Legal Advice For IT Professionals

Even though it may be your job to handle sensitive information, how you handle the data is just as important as how well it is secured.

One of the best ways to avoid any sort of legal snafu is to have a privacy policy in place. The policy needs to be all encompassing, meaning it covers EVERYTHING accessed on the company’s network (i.e. email, network drives, Twitter, Facebook, VPN connections from offsite, etc).

The policy should mandate guidelines of acceptable computer usage while using company resources (including all data).

Another step would be to conduct a Security Assessment and Security Audit.

• A Security Assessment identifies vulnerabilities within an organization’s infrastructure and will then recommend solutions to secure the system.

• A Security Audit installs an application on the network that is designed to identify, classify, secure, monitor and report on sensitive data. A manager is then notified every time the data is accessed so organization’s can track who is accessing sensitive data and when and where the access happens.

If you aren’t sure of your organization’s policy in regards to sensitive data, ask them. If they don’t have a policy in place – inquire about initiating one. This will help to safeguard yourself as well as the data you are in charge of.

Public or Private Cloud?

Private or Public Clouds?

IT Wants Them Both!

InfoWorld just published an article about a recent survey conducted by the International Data Corporation (IDC). In the survey, IDC asked IT executives if they preferred Private Clouds in comparison to Public Clouds. The results showed that many companies expect to use a combination of both Public and Private Cloud services. The mixed use of Public and Private Clouds is also referred to as a Hybrid Cloud.

With a Hybrid Cloud, an organization has their own private (internal Cloud) with services running within their firewall. However, Hybrid Clouds allow users to access data that is stored off site via a Public Cloud.

This model is beneficial when an organization wants to have control over their data storage, but needs additional space for archiving data. They have the security and supervision of the Private Cloud in their network, but can store excess data in a scalable on-demand Public Cloud.

According to Frank Gens, an IDC chief analyst, “Virtually every customer, at least from the midmarket up, will have a mix of both [Public and Private Clouds].”

Additional information about Public, Private, and Hybrid Clouds will be available next week in the whitepaper “Hybrid Clouds: The Best of Both Worlds.”

Is The Internet Running Out?

The End Of The Internet?

There has been a lot of buzz from people stating we are reaching the end of the internet's capacity. To be honest, all I ever can think of is the episode of South Park where internet access starts to dry up. In the episode, the "internet" is actually a giant Linksys router and Kyle reestablishes the internet by resetting the device. Although hilarious, the probability of the internet disappearing is pretty low (notice how I didn't say impossible).

Fiction aside, the internet is in essence a network of networks that connects computers and other devices across the globe. The internet isn't one specific device but rather a combination of billions of components. Despite its seemingly endless coverage area, a recent article from CNN.com reported that the internet may be reaching its user limits. Soon we may not be able to add more devices to the current configuration.

Here's the kicker; it all has to do with the internet's current configuration. Right now the internet runs on what is called Internet Protocol Addressing Scheme version 4 (IPv4). Within this particular set up - IPv4 only provides slightly more than four billion IP addresses because it is based on a 32-bit format. These addresses are usually represented with decimal points separating the address into four parts (i.e. 192.0.0.000).

IPv4 operates on two basic functions: addressing and fragmentation. The protocol uses the IP addresses to transmit internet datagrams to their destinations (also known as routing). Then these datagrams are fragmented and then reassembled once they reach the destination address. (More information on IPv4 operations can be found in the IETF Publication RFC 791).

Anything hosted on an IP network (computer, printer, smart phone, etc.) is assigned its own unique IP address. Thanks to advancements in technology, ownership of mobile phones, net books, Ipads, and other web enabled devices has exploded. These new devices are gobbling up IP addresses at an alarming rate.

I spoke with Senior QA Associate Apollo Catlin, at NSK Inc, and he mentioned that a smart phone itself "probably has three different IP addresses associated with it." Numerous reports have speculated that within the next two years, we will run out of IP addresses. According to Catlin, when IPv4 was first instated in the 1970's there wasn't any thought of running out of addresses as "they didn't ever think people would have a personal IP address." Back then, IPs were reserved for mainframe computers used by large organizations not individuals.

So What Can Be Done?

The most viable option is to transition from the current IPv4 configuration to IPv6. IPv6 operates on a 128-bit system meaning there are trillions of new IP addresses available under this protocol.

Unfortunately content providers are reluctant to transition to the IPv6 protocol. Catlin states that the transition would require a complete overhaul of the Internet infrastructure in that the "entire middle structure of the system needs to be replaced."

Although tedious, this transition needs to happen soon. Otherwise in a couple of years, internet access may only be available to current users as we may not have any new IP addresses to hand out. The internet is open to everyone; let's not start having to ration it out.

How Virtualization Is Killing Physical Media

The Flop of the Floppy Disk
How Virtualization Is Killing Physical Media

Sony just announced this week that they will discontinue the production of floppy disks as of March, 2011. Higher capacity storage mediums such as CD-Rs, DVD-Rs, and the ultra portable flash-drives that can hold gigabytes of information have led to the medium’s downfall.

I have to wonder though; will these other forms of media (for entertainment and data) become obsolete in the future?

Thanks to advances in technology, specifically virtualization, the need for tangible media has been drastically reduced.

Ten years ago, albums were purchased on compact disc, movies just started coming out on DVD (many of us still bought VHS in the early 2000s), and terms such as “Cloud Computing” and “On-Demand” didn’t even register in our vernacular.

Now, consumers can purchase their music digitally, movies can stream to televisions of the internet, and even applications can be run with a simple internet connection.

With the expansion of Cloud Computing Solutions, and more and more companies hopping on the cloud band wagon, is it any wonder that physical media is losing its prominence? The digital revolution has hit the entertainment industry and we are starting to see a trend within IT.

The biggest news of the past couple of weeks was Google’s announcement to launch a new and improved work-suite to rival Microsoft Office. Their upgraded Google Docs (vs. Microsoft Word), Google Spreadsheets, (vs. Microsoft Excel), and Google Presentations (vs. Microsoft PowerPoint) are all accessible on-demand via a web connection.

The trend of offering applications through the web versus running from a local machine is gaining speed at an alarming rate to keep up with advances in virtualization technology. With SaaS (Software As A Service) applications, users don’t have to download and install programs on their laptops/desktops, and don’t have to worry about downloading patches or updates.

For applications that aren’t offered in SaaS form, most software companies offer downloadable executable files when you purchase the program via their website. You don’t have to purchase CD-ROMs that will become obsolete when the newest release version hits the market.

Within the next few years, IT departments may rely solely on on-demand options rending most forms of physical media unnecessary and irrelevant.

NSK Inc Performs Compliance Assessment for Ziner & Murphy, PC

Boston-based IT consulting firm runs assessment of new Massachusetts law on data privacy compliance for CPA firm

Boston, MA, April 12, 2010 – NSK Inc, a leader in IT consulting for small to medium businesses, was contacted by Ziner & Murphy regarding their data storage needs. Ziner & Murphy, a Certified Public Accountant (CPA) firm in Stoneham, MA approached NSK about the new state regulations regarding data privacy. NSK Inc. was hired to perform a Massachusetts Personal Information Compliance Assessment (MPICA).

Changes in Massachusetts General Law (M.G.L.) Chapter 93H, with new regulations 201 CMR 17.00, now require companies that own, license, store, and/or maintain personal information about a resident of the Commonwealth of Massachusetts, to establish minimum standards in guarding the data in both paper and digital records. MPICA is designed to scan a company’s server and system components, locate where personal information is stored, and check to see if the current systems settings are in compliance with the new regulations.

According to David Murphy, the firm learned of the new regulations through the Massachusetts Society of CPAs, and subsequently contacted NSK Inc. “We had worked with NSK in the past, and knew that they are a very knowledgeable and professional firm.” NSK Inc, already prepared for the new regulations, dispatched a technician to perform the assessment for the CPA firm.

An NSK Inc technician installs the MPICA software on a company’s server as well as any desktops or laptops used by office personnel. The software locates where personal information is stored and analyzes whether or not the data is protected according to government standards. MPICA checks password strength and change frequency, current antivirus protection, firewall settings, e-mail and ftp settings, and if the client’s computer systems are updating new releases on a regular basis. NSK Inc can then offer solutions to fix any vulnerabilities found in the system.

Murphy says that being a CPA firm “Our relationship with our clients is based on trust.” Having the MPICA performed, and the system upgraded “We have enhanced this trust with our clients.”

For more information about MPICA, please visit http://www.nskinc.com/it/201CMR17_mpica.html.


About NSK Inc
NSK Inc is a leader in information technology consulting, with a focus on IT management for SMB companies Headquartered in Boston, MA with an additional office in Palo Alto, CA, the company offers a wide array of IT services for business driven information challenges. They provide service and support for small and medium-sized businesses and groups working within large organizations. NSK Inc also creates custom software products for investment banks, equity management organizations, and other specialized industry areas. For more information, please visit http://www.nskinc.com.

Press Contact
For more information, please contact:

Cathie Briggette
NSK Inc.
(p) +1 617 303-0480
(e) cathie@nskinc.com
(w) http://www.nskinc.com

NSK Inc Receives Woman-Owned Business Certification

Massachusetts State Office of Minority and Women Business Assistance recognizes Nancy Keddy as a woman business owner, opens doors for opportunities

Boston, MA, March 26, 2010 – NSK Inc, a leading IT Consulting Firm has just received the Woman-Owned Business Enterprise (WBE) certification from the State office of Minority and Women Business Assistance (SOMWBA). As a result, NSK Inc will be listed in both the SOMWBA Directory and in the Massachusetts Central Register. As a member, NSK Inc is now eligible to better compete for government contracts as well as garner better connections through the services available as a WBE certified business.

Nancy Keddy, a veteran of the Information Technology industry, is now recognized by the Massachusetts Government for her achievements as a female CEO. Keddy, founded NSK Inc in 1996 and the company has grown into a leading IT consulting firm for small to medium businesses in the Greater Boston Area. “Since I am a woman-owned IT Service company, I am a minority in this industry,” states Keddy. “Having the WBE certification opens up a window of opportunities that otherwise may not have been available to NSK Inc.”

NSK Inc’s broad range of services include:

• Backup Disaster Recovery
• Networking
• Project Management
• Hosting
• Managed Care
• Custom Application and Web Development

The SOMWBA provides resources and referral services for certified firms with opportunities at the federal, state, and municipal level as well as in the private sector. The agency also provides contracting, financial resources, and business membership and networking opportunities. NSK Inc can now take advantage of these benefits to build the company’s network outside of the Greater Boston Area as the agency works throughout the state of Massachusetts.

About SOMWBA
The State Office of Minority and Women Business Assistance is an agency within the Massachusetts Department of Economic Development which promotes the development of certified minority business enterprises (MBE), women owned (WBE) business enterprises, and minority non-profit (M/NPO) and women (W/NPO) non-profit organizations. It does this by facilitating their participation in Massachusetts business and economic development opportunities. Specifically, SOMWBA offers services in certification, enforcement, business assistance and advocacy. For more information, please visit: http://www.somwba.state.ma.us.

About NSK Inc
NSK Inc is a leader in information technology consulting, with a focus on IT management for SMB companies. Headquartered in Boston, MA with an additional office in Palo Alto, CA, the company offers a wide array of IT services for business driven information challenges. They provide service and support for small and medium-sized businesses and groups working within large organizations. NSK Inc also creates custom software products for investment banks, equity management organizations, and other specialized industry areas. For more information, please visit http://www.nskinc.com.

Press Contact

For more information, please contact:

Cathie Briggette
NSK Inc.
(p) +1 617 303-0480
(e) cathie@nskinc.com
(w) http://www.nskinc.com

NSK Inc IT Associate Receives CCENT Certification

For Immediate Release

NSK Inc IT Associate Receives CCENT Certification

Associate at Boston-based IT Consulting firm is now certified in small network implementation and management

Boston, MA, March 17, 2010 – One of NSK Inc’s IT Associates, Michael McGowan, recently announced that he has received the CCENT™ certification from Cisco®. CCENT, short for Cisco Certified Entry Networking Technician, validates skills in installing and managing small enterprise network systems, and is a stepping stone towards the Cisco Certified Network Associate (CCNA®) certification. McGowan’s new credentials demonstrate his knowledge and experience in data networks, IP addressing, wired and wireless networks, and network security in the small enterprise sector.

McGowan states “It took me about four months to prepare for the exam.” His efforts have paid off immensely. “Having a CCENT certification will help me provide better support with internet/networking, troubleshooting, and configurations for NSK and its clients.” Although time consuming, McGowan says, “The experience was totally worth it, as it is the largest industry-wide certification.” He will spend the next four months working towards his CCNA certification.

McGowan isn’t the only NSK member who is Cisco certified. Ben R. Howard, a Senior IT Associate, holds his CCNA certification. Howard says that “Having the CCNA Security certification ensures that NSK meets the standards set forth by Cisco to have an understanding not only of how to configure a range of Cisco products, but to recognize security issues and how to effectively configure and deploy the devices to address the issues.” NSK Inc is consistently expanding their knowledge base, and with two employees now Cisco certified the company can manage a multitude of network systems for their growing client base.

About Cisco Systems

Cisco, (NASDAQ: CSCO), the worldwide leader in networking that transforms how people connect, communicate and collaborate, this year celebrates 25 years of technology innovation, operational excellence and corporate social responsibility. Information about Cisco can be found at http://www.cisco.com. For ongoing news, please go to http://newsroom.cisco.com.

About NSK Inc

NSK Inc is a leader in information technology consulting, with a focus on IT management for SMB companies. Headquartered in Boston, MA with an additional office in Palo Alto, CA, the company offers a wide array of IT services for business driven information challenges. They provide service and support for small and medium-sized businesses and groups working within large organizations. NSK Inc also creates custom software products for investment banks, equity management organizations, and other specialized industry areas. For more information, please visit www.nskinc.com.

Press Contact

For more information, please contact:

Cathie Briggette

NSK Inc.

(p) +1 617 303-0480

(e) cathie@nskinc.com