Managed Services: Benefit #5 Security - It’s not just about managing firewalls you know.

The next benefit of Managed Services is Security. Security is an area that most people desire but when it comes down to making an investment they often choose to spend available budget elsewhere. Security is a difficult area to prove a return on investment.

The ROI is usually only proven when a breach is prevented. And even when a breach is prevented it often goes undetected. So security is often not given the attention it deserves…which is a rather scary concept when you start thinking about it….

If you don’t know already security is arguably what D&D Consulting is most known for. Ask someone about D&D Consulting in the IT world of Albany NY and the typical response you get is ”oh, I know them, they do a lot of security and networking stuff.”

Anyway, the point is we have a lot of security experience. Usually there are three responses I get when I talk to folks about IT security:

1. “We have our security taken care of”… Ah but do they really?
2. “I know I have vulnerabilities but honestly, I don’t know where to start to make the biggest impact”
3. “I know I need security but I’m willing to take my chances”

Most organizations have a “stance “on security and typically it comes down to a trade off between security and usability. It’s a balancing act on a see-saw – the farther you go towards the security side of the see-saw the less usability you get.

An example is that employees commonly use USB flash drives to bring data with them or to transfer data to other employees. The use of unprotected USB flash drives is a security risk to an organization because a user can either accidentally lose the device or purposefully give the information to an unauthorized person.

In order to protect against this the organization may choose to lock down all ports on computers so that users can no longer use USB flash drives. In protecting the environment you have now disrupted the user experience and their work flow.

And conversely the further you move towards a more usable environment the less security you will be able to implement. An example would be firewall rules. The “correct” way of approaching the configuration of a firewall would be to block everything and then allow what you know you need.

This can result in calls to helpdesk with users complaining that they can't get access to something. To avoid these calls organizations often configure the firewall to allow all traffic and then restrict what they know should be restricted…the problem is do they know what should be restricted? While this keeps your users working happily you open yourself to more avenues of attack.

Where and how do I apply Security?
Security applies to every device in your environment, the physical security and security policy. There are many things to consider in the security world and understanding the characteristics and objectives of the organization is key to making appropriate security recommendations. Does “Best Practice” apply to every organization? NO!

Your managed service provider needs to be asking you questions that determine where your organization sits on the security see-saw. If they don’t then the security measures and management that the MSP puts in place could be misaligned and cause the organization more harm than good. When your talking security it needs to be right, the risks are too great…

Some of the things (depending upon the level of service) a managed service provider should give your business from a security standpoint include:

• Security Assessment
• Security Review and Recommendations (at a Business Level with IT detail to back it up)
• Managed Firewall Services
• Regular Configuration Reviews
• Regular patches on all your devices
• Regular firmware and other devices updates
• AV/Spyware/SPAM

If you’re not getting the type of service you need look elsewhere, and if you are looking for an IT partner to help you manage your environment make sure you are getting the services and recommendations that are right for you your organization.

Bryan Spinner
Solutions Consultant
D&D Consulting Ltd.

For more information on D&D's SmartCare Core Services, call an account manager at (518) 218 0900, or email me.

Previous Posts in the top 11 benefits of managed services:

• Managed Services: Benefit #6 Pro-Activity
  

• Managed Services: benefit #7 Advice
  

• Managed Services: Benefit #8 Efficiency
  
  
• Managed Services: Benefit #9 Responsiveness
  

• Managed Services: Benefit # 10 Accountability
  
  
• Managed Services: Benefit #11Risk Reduction
  
  
• White Knight or White Elephant?

D&D Consulting Ltd | 3 Columbia Circle | Albany NY 12203 | T: (518) 218 0900 | F: (518) 218-1829 | info@dandd.com | www.DandD.com

D&D Consulting Ltd. is a:

• Certified NYS Women Owned Business Enterprise (WBE) #51957
• NYS based Small Business Enterprise (SBE)
  

Press Release: D&D Consulting, Ltd. offers Disaster.com for sale

For Immediate Release

Wednesday, October 21, 2009

D&D Consulting, Ltd. offers Disaster.com for sale

~ World Wide Bidding War Expected by Technology Services Firm ~

Albany, New York (October 21, 2009)

D&D Consulting, Ltd., which provides network design, information security, systems and technology management services for the public and private sector, today announced the intention to sell the internet domain Disaster.com.

The sale of Disaster.com is expected to draw a high national and international response specifically within the business continuity, disaster recovery, meteorology, media and insurance sectors.

Christopher Labatt-Simon, CEO, commented, “While still providing Continuous Business Operations services, after eighteen years D&D Consulting has diversified. Liquidating this asset will enable additional investment that will help drive the future growth of D&D Consulting Ltd.”

Originally registered in 1994, Disaster.com has a huge branding and advertising potential to the right organization. It is a unique opportunity to acquire a very rare and desirable single word domain name.

“I anticipate a domain of this value to be snapped up” Labatt-Simon continued, ”Single word domain names of this rarity come to market infrequently and I am confident of a rapid sale”

The sale will take place by silent auction. The auction is expected to conclude by November 20^th 2009.

Interested parties should contact Janice Haney at D&D Consulting Ltd. to register their intent or go to disaster.com for more information.

D&D Consulting, a Woman Owned Business, was founded in 1992 and quickly established a reputation for client–centric IT solutions driven by business needs. Since then the company has experienced steady and sustained growth offering assessment, design, implementation and support services in the areas of network and communications infrastructure, security, systems, virtualization, application availability and performance, and management and lifecycle.

Kristen Labatt-Simon

Vice President

D&D Consulting Ltd.

klabatt@dandd.com

jhaney@dandd.com

D&D Consulting, Ltd.

+001 (518) 218-0900

About D&D Consulting:

D&D Consulting, Ltd. is a customer centric IT consulting company connecting client business initiatives to focused technology strategies and solutions. D&D specializes in network and communications infrastructure, information security, systems, applications performance and availability, and management and lifecycle services. We support customers throughout the technology lifecycle with assessment, planning, design, implementation and support services.

D&D public sector customers include, but are not limited to: NYS Executive Chamber, NYS Office For Technology/Office of the CIO, NYS Department of Transportation, NYS OMRDD, NYS Division of Criminal Justice Services and the NYS Energy Research and Developmental Authority (NYSERDA).

Private sector customers include Pitney Bowes, Stewarts Shops, CommerceHub, and Hero Beechnut. For more information on D&D Consulting, please visit www.DandD.com.

D&D Consulting:

Connecting your business initiatives with focused technology strategies and solutions.

D&D Consulting Ltd | 3 Columbia Circle | Albany NY 12203 | T: (518) 218 0900 | F: (518) 218-1829 | info@dandd.com | www.DandD.com

D&D Consulting Ltd. is a:

• Certified NYS Women Owned Business Enterprise (WBE) #51957
• NYS based Small Business Enterprise (SBE)
  

Managed Services Benefit #6 Pro-Activity

Pro-activity: It’s a great intention for many IT professionals but when it comes to actually setting up the systems and processes to ensure you are proactive it can be a very difficult thing to achieve.


If you are constantly trying to keep all the plates spinning (aka firefighting) the first task is to gain control. There are different levels of control. For some it’s getting to a state where you are still firefighting but you are not constantly drowning under a deluge of helpdesk requests or system failures.

For others it is a question of focus, critical system firefighting is minimal but the demands of the business often take precedence over planning and process building.

In both these cases the ability to proactively manage systems and networks is compromised. When do you get the time to set up these complex systems and reminders that attribute systems maintenance and monitoring tasks.? The answer as described above is never.

So the circle of firefighting continues, systems are not managed at their optimum so they fail, this creates a priority task to resolve the issue. Resources are drawn away from critical projects and other department lead projects (like becoming more proactive) and so it goes on…

Both scenarios are both great candidates for a managed service. Both need to gain control. Control is arguably the single most important element of success in an IT leadership role.

Once you have control you can plan more effectively, provide more accurate management information, become more efficient and ultimately support the business better. A large part of control is moving from reactive to pro-active. Outsourcing is probably the fastest and most efficient way to achieve that.

How does a managed service help them be more proactive? Well as I have talked about it really depends on the managed service provider and whether or not they really are “managing” your environment.

A managed service provider should be an integrated part of your IT resource – They should act in that employee role and come to you with recommendation on how to resolve and manage potential problems before they become catastrophic failures.

At the end of the day that’s what you, the client wants. “Take this problem away from me, do it cheaper than I can, fast-track me to get control so I can concentrate on supporting the technology needs of my business.”

Watch out for the next post, and, we are into the top 5 benefits! Benefit #5 Security

Bryan Spinner
Solutions Consultant
D&D Consulting Ltd.

For more information on D&D's SmartCare Core Services, call an an account manager at (518) 218 0900, or email me.

Previous Posts in the top 11 benefits of managed services:

• Managed Services: benefit #7 Advice
  

• Managed Services: Benefit #8 Efficiency
  
  
• Managed Services: Benefit #9 Responsiveness
  

• Managed Services: Benefit # 10 Accountability
  
  
• Managed Services: Benefit #11Risk Reduction
  
  
• White Knight or White Elephant?

D&D Consulting Ltd | 3 Columbia Circle | Albany NY 12203 | T: (518) 218 0900 | F: (518) 218-1829 | info@dandd.com | www.DandD.com

D&D Consulting Ltd. is a:

• Certified NYS Women Owned Business Enterprise (WBE) #51957
• NYS based Small Business Enterprise (SBE)
  

Free Juniper SRX and JUNOS Training

You have no doubt heard the hype around the Juniper SRX series gateways, messages around:

• Simplicity
• Consolidation
• Management Efficiency
• Low, Low TCO
  

Come and see if the reality lives up to the Hype.

Join us for a FREE one-day training seminar on building and supporting IP infrastructure with Juniper SRX.

Learn JUNOS fundamentals and about Juniper SRX at this hands-on training seminar brought to you by Juniper Networks.

The syllabus covers a variety of topics, including:

• Installation, configuration, and operational analysis of Juniper SRX
  
• SRX configuration using both the J-Web graphical user interface and the JUNOS software Command Line Interface (CLI)
• Real-world configuration and operational examples

The seminar will feature:

• Hands-on labs
• Dedicated SRX for every 2 students
• Free JUNOS for Dummies book
• Breakfast and lunch will be provided

---

D&D Consulting Ltd | 3 Columbia Circle | Albany NY 12203 | T: (518) 218 0900 | F: (518) 218-1829 | info@dandd.com | www.DandD.com

D&D Consulting Ltd. is a:

• Certified NYS Women Owned Business Enterprise (WBE) #51957
• NYS based Small Business Enterprise (SBE)
  

Managed Services - Benefit #7 Advice

It’s been a couple of weeks since I last posted, hopefully it was worth the wait…

Picture the scenario; you employ a managed service provider (MSP). You want to:

• Save money
• Take away the hassle of managing your technology yourself
• Focus your IT resources on other projects

Life is good. Systems work correctly and are being monitored for you and fixed in some cases. But what happens when you want to integrate new appliances or services? You call up your MSP and ask their advice….

Grinding halt…does your MSP provide advice to you and if so can you trust it?

I don’t want to be accused of beating the same old drum but it all comes down to how well an organization understand your business goals and therefore your IT goals.

If they don’t then they can’t give advice. It’s like trying to navigate to a destination with ½ a map. In the ideal world your MSP (in my opinion) should double as someone you can turn to for advice. Someone you trust, who has the skills and experience and has taken the time to learn about you and your business. They have something to base their opinion on.

So what’s a surefire way of identifying whether or not your MSP understands your business? Answer: If all they talk about is technology you can be sure they don't understand your business. Business objectives are not technology. If you just have a technology conversation then you can be pretty sure they only care about the pieces of technology they’re supporting and advice relates to that not your business.

Is your MSP taking the time to sit down with you on a regular basis to review your business objectives? If they are great, you should get regular recommendations that align your technology to meet your business.

The bottom line: A trusted advisor doesn’t mean that you get email alerts when something is down. A trusted advisor improves your business.

Stay tuned for the next blog in the series, “#6 Proactivity”.

Bryan Spinner
Solutions Consultant
D&D Consulting Ltd.

For more information on D&D's SmartCare Core Services, call an an account manager at (518) 218 0900, or email me.

Previous Posts in the top 11 benefits of managed services:

• Managed Services: Benefit #8 Efficiency
  
  
• Managed Services: Benefit #9 Responsiveness
  

• Managed Services: Benefit # 10 Accountability
  
  
• Managed Services: Benefit #11Risk Reduction
  
  
• White Knight or White Elephant?

D&D Consulting Ltd | 3 Columbia Circle | Albany NY 12203 | T: (518) 218 0900 | F: (518) 218-1829 | info@dandd.com | www.DandD.com

D&D Consulting Ltd. is a:

• Certified NYS Women Owned Business Enterprise (WBE) #51957
• NYS based Small Business Enterprise (SBE)