FPA Technology Services, Inc.
Username:  Password:  

Tech Travel Tips

 Permanent link

There's nothing worse than the feeling you get when you're stranded when traveling.  And by stranded, I mean because you're having problems preventing you from connecting up remotely and accessing the information you need access to. Here are some tips to help you with your technology when you're traveling:

Create a Travel Kit

Keep your various travel computer accessories - such as USB flash drive and hub, cable lock, extra phone battery, power strip, VoIP (Voice Over Internet protocol) headset, and webcam - in one place or kit.  When you're ready to hit the road, grab the kit and you're good to go.

Practice Logging in, and on

Don't try logging on to the corporate server or logging in to your remote accounts for the first time once you're on the road. Practice remote data access from the stress-free environment of your home.

Have IT on Standby

Information Technology people are your lifeline if you run into connection issues on the road.  Keep your IT Help Desk and support names and numbers handy.

Work Smart

Stay in hotels that provide free internet access and an in-room work space as well as fax, copy and print servies.

Keep a Neat Desk

Straighten up things at the office before leaving on an extended trip.  An organized desk will help co-workers find files or documents that you -- or they -- might need while you're away.

Schedule Time to Stay in Touch

Chasing down your staff or keeping in touch with family members can be challenging if everyone's on different schedules or time zones.  Before departing, setup call-in times.  Alternatively, start or end the day with e-mail updates.

Protecting Your Online Financial Info

 Permanent link

Consumers are conducting more and more of their financial transactions online.  Consequently, they may become vulnerable to tracking, hacking, identity theft, phishing scams, and other online risks.  While nothing can guarantee complete safety while online, much can be done to understand and minimize your exposure to risk.

Here are some basic ways to help maintain privacy and secure your information while on the web:

Understand Privacy Policies

Before conducting any financial transactions online, carefully read the privacy policies of each institution with which you plan to do online business.  Find out how the business intends to maintain and secure your financial information.  If you don't understand the legal jargon, ask questions.  You can always email or call a business and request a simplified explanation of its privacy policies.

Avoid Using Easily Decipherable PINS and Passwords

When deciding on PINS, passwords, and other login information, avoid using your mother's maiden name, your birth date, the last four digits of our Social Security number, your kids names, or your phone number.  Avoid other obvious choices, like a series of consecutive numbers or your home town.  Also, avoid using the same PINS and passwords on multiple sites.  Then, if your PIN or password is discovered on one site, the others will remain secure.

Use Secure Web Pages Only

Use only secure browsers when shopping online to guard the security of your transactions during transmission.  There are two general indicators of a secured web page.  First, check that the web page URL begins with "https".  Most URL's begin with "http" - the "s" at the end indicates that the site is "secure".  This means that passwords and other information will be encrypted before sending back and forth to the server.  Second, look for a "lock" icon in the window of the browser.  You can double-click on this icon for details about the site's security.  Be cautious about providing your financial information to websites that are not well known.  Larger companies and well-known web sites have developed policies to protect the rights and financial information of their customers.

Keep Your Operating System Up-to-Date

High-priority updates are critical to the security and reliability of your computer.  They also offer the latest protection against malicious online activities.  When your computer prompts you to conduct an update, do it as soon as possible.

Keep Your Firewall Turned On

A firewall helps protect your computer from hackers who might try to delete information, crash your computer, or steal your passwords or credit card numbers.  Make sure your firewall is always turned on.

Do Your Homework

To learn more about securing your computer and protecting your personal information, visit www.getnetwise.org, www.onguardonline.gov, or www.wiredsafety.org.  These websites provide valuable information to help you protect your private information when conducting financial transactions online. In addition, the Federal Trade Commission (FTC) works for the consumer to prevent fraudulent, deceptive, and unfair practices in the marketplace.

While maintaining anonymity on the web can be challenging, it's important to protect your financial information and the financial information of your family.  In time, more protective measures will be established so that you can feel assured that your financial information will be protected from unknown third parties.  In the meantime, it's up to you to safeguard your financial information by being vigilant in your online practices.

What to Look for in a Cloud Provider

 Permanent link

Are you considering moving "to the cloud"? While there are a number of benefits to doing this - lower initial capital outlay, known monthly fees, increased accessibility, built in business continuity, etc. - there are still a number of serious considerations to keep in mind before you do. Thanks to its skyrocketing popularity, established technology companies and upstarts alike have rushed to create cloud offerings. The competition this produces is a boon for companies shopping for cloud offerings, but it also creates challenges when looking for a provider that can be trusted.

Whether you're searching for a cloud hosting solution or a cloud-based application, here are a few things to look for when seeking a cloud provider:

A Solid SLA

If you're going to place your applications and your data in the cloud, you will need to get a Service Level Agreement from your provider that guarantees certain levels of performance if you have any hope of sleeping at night. Not all SLAs are created equal though. Therefore, it's important to evaluate SLAs closely. What do they really provide for? What sort of outs, if any, has the provider given itself that could leave you hanging dry? One of the questions we always pose is - will you provide your SLA BEFORE we sign up? If not, you know something's fishy.

Pricing That Passes the Sniff Test

You hear it time and time again: the cloud helps companies reduce costs. But does it? When you run the numbers, many cloud offerings appear unreasonably expensive. There are certain economies of scale where the cloud works and where it doesn't. Unfortunately, far too many companies don't run the numbers. Don't make that mistake.

An Experienced Founding/Management Team

If your business is going to rely on the cloud, you need to be able to rely on the people running your cloud. For obvious reasons, taking a chance on a cloud provider who hasn't been around for a while or run by those who lack enterprise-level experience is a risky proposition.

An Industry Standard Solution

One of the biggest problems with the cloud is that many if not most cloud providers have built clouds that aren't interoperable with each other (can you say Amazon Web Services?). This is great for them, as it helps create customer lock-in, but it's bad for customers who might want or need to jump to a different cloud down the road. Make sure your cloud solution is based on underlying technologies provided by industry leaders such as Microsoft, Vmware, and Citrix.

Strong Security

This is such a broad topic. Whether the concern is: Data Segregation, Secure Access, Encryption, Authentication, Regulatory Compliance, Data Location, or a number of other things… security is important. The tough thing with the cloud is - you have to do your due dillegence at a fairly low level. It's easy for cloud providers to demo a pretty solution, but on the inside it could be a mess of security problems. Don't be afraid to ask for an audited report of the data center.

A Clear and Robust Backup Strategy

Not all cloud providers have a plan for backup or what they provide is only a minimal solution. I've seen many default to a 14 day retention. This may or may not be good enough for your business. Many providers charge extra to retain data longer than this. And just try to get a cloud provider to store monthly or yearly backup sets! And, you need to consider more than just your data. Remove the hardware layer for a second (again, one of the benefits of the cloud) - what happens if a server goes down? Or gets corrupted. How does the cloud provider handle this situation? What if your Active Directory gets corrupted? Are you supposed to be performing a backup or do they have a strategy? Don’t just assume they are doing it. Get their SLA’s and guarantees in writing, and make sure you fully understand the ramifications.

Don't Forget the Pieces NOT in the Cloud

Moving to the cloud doesn't mean failures won't occur - just that they'll be different ones (than what you're used to in the past). Everything may be fine in the cloud, but you still can't work. Your internet connection goes down. Or your firewall. Or you get a virus on your local workstation. Now that everything's in the cloud, you still need to consider your points of failure - you just have to address them with redundancy like never before. You might want to consider a backup internet connection. You might need automatic failover on your firewall. The point is, you need to be prepared and (as Apple says) think different.

Right now, the cloud is like what the wild west was 150 years ago. There are a ton of companies offering their own brand of cloud. So it's hard (if not impossible) to compare apples to apples. It's also immature to the extent that it's still a boutique sort of solution truly requiring an intimate knowledge and understanding of your specific business. Not everyone can go to the cloud and not everyone should. But, there are a ton of success stories when done right. And the only consistent component of every successful cloud migration is the involvement of a highly knowledgeable and experienced IT Service Provider (like FPA) to help guide the client successfully through the process.

Key Considerations for Developing a Mobile Device Policy

 Permanent link

You and your coworkers are probably already using personal smartphones and tablets to access business information and applications. It’s clear that mobility can boost productivity and improve collaboration. And whether your employees are Millennials or the over-40 set, people simply expect the convenience of using mobile devices for work. Despite the rush to mobile though, according to Trend Micro 46% of companies that permit BYOD (Bring Your Own Device) reported experiencing a data or security breach as a result of an employee-owned device accessing the corporate network. Clearly, organizations need to take steps toward protecting themselves from the risks of lost or stolen mobile devices.

Whatever your own personal position is regarding allowing your employees access to your company's information via their mobile devices, at a minimum, you need to acknowledge that it's happening and you better get on board. So, rather than fighting it or just turning a blind eye and hoping for the best, you need to have a policy in place. And the fastest and easiest way to address this is to simply incorporate it into your (already existing) Computer Use Policy document. And a subset within this needs to be your policy regarding BYOD.

While setting policies to govern the use of mobile devices is an essential part of any BYOD initiative, dictating usage can be a delicate balance. Some people might not welcome the idea that their company can determine what applications can be downloaded or that data and applications can be remotely deleted from their phones – especially their personal devices.

BYOD means new thinking for both companies and employees, including new approaches for security, new ways to manage applications, and a changing model for technical support.  All of these areas can be wrapped up into the umbrella known as "Mobile Device Management".

That said, here are some key considerations for developing a Mobile Device Policy for your business:

  1. Define your business goals. First, determine how many employees will be bringing their own device vs. the company providing them.  This will impact the initial capital outlays, the ongoing operating expenses, as well as the ongoing maintenance and support needs (and related costs). Determine whether your organization will pay for some or all of the cost of employees’ mobile devices or service plans. From there, you can develop your ROI model.
  2. What is your risk tolerance? Mobility shines a spotlight on new risks, as sensitive information is carried outside the four walls your office. Understand your company's requirements for data protection, especially in highly sensitive environments where there may be legal or compliance issues or special protection for senior executives’ communications. The applications and data on mobile devices, as well as usernames and passwords, can be valuable to cybercriminals. Risk varies by industry. For instance, healthcare providers and financial services firms (like Investment Advisors and CPA's) generally have tighter legal, compliance, and regulatory requirements. Your company's policies governing access to appropriate (or inappropriate) content should also be factored into your Computer Use Policy.
  3. Start with your existing policies. In many cases, you can use the current policies for remote access or mobility to develop a new policy that governs all of mobility (to include personal devices). Identify gaps in the existing policy that should be addressed by the new mobility policy.
  4. Develop your mobility use cases. Mobile workers come in all shapes and sizes, from road warriors to corridor warriors to visitors and contractors. They may need access to a variety of applications and information, some of which may be sensitive. Mobile devices may be fully trusted, such as company-owned laptops, tablets and smartphones, and these devices may be given broader access - while employee-owned or visitors’ smartphones, tablets and laptops may have more limited access. Set up specific policies that describe the access that’s appropriate to the different user roles.
  5. How will you segregate personal and organizational intellectual property? Successfully separating personal and company information on the mobile device enables you to manage your company’s information without affecting the individual’s personal information. This allows companies to remove business applications and data if an employee leaves without affecting their personal applications and data. Some applications and approaches keep the data off the mobile device entirely. Or you can use a container approach, such as through mobile device management (MDM) software, that keeps corporate information separate - and where it can be appropriately secured.
  6. Use mobile device management software. Lost and stolen phones are a fact of life. MDM software will give you the ability to remotely lock or wipe lost or stolen mobile devices. MDM solutions typically also allow for over-the-air distribution of applications, data and configurations, which simplifies managing a large number of mobile devices, whether company owned or employee owned.
  7. Clearly state the users’ responsibilities. It is a new reality of mobility that users have to accept more responsibility for protecting sensitive information and devices than they did in the days of desktop PCs. Education is key. Clearly outlining the risks and users’ responsibilities in protecting themselves and the organization against security breaches is essential. Have employees sign the new mobility policy agreeing to use strong passwords as well as accept the "wipe if lost or terminated" policy.  And above all - do NOT allow jailbreaking.

If you have any questions or are interested in learning more about our recommended approach to Mobile Device Management or how we manage our own fleet of mobile devices, please send us an email or give us a call.

About the Author
Craig Pollack
Craig Pollack Blog Profile Image Craig is the Founder & CEO of FPA Technology Services, Inc. Craig provides the strategy and direction for FPA, ensuring its clients, their business owners, and key decision makers leverage technology most effectively to achieve their business objectives. Craig focuses on ensuring that the technologies implemented by clients are "business centric" and key components of their businesses' success, and that this approach is shared by every staff member of FPA.
Twitter LinkedIn


RSS Feed

By Date

Recent Entries