Featured Posts

<< >>

10 Policies to Minimize BYOD Risk

The challenge for employers offering BYOD, according to schnaderworks, a labor and employment blog from Schnader Harrison Segal & Lewis LLP, is finding the right cost/benefit balance for their businesses. In developing an effective “bring your own device” (BYOD) policy, employers must first identify which employees will be eligible for the program according to the blog.

Cloud Storage, Back-Up Bust

It is heady times fans of cloud storage these days.  In case you haven’t been paying attention, the cloud file storage corner of the IT universe has been heating up for the past couple of months. Dropbox, Microsoft (MSFT), Google (GOOG) and Apple (AAPL) have been leapfrogging each other in an apparent effort to buy mind-share. Dropbox

Remember

9/11

Will iOS 8 Crush Your Network?

- Updated 09-09-14 – At their presser today, Apple announced that iOS 8 will be publicly available on Wednesday September 17. The update is free and compatible with 10 current products: iPhone 5S iPhone 5C iPhone 5 iPhone 4S iPad Air iPad with Retina Display iPad 2 iPad mini with Retina Display iPad mini iPod

Tips for Dealing with IT Sales People

Jonathan Feldman, penned an article for InformationWeek  which provided some tips on how to deal with vendor sales people. The Ashville NC, CIO writes that most IT pros think doing calls and meetings with vendors are a waste of time. However he states that IT vendor sales people have a place in the IT ecosystem.

10 Policies to Minimize BYOD Risk

10 Policies to Minimize BYOD RiskThe challenge for employers offering BYOD, according to schnaderworks, a labor and employment blog from Schnader Harrison Segal & Lewis LLP, is finding the right cost/benefit balance for their businesses. In developing an effectivebring your own device” (BYOD) policy, employers must first identify which employees will be eligible for the program according to the blog.

Once the basic parameters are set, the lawyers stress a written policy is essential to set up ground rules and permit enforcement to protect the company’s data and other interests.  They suggest the following steps are key to establishing an effective BYOD policy:

1. Establish a Mandatory Authorization Process:  The lawyers say this should be completed before an employee can access company data and systems on a personal mobile device.

password protection2. Require Password Protection:  Each authorized device should have the same password protections as an employer-issued device.  According to the article, such protections include limiting the number of password entry attempts, setting the device to time out after a period of inactivity, and requiring new passwords at regular intervals.

3. Clarify Data Ownership:  A BYOD policy should specifically address who owns the data stored on the authorized device. It should be clear that company data belongs to the employer and that all company data will be remotely wiped from the device if the employee violates the BYOD policy, terminates employment, or switches to a new device. The policy should also alert employees that it is their responsibility to backup any personal data stored on the authorized device states the article.

data security risks4. Control the Use of Risky Applications and Third Party Storage:  Schnader Harrison Segal & Lewis recommends employers may want to ban the use of applications that present known data security risks, such as the use of “jailbroken” or “rooted” devices and cloud storage.

5. Limit Employee Privacy Expectations The BYOD policy should clearly disclose the extent to which the employer will have access to an employee’s personal data stored on an authorized device and state whether such personal data will be stored on the company’s back up systems. The article recommends  minimizing the co-mingling of company and personal data. Employers may want to install software which permits the “segmenting” of authorized devices.  However, no matter what measures the company takes to preserve employee privacy, the policy must emphasize that the company does not guarantee employee privacy if an employee opts in to the BYOD program.

6. Address Any Business-Specific Privacy Issues:  Certain businesses are subject to legal requirements about the storage of private personal information (such as social security numbers, drivers’ license numbers and credit and debit card numbers, etc.) which may need to be addressed in a BYOD policy.  The blog points out that HIPAA requires native encryption on any device that holds data subject to the act. An employer may need to put in place processes prohibiting or limiting remote access for certain categories of sensitive data.

7. Consider Wage and Hour Issues:  Permitting employees to use an authorized device for work purposes outside of the employee’s regular work hours may trigger wage and hour claims. The lawyers suggest the BYOD policy should set forth the employer’s expectations about after-hours use  (such as a requirement that non-exempt employees must refrain from checking or responding to work emails, voice mail and texts after hours) (rb- Yeah).

BYOD man8. Insure Compliance with Company Confidentiality Policies.  The author says a BYOD policy should reiterate that an employee using an authorized device must comply with all company policies regarding confidentiality and the “acceptable use” of company information.

9. Spell Out Procedures In Case of Loss or Theft:  The employer should set up a specific protocol to be followed in the event an authorized device is lost or stolen. The blog says the process should include the prompt reporting of a lost or stolen device and the remote wiping of the device.

1remote wiping of the device0. Document Employee Consent:  Finally the law firm, in good lawyer form, suggests the employer should get an employee’s written consent to all terms and conditions of the BYOD policy.

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

Cloud Storage, Back-Up Bust

Cloud Storage, Back-Up BustIt is heady times fans of cloud storage these days.  In case you haven’t been paying attention, the cloud file storage corner of the IT universe has been heating up for the past couple of months. Dropbox, Microsoft (MSFT), Google (GOOG) and Apple (AAPL) have been leapfrogging each other in an apparent effort to buy mind-share.

Dropbox recently announced that its Dropbox Pro plan will now provide 1TB of capacity for $9.99 a month, or $99 for a full year subscription. Paul Mah at FierceCIO says this is a significant reduction, especially when recent monthly Dropbox Pro storage prices were:

Dropbox

  • $9.99 for 100GB,
  • $19.99 for 200GB, and
  • $49.99 for 500GB of storage.

Mr. Mah, says the latest move by Dropbox allows them to stay on par with the latest price cuts from Apple iCloud in September, Google Drive in June, and Microsoft OneDrive in May.

In September Apple updated its porous iCloud storage plans. CNET says the basic 5 gigabytes of storage remains free, though prices for paid tiers were significantly reduced and larger storage options made available. CNET says the new monthly iCloud storage costs are:

  • Free for 5GB,
  • $0.99 for 20GB,
  • $3.99 for 200GB,
  • $9.99 for 500GB and
  • $19.99 1TB

Previously, 10GB of storage would have cost $20 per year, 20GB for $40 per year, and 50GB for $100 per year.

At Microsoft, the cloud based file storage game also changed. According to Redmond Magazine, the improvements include a new file load limit (10GB max), an easier way to share links to OneDrive folders and support for folder drag-and-drop operations using the Google Chrome browser. Microsoft is also working on speeding up the synchronization of files with OneDrive. The updated per month price for OneDrive are:

  • Free for 15GB,
  • $1.99 for 100GB,
  • $3.99 for 200GB,
  • $5.99 1TB

In an attempt to trump MSFT, Google released Google Drive for Work, a paid service targeted at business users and priced at $10 per user per month. FierceCIO noted that the new service offers unlimited storage, the ability to upload files of up to 5TB in size, and access to productivity apps such as Docs, Sheets, Slides, Hangouts and Sites. Importantly, Google also announced that files uploaded to Google Drive can be encrypted, and will stay that way while in transit or when at rest on its servers. Here are the current prices per month for Google Drive space pace according to CNET:

  • Free for 15GB,
  • $1.99 for 100GB,
  • $9.99 for 1TB,
  • $99.99 10TB,
  • $199.99 for 20TB and
  • $299.99 for 30TB.

Mr. Mah argues that price drops are good news for consumers. The extra space would certainly be useful for users who rely on it for long-term file archives or backing up large local files. The author correctly argues that 1TB of online storage does not deliver the same value to business users. The reason is simple: cloud storage is a terrible backup solution for large volumes of data, especially if you need to get it back quickly.

Mr, Mah observed that cloud storage vendors do not share information about any guaranteed uploading or downloading speeds when using them. This is noteworthy considering that 1TB of files can take a really long time to transfer over the Internet.

He explains that downloading 1TB worth of files with zero data overhead–which is impossible, across a reasonable 10Mbps broadband connection would take over 222 hours, or close to 10 days of continuous downloading. You can be assured that real life conditions on your broadband connection would likely mean that this is at least doubled or even tripled.

And that’s assuming that the cloud service provider isn’t experiencing any congestion on its end, which is not something that cloud vendors are offering any guarantees on. Notwithstanding that, you can check out this nifty online calculator.

So while there is no question about the value of cloud storage for data synchronization across multiple devices, it is important for businesses to understand that the cloud just isn’t ideal for data backup. Mr. Mah concludes that users should use their 1TB of cloud space for all its worth, but users and firms need to do proper local backups for important files, as well as those that need to be restored quickly.

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

Remember

9/11
9/11 NYC Memorial Twin Towrs of Light

Will iOS 8 Crush Your Network?

- Updated 09-09-14 - At their presser today, Apple announced that iOS 8 will be publicly available on Wednesday September 17. The update is free and compatible with 10 current products:

iPhone 5S
iPhone 5C
iPhone 5
iPhone 4S
iPad Air
iPad with Retina Display
iPad 2
iPad mini with Retina Display
iPad mini
iPod touch 5th Generation

How are you going to protect your network?

Will iOS 8 Crush Your Network? TechRadar speculates that Apple’s new mobile operating system, iOS 8 will be released on September 10 and MacWorld UK reports that iOS 8 will run on most iPads, iPhones or iPod Touch device when it arrives. This means that if you haven’t already done something about it any iDevice that walks into your Wi-Fi will want to download 100+ megabytes of data. And you know what means user complaints that the internet id broken and the network is slow.

Crush your networkThe folks at Exinda, a supplier of policy-based WAN Orchestration recently put out some suggestions on how to keep your network functional during Apple’s (AAPL) iOS 8 update madness, unlike the iOS 7 release last year. Few organizations were prepared for the effects that widespread software updates would have across corporate and educational networks.

Shortly after the software launch, download requests bombarded networks which prevented users from accessing key applications or completing work on time. Boston-based Exinda says reports from last year showed that the iOS 7 update used more than 60% of bandwidth and caused several networks to crash completely.

ExindaExinda polled their community of networking experts to weigh in with three possible strategies to help you survive release week, no matter how complex your IT environment is.

Set a policy to completely block software upgrades 20% of Exinda customers said that controlling iOS 7 upgrades was their biggest IT headache last year. If iOS 7 put a huge strain on your network last year, proactively blocking this year’s software release may be the best way to protect your network.

Not enough bandwidthBefore release week, simply create a policy using the Apple Software Updates application signature and set it to discard the traffic. This will cause all network traffic generated from iOS 8 to be discarded, effectively keeping your users from upgrading their devices on your network.

Control the amount of bandwidth software upgrades can use Depending on your network and users, you may have no choice but to let some of your users upgrade their devices during peak hours, particularly if you’re a school with a 1:1 iPad program. To control the amount of bandwidth iOS 8 can use on your network, set a policy that guarantees minimum and maximum levels of bandwidth that can be consumed during this upgrade. We recommend setting the minimum at 1 Kbps and giving this policy a low priority so it does not take precedence over your more important traffic.

Three stratgiesBruce Miller, vice president of product marketing at Xirrus in a Fierce Mobile article, advised IT administrations to deploy Wi-Fi network application control software that regulates how the network handles bandwidth-hogging apps and spikes in traffic.

IT needs to be savvy at the application level, identify when something like this happens and then be able to apply QoS [quality of service] or prioritization to applications, not just to users.

Cache software upgrades at the network edge – Last year many Exinda customers cached the iOS download at the network edge, which allowed their users to upgrade their devices without using too much bandwidth or hurting network performance. To do this, create a new policy to cache the iOS 8 upgrade. This means that after the software has been downloaded on the network once, each subsequent download request will be served up locally, letting you preserve your bandwidth and prevent network outages.

rb-

The release of iOS 7 last year blindsided many IT managers. Large numbers of employees upgrading their devices at the same time caused many networks to crash, leaving users unable to Suprisedaccess key apps or get work done on time.

I also blogged about how the The NCAA Basketball and World Cup tournaments would be huge bandwidth wasters here. IT managers need to be more alert to events outside their network that can overwhelm the corporate network.

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

 

Tips for Dealing with IT Sales People

Tips for Dealing with IT Sales PeopleJonathan Feldman, penned an article for InformationWeek  which provided some tips on how to deal with vendor sales people. The Ashville NC, CIO writes that most IT pros think doing calls and meetings with vendors are a waste of time. However he states that IT vendor sales people have a place in the IT ecosystem. The author argues sales people can be a benefit;

… if you stick your head in the sand, Ostrichdon’t be surprised when you fail to move forward … We all know the bad side of sales. But the good side, at the correct time and in the correct dosage, can usher in business technology innovation.

The article explains it’s all about sound vendor management. Mr. Feldman describes four things he does to ensure that time with vendor is as productive as possible for him.

guidelinesEstablish guidelines - There should be a process for vendor meetings. Mr. Feldman says that staff should know what to do when faced with a vendor on the phone, or worse yet (which I’ve seen) at the front desk.

  1. Should they take the call immediately?
  2. Pass it to someone else? If so, to whom?
  3. If it’s decided not to engage the vendor at all, based on what criteria?

Any way you slice it, staff need guidance so that they don’t go overboard one way or another.

Set expectationsSet expectations - Provide vendors a mechanism for contacting you. CIO Feldman suggests the website should clearly states where product and service calls should go. He also suggests that voice mail announcements spell out a number that vendors should call if they want assistance.

This is an early test of vendors if they can follow your directions. If they can’t properly get in touch at the beginning, how are thy going to behave when the at crunch time? I use the same logic at RFP time, vendors certainly raise a flag if they don’t read the directions and respond in the requested format.

cold callDirect the call. It is your time, do you want to spend it on a cold call? I have found that cold calls are rarely useful. Mr. Feldman suggests you limit cold calls to five minutes, tops. He makes the vendor get right to the elevator pitch to quickly evaluate whether to hear more at another time. To cut through the chaff, he recommends a question like, “What’s the value in what you’re selling, in 30 seconds or less?” Hang up on people who say they’re not selling anything.

Control timing. If the sales person has followed the process and made an appointment and showed up (a problem for first time calls or small accounts) keep the meeting short. The author says these early meetings should be less than 30 minutes to hear and evaluate their message. These calls are to evaluate the elevator pitch, not to discuss strategy. Control the timing; don’t let it control you.

Sales guyMr. Feldman concludes that ignoring sales calls isn’t an option unless you want to join the legions of the uninformed. He recommends that IT Pros sift through the sales noise to decide which pitches merit action to benefit your business.

rb-

I have managed the vendor pitch process by having quarterly pitch Friday’s where new vendors could get 30 minutes to pitch their business. This allowed us to schedule the meetings around our customers work. And it made it easy for the admin staff to schedule, here is your time like or lump it. And it pushed the meeting out enough to test sales commitment.

 

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.