Information protection war in year 2010 and beyond

Year 2010 is almost ending within few days and we’re embracing 2011. The question remain what would future hold for us as usual. As for business we can look back one year to see the changes and do some predictions.

Year 2010 has been shift for most of the business about how they do business using information technology. Virtualization has been one of the key factor in the IT industry to change the phase how IT can align for the business with the ever changing, demanding requirements.

Never the less information has been the critical assets for every business. Protecting the business data has been and will be the key requirements in 2011 as well. As we all know the data availability and accessibility has been demanded by most business workers and information workers with much freedom. Be it with their mobile device, Apple iPad, from home computer workers need freedom. CIO’s need to face with never ending  challenge of allowing data accessibility out of their corporate firewall but still maintain the confidentiality and integrity of the data without getting caught with information leakage.

According to survey’s carried out by various vendors information/ data loss is a primary concern for every business. Year 2010 has been a eye opener for SMB as well about the awareness about this and the risk they carry on protecting the company vital data. As a result, all SMBs saw tangible losses last year, chiefly downtime,theft of corporate data or theft of customer or employee personally
identifiable information. The leading direct costs experienced as a result
were the loss of productivity, revenue and direct financial costs

Data loss can be due to various reasons and some of them are,

1. Employee Mobile device lost (Laptop, Mobile phone, PDA..etc)
2. Cyber Attacks
3. Employee illegally taking data
4. Business Partner illegally taking data

So the key questions remains as always, how to protect the company critical assets and have total control over it. So let have a look at some of the basic steps companies can take into minimize the data loss,

1. Educate the employees – No matter how strong your security as long as your users are weak on using it or aware about it. At least they should be given training and aware about the company policies and also how to safe guard the company assets.

2. Categorize the data and carry out information protection plan – This is a job need to be overlook by IT Manager / CIO about the company assets with the help of the top management. Identifying and categorizing the data will allow them to apply the proper protection plans. (Eg: Encryption technologies, access control, auditing..etc)

3. Data Backup Plan and disaster Recovery – This topic need no introduction and need to reevaluated by each and every company about the effectiveness of their current procedures. SMB can consider about online data backup as their DR solution to safeguard their company critical information.

As per my understanding the tools you need to protect you data is within your reach but questions remains how far you’re using it effectively. As an example mobile devices can be encrypted by using Windows Vista, Windows 7 BitLocker technology. Microsoft carry out different guidelines how can you protect your laptop devices by using the mobile encryption technologies. More information can be found over here.  Companies can meet their governance, risk, and compliance  (GRC) by following the guidelines and tools provided by Microsoft IT Compliance Toolkit.

These are small portion of free tools you have within your grasp to secure your existing environment. With the never ending battle of security and user flexibility you need to arm with these tools and more. In future articles I’ll cover about some of these tools in detail manner.

References:

http://www.symantec.com/about/news/release/article.jsp?prid=20100621_01

http://www.microsoft.com/Presspass/press/2010/apr10/04-05MSRSAPR.mspx

http://msdn.microsoft.com/en-us/library/bb934049.aspx

How to avoid common pitfalls in virtual machine backup

Virtualization has been IT industry hot topic and it will be as it is until next few years. Good news is most of the fortune companies already adopted into it and others are following it. Along with every solution there will be new problems and concerns and Virtualization is no difference over there. In this article we’re going to look into some of the common pitfalls and drawback on virtualization protections and how to avoid them.

One of the main issues for the network admins is losing the control of virtual machine creation and keeping a track of it. Few years back we used to allocate physical server for each and every major service and we can identify them easily. Things have been drastically change when it comes to virtualization due to the flexibility of creating Virtual machines. In virtualization world we call this as “VM Sprawl” This out of control issue is a major issue when it comes to Virtual machines backup as well. So one key factor is to have a clear idea of your virtualization environment and tracking every VPC to identify which servers are critical.

Do I backup data inside the Virtual machine or do I backup the entire VHD files along with the host backup? Most of the traditional backup software has given concern of host level backup and we need to rethink of applying such solution to virtualization environment. This is simply due to the technical maturity as well as licensing cost. There will be scenarios having entire guest machine backup will be acceptable (Eg: Application server) but in certain cases you’ll need to install an agent to virtual PC itself and backup data if you require individual item restore (Eg: File server, E-mail server…etc) So you’ll always need to check with your backup software vendor about their software capability. Good news is Microsoft DPM, Symantec NetBackup, Backup Exec, CA Arcserve are now mature enough for this. (There will be lot more solutions, but I’m simply cannot test them all J ) Simply most of the backup software allow full backup of VHD and granular level restore from that file. This will greatly eliminate the backup window growth.

Which media to use in Backup? Tape or Disk? Industry is moving toward to disk based backup methods considering the speedy backup and recovery window times. But if companies have already invested on Tape solutions the best way is to have a balance with both methods. Having disk based backup initially and then moving data to tape drives for archival purpose. What you should really do is to formulate a disk and tape strategy based on data management objectives and policies.  A few considerations:

  • Recovery time objectives. (RTO)/Recovery Point Objectives (RPO).  Disk is typically faster for recovery.
  • Archiving requirements.  Tape is the most common archive medium.
  • Service Level Agreements (SLAs).  What is IT obligated to deliver to customers?
  • Existing hardware investments, as well as budget.

Apart from that you should consider about data de-duplication technologies which help you to reduce the storage requirements for your backup. Virtualization has given itself more advantages to companies and same time some challenges to the administrators. Most of these challenges cannot be addressed by traditional solutions hence new innovative solutions need to be considered.

Windows phone 7 available for manufactures

Much awaited and discussed Windows Phone 7 version has been released for manufactures (RTM) by Microsoft. This is one of the Microsoft major milestone since Microsoft believe future will more focus into mobile platform.

Despite of this release will have to enter to the battle ground with major players like Android OS and Apple IOS. Despite of that Microsoft have some cool integration tools for seamless connectivity with their rest app platform which will make this as a ideal platform for business users.

More news can be found over here and here. In depth review has been carried out by Engadget web site.

As per the news consumers can get their hands into this product end of this year. So let’s keep our fingers crossed for this Smile

End of Microsoft EBS (Essential Business Server)

Sadly but truly Microsoft has removed the plug from the EBS server. MS has taken decision since there has been no much sales improvement in the server market for this product. EBS is targeted for customer who is having 300 seats (computers), but as the MS has identified a customer who is having 300 computers will be already established company in Infrastructure point of view.

Even though EBS provide significant cost benefit moving to EBS from existing server environment to EBS is daunting task.  Requiring  minimum 3 servers (And they need to be high end as well) to run the product suit including an additional server for premium version is not a easy financial consideration.So the product will be discontinued from selling from June onwards. But the for the existing customers the product will be supported by MS in the normal product life cycle.

What I like most is SBS has not been done any changes and most of the customers still benefit that. Personally I prefer SBS product since it is a significant cost saver for SBS market. This product is targeted for companies who is having less than 75 seats.

SBS Rocks!

Bring your Own Computer (BYOC) to work

Well this has been once debatable question or rather I would say adoptable method carried out by some companies. Microsoft,Intel & Citrix are some companies who adopt this and they have already carried it out in several region offices. Recent economic situation has given most employees green light for this. In a way I see this as a good thing and I started adopting this almost before big companies decide about it. Actually in year 2007 🙂

We as technical persons cannot be locked down for 8 –5 usual office work hours, sometimes we work from home and until late night. Apart from that companies prefer to get maximum benefits out of the employees apart from that HR keeps on trying making the life comfortable for the work force. (Weather they success or not is a different question) My point is everyone want to be happy and still not compromise the rules right? Well in that case BYOC is a good method for several reasons,

1. Employees will have their personal laptop and can work from anywhere, which I call freedom and flexibility

2. Employer cannot afford all the latest hardware to be given to employees all the time to carry out their work and replacing the hardware annually. But they can lend some money to employees to have their own machine with certain legal condition, and this will be fraction of the cost of their annual IT budget.

3. Employees have the flexibility to work and same time have break and use it more meaningfully to interact with friends and colleagues via MSN, other IM’s and social networks. (Eg: Face Book) I know some companies will see FB as a bad thing but again fundamental rules work out over here, trust between employee and the employer. I also agree not wasting time on FB doing farming or playing games in office working hours. Keep that for OOOH (Out Of Office hours)

So on even you’ll can figure out various benefits which is good for both parties. With every new concepts comes some raised concerns and same goes over here.

1. Security – Well this is something for the IT department to come up with. Do you really think BYOC is the only major issue? think about the other methods your network can compromise. What we should really care about is how to make sure company main servers and confidential data can be secured properly. I have seen many times it comes to the boiling point of servers not been secured with the recommendation security patches and security policies. Now it’s time to go and have  a second look at the security aspects more deeply.

2. Cost – As I mention this will be lot less if you plan if carefully. Since you’re not going to spend so much money but lend some money for the employee to buy his/her own machine with relevant terms and condition. But please remember this option is not applicable for all the companies and this has to be evaluated even department level as well.

3. Security Policy – Well companies can have that hefty security policy guideline books with them still 🙂 Well my point is you can still apply some general rules and terms and evaluate your security polices and try to balance everything. If you’re so much concern about the desktop environments then this is the time you can even evaluate the VDI (Virtual Desktop Interface) Microsoft and Citrix is offering pretty cool solutions for this. I think the way we moving forward with year 2010 VDI will be a good option for companies to consider.

So in a nutshell those are my opinions about BYOC and I agree with this trend and the question is do you? Share your thoughts about it and see if we can change the working environment for more friendly flexible and sexy!!!! I mean with cool laptop models people 🙂

Tech.Ed 2010 in Sri Lanka

Hi everyone, we’re so proud to present Tech.Ed in Sri Lanka. Microsoft Sri Lanka has taken great initiate step organizing this event. We believe year 2010 going to be the ICT year and there will be so much improvement in our ICT sector in Sri Lanka. Same time we expect a boom in the Enterprise sector the usage of IT to increase their productivity and reduce the cost.

Tech.Ed will be starting on Feb 09th. Currently registration is open to everyone. This is one of the updated news I received via FB.

“Tech.Ed Sri Lanka 2010 standard price: SLR 12000/=
Register for Tech.Ed Sri Lanka now and save 10% on the standard price. Don’t delay… This Offer Expires 25th of January 2010.
http://www.teched.lk/register.aspx

So go ahead and grab your seat guys. As I mention this will be a great opportunity to experience a whole new level of Microsoft Technology and get in touch with industry experts and raise your questions.

Microsoft Rental Rights Licensing scheme

Beginning of the 01st January 2010 Microsoft has started the rental scheme of their Operating system and Office products. If you’re a partner who is renting or lending machine to customers for projects or for training this will be a good news for you. You don’t have to put a hefty price on your rental price tag for the OS you’re preinstall and delivering. As per Microsoft resellers advantages are as follows,

Rental Rights licensing offers Microsoft resellers a range of benefits, including:

  • Customer satisfaction. You now have a way to sell licenses that fit your customers’ business models, help ensure their compliance, and solidify your role as a trusted advisor.

  • Convenience. No special tools, processes, reporting, or paperwork are necessary; the transaction works like any other license transaction.

  • Revenue. Selling the new licenses means new revenue.

  • Flexibility. Just like with other Volume Licensing SKUs, you have the flexibility to determine the pricing for your customers and to run promotions.

In way this is a welcome method to reduce the piracy of software and give the freedom to comply with licensing as well. More information can be found over here.

Apart from that their are certain restrictions for this scheme as well, Those are as follows,

Rental Rights licenses are user rights licenses only (they do not include software), so no media fulfillment is involved. The following important limitations apply to the Rental Rights licenses:

  • Perpetual license. A Rental Rights license is permanently assigned to a specific device and may not be reassigned to another device. When the device reaches its operational end-of-life, so does the license.

  • Remote access. Rental Rights do not allow for remote access to software.

  • Separate devices. Use of additional copies of the qualifying software on a separate portable device or a network device is not allowed.

  • Additive license only. Rental Rights licenses are not stand-alone product licenses and do not replace customers’ underlying Windows desktop operating system or Office system licenses; Rental Rights are additional licenses that modify the underlying license terms, allowing for rental, lease, and outsourcing of desktop PCs with licensed, qualifying Windows desktop operating systems and licensed, qualifying Office systems.

  • Virtual machines. Rental Rights do not account for software used within a virtual (or otherwise emulated) hardware system. In other words, the primary customer may not create and rent virtual machines.