Helping clients manage their technology for over 30 years.

Are you buying a service — or an illusion?

Handshake in gray

Imagine discovering that for the last 12 months none of your company data had been backed up at your designated co-lo.

Worse, you only found this out because your corporate site has suffered a catastrophic failure. All your data has been lost — and you have no way to retrieve it.

You’re outraged, of course, and you want answers. How could your co-lo provider fail to back up your data? What about your provider’s vaunted disaster recovery service? Who is responsible for allowing this to happen?  Continue reading

When It Comes to Security, Know Thyself

Data Security & Data Loss Prevention (DLP)

“If you don’t understand the risks, you don’t understand the costs,” security guru Bruce Schneier advised during a TED talk.

He was discussing security in the abstract — but it got me thinking about IT security in particular and the difficulty many executives face trying to determine if their organizations are safe from cyberattack.

The problem is that these conversations nearly always turn technical. Soon, a flurry of technology acronyms — confounding but apparently reassuring — begin flying around the room.

And, reports Schneier, it works. People, he says, will “respond to the feeling of security and not the reality.”

So what can a CEO do to understand the reality of security risk and grasp what the actual cost of security failure might do to the organization?  Continue reading

CEOs in the Crosshairs

Writing hand in crosshairs

When it comes to security breaches, CEOs stand in the crosshairs. More than their IT staffs, it’s a CEO who’ll take heat for a breach that exposes customer data or endangers relationships with business partners.

So, unlike plenty of other IT issues that don’t require C-level attention, information security ranks right up there alongside financial issues as something with which CEOs need to be familiar. Yes, information security can be daunting, but so are financial statements — and CEOs have to sign off on those.

Where to start? Here are three questions every CEO should be able to answer: Do you know who your security expert is? Do you have a security policy? Do you understand how it’s implemented, managed, enforced, monitored?

Continue reading

Data Center Shopping: Dig Deeper

Data center discussions inevitably come around to the issue of standards. And while I agree that standards, like the recently released SSAE 16, are good to consider when you’re data center shopping, you should never rely on a facility being “in compliance” as the exclusive determinate for your selection.

Standards should be the place where you begin your search. After you’ve checked off the boxes that ensure compliance with whatever standards your industry requires, dig a bit deeper.

Continue reading

Cloud Computing best practices #5 and #4: Monitoring and covering your backup

Importance of Cloud Data Monitoring

Cloud Computing doesn’t mean you walk away from your IT.

That’s why #5 in our Cloud Computing best practices countdown is: Always monitor your Cloud services.

Moving to the Cloud doesn’t require a new network (unless your existing network already has serious issues). But bandwidth is a core component of systems using Cloud platforms, so you need to plan for your bandwidth requirements and monitor bandwidth use. Doing this generally obviates Cloud bandwidth issues. And monitoring is the best way to ensure that your provider is living up to your service-level agreement.

Continue reading

Beware of FUD

Combine Fear, Uncertainty, and Doubt — and you get FUD, which has been on my mind lately because it so often involves attempts to thwart adoption of newly-emerging, better solutions. Consider these two tales of FUD:

The first tale, from the late 1880s, is often referred to as the War of Currents. It’s about a powerful group of direct current (DC) supporters who fought fiercely against the new, more cost-effective alternating current (AC) with a range of FUD stunts, from electrocuting animals to building the first electric chair. DC’s supporters eventually lost — because FUD can slow, but not stop, real progress.

Continue reading

Data backup/recovery best practice #10

This last of my backup/recovery best practices is far from the least of them:

#10 Conduct regular testing and reviews of your data recovery capabilities

Backups can be corrupted (especially if they’re tape-based) and too often backups are performed incorrectly. Key files, directories, or components may have been excluded, especially if your infrastructure has undergone adds or deletes.

Continue reading

Data backup/recovery best practices #6, #7, #8, and #9

Continuing with my views of backup/recovery best practices, I offer up # 6 through #9:

#6 Back up your data locally as well as remotely.

Data restores usually are faster from a local backup source than a remote one, especially for data that you recover frequently.

Continue reading

Being thankful for backups

Thanksgiving is a time for giving thanks, eating turkey, and enjoying the fellowship of family and friends. And no one wants the holiday ruined by a call like this…

“All our customer files have evaporated. As have everyone’s email messages, all pending customer orders, and the accounts receivables database.”

Would you be able to reconstruct that data from scratch? Or, worse, try to move on without it?

Continue reading

Essential SLA Elements #5: Protecting your data from the goblins

A service-level agreement works best when it’s the result of a collaborative effort between you and a service provider you can trust. This kind of trusted collaboration will uncover the most cost-effective ways your provider’s IT capabilities can be put to work for your business.

Part of that trust involves the fifth and last Essential SLA Element on my list: Procedures for the safe and prompt return of your data upon service termination.

Continue reading