Member Since: 8th Aug 2003
Stewart Twynham is an experienced information security expert and AccountingWEB contributor. He recently founded the independent cyber-security consultancy Brandfire (https://brnd.fr/) to help businesses in Scotland tackle these issues.
5th Nov 2004
Automated backup does not absolve you of all responsibility for ensuring that you can recover your system, and indeed that all your files have been backed up!
With that caveat in mind, what few in the IT industry will admit to is that almost *every* on-line backup solution you can buy today is *exactly the same product from the same supplier* being re-sold under a different brand.
For example, Star Internet's Star Restore is essentially a Netstore product as is BT's Datasure. Netstore itself is powered by Connected Corporation, which also powers products such as Clunk Click and a host of other brands.
In short - the ONLY real difference between 99% of these products is the PRICE you pay and hence the quality of SUPPORT.
Technically the solution is excellent, so support needs are generally small, but if you do need support - it will be down to the quality of the reseller, which may come down to price. The higher priced offerings tend to include better levels of customer care, and don't require you to call a premium rate support number!
Monthly cost - as a rough guide £15 a month for 4GB for a desktop PC. Note that this is desktop / laptop software and is NOT DESIGNED for server use.
Servers are very different as they require "agents" to ensure open files are backed up correctly, tackle things such as Active Directory (where all critical user information is kept) plus need to cope with larger files. Expect to start at around £150 per month for a server solution.
Many seem to be tempted to use the low-cost solutions designed for laptops / desktops on their servers - mainly due to price being under a tenth of the cost. I guess they'll only learn the true cost of that mistake the day they come to test their backup out in anger... and find most of their data is missing or unusable. Better start ordering those P45s just in case!!
You have been warned!!
2nd Nov 2004
An article I wrote last year might be of some help, and contains many of the sensible comments made here... In short, Business Continuity Planning is the order of the day.
One comment which isn't correct... I would NOT advise moving from mirroring (RAID 1) to RAID 5 in your scenario. Compared to mirroring in a like for like setting, RAID 5 is *slower*, will *increase* the failure rate of the system, and *reduce* the fault tolerance of the system, as well as making your server trickier to repair. There are benefits of RAID 5, but these aren't they.
Ultimately mirroring / RAID 5 / etc are related to fault tolerance, and should not be confused with data backup par se, just as two spare tyres and a can of oil don't obviate the need to join the AA...
I hope this helps!
13th Oct 2004
Just to answer a few queries...
1) No-one seems to have mentioned that Small Business Server 2003 provides you with a built-in fully customisable intranet running on Sharepoint which includes to-do, calendar, file sharing and a host of other capabilities.
I wouldn't buy SBS 2003 *JUST* for this, however, if you were thinking of buying a server soon, then be aware this might solve your problem.
2) It's very easy to see emails of other people in Outlook / Exchange - you just have to tell outlook who should be able to see what (email me if you want to know how)
3) Outlook / Exchange in general. Having used Exchange heavily from version 4.0 in around 1996, it was certainly a welcome relief from Lotus Notes. From version 5.5 onwards (around 1998), an already stable product improved still further, and is in fact probably one of the most reliable products Microsoft have produced over the years (for a bloomin change!!).
The downside is, as explained, you really need to know what you're doing. If your IT supplier is at home with databases and really understands the comprehensive tools that administer Exchange, then you're probably in safe hands. If your supplier is simply a whizz at fixing broken PCs, then choose another product (or, indeed, supplier!).
1st Oct 2004
Content Management Solution
One company I have had some great success with is webreality (www.webreality.co.uk) based in Jersey.
Unlike most content management systems, theirs produces W3C compliant code i.e. the language used to draw the web pages obeys all the rules of the Internet.
Most other solutions we've dealt with don't bother, but as any *good* web designer will tell you, correctly produced code is *essential* if you want your website to do well in the search engines, plus be viewable on a range of different web browsers.
Their package includes design / hosting as well.
Hope this helps,
30th Sep 2004
Do you have a budget in mind?
One thing we've not established is whether or not you actually have a budget in mind for this? Either way, you may find the following useful.
Most of the figures quoted here do not represent a "true" first year cost. The cost of the software alone probably represents only 30% of the total cost in the first year and that EXCLUDES any hardware upgrades (servers, desktop, licences, etc) which may be necessary.
As a *very* rough rule of thumb, you should expect to spend the following:
30% on the actual software PLUS
15% on installation and migration of data from previous systems
15% on customisation (e.g. customised forms / reports) / integration with other packages
15% on user training *very important*
15% for support (usually an annual charge)
...plus an additional 10% for "extras" such as additional customisation, extra user licences for new starters, etc.
Let's assume your budget was £5,000. Choosing a "cheap" £1,500 system then getting it properly installed / customised / trained / supported will do far more for your business than opting for an "expensive" £5,000 system where 90% of the clever features don't work properly and no-one knows how to use it!
25th Sep 2004
The best route?
Speaking as someone who regularly ends up putting things right when the wrong choice has been made by the client - I may be qualified to add my tuppence ha'penny...
1) Avoid the bespoke (or nearly bespoke) route. You clearly do not have the IT skills in house or they would have built you something by now, and IT people have a habit of moving on, leaving you in the lurch. The cost of building / maintaining such a system with a fraction of the features of a real product is huge.
2) Excel?!! I deal with lots of companies that thought Excel "seemed like a good idea at the time" several years ago, but they've since grown and if you calculate the total time and money spent on building / managing / policing / repairing and recovering data, and add the lost opportunities plus the cost of mistakes... TCO (total cost of ownership) is ALWAYS much higher than people ever expected. Short term fixes are never short term, the right tool for the right job. After all, you wouldn't recommend Excel for people's accounts you reccommend Sage...
3) Act (as mentioned) is not unlike Sage Instant Accounts - a cheap all-rounder. If you're looking for (I doubt) something more suited to a sales environment, you'd probably want to look at Goldmine.
4) Try out the demos round the office, choose an off-the-shelf product, and enjoy!
17th Mar 2004
Re: Security attacks
It's difficult to tell from your description exactly how your network is connected, but when you say the "first nine digits of the source IP address are identical" - this might suggest that the source of the problem is your internal network, not your internet connection. The particular problem can be corrected by making sure all of your machines are updated:
On the subject of low-cost firewall routers, mentioned earlier - do bear in mind that most of the cheap routers available from the likes of PC World for around £50 are pretty hopeless - we know, we've tested quite a few of them. The protection they offer is negligable because they use outdated and/or misunderstood technology (NAT) to act as the "firewall".
Products (such as but not limited to) the [email protected] and [email protected] ranges from Checkpoint (the world's leading firewall manufacturer) start at around £165, and words cannot describe how much better these devices are! Imagine comparing a 1992 copy of Microsoft Money (if there is such a thing) with Sage Line 100 and you'll get the idea!
You get what you pay for!
Bawden Quinn Associates Limited
23rd Sep 2003
Re: auto acknowledgement sent back to email sender?
If your email package is able to display any "active" content, such as an image in an html based email, the sender can be alerted that your email address is live. This is known as a web beacon, and is all the spammer needs, e.g.:
http://[graphic location].gif?[email protected]
...will alert the spammer that [email protected] is a live address. Alternatively, a unique reference is used to identify the user:
Opening up in the preview pane in Outlook / Outlook Express is all it takes...
28th Aug 2003
Virus writers are no longer schoolkids in darkened rooms, and the sophistication of Sobig.F should come as no surprise.
Not only does it search for an address book, it also trawls for email addresses through any locally stored web pages. It was also designed to move "sideways" - attaching itself to other files on network drives, hitting users and machines that don't even have email - although it appears that this doesn't work properly in Sobig.F. Maybe in the next version...
The best email anti-virus protection comes from outsourcing to companies such as MessageLabs - who scan email before it reaches your network and guarantee never to pass a virus through. This is possible because they handle so much of the world's email, they can spot patterns produced by spam and viruses in real time - long before conventional "signature based" anti-virus and anti-spam products have had time to react.
Bawden Quinn Associates