SAL Journal

Monday, July 07, 2003

 
www.mcdwireless.com - McDonald's with wireless
posted by Sheldon Lennox 5:03 PM

Friday, July 04, 2003

 
Total Recorder
MP3DirectCut (www.webattack.com

posted by Sheldon Lennox 8:05 AM

Saturday, June 28, 2003

 
comprehensive policies to handle:

- E-mail and Internet usage
- Virus prevention
- Information security and privacy protection
- Inventory and equipment use
- Software installation and licensing
- Data retention
- New hire and employee separation procedures
- Tuition reimbursement
- Remote access
- Workplace safety
- Travel and expense reimbursement

posted by Sheldon Lennox 10:23 AM

 
ITConsultantWire -- brought to you by IT Consultant Magazine
Issue 15
June 25, 2002
http://www.ITConsultMag.com

4. ==== PROJECT MANAGEMENT ====
* Tips for Finding and Responding to RFPs
A major portion of any consultant's time is devoted to finding and securing new contracts. One avenue that many firms -- especially one-person consulting shops -- often ignore is government contracts. This three-part article explores the pros and cons of bidding on government contracts, offers tips on locating RFPs issued by various government agencies, and shares guidelines for responding to an RFP. The article also discusses the less-formal process used for most non-government RFPs. Finally, the author presents some cautionary advice about the level of detail you should provide when responding to an RFP and suggestions for how to satisfy the potential customer's need for information without exposing too much of your proposed solution.

An overview links to the three-part article (free registration required)


posted by Sheldon Lennox 10:21 AM

 
IT CONSULTANT REPUBLIC NETNOTE E-NEWSLETTER for November 6, 2002

IMPLEMENTING THE ITIL FRAMEWORK
The Information Technology Infrastructure Library (ITIL), a group of standards for service, is gaining acceptance as a non-proprietary framework for IT projects. See how one service-level administrator helped integrate ITIL into his organization.

GIVE YOUR CLIENTS A 360-DEGREE VIEW OF PROJECTS WITH THIS PROPOSAL SHEET
Whenever you're tasked with putting together a new feature on a client's Web site, you likely have to justify why it's necessary and what benefits it holds for your client. This form addresses business and technological issues related to your project.

MEMBERS RECOMMEND NINE TOOLS FOR NETWORK AUTODISCOVERY
We asked our members to recommend network autodiscovery tools that were affordable, effective, and easy to use. Here are nine tools our members endorsed along with their vital statistics.

NETSILICA OFFERS A BROWSER-BASED ALTERNATIVE TO VPN
Giving employees remote access to files and applications can be a security risk and a support nightmare. NetSilica has simplified the process with a browser-based remote access solution that requires no special hardware.

posted by Sheldon Lennox 10:19 AM

 
IT CONSULTANT REPUBLIC NETNOTE E-NEWSLETTER for December 6, 2002

DOWNLOAD THIS SAMPLE BUSINESS ASSOCIATE AGREEMENT FOR HIPAA COMPLIANCE
Consultants who handle private patient information from healthcare organizations have to sign a Business Associate agreement when renewing contracts or hammering out new ones. Use this sample agreement to help you prepare for negotiations.

ONE MEMBER'S SECURITY ASSESSMENT IS AN EYE-OPENER FOR HIS CLIENT
When he was hired to perform an assessment for a client following an electronic break-in, an IT consultant found all kinds of security problems. Here's a rundown of the tools he used, what he finally found, and his prescription for a security fix.

posted by Sheldon Lennox 12:24 AM

 
Vol. 01 No. 7 June 2002

AICPA 2002 Top Technologies

The AICPA's 2002 Top Technologies were announced during the TECH 2002 Computer and Technology Conference in May, and were drawn from a master list of issues originally compiled by various CPAs who belong to the IT Member Section. After an on-line survey was conducted by the AICPA to determine which ones most impacted the profession, 10 were selected as the top choices. This was the first year the AICPA compiled its Top Technologies list through Web-based tools in an effort to increase the number of participants.

Beginning with the Sept/Oct 2002 issue of InfoTech Update - the bimonthly newsletter for the IT Member Section - each issue will feature in-depth stories and analysis on many of these technologies. In addition, tell us how you are using these in your own firms and businesses by sending an email to infotech@aicpa.org . We'll print your responses in upcoming publications.

Here are the technologies, along with links to resources for more information. For details on the Top Technologies, visit www.cpa2biz.com/toptechs and download an Excel spreadsheet showing the rankings of the various topics, as well as a full PowerPoint presentation offered at TECH 2002.

#1: Business and Financial Reporting Applications - applications that take advantage of XML and XBRL capabilities to facilitate access, retrieval and analysis.

Links/Resources
* www.xbrl.org - the on-line community for XBRL providing detailed information on how the standard is being used in businesses across the world. For more information:, Louis Matherne, AICPA, lmatherne@aicpa.org, (212) 596-6027

* "The Future of Business and Financial Reporting" by Charles Davis More.
To learn more,please click Issues/2001_01_toptentechs_issues_issue_homepage_issue__el_10310.htm> here:

#2: Training and Technology Competency - the methodology and curriculum by which personnel learn to understand and use technology. This includes learning measurement of competency and learning plans to increase the knowledge of individuals.

Links/Resources
* http://www.toptentechs.com/issues/Issue5 - an article from last year's Top Tech Techs by Roman Kepczyk.
* Various on-line learning communities, including AICPA ( http://www.aicpa.org/) and SmartForce (http://www.smartforce.com/), as well as complete index from Google http://directory.google.com/Top/Reference/Education/Distance
ine_Teaching%20and_Learning> Learning/Online_Teaching and_Learning
*
http://www.aicpa.org/accrspec/index.htm - a special page set up by the AICPA to offer information on various accreditations and designations, including
the new CITP (Certified Information Technology Professional).

#3: Information Security and Controls - software applications, processes, procedures and physical hardware in place to ensure information resources are available only to those people authorized to access it. This includes access control, authentication, non-repudiation and authorization, as well as the ability to protect against viruses and hostile acts.

Links/Resources
* http://www.issa.org - the Information Systems Security Association.
* http://www.aicpa.org/assurance - links to two of the AICPA's most in-demand offerings - SysTrust and WebTrust.
* "How to get a Digital Certificate," an InfoTech Update column by Susan Bradley. To learn more, click here.

#4: Quality of Service - the end-user defined satisfaction level of providing processing, computing response time, support, bandwidth and security.

Links/Resources
*Click
Issues/2001_01_toptentechs_issues_issue_homepage_issue__qu_10347.htm> here for an article written by Ed Zollars that covers reliability of systems.
*
http://www.aicpa.org/members/div/infotech/news/sept00.htm - another article by Ed Zollars that examines high-tech insurance (note - AICPA membership required).

#5: Disaster Recovery (business continuation and contingency planning) - the development, monitoring and updating of the process by which organizations plan for continuity of their business in the event of a loss of business information resources due to impairments, such as theft, virus infestation, weather damage, accidents or other malicious destruction.

Links/Resources
* http://www.cpa2biz.com/ Information Technology Resource Center - access the Center for a variety of articles, commentaries and "how-to" guides on protecting information and surviving a disaster.
* http://www.disasterrecoveryworld.com - an on-line resource with plan creation, audit checklists, books and much more.
* http://www.idra.com/ - includes news headlines sorted by industry.
* http://www.globalcontinuity.com/ - a portal for disaster planning issues.

#6: Communication Technologies - Bandwidth - the set of technologies that enable voice, data, and video information to travel from device to device.

Links/Resources
* http://www.bandwidth.com/ - although this is a commercial site, it does feature a number of articles in current technology/computer publications.
* http://webservices.cnet.com/bandwidth
- an Internet speed test from CNET Internet Services to see how fast a connection really is. Try it!
*"Bandwidth Bargains" by Sandi Smith. To learn more, please click
nologies/2001_01_toptentechs_techs_issue_homepage_technologies_10387.htm>
here.
* http://wwww.zdnet.com - search for "bandwidth" on this all-things-tech site for a list of stories and opinions about the topic. Included is a recent posting called "The Net Will Transform Everything," by Irving Wladawksy-Berger, vice president of technology strategy for IBM.

#7: Remote Connectivity Tools - Technology that allows a user to connect to a computer from a distant location outside of the office.

Links/Resources

* http://www.toptentechs.com/techs/Issue9 - "Keeping in Touch Remotely" by Sandi Smith.
* http://www.passtheshareware.com/c-conect.htm - a public site with hundreds of links to shareware tools for connectivity.
* http://www.itworld.com/Net/2629/NWW_2-5-01_cutthewires/ - "Go Ahead, cut the Wires" from Network World.

#8: Web-based and Web-enabled Applications - Web-based: software programs that automate a business task through the use of the Web. Applied, designed and developed for exclusive use on the Web, these describe an application, such as NetLedger, that you go to the Web and use. Web-enabled: an application that is accessible on the Internet, but does not operate in a native Web-browser. It uses the Internet as a delivery mechanism.

Links/Resources
*
http://www.darwinmag.com/learn/curve/ - "What is a Web-Enabled Application" by Kathleen S. Carr.
* "Have Browser Will Travel," an article written for the 2001 Top Ten Techs.
To learn more, please click
ications/2001_01_toptentechs_applications_issue_homepage_appli_10161.htm>
here.

#9: Qualified IT Personnel - the problems involved with attracting and retaining qualified IT individuals to our profession.

Links/Resources
* http://www.toptentechs.com/issues/Issue7/# - "Surviving the IT job Skill Crunch" by Sandi Smith.
* www.itaa.org -home page for the Information Technology Association of America (ITAA), a clearinghouse for IT and related topics. Includes a new study, "Bouncing Back: Jobs, Skills and the Continuing Demand for IT Workers" available at

http://www.itaa.org/news/pubs/product.cfm?EventID=437.
* http://www.ihrim.org - the International Association for Human Resource Information Management (IHRIM) provides resources in HR information management, systems issues, trends and technology.

#10: Messaging Applications (email, faxing, voicemail, instant messaging) -
applications that allow users to communicate electronically.

Links/Resources
* http://www.informationweek.com/story/IWK20010802S0002 - "Instant Messaging: Going Corporate" debates the pros and cons of using IM in the workplace.
* http://www.internet.com - offers a variety of resources on this and other topics. Included is "Messaging Applications Market Forecast and Analysis,
2001-2005" at

http://allnetresearch.internet.com/item/0,,2186851_1,00.html (note there is a substantial charge for the report).
* http://www.messaging-software.com - a clearinghouse site that offers various solutions in messaging and other applications.
*http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2865520,00.html
- "Instant Messaging, Instant Service" on ZDNet Tech Update.

posted by Sheldon Lennox 12:11 AM

 
Named the top technology for 2002 by the American Institute of CPAs, "Business and Financial Reporting Applications" focuses on the effect of XBRL (eXtensible Business Reporting Language) on company systems and processes. CPAs in all areas of accounting need to have a solid understanding of XBRL so they can serve as a knowledge base for their clients and customers.

"Introduction to XBRL" is a basic overview written by Eric Cohen, CPA, CITP, is chair of the XBRL US Steering Committee and PricewaterhouseCooper's technical lead for XBRL. He helps with XBRL's internal training and leads the project to represent back-end accounting and general ledger information with the XBRL GL, the Journal Taxonomy.

The source for this article is the Institute of Internal Auditors.

Introduction to XBRL
By Eric E. Cohen

Business reporting is undergoing a revolution that is using Internet technologies to make the flow of financial and business reporting data more transparent and efficient. These
technologies are reducing the mechanical work involved in publishing business data between information partners and within businesses by more than 60 percent.

Perhaps you have heard of this revolution? It is called XBRL.

The eXtensible Business Reporting Language (XBRL) and XBRL International, an international consortium of more than 150 organizations, are bringing together stakeholders in the supply chain of business reporting in new and exciting ways. XBRL is
making headlines, from the pilot effort recently unveiled by NASDAQ (for more information, see below), Microsoft and PricewaterhouseCoopers to a revamping of the way the U.S.
Federal Deposit Insurance Corporation (FDIC) collects information from banks.

What is XBRL?
XBRL has received extensive coverage in the accounting press. Sessions on XBRL are given at professional conferences related to accounting, auditing, taxation, government reporting and the securities industry.

But what is XBRL? Three things: a community of organizations, a set of rules for building identifiers for business reporting languages, and specialized business reporting languages for areas of existing and emerging financial and business reporting.

A Community of Organizations

XBRL International is a consortium of organizations and people who have come together to improve the flow of information from organizations to the capital markets. Its members have agreed to help develop standardized business reporting languages.

Members include representatives from all of the stakeholder communities affected by corporate reporting: the companies themselves, their trading partners, internal and external accountants, regulators and government entities, data aggregators and the investment community, academic institutions and researchers, and the software developers and consultants who create the solutions for creating, publishing, and
consuming the data.

Organizations such as the AICPA, the Institute of Management Accountants (IMA), and the International Accounting Standards Committee (IAS) are involved in XBRL International. So are PricewaterhouseCoopers, BDO Seidman, Deloitte & Touche, Ernst & Young, KPMG, Microsoft, Morgan Stanley, and accounting software developers such as J.D. Edwards, Oracle, PeopleSoft, and SAP.

A Set of Rules for Business Reporting Languages

XBRL is a set of rules for building identifiers for business reporting languages. It uses an Internet-based language called the Extensible Markup Language (XML) to create cross-platform, application-independent representations of documents and data specifically for business reporting. XBRL takes this flexible and popular tool and standardizes the way it is used to represent business reporting languages and data.

Business reports have many things in common. The facts in those reports are about particular companies and divisions for certain periods of time. They are measured in different currencies or units of measure and are related to specific scenarios, including actual, budget or forecasts. XBRL specifies how to express all of these in a common format so developers can create solutions that understand XBRL reports.

Specialized Business Reporting Languages

XBRL is a related set of specialized business reporting languages for existing and emerging financial and business reporting. XBRL International members, interested outside
parties and authorities are working together to reflect the information found in important areas of business reporting using XBRL.

The first of these specialized languages was an agreement on how to represent the different facts found in a typical financial statement for general filers prepared according to
the U.S. Generally Accepted Accounting Principles for Commercial and Industrial organizations. IAS is expected to release a public draft of international financial statement
taxonomies based on its work with accounting groups from around the world. Japan and Germany have their own taxonomies as well.

This language is used to tag business facts. Applications created to understand these tags can automatically retrieve data from business reports tagged with XBRL. This is similar to
creating financial statement bar codes that enable a financial statement to be automatically assembled from tagged fragments from the accounting system, the text systems used to create Notes to the Financial Statements and other sources. This financial statement can then be posted to the Web, where consumers can more easily find and automatically consume the information.

The current NASDAQ pilot project is an example of the value of companies using a shared business vocabulary to tag their financial statements. Data can be accessed, brought into an XBRL-aware application such as the Excel spreadsheet provided and then analyzed. XBRL does not guarantee that comparing one company's revenues with another company's
revenues is like comparing apples with apples. However, it does reduce the mechanical work of bringing the information into an analytical tool so that these other judgments can be worked on more easily.

Why Is XBRL Important?

The XBRL effort could not have come at a better time. The investment community has higher expectations than the traditional reporting model allows. Today's headlines show the problems that have been in part created by a lack of transparency in financial reporting. The SEC was forced to respond. XBRL can help answer the questions.

The Internet, particularly the World Wide Web, has changed the expectations of consumers of information. Investors and internal management are accustomed to getting information
whenever desired. Almost every company now makes its financial information available through its corporate Web site. Large companies' data is available at the SEC's EDGAR site.

However, that information is difficult to find and use. The traditional financial report is available in formats like PDF files that are proprietary and difficult to consistently
extract data from automatically, information is hidden in Notes to the Financial Statements, and much important information is not included at all.

Today's headlines cover companies in crisis. The SEC has responded by requiring companies to provide information more quickly and to have their high-level executives to sign off on the accuracy of financial statements. Former SEC Chairman Harvey Pitt has spoke about the need for immediate disclosure of important information. In addition, the SEC now allows electronic financial statements with no paper originals as backups.

The SEC and the financial markets are calling for companies to provide information more quickly, more efficiently and more cost effectively, and to provide it in a way that is simpler to consume and illustrated with evaluative and trend data. The recent U.S. Sarbanes-Oxley Act (Public Law No: 107-204) calls for new and faster disclosure and documentation. New tools are necessary for companies to just keep up.

Although XBRL does not improve the quality of data in financial reports immediately and directly, it will reduce mechanical data entry, eliminate entry errors, encourage more analysis of data, facilitate comparisons against external data, and provide greater transparency. These should subsequently affect the quality and quantity of financial reporting data.

Forces Leading To XBRL

The accounting profession is not alone in the need to more effectively publish, share and consume information. The Internet is not only a catalyst for changed expectations, but
also a means to meet them. The accounting and investment communities join many others in taking advantage of these means.

The Web is a great tool for preparing information for inexpensive, global machine-to-human interaction. However, it fails in machine-to-machine exchange for many reasons. For more
than a decade, another technology, electronic data interchange (EDI), has been hailed as a tool for machine-to-machine exchange, but it has failed to touch smaller businesses. In recent years, the World Wide Web Consortium (W3C), which oversees Web technologies, has recommended XML as a way to provide the best of global, inexpensive communications combined with machine-to-machine sharing.

Shortly after XML became a recommendation, AICPA and other organizations met to develop domain-specific standards for XML. AICPA focused on developing standards for accounting and investing, while attorneys, bankers, insurance companies and hundreds of other groups each began to develop agreed-upon standards for representing its industry's information in XML.

Since its official beginning in October 1999, this work has grown to its present point of major adoption. In the United States, the FDIC has begun to work with banks to transfer their call reporting filings with XBRL, as have other governmental entities around the world. Major corporations like Microsoft now post their financial statements in XBRL. Many major markets like NASDAQ are considering how XBRL will provide the transparency and efficiencies necessary for trust and confidence. For tax reporting, the United Kingdom's Inland Revenue has committed to XBRL.

Conclusion

A new business-reporting model, involving the collaboration of the entire corporate reporting supply chain, is considered vital for restoring public trust. New efficiencies are
necessary for internal reporting as well. XBRL is an important tool to reduce the number of mechanical tasks, allowing all of the stakeholders in the chain to more efficiently share and
analyze information.

Resources:
XBRL International: http://www.xbrl.org/
SEC EDGAR: http://www.sec.gov/edgar.shtml

posted by Sheldon Lennox 12:03 AM

Friday, June 27, 2003

 
DISASTER RECOVERY E-NEWSLETTER for November 12, 2002


DEVELOP AN EFFECTIVE DATA BACKUP STRATEGY
While running backups and shuffling tapes can be mundane work, few tasks are more critical for an administrator to manage than setting up a reliable backup procedure. This tutorial shows you how to do just that.

THE CHANGING FACE OF CONTINUITY PLANNING
Continuity planning is shifting from a technical focus to a strategic business concern. Prepare yourself for the changes. Auerbach Publications discusses the skills you will need to face them.

DOWNLOAD THIS OFFICE MOVE CHECKLIST TO PLAN YOUR NEXT RELOCATION PROJECT
Whether you've been called upon to coordinate an internal department move or help relocate a remote office, this office move checklist will help you get off to a good start as you begin to organize the relocation project.

posted by Sheldon Lennox 11:05 PM

 
DISASTER RECOVERY E-NEWSLETTER for December 10, 2002

SPREAD THE COST AROUND

Business continuity planning (BCP) impacts several different areas of an organization. It goes beyond technology, just as disaster recovery takes into account more than an organization's servers. Learn how to leverage this idea to help absorb some of the costs associated with the BCP process and the technology that's needed to put the plan together.

In smaller organizations, there's usually only one budget for everything, so this path is little more than bookkeeping. However, in mid- to large-size organizations, some creativity and planning may help you afford a great deal more than you'd normally expect.

For example, consider facilities management, one of the key players in enterprisewide BCP. This department is responsible for arranging an alternate data center space, a place for workers to temporarily set up shop, and other facilities. The cost of colocation rent, such as SunGard's DR data center floor space, can be absorbed by the budget of facilities management, since it falls under that department's domain. You'll still have to come up with the cash for the servers you place there, but it's easier when you have someone else picking up the tab for the physical space.

Getting other departments to assume some of the cost of your BCP will also have the side benefit of forcing them to cost justify the systems they want to put into practice. Departments that ordinarily demand that their file server be protected with a real-time replication solution will think twice about protecting their MP3 files in that manner if they're
responsible for the price tag. However, if the systems in question are mandatory to properly protect the data, that department will have little trouble finding fiscal reason to assume their portion of the overall DR budget.

The only drawback is that there's a certain level of red tape and budgetary overhead that's introduced any time you try to spread the cost of a project across multiple business units. Overcoming these complications will take dedication and proper planning, but it's definitely not something that should discourage you from following this course of action whenever
possible.

It's not always possible to get other departments or divisions to take over part of the BCP budget, but by working toward that goal, you can significantly reduce the amount of money the IT group is responsible for in the long run. After all, each dollar another department includes in its own budget adds to the total amount of money you have available to
extend and enhance your DR plan.


DOWNLOAD THIS REPORT ON BEST PRACTICES IN BUSINESS CONTINUITY PLANNING
Instead of anticipating a one-time disaster, enterprises must now incorporate business continuity planning into all technical projects. Gartner's best practices report looks at the cost of downtime and negotiating a continuity service provider contract.

posted by Sheldon Lennox 11:00 PM

 
DISASTER RECOVERY E-NEWSLETTER for January 7, 2003

A COST-EFFECTIVE, COOPERATIVE DISASTER RECOVERY PLAN YOU CAN DOWNLOAD
AND CUSTOMIZE
A TechRepublic member outlines how he developed a disaster recovery plan at a very low cost using ingenuity, networking, and cooperation. You can download his template and customize it to your own needs.

A DISASTER MANAGEMENT PLAN NEEDS TO INCLUDE REMOTE ACCESS
In the wake of a disaster, your physical facilities may be unreachable. To keep people working, be sure to have the capability for remote access by employees. Gartner has some suggestions for enterprises and their disaster management teams.

posted by Sheldon Lennox 10:58 PM

 
CHAD DICKERSON: "CTO Connection" from InfoWorld.com, June 4, 2003

FUHGEDDABOUT IT

IT doesn't matter.

That's right -- "IT doesn't matter" is the title of a must-read piece for IT in the May 2003 Harvard Business Review. In a nutshell, Nicholas G. Carr, an independent business editor and writer, argues that IT is the latest in a series of broadly-adopted technologies that have changed the way business operates over the past 20 years, but the wide availability and low cost of technology infrastructure has begun to transform IT into an invisible "commodity input."

For the purposes of his discussion, Carr defines IT as "the technologies used for processing, storing, and transporting information in digital form."

Carr goes on to argue that companies should take a more defensive approach to IT, spend less, and become IT followers instead of IT leaders. It has worked for companies such as
Dell and Wal-Mart, Carr notes, and a number of studies have clearly demonstrated that higher levels of IT spending have no correlation to a company's financial results. In fact,
the most successful companies spend far less on IT than the average. In its ubiquity, IT no longer confers strategic advantage to companies, so they should focus on using IT for
risk management not for creating new IT opportunities.

You know what? Carr is right and IT staff should take heed. But I think a deeper look at the larger IT environment suggests that although the nuts and bolts of IT don't matter in and of themselves -- the servers, the network, the databases -- business is not out of the IT woods just yet.

There's a lot more to a successful technology operation than a bunch of cheap servers and network gear. Although IT itself doesn't matter, I have found that IT staff matter more than
ever. Getting it all right still depends as much on assembling the right people as it does on using the appropriate technologies.

The market for IT jobs is undoubtedly poor right now, but I still need more IT help than I have on hand, even to handle the commodity tasks. Informal discussions with other CTOs and IT managers confirm that finding good IT people remains difficult, even with a seeming glut of talent. The natural suggestion from the business side is to outsource, but
outsourcing is not automatically cost effective. And you are still competing in the same labor market as your outsourcer, unless you are outsourcing IT to companies that are far
removed geographically from your own (which is happening in some cases).

If the name of the game is managing costs to stay competitive, the old sports adage certainly applies: The best offense is a good defense. Carr suggests that companies should focus heavily on security and service vulnerabilities, which is good news for security staff and anyone who knows how to build and maintain high-availability systems. Eliminating waste in storage and server overdeployment is another element of playing defense. But anyone who has been involved in the consolidation trends of the past couple of years knows that managing infrastructure strip-down is a more valuable skill than simply building infrastructure willy-nilly.

If IT is headed in the same direction as electricity, that sounds pretty good to me -- the last bill I got from an electrician certainly made me think about switching careers. I think I'll stick with IT for now, though.

posted by Sheldon Lennox 10:45 PM

 
CHAD DICKERSON: "CTO Connection" from InfoWorld.com
Wednesday, December 11, 2002

INFLUENCING INNOVATION

RECENTLY I HAD the pleasure of listening to Dr. Hal Varian, the dean of U.C. Berkeley's School of Information Management and Systems, speak to InfoWorld's 25 Most Influential CTOs at our awards dinner in San Francisco.

I'll admit that I wasn't familiar with Dr. Varian's work, but after hearing him speak, my lack of exposure felt somewhat neglectful. Varian writes a regular column for the New York Times' business section and, with his colleague Carl Shapiro, has published a book that is next on my reading list -- Information Rules: A Strategic Guide to the Network Economy. You can also read Varian's online-only article "The Economics of Innovation" at http://www.infoworld.com/ctozone , and you can check out his live forum, "Building the IT
workforce," Thursday, Dec. 12, at 11 a.m. PST at http://www.infoworld.com/forums . Also a professor in the Haas School of Business at Berkeley, Dr. Varian's views dovetail with the CTO mindset in its focus on how technology and business intersect to drive innovation.

One topic that really captured my attention was Varian's explanation of the concept of "recombinant growth." The term may sound intimidating, but it is actually quite simple. Recombinant growth refers to reassembling existing technologies into something novel, innovative, and ultimately greater than the sum of its parts.

The Wright brothers leveraged their knowledge of kites, the new gasoline engine, and bicycles to invent something new and revolutionary: the airplane. The genius of the Wrights lay in their vision for creating a single mechanism that was greater than the sum of
its components.

On the technology and business level, this is the essence of what CTOs do -- we take our understanding of all the different technologies available and combine them in unique ways to deliver competitive advantages for our businesses.

I'll offer a timely example. Like many companies, InfoWorld has rolled out a number of wireless technologies over the past several months to enhance the productivity of its employees. Our headquarters is fully 802.11-enabled, a number of our key employees
are avid Blackberry users, and we're doing some tests with 802.11-enabled PocketPCs. On the sales side, we recently adopted Salesforce.com as our sales force automation solution. Both the wireless decisions and the sales force automation were made independently.

Coincidentally, I spent most of my time this week going on calls to our customers with members of our sales team, to study their work habits. A typical problem in the field is the need for a client's phone number that is not within arm's reach. Fortunately for me,
Salesforce.com announced a wireless edition launching in December that would allow sales people in the field to interface with their sales database in real time. Our investment in two unrelated technologies -- Salesforce.com and wireless technologies -- combine into an immediately useful innovation that will help drive revenue more efficiently. To a CTO, that's what it's all about.

posted by Sheldon Lennox 10:45 PM

 
CHAD DICKERSON: "CTO Connection" from InfoWorld.com
Wednesday, November 6, 2002

THE ART OF GOOD POLITICS

Recently, a book titled Revolutionizing IT: The Art of Using Information Technology Effectively came in the mail and caught my eye. Its authors, David H. Andrews and Kenneth R. Johnson, make many useful observations for developing software and systems, based on their combined experience of more than 60 years in the business. I immediately agreed with their assertion in the title that using IT effectively is an art, not a science.

Although the authors mostly provide useful food for thought in project management practices (such as allowing time, not requirements, to determine the scope of a project), I zeroed in on their thoughts about managing technology people. Andrews and Johnson
note that technology professionals possess unique characteristics that make them different from other workers. Technology professionals, the authors say, are logical, idealistic, optimistic, loyal, apolitical, curious, and sometimes communication-challenged in that they may be reluctant to voice their work dissatisfactions until they reach a boiling point.

Based on my experience, the authors' description of the technology worker is even-handed and fair. They mostly point to the strengths of technology professionals. However, one trait that might seem positive on the surface -- being apolitical -- actually turns out to be negative, in my opinion. Charles de Gaulle once said, "I have come to the conclusion that politics are too serious a matter to be left to the politicians." For CTOs and other technology leaders, the same reasoning applies. Assuming an apolitical stance in today's business world is naive and impractical from a day-to-day execution standpoint.

I don't fundamentally view politics as a lot of nasty back-stabbing and infighting. Politics is about working and negotiating with others in your organization to get things done. The Webster's dictionary has several definitions for the word "politics," but the definition I would use in this context is, "the total complex of relations between people living in society." Technology leaders should not turn up their noses at office politics, they
should embrace the particular dynamics of their workplace and strive to understand how they need to operate within their organization to move things forward. Playing the game is not always pretty, but understanding and leveraging the complex relationships of people can often be more immediately useful than deep technical knowledge.

Developing this understanding of organizational dynamics and how you and your team operate within them can help avoid the nastiness and strife typically associated with the word "politics." You might have the most talented technology team in the industry, but
if you don't understand the support of the sales department for a key project, your team -- and you as CTO -- will be viewed as ineffective, operating in a technology silo that is disconnected from the real needs of the business.

It's the CTO's job to marshal resources and communicate the value of IT to key constituencies within a company so that the technology team can focus on what it does
best, which is leveraging IT to deliver business value. If a CTO successfully communicates this value, the level of political noise will be minimized and there will be fewer resource constraints and less interdepartmental contention. Leveraging politics to create a work environment for people that runs as harmoniously as your back-end network is a positive thing.

posted by Sheldon Lennox 10:45 PM

 
"CTO Strategies" from InfoWorld.com
Thursday, January 23, 2003

Taking strategic planning from lip service to action plan

The chief technologist's role of aligning technology with business means that the CTO must be one-part strategist and one-part task master. If the CTO were to manage day-to-day IT operations without having a hand in development of corporate strategy, the enterprise would be left with a technology patchwork that serves not the corporate goals, but rather the corporate technology.

Chief technologists intuitively understand how IT must be included in developing long- and near-term strategic goals. But the questions become, How does -- and can -- strategic planning go from vision statement to action plan and where does budget planning fit in?

The tail wags the dog

Strategic and budget planning definitely play together, says Mary Stassie, senior vice president and CTO at Herndon, Va.-based government systems integrator DigitalNet. "I look at strategic planning as what direction you want to steer the ship. Budget planning
is more tactical." Strategic planning leads budget planning, says Joe Amor, vice president and general manager of Microspace Communications in Raleigh, N.C. "I see budget and
operations planning as planning that occurs as a result of a finalized strategic plan. The strategic plan defines how much money -- budgetary -- and what infrastructure -- operations -- will be required to execute the plan."

Amor, who oversees operations and how technology supports and furthers enterprise operations, says his role in strategic planning is to "determine current trends and anticipate future market demand so Microspace will have the right service at the right
time with the right features -- and all of this at the right price."

A CTO, says Mike Gioja, vice president of technology at Framingham, Mass.-based Workscape, "must really understand the business drivers and be able to articulate in business terms how new technologies could provide the company with a competitive
advantage."

This must be in the context of fully understanding the industry landscape and reality of current business and sales issues. "Everything is a trade-off, and this requires balancing the short term and long term," says Gioja. "The CTO needs to consider design points for
longer term needs in order to minimize rework/rewrites that could negatively impact the business model and ROI."

In a supporting role

Even as CTOs develop the technology road map to be folded into the enterprise's strategic plan, they cannot do so in a vacuum.

Amor says his company's executives believe that market research is never-ending requirement. "[Market research] must be a standard component of weekly/monthly job responsibilities -- and not just something that one does at the end of the year in
anticipation of the upcoming year's plan."

Amor looks to both current clients and his company's account managers as extremely valuable sources of information required to put a strategic plan in place. "After all, both are vital participants in the market and are exposed to a variety of business-critical information on a daily basis," he says.

Stassie agrees and also includes field managers as important sources in developing a strategic plan.

Defining the cloud

Taking a vision -- a strategy from concept to actionable plan -- is more of that managing amid the chaos, something CTOs are familiar with. Still, strategic planning without resulting action items is little more than lip service.

DigitalNet's Stassie says her company develops a strategic plan document yearly, something that comes from meetings of executives and various managers. "Everyone walks from the summit, with action items -- with items that are tracked," she says.

Other companies are quite formal in their approach to strategic planning. Mark Minevich, now CTO of Marksoft Holdings, served as CTO of Next Generation in IBM's Global Incubator program. His division worked with a corporate strategy team a few times a year to focus on
emerging business opportunities, conducting high-level strategic planning in the areas of strategic vision, offerings, core competencies, market intelligence, and value propositions. The team "performed a comprehensive market intelligence and market management study, validated by third-party providers and historical data points before the acceptance of
the strategic plan," he says.

CTOs in complex organizations must obtain "support for a strategic plan from other CTOs and strategic planners in other divisions as well as an alignment with corporate strategy," says Minevich, who also is chairman of the New York-New Jersey chapter of the Technology Leadership Council.

But any resulting plan cannot be made of stone, says Stassie. "Technology is changing so quickly that long-term strategic plans are now two to three-year plans. The plan can't be a plan for plan's sake. It must be a living document."

posted by Sheldon Lennox 10:45 PM

 
PEARL HARBOR "DAY OF DECEIT" AUTHOR ANSWERS HIS CRITICS

In the three years since the publication of his bestseller, DAY OF DECEIT: The Truth about FDR and Pearl Harbor, Robert B. Stinnett has drawn plenty of fans and critics. (Stinnett's op-eds, by the way, are among the Independent Institute's most frequently visited web pages.)

Fans praise Stinnett's original archival research, aided by the Freedom of Information Act, for showing that decision-makers in Washington, D.C. had foreknowledge of the Japanese attack on Pearl Harbor -- and in fact had intended to provoke a Japanese attack.

Stinnett's detractors, however, sling their arrows at everything from the book's underlying thesis to relatively minor issues such as its location of U.S. military code-breaking outposts and the dates of recently declassified wartime memos.

Last December, the WALL STREET JOURNAL's Letters-to-the-Editor page became ground zero for the anti-Stinnett attack by publishing letters written by two influential critics of Stinnett -- authors Stephen Budiansky and Edward J. Drea (who have written separate books on code-breaking in World War II). Along with earlier criticism by David Kahn (also the author of a book on code-breaking), published the previous November in the NEW YORK REVIEW OF BOOKS, these attacks comprise the loudest broadside against Stinnett's work.

Unfortunately, although Stinnett authored a detailed rejoinder, neither the WSJ nor the NYROB deemed it sufficiently newsworthy to published. Fortunately, Stinnett's rejoinder, "The Pearl Harbor Deception," is now available on the Independent Institute website.

There is, however, an injustice that should enrage even Stinnett's critics -- assuming that they seek the truth. "Immediately after DAY OF DECEIT appeared in bookstores in 1999," writes Stinnett in his rejoinder, "NSA [the National Security Agency] began withdrawing
pre-Pearl Harbor documents from the Crane Files housed in Archives II.... As of January 2002, over two dozen NSA withdrawal notices have triggered the removal of Pearl Harbor documents from public inspection."

If Stinnett's critics want an honest debate, shouldn't they speak out against the NSA's stonewalling and in favor of the release of the documents -- written more than 60 years ago -- that would help settle the debate? If truth is their goal, what have they got to lose?

See "The Pearl Harbor Deception," by Robert B. Stinnett (December 2, 2002)

Also see
"December 7, 1941: A Setup from the Beginning," by Robert B. Stinnett (HONOLULU ADVERTISER, December 7, 2000)

"Pentagon Still Scapegoats Pearl Harbor Fall Guys," by Robert B. Stinnett (PROVIDENCE JOURNAL, December 7, 2001)

"Do Freedom of Information Act Files Prove FDR Had Foreknowledge of Pearl Harbor? An Interview with Robert B. Stinnett," by Douglas Cirignano

To read or hear Robert B. Stinnett's address to the Independent Policy Forum, "Pearl Harbor: Official Lies in an American War Tragedy?"

posted by Sheldon Lennox 10:45 PM

Thursday, June 26, 2003

 
Sent: Tuesday, November 05, 2002 3:37 AM
Subject: [TechRepublic] Consider Linux clusters for your organization


DOWNLOAD THIS BUDGET WORKBOOK TO TRACK AND ANALYZE TECH COSTS
One TechRepublic member and IT consultant created an Excel budget workbook, which is a handy tool for mapping out tech expenditures, including software and hardware costs. Use it to align your tech expenditures with strategic business goals.

SIX IT GOVERNANCE RULES TO BOOST IT AND USER CREDIBILITY
Effective decision-making between the IS organization and users can raise each group's credibility in the eyes of the other. To improve IT credibility, CIOs should adopt Gartner's six rules for IT governance.

THE NEW CIO MANAGEMENT STRATEGY: CONSULTANTS 'R' US
Revamping IT into an internal services organization--aka a consulting firm--won't be easy, but it will afford IT new respect and provide unexpected payoffs, including better expertise and a new revenue approach.


DOWNLOAD THIS LOG TO TRACK AND ANALYZE YOUR HELP DESK ACTIVITIES
Tracking and analyzing help desk activity is an IT requirement. Why use expensive call-tracking and issue resolution software when you can use this Excel spreadsheet instead?

posted by Sheldon Lennox 6:54 PM

 
Sent: Tuesday, November 26, 2002 4:13 AM
Subject: [TechRepublic] Address intranet security concerns


PORTFOLIO MANAGEMENT KEEPS IT ALIGNED WITH BUSINESS STRATEGY
Keeping IT synchronized with the corporate business strategy can be much easier if CIOs apply the principles of financial portfolio management to IT investments. Financial expert Peter Hennigan discusses how this method can work for your organization.

posted by Sheldon Lennox 6:51 PM

 
Sent: Thursday, December 05, 2002 3:43 AM
Subject: [TechRepublic] Land the perfect CIO job

HOW TO LAND THE PERFECT CIO JOB
When it comes to landing a new IT leadership role, your approach has to be proactive. The perfect CIO job is out there, but it requires hard work and dedication to find it. Here's a step-by-step guide to getting that perfect job, including tips on watching the marketplace and playing the networking game.

WRITE AN EFFECTIVE IT DUE DILIGENCE REPORT
After you've conducted your on-site due diligence data collection, you must prepare a report. Keep in mind that writing isn't exactly a breeze. Use this collection of tips to help you create an effective and informative report.

posted by Sheldon Lennox 6:49 PM

 
Sent: Thursday, December 05, 2002 3:26 AM
Subject: [TechRepublic] Survey reveals IT leaders' top concerns

ENSURE QUALITY ON YOUR DEVELOPMENT PROJECTS WITH THIS DOWNLOADABLE
SPREADSHEET
Keeping a keen eye on an application development process can be more difficult if you don't use tracking software. This spreadsheet, designed to identify problems in the development project life cycle, can help.

posted by Sheldon Lennox 1:09 PM

 
AICPA News Update - Week of Feb 24

Privacy Tools Available Free on CPA2Biz.com
Privacy is one of the top issues for businesses of all sizes. To address this issue, several tools are now provided as free pdf downloads in the CPA2Biz Privacy Resource Center.

These include:
-Privacy Matters: An Introduction to Personal Information Protection
-20 Questions Businesses Need to Ask About Privacy
-An Overview of HIPAA: The Role of CPAs in Privacy Compliance
-Privacy - Are Your Clients Minding Their Own Business?
-Privacy - Minding Your Own Business

To view these resources, visit https://www.cpa2biz.com/ResourceCenters/Information+Security/Privacy/default.htm.
In addition, two new brochures were developed for CPAs in public practice and CPAs in business and industry as an introduction to privacy issues. These can be accessed at: https://www.cpa2biz.com/ResourceCenters/Information+Security/Privacy/Privacy+Resources.htm
posted by Sheldon Lennox 1:09 PM

 
Sent: Thursday, January 16, 2003 11:03 AM
Subject: [TechRepublic] Invest in enterprise management solutions


DOWNLOAD TO ASSESS PROJECT MANAGEMENT READINESS
Consultants tasked with introducing formal project management processes to a client would do well to understand how much the client has already embraced project management, if at all. This template can help you gauge the work you have ahead.

MOVE YOUR PROJECT TRACKING ONLINE WITH PROJUX
Managing and tracking projects in the traditional way can be a major hassle for project leaders and members. One streamlining alternative is Projux, an online project-tracking tool that can make short work of managing project data.

posted by Sheldon Lennox 1:09 PM

 
Sent: Thursday, January 16, 2003 3:23 AM
Subject: [TechRepublic] Upgrade your OS and Office suite to XP

DOWNLOAD TO ASSESS PROJECT MANAGEMENT READINESS
Consultants tasked with introducing formal project management processes to a client would do well to understand how much the client has already embraced project management, if at all. This template can help you gauge the work you have ahead.

posted by Sheldon Lennox 1:09 PM

 
Sent: Thursday, January 09, 2003 3:18 AM
Subject: [TechRepublic] Make the case for spend analytics

WHEN A BEST PRACTICE ISN'T BEST FOR YOUR ORGANIZATION
After a consultant performed a security assessment for a client, he was rehired a few months later to examine his client's progress. Here's what he found when he took a look at the client's approach to passwords and the corrections he had to make.



posted by Sheldon Lennox 1:09 PM

 
Sent: Friday, December 27, 2002 3:16 AM
Subject: [TechRepublic] CIOs share wisdom and experiences in a new book

CIOs SHARE WISDOM AND EXPERIENCES IN A UNIQUE COLLABORATIVE EFFORT
There isn't anyone more suited to write about CIO issues than CIOs themselves. That's what one CIO realized when he initiated a literary project to provide IT executive insight. The mission of the book, CIO Wisdom, is to raise IT's respect level and provide helpful experiences and lessons learned.

posted by Sheldon Lennox 1:09 PM

Sunday, April 27, 2003

 

<> GSpot Codec Information Appliance v2.1 [112k] W9x/2k/XP

 

 http://www.headbands.com/gspot/

 

{Codec information appliance} A codec is a program that tells the computer how to display a video clip or movie. Video clips aren't displayed or interpreted in the same way, and codec takes care of it. Find an AVI file and drag 'n drop the file into GSpot, which outputs all of the information in its dialog box. Look in "Video Format" for Status to see if the codec is installed or not. If it's not, then you need to obtain the codec listed. If a codec isn't available for "Audio Format," there may be no sound. GSpot identifies what's needed, but does not install it. Go to a favorite search engine and enter "codec" along with the information from the status box to help narrow down the search. Download the codec and install it, which will enable your media players to play the file. I plugged in a lot of files before I could find one that was "not installed." It was CRAM and doing a search, I found out the codec's name was "Microsoft Video 1" and did a search on the phrase to learn it's an old codec originally shipped with Video for Windows (from Windows 3.1). It is a codec of low quality, and rarely used today. Though I do little with videos, I had fun playing with this utility. [Meryl]

 

 

 

 

posted by Sheldon Lennox 12:01 AM

Sunday, December 15, 2002

 
AICPA B&I E-News #15
June 15, 2002

A strategic planning and visioning methodology developed by The Grove Consultants International, based in San Francisco (http://www.grove.com). This methodology combines graphic facilitation with strategic planning and visioning concepts that focuses participants using graphic templates in a story-telling manner, which taps the group's intuition and gains their commitment.

Employee Loyalty is Central to Business Success

Frederick F. Reichheld, director emeritus of Bain & Co. and author, recently presented a Webcast, sponsored by Ultimate Software, titled: The Impact of Employee Loyalty. He presented his common sense-based principles of employee loyalty. I hope you will find them relevant and meaningful:

* Win/win - innovation is constantly required to improve employer/employee relationships. This may require forgoing the most profitable alternative when employee morale will be negatively impacted.
* Be picky- hire people who demonstrate that they have the appropriate company values.
* Keep it simple - keep your company organized into small teams. Good growth and positive customer response come from small teams.
* Reward the right results - reward not only based on profits, but also based on customer satisfaction and internal team evaluations.
* Listen hard/talk straight - when management fudges, it gives employees the message they can as well.
* Preach what you practice - leaders must be clear what the company stands for. When the times are tough, management needs to let employees know the principles the company stands for so that they will understand the decisions being made.

AICPA Top Ten Technologies

The AICPA conducted an on-line survey to rank 42 technologies. A total of 195 people responded. Top Technologies are presented in four categories:

* Issues: situations that result from technology implementation.
* Applications: business opportunities/objectives using one or more technologies.
* Technologies: end products (hardware, software or standard).
* Emerging Technologies: new developments currently under review.

The Top Technologies for 2002 are as follows:

1. Business and Financial Reporting Applications.
2. Training and Technology Competency.
3. Information Security and Controls.
4. Quality of Service.
5. Disaster Recovery (including business continuation and contingency planning).
6. Communication Technologies (bandwidth)
7. Remote Connectivity Tools
8. Web-based and web-enabled applications (internet)
9. Qualified IT Personnel
10. Messaging Applications (e-mail, faxing, voicemail, instant messaging)

Click on the following links to obtain more information about the Top Ten Technologies:

* Top Ten Technology List: http://www.cpa2biz.com/toptechs.

Coming Soon

Ethics Decision Tree for CPAs in Business & Industry: I mentioned this in our last issue and it is almost web-ready. This is a tool to help CPAs in business & industry understand the process they should go through when challenged by a professional ethics matter. This is a free tool and will be based on the web and later printed in an upcoming CPA Letter supplement.

Sample RFP: Under development is a sample "Request for Proposal" tool that a CPA controller or CFO would send out to accounting firms when they are considering engaging a firm for audit and related services. We will present two different samples RFPs: (1) for a privately-held company, and (2) for a publicly-held company. These tools will be ready for publication on the web in a few short weeks. They will be available for free download.

posted by Sheldon Lennox 9:59 AM

Monday, December 09, 2002

 
Windows 2000 Power Users
Volume 2, Number 34
December 6, 2002
By Serdar Yegulalp (serdar@win2kpowerusers.com)

XP's Product Activation Problem Solved, Pt 1

In volume 2, issue 32 (http://www.thegline.com/win2k/issues/2002/32.html#3), I related the problems of a fellow using a Windows XP product key which appeared to have been rendered invalid by Service Pack 1. Some of you may know that SP1 invalidates a slew of keys which were being widely pirated. Unfortunately, some people actually used those keys legitimately, or had keys which were in the same "family" as the invalidated ones.

The solution, of course, is to provide a new key -- but how do you do that for a system which has already been activated? How do you "de-activate" XP and provide a new key? After asking this, my mailbox fairly exploded with solutions, so I'm going to spend most of this issue detailing them. Yes, Virginia, there is a way to revoke Product Activation -- in fact, there's a bunch of ways:

1. SYSPREP
One of the handy by-products of running SYSPREP, the cloning-preparation tool provided by Microsoft and available on the XP CD-ROM, is that Product Activation is reset. (You can specify this to not happen if you're shipping out pre-activated systems, though.) It's probably one of the simplest ways around this problem, but some people may be understandably reluctant to muck around with SYSPREP. It also requires a lengthy reboot, and there can be other complications that make it less attractive to people.

2. Do an in-place upgrade (i.e., repair) with a genuine copy of Windows.
An in-place upgrade is nothing less than installing a fresh copy of Windows on top of the old one. This solves a lot of problems all at once, as you might imagine, but it also opens a Pandora's box of new ones. For one thing, I've had some bad trouble with machines where I did an in-place upgrade; I'd consider this a last-resort solution.

3. Hack it!
You had the feeling this was coming, didn't you? Yes, you can revoke your own license key with a little under-the-hood hacking. A whole slew of different people sent in this tip, so a thank you to all of you (you know who you are). These instructions actually come from Microsoft themselves, so they are almost certain to work provided you follow the steps to the letter.

a. Run REGEDIT and locate the key HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\Current Version\WPAEvents.
b. Edit the value OOBETimer, and change at least one digit of this value.
c. Close REGEDIT and open a command line (Start | Run | CMD).
d. At the command line, type: %systemroot%\system32\oobe\msoobe.exe /a
e. Click on "Yes, I want to telephone a customer service representative to activate Windows."
f. Click on "Change Product key."
g. Enter the new key and click Update. You'll need to get a new key via the phone, through MS's 1-800 number, but the process takes only about five minutes.


posted by Sheldon Lennox 12:51 AM

Thursday, November 28, 2002

 
[TechRepublic] Gobble up cheap DRAM
November 26, 2002

QUICKLY IDENTIFY RAM CHIPS WITH THESE TIPS
Have a drawer full of old memory chips you can't identify? Sort through your help desk's RAM stockpile with help from these tips. Then, check out the posts in this article's discussion. http://cl.com.com/Click?q=1b-wAchI3NTzVkxtPN7_hOdaZHSC-8y


posted by Sheldon Lennox 11:47 PM

Thursday, November 21, 2002

 
Project Management at Builder.com
November 21, 2002

ESTIMATE TASK SIZE TO ALLOCATE RESOURCES IN MICROSOFT PROJECT
Task size estimates help you efficiently allocate resources in Microsoft Project. Giving your team members just the right amount of time they need to complete a task gives your project a better chance of succeeding. http://cl.com.com/Click?q=ad-_4jAQzEWaIyM-Nrqx6qxsYpHDaEW

CHALLENGES TO IMPLEMENTING A WEB-BASED PROJECT MANAGEMENT SYSTEM
Our columnist shares the challenges faced, and obstacles met, by one company deploying a Web-based project management system. Benefit from learning how this company smoothed out its bumps along the PM road. http://cl.com.com/Click?q=c2-oXSLQUEsqUhZmy9fkyAcFuRLH5Kt


posted by Sheldon Lennox 12:22 PM

Thursday, November 14, 2002

 
[TechRepublic] Secure your messages with next-generation IM
November 14, 2002

SECURE YOUR MESSAGES WITH NEXT-GENERATION IM

NEXT IM ADOPTION WAVE ARRIVING SOON
Instant messaging is a popular consumer tool that hasn't taken deep root in the enterprise. But that may change soon. Tim Landgrave explains that some of the biggest technology players are working to push and cement IM in the corporate workplace. http://cl.com.com/Click?q=8e-VeJcQCninXXNMiTLyZJPDVf9LiGm

IT DUE DILIGENCE: THE ON-SITE DISCOVERY VISIT
In IT due diligence, preparation is key to a successful on-site visit. Mike Sisco points out that this prep work can directly affect how much information is gleaned and help your efforts to build a strong IT relationship with the acquired company. http://cl.com.com/Click?q=b8-smd2QQUDXVJ_x5ESRRklp1NHPybD


posted by Sheldon Lennox 1:38 PM

Tuesday, November 12, 2002

 
OutlookPower Update
November 11, 2002

OUTLOOK 11 AND NEW MOBILITY FEATURES
By Diane Poremsky, Contributing Editor

Many of the new upcoming Outlook features I'm discussing this week are improvements in Outlook that make the program easier to use when out of the office. These features will likely benefit Exchange users, especially Exchange Titanium users, more than standalone Outlook users, although the improvements to header handling and download updates may benefit POP3 Outlook client users the most.

Most of us have experienced connection problems and are well aware that Outlook doesn't handle noisy connections well. When Outlook is downloading POP3 email,
it waits until all messages are downloaded before deleting (or marking as downloaded) the messages from the server. As a result, it's not unusual to get the same message downloaded multiple times. Outlook 11 will mark the headers downloaded after every 32kb, not at the end. This way, if Outlook looses the connection while downloading five messages, it will only need to re-download the last message or two, not all five.

Another new feature that sounds great is Outlook's ability to sense the connection speed. When you are using a high speed connection, Outlook will bring the entire message down when it's selected. For slower dialup connections, it will "drizzle" (get the message headers, then bodies) to improve download experience and eliminate the waiting to connect dialog we're all too familiar with.

Currently, when you connect to your mailbox, you have to choose online or offline mode and restart Outlook to change modes. With Outlook 11 you can switch modes on the fly, without restarting the program.

Both mobile users and security conscious Exchange administrators will like Outlook's ability to do "RPC over HTTP" (basically, the ability to do a "remote procedure call" over the standard Web HTTP protocol). This allows Outlook to speak with the Exchange server over the standard Web port, which is already open for OWA users. In plain English, this means users can use Outlook 11 as easily as they use OWA to access their mailboxes when out of the office, they won't have to use VPN to access the network first when they want to use Outlook. This will be more convenient for the users, and result in less hassle for the firewall administrator. The only catch is that this feature requires the new version of Exchange server, code named Titanium. It's unclear at this point if only the front end server needs to be Titanium or if server housing the
users mailboxes also needs to be running Titanium as well. [Another thought: RPC over HTTP may also mean developers can tap into this as a new way to tinker with Exchange and add capabilities. We'll keep an eye on this and let you know. --DG]

Most administers will have mixed feelings about another improvement in Outlook: message stores are no longer limited to 2GB. The default will be 20GB, with a practical limit of about 100GB for most users. The actual limit will be 32 terabytes, although few, if any, users have that much hard drive space available to them at this point in time.

To keep up with the latest information about the new version of Outlook, stop by http://www.slipstick.com/outlook/ol11.htm.


NEW ADD-ONS FOR OUTLOOK
Sperry Software has released four add-on solutions for Microsoft Outlook 2000/2002. Attachment Save removes the file attachments from incoming emails and saves them to a Windows folder when each email arrives. Email Duplicates Eliminator takes care of duplicate emails that are created each time you synchronize your personal data assistant with your desktop computer. Add Email Addresses automatically adds names to your address book when you send emails. http://www.sperrysoftware.com/


posted by Sheldon Lennox 11:54 PM

Monday, November 11, 2002

 
Microsoft Inside Office newsletter - November

QUIZ: DO YOU KNOW YOUR OUTLOOK CALENDAR?
How much do you really know about your Outlook calendar? Take our quiz and test your knowledge. Plus, pick up great tips and find out how Outlook 2002 and Microsoft Exchange Server combine to deliver new features to help you manage your time. http://office.microsoft.com/assistance/2002/quiz/qolcalendar.aspx

BECOME A CERTIFIED SPECIALIST FOR MICROSOFT PROJECT 2002
Demonstrate your expertise with Microsoft Project 2002. The Microsoft Office Certification for Microsoft Project indicates your proficiency in using Microsoft Project to plan and manage complex projects and communicate project information. http://www.microsoft.com/TrainCert/mcp/officespecialist/project.asp

NOW AVAILABLE: MICROSOFT PRODUCER RESOURCE CD
Get Microsoft Producer 1.1, the add-on for Microsoft PowerPoint version 2002 that makes it easy to create media-rich presentations for the Web. This resource CD also comes with templates, a template editor, white papers, and other great tools. http://microsoft.order-6.com/producer/


posted by Sheldon Lennox 1:15 PM

 
CIO Hotline at TechRepublic.com
11/7/02
[TechRepublic] Find out why governments lag in systems adoption

CONFIGURE & SECURE 802.11 WIRELESS NETWORKS

Enjoy the benefits of wireless networking by addressing security and integration issues upfront. Configure, secure, and troubleshoot wireless networking with TechRepublic's 802.11 Wireless Networking Resource Guide. Learn how to:
*Understand wireless networking protocols
*Troubleshoot wireless configuration and hardware issues
*Secure your organization's wireless network
*Compare wireless hardware offerings
*Figure out if wireless presents a positive cost benefit
*Create a formal wireless policy
Eliminate the guesswork and trial-and-error with expert advice! http://cl.com.com/Click?q=41-qq-1IEK0oK5-L1hn9t_RkpOJJZ3z

RESULTS FROM OUR RECENT SURVEY
Our last survey was based on the article "Guidelines for setting security and privacy policies." We asked about your company's approach to security in light of increased concerns. http://cl.com.com/Click?q=80-KTNvQQ0M6P72T6BeSKS8VdtIBm68

DOES YOUR ORGANIZATION HAVE A SECURITY POLICY IN PLACE?
* Yes: 90 percent
* Not yet, but we're working on it: 10 percent

HAS YOUR COMPANY UPDATED ITS SECURITY POLICY IN 2002?
* Yes: 80 percent
* No: 20 percent

DOES YOUR COMPANY'S POLICY COVER SECURITY BASICS AND INCLUDE ADVICE TO USERS ABOUT THEIR BEHAVIOR?
* Yes: 100 percent

HAS YOUR IT ORGANIZATION RECEIVED ANY NEGATIVE FEEDBACK IN RESPONSE TO INCREASED SECURITY MEASURES?
* Yes: 50 percent
* No: 40 percent
* I'm not sure: 10 percent


posted by Sheldon Lennox 1:15 PM

 
Lockergnome's Windows Digest
October 27, 2002

SetupStream v2.02 [2.6M] W9x/2k/XP FREE
http://www.virtualzone.de/setupstream/

{Create a setup wizard} There is nothing I find more unprofessional than an application that comes to you in ZIP format with no install wizard. I don't mind if the ZIP file only has an executable and a database file (because with something that simple, there is no reason to make an install file), but when the ZIP file involves multiple directories and files, it is just more professional and efficient to install to a folder somewhere besides the Desktop - perhaps, rather, in the Program Files folder. SetupStream is an application that will help you make a setup wizard for any set of files on your computer. I can't believe how easy this application is to use - NO programming knowledge is required to make a setup wizard. This isn't just a case of "you get what you pay for;" in fact, I am quite surprised that this application is free. SetupStream will allow you to do things such as make modifications to the Windows Registry, define a separate destination directory for each file, create shortcuts, and even display a license agreement that the user has to accept in order to proceed. I love that I have the power to make a setup wizard that places an uninstall wizard in my Add/Remove programs
link, which means I can do a clean uninstall if the installed program proves to be troublesome. I have only been able to outline a few of the great features of SetupStream, and I highly recommend that if you only click on ONE link in this newsletter today, make it this one, because this application is more than worthy of your attention. [BS]

Phone Scoop
http://www.phonescoop.com/

I have recently become the proud owner of a brand new Motorola T720 cell phone. I didn't just run to the store and purchase my new phone, though; I DID perform some research first. Nothing is worse than to bring home a new phone and find out that the reception is terrible, the battery life is lacking, and that you could have gotten a way better phone for the same price - if not cheaper. I learned this lesson with my previous Nokia phone, because I knew I loved my original Nokia phone and thought the next model would be even better. Well, I was wrong. One of the Web sites I used to do my research was phonescoop.com - partially because I knew I could read more than just the specifications on the phone, but I could find user reviews too. It's my opinion that someone who has used the phone would give me the best review, whether good or bad. It's the same idea as me giving Windows ME a bad review without even looking at it. On top of all of this, I can use their Phone Finder to find the perfect phone with all the features I want that are supported by my wireless provider. Now that I have purchased and started using my new phone I can see why everyone loved it so much. That doesn't mean I am going to stop checking out this Web site, though, because phonescoop.com also has news headlines on new gadgets and technology advances that
affect the way I communicate from a mobility point of view. So next time you need a new cell phone, head over to phonescoop.com first and get all the facts. You will be happy that you did! [BS]


posted by Sheldon Lennox 12:07 AM

Sunday, November 10, 2002

 
A "best practices" document for testing and deploying Microsoft Service Packs to make things a little more predicatable for our fellow admins. Thought you might find it useful.
http://www.labmice.net/ServicePacks/articles/deploysp.htm

A quick and dirty checklist for standalone installations is at:
http://www.labmice.net/ServicePacks/articles/survivesp.htm


posted by Sheldon Lennox 10:30 PM

 
[Lockergnome Windows Daily] Marvelous Mold
11.05.2002

FilmWise http://www.filmwise.com/

I have a friend at work who seems to know every detail about every movie ever made. He has even competed in local contests and beat groups of people with his film knowledge. He doesn't just learn this information by watching movies; he also likes to surf the Internet for trivia and movie facts. I was proud to furnish him with a link to filmwise.com this week. With this Web site, you can quiz yourself in various aspects of movie trivia. If you think you can pick the title of a movie just by viewing a scene of it, then you should try the Invisibles quiz! With Invisibles, you have to pick the movie from a picture of the scene; the twist is that the people are made invisible. It's much harder to figure the movie when you can't see the people in the movie! If that is just too tough, then you can always try a Visual Quiz where you pick a movie from seeing a specific visual from the movie, like the QuikStop mart from Clerks. If these quizzes don't catch your attention, then maybe you are a text quiz type of person. The text quizzes are hard to explain, but some of them consist of fill-in- the-blank movie quotes or name-the-movie-from-this-phone- conversation. Did I mention that they have quiz contests you can enter? Indeed they do, and if you win then you get to walk away with a brand new DVD. Of course, since I clued you in to the Web site that means that you need to send me the first DVD you win... right? Well, maybe not, but I think I can live with the peace of mind that you are enjoying this very entertaining and challenging Web site. [BS]


posted by Sheldon Lennox 9:49 PM

Friday, November 08, 2002

 
AOL sends corporate IM
Cathleen Moore
October 28, 2002 01:01 AM PST

AS CORPORATE INTEREST in instant messaging and presence-awareness technology escalates, widely-used consumer IM services are making a run at the enterprise with new security, management, and integration capabilities. For the rest of the article, go to: http://www.infoworld.com/articles/pl/xml/02/10/28/021028plsecureim.xml


posted by Sheldon Lennox 2:35 AM

Wednesday, November 06, 2002

 
[Lockergnome Tech Specialist] Keen Static
October 29, 2002

Free Win2K DNS Training Course
Passed along by Bernie Klinder

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q330511

A training course titled "Understanding and Troubleshooting DNS in Windows 2000" is available for download from the Microsoft Download Center.

This course provides in-depth discussion of Domain Name Service (DNS) as implemented in Windows 2000, with emphasis on best practices for installing, maintaining, and troubleshooting the DNS Client service and DNS Server service in Windows 2000 networking and Active Directory directory service environments. Detailed discussion of DNS name resolution methods and namespace planning are included. Screen-capture demonstrations illustrate key administrative, configuration, and troubleshooting tasks.


posted by Sheldon Lennox 12:53 PM

Saturday, November 02, 2002

 
Spotlight White Papers in IT Management
October 17, 2002

TITLE: Strategic Initiatives
COMPANY: Helix Group Inc.
DESCRIPTION: The Strategic Initiatives construct is an excellent way to insure that strategies are integrated, coordinated, challenging to the organization, trackable and implementable. Here is a very... http://cl.com.com/Click?q=60-oqItIsE4xX6RnJGLN8SFokx3EaFR

TITLE: Improving the Planning Process
COMPANY: Helix Group Inc.
DESCRIPTION: A common approach to planning is what is called The Table of Contents Project Approach. It begins with the very positive notion that if there is to be a plan then it should be documented.... http://cl.com.com/Click?q=9f-o7XMQ1JLPB49raDYlcGekq4NBfnR

TITLE: What is a Project and When is a Project Manager Needed?
COMPANY: Comprehensive Consulting Solutions, Inc.
DESCRIPTION: Most people view a project as a designated set of tasks needed to accomplish a particular goal. Using those criteria, many of the things that you do each day could be considered projects. That is... http://cl.com.com/Click?q=b4-aJlbQ6Z9ubPgop8qJzDoyUDMPMPR


posted by Sheldon Lennox 10:34 PM

 
[TechRepublic] Assign tasks with the Build Team From Enterprise dialog box
October 18, 2002

USING THE BUILD TEAM FROM ENTERPRISE DIALOG BOX IN MICROSOFT PROJECT 2002 PROFESSIONAL
If you're managing a project, you want to match the right team member for a particular task. Brian Kennemer examines some features of the
Build Team From Enterprise dialog box and shows you how you can use it to find resources with Project Server and Project 2002 Professional.
http://cl.com.com/Click?q=2c-DafOIc0wqhot1K3YXlzdB70KrcDy

ADVANTAGES AND DRAWBACKS TO HOURLY FEES AND FLAT RATES
Are consultants better off charging their clients a flat fee or setting an hourly rate? Heed these stories, and a few hard lessons, from four consultants before you bill your clients.
http://cl.com.com/Click?q=41-qq-1IEK0oKb8E1UJ9t_RkpOJJZ3z

ARE ALL NETWORK AUTODISCOVERY TOOLS EITHER WEAK OR COSTLY?
TechRepublic's senior network engineer, Lori Hyde, tried two network autodiscovery tools and found they provided a mess of information that
takes as much time to clean up as manually documenting the network. Hyde seeks a solution. What's your advice?
http://cl.com.com/Click?q=56-NwNYInnktkwtpFoCNCrrDMhFzwvO

SOLICIT FEEDBACK ON ACTION ITEMS TO REALIZE FULL MEETING VALUE
Columnist Tim Landgrave explains how consistently agreeing on and following through with action items identified in meetings boosts customer service satisfaction and enhances product quality.
http://cl.com.com/Click?q=96-pjrWQtdmd9qdDLdrBfkmSjnT08GJ

HERE'S WHAT TO EXPECT FROM LEADING CERTIFICATION FORUMS
Web-based forums can be excellent IT certification study aids. Erik Eckel rates the four most popular IT discussion centers and explains what each has to offer. He also identifies several newsgroups you can turn to when tracking down elusive answers.
http://cl.com.com/Click?q=ab-ZcMKQYpJbnQKfCdqDsn90w7ZszQJ


posted by Sheldon Lennox 6:05 PM

 
[TechRepublic] Address DNS-related security concerns
October 23, 2002

QUICK FIXES FOR SECURING WINDOWS 2000 DNS SERVICES
Domain Name Service (DNS) offers various conveniences, but it also contains inherent security vulnerabilities, such as denial of service (DoS) attacks. Lauri Elliott explains how you can help your clients by tightening possible security problems on their Windows 2000 DNS service. http://cl.com.com/Click?q=06-fPUuI48ThKWGTa5wSxf5Cz1hb1G5

GET WINDOWS MESSENGER TO WORK WITH FIREWALLS AND NAT
Windows Messenger can connect your users in exciting new ways. But it's a challenge when firewalls and NAT are involved. Greg Shultz discusses why firewalls and NAT cause connection problems and shows you ways UPnP can help. Also, check out the recent discussion posts to this article! http://cl.com.com/Click?q=1b-wAchI3NTz0kutr5R_hOdaZHSC-8y

WORKING WITH OVERALLOCATIONS IN MICROSOFT PROJECT 2002
Every project has a finite amount of time and resources that can be devoted to completing tasks. Overallocation, when a project calls for more time than a team member has, can present serious problems. Learn how to work around this dilemma. http://cl.com.com/Click?q=30-u8KEIRrBLw8WzgY7dP5MSDp7-LbH

NURTURING THE FREELANCE NETWORK
Consultants who complete their engagements with the help of freelancers can take steps to ensure that independent contractors will be around when needed. Keep freelancers happy with these suggestions. http://cl.com.com/Click?q=5a-ah31IP00dKubJK0lGS5EpJQ4IVI6

MONITOR YOUR PROGRESS WITH PROJECT SERVER'S STATUS REPORT FEATURE
Written progress reports can be one of the more difficult parts of a resource's job. But Project Server makes them easy with qualitative, text-based status reports that are built into the Web Access product. http://cl.com.com/Click?q=6f-3xL9IOLlY3LXPZftqTgEFNlnWhhi

MAP NETWORK DRIVES WITH WINDOWS 2000 LOGIN SCRIPTS
Constantly remapping network drives can be a help desk headache. Find out how Windows 2000 login scripts can make the job much easier. http://cl.com.com/Click?q=84-CC2yQ602V7kz3gfIO4TwBY0oUgVw


posted by Sheldon Lennox 5:38 PM

 
[TechRepublic] Consider scalability and lower costs for network appliances
October 24, 2002

CONSIDER SCALABILITY AND LOWER COSTS FOR NETWORK APPLIANCES

FIRM FINDS AFFORDABLE, SCALABLE ALTERNATIVE TO MICROSOFT EXCHANGE
It would have been simple for one manufacturer to replace its box of ISP accounts with Microsoft Exchange, but cost and maintenance issues prompted the tech team to choose a new network appliance. Read about this project tech leader's cost-effective decision. http://cl.com.com/Click?q=a4-HGVsQ6p5mTatgeq1YN85vOGCwkyH

WILL THE CIO ROLE BECOME EXTINCT IN THE NEXT DECADE?
According to one former CIO, the role of the CIO, as we know it, will disappear in the next decade because of changing attitudes toward technology's place in the enterprise. Do you agree? Post a comment within the discussion thread and let us know. http://cl.com.com/Click?q=ba-m-u5QXpMTWYccYfwxI1z_ZBnPYnv

THIS WORKSHEET TOOL HELPS TECH LEADERS SPECIFY PROJECT NEEDS AND COSTS
Do you need detailed estimates of related internal costs and expected return on investment (ROI) to receive business leaders' backing for IT projects? Get this information and justify your IT expenditures by downloading our worksheet tool. http://cl.com.com/Click?q=cf-ebQ-QLwTuw80dUfESnezOviSm-mv

HOW TO TACKLE A NETWORK DOCUMENTATION PROJECT
Few IT tasks are more tedious than network documentation, and the job becomes especially challenging when you have to build it from scratch. These pointers will help you get your documentation project on the right track. http://cl.com.com/Click?q=23-sFnGINMcnMu30qCXT7ob9ud28GQB


posted by Sheldon Lennox 5:32 PM

Friday, November 01, 2002

 
[TechRepublic] Make a suitable payment arrangement for each project
November 01, 2002

MAKE A SUITABLE PAYMENT ARRANGEMENT FOR EACH PROJECT

CLIENT PAYMENT STRUCTURES THAT GET THE CHECK
You like to have control over how your clients structure their payments to you. Some factors are out of your control, but you can work some payment methods and strategies into your project contract, such as "milestone" installments and discount incentives. Lisa Gill explains. http://cl.com.com/Click?q=fe-xkjgQwgDVMsFBZJkPiPYga_Ov5Gs

ETHICAL DILEMMA: DID THE CONSULTANT MAKE THE RIGHT MOVE?
When a consultant learned that a client's Web hosting service wasn't performing data backups, he decided he had to tell what he knew despite the fact that he was jeopardizing his career. Did he make the right call? Read the article and discuss this dilemma with other members. http://cl.com.com/Click?q=3d-oieNIbzv6X6paJlAgrDPUXPFcMLS

BUILDING STOPLIGHT CHARTS INTO PROJECT SERVER 2002
Stoplight charts--in which the status of a project is represented by red, yellow, or green icons--can offer project leaders a quick view of which projects need attention. Here's how you can easily set them up in Project Server 2002. http://cl.com.com/Click?q=52-LU0oIrJGIR2IUtRELgL3tO6eroJ-

MAKE SURE YOUR COVER LETTER CONVEYS THE RIGHT MESSAGE
Instead of being able to rely largely on their employment network, consultants are finding themselves relying on standard tools to get their feet in the door. Keep these points in mind as you write your cover letter. http://cl.com.com/Click?q=67-Pn3kIOEwRnthwxrzxDr3K6SrE5H-


posted by Sheldon Lennox 2:50 PM

Wednesday, October 23, 2002

 
AICPA Information Technology Section October Technology Alert
October 23, 2002

Agility and the Business Value of IT
By Susan Bradley, CPA/CITP, MCP

Editor's Note: This is a commentary based on a three-part series from Garter Group http://www3.gartner.com/pages/story.php.id.2284.s.8.jsp
called "The Business Value of IT."

Think of last year's gross revenue. Can you determine exactly how much was generated by technology investments? In the days of rationalizing ROI, firms and companies estimated just how much one dollar of IT spending would generate an increase in net income or profit. Today, this is even harder to determine.

As we enter the "maturing" of the IT industry, evidenced by the Internet Bubble, it is more difficult to determine the impact and value of IT for a number of reasons. We question the implementation of large IT projects, the risks associated with them and certainly the value of IT spending as knowledge workers continue trying to embrace the ambiguous concept of "change."

Today, "agile" is a five-letter word businesses build into every dollar of IT spending. Most analysts are saying we need to be "agile" to obtain the best business value for IT spending. Even large firms want to ensure they gain competitive advantages by investing in solutions that enable them to make real-time shifts in strategies.

In a 24x7x365, real-time connected world, businesses attempt to shift from internal efficiency to external agility. Local governments, as well, also seek real-time information and data from their constituents. Software, such as PeopleSoft, SAP and others are implemented to provide such information. SEC filers are embracing Web-based solutions to help meet increasing needs of faster period closings and more transparent reporting.

IT agility also provides businesses like banks - dependent in the past on physical brick and mortar locations to serve their clients - to provide a wider range of methods for customers to obtain services they need immediately.

The value of IT spending as it pertains to increasing knowledge worker productivity is the hardest to quantify. Real-time, online collaboration is key as firms begin to realize the advantages of workforces worldwide. Gartner Group estimates that by 2005, more than 25 percent of IT capital budgets in at least 70 percent of large- and mid-size businesses will be directed to transforming enterprises into using external focus and agility to compete. In addition, while the traditional focus of IT investment in "Enterprise necessities" (financial control, production management and internal communications) exists, differentiation is key to the process. As a result, they need "Enterprise differentiators," such as supply-chain virtual communities, creating new services and forming new business partnerships.

What can IT provide to firms to ensure business value? Gartner Group defines the following key elements:

* Internal efficiency
* Finance
* Payroll
* Internal Inventory and Production Control
* Internal Communication
* External efficiency
* External service providers
* Connected supply chains linking production to customers
* Internal agility
* CRM in financial services
* External agility
* Building stronger connections between customers and businesses


To begin this process, Gartner recommends businesses devote at least 40 percent of their management decision-making time to "Enterprise differentiators." Factors needing immediate attention to transition to agility include budget allocation, competencies, governance of IS organization and enterprises, enterprise IT architecture, management systems, enterprise cultures, and leadership styles. Many of these factors can be found in the AICPA's Top Technologies for 2002 (http://www.cpa2biz.com/).

Failure to align long-term IT strategies into driving change in the enterprise and change architecture, along with competencies, investment and leadership, may jeopardize the enterprise.

Before gathering an IT strategy team to evaluate the plan, think about your own firm's agility. Are you trying to build in a culture of change for workers and a leadership that both embraces and rewards change? Begin by seeing that training, collaborative tools, and knowledge management systems exist so that firms can foster infrastructure interoperability, transparency and zero latency. Now is the time to evaluate your current IT systems to ensure that they assist organizations in this goal. "IT systems" include both the dollars spent on IT structures, such as the traditional hardware and software, as well as the dollars spent on your knowledge workers.

To prepare for tougher times ahead ensure your "company's ship" is built like a tugboat - powerful but flexible, and that your IT structure isn't like the doomed Titanic, unwilling to see the danger ahead and unable to turn fast enough to divert disaster. The right investment in IT will allow you to become a tugboat. However, while It may be difficult to quantify the business value of IT, it's not difficult to realize the impact when IT doesn't not provide value. When firms can't compete, they can't survive.

Susan Bradley is a principal with Tamiyasu, Smith, Horn and Braun in Fresno, Calif. She writes a regular column for IntoTech Update called "EBitz." Contact her at mailto:sbradcpa@pacbell.com.


posted by Sheldon Lennox 9:57 PM

Tuesday, October 22, 2002

 
[TechRepublic] Patch your recovery solution with tape
October 22, 2002

Not every organization has the resources and infrastructure to support real-time replication and high availability (HA) systems. In fact, numerous companies can't provide redundant hardware, even in a many-to-one configuration. If this is the case for your organization, and it uses tape as its primary--or only--methodology for disaster recovery (DR), learn how to achieve the maximum level of protection.

First, settle on a backup rotation scheme. While it's possible to backup all the data every night--a full daily backup--the size of the average tape and the amount of time a full backup takes makes this idea unrealistic. A more practical approach to protecting data is to devise a system that utilizes both full and incremental backups. My personal favorite is the grandfather-father-son (GFS) system.

With the GFS rotation, you make a full monthly backup and move it immediately to an off-site location. A weekly backup is held on-site until the next weekly full backup is successfully completed. In addition, an incremental or differential backup is performed each day to catch changes since the last weekly tape. These daily backups are generally not removed from the site unless a methodology is in place that ensures they can be returned to the site quickly.

Second, decide what tape backup system to use. This decision includes the implementation of hardware and software for servers and possibly desktops.

The two favorite hardware options currently in the industry are digital linear tape (DLT) and linear tape open (LTO). Both of these tape formats offer great performance, speed, and large capacity. While each has subtle benefits over the other, it's generally the pricing from your preferred vendor that will determine which one you use.

There are a multitude of tape software systems available to protect your data. However, before you make a software purchase decision, analyze what you need to back up. For flat files, such as Word documents, any software system will perform well. Applications like databases, e-mail systems, and other systems that hold open files and databases require special backup agents that not all software makers provide.

Many special backup agents cost an additional fee per server, but without the agents, the files that are locked by the software will not be backed up until the software is no longer running. This means that backup software will require some applications to be in an offline state before backing them up without an agent. The limited time frame in which you can execute backups--the backup window--is one of the main reasons that tape backups can be difficult to perform on large-scale database driven systems.

Software decisions must also take into account where the data resides. Some tape systems are not designed to allow the backup of data over the network. Others require the installation of agents on each server that's backed up. Unlike software agents, these are usually included with the backup software, but it's one more service that the servers must run.

Take time to investigate your options, because the proper combination of hardware and software can create an excellent tape backup system to protect your company's data. Keep in mind that the data stored on tapes is approximately 12 to 24 hours behind the live production data. However, if your recovery point objective (RPO) allows for this much data loss, then tape is a very good cost-effective method of DR.


posted by Sheldon Lennox 10:51 AM

 
[TechRepublic] Learn nine key principles of real-time enterprises
October 21, 2002

THE WIN9x VPN CLIENT CONNECTION GUIDE
Your VPN server may work like a charm, but if the client isn't configured properly, the whole system is pretty useless. Find out how to configure older Windows 9x clients to use VPN technology. http://cl.com.com/Click?q=d3-GZGkQJP56HxYx6KUCi-n1D-sDB8R

WORKING WITH OVERALLOCATIONS IN MICROSOFT PROJECT 2002
Every project has a finite amount of time and resources that can be devoted to completing tasks. Overallocation, when a project calls for more time than a team member has, can present serious problems. Learn how to work around this dilemma. http://cl.com.com/Click?q=e8-DO-MQfkcp_EWf0eqTefDMcBP9Ibp

WHITE PAPER: IMPLEMENTING BACKUP FOR DSL SERVICES FOR SMALL BUSINESSES
With the availability of backup technology for DSL, small businesses can now affordably enjoy always on, high-speed Internet connectivity and protection from downtime. Review this paper from Netopia. http://cl.com.com/Click?q=fd-BX3MQgO-_luJVPfm1Ow66i6_vmEQ


posted by Sheldon Lennox 10:44 AM

Thursday, October 17, 2002

 
[TechRepublic] Change your view of information with MindManager 2002
October 11, 2002

CHANGE YOUR VIEW OF INFORMATION WITH MINDMANAGER 2002
For consultants who feel more comfortable explaining projects using visual elements as opposed to Gantt charts, try MindManager 2002, especially if team members have struggled with large tasks. Brian Kennemer offers a review of this valuable tool. http://cl.com.com/Click?q=aa-gBteQXU7_CWw_84WWUeUcI2rs6uR

FOUR CAREER NETWORKING REMINDERS FOR CONSULTANTS
Just because there's less money for IT consulting, it doesn't mean you're out of business. Check out these approaches to developing good relationships with clients and other contractors, as well as gaining new work. http://cl.com.com/Click?q=bf-JtRfQ8Z7gRkZaG95gLuAlEqogMdR

PLANNING AN OFFICE MOVE
TechRepublic members are discussing issues to consider when relocating an office. We'll assemble ideas from the discussion and create a download checklist to help you make trouble-free transitions. Join the discussion and let us know what factors should make the list. http://cl.com.com/Click?q=e9-gdzpQxVPw9GdLmCTqifTWLDB9hRR

ADJUSTING THE PROJECT BID: HOW TO GET YOUR MONEY AND KEEP THE JOB
Consultants must be able to bid projects accurately. If not, they risk losing work, reputation, and revenue. Get tips on what to do if you accidentally underestimate either the time or money resources required by a contract. http://cl.com.com/Click?q=fe-xkIgQwgokMutUFzePyF6O0hhv5cR

BASIC STRATEGIES FOR SECURING INTERNET INFORMATION SERVER
If you're deploying a Web server using Internet Information Server (IIS) and you don't take time to plan for its security, you may as well paint a giant bull's-eye on it. To help you keep it secure, here are some basic security steps to keep hackers at bay. http://cl.com.com/Click?q=13-NxSZI3XI8SrCFFVsOGxoI-Gy7r9R


posted by Sheldon Lennox 1:47 PM

 
Project Management at Builder.com
October 17, 2002
[Builder.com] Clear up clients' preproject misconceptions

PINPOINT YOUR CLIENT'S PRIORITIES TO NAIL APPLICATION DELIVERABLES
When you take on a project, it's invaluable to know your client's true priorities. With the list we offer here, you can ask your client to rank 30 important items from performance to documentation. http://cl.com.com/Click?q=07-HqCzI5rQvhaehmIiR7f6Qg7wbbdR

BOOTSTRAPPING A SOFTWARE DEVELOPMENT PROJECT
Bootstrapping a software project requires special considerations, especially when the product concept isn't completely defined. Starting production with one developer and involving QA early will keep your project on track. http://cl.com.com/Click?q=1c-cs_iIFrAT12vglqn5SJa4o58RKZR


posted by Sheldon Lennox 9:38 AM

 
[TechRepublic] User policies are good first step in minimizing security risks
October 17, 2002

CIO ROLE MULTIPLIES AS COMPANIES EXPAND AND GROW
Many organizations are creating multiple CIO positions to handle the breadth of tactical and strategic duties that have become a part of the job. Here's a look at two organizational models that companies are using to divide their CIO responsibilities. http://cl.com.com/Click?q=08-IFoQIRjSBena01HgFu1mQMY96dFR


posted by Sheldon Lennox 9:38 AM

Monday, October 14, 2002

 
LangaList Plus HTML Edition 2002-09-30

2) "Fred, Did I Get Ripped Off?"

Dear Fred, I purchased an E Machine, Model E Tower 333CS. The label on the outside of the box and the model number both indicated that the CPU has a speed of 333 megahertz. Recently I installed a program called the Belarc Advisor and this program indicated that my CPU is only 250 megahertz. Did I get ripped off? --- Arthur Handel

Maybe, but you'll need to do more testing to know for sure.

I suggest you try other speed-reporting software. One of the most respected is "CPU-Z" (it used to be known as CPUID, but grew way beyond simply identifying CPU types). You can download a free copy from http://www.cpuid.com/ .

Other tools such as SiSoft Sandra ( http://www.sisoftware.demon.co.uk/sandra/ ) also can help. Or, see
http://www.google.com/search?q=cpu+benchmark for a raft of CPU measurement tools, some free, some not. PC Pitstop also can measure your system speed. ( http://www.pcpitstop.com )

BTW: Some minor variation in measured-vs-rated speed is normal. For example, my nominal "2GHz" system actually runs at 1993.9MHz, an irrelevant difference of less than 1%. But getting 250MHz when you paid for 333Mhz is a difference of 25%, and would be significant, if it proves true.


4) Hide (Obscure) Your Address From Spammers

Hi Fred -- There's been an awful lot of discussion on SPAM recently. We all agree it's gotten way out-of-control. You mentioned a number of tools that help kill SPAM at the point of receipt, but I use one that helps prevent your name from getting on these lists to begin with. It's a must-use tool for any webmaster. Type in your email address into this form and it will return an obfuscated version of your email address which you then insert as code into your web page. Instead of using the traditional "mailto" tag, you use the "a href" tag. This fools those pesky harvest bots and they skim right on by. I know you've discussed similar technology on the Langa List before, but this one is extremely useful. I've edited all 70 web pages on my site to include this and I noticed an significant difference in the amount of SPAM I received with new email addresses. As a test I created 3 new email addresses for my domain. I obfuscated one of them and linked the other two using the traditional "mailto" tag. Within 2 weeks I started to receive SPAM at these 2 new addresses, but have yet to receive any at the obfuscated one.

http://www.manastungare.com/asp/preventspam.asp

Another tip I never post my true email address on a bulletin board, guestbook or other Internet forum. Instead, I manually obfuscate it by inserting something into the address which obviously doesn't belong there. For instance webDISCARDTHISmaster@mydomain.com. You wouldn't believe how much SPAM I get at that address...

Thanks again -- love the Plus addition. Best money I've spent on the Internet. Pat Beemer

Thanks, Pat. The "preventspam" link does make easy one kind of obfuscation--- substituting HTML letter codes for the actual letters in your address. For example, if I add this to the HTML of a web page or HTML email...

Email

...a browser will display it as a mail link to "Email" with the actual email address (in this case, "webmaster@langa.com") well obscured. Address-harvesting 'bots see only the raw code ("%77%65%62%6D%...." etc), and skip it.

You can achieve a further level of obscuration by using a small script snippet--- say, a "document.write" command--- to display the obscured address: Most 'bots won't look inside scripts, and thus won't even try to harvest the address.


11) Plus! Edition Extra: Three Powerful (and FREE) Tools

When Bronson C. Elliott isn't at his day job, or working on the LangaList archives, he's often experimenting with new software:

Fred: Thought I'd alert you to a website I've found that offers some versions of useful freeware. The website is called "Lexun Freeware" and can be found at http://home.carolina.rr.com/lexunfreeware/ .

* DrvClonerXP - Copies a drive partition's structure sector-by-sector, byte-for-byte directly to another drive partition, giving you an exact reproduction (clone) of your original partition! No intermediate file is created (like DrvImagerXP below), just direct partition to partition low level structure copying.
* DrvImagerXP - Copies a drive partition's structure sector-by-sector, byte-for-byte to a file, giving you an exact reproduction of your drive partition in file format! The partition's structure defined in the file can then later be copied back to the same partition, or even a different partition, restoring it perfectly. Lots of users prefer it over Drive Image and Ghost!
* RegScrubXP - It's faster, more thorough, and incorporates multi-threading for better user response. It includes a large selection of XP tips and tweaks, and the option of applying some nice tweaks to the Registry to customize your computing experience. It also allows you to click a button to automatically download any updates to RegScrubXP from this web site, all done in the background while you continue working. And the best part... it's free!!!!!

Nice find, Bronson! As I already have Drive Image, I haven't tried the two imaging/cloning tools, but I did download and try RegScrubXP (after making a full backup). It dug out *tons* of stuff that neither the JV16 Power Tools nor Norton's WinDoctor found, and appears to have done so without ill effect. Very nice!


posted by Sheldon Lennox 12:44 PM

Sunday, October 13, 2002

 
LangaList Plus HTML Edition 2002-10-07

4) How To Repair/Reinstall ANY Version Of Windows

Hi Fred: Interesting bunch of reinstall tips for most all flavors of Windows. I stumbled on it through the Steve Gibson server. http://www.windowsreinstall.com/ ---Greg M

This site will show you how to install, upgrade , reinstall , repair, troubleshoot and fix Microsoft Windows XP ( Also known as WinXP & whistler ) , Windows 98 ( Also known as Win98 ) , Windows ME ( Also known as WinME & Windows Millennium) , Windows 95 ( Also known as Win95 ), Windows 2000 ( also known as Win2k & W2K ), Windows NT ( Also known as WinNT), OEM computers ( Dell, Advent, Time, HP, and Compaq home PC's and Laptops ). Also tips, tricks, help, hints, how to build a computer plus much much more.


5) Bugged By Bugbear

A new email/web worm, "Bugbear," appeared last week, and at first seemed to be a minor annoyance. But by late in the week, it had grown to be a full-fledge pain in the posterior.

The worm tries to disable any software firewalls or anti-virus apps you have running, copies itself onto your system using random and variable file names, looks for any network connections it can exploit, and attempts to reinfect others by network and by its own built-in SMTP (email) engine, so you may never know the bad emails are going out to your friends and colleagues. It's also a keystroke logger, and more. According to the folks at Symantec, the worm can:

* Delete files.
* Terminate processes.
* List processes and deliver the list to the hacker.
* Copy files.
* Start processes.
* List files and deliver the list to the hacker.
* Deliver intercepted keystrokes to the hacker (in an encrypted form). This may release confidential information that typed on a computer (passwords, login details, and so on).
* Deliver the system information to the hacker in the following form:
- User:
- Processor:
- Windows version:
- Memory information:
- Local drives, their types (e.g., fixed/removable/RAM disk/CD-ROM/remote), and their physical characteristics
- List network resources and their types, and deliver the list to the hacker.

All the major antivirus makers have patches that catch and fix Bugbear, but from the volume of infected emails I'm getting, way too many people are running unprotected and have been infected.

Symantec has a free tool just for removing BugBear: See http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear@mm.removal.tool.html and http://securityresponse.symantec.com/avcenter/FxBgbear.exe

More Info:
http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear@mm.html
http://www.sophos.com/virusinfo/analyses/w32bugbeara.html


9) More on eMachines Weirdness

As usual, there's no topic that some LangaList reader, somewhere, doesn't have down pat. Consider this:

Fred: It was interesting to read the article from the last newsletter "Did I get Ripped Off" ( http://www.langa.com/newsletters/2002/2002-09-30.htm#2 ). The answer to this readers question is...yes, no and maybe! To explain further, there were at least four versions of this machine and YES some were built with a 250Mhz processor. For more info on this machine and practically all other E-machines take a look at http://www.e4all.info/index.htm and then go to the Upgrade Logs.---Mike Dossett

Fred, I read your newsletter regularly. Keep up the great work! As to the person who bought a PC marked 333 MHz, it could be a Cyrix processor, which would be labeled as a "333" but indeed ran at more like 250 MHz. At the time, those Cyrix chips could legitimately advertise that way because they were roughly as fast as and Intel 333 MHz P-2, at least with some tests. At any rate, that could be one answer. The other, more trivial answer is that he just plain got ripped-off. --- Raino Trifonoff


posted by Sheldon Lennox 9:47 PM

 
"The Naked PC Newsletter" 6/6/02
[TNPC] Good Habits, Mailbag, Movies, and Digital Music

02. Musings on Good Software Project Habits (by Lee Hudspeth)

Several things happened in the past few weeks that prompted me to make a list of the habits I've developed over the years when dealing with a wide variety of consulting projects. These habits have all saved me untold hours of pain and frustration by preventing, or at least mitigating, the various kinds of disasters and confusion that can befall any consulting project, large or small.

1. Keep a project journal.
You can write it out long hand, or you can type it into a document, either way, this is an incredibly powerful tool for answering the questions that inevitably crop up in the days, weeks, even months that follow a project's apparent "closure." This is my personal favorite scenario: the project manager contacts you and asks, panicked, "Why did we...?" (fill in the blank to match your own experiences). Variations are "When did we...?" and "Who did we send it to?" The beauty of a project journal is that, if you keep just the right level of detail--not too much and not too little--you can confidently and quickly scan it for answers to these questions and not have to laboriously sift through 100s or 1000s of archived email messages.

2. Use the journal to note the boss's verbal mandates.
Sometimes, especially when a project is up against a time deadline, things are happening so quickly and dynamically that key decisions get issued verbally with no written follow-up. You'll only be exacerbating the team's and the boss's stress level by bringing this up as an issue. I recommend you take a factual posture: write down what the boss (project manager, whatever) said, exactly, and note the precise time, all in your journal. Then compose a short, simple email that states the verbal directive and distribute it to the team as an informational note. Remember to be very factual here, and avoid judgmental language like, "Well folks, Sue did it again today by changing the way we handle the Special_Meals field codes AGAIN." Go for a style like this, "Sue has requested that in the case of Special_Meals with a null value we explicitly force the appearance of the new code '99' to satisfy some requirements she received from the folks in Marketing. Thanks."

Now, I realize that political forces and raging authority battles will often create a situation where you just can't do this email part. But you've always got your own journal entry so, if it comes down to the ugly "you said/she said/who said" game, you've got your evidence.

3. Consistently use the same prefix in email subjects.
By keeping the initial portion of your project-related emails the same, finding relevant emails is much easier. It also helps team members, when receiving their email, to quickly see that an email is related to the project at hand. For example, if you're working on pattern recognition among airline passenger travel records, and you're doing the project for Far Horizon Airlines, a prefix like "Far Horizon pattern recognition" would work.

4. Use a clear description in your email subject's second segment.
The second part of am email subject is equally important, and instead of leaving your recipients dangling by sending an email labeled "Far Horizon pattern recognition", put in a separator like space dash space then a short teaser that explains at a glance what's coming in the email body. For example, "Far Horizon pattern recognition - initial project requirements" tells the right story.

5. Send only zipped attachments.
Several of us here at The Naked PC have written about the importance of distributing only zipped files. Zipped attachments take up less space on your end, the recipient's end, and while moving through the email ether. Everyone wins. There are virus-avoidance benefits too, not to mention simply being able to send larger files by compressing them thereby staying under your or the recipient's ISP's attachment size threshold.

6. Use the same root filename for a one-file zip.
If you're sending a filename like "Volume 5 Issue 12 draft.doc" then take advantage of WinZip's Explorer integration and let it zip the source file to "Volume 5 Issue 12 draft.zip" with a single click. If you have multiple files to send, come up with a descriptive filename as opposed to something mysterious like "hope.zip".

7. Use descriptive filenames everywhere.
I can't tell you how many times I've received a file from a client with a filename like "runzTotbyhubbyterm.xls" or even (I'm not kidding!) "runz1.xls". Hello!? You should maintain the habit of descriptive filenames, and you can even build your own file naming conventions (beyond the scope of this article). For starters, something like "Far Horizon pattern recognition - zip code analysis_see specs version 03b_2002-06-05.xls" is much preferred over the confusing "runfp1.xls".

8. Make daily, or even hourly, incremental backups.
Stuff happens. Meaning, the likelihood of your work getting trashed by an application crash or some other catastrophe, maybe even a mistake you make, goes up exponentially as you near the project's deadline. Make explicit incremental backups of the key file(s) at whatever interval you can afford to re-key the data. Me, I favor hourly OR whenever you implement a major change or add a big chunk of new data. You can even tie this effort into your system journal (or put the details right into the backup's filename) by indicating what key change occurred since the last backup. For example, "Far Horizon pattern recognition - zip code analysis_2002-06-05_1805_reran to include omitted Eastern Region.zip" (note the use of military time to stamp when the backup was made; in this case just a simple zip file set aside on another disk drive; this way all the zip code analysis backup files are sorted in order for you inside Windows Explorer).

9. Circulate backups of key files to other team members.
This tip applies if you're working with a virtual team and there's no centralized IT infrastructure. Send backups of key files to the team members via email. Five MB (and larger) email attachment ceilings are common; you can compress plenty of data into a five MB zip file.

10. When you receive a database, demand a data map.
Call it a data map, data dictionary, or a field listing, it's important that you not assume a field's name is telling the whole story about the data in that field. For example, say one field's label is "Phone". Is this the customer's home phone, work phone, or other? In this particular case, the field name should be "Phone_Home" instead, and a short "data map" document should come with the database that describes each field and its source, like this, "Phone_Home - customer's home phone number without any stored hyphens or other separation characters; source is the Frequent Flyer database linked by FF#." If you find field naming errors, I suggest you correct them so they don't propagate any further in the project, document the correction in your journal, and circulate an appropriate email.

11. When you receive a file, snapshot it.
If you receive a file like runz1.xls, first make a copy to, say, "runz1_working copy.xls" then set the original to read-only so you can't step on it. This preserves the file as a snapshot of whatever state it was in when you initially received it. No need to make a separate working copy if you're simply copying data from it instead of changing it, so in the case of copy-only work just set it read-only and move on. (Yes, you can often recover to a snapshot via your email Inbox, but I prefer to have these snapshots out on the hard disk where they can see the light of day, instead of being buried in an email maze.)

12. When you distribute a database, include a data map.
See #10.

To see my data mining series' supplemental Web page, go here: http://www.TheNakedPC.com/t/512/tr.cgi?lee1



posted by Sheldon Lennox 1:17 PM

Monday, October 07, 2002

 
W2Knews: New Security Baseline Standard
July 20, 2002

New Security Baseline Standard For W2K WS
A bunch of U.S. government organizations and security companies have put together a set of criteria that they think is the absolute minimum security level. The outfit that publishes these is called the Center for Internet Security. They recently wrapped up the W2K WS platform. CIS put together about 500 tests, which you can run on any box and will show you if that machine complies with the minimum security baseline. They hope to make their customers run this and create a "security barrier" for themselves and their business partners. More platforms will be announced in the future, like the Cisco IOS. You can download the analysis tool over here: http://www.w2knews.com/rd/rd.cfm?id=3D020722RN-security


posted by Sheldon Lennox 6:18 PM

 
[TechRepublic] Make sure your hosting center is ready for a disaster
September 24, 2002

Among the more amusing after-the-fact experiences I had as a systems engineer was when the company I worked for decided to host our servers at a hosting facility rather than our own offices. This single act caused more headaches than all our server issues combined.

The hosting company we chose--which claimed to have disaster recovery (DR) protection for mishaps, such as WAN outages and power failures--decided to perform maintenance on its uninterruptible power supply (UPS) systems. The system in question was set up with power load balancing between two circuits, so that either one could take over in the event of circuit failure. However, when one circuit was failed over to the other, the combined load shot the solenoid switch through its casing. Ironically, the whole data center went down because of DR equipment failure. Modern data centers are equipped with much better solutions for disaster systems. Most of them are capable of circumventing disasters, but it's still a good idea to do some basic checking before you send corporate assets over to the racks.

One of the first things to check is the power situation. A good data center should have trunk lines from multiple power grids so that a generator fire at the power company--which happened three times this summer in New York City alone--won't take down data operations.

UPS systems should also be in effect for protection against major power failures. The length of time covered by the UPS will vary, depending on the hosting company, but a good measurement is the amount of tolerance your company has for the downtime of its data systems. Small organizations on a tight budget should demand a minimum of 30 minutes emergency power to allow for a graceful shutdown of its systems. Large firms that can pay for higher-end hosting can find companies that provide indefinite power supplies, as long as the fuel holds out.

The next concern is backup networking. Almost all hosting centers use a combination of multiple high-speed links from various providers to allow for continued operations in the event of a cable cut or other network outage. Inquire about the hosting company's bandwidth partners, and make sure that there's more than one name on the list.

Another issue to address is internal redundancy. Verify that the routers, hubs, switches, and other vital networking components are hot swappable and that the backup equipment is on-site and ready for deployment. If possible, demand secondary links to the hosted servers, which will provide multiple paths for data to travel in the event of a LAN failure within the data center.

If your organization hasn't selected a hosting company for your servers, take time to investigate your options. The majority of small-to-midsize organizations that keep track of multiple server systems use hosting facilities. Even larger organizations outsource server hosting because it helps streamline management and cut costs. Hosting is a great way to address a multitude of problems that are associated with server systems--just make sure the hosting company doesn't cause the disaster that you're trying to avoid.

HOSTING SERVICES: THE PRICE IS RIGHT FOR ENTERPRISES
This post "tech boom" period means a buyer's market for Web hosting and colocation services, according to Gartner. Find out what you can do to secure better contract terms than ever before. http://cl.com.com/Click?q=77-u6h6IIpm7tzro7wxFmJv-rvKBlnR

A RECIPE FOR RADICAL CHANGE: BCP PROCESS IMPROVEMENT
Many IT managers believe in the value of business continuity planning. Unfortunately, the BCP process can be difficult to grasp. This Auerbach Publications article takes a close look at why adopting BCP could keep your enterprise on mission. http://cl.com.com/Click?q=8c-Ld7aQ6J0xthTvkbV31AY_yX_LHZR


posted by Sheldon Lennox 5:31 PM

 
[TechRepublic] When regulations influence your DR plan
October 01, 2002

Perhaps my most horrific experience as an IT manager was when the CEO came to me and asked if we had a particular certification for our Web site. The ensuing legal, fiscal, and logistical battle taught me a true lesson about the importance of being ready for regulatory influence in information technology. All businesses, big and small, have regulations that must be followed concerning information technologies. In addition, each industry is subjected to some degree of regulatory influence. This influence comes from various sources, including industry consortiums, government agencies, and even self-imposed influence.

The majority of corporate regulations focus on backup and system recovery issues, as these elements have the most impact on critical actions, such as paying taxes, filing reports, and making claims. Failure to take regulations into account when putting together a disaster recovery (DR) plan can easily lead to a significant loss of money and time. For example, the financial industry technology is highly regulated, no matter what arm of the industry you operate. The Federal Deposit Insurance Corporation (FDIC) generally insures banks and other monetary institutions. FDIC certification comes with about 700 pages of regulations that cover information security and backup procedures, all of which must be incorporated within your organization. Failure to comply with these regulations results in daily fines and the eventual revocation of your insurance.

Many companies are trying to eliminate tape-based backup in favor of real-time replication, which is perhaps the best way to protect data systems. However, FDIC regulations demand that tape backup be used for all financial data. Removal of these devices, even if they are replaced with a better technology, can result in a lack of compliance. Generally speaking, keeping tape is always a good idea, but when the budget is a concern, implementing both replication and tape may not be fiscally feasible. The U.S. Securities and Exchange Commission (SEC) has similar regulations for securities firms. Most other types of financial institutions are regulated by one agency or another, and each has its own compliance routines. In the healthcare arena, new Health Insurance Portability and Accountability Act (HIPAA) regulations have very strict guidelines that require the utilization of data encryption and protection. As the deadline for compliance draws near, DR planners must take into account that their backup procedures have to work within the new security model. For example, backup software must be able to read encrypted volumes, plus backup agents or replication systems need the ability to transmit over encrypted WAN links. Smaller firms, especially service providers, truly get the worst of both worlds. While there aren't any regulatory requirements for this particular industry, service providers must comply with the regulations of every company they directly work with.

When it comes to regulations, there's no better time than the present. Take a good look at the regulatory statutes of your firm, as well as those of the organizations with which you do business. Find out ahead of time if your DR plan must take partnering organizations' regulations into account. This forethought will keep you from having to redesign the system later while your company is busy paying daily fines that are higher than some staff members' annual salary.

HIPAA RESOURCES HELP TECH LEADERS COMPLY WITH PRIVACY REGULATIONS
Meeting the data exchange and privacy regulations required by HIPAA is clearly a challenge for IT leaders at healthcare enterprises. This list of online resources can help you find the information you need to comply. http://cl.com.com/Click?q=3a-QAmgIrzh88Gpm4770d-87xyENwuR

STRONG PDA POLICIES HELP SECURE DATA AND PREVENT EQUIPMENT LOSS
Wireless e-mail and other applications are driving more companies to issue PDAs to employees. A good policy explaining employee responsibility for the devices and the support that IT will provide can help reduce security headaches for CIOs. http://cl.com.com/Click?q=8f-OOYvQ8KUOfWqRowXt9Jv94M2LzdR


posted by Sheldon Lennox 3:56 PM

 
[TechRepublic] Be prepared when equipment leases end
October 01, 2002

Organizations that opt to lease IT equipment rather than buy often create needless expenses and management headaches by failing to establish, monitor, and end their lease agreements appropriately. While leasing IT hardware is a viable method of escaping the endless upgrade cycle and does mitigate the hassles of disposing of hopelessly outdated, obsolete equipment, poor management of both the beginning and the end of a lease can erase many financial gains from a company's leasing practices.

Organizations must appropriately calculate the hidden costs of wholesale changes in their physical IT infrastructure--the result of end-of-lease change out--and they must factor these figures into their lease vs. purchase cost analysis. Moreover, companies need to spell out the precise obligations and procedures required from both the vendor and the organization during the end-of-lease process, or they risk falling victim to common hidden expenses.

Use these seven steps to end your organization's leases successfully. Find out how to fully realize the financial advantages of leasing, and learn what you should look for before signing a leasing contract. http://cl.com.com/Click?q=fe-xkIgQwgoywn9pFpePyF6O0hhv5cR

PC LEASING: FIVE CRITICAL SUCCESS FACTORS
Successful PC leasing can save your organization money and keep its technology up to date. Gartner outlines five critical success factors for an effective PC leasing program. http://cl.com.com/Click?q=13-NxSZI3XIrY9R3FfsOGxoI-Gy7r9R

IT ASSET MANAGEMENT IS COMING OF AGE
IT asset management, a cost-saving discipline spurred by an uncertain economy, is moving from the exception to the rule in the enterprise. Gartner looks at the business drivers that are pushing the change. http://cl.com.com/Click?q=28-A2wXIRdAONYBlFcEWo6lyeVdQiFR


posted by Sheldon Lennox 3:48 PM

Saturday, October 05, 2002

 
W2KNews October 2, 2002
2002 Target Award Winners

W2KNews, the world's largest online newsletter dedicated to Windows NT and 2000 issues, announces the winners of the Fourth Annual Target Awards. The Target Awards are given to top Windows NT/2000 utilities in 23 different categories through an online reader poll. Categories include Best Active Directory Management tool, Best Enterprise Security tool, Best Network Traffic Monitor and a number of other areas.

http://www.sunbelt-software.com/targetawards/2002/index.htm

posted by Sheldon Lennox 8:40 PM

Monday, September 30, 2002

 
TechRepublic 9/25/2002

WHAT DOES AN IT DEPARTMENT DO?
As an IT consultant, I like to think that I bring some of the functionality of an IT Department to my home business and small business users. But what specifically are those functions? My Google searches have come up largely empty - nobody seems to have taken the trouble to define "IT Department". What would be a list of specific functions of a generic IT Department at a mid-sized company (e.g. systems maintenance, security, backup, archiving, etc.)?

Answer 1:
This ones hard to answer without submitting a white paper on organizational design and the relationship between IT and its internal customers...

Basically, IT is an internal service. IT can be broken into three layers much like any department.

Strategic: Long term planning for the development of the IT infrastructre, including contingency for disaster recovery.
Tactical: Medium term planning for upgrading and maintaining systems, assigning budget constraints, deciding out outsourcing parts of the IT function to external companies etc.
Operational: IT's main duty is to ensure that the company's IT systems run efficiently with minimal downtime, and to provide one on one support to its users.

http://faculty.babson.edu/gordon/papers/itstruct.htm

Answer 3:
I agree with the previous answer, I would like just to add that, inside a company It exists to add value to the core business of the company. It must help reduce the overall procedure costs, by automating and speeding the procedures, by integrating all forms of informations that exist in every company, therefore reducing the human errors of rekeying and also reducing the costs on that. And give the enterprise the necessary infrastructure to accomplish this, when i say infrastructure I mean machines, software and people.

Answer 4:
The previous answers all provide great detail on areas to consider. I think before you go there, you first examine the company's business. The IT department should provide solutions to best support a company's business objectives and strategies. So before defining the generic functions of a traditional IT shop, some analysis should be done in conjunction with the business owners, that may have a large impact on outsourcing vs.in-house functions, employee needs etc.

Answer 5:
Server backup, analyze firewall logs, hardware troubleshooting, software installation/support, server installation, end user application installation / suppport, budgting - evaluate / compare prices for applications/ hardware / servers, email installation / support, network installation.

Answer 6:
One must not forget the fact that the Company's Customer's are also the IT's customers. Along with that the Company personnel are also the customer's of the IT Department. It sounds like segregating but it is not. I have found that if you treat your co-workers like you treat the company customers Technical/Software support is a breeze.

Answer 7:
In my view, IT = Information Technology. The IT Department is therefore responsible for applying Information Technology in a way that is useful to business. In other words, it enables the business either to do new things, or to do things cheaper than it could before.

Exactly what the IT Department does depends on the business it supports. For example, with the advent of e-mail and other such technologies, Information Technology has made a huge impact on communication within many businesses. In those businesses, computer networks are vital to the company. Application Development provides unique functionality that gives a business a competitive advantage, or that enables it to meet its legal and other obligations.

At the very least, an IT Department must aim to support a business's operations. At its best, it enables the transformation of the business by understanding the business drivers and proactively opening up new opportunities in close co-operation with top management.

posted by Sheldon Lennox 1:05 AM

 
TechRepublic 9/27/2002

HOW TO PROTECT YOUR TIME AND IDEAS FROM DEADBEAT CLIENTS Successful IT consultants make sure the time it takes to present the whole dog-and-pony show to a would-be client pays off a majority of the time. Find out how TechRepublic members leave behind unqualified clients and those fishing for free information. http://cl.com.com/Click?q=d8-XW73QWLIIzNhIvRmVkh8fx1byuFR

ADD DROP-DOWN LISTS, KEEP YOUR TASKS UP TO DATE IN PROJECT Unless your clients have time sheet applications that allow you to quickly see the status of tasks, you have to gather this information yourself. Use the Update Project dialog box to help match updates with tasks. http://cl.com.com/Click?q=17-agitI5X7fDcLabnIMynlCTI9qRdR

TOWERING ACCOMPLISHMENT: HOW ONE COMPANY REBUILT AFTER CATASTROPHE A properly thought-out business continuity plan can be the difference between recovering from disaster and going down with the ship. Learn how one company survived September 11, and discover what it's doing to decrease future continuity risk. http://cl.com.com/Click?q=42-rF7cIPKFKASDrNApMHrRlyqJdeeR

FINDING 'ROGUE' WLAN ACCESS POINTS
WLANs offer convenience, flexibility, and, when implemented correctly, a robust and secure work environment. However, because of security issues and user ignorance, rogue wireless networks are a large, undetected risk to enterprise networks and data. http://cl.com.com/Click?q=6c-SUL3IuPCj_vGjC3K8MxtNBROP9PR

posted by Sheldon Lennox 12:06 AM

Wednesday, September 25, 2002

 
TechRepublic 9/25/2002

INTRODUCING ITIL STANDARDS FOR SERVICE TO YOUR CLIENTS
The Information Technology Infrastructure Library can offer your clients a best practices framework for IT projects and processes. Here are some advantages of ITIL, how you can learn more about it, and how you can introduce it to your clients. http://cl.com.com/Click?q=3a-QAmgIrzhjmDUm4S70d-87xyENwuR or http://www.techrepublic.com/article.jhtml?id=r00720020923jst01.htm&fromtm=e108-2

ITIL Online

How to introduce ITIL to clients - As a consultant, you can introduce your clients to ITIL in the following ways:

- Read the books: First, you can read the ITIL publications so that you’ll become familiar with the terms and concepts. Included in each chapter are relevant examples or humorous anecdotes to help you avoid IT service blunders. Then you can begin to talk about the ITIL framework with your clients.
- Take the classes: You might consider attending a training class on ITIL. If you choose to take a class, I suggest you enroll in the Foundations of IT Service Management course, which presents the core fundamentals of the service support and service delivery processes and is the perfect “introduction” to ITIL. Several training providers teach just the class or offer the class with a certification exam.

My advice is to complete the course and take the exam to earn certification. By demonstrating your willingness to expand your knowledge, sit for the exam, and earn the Foundation Certificate in IT Service Management, you can demonstrate your acceptance and knowledge of the ITIL framework.

Take it to your clients: Once you have mastered the basic concepts, you might offer to perform an audit of your client’s IT organization compared with best practices. Since ITIL is public domain, you can download free self-audit materials from the Web site. The audit kit will enable you to analyze your client’s IT processes and determine whether those processes are in a control state or merely ad hoc.

Finally, you could join a local user’s group. When I contacted the IT Service Management Forum (itSMF), I learned that there were no user’s groups in my region, so I applied to start one. (To find an itSMF local interest group in your area, contact itSMF.)

The Canadian and U.S. chapters of itSMF continue to expand and are good places to start talking with other people who are interested in ITIL. You might even take a client to a user’s group meeting with you. There, the client will have an opportunity to meet others who may be facing the same IT challenges and discover the value that other organizations have garnered from service management best practices.

Final thoughts
The overall implementation of ITIL best practices isn’t something that can be adopted overnight. In most cases, accepting these best practices will require a culture change for your client’s organization. Expect resistance, but persevere: Your clients will be glad you did.


FIVE TIPS FOR WORKING WITH THE INTERNAL IT DEPARTMENT
To make sure your client's IT department won't work with you, begin your engagement by not listening to the staff, failing to build consensus, and isolating yourself. To make things work, take this advice from those who've been there. http://cl.com.com/Click?q=4f-Iar4IIUR_zfkGj88wpF8w8N2nanR

posted by Sheldon Lennox 2:17 PM

Monday, September 23, 2002

 
WinInfo Daily UPDATE, September 20, 2002

* AND YOU THOUGHT I WATCHED MICROSOFT LIKE A HAWK
I'm surprised I haven't mentioned this site before, but a new Microsoft watchdog is on the beat and is doing an amazing job. Called Watching Microsoft Like A Hawk, this site collects links to dozens of important Microsoft stories every day, including many from WinInfo Daily UPDATE. The site has turned into an invaluable resource for me, and one I think many readers will enjoy. Check it out.
http://www.watchingmicrosoftlikeahawk.com

posted by Sheldon Lennox 9:54 AM

Sunday, September 22, 2002

 
LangaList Plus HTML Edition 2002-09-23

2) Shutdown Woes
Part of the problem in Win98 is architectural: In an attempt to make it safer, it was designed not to power off until all running components and modules sent an "OK to kill me" message to the OS, indicating that they had finished whatever they were doing; and that no user data was at risk. Trouble was, if any component or module didn't send that message (for example, if a component had been disabled through power-management), Windows would sit there forever at the "Windows is shutting down..." screen, waiting for a go-ahead message that would never come.

In fact, power-management issues can cause many shutdown (and startup) problems, and yet power management remains somewhat of a mystery to most users. For example, did you know that there are six separate power states available to most current PCs? Don't feel bad if you don't: They all behave differently, different vendors may call them by different names, and your PC may prevent easy access to them all. (More on this in a moment.)

Win98 shutdown problems also can be caused by seemingly unrelated factors, such as the size of your hard drive (!): You see, by default, Windows sets aside a percentage of your hard drive for temporary file areas, trash, and such--- an approach that worked OK when drives were small. But once large hard drives became common, Windows suddenly was having to wade through literally gigabytes of "temporary" files and trash. Sometimes, either through the sheer volume of crud the OS was dealing with, or though improperly cleaned-up installations, patches, and upgrades in these cluttered file areas, Windows would end up with trouble that would manifest itself as the inability to shut down.

Perhaps the best single source for resolving all these and other common shutdown issues is James A. Eshelman's "WINDOWS SHUTDOWN & RESTART CENTER" at http://www.aumha.org/a/shutdown.htm .

We've also covered shutdown issues many times in past issues of this newsletter: http://search.atomz.com/search/?sp-q=shutdown&sp-a=0008002a-sp00000000 . Proper setup and tuneup (to prevent problems with things like gigantic "temporary file" and trash areas) are covered for win98 here http://content.techweb.com/winmag/windows/features/98runbetter/default.htm and for WinME here http://content.techweb.com/winmag/windows/features/merunbetter/default.htm . (XP setup info is at http://www.informationweek.com/story/IWK20011204S0009 , although XP usually doesn't have the shutdown problems common to Win98. ) Power management is a huge topic in itself. It affects far more than just shutdown issues, and far more than just Win98. Stay tuned for major coverage in an upcoming issue!

posted by Sheldon Lennox 9:40 PM

Friday, September 20, 2002

 
[Lockergnome Windows Daily] 9/17/2002

Novobot v2.0 [1.51MB] W9x/W2k/XP $24.95

http://www.gnomedownloads.com/Internet/NewsReaders/novobot.html

Novobot is a smart headline viewer and news ticker that can dramatically improve your web browsing experience. You build a queue from the available sites, run the queue and do your work. Novobot will load each site from the queue, and extract headlines together with sub-headings and links. When the queue processing is complete, you can browse through the resulting headline list and surf to the content of interest with your default browser. No more wandering over the entire Web in the pursuit of interesting stuff, it's all here in your Novobot window. Novobot has the ability to process not only syndicated XML content, but almost any web site (HTML) that has headlines and links clearly defined in any of its parts. Other features include easy browsing, channel updating over Internet, user-selectable fonts, history feature to hide read headlines, semi transparent news ticker and more. The Shareware version offers a 21 day trial period.

posted by Sheldon Lennox 9:53 AM

Thursday, September 19, 2002

 
Lockergnome 9/19/2002

Simple Registry Tweak to Double Download Speed
Unearthed by a Gnomie

http://www.askmarvin.ca/CableModems/tcpset.htm
http://www.askmarvin.ca/CableModems/cablemodem.htm

This came across my e-mail recently: “I am on a cable modem on the west coast of Canada. I benchmarked my speed through a Web site and found it to be a respectable 615kbps. I then downloaded and installed the Registry tweak (Windows 98SE version), rebooted, and ran the speed test again. My speed went from 615kbps to 1.5Mbps! I had a problem believing that, so I turned from my laptop to my desktop machine and repeated the process. On this machine, I went from 645kbps to 1.4Mbsp. Astounded, I did my wife's and then my son's computer with the same results. I had a maximum-speed reading of 1.8Mbps. The best test of the newfound speed was when I went to a file-sharing program and tagged a couple of movie files. The average speed I download at through this program is about 17kbsp. With the tweak, I averaged 80kbps and topped at 212kbps – a substantial increase!"

posted by Sheldon Lennox 1:53 PM

Wednesday, September 18, 2002

 
LangaList Plus HTML Edition 2002-09-19

10) Just For Grins

This won't seem particularly amusing at first, but keep reading:

Fred, I requested some help from my broadband provider the other day and got the following [sig, or signature file] attached at the end of the message

"The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers."

Yikes! Any comments? --- Pete Cedor

Actually, it's a fairly standard sig in common use, especially on corporate email systems. Strangely, I get that sig (or ones very much like it) on emails where people are asking me some tech question or other, hoping for an answer in this newsletter. But one could read the sig as prohibiting me from discussing their question in the newsletter. So, I don't.

But here's the funny part. This is the home-made sig Pete appended to his note:

The information in this transmission is intended to be totally worthless and devoid of any benefit to anyone with the exception of, possibly, the intended recipient. If you received this communication in error or if you accidentally read it when it wasn't addressed to you, then please immediately delete all of your saved game files and email addresses and then energetically beat yourself about the head and shoulders with a recent technology publication of your choice. All other more intelligent actions taken in response to this information are prohibited, so there.

12) Plus! Edition Extra:
Preinstall SP1 On Your XP Setup CD

I ran across this site when I wanted to combine my my OS CD with service packs etc. You may enjoy it.

http://www.tacktech.com/display.cfm?object=3Darticle.cfm&id=3D160

It shows you, step by step, how to create a new Windows XP Setup CD, based on your original CD but incorporating all the new SP1 patches. Any XP installations done from the new setup CD will already include everything in SP1, so you won't have to load the original version of XP and then laboriously process the SP1 patch by wire or from CD: Instead, installing XP *and* SP1 becomes a one-step process. Cool!

13) Plus! Edition Extra:
Real-Life Linux Suggestions Continue

You folks are amazing! The flood of excellent, practical, hands-on advice about Linux is still pouring in. Unlike missives from rabid Linux fans (many of which seem to want to punctuate every sentence with "Bill Gates is Satan!"), Linux-oriented mail from LangaList readers tends to be wonderfully balanced, rational, and very, very helpful. For example:

Fred, I read about Milton Merts' experience with Mandrake Linux (http://www.langalist.com/Plus/newsletters/2002/2002-08-29plus.asp ). I can relate my experience with SuSE 8.0. Like Milton, I wanted to wean myself from Microsoft Windows. For one thing, I was sick and tired of the never ending security bulletins emanating from Redmond. Furthermore, I am not about to pay Microsoft an annual fee for the dubious privilege of running their OS. So I bought SuSE Linux 8.0 Professsional, and recently purchased the StarOffice 6 upgrade. So far, so good. StarOffice 6 is slick, though documentation is lacking for the StarBasic macro language (though supposedly it's very similar to Visual Basic).

SuSE is probably one of the most user-friendly Linux distributions available. Installation was relatively easy, though I had some slight difficulty configuring my modem. (Note that this is usually one of the big problems for new Linux users who have migrated from Windows. Many Windows systems have internal software-based Winmodems as opposed to hardware-based modems, and most Winmodems will not work with Linux. As it happens, I have a hardware-based modem.)

Like Milton, I have a Dell computer with an NVidia video card. SuSE detected the card automatically and I have not had any trouble. NVidia does have updated Linux video drivers on their website, but I've heard that there may be some problems with them, so I've stayed with the drivers SuSE provides. SuSE will detect most hardware, though you won't be able to use hardware for which there are no drivers. SuSE does have a hardware compatability database so you can check out your system before you buy. It's available at http://hardwaredb.suse.de/index.php?LANG=3Den_UK . As an example of potential hardware problems, support for my Canon N650U scanner is limited. There is a driver available, but functionality is minimal. Canon does not support Linux and has refused to release technical specifications to open source programmers who have volunteered to write a driver. So the programmer who did write the Canon driver engaged in a little reverse engineering. (Epson scanners are supposed to work very well with Linux systems.) Contrast Canon's appalling attitude with that of Hewlett-Packard, who actively supports the open-source community.

My advice to Milton is to give SuSE a shot. I'm not sorry I switched and I don't think Milton will be either. SuSE provides free installation support for a limited time and there are plenty of mailing lists and the alt.os.linux.suse newsgroup if you need additional support. Add to that the large set of free documentation that comes with Linux and you're all set. I've got Windows 2000 and Linux installed on separate hard disks, so I still boot into Windows occasionally. But I find myself using Linux the majority of the time, and I love it! And keep in mind that Linux is most likely only going to get better!

Another reason to switch is that TheKompany ( http://www.thekompany.com ) is close to releasing version 1.0 of Kapital, it's answer to Quicken for Linux-based systems. Though not free, Kapital will retail for about $40, a very reasonable price all things considered. Should Milton decide to try again, let me also recommend the excellent book
by Micheal Kofler entitled "Linux Installation, Configuration, Use" 2e. It's a couple of years old and though somewhat dated, there is still a ton of useful information for the Linux novice. I bought mine used on Amazon for $8.39 (that includes shipping)! Milton, don't give up on Linux.-- Richard Sperling

posted by Sheldon Lennox 9:42 PM

 
[TechRepublic] See how well you know PMP
Wednesday, September 18, 2002 6:26 AM

MEMBERS SCORE WELL ON PMP CERTIFICATION QUIZ
The results of our PMP certification quiz tell us that TechRepublic members have a good knowledge of some basic project management concepts. On average, members answered three of five questions correctly. Check out the questions and answers and see how you rate among your peers. http://cl.com.com/Click?q=3D83-U-BXQYJr_ugi8gwtH28FpCQBBd9R

SELECT THE RIGHT TYPE OF MEETING FOR YOUR AGENDA
Learn how and when to replace face-to-face meetings with other types, such as conference calls or video conferences. If thoughtfully planned, your choice of meeting style can accomplish surprisingly powerful results. http://cl.com.com/Click?q=3Dad-_4IAQzE0aOsJN39QxVDhwk8wDasR

ADVICE FOR CREATING CLIENT RETAINER FEES
When one IT consultant asked for advice about creating a retainer fee program at his firm, our members came through. Read their recommendations and warnings about this alternative to hourly fees. http://cl.com.com/Click?q=3Dec-MHyXQVyt3gftuPx1V5GAYoHgSKZR

TIPS FOR CREATING THE PERFECT WINDOWS BOOT DISK
When a Windows system crashes, a properly configured boot disk can be the difference between a quick fix and a total reinstall. Find out how to create a basic boot disk, add CD-ROM support, and add specific troubleshooting utilities. http://cl.com.com/Click?q=3D2c-DatOIc0hqUjt1bocXPSIpgCWrcZR

posted by Sheldon Lennox 4:42 PM

 
[Lockergnome Windows Daily] Calibration Quirks
September 18, 2002

HTTP File Grabber v1.1 [536k] W9x/W2k/XP FREE
http://www.mywebattack.com/gnomeapp.php?id=3D105240=20
HTTP File Grabber allows you to grab virtually any file from the web and save it to your hard drive. This is useful if you need to download a file that your web browser may not handle correctly for some reason. The program supports password protected sites (authorization), connections via proxy server, and also allows you to set the referrer information, query string, and more.

MailTalkX v3.41 [1.9M] W9x/W2k/XP US$19.95=20
http://www.gnomedownloads.com/Internet/EMail-AntiSpam/mailtalkx.html
MailTalkX is a powerful spam-filtering and e-mail application. The program supports multiple mailboxes, allows you to check each mailbox automatically at specified intervals, and can notify you of new mail with pop-up messages, sound clips, and video clips. Flexible filtering options allow you to automatically delete or respond to messages on the basis of message headers. With filtering, you can control spam, personalize the audio/visual notification of new mail, and automatically forward and reply to messages. MailTalkX deals directly with the mail server, so you can avoid downloading spam or other irrelevant mail. The latest version also allows you to send new messages, reply to messages, and forward messages manually. You can run the program in multi- language interface, which will affect all menus, dialog texts, and messages.

Keeping Up to Date with Microsoft Tools
Scribbled by Duane Lambe
http://www.microsoft.com/technet/security/tips/sechotfx.asp
http://www.microsoft.com/windows2000/windowsupdate/sus/0
I think it would be a great idea (and opportunity) to mention qchain in regards to handling "Q" patches. It allows the user to apply any and all Q patches with one reboot - I use this all the time, whether I'm reinstalling a workstation or server. It saves on bandwidth, takes only one reboot (for the hotfixes, at least), and I can add it into an answer file for unattended installs. You'll still have to do the Windows Update thing, but this should save a few reboots. Check out the base site for Windows security; on the left, there's a link to a Hotfix and Bulletin Search, which takes you to a page where you can pick your OS and service pack, and then see which patches you're missing. It's an indispensable site for making qchain compilations, or for searching for specific hotfixes. Each hotfix has a download option that you can use instead of using Windows Update all the time. Finally, MSUS - Microsoft Software Update Services - is a new tool that (currently) only handles hotfixes, but it's free, takes up few resources, and allows for a localized database for Automatic Updates. The server is easy as pie to configure, as long as Internet Information Services (IIS) is installed. The client can be installed on systems that don't have the newest AutoUpdate features, and a simple .REG file configures the client systems to check at any specified location. I've been running this since its release, and have not had a problem with it.

posted by Sheldon Lennox 4:42 PM

Tuesday, September 17, 2002

 
THREE OUTLOOK CALENDAR TIPS
By Diane Poremsky, Contributing Editor

One of the most commonly used features in Outlook, after email, is the calendar. As you might expect with something getting this much use, there are a lot of complaints about how it works (or doesn't work). The following problems were the subject of discussion in the Microsoft newsgroups recently. You can visit the newsgroups using a newsreader, such as Outlook Express (news://msnews.microsoft.com) or with a Web browser at http://communities2.microsoft.com/home/msnewsgroups.aspx

A frequent complaint concerns the small thumbnail calendars in a printed calendar. As we all know, most calendars include thumbnails of the last month and the next month on each page. Outlook, for it's own unique reasons, uses thumbnails for this month and next month. For Microsoft's explanation for this behavior, see http://support.microsoft.com/default.aspx?scid=3Dkb;en-us;Q180674. If you want to use last month and next month, looks at the calendar utilities at Slipstick, listed at http://www.slipstick.com/addins/calendar.htm#print. The print utilities do a better job printing calendars and offer more options. The Word template can be saved as a web page, allowing you to easily publish a calendar to a website.

Another often requested feature is the ability to display both calendar and task items together in a Day/Week/Month calendar view. If you only need tasks viewed in a calendar, you can create a view for the Task folder that uses a calendar layout. From the View menu | Current View, select Define Views and create a new view. Pick the Day/Week/Month type and customize it, then apply the view to your folder. If you need both calendar items and tasks in one folder, you'll need to create appointments from the tasks. You can also view calendar and tasks side-by-side in a folder home page or a Web browser. You'll need to create an HTML page that uses the Outlook View Control. An example is available at http://www.poremsky.com/calendar.htm. This example explains how to add a taskpad to a public folder calendar, however it can easily be changed to show a calendar and task folder from a .PST file or mailbox.

It's not unusual to receive a meeting request or appointment from someone, only to discover the time changes automatically. This is because the appointment was created on a computer using a different time zone and/or daylight time settings. Outlook will always correct appointment times, adjusting it to your time zone. This can wreck havoc with your appointments if you are on a business trip and change the computer's clock. Outlook allows you to show two time zones, which helps alleviate the problem somewhat. To manage this, you'll want to go to Tools | Options | Calendar Options button, Time Zone button. I recommend not | changing the computer's time zone when traveling. I use a clock utility to display the time in multiple time zones instead. I like 1st Clock at http://www.greenparrots.com, and you can find many others at your favorite shareware site.

If you have a problem with the calendar that I haven't addressed, write me at outlook@cdolive.com and I'll try to answer your questions in a future column.
--
Diane Poremsky is the president of CDOLive LLC and a Microsoft Outlook MVP. She's coauthor of Word 2002: The Complete Reference (Osborne, 2001) and Beginning Visual Basic 6 Application Development (for Wrox Press). For questions or suggestions for future columns, write her at outlook@cdolive.com.

posted by Sheldon Lennox 11:17 PM

 
The Naked PC Newsletter 5/9/02
PDF Tools, Spam Tricks, Excel Tips

** 02. Short Subjects (by Al Gordon)

-- And also on the Acrobat front, I was buried in reader email recommending various "Acrobat Lite" solutions--lower cost alternatives to the $250 Acrobat bundle. One often mentioned was Adobe's own online Create PDF service. It is a good solution if you are not a heavy user of Acrobat, but at $9.95 per month, that price can add up over time.
https://createpdf.adobe.com

There also are a number of third-party solutions, which I put to the test using a variety of sample documents and looking both at screen resolution and printouts. All of the products tested displayed flaws: fonts that didn't get converted correctly or graphics that appeared fuzzy. However, no one product failed all the tests and, indeed, on each test documents the "winners" and "losers" columns were different. Also note that the above-mentioned PDFWriter component of Acrobat also displayed flaws; only Distiller was basically bulletproof. Moreover, the most expensive of the alternatives was less than half the price of Acrobat.

The products, in order of price:
- pdf995, free if you don't mind your browser popping up with ads, $9.95 for peace and quiet. pdf995 made font errors on the order of displaying a bold font as regular or giving a fuzzy rendition of an italic onscreen. But at that price, it is tough to gripe.
http://www.TheNakedPC.com/t/510/tr.cgi?al1

- pdfFactory, $49.95, and pdfFactory Pro, $99.95, from FinePrint
Software (the difference between the two versions is that Pro includes security capabilities such as encrypting or copy-protecting .pdf files). The utility produced decent results and has the ability to automate the process of combining multiple documents into one .pdf. But it was totally befuddled by some Bitstream fonts in one test document and wouldn't render them.
http://www.TheNakedPC.com/t/510/tr.cgi?al2

- JawsPDF, $120, from Global Graphics. The price buys you a macro package for Microsoft Word, allowing Jaws to approach Acrobat in ease of use. I saw no problems with font reproduction, but there were artifacts and fuzziness in its rendition of some Web graphics.
http://www.TheNakedPC.com/t/510/tr.cgi?al3

** 03. Mining for Data Gold Using Microsoft Excel: Part 2 (by Lee Hudspeth)

* To print a PivotTable report with row and column labels repeated on each page: click anywhere inside the PivotTable report, File, Page Setup, click the Sheet tab, clear the "Rows to repeat at top" and "Columns to repeat at left" check boxes, OK, on the PivotTable toolbar click PivotTable, Table Options, and select the "Set print titles" check box, OK, now File, Print Preview (or just Print).

* To quickly determine how many unique values are in a given series: say you have a bunch of customer ID numbers in column A with a field header of "CustomerID". Create a PivotTable on just that field in the Row section plus the Count of CustomerID in the Data section, and once the report has been created select all the values in the report's CustomerID column, set the statistics tray to the Count function, and there's your answer on the status bar.

* Viewing the detail data behind a field value inside a PivotTable report: simply double-click on any field value and Excel automatically creates a new worksheet containing all the data that's "behind" that value. Folks, this is *really* cool.

* Keeping track of printed reports: whenever you generate a printed report of Excel information, always include these values somewhere in the header/footer area: filename [upper left], date/time [lower left], and "Page x of y" [lower right]. I often include a very short description if there was a special data sort or extract [upper right]. Personally, I always put these values in the same place (see the square brackets above) but of course you can choose where to put them. Just be sure to put them in *somewhere*! I wish I had a dollar for every time I walked into a client's conference room to encounter reams of unstapled and unordered Excel printouts with no identifying info in the margins, just the raw data.

posted by Sheldon Lennox 10:23 PM

 
The Naked PC Newsletter 1/17/02
Training Inertia, Security for You and Me, NAV Closure

The other, and bigger, problem is training. Actually, the "retraining" needed to get users up to speed with new programs and operating systems. This is not trivial no matter how inexpensive the software is. This is what I call training inertia and it's a big factor in making any kind of a software change. To a lesser extent is the problem of infrastructure, making sure that the network doesn't go down, that the routers will continue to route, the servers keep serving, as well as having an IS department that can provide support for the operating system or application. Of course support takes us back to training inertia. Most companies have given up on trying to do effective training (if they ever tried in the first place) because it's difficult, expensive, and hard to measure the results. Here's how to do it.

Before training begins, someone totally familiar with the target software should analyze the tasks a group of employees perform. Then develop a training course, not to teach the users "how to use the software" but "how to use the software to perform their key job functions" which is a very different goal. Augment this by customizing the software to better perform the end-user group's specific tasks. I've written many a macro and custom Word interface to do just this. To accomplish this you develop the custom courseware using real-world job examples. Then the trainer, in conjunction with the group's manager, develops a follow-up program that is implemented the minute a user returns to their desk after training. This is trickier than the courseware development itself, and involves assigned tasks that must be accomplished using the information learned in training. Finally, to do it right you have to work out the scheduling. Training should be done so that it can be used in real-world situations as soon as training is concluded. Retention of learned skills starts falling off within hours of the training session. Therefore, Fridays should not be training days. Employees in training should be mandated to not check email, not listen to voice mail... basically not be interrupted on training days.

This is all very expensive although the results can be quite impressive. It was a much easier sell this concept when computers cost half a million dollars. Computers nowadays are cheap by comparison and the erroneous assumption is that they must therefore be easier to use. They're not really. And while the hardware is cheaper the time and expertise needed to train users to be proficient has not. But after laying all this out for many companies, both large and small, most opted for feature training, where we'd just take off-the-shelf materials and teach as many product features as possible, leaving it up to the user to figure out if any of it related to their everyday tasks. And it had to done in as short a time as possible, usually on a Friday. Sheesh.

Because of this, users looked at training as a paid day off. When they got back to their desk on Monday, under time pressure they would revert back to doing things the way they did before training (usually with the old software) and that was that. Sigh, those of you who read my stuff regularly know this is an old refrain with me. Today companies figure that everyone does, or should, know how to use the market leader--Microsoft Office--and as new versions come out employees can just soak up the differences. Training is no longer discussed much. This adds to the training inertia and further cements Microsoft's dominance in the workplace.

Where does that leave us? Well, there are three basic reasons to adopt a new technology (read operating system or application) in the first place. To make the cost worthwhile, one of the following must be true.

1) The technology must enable a user to accomplish more work than before in the same amount of time.
2) The work product generated by the user must be of a higher quality than was generated with the previous technology.
3) It must be possible to accomplish a task not possible without the new technology.

To change from one tool to another that provides roughly the same level of technology, the only incentive is cost. Microsoft must make it so costly to stay with the tools they provide to offset the huge costs involved in overcoming training inertia. They seem to be doing just this, but while IS departments may be looking at alternatives (especially today's free ones) I don't think Microsoft has pushed them to the pain threshold necessary to make substantial numbers jump ship. Remember the old clich=E9, "No one ever got fired for recommending IBM." Of course, look at what happened to IBM in the personal computer market.

** 07. Featured Tip - Enhancing Microsoft Outlook 2002 (by Al Gordon)
One of these days Microsoft may actually get the balance of functionality and security right in Outlook. For now though, the best you can do is mess with the various security settings hidden in Outlook 2002--and recently enhanced with the Office XP Service Pack 1.

http://www.TheNakedPC.com/t/502/tr.cgi?ftip1

And I do mean "hidden." Microsoft's solution to the problem was to provide Registry settings that you can add or remove to allow certain file attachment types to be blocked or permitted. Fortunately, because life is too short, Microsoft MVP consultant Ken Slovak has a better solution.

http://www.TheNakedPC.com/t/502/tr.cgi?ftip2

His Attachment Options ($10) Outlook COM add-in puts the settings process into a tab in the Outlook Options dialog--where they should have been in the first place. Version 1.5 incorporates the new SP-1 options to minimize Outlook to the system tray (of so-so value, in my opinion) and to display all email in Outlook as plain text (crucial in defending against macro viruses).

Security measures aside, Ken recently released another add-in, Extended Reminders ($15). Outlook allows you to set reminders for Calendar, Contacts, Inbox or Task items--but only in the Calendar, Contacts, Inbox or Tasks folders. Extended reminders allows you to activate reminders for any folder in your default .pst file. For me, that is a major convenience. I like to create a lot of sub-folders in Outlook to organize information along the lines of the projects I have ongoing. With Ken's tool, I no longer have to choose between leaving, say, a message in Inbox so a follow-up reminder can work, or moving it to the folder where I really want it to be.

posted by Sheldon Lennox 10:23 PM

 
The Naked PC Newsletter 4/25/02
Fighting Spam, Journaling, Acrobating, Exceling

First things first. Many have written wanting to know where to find the earlier articles on fighting spam. You'll find a link to them on my page at TheNakedPC.com Web site:
http://www.TheNakedPC.com/t/509/tr.cgi?dan1

One more reaso to use something like PGP to make your important email verifiable. There is a link to my PGP series on the page above as well. I thought I'd discuss a simple device that helps both end users and corporate IT staff more effectively capture information to facilitate troubleshooting. The lowly "system journal."

A system journal is nothing more than a notebook in which you record information. For example, a server room should have an Event Log book and every time someone performs any action on one of the servers the date, time, initials of the technician, and a description of what was done should be recorded. The reason is simple, when something goes wrong it can usually be traced back to a recent change made to the system. But you'd be surprised how hard it is to figure out who made what change to which server/application/service and when.

Another thing that should be recorded in an Event Log is the creating of folder structures for the purpose of temporarily storing stuff. I can't begin to tell you the number of times I've run into the following situation on network upgrade projects. When we start looking at migrating the data from the old server we run into huge amounts of stuff that had no business being on the server in the first place. "Ah, the last IT guy must have copied so-and-so's laptop to that drive," "Gee, I guess that looks like a copy of the database from when we were installing that upgrade two years ago," "Gosh, I've no idea what all that stuff is, looks like old Goldmine data." It just goes on and on. All this old stuff accumulates like junk in your closet only it never gets cleaned out. The older it is the less likely anyone will take the responsibility to just delete it. And it all gets backed up in the nightly backup, eating up tape and adding hours to the backup job. The Event Log should make temporary copying of files easy to spot and should also generate a note as to when the data in question can safely be removed in the future.

Another notebook that should be in every server room is a problem log where that "something goes wrong" bit is recorded the first time it is observed. Date, time, manifestation, symptoms, side effects, everything that is noticed should be recorded. Just as important is to record each and every step taken to try to resolve the problem, and this can take discipline because it's time consuming when you're frantically trying to fix a broken server.

But the benefits are real. First, in the heat of trying to fix a computer there is a tendency to start throwing solutions at a problem hoping one of them will stick and fix something. Second, it is not uncommon for a hurriedly applied fix to not only not correct the problem but to introduce a new problem unrelated to the first one. Knowing everything that was done (and in the order that the fixes were tried) makes it a lot easier to unwind things that missed the target once the real problem is found and corrected.

This all applies to end users as well. Every computer should have a system journal in close proximity to it, and every time some piece of software is installed it should be recorded. Again, date, time, who did it, and exactly what they did. Every time there's a glitch, blue screen, GPF, suddenly flaky behavior, it should be recorded. Along with which applications were running when the problem occurred, what you were doing at the time, etc.

The system journal is your best resource when your computer develops a problem again because often what was recently done to a computer is a major factor in troubleshooting a problem. And it also allows patterns to be detected in what would otherwise be written off as random glitches. If you have an IT staff you can provide them with detailed information about the problem which should help get it resolved quickly. If you're on your own at least you'll have information that may help you troubleshoot the problem yourself.

posted by Sheldon Lennox 10:23 PM

Sunday, September 15, 2002

 
"Woody's Windows Watch" 4/16/02 - #5.06

WHAT IS THAT SCREEN SAVER?
It's an aquarium design with realistic fish and surrounds. What you're looking for is Serene Screen Aquarium where you can download a trial version. The trial displays three fish (same as what you get with the Windows XP Plus Pack) and it works with Windows 95, 98, 98SE, ME, 2000, or XP (Home or Professional). This aquarium looks gorgeous, with a nice monitor and good graphics card the effect is amazing. No wonder this program has its own fan site.

With the registered version it's worth knowing a few shortcut keys to add to your enjoyment:

W Switching to/from Wireframe rendering of the screen, cute
S Shows the current frame rate and screen resolution in the top left corner
L Turns on/off the automatic light changes, you can then use the arrow keys to change the foreground and background lighting effects manually.
Space Displays the settings dialog
A Shows the help screen with all the shortcuts listed.

posted by Sheldon Lennox 10:07 PM

Saturday, September 14, 2002

 
TNPC 12/31/2001 - PGP Your Files, USB with XP, & Anti-Virus Ease of Use

** 02. PGP (Pretty Good Privacy) - Protecting Your Files (by Dan Butler)
Pretty Good Privacy (PGP) has proven to be a versatile tool in any privacy toolkit. Past articles of this series taught you how to hide your passwords in plain sight, send messages encrypted, and send encrypted files to someone who doesn't have PGP. A handy toolkit for privacy, when you'll use it. I wanted to mention a couple of helpful tips sent in by fellow security-conscious readers of The Naked PC. First, instead of saving a copy of what you are encrypting to a text file, several of you reminded me it's just as easy to add your PGP key to the list of recipients. Now both you and your friend will have encrypted copies of the message. Easy and handy. In fact, PGP has an option to "Always encrypt to default key". With this option checked you'll always be able to decrypt anything you've encrypted to someone else, just supply your private key. This go-round you'll learn how to keep files on your system encrypted until you need them. Any of the following techniques work for leaving files on your system or sending them to someone else. Let's say you have a file you want to keep away from prying eyes. Open Explorer and file your file. Right-click on the file choose PGP / Encrypt & Sign. The PGPshell Key Selection Dialog will pop- up. Look in the bottom right corner. I usually check the "Wipe Original" option which removes the original from your hard drive after creating the encrypted file.
----- Note -----
This is a wipe of the file and not a delete. You won't be recovering the file from your Recycle Bin or with an Undelete tool.
----------------
The other options you have are "Text Output" and "Conventional Encryption". Text Output creates an encrypted file like what you see in an encrypted email. Conventional Encryption lets you supply a passphrase just for this file. Share the passphrase with your friend and they can open the file. Check the "Self Decrypting Archive" box if it is available and your friend won't even need PGP to open the file. When you Encrypt a text file you'll have the "Secure Viewer" option. When the file is opened it will be displayed in PGP's "Secure Viewer" with an option to use a Tempest attack prevention font. What? From the help file: "Tempest: An appropriately instrumented van can park near your office and remotely pick up all of your keystrokes and messages displayed on your computer video screen." As I said before, if you have to worry about this you've got bigger problems on your hands than this article will solve. Still, you may wish to use the Secure Viewer if you are sharing information you don't want others to leave around on their hard drive or if you have to worry about temporary files being created by other software programs. Work through the above techniques. Choose what works best for you. You'll feel better just knowing you can encrypt things when you need to, and get to them later.

If you missed earlier segments of this series, point your browser here: http://www.TheNakedPC.com/t/425/tr.cgi?dan1

posted by Sheldon Lennox 11:40 PM

 
Coordinating a disaster plan
By Mark Vanston, Tech Update
September 6, 2002 10:16 AM PT

In establishing a game plan for organizational disaster recovery initiatives, there should be synergy between IT operations groups and lines of business in categorizing applications for business continuity/disaster recovery and understanding the costs involved. Meta trend: By 2004/05, best-practice business continuity architecture will be a three-way team effort: 1) IT architects and business leaders will establish objectives and business impact; 2) infrastructure and engineering teams will manage availability (planning and building the infrastructure to meet business continuity requirements); and 3) operations command-and-control groups will run/test and monitor/report on disaster recovery preparedness. Our research indicates that fewer than 25 percent of Global 2000 enterprises currently have comprehensive, effective enterprisewide business continuity/disaster recovery (BC/DR) plans that are adequately documented and regularly and rigorously tested to meet the rapidly changing demands of the business. With a realistic, effective business recovery architecture, this will rise to about 35 percent of the G2000 by 2003, yet will not exceed 50 percent until 2004.

Moreover, during the next three to five years, we project that the definition and scope of BC/DR will expand to include not just full outages, but also a more granular view of underused IT assets, looking at availability from an application rather than an infrastructure viewpoint. As a result of most users' poor BC/DR, we project that more than 80 percent of G2000 users will significantly increase their BC/DR budget by 2006--from the current average of about 2 percent to 3 percent of total IT budgets to 5 percent or more of the budget (these figures include third-party and outsourced BC/DR vendor recovery sites and implementation services). Through 2004, as business governance forces executives to develop business continuity plans, line-of-business managers will perform business impact analyses and risk assessments. Business relationship managers (BRMs)--currently in 30 percent of G2000 companies, but rising to 50 percent by 2005--must coordinate the IT tasks of continuity, availability management, and disaster recovery. Moreover, in leading organizations (in other words, those with an established customer advocacy center of excellence), the BRM will act as the catalyst that drives business continuity as a key agenda item. Organizations not moving toward operations excellence will struggle to make this link and fail to have fully coordinated recovery plans.

To create synergy between IT operations, BRMs, and lines of business (LOBs), IT organizations must deliver current-state recovery capability, segmented by application/LOB. For each application, business leaders must define recovery time objectives (RTOs) and recovery point objectives (RPOs), as well as required recovery classes. This assessment should include the financial impact of outages (for example, hour, day, week, and month) in terms of business revenues lost.

Create a framework
IT operations should provide a categorization framework for the evaluation by establishing base-level availability services that match most business requirements. Complexity should be minimized, and a few key applications should be chosen and scrutinized under the categorization framework. These applications should be looked at in relation to current DR capabilities to give organizations a baseline. It is important that IT operations set accurate cost expectations for each category, and not forget to ensure any legal/governmental requirements are met in relation to the LOB applications.

Meta Group has defined the following four categories within a BC/DR framework:
* Platinum service: This level of service gives organizations continuous availability, with an RTO and RPO objective of zero. It will require synchronous data replication to maintain data in case of disaster. Typically, organizations have two hot data centers less than 50 miles apart (to enable synchronous data replication). Both data centers should be active and configured to handle approximately 70 percent of the total service-level agreement. Due to the availability requirements, the data centers will require proprietary, fault-tolerant hardware as well as a duplexed processing environment, and will include such items as transaction routers. A major expense is that a well-trained staff is required in both data centers. Platinum service should be limited to high-revenue-impact applications and is very difficult to justify from a business/cost perspective. One argument in favor of platinum service is that once the infrastructure is in place, other applications can "piggyback" for free and gain continuous availability for minimal additional cost. Although this may be true of some applications, most legacy data center applications have their own TP monitors, procedures for synchronization with the underlying database, etc. Thus, even with a full duplicate data center, a restoration may not happen instantaneously and will require highly trained personnel who are familiar with the unique requirements of each application. Typical costs of a platinum service offering are six to eight times that of the bronze level.
* Gold service: This level of service will be based on storage controller-based data replication with an RTO and RPO objective of less than 15 minutes. Costs for gold service infrastructure are four to five times that of the bronze level. A second data center is still required, and it is necessary to have a complete copy of all data and applications. The data centers should be configured to handle less than 50 percent of the total service-level agreement. Gold-level services are adequate for most high-availability requirements.
* Silver service: This category utilizes tape-based backup, with full backups on a weekly basis and daily incrementals. RTO and RPO objectives are fewer than 72 hours, with costs 1.6 times that of the bronze level. The data available in a DR scenario is only as good as the last available incremental. Data and server environments are rebuilt from tape, which can require days to rebuild complete environments. IT operations should have robust operational processes in place to expedite DR. The silver service model reduces complexity and, as a result, 70 percent of users with DR plans utilize silver-based solutions, typically with third-party DR services in-house.
* Bronze service: This category defines a best-effort disaster recovery with no third-party DR service. Typically, weekly backups are kept off-site, with incremental backups kept locally and off-site. Organizations utilizing a bronze service model are betting on a low probability of data center loss. RTOs are more than one week, with an RPO of one week.

No matter which category is utilized, a minimum requirement should exist for all applications. At the very least, organizations should have full off-site tape backup and incrementals. Organizations should strive to create a hardened data center environment, where the only single point of failure is the data center itself. The decision on what level of disaster protection the enterprise really needs must be made by the business, not IT operations, but it must be made with a full understanding of the costs as well as the risks involved. Creating a synchronized duplicate data center is the ultimate protection, but it is also extremely expensive. That expense does not go down substantially for the second or third application added to the data center, because each will require more hardware, infrastructure, staff, and staff training in the specific recovery procedures of each application. For this reason, most companies that do choose this most expensive route are in specific verticals (such as financials), where even a few hours of disruption of key applications can cost the enterprise a great deal.

Business impact: Categorizing with cost expectations brings reality to the business requirements of disaster recovery.
Bottom line: Cost justification for disaster recovery should be done on an application-by-application basis, categorized by business criticality.

posted by Sheldon Lennox 10:52 PM

 
Websites - 9/14/2002

http://www.sungardthenetbeneathyou.com/ - Information Availability Challenge
www.formsite.com - HTML form building

posted by Sheldon Lennox 10:10 PM

 
TNPC 4/11/02 - Excel XP, VPN/Router, Thumbnails, and a Soapbox

** 03. Hardware for Virtual Private Networks (by T.J. Lee and John Heffron)
I've received a lot of feedback from my previous article on VPNs. Since the subject was of such interest I thought I'd cover a SOHO router that came to my attention that supports a virtual private network. To accomplish this end I've enlisted the help of one of the technology specialists I work with at McMillan Consulting, John Heffron. I gave John the Nexland ISB Pro800turbo device and let him play with it a bit.

The Pro800turbo is an Internet sharing and firewall router device suitable for small office, home office (SOHO) use that supports VPNs and has the somewhat unique ability to accept two broadband connections at the same time. If you had a critical need to always be connected to the Internet you could hook up both a DSL line and a cable modem connection to the Pro800turbo and if one connection failed the traffic would roll over to the other connection. The Pro800turbo also performs load balancing when both connections are working. What's more you can have an analog or ISDN dialup connection to the device's serial port initiate a connection, automatically providing for a third layer of connection redundancy.

The device has a metal casing (as opposed to plastic like you see on devices from LinkSys or NetGear), which certainly gives it an impression of sturdiness. It allows for eight LAN ports (in addition to the two broadband ports) and provides firewall, DHCP, and ISP sharing services. It will clone a MAC address to spoof a broadband device like a cable modem into thinking the router is the NIC card of a particular PC. There is a Web interface which makes configuration easy, with help buttons liberally sprinkled on each configuration page. It's easy to set up port forwarding and you can back up your configuration settings.

Initial setup of the Pro800turbo was pretty straightforward, and the manual provided was very helpful. John made a Web site available through the device and had remote control of his desktop configured in just under 15 minutes. We ran multiple broadband connections through the router and when we pulled the cable connection out of WAN 1 the WAN 2 connection picked up the load immediately without interrupting our test download.

Resetting some hardware configuration settings, however, was tricky and required you to power the router up with DIP switches in one state, and then change the setting within a certain number of seconds from boot. Playing with this took 10 minutes to get the timing right and there was no indication of when the router was going to reboot to save changes. There is no logging facility to show you inbound and outbound traffic, which is a feature we both would have liked to see (although third party software to handle this function is suggested in the documentation). The VPN feature worked but there was no VPN client offered for Windows XP with the Pro800turbo. Again, third party software was the solution (Symantec has a client that works). Remote access is restricted to a range of IP addresses, which is either a nice security feature or a colossal pain in the neck depending on your specific needs.

Overall the Pro800turbo appears to very reliable, never dropping a connection. Despite its impressive feature set, at $399.99 list it's a bit on the pricey side for a SOHO class router. For that money you're getting into the Cisco baby-PIX range and true business class firewalls. http://www.TheNakedPC.com/t/508/tr.cgi?jim1

*-* The 7th annual Computer Crime and Security Survey (conducted in part by the S.F. Bureau of the FBI) reports that the cost of computer security incidents rose in 2001 to $456 million. However, only about one-third of victims report such crimes to officials. http://www.TheNakedPC.com/t/508/tr.cgi?news2

PROTECT Your PRIVACY with Anonymizer!
Sign up and use our proxy server to stay 100% anonymous! Convenient and effective privacy protection -- no one can see where you surf. Blocks Cookies, Java, JavaScript, and other tracking methods. Cookie Encryption - lets you safely access and use Web sites that require cookies. URL Encryption - encrypts your page requests so your ISP can't log them. http://www.TheNakedPC.com/t/a/tr.cgi?anon

posted by Sheldon Lennox 10:06 PM

 
TNPC 3/14/02 - Browse Outlook, Wireless Peripherals, Fight Spam, Excel

The good news (I'll bet you figured some good news was coming, no?) is that if your office uses a version of Microsoft Exchange that supports Outlook Web Access (OWA) you can use a browser to access Outlook remotely from any PC connected to the Internet. Just as the name implies you gain access to Outlook via the World Wide Web. The primary issue with OWA is getting the network admin people where you work to enable it. They usually don't like to do this because of the security risk this type of access represents to the network. However, they may not be aware that OWA can often be configured to use the secure socket layer (SSL) protocol thereby providing additional security to protect the network. In my opinion SSL is the only reasonable way to set up OWA, otherwise it does represent too much of a risk. Then you have to know how to access Exchange via the Web. You type in the URL that points to your company's domain and Exchange server. For example, it may look something like this: https://mail.domain_name.com/exchange/ where "domain_name.com" is the company domain. Once you connect to the network server running Exchange you'll be prompted for your login credentials, username, password, and the domain name that relates to your network. Once you've logged on you can access Outlook's Calendar, Inbox, public folders, pretty much whatever you have access to when at work is available via OWA. I've seen networks where OWA was enabled because a VIP wanted to be able to check his email from home and the IT staff just never mentioned to anyone else that it was available. So you might check to see if your Exchange server has OWA and is accessible.

** 03. Cutting the Hardware Cord (by Al Gordon)
Logitech wants you to cut the cord... to your keyboard, mouse, and game controller. Over the last year or so, the peripherals maker has unveiled a wide lineup of cordless hardware. In the ongoing battle between Logitech and Microsoft for supremacy in input devices, Logitech has clearly staked out the cordless market. Microsoft only offers a single cordless mouse and has not yet released an announced keyboard-mouse package. Logitech, on the other hand, offers a choice of five keyboards, four mice, two trackballs, and a game controller, all cord-free. For pictures and additional links please see my supplemental page: http://www.TheNakedPC.com/t/506/tr.cgi?al1

A couple of caveats apply here:
-- As long-time The Naked PC readers will know, I have only recently recovered from a computer-related repetitive motion injury and, thus, I take ergonomics very seriously. One size does not fit all. The layout, size, weight, key touch, and other design factors in each input device require that users find one that meets their personal needs for comfort. Don't go by pictures or model names. Most computer and office superstores put input devices out on display; give them a try.
-- Note also that in Windows XP (and all other flavors of Windows) the native keyboard-mouse-game controller will give basic support to Logitech's devices, but not such special features as mapping special keys and buttons. For example, it will support only two buttons and a scroll wheel for a mouse. (The same holds true for Microsoft's hardware, by the way.) You need to install Logitech's own "iPoint" and "iTouch" software to activate the special keys and buttons.

All of Logitech's units passed the crucial Across the Room Test.
I could take the keyboard or pointing device with me to the other side of my office and still communicate with the PC. No, you are not going to do a lot of typing that way. But you might well want to control your digital music software from a distance, for example, or put the keyboard on your lap while Web surfing. The devices run on cordless phone frequencies, and Logitech says it has tested extensively to be sure there will be no interference between phones and peripherals. Flagship of the Logitech line is the Logitech Cordless Freedom Optical Mouse and Keyboard (street price, just under $80): http://www.TheNakedPC.com/t/506/tr.cgi?al2

Sleek, black, and well-featured, the bundle also includes a version of Logitech's Cordless MouseMan Optical. MouseMan, the company's top-of-the-line, four-button, cordless, optical mouse is $45 alone, which makes the bundle a very good deal. http://www.TheNakedPC.com/t/506/tr.cgi?al3

[I use this keyboard and mouse set up with my laptop when I'm in the office. It's very nice! -- Jim]

The keyboard has a low profile, making it easier to fit it on your desk, in slide-away keyboard drawers, or--this being cordless, after all--on your lap. In addition to the standard keys, the board has a nice set of add-ons. Top center is a multimedia control center, with a volume control dial, and keys to launch a player, start/stop, change tracks, and all that. The top-left and top-right corners have programmable buttons to go to Web sites or launch applications. And on the left side is a scroll wheel intended to take over some of the work you might do with the mouse in your right hand. If the Cordless Freedom Optical is not to your liking, the diverse Logitech product lineup includes an ergonomic Cordless Freedom Pro keyboard and, if you have a PC in basic beige, the neutral color Cordless Freedom iTouch. One of the key features in the Logitech keyboard-mouse bundles is that the transmitters and devices are fungible. If you decide you want a different mouse, you don't need to change transmitters. You just push a button on the transmitter and one on the device, and--zap--your new mouse or trackball is on the air. Thus if you want an ambidextrous unit (MouseMan is for righties), there is the Cordless Optical Mouse, and trackball users can choose between the Cordless TrackMan FX optical (you move the ball with your fingers) and the Cordless TrackMan Wheel (you move it with your thumb).

[Jim did a series on email basics that covered use of BCC: http://www.TheNakedPC.com/t/506/tr.cgi?dan1]

** 08. Featured Web Site - Infotrieve (reviewed by Lee Hudspeth)
Infotrieve is a portal site for researching scientific, medical, and technical journal published materials. When you locate the article you want, you can read the free digest online, and then elect to pay for delivery of the full text in a variety of formats: email, fax, or hard copy; the latter can be delivered via first-class mail, standard courier service, or rush delivery. Infotrieve's proprietary, free-to-search bibliographic database contains over 22 million citations, plus over 10 million abstracts originating from 35,000 scholarly journals. Infotrieve offers free searches of Medline, the National Library of Medicine's bibliographic database with citations and abstracts from 3,900 biomedical journals. You can freely search Publist, a directory comprised of over 150,000 publications (with an emphasis on the academic). Then there's pay-per-view eContent (searches are still free) which gives you access to electronic-format publishers, ranging from the Acoustical Society of America to Harvard Business School Publishing Division to University of Chicago Press (I counted 46 publishers currently in the list). I'd like to thank my friend Vic for pointing me to this excellent research site, particularly as a tool for searching Medline and thereby gaining a better understanding of a physician's diagnosis and advice. http://www.TheNakedPC.com/t/506/tr.cgi?fsite

posted by Sheldon Lennox 10:06 PM

 
Most enterprises are unprepared for disaster
By David Southgate, Tech Republic - August 9, 2002 9:54 AM PT

Nearly 80 percent of U.S. companies don't have sufficient plans and solutions in place to address network outages or system failures that could interrupt the flow of mission-critical business information. While many enterprises, about 78 percent, reportedly have data backup systems, very few have a plan to access that data if and when a disaster occurs. And, on top of that, 90 percent of companies that are backing up are using tape—a backup technology that has proved inadequate for the rapid-fire, real-time business data scenario.

A wake-up call
The startling statistics were reported in a June survey conducted by SunGard Availability Systems. The survey, which polled 200 U.S. businesses with $5 million or more in annual revenue in a broad range of industries, was conducted by New York research firm David Michaelson & Company, LLC, from April 16 to May 2, 2002. SunGard Availability Services is a division of SunGard, an IT solutions provider for financial institutions as well as information availability systems and services. An information availability self-assessment tool is available on the SunGard Web site. While past surveys and reports indicate that company executives are aware of the risks of not having disaster planning in place, few companies surveyed have done the required planning, preparation, and testing of backup systems to keep business data available, said SunGard CEO Jim Simmons. "Inaction seems to be the norm, more of the norm than I thought or hoped it would be." The inaction, added Simmons, means that companies are exposed to unacceptably high levels of downtime in the event of a 9/11-type or natural disaster. On average, companies surveyed said that it would take 50 hours to replace a failed processor, and four days to set up alternative work space. In e-commerce environments, and enterprises whose customers require up-to-the-minute information, a matter of hours can be too slow—and potentially costly in terms of lost corporate revenue and corporate reputation damage.

Some have plans, but plans aren't enough
There is some good news, noted Simmons. The few companies with business continuity plans are less likely to experience any kind of downtime in information availability. And as companies do the diligence required to create a plan, they tend to uncover areas of risk and address many of them during the planning process, he added. According to the survey, small companies are in worse shape when it comes to disaster preparedness. Thirty-nine percent of small companies—with revenue of $20 million or less—are less likely to have written plans in place. By contrast, 60 percent of those with revenues of $20 million to $99 million, and three out of four (74 percent) with revenues of $100 million, have worked to ensure data protection. Yet, just having a plan isn't enough if it hasn’t been tested, and only a few of the surveyed enterprises have done the required testing. Of those polled, only half of those with a plan had tested it in the past six months. Twenty percent of those with a plan have never conducted testing.

Best practices should be included
The SunGard report indicates that only a handful of companies with plans in place have followed best practices, which should include:
* Storing applications and data offsite.
* Having duplicate processors available offsite.
* Updating the business availability plans regularly.
* Testing the plan regularly.
* Planning for staff evacuation.
* Availability of an alternate network.
* Planning for a command center.
* Outsourcing some of the plan to a third party.
* Having offsite facilities available for displaced workers.

The SunGard survey states that only six in 10 (61 percent) currently have mirroring in place, and even fewer (50 percent) have the required backup processors that could be needed in the event of a system outage. Just one in three have managed Web hosting (37 percent) or hot storage (33 percent), and only 19 percent have provisions for getting displaced workers into alternative facilities. Uninterrupted access to mission-critical applications, such as e-mail for corporate leaders and board members, is only featured in 68 percent of company plans. "What's shockingly clear from this study," said Simmons, "is that the planning companies do to protect their businesses is almost solely focused on protecting data in the event of disasters, rather than on implementing solutions designed to keep their businesses functioning.... If there's one thing to be learned from the events of the past year, it's that companies should be asking, 'What processes do I need to keep my business running?' rather than 'How do I protect my information?'"

posted by Sheldon Lennox 9:05 PM

 
M I K E ' S L I S T - ISSUE 44 * SEPTEMBER 13, 2002

Be careful posting your e-mail address on your own web site. There's a tiny application called E-cloaker that can help with this. It turns both the "href" of the hyperlink tag and the hyperlinked text into unicode, which displays as normal in a browser but is not easily readable in the HTML. See http://www.codefoot.com/software/ecloaker/index.html

posted by Sheldon Lennox 1:09 PM

Friday, September 13, 2002

 
LangaList Plus Edition 2002-01-14

Free Personal SMTP (Email) Server: http://www.postcastserver.com/ PostCast Server is a free server program that enables you to send messages directly from your computer. This program is used for sending newsletters, distributing messages to different mailing lists, sending notifications to your customers, as well as for sending individual messages. You can use it instead of the SMTP server of your Internet Service Provider (ISP). Email server software using the "simple mail transport protocol" (SMTP) is usually bundled into higher-end products, and can take a fair amount of deep-geek twiddling to get it to work properly. But the PostCast Server is free and has a relatively simple front end. The vendor says: ...it turns your computer into an outgoing mail server which can send more than 3500 messages per hour with an ordinary modem connection. This is a perfect solution for sending newsletters, distributing messages to different mailing lists, sending notifications to your customers, as well as for sending individual messages. You can use it instead of the SMTP server of your Internet Service Provider.

It could be very useful for all those purposes, and more--- with one big caveat: Setting up an SMTP server on your PC may void your user agreement with your ISP, and could lead the ISP to kill your account. In many cases, ISPs that block local SMTP servers do so in good faith: They're trying to prevent spammers from using their wires as a source of outbound spam. In other cases, the ISPs are less altruistic, and are instead seeking to lock users into a specific set of inflexible services. But either way, if your ISP doesn't allow it, you're risking losing your account by using a product like the PostCast server. But if your ISP *does* allow it, then PostCast could be a nice way to take more control of your outbound email.

posted by Sheldon Lennox 5:38 PM

 
LangaList Plus HTML Edition 2002-04-11 & 2002-04-08

Live Stripper - http://www.angelfire.com/sc2/hbuckallen/stripper.html
No, it's not what you're thinking! It's a live, online web page with two windows: In the first window, you paste text (such as from a forwarded email) that contains unwanted characters (">>>" or any of 13 different characters). The second window then displays the cleaned text, with the unwanted characters stripped out:

FuzzyLu Multimedia's FuzzPad, http://www.fuzzylu.com/docs/html/js/home.htm as a GREAT site. It's extremely useful for people learing HTML. The page consists of 2 windows: you paste your HTML code into the lefthand window, click on 'Show It!!', and the righthand window shows your code as it would look on a webpage.

posted by Sheldon Lennox 2:05 PM

 
LangaList Plus HTML Edition 2002-04-15

Outstanding (And Exhaustive) Spyware Resource
Aexceptionally comprehensive round-up of current spyware, adware and other parasiteware which you'll find at http://www.simplythebest.net/info/spyware.html. Usefully, the page includes useful links and a list of files and registry entries to look for if you want to get rid of these unneeded nasties.

posted by Sheldon Lennox 1:50 PM

 
LangaList Plus HTML Edition 2002-05-13

Improving Fast Find and System Restore
Small contributions regarding Office XP Fast File Find and deleting Windows ME System Restore.

I searched the Langa files for information on how to get rid of MS Office XP Fast File Find (FFF) (which is different from previous versions of Office). The Langa List search led me several places, but ultimately I found: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q282106 which has the title "OFFXP Hard Disk Runs Continuously After You Install Office XP (Q282106)" with detailed instructions on how to stop FFF, delete it's indexes and uninstall FFF.

Because I did it wrong the first time (I learned I must read MS's instructions VERY CAREFULLY and do one small step at a time) and had to do it all over, let me give others the general steps:

1. Open a Word (or other office application) and go to the search menu where, about 6 levels deep, you find where you can turn off FFF and delete its index files (which, per Q282106, you DO want to delete the index files if you are not going to use FFF).

2. Then, if you want to uninstall FFF itself, dig out your Office XP CD-ROMs, then you use Control Panel Add/Remove programs to (again about 6 levels deep!) uninstall FFF and it's files. While I was in there I removed a couple of MB of other Office XP stuff I knew I didn't need. Don't reverse the order of these steps - I know from personal experience.

I am about to (very carefully) follow the MS instructions to delete Window ME's System Restore found here: http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q299266 which has the title "Free Hard Disk Space Decreases for No Apparent Reason (Q299266)" with the ultimate goal of getting my C partition small enough to Disk Image onto a single CD-ROM

posted by Sheldon Lennox 1:03 PM

 
LangaList Plus HTML Edition 2002-05-16

Linux, "Just Like Mom Used To Burn" - http://www.linuxiso.org . This is what you might call 'Linux out the wazoo'. Here you will find the ISO's for 35 different flavors of Linux. You can go to this site and download --- for free --- a file containing a CD disk image of a standard Linux distribution: That's an exact copy of a complete, ready-to install Linux distribution, just as it ships on a CD. The site describes these copies this way: Think of it as the equivalent of a screen capture, but instead of capturing the information on a screen, this image captures all of the information on a particular Linux distribution's cdrom. When burned as a disk image, the .iso file is turned into a duplicate cd of the original cd. If you're not familiar with the shorthand jargon, ISO refers to the "International Organization for Standardization," and in this context is short for "ISO 9660," an international format standard for CD-ROM adopted by the ISO. An ISO 9660 (or "ISO" for short) CD should be readable on any standard CD drive. So, you download these files, and then burn them as a disk image (not just as a plain file) to a CD, and presto--- you have a duplicate of the setup CD for whichever Linux flavor you chose to download.

posted by Sheldon Lennox 11:40 AM

 
LangaList Plus HTML Edition 2002-06-03 (June3)

Check out these two websites. The first is a new driver search site, http://www.perfectdrivers.com . It's free, the home page loads quickly and the searches are lightning quick. It is kept up-to-date by volunteers from the support forums of http://www.thetechboard.com , which also offers free tech support, utilities, tech humor, PC performance tips and a lot more.

Excellent Third-Party XP Info Site - http://www.xp-erience.org/

posted by Sheldon Lennox 11:30 AM

 
LangaList Plus HTML Edition 2002-06-06

[H]ere is a debug routine that you can use to blow away the CMOS settings - make sure that you record the settings first, run the routine, and then reboot - go into setup and restore your settings. I have seen this fix all sorts of weird hardware looking problems - everything from LPT1 not working to incorrect RAM sizes. I have even seen this fix video problems where the colors look like 256 colors even though the video is set to high color. For the routine see http://www.bioscentral.com/misc/debug.htm

posted by Sheldon Lennox 11:06 AM

 
LangaList Plus HTML Edition 2002-06-27

One site above all others for comprehensive information on creating all kinds of bootable CDs. It's "Bart’s way to create bootable CD-ROMs" at http://www.nu2.nu/bootcd .

9) "Fly" Over Aerial Photos Of Your Home/Office
Punch in your area code or home address, and it shows you a really cool aerial view of your neighborhood. All kinds of buttons to play with, too. http://terrafly.fiu.edu/
http://www.terraserver.com/

11) Plus! Edition Extra:
Fast, Free File Transfers
If you see a file you want on to save on your site, instead of downloading it to your computer then uploading it yourself, you can cut yourself out of the picture and transfer the file from server to server. Their file size limit is 2.4GB (wow!), and they're capable of 1GB/minute. http://www.transloader.com
If you routinely need to move some files between servers, it could be handy.

posted by Sheldon Lennox 12:29 AM

 
LangaList Plus HTML Edition 2002-07-25

1) Tame System Restore's Big Appetite
If you use WinXP or WinME, the default settings of System Restore are probably eating a gig or more of your disk space. If System Restore were a full-fledged backup/recovery solution, that might be fine--- but it's not. Instead, you may burn that much disk space without doing much good at all. Even if you don't mind losing the disk space, that extra gig still gets in the way of backups, defrags, file searches, and all other similar activities. It's just so much needless baggage. You can do better--- perhaps much better. In the current InformationWeek column (online now, for free, at http://www.informationweek.com/897/langa.htm ), I'll show you how to overcome the four main limitations of System Restore. We'll also discuss the biggest misconceptions about what System Restore can and cannot do.

I'll then give you click-by-click instructions on how to take full control of System Restore, and illustrate three different usage plans, all of which are much more efficient than Microsoft's sloppy default settings. One of these three plans will be right for you, letting you tap into only exactly as much of System Restore as you really need, without the waste and inefficiencies of the default settings.

posted by Sheldon Lennox 12:19 AM

 
LangaList Plus HTML Edition 2002-09-05

"XP Firewall Guide:" http://members.aol.com/axcel216/xp2.htm#XFG
Tons of updates @ the "Free NT4/2000/XP Extras" page: http://members.aol.com/axcel216/xptoy.htm
More "Free Windows 9x/NT/2000/ME/XP System Add-Ons:" http://members.aol.com/axcel216/web.htm#ADD
And don't miss the newest "XP Essentials:" http://members.aol.com/axcel216/web.htm#WXP

posted by Sheldon Lennox 12:03 AM

Thursday, September 12, 2002

 
ISSIG Bits E-Newsletter for September 2002

Feature Article

PMO In A Nutshell

By Randall J. Monlux, PMP

As economic and business cycles respond to the historic ebbs and flows the reoccurring theme of centralization of business practices trough a PMP is constantly addressed for its true value added to the company or organization. The danger being that, if allowed, a process group devolves from being the advocate of efficiency to the bureaucratic quagmire that it was developed to reduce or eliminate. As with any endeavor a measure of that most unique of traits needs to be emphasized and reviewed at all times, that of a balanced common sense approach. We need to constantly and consistently review what the PMO is and what the benefits are to insure that those goals are being met within the requirements of the unit and are truly adding value to the organizational unit and not just to the PMO.

The overall definition of the term PMO needs to be reviewed as it has been burdened with multiple definitions. Project Management Office, Program Management Office, Project Management-oversight Office, and Program Management-oversight Office. Being the most common of terms currently being assigned. As is the case with most real things more important than the title is the actual functional aspects of a PMO. That if these core functional elements are not occurring the office has missed its objective and needs to revamped or removed.

- A PMO provides stakeholders, project managers and their respective teams with the methods, techniques and organizational structure required to effectively manage their projects and programs. The PMO offers centralized project management for individual projects or programs consisting of many projects both linked or associated, and facilitates effective communication with all levels of stakeholders.
- The PMO helps insure that projects complete successfully by encouraging best practices for project management. It facilitates collaboration of multiple projects and resources, and provides centralized management of project risks and changes. It acts as the facilitating authority to the Change Control Board. The office insures that uniformity in templates, reports and plans is achieved by offering, developing and publishing the associated boilerplates required by the organizations various groups.
- Through the PMO, interactive project schedules and progress reports are published to communicate project status and support corrective action to optimize resources, resolve issues, and demonstrate business value.
- The PMO fosters the disciplines of Earned Value and Net Project Value to insure that measurable metrics are being instituted and implemented. These disciplines allow for the organization to respond to project needs when issues arise, highlight and proactively implement found efficiencies, and halt projects that are jeopardizing the organization.
- The PMO acts as a conduit and not a gatekeeper to archived materials that form the organizations Lessons Learned. Through the evaluation of these lessons learned and data collected form the organization peer communities a series of Best Practices are identified and maintained. The office is to continually review the Lessons Learned and the community data models to insure that the best practices are consistent to the evolving environment.
- PMO's foster and insure the various requirements of the project team within the boundaries of the business. Creating a value added portion to the development of the businesses human resource element not normally recognized.

When an organization has a PMO that is addressing and insuring that these key elements are occurring its worth becomes self evident, it is then able to consistently Shepard and mentor the organization on Project Management Methodologies. With a defined ability to have known metrics that reduce cost overruns before they occur along with identifying costly redundant effort a PMO is able to gain creditability on the executive level. By coordinating organizational resources and insuring, that schedules are identified and recognized to the various groups mid level buy in is achieved increasing its own efficiencies and impact on the company. Finally and most significantly by recognizing human resource elements as key contributors to best practices, lessons learned can be implemented and willingly accepted reducing excess effort and unnecessary conflict.

Copyright © 2002 Randall J. Monlux, PMP
--------------------------------------------------------------------------------
Randall J. Monlux, PMP is a Project Manager with over 20 years of experience in the Pacific North West. He as worked for such companies as 360networks, AT&T WS, McCaw and Siemens. His work has ranged from IT/IS Implantations to Software and Hardware Development. He is dedicated to bringing solid project management methodologies to the companies he works for. Randall can be reached at randall.monlux@bigfoot.com

posted by Sheldon Lennox 11:11 PM

 
Lockergnome 9/4/2002

SmallBluePrinter - Unearthed by Meryl Evans
http://www.smallblueprinter.com/
At work, I use a program called Visio to make maps and network diagrams. At home, I used to use the same program to map out the house or to help my wife and I decide if certain furniture would work better in one room over another. Visio is a nice program, but it can be a little much when all you need is a quick blue print; that's why now I turn to smallblueprinter.com. With this Web site I can quickly and painlessly setup the walls of my house and add windows and doors where needed. What's cool about this web site is that you can also do a 3D walkthrough of your creation or even view it isometrically (meaning that you can view it in 3D from an overhead angle). However,
most importantly is the capability to print out your blue print, which you can do either in landscape or portrait format. They don't call it SmallBluePrinter for nothing!

posted by Sheldon Lennox 12:24 AM

Wednesday, September 11, 2002

 
Miscellaneous

Bookpool
http://www.thawte.com/ - alternative digital certificates

posted by Sheldon Lennox 11:20 PM

 
Politech

"open relay"
- take a look at http://www.mail-abuse.org/tsi/ to see what an open relay means and why administrators block open relays.
- try sites like http://www.abuse.net/relay.html or just telnet to relay-test.mail-abuse.org. A much more comprehensive tester script by Ronald F. Guilmette is available at http://www.monkeys.com/mrt/.

posted by Sheldon Lennox 3:30 PM

 
W2Knews 9/6/2002

Security Advisors - http://www.wilders.org/free_tools.htm
Introduction to Security 101

posted by Sheldon Lennox 3:12 PM

Thursday, September 05, 2002

 
John Douglas, Grand Rapids Press

Anchor Bay - Michigan Based Video Company
Looksmart.com - look up Nosferatu, 1922 there (SpongeBob)
Lawbuzz.com - Bos & Glazier, Grand Rapids based law firm - has info about legal stuff in movies

posted by Sheldon Lennox 4:26 PM

 
Review: Tiny Personal Firewall v.2
Originally published Saturday, January 13, 2001

Tiny Software has several firewalls available for everyone from individuals to corporations. Tiny's Personal Firewall is a good entry-level product for those who need basic protection or want to evaluate the company's security technologies.

posted by Sheldon Lennox 1:47 PM

Monday, September 02, 2002

 
H@rd Drive C@fe - GR Press 9/2/2002

Homework Help:
Fact Monster
Lycos Zone
AOL at School
All Experts
Ask Jeeves for Kids
Big Chalk
Yahooligans
KidInfo
Ask Dr. Math

posted by Sheldon Lennox 3:53 PM

 
CramSession 8/23/2002

Alternative Certifications
The Information Systems Audit and Control Association (ISACA) offers the Certified Information Systems Auditor (CISA) credential. A surprisingly big and influential program, it has over 26,000 certified members (and possibly as many as 30,000 or more after the results of the latest round of exams are in, owing to over 10,000 registrants). In brief, a CISA cert identifies individuals qualified to perform IT audits that include general IS operations and best practices; disaster recovery and business continuity; business application development, acquisition, implementation and maintenance; business process evaluation and risk management; protection of assets, and IS management planning and organization topics. Recent salary surveys indicate the CISA has a measurable and positive impact on compensation and career growth. For more information, check out http://www.isaca.org/cert3.htm.

The Disaster Recovery Institute International (drii.org) offers three technical certifications at associate, professional, and master levels for certified business continuity planning planners and professionals. In the wake of 9/11, there's a strong demand for such people (over 100 companies ceased to operate when the towers went down; many of these companies couldn't restore their operations for weeks or months after the horrific events of that day) and such credentials are gaining recognition, momentum, and value. For more information, please visit http://www.drii.org/certification.html.

The IT Service Management Forum (ITSMF.net) is based on emerging ISO standards work toward an ITIL, or Information Technology Infrastructure Library, a way of essential encoding and standardizing best practices in many areas of IT and associated business processes. Individuals must learn about all 10 core ITIL functional areas at various levels of knowledge to qualify for foundation certificates and then to qualify for various manager's certificates at a deeper level of knowledge. Though the program is relatively new (less than 2 years old) it's already gained over 5,000 certified individuals. For more info, please see http://www.itsmf.net/certification/index.html.

posted by Sheldon Lennox 3:44 PM

 
LangaList Plus HTML Edition 2002-06-13

Speaking Of Hard Drives...
A standard reformat--- even with an FDISK--- does not delete data from a drive. It just makes the space occupied by the old data available for re-use. Until it's overwritten with new data (not a reformat, but actually written over with new files) the old data is still on the disk and *easily* accessible via simple--- even free!--- tools. (See http://www.google.com/search?q=free+unformat )

Even a low-level "factory" format does not completely erase the old data on a drive; it takes a little more effort to get at the data in this case, but specialized hardware and software still can read what's on a drive that's been low-level formatted. And if you want to get really paranoid: High-tech lab equipment can sometimes even recover data from drives whose old files have been completely overwritten with new data. This is a real issue in instances where a PC is being sold, given away, or sent in for service. Even if you've reformatted the drive and reinstalled the operating system, some or most of your old files still may be accessible. If the PC contained sensitive business or personal data, the new owners or repair techs may be able to get at it. For more info, and for ways to make your data truly non-recoverable, see http://www.informationweek.com/837/langa.htm.

Bogus "Low Disk Space" Notification
Every so often, XP would fire off a "Low Disk Space" warning, telling me that the new partition was running out of empty space. But I *wanted* the partition to have almost no empty space, so the warning was unnecessary--- and after a few days, really annoying! In earlier versions of Windows, it's easy to adjust or disable the low-disk-space warning, but there was no obvious way to do this in XP. So I went hunting and found this: http://www.winguides.com/registry/display.php/1051/. It's a 2 minute fix: You just add a new Registry value called "NoLowDiskSpaceChecks" and XP shuts up.

posted by Sheldon Lennox 2:56 PM

 
Handheld Developer #4 8/26/2002

Getting Started with NS Basic for Palm OS
posted by Sheldon Lennox 2:19 PM

 
Handheld Computing Aug/Sept 2002

ReturnBuy Direct - source for refurbished replacement PDAs.
GetHighTech.com - source for instructions on repairing PDAs.
StuffBak - label to help with return if lost.
CompanionLink screen protectors

Project Management Goes Portable:
Project Planner for Palm
Project@Hand
Project Wizard from PalmGear
Project Planner from PalmGear
SyncProject from www.globalsync.net
MindManager 2002 Mobil Edition from Mindjet

DateBk Cookbook

posted by Sheldon Lennox 11:42 AM

Saturday, August 31, 2002

 
LockerGnome 8/30/2002

Open Documents from FTP Site and Save Documents to FTP Site with an Office XP Program

http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q290142

Most people know that you can use Microsoft Office to make a fast and simple web page, using either Word or PowerPoint. The pain in this lies when you need to upload the files, as you have to launch your FTP client outside the application. Wouldn't it be great if you could just save directly from Microsoft Office to an FTP site? You can and this article will help you do it. This Microsoft Knowledge Base Article contains steps for opening a file from an FTP site, saving a file to an FTP site, and troubleshooting simple file open/save problems to an FTP site using Office XP. If you are using Office 97 or 2000, don't despair; this article also contains links to Microsoft Knowledge Base Articles for saving and opening files from an FTP site in your version of Microsoft Office too.

posted by Sheldon Lennox 2:00 PM

 
Cramsession Security Page

Many of our subscribers have asked us questions concerning IT security certification study guides. To help our users find the information they're looking for, we've created a Cramsessions For Security Certifications page on the web site. On this page, you'll find the full list of our security-related study guides, with links to all of them. Check it out!

Cramsessions For Security Certifications Page
posted by Sheldon Lennox 1:55 PM

Wednesday, August 28, 2002

 
Outlook Power Update 8/26/2002

THE EMAIL MARKETING FAQ
First up is an interesting eBook called "The Email Marketing FAQ: 100% Spam-Free Email Marketing Strategies that Work!" - $29.70. This is a really useful little book. The author, John Vorwerk, sells some email automation software and he does reference the software throughout the book. But he also describes useful techniques for managing your outgoing email (including some great Outlook tips), explains the different kind of email marketing options, shows how you can use email for marketing without being a spammer, and gives loads of examples. The key benefit to John's book, in my opinion, is that he shows you how, through opt-in lists, your own Web site, and careful communication, you can create a legitimate and professional marketing communications effort using email. And he also shows you what to avoid to make sure you're not one of those horrid spammers. Since every email from your company is marketing of some sort or another, this might prove a useful read. It's aimed a bit more at the entry-level reader, but still provides some useful resources to more advanced marketing folks. You can find the book at http://www.emailmarketingfaq.com/. Do be aware that the Web page itself is really, REALLY overblown, but the document itself is rather low-key and a good read.

INSTANT MESSAGING AND CONTENT MANAGEMENT
Moving from marketing to hard-core development, we want to report on an interesting development in the integration of instant messaging and content management. For those of you who haven't heard the term, content management is a type of software that's used to automate the production of Web pages and other forms of communications. We use content management software, a program called ZENPRESS, here at ZATZ, to produce our publications. Without it, we'd never get our publications out on time. The software takes care of all of the formatting and content collection, leaving our team to do the writing and true editorial work. In any case, a company by the name of UserLand has started to experiment with connecting instant messaging (right now, AIM or Jabber, eventually Windows
Messenger) with the Frontier and Radio UserLand content management systems. In effect, Frontier and Radio become "users" on the IM display and you can "talk" to them. Messages sent through IM can generate responses, or control the content management systems, depending on the design decisions of the developers. This is still in beta and I think it'll take a while for real-world uses to become apparent, but this is definitely a development to watch.

To learn more about this, visit http://frontier.userland.com/tcpIm. And to learn more about Frontier and Radio (tools we're HUGE fans of), visit http://www.userland.com.

posted by Sheldon Lennox 9:01 AM

Tuesday, August 27, 2002

 
Pocket PC Magazine CE Update 8/27/2002

Judging from the number of questions on this topic in the main MS Pocket PC newsgroup and in other Pocket PC forums on the Web, this newsgroup will be VERY popular: pocketpc.activesync. If you're having troubles connecting or synchronizing, post your woes to the group. And if you've come up with a solution to a knotty ActiveSync problem, please share your wisdom. If you have a news client, you can find the newsgroup on the news.microsoft.com news server as microsoft.public.pocketpc.activesync. If you don't have a news client, Chris De Herrera's site features a newsgroup portal that lets you participate via your Web browser: http://www.cewindows.net/newsportal/

posted by Sheldon Lennox 9:31 PM

Monday, August 26, 2002

 
Lockergnome 8/26/2002

Backflip - http://www.backflip.com/

Being a computer technician, a lot of people come to me for computer advice. Although I can usually help them over the phone, sometimes I have to make a trip to their computer. It's frustrating when you know you have the link in your Internet Explorer Favorites to a Web site that contains a fix you need for their machine. Wouldn't it be great if you could access your favorites from any computer on the Web? Backflip.com lets you do this, and even a little bit more! When you set up a free account with Backflip, you get a personal Web page like you do with most similar services, but instead of having to manually type in all your Favorites, you can import them and then organize them. This Web site even has a search section where you can search through your Favorites, Public Folders, or the Web. You can also click a tab to get your Internet favorites listed in alphabetical order. You can take Backflip one step further by adding the "Backflip It" link to your Internet Explorer, and then all you would have to do is click the "Backflip It" link to add a Web site to your new online favorites. Backflip.com is a great alternative for people that have multiple computers or for people who worry about the stability of their machine. [BS]

posted by Sheldon Lennox 12:24 PM

 
Ameritech DSL page

ameritech business DSL

posted by Sheldon Lennox 10:06 AM

 
Tom Rademacher Sunday, August 25, 2002

There's treasure in them thar hills - http://www.geocaching.com/

posted by Sheldon Lennox 9:30 AM

Sunday, August 25, 2002

 
LangaList Plus HTML Edition 2002-08-26

Then I ran across a tool called Restorer2000. They had a free demo, so I tried it. Wow. It bypassed the MFT and went directly to a sector scan of the drive. After about 20 minutes, I had a display of the entire contents of my harddrive. Of course, the demo version did not give you the ability to do a restore, but the ability to actually read the drive was encouraging. And the price - $49 for the "pro" version. I figured it was a good bet for $49, so I bought it.

Best $49 I ever spent on utility software. Inside of an hour, I was back up and running with all my data restored. I have since had the opportunity to use the software on other "dead" drives and it was always able to recover some level of data, even after a format. The downside is that this utility only works on NTFS partitions. If they came up with a version that worked on FAT partitions, they would have the market cornered.

Just wanted to drop you a note to tell you about this wonderful utility at a bargain price. The web link is http://www.restorer2000.com .

11) Plus! Edition Extra: Synchronizing Outlook Calendars
Max Blumberg asks: Hi Fred. A friend and I are starting a business, each of us working from our own homes. We both use Outlook to manage our diaries and wondered if there was any reasonably priced (or freeware) web-based utilities that could help us achieve this? Thanks for a great newsletter. Regards Max

There are several ways to do this. You'll find literally dozens of ideas at http://www.slipstick.com/outlook/sync.htm ; older versions of Outlook are covered at http://www.co.humboldt.ca.us/OutlookHelp/graphics/sync/syncronization.htm ; and the "group schedule" feature of Outlook 2002 is detailed pretty well at http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q293162& .

If none of the above do the trick, there's lots more info at
http://www.google.com/search?q=Synchronizing+Outlook+calendars

posted by Sheldon Lennox 11:02 PM

Saturday, August 24, 2002

 
Connected Home Winter 2001

Mark Minasi - recommended USB hub - Aten Int'l UH-107 www.aten.com

Connected Home May 15, 2002

www.connectedhomemag.com
Remote Desktop - Instant Doc 24752
Videoconferencing on the Cheap - Instant Doc 24754
Hosting a Web Site from Your Home - Instant Doc 24756

posted by Sheldon Lennox 11:11 PM

 
CPU September 2002

Wireless Review:
- 802.11a -> Netgear HE102
- 802.11b -> US Robotics USR8011

Bleeding Edge of Software
AddsUp 4.5 Beta - www.addsup.net - Adding machine tape.
NetSwitcher 3.2.6 Beta - www.netswitcher.com - manage multiple network settings.

Linux
Favorite Distro -> SuSE 8.0 $80 - www.suse.com

Hack the Xbox
Mod chips - Prefer Enigmah (patched code)(www.gamegizmo.com) over Xtender (hacked code)
Can buy Xbox with Enigmah from lik-sang.com
Other web resources:
The Xbox Forums
XboxHacker.com
Xbox Hackz

posted by Sheldon Lennox 10:50 PM

 
Maximum PC July 2002

Remove Windows Messenger from Win XP:
- Close ALL applications
- From command line: RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove

Bootdisks:
- : Click on 'Boot Disks' link, scroll to bottom, click on 'Boot Disk Essentials', click on download link, and click and download 'wbootess.exe'. Execute after download to create a bootable floppy with many more standard tools. Can also check out for other bootdisk options.

posted by Sheldon Lennox 9:34 PM

 
LangaList Plus 2001-12-06

5) Clever Way To Grab Old Drivers, Etc.
You can look up old drivers for defunct out of business hardware manufactures, or even old news, and stock reports etc: http://www.archive.org/

7) Free PC Software Audit
http://www.belarc.com/Download.html
The "Belarc Advisor" "builds a detailed profile of your installed software and hardware." It runs on Windows 95/98/Me, NT 4, Windows 2000 and XP, and creates a local web page (one that resides on your PC---nothing is sent back to Belarc). The page contains a rundown of all the hardware in and attached to your system, plus information on all the installed software including license and version numbers.

12) Plus! Edition Extra: Reader Pick:
ClipCache Plus, MultiMacro. You'll find both at http://www.xrayz.co.uk

The software author explains it this way: Never lose another address, phone number or other important bit of data again! This powerful, easy-to-use clipboard enhancement tool sits quietly in the system tray monitoring all clipboard activity. Text can be instantly edited on the spot using any of the many handy cleanup functions available, such as removal of the annoying ">>>>>" from emails which have been forwarded too many times, removal of large gaps and white space from emails or web table pasteups, removal of linebreaks and dozens of other marvelous features....

posted by Sheldon Lennox 10:47 AM

Friday, August 23, 2002

 
Mark Minasi 10/25/2001

Understanding IPsec
posted by Sheldon Lennox 9:58 PM

 
Mark Minasi 8/21/2001

Protecting Your IIS
posted by Sheldon Lennox 9:17 PM

 
Adobe PDF Conversions

http://www.adobe.com/products/acrobat/access_email.html

posted by Sheldon Lennox 7:54 PM

Thursday, August 22, 2002

 
TNPC 8/22/2002

Spam rules

** 02. Fighting Spam - Part IX (by Dan Butler)

If you missed previous articles in this series you can find them here: http://www.TheNakedPC.com/t/517/tr.cgi?dan1

First consider two different ways of filtering spam. You can either identify the spam or identify the legitimate email. MailWasher attempts to do both. Long term you'll have less upkeep and more success if you focus on identifying legitimate email. With that in mind let's look at two examples of filtering email. My personal spam-handling technique involves my home network. One of the machines, a Pentium 233, runs Linux. Nothing fancy - works great. Fetchmail downloads my email at set intervals, runs it through procmail where SpamBouncer takes over and files it. Then I use Pegasus mail to download the mail from Linux to my Windows 2000 box. Sounds complex but it's really very transparent. All of the software used in the system is free, except Windows. Spambouncer is a set of procmail recipes. You configure four to six files depending on your setup. After that it just filters the mail. In my case it catches 800-1000 spams per week, deletes all the viruses, and files all of the bounces and miscellaneous messages that come through. Is this system effective? Total spams that slipped through last week: 1. I've haven't had a single virus pass through since I've started using it. False positives on the email are about 2-4 per week. The key is that it is entirely hands-off at this point and consumes a total of about three minutes a week to maintain. It took me a few weeks to get all the filters in place and now it's hands off. Read more about SpamBouncer here: http://www.TheNakedPC.com/t/517/tr.cgi?dan2

I realize that most of you won't be interested in setting up a Linux machine just to filter your email. That isn't all I use that for; I spend a large portion of my time with Linux.
So where does that leave the rest of you? Here is a simple solution that will filter your mail about like SpamBouncer does. The process is called "Reverse Spam Filtering." All you'll need is your email client's filters or rules. The specific rules you'll use will move messages to folders. Check your help file for the specifics of your client. In your client you want to create several types of rules. The first checks to see if a message is from any mailing lists you belong to--TheNakedPC.com for example--and deals with it appropriately. I filter mailing lists into folders but you may prefer to keep them in your inbox. Second - check to see if the email is from a friend of yours. If it is, exit the filter and the message ends up in your inbox. Call this your "green" list. Third - check to see if the To: or Cc: field of the email is addressed to you. If so consider this email "yellow." Either leave these in your inbox or put them in a separate folder for later perusal. Finally all other email is considered "red" and put in a potential spam folder. Check that folder periodically for legitimate email, adjust your mail filters, then delete the rest. In my case I use my email client to change all my "green" email to a different color depending on who it's from. Makes it easy to keep the business and personal mail apart. Not all clients support this feature. Pegasus and Eudora do.

If this sort of approach interests you check out Nancy McGough's "Reverse Spam Filtering" page at Infinity Ink. At times things will sound technical but they just aren't that difficult. It is a "work in process" but has lots of links and information on this topic: http://www.TheNakedPC.com/t/517/tr.cgi?dan2

As you set up your filters keep in mind how much time you are spending. Make sure you aren't adding time to your day. Start small and be diligent. Soon your email client will sift and sort your email and you'll wonder how you ever got along any other way.

posted by Sheldon Lennox 6:36 PM

 
Wininfo Update 8/22/2002

The Ten Immutable Laws of Security
http://www.microsoft.com/technet/columns/security/essays/10imlaws.asp

Shatter Attack
http://security.tombom.co.uk/shatter.html

posted by Sheldon Lennox 6:20 PM

Wednesday, August 21, 2002

 
LangaList 8/22/2002

NTFS Reader for DOS allows you to browse and copy any files you want from an NTFS partition - place a copy of this software on a bootable diskette and keep it for emergencies. Boot from this diskette, run the NTFS Reader and hey presto! copy any file on any NTFS partition you can find. NTFS Reader for DOS can be downloaded from http://www.ntfs.com. The boot disk that you create can be a DOS or Windows 9x one.

posted by Sheldon Lennox 10:27 PM

 
PocketPC Thoughts 8/20/2002

dual CF Ipaq adapter - $50
Pocket Plan 1.0 - $30

posted by Sheldon Lennox 8:50 AM

Tuesday, August 20, 2002

 
WinXPnews 8/12/2002

Set Up your Windows XP Computer as a VPN Server
Last week I wrote about how I was able to connect to my home network and get work done while on the road. Several of you wanted to know how I did it because you wanted to do the same thing! VPN is a cool technology that isn't that hard to learn, it just takes a little legwork in advance to get things working. You have a lot of options when it comes to VPN. You can use a Windows 2000 Server or a hardware "black box" VPN server solution. However, if you already have a Windows XP computer on your network and an "always on" connection (like T1, cable or DSL), then you might want to use your Windows XP computer as your VPN Server. Check out an article I wrote for TechProGuild for more details (you'll have to register for a trial subscription to read the article, but it's free). One thing I didn't mention in that article is firewall software. Make sure you enable the ICF and allow PPTP connections through. Enjoy!
http://www.winxpnews.com/rd/rd.cfm?id=020813TI-TechProGuild


posted by Sheldon Lennox 11:30 PM

 
Lockergnome 8/12/2002

KF Web Server v1.0.6 [644k] W9x/2k/XP FREE

http://www.keyfocus.net/kfws/

{Web server} You work for a small company and your boss just came in to your office. He said he wants a company Web site, and he wants it up NOW. What do you do? Do you try to sign up with Web hosting even though you know that budget is an issue? Why go through that rigamarole when you could install KF Web Server onto a machine your company already owns? KF Web Server is a fully functional and free HTTP Web server "that can host an unlimited number of Web sites" (depending on Web traffic). KF Web Server can host multiple domain names and "listen" on many different ports. This application comes with a wide variety of features, which can all be configured and administered via Web browser. Some features include custom error messages, HTTP compression, CGI/1.1 support, logging, plus many more. KF Web Server also comes with built-in countermeasures to prevent Denial of Service and password dictionary attacks. KF Web Server is a great way for a small company to gauge the impact of the Internet on their business without having to shell out a lot of money (at least initially). CAVEAT: I personally recommend using this ONLY if you have a high- speed, always-on connection.

posted by Sheldon Lennox 11:24 PM

 
Developer .NET Update 8/20/2002

* PLANNING ON GETTING CERTIFIED? MAKE SURE TO PICK UP OUR NEW EBOOK!
"The Insider's Guide to IT Certification" eBook is hot off the press and contains everything you need to know to help you save time and money while preparing for certification exams from Microsoft, Cisco Systems, and CompTIA and have a successful career in IT. Get your copy of the Insider's Guide today!
http://lists.sqlmag.com/cgi-bin3/flo?y=eNAj0CPWkW0Bbp038F0AH

posted by Sheldon Lennox 10:23 PM

 
Disaster Recovery Whitepaper

Backup tapes alone do not ensure successful and rapid disaster recovery. Anyone restoring your systems needs to know the pre-disaster state of the IT infrastructure.
To perform rapid disaster recovery, your team needs to have answers to questions like:
- How many servers, desktops, and network devices were there?
- What was the exact configuration of each?
- What is the order in which to restore systems?
- What systems depend on other systems?

Backup tapes don't give you answers to these questions, but accurate and current configuration reports that detail every element of your IT infrastructure DO. Additionally, you can often recover faster by reinstalling systems and using configuration reports to configure settings back to their original state. Many companies simply do not take the time to thoroughly document their IT infrastructures. Done manually, it is too expensive and time consuming…. and by the time documentation is written, it's obsolete!!

Download Paul Robichaux's free whitepaper entitled "Protecting Your Infrastructure Investment with Automated Documentation," to learn about the dangers and costs associated by "flying blind" with insufficient or non-existent system documentation. Discover the time and resource savings attainable through ongoing, automated, configuration reporting and change tracking. https://www.ecora.com/ecora/recovery/


posted by Sheldon Lennox 5:17 PM

 
LangaList Plus 8/15/2002

http://www.techbargains.com

posted by Sheldon Lennox 4:38 PM

 
CTO Source 8/20/2002

"CTOs should work to be in the loop with a 'business' seat at the management table, not just [focus] on technical responsibility," says Mark Torrance of Knowmadic. "Knowing enough about the business and financial side of how your company operates to recognize issues like those at Enron should be a normal part of the CTO's responsibility. A big part of this education involves staying on top of trends in both technology and business."

Torrance adds a cautionary note. "The CTO's view shouldn't end [with technology concerns]. They should also take the initiative to ensure that financial and sales management systems incorporate appropriate audit trails, checks, and balances to ensure that the enterprise can operate, and measure that it is operating in a fiscally responsible manner."

For the whole story, see: http://www.infoworld.com/articles/ct/xml/02/08/19/020819ctenron.xml

posted by Sheldon Lennox 2:50 PM

 
W2K news 8/15/2002

Time Flies Between Disasters

And IT chiefs ignore disaster recovery... You all know that for many, many years I have hammered on the topic of crisis management and downtime prevention. In my editorial corner I have suggested that business continuity professionals get more involved with the IT planners that have disaster recovery plans as their responsibility.

As a company, you need to be ready for unexpected crises. You need to sit down with your disaster recovery team and go through multiple scenarios that could go something like: "A disgruntled worker from another company in our building walks up to the main breaker box on the outside of the building and flips all the switches in a fit of rage to "get even". He does not care about the other renters in the building and shuts all the power down within 1 minute. What is going to happen to our data? What would we lose? How fast would everyone be back up and running? How can we prevent this?"

This would be a highly useful thing to do. The result would be a script that documents all the specific actions in the right sequence to get things back up. Make sure that script is available, gets drilled, and is known by all people involved. And make sure you have your data backed up off site so you actually can recover the disaster!

There is a Forrester Research survey indicating that Fortune 500 companies spend an average of 0.0025 percent of revenue on security, less than the budget of the coffee concession. "If you spend more on coffee than you do on security, you will be hacked. And moreover, you deserve to be hacked". (Richard Clarke in 'Digital Pearl Harbor')
http://www.w2knews.com/rd/rd.cfm?id=020815ED-Security

Here is the article on IT Chiefs ignoring disaster recovery:
http://www.w2knews.com/rd/rd.cfm?id=020815ED-IT_Chiefs

And here is the #1 Best Selling tool to implement disaster recovery:
http://www.w2knews.com/rd/rd.cfm?id=020815ED-Double-Take


FBI Warns Against "WarDriving"

This is an abbreviated and edited version of an email from an FBI agent:

"It has recently been brought to my attention that individuals/groups have been actively working in the Pittsburgh area as well as other areas of the United States including Philadelphia, and Boston, and the rest of the world for that matter, to identify locations where wireless networks are implemented. This is done by a technique identified as "Wardriving."

Wardriving is accomplished by driving around in a vehicle using a laptop computer equipped with appropriate hardware and software (http://www.w2knews.com/rd/rd.cfm?id=020815TP-WarDriving) to identify wireless networks used in commercial and/or residential areas. Upon identifying a wireless network, the access point can be marked with a coded symbol, or "warchalked." This symbol will alert others of the presence of a wireless network. The network can then be accessed with the proper equipment and utilized by the individual(s) to access the Internet, download email, and potentially compromise your systems. In Pittsburgh, the individuals are essentially attempting to map the entire city to identify the wireless access points, see here:
http://www.w2knews.com/rd/rd.cfm?id=020815TP-WiFi

Also, check this article from pghwireless.com:
http://www.w2knews.com/rd/rd.cfm?id=020815TP-PGHWireless

Identifying the presence of a wireless network may not be a criminal violation, however, there may be criminal violations if the network is actually accessed including theft of services, interception of communications, misuse of computing resources, up to and including violations of the Federal Computer Fraud and Abuse Statute, Theft of Trade Secrets, and other federal violations. At this point, I am not aware of any malicious activity that has been reported to the FBI here in Pittsburgh, however, you are cautioned regarding this activity if you have implemented a wireless network in your business. You are also highly encouraged to implement appropriate wireless security practices to protect your information assets, check this link for that:
http://www.w2knews.com/rd/rd.cfm?id=020815TP-Wireless_Security

There are several articles available with additional details including:
http://www.w2knews.com/rd/rd.cfm?id=020815TP-WarChalking
as well as:
http://www.w2knews.com/rd/rd.cfm?id=020815TP-PGHWireless2

If you notice these symbols at your place of business, it is likely your network has been identified publicly. If you believe you may have been compromised or if you have any questions regarding this activity, you are encouraged to contact the appropriate law enforcement agency


posted by Sheldon Lennox 12:54 PM

 
Lockergnome 8/15/2002

Math tricks at http://math.educations.net/

posted by Sheldon Lennox 12:38 PM

 
Declan @ politech 8/17/2002

Economist articles on privacy:

http://www.economist.com/displayStory.cfm?Story_ID=1280806
"Surveillance and privacy:Go on, watch me
Aug 15th 2002

http://www.economist.com/displayStory.cfm?Story_id=1280634
Surveillance:Something to watch over you
Aug 15th 2002

posted by Sheldon Lennox 11:53 AM

 
Lockergnome 8/19/2002

Trusted Messenger - An Instant Messenger You Can Trust

Trusted Messenger is an instant messaging software solution that runs exclusively on a business's internal network, providing a secure solution that ensures confidential messages cannot be intercepted by outsiders. Trusted Messenger uses peer-to-peer technology to enable network users to communicate in a fast effective manner, without the delays associated with email or other Internet based solutions. Trusted Messenger enables individuals to contact any of their colleagues through their user name or computer name, or even send a message to everyone in the office simultaneously with just a single click. When Trusted Messenger is first run, it automatically scans the network and lists all the available PCs, so users can immediately send messages without having to worry about complicated setup procedures.

Trusted Messenger requires Windows 95, 98, NT, 2000, ME, or XP, a Pentium class processor, 16 Mb of RAM, and 2 Mb of free hard disk space. Trusted Messenger is available immediately, and may be purchased securely online at http://www.trusted-messaging.com.

Trusted Messenger is sold per computer. Quantity discounts are available. Pricing starts at $ 74.75 for a 5 workstation license, and $129.50 for a 10 workstation license.
A free evaluation version of Trusted Messenger can be downloaded from http://www.trusted-messaging.com.

posted by Sheldon Lennox 11:43 AM