Dan GriffinWelcome to the second edition of the JW Secure Informer, our bi-monthly newsletter. This is an opportunity to share what’s on our radar, specifically with respect to enterprise network security, but also regarding IT and business more generally.

The Informer is intended to be useful content and good for a quick read. So if it’s just clutter in your inbox, we’ve failed, and I hope you’ll let us know.

Good Security Exercises for Developers

A recent article in The Register reminded me of the importance of giving software developers real-world hacking experience. Unfortunately, the only way to learn how to write secure software is to experience, first-hand, doing it wrong. And if your code gets hacked but you don’t find out about it, that doesn’t help much. Thus, a hacking sandbox, such as this one provided by Google, is an important resource for professional education.

Other such resources? If you’ve never used Metasploit, you should. There’s a tutorial here.

The Importance of Facebook

JW Secure Informer ImageHere’s a trivia question that you need to factor into your marketing strategy: What has nearly 400 million users, an open programming interface, and lots of buzz? Answer: Facebook. But while it’s one thing to create a business page on Facebook (we have one here, click the “Like” button!), making it interesting and interactive is a different matter (and I’m speaking from personal experience). The good news is that there’s plenty of help online, including analysis of other business pages, plus tips on getting started.

What’s the security angle? It’s no secret that Facebook has generated more than its share of privacy concerns. I take the perhaps incongruous viewpoint that, while Facebook is a marketing platform that you cannot afford to ignore, there’s evidence (see the previous link) that the company is not doing an adequate job of protecting the privacy of its users. A sensible question to ask: what’s the potential for the negative perception of Facebook’s privacy strategy to harm the reputation of other businesses using the platform? Answer: so far, that kind of blowback isn’t happening. The real risk is wasting time by using the platform ineffectively.

Why Cloud Computing May Brighten Your Future

used with permission from the Microsoft Small Business Center
JW Secure Informer ImageSmall businesses often face a sobering reality: they know there are technology applications that could make their business more efficient, but the cost of implementing and maintaining the IT hardware and software is prohibitive. That’s where cloud-computing can actually bring a sunny forecast. By shifting the IT infrastructure and management burdens to a third-party, cloud-based provider, a small business can get enterprise-class technologies delivered as a subscription service.

Recycled Energy Development (RED), a small business that helps industrial manufacturers convert their waste energy into recycled electricity and heat, faced just such a dilemma. RED had a document management problem: keeping track of their numerous clients and all the associated contracts, engineering specs, and project plans.

PointBridge, a Microsoft certified partner, proposed a custom-built document management system, based on Microsoft Office SharePoint Server 2007, that would keep track all the documents and their many versions.

Aaron Walters, RED’s CFO, was excited by the potential of the proposed system. But the price tag for an on-premise system—well, that would have been too much red ink for RED. Walters didn’t have the budget for an in-house Office SharePoint Server installation, and RED didn’t have the IT staff required to support such a system.

That’s when cloud-computing, in the form of Microsoft Business Productivity Online Suite (BPOS), came to the rescue. BPOS provides enterprise-class software hosted on Microsoft servers and sold through partners on a subscription basis. BPOS includes Microsoft Exchange Online, Office Live Meeting, Microsoft Communications Online, and, most critical to RED, Microsoft SharePoint Online. What’s more, BPOS subscriptions are highly affordable, costing just $10 per user per month for the full suite.

The customized document management applications were implemented using Microsoft SharePoint Online, freeing RED from the upfront infrastructure costs and the ongoing IT management burden. The company was delighted with how simple it was to deploy and utilize the solution through SharePoint Online—employees were up and running without a lot of time for set up and training. Now RED has the sophisticated document management tools to store contracts and maintain full version histories. RED employees can check documents in and out, and multiple people can work on contracts without getting in each other’s way. The system tracks every change, so revisions are easily identifiable.

The new services have helped RED’s business in a number of different ways. “They have enhanced collaboration within our different internal divisions,” explains Walters, “and they have helped increase our productivity and helped manage the business process involving our clients.”

What’s more, the BPOS-based solution was not only highly affordable, but as a per-user subscription, it can readily scale to the size of RED’s business. The cloud-based solution also ensures that RED will have the latest version of the suite’s applications, including every update and any patches, since these are all applied at the Microsoft data center.

“SharePoint Online was very attractive to RED and made the decision very easy,” continues Walters. “It allows flexibility to grow with our organization. It’s a per-user per month licensing, so it offers a lower cost of ownership. It grows well with the business, and we’re constantly getting updates from Microsoft, which keeps us up on the latest software versions. As a start-up company, cost containment is critical, and the Business Productivity Online Suite approach has played an important role in our cost containment efforts.”

A final BPOS benefit is the lower use of electricity. “Instead of us running an on-premises solution,” says Walters, “which would require a certain amount of electricity to operate regardless of whether users were working on the servers themselves, we’re able to take advantage of storage virtualization and server virtualization technologies that increase the throughput of the servers in the Microsoft data center and thereby reduce the actual amount of electricity used.” This electricity savings is very important to RED, whose business centers on helping manufacturers recycle energy—but it makes sense for any small business wanting to hold the line of energy costs.

Your small business’s needs may be different from RED’s, but the cost-effective solution could likely be the same. If you need top-of-the-line, business-class features for communications and collaboration, then BPOS is definitely worth a look. Microsoft’s offering integrates email, instant messaging, document collaboration, and real-time conferencing into one, seamless suite of applications.

Perhaps your business requires you to work with far-flung customers and vendors. With the Microsoft Office Live Meeting component of BPOS, you can hold engaging virtual meetings—including rich audio and video—with all the stakeholders, no matter how far away they are, provided they have Internet access. And with instant messaging, you have a speedier alternative to email—perfect for on-the-fly answers to project questions.

BPOS also gives you access to your coworkers’ calendars, making it a snap to set up meetings and keep projects on schedule. You’ll never again have to schedule a meeting “blind,” contacting each individual to check his or her availability, and going back and forth to nail down a time that works for everyone. With shared calendars through Exchange Online, you can simultaneously compare calendars to set up a meeting—a huge time saver.

Unlike onsite server solutions, BPOS provides a full, integrated suite of applications for just $10 per user per month. Microsoft guarantees the availability of your BPOS applications—your Service Level Agreement provides a money-back reimbursement for anything short of 99.9% uptime. What’s more, you’ll never have to worry about replacing old software or applying upgrades and patches. Everything is taken care of in the cloud, at the Microsoft data center. Microsoft even provides 24-7 technical support, making BPOS one cloudy forecast that you’ll welcome.

Want to learn more? Then take the BPOS test drive at www.microsoft.com/bpostestdrive, or check out http://www.microsoft.com/online/ for more details.

Strategies for Conserving Battery Power

used with permission from Microsoft At Work
JW Secure Informer ImageHave you ever run out of battery power on your mobile PC during a meeting or a class? Have you worried about running out of power while waiting to meet with a client? Have you asked yourself how much longer your battery will last? Sufficient battery life is a persistent challenge for mobile PC users. But Windows offers several ways to help maximize the battery life of your mobile computer.

In this article, I’ll discuss how to take advantage of Windows settings to manage power more efficiently. I’ll also introduce some non-software related tips that you can use to extend battery life.

Optimize your power settings

The display and hard disk on your mobile PC are the two biggest consumers of battery power. By choosing a power plan (called a power scheme in Windows XP) you can extend your battery life. A power plan is a collection of hardware and system settings that control how your mobile PC manages power.

Windows 7
Windows 7 has two default power plans:
Balanced: Automatically balances performance with energy consumption on capable hardware.
Power saver: Saves energy by reducing your computer’s performance where possible.

Change your power plan
1.Click the battery meter icon, located in the notification area on the Windows taskbar.
2.Select either the Balanced or Power saver power plan.

Windows Vista
Windows Vista has three default power plans:
Balanced. Offers full performance when you need it, but conserves power when the computer is idle.
Power saver. The best choice for extending battery life. The cost? Slower performance.
High performance. Maximizes system performance at the expense of battery life.

Change your power plan
1.Click the battery meter icon, located in the notification area on the Windows taskbar.
2.Select the Balanced, Power saver, or High performance power plan.

Take advantage of low-power states

The different versions of Windows provide the following battery-saving states:

•Windows 7: sleep and hibernation (which is like deep sleep)

•Windows Vista sleep and hybrid sleep (which is a combination of sleep and hibernation)

Sleep (Standby)
In a sleep state (standby), your display and hard disk turn off, and all open programs and files are saved in random access memory (RAM)—your computer’s temporary memory—rather than to the hard disk. Information stored in RAM is cleared when the computer turns off, so it’s a good idea to save your work before placing your system in standby mode. Otherwise, you may lose data if you lose power, you swap batteries, or your system crashes.

Sleep (standby) is particularly useful when you’re using your mobile PC intermittently during the day. For example, when driving between clients’ offices during the day, put your computer to sleep or on standby to maximize the life of your battery and maintain quick access to open programs, files, and documents. When you want to use your computer again, it wakes up quickly, and your desktop is restored exactly as you left it.

Windows 7
•To put your computer into a sleep state, click Start button, click the arrow to the right of the Shut down button, and then click Sleep. This action saves all open documents and programs and puts your computer to sleep while still allowing the computer to quickly resume full-power operation (typically within several seconds) when you want to start working again.

•To wake your computer, press the power button on your computer.

Windows Vista
•To put your computer into a sleep state, click Start , and then click the Power button. This action saves all open documents and programs and puts your computer to sleep while still allowing the computer to quickly resume full-power operation (typically within several seconds) when you want to start working again.

•To wake your computer, press the power button on your computer.

In hibernation, your computer saves everything to your hard disk and then shuts down. When you restart the computer, your desktop is restored exactly as you left it. Hibernation uses less power than the sleep state (standby), but it takes a bit longer to resume.

Windows 7
•To put your computer in hibernation, click Start , click the arrow to the right of the Shut down button, and then click Hibernate.

Windows Vista
•To put your computer in hibernation, click Start , click the arrow next to the Lock button, and then click Hibernate.
•Note This puts your computer into a power-saving state, but saves your work to your hard disk so that you can safely turn off your computer.

Hybrid Sleep
Hybrid sleep is a power-saving feature designed primarily for desktop computers. Hybrid sleep saves any open documents and programs to memory and to your hard disk drive, and then puts your computer into a low-power state.

•Find out more about Windows 7 hybrid sleep.
•Find out more about Windows Vista hybrid sleep.

Adjust screen brightness

You can also conserve battery by reducing the screen brightness. To adjust your screen brightness, refer to the instructions from your mobile PC manufacturer. Every computer is slightly different, but you can usually use a combination of keys, a function key, or a software tool to dim the screen.

Even better than dimming the screen is blanking it completely when you’re not using your computer. You can further minimize power consumption by reducing the amount of time the computer is idle before the screen goes blank.

Turn off wireless

Another significant drain on your battery power is your wireless card. You should turn off your wireless device when you’re using your mobile PC but are not connected to a wireless network. You can either remove your Wi-Fi card or press the manual hardware button on your computer if you’re using a Centrino-based mobile PC. Refer to the instructions from your mobile PC manufacturer to learn where the manual hardware button is.

Additional power saving tips

In addition to adjusting power settings to maximize battery life, consider the following tips to minimize power consumption when you’re away from electrical outlets.

Turn off scheduled tasks. If you use scheduled tasks to run programs or scripts, or if you schedule other tasks to occur automatically at a preset time, specify that these tasks won’t be performed when the computer is running on battery power.

Keep the use of tools in the notification bar to a minimum. Try to minimize your CPU’s usage. Look at the notification area of the taskbar and close any tools (or utilities) that are not necessary. Often, these tools are installed on the computer when you first receive it. Windows 7 users can also click the up arrow at the end of the notification area to see tools and utilities that are hidden but available. The notification bar, shown below, is on the bottom right of your computer desktop.

Limit power-intensive activities. Avoid watching a DVD or playing online games on your mobile PC when you need to conserve battery power.

Add memory. You can minimize the reliance of Windows on virtual memory and reduce power consumption by adding memory (RAM) to your mobile PC.

Carry at least one spare battery. Buying an extra battery is a good investment for your peace of mind. Battery prices vary widely. You can significantly increase the power available to you if you’re willing to splurge a little. Contact the manufacturer of your mobile PC to find a replacement battery.

Charge your battery often. When you’re on the road, be sure to carry a power cord and plug your computer in whenever you have the chance.

Completely drain nickel-based batteries. If you’re using an older laptop (at least 3 years old) with a nickel hydride battery, be sure to completely drain it and recharge it monthly to ensure that it will hold its charge. Most newer mobile PCs use lithium ion batteries, which don’t need to be drained to maximize their capacity.

By adjusting your mobile PC settings to conserve battery power and by implementing these tips, you can relieve the stress and inconvenience of running out of battery power.

Don’t Focus on the Black Spot

used with permission from Joel Weldon, www.successcomesincans.com
JW Secure Informer ImageLeader says “Look for the good” — managers learn to find it.

Speaking to her department managers, a young, dynamic executive tacked a huge sheet of white paper on the wall behind her. Then, with a felt-tip marker, she made a black spot in the middle of the paper.

“What do you see?” she asked someone in the front row.

“A black spot,” came the reply. She asked the same question of every manager, and received the same answer each time.

Quietly, slowly, and with great emphasis, she then said, “You’re all correct, there is a little back spot up there. But not one of you mentioned the big sheet of perfectly clean, white paper! And that is my speech.”

She went on to guide her organization from near collapse to record profits. Best of all, she helped her people develop positive attitudes toward themselves, their company, and their customers.

She attributed her success to the practice of requiring each manager to submit each Monday morning a report of all the good things that happened in their department during the preceding week.

Here’s what you can do: Be on the lookout for what’s right. Encourage the people on your team to do the same. Initiate a cycle of positive attitudes, thoughts, ideas and action that will make it easier to handle the “black spots.” When you find something that’s good, recognize and reinforce it.