Tag Archives: Grand Rapids

About 1874 days ago Computer Security

Tech Talk: Protecting Laptops from Data Theft

Founders Bank & Trust — a five-branch bank based in Grand Rapids, Mich. – faced the same challenges in keeping customer data secure as larger financial institutions in compliance with regulations. Network Administrator Tom Vanden Bosch talks about software he deployed that encrypts data and locks down laptops in the event of theft in this Q&A with IncTechnology Editor Elizabeth Wasserman. Elizabeth Wasserman: What is the greatest IT security threat facing the bank today? Tom Vanden Bosch: I would say that is a breach of customer information. That would be our number one concern. There are so many different avenues where customer data is manipulated that we just don’t necessarily always have a good handle on how that information is being transmitted. Online banking does contribute to that liability. But, in the financial world, we’re held to a much higher set of standards because of regulatory objectives we have, as well as Sarbanes-Oxley requirements. Those two items are primarily the driving force. Wasserman: How do you protect customer data? Vanden Bosch: Basically you want to seal off areas that you have the least amount of control over. Securing laptops is one of the top three items that IT security auditors are pushing for in our industry. They say we need to be making sure those devices are encrypted. That laptop is a mobile data base of customer data. Obviously, securing company laptops was our primary objective when we started dealing with this issue. Naturally we wanted to extend that protection to flash drives, MP3 devices, and anything else that attaches to our bank equipment. We went with GuardianEdge, which has a full suite of products for device control, hard disk encryption and endpoint encryption. That means we can encrypt our data and prevent or restrict activity on our network that has the potential to generate liability for us. Another nice feature is the auditing piece that tells us who is connecting what to what device and what data they’re moving back and forth across those devices. Wasserman: How does the software help you prevent data breaches? Vanden Bosch: We can lock down a device so that the CD Rom drive or USB port becomes untouchable. If a laptop is lost or stolen and does not communicate with the encryption server for a certain amount of time it becomes unusable, and this time frame is customizable. Once a device is locked out, the only way to unlock it is to go through IT administration or format the hard drive. We’re not just relying on the software to keep us safe. In addition, we’re also in the middle of a project to reclassify our data on the network to establish policies to restrict data on the network based on who has permission. Our employees have to be educated to understand the risks that they could expose us to. That’s a major part of the equation, too.

About 2361 days ago Telecom and Wireless

Is RFID Right for Your Business?

our beautiful site

If your company ships goods that are perishable or expensive or you’re interested in becoming a supplier to Wal-Mart, Target or the U.S. Department of Defense, you may have reason to consider deploying radio frequency identification (RFID). The truth is that many small businesses may be able to get by without implementing RFID for the next few years. But while you wait, your competitors may already be benefiting from early adoption by realizing return on investment from automating receipt and shipment of goods or by becoming a supplier for one of a growing number of big firms and organizations — Wal-Mart, Target and the DOD included — that have adopted RFID and required their suppliers to do the same. How RFID works RFID is a technology in which small, cheap tags are attached to items or cartons or pallets of goods and are automatically read and tracked by a computer system. Many regard RFID tags as the new bar-codes to help businesses track and trace goods through the supply chain. But there are already several examples of RFID now in use by a wide variety of people, including toll-collection systems like EZ Pass, the microchips veterinarians insert into pets and instant payment credit cards that no longer need to be swiped. For small businesses, the use of RFID is likely to be more along the lines of Grantex, a Grand Rapids, Mich. uniform rental company. In 2001, Grantex bought an RFID system for a little over $1 million. The company now sews the chips into uniforms. When the company washes the garments, an RFID system reads the chips and automatically sorts the uniforms so they go back to the right companies. Doug Singer, Grantex’s president, says that since he installed the system, there has been a 36 percent reduction in labor costs and a 21 percent decrease in uniform costs. Partially, that’s because uniforms can no longer be lost or stolen. Unless you rip the tag out, the uniforms are like a lost dog with a microchip — easy to locate. The company used to use bar codes for the sorting function, but the RFID tags are much tougher, Singer says. “Our goal is to attack grease, oil and dirt and we do a darn good job of it,” he says. “If we had bar codes, they would just come off.” Small firms can get big benefits Singer says RFID lets Grantex, which has about 50 employees, operate like a much bigger company because it can handle a large workload (the company regularly services about 10,000 uniforms). Other small- to medium-size businesses that need to track inventory are also adding RFID. A study by Gartner Dataquest found that 40 percent of such inventory-intensive businesses planned to install an RFID tracking system by the end of last year. But for most small businesses, RFID won’t be a big priority for a while, says Mark Johnson, president of RFID Tribe, a Dallas-based professional association for the RFID trade. “It’s very useful for any organization that has many, many objects to track,” says Johnson. “But if you’re a mom-and-pop, a clipboard and a No. 2 pencil does fine.” Johnson says that a bare-bones RFID system would probably start at $10,000-20,000, but it wouldn’t do enough to make a difference in operations. Realizing ROI from RFID Andy Nathanson, practice director for RFID for Venture Development, a Natick, Mass., market researcher, says most RFID systems will cost around $250,000, but the companies that use it realize ROI within 18 months. The good news is that the prices are coming down. Tags that used to go for 25 cents are “now approaching the 10-cent barrier,” he says. Still, unless you track items that are worth more than $25, are perishable or are easily copied, RFID shouldn’t be a top priority right now. The exception to that is if your firm does business with Wal-Mart or the Department of Defense, both of which require suppliers to use RFID. One way to approach this is what Johnson calls “slap and tag,” that is, just putting tags on merchandise without installing an RFID reading system. But even that can be expensive. “People say it’s only a quarter or so, but we’re talking about millions and millions of products,” he says. “It adds up.”

About 4462 days ago Computer Security

Hostage Situation

Bulletin Board John Simmons is a gentleman. He won’t reveal the first words that entered his mind when he heard that his company’s application service provider (ASP) was going out of business. Simmons, a senior vice-president at the Greeson Co., a privately held food broker headquartered in Grand Rapids, will reveal only his second thought: “We’ve got to act quickly.” Last December, HotOffice, the ASP that the Greeson Co. used for E-mail, document storage, and mobile communication, announced that it would be shutting down in just 14 days. HotOffice had worked out a transition deal with its former competitor, Intranets.com. Simmons spent a few days researching sites and then three or four more days conducting a trial evaluation at Intranets.com before signing on. “The support center has been excellent,” Simmons says of the new service. Simmons and his fellow former HotOffice customers were among the lucky ones. When time-billing site Red Gorilla abruptly closed shop last year, it locked its customers out of their own data for a week. What’s worse, ASP burn isn’t limited to no-name start-ups. Intel and SAP had backed Pandesic, an E-commerce ASP that exited stage left last summer. Analysts say the ASP market is still growing, and for good reason: the model is attractive to small businesses like the Greeson Co. for the cost savings and convenience. But what’s less convenient than losing access to your own data? The trick is getting the benefits of an ASP without the headaches. Here’s how. Get tough up front, says Traver Gruen-Kennedy, chairman of the ASP Industry Consortium. Before you entrust someone else with your digital treasures, demand a service-level agreement — a contract that describes exactly what the company provides for its customers — detailing the ASP’s provisions for handling disasters. Gruen-Kennedy realizes that when it comes to negotiating contracts and resolving disputes, small-business customers don’t inspire ASPs to do back flips in the way big-name, billion-dollar customers might. So his consortium has collaborated with the United Nations to create an international “virtual court” (at www.allaboutasp.org) for handling disputes and arbitration. “We want to turn borderless cyberspace into borderless legal space,” he says. The court works like this: After a small business files a complaint, a tech-savvy judge or group of judges mediates the dispute, and 175 countries uphold the outcome. Gruen-Kennedy thinks that the service will help to defuse data-hostage situations before they get ugly. The ABCs of ASPs High-tech companies have always made up their own language, usually to society’s detriment. Who among us hasn’t complained about incomprehensible jargon? But the niche industry of application service providers (ASPs) has taken jargon to an extreme. At times it seems as if people who work for ASPs are speaking in their own secret code. “We’re an MSP-plus,” says one vice-president, referring to so-called management service providers. “The term we’re using is application management provider,” or AMP, says a public-relations man. And these guys work for the same company. In a misguided attempt to create market differentiation, ASPs have succeeded in creating market confusion. In its simplest form, an ASP is a company that rents software. The software resides on the ASP’s servers, and customers — including small businesses — access it through the Web. As the model expands across industries, ASPs have tinkered with the acronym, dubbing themselves BSPs (business service providers), AIPs (application infrastructure providers), FSPs (full service providers), and so on. “All these things are really ASPs,” says Todd Carter, editorial director of ASPstreet .com, an industry Web site. “They’re looking for a niche, so they want to appear different.” It’s a little like algebra, he says: “XSP” is an ASP, where x is any variable you feel like plugging in. Bulletin Board Meetings within Meetings Do-It-Yourself Networking Laptop Insecurity Things We Love: A Nightlight for Laptops Meet the New Boss Copying Web Design: How Much Is Too Much? Hostage Situation Please e-mail your comments to editors@inc.com.