Tag Archives: Microsoft Windows XP

About 3702 days ago Telecom and Wireless

2003 Tech Buying Guide: Video Gives Face Time

2003 Tech Buying Guide Market Report Videoconferencing systems have long been an expense better suited to large companies. But now that the Net offers an essentially free platform for video delivery to multiple sites, any business wanting to hold videoconferences can create Net-based “facilities.” “Many [business users] see Web conferencing as taking over for video,” says Joe Gagan, a senior analyst at research firm the Yankee Group. However, “quality is not guaranteed” on the Net, says Christine Perey, president of Perey Research and Consulting. She characterizes the current videoconferencing market as “uneven” — which reflects feedback from Inc.com’s “What’s Your Technology Plan?” poll. In that survey, 69% of those responding do not feel their businesses would save time or money by making a videoconferencing investment. Are they buying laptops for their traveling employees instead? STAY THE COURSE Microsoft Windows XP [ www.microsoft.com]. It doesn’t get any more economical than this. Because real-time voice, data, and video capabilities for an up to 10-person confab are built into the $299 operating system, videoconferencing really costs nothing more than the price of your Net connection (just add camera and microphone). A decent camera with adequate videocast resolution (320 x 240 pixel rate), wide angle and zoom features (important for zeroing in on those presentations), and a 30-frames-per-second capture rate will set you back approximately $100. MOVE AHEAD First Virtual Communications’ Click to Meet Express [ www.fvc.com/eng/webconferencing] lets four or more conferencees on the Web do everything that more expensive private systems allow — including such media-rich meeting capabilities as shared documents and PC presentations — for much less. Get together with three of your colleagues for 15 one-hour meetings per month (or 3,600 minutes of meeting time) and you will pay roughly $591 per month over three years. (Budget in a camera, at a cost of approximately $100 for each user.) But the good news is that First Virtual claims the system pays for itself in about eight months. Click to Meet targets small groups at small- and medium-size businesses that frequently share documents, images, and presentations. BLEEDING EDGE Sleek and aimed at the small to medium-size work place, the TANDBERG 1000 [ www.tandberg.net] is a flat-screen desktop videoconferencing system that can also be wall-mounted. Along with a 12.1-inch screen, this unit also offers wireless local-area network (LAN) support, embedded security, and PC compatibility for making presentations. Pricier than some of its counterparts, the TANDBERG 1000 lists between $5,490 and $8,980. What to Ask How many people will be participating? What is the cost as compared with travel? How many cameras do I need? Do I have enough bandwidth to handle video? Case In Point Mike Daugherty Founder/President LabMD THE NEED: LabMD, an Atlanta-based clinical testing lab, finds it cost- and time-prohibitive to have regular meetings and training sessions with its nationwide clients and its on-the-move reps, who work out of D.C., Atlanta, and Memphis. Mike Daugherty wanted to leverage the “essentially free” Net. THE SOLUTION: Daugherty chose First Virtual Click to Meet Express, with Logitech 4000 cameras and high-speed Net access. Cost was key for him, and he also wanted a Web-based solution. Image and audio clarity were essential. “You don’t want people to sound like they’re underwater.” A LITTLE HINDSIGHT: “The marketplace has to get more bandwidth,” he says. NEXT TIME: He expects wireless advances to free up his sales reps to roam even more. JUSTIFYING THE COST: LabMD bought the initial software directly from First Virtual, licensing it for $5,000 for five to 10 users. The Logitech cameras cost about $100 each. “As our sales force grows, it will cost me more,” he says. “But the long-term savings are worth it. The Net flattens out all of the cost.” DON’T FORGET TO ASK: “‘What do you know that I don’t know?’ Some distributors capitalize on your infant stage … and take advantage.” But vendors are often more interested in long-term relationships, Daugherty says. Their sales reps are generally more forthright. 2003 Tech Buying Guide Laptops Handhelds Hybrids Cell Phones Wi-Fi Networks Digital Cameras Videoconferencing Setups Shopping Tips Log On and Be Counted In recent weeks, visitors to Inc.com have been sharing some of their tech-buying strategies with other readers by taking our buyer’s guide poll. Take the quick survey yourself, then see how others are thinking about the product areas covered in this story. Please E-mail your comments to editors@inc.com.

About 3853 days ago Business Software

There’s Linux in Them Thar Hills

I got my laptop to boot up into Windows. This sounds idiot proof, but it’s not. My laptop opens by default into Linux. Certainly you’ve heard of Linux. It’s a computer operating system, an alternative to Microsoft and their Windows operating system. Technology is full of differing approaches. But Microsoft v. Linux goes beyond a simple disagreement. It’s a Hatfields-and-McCoys feud, a drama of honor and justice, a fight for the way things ought to be. You’ve got your Hatfields–Windows XP, 98, NT and Millennium–and across a gurgling Appalachian creek, your McCoys–the Linux clan. It’s not hard to find the Linux homestead. Wander two hills over and take a right at the old well. You’ll know the place by the flag of the pudgy, somnambulant penguin that hangs next to the satellite dish. Even in Appalachia, geeks gotta have their toys. From the outside, the Linux house looks like a decrepit shack. But appearances can be deceiving. Open the creaking front door, and you discover an opulent interior that stretches out spaciously. (It’s like the phenomenon of Doctor Who’s Tardis: On the outside, a tiny police call box, yet inside, a sprawling timeship.) But wait! The Linux house feels oddly familiar. Do you hear the words “see-ment pond” echoing in the marble foyer? Waddaya know! It’s Chez Clampett, the mansion that Jed bought after he discovered the bubblin’ crude, and they loaded up the truck and moved to Beverly Hills. Along with a stash of killer hardware. In the kitchen, Suzy May–she’s Elly May’s minimally-clad sister–and her posse of programmers discuss SuSE Linux 8.0. Jethro relaxes out by the pool with his buddies. He wears a scarlet fedora hat tilted at a jaunty angle–he’s the poster man-child for Red Hat Linux. Granny stands out on the patio boiling some clothes in a huge cauldron. She loves Caldera Linux and 802.11a wireless networks. And here’s Harry Potter in a Mandrake Linux magician’s hat! Before you can say “muggle,” he’s run off to join Uncle Jed and the Slackware Linux crowd. They’re watching Star Trek re-runs and eating Cheetos in the rec room. You’ve landed in paradise–if you’re a programmer or that strange breed of consumer known as the computer hobbyist. If you’re neither, the Linux lair might seem pathetic. But you’d be wrong. This is war, the Hatfields and McCoys duking it out for the future of the operating system. Some would even call it a holy war, with Bill Gates as the Antichrist and Linus Torvalds, writer of the Linux kernel, as the Messiah. (At the very least, Bill and Linus ought to face off on MTV’s Celebrity Deathmatch.) The key difference between Linux and Microsoft has to do with the open source movement. Let Granny explain with this homespun analogy: “Say yer known far ‘n’ wide for yer squirrel stew. Now Ethelanne Stafford asks ya for the recipe. Are ya gonna tell her ‘Nope, ya can’t have it ’cause it’s a secret?’ That she’s gotta come to ya for the stew, and pay for it? “Why that ain’t neighborly t’all!” Microsoft has their squirrel stew, which the Linux camp would deride as a cholesterol-laden mess with millions of lines of bloated code. In contrast, Linux is spa cuisine. It’s lighter and healthier, the flavor clarified through an economy of hacking. A programmer can change the code because he got the complete recipe–for free. Linux is a Stone Soup for the soul of the new machine. You make your changes, I make mine, and it’s a brighter, better operating system for us all. Except for me. I use Windows, something that I’m not particularly proud of. At times, I’m actively upset by my Windows “habit,” especially after I’ve had to restart my computer five times in three hours. But you can’t discount the prevalence of Microsoft’s Office software. I’ve compromised with my husband, a Linux man: My machine boots up into either system. Our “you like to-may-toe and I like to-mah-toe” approach doesn’t work seamlessly. Like today, when I was pushing to meet a deadline. My laptop got confused, so it took 15 precious minutes to boot into Windows. Things could be worse. When my toddler son starts to program, he may decide that he wants an entirely different system, one that some 19-year-old wiz in Helsinki is just now dreaming up. Then we’ll be a triple-booting family. And I might decide to boot the computer entirely and return to pen and paper. Nancy Peponis, a principal of Luminosa Consulting, focuses on marketing and business strategy. She can be reached at nancy@luminosa-consulting.com. Copyright © 2000-2002 MarketingProfs.com All Rights Reserved

About 4067 days ago Telecom and Wireless

Special Technology Report: Inside Story

Special Technology Report The Internet promised to drastically change your business. Now state-of-the-art small-company intranets are actually delivering on that promise. Instant word-association test: What comes to mind when you hear the terms intranet and extranet? Chances are, it’s something like this: Big-company stuff. Internal Web sites with multimillion-dollar price tags at places like Hewlett-Packard and GE and Charles Schwab. Hotshot technology that my small business wouldn’t use and doesn’t need. And even if we did need it, we couldn’t afford it. Right? Guess again. True, intranets come to the party with a big-company, big-bucks reputation — and deservedly so. The earliest private Web-based networks began at Fortune 500 giants like Ford Motor Co. and Sun Microsystems. The best, in some cases, save more money than many small businesses make in a year. And true, they’ve typically involved large-scale initiatives, such as linking thousands of workers worldwide or putting millions of documents online. But here’s some news that is just as true: private Web sites are changing small business, big time. Small and midsize companies are turning to intranets (and their external cousins, extranets) in much the same way they turned to the public Web a few years ago. And in some cases, they’re getting far more favorable results with the private sites. Many are using them to fundamentally change some aspect of their business. A pioneering few are using the sites to drive their company’s entire strategy. And they’re doing it using technology once viewed as strictly a big-company tool. We’re not talking about companies’ using internal networks as electronic filing cabinets for human-resources forms or bulletin boards where Joe in accounting can advertise a used Jeep for sale. We’re talking about entrepreneurs’ strategically using a broad range of intranet-extranet efforts to gain a competitive foothold in a tight economy, typically by nurturing existing relationships or creating conduits for new ones. On one end of that spectrum are the rare companies run primarily, or entirely, on private Web sites that let them easily connect with employees, partners, or customers. One of those companies is 1-800-GOT-JUNK, a Vancouver, B.C., trash-removal business whose intranet for its franchisees, called JunkNet, helped to fuel the company’s growth from $2 million in revenues in 1999 to $10 million last year. Another is Boston-based SeniorLink, a fledgling company that will launch an extranet later this year to help baby-boomer customers nationwide find care-management services for their aging parents. On the opposite end are traditional companies that are using intranets to transform one practice, with effects that ripple through the rest of their culture. A sterling example: Extreme Logic Inc., an Atlanta-based technology consulting firm. Like many growing companies, Extreme Logic handles job-performance reviews online. What’s unusual is that the company encourages its corporate clients to log on and evaluate the employees who serve them. As a result, company officials say, Extreme Logic has deepened relationships with customers by letting them know they’re trusted partners whose opinions count. In the middle of the spectrum are companies with the most intriguing stories: those whose private sites create unprecedented opportunities. At TemPositions Group, a New York City-based staffing company, an intranet instantly matches customers’ requests for temporary employees with contractors who best fit the bill, allowing the 125-employee business to successfully bid against giant national staffing companies for major contracts. Eckert Seamans Cherin & Mellott, a Pittsburgh-based law firm, now coordinates hundreds of product-liability claims filed nationwide against one of its major clients, thanks to sophisticated technology that makes it possible for the firm’s lawyers to share court documents with other lawyers in 50 states, Puerto Rico, and the U.S. Virgin Islands. And Eminent Research Systems, in Minneapolis, uses an intranet to dramatically speed up its ability to coordinate protocol documents for medical-device tests, thereby helping the company to increase its business capacity tenfold. It’s impossible to find hard numbers on how many companies are jumping onto the private Web. The few studies done to date confirm only that a growing number of small companies have either launched a private network or expect to do so soon. Most, it appears, still use the technology for pedestrian purposes: storing documents, sharing files, ordering supplies. But we’ve found a handful of cutting-edge entrepreneurs who are using intranets and extranets to transform their business strategies, in most cases by helping their companies forge new relationships. OPEN BOOK: Dennis L. Veraldi says that his law firm’s extranet improves services for clients. What’s propelling this small-business intranet revolution? Experts tick off a number of drivers: the migration of big-business practices to small-business scale, recession-driven pressure to find new ways to get new customers or better serve existing ones, and increased comfort with doing business online. “All the things that the major corporations were doing two or three years ago are trickling down to the small-business realm,” says Ryan Bernard, president of Wordmark Associates Inc., a Houston consulting firm, and author of The Corporate Intranet. “The larger corporations were the proving ground.” Web-usability consultant Jakob Nielsen, whose Nielsen Norman Group, in Fremont, Calif., annually honors 10 outstanding intranets, has recently noticed that more small companies are making the list. Says Nielsen, “That proves it’s possible to get good effect out of an intranet without being a huge corporation.” Other experts call the trend evolutionary, saying that it is picking up speed as companies conduct more and more business online. Nearly everyone can use a Web browser, which means that nearly everyone can adapt almost instantly to a Web-based network. And small companies can now choose from a broad range of intranet options, from cut-rate do-it-yourself models to cutting-edge, custom-designed systems. Admittedly, the trend’s leaders tend to spend freely to launch, staff, and maintain their private Web sites. Initial five- or six-figure investments aren’t unusual, and some ambitious companies may well spend more. But there are plenty of less pricey options, ranging from having a savvy staffer do the job in-house to renting the service. (See ” Spin Your Own,” below.) Perhaps the most remarkable cultural change is how many entrepreneurs are overcoming their natural reticence to share information, inside the company or out. Brian Chavis, CEO of ARGroup, a Web and intranet developer based in Leesburg, Va., says that he used to have to pitch the idea of private networks to his customers. “I don’t have to do that anymore,” he says. “Our clients are telling me that they want this.” What they want, as the leading examples show, are new and better ways to connect with customers, employees, and partners. Rather than blindly following the late-1990s mantra to endlessly hurl money at their public Web sites in hopes of expanding their reach, many companies now look inward for ways to better serve customers they’ve already got. “Companies are saying, ‘Let’s really strengthen those relationships as much as possible,” says Ray Boggs, vice-president of small-business and home-office research at IDC, in Framingham, Mass. Randy J. Hinrichs couldn’t agree more. Hinrichs, group research manager in learning sciences and technology for Microsoft Research and author of Intranets: What’s the Bottom Line?, says intranets and extranets provide the perfect environment for small companies to create and nurture the partnerships they need to thrive. He makes the goal sound almost romantic. “You make long-term, meaningful relationships by saying, ‘We can share each other’s data,’ and knowing that it’s going to be consistent and trustworthy,” he says. Executives at Atlanta IT-consulting firm Extreme Logic consider it critical to forge long-term commitments with both employees and customers. So the company sends both to its combo intranet-extranet for performance reviews. The system hasn’t directly affected Extreme Logic’s revenues, which topped $30 million last year. But it’s improved the company’s own showing in two top-priority areas: retaining star performers and nurturing all employees. When workers leave — whether they’re hired away by competitors or fired for poor performance — the company spends as much as three times an employee’s annual salary to find and train a replacement. Getting quick online feedback directly from customers lets Extreme Logic reward its stars and provide specific improvement goals for everyone else. The approach seems to work. Mike Williams, who oversees human resources, says the company’s turnover rate is 5% to 10% lower than the IT industry standard. And since the company added the performance-evaluation feature to its intranet, 18 months ago, about 80% of its employees and managers feel that they’re working toward the same goals, compared with 52% before, according to an internal study. For TemPositions, making connections quickly is what counts. The company, one of 350 temporary-staffing agencies in New York City, has begun bidding against the big boys — including $4.1-billion Kelly Services — for major contracts. To compete against the industry giants, TemPositions focuses on what CEO and president James Essey calls its core strength: delivering the perfect worker faster. And to do that, TemPositions relies on an intranet that, much like a dating service, instantly matches customer requests with the best available contract employees. If, for instance, a client company needs a registered nurse with pediatric experience, the TemPositions intranet automatically E-mails the job offer to the best-qualified candidates. The system excludes temps who are already on assignments or unavailable because of vacation or illness. When contractors accept gigs, the intranet automatically E-mails them a link to their own personal job bank sites, where they find assignment sheets with dates, prices, a map, and supervisor contact information. When temps reject offers or don’t respond, the intranet solicits the next person in line. Corporate customers can even make their own temp requests online. Essey says the do-it-yourself convenience “cements us to the customer in a big way because once they get into the system and see all the information there, they’re less likely to go to a competitor.” That’s a far cry from the traditional temp-placement process, which typically requires hours of telephone tag. (Customers call the agency with a personnel request, and then agency employees dig through paper files, call candidates, and wait for return calls.) And the streamlined process, in turn, has allowed the 40-year-old company to go after huge long-term contracts it couldn’t even have considered before. At press time, TemPositions was competing for a contract to supply the New York City schools with more than 1,000 temps in a variety of areas, including curriculum and course development and counseling. “We couldn’t bid on it if we didn’t have these tools,” says Essey. “We’d need enough employees to fill a football-field-size call center.” TemPositions, which had about $30 million in revenues in 2001, spent $250,000 building its intranet in 1998 — primarily, Essey says, on Web design and for the salaries of a chief information officer, a programmer, and a technology troubleshooter — and it continues to spend liberally on salaries, equipment upgrades, and maintenance. “It’s not free,” he acknowledges. At the same time, he expects the intranet to reduce the company’s head count — eliminating, for instance, the need for data-entry staffers. Essey says those savings are well worth the investment. GRAND SCALE: James Parks credits his firm’s extranet for letting Eckert Seamans go national. Speed was the issue at Eminent Research Systems, in Minneapolis, where clogged procedural arteries were stunting the company’s growth. The $7-million, 22-employee company specializes in coordinating trials for heart and blood-vessel devices such as stents — products that typically have a market life span of only 18 months before they’re replaced by newer models. Previously, Eminent sent 150- to 500-page study-protocol documents to participating physicians and regulators, who marked them up and mailed them back. Sometimes the hefty hard copies made several round trips before everybody agreed on protocols — a process that typically took at least two months. The lengthy procedure caused some customers to forgo putting their devices on the market altogether, which meant less work for Eminent. “Turnaround time is key,” says Linda Laak, vice-president and chief operating officer. “Our competition is not necessarily another company but whether or not the client will do the study at all.” That changed in February 2001, when Eminent launched an extranet that allows doctors nationwide to collaborate on protocols electronically. The system sliced the approval process from two months to two weeks. Meanwhile, although Eminent spent $50,000 to launch its private Web site, Laak estimates that the company saves 10 times that amount by eliminating the “heavy lifting”: shipping, storage, and paying the salaries of two administrative people who handled all the documents. And the company can handle 10 times as many projects at once as it could before, resulting in a 40% increase in revenues. At Eckert Seamans Cherin & Mellott, the Pittsburgh law firm, an extranet became the key to going national without opening any additional offices. The 44-year-old firm wanted to serve as the national coordinator for thousands of product-liability claims against a major client. But the firm couldn’t possibly set up shop in all the affected jurisdictions: 50 states, Puerto Rico, and the Virgin Islands. Instead, the firm’s executive team decided it needed two things: a network of partners and a network connecting them. Those partners were, and are, “local counsel” — dozens of far-flung law firms that Eckert Seamans hired to handle claims in their own states. The network that connects them is Eckert Seamans’s extranet, which contains all related documents, including briefs, transcripts, interviews, research, medical and scientific information, and correspondence. Obviously, storing paperwork in one location helps everybody access documents faster. But Eckert Seamans argues that the extranet provides two more important benefits. First, it’s an unprecedented way to provide clients with a consistent nationwide defense by making sure that all the lawyers are literally on the same page. In addition, it saves time and money by providing those far-flung partners with research to strengthen the cases in their states. And the extranet lets the firm’s 215 lawyers coordinate cases in a way they couldn’t have before. “There is no way we could have managed and provided oversight to claims in Texas or California,” says the firm’s executive director, James Parks, citing the time and cost of constant travel, telephone calls, and shipping tons of hard copies cross-country. The system, part of a firmwide technology overhaul, didn’t come cheap: Parks estimates that Eckert Seamans has invested nearly $1.3 million so far, including construction costs to create a separate technology center. But chief operating officer Dennis L. Veraldi is philosophical about the cost. “Sophisticated, larger clients just expect that you’re going to be able to do those things, that you have the capability to service them,” he says. The firm doesn’t even worry much about tracking the system’s return on investment. “It’s part of the infrastructure, part of the overhead,” Parks says. “You have to manage it the same way you manage supplies or telephones or receptionists or libraries or anything else.” But he credits the technology with cutting legal-work costs by 6% to 7% annually and allowing the firm to take on more clients. But Eckert Seamans does worry about security breaches — and not just those involving hackers. The firm must also protect itself against possible security breaches involving the very partners for whom it established the intranet: those local-counsel firms. “Yes, we’re working with them, but they’re still competitors,” Veraldi says. So the firm relies on a combination of firewalls, multiple passwords, and encryption to make sure those faraway lawyers get access only to the appropriate cases — and only for the length of their contracts. For Eckert Seamans and other early adopters, the challenge now is staying ahead of the curve while not getting too far out in front. As Parks puts it: “We’re going to be very judicious about what we implement. We have to ask, ‘Are we letting the technology drag us? Or are we dragging the technology in a way that’s beneficial to us and our clients?’ “ But intranet evangelists believe the potential drawbacks — security concerns, cost, and the constant challenge of keeping current — pale when compared with the rewards gained from creating new partnerships and strengthening existing ones. Especially in a tough economy, the ability to forge new and stronger links offers small companies the best kind of competitive advantage. Anne Stuart is a senior writer at Inc. Jill Hecht Maxwell is a staff writer. Send your comments to editors@inc.com. Spin Your Own Why not? It’s getting cheaper. The companies mentioned here got transformational results from their intranets, but they spent a bundle. You don’t have to pay your way into intranet nirvana. There are less costly ways to get a little closer to the light. As more small businesses have started using private Web sites, software vendors and application service providers (ASPs) have found ways to reduce the pain of building them. Their offerings range from robust software packages to cheap, basic ones that a monkey can set up online in minutes. So how do you decide which path to follow? James Parks, who led the intranet project at Eckert Seamans, offers a few suggestions. BEEF UP SECURITY. Parks won’t touch a system that doesn’t force users to pass through three electronic checkpoints to enter. But if you don’t run a law firm, you may not need security worthy of the CIA. CREATE MULTIPLE LEVELS OF USER ACCESS. Some users need to read files; others need to edit them. Only a few should be allowed to delete them. So you should be able to determine whom you’ll allow into each part of your intranet and what they can do once they get there. DO AN INVENTORY OF YOUR EXISTING DATA. Can you easily move information from your company databases onto the intranet? When Parks started his firm’s project, Eckert Seamans already had 40-plus years’ worth of data living on its systems. CONSIDER STORAGE. If you’ve got 40 dedicated databases on seven mammoth servers, as Eckert Seamans does, don’t even consider the intranets that you can rent for a few dollars per user monthly. They won’t provide anywhere near the storage space you need. So if you need high security and have lots of users and mountains of information, you should start by looking at midpriced software packages — and perhaps talking with a consultant who’s built at least a few intranets before. For less than $6,000, you’ll find software from more than a dozen vendors, like Planet Intra, in Mountain View, Calif. Planet Intra’s software lets regular nontechie people create multiple levels of security access. All employees can use it to publish Web-ready content on a site, even if they don’t know HTML from TCBY. Of course, if you have a decent techie on staff, you can build your own simple intranet with a program like Microsoft FrontPage. You won’t need a firewall if you’re not letting anyone outside your office log on. Finally, if your needs are simple — say, you want a group to share a calendar, swap documents, and hold online discussions — you can set up an intranet for practically nothing. Intranets.com, the King Kong of off-the-shelf intranet ASPs, charges between $3 and $6 per user per month. Competitor InfoStreet charges $3 per user per month. Or try Microsoft’s SharePoint Team Services, which comes free with Office XP Professional Special Edition. Intranet gurus say that no matter which method you elect, there’s at least one thing you should do to ensure that your intranet doesn’t turn into the electronic equivalent of Euro Disney. Find out what would make your employees’ lives easier. People won’t use the intranet if it doesn’t help them. “Think about human needs as opposed to technology,” says Jakob Nielsen of the Nielsen Norman Group. –Jill Hecht Maxwell Still want more information on building your private Web site? Visit www.inc.com/keyword/intranet. Please E-mail your comments to editors@inc.com. Related Links: TemPositions Intranet Make Your Intranet Click Intranet Shortfalls

About 4157 days ago Data Security

Creating a Cyberdefense

E-Strategies Worried that terrorists might attack U.S. computer systems next? A few simple precautions will go a long way toward protecting your company. Even before last September’s terrorist attacks, the law firm of Lewis and Roca LLP was hypercautious about safeguarding its sensitive digital documents. In fact, compared with other small companies in the law firm’s home city of Phoenix and other law firms nationwide, Lewis and Roca seemed not just security-conscious but, well, a tad security-paranoid. For instance, accessing the firm’s sophisticated client extranet had always required using a tool that constantly generated new personal-access numbers. And the firm’s network automatically logged off users whose keyboards were idle for more than 60 minutes. But that was before September 11. Afterward, like their counterparts at other businesses nationwide, Lewis and Roca executives worried even more about the possibility of unseen intruders infiltrating their computer systems. So the 51-year-old firm, which also maintains branch offices in Tucson and Las Vegas, immediately had an in-house team focus more closely on reviewing the firm’s entire data-protection arsenal. The law firm’s biggest priority, of course, is protecting the physical safety of its 350 employees, says chief operating officer Robert S. McCormick. To that end, Lewis and Roca has increased surveillance and security in all its buildings. But shielding its confidential records from theft, damage, or deletion also remains what McCormick calls a top “ethical and legal responsibility.” Lewis and Roca is far from alone in reconsidering its whole spectrum of data security. And under the circumstances, the firm is hardly overreacting. “Right now I don’t think it’s possible to be too worried” about safeguarding records, says Weston Nicolls, a former National Security Agency executive who is chief information security officer at Telenisus Corp., a provider of managed Internet infrastructure services based in Chicago. Nicolls’s concerns are shared by Michael A. Vatis, director of the Institute for Security Technology Studies at Dartmouth College. In a report released just after September 11, Vatis warned that attacks on U.S. computers were “extremely likely” as part of larger, coordinated terrorist actions launched in retaliation for U.S. military strikes. Federal officials apparently agree. Three days after the September terrorist attacks, the FBI’s National Infrastructure Protection Center issued a formal advisory warning of possible vigilante activity online. A few weeks later, the Bush administration appointed longtime White House counterterrorism coordinator Richard Clarke to the newly created job of cyberspace security adviser. Clarke has repeatedly warned Congress and U.S. businesses about the potential for a “digital Pearl Harbor” in which distant assailants would invade and damage the country’s computer networks and telecommunications systems. The good news is that there were no reports of widespread cyberterrorism in the weeks immediately following the suicide hijackings. But as the Dartmouth report points out, previous political conflicts — for instance, clashes between India and Pakistan — have led to “cyberattacks” in those countries. So as U.S. military action continues overseas, Americans need to be highly alert for a possible new wave of virtual warfare, with both distant and domestic hackers trying to deface or crash Web sites, disseminate computer viruses, and break into vulnerable networks to steal, corrupt, or delete information. Osama bin Laden’s shadowy, computer-literate followers aren’t the only potential assailants. “Even more likely are cyberattacks by sympathizers of the terrorists, hackers with general anti-U.S. or anti-allied sentiments, and thrill seekers lacking any political motivation,” the Dartmouth report warns. In other words, companies should consider cyberterrorism not just possible but probable. They should also prepare accordingly, just as a California company might plan its response to an earthquake or a power failure and an East Coast business might protect its systems and data against a likely blizzard or hurricane. That means taking stock now to determine what’s sufficiently safeguarded and what’s still vulnerable — and having an IT staffer or outsourcer make corrections immediately. “Once you’re attacked is not the time to think about how to respond,” says Mark Schertler, vice-president of networking and security services at Primitive Logic Inc., a consulting firm in Sausalito, Calif. “You should have a recovery plan in place. You should have discrete and diverse service providers so that if one gets attacked, you can still operate. And if you’re relying on the Internet for revenue, you should have redundant sources to connect to it.” What’s the minimum computer protection for small businesses? For starters, virus-scanning programs. Self-installed software that detects and stops both viruses and worms can cost as little as $100. Once the software is installed, companies should assign someone to update the protection programs at least once a week — but preferably daily — to protect against the latest nasty attack. “It’s like an arms race,” says Schertler. “New viruses are coming out all the time.” A second must-have: a firewall, or shield, between the company’s internal systems and the Internet, to prevent unauthorized intrusions. The cost for that ranges from less than $50 for a home-based business to thousands of dollars for large companies with many remote users and massive amounts of confidential or valuable information. Next, companies of all sizes should regularly back up all systems. Small companies may be able to get by with weekly backups; businesses of, say, $10 million or more in annual revenues should invest in technology that will take a data snapshot daily. Both should stash the stored data off-site. (Nicolls of Telenisus suggests using a bank vault.) Every company should also make plans to run its networks from another location if necessary. Growing companies may also want to invest in a virtual private network (VPN), which provides far-flung employees, business partners, customers, and vendors with a secure tunnel into a business’s internal computer system. They should also add security software to their road warriors’ portable equipment, such as laptops and personal digital assistants. (See ” Laptop Insecurity,” Inc, March 15, 2001.) Users of Microsoft’s Windows operating system may want to consider upgrading to the new Windows XP operating system for its built-in firewall, enhanced virus protection, and capability for encrypting files both on the desktop and in transit over the Internet. For businesses of all sizes, Primitive Logic’s Schertler, who like Nicolls is a former NSA official, recommends two other security precautions that together cost precisely nothing. First, require employees to use “strong passwords,” made-up phrases that would-be intruders can’t guess or decipher, by running programs that automatically test passwords with common words or names. “Mix up letters and symbols to create something you wouldn’t find in a dictionary,” says Schertler, something like “drB613Jzx.” Second, assign someone on staff to act as your in-house point person for software-vendor updates. That way, your company will get regular reminders about such things as upgrades and patches, which crop up over time. Some security breaches, particularly those on Web sites, happen simply because nobody has the responsibility for retrieving the remedy for a security hole. Lewis and Roca already had many of those precautions in place. But after the terrorist attacks, the firm looked even harder for potential weak spots. Its in-house security team renewed its interest in how the firm controlled access to its systems, including its public Web site and client extranet. Team members also reviewed the firm’s virus-scanning capability, as well as its plans for preserving digital records during a natural — or terrorist-caused — disaster. In direct response to the World Trade Center attack, they even researched ways to salvage paper records. “The pictures of legal documents floating through the streets of lower Manhattan made us aware that recovery of electronic data alone may not be sufficient,” says chief operating officer McCormick. “We may want to consider technologies that will provide us with electronic images of our paper documents and files.” At the same time, the law firm, like many other small businesses, realizes its security-improvement process will never be finished. “It’s fluid, it’s evolving,” McCormick says. “We’re learning new things day by day as the situation changes.” In fact, on the day McCormick made those comments, his firm had just launched a new security initiative to investigate ways to monitor incoming mail for evidence of explosives, anthrax spores, or other potentially deadly materials. The firm also advised employees about ways to protect and preserve data on their own home computers, as well as ways to secure office E-mail and voice mail. Yet despite widespread concern about cyberterrorism, the FBI’s data indicate that most security problems originate within a company’s walls, either by accident or by design. For that reason, experts also recommend that companies monitor their networks for unauthorized remote access, set alarms to indicate large deletions of files, and remove ex-employees’ access to computer, E-mail, and even voice-mail systems as soon as they’re out the door. As security expert Nicolls puts it, “Unfortunately, people can still screw up the very best technology you can buy.” Anne Stuart is a senior writer at Inc. Computer and Internet Security Resources COMPUTER SECURITY WARNINGS AND ADVISORIES FBI’s National Infrastructure Protection Center www.nipc.gov CERT Coordination Center, Carnegie Mellon University (Funded by U.S. Department of Defense) www.cert.org The System Administration, Networking, and Security Institute www.sans.org COMPUTER SECURITY INFORMATION AND TRAINING Computer Security Institute www.gocsi.com FREE TIPS ON PREVENTING SECURITY PROBLEMS AND CYBERTERRORISM ATTACKS Telenisus Corp. www.telenisus.com REPORT PREDICTING CYBERATTACKS DURING THE U.S. WAR ON TERRORISM The Institute for Security Technology Studies, Dartmouth College www.ists.dartmouth.edu/ISTS/counterterrorism/cyber_attacks.htm Hands On 48 Hours: How do you eliminate bureaucratic bottlenecks? Siamak Farah, CEO of InfoStreet, a $1.8-million developer of corporate intranets in Tarzana, Calif., wants his 15 staffers to take initiatives and run with them — as opposed to waiting for a manager’s approval. So in early 2000 he inaugurated “the 48-hour rule.” “If an employee comes up with an idea or proposal and submits it to his or her superior, the superior has two working days to respond,” he explains. If a manager doesn’t respond within 48 hours, then the employee can proceed under the assumption that the manager has granted approval. Farah says the rule has “done wonders” for decision making and initiative taking. And what if, perchance, a manager is away for two days? Nothing changes. Absentees must delegate the decision making to a second-in-command. –Ilan Mochari The Whole New Business Catalog Inc Query: How Do I Get to the Next Level? Best of the Net: B-School Brains Creating a Cyberdefense Stop the Net, I Want to Get Off Let’s Make A Deal The Unkindest Cut of All Please e-mail your comments to editors@inc.com.