Some background basics: A software vulnerability is an error/flaw in a  application, that can be used by a hacker to perform actions, which have a negative security impact on your computer.  These range from releasing of sensitive information stored on your computer (like credit card numbers and account information) to automatic installation of viruses, keyloggers, or other code.

Why should you care? An example: When you browse the Internet, you use an "Internet browser" this may be: Internet Explorer. All browsers have been affected by vulnerabilities that have allowed hackers to do anything on your computer - all you had to do was to visit a website. The website could take control of your computer. The same goes for all other applications on your computer - unless you keep them updated and patched.
Programs such as anti-virus, personal firewall, and anti-spyware are good protection, but they will NOT protect you from the threat of software vulnerabilities.

How can you protect yourself from software vulnerabilities?
Keep your software updated. The only real solution, to avoid becoming a victim of software vulnerabilities, is to install the latest security updates that the software vendors release. In other words, make sure that you always have the latest secure versions.

Software vendors fight software vulnerabilities to protect you
Software vendors work hard to release new versions of their software correcting vulnerabilities. This is good news. Unfortunately, most are not completely forthcoming about security-related releases. No one likes to admit that they made mistakes.  What can you do about it? How do you keep track of the dozens of applications installed in your computer? Which ones have known  vulnerabilities and which don’t?

You don’t patch, just because a yellow shield says "hey, patch this", unless of course your network admin or IT firm has pre-approved them.

Don’t fear - I’m still here. :)  Well, yes, Aequus IT is still here.  Honestly, I can’t believe it’s almost Memorial Day.

I’ve been quiet on the blog as well, I’ve been busy.  Not only has my time been dedicated to current Aequus IT clients’, but has also been heavily focused on business development with Suncoast Business Technologies.  Our (Suncoast Business Technologies) solutions are fully implemented and available.  Our combined efforts have allowed us to bring some previously outsourced solutions in-house.  Thus providing better security, control and reliability to the solutions we offer our clients.

All marketing is being performed under SBT.  All new clients will be SBT clients.  Aequus IT IS NOT going away, we’re just working to provide better service and solutions for our existing and new clients.

Keep a look out for more news on the business front.

Thanks for all of your support.

This educational newsletter is sponsored by Aequus IT, a Geminare Partner
who is a dynamic technological consulting firm that services the SMB
community reachable at www.aequusit.com.

DOES YOUR BUSINESS CONTINUITY PLAN REALLY WORK?

A business continuity plan ensures your business has continuous access to critical applications in the event of network failure. Many
businesses run the risk of rendering their business continuity plan obsolete if not irrelevant by failing to test them on a regular basis,
especially as their business grows and changes.

Testing is critical to validate any business continuity plan and companies are increasingly recognizing this. Organizations are
showing a greater sense of urgency, especially those that automate critical business processes, operate in a 24×7 world and
engage more and more with their customers online. In all of these environments, business continuity, availability and security are
highly interdependent. Recognizing this, organizations now understand that testing needs to examine vulnerabilities in an integrated,
systemic way to ensure delivery of the service levels their business needs following a network failure.

According to recent surveys:
• AT&T found that just 50% or less of companies had tested their business continuity plan in the past 12 months, with 26
percent never having tested it at all.
• The Chartered Management Institute, in conjunction with the Continuity Forum and VERITAS Software, found that only 52
percent of organizations rehearse their business continuity plan once or more per year.
• The Association of Financial Professionals found that despite the fact that almost half of the respondents said their
organizations’ were impacted when a disaster struck:
o Only 24 percent said their business had recently tested its business continuity plan as a direct result of the
disaster;
o Only 26 percent plan to test their business continuity plan in the near future;
o 50 percent have no plans to test their business continuity plans.
• Synstar found that just 12 percent of companies tested their business continuity procedures twice a year. Some 35
percent of companies haven’t tested procedures in the last two years, while 38 percent of business continuity managers
state that they test procedures once a year.

How often should you test your business continuity plan?
Your business continuity plan should be tested at least annually and/or when you have significant changes to technology, business
processes or personnel.

How do you determine if your business continuity plan testing is successful?
You should ensure you have a defined test plan that establishes specific objectives prior to the test being performed. An attainable
and clearly stated testing plan will be used to determine if the recovery efforts tested were successful. If some test objectives fail,
the business continuity plan, recovery procedures and test objectives should be reevaluated. The test should be repeated until all
aspects of the business continuity plan are considered successful. Once the business continuity plan is deemed adequate, it should
then be tested annually. Testing objectives should be set to start small and increase in complexity and scope over time. Achieving
the following objectives provides progressive levels of assurance and confidence in the plan.

What applications need to be tested?
Critical applications that ensure business workflow and contribute to the risk of revenue loss should be tested more frequently as
they will have a greater impact in the event of a network failure. Although obvious ones such as Mail, Database and Web servers
are always top of mind, the real testing needs to take place with the servers that you may not consider to be mission critical but
could contain data that is. HR servers or files that contain employee contact information as an example are servers which contain
mission critical data, as are workstations or drives that contain payroll data. Image not being able to make payroll? BlackBerry
servers are increasingly becoming one of the most important area’s within a communication plan as our IP Phone systems and
PBX’s. Although your office may not be readily accessible you may still need to communicate or redirect inbound or outbound calls.

How is that going to take place?

MANATEE CHAMBER OF COMMERCE ANNOUNCES NEW TECHNOLOGY COMMITTEE

(Bradenton, FL) – The Manatee Chamber of Commerce recently announced the formation of a new Technology Committee. This Committee’s focus will be on identifying existing and evolving technologies that can be used to further the Chamber’s mission and share that knowledge with our membership.

Members of the Technology Committee held their first meeting on Wednesday, January 16, 2008 and began setting forth an ambitious plan of work. Education will take a high priority with seminars / workshops, panel discussions, and online resources. Development of an “ask the tech” feature on www.ManateeChamber.com is already in the works and will enable Chamber of Commerce members to get answers to all their technology questions.

The Technology Committee Members include: Suresh Babu, GravityFree; Kevin Baylor, Aequus IT, Inc.; A.C. Cristiaan, Wazagua, Inc.; James Fink, SEOENG, LLC; Jacob Gilray, Audio Visual Innovations, Inc.; David Grace, Abacus Web Services; Marty Guice, 82 Degrees Tech; James Hanlon, Bright House Networks; Dennis Hassell, NXGEN Payment Services; Jim James, Phone Solutions, Inc.; Eric Livingston, Private Client Technologies; Jackie Luper, The Bradenton Herald; Hallie Middlebrooks, Network Solutions; Troy Newport, Webtivity Designs; Maria Pugliese, NuVox Communications, Jul Saxby, Anexio, Inc.; Steven Shepherd, Priority Web Design; and David Spire, US Computer Group.

Visit us on the web at www.ManateeChamber.com.

For more information, contact Carey Miller at 748-4842 x113.

Once the system receives the email, you will receive an email back showing the ticket information.  Generally, you should receive an auto response within 5 minutes.  As activity is performed on your ticket and/or it is closed, you will also receive email notices to those affects.

I realize that this will not occur overnight, and as emails come into my mailbox directly, support cases will be created and reminders sent to send the requests to the appropriate mailbox.  After January 15^th, only emails sent to support@aequusit.com will be logged for support.

These surveys are not to get a pat on the back, or show how "great" things may be going.  If it is not know that something is broken, it can not be fixed.  This helps me gauge where we need improvement, and how we can best serve our clients and keep their business and technology in sync and successful.

So, what needs improvement, will get attention to make those improvements and well, if it’s not broken, it won’t be fixed (just maybe improved upon or expanded).  The remainder of internal efforts will focus on continuing to provide additional solutions and services to meet the ever changing needs of our clients and the industries in which we serve.

Feel free to check out the results - http://survey.constantcontact.com/survey/a07e2783gszf9czq2ui/results

Tom Streck has more than 30 years experience in the Information Technology industry, most of which has been devoted to managing and improving I.T. operations at three major international companies. At Arthur Andersen Technology Solutions, Mr. Streck was responsible for directing world-wide support for 100,000 PCs, 7,000 servers, and 5,000 proprietary software applications. In that role he managed 30 contact centers in the U.S., Europe, Latin America, Asia/Pacific, and South Africa, all of which were integrated by process, technology, and business continuity. Since 2002, he has provided consulting services to companies such as Merrill Lynch, GM, TransUnion, Yahoo!, Capital One, Del Monte, Embry-Riddle Aeronautical University, and Harris Corp. Additionally, Mr. Streck has extensive experience with third party, offshore/onshore outsourcing and helps clients decide which functions can be successfully outsourced versus those that should be retained in-house.

Now I’ve done quite a business with Dell this year, and will probably do quite a bit more next year.  It’s like Microsoft, you have a love-hate relationship, no matter what.  So far, they’ve done me right, and I have no complaints.

I’ve also done good business with HP in the past, and apparently, I’ve dealt with them long enough, that I’ve overcome some of their partner pain points.

So, since a few have asked for help in getting to work with HP better, I’m doing what I can to help out our fellow colleagues.

Here are a few things to keep handy when dealing with HP:

Websites

www.hp.com/partners/us - US HP Partner site

http://www11.itrc.hp.com/service/home/home.do - HP IT Resource Center

http://welcome.hp.com/country/us/en/contact/phone_assist.html#section1 – More HP phone numbers than you care to imagine

http://partsurfer.hp.com/cgi-bin/spi/main - HP Part Surfer (part lookup tool)

http://h20000.www2.hp.com/bizsupport/TechSupport/Home.jsp - HP Business Center – not restricted to VARs

https://h20143.www2.hp.com/cgi-bin/ccg.dll/JavaContentGateway/login.do - HP Business to Business – this is where you can get customers setup with their own HP accounts

https://h20282.www2.hp.com/PDStore/ssl/smblogin.asp - HP Source site for system configuration, quoting and ordering

Phone

HP Source Sales hotline - 1.800.888.5874

HP Influencer hotline -888-887-1890

HP Welcome Center - 800-965-3586

Email

Uscrc@hp.com – email to check on reseller authorization

Influencer.businesstrack@hp.com – email for HP Influencer questions

Notes:

1) Find out your Influencer Sales Manager if you are a HP Influencer (you must sign up for this authorization separately). Essentially this allows your customers to order directly from HP via their company HP site/account and you get a percentage of the sale. What I do with one customer is I spec the machines out in their site, they approve and order them on their HP account, and I eventually get a small check from HP.

2) Always have your HP OID number – HP uses that like the IRS uses your SS#, without it, you’re nobody.

3) Your HP Source account number is different than your HP OID