Baseline: Taking control of IT changes

One of the hardest parts about managing IT resources is understanding how to control and document changes to your network infrastructure, applications and systems. And as enterprises deploy more virtualization tools, along with upgrading and improving their desktops, managing these changes effectively can make the difference between satisfying users and dealing with chronic downtime.

You can read the full story in Baseline here.

Trust but verify: understanding online seals of approval

Most of us know by now that the online world is full of fakers: phishing sites set up to look like your bank’s, come-on emails filled with nasty links that will turn your PC into a zombie for someone else’s control, disinformation Web sites for pleasure (such as the fake accounts for BP and AT&T Wireless on Twitter that have recently been created) or pain (such as fake sites supporting particular candidates that were created by their opponents).

So, when you go online to buy something or get expert advice, you probably know the drill by now. Don’t click on any link that someone emails you, bring it up and type it in your browser yourself. Look for a secured site with HTTPS if money is changing hands. Find a trusted seal at the bottom of the page. Check on a domain’s whois information to see the actual site owners that are registered. Check your browser to make sure it has been set on stun to warn you when you visit a phishing site.

Oh, for those easy days in the mid-1990s when the net was so naïve.

Despite all these efforts, you can still find untrustworthy sites that meet all of the above criteria. And it isn’t just because of the internal (and eternal) cynic in me, but because there are lots of folks out there that want to grab your clickstream or try to take advantage of you in some very subtle ways.

For example, look at DrugWatch.com, a site that has information on all sorts of drug interactions that my sister sent my way last week. It looks legit, it has a seal of approval from some Swiss entity called Health On the Net (hon.ch) and they even have more information about who actually owns the site, a Florida law firm.

My antennae started quivering as soon as I started scrolling around. I had never heard of this seal of approval, and was suspicious. I mean, Switzerland? Hmm, law firm, let’s Google them, and we find out they have been in the lead on a lot of medical liability issues. So they assemble this site on drug interactions, have an open phone line for people to call, and collect potential litigants for lawsuits. Oh, and they have obscured their whois information too.

I haven’t spent enough time on Drugwatch to determine if it is net net good or bad. But what is clear is that the entire online medical world is a true snake pit, with many nasty surprises that lurk, even for a rather aware and cynical sort. As another example, let me pose two questions and see how you answer them:

  • First, how many legit online pharmacies are there that will sell you medicines that you can trust?
  • Second, how many others are out there that are fakers?

The answer to the first isn’t that hard to figure out. You go to vipps.nabp.net and enter the URL to verify. There are less than 30 of them. When I did a report for MarkMonitor, which looks at domain reputation management among other things, I was surprised to find this out. The total number of fakers is in the hundreds, if not thousands by now.

Yes, there are some good programs that try to keep up with the bad guys by providing independent seals of approval, such as from the Better Business Bureau or Truste. But even if the site uses a real seal of approval, it can be a case where they are trying to trick you. Te Smith from Markmonitor told me: “Fraudsters are clever. They have been known to post ‘seals’ on their own sites, sometimes even generating pop-up windows that supposedly show the ‘official site’ when the consumer clicks on the link. In these cases, of course, the pop-up is taking the consumer to another area of the fraudster’s site where info about the seal is being mimicked.”

In the final analysis, it pays to be a skeptic. Yes, we all cite Wikipedia as if it were the World Book Encyclopedia, but there are some times when it isn’t true. (Shocking, I know!) And Snopes.com makes for some interesting reading of dozens of old Internet chestnuts that keep coming back in my email, year after year. (That formerly sick kid is still getting so many business cards that the post office no longer delivers them.)

Smith and I both subscribe to the theory that says trust but verify. Because you can’t be too careful.

Imagine if your inbox from 10 years ago was put online

Now we have elenasinbox.com, a project of the Sunlight Foundation to expose government records to the public. It is a copy of Elana Kagan’s emails when she worked in the Clinton White House more than 10 years ago.

The emails are searchable, as if she was running Gmail (well, it has been in beta a long time, but not that long). It isn’t a perfect copy, since the records were probably transferred several times between digital and paper copies before they came to be in their present form. But it is an interesting exercise nonetheless.

My question for all of you: who among us has ten-year old emails that are willing to let them be shown in public? Even those of us in public office might not be so inclined.

For some great commentary and discussion about the topic, see David Gerwirtz’ column on ZDnet here.

Datamation: Virtualization vendors update

here has been lots of activity in the past six months since we last took a look at what the three major virtualization vendors Citrix, Microsoft and VMware, have been doing (see the most recent virtualization comparison that I did for Datamation here:: Virtual Server Comparison: Xen vs. Microsoft vs. VMware, 2010).

Citrix has released new software. Microsoft and VMware are concentrating on data centers. And there are some new faces to look at too. You can read the full article here.

Tom’s Hardware: Visual Studio 2010 for Serious Web-Based Apps

After parts of it were in>beta for almost a year, Microsoft’s Visual Studio 2010 is now available for download here and purchase in a variety of versions. Visual Studio 2010 runs on all versions of Windows since XP with SP3. It contains a long list of innovations and improvements, not the least of which is full support for multiple monitors. The full kit takes up more than seven gigabytes on your hard drive, and installing it is very easy, almost a one-click process as it loads the dozens of supporting tools and interfaces.

You can read the entire review here on Tom’s Hardware.

ITworld: XP to Windows 7 migration: 6 tools to help you make the move

If you skipped the big upgrade to Vista you can now consider yourself fortunate that a number of vendors have stepped up to help you migrate your desktops from XP to Windows 7. Microsoft doesn’t make it easy to make the move from XP without some pain and suffering, but does have one tool that can automate the process, along with at least five other vendors.

In a story I did for ITworld, I review the tools here.

Becoming more location-aware

With the news that earlier this month the Air Force launched a new GPS satellite that can resolve your location down to a few feet, a growing number of location-based services are getting lots of attention for their ability to create new social opportunities. Just the other day I met up with an acquaintance at a local grocery store: he was updating his status on Foursquare as I was checking to see who else I knew on the service was in the store. I looked around and said hello, and we both went about our business, back to interacting with our iPhones.

While Foursquare.com is the most popular, there are numerous other services including Yelp.com, Google’s Latitude, Whrrl.com, Loopt.com, Brightkite.com, and Gowalla.com. There is even a site called checkinmania.com that will track updates on three of these sites and mash them up on a Google map together. These services all work in a similar fashion: you download the app to your smartphone or use an ordinary Web browser to indicate your current location. The smartphone apps can make use of the built-in GPS to determine where you are and present you with a list of potential businesses nearby. You claim one of these as your current location (or create a new listing) and the app notifies all your contacts where you are. The downside is that you need to create a new network of contacts for each service, although some of them can leverage your existing Twitter or Facebook address list. Users get awarded points for frequent check-ins and get to display that they are “mayors” of places that they frequent. (For some odd reason, I am the mayor a drug store near my sister’s apartment in New York City. Go figure.)

But apart from providing new opportunities for stalkers and thieves (pleaserobme.com is one notable site that used to list homes that were unoccupied based on the occupant’s status messages), what can IT managers learn from these apps?

First, if you are going to get involved with these services, decide early on which one you are recommending, if you are indeed going to recommend any, for your user base to get behind. Each service has its own network and can’t share information elsewhere, other than on Twitter or Facebook. The Wall Street Journal now has an icon where readers can click on an “add to Foursquare” button similar to the numerous “ShareThis” sites.

Second, understand the privacy issues that you create if your employees start using these services frequently. Should you be able to monitor someone’s whereabouts during off hours? What if they are supposed to be a business trip to Boise, but are really having a soiree in Boston? Do the usage of these apps fall under the responsibility of the human resources, legal, or IT departments? Certainly, you should take a look at your existing privacy policies and make sure you are covered. An article that tackles the larger issues (think EZPass toll collection devices and red light cameras) can be found on the Electronic Frontier’s web site here.

Next, if you don’t have any corporate policy with what employees link to their Facebook and Twitter accounts, even their private accounts, now is the time to give this issue more thought. Should your people be permitted or prohibited to tie these location services into their status messages? Should you care that some of the status messages are not suitable for the workplace?

If you have a retail business with an actual physical address, these location services have become new ways to attract customers. You can use the location services to publish limited time discounts or other offers for frequent visitors. Many Bay Area restaurants are doing this, for example, (and even a few here in St. Louis) and the entry cost is minimal. Some consumer product companies are beginning to pitch to Foursquare mayors as the influencers of their particular locations. Writing for a blog seems like so yesterday. And I have written about Aisle411, a startup company that is going very location specific by allowing consumers to find the specific aisle in a big box store that they are in.

Finally, these services can represent yet another tool in the arsenal of digital background checks that hiring managers can use to research your past. That means you might want to reconsider whether or not to post that you are doing shots night after night at the local bar, or even that you are at the local bar night after night.

Vonage softphone for Mac

If you use Vonage, and you want to be able to make calls from your PC instead of an ordinary telephone, you need what is called a “softphone” client, a piece of software that connects to your Vonage account and dials into the public phone network. You will also need to upgrade your Vonage account with a $10 a month optional softphone feature.

The Windows softphone works reasonably well, but the Mac version is the pits. Over the past couple of months, I have tried a variety of other clients, finally settling on the is-phone Portable version. In theory, any SIP-phone should work, but you’ll need some combination of parameters and configuration help files are very sparse when it comes to setting things up with Vonage. Here is a screen grab that shows you how I did it. Note, you have to use the softphone password which is different than your Vonage account password, and there are some other special settings too.

Computerworld: Six annoying router problems

These days, having access to wireless broadband is an absolute necessity for home offices and small businesses. And after more than a decade of innovations, you would think that the standard wireless gateway/router would be a picture-perfect product by now. Alas, no. While many routers offer good features, most still come with flaws that can make life a lot harder, such as confounding setups or limited security.

What follows are six router problems that, quite frankly, I find the most annoying. I looked for possible solutions, and while I didn’t find one router that addressed all my concerns, I did discover features — and routers — that could make things a lot easier. Read my article in Computerworld here.

Strom’s cable Internet odyssey

How many cable guys does it take to provide me with Internet service? It sounds like the beginning of a “lightbulb” joke, but this question is pretty real for me. Turns out to be somewhere north of a dozen.

I moved into my new office two weeks ago, but it took until yesterday to get the Internet turned on there. Turns out a combination of factors, aided by some bizarre complications from Charter, my cable supplier, caused the delay.

At the center of my difficulties was my office was using a new street address that wasn’t in anyone’s database – including the Post Office. It took numerous phone calls to find the right person in the City of St. Louis – not exactly your best example of efficient government under most circumstances – before that was fixed. I think. The PO updated their database, but it took a couple of weeks before I could go in to usps.com and see it for myself. Why? Because speedy delivery of Web data isn’t in the PO’s motto.

It is amazing to me that we have such poor Internet delivery in 2010. Back when broadband meant getting 128k ISDN, the phone companies ruled the roost. You could get T1s for thousands of dollars, but you could get them just about anywhere you could string a twisted pair of copper wires. Now the USA is well down on the list of countries that have lots of broadband available to their citizens – indeed, China has more Internet users than we have total population now. And Singapore is putting megabit connectivity everywhere. What happened?

Part of the problem is that we have the absolutely worst communications customer service entities to deal with. They answer the call with “we want to provide you with superior service today” and apologize when they don’t deliver, but they never take ownership of the customer. They can’t marshal the field resources to find and fix problems in their wiring plant. And for communications companies, I was amazed at how often my call was dropped after being on hold for many minutes. Come on, people, this isn’t rocket science. (And given the state of NASA, I am not sure that is a good comparison either.)

Having cable and phone companies compete for Internet access hasn’t helped the customer either. I tried to order just a regular land line from AT&T (who is my local phone supplier here) but was told repeatedly that my address wasn’t in their database. Back to the PO problem. When the AT&T technician coincidentally showed up at my office yesterday, he claimed he couldn’t give me service because I ordered my phone using a nearby address. Yet after spending an hour on the phone with his supervisors, he managed to deliver dial tone to my office. Thanks, Roger, I appreciate that tenacity. But why tell me you can’t do it and then you can?

Meanwhile, Charter took several visits with an ever-changing cast of characters. One time I got the guy that actually laid the cable along the street and in my condo development – he brought a map showing where the lines went. While that was encouraging, trouble was, one of them wasn’t connected properly. That brought out another guy who hooked up one of my missing links. Then another woman came (who was the most entertaining tech among my crew) and told me that I was missing a “tap”. That took someone else to install the tap. Why couldn’t she install it herself? What, they have a tap specialist? Someone else needed to find the right person with a key to open the box that the tap went in. I am not making this stuff up. Then I finally had two guys yesterday that actually had to locate my line and hook things up. At least they came with the key.

All throughout this process, I Tweeted and called various Charter people, trying to plead my case. At one point, I actually tried the live chat feature on their Web site, but that was agonizingly slow and like talking to a six-year old child. There was one woman in their call center in South Carolina, she did take some ownership of my problem but didn’t seem completely in touch with the crew on the grounds around my office.

It shouldn’t be this hard. If we are going to become a first-world Internet country, we need better broadband suppliers who can take customer service to new highs, not new lows.