, history etc. The problem is they are driven by people who, due to their limited IT knowledge, don't actually understand which critical parts of the system need to be backed up. For example, if you are using Exchange server only the system adminstrator has the access they need to the mail store.

If your whole server packed it in exactly how long will it take your online backup company to get you a copy of your data - a day, two days, a week? Have you ever asked? Have you ever tested their ability to deliver?

Also, as 1 above just backing up your data isn't really enough.

3. We Use Tapes

Wrong.

There are so many issues with tapes it is hard to know where to start:

• You need a tape drive (seems obvious right). But what if your previous tape drive was damaged (say by a power surge) so you can't move it across to the new server you just bought. Can you still buy the type of tape drive that you had previously keeping in mind it's probably three or four years down the track? This is what we call in the industry a "depedency".
• Tapes aren't growing in capacity fast enough to keep up with modern hard drives. Time and again we see new customers which have been sold a tape drive which can't backup a tenth the capacity of their server hard disks.
• Tape drives can subtly alter the length of tapes over time so that tapes will only work with that particular tape drive. Even if you can find a replacement tape drive your tapes may not work.
• Tapes need to have the basic operating system up and going to support the correct drivers. So if you are rebuilding from scratch you need to build a basic server, then install the tape drive and software, then restore (hopefully) and then reconfigure the server.

4. If a Part Fails In Our Server We Will Be Able to Get a Replacement Part

Wrong.

The scenario is like this - components in the computer industry tend to turn over on 12-24 month timeframes. After that the big PC/server manufacturers (HP, Dell, etc) will continue to carry spares for "warranty" customers. However, chances are they wont "sell" you one of their components - they need to hold an inventory to cover the customers which did pay for warranty.

Normally parts fail after at least a couple of years in service, meaning chances are you can't buy a replacement anymore. So if you don't have a warranty you probably can't get a like for like replacement. If you can't get like for like replacement then there is an awfully good chance that you will have to rebuild the system, or at least use a time consuming process to make the new part work with the old system.

Now this isn't true for some parts, like the power supply, or a non-integrated network card. These can often be easily replaced. But for the big components - like the RAID controller, Main Board and Hard Drives, it usually is.

5. If Our Server Crashes It Will Only Take a Day or Two to replace it

Wrong.

Yes you can go to Harvey Norman and buy a PC this afternoon. Servers are a different type of beast entirely. Because there are less of them sold they haven't reached the point where they are a standard item that retailers carry.

If you are lucky, and your business is small enough you may be able to limp along on a PC for a few days, although depending on your restoration strategy it could take days to get it correctly installed.

We will be discussing some of strategies we think you should pursue over the next few blog posts. Stay tuned.

Filtering Your Internet Connection with Open DNS

As we mentioned in our recent newsletter there is now a really quick and simple way to filter your Internet connection to:

1. Stop kids from seeing content they shouldn't.
2. Keep people away from sites they shouldn't be accessing.
3. Protect you from phishing sites and other Internet nasties.

That method is "OpenDNS.com".

Setting up OpenDNS is really easy, and will take only a few minutes. To do it for your home network or computer read on.

First - do you have just one computer or a number of computers using your Internet connection at home?

If you have just one computer then you can follow the instructions for setting up your computer. If you have a number of computers you are probably best of configuring your router so that the setting will apply to all of your computers without having to change each computer individually.

Once you have done that you are now being protected by OpenDNS at a minimal level (which just protects against phishing). However, to get the best out of OpenDNS you should now go and create an account.

After you have created an account you can adjust what sort of websites you would like to be filtered. By default you will find the category level is set to minimal which just stops known phising attacks.

There are some really easy options to choose here. For example "Low" will also filter out pornography, while moderate will filter out other adult related content. So for home, you might set this to low or moderate. You can also "customise" and choose exactly which categories you want people to be able to see, and which ones you don't.

Go and take a look - this is a really neat tool and compared to what you used to have to do to solve these sorts of problems is very simple.

If you would like to try setting it up for the office network just let us know. We can also give you a hand at home if you need some assistance.

Upgrade to Windows7

Have you heard about Windows7? It is entirely likely that the new Microsoft Operating System (OS) has flown in under your radar, as its release has been kept pretty low key compared to its predecessors. Windows Vista, which was the previous instalment of Windows, was not widely used (or liked) by the IT profession. It had several flaws, quite a few security holes and massive performance issues. It seems that Windows7 is following Microsoft’s long established trend of releasing an OS that is not quite right and then a few years later releasing a “new” OS, that is a remake or upgrade of the previous one with the bugs ironed out. Windows7 is looking to be an OS that “works”.

One thing that really surprised us is that Windows7 actually has lower hardware requirements than its predecessor. This if the first time this has ever happened with Microsoft Operating System. So it is possible to use the software on lower specification machines.

As per MS’s normal mode of operation once Windows7 is released the end of life for Windows XP support will probably be quickly announced. It has not been possible to purchase any version of Windows XP retail for quite some time now and the general consensus of the IT community has been to avoid using Vista in business environments. This means that Windows7 is where we will have to go for future system upgrades.

So far the outlook is good for upgrading to Windows7. There have been relatively few complaints about the OS. It uses much less resources and therefore runs faster on the same hardware (sorry to labour the point – but this is remarkable). The UAC, or user access control (the annoying fade to black windows) that Vista used has been toned down so that it is much less obtrusive. The networking support, while still not as good as it could be, is no longer painful to use.

The biggest test will be when it comes to using the OS in a business environment. How it behaves with other machines on a large network, not the mention how it interacts with servers is yet to be seen, but currently several GLIT members are trialling the OS with some of our work machines to test it in a work environment. We realise that it is inevitable that Windows7 will have to be rolled out to business clients, so we will be testing the new OS as much as possible before we have to roll it out to a working environment. But so far, things are looking promising.

Virtual Servers – Can They Save You Real Money?

If you have even a passing interest in IT then you have no doubt by now heard about virtual servers and virtualisation, which is a technique where a number of “virtual” computers all run on the one physical system. And although you might do this on your desktop, it is mainly taking hold in the back office where a number of servers are “virtualised” and run on one piece of server hardware.

Conceptually this isn’t a new idea – we have been doing this sort of thing since mainframe days. But virtualisation for Windows and Linux systems is now becoming big business for lots of reasons. The central argument around virtualisation is a cost reduction one. This comes through in a number of ways:

• Reduction in server hardware prices – If one piece of server hardware can do the job of 10 servers you have saved yourself the cost 9 pieces of hardware.
• Savings on Environmentals – One server, even if it is running a full tilt (computers use more electricity and produce more heat when busy) will use less energy than 10 servers, and will produce less heat (so less air conditioning etc).
• Disaster Recovery Planning – Virtualisation offers some savings if you need a standby site for DR – it’s kind of complex so if you want more details ask us for an explanation.
• There may also be savings in the systems management process as virtualisation (and the tools that come with it) make certain tasks more time effective for IT staff.

That’s the good news. If virtualisation is done correctly and appropriately it can save you money. If it is done where it isn’t appropriate, is poorly executed, or if you are just unlucky it can actually cost a lot more than it saves. Picking when it is appropriate is important, and it isn’t necessarily something the person trying to sell you virtualisation will tell you. This isn’t just us saying this – a number of big shops around town have either partially, or fully rolled back virtualisation projects dues to unexpected difficulties.

So, lets consider some of the things that influence whether or not virtualisation is a good fit.

No Free Lunch

Virtualisation tends to be a good solution for situations where your servers don’t do very much. So if you have 10 web servers that sit around largely idle then using virtualisation to collapse them onto one piece of “tin” (that’s a term we use for a physical server in case you hear it in conversation) might be a good solution.

But if you have 3 database servers that are flogged within an inch of their life then you are going to have to buy a much more powerful piece of hardware if you wanted to try and collapse them. This is going to affect your Return On Investment (ROI) position.

This can lead to a shop being exposed to the laws of diminishing returns in terms of buying hardware. To break that down simply a $5,000 server won’t be twice as fast as a $2,500 desktop (although it will probably be a good bit more reliable), and a $10,000 server won’t be twice as fast as the $5,000 server. So, if you have ten $5,000 servers, which are running at full tilt, you will probably have to spend a lot more than $50,000 to achieve equivalent performance in a single piece of hardware.

However, servers are not normally run that hard, and it is this fact that tends to make virtualisation economically viable. Normally you have ten $5,000 servers, each of which run at somewhere around 10-20% of capacity. You can replace those ten servers with one $20,000 server, which isn’t as powerful, but is powerful enough.

So, virtualisation is a better prospect for servers that are lightly loaded than for systems which are heavily loaded.

Understanding the Cost Model

Saving money on hardware sounds great, but is that really where most of your costs are? To get a sense on this it’s important to understand the Total Cost of Ownership (TCO) of a server over its lifetime.

TCO is made up of the following things grouped by scale of cost:

High:

• Support (wages or fees for the people that make the server work make sure that backups work etc)
• Downtime (wages of those people that can’t work when the server is not up)
• High-end Business Specific Software.

Medium:

• Business Specific Software (CRMs, etc).

Low:

• Commodity Software (Windows etc)
• Environmentals (Electricity, Air Conditioning, Rack Space).*
• Hardware.*

We’ve put an “*” next to the costs that virtualisation will reduce. Notice anything? Now there are arguments that virtualisation can reduce support costs and downtime. There are also arguments that say it can increase both of these. Which is true? It depends on context, and to some extent on whether or not the person appraising it is trying to sell virtualisation or not.

In the worst case we have seen organsations switch substantially to virtualisation, when they paid their outsourcer a fixed fee per server per month for support. The outsourcer didn’t reduce their server support charges significantly (they argued that supporting a virtualised server was no cheaper), and the outsourcer pocketed substantial money from the “move to virtualisation” project. Worse – the virtualised servers performed worse than the previous hardware based servers. In some circumstances the customer actually needed more virtual servers than they had physical ones previously. The result of this was that the support charges of their virtualised environment was more than the support charges on the real “tin” they had before, and the hardware savings were not enough to make up for the difference.

Complexity

Virtualised environments tend to be more complex than ones with normal servers, for a number of reasons.

1. Often more complex, higher end hardware is required. Dedicate Storage Area Networks (SAN) are an obvious example here
2. Server management now has another dimension to it – which “real” server do the virtual servers exist on – this might seem trivial but we have seen it cause problems
3. Another skill set is required to support the virtualisation product.

These are the foreseeable complexity impacts from virtualisation. However, the unforseen ones are in many ways worse.

Virtualisation tends to reduce the tolerances within your environments. Some examples include high dependency on having the exact firmware revisions and drivers for particular hardware, never being able to extract the IO performance you should get, network latency blowing out when there is seemingly no explanation etc. Now, you don’t need to know what these mean particularly to assist your decision making, but you need to be aware that some of simplification that virtualisation may give you will be traded off against some fairly high end esoteric problems which will require time and effort to resolve, and may in some extreme cases not have economically viable fixes.

Mid-Range Explosion

There is another potential drawback to virtualisation with respect to costs, and not one that necessarily is immediately apparent. It starts with a phrase during the sales presentation something along the lines of “so when you need a new server you just click, drag, click, and there is a new server, and it cost you next to nothing”.

Now that seems well and good, but as we have already discussed most of the cost of owning a server comes in the support phase. So saving you some deployment costs is great, saving you some hardware costs is great, but if it leads to an uncontrolled proliferation of servers (and we’ve seen this too) the “ease” with which new servers can be deployed actually starts to hurt a business.

This is a bit of “with great power comes great responsibility” type thing. If an organisation has a mature outlook, and doesn’t create servers willy nilly, still exercises effective change control, etc etc then this ability to commission servers quickly can be a great boon. If, however, they don’t exercise effective control, servers are run up on a whim, there is no disciplined management of systems then virtualisation can become an enabler to many poor practices, and before the organisation knows it the farm of 20 servers that it had is now 50 and increasing.

So...

We are not trying to say don’t use virtualisation. Virtualisation can be a fantastic thing that does give real savings. But it is very easy to be seduced by some of the amazing features that virtualisation offer, without considering the downsides, or more importantly exactly how virtualisation is going to improve the efficiency of your organisation.

Also, at its core, virtualisation is about saving money on IT, not saving money with IT. That’s fine – in hard times everyone needs to tighten their belts, but it does perhaps reflect an industry looking inwards at its own problems and coming up with a neat gadget to suit its own needs, rather than outwards figuring out how to make other parts of the business more efficient.

So make sure you take some advice, independent of the virtualisation sales people, about where it is a good fit for your organisation.

Thin Clients

From time to time you may have heard IT people talking about “thin clients” and wondered what they were talking about.

Firstly - no – chances are they aren’t doing a sideline in diet pills. Secondly, explaining the difference between a thin client and a thick client may be a little tricky. Rather than trying to explain the technical difference we thought we might try and explain the impact of each approach on an organisation.

To try and see the difference between a thin client and thick client imagine you needed to get a group of people from one place to another. If it was only a handful of people they might all have company motor cars, or they might share a company motor car. This works for small groups, but as the numbers start to get larger it becomes less and less practical (there isn’t enough parking at the destination, everyone needs to submit their fuel claims, a couple of people’s cars don’t work properly and need to be repaired before they can go, and some people also get lost on the way).

This is somewhat analogous to a “thick client” solution. Everyone has the utility and flexibility to go wherever they need to with only minor constraints (you need to travel on a road, follow the company vehicle use policy etc). The downside for the organisation is it needs to pay to maintain a whole fleet of cars, and substantial effort is spent keeping vehicles running properly.

Now consider an alternate approach. If everyone is going to approximately the same place every day (ie using the same applications) then maybe the organisation is better of with a bus. To move a large group of people there is less administration, parking problems, vehicle maintenance etc, and only the driver needs to know where the bus is going (so you only need to buy 1 GPS instead of 50).

The bus is more like a “thin client” or terminal solution. The people onboard have less freedom and flexibility, but provided they were all going that way anyway this may not be a big deal. Like the bus, a terminal solution requires certain equipment (a terminal server), which can be a substantial capital outlay relative to a few motor cars, but at some point, provided all staff are served well enough by the bus, it will be cheaper to run than the fleet of cars. The graph below illustrates this concept in terms of cost.

As you can see the terminal based approach has a higher set up cost but as the number of stations increases it is more cost effective. Now don’t worry about the exact numbers in this diagram – there are a whole lot of factors that influence this, but understanding this basic relationship is an important part of understanding the value of a terminal based approach.

The value proposition is as follows: If your requirements suit it, then the terminal server solution can deliver productive, reliable computing at a lower cost per station than using thick clients for all staff.

However, going back to our “bus” model can also help us see situations which terminal servers are not well suited to:

• Everyone is going to a different place – If everyone needs to run completely different applications then the terminal server may not be the right approach
• Everyone needs to attach different equipment – the bus can only have so many trailers attached to it. If everyone needs to use a PDA, or special data logger, or other peripheral then the bus may not be the right approach.
• Some Requirement’s Don’t Socialise Well – Just like the bus there is limited space and capacity on the terminal server before applications can start to seriously interfere with others ability to use the service. These “anti-social” requirements are probably better suited to stand alone thick clients.

You can also mix and match terminal and thick client deployments. For example, if 80% of you staff have “basic” needs you can have them use a thin client. The users with additional requirements can use a thick client for all the special tools they need, and use a software thin client to access the normal “corporate desktop” – they use the bus for the same things as everyone else, and only use their thick client for special jobs.

As you may have already surmised an important part of operating a successful terminal server installation is discipline. The organisation needs to be disciplined enough to protect the reliability of the terminal server by not letting unnecessary software be installed, and having the time and patience to set up user access so that staff can’t accidentally damage the server. This is one of the reasons that organisations with a mature outlook at Information Technology are the ones most likely to gain benefit from an investment in a terminal type approach.

While we have spoken quite a bit about restrictions it is important not to oversell these for a terminal solution. Staff that only need to use word, excel, email and a web based database or two can operate quite successfully on terminal solutions and never even know that they don’t have their own computer.

There are however, odd things that can catch you by surprise. A typical example is displaying video. As you probably know video is a rapid sequence of still pictures that our eyes interpret as motion. Due to the nature of the technology terminal solutions usually can’t send this stream of pictures fast enough to make a cohesive video – to fool our eyes into thinking it is watching real motion. Now that probably seems all right, until you realise that you were planning on rolling out video based training to your staff. New techniques may (and are) change this in the future, but it is an example of where the normal utility of a PC is not necessarily available for a thin client.

Another interesting issue that emerges with thin clients is printing. One advantage of thin clients is that they often work very well over skinny network connections. However, while the staff member’s experience when working on a document is good, due to the vagaries of drivers, printing can be a completely different issue. That innocent ten page document can blow out into hundreds of megabytes of information which takes minutes and minutes to download and print.

So before you make a decision to go to thin clients you should have a really clear idea of what your staff are going to be doing with their computer access. If you can’t be sure on their requirements, but you still think thin clients is the way to go you need to be mindful of the risks that such an approach entails. You may find a need down the track that thin clients can’t meet, and you will end up with some thick clients. However, if you have a clear understanding of what you will be using thin clients for, the opportunity to save some money can be substantial.

Green Light IT Hosting Business After Business

Green Light IT, along with the Ainslie Football Club, will be hosting the ACT Chamber of Commerce's Business after Business for July.

Date: 30 July 2009

Time: 6pm

Venue: Ainslie Football Club

If you are a member of the Chamber you will be familiar with these functions. If you are a Green Light IT SME Customer, and have never been to one of these functions it might be the perfect time to take a look.

For more details including how to RSVP please review the Chamber's announcement.

Welcome

We know, we know - blogs are so 2006. Nevertheless, with the success of our newsletters, and the fact that we often found ourselves wanting to say more, but feeling pressed for space it has become obvious that we need a place to keep you up to date with what is happening at Green Light IT that is a little more immediate than the newsletter.

It will also give us an opportunity to treat some issues in a little more detail, as well as convenient stuff like being able to easily hyperlink other information etc.

The categories list at the side might give some hints at the sorts of things we will be using this space for, so welcome, and please don't hesitate to drop us a line if you would like to give us some feedback, or even see some particular issues considered and written up on the blog.

The Team at Green Light IT.

Discounts for ACT Chamber of Commerce Members

We are running a special for all ACT Chamber of Commerce members with a 5% discount across all of our services including consulting, fixed price support, development and email scanning starting this month, and running through until the 30/6/2010.

If you are an existing customer, and are a member of the Chamber, then please contact the Help Desk to let us know your membership number so we can make sure you get the discount.

The discount applies to new customers also, so if you are a member of the chamber and are looking for some expert IT support just make sure you mention it when you give us a call on 1300 GO GLIT (1300 46 4548).

Don't Be The Catch of The Day - Avoiding Phishing Scams

(Note: This is an extended version of our article from the June 2009 Newsletter)

Phishing (pronounced “fishing”) emails and websites are created in order to trick you into divulging confidential information, like passwords, bank account information or credit card numbers.

The most common type of phishing scam is an email with a link to a website which looks like the genuine article, but is just pretending to be the real thing to trick you into entering your real username and password. This is how much of credit card and bank account information is stolen online.

The most recent phishing scam, which started targeting the Commonwealth Bank and then moved onto other banks was a step up from what we have seen in the past, with vastly improved English, and a number of clever psychological tricks to make a person feel compelled to act quickly. Some of the most effective messages even claimed to be a “Security Alert” or claimed that your account had been compromised. Other emails included topics such as “There has been an error in an online transaction. Please log into your account via this link to verify the transaction.”

The whole purpose of a phishing attack is to get you to click the link.

From here, one, or possibly both of the following will occur:

1. This link will take you to a webpage that looks quite similar or even identical to the login page for whatever banking site you use and there will be a field for your username and password. After you have typed in your information, the information gets sent off and recorded so that they may use it to log into the real account and steal your money.
2. The fake website will install malicious software on your computer.

Because of this, as a general rule, banks and financial institutions will never send you emails with direct links to a login page (and if they ever do perhaps you should move your money to another bank).

You need to always be vigilant about links in emails simply because it is so easy to make fake emails that look like the genuine article. If you receive an email from a site you signed up to, or you went to a site and asked to have your password reset then those links are probably okay. If an unexpected email arrives asking you to log in to a system then you should treat it with a great deal of suspicion.

So if you ever receive an email claiming to be from the bank asking you to “Click this link,” or “Click here to enter your financial details,” or “Login here to verify your account” then treat them with a great deal of suspicion. If you are still not sure, call the organisation that claims to have sent the email. Alternatively, if you know how to login to the page then use your browser and navigate yourself there. Don’t click the link in the email

National Broadband Initiative

(Note: This is a reprint from our May 2009 Newsletter)

So, private industry cannot deliver the broadband network, and thus the Government has decided to go it alone and build a fibre to the home/business network by 2018. Putting aside the question of whether or not this is a good idea, what is fibre to the home/business likely to mean?

Fibre to the home/business, with its substantial increase in bandwidth, is probably going to give us “convergence”, which is a term to describe the process where once distinct streams of media and communications collapse into one single delivery mechanism. Huh? Things you once saw as separate, like the television and the telephone are going to start converging into the same delivery mechanism – the Internet.

If it were to happen as the futurists would see it, by say 2020 a lot of people aren't going to have a fixed line phone service anymore (that trend is actually already starting with “unbundled local loop” services available for those that want an ADSL service, but not a traditional copper phone line). We will still probably have something in our house that looks and acts like a phone, but it will work purely with the Internet. Likewise for television, we may see “cable” channels distributed over the Internet using a subscription model (no doubt with the obligatory amount of piracy going on as well).

In terms of business, high quality point to point video conferencing will become a reality that everyone can take advantage of, and this ability to video conference combined with redirecting office calls using your Voice Over IP (VOIP) phone, and get high speed access to the office network from just about anywhere is likely to hasten the adoption of telecommuting. Many more businesses, particularly in knowledge industries, will probably move to the model of having a larger proportion of their work force offsite, as a way of providing a better work/home balance, reducing the carbon impact of businesses (by removing employee commutes, and power hungry building environmentals) and reducing the substantial costs of commercial premises. Finally, customers having access to such large amounts of bandwidth will also make new types of services, for example video consults, a viable reality.

Many of these ideas aren't new – VOIP has been with us for some time, Skype has brought video conferencing to the masses, and larger enterprises (like the big 5 accounting firms and others) have been doing hot desking (where employees don't have a permanent desk – they log into a desk for the day) for many years with mixed results. However, the commodity-like nature and accessibility of these new services will likely have some substantial impacts on the way we work.

Before some of these benefits can be realised there are a number of technical, and even a few human issues that need to be resolved.

In terms of the technical issues the shift can perhaps be summed up by considering two areas: reliability and security.

Many Small Medium Enterprises (SME) do not have infrastructure that is sufficiently well engineered to provide the sort of reliability required for these new services. Issues such as Quality-of-Service (essential for good VOIP and Video Conferencing) capable networking equipment, communications systems that can survive mundane issues like power outages without dropping service (how do you dial triple 0 if all your phones fail when the power goes out), well provisioned equipment capable of dealing with increased load, adequate disaster recovery processes to get the business back in action in the event of a failure, and access to the necessary skills in a timely manner.

In terms of security SMEs are even less well prepared. While most understand the need for anti-virus software, and a few understand the importance of devices such as firewalls, in a more connected world most have little or no experience in the important discipline of risk management (at least as it pertains to IT Security). This will leave the overly cautious unable to capitalise on opportunities, while the overly optimistic lay their organisations open to damage, and their customers' information, open to disclosure.

Another interesting challenge is coming to terms with how to ensure that staff have the necessary amount of human contact to keep them happy and working efficiently. While some of the new technologies replace face to face contact (like video conferencing) all technologies tend to contextualise communications, with most interactions becoming more formal – that is you have a conference to discuss a proposal, find a way past an issue, but those informal water cooler chats might disappear. Depending on an organisation's culture, the boss may not think this is a bad thing..., but in all seriousness, it is often these informal discussions that provide the greatest insights, innovations and changes for organisations.

There is one final issue to touch on – the cost of downloads. As you may know, most ISPs provide a “free” allowance of data, and when that volume is exceeded they either throttle the connection, or charge an additional fee for extra data used. The genesis of this is in the old model of how Australia paid for the under sea cable that connected Australia to the Internet via the United States. The owner of this infrastructure levied a tariff on data coming to Australia crossing this infrastructure, which ISPs passed onto customers.

While some ISPs have “unmetered sites”, where your bandwidth does not count against your allowance (such as Internode with the ABC website), many have fairly course-grained models where they just charge for anything that doesn't originate on their own network.

For the National Broadband Initiative to provide the best economic benefit all ISPs will need to change these billing arrangements so that domestic traffic is free, or at least substantially cheaper than overseas data – otherwise things like high quality video conferencing will come with monthly Internet bills that will probably rival 1980s style STD phone call charges pretty quickly.

It is often said, when talking about how technology will impact society that “we always over estimate the impact in the short term, and under estimate the impact in the long term”. Nevertheless, we hope you find these thoughts useful in considering how the National Broadband Initiative might affect your organisation.

Keeping Your PC Clean of Malicious Software

(Note: This is a reprint from our April 2009 newsletter)

Following on from the newsletter article last month, we will recommend some tools that we use to keep our machines clean and explain their use.

Anti-Virus Tools

There are several out there, some of them good and a lot of them bad. The main ones that you may have heard of are:

• AVG Anti Virus
• Norton Security
• McAfee Anti Virus
• Avast AV
• PC-Cillin
• Kaspersky

Out of all these programs, we generally recommend AVG. The rest will do an adequate job, but they all suffer from the problem of slowing down computers.

This has a lot to do with the way that these programs have been designed and added to over the years. Generally, instead of starting from scratch for a new release of the software, they add more and more to an older version, which makes them bloated and can cause severe slow down on machines. McAfee and Norton are serious offenders when it comes to this, installing several processes on your machine that, in our opinion, in many cases are completely unnecessary.

AVG has been around for about 4 years, thus making it relatively new on the market and we have not had any issues with their software to date.

Malware Removal Tools

Malware removal programs are more offensive in nature than Anti Virus programs, which is to say that malware removal programs seek out and destroy malware, while Anti Virus Programs defend your computer from attack. When you do manage to get an infection, sometimes the Anti Virus program is unable to remove it, or it has become infected itself, making it blind to the infection. In this case, there are some tools that you can download that have a good chance of removing the malicious software.

• MalwareBytes
• Spybot Search and Destroy
• AdAware
• HiJackThis

Now these programs are less well known by the standard user, but are quite effective at removing nasty programs. MalwareBytes is designed to eliminate any infection, be it spyware, malware, viruses, phishing software, tracking cookies. Spybot S&D and AdAware are more aimed at the spyware and phishing programs, which are the most common form of infection. Spyware and Phishing programs track your internet usage to see what websites you go to and can open popups to infected sites. Phishing is particularly dangerous as it can track your credit card and pin numbers if you do online banking. HiJackThis is a more complex tool and is generally only recommended for the advanced users. It allows you to view running processes (much like task manager) and remove the programs associated with these processes. This can you do not know what you are looking for, so please use with caution.

Hopefully this advice will help keep your machine safe.

Are You Holding Any Toxic IT Assets

(Note: This is a reprint from our April 2009 Newsletter)

We have been hearing a lot recently about “Toxic Assets” with respect to the financial crisis. Without getting into too much detail these “Toxic Assets” might be described, by the layman, as financial instruments which were so complicated that it was almost impossible for the holder of the “asset” to actually define what the asset was, and how much it was realistically worth.

It might seem like drawing a long bow, but to us it is quite similar in many ways to issues that organizations have when looking at their IT assets. There are the assets everyone has a familiarity and a basic understanding of – like the PC on their desktop. They know when it is new it goes faster, and as it gets old it slows down. When it breaks, the things they cannot do become apparent and the user generally knows whether they can work around it with another system etc. Because the PC is in everyone's face almost every day there is a pretty good understanding of the importance of these assets.

But then there are the systems that are hidden from view. Everyone knows that servers are important. What is often overlooked is which servers are actually doing important work. For example, a scenario we sometimes encounter (particularly with new customers) is that having exceeded the capacity of one server, they have gone out and bought another server. Rather than replacing the first server, they have simply made the second an adjunct to it. So rather than relying on one server, the organization is relying on two, one of which is probably already overdue for retirement.

There are many reasons this happens. Sometimes it is hard to get some software off the original server, or no one understands how it works anymore. There is also the reality that migrations from old to new equipment are generally more expensive than the initial first installation.

Sometimes this strategy works – the services provided by the old server are subsumed before it fails through natural attrition or new versions of other products provide the same feature. But often times, that old server just sits in the corner with no one actually knowing the important job that it continues to do until one day, without warning (excepting the bit where it is 5 years old), it suddenly gives up.

Understanding the impact when one of these technical assets goes “toxic” takes a combination of not only technical knowledge (what does the assets do, is there an easy contemporary replacement, how much of its configuration was unique), but also business knowledge (what happens when that service is no longer available).

Avoiding this situation takes a little effort, but is not something that is unmanageable. There are a few easy steps:

1. Understand how old your systems are.
2. Have a rough understanding of what all your systems do.
3. When migrating make sure pressure is applied for a clean and complete migration that doesn't leave ageing systems in place.
4. If a function performed by an old server is absolutely necessary and cannot be migrated to a newer server or device then replace the ageing system with new hardware.

This last step, while not desirable, is sometimes the only option. We have tools and techniques that let us achieve this in almost every circumstance so if you think you have a “toxic asset” that needs treatment then let us know.

Should I Turn Off My Computer To Save The Planet?

(Note: This is a reprint from our March 2008 Newsletter - Home Customers - This advice was mainly aimed at Corporate Customers but you may still find it interesting)

In the past we have always advised customers that it is best to leave PCs on, for a number of reasons:

• Hardware (particularly hard drives and power supplies) are less likely to fail,
• It allows computers to download their updates overnight without slowing down the Internet link during the day,
• Virus scanners and security software will be kept up to date over night, so it is up to date and ready to protect the organisation when staff start work,
• Having the PCs powered on means staff don't have to wait for the machine to boot before they login – this probably saves you about 3 minutes per station per day.

With many more customers being conscious of green house gas emissions and energy usage, it is time to re-examine this advice.

Let us start by considering the energy usage of the PC. A normal PC consumes around 140 watts when it is fully loaded, 60 watts when it is idle, and 35 watts when it is in full power saving mode. More powerful computers consume more power, but that's about right for an office PC.

Monitors are also part of the story. We are going to assume a 17” flat screen monitor, which will draw about 60 watts, although it needs to be noted that power consumption for flat screens tends to go up quickly as the size does. When they are in power save mode the power consumption of most monitors barely registers – probably less than a watt. Close enough to call it zero.

So during a 9 hour work day, assuming 50% idle and 50% full load a PC will consume 900 watt hours, with a 17” monitor contributing another 540 watt hours, for a total of 1.44 kilowatt hours. If we accept (and there are a few figures around) 600 grams of CO2 per kilowatt hour then 864 grams of CO2 is produced each work day. If the PC is left on the rest of the day (so another 15 hours) then another 525 watt hours, or 0.53 kilowatt hours, is used, producing another 318 grams of CO2 Looking at it over a week, allowing two days for the weekend we produce 4.3 kgs of CO2 if we turn off at the end of each day, versus 6.9 kgs of CO2 if left on all the time.

So, there is certainly more pollution being caused by leaving the machines on. However, all the reasons we like the machines to stay on are all still valid as well. For example, if you have 10 staff waiting for computers to power up and boot each morning you probably spend $30 or more while staff wait.

What to do?

As we see it there are three options:

1. Do Nothing: Continue the current practice - not exactly environmentally friendly.
2. Turn the Computers Off Every Night: You have an increased risk of hardware failure and you will spend more money on labour as staff wait for PCs to boot. However you will get a small (very very modest)saving on your power bill and a slight reduction in green house emissions. A lighter version of this is just turning the PCs off over the weekend.
3. Purchase Green Power To Run Your PCs: If you believe CO2 emissions are an issue, then we think this last option, buying green power, is the best choice.

While it might seem a little counterintuitive we think this approach has a lot of benefits:

• It is inexpensive (about 10c a day per day per computer). This is less than the cost of having your staff wait for computers to start every day
• Means you can leave your PCs on with all the benefits that come from that.
• Is more effective at combating green house emissions than simply turning off computers – it eliminates rather than just reducing the contribution of your computers
• Encourages investment in green energy, leading to cheaper green energy in the future

Do you want to know more about buying green power? You can visit ACTEWAGL's green choice site as a starter.