d2 Small Business Newsletter

FAQ: Cloud Computing, Demystified

What is cloud computing, and can it be trusted? Key questions answered
By Jon Brodkin , Network World , 05/18/2009
 
Everyone in the IT industry is talking about cloud computing, but there is still confusion about what the cloud is, how it should be used and what problems and challenges it might introduce. This FAQ will answer some of the key questions enterprises are asking about cloud computing.

What is cloud computing?

Gartner defines cloud computing as “a style of computing in which massively scalable IT-related capabilities are provided ‘as a service’ using Internet technologies to multiple external customers.” Beyond the Gartner definition, clouds are marked by self-service interfaces that let customers acquire resources at any time and get rid of them the instant they are no longer needed.

The cloud is not really a technology by itself. Rather, it is an approach to building IT services that harnesses the rapidly increasing horsepower of servers as well as virtualization technologies that combine many servers into large computing pools and divide single servers into multiple virtual machines that can be spun up and powered down at will.

How is cloud computing different from utility, on-demand and grid computing?

Cloud by its nature is “on-demand” and includes attributes previously associated with utility and grid models. Grid computing is the ability to harness large collections of independent compute resources to perform large tasks, and utility is metered consumption of IT services, says Kristof Kloeckner, the cloud computing software chief at IBM. The coming together of these attributes is making the cloud today’s most “exciting IT delivery paradigm,” he says.

Fundamentally, the phrase cloud computing is interchangeable with utility computing, says Nicholas Carr, author of “The Big Switch” and “Does IT Matter?” The word “cloud” doesn’t really communicate what cloud computing is, while the word “utility” at least offers a real-worth analogy, he says. “However you want to deal with the semantics, I think grid computing, utility computing and cloud computing are all part of the same trend,” Carr says.

Carr is not alone in thinking cloud is not the best word to describe today’s transition to Web-based IT delivery models. For the enterprise, cloud computing might best be viewed as a series of “online business services,” says IDC analyst Frank Gens.

What is a public cloud?

Naturally, a public cloud is a service that anyone can tap into with a network connection and a credit card. “Public clouds are shared infrastructures with pay-as-you-go economics,” explains Forrester analyst James Staten in an April report. “Public clouds are easily accessible, multitenant virtualized infrastructures that are managed via a self-service portal.”

What is a private cloud?

A private cloud attempts to mimic the delivery models of public cloud vendors but does so entirely within the firewall for the benefit of an enterprise’s users. A private cloud would be highly virtualized, stringing together mass quantities of IT infrastructure into one or a few easily managed logical resource pools.

Like public clouds, delivery of private cloud services would typically be done through a Web interface with self-service and chargeback attributes. “Private clouds give you many of the benefits of cloud computing, but it’s privately owned and managed, the access may be limited to your own enterprise or a section of your value chain,” Kloeckner says. “It does drive efficiency, it does force standardization and best practices.”

The largest enterprises are interested in private clouds because public clouds are not yet scalable and reliable enough to justify transferring all of their IT resources to cloud vendors, Carr says.

“A lot of this is a scale game,” Carr says. “If you’re General Electric, you’ve got an enormous amount of IT scale within your own company. And at this stage the smart thing for you to do is probably to rebuild your own internal IT around a cloud architecture because the public cloud isn’t of a scale at this point and of a reliability and everything where GE could say ‘we’re closing down all our data centers and moving to the cloud.’”

Is cloud computing the same as software-as-a-service?

You might say software-as-a-service kicked off the whole push toward cloud computing by demonstrating that IT services could be easily made available over the Web. While SaaS vendors originally did not use the word cloud to describe their offerings, analysts now consider SaaS to be one of several subsets of the cloud computing market.

What types of services are available via the cloud computing model?

Public cloud services are breaking down into three broad categories: software-as-a-service, infrastructure-as-a-service, and platform-as-a-service. SaaS is well known and consists of software applications delivered over the Web. Infrastructure-as-a-service refers to remotely accessible server and storage capacity, while platform-as-a-service is a compute-and-software platform that lets developers build and deploy Web applications on a hosted infrastructure.

How do vendors charge for these services?

SaaS vendors have long boasted of selling software on a pay-as-you-go, as-needed basis, preventing the kind of lock-in inherent in long-term licensing deals for on-premises software. Cloud infrastructure providers like Amazon are doing the same. For example, Amazon’s Elastic Compute Cloud charges for per-hour usage of virtualized server capacity. A small Linux server costs 10 cents an hour, while the largest Windows server costs $1.20 an hour. 

Storage clouds are priced similarly based on the number of gigabytes of storage each month, with additional charges for each upload and download.

What types of applications can run in the cloud?

Technically, you can put any application in the cloud. But that doesn’t mean it’s a good idea. For example, there’s little reason to run a desktop disk defragmentation or systems analysis tool in the cloud, because you want the application sitting on the desktop, dedicated to the system with little to no latency, says Pund-IT analyst Charles King.

More importantly, regulatory and compliance concerns prevent enterprises from putting certain applications in the cloud, particularly those involving sensitive customer data.

IDC surveys show the top uses of the cloud as being IT management, collaboration, personal and business applications, application development and deployment, and server and storage capacity.

Can applications move from one cloud to another?

Yes, but that doesn’t mean it will be easy. Services have popped up to move applications from one cloud platform to another (such as from Amazon to GoGrid) and from internal data centers to the cloud. But going forward, cloud vendors will have to adopt standards-based technologies in order to ensure true interoperability, according to several industry groups. The recently released “Open Cloud Manifesto” supports interoperability of data and applications, while the Open Cloud Consortium is promoting open frameworks that will let clouds operated by different entities work seamlessly together. The goal is to move applications from one cloud to another without having to rewrite them.

How does traditional software licensing apply in the cloud world?

Vendors and customers alike are struggling with the question of how software licensing policies should be adapted to the cloud. Packaged software vendors require up-front payments, and make customers pay for 100% of the software’s capabilities even if they use only 25% or 50%, Gens says. This model does not take advantage of the flexibility of cloud services.

Oracle and IBM have devised equivalency tables that explain how their software is licensed for the Amazon cloud, but most observers seem to agree that software vendors haven’t done enough to adapt their licensing to the cloud.

The financial services company ING, which is examining many cloud services, has cited licensing as its biggest concern. “I haven’t seen any vendor with flexibility in software licensing to match the flexibility of cloud providers,” says ING’s Alan Boehme, the company’s senior vice president and head of IT strategy and enterprise architecture. “This is a tough one because it’s a business model change. … It could take quite some time.”

What types of service-level agreements are cloud vendors providing?

Cloud vendors typically guarantee at least 99% uptime, but the ways in which that is calculated and enforced differ significantly. Amazon EC2 promises to make “commercially reasonable efforts” to ensure 99.95% uptime. But uptime is calculated on a yearly basis, so if Amazon falls below that percentage for just a week or a month, there’s no penalty or service credit.

GoGrid promises 100% uptime in its SLA. But as any lawyer points out, you have to pay attention to the legalese. GoGrid’s SLA includes this difficult-to-interpret phrase: “Individual servers will deliver 100% uptime as monitored within the GoGrid network by GoGrid monitoring systems. Only failures due to known GoGrid problems in the hardware and hypervisor layers delivering individual servers constitute failures and so are not covered by this SLA.”

Attorney David Snead, who recently spoke about legal issues in cloud computing at Sys-Con’s Cloud Computing Conference & Expo in New York City, says Amazon has significant downtime but makes it difficult for customers to obtain service credits.

“Amazon won’t stand behind its product,” Snead said. “The reality is, they’re not making any guarantees.”

How can I make sure my data is safe?

Data safety in the cloud is not a trivial concern. Online storage vendors such as The Linkup and Carbonite have lost data, and were unable to recover it for customers. Secondly, there is the danger that sensitive data could fall into the wrong hands. Before signing up with any cloud vendor, customers should demand information about data security practices, scrutinize SLAs, and make sure they have the ability to encrypt data both in transit and at rest.

How can I make sure that my applications run with the same level of performance if I go with a cloud vendor?

Before choosing a cloud vendor, do your due diligence by examining the SLA to understand what it guarantees and what it doesn’t, and scour through any publicly accessible availability data. Amazon, for example, maintains a “Service Health Dashboard” that shows current and historical uptime status of its various services.

There will always be some network latency with a cloud service, possibly making it slower than an application that runs in your local data center. But a new crop of third-party vendors are building services on top of the cloud to make sure applications can scale and perform well, such as RightScale.

By and large, the performance hit related to latency “is pretty negligible these days,” RightScale CTO Thorsten von Eicken. The largest enterprises are distributed throughout the country or world, he notes, so many users will experience a latency-caused performance hit whether an application is running in the cloud or in the corporate data center.

7 Lessons That SMBs Can Learn from Big IT

By David Strom , PC World

Just because you don’t have a large enterprise doesn’t mean you can’t run your IT operation like the big guys. Here are seven ways to help your SMB implement some of the lessons big IT operations have learned over the years. Using these tips, you should be able to improve productivity, cut costs, and keep your business running smoothly.

1. Standardize on Desktops and Cell Phones to Reduce Support Differences
This is not as easy as it sounds, because even if you buy multiple quantities of the same exact model of PC, the systems could still have subtle internal differences that can come back to haunt you when you have to fix them. Carey Holzman, an independent reseller based in Glendale, Arizona, ran into this problem. His company ordered a particular model of computer that contained specific parts meeting the corporation’s strict requirements. Yet when he received the PCs, he found that the systems contained two revisions of the ATI video card, one of which caused an incompatibility with the mice the company used.

And unfortunately for Holzman, the PC vendor was of little help. “The vendor refused to acknowledge any responsibility for the video card incompatibility. We started ordering the computers without video cards after that–until the next problem cropped up, and eventually, [we] switched vendors entirely,” he says.
To keep incompatibilities to a minimum, you should try to stock hard drives from the same vendor, and to standardize on the same model of peripherals such as printers, mice, and keyboards, too. You can also make use of Windows Inspection Toolkit or similar utilities to keep track of the specific configuration of your systems. Finally, use drive imaging software such as Acronis True Image or Norton Ghost to make copies of your basic system installation, so that it can be recovered easily in case of virus infections or other problems.

Many IT shops also buy spare PCs and use them for replacements. “The problem is that you are tempted to use it as new workstation, instead of as a replacement, and then you no longer have a spare,” says Holzman. “You need to put it in the closet and use it only to help you through temporary IT emergencies.” Besides keeping several spare PCs, it’s also a good idea stock a spare laser printer and network hub in case yours go south.

Holzman also recommends retainer support contracts with a local technician, so you won’t have to scrutinize the invoices trying to interpret the work that was done and whether the tech was being fair and honest.

2. Perform Off-Site Backups
Small businesses have basically two approaches to choose from in doing backups: One is to copy critical data to a series of external hard drives and periodically rotate them from your office to a remote location (such as a bank safe deposit box). The other is to use one of a number of online backup service providers such as d2 Backup, which offers low cost gigabyte-level storage. Big IT typically uses off-site tape storage because of the quantity of the data involved, but for smaller outfits, online services are less expensive and more convenient.

The trick with either method is to use them religiously, and to ensure that all of your data is copied on a regular basis. The online backup option could be especially handy in more than one way: Earlier this summer, Damian Zikakis, a Michigan-based headhunter, had his laptop stolen when someone broke into his offices. He replaced it a few days later; and because he had used Mozy, he thought that he was covered in terms of being able to bring back his files from the Internet backup.

When Zikakis had a moment to examine the layout of his new machine, he “found several incriminating files. The individuals who had my computer did not realize that the Mozy client was installed and running in the background. They had also used PhotoBooth to take pictures of themselves and had downloaded a cell phone bill that had their name on it,” he says.

Zikakis did a bit of head hunting on his own and contacted the appropriate police department with this information. They were able to recover his computer, and now have the task of figuring out who actually took the laptop originally and what law enforcement options to pursue.

3. Use Hardware to Secure Your Internet Connection
SMBs often are not as attentive to the security of their Internet connection as they should be, and the results of such neglect could be disastrous. Last year, hackers compromised the point of sale system (POS) of clothing designer firm Nanette Lepore. The hackers managed to reconfigure the outdated firewalls and sold some stolen credit card numbers from the company’s high-end clientele.

This happened because the company’s chain of retail stores had little or no security measures or proper procedures. “All of our store clerks were using the same password to access the POS,” says Jose Cruz, Nanette Lepore’s network manager. “It was wide open. No one had ever thought to change passwords periodically, or even use different ones for each user. Prior to my arrival here, the emphasis on POS security wasn’t urgent. Needless to say, this all changed.”

Cruz got a call that no one ever wants to receive–from the FBI, telling him that several of their customers had received fraudulent credit card charges. This led to finding out that the company’s Netopia DSL routers had been hacked, and their firmware had been changed to allow hackers inside their network.

The stores now use SonicWall integrated security devices, and Cruz has implemented password change policies and other security procedures to ensure that he won’t get a repeat of what happened before. Such an approach can help an SMB keep private information secure. Another good policy: Ensure that all network access is turned off when an employee leaves the company.

4. Use a VPN
Many larger IT shops make use of virtual private networks (VPNs) to ensure that their communications are kept confidential, and that traveling users can access home office files and other resources when on the road. Many of these VPN products can be quite expensive, but the SMB alternatives don’t have to cost a lot of money.

Some, such as Openvpn.org, are free, while low-cost VPN service providers such as LogMeIn.com’s Hamachi can run about $50 per person per year. “Hamachi allows us to connect to hundreds of our customers and monitor live videos of our security cameras discreetly and without having to worry about being compromised by unauthorized users,” says Ben Molloy, the vice president of Pro-Vigil, a San Antonio, Texas-based company that provides security for off-hours construction sites.

And VPNs come integrated in a variety of lower-cost security gateway appliances, too. Nanette Lepore makes use of the SSL VPNs that are included in the SonicWall appliances to connect their stores together, and to ensure that no one can compromise their communications.

The Lepore firm even set up temporary accounts for guest workers and maintenance personnel that are purposely time-limited. Granting accounts for temporary personnel without such time limits is another common mistake. Time-limited accounts mean that the IT staff doesn’t have to remember to remove the account when the maintenance is completed.

5. Run Personal Firewalls, Especially on Windows PCs
Windows is notorious for being a security sinkhole, and most larger IT operations now require their PCs to run some kind of personal firewall to prevent infections and malware from taking over. A wide range of products is available, but the key is to pick one, make it standard, and make sure that all employees are educated about why it is necessary to keep the firewall running at all times, especially when traveling. Inexpensive but effective firewalls include AVG from Grisoft.com, Online Armour, and Kaspersky Labs.
However, you can’t always manage each individual machine, and a careless user could turn off these defenses and let viruses in. This is where having a drive image copy can come in handy.

Another way to enforce security policies and other protective measures is to deploy some endpoint security tool that will block unhealthy PCs from gaining network access. Napera is one product that is specifically targeted at SMB installations, and McAfee and Sophos have others.

Matt Stevenson, who is the director of information technology for Talyst, a pharmacy automation vendor in Bellevue, Washington, has been using the $3500 Napera appliance on his 120-node network for the past six months. “A lot of our staff is out in the field, and they attach to a wide variety of networks. When they come back to our office, the Napera box forces their PCs to become compliant and to ensure that our network won’t get infected,” he says.

6. Rely on VoIP PBX for Your Phone System
As more and more big IT shops can attest, using a VoIP PBX telephone system has tremendous cost advantages. The biggest one is for your remote workers who can have extensions on your headquarters’ phone system. These systems are also very flexible in terms of call handling, and offer other features such as call forwarding, multiple simultaneous rings (where an incoming call can be answered wherever it is more convenient), so-called follow-me (where incoming calls are routed to particular numbers at particular times of the day), and do-not-disturb.

“Now businesses are able to get features that can set the rules on how they are contacted, and be able to conduct more business when they aren’t in their office,” says Henry Kaestner, the founder and CEO of Internet phone provider Bandwidth.com, one of the many vendors that offer this kind of service. CBeyond and Asterisk are other companies that offer VoIP PBX.

These systems start at around $400 a month and have the advantage of being able to grow or contract with your staffing needs. They also can present your company as more professional, with features that are normally found on very expensive phone systems. The downside is that you need to ensure that your network is up to snuff to handle all the voice traffic; and to get the most out of these systems, you’ll want to find a VAR or consultant who specializes in VoIP PBX installations.

7. Have a Solid Test Plan for Adding New Technology
The big guys don’t put some new tech into their operations without first doing a lot of testing first. Put together a test lab or designate one office that will be your “beta bar,” and encourage your most technical staffer to try out new things before getting them deployed.

Ramon Ray, the owner of the site Smallbiztechnology, advises that in addition to testing, it’s important to analyze a variety of options. “Just don’t just go for the first choice, but think and review the pros and cons and what else is available to you. During the testing, it is also important to consider your future needs. Many smaller businesses don’t think of their future growth, which will affect their IT plans,” he says.

The Financial Market’s Impact On Technology

Do Cooling Markets Mean Cooling Technology Spending?
 
The recent woes throttling the worldwide financial markets have unleashed a tsunami of bad news that has quickly spilled from the confines of Wall Street’s banking industry and into Main Street. Even though most industry watchers expect IT spending to increase, there is little doubt that the current financial turmoil will have a significant impact on the technology sector and enterprise spending.

At this time, no one knows how long this financial malaise will linger, so predicting the magnitude of the impact on the technology sector and enterprise spending is, at best, a wild guess. It may also be difficult to predict and understand the impact on mergers and acquisitions, as well as the impact on the average small or midsized enterprise.

The Impact On Technology & Spending

Jill Fishbein, co-chair of the Corporate Practice Group and a partner at Carr & Ferrell LLP, says that she expects to see a continued general decline in capital expenditures with the anticipated recession, so hardware purchases such as servers, PCs, routers, and so on may be reduced or postponed.

But, she adds, “clean” tech investments not dependent on project (debt) financing, such as energy-saving technologies, will continue to grow.

Matt Dubois, information technology manager at d2 Business Solutions, says even though his company is seeing a downturn in new hardware purchases, it is also seeing a huge increase in outsourced services (backups, hosted spam filtering, etc.) and outsourced personnel. Some of the larger businesses, adds Dubois, are laying off expensive or highly specialized technical personnel and opting to use contractors instead.

But not all is bad news in technology. Christine Crandell, EVP and chief marketing officer at Egenera, says even though the overall economy “has caught a bad case of the flu,” the demands on IT have not changed. Even though spending will be curtailed, a lot of spending necessary to support enterprises will continue.

Says Crandell, “IT spending will focus on increasing service levels while cutting costs and building more agility and reliability into IT, [all] while better aligning with business goals.”

A Tightening Credit Noose

Decreasing access to credit, one of the most pernicious symptoms of the financial crisis, directly affects businesses because it crimps their ability to obtain loans needed to fund operations. Sean Murphy, co-founder and vice president of Canvas Systems, an IT life-cycle management company, says that with big IT financing companies (GE Capital, CIT, and others) caught up in the credit storm, companies are increasingly looking for ways to pay cash for equipment rather than seeking financing.

Murphy says small leasing companies, Canvas included, are in a good spot because they are largely unaffected by the current credit squeeze. “Additionally,” he adds, “leasing is coming back in a huge way because customers get to keep their cash and make monthly payments and don’t have to make huge purchases right now.”

Will Mergers & Acquisitions Cool Down?

According to the MoneyTree Report from PricewaterhouseCoopers and the National Venture Capital Association, venture capitalists invested $7.1 billion in 907 deals during the third quarter of 2008, a 7% decrease from the second quarter of 2008, in which they spent $7.7 billion on 1,033 deals.

“While overall venture investing hasn’t yet been impacted by the turmoil in the financial markets, as evidenced by the $7 billion-plus invested in Q3, we do expect to see a dip in investing over the next several quarters,” says Tracy Lefteroff, global managing partner of the venture capital practice at PricewaterhouseCoopers. Also, adds Lefteroff, PwC does not expect venture funding to dry up, as VCs have slogged through difficult times before and tend to be long-term investors who won’t jump ship just because times are tough.

“They may tighten their belts and those of their portfolio companies, but they still have money in their coffers and will continue to make investments,” adds Lefteroff.

So, where did the VC money go as far as technology is concerned? According to data from the MoneyTree Report, Internet-specific companies received $1.1 billion for 194 deals in the third quarter. Semiconductors received $396 million in 50 deals, while telecommunications investments totaled $323 million in 45 deals, the lowest level for that sector since the third quarter of 1997.

Richard Muirhead, CEO and founder of Tideway, a developer of platform systems for data center search, says, “VC fund tightening is already impacting later-stage companies that do not understand the economics of their growth very comprehensively.” VCs, adds Muirhead, will not tolerate high levels of burn without certainty in this environment. And, he says, earlier-stage companies are where the innovation could potentially be impacted, as VCs look for propositions that focus on cost reduction and compliance.

Small & Medium-Sized Enterprises Feel The Pinch

The current financial situation is certain to affect SMEs who need to borrow cash to fund their operations. Carr & Ferrell’s Fishbein says these enterprises need to conserve cash and get creative about growing a business in times of tight cash by making use of corporate partnerships, government grants and loans, or alternative sources of revenue.

Egenera’s Crandell says the economic crisis affects midsized enterprises acutely because they don’t often have the cash reserves of larger companies. So, she adds, “the focus will be on negotiating lower rates from suppliers, standardizing their hardware to reduce complexity and support requirements, locking in longer service agreements with favorable terms, and outsourcing their applications and parts of their edge infrastructure.”

But, says Canvas Systems’ Murphy, small and midsized enterprises don’t have the same challenges as some of the bigger companies, so Murphy sees this as a good time to be an SME because the distractions suffered by large firms such as AIG are not there. That being said, he adds, everyone is tightening their belts. Murphy predicts an uptick in the purchase of refurbished IT equipment during these financially challenging times.

“I also think,” he says, “small to midsized enterprises might need to be a little more aggressive than larger enterprises because the big guys are scaling back like I’ve never seen before.”

Stay The Course

In many ways, the current financial crisis is a challenge that will be difficult for government and the private sector to overcome, even with the Treasury and the Federal Reserve throwing literally everything in their arsenal at the problem. Economies rise and fall with time, however, so it is important for enterprises to avoid over-tightening their belts during challenging times. As Janet Tyler, president of Airfoil Public Relations, points out, if a business doesn’t keep pace with IT developments during the downturn, it could find itself at a considerable disadvantage against competitors who did when things finally improve.

by Sixto Ortiz Jr.

9 Must-Have Tech Tools for 2009

By Anita Campbell

Are you wondering what new technology tools you will need for business in the new year? Have you ever heard of the Mobigrip?

Each year seems to get better with inexpensive, innovative technology for small businesses.  And for 2009 I’ve found some excellent products to recommend for you.

Here is my annual list of 9 tech tools you can’t live without in 2009.  These picks can help you be that well-equipped entrepreneur running a successful and mobile business, being more productive and having more fun — with less drudgery:

iPod Touch–  Last year I recommended the iPhone.  But I got a 16 GB iPod Touch for myself. The iTouch is like an iPhone without the phone.  In essence it’s a PDA combined with an iPod for downloading podcasts, music, and video.  I wanted to continue using my existing telephone because it’s comfortable to hold against my ear.  But I couldn’t pass up the iTouch’s ability to sync my Outlook calendar and contacts; get access to Gmail when on the road; and surf the Web.  Many of the iTunes Store apps also are available for the iTouch to expand functionality.

Twitter tools– Twitter, the 140-character micro blogging platform, is rapidly evolving as the place where small business contacts are being made and expanded, and conversations are happening.  Here are three must-have Twitter utilities:  TweetBeep, which sends you email alerts when your name or URL has been mentioned on Twitter; Mr.Twitter, which allows you to intelligently expand your Twitter contacts; and the Twitter Tools plugin for WordPress which allows you to pull in tweets to display on your blog and allows you to post blog posts on Twitter from within the WordPress application.

Google Apps Premier for Business– Google has created an offering that is hard to turn down for small businesses needing to bring together a distributed workforce or virtual team.  For $50 per user per year, you can get Gmail with a 99.9 percent uptime guarantee using your own domain name for e-mail addresses.  Among other things, you also get use of Google Calendar and Google Sites, which can be used to create a simple company Intranet.  Best of all, you can do it yourself, or find vendors who will set you up on Google Apps inexpensively through the Solutions Marketplace that Google has established.

HP Touchsmart PC– This is a visually stunning personal computer that has several aesthetically pleasing, productivity-enhancing features.  It is a CPU and monitor in one.  As the name suggests, you can navigate by touching the screen if you wish.  And it has a unique way of presenting applications, with fanned-out and scrolling displays of its software applications and media.  It’s primarily targeted to consumers.  But some small businesses are seeing the advantages of the large monitor size (from 22” to 25.5”) which lets you have several applications visible at once.  Also, the clarity of the high definition monitor makes it ideal to display a video feed or photo slideshow in a business lobby or at a trade show, for instance.

Flip HD Mino Video Camera– Everyone from the New York Times to my video guru friend Jim Kukral is “flipping” over the Flip.  It’s a very small, light, cheap camera that takes good quality video for the price (and can deliver HD output).  It has a USB plug so you can plug directly into a computer to transfer the video.  It even comes in a range of beautiful color combinations like pink, lime green, and black.  Video is increasingly more important to have on your website to get found in search engines, and what easier way to get started creating video for your website.

Mini notebook computer– Entrepreneurs have discovered the joy of not lugging around a laptop that weighs seven pounds.  Instead, the latest thing is the mini notebook:  ultra light, small, pared-down notebooks weighing less than three pounds. They’re now being called “netbooks” because their optimum use is to connect to the Internet and use applications in the cloud, with few apps loaded on the machine. The Asus Eee PC is one of the smallest and cheapest, retailing for a little over $300.  Dell has its Inspiron Mini 9, which comes in stunning colors like cherry red.  Just remember that with most minis you will sacrifice some comfort (keyboards are less than full size), features and computing power, in exchange for easy portability.

Business card scanner– If you attend a lot of conferences and networking events, you’re likely to end up with stacks of business cards that go into a drawer.  It took work to make those contacts, so make sure you capitalize on all that work by inputting the information into your contact management system.  A business card scanner will save you considerable time.  I use CardScan and find it to be very accurate — it even seamlessly transfers the scanned information into Outlook.

Digital picture frame– HP has a nice line of digital picture frames to display your favorite digital photos.  The smallest is a 3.5” digital picture frame that is no bigger than a coffee cup.  It stores/displays 45 images.  You can download images directly from your digital camera by inserting your camera’s SD memory card into the frame.  It is battery operated, so there are no wires.  It includes an AC adapter.  Best of all, it retails for around $59, making it affordable as a holiday gift to give employees or customers.

Backup iPod battery– Although Apple has improved battery life in its second generation  products, your battery life could be as little as two or three hours for an iPod, iPod Touch, or iPhone. If you use yours heavily while on business trips, you will eventually run out of juice. That’s where the Richard Solo Backup Battery for iPods and iPhones comes in. The device will recharge your battery either partially or fully.  So the next time you’re trying to watch two movies on a four-hour flight on your iPod Touch, you can get through them both before you have to find an electrical outlet or plug it in to your laptop.

Bonus tool:  The Mobigrip– There’s no sadder sight than a Blackberry Curve with a cracked display screen because it fell out of your hand to the pavement. The Mobigrip is an inexpensive little helper that sticks to the back of any mobile device and has a little bungee cord that wraps around your finger.  Voila — your mobile device stays put. At first I was skeptical, but it really works and it’s reasonably comfortable.  It’s inexpensive enough that you could have a supply customized with your logo and give them as trade show swag or customer gifts.

Tips for Searching the Internet

The Internet contains a vast collection of information, but finding what you are looking for can be a challenge. Here are a few tips to help you search the web more effectively.

Use the Instant Search box
In the Internet Explorer Instant Search box, type a keyword or phrase and then press ENTER (or press ALT+ENTER to display the search results in a new tab).

Use the Address bar
In the Internet Explorer Address bar, type Find, Go, or ? followed by a keyword, website name, or phrase, and then press ENTER. If you want the search results to display in a new tab, press ALT+ENTER after typing the phrase. 
 
Use more than one search provider
If you do not find what you’re looking for with a particular search provider, you can search using a different one. Internet Explorer’s search box lets you add additional search providers and switch between them to improve your search results.

To learn how to use different search providers, install new search providers, or change the search provider that Internet Explorer uses by default, see Change or choose a search provider in Internet Explorer.

Search more efficiently
Here are a few ideas for improving the results of searches. When searching using the address bar, first type find, go, or ?. :

• Use specific words rather than generic categories. For example, instead of searching for dogs, search for a specific breed of dog.

• Use quotation marks to search for specific phrases. Surrounding terms with quotation marks limits the search results to only those webpages that contain the exact phrase you’ve specified. Without the quotation marks, the results will include any page that contains the words you’ve used, regardless of what order those words are in.

• Use the minus (-) sign before a keyword to tell search providers to exclude pages with that term. Using a minus sign will retrieve webpages that do not include the word. It’s important not to include any spaces between the signs and the search terms (for example, -Bogart, not - Bogart).

• Eliminate common words such as “a”, “my”, or “the”, unless you’re looking for a specific title. If the word is part of something you’re looking for (a song title, for example), include the common word and surround the phrase with quotation marks.

• Use synonyms or alternative search terms. Be creative or use a thesaurus for ideas. Type thesaurus in the search box to find an online thesaurus.

• Search only a specific website or domain. Type the search term you’re looking for followed by site: and the address of the website you want to search to narrow the search to that specific site. For example, to search d2business.com for information about viruses, type virus site:www.d2business.com (with no spaces between site: and the domain).

• Use a specialty search engine or provider, such as MSN Image search, to look for pictures. Many websites offer their own special searches for anything from shopping to hobbies. Internet Explorer can detect specialty search providers on some websites, which you can add to your list of search providers.

How Often Should You Back Up Files?

Rudimentary data protection can be a business life-saver.

It’s a call no business owner wants to get — a fire broke out overnight in the industrial park where your office based, reducing it to smoldering rubble. Sure, you’re thankful no one was inside, plus insurance should cover the physical damage — but what about your company’s critical computer files?

According to ADR Data Recovery, U.S. businesses lose more than $12 billion per year because of data loss due to hardware or system failure (which accounts for roughly 78 percent of all data loss), software corruption, natural disasters, or human error.

Data loss, and the downtime suffered from it, can cause considerable damage to your business and if you do any kind of commerce and your current orders are lost, it can prove to be a serious blow to your business revenue.

The only absolute protection against losing critical information on your PC is to proactively back-up important files on a regular basis.

DIY or Automatic?
Backing up your files can be handled automatically, thanks to the many scheduled onsite or offsite back-up programs available today (d2 Remote Backup, $39/mo for 10Gb); or manually, where it’s up to you to select which files to back-up and where to back them up to, either burned onto a recordable CD or DVD, USB memory stick, or, preferably, uploaded to a secured offsite location in case of fire, theft, or natural disasters. Backed-up discs may also be stored in a safety deposit box.

What Gets Backed Up
Each business has its own particular needs and interests, but across the board, all businesses share the common need to back up customer data, contact information, and passwords. Individuals may want to add to that list: work files such as documents, spreadsheets, presentations, Web site code, as well as calendar appointments and e-mails.

A sales office will want to make external copies of its detailed CRM files. An architect will save blueprint sketches and 3-D renders.

Deciding what to back-up is as easy as asking yourself what is irreplaceable. In some cases, the data could be recoverable, but it may cost your business money, time, or embarrassment to retrieve everything from external sources. Let’s face it — asking one of your most important clients to re-send contact information or contracts could be damaging to your relationship.

Data loss can ruin your reputation with clients or customers because you never know when data loss can strike.  Back-ups should be automated and stored off-site, so you can concentrate on growing your business.

What’s the Frequency?
Some software packages — many of which are available as a “try before you buy” download at www.download.com — automatically back up your information at a select time every day or week.
But if you’re handling the back-up manually onto a CD-RW disc or USB thumbstick, it’s recommended you back-up important information at least once a week. This includes files such as key work documents and files, business contacts, and appointments.

If you’re working on an important document, such as a sales report or a presentation or spreadsheet, it’s not a bad idea to keep a USB memory stick inserted into the PC’s USB port to make a back-up after the work is completed. This is especially a good idea for mobile professionals working on laptops — all it takes is for you to leave your PC on a plane, in a hotel or in the back of a cab and your critical data could be gone forever.

Marc Saltzman, Inc. Technology

5 Simple Ways To Avoid Getting An Avalanche of Spam

As you probably already know from firsthand experience, once you’re on a spammer’s list, it’s next to impossible to get off. And changing your e-mail address can be a major inconvenience especially if you rely on it to stay in touch with important business and personal contacts.

To reduce the chances of your e-mail address getting spammed, here are 5 simple preventative measures you can take that will go a long way in keeping not-so-delicious spam out of your in-box (d2 Spam Filtering, $59/mo up to 25 users).

1. Use a disposable e-mail address.
If you buy products online or occasionally subscribe to websites that interest you, chances are you’re going to get spammed.To avoid your main e-mail address from ending up on their broadcast list, set up a free Internet e-mail address with Hotmail or Juno and use it when buying or opting in to online newsletters. You can also use a throwaway e-mail address when making purchases or subscribing to newsletters (see #4 below).

2. Pay attention to check boxes that automatically opt you in.
Whenever you subscribe to a website or make a purchase online, be very watchful of small, pre-checked boxes that say, “Yes! I want to receive offers from third party companies.” If you do not un-check the box to opt-out, your e-mail address can (and will) be sold to every online advertiser. To avoid this from happening, simply take a closer look at every online form you fill out.

3. Don’t use your main e-mail address on your website, web forums, or newsgroups.
Spammers have special programs that can glean e-mail addresses from websites without your permission. If you are posting to a web forum or newsgroup, use your disposable e-mail address instead of your main e-mail address. If you want to post an e-mail address on your home page, use “info@” and have all replies forwarded to a folder in your in-box that won’t interfere with your main address.

4. Create throwaway e-mail accounts.
If you own a web domain, all mail going to an address at your domain is probably set up to come directly to you by default. For example, an e-mail addressed to anything@yourdomain.com will be delivered to your in-box.This is a great way to fight spam without missing out on important e-mails you want to get. The next time you sign up for a newsletter, use the title of the website in your e-mail address. For example, if the website is titled “successsecrets.com”, enter “successsecrets@yourdomain.com” as your e-mail address. If you get spammed, look at what address the spam was sent to. If successsecrets@yourdomain.com shows up as the original recipient, you know the source since that e-mail address was unique to that web site. Now you can easily stop the spam by making any e-mail sent to that address bounce back to the sender.

5. Don’t open, reply to or try to opt-out of obvious spam e-mails.
Opening, replying to, or even clicking a bogus opt-out link in an obvious spam e-mail signals that your e-mail address is active, and more spam will follow. The only time it is safe to click on the opt-out link or reply to the e-mail is when the message was sent from a company you know or do business with (for example, a company that you purchase from or a newsletter you subscribed to).

Finally! A Way To Stop Spam, Spyware, And Pop-Ups From Taking Over Your Computer

If you are absolutely fed up with the number of spam e-mails you get every day, the annoying pop-ups being shoved in your face when you surf the net, and advertisers installing spyware on your computer to monitor your every move and serve up unwanted ads, then protect your company with an Enterprise Level Spam Filtering service (d2 Spam Filtering, $59/mo up to 25 users).

When Insiders Attack: How Recessions Make Good People Do Bad Things

Whom can you trust? In security, many of us nurture a healthy sense of paranoia and tend to be distrustful. But as human beings, as social beings, we form bonds of trust with those around us.

Behavioral psychology and sociology show that we have tribal behaviors that lead us to associate and trust those in our “tribe.” These behaviors may even have biological underpinning — we’re wired to trust our group. In a modern corporate environment, our co-workers are part of our tribe, and we extend a high level of trust to them. We might want to fight our instincts on this one, however.

Every time there’s a recession, crime goes up. Even good people will make poor decisions under economic pressure. From a security professional’s point of view, recessions are a time of higher risk. Both internal and external attacks are likely to increase. The rising tide of crime will lift all attacks, across all areas of exposure. On top of everything else, you may have to contend with layoffs. Nothing makes a good person angrier and more motivated than a pink slip.

Greed, anger or desperation are what motivate insiders to attack their own companies. Most serious computer crimes I have seen (or been involved in investigating) were insider attacks. If your company is making layoffs, you will have to contend with angry and desperate people.

Here are some of the insider issues to look out for during a recession:

* Employees may find themselves struggling with medical payments, mortgage payments or other financial issues. Many insider attacks start with an insider with access to corporate capital “borrowing” some money with every intention of returning it. While they rationalize the action, these employees often will get into a snowballing situation that leads them to further embezzlement. Guard financial systems with proper checks and balances in place and protect yourself with Web and IM Filtering (d2 Web Control) to restrict, monitor and receive alerts on employee web usage.

* Layoffs will often trigger acts of revenge. These are most dangerous if they involve people in IT or finance. Logic bombs are the most common type of revenge on IT systems. Embezzlement also can be an act of revenge or desperation. Tighten password and access controls. Audit remote-access systems for unusual behavior.

* Most companies today have more than one user directory. User life-cycle management practices are often lax. It is not uncommon to find dozens of former employees with active access during audits. Make sure you have a comprehensive process for disabling account access and changing shared passwords (which you shouldn’t have anyway).

* Disable access first, give pink slip later. As harsh as it is to march someone out of the building, it takes only a few minutes for an employees with access to critical systems or money to cause enormous damage. If you have layoffs coming, disable accounts overnight before people are fired.

It feels wrong to distrust insiders and treat them with suspicion during difficult economic times. The truth is, however, that you have a responsibility to protect the rest of your employees from the potential damage caused by one angry or desperate person. Be courteous, respectful and apologetic. Then follow the process strictly.

Andreas M. Antonopoulos , Network World

Fake Anti-Virus Software and Other Misleading Applications

This year has seen a rise in mal-ware disguising itself as legitimate anti-virus software.  The programs and graphical interfaces are not as crude as the past.  Some of the popular fakes are Anti-Virus XP 2008 or Anti-Virus Plasma.  The programs are often accidentally installed by users who see a familiar looking pop-up warning them that their computer is infected.  Users typically click on the pop-up thinking that this is their own anti-virus software and they are trying to do the right thing.  Then next thing you know, your computer is flooded with exaggerated reports of infection, sometimes to the point that the computer is impossible to work on.
These programs typically are the gateway to other mal-ware programs.  They often contain a downloader in their payload and will download other malicious software.  But hackers are smarter now, and not just writing viruses to mess up your computer for no reason.  Viruses are big business for hackers, and they are using them to cash in on everything from identity theft to spam.  The worst viruses are the ones that go unnoticed for sometime and slowly steal all your information.  The best information I can give to home users, is read carefully what that pop-up says, don’t click on it if you are unsure, don’t let it scare you into making a decision.   Do your best to protect yourself before you get exposed and download AVG, it’s free for home use.  I use it and love it.
Be Safe,
Matt Dubois

The Future of Computing - SaaS, Cloud Computing & Thin Clients

It’s not just the economy that is driving companies to SaaS and cloud computing environments, but it is sure helping.  The concept of client-server based computing is not new, as a matter of fact it is very old. Those that remember “dumb clients” or “dummy terminals” know what I am talking about, it was around long before PC based computing.  Most of you who work at large corporations already use client-server computing; does Citrix, Terminal Services, WYSE and VMWare sound familiar?  This centralized architecture  lowers overhead costs, simplifies administration and increases redundancy.  Client-server based computing is making its way into the home soon too, Google Apps, Microsoft Office Online, Quicken Online, online picture and data storage becoming are more and more popular everyday.
Smaller businesses are slowly making their way back to this architecture, but the lack of knowledge or resources have made the transition slow.  The condition of the economy has forced many small business owners to take a deeper look at their budgets, specifically in IT.
One of the areas of seeing the most growth is the use of online backup services.  These solutions are now cheaper than tapes alone, not to mention the tape drives and the hassle and complexity involved with an old fashioned tape backup system. d2 Business Solutions secure online backup system known as d2Backup is just one of those services that has seen tremendous growth in the past year and was featured on Inc. Magazine’s web site.  Other areas such as security, including hosted spam filters, web filters and anti-virus have have grown significantly.  Some emerging areas are office, CRM or ERP applications delivered as a service (SaaS).  These areas require a little more setup but have proven to cut costs drastically, create a predictable IT budget and help businesses to focus on their core objectives and not worry about IT.
Companies like Microsoft and Intel have been developing Internet centric devices for your home that don’t require a hard drive, dubbed NetTops or NetBooks. These devices not only need an Internet connection, but will require a subscription to a service for applications and  processing duties being shared with the server.
Client-server computing is already the standard for the enterprise level and is set to be the new standard for home use, so now is the time for small businesses to start looking into adopting this platform.
Thanks and Happy Networking,
Matt Dubois