Blog

July 14th, 2014

480365773By: Dan Bremner

Email security is on my mind today for a couple of reasons.

With my oldest daughter off to Marquette University in the fall, the “college fund” my wife and I have been saving into for years is no longer a deposit-only thing – we need to start tapping into it to pay tuition bills. So I’ve had to exchange some documents (via secure email) with my financial advisor to get accounts linked so we can transfer funds and make those tuition payments.

At the same time, as some of you know, we’re in the process of rolling out a new email security platform to our Managed IT customers. While “email security” in this sense refers to spam and malware filtering, the “secure email” I want to talk about is email encryption, a newly available option with this platform. It lets us exchange information via email while keeping prying eyes from intercepting and reading the contents. Like those documents from my financial advisor that have my bank account information in them.

But I’ve Always Heard Email Is Insecure?

Isn’t email inherently insecure? Well, yes, it is. Standards for email delivery don’t require encryption, which means that as your message passes from one mail server to another on the way to your intended recipient, there’s a good chance it’s being passed around and stored in plain text. It also may end up in many different places, not all of them secure, such as a smartphone, iPad, or home PC.

Bottom line: Email is insecure today, just as it always has been. This is why we avoid sending important login credentials, or anything else important like credit card numbers through email.

So How Do We Make Email Secure?

Over the years, many “email encryption” solutions have been introduced, incorporating technologies like S/MIME and PGP. Ease of use has been the biggest barrier to mass adoption. Not only were they cumbersome to use, but because you couldn’t assume a recipient was even able to receive an encrypted message, these solutions never really took off in widespread use.

More recent solutions have emerged to simplify the process, and to comply with data security legislation, such as HIPAA, PCI-DSS, Sarbanes-Oxley, and the EU Data Protection Directive. To do so, they have approached the problem from a different angle. Essentially, since email is insecure, they take the sensitive data out of the email message. More on that in a moment.

It’s worth noting that these newer solutions have different goals than previous “end-to-end” email encryption solutions. Whereas those solutions aimed to ensure only the individual sender and receiver could read the message, these solutions are more concerned with making sure the message remains under the control of your company (or designated service provider acting on behalf of the company), with access granted only to authorized viewers, because that’s the key to being compliant. If you think about how such information is handled in the non-computer world, this makes sense. Your medical information is not just given to your doctor, but also the nurses and other medical personnel who need access to it, just as multiple people at your bank have access to your bank account number and can look up your balance.

Email as a Notification Tool

These newer encryption solutions take advantage of several realities.
1. Email is great for notifying people when they have a message.
2. Everyone already knows how to use email.
3. Interacting with secure web pages, whether for e-commerce or online banking, is both simple and familiar for most users.

With our newly available encryption platform, when you have a secure message to send, the outbound mail server detects if the message needs to be encrypted based on rules set up by your company. You could have a trigger like [secure] in the subject line that automatically creates a secure message, or it could scan the email content for something that looks like a SSN, or credit card number, and auto-create a secure message.

Rather than sending the message along, the message content is removed and stored it in a secure web-based messaging system. An email is sent to the recipient saying, “You have a secure message,” with a link to the secure web-based system. The recipient clicks on the link and creates an account (no cost). After logging in, they can read the message and any attachments. Subsequent messages to the same recipient will use that same account.

For many organizations that need to communicate sensitive data while remaining compliant with data privacy laws, a secure email solution could be just what the doctor ordered. Or banker, or lawyer…

Topic Articles
May 27th, 2014

178495138By: Dan Bremner

Software vendors are increasingly using a combination of carrot and stick to induce customers to sign up for their subscription-based software licensing. The “carrots” tend to be extra features or permitted uses, while the stick may be higher prices for traditional perpetual licenses, or discontinuing the perpetual license (almost) entirely, as Adobe has recently announced.

While some vendors consider subscriptions part of their “cloud” offering (e.g. Microsoft Office 365 ProPlus, Adobe Creative Cloud), in most cases the software itself is still installed locally. Notwithstanding the cloud features that may come along with it, the question still comes up, “Should I buy or subscribe to software?”

Since the answer to this question is inevitably, “it depends,” it may be helpful to list some pros and cons of software subscriptions in general, and some things to be aware of in specific cases, namely Adobe Creative Cloud and Microsoft Office 365 ProPlus.

First the positives:

  • With a pay-as-you-go subscription, you don’t have a large up-front purchase, and can make your software an operating expense rather than a capital expense.
  • You always have access to the latest version.
  • Software companies like the predictable, consistent revenue stream.
  • In theory, the developers can focus on incremental upgrades that users have requested rather than having marketing drive new features based on shiny new bells and whistles they think will drive upgrade purchases.
  • Customers have access to vendor support without separate maintenance fees.
  • For customers who would normally upgrade to new versions regularly and/or purchase software assurance, the costs of subscribing will often be lower, and come with additional benefits.

Now some drawbacks:

  • If you upgrade infrequently, or skip a few versions between upgrades, you may pay more by subscribing.
  • If you prefer to stay on older versions of software, a subscription may not give you that option.
  • If the vendor discontinues a product, or stops offering the service, you may lose the right to use it, which would not be the case if you bought a license.
  • If they raise subscription prices, you have to pay a higher price for the subscription, or find an alternative product. If there is a strong competitive marketplace for similar products, it should help keep pricing in line. If the vendor feels they have a virtual monopoly (or high cost of switching products) it may make this a more likely scenario.

It looks like this model is being adopted by more and more software vendors. Adobe has been among the most aggressive, announcing that they will no longer sell new versions of their Creative Suite products (which include such stalwarts as Photoshop, Illustrator, Premiere, etc.), as perpetual licenses. The CS6 versions will be the last available for purchase. Further, they have recently announced that they will stop selling the CS6 bundles; only CS6 individual products will be available for sale. All new features and future upgrades will only be available to subscribers to Creative Cloud.

Both Adobe and Microsoft include additional features such as simplified cloud download and installation, cloud storage, and the ability to install the products on multiple computers for the same user. With Microsoft, the license extends to 5 devices for each user, including a home PC or Mac, even if your company is paying for the subscription. Both companies also offer the entire suite of products to subscribers, which is great if you need or can use those products, but not all that relevant if you don’t.

Whether you prefer to buy or rent/subscribe, there are options out there for you, but more and more customers are finding the pay-as-you-go model to be a compelling and attractive option. As always, we consider our role as a technical and business advisor to be one of our most important contributions to our customers’ operations, and that includes helping to analyze how best to procure the software licenses you need. We include that advice and analysis at no extra cost to our Managed IT customers.

Please contact us if you have questions about software subscriptions, or anything else technology related. And if you’re not currently a Managed IT customer, feel free to contact us about that, too!

Topic Articles
April 17th, 2014

By: Dan Bremner

You’ve likely seen media coverage of the recent “Heartbleed” security issue. We have received a lot of questions about it, so I figured a brief FAQ might be helpful.

Q. This looks too long and I don’t have time to read it. Should I change all my passwords?

A. Yes, that is a good idea. This is especially important for websites that have credit card or banking information, or places where you’ve re-used the same password on multiple sites. Your Windows/Domain password is less likely to have been compromised, but it still wouldn’t hurt to change it, especially if it’s the same as a password you’ve used elsewhere.

Q. What is this “Heartbleed” flaw?

A. Most websites that deal with sensitive information (i.e. e-commerce, online banking, etc.) protect that information from unauthorized access using SSL (secure socket layer) encryption between your browser and the web server. OpenSSL is one widely-used implementation of SSL that is used by many websites. Specific versions of OpenSSL were discovered to have a flaw that could permit an attacker to see some of the encrypted data in an unencrypted form.

Q. Who or what is vulnerable?

A. Not all websites that use SSL are using OpenSSL. OpenSSL is just one programming library that exists to implement the SSL protocol. However, OpenSSL is widely used, with some estimates putting it at over 60% of all SSL-enabled websites. Notably, Microsoft’s IIS servers do not use OpenSSL, so Outlook Web Access, Remote Desktop Gateway, and Office 365 connections were not at risk. Not only websites, but also any apps that communicated via SSL to a vulnerable server could have been compromised.

Q. What’s the problem with using the same password on multiple sites?

A. If one site is vulnerable to this security hole, and your email address and password are obtained by an attacker, they can go try that email/password combination on other sites. Password-guessing programs are pretty sophisticated now, so chances are good that they’ll try variations on that combination also.

Q. Why am I reading advice to change ALL my passwords?

A. This flaw existed for 2 years or so before it was detected and fixed. It’s possible that attackers could have discovered and exploited it at any time during those 2 years. It’s hard to tell if a site had the vulnerability at any time during the last 2 years – all we can look at is whether it’s vulnerable now. Changing passwords periodically is good security practice anyway, and better safe than sorry is the thinking behind that advice.

Q. I have dozens or hundreds of passwords on various websites and online apps. How can I possibly keep them straight if I’m not supposed to re-use the same password, or variations of it?

A. That’s a good question, and it highlights the inherent weakness of password-based security. One solution is to use a password manager, such as LastPass, KeePass, or 1Password, and let those programs suggest and maintain complex, random passwords for your online accounts.

Q. Where can I go for more information?

A. Mashable has a list of affected sites and recommendations for which passwords to change.

LifeHacker has a lot of good information, including this guide to what constitutes a “secure” password, and this one about why its best to have a password you can’t remember.

Here is a Heartbleed test that will report back if a site is vulnerable. It is best to wait to change your password until the site has patched OpenSSL, and ideally, has re-keyed its SSL certificate.

Finally, if you want all the geeky details, see http://heartbleed.com for more information.

We have audited sites for our Managed IT clients and notified any we found that had vulnerable code. If you have specific questions about your situation, please feel free to give us a call.

Topic Articles
March 2nd, 2014

Businessman Hand Working With New Modern Computer And Business SBy: Dan Bremner

Virtualization? Isn’t that only for data centers? Not by a long shot…read on.

While virtualization has clear benefits for companies with large server farms and data centers, this is far from the only application of virtualization. Small businesses have a lot to gain from this trend, and the inclusion of Hyper-V and its features as a “built-in” technology in Windows Server makes a compelling case that smaller companies should not ignore the “virtual” revolution in computing. In addition to Microsoft’s Hyper-V, other virtualization products include the market leader, vSphere from VMware, as well as Citrix XenServer, and Oracle’s VirtualBox.

What is Virtualization?

Simply put, virtualization refers to the ability to run multiple instances of operating systems on a single physical computer, with each of those operating systems running as if they were on their own hardware. The hypervisor (running on the “host”) abstracts the hardware and creates a virtual machine (VM), in effect making each VM “think” it is interacting with real memory, CPU, disk storage, and network interfaces, while the hypervisor is actually managing the process of sharing those physical resources among several VMs (“guests”).

Once this concept is grasped, we can think of a server, conceptually, as a self-contained file that can be moved around from one computer to another, and can run on that new computer with no change in function, no new drivers required, etc.

What Can I Do with Virtual Machines?

Why should small businesses care about virtual technology? Here is a short list of ways that we have used virtualization among Castema’s clients in recent deployments.

  1. Consolidate hardware. A customer with two aging servers purchased a new (hardware) server, and we migrated the two physical servers into two virtual machines both running on the new single machine. The new, powerful hardware is more than enough to handle the workload of the two previous servers, and was more economical than purchasing two separate machines.
  2. Get a performance boost. Sometimes an otherwise perfectly functioning server gets to a point where it is exhausting the resources of the hardware, perhaps due to company growth, or new functions being placed upon it. In several cases like this, we have had our client purchase new hardware, while we virtualized the existing server (a process called “physical to virtual” or “P2V” conversion), and moved it to the more powerful hardware as a VM. This is a relatively quick and painless cutover, and allows the new VM to take advantage of the faster CPU, more memory, storage, etc.
  3. Improve Disaster Recovery options. The Hyper-V software included with Windows Server 2012 includes a new feature, VM Replication. Recently, for a customer that wanted to minimize downtime, we set up a physical server with 2 VMs, and configured those VMs to replicate to a second physical server. If the first machine experiences a hardware failure, the replica can be brought online in a matter of minutes and pick up where the original left off. The replica is kept current in near-real time, so if any work is lost at all, it should be only a matter of a few minutes, and will be a much faster and more up-to-date recovery than restoring from last night’s backup. An even more robust DR is possible by replicating those VMs to a server in another location, protecting against an event that might knock out the entire primary location, e.g. fire, flood, power outage, theft, etc.
  4. Run software intended for another platform. If you use Apple Macs, you may have heard of Parallels software, or its competitor, Fusion by VMWare. Both products create a VM running on the Mac hardware and capable of running Windows. We have installed this to enable people who need to run Windows-only programs to use those programs on their Mac.
  5. Run Legacy software. Sometimes an older program needs to be used for business reasons, and there may not be an option to upgrade. If that older program doesn’t run on newer versions of Windows, VMs can be a way around it, as a transitional phase toward a more permanent solution. Much like running Windows on the Mac, you can use a VM to run older versions of Windows within newer versions. (Or run Linux on your Windows desktop, or any number of variations.) In fact, Windows 7 Professional had a feature called “XP Mode” that hid a lot of the details, but behind the scenes was actually running Windows XP in a VM to support older programs.

Virtually every new server deployment (pun intended, sort of) we have done for customers in the past year or more has involved virtualization. If you’re thinking about a new server, chances are good that we’ll bring up virtualization when we discuss the project with you. If you’re not currently a Castema Managed IT client, but you’d like to know more about how we can help improve your technology infrastructure through virtualization and other means, by all means, give me a shout, or send an email to sales@castema.com.

Topic Articles
January 13th, 2014

Windows XP was released October 25, 2001. That’s over 12 years ago, several lifetimes in PC operating system time.

dbxpp1

To put it in perspective, here are a few other events that took place in 2001:

• Apple introduced a new music player product called an iPod.

dbxpp2

• The first Harry Potter film was released.

 dbxpp3

• Michael Jordan came out of retirement to play for the Washington Wizards.

dbxpp5

Since that time, Microsoft has released Windows Vista, Windows 7, Windows 8, and now Windows 8.1. Still, according to recent reports, as much as 30% of online browsing is still being done from Windows XP computers.

dbxpp4

If this includes you…well, let me gently suggest, in no uncertain terms, that it is, most emphatically, time to move on.

As you may know, Microsoft has announced the “End of Life” (EOL) for Windows XP on April 8, less than 3 months from now as I’m writing this. They will no longer issue any updates, fixes, or security patches for XP after that date.

This is a big deal.

If you continue to use Windows XP after April 8, you are inviting malware into your network. Hackers are eagerly waiting for that day to unleash the worst of their exploits. Why? Because if they release them now, there’s a chance Microsoft will fix XP to block the vulnerability they’ve found. If they wait 3 months, the exploit will work forever, at least against XP machines that are still being used. You think the CryptoLocker Virus is bad? (And it is! See my previous blog posts about this.) Just wait until a whole barrage of malware is unleashed on unsuspecting XP users in 3 months.

Between July 2012 and July 2013, Microsoft issued 45 security bulletins (patches) affecting Windows XP. Of those, 30 also affected Windows 7 and Windows 8. If you ponder that for a moment, you’ll realize that not only will there be malware using already-discovered vulnerabilities, but hackers will have another avenue. As security fixes are released for Windows 7 and 8/8.1, those will be analyzed and reverse-engineered to find out what was patched. They will then test the same type of attack against XP to see if it shares the same vulnerability. If so, another exploit is born.

In many cases it will be hard to know if the foundation of the OS has been compromised, and if XP is inside your network, it may well be used as a launchpad for other attacks against your internal network — the ultimate Trojan horse.

Microsoft themselves estimate that if you continue to use XP after the EOL date, you will be 67% more likely to be infected than you are now. That’s not just a scare tactic to get you to upgrade, trust me.

If you were ever thinking of moving to a newer system, now is definitely the time to do it. You had a great run, Windows XP, but much like that first iPod and MJ’s basketball career, it’s time to let it go. Even the kids from Harry Potter have grown up and moved on to new projects.

Topic Articles
December 25th, 2013

bigstock-Happy-Holidays-Type-6316938
 

The holiday season is upon us, and we will all be busy spending time with friends and family, celebrating the year. We know we will be! From all of us at Castema, we would like to wish you a Happy Holidays and all the best in the New Year.

Topic Articles
November 20th, 2013

ThumbnailHard drives and data loss are on my mind after a couple of online articles in the last few weeks caught my eye. You don’t read geek news, so you missed these? Don’t worry, we’ve got you covered. The stories themselves are interesting, but read on for what it means to businesses.

The newest advance in massive storage technology was announced earlier this month, and it uses Helium to enable a breakthrough in packing more spinning platters into the drive. Yes, the same stuff you use to fill party balloons and make your voice squeaky, is now a big part of pushing the boundaries of hard disk drive storage to 6 TB. Six TB on one hard drive! Very cool stuff, and if you want all the details, they’re here: http://allthingsd.com/20131104/western-digital-adds-something-new-to-hard-drives-helium/.

An unrelated article discussed the findings of an online backup company that has been keeping records of how long its hard drives are lasting before failure. The article raises the question of how long your hard drive may last. I’ll shortcut the statistics in the article and give you the quick answer: It will last until about an hour before you need it for an important presentation or client project. Oh, numerically? It appears that around 90% of drives last 3 years, about 78% last 4 years, and the prediction is that 50% will die within 6 years. Your mileage may vary, considerably, but it highlights an important fact: Hard drives are mechanical components, and they WILL wear out. Source: http://www.extremetech.com/computing/170748-how-long-do-hard-drives-actually-live-for

How It Applies to My Business

Taken together, both articles remind us that we are storing more and more “stuff” digitally, and we better have a plan for when the hard drive fails. Not “if” it fails; it will fail, so plan for it.

In our business, two rules of thumb guide our planning: Redundancy and Backups.

Redundancy in the form of RAID configurations (RAID = Redundant Array of Independent Disks) on your server means that any one drive failing won’t bring the server down or cause any loss of data. For all of our managed customers, as soon as a server drive fails, we’re notified of it. We replace the drive, the RAID array rebuilds, and you are once again protected.

RAID is great, but what if multiple hard drives fail, or the server is lost to some other malfunction, or theft, flood, or other calamity? A regular, nightly or even more frequent, backup is key to recovering quickly. A combination of onsite and online (cloud) backups is a good insurance policy, providing fast local recovery from the onsite backup, and the security of remote storage of data in the case of a disaster at your site wiping out both server and backups.

Note that for many businesses, the hard drive on your PC or notebook is considered expendable. When (not if) it dies, it will be swapped out, your programs will be reinstalled, and you’ll be on your way. Any important information better be stored on the server (or cloud storage–something redundant and backed up), not on your local hard drive.

Don’t Forget Your Personal Data

For most of us, life in 2013 involves a lot of personally important information being entrusted to hard drives. And the hard drives will die. Without a backup strategy, that roll of photos from the family vacation, the video of your kids’ recitals, and the family financial records, may all die with it. Ideally, something we don’t have to remember is best. Automated backups take the error-prone, forgetful, human element out of the equation. Backup to an external hard drive is good, so is cloud backup. And just like with business, doing both may be better.

Revisiting the CryptoLocker Virus

Hard drive failure isn’t the only way to lose data. If you missed last month’s article about this virus, you can check it out here. http://www.castema.com/2013/10/cryptolocker-ransomware-is-malware-thats-playing-for-keeps/ It continues to spread, and if you get infected, getting rid of the virus does not bring back your data. It’s gone. Unfortunately, if your backup is on a drive that’s attached to your computer, there’s a good chance the virus may destroy the backup data too. This makes cloud backup an attractive option. It also makes it more important than ever to never, ever open email attachments or click on links if there’s even the slightest question in your mind as to what it is, or if it’s legitimate. Be suspicious of everything in your inbox.

If your business doesn’t have a Managed Backup Strategy today, or if you aren’t sure, or if you’re pretty sure you could and should be doing something better, give us a call. Remember, plan on failure. If you do that, hard drive failure won’t cause business failure, it will just be part of the plan.

Topic Articles
October 1st, 2013

178495138By: Dan Bremner

If you’re the type of person that usually skims or skips over our newsletters and blog posts, pay attention to this one. I know, I know…malware…encryption…blah blah blah…security…threat…eyes glaze over…I’m with you. But listen up!

The best way to explain this might be an analogy. If your computer was a house, various types of malware attack your house in different ways. Some will throw eggs or paint graffiti on it. Adware will do the equivalent of posting billboards along all the walls in your house. One might cut your main power line. Another will steal your wallet from your dresser. Botnets will steal resources – like plugging a long extension into your outside power outlet and use your electricity leaving you with the bill. They’ll also leave a back door unlocked to come in and make other mischief later.

Last week, we ran across some of the most malicious malware infections we’ve yet seen, called Cryptolocker. This “ransomware” takes it to another level. To extend the analogy, it steals all the stuff in your house, from your financial records, to your CD collection, your photo albums, jewelry, letters, resumes, etc. and locks them in an unbreakable safe. Then it demands money from you and promises to give you the combination to the safe once you’ve handed over your money. The first version demanded $100, while the latest version has upped the demand to $300. For more info on the threat, check this pages.

[If you go to the Reddit post, be forewarned that some of the comments below the main post have a few choice words that some may consider NSFW.]

As of this writing, the anti-virus makers are having a hard time keeping up with this particular pest.

Most malware, while it ranges from annoying to dangerous, doesn’t do permanent damage to your files once the infection has been removed. Even if you have to wipe your hard drive and reinstall, at least you can take out the drive and copy the data on it to another system before you wipe it. That’s not the case here, as the malware finds your personal files on your system, and wraps them in strong encryption, then demands money from you to decrypt them. Even a backup to a USB drive connected to the computer might not be safe, because the malware could see the attached USB drive and do the same damage to your backups. Same with attached network drives. Yes, that means one infected user could encrypt every file on your server (at least the ones the user has write access to).

So far, the primary method of infection seems to be the so-called “social engineering” model. Namely, send someone an email and get them to open the attachment. Something about disputed charges has been reported as the subject of at least one of the emails. It still amazes me how many people are willing to open questionable email attachments. PLEASE, don’t open email attachments that you’re not 100% sure are legitimate. If there’s a 1% doubt, don’t open it. Back to our analogy, in this case the thief comes to the front door, asking to enter, and by double-clicking that attachment, you’re inviting him in to help himself to your stuff. That isn’t the only method, as some PCs that were already infected with a botnet are having this delivered to them through their previous infection.

As always, if you aren’t sure about a particular message, call us. Or call the person that sent it to you and verify it. No one has reported getting a virus through a phone call yet.

Topic Articles
September 25th, 2013

Source : www.geek.com

crypto-locker-590x330
 

Earlier this year, a nasty new type of ransomware burst onto the scene. Unlike others, however, this new one’s bite was every bit as bad as its bark. The Cryptolocker hijacker sniffs out your personal files and wraps them in strong encryption before it demands money.

You may remember reading about it here on Geek.com back in January. Eight months on, it looks as though Cryptolocker isn’t showing any signs of letting up. In fact, there’s even a new variant making the rounds.

The original demanded payments of $100 to decrypt files. The new and improved version? $300. Clearly those in control of Cryptolocker realized that they weren’t taking full advantage of its criminal potential.

Read more…

Topic Articles
August 28th, 2013

Image backingup-data-in-the-cloud-A.jpgIn last month’s article, I wrote about what the cloud is and why it matters to small and mid-sized businesses. Today I’ll dive a little deeper into that topic and mention a few cloud services and applications that businesses may find useful.

Cloud applications and services generally have two key features in common: “Available anywhere” and “No upfront cost”.  These features, especially the second, make them particularly attractive to smaller businesses.

“Available anywhere” is often thought of in terms of supporting a mobile workforce, such as salespeople on the road, and employees working from home or from remote offices. This is true, but there’s more to it than that. The fact that cloud computing resources can be made available to anyone in the world opens up options for collaboration and outsourcing of tasks that give small businesses a reach beyond just the resources of the people they employ.  Many cloud offerings have mobile apps for iPhone, iPad, Android and Windows phone, or can be accessed on mobile web browsers, extending that “anywhere” access far beyond laptops with wifi.

The typical “pay as you go” subscription model of cloud services eliminates the barrier to entry that used to restrict enterprise applications to larger companies. Those were the only ones that could afford to buy new server hardware, database software, and expensive application software licenses to roll out a new application.  When you’re only paying for what you use, it’s easy to start and scale up quickly, and scale back down as requirements change. While there are literally thousands of cloud applications and services out there, here are just a few that I’ve had experience with, that you might find valuable for your business.

Your company phone system in the cloud: RingCentral

ringcentralA full-featured business phone system no longer requires an expensive on-premise PBX (private branch exchange) device. In-the-cloud Voice over IP (VoIP) PBX systems like RingCentral give you all those “big-system” features like auto-attendant, voicemails as email attachments, call routing and queuing to teams and departments, and “follow-me” forwarding to mobile or land-line phones.  Cloud systems can also offer features that on-premise systems typically don’t have, such as the ability to treat your mobile phone as an extension on your phone system, fax to email and email to fax gateways, and conference-call hosting.  If you have SIP-compatible VoIP phones, you can use them, or you can buy them through RingCentral (one of the few cloud services that have up-front expenses associated). There are other such services, including Comcast Business Voice Edge, whose price includes VoIP phone rental.

 

File server in the cloud: Dropbox for Business

1377768869_dropbox_squareYou may well be familiar with Dropbox already, as over 100 million people use their cloud-storage service. The free version is best known, and supports file syncing between PCs, Macs, smartphones, and tablets, and access to your files through the web interface.  Dropbox support is built into many mobile applications as a de facto file system.  What you may not be as familiar with is Dropbox for Business, recently rebranded and with a Single Sign On (SSO) feature added, so corporate users can use their corporate network credentials for access.  With centralized administration of company accounts, Dropbox is positioning itself as a cloud alternative (or supplement) to file servers, with unlimited storage and “forever” backup and version control of every file you store there.

 

Forget FedEx and Faxing – get signatures with DocuSign

docusignGetting the right signatures on the right documents is a crucial part of many business transaction, and DocuSign uses the cloud to manage the process and guide signers through the process of adding their digital John Hancock to a document. DocuSign warrants electronic signatures to comply with the ESIGN act, and has a court-accepted audit trail on each interaction.  Especially for businesses who need signatures from people in faraway locations, using the cloud to speed along the process can be a huge benefit.

 

Let’s meet in the cloud: GoToMeeting

gotomeeting

When you want to present your product or service to groups of people or even just one person, in another part of the country or across the globe, meeting in the cloud is a cost-effective way to do it. For presenting to larger groups, its big brother, GoToWebinar is available, too. While Skype and similar programs are great for smaller-scale interactions, these products help with not just the meeting itself, but with the invitation, registration, and reminder processes that take place before the meeting or webinar starts, and the help to make sure people attend by offering to add it to their calendar and sending email reminders just before the event.

Remember Everything: EverNote, OneNote

1377768920_Android-EvernoteThese and other “note” applications are for more than just taking notes. They aim to be a repository for notes, pictures, web clippings, and just about anything else you may want to refer to later.  Both are similar in that they sync your notes to the cloud and make them available from your other devices. Both allow you to share notes with others as well. Both have Windows and mobile (IOS, Android, Windows phone) apps, but OneNote isn’t available on Mac so your choice may depend on your multi-platform needs.

 

 

The “Big” guys: IaaS, PaaS

I’ll close with a quick note on Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) offerings and how they can be game changers for some small businesses. Amazon’s AWS is the dominant player here, with Microsoft’s Azure, Google’s Compute Engine, and IBM’s SoftLayer and SmartCloud all vying for market share. If your business is data-intensive, or heavy on research and requires massive computation for short periods of time, cloud can open up worlds never before possible.  Instead of needing to buy, house, and provision 50 servers for a project, you can fire up a thousand or more servers in the cloud, just for the period of time they’re needed. For researchers in scientific fields, in the academic world, or companies doing market analysis based on shopping data for millions of transactions, massive computational power that couldn’t have been dreamed of in the past is now available. In the cloud, it costs the same to run one computer for a thousand hours as it does to run a thousand computers for an hour. For a small business that needs to do large-scale analysis, that may be the biggest game changer of all.

Topic Articles