There’s an interesting article posted by the Society of Computers and Law about the challenge of getting realistic IT project estimates on cost and time. The author, Michael Bywell, a Partner at Arnold & Porter Kaye Scholer, asks two questions;
- How do we explain the tendency of planners to routinely underestimate costs and over-estimate benefits?
- Why do projects get the go-ahead when it is (or at least should be) obvious that they are bound to overrun?
Read more →
The Cyber Security Toolkit, by Peter Wright, and published by the Law Society is the most comprehensive guide I have seen focused on law firms. It nicely expands and pulls together Law Society practice notes covering various areas of cyber security including: cloud; phishing; outsourcing. Read more →
Cleary the nursery rhyme about the three little pigs has nothing to do with IT strategy, however, it still provides a nice analogy on the difficult situations a law firm, or any business, can find with their IT systems.
For those a bit rusty on the details, three pigs each built a house: one of straw; one of sticks; and, one of bricks. A wolf easily blows down the straw and stick houses and eats the pigs. The wolf can’t blow down the brick house and the pig eats the wolf (various versions of the rhyme exist, I have gone with the original).
Keep reading to find out what the little pigs can teach law firms about IT strategy. Read more →
Have you ever wondered what it is about the fancy “padlock” symbols in your web browser that actually make your connection secure? Read more →
Passwords remain the primary method of people gaining access to computer systems, thus they are an obvious target for malicious activities. I personally have close to 50 passwords that are used on a monthly basis covering online storage, website services, social network accounts, email accounts, and local WiFi and Internet access. Managing these passwords is critical to maintaining security in any business. Here is my list of the habits of highly effective password management that I think any business would benefit from adopting: Read more →
Recently I reviewed the Office 365 default policies for spam and malware and was pleasantly surprised by the spam control options available, but shocked by the default malware policy provided. Read more →
Unitrends provides backup and disaster recovery solutions to businesses of all sizes. One solution it provides is called Unitrends Free. As the name implies this is a free solution, and is aimed at small businesses with 1TB or less data to backup. The solution is deployed as a virtual Linux appliance on either Hyper-V or ESX. Read more →
Microsofts provides a business class email service called Exchange Online which is part of their Office 365 suite of services.
Exchange Online is hosted by Microsoft and accessed via the Internet. Thus, anyone who knows (or who can guess) the mailbox password can access the mailbox. This is a reason to have a strong password, and to not re-use passwords. With that said, if you suspect your password has been exposed, it is reasonable to be worried that your email account has been exposed.
One approach to validate the access to your mailbox is to enable mailbox audit logs. Once enabled, Exchange Online logs are kept for 90 days, and refreshed every 24 hours with new events.
This post provides a short overview on how to enable mailbox logging in Exchange Online. The process is technical and is only suitable for users who are familiar with PowerShell (if you don’t know what PowerShell is, ask your IT Professional to complete these steps for you!). Read more →
A “security researcher” has released a blog post on how to gain “root” access, or full control, of a LifeSize video conferencing system over the Internet.
The hack didn’t rely on using default passwords – they compromised the password by forcing a password change by manipulating the traffic to the video conferencing system. While I haven’t validated the hack, the detail provided in the blog makes the hack look legitimate (as a result, I’ve chosen not to link to the blog post). Read more →
This is another post capturing my learning while building a test lab in Microsoft Azure.
In this post I capture my experience moving virtual machines to Azure from on-premise.
Azure provides ready made reference virtual machines as shown below using the Classic portal. Read more →