Archive for the ‘SharePoint 2010’ Category

« PREVIOUS

PRIMER: How are Disaster Recovery and Backups Different?

April 16th, 2013
Posted by: Donna Hemmert

So, you are working through your go-forward IT strategy and need to make sure that you have things covered should something go wrong. Pretty quickly, you notice that the terms “Backup” and “Disaster Recovery” are quite often being used interchangeably. But, the truth is, they are different. Related, yes, but different.

Backup

Backup really can be defined very simply. Backup is just a copy of your files on another disk (or tape, cloud, etc.). In fact, if you copied each and every file to a DVD (and we are not sure why you would do that), that would be a backup. Having a full backup that is up-to-date means that when you lose a few files or a whole drive or more, you can take the time it takes to copy those files back once your systems are ready to rock. But, it can be a time-consuming disruption. You will likely need to setup a new server(s), re-install the OS, and reinstall all the applications, etc. There are two ways to backup your systems:

  • Onsite Backup: This is when you backup locally to some kind of physical storage option. These solutions are capable of imaging servers and storing data locally so you can recover from incidents.
  • Offsite Backup: This is when you backup your data to an entirely different location. This, of course, helps protects you in the case of an entire geographic location being affected by a disruption. Also, often organizations need offsite backup to be in line with compliances such as those rules defined by Sarbanes-Oxley, HIPAA, FISMA, NASD and NYSE, etc.

Disaster Recovery

So, what is Disaster Recovery? Disaster recovery is beyond backup. The big benefit of disaster recovery is that rather than taking what may be days or months to recover for an unplanned outage, Disaster Recovery will greatly shorten that time.

With Disaster Recovery, a complete image of your disk drives and servers are mirrored. This is sometimes referred to as a “bare-metal” backup, meaning the backup isn’t just the files, but the OS and everything. For example, with AISN’s Disaster Recovery service, we replicate the “bare-metal” backup image to another geographic site so in the event of a disaster in one geographic location, it can be restored from an entirely different geographic location. This gives you added protection and the image(s) allows you to restore systems more quickly – there is no need to reinstall an OS and copying files. The amount of time it takes to actually continue operations after a disaster also depends on whether you choose “Hot Site” or “Cold Site.” So what is the difference?

  • “Hot Site”: Environments are available at a moments notice. So, in the case of an outage, all data processing can quickly be moved to the “Hot Site” and operations continue.
  • “Cold Site”: Critical applications are available at a secondary location. This is similar but is supplied as basic office space, but with “Cold Site” the customer provides and installs all the equipment needed to continue operations. It is less expensive but will take longer for full operations to continue.

So, that’s really all there is to it from a high level. You really need to understand what your goals and objectives are. Do you need systems available in minutes, hours or would days be just fine? Is backup just fine, or do you need Disaster Recovery? And what level of Disaster Recovery do you need? There are lots to consider, but remember, we are always here to help you think through your IT plans.

TAGS:

CATEGORIES:

No Comments »

10 Dangerous Risks to Your Server Security

February 27th, 2013
Posted by: admin

GUEST BLOG

By Sarah Morris
KirkpatrickPrice

Security.  That’s usually the first thing on the minds of those in the IT world.  To keep up with changing technologies, we are constantly changing and improving our security standards, so that we can remain one step ahead of malicious attackers in defending our confidential information.

Royce Howard, of Global Knowledge, offers some tips about the 10 most dangerous risks to your server.  These tips are important to remember when developing and securing your IT infrastructure.

Physical Attacks. Make sure no one has physical access to your server.  Server rooms should be kept secure, and sensitive data should be encrypted.

Password Policies. Create complex passwords and change passwords every 90 days.

Privileged Accounts and Social Engineering. Vulnerabilities can be mitigated by removing administrator rights.

Email Attacks. Beware of phishing emails.  Never open an email from an untrusted source and avoid clicking on links in emails.

Worms. Worms are self-replicating programs that copy themselves from machine to machine, using up computer processing time and bandwidth.

Increasingly Malicious Malware. Scheduling regular scans can help detect and prevent against malicious malware and spyware.

Unauthorized Network Access. Network Access Control and Network Access Protection can help control network access of a computer host while using a set of protocols to define and implement a security policy.

Not Updating Patches. Automatic updating of patches can help avoid threats.

3rd-Party Applications. Check security platforms of 3rd-party vendors and applications from independent developers and manage exploits.

The Human Factor. People are the weakest link in security initiatives.  Develop strong policies and procedures so that people are prepared.

At KirkpatrickPrice, we have years of experience in information assurance by performing assessments, audits, and tests that strengthen information security controls.  Contact us at info@kirkpatrickprice.com for more information on how we can help you in your compliance efforts.

Sarah Morris is a technical writer for KirkpatrickPrice, a provider of world-class audit services. Visit www.kirkpatrickprice.com.

TAGS:

CATEGORIES:

No Comments »

Top 10 Security Risks Found by Your Auditor

February 21st, 2013
Posted by: admin

GUEST BLOG

By Sarah Morris
KirkpatrickPrice

At KirkpatrickPrice, we strive to provide the proper assurance and resources to help our clients maintain security within their organization.  Recently, we held a client webinar focused on the “Top Ten Security Risks” that your auditor finds during your auditing process.  Below is a summary of the most common risks that we find.

1.      No Formal Policies and Procedures

Formal guidelines of policies and procedures help provide your employees with clarity of what’s expected of them.  They define the accountability for each employee and also establish necessary training. Information security policies are mandated by the FTC Safeguards Rule, PCI Data Security Standards, and the HIPAA Security Rule. This means they are mandatory.

2.      Misconfigurations

Standards need to be applied consistently. Organizations should utilize benchmark configuration standards from a recognized entity such as: Center for Internet Security (CIS), International Organization for Standardization (ISO), SysAdmin Audit Network Security (SANS) Institute, and the National Institute of Standards Technology (NIST).

3.      No Formal Risk Assessment

Assessment should cover assets that are critical to your enterprise to continue business operations for the following: hardware, software, human resources, and processes (automated or manual). Some important things to consider when thinking about risk assessment are the threats to your assets as well as the likelihood of vulnerability being compromised. Threats can be both internal (employees or third party contractors or partners) as well as external (natural events or social engineering). Developing a proper risk assessment can help to mitigate potential risks that you face.

4.      Undefined Incident Response

It is always important to have clear instructions on reporting procedures when determining incident response. It is suggested to build a culture within your work environment that encourages reporting of all incidents the moment they present themselves.

5.      Lack of Disaster Planning

Disaster planning is important in a situation where written plans were available for others to follow in the event that key personnel are not available. A business impact analysis can help quantify what level of redundancy is required for disaster planning. Proactive arrangements should be made to care for the staff and to communicate with third parties. Walkthroughs and training scenarios can benefit organizations so employees are properly prepared in the event of a disaster.

6.      Lack of Testing

The concept of testing applies to all areas of your security. If your security is not tested, there is no way to determine whether or not vulnerabilities are present.

7.      Insecure Code

Developing secure coding is something we find lots of companies struggling with. To develop secure coding, training must be implemented as well as specific development standards and quality assurance.

8.      Lack of Monitoring/Audit Trails

Log Harvesting, parsing, and alerting methods must be determined to efficiently deal with massive event logs. The responsibility for review must be formally assigned as part of daily operations.  Audit trails should be stored in such a way that system administrators cannot modify without alerting someone with and oversight role.

9.      Data Leakage

Some things we often forget are where the data is located and how long should it be retained? How is encryption implemented and verified? How is access to data granted and audited?  These things are all very important, and if not corrected, can keep you from complying with federal and industry standards and regulations.

10.  Lack of Training

A lack of training can prove to be a striking blow to the security of your organization. Employers should recognize the importance of properly training all employees on safety and security best practices. Standards and guidelines should be clearly set and determined in each organization. Several training opportunities are offered through KirkpatrickPrice to properly train you and your company on the basics of security awareness, awareness for managers, awareness for IT professionals, and awareness for credit card handling.

Determining your individual risks is the first step toward the mitigation process.  Maximum security of your sensitive information is KirkpatrickPrice’s number one priority.

If you’re ready to get started with your assurance process, you’ve come to the right place. We’re ready to help. Let’s work together.

Sarah Morris is a technical writer for KirkpatrickPrice, a provider of world-class audit services. Visit www.kirkpatrickprice.com.

 

TAGS:

CATEGORIES:

No Comments »

Disasters Happen. Is Your Business Ready?

February 14th, 2013
Posted by: admin

 

By Laurie Head
AIS Network Vice President

Preparing for an emergency is a key factor to business continuity after a disaster. Wherever the threat comes from – whether it’s physical, virtual, network failure or cybercrime-related – it’s important that your business is equipped to deal with the problem.

In fact, the U.S. Department of Labor estimates that over 40 percent of businesses never reopen following a disaster.  And, when we consider these potential consequences, it’s important that you have a disaster preparedness plan ready.

We consulted Cindy Bates, Microsoft US SMB Vice President, for some tips.  As you create your business continuity plan, she recommends that you keep in mind the following:

Communication strategy.  Make a plan about how you will communicate any disaster and its impact on your internal and external audiences.  Remember that 40 percent of businesses will never reopen following a disaster.

Financial management. Ensure that you can still access your company accounts, pay bills on time and make the payroll.

Data backup.  Keep your company information safe by backing up assets and storing a copy offsite on a regular basis.

Cloud-based software. Move software to cloud-based versions of the programs that you use today.  This acts as a great alternative to data backup and enables your employees to have access to email, important documents, contacts and calendars – anytime and from virtually anywhere.

Technology updates.  Maintain vigilance when it comes to keeping your technology updated with security patches to safeguard your network against the latest threats.

Your digital assets are extremely important to business continuity in the aftermath of a disaster.  Do you need help protecting them?  Contact us for a free assessment.

TAGS:

CATEGORIES:

No Comments »

What Do Our Microsoft Competencies Mean?

February 3rd, 2013
Posted by: admin

 

By Laurie Head
AIS Network Vice President

What do our Microsoft competencies mean?  They are something we’ve worked very hard to achieve and we’re quite proud of them.  There are 640,000 partners in the Microsoft Partner Network, but only 5 percent of partners worldwide can distinguish themselves with a competency and having attained this high degree of proficiency.

AIS Network has attained Microsoft competencies in hosting and in mid-market solutions.  AISN’s Microsoft competencies show you our demonstrated expertise — and our commitment — to staying deeply informed about the latest Microsoft products and technologies.

AIS Network Microsoft Competencies

Attaining Microsoft competencies is a rigorous process but the outcome is highly rewarding.

By attaining our Microsoft competencies, we have met extensive requirements through rigorous exams — culminating in Microsoft certifications.  And, we have also been recommended by our customers for our skills, support and knowledge.  A Microsoft competency allows us to accelerate our customers’ success by serving as technology advisors for their business demands.

When customers look for an IT partner to meet their business challenges, choosing a company that has attained Microsoft competencies is a smart move.  These are highly qualified professionals with access to Microsoft technical support and product teams.

See how we can put our expertise to work for your business.  Contact us today.

TAGS:

CATEGORIES:

No Comments »

Understanding Cloud Deployment Models

November 27th, 2012
Posted by: Donna Hemmert

By Donna Hemmert
AIS Network Vice President, Strategic Development

Public Cloud, Private Cloud or Hybrid Cloud?  Which one is for me?

First of all, let’s define the Cloud.  A Cloud is a consolidation of hosted computer services (storage, computing power) and is delivered as a service.

Cloud services are often fully managed by the provider and are usually sold based on usage (for example, per hour or even by the minute). One of the main benefits of the Cloud is that it is elastic, allowing organizations to use as much resources as they need.  They can easily add or reduce those services without the need to deploy equipment.  This can be really useful in situations where companies have a project (for example, a development project or marketing promotion that requires a special new temporary website) or their business has a lot of associated seasonality (i.e., they need more computing resources for the Christmas season).  In that case, a company can call a company such as AISN and simply request another “virtual machine” or more storage.

Many of our customers like the cloud model also since they don’t have to put out upfront capital for equipment and software, but instead can pay a set amount each month.  It’s more predictable and it is captured as an operational expense, which can be beneficial.

As for the deployment models, here are the main types of Cloud:

  • Public Cloud is a cloud that is available to all customers and these customers share the resources of the cloud.  Examples of public clouds are Amazon AWS, Microsoft Azure  and Google Cloud.
  • Private Cloud allocates resources to be used solely by your organization from a shared infrastructure.  Your data is stored in dedicated, segregated silos.  With Private Cloud, adding more storage or CPU is easy and often instantly available.
  • Dedicated Private Cloud is a cloud infrastructure built solely for your organization’s use – with all services and hardware dedicated to your organization.  Some organizations prefer dedicated private cloud for additional security but the down side is that there are reduced economies of scale. That being said, adding and reducing computing resources is much easier to do as with any cloud.
  • Community Cloud shares infrastructure between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.).  This allows the community to customize the cloud based on these concerns and spread the cost – making it generally more cost effective than a private cloud, but less so than a public cloud.
  • Hybrid Cloud is a combination of more than one cloud type.  For example, you can combine a private cloud with a public cloud.  This will give you benefits of more than one deployment model.  Often an organization will deploy hybrid clouds to provide the flexibility of in-house applications with the fault tolerance and scalability of cloud-based services.

 

TAGS:

CATEGORIES:

No Comments »

Cloud Events: Where Can I Find Them?

November 8th, 2012
Posted by: Donna Hemmert

By Donna Hemmert
AIS Network Vice President, Strategic Development

If you are looking for events at which to network and learn more about the Cloud and related topics, whether you are a newbie or an expert, there is an excellent source to find (and broadcast) those events.  Check out Cloud Events (sponsored by @TheCloudNetwork), who hosts a calendar for the industry.   They gather events from the community through email here.

You can find their calendar here.

TAGS:

CATEGORIES:

No Comments »

AISN Attends COVITS 2012

September 24th, 2012
Posted by: Donna Hemmert

By Donna Hemmert
AIS Network Vice President, Strategic Development

This year was AIS Network’s first chance to attend COVITS and that is just what we did.  COVITS, the Commonwealth of Virginia’s Innovative Technology Symposium,  is a chance for decision makers from state and local government, business, and education to discuss solutions for Virginia’s technology needs.   The one comment I heard over and over was the quality of the keynotes and how relevant the topics in the panels were to the problems that were being solved.

For AIS Network specifically, it was such a great opportunity to meet with so many people in our extended community.  We met with many state and local people who were focused on a variety of issues.  We also saw a lot of interest around the Cloud (especially Private Cloud) and Bring Your Own Device.

We definitely plan to attend next year.

 

TAGS:

CATEGORIES:

1 Comment »

Cloud Computing Benefits for Accounting Firms

August 19th, 2012
Posted by: Julia Uglietta


By Julia Uglietta
Associate, Marketing and Sales

Accounting firms deal with data day in and day out. The volume of numbers that go through an accounting office each day is unimaginable. The number of emails that go in and out of the offices is inundating.

It’s not only the size issue that challenges accounting offices every day.  Rather, it’s also the need to work faster while remaining efficient – in addition to improving better client and interoffice communications. These goals sound fairly standard for a successful business, right?  But in fields such as accounting, where large amounts of data are being received and stored, achieving these goals can be onerous.  The good news is, however, that new technology known as cloud computing is helping accounting firms attain these goals and save money too.

AIS Network accounting

Taking business to the cloud allows accountants to work from anywhere, at any time.

Taking accounting firms to the cloud is a way to reduce costs, improve efficiency and make data more accessible.  Throughout the industry, the discussions about cloud computing and how many accounting practices are moving to an outsourced cloud computing model has people thinking.  Accountants can see clearly that cloud computing is moving up and moving fast.  Now, more firms are looking into cloud solutions before they buy that next new sever.  They’re performing a cost benefit analysis, and in the process, they’re discovering that the operational expenditure associated with implementing an outsourced model is more desirable than the large capital expenditure associated with buying and maintaining all those new servers.

Not only does migrating to a cloud-based, paperless environment cut costs for accounting firms, but it also introduces new efficiencies.  When you put your data and applications in the cloud and entrust a cloud provider to care for them round-the-clock, you’re achieving IT efficiencies such as:

  • Eliminating the need for physical storage (throw out those old filing cabinets!)
  • Upgrading to industrial strength physical security (including partial or full fault tolerance, fire protection, etc.)
  • Improving backup and disaster recovery processes
  • Enhancing data security
  • Increasing availability (through improved power redundancy,  etc.)
  • Extending IT resources with a 24x7x365 team of hosting experts

For many accounting firms, this makes the decision to switch to the cloud even easier.

The most brilliant feature of the cloud is, in my opinion, its “anywhere” accessibility – which is an aspect that most accounting firms will find appealing.  When your data and your applications are in the cloud, they are accessible via any Internet-enabled device whenever you need them and wherever you are.  It just makes life easier.  Allowing the staff to work faster (and, I might add, without necessarily increasing billable rates) allows them more time to focus on the clients’ needs.

Most customers prefer communicating with their accountant via the Internet, and in many ways, the new cloud-based dashboards, reporting applications and unified communications systems that are now available only make this easier.  By enabling better collaboration and communication among geographically diverse staff and clients, accounting firms’ processes and workflows are vastly improved and the work gets done much faster – often with greatly reduced travel costs.

Life in the cloud has changed many industries’ ways of operating.  Slowly but surely, accounting firms will ease into cloud computing and reap benefits that were previously unachievable any other way.

 

 

TAGS:

CATEGORIES:

1 Comment »

SharePoint 2010 Hosting vs. In-House Deployments? What Is the Cost Benefit?

August 13th, 2012
Posted by: admin

 

By Laurie Head
AIS Network Vice President

SharePoint managers everywhere are asking themselves, “Why should I spend money on SharePoint servers?”

Well, with on-premise IT costs soaring, they’re absolutely justified in asking that question.  On-premise hosting has become much less cost effective than outsourced hosting.  Quite simply, hosting SharePoint 2010 with an experienced hosting provider saves you money and worry.

Sharepoint Hosting

It's important to ask yourself a few key questions when you're weighing moving your SharePoint from an on-premise environment to an outsourced hosting environment.

In belt-tightening times, the combined expense of SharePoint 2010 servers, technical staff and data security can be painful to a company. Why have the IT staff spend half their day fixing, patching and managing SharePoint servers, when they could utilize their time in better ways to help grow the company?  Hosted SharePoint, which typically comes with a team of SharePoint hosting experts, is simply “better, faster and cheaper.” What’s not to like about that?

That’s my opinion, anyway, but how do you decide for yourself?  Well, ask yourself a few questions first.

  1. Capital. How much up-front capital is required to deploy and maintain your SharePoint infrastructure? How much does it cost you to upgrade it on a regular basis?  (After you figure this out, the predictable monthly costs of hosting may be highly appealing.)
  2. Agility and flexibility. Can you adapt to change quickly?  Can you move rapidly to deploy new features of your SharePoint infrastructure and/or make changes (we’re talking days, not weeks or months)?
  3. Maintenance. Do you have adequate resources to maintain your SharePoint installation?  Are you comfortably budgeted for staff and training?  Do you have a cushion for unanticipated expenses?  Do you have enough real estate in your data center to accommodate your growing SharePoint infrastructure?
  4. Confidence. Can you say, confidently, that your data center is physically secure, disaster resilient, fully compliant, highly available and capable of providing superior uptime?  Can it withstand a destructive storm?
  5. Expertise.  Do you have highly trained staff who can build out, configure, deploy and administer your infrastructure?

With fully managed SharePoint hosting services, you’ll never again have to buy another SharePoint server and figure out where to locate it in-house. You’ll never have to hassle with a flawed SharePoint deployment or wait months to deploy new features.  You’ll never have to deploy, patch, update, troubleshoot, monitor or administer your SharePoint infrastructure again. You’ll never have to shell out big bucks for storage or staff training.  Moreover, licensing is so much easier when you’re working with a hosting provider.  And, it’s highly unlikely that you will have to worry about bad storms, physical security, performance and reliability.

Most of all, however, doing it all in-house can be cost-prohibitive.  Hosted SharePoint can be a much cheaper alternative.

For example,our SharePoint hosting plans can help you get off the SharePoint-spending treadmill and save you up to 91% in hardware and support costs when compared to in-house SharePoint deployment.  Have a look at this brief chart.

SharePoint 2010: Hosting vs. In-House?

A Comparison of Major SharePoint Hardware & Support Costs. 

Hosting With AISN Slashes Your Hardware and Support Costs Significantly.


Hosted Solution On Premise
SharePoint Deployment SharePoint Deployment
Hardware Servers (each) Included ! $15,000
Software Included ! $5,000
Backup Included ! $5,000
Connection Multi – Gigabit Internet Included ! $25,000
Staff Expert Staff Included ! $75,000
Support Redundant Equipment Included ! $ ? ? ? ?
Monitoring Included ! $ ? ? ? ?
Total One Low Monthly Cost! $125,000 or more

Now, need help comparing your costs?  Bill Peters, who is in our Chicago office, is great to work with and can offer you expert guidance in this area.  Contact him now for a free hosted SharePoint quote.

Further information about hosted SharePoint is also available in our whitepaper.

TAGS:

CATEGORIES:

2 Comments »

« Older Entries