Brandon Darling

The vast majority of your life is obscure.  That means that most people don’t know your middle name because you never told them, and because most people don’t know where to look up public government records.

Just because your middle name is generally unknown, doesn’t mean it is secure.

He’s a mental picture:  I could put One Million Dollars in CASH on my kitchen table and leave all my doors and windows unlocked.  So long as no one knows that I have One Million Dollars in CASH on my table (unsecured) then that Million Dollars is perfectly safe.

However, that’s not how security works.  Securing something means taking steps to ensure that something remains under your control despite effort to take it out of your control.

In my previous example, locks, security cameras, electric fences, and mal-adjusted rabid Rottweilers make my One Millions Dollars more SECURE than the previous scenario where I rely on the blind ignorance of others to keep my money mine.

In the online world things are different.  No one is after YOU.  Hackers, viruses, malware, spyware, adware - it is all cold, calculating, and collecting.  It doesn’t know who YOU are - because it doesn’t care.  The majority of identity theft is not accomplished because someone went after YOU as a PERSON - it’s because they made use of modern methods to take ANY indentity in general - NOT YOURS IN PARTICULAR.

To paint this picture, a “hacker” uses a program to scan millions of computers on the Internet (which includes yours, EVEN IF you have a firewall and anti virus software).  That program has two purposes in life: 1. find vulnerable computers (yours) and 2. infect the computer and use that infected computer to scan for other computers which are vulnerable.

Rinse, repeat.

I know a lot of business people who say “I don’t need to worry about security, who’s going to hack me?”  Hello numb nuts - NO ONE ATTACKS -YOU-.  Hackers seek out and exploit the $400 computer you bought from Best Buy which you dutifully refuse to run Windows Updates and Anti Virus Updates on because you’re too busy sending emails with little animated icons from a toolbar you downloaded which while sending cute smiley faces is also pilfering your customer credit card numbers out of Quickbooks.

What is security?  It has nothing to do with *where* your data is.  In fact, having your company data on your own systems in your own office is probably the LEAST secure place for your data to live.  You let anyone who claims to be “the computer guy” in your front door and right in to your server room.  At this point, passwords are useless - physical access to any system IS ACCESS.

In fact, if your firewall doesn’t have the latest updates, a syslog server, and someone (a real BODY) watching it on an hourly basis, it’s pretty much a bump in the wire for the all the junk your employees and your kids (yes, you let your kids use your office computer, don’t you?) are downloading and running.  Firewalls are great for keeping the outsite world out (sort of) but once some uneducated user (you and your entire business) download that cutsie little program, your $10,000 firewall is completely ineffective.  Yep, your investment crumbles that fast.  (Oh, did you catch TEN THOUSAND DOLLARS for a firewall?  Yeah, that $60 router/firewall from Best Buy is basically a neon sign advertising “Hack Me - Credit Card Nubmers Here” on the Internet.)

And let me rant about wireless.  Folks, if it comes out of a consumer electronics store, then IT IS NOT SECURE.  If your wireless was setup by your son’s friend, then it is already being used by every pedophile with a Pringles can inside a 1 mail radius to to download kiddie porn off of YOUR Internet connection.  Wonder why you can’t send that email to your accountant or the IRS?  Your Internet connection is probably on every watch list in the world and the only reason you’re not in the clink yet is because modern law enforcement hasn’t even figured out how to properly defend a hand-held radar gun citation.

So what’s the answer?  There isn’t one.  Security threats change EVERYDAY and unless you have a person - or a company - vigilant for your security, then you’re likely hacked and you don’t even know it.  Sure, you’ll know when the SEC or VISA comes knocking at your door wanting to know how 100,000 credit card numbers wound up leaking out of your website, ecommerce application, or accounting program, but at that point it’s too late and someone already has a noose sized for your scrotum waiting for the order to hang.

There are countless examples of Muni WiFi going defunct.  Some people are surprised.  The promise of ubiquitous access as a utility is touted as the next logical progression for wireless and for the Internet itself.  Why can’t the Muni’s do it?

Because they’re the government - that’s why.

All the pin-heads on the city council have an idea for how a network will improve their departments or pet projects.  The cops want to sniff every wireless camera in town and run license plate recognition software so they can do even less.  Utilities want remote meter reading and the local telco will bitch about competition from the local government funded by tax dollars.

Muni WiFi is broken because of the MUNI - NOT THE WIFI.

http://sf.meraki.com

If you’ve never seen this movement then you send forwards to your nieces and nephews on your AOL account.  100,000 + active users and growing on a NON MUNI WiFi network where the nodes cost fifty bucks.  God Bless America.

Need to center something between the top and bottom of a webpage, but you want to use clean CSS and not some garbage tables?

I am no web developer, nor am I a CSS / HTML guru.  I scour the web for what I need and I share what I find.

I found these:

http://www.infinitywebdesign.com/research/cssverticalcentereddiv.htm

http://waxpad.com/waxpadarticles/vcexample.html

http://d-graff.de/fricca/center.html

You tell me if these suck, or if they’re not compliant.  I’m looking for the holy grail - a compliant, well-behaved solution for vertical centering that also takes less than a 1MB style sheet.

In business, technology is always placed in the “expenses” column of the balance sheet.  With that kind of perception, management will always be antagonistic to technology because it costs them money.  Instead, put technology systems in the “assets” column where they belong.  Doing so will then reinforce the reality that technology is an asset, and investing in that asset produces returns: that is, technology makes you money.

Some basic technology tips for business managers:

1. You don’t understand computers and you likely never will.  This is not a flaw in your character or laziness on your part.  Technology is hard and complicated and you have a real job to do anyway.  Delegate technology to someone who actually understands it (me!) and let that person worry about megabytes and gigahertz.

2. Never ask for a line-item quote.  Resist the temptation to understand each “part” of a solution and take your red pen through items that your technology professional can’t convince you that you need.  Re-read rule number one.  You don’t understand this stuff anyway.  Realize that the professional recommending these items isn’t using your money to play with toys.  Yes, there are unscrupulous folk out there and you should ask questions to test the character of your technology pro.  However, do NOT under any circumstances start pulling hundred-dollar items off the list.  You may temporarily enjoy the “shoppers high” of saving a few bucks, but you will unknowingly cause massive problems and headaches.  Again, you don’t understand this stuff and if the pro says you need it, you need it.

3. Buy early, buy often.  Computers get old after 2-3 years.  They’ve done that since 1981 and there’s no sign it’s going to stop.  You will not single-handedly change the way technology works by futilely demanding that all computers last 5 years.  Also, resist the temptation to wait to upgrade.  Everyone knows that whatever you buy today will be insanely cheap in 6 months - you will not be seen as some dope who got screwed.  It happens to everyone.  What you need to do is make that upgrade (investment) TODAY so you can get ahead of the short-sighted lump who’s putting off that upgrade thinking he’s saving the bottom line.

4. Build a good foundation.  You don’t ask the contractor to cut corners on your home’s foundation, so don’t do it with technology.  Run a lot of cabling - more than you need NOW - because you’re going to need it later.  Buy more servers than you think you need - you’ll use them anyway and you’ll have a spare for when one of them inevitably fails on you.  Buy good, hefty mice and keyboards and SAVE THEM during upgrades.  You’d be surprised what you spend on replacing those $15 3-month-lifespan mice.  Buy good quality, BIG flat screen displays (19″ minimum) and give every employee 2 screens - that *alone* has been proven to increase productivity by 15%-20%.   Volume License all of your Microsoft software.  Bring your email in-house with Exchange and get a third party to filter your email for spam.

5. Train your people.  A well trained user with a 10-year-old system is vastly more productive than an untrained user with the latest technology.  Investing in your employees is never a bad thing, anyway.  Besides, you’ll see fewer help desk calls (which saves money) and you’ll see people actually doing and producing more (which makes money).

6.  Get away from paper.  Don’t jump on the “paperless office” hype - that kind of fanaticism is dangerous. Paper will be around for awhile, so don’t shun it all at once as if every sheet were laced with the plague.  But don’t replicate paper.  Kill the copier and get a scanner.  Invest in fax-to-email technology and eliminate the idiotic process of printing an email so you can fax it someone.  Don’t create forms - get a company Intranet and use online forms with reporting and search capability to manage all your in-house documentation.  And banish those lousy PostIT notes and get a notes management application (or learn to use Outlook) so your note to remind you to do something will actually remind you!

More to come…

I was recently asked what value I can provide to people and businesses.  Sure, I can help your business run better - but no one is ever interested in *improving* themselves.

So I went through my project list that’s eight years old and I came up with a list of services.  I can provide the ability to make untraceable, untappable phone calls from anywhere in the world to anywhere else.  I can secure financial data and product data so tightly that by the time supercomputers were done trying to hack my system the sun would have burnt out.  I can create an entire parallel “Internet” where every dot com is available once again and only the people we want on our Internet can get on our Internet.

I can also obtain information.  You would be surprised how much information is being given away by businesses and private individuals.  I don’t mean hacking or other illegal activity, here.  I mean scouring the hidden data on websites, in emails, and chat sessions to gather information that most people don’t realize they’re releasing.

All you have to do is give me the challenge - I can complete the job.  Let’s see if anyone wants to take me on.

Get your pen and pencil out and take some notes.  If you manage, own, operate, or otherwise write your meal ticket in business, then you’re LOSING business because of your website.

Then again, you might be Google - and you’re printing money with your website.

But if your not Google, your website is surely turning away more business than it’s bringing to you.  And the worst part is, you don’t even know it.

Take everything you’ve ever heard about websites, online marketing, Search Engine Optimization (SEO), linking, tracking, pay-per-click, and forget about it.  It doesn’t matter to you.  You’re running a business - providing a service, making a widget, selling schwag.  The question you should be asking of your website is “what have you done for me lately?”

Blogs are generally useless (for your business).  Portals are even worse.  And if you have a website that hasn’t been updated in the last week, then you’re irrelevant.  Your 10 year old website is an eyesore on the web and people - perhaps potential customers - are looking at that slovenly mess online and hitting the back button fast than you can say AOL.

Think your ecommerce site is an asset?  Wrong.  Sure, you convert 10 sales per month.  How many are you losing?  Probably 10 times that.  Why?  You’re website is old, probably hard to use.  It probably is set in a color scheme someone hates.  You likely have misspellings and grammar errors.  You probably had your brother’s friend’s uncle’s shuffleboard partner who “knows computers” build your website.  You spent $300 and you patted yourself on the back.

You are an idiot.

What’s the answer?  Online guerrilla warfare.  How many people visit your site and leave?  Did you get their information?  Do you know why they left?  Do you know where they went?  Do you know how they found you?  What words they searched on when they hit your site?  What sites they were on before you?

You can obtain all this information.

Then you have to act.

The fact is that you’re lazy.  I’m lazy.  People are lazy.  This is not because we are bad, or because of Original Sin.  The Universe tends toward entropy.  Things are cooling off, slowing down.  So it’s easy to drink that koolaid and become nothing but a pundit of the status quo.  Of course, some young punk driving a car that costs more than your house is right on your heels and about ready to eat you and most of your suppliers for lunch.

You are not invicible.

To that end, you need tenacious, covert, and intelligent online help.  You need me.  Face it - no one else is going to tell you the truth.  Sales guys want to be your friend and lie to you all day long.  You want to hear those lies, because they make you feel good.  They make you feel successful and important.  You feel like you’re worth more than that kid trying to sell you something because he kisses your ass so well.  The fact is, he’s worth more than you because he has drive and passion.  He’s hungry for more than cheetos and doughnuts.  He wants your money and he largely gets it.

The deal is your revenue flow is never guaranteed, and about the time you get comfortable is about the time you start losing money.

Back to your website - you have no idea how many people are turned OFF by your site.  The truth is that it’s better to have NO online identity than a bad one.

I open this for discussion:

Should a small business (under 20 users) opt for their own infrastructure: that is, servers, domain controllers, file sharing, Windows SBS, Exchange, Outlook -

OR

Should they buy $300 machines, run Linux, and use Google Apps?

Can Google Apps effectively replace all the email, file sharing, collaboration, shared calendaring, and other basic business needs?  There are even online time-tracking and accounting applications.

Is the world of the business network dead?  Will Software as a Service replace IT architecture?

Your comments are needed.

When it comes to technology, there is no such thing as knowing everything, there is only knowing that which you do not know.

While trying to explain the role of IT consultants to a client, I came up with this analogy:

The relationship of business and Information Technology is like an orchestra: there are three major components: players, instruments, and sheet music.

The players (or musicians) represent the employees of a company (users).  The instruments represent hardware (computers, printers, fax machines).  The sheet music represents software (Word, Excel, Quickbooks).

Put a bunch of musicians in a room with instruments and sheet music and you might get something that sounds okay - you may also get something horrid.  Or you may wind up with something inspired but disorganized, like jazz.

The word orchestra is defined as “a group of players that accompanies action.”  If you want your employees to be able to use technology to take *action* then you need the final, and required, component of an orchestra - the conductor.

A conductor is an interesting person.  While the real performance is going on, that is, while the orchestra is performing for an audience, he is simply flaying his arms like a madman.

In some sense, a consultant does the same thing.  While the business is humming along getting things done, it appears to any casual observer that the consultant is doing little or nothing.

If you watch an orchestra, or any performance, what you *don’t* see is all the “behind the scenes” work - rehearsals, research, practice, and study.

The consultant spends countless unseen hours training, refining, practicing, solving problems, and truly *learning* their craft.  A consultant can come into your business and reduce your problem to a paragraph or a sentence - maybe a single word.

You - as a business owner - think that your business is more complicated.  You think you’re unlike anyone else, and that unless someone has spent the blood, sweat, and tears that you have building your business, no one can understand you.

Get over yourself.

You’re too close to your own business to know what’s good for you.  Someone can summarize your problems, process, or your years of experience in a flash.  Your business is not unique.

Getting back to the orchestra - if you want your business to run well, if you want freedom from problems and “poor performance,” you need a good conductor.

While you might think that your business/technology consultant is wildly flayling his arms like a conductor, realize that he has spent thousands of hours rehearsing and studying.  He’s trying to get your people, your hardware, and your software to make music for you business.  And he can do it better than you can.

As a business owner/manager, your are a spectator of the great orchestra of business.  You pay the bucks to support the orchestra, and you reap the pleasures of hearing great music.  You do not, however, possess the skills of the conductor.  To you, he gets in the way of the music (only visually) but without the conductor you would have no music - only chaos.

www.opendns.com

If you’re looking for a dead-simple, free content filtering solution, Open DNS is for you.  Go there and sign up for a free account.

Open DNS works be replacing (or augmenting) your DNS servers.  For individual workstations, you simply point your DNS servers to 208.67.222.222 and 208.67.220.220.

If you have a router or multiple computers on your network, login to your router and set the DNS servers for the local LAN to the IP addresses listed above.

If you have Active Directory or a network domain - DO NOT replace DNS entries on your workstations or servers!!!

I say this again: Active Directory domains REQUIRE that all servers and workstations use the Internal DNS provided by Active Directory.

To use OpenDNS with Active Directory, go in to the DNS administration settings on your Domain Controllers, and setup forwards to the OpenDNS servers: 208.67.222.222 & 208.67.220.220.

On the OpenDNS website, you can filter groups of content: violence, sex, social networking, job sites, etc.  Once this is setup, you’ll have a nice dashboard to monitor your DNS usage and you won’t have to deal with trash on your network.  You can also block known phishing sites with a single click!

If you use OpenDNS, drop a line on the blog here.  I would like to gather feedback from other users.