Making Copies!

There has been a lot in the news lately regarding the security of copier hard drives. I have to admit I haven't been thinking much about what make the inner workings of copiers and multi-function office machines tick until now. Because of this, we turned to our copy machine vendor to find out the options for the machines we have in the office.

Of course, whenever security is at stake there is a chance to make a little cash with the resolution. Our copier vendor is no exception. I'm not sure if these options have been around for a while or are recent additions, but if you have copiers or the popular network attached copier/printer/scanners, you may want to see if your vendor has similar offerings. These are for Ricoh brand machines and for our leasing plan, these options come with a monthly fee.

DataOverwriteSecurity System (DOSS) Option - To provide enhanced security for our MFPs and printers, Ricoh offers the DataOverwriteSecurity System (DOSS) for its MFP and printer products. DOSS verwrites the sector of the hard drive used for data processing after the completion of each job. During the overwrite process, the data is destroyed to prevent recovery. Additionally, DOSS also offers the option of overwriting the entire hard drive up to nine times. This feature may be used at the end of the lease or if the MFP or printer is moved to another department, and may be added before or after the initial sale.

Hard Drive Encryption Option - The Hard Drive Encryption Option meets international standard “AES 256 CBC” and provides security for information that needs to be stored on the MFP or printer and reused again. Examples of information that may need to be stored for reuse include administrator and user passwords and address books. The Hard Drive Encryption Option differs from DOSS in that the information encrypted is not destroyed, but locked up so only authorized users may access the information.

DOSS destroys data so it cannot be reused. The Hard Drive Encryption Option and DOSS may be used in conjunction and will not interfere with MFP or printer operation. In addtion, Ricoh offers a wide range of network security features such as user authentication, network communication encryption and the ability to close unused network ports.

Go forth and copy.

Let's not "View All Site Content"

I've been managing our company's new SharePoint (WSS 3.0) "intranet" for about a month or so now and have been slowly introducing features to different departments based on needs. Most of the time, I've simply been setting up the sites, pages or libraries they need and making them accessible through the navigation areas.

Some things were left off of the navigation intentionally, like subsites for special projects and other bits of the SharePoint content that were really meant to stay in the background. However, all of it is accessible using the "View All Site Content" link on the top of the default left navigation bar, much to my dismay.

Turns out, I'm not the only person who wants that link to disappear easily and there are a variety of solutions available on the Internet, depending on your needs. For my organization, I really just needed the link to not be visible. I'm not deeply concerned about people having the permissions to access that view, I just want it to be difficult to get to that view in the first place!

Since I'm not a SharePoint designer guru, nor am I very good at CSS, I wanted a simple solution that would give me the option of removing the link without having to poke around in the "master pages" and whatnot. I found Mark Wagner's post How To: Hide/Remove "View All Site Content", complete with a downloadable solution package that was perfect for my needs. It was quick and easy to install and didn't even require the restart of IIS.

Upcoming Events for Techies

The Citrix and Microsoft Roadshow – a free, half-day event being held in multiple locations across the US covering desktop virtualization. If you are in CA, catch it in Sacramento on May 25th, inSan Francisco on June 10th or in Los Angeles on June 17th.

Enterprise Content Management in SharePoint – another free, half-day seminar hosted by Microsoft, QuickStart Intelligence, and KnowledgeLake. Learn how to lower costs and increase productivity by transforming your existing Microsoft SharePoint into an Advanced Enterprise Content Management system using SharePoint 2010. This is being held June 18th in Microsoft’s San Francisco office.

Also don’t forget about the Microsoft Bus Tour if you’ll be on the east coast, which starts today! I’m hearing some cities are already fully booked, so don’t miss out if you can still grab a slot.

The Bus Tour ends at TechEd in New Orleans and I’m looking forward to a fun-filled week of learning. Visit me at the Springboard booth in the TLC area if you are going to be there.

Oops.

Did you miss techbunny.com for a bit yesterday? So did I! Turns out time flies when you are blogging and I let the renewal of my domain slip away. Ouch.

Don’t know why I didn’t get an email reminder, but I was renewed pretty quickly and after a few hours everything was back to normal. But while I was logged into my domain registrars website (I use DotEasy) I figured I’d check out some of their domain management features.

First on the list is “Domain Lock”, which is an annual paid service that blocks requests to transfer the domain to another registrar or hosting company will automatically fail. This can be used to help prevent domain theft, hijacking or other fraudulent transfers of domain names. I usually pass on this service, because email confirmation and authcode requirements should make it pretty difficult for someone change domain registrars without notification.

In addition, if you are using a private registration service, transfer requests will likely fail. Private registration masks your personal information from WHOIS searches and the like. Private registration is sometime free depending on your hosting package, so I make sure to keep that on. The ones that allow you to keep official control of your domain name and just mask the information are the best. Seems worth it from an identity protection standpoint too.

Finally, check to see if your registrar offers automatic domain renewal. Obviously, every registrar would love to keep your business and automatic renewal is handy offering to make that happen. I turned it on for my domain after this week’s oversight and remember to mark my calendar so I won’t make this mistake again!

Check out the IT Grand Prix to TechEd

Start Your Engines! The IT Grand Prix is coming!

Four teams of Microsoft Certified Professionals are revving their engines! From June 1 through June 4, 2010, they’ll race from Washington D.C. to TechEd 2010 in New Orleans, where the winning team will award a $10,000 check to the charity of their choice.

Along the way, they'll overcome challenges and help local non-profits. But they need your help: pick your favorite team, join their virtual Pit Crew, and help them meet the challenges they’ll face during the race by solving on-line challenges to earn points for your team. It’s your opportunity to help four great causes in a way that only MCPs can.

Register for an online Pit Crew today – I’m on the Red Team, but all four teams are racing for some great causes!

QuickBooks and Software Firewalls

I'll admit that I don't do much when it comes to tech support for small businesses, but I recently came across having to get a shared setup of Intuit Quickbooks 2010 working between two Windows 7 machines in a HomeGroup, using Trend Micro Internet Security 2010 protection for a small company.

First off, if you are using a third-party product for anti-virus/security/firewall, make sure to disable the Windows firewall. I expected Windows 7 to recognize that a firewall product was installed, but it didn't, thus the OS firewall was conflicting with the settings from the Trend Micro.

Once that hurdle had been crossed, it was time to configure the Trend Micro firewall to let QuickBooks through. I started out creating an exception for the main executiable application, but that didn't do the trick. A little research brought me to this knowledge base article from Intuit that lists out over a dozen file exceptions that need to be made. It was a little tedious to set up, but the multi-user mode of the application worked as expected once they were added.

Much safer than the work around the staff was using before - disabling the firewall whenever they wanted to work on the company finances!

Gearing Up for Vitualization Certification

There are several virtualizations exams available from Microsoft, some shiny and new and one that's been around for a bit of time now. There is indication that there will be an new MCITP certification that's not yet on the Microsoft certification list - MCITP: Windows Server 2008 R2, Virtualization Adminstrator.

At the moment, there are 3 exams that count toward this certification, though without final say from Microsoft website, I'm currently thinking that the full certification is not fully baked yet. However, no reason you can't get started. In the past, I've taken 70-652 (TS: Windows Server Virtualization, Configurating) which is a stand-alone Technology Specialist exam for virtualization with Hyper-V on Windows 2008. It does not cover Server 2008 R2 technologies.

The other 3 exams, are new and are specifically geared toward Windows Server 2008 R2.

• 70-669 TS: Windows Server 2008 R2, Desktop Virtualization
• 70-659 TS: Windows Server 2008 R2, Server Virtualization
• 70-693 Pro: Windows Server 2008 R2, Virtualization Administrator

There is very little study/prep materials available for these exams at the moment, however expect you'll need to know about configuring and managing Hyper-V and RDS, as well as VDI, MED-V and App-V technologies.

Don't forget, the Microsoft Second Shot offer is still available for exams taken through June 30th. Drop me an email if you need a voucher number for the second shot offer.

Managing Linked Pages in ImageRight

ImageRight has a nifty feature where you can “link” pages from a document in one file to another file. When annotations are made on those linked pages in either file, they show in both locations. You can link pages from one file to multiple files and the annotations will remain synced on all of the linked copies.

It’s important to know that “all linked copies are equal”, there is no master version of the a page once a linked copy is created. If File A has a link to File B and File C, annotations on any version will be synced to all other copies. If you delete the page from File A, the linked version in File B and File C will still continue to share annotation updates between them. However what happens when the original document was incorrect and needs to be swapped out? Or how do you figure out which other files are referencing a document?

Turns out, there isn’t an easy answer. In my particular scenario, it was discovered that File A (the original document) was determined to be inaccurate and needed to be replaced with updated pages. If those pages were deleted outright, there would be no way to determine which other files were linked or how to notify users of those files of the error.

My suggestion is to put an annotation on what was the source document stating that it had been superseded by a new version and where the updated version could be located. That annotation would sync to the other linked copies, wherever they may be. Finally, the pages could be replaced in the original file. The link with the original location would be gone, but whenever someone came across the notation on the older version in another file, they could reference the new file and re-link fresh copies if desired.

I've requested that ImageRight add the ability to determine which pages or documents are linked, so maybe we'll see that as an enhancement in a future version.

App-V vs. Terminal Services – Which one, when?

Both App-V and Terminal Services/Remote Desktop Services can reduce the amount of time an IT Professional spends installing, managing and troubleshooting applications on desktops. Both technologies allow you to install, upgrade and manage an application in one place (on a server) and allow multiple users access to those applications. And then the similarities start to end.

Terminal Services/RDS is based on session hosting. The users must establish a session with the host server to access the application. Depending on what version of Windows Server you are using, the applications can appear on the desktop seamlessly using either RemoteApp or other 3rd party technologies. While this is great for workers who are located locally in the office or are regularly connected via the Internet from another location, the applications are not accessible when the client machine is working offline.

App-V streams the packaged applications to the client machine, which are then cached locally for use while working on or offline. The applications can be managed and updated on the server side and the client machines receive updates when they reconnect. This allows for better control of the overall software lifecycle and ensures that every client is running the approved version of any given application.

When it comes to support for legacy applications, especially those that will not run on Windows 7, App-V isn’t necessarily going to be the solution. Any application streamed from App-V must be sequenced and packaged for the destination operating system, though I've heard of some success with XP-sequenced apps working on Windows 7, so your mileage may vary. App-V requires the applications to interact with the client operating system in order to take advantage the local system resources. This is also important for applications that must interact with each other and with the local drivers on the machine, to deliver an experience similar to having the application installed in the traditional fashion.

If you have an application that won’t run on Windows 7, you’ll have to turn to a solution other than App-V. If you already have a legacy Server 2003 Terminal Services infrastructure in place that can deliver the application, it might be easier and more cost effective to look at using that instead of deploying MED-V. (See my post on TS vs. MED-V in April.)

Legacy applications aside, what if all your applications are Windows 7 ready? Can RDS make more sense than App-V?

First, you have to consider your users. Do the work online or offline? Do you have the RDS infrastructure to support having EVERYONE access applications during the work day? Having everyone access hosted applications is resource intensive on the server. If you currently have an implementation that used for only a few remote workers or for little used applications you’ll have to look closely at how much those servers will be able to support. App-V might be a better fit if you want to take advantage the resources on the local machines instead.

You can also combine App-V with Remote Desktop Services to make better use of server farm resources. Ultimately, there are a lot of different ways to deliver software to your end users and it doesn’t have to involving managing applications on each desktop.