Microsoft Excel Macro: Set Outlook Reminders from Excel

June 15, 2011 Comments off

This is my second post on Excel Macros. I am not a coder but a script-kiddie. Macros that I develop are usually to help me manage routine tasks better. This one is something I have developed to help me in my present assignment. This assignment has several reports which are supposed to come at different frequencies. It’s difficult to keep a track the deadlines of reports when you are the recipient of reports. (It’s easier when you have to submit reports!)

Using this macro you can set Calendar reminders (Appointments) in your Microsoft Outlook right from your Excel. This is going to be a great help for projects when you have many deliverables lined up at regular intervals.

——–Start of Macro——-

Sub Outlook_Appointment()

Dim olApp As Outlook.Application

Dim olAppItem As Outlook.AppointmentItem

Set olApp = GetObject("", "Outlook.Application")

Set olAppItem = olApp.CreateItem(olAppointmentItem)

With olAppItem

.Start = Range("'Out_App'!A6").Value

.Subject = Range("'Out_App'!B6").Value

.Duration = 1

.ReminderSet = True

.Save

End With

End Sub

——–End of Macro——-

Here, .Start should point to the Cell Range where Date of the Appointment is present. & Subject is the Text in another Cell Range which is associated with the Date. Here Out_App is the name of the tab in the Worksheet.

By default, the reminder is set for 00:00 hours for a particular day. You may change it to suit your requirements.

Ability to excel instigates the ability to automate!

Known problems:

  1. When you run the macro, you may get a compilation error stating ‘User-defined type not defined’. To overcome this, simply go to Tools>Reference in Visual Editor and enable the libraries related to Outlook.
Categories: Tutorials Tags: , , , ,

Microsoft Excel macro: Append Filename with Time Stamp

June 28, 2010 1 comment

Enterprise users are always boggled by two concerns of documentation – Collaboration & Version Tracking. DocVerse which was recently acquired by Google, offers a great collaboration solution. But Version Tracking is what concerns the users more. Emailing/Printing the wrong version happens just too often. Of course, there is this widely used way of adding the version number to the filename. Works for some. For some, life would be simpler by appending a Time Stamp to the filename.

This post will help you in creating a macro for Microsoft Excel that will automate time-stamping for you. Every time you run this macro, you will be prompted to enter the filename, to which the time stamp will be appended. The file would be saved in a .xls format.

Creating a Macro

  • Go to Tools >Macro > Macros (or simply press Alt + F8 )
  • Then enter the Macro Name <timestamp>
  • Then click Create
  • In the VB Macro editor that will open, simply paste the following code:

Sub timestamp()

myFilename = InputBox("Enter filename") & " " & _
Format(Now(), "mm_dd_yyyy hh_mm") & ".xls"
myDir = "D:\Documents and Settings\username\Desktop"
ActiveWorkbook.SaveAs Filename:= _
myDir & "\" & myFilename, _
FileFormat:=xlNormal, Password:="", WriteResPassword:="", _
ReadOnlyRecommended:=False, CreateBackup:=False

End Sub

To Run this Macro

Go to Tools > Macro > Macros (or simply press Alt + F8)

Select ‘timestamp’ and click Run

You will be prompted to enter a filename to which the timestamp will be appended. The file will be saved in a .xls format in the path specified. Change the Directory Path in the above code as required.

Also note that, if the path doesn’t exist, then this macro will give an error and wont save the file

Similarly, a macro for Microsoft Word can also be coded.

To save time, simply add a macro button to your toolbars.

Refer to TechRepublic’s How to create macro buttons in Excel and Word for the same.

Enable Macros by default

Many of you would get a dialogue box to enable or disable the macros every time you open excel. To stop this, make the security levels for the macro as low. Note that this may compromise your security if any malicious macros are installed.

Further Updates

Using an existing filename & just changing the timestamp

Categories: Tutorials Tags: , , , , , , ,

Planning a Data Center Migration: Industry Insights, Tips & Notes on India

April 24, 2010 Comments off

Reasons for Data Center Migration

Business Technology
-        Strategic Move

-        Regulatory Requirements

-        Merger/ Demerger

-        Consolidation of multiple Regional DCs

-        Obsolete data center facilities

-        Legacy IT infrastructure

-        Fully utilized, out of capacity

Industry Insights on Data Center Migration

  • By 2011 more than 70% of U.S. enterprise data centers will face tangible disruptions related to floor space, energy consumption and/or costs.
  • 94% of IT departments are either considering or undertaking a server migration program. These initiatives are the most effective ways to lower operations costs (TOC) in a company’s data center and estimates that businesses can save up to 23% of annual costs with a properly executed plan for server migration.

Source: Gartner

  • Estimates range from $300 – $400 per foot to move existing equipment and $750 – $1,000 per foot to implement new equipment

Source: Aperture


Planning for Migration

-        Decide to Build or Lease the new facility

-        Conduct a Site Suitability Analysis

-        Plan Thoroughly and Well in Advance

-        Minimize Complexity and Change

-        Be 100% Focused on Move Day


Tips for Planning Data Center Migration

  • Even organizations that have fairly simple data center operations and/or very thorough documentation should begin planning well in advance of a move
  • Companies should begin planning three to six months in advance  – DataMove
  • Know the maximum tolerable downtime for an application
  • Companies should allow plenty of lead time, especially when setting up high-bandwidth WAN connections from telco providers. – Networking Unlimited. Verizon requires a 90-day lead time for setting up WAN services.
  • If applications are to be made available during the move, then redundancy and alternate site considerations are important. Eg. Company Website
  • Power and Networking, are the 2 issues that surface most during a data center relocation. -Forsythe
  • Consider the network latency for applications resulting due to the distance of the new facility from the existing users (or offices).
  • Also, check if your equipments have ‘location-specific’ warranties from their manufacturers
  • Divide the equipment to be moved into distinct move groups that correlate with a move sequence, placement in the new location and grouped according to priority or mission criticality. Applications that have a High Business Impact should normally be spread over multiple ‘move groups’ to lessen risk
  • Evaluate which equipment will be retired and replaced at the new location, thus reducing the cost of relocation.
  • Use the migration as an opportunity to implement Virtualization and other modern day data center technologies
  • Consider engaging a third-party consulting firm to orchestrate the relocation, coordinate with the OEM vendors and the trucking companies, and to serve as relocation project manager.
  • Establish backup contingency plans for each phase of the move and determine how critical applications will be supported if any phase of the move is delayed.

Typical Parameters for Application Migration

Source: EMC2

Signing Out Notes on India

  • In India, infrastructure support like logistics & electricity may not be 100% reliable. So plan by keeping a buffer for the migration activities.
  • Often, you might be required to have particular type of equipments (eg. Energy saving) when moving your facility to a Special Economic Zone (SEZ) in India.
  • Often SEZs (like the one at Kharadi, Pune) wont allow your existing desktops, etc to be moved into the new premise. You will have to buy new equipments for the new premise. New equipments will be available at special rates in SEZs & many big equipment brands have tie-ups with the SEZs.
  • Also, have proper tax papers (eg. any applicable import/excise taxes) done for other equipments when moving to such an area.
  • SEZs also may also lay norms on activities that you can conduct from the premise.
  • All in all, read the offer document carefully before investing!

Although these tips give an overall picture of the planning, do seek the help of professional consultants. Their proven expertise will help in hassle-free migration, which otherwise will be a pain area.

Do not forget to notify the users and other stakeholders of the migration activity & any resultant downtime.

Case Study – HSBC, India

Background

  • Core Banking Data Center Based in Mumbai
  • IT function in banking must be able to support the business with total integrity and without interruption

Reason for Migration

  • Premium Office Space & Maintenance costs
  • Consolidate physical servers through virtualization to save costs

Risks in Transiting existing equipment

  • Longer transport  time
  • Risk of damaging equipments/data during transport
  • Intolerable Downtime

Approach Followed

  • 3rd Party experts: Pentagon Systems and Services
  • Used PlateSpin Migrate from Novell
  • ‘Decoupled’ workload from underlying server hardware and streamed them to virtual hosts
  • Each server was moved during weekends on a four-week cycle
  • The whole migration was completed within six months

Results

  • Low-impact migration of servers
  • No complexities of physical transportation
  • Achieved inter-city migration of more than 100 servers across a distance of 387 miles
  • Virtualized 40 servers, enabling hardware consolidation, increased flexibility and reduced costs
  • Maintained complete system availability during working hours, minimizing user disruption

Read the entire case at Express Computer Online

Categories: 5-Minute Reads, IT India Tags: , , , , , , , , , ,

Comparison of Routing Protocols

November 15, 2009 Comments off

I Guess this should suffice for a fair understanding of the routing protocols mentioned.

 

TABLE 1 RIP v1 RIP v2 IGRP
Metric on which it is based Hop Count Hop Count Bandwidth / Delay
Administrative Distance 120 120 100
Max Hop count 15 15 255
VLSM Support NO YES NO
Uses Algorithm Bellman-Ford Bellman-Ford Bellman-Ford
Content of Routing Updates Full Table Full Table Full Table
Frequency of Routing Updates 30 seconds 30 seconds 90 seconds
Update Address Broadcast 224.0.0.9 224.0.0.10
Protocol / Port UDP 520 UDP 520 IP protocol 9
Convergence Slow Slow Slow

 

TABLE 2 EIGRP OSPF BGP
Metric on which it is based Bandwidth / Delay Cost Many

(weight, path length, localpref, origin, age of the path, etc etc)
Administrative Distance Internal – 90

External – 170

 110 Internal – 200

External – 20
Max Hop count 224 -na- -na-
VLSM Support YES YES YES
Uses Algorithm DUAL Dijkstra Best Path
Content of Routing Updates Only Changes Only Changes Only Changes
Frequency of Routing Updates Only when change occurs Only when change occurs Only when change occurs
Update Address 224.0.0.10 224.0.0.5 -na-
Protocol / Port IP protocol 88 IP protocol 89 TCP 179
Convergence Very Fast Fast Medium

 

Categories: 5-Minute Reads, Tutorials Tags: , , , , , , , , , , , , , , , , , , ,

Heartbeat – A Step by Step Configuration Guide to High Availability Linux Clusters

November 14, 2009 1 comment

Heartbeat – An Introduction

In every work environment with which we work, certain servers absolutely always must be up and running for the business to keep functioning smoothly. These servers provide services that always need to be available—whether it be a database, DHCP, DNS, file, Web, firewall or mail server.

A cornerstone of any service that always needs be up with no downtime is being able to transfer the service from one system to another gracefully. The magic that makes this happen on Linux is a service called Heartbeat. Heartbeat is the main product of the High-Availability Linux Project.

Heartbeat is very flexible and powerful. In this article, we tested only basic active/passive cluster with two members, where the active server is providing the services and the passive server is waiting to take over if necessary.

In the past, clusters for high-availability (HA) solutions were expensive and usually required proprietary hardware and software support. Today, with the availability of Heartbeat solution, users can build a cost-effective, high-availability environment for their business-critical applications.

The heartbeat mechanism is used to monitor the availability and health of cluster nodes. The availability of multiple heartbeat paths reduces the chance of losing communication between nodes. In general, if a heartbeat is not received along any channel after a predefined amount of time (typically a few heartbeat intervals), the remaining cluster nodes assume the silent node is dead.

The two main channels used for heartbeat message transfers are Ethernet and serial lines. Fibre Channel introduces a third option. A heartbeat can be sent through the IP over Fibre Channel protocol, which, in addition to providing heartbeat packets, enables a cluster node to quickly recognize that it has lost its connection to shared storage. The figure illustrates the possible heartbeat connectivity between nodes.

Heartbeat Architecture
Heartbeat – Architecture

STEP 1: Pre-requisites for Building a High-Availability Environment

This project is done to test Heartbeat services on a 2-node cluster environment. For this, we have used two Fedora Core 9 configured on VM Workstation 6.0.1 Ace Edition running on Windows XP.

The configurations of both the Fedora Core machines are done as follows:

  • Ram Memory: 512 MB
  • Hard Disk: 8 GB
  • Ehternet adapter: 1 nos.
  • Processor: Intel Core 2 Duo 2.0 GHz
  • CD-Rom, USB as required.

Note again that all this configurations were made on VM Workstation.

Network configurations have been made as follows:

To assign IP: $ system-config-network

Select the suitable network adapter and select the IP assignment option. We had selected DHCP option as we already had a DHCP server running in our network.

Tip: Don’t forget to run service network restart after making any changes to the network settings!

IP configuration in use by our project:

Primary Machine Secondary Machine
IP: 192.168.1.20 /24 IP: 192.168.1.119 /24
Hostname: niti.joey.net Hostname: niti.aniket.net

NOTE: Changing IP configurations at each run will require making necessary changes in the configuration files (as you will see). So its better to use static IP.

STEP 2: Installing Heartbeat

There are separate procedures to install heartbeat on all the different Linux distributions. We have used Fedora Core 9 for our project. The procedure to install is to open a terminal window and type the following:

$ yum install heartbeat

Note: Make sure you have ‘yum’ already installed into you.

This command will connect to the internet and download the Heartbeat package from its repository.

After the package is downloaded, it will automatically get installed in the /etc folder under ha.d folder.

STEP 3: Configuring Heartbeat

There are 3 essential files required to configure Heartbeat on your system.

  • ha.cf
  • haresorces
  • authkeys

Note: On install, these files are not found in the ha.d directory. They have to be copied from /usr/share/doc/heartbeat to the ha.d directory.

Configuring ha.cf (File: 1/3)

This file is where we specify the critical operation parameters for the working of the Heartbeat service. It tells heartbeat what types of media paths to use and how to configure them.   The ha.cf in the source directory contains all the various options you can use.

Configuration parameters in this file are:

bcast eth1

Specifies to use a broadcast heartbeat over the eth1 interface (replace with eth0, eth2, or whatever you use).

keepalive 2

Sets the time between heartbeats to 2 seconds.

warntime 10

Time in seconds before issuing a “late heartbeat” warning in the logs.

deadtime 30

Node is pronounced dead after 30 seconds.

initdead 120

With some configurations, the network takes some time to start working after a reboot.   This is a separate “deadtime” to handle that case.  It should be at least twice the normal deadtime.

udpport 694

Use port number 694 for bcast or ucast communication. This is the default, and the official IANA registered port number.

auto_failback on

The master listed in the haresources file holds all the resources until a failover, at which time the slave takes over.  When auto_failback is set to on once the master comes back online, it will take everything back from the slave.  When set to off this option will prevent the master node from re-acquiring cluster resources after a failover.

node linuxha1.linux-ha.org

Mandatory.  Hostname of Primary machine in cluster.

node linuxha2.linux-ha.org

Mandatory.  Hostname of Secondary machine in cluster.

debugfile /var/log/ha-debug

This is used to specify the path where Heartbeat’s debug logs will be stored.

logfile /var/log/ha-log

This is used to specify the path where Heartbeat’s general logs will be stored.

In our Project:

Primary machine Secondary machine
keepalive 2

warntime 10

deadtime 25

initdead 50

udpport 694

auto_failback on

bcast eth0

node niti.joey.net

node niti.aniket.net

debugfile /var/log/ha-debug

logfile /var/log/ha-log

 keepalive 2

warntime 10

deadtime 25

initdead 50

udpport 694

auto_failback on

bcast eth1

node niti.joey.net

node niti.aniket.net

debugfile /var/log/ha-debug

logfile /var/log/ha-log

Configuring haresources (File: 2/3)

Once you’ve got your ha.cf set up, you need to configure haresources.  This is a list of resources that move from machine to machine as nodes go down and come up in the cluster.

Note:  This file must be the same on both nodes!

Syntax: node-name ip-address/subnet/interface

The node name listed in front of the resource group information is the name of the preferred node to run the service. It is not necessarily the name of the current machine. If you are running auto_failback ON, then these services will be started up on the preferred nodes – any time they’re up. If you are running with auto_failback OFF, then the node information will be used in the case of a simultaneous start-up.

The given ip address is directed to an interface which has a route to the given address. This means you have to have a net route set up outside of the High-Availability structure.

The subnet mask for the IP alias that is created defaults to the same netmask as the route that is selected in the above step.

The interface for the IP address defaults to the same netmask as the route that is selected.

In our Project:

niti.joey.net 192.168.1.20/24/eth0

Configuring authkeys (File: 3/3)

The authkeys file must be owned by root and be chmod 600. The actual format of the authkeys file is very simple; it’s only two lines. There is an auth directive with an associated method ID number, and there is a line that has the authentication method and the key that go with the ID number of the auth directive. There are three supported authentication methods: crc, md5 and sha1. Listing 1 shows an example. You can have more than one authentication method ID, but this is useful only when you are changing authentication methods or keys. Make the key long—it will improve security and you don’t have to type in the key ever again. If your heartbeat runs over a secure network, such as the crossover cable in our example, you’ll want to use crc.  This is the cheapest method from a resources perspective.  If the network is insecure, but you’re either not very paranoid or concerned about minimizing CPU resources, use md5.  Finally, if you want the best authentication without regard for CPU resources, use sha1.  It’s the hardest to crack.

1 crc

2 sha1 Hi!

1 md5 Hello!

This must have exactly one auth directive at the beginning. ‘auth’

Syntax:
auth <number>
<number> <authmethod> [<authkey>]

In our Project: auth 1

1 md5 Hello!

STEP 4: Starting Heartbeat’s Services

Once, you are through with the above configurations in both of the machines, use the following to start the Heartbeat daemon.

$ /etc/init.d/heartbeat start

This command has to be run simultaneously on both the machines.

Following commands can also be used as required:

$ /etc/init.d/heartbeat stop

$ /etc/init.d/heartbeat restart

Once, the Heartbeat services are running properly, you will see something like this on your screens:

Heartbeat - Successful Run
ScreenShot 1 – Successful Run

Screenshots of the ha-log file when everything works fine:

ha-log file
ScreenShot 2: ha-log file when everything works fine

STEP 5: Testing Heartbeat

After Heartbeat services are running on both machines, both the machines will monitor to each other.

To test if the services are actually working, we did the following test runs:

Primary machine (hostname: niti.joey.net IP: 192.168.1.20/24) and secondary machine (hostname: niti.aniket.net IP: 192.168.1.119/24) are allowed to run their heartbeat services for a while.

A third machine (having an IP in the same range and same subnet mask) is made to ping the IP address of Primary machine. After a while, the Primary machine is physically isolated from the given network. (We did this by pulling off the Ethernet cord). As soon as the Primary machine is taken out, the ping windows displays ‘Request timed out..’ in reply to its requests.

After a given interval of time (defined by warntime, deadtime, initdead) the ping window starts getting replies from the Primary machine’s IP again. What actually happened was, in the time interval, the Secondary machine got to know that its Primary machine is not sending heartbeats and therefore concludes that Primary is down. So the secondary acquires the resources of the Primary and starts serving any requests to the Primary’s IP.

Note: If it weren’t for Heartbeat, the ping window would have shown ‘Destination Host Unreachable’ when the primary was taken off.

This POC was conducted with my classmate & roomie ‘Rohit Raisinghani’

Categories: Linux, Tutorials Tags: , , , , , , ,

Tapping Into Your Customers ‘Need-Path’

August 23, 2009 5 comments

Service Industry has always been focused on providing the customers with one service their customers can associate themselves with.

But there are many potential business opportunities that go unnoticed. Service providers define a particular offering and concentrate on that. No problem in doing that. But before bidding good bye to your (satisfied) customers, take time to analyze how the customer further treads his path. Or rather what does the customer look for after he is done with your service. He may need a service that may be supplementary to your service. Or, if put differently, he may need a supplementary service because he used a particular service. This is unlike business entities like Reliance ADA which have distributed offerings for eg. Electricity, Telecom, etc. This business model is about offering a set of inter-related services that can cater to a customer for a longer time. Businesses here offer services which the customer will eventually need. Customers are often in need of such a set of services which they are bound to need one after the other. This is their ‘Need-Path’. A usual business offers its services to cater a particular need; but the customer will still be traversing his ‘Need-Path’ even after he is done using your offering. Offering another service which the customer will need once he is done with using a particular service is what Neeta Travels, a popular tourist bus fleet operator based in Mumbai, is doing business.

Neeta Travels is a popular choice of people travelling in western India. They started with their tourist bus services that ply between popular destinations in the western region of the country. Through the years, it has gained popularity amongst the tourists with the frequency and the reach of the bus services. Of late, it has realized that there are more business opportunities arising from just putting tourists from one place to the other. Almost all journeys last for a good 6 hours at least; one way.  This includes a 20-minute snack-halt at a restaurant.Bus operators usually have tie-ups with highway-side restaurants that will offer food to the bus crew at no cost. (And why not?! The restaurant gets 40-odd customers courtesy the travel co.) But little did anyone realize that there is this potentially ‘extra’ revenue that can be generated by having the passengers eat at your own restaurant. The value proposition for this idea is that passengers do need a snack break every few hours & there will be lesser choices that they (passengers) will have getting down from the bus. # Also if you are having good offerings at the restaurant/hotel say good food, hygiene and if it is at a strategic location (say half way to the destination) chances are your restaurant/hotel will get popular with other travelers on that route too.

Next, the bus rolls into its destination. The passengers get down. What’s next?

   "Tapping
Tapping into your Customer’s ‘Need-Path’

A majority of the passengers are in search of a hotel to stay. Again Neeta Travels extends itself into hospitality services. It has its hotels setup in popular tourist destinations like Mahabaleshwar, Lonavla, Goa, etc. Through these hotels, Neeta Travels puts itself into a good position of generating further revenue from the same set of passengers.  (And the hotels also take care of the parking space for the buses!) Refer # again.

If someone is following this model, one need not use aggressive marketing techniques to make the presence of its other services felt. Neeta Travels does not advertise much about its hotels and restaurants. As a bus heads towards the destination, one of the crew members acts as marketing agents and informs the passengers about their hotel packages. Not to mention the package deals that are offered while booking the bus ticket. Only thing that you need to do is impress your customers with your flagship service; and you will be able to win your customer’s loyalty. And when they are in need of a service, they will walk in right where they see your banner!

Some may call it expanding the business empire, some may call it monopolizing but I prefer to call it tapping into your customer’s ‘Need-Path’.

Categories: Uncategorized Tags: , , , , , , , , ,

These questions wont take ‘NO’ for an answer!

July 8, 2009 1 comment

Every organization follows some Security Policies & Procedures. Often these are checklists to comply with a given standard. And in the race to get certified, organizations miss out on critical yet some simple-to-implement security issues. Through this post, I am putting forth some questions. Check if you can answer ‘YES’ !

  • Are all the default device user id / passwords changed?

Devices come with the Vendor Specific parameters. Many a times there is vendor-specific default username & password (say user: admin & pass: admin). This is one of the methods hackers, ethical ones also & auditors try to gauge your security. Take enough care to change these default factory settings and you would save yourself from one of the ways through which your systems can be broke into. Default usernames, passwords, IPs, SSIDs, etc. change them all!

  • Is there a limited pool of IPs that can be assigned?

You are unaware that a team of ethical hackers is sitting in your organization generating Security Assessment reports for you! A hacker is sitting at a remote location and connecting to your Wi-Fi network. Wait! How could they ever connect? (Even if they know your ‘secret’ keys or whatever) If you would have kept a limited pool of IP addresses, chances are less that someone could connect into your networks!

  • Are all printers in the organization at public locations?

Taking printouts is the second easiest way of data leakage. If the printer is not located at a secure place, then – A. You can print whatever you wish and walk away promptly! Or B. You give the print order and by the time you come to collect the printouts, some might already collect them.

  • Is there a restriction on access of shared drives or folders on employee computers?

Many a times, you will need to share some official files with other users. And the most convenient way is to use Windows File Sharing. And often, they also enable ‘Allow Network users to change my files’ which essentially gives read/write permissions to any user on the same network. Giving access to manipulate data even in a single folder can have consequences. Also some unwanted users might ‘accidently’ stumble on the shared directory revealing sensitive information.

  • Are all devices in the organization time synchronized?

A major security breach is logged by a firewall at 13:27:22 hrs on Thursday 2nd July 2009 from a particular IP. The IP was traced back to a system. When the system’s  logs were checked it showed the breach but at 7:35:56 hrs on Tuesday 2003! And that too in a different time altogether?

I wonder if you will you be able to take action in such cases?! The user may simply claim that his IP might have been spoofed at that time! I feel it would be helpful to have time sync in an organization.

  • Are your employees given information on the options and recommended backup cycles for their data?

Backup?? Shouldn’t the IT department be concerned for this?! But with diversified projects & departments, how would they know what is the peak time that you accumulate some critical data? If the user is not capable to get the backup, at least he/she should inform the concerned IT guy for getting it done. Many Companies do have a back scheduled regularly, but there are cases when some really vital data may land into your hard disks.

Besides, you are acquainted with Murphy’s Laws, rite?!

  • Are new employees informed about their User ID / Passwords in a secure way?

I am feeling tired to write further. Just wanted to tell you that my brother’s previous company handed over his system username & password that was printed on a piece of paper at the closure of the induction process. His username was his Deep and password was deep1234. 33 new employees & some existing staff were present at the session.

· Are all the default device user id / passwords changed?

Devices come with the Vendor Specific parameters. Many a times there is vendor-specific default username & password (say user: admin & pass: admin). This is one of the methods hackers, ethical ones also & auditors try to gauge your security. Take enough care to change these default factory settings and you would save yourself from one of the ways through which your systems can be broke into. Default usernames, passwords, IPs, SSIDs, etc. change them all!

· Is there a limited pool of IPs that can be assigned?

You are unaware that a team of ethical hackers is sitting in your organization generating Security Assessment reports for you! A hacker is sitting at a remote location and connecting to your Wi-Fi network. Wait! How could they ever connect? (Even if they know your ‘secret’ keys or whatever) If you would have kept a limited pool of IP addresses, chances are less that someone could connect into your networks!

· Are all printers in the organization at public locations?

Taking printouts is the second easiest way of data leakage. If the printer is not located at a secure place, then – A. You can print whatever you wish and walk away promptly! Or B. You give the print order and by the time you come to collect the printouts, some might already collect them.

· Is there a restriction on access of shared drives or folders on employee computers?

Many a times, you will need to share some official files with other users. And the most convenient way is to use Windows File Sharing. And often, they also enable ‘Allow Network users to change my files’ which essentially gives read/write permissions to any user on the same network. Giving access to manipulate data even in a single folder can have consequences. Also some unwanted users might ‘accidently’ stumble on the shared directory revealing sensitive information.

· Are all devices in the organization time synchronized?

A major security breach is logged by a firewall at 13:27:22 hrs on Thursday 2nd July 2009 from a particular IP. The IP was traced back to a system. When the system’s logs were checked it showed the breach but at 7:35:56 hrs on Tuesday 2003! And that too in a different time altogether?

I wonder if you will you be able to take action in such cases?! The user may simply claim that his IP might have been spoofed at that time! I feel it would be helpful to have time sync in an organization.

· Are your employees given information on the options and recommended backup cycles for their data?

Backup?? Shouldn’t the IT department be concerned for this?! But with diversified projects & departments, how would they know what is the peak time that you accumulate some critical data? If the user is not capable to get the backup, at least he/she should inform the concerned IT guy for getting it done. Many Companies do have a back scheduled regularly, but there are cases when some really vital data may land into your hard disks.

Besides, you are acquainted with Murphy’s Laws, rite?!

· Are new employees informed about their User ID / Passwords in a secure way?

I am feeling tired to write further. Just wanted to tell you that my brother’s previous company handed over his system username & password that was printed on a piece of paper at the closure of the induction process. His username was his Deep and password was deep1234. 33 new employees & some existing staff were present at the session.

Categories: IT Security Tags: , , , , , , , , ,

The Technology Hype Cycle

June 23, 2009 1 comment

Technologies come with a bang and disappear without any whereabouts. The Technology Hype Cycle explains the speculation and disillusionment surrounding technologies. In the later part of the article, I have tried to map it into another well known theory – Technology Adoption Life Cycle.

What is the Technology Hype Cycle?

The Technology Hype cycle is a trace of the hype associated with a technology through its life cycle. Every technology takes the market by storm as soon as it is launched – the ‘hype’. But over a period the users begin to find flaws (or eventually get bored). This forces the makers of the technology to work upon the flaws and/or introduce more features in their product. And this explains why technologies last for a considerable time.

Did we ever wonder that the photo-copying machine & our computers have also followed this graph!

This is the typical Technology Hype Cycle that tells about the way the technologies traverse the plot. It is released by Gartner every year & it is accompanied with a comprehensive analysis which is available to their premium members.

The following are the typical 5 phases of the Hype Cycle as per Gartner:

1. ”Technology Trigger”
This is when the product/technology is launched or other event that generates significant speculation in the people & press. Yes! The Hype, as we all know, starts before the product hits the shelves!!

2. ”Peak of Inflated Expectations”
According to me, this is the time when the technology is all over – tabloids, tweets, blogs, etc. and there is so much speculation massed up that everyone wishes to get a taste of it!

3. ”Trough of Disillusionment”
This is the phase when people find out any design/tech flaws or feel that its substitute was just better!

4. ”Slope of Enlightenment”
I am not sure if every technology will scale this slope! It’s upto the makers of the technology to brainstorm on WWW (What Went Wrong!) and come up with apt changes. Not everyone would want to again work on something and I guess there will be still some endorsers who would want to use their technology.

All in all this phase is where the makers of the technology how much to scale the slope and arrive at the…

5. ”Plateau of Productivity”
A technology reaches the “plateau of productivity” as people again come to know the benefits of it. It become widely demonstrated and accepted.The technology becomes stables and widely accepted here.

Untill…..again something disappoints the users leading it again to the Trough of Disillusionment…and the cycle continues!

Also note the expected time in years cited by Gartner for the technology to make it big. Of course, not all of the technologies go through these 5 phases. Some just fade awayand are never heard again; some stay around for years and don’t hit their hype peak! And some gain visibility at a steadier pace. But this theory of Gartner’s is still a useful visual metaphor, especially for high-profile technologies that do exhibit these traits.

I found a close resemblance of Gartner’s Hype cycle with the Technology Adoption Life Cycle.

While reading bout the Hype Cycle, I found a few points in common with another theory. The Technology Adoption Life Cycle takes off with the Innovators & Early Adopters who enthusiastically adopt any product/technology. Ofcourse, this theory later talks about crossing the ‘chasm’ (the big gap b/w Early Adopters & Early Majority) but it is interesting to know that the Hype is created by the Innovators & Early Adopter – Enthusiastic customers, Press, etc.

(I can’t offer credits to the creators of the Technology Adoption Cycle as there are too many of them who worked & re-worked. I got hold of this theory through Geoffrey A. Moore’s book – Crossing the Chasm. )

Where is Gartner’s Hype Cycle theory on the Hype Cycle? & did you check where my blog is in the cycle?!!!   ;)

Thanks to my mentor for introducing such an interesting theory to me!

Categories: 5-Minute Reads

Reading Between the lines of The Indian IT Act, PART 1

June 18, 2009 3 comments

This is first in a series of articles on the IT Act of India. I had this copy of the Indian IT Act for a while now & began going through it today. It doesn’t seem to be too exhaustive. I have read 9 pages from it. And I have the following for you:

Quick Facts about the Act:

  • Actual name: The Information Technology Act, 2000
  • Published as a part of ‘The Gazette of India, Extraordinary’ (Bharat Ka Rajpatr, Asadharan)
  • Consent of the (then) President received for the IT Act : 9th June, 2000
  • It is recommended in the Act that if any state government wishes to make any amendments/changes, they should first refer the Model Law
  • Interestingly, India’s IT Act is a derivative of Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law (dated 30th June 1997)

As you might be aware that all Laws/Acts have terms defined which are given a reference later. (& anything beyond the scope of the said terms becomes an exception!!). The definitions were a rerun of Basic Network Security class! It contains all the terms – digital signature, asymmetric keys, public/private keys, hashing et al!

Interestingly I came across some interesting definitions as well.

(Note: Below ‘ze’ is used in the Act as all the 26 alphabets were used and the list restarted from za, zb,…)

Section 2. Definitions

(ze) “secure system” means computer hardware, software, and procedure that—

(a) are reasonably secure from unauthorized access and misuse;

(b) provide a reasonable level of reliability and correct operation;

(c) are reasonably suited to performing the intended functions; and

(d) adhere to generally accepted security procedures;

Nowhere have they referred to what is reasonable!

(zh) “verify” in relation to a digital signature, electronic record or public key, with its grammatical variations and cognate expressions means to determine whether—

(a) the initial electronic record was affixed with the digital signature by the use of private key corresponding to the public key of the subscriber;

(b) the initial electronic record is retained intact or has been altered since such electronic record was so affixed with the digital signature.

Grammatical & Cognate Variations of a DS for verification? Interesting!

Section 9.  Sections 6,7 and 8 not to confer right to insist document should be accepted in electronic form.

Nothing contained in sections 6, 7 and 8 shall confer a right upon any person to insist that any Ministry or Department of the Central Government or the State Government or any authority or body established by or under any law or controlled or funded by the Central or State Government should accept, issue, create, retain and preserve any document in the form of electronic records or effect any monetary transaction in the electronic form.

Section 6 is about Use of electronic records and digital signatures in Government and its agencies.

7. Retention of electronic records.

8.  Publication of rule, regulation, etc., in Electronic Gazette.

I didn’t feel the need of quoting all these sections here as they are apt in the content. Point to see here is that the Govt. doesn’t take responsibility to retain & preserve any document any electronic form. There goes your Right to Information (RTI) Act for a toss!!

Calling all Lawyers and Cyber Crime Specialists!

(To be continued…)

Categories: 5-Minute Reads, Compliances / Laws, IT India
Follow

Get every new post delivered to your Inbox.