Internet Data Protection

Ubisoft announced that they have had a data breach and recommending that their users change their passwords. Data breaches are not that uncommon. While cybercriminals tend to target large companies or companies they know have financial data, it doesn’t mean that everyone else shouldn’t take a second look at their internet security. There are a few things that are relatively easy to do and can save you from the random script kiddie wrecking your systems.

Make sure you have a firewall in place, with updated operating system and patches. I’m finding that more businesses these days have firewalls in place. However, I find that many of them haven’t been updated since they were configured 2 or 3 or 4 or… years ago. It is imperative that firewall OS be updated and patched to address new security vulnerabilities.

Make sure someone hasn’t opened up the firewall settings for some reason and then not closed it down. All too often I look at the firewall rules in a business and I see an “Any–Any” rule that someone used to either test something or because they couldn’t get the firewall rules configured correctly. Having a firewall with an active Any–Any rule nearly completely defeats the value of having the firewall in the first place.

Clean up old rules that are no longer needed. Many times I find rules for servers or services that clients once had long ago, but don’t have anymore. Leaving these open just adds to your “attack surface.” This refers to the open areas of your firewall that are potential entry points for non-authorized users (aka: criminals).

Finally, check to make sure you haven’t setup servers or systems that bypass your well designed and maintained firewall. I also see times where someone has connected a server directly to the internet because they didn’t have time to be bothered with getting the security worked out, or something went wrong and they moved it as a ‘temporary’ situation that never got remediated.

These are just a few easy things to check when it comes to your internet security. There are many more items that are very important, which is why you should check those entry points often. Be careful, it’s a dangerous world out there.

Consider 4G Wireless as part of Disaster Continuity Planning

Very interesting article at Tech Republic about 4G wireless and traditional hard wire networking.

For companies really serious about staying connected during and after a large scale disaster or outage, using a 4G wireless network as a backup to failover to may be a very valuable business decision.

Read the article at

The great adventure begins

I am beginning the great adventure of becoming an independent technology consultant. This is both an exciting and terrifying time. The not fun parts of setting up my new business kept me busy this past week.

Since I am the only  one in the company, I decided to start off as a Sole Proprietor. I had several people ask me about incorporating. First off, it takes several weeks to get a corporation setup and recognized. I need to start getting work right away. It is also a significant amount of paperwork involved on an ongoing basis. The limited protection afforded to me would be easily pierced should something legal wise happen.

I purchased General Liability insurance and Workman’s Compensation insurance through a company called Techinsurance. It was a bit expensive (about $1,100 annually) but I think it will provide me better protection than the thin corporate veil with just me behind it. I would recommend this service. They were very helpful.

I had to register with the County Clerk to do business under an assumed name. This was a nominal fee of $13. This is needed in order to open a bank account for the business, which was my next step.  I opened my account through PNC Bank. I have done my personal banking with them for years and have been very happy with their service. The person I worked with at the branch was very helpful. They have some really good deals on business banking, including Merchant Services with credit card rates that are actually better than Intuit.

I spent the weekend working on a standard Managed Services Agreement contract as well as a standard Statement of Work template. The MSA is VERY important and cannot be stressed enough. It is the real protection on your day to day work for the business. It is all very dry legal speak, but take the time to research it and work it out. If you can’t make heads or tails of it, this is a good time to invest some money or barter some services to get some help from a lawyer. Indemnification clause is highly important.

I still need to get my business licenses for the county and city in which I reside, as well as file paperwork for a home based business. This is required where I live and has certain restrictions.

I will keep you updated on how the process goes as well as post about regular IT stuff.

Go forth and do good works!