The Mystery Of The Disappearing Fish

Over the years, we've helped a lot of people open new businesses.  Many have been successful and some have failed but probably the most interesting was the local Pet Shop that we were hired to automate.  We were approached by a man opening this pet store to install point-of-sale computers and software at the last minute before they opened for business.

We rushed everything in and did a pretty good job of getting everything ready for them.  I even stayed around to help them learn how to use the software which they got from their supplies vendor.  How tough could it be, right?

The shop was pretty, the shelves were stocked, the birds were in their cages and the puppies were frolicking in their enclosure.  All was right with world, right? . . . Until . . . the owner approached me with a problem.  His fish tank was empty.  Almost all of the fish he had purchased for resale were gone!  He asked me if I could help him figure out where his fish went.  IT guys must know something about aquarium keeping, right?  I helped him examine all of his tanks and sure enough all but one was empty.  He then explained that he had put all of his expensive marine fish into one tank so nothing would happen to them and all but one fish was gone. 

Now, I'm no fish expert but I've had marine tanks before and even I know that not all marine fish play well together and they need to be kept together with "compatible" playmates.

We looked into the one tank he claimed he put all of the expensive marine fish and sure enough there was only one fish left . . . a really satisfied looking and well-fed Lion Fish.  Uh, boss, you put all the fish in a tank with a carnivore!  He had eaten all of them faster than you could say "fish food".  That's where are your other fish went.  So much for the aquatics department.

Then things started to become apparent that there was a disaster in the making here.  As I watched over the employees entering data, the question of what to charge came up and the owner sidled over to me and whispered "What should I charge for the bird seed? . . . the dog biscuits?  . . . the kitty litter?"   Now IT guys were pricing experts too?  I didn't like where this was heading.  The guy didn't know what the market price was for anything!  I asked him what his competitors charged.  Didn't he "shop" his competition before starting this venture?  His response "Uh no, they might recognize me."

Finally, the day of the grand opening was at hand and the shop still wasn't ready as the employees were still trying to guess at what to charge for everything.  Customers were knocking at the door and each time the owner would shout "Go Away, we're not ready!" and the rest of us would cringe.

When the owner wasn't looking a customer sneaked in and found a puppy he wanted to buy for his wife.  He marched up to the front counter with tiny puppy nestled into the crook of his arm and demanded "How much for the dog?"  I called the owner over and asked him the same question.  He whispered back "What should I charge?"  Taken aback, I replied "Well, what did it cost you?"  His response?  "Uh, I don't know."  Uh, oh!  Finally, I whispered to him "Will you take such-and-such?" and he replied "OK" and the shop made it's first sale before the owner could change his mind.

Sadly, that moment turned out to the high point for the Pet Shop and within 6 months, I got a call from his bank asking if I wanted to buy a "well stocked" Pet Shop.  I got to know the banker when the checks from the pet shop started bouncing and I had to hand carry them into the bank for redemption.  Apparently, disappearing fish weren't the only problem.  It also had a bad case of disappearing customers and disappearing cash.

Read More

Agent of the Devil?

I was reminded today about how hard it is to make all customers happy all of the time after a difficult conversation with a client who objected to a 15 minute service call that I personally performed on their network server.  I thought I was being generous by only charging our minimum for a service call that really lasted a lot longer than that.  Let's just say we "disagreed".

It brought to mind one of our most unusual customer encounters that happened early in our corporate history.

When Debbie and I first opened our computer company, it was in the retail market located in a shopping mall and we positioned ourselves to compete with Eggheads Software, the big IT dog on the block.  We differed from them in that we sold computers too and not just software.   Back then, the company was call "The Wizard's Computer Shop"  Cute, huh?  Well, I thought so anyway.  

One day, I spent hours with a woman who wanted to home school her children and was looking for a computer with educational software that she could use.  Finally, we put together a package including special order software that seemed to meet all of her needs and she took everything home to get started.

About a month later, I spotted this same lady with a look of grim determination wheeling a full shopping cart directly toward our shop.  Before I could say "Hello" she demanded in a very loud voice  "I WANT A REFUND! Take this all back!"  Why, I asked, did something break? "No!" She replied.  "I talked with my friends at church and YOU ARE AN AGENT OF THE DEVIL!"  That got everyones attention and customers started to ease their way towards the door.  Now, I've been called a lot of things in my life but that was a new one and it begged the obvious question "Why do you think that?"  Because, she replied, you own "The Wizard's Computer Shop" and wizards are agents of the devil so that makes you one too!  I asked if there was anything wrong with the computer or software she bought.  No, she replied, but I was in "cahoots" with the devil so she wanted her money back.

I patiently explained that she had registered the computer warranty so no one else would get a warranty and the software llcenses were not legally transferrable.  They couldn't be sold as new so I couldn't comply with her request.  "Besides, ma'am," I said, "You knew the name of our company when you came in here in the first place.  Why was it a problem now?" 

What to do?  This woman had come up with probably the most unusual (and may I say at least a little insulting) way to ask for a refund.  After much back and forth, I came up with an idea that she found acceptable.  I would take the used computer back "on consignment" and sell it as used and give her all of the money as I sold things.  It took a few weeks but I eventually made her reasonably happy.

I sometimes wonder if she went back to her friends at church and told her that she made one more deal with the devil (or at least his agent).

PS.  We changed the name of the company shortly after that.

Read More

Pros and Cons of Office VOIP

The Pros 

VoIP Helps You to Save Money on Subscription and Start-up Cost
That's what first gets everyones attention, the lower cost.  Be careful though, not all plans are the same and a poor choice can actually cost you more and lock you into a long term contract that's tough to break.

Wireless VoIP Equipment is available at consumer level prices.
That can be another savings but resist the urge to go ctoo heap and use superstore discount consumer grade equipment.  There's a lot more at stake at the business level than at home.  Grandma will forgive a dropped call, your prospective client may not.

You can potentially save money on message units and long distance calls
Depending upon the provider, you will probably not be charged for long distance calls so if you make a lot of those, your on-going cost savings could be significant.

The Cons

VOIP is Highly Dependent on Bandwidth and Power
With VOIP everything depends on your broadband connection. I f the connection goes down, your phone line goes down as well.

Unlike the traditional telephone (POTS) lines, you need to plug your modem or router into the electric power supply for it to work. If there is a power interruption, your phones go down as well.

Mixing VoIP and Data Can Potentially Degrade Call Quality
Since voice and data share the same bandwidth, unless properly provisioned you run the risk of one service negatively impacting the other.  This is probably the most common complaint we hear about VOIP services providers.

Security Might Be a Concern Over WirelessIf you're going to blend VOIP and wireless network, the security complications can get pretty intimidating.  This isn't something you want to do without professional help.

International Calls
If you make International calls, be very careful.  We've seen instances where the rates for these calls can actually be higher not lower than traditional phone rates.

911 Calls
Make sure your VOIP provider can handle emergency call properly.  Unlike traditional phone services, the PBX handling your VOIP service may not be local and routing calls to 911 can be a problem.

Read More

Java As A Source Of Malware

Don’t be so quick to blame Microsoft the next time a PC on your network gets infected.  More often lately, the vulnerability that caused your infection may have been caused by Java which is an add-on from Oracle not Microsoft.  Other frequent targets of malware writers are Flash Player and Acrobat from Adobe and similar browser plug-ins and utilities.

This entry addresses vulnerabilities within Java.  We’ll talk about the others in future posts.

Is Java Malware? NO! Absolutely Not! – Some users still don’t understand Java. It’s a needed tool for your browser. It’s what makes some automated components of web sites you visit or web enabled problems you use work. You CAN turn it off but the consequence is that some web content may not function as intended.

Because companies like Oracle and Adobe have been slower to patch vulnerabilities in their software than other companies, they have become targets of malware writers because of that slow response time and the ubiquity of  programs like Java, Flash Player and Acrobat in over 1 billion computers worldwide. 

When they find a vulnerability in a program like Java, they have a bigger window of opportunity to run wild on the Internet and on your computers before that vulnerability gets repaired.

The consensus in the industry is that Java attacks will continue to increase -  Malware authors are targeting plug-ins like Java because they are more easily exploited than products systems like Windows which are more frequently patched.  Check for updates from Oracle frequently to reduce your exposure.  

Upgrade to Java 7 Right Away - Oracle has retired Java 6 - Users are slow to apply Java upgrades for a variety of reason  – In the American workplace at least 61% of Java users were still using Java version 6, versus 11% on Java 7, and 21% are using a version of Java that couldn't be detected.

Java 6 will Auto-Replace Itself as of February 2013, "Uh, sometimes!"  Make sure your system upgrades Java if prompted.  Don’t “IGNORE” the update warning messages!

Are There Fake Java Updates?  -  Sadly yes, some attackers have exploited the confusion about Java  by crafting malware which pretends to be a Java update from Oracle. That's a reminder to only install updates obtained from the Java website.

Read More

Dealing With BYOD In Your Business

Mobile Device Management needs to be every organization's top priority

With BYOD (Bring Your Own Device), businesses face an ever-growing threat to IT security and it’s important for you to address it as soon as possible.  Without proper controls in place, it creates a giant hole in your network security. 

The Pew Research Center conducted a national survey recently that revealed:

·     12% of mobile device users store work passwords on their personal device.

·     19% of mobile users stored work documents on their personal device.

·     58% of mobile phone owners do not back up the data on their devices.

·     Nearly 1 in 3 mobile phone owners (31%) have lost their phone or had it stolen.

 

Businesses can be easy targets

According to a recent study, forty percent of all cyber-attacks are directed at small to medium-sized businesses. A recent industry report also noted that mobile-targeted malicious software has virtually exploded in the last year and is expected to continue to grow exponentially.  Not controlling mobile device access to your computer network dramatically increases your business vulnerability to malicious intrusion. 

IT managers have traditionally managed security for company-issued desktops, laptops and devices but policing employees whose personal gadgets connect to the network presents a dramatic new test entirely.  Making sure that personal devices that connect to the network are properly secured with anti-virus/malware and are securely locked down is a particularly vexing new issue.  Employees may even resist your efforts to controll their personal devices.

“When you get that brand new Droid, load it up with apps and then plug it into your work PC in order to update or sync necessary files, your company’s IT guy has to worry about whether that last app you downloaded might infect the entire network,” personal security expert Robert Siciliano recently wrote for InfoSecIsland.com. 

Your IP environment is changing. Your network protection tactics need to change, too. Your company’s security is too important to jeopardize.

What can you do to protect your network? 

 

Determine which devices and operating systems you're willing to support. – Not all devices will meet the security requirements of your organization and nothing says you have to let every device access your network.   Give employees that want to access the network some parameters to go by when they shop for new devices.

Write clear and concise policies laying out what is and isn't allowed for all employees who want to use their personal device and have them sign off on them.

Enforce encryption of data at rest – any apps that download and store data on the device should protect that data. If a PIN or passcode is cracked, you want to make sure that data is still protected.

 

Determine which types of apps are off-limits.  There are hundreds of thousands of apps available, which will you permit?  Keep in mind that many apps have no business on your network!

Train your employees to make sure they understand how to correctly use their applications, make the most of their mobile capabilities, and watch for suspicious activity.

Consider mobile device management software that can provide secure client applications like email and web browsers, over the air device application distribution, configuration, monitoring, and remote wipe capability.

 

Inventory authorized and unauthorized devices and use identifiers like PINs or MAC addresses to keep track of who is doing what on your network.

Inventory authorized and unauthorized users – Remember, access to your network is a privilege and not a right.

As we described earlier, security for Mobile Devices is not a one time shot.  It’s an on-going process.  If you don’t remember that, eventually you’ll get burned.

 

Read More

The Business Value of a Virtual CIO

What's a Virtual CIO, you ask?  Good question!

Most small organizations can't afford to have an experienced IT Information Officer on-staff all of the time.  It's just not in the budget and truthfully in most instances a full-time IT Manager isn't necessary.  BUT . . . every organization will hit periodic points where it's nice to have that experienced professional who can guide them over the rough spots in technology to the BEST solution for the business because they've seen the situation before and know the pitfalls to avoid.  That's what a Virtual CIO does!  We give guidance when you're in unfamiliar territory and help you keep your IT resources operating at their most efficient levels.

Here's an example of what a good Virtual CIO can bring to your organization - An organization that I worked with decided it was time to replace their accounting and customer tracking system without involving me until after the new purchase contract was signed.  They didn't bring me in early on in the process because they thought they understood their needs better than I did which may have been true but they didn't have any experience dealing with buying software before and didn't understand the technical aspects of such an acquisition.

I was finally brought in to "implement" what they had already purchased.

Now for a little background.  My company had worked with this software company before and didn't have a lot of respect for them and we did have an in-depth understanding of the client organizations operation.

I started doing a little checking and determined that:

1. The sales person had oversold the ability of the software
2. The software wouldn't do half of what the client thought it did
3. The software was still in development and wouldn't be available until well after the deadline.
4. The contract didn't include the cost of retraining the client staff on the new software.
5. The cost of migrating the data from the old system to the new one was "extra"
6. There were going to be a need for significant hardware upgrades to support the new software if and when it was ready. That really jacked up the total cost of the project
7. - 999 and the list of problems and issues went on and on

It took me only a few hours to put the puzzle pieces together and determine that the contract needed to be cancelled.  It took a little while and a few threats but we got the clients check back from the software vendor.

The next steps involved setting up a formal software evaluation process with interviews, reference checks and product demonstrations.  We pre-screened the software vendor candidates to weed out the time wasters and standardized the way proposals were presented to keep things consistent.  This time, I was involved in every meeting and was available to ask  the pointed technical questions to help the client make an informed decision.  In the end, the client got exactly what they wanted and knew exactly what it would cost for everything.

A good Virtual CIO develops an in-depth understanding of your business and your industry combined with the technical expertise that can save you time and money implementing whatever it is your business needs. 

Read More