• Give us a call: 1-678-381-1948
  • Email Us: info@guidance-consulting.com

Our Blog

ByDaniel Gottilla

Network Scalability for Your Business

When a business is just starting out, the temptation is to keep expenses low in order to get through the critical first few years. After all, you have other start-up costs and finances to take into consideration.

However, when setting up a computer network for your growing business, you should also take into consideration scalability. Network scalability is the ability of your computer network to grow with your business as your needs change. Not taking scalability into account can mean spending more money on infrastructure down the road.
What is Network Scalability?

One of the definitions of network scalability is the ability of your computer network to handle the amount of traffic that runs on it. When a business is starting out and is relatively small with a handful of users, having a scalable computer network may seem to be an unnecessary expense, since the smallest amount will seem sufficient. However, on the contrary, you must remember that as your company grows, your business technology needs will also change.

While a business is small, a shared communication line may be all that is needed to ensure that the office can access the Internet. However, more users and more complicated online communication needs mean that you’ll also have greater network bandwidth needs. As a company adds more users, the need to do more downloading or transferring of files, will require more bandwidth and faster speeds, the original network equipment needs to be able to handle that traffic. By understanding what future needs are likely to be, a network architect can choose equipment that will be able to grow with you.

At the same time, while a business is still getting off the ground, a handful of users may find that sharing one printer, locally hosted and shared on someone’s machine, to be a fine arrangement. Once again, as that business grows and adds more users it will increased printing needs, this former arrangement may no longer be sufficient. Investing in a network printer that will allow multiple user access may be more expensive at first but will pay off in usability and lack of downtime in the future.

How to Plan for Future Growth through Network Scalability

By investing in technology that can grow with your business, you can rest assured that your computer network will grow with your business. Though your business may not use the full capabilities of certain devices from the very beginning, having that flexibility for growth and expansion can help.
For most business owners, these needs can be addressed by your IT consultant or technical department. This is yet another reason why it pays to consult with an IT specialist early on in a business’s operations. Keeping scalability in mind while your business is just starting out will help to ensure that your computer network will grow with your business needs. Investing in technology that can grow with your business is always a smart choice.

ByDaniel Gottilla

The Importance of Server Backup Systems

We all know how important server backup systems and regularly saved work is. We’ve all been the victim of a wrong button pushed once or a power surge that can eradicate entire documents that have been the focus of your attention for hours. However, consider what kind of damage this brings to companies working on a larger scale. What if you have thousands of documents and files that have suddenly vanished?

Hourly, Daily, Weekly, or Monthly Data Storage?

The problem with server backup systems and saving data is that it can be a time-consuming task. Manually backing up your files might seem ideal – especially if you work almost entirely with documents on your computer – but can easily take up several minutes of every hour. This can result in hours each year of lost productivity. Daily saving is a little less time-intensive but can still become a burden over time. Weekly or monthly storage might seem more realistic until you lose that entire week’s worth of work during a hard disk failure or other setback.

Server backup systems can step in to save some of this lost time and effort, especially if you use a system designed with productivity in mind. Many systems operate automatically each night after you close the office for the night. A little more costly than simply moving all your files to an external hard drive every night, they can streamline everything by only uploading those files that were changed during the day or that underwent regular maintenance. But because it doesn’t cut into the workday or require activity on your part or on the part of your employees, it can quickly become an invaluable business tool.

Most data storage experts also recommend that you do an additional weekly backup in addition to an automated daily option. This should usually go one step further in terms of protection and security, often including storage in physical form in an offsite safe or over a network on an offsite server. If you implement these steps early on in your business, it will quickly become a habit and take up even less time than you imagined.

Keeping Your Information Safe by using Server Backup Systems

No matter what type of backup solution you choose, make sure security is always at the forefront of your mind. Regardless of whether you’re looking to remain secure against theft, physical damage, or future loss, remember that backup and data storage is only effective if you keep the information secure. Never keep all your information in the same place, and make sure that those who have access to it are authorized.

ByDaniel Gottilla

The art of Task Automation and Corrective Processing

The last few years were a very good time for the IT market. After a great depression that occurred in the beginning of the decade, the future looks very promising. It is also much easier to find a job in the IT market. However, when you are trained in using task automation and corrective processing methods, your chance to find a job grows even more along with your potential salary. Those skills are in high demand now!

What exactly is task automation and corrective processing? Nowadays those two skills are used in almost every aspect of computer science. If you find a job as a network administrator, or as a programmer, you will use those two methods almost every day.

First let’s take a closer look at task automation. Let’s say that someone finds a job as a system administrator. He could easily spend every minute of every day at work performing periodic maintenance tasks unless he finds a method of automation. Automation entails creating scripts that the system can execute at a particular time each day, week, or month. Automation also includes the simplification of interactive tasks by creating scripts or programs. Tasks that are repeated often and are complicated or tedious are good candidates for both simplification and automation.

As you see, task automation is in fact a very simple process. Corrective processing is a little more complicated. However, this method also can, and sometimes must, be used almost everywhere, even outside the IT industry. Almost everywhere where data processing is used, there is a place for corrective processing. It may be something’s as simple as purifying html code, to a little more complicated calculations involving Hubble’s telescope.

In the IT business, corrective processing is mostly used to check for errors in new software, but that~s not all. It is also used for optimization, like clearing or simplifying the program code to make it run faster or be better read by search engine robots. There are also many new IT companies where you can find a job that is concentrated solely on corrective processing. Such companies are usually sub-hired by other, bigger ones to check on their product. Even one of the biggest producers of antivirus software is outsourcing corrective processing of its products, so the demand for corrective processing specialists is high indeed.

But the real art is connecting task automation and corrective processing into one, single process. People who have obtained both skills can find a job almost everywhere, and for quite a good salary. So, if you are currently trying to find a job, it would be a good idea to learn at least one, if not both skills. Your chances to find a well-paid job will grow!

ByDaniel Gottilla

The power of Automated Alerting for hard drive recovery

You are sitting in a cafe with your friends when suddenly your cell phone rings. When you look at the screen, you see the new messagereport. While reading it, you find out that there was a power shortage in your company building and that hard drive recovery of all of your computers was successful. Then you can sit back and enjoy the rest of the evening or run to the company’s office depending on the specific situation. You know everything, and you can react accordingly with no need of people screaming on the phone. In fact, there is no living person needed to do that. How can that be possible?

The answer is: automated alerting applications. There is an enormous amount of automated monitoring systems around us. Personal life alert devices, fire sensors they launch a signal that is automatically delivered to a proper service. It is because automated methods cost less and it is becoming very common. From hard drive recovery reporting to stock notifications automated alerting systems are used everywhere.

There are four main methods of sending an alert report. The first and the oldest one is using a dedicated, specially designed alarm line between the sensor and the proper alarm station. It usually triggers some kind of a sound alarm. Because in this method one sensor is dedicated to one indicator, the source of alert can be easily identified. This method, however, has many flaws first of all, it is extremely expensive. Another thing is that it only notifies you about an alarm being triggered there is no detailed data given (it is good for fire alarm, but it won’t tell you if hard drive recovery was successful or not).

Another form of an automated alerting system is a pager message. Unfortunately, it slowly becomes obsolete. Recently, the cost of pager services became too high, but this method made possible to provide as many details as was needed – even the number of files that were lost after hard drive recovery.

The method of sending an e-mail report is the third method. It is by far the cheapest and most detailed one. There is, however, one major flaw and the successful delivery depends on constant access to the computer. Sending a message about a hard drive recovery process or about a burglary attempt has some sense only when someone can receive it, thus making this method less effective.

That’s why the last method is near perfection. It incorporates all the best aspects of other methods, while lacking their flaws. The use of a short message system is currently the best way of sending alerts: very detailed, almost instantly delivered and economical. From the emergency service doctors to company owners; from fire fighters to hard drive recovery trained personnel they all have one thing in common the cell phone.

Byadmin

Information Security Management – keep your IT infrastructure protected

Information Security Management is just like hiring a full-time security task force solely for the information your business sends and receives daily

Byadmin

Infrastructure Management – keep your physical IT infrastructure cutting edge

The more complex your IT environment, the more important it is that you maintain a regular Infrastructure Management program

Byadmin

Technology Staffing Solutions: Build and Strengthen Your IT Infrastructure

Your IT infrastructure is the backbone of your business. From your highly-skilled network administrators to your entry-level help desk support.

Byecole

Managing the High Risk of Mobile Devices in Health Care Facilities.

Health care facilities are trying to get a handle on introducing and managing mobile devices in their facilities, but are finding it difficult to keep their data safe. If the loss of unencrypted laptops with confidential patient data has not already earned a facility a place on the Department of Health and Human Services (DHHS) wall of shame, the risk of data being accessed and stolen internally is sure to follow.

So far, over 25 health care facilities and associated businesses have been embarrassed this year by the August 2009 Breach Notification Rule included in the Health Information Technology for Economic and Clinical Health (HITECH) Act – where facilities and businesses are required to notify the appropriate agencies that a data breach has occurred which compromised the protected health information (PHI) of 500 individuals or more. A significant amount of breaches listed on the DHHS site include lost or stolen laptops and unauthorized access or hacking of the network.

The latest occurrence was the loss of a laptop in a doctor’s office in Miami FL, where 1,137 patient’s PHI was exposed. One of the largest incidents reported last year was AvMed, Inc.’s report of two unencrypted laptops stolen from a conference room, which contained names, dates of birth, addresses, social security numbers, and personal health information of nearly 1,220,000 patients. According to the U.S. Department of Homeland Security’s (DHS) National Cybersecurity and Communications Integration Center “poor physical security protective mechanisms or operational security awareness make it easy for thieves. In addition, lack of hardware encryption allows thieves direct access to all data stored on the device”[1].

In addition to weak physical security, internal access controls, and weak passwords, the DHS has found increased vulnerabilities in mobile devices that contain commercial operating systems, which are vulnerable to malware and viruses. This includes not only mobile devices connected to the network, but all mobile devices used by the organization. When the device is connected to both the internet and the hospital network, it poses a higher risk for breaches. Devices are vulnerable to cyber attacks that can take advantage of software vulnerabilities, lack of software patches, firmware vulnerabilities, and wireless connections – which could open the capabilities to gain access to the health care network. An example is the doctor’s of the University of Chicago’s use of iPads that were affected by a vulnerability in the Apple IOS, where malware was found affecting iTunes users who connected their iPads to Windows operating systems. Backdoor. Bifrose.AADY allowed remote control access by a third party and “pulled serial numbers and read passwords for different programs including POP3 email and any protected storage”[2]. Malware related threats to computers on the network can occur when PHI data is synced and transferred with improperly configured mobile devices, introducing a new avenue of malware transfer.

The result of PHI exposure becomes a violation of HIPAA regulations which monetary penalties; reputation damage; public embarrassment; lawsuits; and possible loss of the medical practice or business can occur. Additionally, the patients who were involved in the incident can face both identity theft and the use of their personal data being sold on the black market.

There is no silver bullet in completely eliminating the risks of mobile devices on the network. However, there are ways to reduce the risk of exploitations, while performing due diligence to minimize penalties and lawsuits resulting from HIPAA/HITECH violations. The best approach is always a solid evaluation of an organization’s information security program. It is absolutely vital that a security program not only include identifying, assessing, and remediating high risk areas, but to  ensure that all controls – technical, administrative, and physical – are working in synchronization to create a holistic security program. These three components must integrate seamlessly in order to eliminate gaps in security. Gaps in security controls can easily lead to vulnerabilities.

The benefits of using a security consulting firm are endless. Not only can they become a strategic partner in an organization’s efforts to maintain compliance, but they can also provide all of the components that would otherwise be inaccessible – which can include the cost of finding and maintaining staff with years of expertise; in-depth knowledge of current health care IT regulations; contracted IT staff with current technology skills; and most importantly, objectivity. Hackers, as well as internal and external threats are always one-step ahead of the security industry – making it impossible for security administrators to stay on-top. However, minimizing threats, continuously updating their holistic security programs, and utilizing the expertise of security consultants can make a difference.


[1] National Cybersecurity and Communications Integration Center, Attack Surface: Healthcare and Public Health Sector (U.S. Department of Homeland Security, 2012) 7.

[2] National Cybersecurity and Communications Integration Center 4.

 

ByDaniel Gottilla

Viruses, Rootkits, Adware and How to Protect Your Tech Environment

As technology use increases due to people using computers and Internet access for business and personal reasons, there has also been an increase in malicious software (or “malware”). Malware is most known for its ability to wreak havoc on both a user’s computer and the network that it has infected.

While some problems caused by malware infection often include such annoyances as computer and network slowness, more serious problems include network breaches facilitated by malware on company computers.

Types of Malware

There are several types of malware, the most common of which are viruses, worms, trojans, and rootkits.

Viruses and Worms: Both viruses and worms are infectious, which means that they can and will spread to other computers. Viruses spread when they are accessed or run, while worms can spread without additional user intervention.

Trojans and Rootkits: These are malware programs that conceal their true identity. Trojans are usually embedded in another program and are installed by a user who does not realize what they are installing is harmful. Rootkits are a means of hiding the malware from the user. A rootkit allows the program the ability to continue by either hiding within the operating system or by thwarting attempts at removal if detected.

How Malware Gets In

Malware can be introduced into a network in a number of different ways. Users are often unaware that they have allowed malware onto their computer and network until it is too late. Common infection scenarios include downloading e-mail attachments from an unknown source, downloading files on the Internet, or visiting untrusted websites.

To ensure and protect the integrity of your network, you need to reduce the threat of malware. Here are some tips to help:

  • Install an antivirus program that runs in the background on all your computers. While not fool-proof, an antivirus program is a great way to protect against known viruses
  • Instruct users not to open email attachments from an unfamiliar source. This is a simple way to protect your network from malware.
  • Limit the sites that users are able to access using a firewall. Certain websites (including illegal software, music download sites, and adult websites) are much more likely to have malware lurking in their coding.
  • Place strict limits on what can and cannot be downloaded from the Internet. Defining what can be downloaded can greatly reduce your business’s risk of being infected with malware.
  • Consider reducing the privilege level of users on their individual computers. Many malware programs require administrator level access to make malicious changes to a hard drive, but most user applications do not need this high level of access.